/// <summary> /// Private method to merge in the model /// </summary> /// <returns></returns> private AuditVM GetUpdatedModel() { AuditVM model = new AuditVM(); RepopulateListsFromCacheSession(model); model.Message = ""; if (SessionManager.CurrentAudit != null) { model.AuditItem = SessionManager.CurrentAudit; } //***************************************NEED WHITE LIST ---- BLACK LIST ------ TO PREVENT OVERPOSTING ************************** bool result = TryUpdateModel(model);//This also validates and sets ModelState //******************************************************************************************************************************* if (SessionManager.CurrentAudit != null) { //*****************************************PREVENT OVER POSTING ATTACKS****************************************************** //Get the values for read only fields from session MergeNewValuesWithOriginal(model.AuditItem); //*************************************************************************************************************************** } SetAccessContext(model); return(model); }
private void RepopulateListsFromCacheSession(AuditVM model) { // Populate cached lists if they are empty. Will invoke service call AuditLookupListsCacheObject CachedLists = CacheManager.AuditListCache; // Retrieve any cached lists to model }
public static void Log(int AuditingLevel, string UserName = "******") { //Stores the Request in an Accessible object var request = HttpContext.Current.Request; //Generate the appropriate key based on the user's Authentication Cookie //This is overkill as you should be able to use the Authorization Key from //Forms Authentication to handle this. HttpSessionState sessionValue = HttpContext.Current.Session; string sessionIdentifier = string.Join("", MD5.Create().ComputeHash(Encoding.ASCII.GetBytes(sessionValue.SessionID.ToString())).Select(s => s.ToString("x2"))); //string sessionIdentifier = string.Join("", MD5.Create().ComputeHash(Encoding.ASCII.GetBytes(request.Cookies[FormsAuthentication.FormsCookieName].Value)).Select(s => s.ToString("x2"))); //Generate an audit AuditVM audit = new AuditVM() { SessionID = sessionIdentifier, IPAddress = RequestHelpers.GetClientIpAddress(request), URLAccessed = request.RawUrl, TimeAccessed = DateTime.Now, UserName = (request.IsAuthenticated) ? HttpContext.Current.User.Identity.Name : UserName, //HttpContext.Current.Controller.GetType().Name, //HttpContext.Current.ActionDescriptor.ActionName, //HttpContext.Current.ActionDescriptor.GetParameters(), Data = RequestHelpers.SerializeRequest(request, AuditingLevel) }; AuditProvider.Add(audit); }
public static void UpdateAudit(this Audit item, AuditVM itemVM) { item.Data = itemVM.Data; item.IPAddress = itemVM.IPAddress; item.SessionID = itemVM.SessionID; item.TimeAccessed = itemVM.TimeAccessed; item.URLAccessed = itemVM.URLAccessed; item.UserName = itemVM.UserName; }
public static void Update(AuditVM item) { Audit dbItem = RepositoryBase <Audit> .GetSingleById(item.Id); dbItem.UpdateAudit(item); RepositoryBase <Audit> .Update(dbItem); RepositoryBase <Company> .SaveChanges(); }
public static Audit Add(AuditVM item) { Audit dbItem = new Audit(); dbItem.UpdateAudit(item); Audit model = RepositoryBase <Audit> .Add(dbItem); RepositoryBase <Company> .SaveChanges(); return(dbItem); }
private AuditVM ConvertAuditDC(AuditVMDC returnedObject) { AuditVM model = new AuditVM(); // Map Audit Item model.AuditItem = Mapper.Map <AuditDC, AuditModel>(returnedObject.AuditItem); // Map lookup data lists return(model); }
private void SetFlagsFalse(AuditVM model) { model.IsDeleteConfirmed = "False"; model.IsExitConfirmed = "False"; model.IsNewConfirmed = "False"; //Stop the binder resetting the posted values ModelState.Remove("IsDeleteConfirmed"); ModelState.Remove("IsExitConfirmed"); ModelState.Remove("IsNewConfirmed"); }
public ActionResult Edit() { // Retrieve ID from session string code = SessionManager.AuditCode; AuditVM model = new AuditVM(); // Not from staff or error if (String.IsNullOrEmpty(code)) { //If session has lists then use them RepopulateListsFromCacheSession(model); //Assume we are in create mode as no code passed model.AuditItem = new AuditModel(); } //if we have been passed a code then assume we are in edit situation and we need to retrieve from the database. else { // Create service instance AdminServiceClient sc = new AdminServiceClient(); try { // Call service to get Audit item and any associated lookups AuditVMDC returnedObject = sc.GetAudit(CurrentUser, CurrentUser, appID, "", code); // Close service communication sc.Close(); //Get view model from service model = ConvertAuditDC(returnedObject); ResolveFieldCodesToFieldNamesUsingLists(model); //Store the service version SessionManager.AuditServiceVersion = model.AuditItem; } catch (Exception e) { // Handle the exception string message = ExceptionManager.HandleException(e, sc); model.Message = message; return(View(model)); } } //Adds current retrieved Audit to session SessionManager.CurrentAudit = model.AuditItem; SetAccessContext(model); return(View(model)); }
private void DetermineIsDirty(AuditVM model) { //Compare the Audit to the original session if (model.AuditItem.PublicInstancePropertiesEqual(SessionManager.AuditServiceVersion, "RowIdentifier")) { model.IsViewDirty = false; } else { model.IsViewDirty = true; } }
private void SetAccessContext(AuditVM model) { //Decide on access context if (null == model.AuditItem || model.AuditItem.Code == Guid.Empty) { // Create context model.AccessContext = AuditAccessContext.Create; } else { // Edit context model.AccessContext = AuditAccessContext.Edit; } }
private void ResolveFieldCodesToFieldNamesUsingLists(AuditVM model) { //TODO: }