From 07bb78e6375b684be56f9cdc3107cd727b8614b8 Mon Sep 17 00:00:00 2001 From: dbuechel Date: Tue, 25 Feb 2020 10:41:55 +0100 Subject: [PATCH] SEBWIN-363, SEBWIN-357: Ensured session is retained when loading a configuration from a server which requires authentication and introduced new flag to determine whether a reconfiguration is allowed or not. Also fixed session persistence when using delete cookies settings. --- SafeExamBrowser.Browser/BrowserApplication.cs | 2 +- .../ClientControllerTests.cs | 6 +++--- SafeExamBrowser.Client/ClientController.cs | 4 ++-- .../ConfigurationData/DataProcessorTests.cs | 16 ++++++++++++++++ .../ConfigurationData/DataProcessor.cs | 6 ++++++ .../ConfigurationData/DataValues.cs | 1 + .../Operations/ConfigurationOperationTests.cs | 13 ++++++++----- .../RuntimeControllerTests.cs | 5 +++-- .../Operations/ConfigurationOperation.cs | 6 +++++- SafeExamBrowser.Runtime/RuntimeController.cs | 7 ++----- .../Security/SecuritySettings.cs | 5 +++++ 11 files changed, 52 insertions(+), 19 deletions(-) diff --git a/SafeExamBrowser.Browser/BrowserApplication.cs b/SafeExamBrowser.Browser/BrowserApplication.cs index f17c2251..cd1b8505 100644 --- a/SafeExamBrowser.Browser/BrowserApplication.cs +++ b/SafeExamBrowser.Browser/BrowserApplication.cs @@ -213,7 +213,7 @@ namespace SafeExamBrowser.Browser cefSettings.CefCommandLineArgs.Add("touch-events", "enabled"); cefSettings.LogFile = appConfig.BrowserLogFilePath; cefSettings.LogSeverity = error ? LogSeverity.Error : (warning ? LogSeverity.Warning : LogSeverity.Info); - cefSettings.PersistSessionCookies = !settings.DeleteCookiesOnShutdown; + cefSettings.PersistSessionCookies = !settings.DeleteCookiesOnStartup || !settings.DeleteCookiesOnShutdown; cefSettings.UserAgent = InitializeUserAgent(); if (!settings.AllowPdfReader) diff --git a/SafeExamBrowser.Client.UnitTests/ClientControllerTests.cs b/SafeExamBrowser.Client.UnitTests/ClientControllerTests.cs index 8fb54a5c..420114d0 100644 --- a/SafeExamBrowser.Client.UnitTests/ClientControllerTests.cs +++ b/SafeExamBrowser.Client.UnitTests/ClientControllerTests.cs @@ -626,7 +626,7 @@ namespace SafeExamBrowser.Client.UnitTests var args = new DownloadEventArgs(); appConfig.TemporaryDirectory = @"C:\Folder\Does\Not\Exist"; - settings.ConfigurationMode = ConfigurationMode.ConfigureClient; + settings.Security.AllowReconfiguration = true; messageBox.Setup(m => m.Show( It.IsAny(), It.IsAny(), @@ -653,7 +653,7 @@ namespace SafeExamBrowser.Client.UnitTests var args = new DownloadEventArgs(); appConfig.TemporaryDirectory = @"C:\Folder\Does\Not\Exist"; - settings.ConfigurationMode = ConfigurationMode.ConfigureClient; + settings.Security.AllowReconfiguration = true; messageBox.Setup(m => m.Show( It.IsAny(), It.IsAny(), @@ -677,7 +677,7 @@ namespace SafeExamBrowser.Client.UnitTests var args = new DownloadEventArgs(); appConfig.TemporaryDirectory = @"C:\Folder\Does\Not\Exist"; - settings.ConfigurationMode = ConfigurationMode.ConfigureClient; + settings.Security.AllowReconfiguration = true; messageBox.Setup(m => m.Show( It.IsAny(), It.IsAny(), diff --git a/SafeExamBrowser.Client/ClientController.cs b/SafeExamBrowser.Client/ClientController.cs index 380c083e..fe391ee9 100644 --- a/SafeExamBrowser.Client/ClientController.cs +++ b/SafeExamBrowser.Client/ClientController.cs @@ -337,7 +337,7 @@ namespace SafeExamBrowser.Client private void Browser_ConfigurationDownloadRequested(string fileName, DownloadEventArgs args) { - if (Settings.ConfigurationMode == ConfigurationMode.ConfigureClient) + if (Settings.Security.AllowReconfiguration) { args.AllowDownload = true; args.Callback = Browser_ConfigurationDownloadFinished; @@ -353,7 +353,7 @@ namespace SafeExamBrowser.Client else { args.AllowDownload = false; - logger.Info($"Denied download request for configuration file '{fileName}' due to '{Settings.ConfigurationMode}' mode."); + logger.Info($"Denied download request for configuration file '{fileName}'."); } } diff --git a/SafeExamBrowser.Configuration.UnitTests/ConfigurationData/DataProcessorTests.cs b/SafeExamBrowser.Configuration.UnitTests/ConfigurationData/DataProcessorTests.cs index 3a996fff..c56ac47f 100644 --- a/SafeExamBrowser.Configuration.UnitTests/ConfigurationData/DataProcessorTests.cs +++ b/SafeExamBrowser.Configuration.UnitTests/ConfigurationData/DataProcessorTests.cs @@ -26,6 +26,22 @@ namespace SafeExamBrowser.Configuration.UnitTests.ConfigurationData sut = new DataProcessor(); } + [TestMethod] + public void MustAllowReconfigurationAccordingToMode() + { + var settings1 = new AppSettings { ConfigurationMode = ConfigurationMode.ConfigureClient }; + var settings2 = new AppSettings { ConfigurationMode = ConfigurationMode.Exam }; + + settings1.Security.AllowReconfiguration = false; + settings2.Security.AllowReconfiguration = true; + + sut.Process(new Dictionary(), settings1); + sut.Process(new Dictionary(), settings2); + + Assert.IsTrue(settings1.Security.AllowReconfiguration); + Assert.IsFalse(settings2.Security.AllowReconfiguration); + } + [TestMethod] public void MustCalculateCorrectConfigurationKey() { diff --git a/SafeExamBrowser.Configuration/ConfigurationData/DataProcessor.cs b/SafeExamBrowser.Configuration/ConfigurationData/DataProcessor.cs index 3c72d11b..a0c9df35 100644 --- a/SafeExamBrowser.Configuration/ConfigurationData/DataProcessor.cs +++ b/SafeExamBrowser.Configuration/ConfigurationData/DataProcessor.cs @@ -20,9 +20,15 @@ namespace SafeExamBrowser.Configuration.ConfigurationData { internal void Process(IDictionary rawData, AppSettings settings) { + AllowReconfiguration(settings); CalculateConfigurationKey(rawData, settings); } + private void AllowReconfiguration(AppSettings settings) + { + settings.Security.AllowReconfiguration = settings.ConfigurationMode == ConfigurationMode.ConfigureClient; + } + private void CalculateConfigurationKey(IDictionary rawData, AppSettings settings) { using (var algorithm = new SHA256Managed()) diff --git a/SafeExamBrowser.Configuration/ConfigurationData/DataValues.cs b/SafeExamBrowser.Configuration/ConfigurationData/DataValues.cs index 90e0a3cb..bcbc71c7 100644 --- a/SafeExamBrowser.Configuration/ConfigurationData/DataValues.cs +++ b/SafeExamBrowser.Configuration/ConfigurationData/DataValues.cs @@ -165,6 +165,7 @@ namespace SafeExamBrowser.Configuration.ConfigurationData settings.Mouse.AllowRightButton = true; settings.Security.AllowApplicationLogAccess = false; + settings.Security.AllowReconfiguration = false; settings.Security.KioskMode = KioskMode.CreateNewDesktop; settings.Security.VirtualMachinePolicy = VirtualMachinePolicy.Deny; diff --git a/SafeExamBrowser.Runtime.UnitTests/Operations/ConfigurationOperationTests.cs b/SafeExamBrowser.Runtime.UnitTests/Operations/ConfigurationOperationTests.cs index 905ade50..b67f9b0b 100644 --- a/SafeExamBrowser.Runtime.UnitTests/Operations/ConfigurationOperationTests.cs +++ b/SafeExamBrowser.Runtime.UnitTests/Operations/ConfigurationOperationTests.cs @@ -110,7 +110,7 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations } [TestMethod] - public void Perform_MustTestdatalyHandleBrowserResource() + public void Perform_MustCorrectlyHandleBrowserResource() { var settings = new AppSettings { ConfigurationMode = ConfigurationMode.Exam }; var url = @"http://www.safeexambrowser.org/whatever.seb"; @@ -121,6 +121,9 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations var sut = new ConfigurationOperation(new[] { "blubb.exe", url }, repository.Object, fileSystem.Object, hashAlgorithm.Object, logger.Object, sessionContext); var result = sut.Perform(); + Assert.IsFalse(settings.Browser.DeleteCacheOnShutdown); + Assert.IsFalse(settings.Browser.DeleteCookiesOnShutdown); + Assert.IsTrue(settings.Security.AllowReconfiguration); Assert.AreEqual(url, settings.Browser.StartUrl); Assert.AreEqual(OperationResult.Success, result); } @@ -331,7 +334,7 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations } [TestMethod] - public void Perform_MustSucceedIfAdminPasswordTestdata() + public void Perform_MustSucceedIfAdminPasswordCorrect() { var password = "test"; var currentSettings = new AppSettings { ConfigurationMode = ConfigurationMode.ConfigureClient }; @@ -394,7 +397,7 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations } [TestMethod] - public void Perform_MustSucceedIfSettingsPasswordTestdata() + public void Perform_MustSucceedIfSettingsPasswordCorrect() { var password = "test"; var settings = new AppSettings { ConfigurationMode = ConfigurationMode.Exam }; @@ -504,7 +507,7 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations } [TestMethod] - public void Repeat_MustPerformForExamWithTestdataUri() + public void Repeat_MustPerformForExamWithCorrectUri() { var currentSettings = new AppSettings(); var location = Path.GetDirectoryName(GetType().Assembly.Location); @@ -526,7 +529,7 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations } [TestMethod] - public void Repeat_MustPerformForClientConfigurationWithTestdataUri() + public void Repeat_MustPerformForClientConfigurationWithCorrectUri() { var currentSettings = new AppSettings(); var location = Path.GetDirectoryName(GetType().Assembly.Location); diff --git a/SafeExamBrowser.Runtime.UnitTests/RuntimeControllerTests.cs b/SafeExamBrowser.Runtime.UnitTests/RuntimeControllerTests.cs index d62e723a..215fa752 100644 --- a/SafeExamBrowser.Runtime.UnitTests/RuntimeControllerTests.cs +++ b/SafeExamBrowser.Runtime.UnitTests/RuntimeControllerTests.cs @@ -163,7 +163,7 @@ namespace SafeExamBrowser.Runtime.UnitTests var args = new ReconfigurationEventArgs { ConfigurationPath = "C:\\Some\\File\\Path.seb" }; StartSession(); - currentSettings.ConfigurationMode = ConfigurationMode.ConfigureClient; + currentSettings.Security.AllowReconfiguration = true; bootstrapSequence.Reset(); sessionSequence.Reset(); sessionSequence.Setup(s => s.TryRepeat()).Returns(OperationResult.Success); @@ -182,6 +182,7 @@ namespace SafeExamBrowser.Runtime.UnitTests public void Communication_MustInformClientAboutAbortedReconfiguration() { StartSession(); + currentSettings.Security.AllowReconfiguration = true; sessionSequence.Reset(); sessionSequence.Setup(s => s.TryRepeat()).Returns(OperationResult.Aborted); @@ -196,7 +197,7 @@ namespace SafeExamBrowser.Runtime.UnitTests var args = new ReconfigurationEventArgs { ConfigurationPath = "C:\\Some\\File\\Path.seb" }; StartSession(); - currentSettings.ConfigurationMode = ConfigurationMode.Exam; + currentSettings.Security.AllowReconfiguration = false; bootstrapSequence.Reset(); sessionSequence.Reset(); diff --git a/SafeExamBrowser.Runtime/Operations/ConfigurationOperation.cs b/SafeExamBrowser.Runtime/Operations/ConfigurationOperation.cs index ae748b20..4068ae96 100644 --- a/SafeExamBrowser.Runtime/Operations/ConfigurationOperation.cs +++ b/SafeExamBrowser.Runtime/Operations/ConfigurationOperation.cs @@ -204,8 +204,12 @@ namespace SafeExamBrowser.Runtime.Operations private OperationResult HandleBrowserResource(Uri uri) { + Context.Next.Settings.Browser.DeleteCacheOnShutdown = false; + Context.Next.Settings.Browser.DeleteCookiesOnShutdown = false; Context.Next.Settings.Browser.StartUrl = uri.AbsoluteUri; - logger.Info($"The configuration resource needs authentication or is a webpage, using '{uri}' as startup URL for the browser."); + Context.Next.Settings.Security.AllowReconfiguration = true; + + logger.Info($"The configuration resource needs authentication or is a webpage, using '{uri}' as start URL for the browser."); return OperationResult.Success; } diff --git a/SafeExamBrowser.Runtime/RuntimeController.cs b/SafeExamBrowser.Runtime/RuntimeController.cs index 3db25487..92b76a34 100644 --- a/SafeExamBrowser.Runtime/RuntimeController.cs +++ b/SafeExamBrowser.Runtime/RuntimeController.cs @@ -19,7 +19,6 @@ using SafeExamBrowser.I18n.Contracts; using SafeExamBrowser.Logging.Contracts; using SafeExamBrowser.Runtime.Contracts; using SafeExamBrowser.Runtime.Operations.Events; -using SafeExamBrowser.Settings; using SafeExamBrowser.Settings.Security; using SafeExamBrowser.Settings.Service; using SafeExamBrowser.UserInterface.Contracts; @@ -344,9 +343,7 @@ namespace SafeExamBrowser.Runtime private void RuntimeHost_ReconfigurationRequested(ReconfigurationEventArgs args) { - var mode = Session.Settings.ConfigurationMode; - - if (mode == ConfigurationMode.ConfigureClient) + if (Session.Settings.Security.AllowReconfiguration) { logger.Info($"Accepted request for reconfiguration with '{args.ConfigurationPath}'."); sessionContext.ReconfigurationFilePath = args.ConfigurationPath; @@ -355,7 +352,7 @@ namespace SafeExamBrowser.Runtime } else { - logger.Info($"Denied request for reconfiguration with '{args.ConfigurationPath}' due to '{mode}' mode!"); + logger.Info($"Denied request for reconfiguration with '{args.ConfigurationPath}'!"); sessionContext.ClientProxy.InformReconfigurationDenied(args.ConfigurationPath); } } diff --git a/SafeExamBrowser.Settings/Security/SecuritySettings.cs b/SafeExamBrowser.Settings/Security/SecuritySettings.cs index 7d752ed4..5057867c 100644 --- a/SafeExamBrowser.Settings/Security/SecuritySettings.cs +++ b/SafeExamBrowser.Settings/Security/SecuritySettings.cs @@ -26,6 +26,11 @@ namespace SafeExamBrowser.Settings.Security /// public bool AllowApplicationLogAccess { get; set; } + /// + /// Determines whether the user may reconfigure the application. + /// + public bool AllowReconfiguration { get; set; } + /// /// The kiosk mode which determines how the computer is locked down. ///