using MySql.Data.MySqlClient; using Support.Crypto; using Support.Models; using System; using System.Collections.Generic; using System.IO; using System.Linq; using System.Text; using System.Threading.Tasks; namespace Support.Controllers { public class DeviceController { private readonly Database _dbContext; private readonly Appsettings _Appsettings; public DeviceController(Database database, Appsettings appsettings) { _dbContext = database; _Appsettings = appsettings; } public DeviceModel GetDevice(string order_id, string zip, string birthday, string udid) { DeviceModel result = null; if (!string.IsNullOrEmpty(udid) || (!string.IsNullOrEmpty(order_id) && !string.IsNullOrEmpty(zip) && !string.IsNullOrEmpty(birthday))) { using (MySqlConnection client = _dbContext.CreateConnection()) { client.Open(); MySqlCommand cmd = client.CreateCommand(); if (!string.IsNullOrEmpty(udid)) { cmd.CommandText = "select * from device d where d.udid = @udid"; cmd.Parameters.Add(new MySqlParameter("udid", udid)); } else { cmd.CommandText = "select d.* from results r inner join device d on d.udid = r.udid where r.pgs = @pgs limit 1"; string pgs = SHA512.Encrypt(zip + birthday + order_id); cmd.Parameters.Add(new MySqlParameter("pgs", pgs)); } MySqlDataReader reader = cmd.ExecuteReader(); if (reader != null && reader.HasRows && reader.Read() && reader["udid"] != null) { result = new DeviceModel(); result.UDID = reader["udid"].ToString(); result.Token = (reader["device_token"] != null && reader["device_token"] != DBNull.Value ? reader["device_token"].ToString() : null); result.PatId = (reader["pat_hash"] != null && reader["pat_hash"] != DBNull.Value ? AES.Decrypt(reader["pat_hash"].ToString()) : null); result.PublicKey = (reader["public_key"] != null && reader["public_key"] != DBNull.Value ? reader["public_key"].ToString() : null); result.VerificatorHash = (reader["verificator_hash"] != null && reader["verificator_hash"] != DBNull.Value ? reader["verificator_hash"].ToString() : null); result.PIN = (reader["pin"] != null && reader["pin"] != DBNull.Value ? reader["pin"].ToString() : null); result.Type = (reader["device_type"] != null && reader["device_type"] != DBNull.Value ? reader["device_type"].ToString() : null); result.Created = (reader["created"] != null && reader["created"] != DBNull.Value ? reader["created"].ToString() : null); result.Modified = (reader["modified"] != null && reader["modified"] != DBNull.Value ? reader["modified"].ToString() : null); } if (!reader.IsClosed) { reader.Close(); } cmd.Parameters.Clear(); if (result != null && !string.IsNullOrEmpty(result.UDID)) { cmd.CommandText = @"select r.pgs, r.pgs_hash, r.udid, r.client_public_key, r.server_public_key, r.notified, r.file_checksum, date_format(r.notified_ts, '%d.%m.%Y %H:%i:%s') notified_on, r.picked_up, date_format(r.picked_up_ts, '%d.%m.%Y %H:%i:%s') picked_up_on, r.available, date_format(r.available_ts, '%d.%m.%Y %H:%i:%s') available_on, date_format(r.created, '%d.%m.%Y %H:%i:%s') created_on, if(r.modified is not null, date_format(r.modified, '%d.%m.%Y %H:%i:%s'), null) modified_on, r.status from results r where r.udid = @udid order by r.created desc"; cmd.Parameters.Add(new MySqlParameter("udid", result.UDID)); reader = cmd.ExecuteReader(); result.Orders = new List(); while (reader.Read()) { if (reader != null && reader.HasRows && reader["udid"] != null && reader["pgs"] != null) { Order order = new Order(); order.UDID = reader["udid"].ToString(); order.PGS = reader["pgs"].ToString(); order.Notified = (reader["notified"] != null && reader["notified"] != DBNull.Value && Convert.ToInt32(reader["notified"].ToString()) == 1); order.NotifiedOn = (reader["notified_on"] != null && reader["notified_on"] != DBNull.Value ? reader["notified_on"].ToString() : null); order.PickedUp = (reader["picked_up"] != null && reader["picked_up"] != DBNull.Value && Convert.ToInt32(reader["picked_up"].ToString()) == 1); order.PickedUpOn = (reader["picked_up_on"] != null && reader["picked_up_on"] != DBNull.Value ? reader["picked_up_on"].ToString() : null); order.Available = (reader["available"] != null && reader["available"] != DBNull.Value && Convert.ToInt32(reader["available"].ToString()) == 1); order.AvailableOn = (reader["available_on"] != null && reader["available_on"] != DBNull.Value ? reader["available_on"].ToString() : null); order.Created = reader["created_on"].ToString(); order.Modified = reader["modified_on"].ToString(); order.Status = (reader["status"] != null && reader["status"] != DBNull.Value ? reader["status"].ToString() : null); order.ClientPublicKey = (reader["client_public_key"] != null && reader["client_public_key"] != DBNull.Value ? reader["client_public_key"].ToString() : null); order.ServerPublicKey = (reader["server_public_key"] != null && reader["server_public_key"] != DBNull.Value ? reader["server_public_key"].ToString() : null); order.FileCheckSum = (reader["file_checksum"] != null && reader["file_checksum"] != DBNull.Value ? reader["file_checksum"].ToString() : null); if (reader["pgs_hash"] != null && reader["pgs_hash"] != DBNull.Value) { string pgs_hash = reader["pgs_hash"].ToString(); string decrypted_values = AES.Decrypt(pgs_hash, AES.GetKey(order.UDID.ToLower() + AES.PGS_ENCRYPT_PARTIAL_KEY)); if (!string.IsNullOrEmpty(decrypted_values)) { string[] values = decrypted_values.Split('|'); if (values.Length == 3) { order.ZIP = values[0]; order.Birthday = values[1]; order.OrderId = values[2]; } } } order.Logs = this.GetLogsFor(order.UDID, order.PGS); order.Acks = this.GetAcks(order.UDID, order.PGS); result.Orders.Add(order); } } if (!reader.IsClosed) { reader.Close(); } } client.Close(); } } return result; } private List GetLogsFor(string udid, string pgs) { List results = null; if (!string.IsNullOrEmpty(udid) && !string.IsNullOrEmpty(pgs)) { using (MySqlConnection client = _dbContext.CreateConnection()) { client.Open(); MySqlCommand cmd = client.CreateCommand(); /** BEGIN TRACE **/ cmd.CommandText = "select * from traces t where t.udid = @udid and t.pgs = @pgs order by t.created desc"; cmd.Parameters.Add(new MySqlParameter("udid", udid)); cmd.Parameters.Add(new MySqlParameter("pgs", pgs)); MySqlDataReader reader = cmd.ExecuteReader(); if (reader != null && reader.HasRows) { results = new List(); while (reader.Read() && reader["udid"] != null && reader["pgs"] != null) { Log log = new Log(); log.Id = (long)reader["id"]; log.UDID = reader["udid"].ToString(); log.PGS = reader["pgs"].ToString(); log.Message = (reader["message"] != null && reader["message"] != DBNull.Value ? reader["message"].ToString() : null); log.Type = (reader["trace_type"] != null && reader["trace_type"] != DBNull.Value ? reader["trace_type"].ToString() : null); log.Created = (reader["created"] != null && reader["created"] != DBNull.Value ? reader["created"].ToString() : null); results.Add(log); } } if (!reader.IsClosed) { reader.Close(); } } } return results; } private List GetAcks(string udid, string pgs) { List results = new List(); ; if (!string.IsNullOrEmpty(udid) && !string.IsNullOrEmpty(pgs)) { string file_prefix = SHA512.Encrypt(udid + (!string.IsNullOrEmpty(pgs) ? pgs : "")); string ack = Path.Combine(_Appsettings.PrivateDirectory, "ack"); if (Directory.Exists(ack)) { string[] files = Directory.GetFiles(ack, "*" + file_prefix + "*.log"); if (files != null && files.Length > 0) { foreach (string file in files) { if (System.IO.File.Exists(file)) { Ack a = new Ack(); a.Filename = System.IO.Path.GetFileName(file); a.Content = System.IO.File.ReadAllText(file); if (!string.IsNullOrEmpty(a.Content)) { a.Content = a.Content.Replace("\n", "
"); } a.Type = "Ausstehend"; a.Created = System.IO.File.GetCreationTime(file).ToString("dd.MM.yyyy H:i:s"); results.Add(a); } } } } string ack_done = Path.Combine(ack, "done"); if (Directory.Exists(ack_done)) { string[] files = Directory.GetFiles(ack_done, "*" + file_prefix + "*"); if (files != null && files.Length > 0) { results = new List(); foreach (string file in files) { if (System.IO.File.Exists(file)) { Ack a = new Ack(); a.Filename = System.IO.Path.GetFileName(file); a.Content = System.IO.File.ReadAllText(file); if (!string.IsNullOrEmpty(a.Content)) { a.Content = a.Content.Replace("\n", "
"); } a.Type = "Fertig"; a.Created = System.IO.File.GetCreationTime(file).ToString("dd.MM.yyyy H:i:s"); results.Add(a); } } } } string[] public_files = Directory.GetFiles(_Appsettings.PublicDirectory, "*" + file_prefix + "*"); if (public_files != null && public_files.Length > 0) { foreach (string file in public_files) { if (System.IO.File.Exists(file)) { Ack a = new Ack(); a.Filename = System.IO.Path.GetFileName(file); a.Content = System.IO.File.ReadAllText(file); if (!string.IsNullOrEmpty(a.Content)) { a.Content = a.Content.Substring(0, 20); } a.Type = "Verschlüsselt"; a.Created = System.IO.File.GetCreationTime(file).ToString("dd.MM.yyyy H:i:s"); results.Add(a); } } } string[] private_files = Directory.GetFiles(_Appsettings.PrivateDirectory, "*" + file_prefix + "*.hl7"); if (private_files != null && private_files.Length > 0) { foreach (string file in private_files) { if (System.IO.File.Exists(file)) { Ack a = new Ack(); a.Filename = System.IO.Path.GetFileName(file); a.Content = System.IO.File.ReadAllText(file); if (!string.IsNullOrEmpty(a.Content)) { a.Content = a.Content.Substring(0, 20); } a.Type = "HL7 (Unverschlüsselt)"; a.Created = System.IO.File.GetCreationTime(file).ToString("dd.MM.yyyy H:i:s"); results.Add(a); } } } } return results; } } }