Academic Integrity Policy - Documentation

The web interface is used to allow applications to ask this application the status of students. Currently the file is located at http://www.cs.rutgers.edu/policies/academicintegrity/query.php. If you supply no GET arguments then you will get a list of individuals seperated by "\n" that have accepted the polcicy or are exempt. If the GET argument netid is found then it will look up that netid to check the user has accepted the policy or not. The page will return a 0 on success and a 1 on failure. To determine if the policy is currently enabled use the following url, http://www.cs.rutgers.edu/policies/academicintegrity/query.php?checkEnabled. "0" returned indicates that the check is currently enabled. "1" is returned if it is not.

Since this page is used by many applications, it becomes a bottleneck. To allow for a larger group of applications to successfully retrieve the status of students, a cache was put in. This cache is a simple text file located in "/tmp/ai_cache". This file contains a list of netids seperated by "\n" that have accepted the policy. The query page first checks if this cache file exists, if it does not it attempts to create it. Once it has a cache file in place it looks up the netid in this file to see if it exists. If it does not then it goes back to the database and asks to see if the user has accepted the policy. If the file and the database return failure, then we return the failure code. The is file rebuilt every night after 12am. Before the query file is checked, we first check its created date and see if it is the same as today. If it is not then we recreate the file.

The oracle interface is designed to have oracle users besides the one that the application uses to access the status of students. Before an application can start using these functions, it must first be given permission to do so. The table contract_user_permissions (contract_id number, db_user varchar2(1024), application_id number, application_name varchar2(1024)) must be modified accordingly. application_id is a unique identifier for the row. Here is a list of available functions:

isAuthorizedRemote(subject string, contract string, application_name string, ip_addr string) return number
This function is used to ask the if the user has accepted the policy or not.
Return codes:
0 = accepted
1 = not accepted
2 = your application is not allowed to access this contract from the current oracle user.
3 = unknown contract or application_name
subject This is the netid of the user you want to query.
contract This is the contract you wish to query about.
application_name This is the name of you application that is querying. The AI policy's name is "
ip_addr This is the IP address of the "user" where they are connecting from.

getFirstDenyTime(subject string, contract string, application_name string) return date
Returns the first the time user tried to login from your application and was denied.

getDenyCount(subject string, contract string, application_name string) return number
Returns the number of times the user has been denied.

attemptsRemaining(subject string, contract string, application_name string, attempts number) return number
Subtracts the attempts value from the getDenyCount() value. The lowest returned value is 0;