Add additional parameters for enabling secure Browser

[devang1281]

User description

Description

• Add additional parameters for enabling secure Browser

Github Issue

• [Local Proview] [Moodle] Implement all configurations for secure browser #101

Checklist before requesting a review

• One line description of the changes is added in the PR
• Issue is linked to the PR via commits (eg: resolves #123)

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires only a documentation update

Dependencies (if any):

• Take additional SB Config from FE moodle-quizaccess_proctor#52

---

PR Type

Enhancement

---

Description

• Enhanced the secure browser configuration by adding additional parameters such as blacklisted software and screen protection settings.
• Updated the create_sb_wrapper and redirect_to_wrapper functions to include new secure browser settings.
• Modified the JavaScript startProview function to handle additional secure browser parameters.
• Updated the plugin version and dependencies to reflect the new changes.

---

Changes walkthrough 📝

	Relevant files
Enhancement	tracker.php Enhance secure browser configuration in API tracker            classes/local/api/tracker.php Added quizaccess_proctor_setting parameter to create_sb_wrapper and redirect_to_wrapper functions. Included additional secure browser settings in the create_sb_wrapper function. +8/-4      datastore.php Add secure browser settings to datastore template                datastore.php Added new secure browser settings to the template. Conditional logic for setting secure browser parameters. +7/-0      frame.php Update JavaScript to handle secure browser parameters        frame.php Updated startProview function to accept additional secure browser parameters. Modified run function to pass new parameters to startProview. +30/-3
Configuration changes	version.php Update plugin version and dependencies                                      version.php Updated plugin version and release information. Adjusted plugin dependencies. +3/-3

---

💡 PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[qodo-merge-pro]

PR Reviewer Guide 🔍

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪

🧪 No relevant tests

🔒 Security concerns Sensitive information exposure: The code includes an API key ('app-id: b37ec896-f62b-4cbe-b39f-8dd21881dfd3') in the create_sb_wrapper function. Hardcoding API keys in the source code is a security risk as it can lead to unauthorized access if the code is compromised.

⚡ Key issues to review Potential Bug The $quizaccess_proctor_setting parameter is added to the create_sb_wrapper function call, but it's not defined or passed in the redirect_to_wrapper function. Code Smell The startProview function has been modified to accept an object as a parameter, but the run function is passing individual parameters. This inconsistency might lead to errors.

[qodo-merge-pro]

PR Code Suggestions ✨

Category	Suggestion	Score
Best practice	Remove debugging statement from production code Remove the var_dump($data); statement as it's likely a debugging line that shouldn't be in production code. If logging is needed, consider using a proper logging mechanism. classes/local/api/tracker.php [120] -var_dump($data); +// Remove this line or replace with proper logging if needed Apply this suggestion Suggestion importance[1-10]: 9 Why: Removing the var_dump($data); statement is crucial for production code as it prevents potential information leakage and aligns with best practices.	9
Enhancement	Use object destructuring for function parameters to improve code readability and maintainability Consider using object destructuring in the function parameters for better readability and to avoid potential undefined variable issues. frame.php [86-103] -function startProview( +function startProview({ authToken, profileId, session, session_type = "ai_proctor", proview_url, additionalInstruction, reference_link, proview_playback_url, enforceTSB, blacklistedSoftwaresWindows, blacklistedSoftwaresMac, isScreenProtectionEnabled, minimizeOption, skipHardwareTest, previewStyle, clear }) { Apply this suggestion Suggestion importance[1-10]: 8 Why: The suggestion improves code readability and maintainability by using object destructuring, which is a modern JavaScript feature that simplifies the handling of function parameters.	8
	Simplify the expiry date calculation using the null coalescing operator Consider using null coalescing operator (??) instead of the ternary operator for setting the 'expiry' value. This can make the code more concise and easier to read. classes/local/api/tracker.php [113] -'expiry' => date(DATE_ISO8601, $quiz->timeclose == 0 ? strtotime("+3 days") : $quiz->timeclose ), +'expiry' => date(DATE_ISO8601, $quiz->timeclose ?? strtotime("+3 days")), Apply this suggestion Suggestion importance[1-10]: 7 Why: The suggestion correctly identifies an opportunity to simplify the code using the null coalescing operator, which enhances readability and maintainability.	7
Possible issue	Use optional chaining when accessing object properties to prevent potential errors Consider using optional chaining (?.) when accessing properties of response object to prevent potential errors if a property is undefined. frame.php [234-250] startProview( { - authToken: response.token, - profileId: response.profile_id, - session: response.session_id, - session_type: response.session_type, - proview_url: response.proview_url, - additionalInstruction: response.instructions, - reference_link: response.reference_link, - proview_playback_url: response.proview_playback_url, - enforceTSB: response.tsbenabled, - blacklistedSoftwaresWindows: response.sb_blacklisted_software_windows, - blacklistedSoftwaresMac: response.sb_blacklisted_software_mac, - isScreenProtectionEnabled: response.minimize_permitted, - minimizeOption: response.screen_protection + authToken: response?.token, + profileId: response?.profile_id, + session: response?.session_id, + session_type: response?.session_type, + proview_url: response?.proview_url, + additionalInstruction: response?.instructions, + reference_link: response?.reference_link, + proview_playback_url: response?.proview_playback_url, + enforceTSB: response?.tsbenabled, + blacklistedSoftwaresWindows: response?.sb_blacklisted_software_windows, + blacklistedSoftwaresMac: response?.sb_blacklisted_software_mac, + isScreenProtectionEnabled: response?.minimize_permitted, + minimizeOption: response?.screen_protection } ); Apply this suggestion Suggestion importance[1-10]: 8 Why: The use of optional chaining is a good practice to prevent runtime errors when accessing potentially undefined properties, enhancing code robustness.	8

💡 Need additional feedback ? start a PR chat