ErrorController¶
- Namespace:
Insorce.Controllers - Project:
Andromeda.Web
Overview¶
The ErrorController manages error handling, access denial, and system diagnostics within the application.
Feature Summary¶
- Provides error display and handling for various error scenarios including access denial at project and admin levels.
- Supports retrieval and archiving of recent log files for diagnostic purposes.
- Enables termination of specific running processes related to optimization tasks.
- Facilitates querying and filtering of event logs based on severity and time range.
UX Summary¶
- Users encounter clear error messages and views when access is denied or errors occur.
- Error pages provide instructions and debug information where appropriate.
- Log file requests return downloadable archives or informative error views if no logs are found.
- Process termination actions notify users to prevent unexpected disruptions.
- Event log queries may produce XML outputs and generic error messages, which can affect user experience.
Data Dependencies¶
- Uses TempData and ViewBag to pass messages and data between controller and views.
- Interacts with file system for log file retrieval, archiving, and download.
- Utilizes AsyncProcessManager or direct process management APIs to terminate processes.
- Queries event log data sources with parameter validation and filtering.
Authentication / Authorization Notes¶
- Access denial methods enforce permission checks at project and admin levels.
- Some methods disable request validation or expose sensitive data, posing security risks.
- Process termination and log file access require careful validation to prevent unauthorized actions.
- Authentication and authorization are critical to prevent information disclosure and denial-of-service.
Controller Call Chain Diagram¶
flowchart TD
Andromeda_Core_Algorithm_SchedulerAlgorithm_Dispose["Andromeda.Core.Algorithm.SchedulerAlgorithm.Dispose"]
Andromeda_Core_Entities_Roles_GetUsersInRole["Andromeda.Core.Entities.Roles.GetUsersInRole"]
Andromeda_Core_LoggingManager_Error["Andromeda.Core.LoggingManager.Error"]
Andromeda_Core_LoggingManager_GetLogDirectoryPath["Andromeda.Core.LoggingManager.GetLogDirectoryPath"]
Andromeda_Core_LoggingManager_Info["Andromeda.Core.LoggingManager.Info"]
Andromeda_Core_Services_AsyncProcessManager_KillProcess["Andromeda.Core.Services.AsyncProcessManager.KillProcess"]
Andromeda_Core_Services_ScheduleOptimizer_Dispose["Andromeda.Core.Services.ScheduleOptimizer.Dispose"]
Andromeda_Core_Services_SignalRMsg_SendMessage["Andromeda.Core.Services.SignalRMsg.SendMessage"]
Andromeda_Core_Utility_Compress_CreateZip["Andromeda.Core.Utility.Compress.CreateZip"]
ErrorController_AccessDeniedAdminLevel["ErrorController.AccessDeniedAdminLevel"]
ErrorController_ErrorIndex["ErrorController.ErrorIndex"]
ErrorController_GetLogFiles["ErrorController.GetLogFiles"]
ErrorController_KillProcesses["ErrorController.KillProcesses"]
Andromeda_Core_Services_AsyncProcessManager_KillProcess --> Andromeda_Core_Algorithm_SchedulerAlgorithm_Dispose
Andromeda_Core_Services_AsyncProcessManager_KillProcess --> Andromeda_Core_Services_ScheduleOptimizer_Dispose
Andromeda_Core_Services_AsyncProcessManager_KillProcess --> Andromeda_Core_Services_SignalRMsg_SendMessage
ErrorController_AccessDeniedAdminLevel --> Andromeda_Core_Entities_Roles_GetUsersInRole
ErrorController_ErrorIndex --> Andromeda_Core_LoggingManager_Info
ErrorController_GetLogFiles --> Andromeda_Core_LoggingManager_Error
ErrorController_GetLogFiles --> Andromeda_Core_LoggingManager_GetLogDirectoryPath
ErrorController_GetLogFiles --> Andromeda_Core_LoggingManager_Info
ErrorController_GetLogFiles --> Andromeda_Core_Utility_Compress_CreateZip
ErrorController_KillProcesses --> Andromeda_Core_LoggingManager_Info
ErrorController_KillProcesses --> Andromeda_Core_Services_AsyncProcessManager_KillProcess
System Dependencies¶
Incoming Dependencies (Fan-In): None
Outgoing Dependencies (Fan-Out): None
Cycle Detection¶
No dependency cycles detected for this controller.
View → Action Mapping¶
| Action | View | Model | Path |
|---|---|---|---|
errorindex |
ErrorIndex |
System.Web.Mvc.HandleErrorInfo |
Andromeda.Web\Views\Error\ErrorIndex.cshtml |
servererror |
ServerError |
- |
Andromeda.Web\Views\Error\ServerError.cshtml |
Methods at a Glance¶
File & Import Operations¶
| Type | Method | HTTP | URL | Summary |
|---|---|---|---|---|
| entrypoint | GetLogFiles |
GET |
/Error/GetLogFiles |
GetLogFiles retrieves recent log files, archives them, and returns a... |
Query & View Methods¶
| Type | Method | HTTP | URL | Summary |
|---|---|---|---|---|
| entrypoint | Error |
GET |
/Error/Error |
The method handles an HTTP GET request and stores parameters in TempData. |
| entrypoint | AccessDeniedProjLevel |
GET |
/Error/AccessDeniedProjLevel |
Set project ID indicators before returning the access denied view. |
| entrypoint | AccessDeniedAdminLevel |
GET |
/Error/AccessDeniedAdminLevel |
The method stores an access denial error message and returns the error view. |
Validation & Rules¶
| Type | Method | HTTP | URL | Summary |
|---|---|---|---|---|
| entrypoint | ErrorIndex |
GET |
/Error/ErrorIndex |
The method retrieves an unvalidated error path, sets TempData messages, and... |
| entrypoint | EventLogs |
GET |
/Error/EventLogs |
The method validates the 'days' parameter and builds a query to filter event... |
Workflow & Routing¶
| Type | Method | HTTP | URL | Summary |
|---|---|---|---|---|
| entrypoint | KillProcesses |
GET |
/Error/KillProcesses |
KillProcesses terminates all running processes starting with 'optimize' using... |
Other Methods¶
| Type | Method | HTTP | URL | Summary |
|---|---|---|---|---|
| entrypoint | ErrorPage |
`` | /Error/ErrorPage |
The ErrorPage method handles error display and user redirection. |
Associated Screens / Views¶
- ErrorIndex →
ErrorIndex(Andromeda.Web\Views\Error\ErrorIndex.cshtml)
Entrypoint Methods¶
ErrorIndex¶
Summary: The method retrieves an unvalidated error path, sets TempData messages, and returns an error view.
ActionResult ErrorController.ErrorIndex()
Routing
- HTTP:
GET - URL:
/Error/ErrorIndex
Cross-layer call chain - ErrorController.ErrorIndex → Andromeda.Core.LoggingManager.Info
Call Chain Diagram¶
flowchart TD
Andromeda_Core_LoggingManager_Info["Andromeda.Core.LoggingManager.Info"]
ErrorController_ErrorIndex["ErrorController.ErrorIndex"]
ErrorController_ErrorIndex --> Andromeda_Core_LoggingManager_Info
View Metadata
- View:
ErrorIndex(Andromeda.Web\Views\Error\ErrorIndex.cshtml) - Model:
System.Web.Mvc.HandleErrorInfo
Detailed Analysis
Key Flows - Summary: The method retrieves an unvalidated error path - sets TempData messages - and returns an error view. - Retrieve unvalidated 'aspxerrorpath' query string - Set TempData 'message' with access denied notification - Set TempData 'File' from TempData string conversion - Return ActionResult rendering error view with TempData
Security Issues - Summary: Disabling request validation exposes the application to XSS attacks. - Disabled request validation with ValidateInput(false) - Exposure to cross-site scripting (XSS) via unvalidated query input
Maintainability Issues - Summary: Using TempData for inter-request data passing reduces scalability and reliability. - Reliance on TempData for data passing between requests, Scalability challenges due to TempData usage, Reliability issues from TempData dependency
UX Impact Notes - Summary: Users receive an 'Access Denied' message and must refresh to access data. - Display 'Access Denied' message, Require page refresh to view data
Test Case Ideas - Summary: Verify ErrorIndex returns correct view and sets TempData values properly. - Return view with 'Access Denied' message - Set TempData 'message' value correctly - Set TempData 'File' value correctly
Dependencies & Called Services - Summary: Uses Convert and LoggingManager for data conversion and logging. - Data conversion via Convert - Logging via LoggingManager
Error¶
Summary: The method handles an HTTP GET request and stores parameters in TempData.
ActionResult ErrorController.Error(string message, string debug)
Routing
- HTTP:
GET - URL:
/Error/Error
Detailed Analysis
Key Flows - Summary: The method handles an HTTP GET request and stores parameters in TempData. - Invoke method via HTTP GET, Store parameters in TempData with specific keys
Security Issues - Summary: No security issues identified.
Maintainability Issues - Summary: Replace magic strings with constants to improve maintainability and reduce errors. - Magic strings for TempData keys, Magic string for view name
UX Impact Notes - Summary: Error page accessed via GET shows error messages and debug info to users. - Error page accessed via HTTP GET requests, Display error messages and debug information to users
Test Case Ideas - view return - Return of expected Error view
AccessDeniedProjLevel¶
Summary: Set project ID indicators before returning the access denied view.
ActionResult ErrorController.AccessDeniedProjLevel(string projId)
Routing
- HTTP:
GET - URL:
/Error/AccessDeniedProjLevel
Detailed Analysis
Key Flows - Summary: Set project ID indicators before returning the access denied view. - Set ViewBag.Owner with project ID - Set TempData["AccessDenied"] with project ID - Return 'Er' view
Error Flows - Summary: Handle invalid or missing project ID strings to prevent exceptions and incorrect defaults. - or whitespace project ID strings to 0 causing potential logic errors
Security Issues - Summary: No security issues identified in AccessDeniedProjLevel method.
Performance Issues - Summary: No performance issues identified in AccessDeniedProjLevel method.
Maintainability Issues - Summary: Method uses unclear naming and unexplained magic number, with incomplete condition affecting clarity. - Unclear method name unrelated to view and data setup
UX Impact Notes - Summary: Redirects user to an error view on access denial. - User redirected to error view
Test Case Ideas - Summary: Verify AccessDeniedProjLevel returns correct view and sets TempData and ViewBag properly. - Correct view 'Er' returned - TempData['AccessDenied'] set correctly - ViewBag.Owner set correctly
Dependencies & Called Services - Summary: Uses system utilities and interfaces for data conversion and processing. - Data conversion utilities, Enumeration handling, Enumerable collections, String manipulation - Process model interface
AccessDeniedAdminLevel¶
Summary: The method stores an access denial error message and returns the error view.
ActionResult ErrorController.AccessDeniedAdminLevel()
Routing
- HTTP:
GET - URL:
/Error/AccessDeniedAdminLevel
Cross-layer call chain - ErrorController.AccessDeniedAdminLevel → Andromeda.Core.Entities.Roles.GetUsersInRole
Call Chain Diagram¶
flowchart TD
Andromeda_Core_Entities_Roles_GetUsersInRole["Andromeda.Core.Entities.Roles.GetUsersInRole"]
ErrorController_AccessDeniedAdminLevel["ErrorController.AccessDeniedAdminLevel"]
ErrorController_AccessDeniedAdminLevel --> Andromeda_Core_Entities_Roles_GetUsersInRole
Detailed Analysis
Key Flows - Summary: The method stores an access denial error message and returns the error view. - Return 'ErrorInReturn' view to client
Security Issues - Summary: Storing the first admin user in ViewBag risks unauthorized information disclosure. - Information disclosure via ViewBag, Exposure of first admin user data to unauthorized users
Performance Issues - Summary: Using Roles.GetUsersInRole causes slow performance with large user bases. - Roles.GetUsersInRole slow with large user base
Maintainability Issues - Summary: Using a hardcoded role name reduces maintainability if the role changes. - Hardcoded 'Administrator' role name
UX Impact Notes - Summary: Users see an access denied error via the 'ErrorInReturn' view. - Display access denied error message - Redirect to 'ErrorInReturn' view
Test Case Ideas - Summary: Verify AccessDeniedAdminLevel handles GET requests - returns correct view - and sets error message. - Handle HTTP GET request - Return 'ErrorInReturn' view
Dependencies & Called Services - Summary: AccessDeniedAdminLevel depends on Roles for authorization checks. - Roles dependency for authorization
ErrorPage¶
Summary: The ErrorPage method handles error display and user redirection.
ActionResult ErrorController.ErrorPage()
Routing
- URL:
/Error/ErrorPage
Detailed Analysis
Key Flows - Summary: The ErrorPage method handles error display and user redirection. - Display error message - Redirect user on error
UX Impact Notes - Summary: Redirects users to a dedicated error page with error details and instructions. - User redirection to error page
Test Case Ideas - Summary: Verify ErrorPage returns correct error view for various error scenarios. - Handle various error types consistently - Return valid ActionResult
GetLogFiles¶
Summary: GetLogFiles retrieves recent log files, archives them, and returns a downloadable zip or error views if none found.
ActionResult ErrorController.GetLogFiles(int? days)
Routing
- HTTP:
GET - URL:
/Error/GetLogFiles
Cross-layer call chain - ErrorController.GetLogFiles → Andromeda.Core.LoggingManager.GetLogDirectoryPath - ErrorController.GetLogFiles → Andromeda.Core.LoggingManager.Info - ErrorController.GetLogFiles → Andromeda.Core.Utility.Compress.CreateZip - ErrorController.GetLogFiles → Andromeda.Core.LoggingManager.Error
Call Chain Diagram¶
flowchart TD
Andromeda_Core_LoggingManager_Error["Andromeda.Core.LoggingManager.Error"]
Andromeda_Core_LoggingManager_GetLogDirectoryPath["Andromeda.Core.LoggingManager.GetLogDirectoryPath"]
Andromeda_Core_LoggingManager_Info["Andromeda.Core.LoggingManager.Info"]
Andromeda_Core_Utility_Compress_CreateZip["Andromeda.Core.Utility.Compress.CreateZip"]
ErrorController_GetLogFiles["ErrorController.GetLogFiles"]
ErrorController_GetLogFiles --> Andromeda_Core_LoggingManager_Error
ErrorController_GetLogFiles --> Andromeda_Core_LoggingManager_GetLogDirectoryPath
ErrorController_GetLogFiles --> Andromeda_Core_LoggingManager_Info
ErrorController_GetLogFiles --> Andromeda_Core_Utility_Compress_CreateZip
Detailed Analysis
Key Flows - Summary: GetLogFiles retrieves recent log files - and returns a downloadable zip or error views if none found. - Retrieve log directory paths using valid 'days' parameter - Collect log files newer than calculated date - Copy files to temporary folder and create zip archive - Return zip file as downloadable response - Set error message and return error view if no log directories found - Set message and return view if no log files found after filtering
Error Flows - Summary: Handle zero paths with error view; log exceptions during directory ops; lack file copy error handling. - Return error view and log info if paths array is empty - Catch and log exceptions during directory creation and deletion - Potential unhandled exceptions due to incomplete error handling
Security Issues - validate file operations - ConfigurationManager.AppSettings exposes folder paths
Performance Issues - Summary: GetLogFiles suffers performance issues from inefficient file operations on large directories. - Slow DirectoryInfo.GetFiles on large directories, High memory use from large FileInfo lists, Inefficient file copying in loops, Performance impact from deleting large folders
Maintainability Issues - Summary: Code suffers from unclear snippets, misspellings, magic values, and undefined variables. - Incomplete or truncated code snippets, Misspelled class name 'ErrorControll' instead of 'ErrorController', Use of magic numbers and strings instead of named constants, Hardcoded configuration keys and folder paths, Use of potentially undefined or incomplete variables like 'z'
UX Impact Notes - Summary: Provide clear user messages and consistent error handling for log file requests. - Clear TempData messages for missing log files or paths
Test Case Ideas - Summary: Validate log file retrieval - No log directory paths returned - Correct log date calculation by 'days' - Empty log files list after date filtering - Return File response if zip exists - Error messages set in TempData - Error view 'Er' returned on failure
Dependencies & Called Services - Summary: GetLogFiles uses file system and compression services to manage log files. - File system access via Directory and File classes, Directory information handling with DirectoryInfo, File compression using Compress, Date and time management with DateTime, Collection handling with List and Enumerable, String manipulation - Logging operations via LoggingManager
KillProcesses¶
Summary: KillProcesses terminates all running processes starting with 'optimize' using AsyncProcessManager or direct kill, then clears process details and returns a view.
ActionResult ErrorController.KillProcesses()
Routing
- HTTP:
GET - URL:
/Error/KillProcesses
Cross-layer call chain - ErrorController.KillProcesses → Andromeda.Core.Services.AsyncProcessManager.KillProcess - ErrorController.KillProcesses → Andromeda.Core.LoggingManager.Info - Andromeda.Core.Services.AsyncProcessManager.KillProcess → Andromeda.Core.Services.ScheduleOptimizer.Dispose - Andromeda.Core.Services.AsyncProcessManager.KillProcess → Andromeda.Core.Algorithm.SchedulerAlgorithm.Dispose - Andromeda.Core.Services.AsyncProcessManager.KillProcess → Andromeda.Core.Services.SignalRMsg.SendMessage
Call Chain Diagram¶
flowchart TD
Andromeda_Core_Algorithm_SchedulerAlgorithm_Dispose["Andromeda.Core.Algorithm.SchedulerAlgorithm.Dispose"]
Andromeda_Core_LoggingManager_Info["Andromeda.Core.LoggingManager.Info"]
Andromeda_Core_Services_AsyncProcessManager_KillProcess["Andromeda.Core.Services.AsyncProcessManager.KillProcess"]
Andromeda_Core_Services_ScheduleOptimizer_Dispose["Andromeda.Core.Services.ScheduleOptimizer.Dispose"]
Andromeda_Core_Services_SignalRMsg_SendMessage["Andromeda.Core.Services.SignalRMsg.SendMessage"]
ErrorController_KillProcesses["ErrorController.KillProcesses"]
Andromeda_Core_Services_AsyncProcessManager_KillProcess --> Andromeda_Core_Algorithm_SchedulerAlgorithm_Dispose
Andromeda_Core_Services_AsyncProcessManager_KillProcess --> Andromeda_Core_Services_ScheduleOptimizer_Dispose
Andromeda_Core_Services_AsyncProcessManager_KillProcess --> Andromeda_Core_Services_SignalRMsg_SendMessage
ErrorController_KillProcesses --> Andromeda_Core_LoggingManager_Info
ErrorController_KillProcesses --> Andromeda_Core_Services_AsyncProcessManager_KillProcess
Detailed Analysis
Key Flows - then clears process details and returns a view. - Return view to complete HTTP GET
Error Flows - causing unhandled errors during process operations. - No exception handling in process retrieval, No exception handling in process termination
Security Issues - Summary: Unvalidated process IDs allow arbitrary process termination causing denial-of-service. - Unvalidated process IDs
Performance Issues - Summary: Killing processes repeatedly and searching large collections degrade performance. - Resource-intensive retrieval of all running processes, Inefficient use of FirstOrDefault on large collections, Blocking KillProcess calls causing performance bottlenecks in loops
Maintainability Issues - Summary: Hardcoded strings and unclear naming reduce code maintainability. - Hardcoded magic strings for process filtering, Lack of comments, Unclear variable naming
UX Impact Notes - Summary: Notify user when optimization processes are terminated, avoiding unexpected critical process stops. - User notification on process termination, Risk of negative impact from stopping critical processes
Test Case Ideas - clears processes correctly and handles edge cases. - Complete method without errors and return expected view - Handle empty running process list - Process large number of processes efficiently
Dependencies & Called Services - Summary: KillProcesses uses process management, logging, and collection utilities. - AsyncProcessManager for asynchronous process control, Enumerable and List for collection management, String for text manipulation - LoggingManager for logging operations - Process for system process handling
EventLogs¶
Summary: The method validates the 'days' parameter and builds a query to filter event logs by level and time range.
FileStreamResult ErrorController.EventLogs(int? days, int? level)
Routing
- HTTP:
GET - URL:
/Error/EventLogs
Detailed Analysis
Key Flows - Summary: The method validates the 'days' parameter and builds a query to filter event logs by level and time range. - Construct query string with level and days for filtering event logs - Validate 'days' parameter within threshold
Error Flows - Summary: Catch exceptions during EventLogReader creation or event reading and log generic error messages. - Exception handling in EventLogReader creation
Security Issues - Summary: Sanitize inputs and handle encoding to prevent SQL injection and data corruption. - SQL injection risk from unsanitized 'levelString' in query construction, Incorrect handling of non-ASCII characters using ASCII encoding, Syntax errors causing unpredictable behavior and security risks
Performance Issues - Summary: Optimize frequent DateTime calls, object creation, string appending, and memory allocations. - Multiple EventLogQuery objects created in loops
Maintainability Issues - Summary: The method's incomplete code, hardcoded paths, and mixed responsibilities reduce maintainability. - Hardcoded log file paths
UX Impact Notes - Summary: Users receive unexpected XML files and face generic error messages causing frustration. - Unexpected XML file response, Generic error messages lacking detail, User frustration from unclear feedback
Test Case Ideas - Summary: Verify EventLogs method returns correct file response with accurate query - FileStreamResult return type correctness - Performance with large event log volumes - Creation of EventLogQuery objects per log path - Returned file MIME type and content encoding accuracy
Dependencies & Called Services - Summary: Uses event log classes to read and process encoded event records with timestamps. - EventLogReader to read event logs - EventRecord to represent log entries