From 175a2e8cf7ee36b901748a3e2ed1c5976bd2ab23 Mon Sep 17 00:00:00 2001 From: dbuechel Date: Fri, 20 Dec 2019 11:37:07 +0100 Subject: [PATCH] SEBWIN-316: Finally grouped all security related settings. Implemented mapping for virtual machine policy. --- .../ClientControllerTests.cs | 10 ++--- .../Operations/ApplicationOperationTests.cs | 13 +++--- SafeExamBrowser.Client/ClientController.cs | 8 ++-- .../Operations/ApplicationOperation.cs | 6 +-- .../ConfigurationFileDataMapper.cs | 11 ----- .../DataMapping/GeneralDataMapper.cs | 26 ----------- .../DataMapping/SecurityDataMapper.cs | 43 +++++++++++++++--- .../ConfigurationData/DataValues.cs | 9 ++-- .../Communication/RuntimeHostTests.cs | 5 ++- .../Operations/ConfigurationOperationTests.cs | 37 ++++++++++------ .../Operations/KioskModeOperationTests.cs | 35 ++++++++------- .../RuntimeControllerTests.cs | 13 +++--- .../Operations/ConfigurationOperation.cs | 8 ++-- .../Operations/KioskModeOperation.cs | 10 ++--- SafeExamBrowser.Runtime/RuntimeController.cs | 19 ++++---- SafeExamBrowser.Settings/AppSettings.cs | 21 ++------- .../SafeExamBrowser.Settings.csproj | 4 +- .../{ => Security}/KioskMode.cs | 8 ++-- .../Security/SecuritySettings.cs | 44 +++++++++++++++++++ .../Security/VirtualMachinePolicy.cs | 26 +++++++++++ 20 files changed, 213 insertions(+), 143 deletions(-) rename SafeExamBrowser.Settings/{ => Security}/KioskMode.cs (73%) create mode 100644 SafeExamBrowser.Settings/Security/SecuritySettings.cs create mode 100644 SafeExamBrowser.Settings/Security/VirtualMachinePolicy.cs diff --git a/SafeExamBrowser.Client.UnitTests/ClientControllerTests.cs b/SafeExamBrowser.Client.UnitTests/ClientControllerTests.cs index 9c1e240b..2a31048b 100644 --- a/SafeExamBrowser.Client.UnitTests/ClientControllerTests.cs +++ b/SafeExamBrowser.Client.UnitTests/ClientControllerTests.cs @@ -212,7 +212,7 @@ namespace SafeExamBrowser.Client.UnitTests var correct = new Random().Next(1, 50); var lockScreenResult = new Func(() => ++attempt == correct ? result : new LockScreenResult()); - context.Settings.QuitPasswordHash = hash; + context.Settings.Security.QuitPasswordHash = hash; hashAlgorithm.Setup(a => a.GenerateHashFor(It.Is(p => p == result.Password))).Returns(hash); lockScreen.Setup(l => l.WaitForResult()).Returns(lockScreenResult); uiFactory @@ -692,9 +692,9 @@ namespace SafeExamBrowser.Client.UnitTests var dialog = new Mock(); var dialogResult = new PasswordDialogResult { Password = "blobb", Success = true }; - settings.QuitPasswordHash = "1234"; + settings.Security.QuitPasswordHash = "1234"; dialog.Setup(d => d.Show(It.IsAny())).Returns(dialogResult); - hashAlgorithm.Setup(h => h.GenerateHashFor(It.Is(s => s == dialogResult.Password))).Returns(settings.QuitPasswordHash); + hashAlgorithm.Setup(h => h.GenerateHashFor(It.Is(s => s == dialogResult.Password))).Returns(settings.Security.QuitPasswordHash); runtimeProxy.Setup(r => r.RequestShutdown()).Returns(new CommunicationResult(true)); uiFactory.Setup(u => u.CreatePasswordDialog(It.IsAny(), It.IsAny())).Returns(dialog.Object); @@ -714,7 +714,7 @@ namespace SafeExamBrowser.Client.UnitTests var dialog = new Mock(); var dialogResult = new PasswordDialogResult { Success = false }; - settings.QuitPasswordHash = "1234"; + settings.Security.QuitPasswordHash = "1234"; dialog.Setup(d => d.Show(It.IsAny())).Returns(dialogResult); runtimeProxy.Setup(r => r.RequestShutdown()).Returns(new CommunicationResult(true)); uiFactory.Setup(u => u.CreatePasswordDialog(It.IsAny(), It.IsAny())).Returns(dialog.Object); @@ -735,7 +735,7 @@ namespace SafeExamBrowser.Client.UnitTests var dialog = new Mock(); var dialogResult = new PasswordDialogResult { Password = "blobb", Success = true }; - settings.QuitPasswordHash = "1234"; + settings.Security.QuitPasswordHash = "1234"; dialog.Setup(d => d.Show(It.IsAny())).Returns(dialogResult); hashAlgorithm.Setup(h => h.GenerateHashFor(It.IsAny())).Returns("9876"); uiFactory.Setup(u => u.CreatePasswordDialog(It.IsAny(), It.IsAny())).Returns(dialog.Object); diff --git a/SafeExamBrowser.Client.UnitTests/Operations/ApplicationOperationTests.cs b/SafeExamBrowser.Client.UnitTests/Operations/ApplicationOperationTests.cs index 55f8c096..397a5629 100644 --- a/SafeExamBrowser.Client.UnitTests/Operations/ApplicationOperationTests.cs +++ b/SafeExamBrowser.Client.UnitTests/Operations/ApplicationOperationTests.cs @@ -20,6 +20,7 @@ using SafeExamBrowser.Logging.Contracts; using SafeExamBrowser.Monitoring.Contracts.Applications; using SafeExamBrowser.Settings; using SafeExamBrowser.Settings.Applications; +using SafeExamBrowser.Settings.Security; namespace SafeExamBrowser.Client.UnitTests.Operations { @@ -263,7 +264,7 @@ namespace SafeExamBrowser.Client.UnitTests.Operations [TestMethod] public void Perform_MustNotStartMonitorWithoutKioskMode() { - context.Settings.KioskMode = KioskMode.None; + context.Settings.Security.KioskMode = KioskMode.None; monitor.Setup(m => m.Initialize(It.IsAny())).Returns(new InitializationResult()); var result = sut.Perform(); @@ -275,7 +276,7 @@ namespace SafeExamBrowser.Client.UnitTests.Operations [TestMethod] public void Perform_MustStartMonitorWithKioskMode() { - context.Settings.KioskMode = KioskMode.CreateNewDesktop; + context.Settings.Security.KioskMode = KioskMode.CreateNewDesktop; monitor.Setup(m => m.Initialize(It.IsAny())).Returns(new InitializationResult()); var result = sut.Perform(); @@ -283,7 +284,7 @@ namespace SafeExamBrowser.Client.UnitTests.Operations monitor.Verify(m => m.Start(), Times.Once); Assert.AreEqual(OperationResult.Success, result); - context.Settings.KioskMode = KioskMode.DisableExplorerShell; + context.Settings.Security.KioskMode = KioskMode.DisableExplorerShell; monitor.Reset(); monitor.Setup(m => m.Initialize(It.IsAny())).Returns(new InitializationResult()); @@ -331,7 +332,7 @@ namespace SafeExamBrowser.Client.UnitTests.Operations [TestMethod] public void Revert_MustNotStopMonitorWithoutKioskMode() { - context.Settings.KioskMode = KioskMode.None; + context.Settings.Security.KioskMode = KioskMode.None; var result = sut.Revert(); @@ -342,14 +343,14 @@ namespace SafeExamBrowser.Client.UnitTests.Operations [TestMethod] public void Revert_MustStopMonitorWithKioskMode() { - context.Settings.KioskMode = KioskMode.CreateNewDesktop; + context.Settings.Security.KioskMode = KioskMode.CreateNewDesktop; var result = sut.Revert(); monitor.Verify(m => m.Stop(), Times.Once); Assert.AreEqual(OperationResult.Success, result); - context.Settings.KioskMode = KioskMode.DisableExplorerShell; + context.Settings.Security.KioskMode = KioskMode.DisableExplorerShell; monitor.Reset(); result = sut.Revert(); diff --git a/SafeExamBrowser.Client/ClientController.cs b/SafeExamBrowser.Client/ClientController.cs index 7a174efb..a80437a6 100644 --- a/SafeExamBrowser.Client/ClientController.cs +++ b/SafeExamBrowser.Client/ClientController.cs @@ -275,7 +275,7 @@ namespace SafeExamBrowser.Client var applicationList = string.Join(Environment.NewLine, applications.Select(a => $"- {a.Name}")); var message = $"{text.Get(TextKey.LockScreen_Message)}{Environment.NewLine}{Environment.NewLine}{applicationList}"; var title = text.Get(TextKey.LockScreen_Title); - var hasQuitPassword = !string.IsNullOrEmpty(Settings.QuitPasswordHash); + var hasQuitPassword = !string.IsNullOrEmpty(Settings.Security.QuitPasswordHash); var allowOption = new LockScreenOption { Text = text.Get(TextKey.LockScreen_AllowOption) }; var terminateOption = new LockScreenOption { Text = text.Get(TextKey.LockScreen_TerminateOption) }; var lockScreen = uiFactory.CreateLockScreen(message, title, new [] { allowOption, terminateOption }); @@ -292,7 +292,7 @@ namespace SafeExamBrowser.Client if (hasQuitPassword) { var passwordHash = hashAlgorithm.GenerateHashFor(result.Password); - var isCorrect = Settings.QuitPasswordHash.Equals(passwordHash, StringComparison.OrdinalIgnoreCase); + var isCorrect = Settings.Security.QuitPasswordHash.Equals(passwordHash, StringComparison.OrdinalIgnoreCase); if (isCorrect) { @@ -591,7 +591,7 @@ namespace SafeExamBrowser.Client private bool TryInitiateShutdown() { - var hasQuitPassword = !string.IsNullOrEmpty(Settings.QuitPasswordHash); + var hasQuitPassword = !string.IsNullOrEmpty(Settings.Security.QuitPasswordHash); var requestShutdown = false; var succes = false; @@ -633,7 +633,7 @@ namespace SafeExamBrowser.Client if (result.Success) { var passwordHash = hashAlgorithm.GenerateHashFor(result.Password); - var isCorrect = Settings.QuitPasswordHash.Equals(passwordHash, StringComparison.OrdinalIgnoreCase); + var isCorrect = Settings.Security.QuitPasswordHash.Equals(passwordHash, StringComparison.OrdinalIgnoreCase); if (isCorrect) { diff --git a/SafeExamBrowser.Client/Operations/ApplicationOperation.cs b/SafeExamBrowser.Client/Operations/ApplicationOperation.cs index fccae8b3..bc5d9850 100644 --- a/SafeExamBrowser.Client/Operations/ApplicationOperation.cs +++ b/SafeExamBrowser.Client/Operations/ApplicationOperation.cs @@ -15,8 +15,8 @@ using SafeExamBrowser.Core.Contracts.OperationModel.Events; using SafeExamBrowser.I18n.Contracts; using SafeExamBrowser.Logging.Contracts; using SafeExamBrowser.Monitoring.Contracts.Applications; -using SafeExamBrowser.Settings; using SafeExamBrowser.Settings.Applications; +using SafeExamBrowser.Settings.Security; namespace SafeExamBrowser.Client.Operations { @@ -144,7 +144,7 @@ namespace SafeExamBrowser.Client.Operations private void StartMonitor() { - if (Context.Settings.KioskMode != KioskMode.None) + if (Context.Settings.Security.KioskMode != KioskMode.None) { monitor.Start(); } @@ -152,7 +152,7 @@ namespace SafeExamBrowser.Client.Operations private void StopMonitor() { - if (Context.Settings.KioskMode != KioskMode.None) + if (Context.Settings.Security.KioskMode != KioskMode.None) { monitor.Stop(); } diff --git a/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/ConfigurationFileDataMapper.cs b/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/ConfigurationFileDataMapper.cs index 486fe61e..e6521a07 100644 --- a/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/ConfigurationFileDataMapper.cs +++ b/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/ConfigurationFileDataMapper.cs @@ -16,23 +16,12 @@ namespace SafeExamBrowser.Configuration.ConfigurationData.DataMapping { switch (key) { - case Keys.ConfigurationFile.AdminPasswordHash: - MapAdminPasswordHash(settings, value); - break; case Keys.ConfigurationFile.ConfigurationPurpose: MapConfigurationMode(settings, value); break; } } - private void MapAdminPasswordHash(AppSettings settings, object value) - { - if (value is string hash) - { - settings.AdminPasswordHash = hash; - } - } - private void MapConfigurationMode(AppSettings settings, object value) { const int CONFIGURE_CLIENT = 1; diff --git a/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/GeneralDataMapper.cs b/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/GeneralDataMapper.cs index d98a2ff1..30f1db45 100644 --- a/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/GeneralDataMapper.cs +++ b/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/GeneralDataMapper.cs @@ -6,7 +6,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -using System.Collections.Generic; using SafeExamBrowser.Settings; using SafeExamBrowser.Settings.Logging; @@ -24,31 +23,6 @@ namespace SafeExamBrowser.Configuration.ConfigurationData.DataMapping } } - internal override void MapGlobal(IDictionary rawData, AppSettings settings) - { - MapApplicationLogAccess(rawData, settings); - } - - private void MapApplicationLogAccess(IDictionary rawData, AppSettings settings) - { - var hasValue = rawData.TryGetValue(Keys.General.AllowApplicationLog, out var value); - - if (hasValue && value is bool allow) - { - settings.AllowApplicationLogAccess = allow; - } - - if (settings.AllowApplicationLogAccess) - { - settings.ActionCenter.ShowApplicationLog = true; - } - else - { - settings.ActionCenter.ShowApplicationLog = false; - settings.Taskbar.ShowApplicationLog = false; - } - } - private void MapLogLevel(AppSettings settings, object value) { const int ERROR = 0, WARNING = 1, INFO = 2; diff --git a/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/SecurityDataMapper.cs b/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/SecurityDataMapper.cs index 0e27c5ad..8630c3d1 100644 --- a/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/SecurityDataMapper.cs +++ b/SafeExamBrowser.Configuration/ConfigurationData/DataMapping/SecurityDataMapper.cs @@ -8,6 +8,7 @@ using System.Collections.Generic; using SafeExamBrowser.Settings; +using SafeExamBrowser.Settings.Security; using SafeExamBrowser.Settings.Service; namespace SafeExamBrowser.Configuration.ConfigurationData.DataMapping @@ -18,6 +19,9 @@ namespace SafeExamBrowser.Configuration.ConfigurationData.DataMapping { switch (key) { + case Keys.ConfigurationFile.AdminPasswordHash: + MapAdminPasswordHash(settings, value); + break; case Keys.Security.AllowVirtualMachine: MapVirtualMachinePolicy(settings, value); break; @@ -32,9 +36,38 @@ namespace SafeExamBrowser.Configuration.ConfigurationData.DataMapping internal override void MapGlobal(IDictionary rawData, AppSettings settings) { + MapApplicationLogAccess(rawData, settings); MapKioskMode(rawData, settings); } + private void MapAdminPasswordHash(AppSettings settings, object value) + { + if (value is string hash) + { + settings.Security.AdminPasswordHash = hash; + } + } + + private void MapApplicationLogAccess(IDictionary rawData, AppSettings settings) + { + var hasValue = rawData.TryGetValue(Keys.General.AllowApplicationLog, out var value); + + if (hasValue && value is bool allow) + { + settings.Security.AllowApplicationLogAccess = allow; + } + + if (settings.Security.AllowApplicationLogAccess) + { + settings.ActionCenter.ShowApplicationLog = true; + } + else + { + settings.ActionCenter.ShowApplicationLog = false; + settings.Taskbar.ShowApplicationLog = false; + } + } + private void MapKioskMode(IDictionary rawData, AppSettings settings) { var hasCreateNewDesktop = rawData.TryGetValue(Keys.Security.KioskModeCreateNewDesktop, out var createNewDesktop); @@ -42,17 +75,17 @@ namespace SafeExamBrowser.Configuration.ConfigurationData.DataMapping if (hasDisableExplorerShell && disableExplorerShell as bool? == true) { - settings.KioskMode = KioskMode.DisableExplorerShell; + settings.Security.KioskMode = KioskMode.DisableExplorerShell; } if (hasCreateNewDesktop && createNewDesktop as bool? == true) { - settings.KioskMode = KioskMode.CreateNewDesktop; + settings.Security.KioskMode = KioskMode.CreateNewDesktop; } if (hasCreateNewDesktop && hasDisableExplorerShell && createNewDesktop as bool? == false && disableExplorerShell as bool? == false) { - settings.KioskMode = KioskMode.None; + settings.Security.KioskMode = KioskMode.None; } } @@ -60,7 +93,7 @@ namespace SafeExamBrowser.Configuration.ConfigurationData.DataMapping { if (value is string hash) { - settings.QuitPasswordHash = hash; + settings.Security.QuitPasswordHash = hash; } } @@ -79,7 +112,7 @@ namespace SafeExamBrowser.Configuration.ConfigurationData.DataMapping { if (value is bool allow) { - // TODO NEXT: settings.Security.VirtualMachinePolicy = ; + settings.Security.VirtualMachinePolicy = allow ? VirtualMachinePolicy.Allow : VirtualMachinePolicy.Deny ; } } } diff --git a/SafeExamBrowser.Configuration/ConfigurationData/DataValues.cs b/SafeExamBrowser.Configuration/ConfigurationData/DataValues.cs index ecc1f252..915e07be 100644 --- a/SafeExamBrowser.Configuration/ConfigurationData/DataValues.cs +++ b/SafeExamBrowser.Configuration/ConfigurationData/DataValues.cs @@ -13,6 +13,7 @@ using SafeExamBrowser.Settings; using SafeExamBrowser.Settings.Browser; using SafeExamBrowser.Settings.Browser.Proxy; using SafeExamBrowser.Settings.Logging; +using SafeExamBrowser.Settings.Security; using SafeExamBrowser.Settings.Service; using SafeExamBrowser.Settings.UserInterface; @@ -157,13 +158,15 @@ namespace SafeExamBrowser.Configuration.ConfigurationData settings.Keyboard.AllowPrintScreen = false; settings.Keyboard.AllowSystemKey = false; - settings.KioskMode = KioskMode.CreateNewDesktop; - settings.LogLevel = LogLevel.Debug; settings.Mouse.AllowMiddleButton = false; settings.Mouse.AllowRightButton = true; + settings.Security.AllowApplicationLogAccess = false; + settings.Security.KioskMode = KioskMode.CreateNewDesktop; + settings.Security.VirtualMachinePolicy = VirtualMachinePolicy.Deny; + settings.Service.DisableChromeNotifications = true; settings.Service.DisableEaseOfAccessOptions = true; settings.Service.DisableNetworkOptions = true; @@ -178,8 +181,6 @@ namespace SafeExamBrowser.Configuration.ConfigurationData settings.Service.DisableWindowsUpdate = true; settings.Service.Policy = ServicePolicy.Mandatory; - settings.AllowApplicationLogAccess = false; - settings.Taskbar.EnableTaskbar = true; settings.Taskbar.ShowApplicationInfo = false; settings.Taskbar.ShowApplicationLog = false; diff --git a/SafeExamBrowser.Runtime.UnitTests/Communication/RuntimeHostTests.cs b/SafeExamBrowser.Runtime.UnitTests/Communication/RuntimeHostTests.cs index b9d2a239..a22fdd01 100644 --- a/SafeExamBrowser.Runtime.UnitTests/Communication/RuntimeHostTests.cs +++ b/SafeExamBrowser.Runtime.UnitTests/Communication/RuntimeHostTests.cs @@ -171,8 +171,9 @@ namespace SafeExamBrowser.Runtime.UnitTests.Communication public void MustHandleConfigurationRequestCorrectly() { var args = default(ClientConfigurationEventArgs); - var configuration = new ClientConfiguration { Settings = new AppSettings { AdminPasswordHash = "12345" } }; + var configuration = new ClientConfiguration { Settings = new AppSettings() }; + configuration.Settings.Security.AdminPasswordHash = "12345"; sut.AllowConnection = true; sut.ClientConfigurationNeeded += (a) => { args = a; args.ClientConfiguration = configuration; }; sut.AuthenticationToken = Guid.Empty; @@ -184,7 +185,7 @@ namespace SafeExamBrowser.Runtime.UnitTests.Communication Assert.IsNotNull(args); Assert.IsNotNull(response); Assert.IsInstanceOfType(response, typeof(ConfigurationResponse)); - Assert.AreEqual(configuration.Settings.AdminPasswordHash, (response as ConfigurationResponse)?.Configuration.Settings.AdminPasswordHash); + Assert.AreEqual(configuration.Settings.Security.AdminPasswordHash, (response as ConfigurationResponse)?.Configuration.Settings.Security.AdminPasswordHash); } [TestMethod] diff --git a/SafeExamBrowser.Runtime.UnitTests/Operations/ConfigurationOperationTests.cs b/SafeExamBrowser.Runtime.UnitTests/Operations/ConfigurationOperationTests.cs index 46ec7ac2..58a81c31 100644 --- a/SafeExamBrowser.Runtime.UnitTests/Operations/ConfigurationOperationTests.cs +++ b/SafeExamBrowser.Runtime.UnitTests/Operations/ConfigurationOperationTests.cs @@ -13,11 +13,11 @@ using Moq; using SafeExamBrowser.Communication.Contracts.Data; using SafeExamBrowser.Configuration.Contracts; using SafeExamBrowser.Configuration.Contracts.Cryptography; -using SafeExamBrowser.Settings; using SafeExamBrowser.Core.Contracts.OperationModel; using SafeExamBrowser.Logging.Contracts; using SafeExamBrowser.Runtime.Operations; using SafeExamBrowser.Runtime.Operations.Events; +using SafeExamBrowser.Settings; namespace SafeExamBrowser.Runtime.UnitTests.Operations { @@ -272,11 +272,13 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations public void Perform_MustOnlyAllowToEnterAdminPasswordFiveTimes() { var count = 0; - var localSettings = new AppSettings { AdminPasswordHash = "1234" }; - var settings = new AppSettings { AdminPasswordHash = "9876", ConfigurationMode = ConfigurationMode.ConfigureClient }; + var localSettings = new AppSettings(); + var settings = new AppSettings { ConfigurationMode = ConfigurationMode.ConfigureClient }; var url = @"http://www.safeexambrowser.org/whatever.seb"; appConfig.AppDataFilePath = Path.Combine(Path.GetDirectoryName(GetType().Assembly.Location), nameof(Operations), "Testdata", FILE_NAME); + localSettings.Security.AdminPasswordHash = "1234"; + settings.Security.AdminPasswordHash = "9876"; repository.Setup(r => r.TryLoadSettings(It.IsAny(), out settings, It.IsAny())).Returns(LoadStatus.Success); repository.Setup(r => r.TryLoadSettings(It.Is(u => u.LocalPath.Contains(FILE_NAME)), out localSettings, It.IsAny())).Returns(LoadStatus.Success); @@ -329,12 +331,14 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations public void Perform_MustSucceedIfAdminPasswordTestdata() { var password = "test"; - var currentSettings = new AppSettings { AdminPasswordHash = "1234", ConfigurationMode = ConfigurationMode.ConfigureClient }; - var nextSettings = new AppSettings { AdminPasswordHash = "9876", ConfigurationMode = ConfigurationMode.ConfigureClient }; + var currentSettings = new AppSettings { ConfigurationMode = ConfigurationMode.ConfigureClient }; + var nextSettings = new AppSettings { ConfigurationMode = ConfigurationMode.ConfigureClient }; var url = @"http://www.safeexambrowser.org/whatever.seb"; + currentSettings.Security.AdminPasswordHash = "1234"; nextSession.Settings = nextSettings; - hashAlgorithm.Setup(h => h.GenerateHashFor(It.Is(p => p == password))).Returns(currentSettings.AdminPasswordHash); + nextSettings.Security.AdminPasswordHash = "9876"; + hashAlgorithm.Setup(h => h.GenerateHashFor(It.Is(p => p == password))).Returns(currentSettings.Security.AdminPasswordHash); repository.Setup(r => r.TryLoadSettings(It.IsAny(), out currentSettings, It.IsAny())).Returns(LoadStatus.Success); repository.Setup(r => r.TryLoadSettings(It.Is(u => u.AbsoluteUri == url), out nextSettings, It.IsAny())).Returns(LoadStatus.Success); repository.Setup(r => r.ConfigureClientWith(It.IsAny(), It.IsAny())).Returns(SaveStatus.Success); @@ -359,11 +363,13 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations [TestMethod] public void Perform_MustNotAuthenticateIfSameAdminPassword() { - var currentSettings = new AppSettings { AdminPasswordHash = "1234", ConfigurationMode = ConfigurationMode.ConfigureClient }; - var nextSettings = new AppSettings { AdminPasswordHash = "1234", ConfigurationMode = ConfigurationMode.ConfigureClient }; + var currentSettings = new AppSettings { ConfigurationMode = ConfigurationMode.ConfigureClient }; + var nextSettings = new AppSettings { ConfigurationMode = ConfigurationMode.ConfigureClient }; var url = @"http://www.safeexambrowser.org/whatever.seb"; + currentSettings.Security.AdminPasswordHash = "1234"; nextSession.Settings = nextSettings; + nextSettings.Security.AdminPasswordHash = "1234"; repository.Setup(r => r.TryLoadSettings(It.IsAny(), out currentSettings, It.IsAny())).Returns(LoadStatus.Success); repository.Setup(r => r.TryLoadSettings(It.Is(u => u.AbsoluteUri == url), out nextSettings, It.IsAny())).Returns(LoadStatus.Success); repository.Setup(r => r.ConfigureClientWith(It.IsAny(), It.IsAny())).Returns(SaveStatus.Success); @@ -416,9 +422,10 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations { var url = @"http://www.safeexambrowser.org/whatever.seb"; var location = Path.Combine(Path.GetDirectoryName(GetType().Assembly.Location), nameof(Operations), "Testdata", FILE_NAME); - var settings = new AppSettings { AdminPasswordHash = "1234", ConfigurationMode = ConfigurationMode.Exam }; + var settings = new AppSettings { ConfigurationMode = ConfigurationMode.Exam }; appConfig.AppDataFilePath = location; + settings.Security.AdminPasswordHash = "1234"; repository .Setup(r => r.TryLoadSettings(It.IsAny(), out settings, It.IsAny())) @@ -427,13 +434,13 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations .Setup(r => r.TryLoadSettings(It.Is(u => u.Equals(new Uri(location))), out settings, It.IsAny())) .Returns(LoadStatus.Success); repository - .Setup(r => r.TryLoadSettings(It.IsAny(), out settings, It.Is(p => p.IsHash == true && p.Password == settings.AdminPasswordHash))) + .Setup(r => r.TryLoadSettings(It.IsAny(), out settings, It.Is(p => p.IsHash == true && p.Password == settings.Security.AdminPasswordHash))) .Returns(LoadStatus.Success); var sut = new ConfigurationOperation(new[] { "blubb.exe", url }, repository.Object, hashAlgorithm.Object, logger.Object, sessionContext); var result = sut.Perform(); - repository.Verify(r => r.TryLoadSettings(It.IsAny(), out settings, It.Is(p => p.Password == settings.AdminPasswordHash)), Times.AtLeastOnce); + repository.Verify(r => r.TryLoadSettings(It.IsAny(), out settings, It.Is(p => p.Password == settings.Security.AdminPasswordHash)), Times.AtLeastOnce); Assert.AreEqual(OperationResult.Success, result); } @@ -442,14 +449,16 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations public void Perform_MustAbortAskingForAdminPasswordIfDecidedByUser() { var password = "test"; - var currentSettings = new AppSettings { AdminPasswordHash = "1234", ConfigurationMode = ConfigurationMode.ConfigureClient }; - var nextSettings = new AppSettings { AdminPasswordHash = "9876", ConfigurationMode = ConfigurationMode.ConfigureClient }; + var currentSettings = new AppSettings { ConfigurationMode = ConfigurationMode.ConfigureClient }; + var nextSettings = new AppSettings { ConfigurationMode = ConfigurationMode.ConfigureClient }; var url = @"http://www.safeexambrowser.org/whatever.seb"; appConfig.AppDataFilePath = Path.Combine(Path.GetDirectoryName(GetType().Assembly.Location), nameof(Operations), "Testdata", FILE_NAME); + currentSettings.Security.AdminPasswordHash = "1234"; nextSession.Settings = nextSettings; + nextSettings.Security.AdminPasswordHash = "9876"; - hashAlgorithm.Setup(h => h.GenerateHashFor(It.Is(p => p == password))).Returns(currentSettings.AdminPasswordHash); + hashAlgorithm.Setup(h => h.GenerateHashFor(It.Is(p => p == password))).Returns(currentSettings.Security.AdminPasswordHash); repository.Setup(r => r.TryLoadSettings(It.IsAny(), out currentSettings, It.IsAny())).Returns(LoadStatus.Success); repository.Setup(r => r.TryLoadSettings(It.Is(u => u.AbsoluteUri == url), out nextSettings, It.IsAny())).Returns(LoadStatus.Success); diff --git a/SafeExamBrowser.Runtime.UnitTests/Operations/KioskModeOperationTests.cs b/SafeExamBrowser.Runtime.UnitTests/Operations/KioskModeOperationTests.cs index c16ef398..1fe0d67b 100644 --- a/SafeExamBrowser.Runtime.UnitTests/Operations/KioskModeOperationTests.cs +++ b/SafeExamBrowser.Runtime.UnitTests/Operations/KioskModeOperationTests.cs @@ -9,11 +9,12 @@ using Microsoft.VisualStudio.TestTools.UnitTesting; using Moq; using SafeExamBrowser.Configuration.Contracts; -using SafeExamBrowser.Settings; using SafeExamBrowser.Core.Contracts.OperationModel; using SafeExamBrowser.Logging.Contracts; -using SafeExamBrowser.WindowsApi.Contracts; using SafeExamBrowser.Runtime.Operations; +using SafeExamBrowser.Settings; +using SafeExamBrowser.Settings.Security; +using SafeExamBrowser.WindowsApi.Contracts; namespace SafeExamBrowser.Runtime.UnitTests.Operations { @@ -65,7 +66,7 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations var setStartup = 0; var suspend = 0; - nextSettings.KioskMode = KioskMode.CreateNewDesktop; + nextSettings.Security.KioskMode = KioskMode.CreateNewDesktop; desktopFactory.Setup(f => f.GetCurrent()).Callback(() => getCurrrent = ++order).Returns(originalDesktop.Object); desktopFactory.Setup(f => f.CreateNew(It.IsAny())).Callback(() => createNew = ++order).Returns(newDesktop.Object); @@ -97,7 +98,7 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations { var order = 0; - nextSettings.KioskMode = KioskMode.DisableExplorerShell; + nextSettings.Security.KioskMode = KioskMode.DisableExplorerShell; explorerShell.Setup(s => s.HideAllWindows()).Callback(() => Assert.AreEqual(1, ++order)); explorerShell.Setup(s => s.Terminate()).Callback(() => Assert.AreEqual(2, ++order)); @@ -118,7 +119,7 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations desktopFactory.Setup(f => f.GetCurrent()).Returns(originalDesktop.Object); desktopFactory.Setup(f => f.CreateNew(It.IsAny())).Returns(newDesktop.Object); - nextSettings.KioskMode = KioskMode.CreateNewDesktop; + nextSettings.Security.KioskMode = KioskMode.CreateNewDesktop; result = sut.Perform(); @@ -134,7 +135,7 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations newDesktop.Verify(d => d.Close(), Times.Never); originalDesktop.Verify(d => d.Activate(), Times.Never); - nextSettings.KioskMode = KioskMode.DisableExplorerShell; + nextSettings.Security.KioskMode = KioskMode.DisableExplorerShell; result = sut.Repeat(); @@ -150,8 +151,8 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations newDesktop.Verify(d => d.Close(), Times.Once); originalDesktop.Verify(d => d.Activate(), Times.Once); - currentSettings.KioskMode = nextSettings.KioskMode; - nextSettings.KioskMode = KioskMode.CreateNewDesktop; + currentSettings.Security.KioskMode = nextSettings.Security.KioskMode; + nextSettings.Security.KioskMode = KioskMode.CreateNewDesktop; result = sut.Repeat(); @@ -175,8 +176,8 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations var originalDesktop = new Mock(); var success = true; - currentSettings.KioskMode = KioskMode.CreateNewDesktop; - nextSettings.KioskMode = KioskMode.CreateNewDesktop; + currentSettings.Security.KioskMode = KioskMode.CreateNewDesktop; + nextSettings.Security.KioskMode = KioskMode.CreateNewDesktop; desktopFactory.Setup(f => f.GetCurrent()).Returns(originalDesktop.Object); desktopFactory.Setup(f => f.CreateNew(It.IsAny())).Returns(newDesktop.Object); @@ -204,8 +205,8 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations { var success = true; - currentSettings.KioskMode = KioskMode.DisableExplorerShell; - nextSettings.KioskMode = KioskMode.DisableExplorerShell; + currentSettings.Security.KioskMode = KioskMode.DisableExplorerShell; + nextSettings.Security.KioskMode = KioskMode.DisableExplorerShell; success &= sut.Perform() == OperationResult.Success; success &= sut.Repeat() == OperationResult.Success; @@ -233,8 +234,8 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations var close = 0; var resume = 0; - currentSettings.KioskMode = KioskMode.CreateNewDesktop; - nextSettings.KioskMode = KioskMode.CreateNewDesktop; + currentSettings.Security.KioskMode = KioskMode.CreateNewDesktop; + nextSettings.Security.KioskMode = KioskMode.CreateNewDesktop; desktopFactory.Setup(f => f.GetCurrent()).Returns(originalDesktop.Object); desktopFactory.Setup(f => f.CreateNew(It.IsAny())).Returns(newDesktop.Object); @@ -266,8 +267,8 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations { var order = 0; - currentSettings.KioskMode = KioskMode.DisableExplorerShell; - nextSettings.KioskMode = KioskMode.DisableExplorerShell; + currentSettings.Security.KioskMode = KioskMode.DisableExplorerShell; + nextSettings.Security.KioskMode = KioskMode.DisableExplorerShell; explorerShell.Setup(s => s.Start()).Callback(() => Assert.AreEqual(1, ++order)); explorerShell.Setup(s => s.RestoreAllWindows()).Callback(() => Assert.AreEqual(2, ++order)); @@ -284,7 +285,7 @@ namespace SafeExamBrowser.Runtime.UnitTests.Operations [TestMethod] public void MustDoNothingWithoutKioskMode() { - nextSettings.KioskMode = KioskMode.None; + nextSettings.Security.KioskMode = KioskMode.None; Assert.AreEqual(OperationResult.Success, sut.Perform()); Assert.AreEqual(OperationResult.Success, sut.Repeat()); diff --git a/SafeExamBrowser.Runtime.UnitTests/RuntimeControllerTests.cs b/SafeExamBrowser.Runtime.UnitTests/RuntimeControllerTests.cs index 2c541629..c748ff7f 100644 --- a/SafeExamBrowser.Runtime.UnitTests/RuntimeControllerTests.cs +++ b/SafeExamBrowser.Runtime.UnitTests/RuntimeControllerTests.cs @@ -20,6 +20,7 @@ using SafeExamBrowser.I18n.Contracts; using SafeExamBrowser.Logging.Contracts; using SafeExamBrowser.Runtime.Operations.Events; using SafeExamBrowser.Settings; +using SafeExamBrowser.Settings.Security; using SafeExamBrowser.Settings.Service; using SafeExamBrowser.UserInterface.Contracts; using SafeExamBrowser.UserInterface.Contracts.MessageBox; @@ -223,7 +224,7 @@ namespace SafeExamBrowser.Runtime.UnitTests var passwordDialog = new Mock(); var result = new PasswordDialogResult { Password = "test1234", Success = true }; - currentSettings.KioskMode = KioskMode.DisableExplorerShell; + currentSettings.Security.KioskMode = KioskMode.DisableExplorerShell; passwordDialog.Setup(p => p.Show(It.IsAny())).Returns(result); uiFactory.Setup(u => u.CreatePasswordDialog(It.IsAny(), It.IsAny())).Returns(passwordDialog.Object); @@ -247,7 +248,7 @@ namespace SafeExamBrowser.Runtime.UnitTests runtimeHost.Raise(r => r.PasswordReceived += null, new PasswordReplyEventArgs { RequestId = id, Success = true }); }); - currentSettings.KioskMode = KioskMode.CreateNewDesktop; + currentSettings.Security.KioskMode = KioskMode.CreateNewDesktop; clientProxy.Setup(c => c.RequestPassword(It.IsAny(), It.IsAny())).Returns(new CommunicationResult(true)).Callback(passwordReceived); sut.TryStart(); @@ -266,7 +267,7 @@ namespace SafeExamBrowser.Runtime.UnitTests runtimeHost.Raise(r => r.PasswordReceived += null, new PasswordReplyEventArgs { RequestId = id, Success = false }); }); - currentSettings.KioskMode = KioskMode.CreateNewDesktop; + currentSettings.Security.KioskMode = KioskMode.CreateNewDesktop; clientProxy.Setup(c => c.RequestPassword(It.IsAny(), It.IsAny())).Returns(new CommunicationResult(true)).Callback(passwordReceived); sut.TryStart(); @@ -281,7 +282,7 @@ namespace SafeExamBrowser.Runtime.UnitTests { var args = new PasswordRequiredEventArgs(); - currentSettings.KioskMode = KioskMode.CreateNewDesktop; + currentSettings.Security.KioskMode = KioskMode.CreateNewDesktop; clientProxy.Setup(c => c.RequestPassword(It.IsAny(), It.IsAny())).Returns(new CommunicationResult(false)); sut.TryStart(); @@ -299,7 +300,7 @@ namespace SafeExamBrowser.Runtime.UnitTests }; StartSession(); - currentSettings.KioskMode = KioskMode.DisableExplorerShell; + currentSettings.Security.KioskMode = KioskMode.DisableExplorerShell; sessionSequence.Raise(s => s.ActionRequired += null, args); @@ -324,7 +325,7 @@ namespace SafeExamBrowser.Runtime.UnitTests var reply = new MessageBoxReplyEventArgs(); StartSession(); - currentSettings.KioskMode = KioskMode.CreateNewDesktop; + currentSettings.Security.KioskMode = KioskMode.CreateNewDesktop; clientProxy.Setup(c => c.ShowMessage( It.IsAny(), diff --git a/SafeExamBrowser.Runtime/Operations/ConfigurationOperation.cs b/SafeExamBrowser.Runtime/Operations/ConfigurationOperation.cs index c44b83fa..f78a26ce 100644 --- a/SafeExamBrowser.Runtime/Operations/ConfigurationOperation.cs +++ b/SafeExamBrowser.Runtime/Operations/ConfigurationOperation.cs @@ -11,12 +11,12 @@ using System.IO; using SafeExamBrowser.Communication.Contracts.Data; using SafeExamBrowser.Configuration.Contracts; using SafeExamBrowser.Configuration.Contracts.Cryptography; -using SafeExamBrowser.Settings; using SafeExamBrowser.Core.Contracts.OperationModel; using SafeExamBrowser.Core.Contracts.OperationModel.Events; using SafeExamBrowser.I18n.Contracts; using SafeExamBrowser.Logging.Contracts; using SafeExamBrowser.Runtime.Operations.Events; +using SafeExamBrowser.Settings; namespace SafeExamBrowser.Runtime.Operations { @@ -126,7 +126,7 @@ namespace SafeExamBrowser.Runtime.Operations if ((!hasProgramDataFile && !hasAppDataFile) || status == LoadStatus.Success) { - currentPassword = settings?.AdminPasswordHash; + currentPassword = settings?.Security.AdminPasswordHash; status = TryLoadSettings(uri, source, out passwordParams, out settings, currentPassword); } } @@ -147,7 +147,7 @@ namespace SafeExamBrowser.Runtime.Operations private OperationResult LoadSettingsForReconfiguration(Uri uri) { - var currentPassword = Context.Current.Settings.AdminPasswordHash; + var currentPassword = Context.Current.Settings.Security.AdminPasswordHash; var source = UriSource.Reconfiguration; var status = TryLoadSettings(uri, source, out var passwordParams, out var settings, currentPassword); @@ -311,7 +311,7 @@ namespace SafeExamBrowser.Runtime.Operations if (mustAuthenticate) { - var nextPassword = Context.Next.Settings.AdminPasswordHash; + var nextPassword = Context.Next.Settings.Security.AdminPasswordHash; var hasSettingsPassword = passwordParams.Password != null; var sameAdminPassword = currentPassword.Equals(nextPassword, StringComparison.OrdinalIgnoreCase); diff --git a/SafeExamBrowser.Runtime/Operations/KioskModeOperation.cs b/SafeExamBrowser.Runtime/Operations/KioskModeOperation.cs index 20c555e8..ae7f3d60 100644 --- a/SafeExamBrowser.Runtime/Operations/KioskModeOperation.cs +++ b/SafeExamBrowser.Runtime/Operations/KioskModeOperation.cs @@ -10,7 +10,7 @@ using SafeExamBrowser.Core.Contracts.OperationModel; using SafeExamBrowser.Core.Contracts.OperationModel.Events; using SafeExamBrowser.I18n.Contracts; using SafeExamBrowser.Logging.Contracts; -using SafeExamBrowser.Settings; +using SafeExamBrowser.Settings.Security; using SafeExamBrowser.WindowsApi.Contracts; namespace SafeExamBrowser.Runtime.Operations @@ -43,12 +43,12 @@ namespace SafeExamBrowser.Runtime.Operations public override OperationResult Perform() { - logger.Info($"Initializing kiosk mode '{Context.Next.Settings.KioskMode}'..."); + logger.Info($"Initializing kiosk mode '{Context.Next.Settings.Security.KioskMode}'..."); StatusChanged?.Invoke(TextKey.OperationStatus_InitializeKioskMode); - activeMode = Context.Next.Settings.KioskMode; + activeMode = Context.Next.Settings.Security.KioskMode; - switch (Context.Next.Settings.KioskMode) + switch (Context.Next.Settings.Security.KioskMode) { case KioskMode.CreateNewDesktop: CreateNewDesktop(); @@ -63,7 +63,7 @@ namespace SafeExamBrowser.Runtime.Operations public override OperationResult Repeat() { - var newMode = Context.Next.Settings.KioskMode; + var newMode = Context.Next.Settings.Security.KioskMode; var result = OperationResult.Success; if (activeMode == newMode) diff --git a/SafeExamBrowser.Runtime/RuntimeController.cs b/SafeExamBrowser.Runtime/RuntimeController.cs index 38f71dca..5cf245bf 100644 --- a/SafeExamBrowser.Runtime/RuntimeController.cs +++ b/SafeExamBrowser.Runtime/RuntimeController.cs @@ -13,14 +13,15 @@ using SafeExamBrowser.Communication.Contracts.Events; using SafeExamBrowser.Communication.Contracts.Hosts; using SafeExamBrowser.Communication.Contracts.Proxies; using SafeExamBrowser.Configuration.Contracts; -using SafeExamBrowser.Settings; -using SafeExamBrowser.Settings.Service; using SafeExamBrowser.Core.Contracts.OperationModel; using SafeExamBrowser.Core.Contracts.OperationModel.Events; using SafeExamBrowser.I18n.Contracts; using SafeExamBrowser.Logging.Contracts; using SafeExamBrowser.Runtime.Contracts; using SafeExamBrowser.Runtime.Operations.Events; +using SafeExamBrowser.Settings; +using SafeExamBrowser.Settings.Security; +using SafeExamBrowser.Settings.Service; using SafeExamBrowser.UserInterface.Contracts; using SafeExamBrowser.UserInterface.Contracts.MessageBox; using SafeExamBrowser.UserInterface.Contracts.Windows; @@ -193,11 +194,11 @@ namespace SafeExamBrowser.Runtime RegisterSessionEvents(); runtimeWindow.ShowProgressBar = false; - runtimeWindow.ShowLog = Session.Settings.AllowApplicationLogAccess; - runtimeWindow.TopMost = Session.Settings.KioskMode != KioskMode.None; + runtimeWindow.ShowLog = Session.Settings.Security.AllowApplicationLogAccess; + runtimeWindow.TopMost = Session.Settings.Security.KioskMode != KioskMode.None; runtimeWindow.UpdateStatus(TextKey.RuntimeWindow_ApplicationRunning); - if (Session.Settings.KioskMode == KioskMode.DisableExplorerShell) + if (Session.Settings.Security.KioskMode == KioskMode.DisableExplorerShell) { runtimeWindow.Hide(); } @@ -226,9 +227,9 @@ namespace SafeExamBrowser.Runtime { runtimeWindow.ShowProgressBar = false; runtimeWindow.UpdateStatus(TextKey.RuntimeWindow_ApplicationRunning); - runtimeWindow.TopMost = Session.Settings.KioskMode != KioskMode.None; + runtimeWindow.TopMost = Session.Settings.Security.KioskMode != KioskMode.None; - if (Session.Settings.KioskMode == KioskMode.DisableExplorerShell) + if (Session.Settings.Security.KioskMode == KioskMode.DisableExplorerShell) { runtimeWindow.Hide(); } @@ -404,7 +405,7 @@ namespace SafeExamBrowser.Runtime private void AskForPassword(PasswordRequiredEventArgs args) { var isStartup = !SessionIsRunning; - var isRunningOnDefaultDesktop = SessionIsRunning && Session.Settings.KioskMode == KioskMode.DisableExplorerShell; + var isRunningOnDefaultDesktop = SessionIsRunning && Session.Settings.Security.KioskMode == KioskMode.DisableExplorerShell; if (isStartup || isRunningOnDefaultDesktop) { @@ -419,7 +420,7 @@ namespace SafeExamBrowser.Runtime private void ShowMessageBox(MessageEventArgs args) { var isStartup = !SessionIsRunning; - var isRunningOnDefaultDesktop = SessionIsRunning && Session.Settings.KioskMode == KioskMode.DisableExplorerShell; + var isRunningOnDefaultDesktop = SessionIsRunning && Session.Settings.Security.KioskMode == KioskMode.DisableExplorerShell; var message = text.Get(args.Message); var title = text.Get(args.Title); diff --git a/SafeExamBrowser.Settings/AppSettings.cs b/SafeExamBrowser.Settings/AppSettings.cs index 08439187..6c0c148b 100644 --- a/SafeExamBrowser.Settings/AppSettings.cs +++ b/SafeExamBrowser.Settings/AppSettings.cs @@ -11,6 +11,7 @@ using SafeExamBrowser.Settings.Applications; using SafeExamBrowser.Settings.Browser; using SafeExamBrowser.Settings.Logging; using SafeExamBrowser.Settings.Monitoring; +using SafeExamBrowser.Settings.Security; using SafeExamBrowser.Settings.Service; using SafeExamBrowser.Settings.SystemComponents; using SafeExamBrowser.Settings.UserInterface; @@ -28,16 +29,6 @@ namespace SafeExamBrowser.Settings /// public ActionCenterSettings ActionCenter { get; set; } - /// - /// The hash code of the administrator password for the settings. - /// - public string AdminPasswordHash { get; set; } - - /// - /// Determines whether any log information will be accessible via the user interface. - /// - public bool AllowApplicationLogAccess { get; set; } - /// /// All settings related to external applications. /// @@ -63,11 +54,6 @@ namespace SafeExamBrowser.Settings /// public KeyboardSettings Keyboard { get; set; } - /// - /// The kiosk mode which determines how the computer is locked down. - /// - public KioskMode KioskMode { get; set; } - /// /// The global log severity to be used. /// @@ -79,9 +65,9 @@ namespace SafeExamBrowser.Settings public MouseSettings Mouse { get; set; } /// - /// The hash code of the quit password. + /// All security-related settings. /// - public string QuitPasswordHash { get; set; } + public SecuritySettings Security { get; set; } /// /// All service-related settings. @@ -106,6 +92,7 @@ namespace SafeExamBrowser.Settings Browser = new BrowserSettings(); Keyboard = new KeyboardSettings(); Mouse = new MouseSettings(); + Security = new SecuritySettings(); Service = new ServiceSettings(); Taskbar = new TaskbarSettings(); } diff --git a/SafeExamBrowser.Settings/SafeExamBrowser.Settings.csproj b/SafeExamBrowser.Settings/SafeExamBrowser.Settings.csproj index c74a4985..1e019db2 100644 --- a/SafeExamBrowser.Settings/SafeExamBrowser.Settings.csproj +++ b/SafeExamBrowser.Settings/SafeExamBrowser.Settings.csproj @@ -70,11 +70,13 @@ - + + + diff --git a/SafeExamBrowser.Settings/KioskMode.cs b/SafeExamBrowser.Settings/Security/KioskMode.cs similarity index 73% rename from SafeExamBrowser.Settings/KioskMode.cs rename to SafeExamBrowser.Settings/Security/KioskMode.cs index 2dfeedd6..c288d66c 100644 --- a/SafeExamBrowser.Settings/KioskMode.cs +++ b/SafeExamBrowser.Settings/Security/KioskMode.cs @@ -6,10 +6,10 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -namespace SafeExamBrowser.Settings +namespace SafeExamBrowser.Settings.Security { /// - /// Defines all kiosk modes which the application supports. + /// Defines all kiosk modes which SEB supports. /// public enum KioskMode { @@ -19,12 +19,12 @@ namespace SafeExamBrowser.Settings None, /// - /// Creates a new desktop and runs the client application on it, without modifying the default desktop. + /// Creates a new desktop and runs the client on it, without modifying the default desktop. /// CreateNewDesktop, /// - /// Terminates the Windows explorer shell and runs the client application on the default desktop. + /// Terminates the Windows explorer shell and runs the client on the default desktop. /// DisableExplorerShell } diff --git a/SafeExamBrowser.Settings/Security/SecuritySettings.cs b/SafeExamBrowser.Settings/Security/SecuritySettings.cs new file mode 100644 index 00000000..3217accb --- /dev/null +++ b/SafeExamBrowser.Settings/Security/SecuritySettings.cs @@ -0,0 +1,44 @@ +/* + * Copyright (c) 2019 ETH Zürich, Educational Development and Technology (LET) + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +using System; + +namespace SafeExamBrowser.Settings.Security +{ + /// + /// Defines all settings related to security. + /// + [Serializable] + public class SecuritySettings + { + /// + /// The hash code of the administrator password for the settings. + /// + public string AdminPasswordHash { get; set; } + + /// + /// Determines whether any log information will be accessible via the user interface. + /// + public bool AllowApplicationLogAccess { get; set; } + + /// + /// The kiosk mode which determines how the computer is locked down. + /// + public KioskMode KioskMode { get; set; } + + /// + /// The hash code of the quit password. + /// + public string QuitPasswordHash { get; set; } + + /// + /// Determines whether SEB is allowed to run in a virtual machine. + /// + public VirtualMachinePolicy VirtualMachinePolicy { get; set; } + } +} diff --git a/SafeExamBrowser.Settings/Security/VirtualMachinePolicy.cs b/SafeExamBrowser.Settings/Security/VirtualMachinePolicy.cs new file mode 100644 index 00000000..5d3cdca6 --- /dev/null +++ b/SafeExamBrowser.Settings/Security/VirtualMachinePolicy.cs @@ -0,0 +1,26 @@ +/* + * Copyright (c) 2019 ETH Zürich, Educational Development and Technology (LET) + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +namespace SafeExamBrowser.Settings.Security +{ + /// + /// Defines all policies with respect to running SEB in a virtual machine. + /// + public enum VirtualMachinePolicy + { + /// + /// SEB is allowed to be run in a virtual machine. + /// + Allow, + + /// + /// SEB is not allowed to be run in a virtual machine. + /// + Deny + } +}