/// <summary>
/// This method will create the expressions that where violated
/// </summary>
/// <param name="msg">The message that the expressions are to be assigned to</param>
/// <param name="policy">The policy to the expression are to be assigned to</param>
/// <param name="info">The audit policy that was returned from Protect</param>
private static void CreateExpressions(Message msg, TracePolicy tracePolicy, Workshare.PolicyContent.Policy policy)
{
foreach (Workshare.PolicyContent.Expression expression in policy.Expressions)
{
// Check if we need to do this
if (expression.Triggered == false)
{
System.Diagnostics.Trace.WriteLine("Condition Passed so will not record it!", "MessageCollection.Add Audit");
continue;
}
//if (0 == String.Compare(ce.Type, "routing", true, System.Threading.Thread.CurrentThread.CurrentCulture))
//{
// System.Diagnostics.Trace.WriteLine("This is a routing condition so will not record it!", "MessageCollection.Add Audit");
// continue;
//}
tracePolicy.Conditions.Add(ConvertToCondition(msg.MessageId, expression));
}
}
/// <summary>
/// This method will initialise a message record from
/// an URO object
/// </summary>
public static Message Initialise(Workshare.PolicyContent.Response response)
{
try
{
string senderDomain = "";
string subject = "";
Contact sender = null;
if (string.Compare(response.PolicyType, PolicyType.ActiveContent.ToString(), true, System.Threading.Thread.CurrentThread.CurrentCulture) == 0)
{
senderDomain = "localhost";
StringBuilder from = new StringBuilder();
string name = "";
if (response.Contents.Length == 1)
{
subject = response.Contents[0].Name;
name = WorkoutName(response.Contents[0].Name);
}
else
{
subject = "";
name = "File";
}
from.AppendFormat("{0}@localhost", name);
sender = new Contact(ContactType.Sender, "", "", from.ToString(), senderDomain, true);
}
else if (string.Compare(response.PolicyType, PolicyType.ClientRemovableMedia.ToString(), true, System.Threading.Thread.CurrentThread.CurrentCulture) == 0)
{
// Hack - for removable device channel populate the sender as the name part of the ldap path
// If the ldap path doesn't exist, this will be blank
Workshare.PolicyContent.RoutingEntity sourceRoutingEntity = GetRoutingEntity(response, RoutingTypes.Source);
if (null == sourceRoutingEntity)
throw new ArgumentNullException("sourceRoutingEntity", "Null source routing entity");
string source = GetProperty(sourceRoutingEntity.Items[0].Properties, SMTPItemPropertyKeys.DisplayName);
if (string.IsNullOrEmpty(source))
{
string ldapPath = sourceRoutingEntity.Items[0].Content;
int startCn = ldapPath.IndexOf("CN=");
if (startCn != -1)
{
int endCn = ldapPath.IndexOf(",", startCn);
if (endCn != -1)
{
source = ldapPath.Substring(startCn + 3, endCn - (startCn + 3));
}
}
}
sender = new Contact(ContactType.Sender, "", "", source, "", true);
}
else
{
string senderAlias = "";
Workshare.PolicyContent.RoutingEntity sourceRoutingEntity = GetRoutingEntity(response, RoutingTypes.Source);
if (null == sourceRoutingEntity)
throw new ArgumentNullException("sourceRoutingEntity", "Null source routing entity");
int iPosAmpersand = sourceRoutingEntity.Items[0].Content.IndexOf("@");
if (iPosAmpersand > -1)
{
senderDomain = sourceRoutingEntity.Items[0].Content.Substring(iPosAmpersand + 1);
senderAlias = sourceRoutingEntity.Items[0].Content.Substring(0, iPosAmpersand);
}
else
senderDomain = sourceRoutingEntity.Items[0].Content;
subject = GetProperty(response.Properties, "Subject");
sender = new Contact(ContactType.Sender, GetProperty(sourceRoutingEntity.Items[0].Properties, Workshare.Policy.Routing.SMTPItemPropertyKeys.DisplayName),
senderAlias,
sourceRoutingEntity.Items[0].Content,
senderDomain,
true);
}
System.Diagnostics.Trace.WriteLine("Starting to add audit message to collection", "MessageCollection.Add Audit");
Message msg = new Message(subject, response.ResponseDate, response.PolicyType, "", sender);
if (string.Compare(response.PolicyType, PolicyType.ActiveContent.ToString(), true, System.Threading.Thread.CurrentThread.CurrentCulture) == 0)
{
msg.Recipients.Add(new Contact(ContactType.Recipient, sender.Name, sender.Alias, sender.EmailAddress, sender.EmailDomain, sender.IsInternal));
msg.MachineName = GetProperty(response.Properties, "MachineName");
msg.UserName = GetProperty(response.Properties, "UserName");
msg.ApplicationName = GetProperty(response.Properties, "Application");
msg.ChannelType = "ActiveContent";
}
else if (string.Compare(response.PolicyType, PolicyType.ClientRemovableMedia.ToString(), true, System.Threading.Thread.CurrentThread.CurrentCulture) == 0)
{
Workshare.PolicyContent.RoutingEntity destinationRoutingEntity = GetRoutingEntity(response, RoutingTypes.Destination);
if (null == destinationRoutingEntity)
throw new ArgumentNullException("destinationRoutingEntity", "Null destination routing entity");
// Hack - for the removable device channel populate the recipient with the destination
// routing items delimited with a ';'. May need to think a bit more about how this information
// should be displayed in the report. If the particular routing item is UNDEFINED then
// don't add it (this is the case, currently, for device id and name)
msg.ChannelType = response.PolicyType;
StringBuilder destinationInfo = new StringBuilder();
foreach (Workshare.PolicyContent.RoutingItem routingItem in destinationRoutingEntity.Items)
{
if (String.Compare(routingItem.Content, "UNDEFINED", true, System.Globalization.CultureInfo.InvariantCulture) != 0)
{
destinationInfo.Append(routingItem.Content + "; ");
}
}
msg.Recipients.Add(new Contact(ContactType.Recipient, destinationInfo.ToString(), destinationInfo.ToString(), destinationInfo.ToString(), destinationInfo.ToString(), true));
}
else
{
msg.ChannelType = "SMTP";
Workshare.PolicyContent.RoutingEntity destinationRoutingEntity = GetRoutingEntity(response, RoutingTypes.Destination);
if (null == destinationRoutingEntity)
throw new ArgumentNullException("destinationRoutingEntity", "Null destination routing entity");
foreach (Workshare.PolicyContent.RoutingItem recipient in destinationRoutingEntity.Items)
{
string recipAlias = "";
string recipDomain = "";
int iPosAmpersand = recipient.Content.IndexOf("@");
if (iPosAmpersand > -1)
{
recipDomain = recipient.Content.Substring(iPosAmpersand + 1);
recipAlias = recipient.Content.Substring(0, iPosAmpersand);
}
ContactType contactType = ContactType.Recipient;
if (GetProperty(recipient.Properties, SMTPItemPropertyKeys.AddressType) == AddressType.CC)
contactType = ContactType.Copied;
else if (GetProperty(recipient.Properties, SMTPItemPropertyKeys.AddressType) == AddressType.BCC)
contactType = ContactType.BlindCopied;
msg.Recipients.Add(new Contact(msg.MessageId, contactType, GetProperty(recipient.Properties, SMTPItemPropertyKeys.DisplayName), recipAlias, recipient.Content, recipDomain, false, senderDomain));
}
}
if (msg.Recipients.IsExternal || msg.Copied.IsExternal || msg.BlindCopied.IsExternal)
msg.SentExternally = true;
foreach (Workshare.PolicyContent.ContentItem contentItem in response.Contents)
{
// Create the document
Document doc = new Document(msg.MessageId, contentItem.Name, contentItem.ContentType, "", contentItem.Name, (long)contentItem.Size, false);
foreach (Workshare.PolicyContent.PolicySet policySet in contentItem.PolicySets)
{
// Process the policies
PolicySet tp = new PolicySet(msg.MessageId, policySet.Name, policySet.Date);
foreach (Workshare.PolicyContent.Policy policy in policySet.Policies)
{
// Check if we need to do this
if (policy.Triggered == false)
{
System.Diagnostics.Trace.WriteLine("TracePolicy Passed so will not record it!", "MessageCollection.Add Audit");
continue;
}
// These are failed TracePolicys!
TracePolicy r = new TracePolicy(msg.MessageId, policy.Name, policy.Triggered);
r.Description = policy.Description;
CreateExpressions(msg, r, policy);
// Check to see if we have anything to save
if (r.Conditions.Count > 0)
tp.TracePolicies.Add(r);
}
if (tp.TracePolicies.Count > 0)
doc.Policies.Add(tp);
}
if (doc.Policies.Count > 0)
msg.Documents.Add(doc);
}
StringBuilder sb = new StringBuilder();
if (msg.Documents.Count > 0)
{
return msg;
}
else
{
sb.AppendFormat(Properties.Resources.AUDIT_ITEMPASSED,
msg.Subject);
System.Diagnostics.Trace.WriteLine(sb.ToString(), "AuditInfo");
System.Diagnostics.Trace.WriteLine("Completed - Everything passed or nothing assigned so will not record message", "MessageCollection.Add Audit");
}
}
catch (ArgumentNullException)
{
//Ignore as we are not a failed message
System.Diagnostics.Trace.WriteLine("Audit message has passed policy", "MessageCollection.Add Audit");
}
return null;
}
/// <summary>
/// Create the list view group
/// </summary>
/// <param name="item">The message that the group is based on</param>
/// <returns>The list view group that was created</returns>
private static ListViewGroup GetGroup( TracePolicy rule, int high, int medium, int low )
{
return CreateGroup( rule.Name, rule.Name);
}