/// <summary>
/// Adds ApiActivity Object to DB or updates existing object.
/// </summary>
/// <param name="ac">ApiActivity to add or update</param>
public void addUpdateApiActivity(ApiActivity ac)
{
var entity = _db.ApiActivity.FirstOrDefault(item => item.Key == ac.Key);
// entity already exists -> update
if (entity != null)
{
_db.Entry(entity).CurrentValues.SetValues(ac);
// update last updated
entity.TsLastUpdate = DateTime.Now;
_db.ApiActivity.Update(entity);
_db.SaveChanges();
_l.Debug($"Updated in DB: {ac.ToString()}");
}
else
{
// create new
_db.ApiActivity.Add(ac);
_db.SaveChanges();
_l.Debug($"Added to DB: {ac.ToString()}");
}
}
public IActionResult CheckOfficeFile(IFormFile officeFile)
{
ApiActivity ac = new ApiActivity();
ac.ClientIPAddress = Request.HttpContext.Connection.RemoteIpAddress.ToString();
ac.Operation = ApiActivity.ApiOperation.Verify;
ac.Message = $"Check Office File started";
ac.Status = ApiActivity.ApiStatus.Verifying;
ac.StatusUrl = GHelper.generateUrl(GHelper.UrlType.StatusUrl, ac, _httpctx);
ac.DownloadUrl = GHelper.generateUrl(GHelper.UrlType.DownloadUrl, ac, _httpctx);
_asvc.addUpdateApiActivity(ac);
if (officeFile != null)
{
ac.UserOfficeFilename = officeFile.FileName;
//check valid file extension
_l.Debug("Checking for valid file extensions...");
string officeFileExt = Path.GetExtension(officeFile.FileName.ToLowerInvariant());
if (!GHelper.fileHasAllowedExtension(GHelper.ExtensionType.OfficeFile, officeFileExt))
{
ac.Message = $"Office File extension {officeFileExt} not valid!";
ac.Status = ApiActivity.ApiStatus.Error;
_asvc.addUpdateApiActivity(ac);
_l.Error(ac.Message);
return(Content(ac.getWebresult()));
}
// check magic number file types
_l.Debug("Checking for magic number of file...");
if (!(GHelper.fileHasValidFormat(GHelper.ExtensionType.OfficeFile, officeFile.OpenReadStream())))
{
ac.Message = $"Office File {officeFile.FileName} not a valid office file!";
ac.Status = ApiActivity.ApiStatus.Error;
_asvc.addUpdateApiActivity(ac);
_l.Error(ac.Message);
return(Content(ac.getWebresult()));
}
//save office file
string uniFilenameOfficeFile = GHelper.createUniqueFileName(officeFile.FileName);
string systemFolderOfficeFile = GHelper.getOfficeFilesSystemDir(_webHostEnv, _conf);
string systemFileNameOfficeFile = Path.Combine(systemFolderOfficeFile, uniFilenameOfficeFile);
ac.SystemOfficeFilename = systemFileNameOfficeFile;
// create dir if not exist
System.IO.Directory.CreateDirectory(systemFolderOfficeFile);
_l.Debug($"Saving file to {systemFileNameOfficeFile}");
using (var fileStream = new FileStream(systemFileNameOfficeFile, FileMode.Create))
{
officeFile.CopyTo(fileStream);
}
//verify file
// prepare run
ProcessStartInfo psi = new ProcessStartInfo();
psi.FileName = _webHostEnv.ContentRootPath + @"\lib\signtool.exe";
psi.RedirectStandardError = true;
psi.RedirectStandardOutput = true;
psi.UseShellExecute = false;
//use quoted filename otherwise systempath is revealed in error message!!
psi.Arguments = $"verify /pa /debug /v \"{systemFileNameOfficeFile}\"";
_l.Debug($"Executing {psi.FileName} {psi.Arguments}...");
// execute run
StringBuilder stdOut = new StringBuilder();
StringBuilder stdErr = new StringBuilder();
Process p = new Process();
p.StartInfo = psi;
p.Start();
while (!p.StandardOutput.EndOfStream)
{
stdOut.AppendLine(p.StandardOutput.ReadLine());
}
while (!p.StandardError.EndOfStream)
{
stdErr.AppendLine(p.StandardError.ReadLine());
}
p.WaitForExit();
_l.Debug("Process exited. Parsing...");
// parse result
ac = SignToolOutputParser.parseSignToolOutput(SignToolOutputParser.SignToolOperation.Verify, ac, stdOut.ToString(), stdErr.ToString());
_l.Debug($"Parsed result = {ac.ToString()}");
_l.Debug($"Deleting file {systemFileNameOfficeFile}");
// delete after verify
System.IO.File.Delete(Path.Combine(systemFileNameOfficeFile));
_asvc.addUpdateApiActivity(ac);
return(Content(ac.getWebresult()));
}
else
{
var message = ("No Files submitted for Verifying!");
_l.Warning(message);
ac.Operation = ApiActivity.ApiOperation.Verify;
ac.Status = ApiActivity.ApiStatus.Error;
ac.Message = message;
return(Content(ac.getWebresult()));
}
}