From a4020190080e0b83c18c99b658dd296d911d232d Mon Sep 17 00:00:00 2001
From: srosse <stephane.rosse@frentix.com>
Date: Wed, 18 Dec 2019 16:39:07 +0100
Subject: [PATCH] no-jira: log failed attempt during assessment mode with SEB

---
 .../manager/AssessmentModeManagerImpl.java          | 12 ++++++------
 .../manager/AssessmentModeManagerTest.java          | 13 +++++++++++++
 2 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/src/main/java/org/olat/course/assessment/manager/AssessmentModeManagerImpl.java b/src/main/java/org/olat/course/assessment/manager/AssessmentModeManagerImpl.java
index af458d05f28..7cf3ca98e05 100644
--- a/src/main/java/org/olat/course/assessment/manager/AssessmentModeManagerImpl.java
+++ b/src/main/java/org/olat/course/assessment/manager/AssessmentModeManagerImpl.java
@@ -469,7 +469,6 @@ public class AssessmentModeManagerImpl implements AssessmentModeManager {
 	@Override
 	public boolean isSafelyAllowed(HttpServletRequest request, String safeExamBrowserKeys) {
 		boolean safe = false;
-		boolean debug = log.isDebugEnabled();
 		if(StringHelper.containsNonWhitespace(safeExamBrowserKeys)) {
 			String safeExamHash = request.getHeader("x-safeexambrowser-requesthash");
 			String url = request.getRequestURL().toString();
@@ -488,12 +487,13 @@ public class AssessmentModeManagerImpl implements AssessmentModeManager {
 					}
 				}
 				
-				if(debug) {
-					if(safeExamHash == null) {
-						log.debug("Failed safeexambrowser request hash is null for URL: " + url + " and key: " + safeExamBrowserKey);
-					} else {
-						log.debug((safeExamHash.equals(hash) ? "Success" : "Failed") + " : " + safeExamHash +" (Header) " + hash + " (Calculated) for URL: " + url + " and key: " + safeExamBrowserKey);
+				if(safeExamHash == null) {
+					log.warn("Failed safeexambrowser request hash is null for URL: {} and key: {}", url, safeExamBrowserKey);
+				} else {
+					if(!safe) {
+						log.warn("Failed safeexambrowser check: {} (Header) {} (Calculated) for URL: {}", safeExamHash, hash, url);
 					}
+					log.debug("safeexambrowser {} : {} (Header) {} (Calculated) for URL: {} and key: {}", (safeExamHash.equals(hash) ? "Success" : "Failed") , safeExamHash, hash, url, safeExamBrowserKey);
 				}
 			}
 		} else {
diff --git a/src/test/java/org/olat/course/assessment/manager/AssessmentModeManagerTest.java b/src/test/java/org/olat/course/assessment/manager/AssessmentModeManagerTest.java
index 9518c66d337..f7bfd361967 100644
--- a/src/test/java/org/olat/course/assessment/manager/AssessmentModeManagerTest.java
+++ b/src/test/java/org/olat/course/assessment/manager/AssessmentModeManagerTest.java
@@ -1257,6 +1257,19 @@ public class AssessmentModeManagerTest extends OlatTestCase {
 		boolean allowed = assessmentModeMgr.isSafelyAllowed(request, safeExamBrowserKey);
 		Assert.assertFalse(allowed);
 	}
+	
+	@Test
+	public void isSafelyAllowed_missingHeader() {
+		String safeExamBrowserKey = "gdfkhjsduzezrutuzsf";
+
+		MockHttpServletRequest request = new MockHttpServletRequest();
+		request.setServerName("localhost");
+		request.setScheme("http");
+		request.setRequestURI("/unauthorized/url");
+		
+		boolean allowed = assessmentModeMgr.isSafelyAllowed(request, safeExamBrowserKey);
+		Assert.assertFalse(allowed);
+	}
 
 	/**
 	 * Create a minimal assessment mode which start one hour before now
-- 
GitLab