Submit a request
Submit a request

Adding an Administration Panel to Assessments

This article explains the configuration panel within Items API.
 

The Configuration Panel is a modal window that holds configuration options for the Items API, which can be password protected. The options available are configurable when instantiating the Items API.

  • Save & Quit
  • Exit & Discard
  • Extend session time (add extra time)

The following keyboard shortcut is available for desktop environments, both Windows and Mac.

  • control+shift+m (Windows)
  • ^+⇧+m (Mac)

The configuration panel can load with or without password protection, however by default the panel is disabled and you must opt in to use it.

The property in the Items API initialisation object is administration, which can be false or a JavaScript object.

For example to disable the configuration panel you could explicitly specify false, however this would be unnecessary as the default is false.

To enable the configuration panel you must pass a JavaScript object, for example:

{
    "name": "My activity title",
    "navigation": {...},
    // ... other properties ...
    "administration": {
        "options": {
            "show_save": true,
            "show_exit": true
        }
    }
}

The configuration panel can optionally be password protected, meaning that when launched the user is presented with a password text field in the configuration panel modal window.

An administrator should enter a password which must validate to be able to continue.

The password entered by the user will be be hashed by the Assess API using SHA-256 and compared with a password hash that was passed into the configuration object.

It’s the presence of the pwd property that determines whether a password should be required when launching the panel.

{
    "name": "My activity title",
    "navigation": {...},
    // ... other properties ...
    "administration": {
        "pwd": "a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3",
        "options": {
            "show_save": true,
            "show_exit": true
        }
    }
}

The following options are enabled by default, and you need to opt out by declaring false in the configuration if you don’t want them visible/functional

  • show_exit
  • show_save
  • show_extend

Note Pause is assumed as the activity timer halts on successful password entry. This is visible in the top right of the panel header.

There is no hard limit on the number of password attempts, instead a tarpit is used to slow down users with malicious intent.

It works by giving you an initial three password attempts, if fail on the third attempt the input box is disabled and a message is shown indicating that the configuration panel has been locked for one minute.

If you try again after 1 minute and still get it wrong, we lock out the password box for three minutes.

The lockout steps are as follows:

  • After the third unsuccessful password attempt, a message is shown indicating that the Configuration Panel logon function has been locked for one minute,
  • During this time the input field is disabled and the activity is not paused,
  • After one minute, the input field is enabled and the error message is removed,
  • If the user unsuccessfully tries to log in again (one time only), the input is disabled and this time the lockout will be three minutes,
  • This process repeats, the following incremental lockout times are used - 3, 5, 10, 20, 40 (minutes). 40 is the maximum lockout value, and
  • At all times, a user can simply “Cancel” out of the configuration panel logon modal window to return to the Activity.

The usual set of label bundle options is available for the configuration panel.

Was this article helpful?
0 out of 0 found this helpful

Did you arrive here by accident? If so, learn more about Learnosity by clicking here.