2019-06-20 10:55:24 +02:00
|
|
|
|
/*
|
2024-03-05 18:37:42 +01:00
|
|
|
|
* Copyright (c) 2024 ETH Zürich, IT Services
|
2019-06-20 10:55:24 +02:00
|
|
|
|
*
|
|
|
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
|
*/
|
|
|
|
|
|
2019-06-26 10:13:11 +02:00
|
|
|
|
using System;
|
2020-05-20 12:03:54 +02:00
|
|
|
|
using System.Collections.Generic;
|
2019-08-30 09:55:26 +02:00
|
|
|
|
using SafeExamBrowser.Core.Contracts.OperationModel;
|
|
|
|
|
using SafeExamBrowser.Lockdown.Contracts;
|
|
|
|
|
using SafeExamBrowser.Logging.Contracts;
|
2019-06-20 10:55:24 +02:00
|
|
|
|
|
|
|
|
|
namespace SafeExamBrowser.Service.Operations
|
|
|
|
|
{
|
|
|
|
|
internal class LockdownOperation : SessionOperation
|
|
|
|
|
{
|
2022-07-26 15:10:48 +02:00
|
|
|
|
private readonly IFeatureConfigurationBackup backup;
|
|
|
|
|
private readonly IFeatureConfigurationFactory factory;
|
|
|
|
|
private readonly IFeatureConfigurationMonitor monitor;
|
|
|
|
|
private readonly ILogger logger;
|
|
|
|
|
|
2019-06-26 10:13:11 +02:00
|
|
|
|
private Guid groupId;
|
2019-06-20 10:55:24 +02:00
|
|
|
|
|
2019-06-21 15:05:31 +02:00
|
|
|
|
public LockdownOperation(
|
|
|
|
|
IFeatureConfigurationBackup backup,
|
|
|
|
|
IFeatureConfigurationFactory factory,
|
2019-07-05 12:28:42 +02:00
|
|
|
|
IFeatureConfigurationMonitor monitor,
|
2019-06-21 15:05:31 +02:00
|
|
|
|
ILogger logger,
|
|
|
|
|
SessionContext sessionContext) : base(sessionContext)
|
2019-06-20 10:55:24 +02:00
|
|
|
|
{
|
2019-06-21 15:05:31 +02:00
|
|
|
|
this.backup = backup;
|
|
|
|
|
this.factory = factory;
|
2019-07-05 12:28:42 +02:00
|
|
|
|
this.monitor = monitor;
|
2019-06-20 10:55:24 +02:00
|
|
|
|
this.logger = logger;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public override OperationResult Perform()
|
|
|
|
|
{
|
2019-06-26 10:13:11 +02:00
|
|
|
|
groupId = Guid.NewGuid();
|
2019-06-27 08:32:37 +02:00
|
|
|
|
|
|
|
|
|
var success = true;
|
2019-07-02 10:35:40 +02:00
|
|
|
|
var sid = Context.Configuration.UserSid;
|
|
|
|
|
var userName = Context.Configuration.UserName;
|
2020-05-20 12:03:54 +02:00
|
|
|
|
var configurations = new List<(IFeatureConfiguration, bool)>
|
2019-06-27 08:32:37 +02:00
|
|
|
|
{
|
2019-07-03 08:59:27 +02:00
|
|
|
|
(factory.CreateChangePasswordConfiguration(groupId, sid, userName), Context.Configuration.Settings.Service.DisablePasswordChange),
|
2019-07-02 10:35:40 +02:00
|
|
|
|
(factory.CreateChromeNotificationConfiguration(groupId, sid, userName), Context.Configuration.Settings.Service.DisableChromeNotifications),
|
2019-06-27 08:32:37 +02:00
|
|
|
|
(factory.CreateEaseOfAccessConfiguration(groupId), Context.Configuration.Settings.Service.DisableEaseOfAccessOptions),
|
2022-07-26 15:10:48 +02:00
|
|
|
|
(factory.CreateFindPrinterConfiguration(groupId, sid, userName), Context.Configuration.Settings.Service.DisableFindPrinter),
|
2019-07-03 08:59:27 +02:00
|
|
|
|
(factory.CreateLockWorkstationConfiguration(groupId, sid, userName), Context.Configuration.Settings.Service.DisableUserLock),
|
2019-08-13 08:29:48 +02:00
|
|
|
|
(factory.CreateMachinePowerOptionsConfiguration(groupId), Context.Configuration.Settings.Service.DisablePowerOptions),
|
2019-06-27 08:32:37 +02:00
|
|
|
|
(factory.CreateNetworkOptionsConfiguration(groupId), Context.Configuration.Settings.Service.DisableNetworkOptions),
|
|
|
|
|
(factory.CreateRemoteConnectionConfiguration(groupId), Context.Configuration.Settings.Service.DisableRemoteConnections),
|
2019-07-03 08:59:27 +02:00
|
|
|
|
(factory.CreateSignoutConfiguration(groupId, sid, userName), Context.Configuration.Settings.Service.DisableSignout),
|
|
|
|
|
(factory.CreateSwitchUserConfiguration(groupId), Context.Configuration.Settings.Service.DisableUserSwitch),
|
|
|
|
|
(factory.CreateTaskManagerConfiguration(groupId, sid, userName), Context.Configuration.Settings.Service.DisableTaskManager),
|
2019-08-13 08:29:48 +02:00
|
|
|
|
(factory.CreateUserPowerOptionsConfiguration(groupId, sid, userName), Context.Configuration.Settings.Service.DisablePowerOptions),
|
2019-06-27 08:32:37 +02:00
|
|
|
|
(factory.CreateWindowsUpdateConfiguration(groupId), Context.Configuration.Settings.Service.DisableWindowsUpdate)
|
|
|
|
|
};
|
|
|
|
|
|
2020-05-20 12:03:54 +02:00
|
|
|
|
if (Context.Configuration.Settings.Service.SetVmwareConfiguration)
|
|
|
|
|
{
|
|
|
|
|
configurations.Add((factory.CreateVmwareOverlayConfiguration(groupId, sid, userName), Context.Configuration.Settings.Service.DisableVmwareOverlay));
|
|
|
|
|
}
|
|
|
|
|
|
2019-06-26 10:13:11 +02:00
|
|
|
|
logger.Info($"Attempting to perform lockdown (feature configuration group: {groupId})...");
|
|
|
|
|
|
2019-06-27 08:32:37 +02:00
|
|
|
|
foreach (var (configuration, disable) in configurations)
|
|
|
|
|
{
|
2019-07-05 12:28:42 +02:00
|
|
|
|
success &= TrySet(configuration, disable);
|
2019-06-27 08:32:37 +02:00
|
|
|
|
|
|
|
|
|
if (!success)
|
|
|
|
|
{
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (success)
|
|
|
|
|
{
|
2019-07-05 12:28:42 +02:00
|
|
|
|
monitor.Start();
|
2019-06-27 08:32:37 +02:00
|
|
|
|
logger.Info("Lockdown successful.");
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
logger.Error("Lockdown was not successful!");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return success ? OperationResult.Success : OperationResult.Failed;
|
2019-06-20 10:55:24 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public override OperationResult Revert()
|
|
|
|
|
{
|
2019-06-26 10:13:11 +02:00
|
|
|
|
logger.Info($"Attempting to revert lockdown (feature configuration group: {groupId})...");
|
|
|
|
|
|
|
|
|
|
var configurations = backup.GetBy(groupId);
|
2019-06-27 08:32:37 +02:00
|
|
|
|
var success = true;
|
2019-06-21 15:05:31 +02:00
|
|
|
|
|
2019-07-05 12:28:42 +02:00
|
|
|
|
monitor.Reset();
|
|
|
|
|
|
2019-06-21 15:05:31 +02:00
|
|
|
|
foreach (var configuration in configurations)
|
|
|
|
|
{
|
2019-07-05 12:28:42 +02:00
|
|
|
|
success &= TryRestore(configuration);
|
2019-06-21 15:05:31 +02:00
|
|
|
|
}
|
|
|
|
|
|
2019-06-27 08:32:37 +02:00
|
|
|
|
if (success)
|
|
|
|
|
{
|
|
|
|
|
logger.Info("Lockdown reversion successful.");
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
logger.Warn("Lockdown reversion was not successful!");
|
|
|
|
|
}
|
2019-06-26 10:13:11 +02:00
|
|
|
|
|
2019-06-27 08:32:37 +02:00
|
|
|
|
return success ? OperationResult.Success : OperationResult.Failed;
|
2019-06-20 10:55:24 +02:00
|
|
|
|
}
|
2019-06-21 15:05:31 +02:00
|
|
|
|
|
2019-07-05 12:28:42 +02:00
|
|
|
|
private bool TryRestore(IFeatureConfiguration configuration)
|
|
|
|
|
{
|
|
|
|
|
var success = configuration.Restore();
|
|
|
|
|
|
|
|
|
|
if (success)
|
|
|
|
|
{
|
|
|
|
|
backup.Delete(configuration);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
logger.Error($"Failed to restore {configuration}!");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return success;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private bool TrySet(IFeatureConfiguration configuration, bool disable)
|
2019-06-21 15:05:31 +02:00
|
|
|
|
{
|
2019-06-27 08:32:37 +02:00
|
|
|
|
var success = false;
|
2019-07-05 12:28:42 +02:00
|
|
|
|
var status = FeatureConfigurationStatus.Undefined;
|
2019-06-27 08:32:37 +02:00
|
|
|
|
|
2019-07-02 10:35:40 +02:00
|
|
|
|
configuration.Initialize();
|
2019-06-21 15:05:31 +02:00
|
|
|
|
backup.Save(configuration);
|
|
|
|
|
|
|
|
|
|
if (disable)
|
|
|
|
|
{
|
2019-06-27 08:32:37 +02:00
|
|
|
|
success = configuration.DisableFeature();
|
2019-07-05 12:28:42 +02:00
|
|
|
|
status = FeatureConfigurationStatus.Disabled;
|
2019-06-27 08:32:37 +02:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
success = configuration.EnableFeature();
|
2019-07-05 12:28:42 +02:00
|
|
|
|
status = FeatureConfigurationStatus.Enabled;
|
2019-06-27 08:32:37 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (success)
|
|
|
|
|
{
|
2019-07-05 12:28:42 +02:00
|
|
|
|
monitor.Observe(configuration, status);
|
2019-06-21 15:05:31 +02:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2019-06-27 08:32:37 +02:00
|
|
|
|
logger.Error($"Failed to configure {configuration}!");
|
2019-06-21 15:05:31 +02:00
|
|
|
|
}
|
|
|
|
|
|
2019-06-27 08:32:37 +02:00
|
|
|
|
return success;
|
2019-06-21 15:05:31 +02:00
|
|
|
|
}
|
2019-06-20 10:55:24 +02:00
|
|
|
|
}
|
|
|
|
|
}
|