public List <PublishedMessageContract> GetPublishedMessages() { try { var result = new List <PublishedMessageContract>(); var messages = _publishedMessageService.Get(filter: x => (int)x.MessageStatus != 8); foreach (var message in messages) { result.Add(new PublishedMessageContract { Message = System.Text.Encoding.Default.GetString(message.Message), MessageID = message.MessageID, MessageLastUpdateTime = message.MessageLastUpdateTime, MessageStatus = (int)message.MessageStatus, MessageType = message.MessageType.Name, MessageValidFrom = message.MessageValidFrom, MessageValidTo = message.MessageValidTo, PublishTime = message.PublishTime }); } SetLastInteractionTime(); _context.SaveChanges(); return(result); } catch (Exception ex) { log.Error(ex.Message, ex); string msg = "VIS internal server error. " + ex.Message; throw CreateHttpResponseException(HttpStatusCode.InternalServerError, msg); } }
private GetVoyagePlanResponse GetPublishedVoyagePlans(Identity identity, List <KeyValuePair <string, string> > paramList, string uvid = null, int?routeStatusInt = null) { bool accessToAnyUVID = false; var result = new Models.GetVoyagePlanResponse(DateTime.UtcNow); result.VoyagePlans = new List <Models.VoyagePlan>(); List <PublishedRtzMessage> publishedVoyagePlans = null; //Get all published voyageplans based on parameter values if (uvid == null && routeStatusInt == null) { publishedVoyagePlans = _publishedMessageService.Get(x => (int)x.MessageStatus != 8). OrderByDescending(x => x.PublishTime).ToList(); } else if (uvid != null && routeStatusInt == null) { publishedVoyagePlans = _publishedMessageService.Get(x => x.MessageID == uvid && (int)x.MessageStatus != 8). OrderByDescending(x => x.PublishTime).ToList(); } else if (uvid == null && routeStatusInt != null) { publishedVoyagePlans = _publishedMessageService.Get(x => (int)x.MessageStatus != 8 && (int)x.MessageStatus == routeStatusInt). OrderByDescending(x => x.PublishTime).ToList(); } else { publishedVoyagePlans = _publishedMessageService.Get(x => x.MessageID == uvid && (int)x.MessageStatus == routeStatusInt). OrderByDescending(x => x.PublishTime).ToList(); } //Need to loop in order to distinguish the VP's with no access from the ones with access if (publishedVoyagePlans != null && publishedVoyagePlans.Count() > 0) { foreach (var publishedVoyagePlan in publishedVoyagePlans) { // Now look up if orgId is authorized to this voyageplan var aclObject = _aclObjectService.Get(x => x.Subscriber.ID == identity.ID && x.MessageID == publishedVoyagePlan.MessageID); if (aclObject == null || aclObject.Count() == 0) { //No access to this one, send notification to STM module var msg = "Authorization failed: ACL"; log.Debug(msg); //Notify STM Module var notification = new Common.Services.Internal.Interfaces.Notification(); notification.FromOrgName = identity.Name; notification.FromOrgId = identity.UID; notification.FromServiceId = InstanceContext.CallerServiceId; notification.NotificationType = EnumNotificationType.UNAUTHORIZED_REQUEST; notification.Subject = string.Format("Access denied for identity {0}.", identity.Name); notification.NotificationSource = EnumNotificationSource.VIS; _notificationService.Notify(notification); _context.SaveChanges(); // Log error _logEventService.LogError(EventNumber.VIS_getVoyagePlan_request, EventType.Error_authorization, paramList, InstanceContext.CallerServiceId); _context.SaveChanges(); } else { accessToAnyUVID = true; //Add it to response object var rtzString = Serialization.ByteArrayToString(publishedVoyagePlan.Message); var vp = new Models.VoyagePlan(rtzString); result.VoyagePlans.Add(vp); } } } else { //We didn't find any voyageplans i.e. return not found throw CreateHttpResponseException(HttpStatusCode.NotFound, "Voyageplans not found"); } //Final check to verify that we did return at least one VP if (!accessToAnyUVID) { throw CreateHttpResponseException(HttpStatusCode.Forbidden, "Authorization failed: ACL"); } return(result); }
public ResponseObj AddSubscription([FromBody] List <SubscriptionObject> subscriptions, [FromUri] string dataId) { log.Info("Incoming request to " + GetCurrentMethod()); if (string.IsNullOrEmpty(dataId)) { throw CreateHttpResponseException(HttpStatusCode.BadRequest, "Missing required parameter UVID."); } if (!FormatValidation.IsValidUvid(dataId)) { throw CreateHttpResponseException(HttpStatusCode.BadRequest, "Invalid UVID format"); } try { foreach (var subscription in subscriptions) { var uri = subscription.EndpointURL.ToString().ToLower(); var sub = _subscriptionService.Get(s => s.SubscriberIdentity.UID == subscription.IdentityId && s.MessageID == dataId && s.CallbackEndpoint.ToLower() == uri, includeProperties: "SubscriberIdentity, MessageType").FirstOrDefault(); if (sub == null) { var acl = _aCLObjectService.Get(i => i.MessageID == dataId && i.Subscriber.UID == subscription.IdentityId).FirstOrDefault(); if (acl != null) { _subscriptionService.Insert(ConvertToEntity(subscription, dataId)); } else { log.Debug(string.Format("No access for identity {0}", subscription.IdentityId)); } } else if (sub.IsAuthorized == false) { sub.IsAuthorized = true; } // Send message to new subscriber var message = _publishedMessageService.Get(x => x.MessageID == dataId).FirstOrDefault(); if (message != null) { _publishedMessageService.SendMessage(System.Text.Encoding.Default.GetString(message.Message), dataId, subscription.EndpointURL.ToString(), new Identity { Name = subscription.IdentityName, UID = subscription.IdentityId }); } } SetLastInteractionTime(); _context.SaveChanges(); return(new ResponseObj(dataId)); } catch (HttpResponseException ex) { log.Error(ex.Message, ex); throw; } catch (Exception ex) { log.Error(ex.Message, ex); string msg = "VIS internal server error. " + ex.Message; throw CreateHttpResponseException(HttpStatusCode.InternalServerError, msg); } }