public IActionResult GetTransactions([FromQuery] int start, [FromQuery] int length, [FromQuery(Name = "search[value]")] string search) { DataTableResp <TransactionResp> dataTableResp = _transactionBL.GetTransactions( HttpContext.GetUserName(), search, start, length); return(Ok(dataTableResp)); }
public virtual async Task <DataTableResp <StoreItem> > GetStoreItems() { List <StoreItem> storeItems = await _storeAPICalls.GetStoreItemsAsync(); DataTableResp <StoreItem> dataTableResp = new DataTableResp <StoreItem>( recordsTotal: storeItems.Count, recordsFiltered: storeItems.Count, data: storeItems); return(dataTableResp); }
public async Task <IActionResult> GetStoreItems() { DataTableResp <StoreItem> dataTableResp = await _adminStoreBL.GetStoreItems(); if (dataTableResp == null) { return(BadRequest()); } return(Ok(dataTableResp)); }
public override DataTableResp <TransactionResp> GetTransactions(string userName, string search, int start, int lenght) { CtfChallangeModel sqlInjectionChallange = _ctfOptions.CtfChallanges .Where(x => x.Type == CtfChallengeTypes.SqlInjection) .Single(); DataTableResp <TransactionResp> paginatedTransactions = base.GetTransactions(userName, search, start, lenght); if (paginatedTransactions == null) { paginatedTransactions = new DataTableResp <TransactionResp>(); } string validSearch = search; if (search == null || search.All(x => "%".Contains(x))) { validSearch = null; } List <TransactionResp> validTransactions = _transactionDAO.GetTransactionsCtfCheck(userName, validSearch); if (validTransactions.Count != paginatedTransactions.RecordsTotal) { _httpContextAccessor.HttpContext.Response.Headers.Add(sqlInjectionChallange.FlagKey, sqlInjectionChallange.Flag); } else { foreach (TransactionResp transaction in paginatedTransactions.Data) { if (!validTransactions.Any(x => x.IsEqual(transaction))) { _httpContextAccessor.HttpContext.Response.Headers.Add(sqlInjectionChallange.FlagKey, sqlInjectionChallange.Flag); break; } } } bool xss = paginatedTransactions.Data.Any(x => CtfConstants.XXS_KEYVORDS.Any(c => (x.SenderId?.Contains(c) ?? false) || (x.ReceiverId?.Contains(c) ?? false) || (x.Reason?.Contains(c) ?? false) || (x.Reference?.Contains(c) ?? false))); if (xss) { CtfChallangeModel xxsChallange = _ctfOptions.CtfChallanges .Where(x => x.Type == CtfChallengeTypes.Xss) .Single(); _httpContextAccessor.HttpContext.Response.Headers.Add(xxsChallange.FlagKey, xxsChallange.Flag); } return(base.GetTransactions(userName, search, start, lenght)); }
public override async Task <DataTableResp <StoreItem> > GetStoreItems() { DataTableResp <StoreItem> storeItems = await base.GetStoreItems(); bool xss = storeItems.Data.Any(x => CtfConstants.XXS_KEYVORDS.Any(c => (x.Name?.Contains(c) ?? false) || (x.Description?.Contains(c) ?? false))); if (xss) { CtfChallangeModel xxsChallange = _ctfOptions.CtfChallanges .Where(x => x.Type == CtfChallengeTypes.Xss) .Single(); _httpContextAccessor.HttpContext.Response.Headers.Add(xxsChallange.FlagKey, xxsChallange.Flag); } return(storeItems); }
public override DataTableResp <AdminUserInfoResp> GetUsers() { DataTableResp <AdminUserInfoResp> users = base.GetUsers(); bool xss = users.Data.Any(x => CtfConstants.XXS_KEYVORDS.Any(c => (x.Name?.Contains(c) ?? false) || (x.Surname?.Contains(c) ?? false) || (x.Username?.Contains(c) ?? false))); if (xss) { CtfChallangeModel xxsChallange = _ctfOptions.CtfChallanges .Where(x => x.Type == CtfChallengeTypes.Xss) .Single(); _httpContextAccessor.HttpContext.Response.Headers.Add(xxsChallange.FlagKey, xxsChallange.Flag); } return(users); }
public override DataTableResp <TransactionResp> GetTransactions() { DataTableResp <TransactionResp> transactions = base.GetTransactions(); bool xss = transactions.Data.Any(x => CtfConstants.XXS_KEYVORDS.Any(c => (x.SenderId?.Contains(c) ?? false) || (x.ReceiverId?.Contains(c) ?? false) || (x.Reason?.Contains(c) ?? false) || (x.Reference?.Contains(c) ?? false) || (x.SenderName?.Contains(c) ?? false) || (x.SenderSurname?.Contains(c) ?? false) || (x.ReceiverName?.Contains(c) ?? false) || (x.ReceiverSurname?.Contains(c) ?? false))); if (xss) { CtfChallangeModel xssChallange = _ctfOptions.CtfChallanges .Where(x => x.Type == CtfChallengeTypes.Xss) .Single(); _httpContextAccessor.HttpContext.Response.Headers.Add(xssChallange.FlagKey, xssChallange.Flag); } return(transactions); }
public IActionResult GetAllUsers() { DataTableResp <AdminUserInfoResp> users = _adminBL.GetUsers(); return(Ok(users)); }
public IActionResult Transactions() { DataTableResp <TransactionResp> transactions = _adminBL.GetTransactions(); return(Ok(transactions)); }