diff --git a/mod/quiz/accessrule/seb/classes/settings_provider.php b/mod/quiz/accessrule/seb/classes/settings_provider.php index f7a8ffdaa10f4..a093456b3f0b9 100644 --- a/mod/quiz/accessrule/seb/classes/settings_provider.php +++ b/mod/quiz/accessrule/seb/classes/settings_provider.php @@ -539,6 +539,11 @@ public static function is_conflicting_permissions(\context $context) { return true; } + if (!self::can_use_seb_client_config($context) && + $settings->get('requiresafeexambrowser') == self::USE_SEB_CLIENT_CONFIG) { + return true; + } + if (!self::can_upload_seb_file($context) && $settings->get('requiresafeexambrowser') == self::USE_SEB_UPLOAD_CONFIG) { return true; @@ -575,7 +580,9 @@ public static function get_requiresafeexambrowser_options(\context $context): ar $options[self::USE_SEB_UPLOAD_CONFIG] = get_string('seb_use_upload', 'quizaccess_seb'); } - $options[self::USE_SEB_CLIENT_CONFIG] = get_string('seb_use_client', 'quizaccess_seb'); + if (self::can_use_seb_client_config($context) || self::is_conflicting_permissions($context)) { + $options[self::USE_SEB_CLIENT_CONFIG] = get_string('seb_use_client', 'quizaccess_seb'); + } return $options; } @@ -745,6 +752,16 @@ public static function can_configure_seb(\context $context): bool { return has_capability('quizaccess/seb:manage_seb_requiresafeexambrowser', $context); } + /** + * Check if the current user can select to use the SEB client configuration. + * + * @param \context $context Context to check access in. + * @return bool + */ + public static function can_use_seb_client_config(\context $context): bool { + return has_capability('quizaccess/seb:manage_seb_usesebclientconfig', $context); + } + /** * Check if the current user can use preconfigured templates. * @@ -792,6 +809,10 @@ public static function can_change_seb_allowedbrowserexamkeys(\context $context): * @return bool */ public static function can_configure_manually(\context $context): bool { + if (!has_capability('quizaccess/seb:manage_seb_configuremanually', $context)) { + return false; + } + foreach (self::get_seb_config_elements() as $name => $type) { if (self::can_manage_seb_config_setting($name, $context)) { return true; diff --git a/mod/quiz/accessrule/seb/db/access.php b/mod/quiz/accessrule/seb/db/access.php index d79df40695928..ab67147af3be6 100644 --- a/mod/quiz/accessrule/seb/db/access.php +++ b/mod/quiz/accessrule/seb/db/access.php @@ -49,6 +49,24 @@ 'editingteacher' => CAP_ALLOW ] ], + 'quizaccess/seb:manage_seb_configuremanually' => [ + 'captype' => 'read', + 'contextlevel' => CONTEXT_MODULE, + 'archetypes' => [ + 'manager' => CAP_ALLOW, + 'editingteacher' => CAP_ALLOW + ], + 'clonepermissionsfrom' => 'quizaccess/seb:manage_seb_requiresafeexambrowser', + ], + 'quizaccess/seb:manage_seb_usesebclientconfig' => [ + 'captype' => 'read', + 'contextlevel' => CONTEXT_MODULE, + 'archetypes' => [ + 'manager' => CAP_ALLOW, + 'editingteacher' => CAP_ALLOW + ], + 'clonepermissionsfrom' => 'quizaccess/seb:manage_seb_requiresafeexambrowser', + ], 'quizaccess/seb:manage_seb_templateid' => [ 'captype' => 'read', 'contextlevel' => CONTEXT_MODULE, diff --git a/mod/quiz/accessrule/seb/lang/en/quizaccess_seb.php b/mod/quiz/accessrule/seb/lang/en/quizaccess_seb.php index c340f295a2f2d..2297c1ab0368e 100644 --- a/mod/quiz/accessrule/seb/lang/en/quizaccess_seb.php +++ b/mod/quiz/accessrule/seb/lang/en/quizaccess_seb.php @@ -106,6 +106,7 @@ $string['seb:manage_seb_regexallowed'] = 'Change SEB quiz setting: Regex expressions allowed'; $string['seb:manage_seb_regexblocked'] = 'Change SEB quiz setting: Regex expressions blocked'; $string['seb:manage_seb_requiresafeexambrowser'] = 'Change SEB quiz setting: Require Safe Exam Browser'; +$string['seb:manage_seb_configuremanually'] = 'Change SEB quiz setting: Select manual configuration'; $string['seb:manage_seb_showkeyboardlayout'] = 'Change SEB quiz setting: Show keyboard layout'; $string['seb:manage_seb_showreloadbutton'] = 'Change SEB quiz setting: Show reload button'; $string['seb:manage_seb_showsebtaskbar'] = 'Change SEB quiz setting: Show task bar'; @@ -114,6 +115,7 @@ $string['seb:manage_seb_showsebdownloadlink'] = 'Change SEB quiz setting: Show download link'; $string['seb:manage_seb_templateid'] = 'Change SEB quiz setting: Select SEB template'; $string['seb:manage_seb_userconfirmquit'] = 'Change SEB quiz setting: Confirm on quit'; +$string['seb:manage_seb_usesebclientconfig'] = 'Change SEB quiz setting: Use SEB client configuration'; $string['seb:managetemplates'] = 'Manage SEB configuration templates'; $string['seb_activateurlfiltering'] = 'Enable URL filtering'; $string['seb_activateurlfiltering_help'] = 'If enabled, URLs will be filtered when loading web pages. The filter set has to be defined below.'; diff --git a/mod/quiz/accessrule/seb/tests/settings_provider_test.php b/mod/quiz/accessrule/seb/tests/settings_provider_test.php index 821d1c9e36aad..745b28d62e4ad 100644 --- a/mod/quiz/accessrule/seb/tests/settings_provider_test.php +++ b/mod/quiz/accessrule/seb/tests/settings_provider_test.php @@ -656,15 +656,33 @@ public function test_get_requiresafeexambrowser_options($settingcapability): voi $options = settings_provider::get_requiresafeexambrowser_options($this->context); - $this->assertCount(2, $options); + $this->assertCount(1, $options); $this->assertFalse(array_key_exists(settings_provider::USE_SEB_CONFIG_MANUALLY, $options)); $this->assertFalse(array_key_exists(settings_provider::USE_SEB_TEMPLATE, $options)); $this->assertFalse(array_key_exists(settings_provider::USE_SEB_UPLOAD_CONFIG, $options)); - $this->assertTrue(array_key_exists(settings_provider::USE_SEB_CLIENT_CONFIG, $options)); + $this->assertFalse(array_key_exists(settings_provider::USE_SEB_CLIENT_CONFIG, $options)); $this->assertTrue(array_key_exists(settings_provider::USE_SEB_NO, $options)); assign_capability($settingcapability, CAP_ALLOW, $this->roleid, $this->context->id); $options = settings_provider::get_requiresafeexambrowser_options($this->context); + $this->assertCount(1, $options); + $this->assertFalse(array_key_exists(settings_provider::USE_SEB_CONFIG_MANUALLY, $options)); + $this->assertFalse(array_key_exists(settings_provider::USE_SEB_TEMPLATE, $options)); + $this->assertFalse(array_key_exists(settings_provider::USE_SEB_UPLOAD_CONFIG, $options)); + $this->assertFalse(array_key_exists(settings_provider::USE_SEB_CLIENT_CONFIG, $options)); + $this->assertTrue(array_key_exists(settings_provider::USE_SEB_NO, $options)); + + assign_capability('quizaccess/seb:manage_seb_configuremanually', CAP_ALLOW, $this->roleid, $this->context->id); + $options = settings_provider::get_requiresafeexambrowser_options($this->context); + $this->assertCount(2, $options); + $this->assertTrue(array_key_exists(settings_provider::USE_SEB_CONFIG_MANUALLY, $options)); + $this->assertFalse(array_key_exists(settings_provider::USE_SEB_TEMPLATE, $options)); + $this->assertFalse(array_key_exists(settings_provider::USE_SEB_UPLOAD_CONFIG, $options)); + $this->assertFalse(array_key_exists(settings_provider::USE_SEB_CLIENT_CONFIG, $options)); + $this->assertTrue(array_key_exists(settings_provider::USE_SEB_NO, $options)); + + assign_capability('quizaccess/seb:manage_seb_usesebclientconfig', CAP_ALLOW, $this->roleid, $this->context->id); + $options = settings_provider::get_requiresafeexambrowser_options($this->context); $this->assertCount(3, $options); $this->assertTrue(array_key_exists(settings_provider::USE_SEB_CONFIG_MANUALLY, $options)); $this->assertFalse(array_key_exists(settings_provider::USE_SEB_TEMPLATE, $options)); @@ -1134,6 +1152,9 @@ public function test_can_configure_manually($settingcapability): void { $this->assertFalse(settings_provider::can_configure_manually($this->context)); + assign_capability('quizaccess/seb:manage_seb_configuremanually', CAP_ALLOW, $this->roleid, $this->context->id); + $this->assertFalse(settings_provider::can_configure_manually($this->context)); + assign_capability($settingcapability, CAP_ALLOW, $this->roleid, $this->context->id); $this->assertTrue(settings_provider::can_configure_manually($this->context)); } @@ -1228,6 +1249,11 @@ public function test_is_conflicting_permissions_for_configure_manually($settingc $this->set_up_user_and_role(); + $this->assertTrue(settings_provider::is_conflicting_permissions($this->context)); + + assign_capability('quizaccess/seb:manage_seb_configuremanually', CAP_ALLOW, $this->roleid, $this->context->id); + $this->assertTrue(settings_provider::is_conflicting_permissions($this->context)); + assign_capability($settingcapability, CAP_ALLOW, $this->roleid, $this->context->id); $this->assertFalse(settings_provider::is_conflicting_permissions($this->context)); } diff --git a/mod/quiz/accessrule/seb/version.php b/mod/quiz/accessrule/seb/version.php index 93d40beabaa19..b3949944367b4 100644 --- a/mod/quiz/accessrule/seb/version.php +++ b/mod/quiz/accessrule/seb/version.php @@ -25,7 +25,7 @@ defined('MOODLE_INTERNAL') || die(); -$plugin->version = 2024042200; +$plugin->version = 2024062800; $plugin->requires = 2024041600; $plugin->component = 'quizaccess_seb'; $plugin->maturity = MATURITY_STABLE;