Skip to content

Commit

Permalink
Store acting confirmation in session for proctor logins.
Browse files Browse the repository at this point in the history
Store the confirmation state when creating a proctored test version
for another user in the session so it can be used to confirm the
first proctor authentication and not require a second while waiting
to create the new test version.

Credit to drgrice1.
  • Loading branch information
somiaj committed Dec 12, 2024
1 parent 54d6c4a commit 88c8f55
Show file tree
Hide file tree
Showing 4 changed files with 28 additions and 15 deletions.
1 change: 1 addition & 0 deletions lib/WeBWorK.pm
Original file line number Diff line number Diff line change
Expand Up @@ -217,6 +217,7 @@ async sub dispatch ($c) {
# current server time during a gateway quiz, and that definitely should not revoke proctor
# authorization.
delete $c->authen->session->{proctor_authorization_granted};
delete $c->authen->session->{confirm_version_creation};
}
return 1;
} else {
Expand Down
14 changes: 10 additions & 4 deletions lib/WeBWorK/Authen/Proctor.pm
Original file line number Diff line number Diff line change
Expand Up @@ -96,10 +96,16 @@ sub verify_normal_user {
# is 'No', then the verify method will have returned 1, and this never happens. For an ongoing login session, only
# a key with versioned set information is accepted, and that version must match the requested set version. The set
# id will not have a version when opening a new version. For that new proctor credentials are required.
if ($self->{login_type} eq 'proctor_login'
&& $c->stash('setID') =~ /,v\d+$/
&& $c->authen->session('proctor_authorization_granted')
&& $c->authen->session('proctor_authorization_granted') eq $c->stash('setID'))
if (
$self->{login_type} eq 'proctor_login'
&& (
(
$c->stash('setID') =~ /,v\d+$/
&& $c->authen->session('proctor_authorization_granted') // '' eq $c->stash('setID')
)
|| $c->authen->session('confirm_version_creation')
)
)
{
return 1;
} else {
Expand Down
21 changes: 14 additions & 7 deletions lib/WeBWorK/ContentGenerator/GatewayQuiz.pm
Original file line number Diff line number Diff line change
Expand Up @@ -609,16 +609,15 @@ async sub pre_header_initialize ($c) {
|| $authz->hasPermissions($userID, 'create_new_set_version_when_acting_as_student'))
)
{
$c->{actingConformation} = $c->maketext(
$c->stash->{actingConfirmation} = $c->maketext(
'You are acting as user [_1]. If you continue, you will create a new version of '
. 'this test for that user, which will count against their allowed maximum '
. 'number of versions for the current time interval. In general, this is not '
. 'what you want to do. Please be sure that you want to do this before clicking '
. 'the "Create New Test Version" button below. Alternatively, click "Cancel".',
$effectiveUserID
);
$c->{actingConformationCreate} = 1;
return;
$c->stash->{actingConfirmationButton} = $c->maketext('Create New Test Version');

} elsif ($effectiveUserID ne $userID) {
$c->{actingCreationError} = 1;
Expand Down Expand Up @@ -659,7 +658,7 @@ async sub pre_header_initialize ($c) {
# student which is dangerous for open test versions. Give a warning unless the user
# has already confirmed they understand the risk.
if ($effectiveUserID ne $userID && !$c->param('submit_for_student_ok')) {
$c->{actingConformation} = $c->maketext(
$c->stash->{actingConfirmation} = $c->maketext(
'You are trying to view an open test version for [_1] and have the permission to submit '
. 'answers for that user. This is dangerous, as your answers can overwrite the '
. q/student's answers as you move between test pages, preview, or check answers. /
Expand All @@ -669,7 +668,7 @@ async sub pre_header_initialize ($c) {
. 'before viewing open test versions.',
$effectiveUserID
);
return;
$c->stash->{actingConfirmationButton} = $c->maketext('View Test Version');
}
}
}
Expand All @@ -688,6 +687,13 @@ async sub pre_header_initialize ($c) {
else { delete $c->authen->session->{proctor_authorization_granted}; }
}

if ($c->stash->{actingConfirmation}) {
# Store session while waiting for confirmation for proctored tests.
$c->authen->session(confirm_version_creation => 1) if $c->{assignment_type} eq 'proctored_gateway';
return;
}
delete $c->authen->session->{confirm_version_creation};

# If the set is invalid, then delete any proctor session keys and return.
if ($c->{invalidSet} || $c->{actingCreationError}) {
if (defined $c->{assignment_type} && $c->{assignment_type} eq 'proctored_gateway') {
Expand Down Expand Up @@ -1362,7 +1368,8 @@ sub path ($c, $args) {
$args,
'WeBWorK' => $navigation_allowed ? $c->url_for('root') : '',
$courseName => $navigation_allowed ? $c->url_for('set_list') : '',
$setID eq 'Undefined_Set' || $c->{invalidSet} || $c->{actingCreationError} || $c->{actingConformation}
$setID eq 'Undefined_Set'
|| $c->{invalidSet} || $c->{actingCreationError} || $c->stash->{actingConfirmation}
? ($setID => '')
: (
$c->{set}->set_id => $c->url_for('problem_list', setID => $c->{set}->set_id),
Expand All @@ -1376,7 +1383,7 @@ sub nav ($c, $args) {
my $userID = $c->param('user');
my $effectiveUserID = $c->param('effectiveUser');

return '' if $c->{invalidSet} || $c->{actingCreationError} || $c->{actingConformation};
return '' if $c->{invalidSet} || $c->{actingCreationError} || $c->stash->{actingConfirmation};

# Set up and display a student navigation for those that have permission to act as a student.
if ($c->authz->hasPermissions($userID, 'become_student') && $effectiveUserID ne $userID) {
Expand Down
7 changes: 3 additions & 4 deletions templates/ContentGenerator/GatewayQuiz.html.ep
Original file line number Diff line number Diff line change
Expand Up @@ -87,12 +87,11 @@
% last;
% }
% # Get confirmation before creating new test version or working on an open test for another user.
% if ($c->{actingConformation}) {
% if ($actingConfirmation) {
<div class="alert alert-danger mb-2">
<div class="mb-2"><%= $c->{actingConformation} =%></div>
<div class="mb-2"><%= $actingConfirmation =%></div>
<div>
<%= link_to $c->{actingConformationCreate}
? maketext('Create New Test Version') : maketext('View Test Version') => $c->systemLink(
<%= link_to $actingConfirmationButton => $c->systemLink(
url_for,
params => { effectiveUser => $effectiveUserID, user => $userID, submit_for_student_ok => 1 }
),
Expand Down

0 comments on commit 88c8f55

Please sign in to comment.