/// <summary>
/// Retrieves Assessment object by AssessmentID
/// </summary>
/// <param name="assessmentID">AssessmentID - integer</param>
/// <param name="loadType">enum that specifies which child object to populate in the data object</param>
/// <returns>Assessment object</returns>
public Assessment GetAssessment(int assessmentID, AssessmentLoadType loadType = AssessmentLoadType.All)
{
var assessment = new Assessment();
try
{
assessment = context.Assessments.Fill(loadType)
.Where(o => o.AssessmentID == assessmentID)
.FirstOrDefault();
// Sort all the child objects according to the corresponding "order" fields in the child objects
if (loadType == AssessmentLoadType.All)
{
foreach (var c in assessment.CategoryDatas)
{
foreach (var s in c.SectionDatas)
{
foreach (var g in s.GroupDatas)
{
g.QuestionDatas = g.QuestionDatas.OrderBy(o => o.QuestionOrder).ToList();
}
s.GroupDatas = s.GroupDatas.OrderBy(o => o.GroupOrder).ToList();
}
c.SectionDatas = c.SectionDatas.OrderBy(o => o.SectionOrder).ToList();
}
assessment.CategoryDatas = assessment.CategoryDatas.OrderBy(o => o.CategoryOrder).ToList();
}
}
catch (Exception ex)
{
throw new ApplicationException("Error: OwaspSAMMRepository.GetAssessment", ex);
}
return(assessment);
}
/// <summary>
/// GetAssessmentsNotOwned - returns a list of assessments meeting the specified criteria. If no arguments are supplied, returns all
/// assessments in the database. If an identity is passed as an argument, then only the assessments not owned by the identity are
/// returned.
/// </summary>
/// <param name="uid">Optional Integer - Identity to use when retrieving assessments</param>
/// <returns>Returns a List of Assessment objects</returns>
public List <Assessment> GetAssessmentsNotOwned(int uid = 0, AssessmentLoadType alt = AssessmentLoadType.TableOnly)
{
var results = new List <Assessment>();
try
{
if (uid == 0)
{
// Return all assessments
results = context.Assessments.Fill(alt)
.OrderBy(o => o.ApplicationName)
.ToList();
}
else
{
// Filter Assessments by user ID
results = context.Assessments.Fill(alt)
.Where(o => o.OwnerID != uid)
.OrderBy(o => o.ApplicationName)
.ToList();
}
}
catch (Exception ex)
{
throw new ApplicationException("Error: OwaspSAMMRepository.GetAssessmentsNotOwned", ex);
}
return(results);
}
/// <summary>
/// GetAssessments - returns a list of assessments meeting the specified criteria. If no arguments are supplied, returns all
/// assessments in the database. If an identity is passed as an argument, then only the assessments owned by the identity are
/// returned.
/// </summary>
/// <param name="uid">Optional Integer - Identity to use when retrieving assessments. Default to 0.</param>
/// <param name="alt">Optional AssessmentLoadType - used to limit the size of the child data retrieved. Defaults to TableOnly.</param>
/// <returns>Returns a List of Assessment objects</returns>
public List <Assessment> GetAssessments(int uid = 0, AssessmentLoadType alt = AssessmentLoadType.TableOnly)
{
// Recycle context to ensure we get updates made in other contexts
context.Dispose();
context = new OwaspSAMMContext();
var results = new List <Assessment>();
try
{
if (uid == 0)
{
// Return all assessments
results = context.Assessments.Fill(alt)
.OrderBy(o => o.ApplicationName)
.ToList();
}
else
{
// Filter Assessments by user ID
results = context.Assessments.Fill(alt)
.Where(o => o.OwnerID == uid)
.OrderBy(o => o.ApplicationName)
.ToList();
}
}
catch (Exception ex)
{
throw new ApplicationException("Error: OwaspSAMMRepository.GetAssessments", ex);
}
return(results);
}
/// <summary>
/// GetAssessments - Overload gets assessments for a specific business unit
/// </summary>
/// <param name="BusinessUnit">string</param>
/// <returns>Returns a list of Assessments for the Business Unit param</returns>
public List <Assessment> GetAssessments(string BusinessUnit, AssessmentLoadType alt = AssessmentLoadType.TableOnly)
{
var results = new List <Assessment>();
try
{
results = context.Assessments.Fill(alt)
.Where(o => o.BusinessUnit == BusinessUnit && o.Finalized == true)
.OrderBy(o => o.ApplicationName)
.ToList();
}
catch (Exception ex)
{
throw new ApplicationException("Error: OwaspSAMMRepository.GetAssessments<string BusinessUnit>", ex);
}
return(results);
}
/// <summary>
/// GetAssessments - Overload gets assessments for a list of identities
/// </summary>
/// <param name="idList">List<Int> of identities</param>
/// <returns>Returns a list of Assessments owned by the list of Identities</returns>
public List <Assessment> GetAssessments(List <int> idList, AssessmentLoadType alt = AssessmentLoadType.TableOnly)
{
var results = new List <Assessment>();
try
{
results = context.Assessments.Fill(alt)
.Where(o => idList.Contains(o.OwnerID))
.OrderBy(o => o.ApplicationName)
.ToList();
}
catch (Exception ex)
{
throw new ApplicationException("Error: OwaspSAMMRepository.GetAssessments<List<Int>>", ex);
}
return(results);
}
/// <summary>
/// Load - extention method simplifies the Repository code by defining an extention method that can be used in loading
/// the data object.
/// </summary>
/// <param name="query"></param>
/// <returns></returns>
public static IQueryable <Assessment> Fill(this IQueryable <Assessment> query, AssessmentLoadType la = AssessmentLoadType.All)
{
switch (la)
{
case AssessmentLoadType.All:
return(query.Include(x => x.UserData)
.Include(x => x.UserData1)
.Include(x => x.UserData2)
.Include(a => a.CategoryDatas.Select(b => b.Category))
.Include(a => a.CategoryDatas.Select(b => b.SectionDatas.Select(c => c.Section)))
.Include(a => a.CategoryDatas.Select(b => b.SectionDatas.Select(c => c.GroupDatas.Select(d => d.Group))))
.Include(a => a.CategoryDatas.Select(b => b.SectionDatas.Select(c => c.GroupDatas.Select(d => d.QuestionDatas.Select(e => e.Question)))))
.Include(a => a.Industry));
// Less data is needed for the Scorecard so don't load all the data
case AssessmentLoadType.Scorecard:
return(query.Include(x => x.UserData)
.Include(x => x.UserData1)
.Include(x => x.UserData2)
.Include(a => a.CategoryDatas.Select(b => b.Category))
.Include(a => a.CategoryDatas.Select(b => b.SectionDatas.Select(c => c.Section)))
.Include(a => a.Industry.IndustryTargets));
case AssessmentLoadType.TableOnly:
return(query.Include(x => x.UserData1));
case AssessmentLoadType.Detail:
return(query.Include(x => x.UserData)
.Include(x => x.UserData1)
.Include(x => x.UserData2)
.Include(a => a.Industry.IndustryTargets));
default:
return(query.Include(x => x.UserData)
.Include(x => x.UserData1)
.Include(x => x.UserData2)
.Include(a => a.CategoryDatas.Select(b => b.SectionDatas.Select(c => c.Section)))
.Include(a => a.CategoryDatas.Select(b => b.SectionDatas.Select(c => c.GroupDatas.Select(d => d.Group))))
.Include(a => a.CategoryDatas.Select(b => b.SectionDatas.Select(c => c.GroupDatas.Select(d => d.QuestionDatas.Select(e => e.Question)))))
.Include(a => a.CategoryDatas.Select(b => b.Category))
.Include(a => a.Industry));
}
}
