13. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 8/31/2018 11:26:34 AM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

13.1 Files compared

#	Location	File	Last Modified
1	BMS_Source.zip\Source\Sources\BMS.Web\Controllers	AccountController.cs	Thu Aug 30 14:52:10 2018 UTC
2	BMS_Source.zip\Source\Sources\BMS.Web\Controllers	AccountController.cs	Fri Aug 31 11:27:10 2018 UTC

13.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	2	836
Changed	1	4
Inserted	0	0
Removed	0	0

13.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

13.4 Active regular expressions

No regular expressions were active.

13.5 Comparison detail

	1	using Syst em;
	2	using Syst em.Collect ions.Gener ic;
	3	using Syst em.Collect ions.Speci alized;
	4	using Syst em.Configu ration;
	5	using Syst em.Linq;
	6	using Syst em.Service Model;
	7	using Syst em.Threadi ng;
	8	using Syst em.Web;
	9	using Syst em.Web.Mvc ;
	10	using Syst em.Web.Rou ting;
	11	using Syst em.Web.Sec urity;
	12	using BMS. Authentica tion;
	13	using BMS. Facade;
	14	using BMS. Facade.Dat a;
	15	using BMS. Facade.Fau lt;
	16	using BMS. Security.D urableIssu edToken;
	17	using BMS. Utils;
	18	using BMS. Web.App_Gl obalResour ce;
	19	using BMS. Web.Contro llers.Shar ed;
	20	using BMS. Web.Models ;
	21	using Info World.HL7. ITS;
	22	using Micr osoft.Web. Mvc;
	23
	24	namespace BMS.Web.Co ntrollers
	25	{
	26	[Valid ateInput(f alse)]
	27	public class Acc ountContro ller : Con troller
	28	{
	29	[N oCacheAttr ibute]
	30	pu blic Actio nResult Lo gOn()
	31	{
	32	DateTime entryInLo gMethodTim e = DateTi me.UtcNow;
	33	if (Info World.Trac ing.IWTrac e.IsEntryE nabled)
	34	{
	35	Info World.Trac ing.IWTrac e.Entry(Sy stem.Refle ction.Meth odBase.Get CurrentMet hod(), ent ryInLogMet hodTime);
	36	}
	37	try
	38	{
	39	LogO nModel mod el = new L ogOnModel( );
	40	var useSSOi = Configurat ionManager .AppSettin gs["UseSSO i"];
	41	if ( useSSOi == null \|\| u seSSOi.ToS tring() == "true")
	42	{
	43	#if DEBUG
	44	if (this.R equest.Hea ders["ADSA MACCOUNTNA ME"] == nu ll)
	45	{
	46	this.Reque st.Headers .Add("ADSA MACCOUNTNA ME", " RE D A C TED ");
	47	this.Reque st.Headers .Add("SM_U SERDN", @" CN= REDA C TED \, Jonatha n M. (DYON YX),OU=DYO NYX,OU=Con tractors,O U=Users,OU =Dallas (I SD),OU=Fie ld Offices ,DC=vha,DC =med,DC=va ,DC=gov");
	48	}
	49	else
	50	{
	51	System .Diagnosti cs.Trace.W riteLine(" ******** ****** ****** START REQUEST H EADERS * ******** ****** ******** *");
	52	foreac h (var key in this.R equest.Hea ders.AllKe ys)
	53	{
	54	Sy stem.Diagn ostics.Tra ce.WriteLi ne(String. Format("Na me: {0} \| Value: {1} ", key, th is.Request .Headers[k ey]));
	55	}
	56	System .Diagnosti cs.Trace.W riteLine(" ******** ****** ****** END R EQUEST HEA DERS * ****** ****** *******" );
	57	}
	58	#endif
	59	model.User Name = "SS Oi";
	60	model.Pass word = "SS Oi";
	61
	62	return GoT oHome(mode l, "/");
	63	}
	64
	65	retu rn LogOn(m odel);
	66	}
	67	finally
	68	{
	69	if ( InfoWorld. Tracing.IW Trace.IsEx itEnabled)
	70	{
	71	InfoWorld. Tracing.IW Trace.Exit (System.Re flection.M ethodBase. GetCurrent Method(), DateTime.U tcNow, ent ryInLogMet hodTime);
	72	}
	73	}
	74	}
	75
	76	pr ivate bool IsUserLog gedIn()
	77	{
	78	DateTime entryInLo gMethodTim e = DateTi me.UtcNow;
	79	if (Info World.Trac ing.IWTrac e.IsEntryE nabled)
	80	{
	81	Info World.Trac ing.IWTrac e.Entry(Sy stem.Refle ction.Meth odBase.Get CurrentMet hod(), ent ryInLogMet hodTime);
	82	}
	83	try
	84	{
	85	retu rn HttpCon text.User. Identity.I sAuthentic ated;
	86	}
	87	finally
	88	{
	89	if ( InfoWorld. Tracing.IW Trace.IsEx itEnabled)
	90	{
	91	InfoWorld. Tracing.IW Trace.Exit (System.Re flection.M ethodBase. GetCurrent Method(), DateTime.U tcNow, ent ryInLogMet hodTime);
	92	}
	93	}
	94	}
	95
	96	pr ivate Acti onResult L ogOn(LogOn Model mode l)
	97	{
	98	DateTime entryInLo gMethodTim e = DateTi me.UtcNow;
	99	if (Info World.Trac ing.IWTrac e.IsEntryE nabled)
	100	{
	101	Info World.Trac ing.IWTrac e.Entry(Sy stem.Refle ction.Meth odBase.Get CurrentMet hod(), ent ryInLogMet hodTime);
	102	}
	103	try
	104	{
	105	retu rn View(mo del);
	106	}
	107	finally
	108	{
	109	if ( InfoWorld. Tracing.IW Trace.IsEx itEnabled)
	110	{
	111	InfoWorld. Tracing.IW Trace.Exit (System.Re flection.M ethodBase. GetCurrent Method(), DateTime.U tcNow, ent ryInLogMet hodTime);
	112	}
	113	}
	114	}
	115
	116	[H ttpPost]
	117	[A ctionName( "LogOn")]
	118	[M ultiButton Attribute]
	119	pu blic Actio nResult Go ToHome([Bi nd(Exclude = "Rememb erMe")] Lo gOnModel m odel, stri ng returnU rl)
	120	{
	121	DateTime entryInLo gMethodTim e = DateTi me.UtcNow;
	122	if (Info World.Trac ing.IWTrac e.IsEntryE nabled)
	123	{
	124	Info World.Trac ing.IWTrac e.Entry(Sy stem.Refle ction.Meth odBase.Get CurrentMet hod(), ent ryInLogMet hodTime);
	125	}
	126	try
	127	{
	128	bool successfu llyLog = T ryLogOn(mo del);
	129	if ( successful lyLog)
	130	return Get Successful lyLogOnAct ion(return Url);
	131
	132	retu rn LogOn(m odel);
	133	}
	134	finally
	135	{
	136	if ( InfoWorld. Tracing.IW Trace.IsEx itEnabled)
	137	{
	138	InfoWorld. Tracing.IW Trace.Exit (System.Re flection.M ethodBase. GetCurrent Method(), DateTime.U tcNow, ent ryInLogMet hodTime);
	139	}
	140	}
	141	}
	142
	143	[H ttpPost]
	144	[A ctionName( "LogOn")]
	145	[M ultiButton Attribute]
	146	pu blic Actio nResult Go ToBedClean ing([Bind( Exclude = "RememberM e")] LogOn Model mode l)
	147	{
	148	DateTime entryInLo gMethodTim e = DateTi me.UtcNow;
	149	if (Info World.Trac ing.IWTrac e.IsEntryE nabled)
	150	{
	151	Info World.Trac ing.IWTrac e.Entry(Sy stem.Refle ction.Meth odBase.Get CurrentMet hod(), ent ryInLogMet hodTime);
	152	}
	153	try
	154	{
	155	bool successfu llyLog = T ryLogOn(mo del);
	156	if ( successful lyLog)
	157	{
	158	User user = FacadeMa nager.User Interface. GetProfile ();
	159	return thi s.Redirect ToAction<E msBedStatu sAdminCont roller>(ac t => act.I ndex(BaseC ontroller. EncryptQue ryString(n ew string[ ] { "divis ion", "sta rtDate", " endDate", "returnLin k", "divis ionFromRep ort" }, ne w string[] { string. Empty, str ing.Empty, string.Em pty, strin g.Empty, s tring.Empt y }, user. Salt)));
	160	}
	161	retu rn LogOn(m odel);
	162	}
	163	finally
	164	{
	165	if ( InfoWorld. Tracing.IW Trace.IsEx itEnabled)
	166	{
	167	InfoWorld. Tracing.IW Trace.Exit (System.Re flection.M ethodBase. GetCurrent Method(), DateTime.U tcNow, ent ryInLogMet hodTime);
	168	}
	169	}
	170	}
	171
	172	pr ivate bool TryLogOn( LogOnModel model)
	173	{
	174	DateTime entryInLo gMethodTim e = DateTi me.UtcNow;
	175	if (Info World.Trac ing.IWTrac e.IsEntryE nabled)
	176	{
	177	Info World.Trac ing.IWTrac e.Entry(Sy stem.Refle ction.Meth odBase.Get CurrentMet hod(), ent ryInLogMet hodTime);
	178	}
	179	try
	180	{
	181	if ( IsUserLogg edIn())
	182	{
	183	System.Web .SessionSt ate.HttpSe ssionState currentSe ssion = Sy stem.Web.H ttpContext .Current.S ession;
	184	MvcApplica tion.Sessi onEnd(curr entSession );
	185	currentSes sion.Clear ();
	186	FormsAuthe ntication. SignOut();
	187	}
	188	Vali dateUser(m odel);
	189	if ( ModelState .IsValid)
	190	return tru e;
	191	// I f we got t his far, s omething f ailed, red isplay for m
	192	Form sAuthentic ation.Sign Out();
	193	Syst em.Web.Htt pContext.C urrent.Ses sion.Aband on();
	194	retu rn false;
	195	}
	196	finally
	197	{
	198	if ( InfoWorld. Tracing.IW Trace.IsEx itEnabled)
	199	{
	200	InfoWorld. Tracing.IW Trace.Exit (System.Re flection.M ethodBase. GetCurrent Method(), DateTime.U tcNow, ent ryInLogMet hodTime);
	201	}
	202	}
	203	}
	204
	205	pr ivate Acti onResult G etSuccessf ullyLogOnA ction(stri ng returnU rl)
	206	{
	207	DateTime entryInLo gMethodTim e = DateTi me.UtcNow;
	208	if (Info World.Trac ing.IWTrac e.IsEntryE nabled)
	209	{
	210	Info World.Trac ing.IWTrac e.Entry(Sy stem.Refle ction.Meth odBase.Get CurrentMet hod(), ent ryInLogMet hodTime);
	211	}
	212	try
	213	{
	214	if ( Url.IsLoca lUrl(retur nUrl) && r eturnUrl.L ength > 1 && returnU rl.StartsW ith("/") & & !returnU rl.StartsW ith("//") && !return Url.Starts With("/\\" ))
	215	{
	216	if (return Url.Starts With("/Rep orts"))
	217	return this.Redi rectToActi on<HomeCon troller>(a ction => a ction.Inde x());
	218	else
	219	return Redirect( returnUrl) ;
	220	}
	221	else
	222	return Get RedirectTo ByUserRole ();
	223	}
	224	finally
	225	{
	226	if ( InfoWorld. Tracing.IW Trace.IsEx itEnabled)
	227	{
	228	InfoWorld. Tracing.IW Trace.Exit (System.Re flection.M ethodBase. GetCurrent Method(), DateTime.U tcNow, ent ryInLogMet hodTime);
	229	}
	230	}
	231	}
	232
	233	pu blic Actio nResult Ge tRedirectT oByUserRol e()
	234	{
	235	DateTime entryInLo gMethodTim e = DateTi me.UtcNow;
	236	if (Info World.Trac ing.IWTrac e.IsEntryE nabled)
	237	{
	238	Info World.Trac ing.IWTrac e.Entry(Sy stem.Refle ction.Meth odBase.Get CurrentMet hod(), ent ryInLogMet hodTime);
	239	}
	240	try
	241	{
	242	User user = Fa cadeManage r.UserInte rface.GetP rofile();
	243	if ( user.IsSup erUser \|\| user.Suppo rtUser.IsY es() \|\| us er.Nationa lUser.IsYe s() \|\| use r.Regional User.IsYes ())
	244	return thi s.Redirect ToAction<N ationalAnd RegionalCo ntroller>( act => act .Index((st ring)null) );
	245
	246	if ( user.SiteU ser.IsYes( ) \|\| user. VisnUser.I sYes())
	247	return thi s.Redirect ToAction<H omeControl ler>(act = > act.Inde x());
	248	if ( user.Admin User.IsYes ())
	249	return thi s.Redirect ToAction<H omeControl ler>(act = > act.Inde x());
	250	if ( user.EMSUs er.IsYes() \|\| user.E MSDispatch User.IsYes () \|\| user .EMSSuperv isorUser.I sYes())
	251	return thi s.Redirect ToAction<E msBedStatu sAdminCont roller>(ac t => act.I ndex(BaseC ontroller. EncryptQue ryString(n ew string[ ] { "divis ion", "sta rtDate", " endDate", "returnLin k", "divis ionFromRep ort" }, ne w string[] { string. Empty, str ing.Empty, string.Em pty, strin g.Empty, s tring.Empt y }, user. Salt)));
	252	if ( user.Guest User.IsYes ())
	253	{
	254	string ful lUserName = user.Use rName + "@ " + user.D omain;
	255	IReportInf o national BedAvailab ilityRepor t = Facade .FacadeMan ager.Repor tsInterfac e.GetOther Reports(fu llUserName ).Where(a => a.Name == Constan ts.BED_AVA ILABILITY_ STATUS_REP ORT).First OrDefault( );
	256	if (nation alBedAvail abilityRep ort.Parame ters == nu ll)
	257	nation alBedAvail abilityRep ort.Parame ters = new Dictionar y<String, String>();
	258
	259	DateTime d tUtc = Dat eTime.UtcN ow;
	260	DateTime d tTz = Time ZoneInfo.C onvertTime FromUtc(dt Utc, Facad eUtil.GetF acilityTim eZoneInfo( user.Facil ity.Id));
	261	nationalBe dAvailabil ityReport. Parameters .Add(Const ants.REP_T IME_ZONE_M INUTES_OFF SET, dtTz. Subtract(d tUtc).Tota lMinutes.T oString()) ;
	262
	263	nationalBe dAvailabil ityReport. Parameters .Add(Const ants.REP_G ENERAL_RET URN_PATH, string.Emp ty);
	264	nationalBe dAvailabil ityReport. Parameters .Add(Const ants.REP_G ENERAL_RET URN_TEXT, string.Emp ty);
	265	nationalBe dAvailabil ityReport. Parameters .Add(Const ants.REPOR T_TITLE, S trings.Bed Availabili tyStatusRe portTitle) ;
	266	return Red irect(nati onalBedAva ilabilityR eport.Url) ;
	267	}
	268	retu rn this.Re directToAc tion<HomeC ontroller> (act => ac t.Index()) ;
	269	}
	270	finally
	271	{
	272	if ( InfoWorld. Tracing.IW Trace.IsEx itEnabled)
	273	{
	274	InfoWorld. Tracing.IW Trace.Exit (System.Re flection.M ethodBase. GetCurrent Method(), DateTime.U tcNow, ent ryInLogMet hodTime);
	275	}
	276	}
	277	}
	278
	279	pr ivate void ValidateU ser(LogOnM odel model )
	280	{
	281	DateTime entryInLo gMethodTim e = DateTi me.UtcNow;
	282	if (Info World.Trac ing.IWTrac e.IsEntryE nabled)
	283	{
	284	Info World.Trac ing.IWTrac e.Entry(Sy stem.Refle ction.Meth odBase.Get CurrentMet hod(), ent ryInLogMet hodTime);
	285	}
	286	try
	287	{
	288	if ( !ModelStat e.IsValid)
	289	return;
	290	try
	291	{
	292	if (Member ship.Valid ateUser(mo del.UserNa me, model. Password))
	293	{
	294	User u ser = Faca deManager. UserInterf ace.GetPro file();
	295	model. FullUserNa me = user. UserName;
	296	if (us er.Default Facility = = null)
	297	{
	298	if (user.IsS uperUser)
	299	{
	300	try
	301	{
	302	ILis t<Facility > allFacil ities = Fa cadeManage r.EntityIn terface.Ge tFacilitie sUsingWind owsAuthent ication(). Where(f => f.IsAlive == true). ToList();
	303	user .DefaultFa cility = a llFaciliti es.First() ;
	304	}
	305	catch (E xception e )
	306	{
	307	Mode lState.Add ModelError ("", "Can' t get the facilities : " + e.Me ssage);
	308	}
	309	}
	310	el se
	311	{
	312	ModelSta te.AddMode lError("", "The user does not have a def ault facil ity. Pleas e contact the admini strator.") ;
	313	}
	314	}
	315	if (us er.Default Facility ! = null)
	316	{
	317	if (user.Def aultFacili ty.VistaSi te.Visn == null)
	318	user.Def aultFacili ty.VistaSi te.Visn = FacadeMana ger.Entity Interface. GetVistaSi te(user.De faultFacil ity.VistaS ite.Id).Vi sn;
	319	Fa cadeManage r.UserInte rface.Inse rtLoggedUs er(ProxyMa nager.GetC urrentSess ionID2(), user.UserN ame, user. DefaultFac ility, use r.DefaultF acility.Vi staSite.Vi sn);
	320	if (!FacadeM anager.Use rInterface .CheckBMSR eadPermiss ion(user, user.Defau ltFacility .Id))
	321	ModelSta te.AddMode lError(str ing.Empty, "The user name does not have permission s for the selected f acility.") ;
	322	el se
	323	{
	324	FormsAut henticatio n.SetAuthC ookie(mode l.UserName , false);
	325	SetModel OnSuccessf ullyLogOn( model);
	326	}
	327	}
	328	}
	329	else
	330	ModelS tate.AddMo delError(" ", "The us er name or password provided i s incorrec t.");
	331	}
	332	catc h (UserHas NoRoleExce ption)
	333	{
	334	ModelState .AddModelE rror(strin g.Empty, " The user d oes not ha ve a role associated . Please c ontact the administr ator.");
	335	}
	336	catc h (Excepti on e)
	337	{
	338	ModelState .AddModelE rror("", " There was an error w hen trying to login: " + e.Mes sage);
	339	}
	340
	341	}
	342	finally
	343	{
	344	if ( InfoWorld. Tracing.IW Trace.IsEx itEnabled)
	345	{
	346	InfoWorld. Tracing.IW Trace.Exit (System.Re flection.M ethodBase. GetCurrent Method(), DateTime.U tcNow, ent ryInLogMet hodTime);
	347	}
	348	}
	349	}
	350
	351
	352	pr ivate void SetModelO nSuccessfu llyLogOn(L ogOnModel model)
	353	{
	354	DateTime entryInLo gMethodTim e = DateTi me.UtcNow;
	355	if (Info World.Trac ing.IWTrac e.IsEntryE nabled)
	356	{
	357	Info World.Trac ing.IWTrac e.Entry(Sy stem.Refle ction.Meth odBase.Get CurrentMet hod(), ent ryInLogMet hodTime);
	358	}
	359	try
	360	{
	361	User user = Fa cadeManage r.UserInte rface.GetP rofile();
	362	user .Facility = user.Def aultFacili ty;
	363	if ( user.Vista Site == nu ll)
	364	user.Vista Site = Fac adeManager .EntityInt erface.Get VistaSite( user.Facil ity.VistaS ite.Id);
	365	user .Visn = us er.VistaSi te.Visn;
	366	user .Region = user.Vista Site.Visn. Region;
	367
	368	if ( user.Visn == null)
	369	{
	370	ModelState .AddModelE rror("Faci lityId", " The facili ty doesn't have an a ssociated VISN.");
	371	return;
	372	}
	373	if ( user.Regio n == null)
	374	{
	375	ModelState .AddModelE rror("Faci lityId", " The VISN o n facility doesn't h ave an ass ociated Re gion.");
	376	return;
	377	}
	378	}
	379	finally
	380	{
	381	if ( InfoWorld. Tracing.IW Trace.IsEx itEnabled)
	382	{
	383	InfoWorld. Tracing.IW Trace.Exit (System.Re flection.M ethodBase. GetCurrent Method(), DateTime.U tcNow, ent ryInLogMet hodTime);
	384	}
	385	}
	386	}
	387
	388	pu blic Actio nResult Lo gOff()
	389	{
	390	DateTime entryInLo gMethodTim e = DateTi me.UtcNow;
	391	if (Info World.Trac ing.IWTrac e.IsEntryE nabled)
	392	{
	393	Info World.Trac ing.IWTrac e.Entry(Sy stem.Refle ction.Meth odBase.Get CurrentMet hod(), ent ryInLogMet hodTime);
	394	}
	395	try
	396	{
	397	Syst em.Web.Htt pContext.C urrent.Ses sion.Aband on();
	398
	399	var useSSOi = Configurat ionManager .AppSettin gs["UseSSO i"];
	400	if ( useSSOi != null && u seSSOi.ToS tring() == "false")
	401	return Vie w();
	402	else
	403	{
	404	var logOff Url = Conf igurationM anager.App Settings[" SSOiLogOff Url"];
	405	if (logOff Url == nul l)
	406	return View();
	407
	408	return Red irect(logO ffUrl.ToSt ring());
	409	}
	410	}
	411	finally
	412	{
	413	if ( InfoWorld. Tracing.IW Trace.IsEx itEnabled)
	414	{
	415	InfoWorld. Tracing.IW Trace.Exit (System.Re flection.M ethodBase. GetCurrent Method(), DateTime.U tcNow, ent ryInLogMet hodTime);
	416	}
	417	}
	418	}
	419	}
	420	}