AutorÃa | Ultima modificación | Ver Log |
<?php// This file is part of Moodle - http://moodle.org///// Moodle is free software: you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation, either version 3 of the License, or// (at your option) any later version.//// Moodle is distributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.//// You should have received a copy of the GNU General Public License// along with Moodle. If not, see <http://www.gnu.org/licenses/>.use mod_quiz\local\access_rule_base;use mod_quiz\quiz_attempt;use quizaccess_seb\seb_access_manager;use quizaccess_seb\seb_quiz_settings;use quizaccess_seb\settings_provider;use quizaccess_seb\event\access_prevented;/*** Implementation of the quizaccess_seb plugin.** @package quizaccess_seb* @author Andrew Madden <andrewmadden@catalyst-au.net>* @author Dmitrii Metelkin <dmitriim@catalyst-au.net>* @copyright 2019 Catalyst IT* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later*/class quizaccess_seb extends access_rule_base {/** @var seb_access_manager $accessmanager Instance to manage the access to the quiz for this plugin. */private $accessmanager;/*** Create an instance of this rule for a particular quiz.** @param \mod_quiz\quiz_settings $quizobj information about the quiz in question.* @param int $timenow the time that should be considered as 'now'.* @param seb_access_manager $accessmanager the quiz accessmanager.*/public function __construct(\mod_quiz\quiz_settings $quizobj, int $timenow, seb_access_manager $accessmanager) {parent::__construct($quizobj, $timenow);$this->accessmanager = $accessmanager;}/*** Return an appropriately configured instance of this rule, if it is applicable* to the given quiz, otherwise return null.** @param \mod_quiz\quiz_settings $quizobj information about the quiz in question.* @param int $timenow the time that should be considered as 'now'.* @param bool $canignoretimelimits whether the current user is exempt from* time limits by the mod/quiz:ignoretimelimits capability.* @return access_rule_base|null the rule, if applicable, else null.*/public static function make(\mod_quiz\quiz_settings $quizobj, $timenow, $canignoretimelimits) {$accessmanager = new seb_access_manager($quizobj);// If Safe Exam Browser is not required, this access rule is not applicable.if (!$accessmanager->seb_required()) {return null;}return new self($quizobj, $timenow, $accessmanager);}/*** Add any fields that this rule requires to the quiz settings form. This* method is called from {@link mod_quiz_mod_form::definition()}, while the* security section is being built.** @param mod_quiz_mod_form $quizform the quiz settings form that is being built.* @param MoodleQuickForm $mform the wrapped MoodleQuickForm.*/public static function add_settings_form_fields(mod_quiz_mod_form $quizform, MoodleQuickForm $mform) {settings_provider::add_seb_settings_fields($quizform, $mform);}/*** Validate the data from any form fields added using {@link add_settings_form_fields()}.** @param array $errors the errors found so far.* @param array $data the submitted form data.* @param array $files information about any uploaded files.* @param mod_quiz_mod_form $quizform the quiz form object.* @return array $errors the updated $errors array.*/public static function validate_settings_form_fields(array $errors,array $data, $files, mod_quiz_mod_form $quizform): array {$quizid = $data['instance'];$cmid = $data['coursemodule'];$context = $quizform->get_context();if (!settings_provider::can_configure_seb($context)) {return $errors;}if (settings_provider::is_seb_settings_locked($quizid)) {return $errors;}if (settings_provider::is_conflicting_permissions($context)) {return $errors;}$settings = settings_provider::filter_plugin_settings((object) $data);// Validate basic settings using persistent class.$quizsettings = (new seb_quiz_settings())->from_record($settings);// Set non-form fields.$quizsettings->set('quizid', $quizid);$quizsettings->set('cmid', $cmid);$quizsettings->validate();// Add any errors to list.foreach ($quizsettings->get_errors() as $name => $error) {$name = settings_provider::add_prefix($name); // Re-add prefix to match form element.$errors[$name] = $error->out();}// Edge case for filemanager_sebconfig.if ($quizsettings->get('requiresafeexambrowser') == settings_provider::USE_SEB_UPLOAD_CONFIG) {$errorvalidatefile = settings_provider::validate_draftarea_configfile($data['filemanager_sebconfigfile']);if (!empty($errorvalidatefile)) {$errors['filemanager_sebconfigfile'] = $errorvalidatefile;}}// Edge case to force user to select a template.if ($quizsettings->get('requiresafeexambrowser') == settings_provider::USE_SEB_TEMPLATE) {if (empty($data['seb_templateid'])) {$errors['seb_templateid'] = get_string('invalidtemplate', 'quizaccess_seb');}}if ($quizsettings->get('requiresafeexambrowser') != settings_provider::USE_SEB_NO) {// Global settings may be active which require a quiz password to be set if using SEB.if (!empty(get_config('quizaccess_seb', 'quizpasswordrequired')) && empty($data['quizpassword'])) {$errors['quizpassword'] = get_string('passwordnotset', 'quizaccess_seb');}}return $errors;}/*** Save any submitted settings when the quiz settings form is submitted. This* is called from {@link quiz_after_add_or_update()} in lib.php.** @param stdClass $quiz the data from the quiz form, including $quiz->id* which is the id of the quiz being saved.*/public static function save_settings($quiz) {$context = context_module::instance($quiz->coursemodule);if (!settings_provider::can_configure_seb($context)) {return;}if (settings_provider::is_seb_settings_locked($quiz->id)) {return;}if (settings_provider::is_conflicting_permissions($context)) {return;}$cm = get_coursemodule_from_instance('quiz', $quiz->id, $quiz->course, false, MUST_EXIST);$settings = settings_provider::filter_plugin_settings($quiz);$settings->quizid = $quiz->id;$settings->cmid = $cm->id;// Get existing settings or create new settings if none exist.$quizsettings = seb_quiz_settings::get_by_quiz_id($quiz->id);if (empty($quizsettings)) {$quizsettings = new seb_quiz_settings(0, $settings);} else {$settings->id = $quizsettings->get('id');$quizsettings->from_record($settings);}// Process uploaded files if required.if ($quizsettings->get('requiresafeexambrowser') == settings_provider::USE_SEB_UPLOAD_CONFIG) {$draftitemid = file_get_submitted_draft_itemid('filemanager_sebconfigfile');settings_provider::save_filemanager_sebconfigfile_draftarea($draftitemid, $cm->id);} else {settings_provider::delete_uploaded_config_file($cm->id);}// Save or delete settings.if ($quizsettings->get('requiresafeexambrowser') != settings_provider::USE_SEB_NO) {$quizsettings->save();} else if ($quizsettings->get('id')) {$quizsettings->delete();}}/*** Delete any rule-specific settings when the quiz is deleted. This is called* from {@link quiz_delete_instance()} in lib.php.** @param stdClass $quiz the data from the database, including $quiz->id* which is the id of the quiz being deleted.*/public static function delete_settings($quiz) {$quizsettings = seb_quiz_settings::get_by_quiz_id($quiz->id);// Check that there are existing settings.if ($quizsettings !== false) {$quizsettings->delete();}}/*** Return the bits of SQL needed to load all the settings from all the access* plugins in one DB query. The easiest way to understand what you need to do* here is probably to read the code of {@see \mod_quiz\access_manager::load_settings()}.** If you have some settings that cannot be loaded in this way, then you can* use the {@link get_extra_settings()} method instead, but that has* performance implications.** @param int $quizid the id of the quiz we are loading settings for. This* can also be accessed as quiz.id in the SQL. (quiz is a table alisas for {quiz}.)* @return array with three elements:* 1. fields: any fields to add to the select list. These should be alised* if neccessary so that the field name starts the name of the plugin.* 2. joins: any joins (should probably be LEFT JOINS) with other tables that* are needed.* 3. params: array of placeholder values that are needed by the SQL. You must* used named placeholders, and the placeholder names should start with the* plugin name, to avoid collisions.*/public static function get_settings_sql($quizid): array {return ['seb.requiresafeexambrowser AS seb_requiresafeexambrowser, '. 'seb.showsebtaskbar AS seb_showsebtaskbar, '. 'seb.showwificontrol AS seb_showwificontrol, '. 'seb.showreloadbutton AS seb_showreloadbutton, '. 'seb.showtime AS seb_showtime, '. 'seb.showkeyboardlayout AS seb_showkeyboardlayout, '. 'seb.allowuserquitseb AS seb_allowuserquitseb, '. 'seb.quitpassword AS seb_quitpassword, '. 'seb.linkquitseb AS seb_linkquitseb, '. 'seb.userconfirmquit AS seb_userconfirmquit, '. 'seb.enableaudiocontrol AS seb_enableaudiocontrol, '. 'seb.muteonstartup AS seb_muteonstartup, '. 'seb.allowspellchecking AS seb_allowspellchecking, '. 'seb.allowreloadinexam AS seb_allowreloadinexam, '. 'seb.activateurlfiltering AS seb_activateurlfiltering, '. 'seb.filterembeddedcontent AS seb_filterembeddedcontent, '. 'seb.expressionsallowed AS seb_expressionsallowed, '. 'seb.regexallowed AS seb_regexallowed, '. 'seb.expressionsblocked AS seb_expressionsblocked, '. 'seb.regexblocked AS seb_regexblocked, '. 'seb.allowedbrowserexamkeys AS seb_allowedbrowserexamkeys, '. 'seb.showsebdownloadlink AS seb_showsebdownloadlink, '. 'sebtemplate.id AS seb_templateid ', 'LEFT JOIN {quizaccess_seb_quizsettings} seb ON seb.quizid = quiz.id '. 'LEFT JOIN {quizaccess_seb_template} sebtemplate ON seb.templateid = sebtemplate.id ', []];}/*** Whether the user should be blocked from starting a new attempt or continuing* an attempt now.** @return string false if access should be allowed, a message explaining the* reason if access should be prevented.*/public function prevent_access() {global $PAGE;if (!$this->accessmanager->seb_required()) {return false;}if ($this->accessmanager->can_bypass_seb()) {return false;}// If the rule is active, enforce a secure view whilst taking the quiz.$PAGE->set_pagelayout('secure');$this->prevent_display_blocks();// Access has previously been validated for this session and quiz.if ($this->accessmanager->validate_session_access()) {return false;}if (!$this->accessmanager->validate_basic_header()) {access_prevented::create_strict($this->accessmanager, $this->get_reason_text('not_seb'))->trigger();return $this->get_require_seb_error_message();}if (!$this->accessmanager->validate_config_key()) {if ($this->accessmanager->should_redirect_to_seb_config_link()) {$this->accessmanager->redirect_to_seb_config_link();}access_prevented::create_strict($this->accessmanager, $this->get_reason_text('invalid_config_key'))->trigger();return $this->get_invalid_key_error_message();}if (!$this->accessmanager->validate_browser_exam_key()) {access_prevented::create_strict($this->accessmanager, $this->get_reason_text('invalid_browser_key'))->trigger();return $this->get_invalid_key_error_message();}// Set the state of the access for this Moodle session.$this->accessmanager->set_session_access(true);return false;}/*** Returns a list of finished attempts for the current user.** @return array*/private function get_user_finished_attempts(): array {global $USER;return quiz_get_user_attempts($this->quizobj->get_quizid(),$USER->id,quiz_attempt::FINISHED,false);}/*** Prevent block displaying as configured.*/private function prevent_display_blocks() {global $PAGE;if ($PAGE->has_set_url() && $PAGE->url == $this->quizobj->view_url()) {$attempts = $this->get_user_finished_attempts();// Don't display blocks before starting an attempt.if (empty($attempts) && !get_config('quizaccess_seb', 'displayblocksbeforestart')) {$PAGE->blocks->show_only_fake_blocks();}// Don't display blocks after finishing an attempt.if (!empty($attempts) && !get_config('quizaccess_seb', 'displayblockswhenfinished')) {$PAGE->blocks->show_only_fake_blocks();}}}/*** Returns reason for access prevention as a text.** @param string $identifier Reason string identifier.* @return string*/private function get_reason_text(string $identifier): string {if (in_array($identifier, ['not_seb', 'invalid_config_key', 'invalid_browser_key'])) {return get_string($identifier, 'quizaccess_seb');}return get_string('unknown_reason', 'quizaccess_seb');}/*** Return error message when a SEB key is not valid.** @return string*/private function get_invalid_key_error_message(): string {// Return error message with download link and links to get the seb config.return get_string('invalidkeys', 'quizaccess_seb'). $this->display_buttons($this->get_action_buttons());}/*** Return error message when a SEB browser is not used.** @return string*/private function get_require_seb_error_message(): string {$message = get_string('clientrequiresseb', 'quizaccess_seb');if ($this->should_display_download_seb_link()) {$message .= $this->display_buttons($this->get_download_seb_button());}// Return error message with download link.return $message;}/*** Helper function to display an Exit Safe Exam Browser button if configured to do so and attempts are > 0.** @return string empty or a button which has the configured seb quit link.*/private function get_quit_button(): string {$quitbutton = '';if (empty($this->get_user_finished_attempts())) {return $quitbutton;}// Only display if the link has been configured and attempts are greater than 0.if (!empty($this->quiz->seb_linkquitseb)) {$quitbutton = html_writer::link($this->quiz->seb_linkquitseb,get_string('exitsebbutton', 'quizaccess_seb'),['class' => 'btn btn-secondary']);}return $quitbutton;}/*** Information, such as might be shown on the quiz view page, relating to this restriction.* There is no obligation to return anything. If it is not appropriate to tell students* about this rule, then just return ''.** @return mixed a message, or array of messages, explaining the restriction* (may be '' if no message is appropriate).*/public function description(): array {global $PAGE;$messages = [get_string('sebrequired', 'quizaccess_seb')];// Display download SEB config link for those who can bypass using SEB.if ($this->accessmanager->can_bypass_seb() && $this->accessmanager->should_validate_config_key()) {$messages[] = $this->display_buttons($this->get_download_config_button());}// Those with higher level access will be able to see the button if they've made an attempt.if (!$this->prevent_access()) {$messages[] = $this->display_buttons($this->get_quit_button());} else {$PAGE->requires->js_call_amd('quizaccess_seb/validate_quiz_access', 'init',[$this->quiz->cmid, (bool)get_config('quizaccess_seb', 'autoreconfigureseb')]);}return $messages;}/*** Sets up the attempt (review or summary) page with any special extra* properties required by this rule.** @param moodle_page $page the page object to initialise.*/public function setup_attempt_page($page) {$page->set_title($this->quizobj->get_course()->shortname . ': ' . $page->title);$page->set_popup_notification_allowed(false); // Prevent message notifications.$page->set_heading($page->title);$page->set_pagelayout('secure');}/*** This is called when the current attempt at the quiz is finished.*/public function current_attempt_finished() {$this->accessmanager->clear_session_access();}/*** Prepare buttons HTML code for being displayed on the screen.** @param string $buttonshtml Html string of the buttons.* @param string $class Optional CSS class (or classes as space-separated list)* @param array $attributes Optional other attributes as array** @return string HTML code of the provided buttons.*/private function display_buttons(string $buttonshtml, $class = '', array $attributes = null): string {$html = '';if (!empty($buttonshtml)) {$html = html_writer::div($buttonshtml, $class, $attributes);}return $html;}/*** Get buttons to prompt user to download SEB or config file or launch SEB.** @return string Html block of all action buttons.*/private function get_action_buttons(): string {$buttons = '';if ($this->should_display_download_seb_link()) {$buttons .= $this->get_download_seb_button();}// Get config for displaying links.$linkconfig = explode(',', get_config('quizaccess_seb', 'showseblinks'));// Display links to download config/launch SEB only if required.if ($this->accessmanager->should_validate_config_key()) {if (in_array('seb', $linkconfig)) {$buttons .= $this->get_launch_seb_button();}if (in_array('http', $linkconfig)) {$buttons .= $this->get_download_config_button();}}return $buttons;}/*** Get a button to download SEB.** @return string A link to download SafeExam Browser.*/private function get_download_seb_button(): string {global $OUTPUT;$button = '';if (!empty($this->get_seb_download_url())) {$button = $OUTPUT->single_button($this->get_seb_download_url(), get_string('sebdownloadbutton', 'quizaccess_seb'));}return $button;}/*** Get a button to launch Safe Exam Browser.** @return string A link to launch Safe Exam Browser.*/private function get_launch_seb_button(): string {// Rendering as a href and not as button in a form to circumvent browser warnings for sending to URL with unknown protocol.$seblink = \quizaccess_seb\link_generator::get_link($this->quiz->cmid, true, is_https());$buttonlink = html_writer::start_tag('div', ['class' => 'singlebutton']);$buttonlink .= html_writer::link($seblink, get_string('seblinkbutton', 'quizaccess_seb'),['class' => 'btn btn-secondary', 'title' => get_string('seblinkbutton', 'quizaccess_seb')]);$buttonlink .= html_writer::end_tag('div');return $buttonlink;}/*** Get a button to download Safe Exam Browser config.** @return string A link to launch Safe Exam Browser.*/private function get_download_config_button(): string {// Rendering as a href and not as button in a form to circumvent browser warnings for sending to URL with unknown protocol.$httplink = \quizaccess_seb\link_generator::get_link($this->quiz->cmid, false, is_https());$buttonlink = html_writer::start_tag('div', ['class' => 'singlebutton']);$buttonlink .= html_writer::link($httplink, get_string('httplinkbutton', 'quizaccess_seb'),['class' => 'btn btn-secondary', 'title' => get_string('httplinkbutton', 'quizaccess_seb')]);$buttonlink .= html_writer::end_tag('div');return $buttonlink;}/*** Returns SEB download URL.** @return string*/private function get_seb_download_url(): string {return get_config('quizaccess_seb', 'downloadlink');}/*** Check if we should display a link to download Safe Exam Browser.** @return bool*/private function should_display_download_seb_link(): bool {return !empty($this->quiz->seb_showsebdownloadlink);}}