public virtual ActionResult SubmitPackageScanResults(string apiKey, string id, string version, string scanStatus, ICollection<PackageScanResult> scanResults)
{
if (String.IsNullOrEmpty(id) || String.IsNullOrEmpty(version))
{
return new HttpStatusCodeWithBodyResult(HttpStatusCode.NotFound, string.Format(CultureInfo.CurrentCulture, Strings.PackageWithIdAndVersionNotFound, id, version));
}
Guid parsedApiKey;
if (!Guid.TryParse(apiKey, out parsedApiKey)) return new HttpStatusCodeWithBodyResult(HttpStatusCode.BadRequest, string.Format(CultureInfo.CurrentCulture, Strings.InvalidApiKey, apiKey));
var testReporterUser = userSvc.FindByApiKey(parsedApiKey);
if (testReporterUser == null) return new HttpStatusCodeWithBodyResult(HttpStatusCode.Forbidden, String.Format(CultureInfo.CurrentCulture, Strings.ApiKeyNotAuthorized, "submitscanresults"));
// Only the package operations user can submit results
if (testReporterUser.Key != settings.PackageOperationsUserKey) return new HttpStatusCodeWithBodyResult(HttpStatusCode.Forbidden, String.Format(CultureInfo.CurrentCulture, Strings.ApiKeyNotAuthorized, "submitscanresults"));
if (string.IsNullOrWhiteSpace(scanStatus)) return new HttpStatusCodeWithBodyResult(HttpStatusCode.BadRequest, "scanStatus is required.");
PackageScanStatusType packageScanStatus;
try
{
Enum.TryParse(scanStatus.to_string(), true, out packageScanStatus);
}
catch (Exception)
{
packageScanStatus = PackageScanStatusType.Unknown;
}
if (packageScanStatus == PackageScanStatusType.Unknown)
{
return new HttpStatusCodeWithBodyResult(HttpStatusCode.BadRequest, "'scanStatus' must be passed as 'NotFlagged', 'Flagged', 'Exempted', or 'Investigate'.");
}
if (packageScanStatus != PackageScanStatusType.Investigate && !scanResults.Any())
{
return new HttpStatusCodeWithBodyResult(HttpStatusCode.BadRequest, "You must submit data with results.");
}
var package = packageSvc.FindPackageByIdAndVersion(id, version, allowPrerelease: true, useCache: false);
if (package == null) return new HttpStatusCodeWithBodyResult(HttpStatusCode.NotFound, string.Format(CultureInfo.CurrentCulture, Strings.PackageWithIdAndVersionNotFound, id, version));
foreach (var result in scanResults.OrEmptyListIfNull())
{
scanSvc.SaveOrUpdateResults(result, package);
}
package.PackageScanResultDate = DateTime.UtcNow;
package.PackageScanStatus = packageScanStatus;
packageSvc.SaveMinorPackageChanges(package);
return new HttpStatusCodeWithBodyResult(HttpStatusCode.Accepted, "Package scan results have been updated.");
}
}