no-jira: log failed attempt during assessment mode with SEB

a4020190 · srosse · fa12b10c · a4020190 · a4020190
Commit a4020190 authored 5 years ago by srosse
--- a/src/main/java/org/olat/course/assessment/manager/AssessmentModeManagerImpl.java
+++ b/src/main/java/org/olat/course/assessment/manager/AssessmentModeManagerImpl.java
@@ -469,7 +469,6 @@ public class AssessmentModeManagerImpl implements AssessmentModeManager {
 	@Override
 	public boolean isSafelyAllowed(HttpServletRequest request, String safeExamBrowserKeys) {
 		boolean safe = false;
-		boolean debug = log.isDebugEnabled();
 		if(StringHelper.containsNonWhitespace(safeExamBrowserKeys)) {
 			String safeExamHash = request.getHeader("x-safeexambrowser-requesthash");
 			String url = request.getRequestURL().toString();
@@ -488,12 +487,13 @@ public class AssessmentModeManagerImpl implements AssessmentModeManager {
 					}
 				}
 				
-				if(debug) {
-					if(safeExamHash == null) {
-						log.debug("Failed safeexambrowser request hash is null for URL: " + url + " and key: " + safeExamBrowserKey);
-					} else {
-						log.debug((safeExamHash.equals(hash) ? "Success" : "Failed") + " : " + safeExamHash +" (Header) " + hash + " (Calculated) for URL: " + url + " and key: " + safeExamBrowserKey);
+				if(safeExamHash == null) {
+					log.warn("Failed safeexambrowser request hash is null for URL: {} and key: {}", url, safeExamBrowserKey);
+				} else {
+					if(!safe) {
+						log.warn("Failed safeexambrowser check: {} (Header) {} (Calculated) for URL: {}", safeExamHash, hash, url);
 					}
+					log.debug("safeexambrowser {} : {} (Header) {} (Calculated) for URL: {} and key: {}", (safeExamHash.equals(hash) ? "Success" : "Failed") , safeExamHash, hash, url, safeExamBrowserKey);
 				}
 			}
 		} else {

--- a/src/test/java/org/olat/course/assessment/manager/AssessmentModeManagerTest.java
+++ b/src/test/java/org/olat/course/assessment/manager/AssessmentModeManagerTest.java
@@ -1257,6 +1257,19 @@ public class AssessmentModeManagerTest extends OlatTestCase {
 		boolean allowed = assessmentModeMgr.isSafelyAllowed(request, safeExamBrowserKey);
 		Assert.assertFalse(allowed);
 	}
+	
+	@Test
+	public void isSafelyAllowed_missingHeader() {
+		String safeExamBrowserKey = "gdfkhjsduzezrutuzsf";
+
+		MockHttpServletRequest request = new MockHttpServletRequest();
+		request.setServerName("localhost");
+		request.setScheme("http");
+		request.setRequestURI("/unauthorized/url");
+		
+		boolean allowed = assessmentModeMgr.isSafelyAllowed(request, safeExamBrowserKey);
+		Assert.assertFalse(allowed);
+	}

 	/**
 	 * Create a minimal assessment mode which start one hour before now