Skip to content

Commit

Permalink
Store acting confirmation in session for proctor logins.
Browse files Browse the repository at this point in the history
Store the confirmation state when creating or viewing an open
test version for another user with appropriate permissions in
the session. This is used to confirm prior proctor authentication
and not ask for a second after user confirmation.

Credit to drgrice1.
  • Loading branch information
somiaj committed Dec 12, 2024
1 parent 54d6c4a commit e57a5eb
Show file tree
Hide file tree
Showing 4 changed files with 29 additions and 15 deletions.
1 change: 1 addition & 0 deletions lib/WeBWorK.pm
Original file line number Diff line number Diff line change
Expand Up @@ -217,6 +217,7 @@ async sub dispatch ($c) {
# current server time during a gateway quiz, and that definitely should not revoke proctor
# authorization.
delete $c->authen->session->{proctor_authorization_granted};
delete $c->authen->session->{acting_proctor};
}
return 1;
} else {
Expand Down
15 changes: 11 additions & 4 deletions lib/WeBWorK/Authen/Proctor.pm
Original file line number Diff line number Diff line change
Expand Up @@ -96,10 +96,17 @@ sub verify_normal_user {
# is 'No', then the verify method will have returned 1, and this never happens. For an ongoing login session, only
# a key with versioned set information is accepted, and that version must match the requested set version. The set
# id will not have a version when opening a new version. For that new proctor credentials are required.
if ($self->{login_type} eq 'proctor_login'
&& $c->stash('setID') =~ /,v\d+$/
&& $c->authen->session('proctor_authorization_granted')
&& $c->authen->session('proctor_authorization_granted') eq $c->stash('setID'))
if (
$self->{login_type} eq 'proctor_login'
&& (
(
$c->stash('setID') =~ /,v\d+$/
&& $c->authen->session('proctor_authorization_granted')
&& $c->authen->session('proctor_authorization_granted') eq $c->stash('setID')
)
|| $c->authen->session('acting_proctor')
)
)
{
return 1;
} else {
Expand Down
21 changes: 14 additions & 7 deletions lib/WeBWorK/ContentGenerator/GatewayQuiz.pm
Original file line number Diff line number Diff line change
Expand Up @@ -609,16 +609,15 @@ async sub pre_header_initialize ($c) {
|| $authz->hasPermissions($userID, 'create_new_set_version_when_acting_as_student'))
)
{
$c->{actingConformation} = $c->maketext(
$c->stash->{actingConfirmation} = $c->maketext(
'You are acting as user [_1]. If you continue, you will create a new version of '
. 'this test for that user, which will count against their allowed maximum '
. 'number of versions for the current time interval. In general, this is not '
. 'what you want to do. Please be sure that you want to do this before clicking '
. 'the "Create New Test Version" button below. Alternatively, click "Cancel".',
$effectiveUserID
);
$c->{actingConformationCreate} = 1;
return;
$c->stash->{actingConfirmationButton} = $c->maketext('Create New Test Version');

} elsif ($effectiveUserID ne $userID) {
$c->{actingCreationError} = 1;
Expand Down Expand Up @@ -659,7 +658,7 @@ async sub pre_header_initialize ($c) {
# student which is dangerous for open test versions. Give a warning unless the user
# has already confirmed they understand the risk.
if ($effectiveUserID ne $userID && !$c->param('submit_for_student_ok')) {
$c->{actingConformation} = $c->maketext(
$c->stash->{actingConfirmation} = $c->maketext(
'You are trying to view an open test version for [_1] and have the permission to submit '
. 'answers for that user. This is dangerous, as your answers can overwrite the '
. q/student's answers as you move between test pages, preview, or check answers. /
Expand All @@ -669,7 +668,7 @@ async sub pre_header_initialize ($c) {
. 'before viewing open test versions.',
$effectiveUserID
);
return;
$c->stash->{actingConfirmationButton} = $c->maketext('View Test Version');
}
}
}
Expand All @@ -688,6 +687,13 @@ async sub pre_header_initialize ($c) {
else { delete $c->authen->session->{proctor_authorization_granted}; }
}

if ($c->stash->{actingConfirmation}) {
# Store session while waiting for confirmation for proctored tests.
$c->authen->session(acting_proctor => 1) if $c->{assignment_type} eq 'proctored_gateway';
return;
}
delete $c->authen->session->{acting_proctor};

# If the set is invalid, then delete any proctor session keys and return.
if ($c->{invalidSet} || $c->{actingCreationError}) {
if (defined $c->{assignment_type} && $c->{assignment_type} eq 'proctored_gateway') {
Expand Down Expand Up @@ -1362,7 +1368,8 @@ sub path ($c, $args) {
$args,
'WeBWorK' => $navigation_allowed ? $c->url_for('root') : '',
$courseName => $navigation_allowed ? $c->url_for('set_list') : '',
$setID eq 'Undefined_Set' || $c->{invalidSet} || $c->{actingCreationError} || $c->{actingConformation}
$setID eq 'Undefined_Set'
|| $c->{invalidSet} || $c->{actingCreationError} || $c->stash->{actingConfirmation}
? ($setID => '')
: (
$c->{set}->set_id => $c->url_for('problem_list', setID => $c->{set}->set_id),
Expand All @@ -1376,7 +1383,7 @@ sub nav ($c, $args) {
my $userID = $c->param('user');
my $effectiveUserID = $c->param('effectiveUser');

return '' if $c->{invalidSet} || $c->{actingCreationError} || $c->{actingConformation};
return '' if $c->{invalidSet} || $c->{actingCreationError} || $c->stash->{actingConfirmation};

# Set up and display a student navigation for those that have permission to act as a student.
if ($c->authz->hasPermissions($userID, 'become_student') && $effectiveUserID ne $userID) {
Expand Down
7 changes: 3 additions & 4 deletions templates/ContentGenerator/GatewayQuiz.html.ep
Original file line number Diff line number Diff line change
Expand Up @@ -87,12 +87,11 @@
% last;
% }
% # Get confirmation before creating new test version or working on an open test for another user.
% if ($c->{actingConformation}) {
% if ($actingConfirmation) {
<div class="alert alert-danger mb-2">
<div class="mb-2"><%= $c->{actingConformation} =%></div>
<div class="mb-2"><%= $actingConfirmation =%></div>
<div>
<%= link_to $c->{actingConformationCreate}
? maketext('Create New Test Version') : maketext('View Test Version') => $c->systemLink(
<%= link_to $actingConfirmationButton => $c->systemLink(
url_for,
params => { effectiveUser => $effectiveUserID, user => $userID, submit_for_student_ok => 1 }
),
Expand Down

0 comments on commit e57a5eb

Please sign in to comment.