The Cosmonauts team at edX is embarking on a redesign of our proctoring library edx-proctoring. Our plan is to develop a new special-exams IDA that will eventually replace edx-proctoring and will serve as the backend for the frontend-app-learning MFE, which uses the frontend-lib-special-exams library for its proctoring specific UI.
A key part of the special exams experience is ensuring that learners are authorized to view exam content and that they see content appropriate to their status in said exam. Given this opportunity, we are investigating options for redesigning this mechanism.
Currently, the learning MFE only renders the unit if a learner is able to actually view the exam content. There are forms of access control rules.
The MFE only calls the LMS
render_xblock view if the learner’s exam attempt is in the “started” state or if the exam is a timed exam, the exam due date has passed, and the subsection is not set to “hide after due”.
When the MFE calls to the LMS’s
render_xblock view, the LMS double-checks the learner’s access. The LMS imports and calls to the edx-proctoring API directly from
_time_limited_student_view; edx_proctoring.get_student_view returns interstitial HTML when the library wants to show a learner a proctoring-related interstitial. It returns None when the learner should have access to content. Likewise, edx-proctoring checks the
edx_proctoring.can_take_proctored_exam permission, which is a bridgekeeper permission defined in the LMS, when determining whether to return an interstitial or None in various methods.
In the learning MFE, this logic is used to determine to render the unit or redirect to the sequence.
In the legacy view, this logic is used to return directly to the learner the proctoring specific HTMl to display, if eligible, or None to fallback to the platform view.
Desires and Aspirations:
We need a mechanism to gate access to xBlocks based on a set of rules and for a certain amount of time. The reason we need this is that a learner could grab the iFrame URL and view the xBlock directly if we do not have access control on the backend. Our rules are proctoring-specific, but we want to see if there is a way to genericize, unify, and centralize access rules within the platform in some form of a rules registry. The more we can decouple the platform from the proctoring service, the better.
For example, we imagine that making a blocking call to the special exams IDA before rendering every xBlock will result unacceptable performance implications.
I’m posting this to see whether this sort of proposal has been considered before. Is there any prior art? Are there any upcoming plans in this area? Do you have a recommendation for where to start? Does this idea strike fear into you? All feedback is welcome.