main to test-marshal

axisintegrationapi/MCS.FOI.AXISIntegration/MCS.FOI.AXISIntegration.DAL.UnitTests/RequestDAUnitTest.cs

@@ -11,7 +11,7 @@ namespace MCS.FOI.AXISIntegration.DAL.UnitTests
     public class RequestDAUnitTest
     {
 
-        private Mock<ILogger> _mockLogger = new Mock<ILogger>();
+        private readonly Mock<ILogger<RequestsDA>> _mockLogger = new();
 
         [TestMethod]
         public void GetRequestTest()

axisintegrationapi/MCS.FOI.AXISIntegration/MCS.FOI.AXISIntegration.DAL/Interfaces/IRequestDA.cs

@@ -1,9 +1,4 @@
 using MCS.FOI.AXISIntegration.DataModels;
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Text;
-using System.Threading.Tasks;
 
 namespace MCS.FOI.AXISIntegration.DAL.Interfaces
 {
@@ -13,5 +8,8 @@ public interface IRequestDA
 
         public AXISRequest GetAXISRequest(string request);
 
+        public string GetAXISRequestsPageCountString();
+
+        public string PostAXISRequestsPageCountString(string[] arrayOfRequestId);
     }
 }

axisintegrationapi/MCS.FOI.AXISIntegration/MCS.FOI.AXISIntegration.DAL/RequestsDA.cs

@@ -14,11 +14,11 @@
     {
         private SqlConnection sqlConnection;
 
-        private readonly ILogger Ilogger;
+        private readonly ILogger<RequestsDA> Ilogger;
 
         public static string ConnectionString;
 
-        public RequestsDA(ILogger _Ilogger)
+        public RequestsDA(ILogger<RequestsDA> _Ilogger)
         {
             Ilogger = _Ilogger;                     
             SettingsManager.DBConnectionInitializer();
@@ -83,6 +83,7 @@
                     axisRequest.RequestDescriptionToDate = RequestsHelper.ConvertDateToString(row, "reqDescriptionToDate", "yyyy-MM-dd");
                     axisRequest.Ispiiredacted = true;
                     axisRequest.RequestPageCount = Convert.ToInt32(row["requestPageCount"]);
+                    axisRequest.LANPageCount = Convert.ToInt32(row["lanPageCount"]);
                     axisRequest.SubjectCode = Convert.ToString(row["subjectCode"]);
                     axisRequest.IdentityVerified = Convert.ToString(row["identityVerified"]);
                     List<Ministry> ministryList = new()
@@ -122,6 +123,51 @@
                 return extensionList;
         }
 
+        public Dictionary<string, PageCount> GetAXISRequestsPageCount(string[] arrayOfRequestId)
+        {
+            DataTable axisDataTable = GetAxisRequestsPageCount(arrayOfRequestId);
+
+            var axisRequestPageCountDict = axisDataTable.AsEnumerable()
+                .Where(rw => Convert.ToInt32(rw["requestPageCount"]) > 0)
+                .ToDictionary(
+                rw => Convert.ToString(rw["AXISRequestID"]),
+                rw => new PageCount
+                {
+                    RequestPageCount = Convert.ToInt32(rw["requestPageCount"]),
+                    LANPageCount = Convert.ToInt32(rw["lanPageCount"])
+                });
+            return axisRequestPageCountDict;
+
+        }
+
+        public Dictionary<string, PageCount> GetAXISRequestsPageCount()
+        {
+            DataTable axisDataTable = GetAxisRequestsPageCount();
+
+            var axisRequestPageCountDict = axisDataTable.AsEnumerable()
+                .Where(rw => Convert.ToInt32(rw["requestPageCount"]) > 0)
+                .ToDictionary(
+                rw => Convert.ToString(rw["AXISRequestID"]),
+                rw => new PageCount
+                {
+                    RequestPageCount = Convert.ToInt32(rw["requestPageCount"]),
+                    LANPageCount = Convert.ToInt32(rw["lanPageCount"])
+                });
+            return axisRequestPageCountDict;
+        }
+
+        public string PostAXISRequestsPageCountString(string[] requestIds)
+        {
+            Dictionary<string, PageCount> axisRequestPageCountList = GetAXISRequestsPageCount(requestIds);
+            return RequestsHelper.ConvertRequestToJSON(axisRequestPageCountList);
+        }
+
+        public string GetAXISRequestsPageCountString()
+        {
+            Dictionary<string, PageCount> axisRequestPageCountList = GetAXISRequestsPageCount();
+            return RequestsHelper.ConvertRequestToJSON(axisRequestPageCountList);
+        }
+
         private DataTable GetAxisRequestData(string request)
         {
             ConnectionString = SettingsManager.ConnectionString;
@@ -152,6 +198,7 @@
                 sum(distinct case when requests.IREQUESTID = reviewlog.IREQUESTID and reviewlog.IDOCID = documents.IDOCID then documents.SIPAGECOUNT 
                 when requests.IREQUESTID = redaction.IREQUESTID and redaction.IDOCID = ldocuments.IDOCID then ldocuments.SIPAGECOUNT 
                 else 0 end) as requestPageCount,
+                (case when requestfields.CustomField91 > 0 then requestfields.CustomField91 else 0 end ) as lanPageCount,
                 REPLACE(requestfields.CUSTOMFIELD33, CHAR(160), ' ') as subjectCode,
                 requestfields.CUSTOMFIELD75 as identityVerified,
                 (SELECT TOP 1 cfr.sdtDueDate FROM tblRequestForDocuments cfr WITH (NOLOCK) 
@@ -185,7 +232,8 @@
                 requesters.vcAddress1, requesters.vcAddress2, requesters.vcCity, requesters.vcZipCode,
                 requesters.vcHome, requesters.vcMobile, requesters.vcWork1, requesters.vcWork2, requesters.vcFirstName, requesters.vcLastName, requesters.vcMiddleName,
                 requests.iRequestID, requesters.vcCompany, requesters.vcEmailID, onbehalf.vcFirstName, onbehalf.vcLastName, onbehalf.vcMiddleName,
-                requestTypes.iLabelID, requests.vcVisibleRequestID, requests.tiOfficeID, office.OFFICE_ID,requestorfields.CUSTOMFIELD35, REPLACE(requestfields.CUSTOMFIELD33, CHAR(160), ' '),requestfields.CUSTOMFIELD75";
+                requestTypes.iLabelID, requests.vcVisibleRequestID, requests.tiOfficeID, office.OFFICE_ID,requestorfields.CUSTOMFIELD35, 
+                REPLACE(requestfields.CUSTOMFIELD33, CHAR(160), ' '),requestfields.CUSTOMFIELD75, requestfields.CustomField91";
             DataTable dataTable = new();
             using (sqlConnection = new SqlConnection(ConnectionString))
             {
@@ -299,5 +347,87 @@
 
         }
 
+        private DataTable GetAxisRequestsPageCount(string[] arrayOfRequestId)
+        {
+            ConnectionString = SettingsManager.ConnectionString;
+            var inClauseValues = RequestsHelper.GetInClause(arrayOfRequestId);
+
+            string query = $@"Select vcVisibleRequestID as axisRequestId, sum(distinct case when requests.IREQUESTID = reviewlog.IREQUESTID and reviewlog.IDOCID = documents.IDOCID then documents.SIPAGECOUNT 
+                when requests.IREQUESTID = redaction.IREQUESTID and redaction.IDOCID = ldocuments.IDOCID then ldocuments.SIPAGECOUNT 
+                else 0 end) as requestPageCount,
+				(case when requestfields.CustomField91 > 0 then requestfields.CustomField91 else 0 end ) as lanPageCount
+				FROM
+		        tblRequests requests WITH (NOLOCK)
+		        LEFT OUTER JOIN dbo.TBLdocumentreviewlog reviewlog WITH (NOLOCK) ON requests.IREQUESTID = reviewlog.IREQUESTID
+		        LEFT OUTER JOIN dbo.TBLDOCUMENTS documents WITH (NOLOCK) ON reviewlog.IDOCID = documents.IDOCID
+		        LEFT OUTER JOIN dbo.TBLRedactionlayers redaction WITH (NOLOCK) ON requests.IREQUESTID = redaction.IREQUESTID
+                LEFT OUTER JOIN dbo.TBLDOCUMENTS ldocuments WITH (NOLOCK) ON redaction.IDOCID = ldocuments.IDOCID
+		        LEFT OUTER JOIN dbo.TBLREQUESTCUSTOMFIELDS requestfields WITH (NOLOCK) ON requests.iRequestID = requestfields.iRequestID
+                WHERE vcVisibleRequestID IN ({inClauseValues})
+		        GROUP BY vcVisibleRequestID, requestfields.CustomField91";
+
+            DataTable dataTable = new();
+            using (sqlConnection = new SqlConnection(ConnectionString))
+            {
+                using SqlDataAdapter sqlSelectCommand = new(query, sqlConnection);
+                try
+                {
+                    sqlConnection.Open();
+                    sqlSelectCommand.Fill(dataTable);
+                }
+                catch (SqlException ex)
+                {
+                    Ilogger.Log(LogLevel.Error, ex.Message);
+                    throw;
+                }
+                catch (Exception e)
+                {
+                    Ilogger.Log(LogLevel.Error, e.Message);
+                    throw;
+                }
+            }
+            return dataTable;
+        }
+
+        private DataTable GetAxisRequestsPageCount()
+        {
+            ConnectionString = SettingsManager.ConnectionString;           
+
+            string query = @"Select vcVisibleRequestID as axisRequestId, sum(distinct case when requests.IREQUESTID = reviewlog.IREQUESTID and reviewlog.IDOCID = documents.IDOCID then documents.SIPAGECOUNT 
+                when requests.IREQUESTID = redaction.IREQUESTID and redaction.IDOCID = ldocuments.IDOCID then ldocuments.SIPAGECOUNT 
+                else 0 end) as requestPageCount,
+				(case when requestfields.CustomField91 > 0 then requestfields.CustomField91 else 0 end ) as lanPageCount
+				FROM
+		        tblRequests requests WITH (NOLOCK)
+		        LEFT OUTER JOIN dbo.TBLdocumentreviewlog reviewlog WITH (NOLOCK) ON requests.IREQUESTID = reviewlog.IREQUESTID
+		        LEFT OUTER JOIN dbo.TBLDOCUMENTS documents WITH (NOLOCK) ON reviewlog.IDOCID = documents.IDOCID
+		        LEFT OUTER JOIN dbo.TBLRedactionlayers redaction WITH (NOLOCK) ON requests.IREQUESTID = redaction.IREQUESTID
+                LEFT OUTER JOIN dbo.TBLDOCUMENTS ldocuments WITH (NOLOCK) ON redaction.IDOCID = ldocuments.IDOCID
+		        LEFT OUTER JOIN dbo.TBLREQUESTCUSTOMFIELDS requestfields WITH (NOLOCK) ON requests.iRequestID = requestfields.iRequestID
+		        GROUP BY vcVisibleRequestID, requestfields.CustomField91";
+
+            DataTable dataTable = new();
+            using (sqlConnection = new SqlConnection(ConnectionString))
+            {
+                using SqlDataAdapter sqlSelectCommand = new(query, sqlConnection);
+                try
+                {
+                    sqlConnection.Open();
+                    sqlSelectCommand.Fill(dataTable);
+                }
+                catch (SqlException ex)
+                {
+                    Ilogger.Log(LogLevel.Error, ex.Message);
+                    throw;
+                }
+                catch (Exception e)
+                {
+                    Ilogger.Log(LogLevel.Error, e.Message);
+                    throw;
+                }
+            }
+            return dataTable;
+        }
+
     }    
 }

axisintegrationapi/MCS.FOI.AXISIntegration/MCS.FOI.AXISIntegration.DAL/RequestsHelper.cs

@@ -3,6 +3,7 @@
 using System;
 using System.Data;
 using System.Globalization;
+using System.Linq;
 
 namespace MCS.FOI.AXISIntegration.DAL
 {
@@ -13,11 +14,12 @@ public static string ConvertDateToString(DataRow row, string property, string fo
             return row[property] == DBNull.Value ? null : Convert.ToDateTime(row[property]).ToString(format, CultureInfo.InvariantCulture);
         }
 
-        public static string ConvertRequestToJSON(AXISRequest request)
+        public static string ConvertRequestToJSON(Object _object)
         {
-            return JsonConvert.SerializeObject(request);
+            return JsonConvert.SerializeObject(_object);
         }
 
+
         public static string GetRequestType(string requestType)
         {
             if (requestType.ToLower().Contains(RequestTypes.General.ToString().ToLower()))
@@ -138,5 +140,11 @@ public static string GetDeliveryMode(string deliveryMode)
                 _ => "Secure File Transfer",
             };
         }
+
+        public static string GetInClause(string[] values)
+        {
+            // Join the array values with commas and enclose each value in single quotes
+            return string.Join(",", values.Select(val => $"'{val}'"));
+        }
     }
 }

axisintegrationapi/MCS.FOI.AXISIntegration/MCS.FOI.AXISIntegration.DataModels/AXISRequest.cs

@@ -1,5 +1,4 @@
-using System;
-using System.Collections.Generic;
+using System.Collections.Generic;
 using System.Runtime.Serialization;
 
 namespace MCS.FOI.AXISIntegration.DataModels
@@ -120,6 +119,9 @@ public class AXISRequest
         [DataMember(Name = "requestPageCount")]
         public int RequestPageCount { get; set; }
 
+        [DataMember(Name = "lanPageCount")]
+        public int LANPageCount { get; set; }
+
         [DataMember(Name = "subjectCode")]
         public string SubjectCode { get; set; }
 

axisintegrationapi/MCS.FOI.AXISIntegration/MCS.FOI.AXISIntegration.DataModels/AXISRequestsPageCount.cs

@@ -0,0 +1,26 @@
+using System.Runtime.Serialization;
+
+namespace MCS.FOI.AXISIntegration.DataModels
+{
+
+    [DataContract]
+    public class AXISRequestPageCount
+    {
+        [DataMember(Name = "id")]
+        public string AXISRequestID { get; set; }
+
+        [DataMember]
+        public PageCount PageCountInfo { get; set; }
+    }
+
+    [DataContract]
+    public class PageCount
+    {
+        [DataMember(Name = "requestpagepount")]
+        public int RequestPageCount { get; set; }
+
+        [DataMember(Name = "lanpagepount")]
+        public int LANPageCount { get; set; }
+    }
+
+}

axisintegrationapi/MCS.FOI.AXISIntegration/MCS.FOI.AXISIntegrationWebAPI/Controllers/RequestSearchController.cs

@@ -7,8 +7,6 @@
 using Microsoft.Extensions.Logging;
 using Newtonsoft.Json;
 using System;
-using System.Collections.Generic;
-using System.Linq;
 
 namespace MCS.FOI.AXISIntegrationWebAPI.Controllers
 {

axisintegrationapi/MCS.FOI.AXISIntegration/MCS.FOI.AXISIntegrationWebAPI/Controllers/RequestsPageCountController.cs

@@ -0,0 +1,74 @@
+using MCS.FOI.AXISIntegration.DAL.Interfaces;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Cors;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+using System;
+using System.Collections.Generic;
+using System.Text.RegularExpressions;
+
+namespace MCS.FOI.AXISIntegrationWebAPI.Controllers
+{
+    [Route("api/[controller]")]
+    [ApiController]
+    [EnableCors(PolicyName = "FOIOrigins")]
+    [Authorize]
+    public class RequestsPageCountController : ControllerBase
+    {
+
+        private readonly ILogger<RequestsPageCountController> _logger;
+        private readonly IRequestDA _requestDA;
+        TimeSpan timeout = TimeSpan.FromSeconds(3);
+
+        public RequestsPageCountController(ILogger<RequestsPageCountController> logger, IRequestDA requestDA)
+        {
+            _logger = logger;
+            _requestDA = requestDA;
+        }
+
+        [HttpPost]
+
+        public ActionResult<string> Post([FromBody] List<string> axisRequestIds)
+        {
+            try
+            {
+                if (axisRequestIds == null || axisRequestIds.Count == 0)
+                {
+                    return BadRequest("The list of axisRequestIds is required.");
+                }
+                foreach (var requestId in axisRequestIds)
+                {
+                    if (!IsValidRequestId(requestId))
+                    {
+                        return BadRequest($"Invalid axisRequestId: {requestId}");
+                    }
+
+                    if (ContainsSqlInjectionPattern(requestId))
+                    {
+                        return BadRequest($"Potential SQL injection detected in axisRequestId: {requestId}");
+                    }
+                }
+                return _requestDA.PostAXISRequestsPageCountString(axisRequestIds.ToArray());
+
+            }
+            catch (Exception ex)
+            {
+                _logger.Log(LogLevel.Error, string.Format($"Exception happened on RequestspageCount POST operations, Error Message : {ex.Message} , Stack Trace :{ex.StackTrace}"));
+                return string.Format($"Exception happened on RequestspageCount POST operations, Error Message : {ex.Message}");
+            }
+
+        }
+        private bool IsValidRequestId(string requestId)
+        {  
+            // RequestID should have letters-numbers-numbers format
+            string pattern = @"^[A-Za-z]+(?:[-]){0,2}\d+\-\d+$";
+            return Regex.IsMatch(requestId, pattern, RegexOptions.None, timeout);
+        }
+
+        private bool ContainsSqlInjectionPattern(string input)
+        {
+            string pattern = @"(?:\b(?:SELECT|INSERT|UPDATE|DELETE|DROP|ALTER)\b|\b(?:UNION\s+ALL|SELECT\s+.*?\s+FROM\s+.*?\s+WHERE\s+.*?))";
+            return Regex.IsMatch(input, pattern, RegexOptions.IgnoreCase, timeout);
+        }
+    }
+}

axisintegrationapi/MCS.FOI.AXISIntegration/MCS.FOI.AXISIntegrationWebAPI/Startup.cs

@@ -34,7 +34,7 @@ public void ConfigureServices(IServiceCollection services)
                 string[] _origins = SettingsManager.CORSORIGINS.Split(",");
                 services.AddCors(options =>
                                     options.AddPolicy("FOIOrigins", p => p.WithOrigins(_origins)
-                                                   .WithMethods("GET")
+                                                   .WithMethods("GET", "POST")
                                                    .AllowAnyHeader()
                                                    .AllowAnyMethod()
                                        )) ;
@@ -45,6 +45,8 @@ public void ConfigureServices(IServiceCollection services)
             var serviceProvider = services.BuildServiceProvider();            
             var requestlogger = serviceProvider.GetService<ILogger<RequestSearchController>>();
             services.AddSingleton(typeof(ILogger), requestlogger);
+            var requestpagecountlogger = serviceProvider.GetService<ILogger<RequestsPageCountController>>();
+            services.AddSingleton(typeof(ILogger), requestpagecountlogger);
             services.AddScoped<IRequestDA, RequestsDA>();
             services.AddScoped<IFOIFlowRequestUserDA,FOIFlowRequestUsersDA>();
 

docker-compose.yml

@@ -115,6 +115,8 @@ services:
       - UNOPENED_REPORT_WAIT_DAYS=${UNOPENED_REPORT_WAIT_DAYS}
       - UNOPENED_REPORT_JARO_CUTOFF=${UNOPENED_REPORT_JARO_CUTOFF}
       - UNOPENED_REPORT_EMAIL_RECIPIENT=${UNOPENED_REPORT_EMAIL_RECIPIENT}
+      - AXIS_API_URL=${AXIS_API_URL}
+      - AXIS_SYNC_BATCHSIZE=${AXIS_SYNC_BATCHSIZE}
       #- LOG_ROOT=${LOG_ROOT}
       #- LOG_BASIC=${LOG_BASIC}
       #- LOG_TRACING=${LOG_TRACING}