public async Task <IActionResult> ManageConfig()
{
Config config = await _appDb.GetConfigAsync();
ManageConfig manageConfig = await _appDb.GetManageConfigAsync();
List <ManageCompany> manageCompanies = await _appDb.GetManageCompaniesAsync();
List <ManageBoard> manageBoards = ManageAccess.GetBoards(config);
manageConfig.ManageBoard = ManageAccess.GetBoard(config, manageConfig.BoardId);
manageConfig.ManageBoards = manageBoards;
manageConfig.ManageBoardTypes = ManageAccess.GetBoardTypes(config, manageConfig.BoardId);
manageConfig.ManageBoardType = ManageAccess.GetBoardType(config, manageConfig.BoardId, manageConfig.TypeId);
manageConfig.ManageBoardSubTypes = ManageAccess.GetBoardSubTypes(config, manageConfig.BoardId);
manageConfig.ManageBoardSubType = ManageAccess.GetBoardSubType(config, manageConfig.BoardId, manageConfig.SubTypeId);
manageConfig.ManageBoardItems = ManageAccess.GetBoardItems(config, manageConfig.BoardId);
manageConfig.ManageBoardItem = ManageAccess.GetBoardItem(config, manageConfig.BoardId, manageConfig.ItemId);
manageConfig.ManageBoardPriorities = ManageAccess.GetBoardPriorities(config);
manageConfig.ManageBoardPriority = ManageAccess.GetBoardPriority(config, manageConfig.PriorityId);
manageConfig.ManageBoardStatuses = ManageAccess.GetBoardStatuses(config, manageConfig.BoardId);
manageConfig.ManageBoardStatus = ManageAccess.GetBoardStatus(config, manageConfig.BoardId, manageConfig.StatusId);
return(View(manageConfig));
}
protected override async Task ExecuteAsync(CancellationToken stoppingToken)
{
while (!stoppingToken.IsCancellationRequested)
{
Config config = await _appDb.GetConfigAsync();
if (string.IsNullOrEmpty(config.ThreatlockerAuth) || string.IsNullOrEmpty(config.ManagePubKey))
{
return;
}
ManageConfig manageConfig = await _appDb.GetManageConfigAsync();
ManageTicket manageTicket = new ManageTicket();
manageTicket.Company = new ManageCompany()
{
Name = "", Id = 0
};
List <ThreatLockerOrganization> threatLockerOrganizations = await _appDb.GetThreatLockerOrganizationsAsync();
_logger.LogInformation($"Checking for requests.");
List <ThreatLockerRequest> threatLockerRequests = ThreatLockerAccess.GetRequests(config);
if (threatLockerRequests != null)
{
_logger.LogInformation($"{threatLockerRequests.Count} requests found.");
foreach (var request in threatLockerRequests)
{
_logger.LogInformation($"Matching Companies");
foreach (var org in threatLockerOrganizations)
{
if (org.OrganizationId == request.OrganizationId)
{
manageTicket.Company = new ManageCompany {
Id = org.ManageCompanyId
};
_logger.LogInformation($"{manageTicket.Company.Name} matched {org.Name}");
}
}
if (manageTicket.Company.Id <= 0)
{
var defaultThreatLockerOrganization = await _appDb.GetDefaultThreatLockerOrganization();
manageTicket.Company.Id = defaultThreatLockerOrganization.ManageCompanyId;
}
var threatLockerAction = ThreatLockerAccess.ProcessJson(request);
string approvalLink = config.ThreatLockerUrl;
if (threatLockerAction.ActionType == "execute")
{
approvalLink += "/applicationcontrolapproval.aspx?popup=true&approvalrequestid=" + request.ApprovalRequestId;
}
else
{
approvalLink += "/storagecontrolapproval.aspx?popup=true&approvalrequestid=" + request.ApprovalRequestId;
}
threatLockerAction.ApprovalLink = approvalLink;
StringBuilder initialDescription = new StringBuilder($"{threatLockerAction.Username} has requested access to {threatLockerAction.FullPath}\n");
initialDescription.Append($"Organization: {request.OrganizationName}\n");
initialDescription.Append($"Hostname: {threatLockerAction.Username.Split('\\')[0]}\n");
initialDescription.Append($"Hash: {threatLockerAction.Hash}");
foreach (var cert in threatLockerAction.Certs)
{
initialDescription.Append($"Cert: {cert.Subject} SHA: {cert.Sha}\n");
}
StringBuilder initialInternalAnalysis = new StringBuilder($"{approvalLink}");
manageTicket.Summary = manageConfig.TicketSummary;
manageTicket.InitialDescription = initialDescription.ToString();
manageTicket.InitialInternalAnalysis = initialInternalAnalysis.ToString();
manageTicket.Board = new ManageBoard {
Id = manageConfig.BoardId
};
manageTicket.Type = new ManageBoardType {
BoardTypeId = manageConfig.TypeId
};
manageTicket.SubType = new ManageBoardSubType {
BoardSubTypeId = manageConfig.SubTypeId
};
manageTicket.Item = new ManageBoardItem {
BoardItemId = manageConfig.ItemId
};
manageTicket.Priority = new ManageBoardPriority {
BoardPriorityId = manageConfig.PriorityId
};
manageTicket.Status = new ManageBoardStatus {
BoardStatusId = manageConfig.StatusId
};
ManageAccess.PostTicket(config, manageTicket);
config.LastSuccessRequestSent = DateTime.UtcNow;
await _appDb.UpdateLastSuccessSent(config);
_logger.LogInformation($"Ticket Created");
}
}
await Task.Delay(config.RequestCheckDelay * 1000, stoppingToken);
}
}