#2177 fix issues in dcm

DavidBlaa · DavidBlaa · commit 41583dc240b0 · 2025-08-29T09:25:49.000+02:00
diff --git a/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/BExIS.Modules.Dcm.UI.csproj b/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/BExIS.Modules.Dcm.UI.csproj
@@ -72,8 +72,6 @@
     <Compile Include="Controllers\Legacy\ImportMetadataStructureSetParametersController.cs" />
     <Compile Include="Controllers\Legacy\ImportMetadataStructureSummaryController.cs" />
     <Compile Include="Controllers\Legacy\ManageMetadataStructureController.cs" />
-    <Compile Include="Controllers\Legacy\PushController.cs" />
-    <Compile Include="Controllers\Legacy\OldSubmitController.cs" />
     <Compile Include="Controllers\Hooks\MetadataController.cs" />
     <Compile Include="Controllers\API\LinkController.cs" />
     <Compile Include="Controllers\Views\MessagesController.cs" />
diff --git a/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/CreateController.cs b/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/CreateController.cs
@@ -244,6 +244,7 @@ public JsonResult Get(long id)
 
         [JsonNetFilter]
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public JsonResult Create(CreateModel data)
         {
             if (data == null) return Json(false);
diff --git a/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/EntityTemplatesController.cs b/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/EntityTemplatesController.cs
@@ -77,6 +77,7 @@ public JsonResult Delete(long id)
 
         [JsonNetFilter]
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public JsonResult Update(EntityTemplateModel entityTemplate)
         {
             using (var entityTemplateManager = new EntityTemplateManager())
diff --git a/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/FormController.cs b/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/FormController.cs
@@ -2764,6 +2764,7 @@ private string storeGeneratedFilePathToContentDiscriptor(long datasetId, Dataset
         /// Is called when the user write a letter in Autocomplete User Component
         /// </summary>
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public ActionResult _AutoCompleteAjaxLoading(string text, long id, string type)
         {
             // if mapping with etities exits
@@ -3238,6 +3239,7 @@ private void validationAgainstJsonSchema()
 
         //XX number of index des values nötig
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public ActionResult ValidateMetadataAttributeUsage(string value, int id, int parentid, string parentname, int number, int parentModelNumber, int parentStepId, long entityId)
         {
             //delete all white spaces from start and end
@@ -3327,6 +3329,7 @@ public ActionResult ValidateMetadataAttributeUsage(string value, int id, int par
         }
 
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public ActionResult ValidateMetadataParameterUsage(string value, int id, long attrUsageId, int number, int parentModelNumber, int parentStepId, long entityId)
         {
             //delete all white spaces from start and end
diff --git a/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/Hooks/AttachmentUploadController.cs b/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/Hooks/AttachmentUploadController.cs
@@ -89,6 +89,7 @@ public JsonResult Load(long id, int version)
         }
 
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public JsonResult Upload(long id)
         {
             // load edit dataset cache
@@ -160,6 +161,7 @@ public JsonResult Upload(long id)
         }
 
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public JsonResult RemoveFile(long id, BExIS.UI.Hooks.Caches.FileInfo file)
         {
             // load edit dataset cache
@@ -224,6 +226,7 @@ public JsonResult RemoveFile(long id, BExIS.UI.Hooks.Caches.FileInfo file)
         }
 
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public JsonResult SaveFileDescription(long id, BExIS.UI.Hooks.Caches.FileInfo file, string description)
         {
             HookManager hookManager = new HookManager();
diff --git a/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/Hooks/DataController.cs b/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/Hooks/DataController.cs
@@ -106,6 +106,7 @@ public JsonResult Load(long id, int version)
         }
 
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public JsonResult RemoveFile(long id, FileInfo file)
         {
             // remove file from server
@@ -141,6 +142,7 @@ public JsonResult RemoveFile(long id, FileInfo file)
         /// <param name="file"></param>
         /// <returns></returns>
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public JsonResult RevertFile(long id, FileInfo file)
         {
             // remove file from server
@@ -184,6 +186,7 @@ public JsonResult RevertFile(long id, FileInfo file)
         /// <returns></returns>
         /// <exception cref="Exception"></exception>
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public JsonResult SaveFileDescription(long id, BExIS.UI.Hooks.Caches.FileInfo file)
         {
             // remove file from cache
diff --git a/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/Hooks/EntityReferenceController.cs b/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/Hooks/EntityReferenceController.cs
@@ -102,6 +102,7 @@ public ActionResult Create(long sourceId, long sourceTypeId)
         }
 
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public ActionResult Create(CreateSimpleReferenceModel model)
         {
             EntityReferenceHelper helper = new EntityReferenceHelper();
@@ -169,6 +170,7 @@ public JsonResult GetTargetVersions(long id, long type)
         /// <returns></returns>
 
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public JsonResult Delete(long id)
         {
             if (id == 0) return Json(false);
diff --git a/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/Hooks/FileUploadController.cs b/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/Hooks/FileUploadController.cs
@@ -136,6 +136,7 @@ public JsonResult Load(long id, int version)
         }
 
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public JsonResult Upload(long id)
         {
             HookManager hookManager = new HookManager();
@@ -200,6 +201,7 @@ public JsonResult Upload(long id)
         }
 
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public JsonResult RemoveFile(long id, BExIS.UI.Hooks.Caches.FileInfo file)
         {
             // remove file from server
@@ -227,6 +229,7 @@ public JsonResult RemoveFile(long id, BExIS.UI.Hooks.Caches.FileInfo file)
         }
 
         [HttpPost]
+        [ValidateAntiForgeryTokenOnPost]
         public JsonResult SaveFileDescription(long id, BExIS.UI.Hooks.Caches.FileInfo file, string description)
         {
             // remove file from cache
diff --git a/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/Legacy/OldSubmitController.cs b/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/Legacy/OldSubmitController.cs
diff --git a/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/Legacy/PushController.cs b/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Controllers/Legacy/PushController.cs
diff --git a/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Views/Form/MetadataEditor.cshtml b/Console/BExIS.Web.Shell/Areas/DCM/BExIS.Modules.Dcm.UI/Views/Form/MetadataEditor.cshtml

Original file line number	Diff line number	Diff line change
`@@ -244,6 +244,7 @@ public JsonResult Get(long id)`
`244`	`244`
`245`	`245`	`[JsonNetFilter]`
`246`	`246`	`[HttpPost]`
	`247`	`+ [ValidateAntiForgeryTokenOnPost]`
`247`	`248`	`public JsonResult Create(CreateModel data)`
`248`	`249`	`{`
`249`	`250`	`if (data == null) return Json(false);`
Original file line number	Diff line number	Diff line change
`@@ -77,6 +77,7 @@ public JsonResult Delete(long id)`
`77`	`77`
`78`	`78`	`[JsonNetFilter]`
`79`	`79`	`[HttpPost]`
	`80`	`+ [ValidateAntiForgeryTokenOnPost]`
`80`	`81`	`public JsonResult Update(EntityTemplateModel entityTemplate)`
`81`	`82`	`{`
`82`	`83`	`using (var entityTemplateManager = new EntityTemplateManager())`
Original file line number	Diff line number	Diff line change
`@@ -2764,6 +2764,7 @@ private string storeGeneratedFilePathToContentDiscriptor(long datasetId, Dataset`
`2764`	`2764`	`/// Is called when the user write a letter in Autocomplete User Component`
`2765`	`2765`	`/// </summary>`
`2766`	`2766`	`[HttpPost]`
	`2767`	`+ [ValidateAntiForgeryTokenOnPost]`
`2767`	`2768`	`public ActionResult _AutoCompleteAjaxLoading(string text, long id, string type)`
`2768`	`2769`	`{`
`2769`	`2770`	`// if mapping with etities exits`
`@@ -3238,6 +3239,7 @@ private void validationAgainstJsonSchema()`
`3238`	`3239`
`3239`	`3240`	`//XX number of index des values nötig`
`3240`	`3241`	`[HttpPost]`
	`3242`	`+ [ValidateAntiForgeryTokenOnPost]`
`3241`	`3243`	`public ActionResult ValidateMetadataAttributeUsage(string value, int id, int parentid, string parentname, int number, int parentModelNumber, int parentStepId, long entityId)`
`3242`	`3244`	`{`
`3243`	`3245`	`//delete all white spaces from start and end`
`@@ -3327,6 +3329,7 @@ public ActionResult ValidateMetadataAttributeUsage(string value, int id, int par`
`3327`	`3329`	`}`
`3328`	`3330`
`3329`	`3331`	`[HttpPost]`
	`3332`	`+ [ValidateAntiForgeryTokenOnPost]`
`3330`	`3333`	`public ActionResult ValidateMetadataParameterUsage(string value, int id, long attrUsageId, int number, int parentModelNumber, int parentStepId, long entityId)`
`3331`	`3334`	`{`
`3332`	`3335`	`//delete all white spaces from start and end`
Original file line number	Diff line number	Diff line change
`@@ -89,6 +89,7 @@ public JsonResult Load(long id, int version)`
`89`	`89`	`}`
`90`	`90`
`91`	`91`	`[HttpPost]`
	`92`	`+ [ValidateAntiForgeryTokenOnPost]`
`92`	`93`	`public JsonResult Upload(long id)`
`93`	`94`	`{`
`94`	`95`	`// load edit dataset cache`
`@@ -160,6 +161,7 @@ public JsonResult Upload(long id)`
`160`	`161`	`}`
`161`	`162`
`162`	`163`	`[HttpPost]`
	`164`	`+ [ValidateAntiForgeryTokenOnPost]`
`163`	`165`	`public JsonResult RemoveFile(long id, BExIS.UI.Hooks.Caches.FileInfo file)`
`164`	`166`	`{`
`165`	`167`	`// load edit dataset cache`
`@@ -224,6 +226,7 @@ public JsonResult RemoveFile(long id, BExIS.UI.Hooks.Caches.FileInfo file)`
`224`	`226`	`}`
`225`	`227`
`226`	`228`	`[HttpPost]`
	`229`	`+ [ValidateAntiForgeryTokenOnPost]`
`227`	`230`	`public JsonResult SaveFileDescription(long id, BExIS.UI.Hooks.Caches.FileInfo file, string description)`
`228`	`231`	`{`
`229`	`232`	`HookManager hookManager = new HookManager();`
Original file line number	Diff line number	Diff line change
`@@ -106,6 +106,7 @@ public JsonResult Load(long id, int version)`
`106`	`106`	`}`
`107`	`107`
`108`	`108`	`[HttpPost]`
	`109`	`+ [ValidateAntiForgeryTokenOnPost]`
`109`	`110`	`public JsonResult RemoveFile(long id, FileInfo file)`
`110`	`111`	`{`
`111`	`112`	`// remove file from server`
`@@ -141,6 +142,7 @@ public JsonResult RemoveFile(long id, FileInfo file)`
`141`	`142`	`/// <param name="file"></param>`
`142`	`143`	`/// <returns></returns>`
`143`	`144`	`[HttpPost]`
	`145`	`+ [ValidateAntiForgeryTokenOnPost]`
`144`	`146`	`public JsonResult RevertFile(long id, FileInfo file)`
`145`	`147`	`{`
`146`	`148`	`// remove file from server`
`@@ -184,6 +186,7 @@ public JsonResult RevertFile(long id, FileInfo file)`
`184`	`186`	`/// <returns></returns>`
`185`	`187`	`/// <exception cref="Exception"></exception>`
`186`	`188`	`[HttpPost]`
	`189`	`+ [ValidateAntiForgeryTokenOnPost]`
`187`	`190`	`public JsonResult SaveFileDescription(long id, BExIS.UI.Hooks.Caches.FileInfo file)`
`188`	`191`	`{`
`189`	`192`	`// remove file from cache`
Original file line number	Diff line number	Diff line change
`@@ -102,6 +102,7 @@ public ActionResult Create(long sourceId, long sourceTypeId)`
`102`	`102`	`}`
`103`	`103`
`104`	`104`	`[HttpPost]`
	`105`	`+ [ValidateAntiForgeryTokenOnPost]`
`105`	`106`	`public ActionResult Create(CreateSimpleReferenceModel model)`
`106`	`107`	`{`
`107`	`108`	`EntityReferenceHelper helper = new EntityReferenceHelper();`
`@@ -169,6 +170,7 @@ public JsonResult GetTargetVersions(long id, long type)`
`169`	`170`	`/// <returns></returns>`
`170`	`171`
`171`	`172`	`[HttpPost]`
	`173`	`+ [ValidateAntiForgeryTokenOnPost]`
`172`	`174`	`public JsonResult Delete(long id)`
`173`	`175`	`{`
`174`	`176`	`if (id == 0) return Json(false);`
Original file line number	Diff line number	Diff line change
`@@ -136,6 +136,7 @@ public JsonResult Load(long id, int version)`
`136`	`136`	`}`
`137`	`137`
`138`	`138`	`[HttpPost]`
	`139`	`+ [ValidateAntiForgeryTokenOnPost]`
`139`	`140`	`public JsonResult Upload(long id)`
`140`	`141`	`{`
`141`	`142`	`HookManager hookManager = new HookManager();`
`@@ -200,6 +201,7 @@ public JsonResult Upload(long id)`
`200`	`201`	`}`
`201`	`202`
`202`	`203`	`[HttpPost]`
	`204`	`+ [ValidateAntiForgeryTokenOnPost]`
`203`	`205`	`public JsonResult RemoveFile(long id, BExIS.UI.Hooks.Caches.FileInfo file)`
`204`	`206`	`{`
`205`	`207`	`// remove file from server`
`@@ -227,6 +229,7 @@ public JsonResult RemoveFile(long id, BExIS.UI.Hooks.Caches.FileInfo file)`
`227`	`229`	`}`
`228`	`230`
`229`	`231`	`[HttpPost]`
	`232`	`+ [ValidateAntiForgeryTokenOnPost]`
`230`	`233`	`public JsonResult SaveFileDescription(long id, BExIS.UI.Hooks.Caches.FileInfo file, string description)`
`231`	`234`	`{`
`232`	`235`	`// remove file from cache`