예제 #1
0
        public ActionResult Unlock(long id)
        {
            var rlc = new RequestLockManagementController();
            // add AuditLog entry for lock remove
            var upc = new UserManagementController();
            var almc = new AuditLogManagementController();
            almc.addEntry(id, upc.getUserProfile(User.Identity.Name).UserId,
                          Constants.AuditType.RequestUnlock);

            rlc.removeLock(id);

            return RedirectToAction("Index", "Home", new {
                status = Constants.URLStatus.Unlocked
            });
        }
예제 #2
0
        /// <summary>
        ///     Ability to Export a locked Request as a DOCX
        /// </summary>
        /// <param name="id">The Request ID to Export</param>
        /// <returns>A DOCX file.</returns>
        /// <request type="GET">/Request/Export</request>
        public ActionResult Export(long id)
        {
            var wec = new WordExportController();
            var db = new CAIRSDataContext();
            Request request = db.Requests.FirstOrDefault(r => r.RequestID == id);

            var markDate = new DateTime(2010, 01, 01, 00, 00, 00, 00);
            TimeSpan dateStamp = DateTime.Now.Subtract(markDate);
            string filePath =
                Server.MapPath(Constants.Export.REPORT_TEMP_PATH +
                               dateStamp.TotalSeconds + ".docx");
            string templatePath =
                Server.MapPath(Constants.Export.REPORT_TEMPLATE_PATH);

            IEnumerable<string> output = wec.requestToStrings(request);
            wec.generateDocument(output, templatePath, filePath, id);

            // add AuditLog entry for exporting
            var upc = new UserManagementController();
            var almc = new AuditLogManagementController();
            almc.addEntry(id, upc.getUserProfile(User.Identity.Name).UserId,
                          Constants.AuditType.RequestExport);

            return View("Details", new RequestContent(request));
        }
예제 #3
0
        public ActionResult Create(RequestContent reqContent)
        {
            var rmc = new RequestManagementController();

            bool valid = ModelState.IsValid;

            if (reqContent.parentRequestID != null &&
                !rmc.requestExists((long) reqContent.parentRequestID)) {
                ModelState.AddModelError("NonexistentParentRequest",
                                         "Parent Request ID must correspond to an existing request.");
                valid = false;
            }

            if (Request.Form["mark_as_complete"] != null) {
                foreach (
                    QuestionResponseContent qrContent in
                        reqContent.questionResponseList) {
                    if (String.IsNullOrEmpty(qrContent.question) ||
                        removeNewLinesAndTabs(qrContent.question).Equals("<br />") ||
                        String.IsNullOrEmpty(qrContent.response) ||
                        removeNewLinesAndTabs(qrContent.response).Equals("<br />") ||
                        qrContent.questionTypeID == null ||
                        qrContent.tumourGroupID == null ||
                        qrContent.timeSpent == null ||
                        qrContent.severity == null ||
                        qrContent.consequence == null ||
                        qrContent.keywords.Count < 1) {
                        ModelState.AddModelError("IncompleteQuestion",
                                                 "Questions must be completed before marking request as complete.");
                        valid = false;
                        break;
                    }

                    if (qrContent.keywords.Any(keyword => keyword.Length > 128)) {
                        ModelState.AddModelError("KeywordTooLong",
                                                 "Keywords must be less than 128 characters.");
                        valid = false;
                    }

                    if (qrContent.referenceList.Any(refContent => String.IsNullOrEmpty(refContent.referenceString))) {
                        ModelState.AddModelError("IncompleteReference",
                                                 "References must be completed before marking request as complete.");
                        valid = false;
                    }
                }

                reqContent.timeClosed = DateTime.Now;
                reqContent.requestStatus = Constants.RequestStatus.Completed;
            }

            // Encode HTML in question responses
            // Replace null references with empty string
            foreach (
                QuestionResponseContent qrContent in
                    reqContent.questionResponseList) {
                if (!String.IsNullOrEmpty(qrContent.question)) {
                    qrContent.question = HttpUtility.HtmlEncode(
                        removeNewLinesAndTabs(qrContent.question))
                                                    .Replace("&#39;", "'");
                }
                if (!String.IsNullOrEmpty(qrContent.response)) {
                    qrContent.response = HttpUtility.HtmlEncode(
                        removeNewLinesAndTabs(qrContent.response))
                                                    .Replace("&#39;", "'");
                }
                if (!String.IsNullOrEmpty(qrContent.specialNotes)) {
                    qrContent.specialNotes = HttpUtility.HtmlEncode(
                        removeNewLinesAndTabs(qrContent.specialNotes))
                                                        .Replace("&#39;", "'");
                }

                foreach (
                    ReferenceContent refContent in qrContent.referenceList) {

                    refContent.referenceString =
                        refContent.referenceString == null ?
                            "" :
                            refContent.referenceString.Replace("\\", "\\\\");
                }
            }

            if (!valid) {
                var dc = new DropdownManagementController();

                ViewBag.RequestorTypes = new SelectList(
                    dc.getEntries(Constants.DropdownTable.RequestorType),
                    "id", "text");
                ViewBag.Regions = new SelectList(
                    dc.getEntries(Constants.DropdownTable.Region),
                    "id", "text");

                ViewBag.GenderOptions = new SelectList(Constants.genderOptions);

                return View(reqContent);
            }

            long reqId = rmc.create(reqContent);

            var uc = new UserManagementController();
            UserProfile up = uc.getUserProfile(User.Identity.Name);
            var almc = new AuditLogManagementController();
            almc.addEntry(reqId, up.UserId,
                          Constants.AuditType.RequestCreation,
                          reqContent.timeOpened);

            if (reqContent.requestStatus == Constants.RequestStatus.Completed &&
                reqContent.timeClosed != null) {
                almc.addEntry(reqId, up.UserId,
                              Constants.AuditType.RequestCompletion,
                              (DateTime) reqContent.timeClosed);
            }

            if (Roles.IsUserInRole(Constants.Roles.VIEWER)) {
                return RedirectToAction("Details", "Request",
                                        new {
                                            id = reqId
                                        });
            }

            return RedirectToAction("Index", "Home",
                                    new {
                                        status =
                                        Constants.URLStatus.SuccessfulCreate
                                    });
        }
        private void addEntryWithSpecifiedDateTimeHelper(Constants.AuditType at,
                                                         DateTime
                                                             randomizedDateTime)
        {
            var almc = new AuditLogManagementController();

            // run method

            almc.addEntry(rq.RequestID, up.UserId, at, randomizedDateTime);

            // checks
            AuditLog alCreated =
                _dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq.RequestID);

            Assert.IsNotNull(alCreated, "No audit log created.");
            Assert.IsTrue(alCreated.UserID == up.UserId,
                          "Audit Log created with wrong user ID.");
            Assert.IsTrue(
                Enum.GetName(typeof (Constants.AuditType), alCreated.AuditType)
                    .Equals(Enum.GetName(typeof (Constants.AuditType), at)),
                "Audit Log created with wrong audit type.");
            Assert.That(alCreated.AuditDate,
                        Is.EqualTo(randomizedDateTime).Within(1).Seconds,
                        "Audit Log created with wrong date.");

            _dc.AuditLogs.DeleteOnSubmit(alCreated);
            _dc.SubmitChanges();
        }
예제 #5
0
        public ActionResult Details(long id)
        {
            var rmc = new RequestManagementController();
            var rlc = new RequestLockManagementController();
            var upc = new UserManagementController();
            var db = new CAIRSDataContext();
            int timeSpent = 0;

            // Set up the Request Object
            RequestContent request = rmc.getRequestDetails(id);
            if (request == null) {
                ViewBag.Title = Constants.UIString.TitleText.VIEW_REQUEST
                                + " - "
                                + Constants.UIString.TitleText.ERROR;
                ViewBag.Error =
                    "The Request ID provided does not exist in the database.";

                return View((object) null);
            }

            ViewBag.Title = Constants.UIString.TitleText.VIEW_REQUEST
                            + " - "
                            + Constants.UIString.TitleText.REQUEST_NUM
                            + request.requestID;

            // Show error if not editor/administrator and request isn't complete
            if (!User.IsInRole(Constants.Roles.REQUEST_EDITOR)
                && !User.IsInRole(Constants.Roles.ADMINISTRATOR)
                && request.requestStatus != Constants.RequestStatus.Completed) {
                ViewBag.Title = Constants.UIString.TitleText.VIEW_REQUEST
                                + " - "
                                + Constants.UIString.TitleText.ERROR;
                ViewBag.Error =
                    "You do not have the necessary permissions to view this request.";

                return View((object) null);
            }

            // Show error if not administrator and request is invalid (deleted)
            if (!User.IsInRole(Constants.Roles.ADMINISTRATOR)
                && request.requestStatus == Constants.RequestStatus.Invalid) {
                ViewBag.Title = Constants.UIString.TitleText.VIEW_REQUEST
                                + " - "
                                + Constants.UIString.TitleText.ERROR;
                ViewBag.Error =
                    "You do not have the necessary permissions to view this request.";

                return View((object) null);
            }

            // Show error if you can't view due to locked status
            if (rlc.isLocked(id) &&
                !User.IsInRole(Constants.Roles.ADMINISTRATOR)) {
                // Check if it's not locked to you
                if (!User.IsInRole(Constants.Roles.REQUEST_EDITOR) ||
                    rlc.getRequestLock(id).UserID !=
                    upc.getUserProfile(User.Identity.Name).UserId) {
                    request = null;
                    ViewBag.Title = Constants.UIString.TitleText.VIEW_REQUEST
                                    + " - "
                                    + Constants.UIString.TitleText.ERROR;
                    ViewBag.Error =
                        "This request has been locked to another person and cannot be viewed until unlocked.";

                    return View((object) null);
                }
            }

            // Set up Time Spent (Question-Dependent)
            foreach (QuestionResponseContent qr in request.questionResponseList) {
                timeSpent += qr.timeSpent.GetValueOrDefault(0);
            }

            ViewBag.TimeSpent = timeSpent;
            ViewBag.DataContext = new CAIRSDataContext();

            // Created By
            AuditLog auditLog = (from al in db.AuditLogs
                                 where
                                     (int) al.AuditType ==
                                     (int) Constants.AuditType.RequestCreation &&
                                     al.RequestID == request.requestID
                                 select al).FirstOrDefault();
            if (auditLog != null && auditLog.UserProfile != null) {
                ViewBag.CreatedBy = auditLog.UserProfile.UserFullName;
            } else {
                ViewBag.CreatedBy = "";
            }

            // Closed By
            auditLog = (from al in db.AuditLogs
                        where
                            (int) al.AuditType ==
                            (int) Constants.AuditType.RequestCompletion &&
                            al.RequestID == request.requestID
                        select al).FirstOrDefault();
            if (auditLog != null && auditLog.UserProfile != null) {
                ViewBag.CompletedBy = auditLog.UserProfile.UserFullName;
            } else {
                ViewBag.CompletedBy = "";
            }

            // add AuditLog entry for viewing
            var almc = new AuditLogManagementController();
            almc.addEntry(id, upc.getUserProfile(User.Identity.Name).UserId,
                          Constants.AuditType.RequestView);

            ViewBag.IsLocked = rlc.isLocked(id);

            if (ViewBag.IsLocked) {
                ViewBag.IsLockedToMe = rlc.getRequestLock(id).UserID ==
                                       upc.getUserProfile(User.Identity.Name)
                                          .UserId;
            } else {
                ViewBag.IsLockedToMe = false;
            }

            return View(request);
        }
        public void Test_createReportForUserWithSingleAuditLog()
        {
            var almc = new AuditLogManagementController();

            // create AuditLog by up
            _dc.AuditLogs.InsertOnSubmit(new AuditLog {
                RequestID = rq.RequestID,
                UserID = up.UserId,
                AuditType = (byte) Constants.AuditType.RequestView,
                AuditDate = DateTime.Now
            });
            _dc.SubmitChanges();

            bool returnValue = almc.createReportForUser(up.UserId,
                                                        DateTime.Now.Subtract(
                                                            TimeSpan.FromHours(1)),
                                                        DateTime.Now);
        }
        private void addEntryHelper(Constants.AuditType at)
        {
            var almc = new AuditLogManagementController();

            // run method
            almc.addEntry(rq.RequestID, up.UserId, at);

            //// checks
            AuditLog alCreated =
                _dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq.RequestID);

            Assert.IsNotNull(alCreated, "No audit log created.");

            Assert.IsTrue(alCreated.UserID == up.UserId,
                          "Audit Log created with wrong user ID.");
            Assert.IsTrue(
                Enum.GetName(typeof (Constants.AuditType), alCreated.AuditType)
                    .Equals(Enum.GetName(typeof (Constants.AuditType), at)),
                "Audit Log created with wrong audit type.");
            Assert.IsTrue(
                ((DateTime.Now.Subtract(TimeSpan.FromSeconds(5))) <
                 alCreated.AuditDate),
                "Audit Log created with incorrect date and time (too early).");
            Assert.IsTrue(DateTime.Now > alCreated.AuditDate,
                          "Audit Log created with incorrect date and time (too late).");

            _dc.AuditLogs.DeleteOnSubmit(alCreated);
            _dc.SubmitChanges();
        }
        public void Test_createReportForUserInvalidDate()
        {
            var almc = new AuditLogManagementController();

            bool returnValue = almc.createReportForUser(up.UserId, DateTime.Now,
                                                        DateTime.Now.Subtract(
                                                            TimeSpan.FromHours(1)));
        }
        public void Test_createReportForUserNoData()
        {
            var almc = new AuditLogManagementController();
            int randomUserIntNew = _random.Next(1, 100000000);

            _dc.UserProfiles.InsertOnSubmit(new UserProfile {
                UserName =
                    "******" +
                    randomUserIntNew.ToString(CultureInfo.InvariantCulture)
            });

            _dc.SubmitChanges();

            UserProfile upNew =
                _dc.UserProfiles.FirstOrDefault(
                    userProfile =>
                    userProfile.UserName ==
                    ("TALM" +
                     randomUserIntNew.ToString(CultureInfo.InvariantCulture)));

            bool returnValue = almc.createReportForUser(upNew.UserId,
                                                        DateTime.Now.Subtract(
                                                            TimeSpan.FromHours(1)),
                                                        DateTime.Now);

            Assert.IsFalse(returnValue,
                           "Data in audit report for requests with no AuditLogs.");

            _dc.UserProfiles.DeleteOnSubmit(upNew);
            _dc.SubmitChanges();
        }
        public void Test_createReportForRequestWithSingleRequest()
        {
            var almc = new AuditLogManagementController();

            // create AuditLogs for rq
            _dc.AuditLogs.InsertOnSubmit(new AuditLog {
                RequestID = rq.RequestID,
                UserID = up.UserId,
                AuditType = (byte) Constants.AuditType.RequestView,
                AuditDate = DateTime.Now
            });
            _dc.SubmitChanges();

            var auditRequests = new List<Request> {
                rq
            };

            bool returnValue = almc.createReportForRequest(auditRequests);

            // delete AuditLog created
            AuditLog alCreated =
                _dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq.RequestID);
            _dc.AuditLogs.DeleteOnSubmit(alCreated);
            _dc.SubmitChanges();
        }
 public void Test_createReportForUserInvalid()
 {
     var almc = new AuditLogManagementController();
     bool returnValue = almc.createReportForUser(0, DateTime.MinValue,
                                                 DateTime.MaxValue);
 }
        public void Test_createReportForRequestWithMultipleRequests()
        {
            // Create an extra test request to test list with multiple
            long randomRequestInt = _random.Next(1, 100000000);
            var rmc = new RequestManagementController();

            // Create new Request Directly in DB
            rmc.create(new RequestContent {
                patientLName =
                    "TALM" +
                    randomRequestInt.ToString(CultureInfo.InvariantCulture)
            });

            _dc.SubmitChanges();

            rq2 = _dc.Requests.FirstOrDefault(
                request =>
                request.PatientLName ==
                ("TALM" +
                 randomRequestInt.ToString(CultureInfo.InvariantCulture)));

            var almc = new AuditLogManagementController();

            // create AuditLogs for rq
            _dc.AuditLogs.InsertOnSubmit(new AuditLog {
                RequestID = rq.RequestID,
                UserID = up.UserId,
                AuditType = (byte) Constants.AuditType.RequestView,
                AuditDate = DateTime.Now
            });
            _dc.SubmitChanges();

            // create AuditLogs for rq2
            _dc.AuditLogs.InsertOnSubmit(new AuditLog {
                RequestID = rq2.RequestID,
                UserID = up.UserId,
                AuditType = (byte) Constants.AuditType.RequestView,
                AuditDate = DateTime.Now
            });
            _dc.SubmitChanges();

            var auditRequests = new List<Request> {
                rq,
                rq2
            };

            bool returnValue = almc.createReportForRequest(auditRequests);

            // delete both AuditLogs created
            AuditLog alCreated =
                _dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq.RequestID);
            _dc.AuditLogs.DeleteOnSubmit(alCreated);
            AuditLog alCreated2 =
                _dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq2.RequestID);
            _dc.AuditLogs.DeleteOnSubmit(alCreated2);
            _dc.SubmitChanges();
        }
 public void Test_createReportForRequestNull()
 {
     var almc = new AuditLogManagementController();
     bool returnValue = almc.createReportForRequest(null);
 }
        public void Test_createReportForRequestNoData()
        {
            var almc = new AuditLogManagementController();
            var auditRequests = new List<Request> {
                rq
            };

            bool returnValue = almc.createReportForRequest(auditRequests);

            Assert.IsFalse(returnValue,
                           "Data in audit report for requests with no AuditLogs.");
        }
        public void Test_addEntryWithSpecifiedIncorrectUser()
        {
            var almc = new AuditLogManagementController();

            // run method
            almc.addEntry(rq.RequestID, 0, Constants.AuditType.RequestView,
                          DateTime.Now);

            //// checks
            AuditLog alCreated =
                _dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq.RequestID);

            Assert.IsNull(alCreated,
                          "Audit log created despite invalid user ID.");
        }
        public void Test_addEntryIncorrectRequest()
        {
            var almc = new AuditLogManagementController();

            // run method
            almc.addEntry(0, up.UserId, Constants.AuditType.RequestView);

            //// checks
            AuditLog alCreated =
                _dc.AuditLogs.FirstOrDefault(r => r.RequestID == rq.RequestID);

            Assert.IsNull(alCreated,
                          "Audit log created despite invalid request ID.");
        }