Exemplo n.º 1
0
 public async Task <ArtifactModel> UpdateArtifact(UpdateArtifactModel updateArtifactModel)
 {
     if (updateArtifactModel != null)
     {
         return(await _artifactRepo.UpdateArtifact(updateArtifactModel).ConfigureAwait(false));
     }
     return(null);
 }
Exemplo n.º 2
0
        public async Task <IActionResult> UpdateChecklist(string id, IFormFile checklistFile, string systemGroupId)
        {
            try {
                _logger.LogInformation("Calling UpdateChecklist({0})", id);
                //var name = checklistFile.FileName;
                string rawChecklist = string.Empty;
                if (checklistFile.FileName.ToLower().EndsWith(".xml"))
                {
                    // if an XML XCCDF SCAP scan checklistFile
                    using (var reader = new StreamReader(checklistFile.OpenReadStream()))
                    {
                        // read in the checklistFile
                        string xmlfile = reader.ReadToEnd();
                        // pull out the rule IDs and their results of pass or fail and the title/type of SCAP scan done
                        SCAPRuleResultSet results = SCAPScanResultLoader.LoadSCAPScan(xmlfile);
                        // get the raw checklist from the msg checklist NATS reader
                        // update the rawChecklist data so we can move on
                        var record = await _artifactRepo.GetArtifact(id);

                        rawChecklist = SCAPScanResultLoader.UpdateChecklistData(results, record.rawChecklist, false);
                    }
                }
                else if (checklistFile.FileName.ToLower().EndsWith(".ckl"))
                {
                    // if a CKL file
                    using (var reader = new StreamReader(checklistFile.OpenReadStream()))
                    {
                        rawChecklist = reader.ReadToEnd();
                    }
                }
                else
                {
                    // log this is a bad checklistFile
                    return(BadRequest());
                }

                _logger.LogInformation("UpdateChecklist({0}) sanitizing the checklist XML", id);
                rawChecklist = SanitizeData(rawChecklist);
                // update and fill in the same info
                Artifact newArtifact = MakeArtifactRecord(rawChecklist);
                Artifact oldArtifact = await _artifactRepo.GetArtifact(id);

                if (oldArtifact != null && oldArtifact.createdBy != Guid.Empty)
                {
                    _logger.LogInformation("UpdateChecklist({0}) copying the old data into the new one to replace it", id);
                    // this is an update of an older one, keep the createdBy intact
                    newArtifact.createdBy = oldArtifact.createdBy;
                    // keep it a part of the same system group
                    if (!string.IsNullOrEmpty(oldArtifact.systemGroupId))
                    {
                        newArtifact.systemGroupId = oldArtifact.systemGroupId;
                        newArtifact.systemTitle   = oldArtifact.systemTitle;
                    }
                }
                oldArtifact = null;

                // grab the user/system ID from the token if there which is *should* always be
                var claim = this.User.Claims.Where(x => x.Type == System.Security.Claims.ClaimTypes.NameIdentifier).FirstOrDefault();
                if (claim != null) // get the value
                {
                    _logger.LogInformation("UpdateChecklist({0}) getting the updated by ID", id);
                    newArtifact.updatedBy = Guid.Parse(claim.Value);
                }

                _logger.LogInformation("UpdateChecklist({0}) saving the new artifact record", id);
                await _artifactRepo.UpdateArtifact(id, newArtifact);

                // publish to the openrmf save new realm the new ID we can use
                _logger.LogInformation("UpdateChecklist({0}) publishing the updated checklist for scoring", id);
                _msgServer.Publish("openrmf.checklist.save.update", Encoding.UTF8.GetBytes(id));
                _msgServer.Flush();
                _logger.LogInformation("Called UpdateChecklist({0}) successfully", id);

                // publish an audit event
                _logger.LogInformation("UpdateChecklist() publish an audit message on an updated checklist {0}.", checklistFile.FileName);
                Audit newAudit = GenerateAuditMessage(claim, "update checklist");
                newAudit.message = string.Format("UpdateChecklist() updated checklist {0} with file {1}.", id, checklistFile.FileName);
                newAudit.url     = "PUT /";
                _msgServer.Publish("openrmf.audit.upload", Encoding.UTF8.GetBytes(Compression.CompressString(JsonConvert.SerializeObject(newAudit))));
                _msgServer.Flush();
                return(Ok());
            }
            catch (Exception ex) {
                _logger.LogError(ex, "Error Uploading updated Checklist file");
                return(BadRequest());
            }
        }