public RESTStatus GetGroups(SQLLib sql, object dummy, NetworkConnectionInfo ni)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
GroupList = new GroupElementList();
GroupList.List = new List <GroupElement>();
lock (ni.sqllock)
{
SqlDataReader dr = dr = sql.ExecSQLReader("select * from Grouping WHERE ParentID is null order by Name");
while (dr.Read())
{
GroupElement ge = new GroupElement();
ge.ID = Convert.ToInt64(dr["ID"]);
ge.Name = Convert.ToString(dr["Name"]);
ge.ParentID = dr["ParentID"] is DBNull ? (Int64?)null : Convert.ToInt64(dr["ParentID"]);
GroupList.List.Add(ge);
}
dr.Close();
}
return(RESTStatus.Success);
}
public RESTStatus GetSMARTInfos(SQLLib sql, object dummy, NetworkConnectionInfo ni, string id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
lock (ni.sqllock)
{
if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM ComputerAccounts WHERE MachineID=@m",
new SQLParam("@m", id))) == 0)
{
ni.Error = "Invalid MachineID";
ni.ErrorID = ErrorFlags.InvalidValue;
return(RESTStatus.NotFound);
}
}
SMARTRet = new VulpesSMARTInfoList();
SMARTRet.MachineID = id;
SMARTRet.List = LoadData(id, sql);
return(RESTStatus.Success);
}
public RESTStatus ChangeCommentsComputer(SQLLib sql, NetString comments, NetworkConnectionInfo ni, string id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
lock (ni.sqllock)
{
if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM ComputerAccounts WHERE MachineID=@m", new SQLParam("@m", id))) == 0)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
}
if (comments.Data == null)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.Fail);
}
lock (ni.sqllock)
{
sql.ExecSQL("UPDATE ComputerAccounts SET Comments=@c WHERE MachineID=@m",
new SQLParam("@m", id),
new SQLParam("@c", comments.Data));
}
return(RESTStatus.NoContent);
}
public RESTStatus GetSTask(SQLLib sql, object dummy, NetworkConnectionInfo ni, Int64 id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
lock (ni.sqllock)
{
SqlDataReader dr = sql.ExecSQLReader("select * from SimpleTasks WHERE ID=@id", new SQLParam("@id", id));
if (dr.HasRows == false)
{
dr.Close();
return(RESTStatus.NotFound);
}
SimpleTask = new SimpleTask();
while (dr.Read())
{
sql.LoadIntoClass(dr, SimpleTask);
}
dr.Close();
}
return(RESTStatus.Success);
}
public RESTStatus DeleteGroup(SQLLib sql, object dummy, NetworkConnectionInfo ni, Int64 id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
lock (ni.sqllock)
{
if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM Grouping WHERE ID=@id",
new SQLParam("@id", id))) == 0)
{
ni.Error = "Group does not exist";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
}
try
{
lock (ni.sqllock)
{
sql.ExecSQL("DELETE FROM Grouping WHERE ID=@id", new SQLParam("@id", id));
}
}
catch
{
ni.Error = "SQL Error";
ni.ErrorID = ErrorFlags.SQLError;
return(RESTStatus.ServerError);
}
return(RESTStatus.Success);
}
public RESTStatus GetWindowsLicData(SQLLib sql, object dummy, NetworkConnectionInfo ni, string id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
if (string.IsNullOrWhiteSpace(id) == true)
{
ni.Error = "Missing Data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.Fail);
}
lock (ni.sqllock)
{
if (Computers.MachineExists(sql, id) == false)
{
ni.Error = "Invalid MachineID";
ni.ErrorID = ErrorFlags.InvalidValue;
return(RESTStatus.Fail);
}
}
lock (ni.sqllock)
{
SqlDataReader dr = sql.ExecSQLReader("SELECT * FROM WindowsLic WHERE MachineID=@m",
new SQLParam("@m", id));
if (dr.HasRows == false)
{
dr.Close();
ni.Error = "No Data";
ni.ErrorID = ErrorFlags.NoData;
return(RESTStatus.Fail);
}
WindowsLicData = new WindowsLic();
dr.Read();
WindowsLicData.Description = Convert.ToString(dr["Description"]);
WindowsLicData.GracePeriodRemaining = Convert.ToInt64(dr["GracePeriodRemaining"]);
WindowsLicData.LicenseFamily = Convert.ToString(dr["LicenseFamily"]);
WindowsLicData.LicenseStatus = Convert.ToInt64(dr["LicenseStatus"]);
WindowsLicData.LicenseStatusText = Convert.ToString(dr["LicenseStatusText"]);
WindowsLicData.MachineID = Convert.ToString(dr["MachineID"]);
WindowsLicData.Name = Convert.ToString(dr["Name"]);
WindowsLicData.PartialProductKey = Convert.ToString(dr["PartialProductKey"]);
WindowsLicData.ProductKeyChannel = Convert.ToString(dr["ProductKeyChannel"]);
WindowsLicData.ProductKeyID = Convert.ToString(dr["ProductKeyID"]);
WindowsLicData.ProductKeyID2 = Convert.ToString(dr["ProductKeyID2"]);
WindowsLicData.Reported = SQLLib.GetDTUTC(dr["Reported"]);
dr.Close();
}
return(RESTStatus.Success);
}
public RESTStatus ReportDevicesFilter(SQLLib sql, FilterDriverList devices, NetworkConnectionInfo ni)
{
if (ni.HasAcl(ACLFlags.ComputerLogin) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
if (devices == null)
{
ni.Error = "Invalid Items";
ni.ErrorID = ErrorFlags.InvalidValue;
return(RESTStatus.Fail);
}
devices.MachineID = ni.Username;
lock (ni.sqllock)
{
if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM ComputerAccounts WHERE MachineID=@m",
new SQLParam("@m", devices.MachineID))) == 0)
{
ni.Error = "Invalid MachineID";
ni.ErrorID = ErrorFlags.InvalidValue;
return(RESTStatus.NotFound);
}
}
lock (ni.sqllock)
{
sql.ExecSQL("DELETE FROM DevicesFilter WHERE MachineID=@id", new SQLParam("@id", devices.MachineID));
}
if (devices.List == null)
{
devices.List = new List <FilterDriver>();
}
int Counter = 0;
foreach (FilterDriver flt in devices.List)
{
lock (ni.sqllock)
{
sql.InsertMultiData("DevicesFilter",
new SQLData("MachineID", devices.MachineID),
new SQLData("Index", Counter),
new SQLData("ClassGUID", flt.ClassGUID),
new SQLData("ServiceName", flt.ServiceName),
new SQLData("Type", flt.Type));
}
Counter++;
}
return(RESTStatus.Success);
}
public RESTStatus ReportWindowsLic(SQLLib sql, WindowsLic WinLic, NetworkConnectionInfo ni)
{
if (ni.HasAcl(ACLFlags.ComputerLogin) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
WinLic.MachineID = ni.Username;
WinLic.Reported = DateTime.Now;
lock (ni.sqllock)
{
if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM ComputerAccounts WHERE MachineID=@m",
new SQLParam("@m", WinLic.MachineID))) == 0)
{
ni.Error = "Invalid MachineID";
ni.ErrorID = ErrorFlags.InvalidValue;
return(RESTStatus.Fail);
}
}
lock (ni.sqllock)
{
sql.ExecSQL("DELETE FROM WindowsLic WHERE MachineID=@m",
new SQLParam("@m", WinLic.MachineID));
}
if (NullTest.Test(WinLic) == false)
{
ni.Error = "Invalid Data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.Fail);
}
lock (ni.sqllock)
{
sql.InsertMultiData("WindowsLic",
new SQLData("MachineID", WinLic.MachineID),
new SQLData("Name", WinLic.Name),
new SQLData("Description", WinLic.Description),
new SQLData("GracePeriodRemaining", WinLic.GracePeriodRemaining),
new SQLData("PartialProductKey", WinLic.PartialProductKey),
new SQLData("ProductKeyID", WinLic.ProductKeyID),
new SQLData("ProductKeyID2", WinLic.ProductKeyID2),
new SQLData("LicenseFamily", WinLic.LicenseFamily),
new SQLData("ProductKeyChannel", WinLic.ProductKeyChannel),
new SQLData("LicenseStatus", WinLic.LicenseStatus),
new SQLData("LicenseStatusText", WinLic.LicenseStatusText));
}
return(RESTStatus.Success);
}
public RESTStatus ListPolicies(SQLLib sql, object dummy, NetworkConnectionInfo ni, NameValueCollection QueryString)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
if (QueryString["MachineID"] != null && QueryString["Grouping"] != null)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.Fail);
}
PolicyList = new PolicyObjectList();
PolicyList.Items = new List <PolicyObject>();
bool AllPolicies = true;
bool WithData = false;
int tmp;
int.TryParse(QueryString["AllPolicies"] == null ? "1" : QueryString["AllPolicies"], out tmp);
AllPolicies = tmp == 1 ? true : false;
int.TryParse(QueryString["WithData"] == null ? "0" : QueryString["WithData"], out tmp);
WithData = tmp == 1 ? true : false;
lock (ni.sqllock)
{
SqlDataReader dr = null;
if (AllPolicies == true)
{
dr = sql.ExecSQLReader("select * from Policies order by Name");
}
else
{
dr = sql.ExecSQLReader("select * from Policies where " + (QueryString["Grouping"] == null ? " Grouping is null AND " : " Grouping=@grouping AND ") +
(QueryString["MachineID"] == null ? " MachineID is null " : " MachineID=@machineid ") + " order by Name",
new SQLParam("@machineid", QueryString["MachineID"]),
new SQLParam("@grouping", QueryString["Grouping"]));
}
while (dr.Read())
{
PolicyList.Items.Add(LoadPolicyDB(dr, WithData, false));
}
dr.Close();
}
return(RESTStatus.Success);
}
public RESTStatus ReportRSOP(SQLLib sql, object RSOPData, NetworkConnectionInfo ni)
{
if (ni.HasAcl(ACLFlags.ComputerLogin) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
//Keep older clients happy
return(RESTStatus.Success);
}
public RESTStatus GetStartupItems(SQLLib sql, object dummy, NetworkConnectionInfo ni, string id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
StartupsRep = new ListStartupItemReport();
StartupsRep.Items = new List <StartupItemFull>();
lock (ni.sqllock)
{
SqlDataReader dr;
if (string.IsNullOrWhiteSpace(id) == true)
{
dr = sql.ExecSQLReader("select * from Startups inner join ComputerAccounts on ComputerAccounts.MachineID=Startups.MachineID left outer join UsersList on UsersList.SID=HKCUUser AND UsersList.MachineID=Startups.MachineID order by Location,[Key]");
}
else
{
if (Computers.MachineExists(sql, id) == false)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
dr = sql.ExecSQLReader("select * from Startups inner join ComputerAccounts on ComputerAccounts.MachineID=Startups.MachineID left outer join UsersList on UsersList.SID=HKCUUser AND UsersList.MachineID=Startups.MachineID WHERE ComputerAccounts.MachineID=@m order by Location,[Key]",
new SQLParam("@m", id));
}
while (dr.Read())
{
StartupItemFull ar = new StartupItemFull();
ar.Computername = Convert.ToString(dr["Computername"]);
ar.DT = SQLLib.GetDTUTC(dr["DT"]);
ar.HKCUUser = Convert.ToString(dr["HKCUUser"]);
ar.MachineID = Convert.ToString(dr["MachineID"]);
ar.Username = Convert.ToString(dr["Username"]);
ar.Item = Convert.ToString(dr["Item"]);
ar.Key = Convert.ToString(dr["Key"]);
ar.Location = Convert.ToString(dr["Location"]);
StartupsRep.Items.Add(ar);
}
dr.Close();
}
return(RESTStatus.Success);
}
public RESTStatus GetComputerDetail(SQLLib sql, object dummy, NetworkConnectionInfo ni, string id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
lock (ni.sqllock)
{
if (MachineExists(sql, id) == false)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
}
lock (ni.sqllock)
{
SqlDataReader dr = sql.ExecSQLReader(@"
WITH GroupingRecursive(ID, Name, ParentID, LEVEL, Path) AS
(SELECT ID, name, ParentID, 0 AS LEVEL,
CAST(name AS nvarchar(max)) AS treepath
FROM Grouping
WHERE ParentID IS NULL
UNION ALL
SELECT d.ID, d.Name, d.ParentID,
GroupingRecursive.LEVEL + 1 AS LEVEL,
CAST(GroupingRecursive.Path + '\' +
CAST(d.Name AS nvarchar(max)) AS NVARCHAR(max)) AS treepath
FROM Grouping as d
INNER JOIN GroupingRecursive
ON GroupingRecursive.ID = d.ParentID)
select *,(SELECT Path FROM GroupingRecursive WHERE ID=ComputerAccounts.Grouping) as Path from ComputerAccounts WHERE MachineID=@id order by ComputerName",
new SQLParam("@id", id));
ComputerData cd = null;
while (dr.Read())
{
cd = new ComputerData();
PutComputerData(dr, ref cd);
}
dr.Close();
ComputerDataInfo = cd;
}
return(RESTStatus.Success);
}
public RESTStatus RunAdminNowREST(SQLLib sql, object dummy, NetworkConnectionInfo ni)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
RunAdminNow = true;
Dummy = new NetString();
Dummy.Data = "OK";
return(RESTStatus.Success);
}
public RESTStatus ListRKData(SQLLib sql, object dummy, NetworkConnectionInfo ni, string id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
if (string.IsNullOrWhiteSpace(id) == true)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
lock (ni.sqllock)
{
if (Computers.MachineExists(sql, id) == false)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
}
LstRKData = new BitlockerRKList();
LstRKData.List = new List <BitlockerRK>();
LstRKData.MachineID = id;
lock (ni.sqllock)
{
SqlDataReader dr = sql.ExecSQLReader("SELECT * FROM BitlockerRK WHERE MachineID=@m",
new SQLParam("@m", id));
while (dr.Read())
{
BitlockerRK rk = new BitlockerRK();
rk.DeviceID = Convert.ToString(dr["DeviceID"]);
rk.DriveLetter = Convert.ToString(dr["DriveLetter"]);
rk.Reported = SQLLib.GetDTUTC(dr["Reported"]);
rk.Keys = JsonConvert.DeserializeObject <List <BitlockerRKKeyElement> >(Convert.ToString(dr["Keys"]));
LstRKData.List.Add(rk);
}
dr.Close();
}
return(RESTStatus.Success);
}
public RESTStatus ListDevicesFilters(SQLLib sql, object dummy, NetworkConnectionInfo ni, string id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
if (string.IsNullOrWhiteSpace(id) == true)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
lock (ni.sqllock)
{
if (Computers.MachineExists(sql, id) == false)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
}
LstFltData = new FilterDriverList();
LstFltData.List = new List <FilterDriver>();
LstFltData.MachineID = id;
lock (ni.sqllock)
{
SqlDataReader dr = sql.ExecSQLReader("SELECT * FROM DevicesFilter WHERE MachineID=@mid", new SQLParam("@mid", id));
while (dr.Read())
{
FilterDriver n = new FilterDriver();
n.ClassGUID = Convert.ToString(dr["ClassGUID"]);
n.ServiceName = Convert.ToString(dr["ServiceName"]);
n.Type = Convert.ToInt32(dr["Type"]);
LstFltData.List.Add(n);
}
dr.Close();
}
return(RESTStatus.Success);
}
public RESTStatus CompleteSTask(SQLLib sql, SimpleTaskResult STaskResult, NetworkConnectionInfo ni)
{
if (ni.HasAcl(ACLFlags.ComputerLogin) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
if (STaskResult == null)
{
ni.Error = "Invalid ID";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
lock (ni.sqllock)
{
STaskResult.MachineID = ni.Username;
if (STaskExsits(sql, STaskResult.ID, STaskResult.MachineID) == false)
{
ni.Error = "Invalid ID";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
}
lock (ni.sqllock)
{
STaskResult.Name = Convert.ToString(sql.ExecSQLScalar("SELECT Name FROM SimpleTasks WHERE ID=@id",
new SQLParam("@id", STaskResult.ID)));
}
lock (ni.sqllock)
{
sql.ExecSQL("DELETE FROM SimpleTasks WHERE ID=@id",
new SQLParam("@id", STaskResult.ID));
}
Thread t = new Thread(new ParameterizedThreadStart(new DReportingThread(ReportingThread)));
t.Start(STaskResult);
return(RESTStatus.Success);
}
public RESTStatus GetPackageSigned(SQLLib sql, object dummy, NetworkConnectionInfo ni, Int64 id)
{
if (ni.HasAcl(ACLFlags.ComputerLogin) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
lock (ni.sqllock)
{
if (PackageExists(sql, id) == false)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidID;
return(RESTStatus.NotFound);
}
}
PackageData pp = null;
lock (ni.sqllock)
{
SqlDataReader dr = sql.ExecSQLReader("Select * FROM Packages WHERE ID=@id",
new SQLParam("@id", id));
dr.Read();
pp = new PackageData();
sql.LoadIntoClass(dr, pp);
dr.Close();
}
PackageDataSigned = new PackageDataSigned();
PackageDataSigned.Package = pp;
if (Certificates.Sign(PackageDataSigned, SettingsManager.Settings.UseCertificate) == false)
{
FoxEventLog.WriteEventLog("Cannot sign package element with Certificate " + SettingsManager.Settings.UseCertificate, System.Diagnostics.EventLogEntryType.Warning);
ni.Error = "Cannot sign package element with Certificate " + SettingsManager.Settings.UseCertificate;
ni.ErrorID = ErrorFlags.CannotSign;
return(RESTStatus.ServerError);
}
return(RESTStatus.Success);
}
public RESTStatus PutTaskAside(SQLLib sql, NetInt64 id, NetworkConnectionInfo ni)
{
if (ni.HasAcl(ACLFlags.ComputerLogin) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
if (STaskExsits(sql, id.Data, ni.Username) == false)
{
ni.Error = "Invalid ID";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
object res = sql.ExecSQLScalar(@"DECLARE @tabl table(ID bigint);
insert into SimpleTasks (MachineID,Type,Name,Data) OUTPUT Inserted.ID INTO @tabl
Select MachineID,Type,Name,Data from SimpleTasks WHERE ID=@id
DELETE FROM SimpleTasks where ID=@id
SELECT * FROM @tabl",
new SQLParam("@id", id.Data));
if (res == null || res is DBNull)
{
ni.Error = "SQL error";
ni.ErrorID = ErrorFlags.SQLError;
return(RESTStatus.NotFound);
}
NewTaskID = new NetInt64();
try
{
NewTaskID.Data = Convert.ToInt64(res);
}
catch
{
ni.Error = "other SQL error";
ni.ErrorID = ErrorFlags.SQLError;
return(RESTStatus.NotFound);
}
return(RESTStatus.Success);
}
public RESTStatus GetPolicyObjectSigned(SQLLib sql, object dummy, NetworkConnectionInfo ni, Int64 id)
{
if (ni.HasAcl(ACLFlags.ComputerLogin) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
lock (ni.sqllock)
{
if (Policies.PolicyExsits(sql, id) == false)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
}
lock (ni.sqllock)
{
SqlDataReader dr = sql.ExecSQLReader("select * from Policies where ID=@id", new SQLParam("@id", id));
while (dr.Read())
{
PolicyObj = LoadPolicyDB(dr, true, true);
}
dr.Close();
}
PolicyObjectSigned objs = new PolicyObjectSigned();
objs.Policy = PolicyObj;
if (Certificates.Sign(objs, SettingsManager.Settings.UseCertificate) == false)
{
FoxEventLog.WriteEventLog("Cannot sign policy with Certificate " + SettingsManager.Settings.UseCertificate, System.Diagnostics.EventLogEntryType.Warning);
ni.Error = "Cannot sign policy with Certificate " + SettingsManager.Settings.UseCertificate;
ni.ErrorID = ErrorFlags.CannotSign;
return(RESTStatus.ServerError);
}
PolicyObjSigned = objs;
return(RESTStatus.Success);
}
public RESTStatus GetInstalledCertificates(SQLLib sql, object dummy, NetworkConnectionInfo ni)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
CertificateList = new NetStringList();
CertificateList.Items = Certificates.GetCertificates(StoreLocation.LocalMachine);
if (CertificateList.Items == null)
{
ni.Error = "Cannot get list";
ni.ErrorID = ErrorFlags.SystemError;
return(RESTStatus.ServerError);
}
return(RESTStatus.Success);
}
public RESTStatus ListSTasks(SQLLib sql, object dummy, NetworkConnectionInfo ni, string id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
lock (ni.sqllock)
{
SqlDataReader dr;
if (string.IsNullOrWhiteSpace(id) == false)
{
if (Computers.MachineExists(sql, id) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
dr = sql.ExecSQLReader("select SimpleTasks.*,ComputerName from SimpleTasks inner join ComputerAccounts on ComputerAccounts.MachineID=SimpleTasks.MachineID where SimpleTasks.MachineID=@m order by MachineID,Name",
new SQLParam("@m", id));
}
else
{
dr = sql.ExecSQLReader("select SimpleTasks.*,ComputerName from SimpleTasks inner join ComputerAccounts on ComputerAccounts.MachineID=SimpleTasks.MachineID order by MachineID,Name");
}
SimpleList = new SimpleTaskLiteList();
SimpleList.List = new List <SimpleTaskLite>();
while (dr.Read())
{
SimpleTaskLite d = new SimpleTaskLite();
sql.LoadIntoClass(dr, d);
SimpleList.List.Add(d);
}
dr.Close();
}
return(RESTStatus.Success);
}
public RESTStatus ListDiskData(SQLLib sql, object dummy, NetworkConnectionInfo ni, string id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
lock (ni.sqllock)
{
SqlDataReader dr;
if (string.IsNullOrWhiteSpace(id) == false)
{
if (Computers.MachineExists(sql, id) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
dr = sql.ExecSQLReader("select DiskData.*,ComputerName from DiskData inner join ComputerAccounts on ComputerAccounts.MachineID=DiskData.MachineID where diskData.MachineID=@m order by MachineID,Caption",
new SQLParam("@m", id));
}
else
{
dr = sql.ExecSQLReader("select DiskData.*,ComputerName from DiskData inner join ComputerAccounts on ComputerAccounts.MachineID=DiskData.MachineID order by MachineID,Caption");
}
LstDiskData = new ListDiskDataReport();
LstDiskData.Items = new List <DiskDataReport>();
while (dr.Read())
{
DiskDataReport d = new DiskDataReport();
sql.LoadIntoClass(dr, d);
LstDiskData.Items.Add(d);
}
dr.Close();
}
return(RESTStatus.Success);
}
public RESTStatus DeletePackage(SQLLib sql, object dummy, NetworkConnectionInfo ni, Int64 id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
lock (ni.sqllock)
{
if (PackageExists(sql, id) == false)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidID;
return(RESTStatus.NotFound);
}
}
string Filename = null;
string MetaFilename = null;
lock (ni.sqllock)
{
Filename = Convert.ToString(sql.ExecSQLScalar("SELECT Filename FROM Packages WHERE ID=@id",
new SQLParam("@id", id)));
}
lock (ni.sqllock)
{
MetaFilename = Convert.ToString(sql.ExecSQLScalar("SELECT MetaFilename FROM Packages WHERE ID=@id",
new SQLParam("@id", id)));
}
CommonUtilities.SpecialDeleteFile(Settings.Default.DataPath + Filename);
CommonUtilities.SpecialDeleteFile(Settings.Default.DataPath + MetaFilename);
lock (ni.sqllock)
{
sql.ExecSQL("DELETE FROM Packages WHERE ID=@id", new SQLParam("@id", id));
}
return(RESTStatus.Success);
}
public RESTStatus GetSTaskSigned(SQLLib sql, object dummy, NetworkConnectionInfo ni)
{
if (ni.HasAcl(ACLFlags.ComputerLogin) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
SimpleTask SimpleTask;
lock (ni.sqllock)
{
SqlDataReader dr = sql.ExecSQLReader("select top 1 * from SimpleTasks WHERE MachineID=@id AND GETUTCDATE()>isnull(execafter,'2010-01-01') ORDER BY ID asc",
new SQLParam("@id", ni.Username));
if (dr.HasRows == false)
{
dr.Close();
return(RESTStatus.NoContent);
}
SimpleTask = new SimpleTask();
while (dr.Read())
{
sql.LoadIntoClass(dr, SimpleTask);
}
dr.Close();
}
STaskDataSigned = new SimpleTaskDataSigned();
STaskDataSigned.STask = SimpleTask;
if (Certificates.Sign(STaskDataSigned, SettingsManager.Settings.UseCertificate) == false)
{
FoxEventLog.WriteEventLog("Cannot sign STask Data with Certificate " + SettingsManager.Settings.UseCertificate, System.Diagnostics.EventLogEntryType.Warning);
ni.Error = "Cannot sign STask Data with Certificate " + SettingsManager.Settings.UseCertificate;
ni.ErrorID = ErrorFlags.CannotSign;
return(RESTStatus.ServerError);
}
return(RESTStatus.Success);
}
public RESTStatus ApproveComputer(SQLLib sql, ApproveComputer state, NetworkConnectionInfo ni, string id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
lock (ni.sqllock)
{
if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM ComputerAccounts WHERE MachineID=@m", new SQLParam("@m", id))) == 0)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
}
lock (ni.sqllock)
{
if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM Grouping WHERE ID=@id", new SQLParam("@id", state.Group))) == 0)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.Fail);
}
}
lock (ni.sqllock)
{
sql.ExecSQL("UPDATE ComputerAccounts SET Accepted=@a,Grouping=@g WHERE MachineID=@m",
new SQLParam("@m", id),
new SQLParam("@g", state.Group),
new SQLParam("@a", state.State == true ? 1 : 0));
}
return(RESTStatus.NoContent);
}
public RESTStatus DeleteSTask(SQLLib sql, object dummy, NetworkConnectionInfo ni, Int64 id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
lock (ni.sqllock)
{
if (STaskExsits(sql, id) == false)
{
ni.Error = "Invalid ID";
ni.ErrorID = ErrorFlags.InvalidData;
return(RESTStatus.NotFound);
}
sql.ExecSQL("DELETE FROM SimpleTasks WHERE ID=@id", new SQLParam("@id", id));
}
return(RESTStatus.Success);
}
public RESTStatus GetEventLogSources(SQLLib sql, object dummy, NetworkConnectionInfo ni)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
EventLogSources = new NetStringList();
EventLogSources.Items = new List <string>();
lock (EventSourcesLock)
{
if (EventSourcesCacheDT.AddHours(1) < DateTime.UtcNow)
{
EventSourcesCache.Clear();
lock (ni.sqllock)
{
SqlDataReader dr = sql.ExecSQLReader("select distinct Source from EventLog order by Source");
while (dr.Read())
{
EventSourcesCache.Add(Convert.ToString(dr["Source"]));
}
dr.Close();
}
EventSourcesCacheDT = DateTime.UtcNow;
}
}
lock (EventSourcesLock)
{
EventLogSources.Items = EventSourcesCache;
}
return(RESTStatus.Success);
}
public RESTStatus GetPackage(SQLLib sql, HttpListenerRequest request, HttpListenerResponse response, object dummy, NetworkConnectionInfo ni, Int64 id)
{
if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false && ni.HasAcl(ACLFlags.ComputerLogin) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
response.AddHeader("Content-Type", "text/plain; charset=UTF-8");
response.StatusCode = 403;
response.StatusDescription = "Forbidden";
byte[] data = Encoding.UTF8.GetBytes("403 - Forbidden.");
response.ContentLength64 = data.LongLength;
Stream output = response.OutputStream;
output.Write(data, 0, data.Length);
return(RESTStatus.Denied);
}
lock (ni.sqllock)
{
if (PackageExists(sql, id) == false)
{
ni.Error = "Invalid data";
ni.ErrorID = ErrorFlags.InvalidID;
response.AddHeader("Content-Type", "text/plain; charset=UTF-8");
response.StatusCode = 404;
response.StatusDescription = "Not found";
byte[] data = Encoding.UTF8.GetBytes("404 - Not found.");
response.ContentLength64 = data.LongLength;
Stream output = response.OutputStream;
output.Write(data, 0, data.Length);
return(RESTStatus.NotFound);
}
}
string Filename = null;
lock (ni.sqllock)
{
Filename = Convert.ToString(sql.ExecSQLScalar("SELECT Filename FROM Packages WHERE ID=@id",
new SQLParam("@id", id)));
}
if (File.Exists(Settings.Default.DataPath + Filename) == false)
{
ni.Error = "Cannot find local file";
ni.ErrorID = ErrorFlags.FileSystemError;
response.AddHeader("Content-Type", "text/plain; charset=UTF-8");
response.StatusCode = 500;
response.StatusDescription = "Server Error";
byte[] data = Encoding.UTF8.GetBytes("500 - Server Error.");
response.ContentLength64 = data.LongLength;
Stream output = response.OutputStream;
output.Write(data, 0, data.Length);
return(RESTStatus.ServerError);
}
Downloader.ReadFileChunked(Settings.Default.DataPath + Filename, request, response);
return(RESTStatus.Success);
}
public RESTStatus ReportBitlockerRK(SQLLib sql, BitlockerRKList BitLockerRK, NetworkConnectionInfo ni)
{
if (ni.HasAcl(ACLFlags.ComputerLogin) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
BitLockerRK.MachineID = ni.Username;
lock (ni.sqllock)
{
if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM ComputerAccounts WHERE MachineID=@m",
new SQLParam("@m", BitLockerRK.MachineID))) == 0)
{
ni.Error = "Invalid MachineID";
ni.ErrorID = ErrorFlags.InvalidValue;
return(RESTStatus.Denied);
}
}
if (BitLockerRK.List == null)
{
BitLockerRK.List = new List <BitlockerRK>();
}
if (BitLockerRK.List.Count == 0)
{
return(RESTStatus.Success);
}
List <string> DiskIDs = new List <string>();
SqlDataReader dr = sql.ExecSQLReader("SELECT DeviceID FROM BitlockerRK WHERE MachineID=@m",
new SQLParam("@m", BitLockerRK.MachineID));
while (dr.Read())
{
DiskIDs.Add(Convert.ToString(dr["DeviceID"]).ToLower());
}
dr.Close();
foreach (BitlockerRK disk in BitLockerRK.List)
{
if (disk.Keys == null)
{
continue;
}
if (disk.Keys.Count == 0)
{
continue;
}
disk.Reported = DateTime.UtcNow;
if (disk.DeviceID == null)
{
continue;
}
string RKs = JsonConvert.SerializeObject(disk.Keys);
if (DiskIDs.Contains(disk.DeviceID.ToLower()) == true)
{
lock (ni.sqllock)
{
sql.ExecSQL("DELETE FROM BitLockerRK WHERE MachineID=@m AND DeviceID=@d",
new SQLParam("@m", BitLockerRK.MachineID),
new SQLParam("@d", disk.DeviceID));
}
}
lock (ni.sqllock)
{
sql.InsertMultiData("BitLockerRK",
new SQLData("MachineID", BitLockerRK.MachineID),
new SQLData("DeviceID", disk.DeviceID),
new SQLData("DriveLetter", disk.DriveLetter == null ? "" : disk.DriveLetter),
new SQLData("Keys", RKs),
new SQLData("Reported", DateTime.UtcNow));
}
}
return(RESTStatus.Success);
}
public RESTStatus ReportEventLog(SQLLib sql, ListEventLogReport EventLogList, NetworkConnectionInfo ni)
{
if (ni.HasAcl(ACLFlags.ComputerLogin) == false)
{
ni.Error = "Access denied";
ni.ErrorID = ErrorFlags.AccessDenied;
return(RESTStatus.Denied);
}
EventLogList.MachineID = ni.Username;
lock (ni.sqllock)
{
if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM ComputerAccounts WHERE MachineID=@m",
new SQLParam("@m", EventLogList.MachineID))) == 0)
{
ni.Error = "Invalid MachineID";
ni.ErrorID = ErrorFlags.InvalidValue;
return(RESTStatus.Denied);
}
}
if (EventLogList.Items == null)
{
ni.Error = "Invalid Items";
ni.ErrorID = ErrorFlags.InvalidValue;
return(RESTStatus.Fail);
}
if (EventLogList.Items.Count == 0)
{
return(RESTStatus.Created);
}
DateTime DT = DateTime.Now;
foreach (EventLogReport ar in EventLogList.Items)
{
if (NullTest.Test(ar) == false)
{
ni.Error = "Invalid Items";
ni.ErrorID = ErrorFlags.InvalidValue;
return(RESTStatus.Fail);
}
CommonUtilities.CalcEventLogID(ar);
}
List <SQLParam> sqlparams = new List <SQLParam>();
sqlparams.Add(new SQLParam("@id", EventLogList.MachineID));
int count = 1;
string vars = "";
foreach (EventLogReport ar in EventLogList.Items)
{
sqlparams.Add(new SQLParam("@p" + count.ToString(), ar.LogID));
vars += "@p" + count.ToString() + ",";
count++;
}
if (vars.EndsWith(",") == true)
{
vars = vars.Substring(0, vars.Length - 1);
}
List <string> LogIDinDB = new List <string>();
lock (ni.sqllock)
{
SqlDataReader dr = sql.ExecSQLReader("SELECT LogID FROM EventLog WHERE MachineID=@id and LogID in (" + vars + ")", sqlparams.ToArray());
while (dr.Read())
{
LogIDinDB.Add(Convert.ToString(dr["LogID"]));
}
dr.Close();
}
List <EventLogReport> RemoveEVL = new List <EventLogReport>();
foreach (EventLogReport ar in EventLogList.Items)
{
if (LogIDinDB.Contains(ar.LogID) == true)
{
RemoveEVL.Add(ar);
continue;
}
if (SettingsManager.Settings.KeepEventLogDays > 0)
{
if (ar.TimeGenerated < DateTime.UtcNow.AddDays(0 - SettingsManager.Settings.KeepEventLogDays))
{
RemoveEVL.Add(ar);
continue;
}
}
}
foreach (EventLogReport ar in RemoveEVL)
{
EventLogList.Items.Remove(ar);
}
List <EventLogReportFull> car = new List <EventLogReportFull>();
lock (ni.sqllock)
{
try
{
sql.BeginTransaction();
sql.SEHError = true;
foreach (EventLogReport ar in EventLogList.Items)
{
EventLogReportFull arr = new EventLogReportFull();
ClassCopy.CopyClassData(ar, arr);
arr.Reported = DateTime.UtcNow;
arr.MachineID = EventLogList.MachineID;
List <SQLData> d = sql.InsertFromClassPrep(arr);
foreach (SQLData dd in d)
{
if (dd.Column == "ID")
{
dd.Data = DBNull.Value;
break;
}
}
car.Add(arr);
sql.InsertFromClass("EventLog", arr);
}
sql.CommitTransaction();
}
catch (Exception ee)
{
sql.RollBackTransaction();
FoxEventLog.WriteEventLog("DB Error: Cannot insert data to EventLog: " + ee.ToString() + "\r\n\r\nJSON: " +
JsonConvert.SerializeObject(car, Formatting.Indented), System.Diagnostics.EventLogEntryType.Error);
return(RESTStatus.ServerError);
}
finally
{
sql.SEHError = false;
}
}
Thread t = new Thread(new ParameterizedThreadStart(new DReportingThread(ReportingThread)));
t.Start(car);
return(RESTStatus.Created);
}