Ignoring SessionLock/Unlock (suspend and/or lock/unlock) to prevent false redscreens #1028
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #1028 +/- ##
==========================================
- Coverage 54.09% 53.86% -0.24%
==========================================
Files 242 239 -3
Lines 13854 13817 -37
Branches 1527 1529 +2
==========================================
- Hits 7494 7442 -52
- Misses 6032 6053 +21
+ Partials 328 322 -6 ☔ View full report in Codecov by Sentry. |
|
Thanks for your contribution. We'll review the changes as soon as time permits. |
|
@TomJampen you could automatically clear sebs cache folder on pc start (this removes session lock) |
|
I dont get the relevance to the exact issue this pr addresses? Wouldn't cache deletion evade certain security measures? |
Cache deletion evades security measures yes |
|
Your comments still appear to lack any relevance to this code/pr. Please open another issue, pr or discussion, if you want something else to be implemented. I read the authors message, I infact co-authored it, just like I wrote the code that is in this PR. |
I was just mentioning how automatic cache deletion on pc restart might also solve the issue. |
|
Well then. Automatic cache deletion does not solve the issue this PR addresses. In case the behvaiour of redscreens stays like it is, exam invigilators would have to unlock the computer after a student reopens their laptop. It is "legal" to close your laptops, invigilators would unlock the session for students by typing in the quit password. The redscreen that is triggered by improper shutdown in a session beforehand (e.g. what is stored in the cache) would never be shown to students. Sessions would never be ended improperly. Cache deletion would only stop redscreens from triggering that were produced by unintended behaviour/cheating. Closing your laptop is not cheating... Hope you can follow this. |
|
I see, didnt know it that closing laptops wasn't handled in the same way. |
Students currently do not have the ability to close/suspend their laptops during (longer) exams because then a redscreen is shown. Furthermore, the shown redscreen message confuses invigilators as it does not allow to differenciate between cheating (user switch) and suspend/lock.
Luckily, the windows api sends different events depending on the action taken. As shown below, the SessionLock/SessionUnlock event can be filtered out as a user switch also produces a ConsoleDisconnect/ConsoleConnect event in addtion to the SessionLock/SessionUnlock event.
lock/unlock
Session locked
Session unlocked
user switch
Console disconnected
Session locked
Console connected
Session unlocked
The exact SessionSwitch event is currently already logged but not propagated to the MonitoringResponsibility class.
With this PR SessionLock/SessionUnlock is only filtered out when ignoring SEB service as UserSwitch and UserLock can be enabled/disabled when using SEB service.
Furthermore, we've introduced a new lockscreen message in case the event is a UserSwitch as the existing message is still used when using SEB service. We've added a german and an english translation. If our PR is acceptable it should be easy to copy and modify the other translations.