Store acting confirmation in session for proctor logins.

Store the confirmation state when creating or viewing an open
test version for another user with appropriate permissions in
the session. This is used to confirm prior proctor authentication
and not ask for a second after user confirmation.

Credit to drgrice1.

lib/WeBWorK.pm

@@ -217,6 +217,7 @@ async sub dispatch ($c) {
 				# current server time during a gateway quiz, and that definitely should not revoke proctor
 				# authorization.
 				delete $c->authen->session->{proctor_authorization_granted};
+				delete $c->authen->session->{acting_proctor};
 			}
 			return 1;
 		} else {

lib/WeBWorK/Authen/Proctor.pm

@@ -96,10 +96,17 @@ sub verify_normal_user {
 	# is 'No', then the verify method will have returned 1, and this never happens.  For an ongoing login session, only
 	# a key with versioned set information is accepted, and that version must match the requested set version.  The set
 	# id will not have a version when opening a new version. For that new proctor credentials are required.
-	if ($self->{login_type} eq 'proctor_login'
-		&& $c->stash('setID') =~ /,v\d+$/
-		&& $c->authen->session('proctor_authorization_granted')
-		&& $c->authen->session('proctor_authorization_granted') eq $c->stash('setID'))
+	if (
+		$self->{login_type} eq 'proctor_login'
+		&& (
+			(
+				$c->stash('setID') =~ /,v\d+$/
+				&& $c->authen->session('proctor_authorization_granted')
+				&& $c->authen->session('proctor_authorization_granted') eq $c->stash('setID')
+			)
+			|| $c->authen->session('acting_proctor')
+		)
+		)
 	{
 		return 1;
 	} else {

lib/WeBWorK/ContentGenerator/GatewayQuiz.pm

@@ -609,16 +609,15 @@ async sub pre_header_initialize ($c) {
 					|| $authz->hasPermissions($userID, 'create_new_set_version_when_acting_as_student'))
 				)
 			{
-				$c->{actingConformation} = $c->maketext(
+				$c->stash->{actingConfirmation} = $c->maketext(
 					'You are acting as user [_1].  If you continue, you will create a new version of '
 						. 'this test for that user, which will count against their allowed maximum '
 						. 'number of versions for the current time interval.  In general, this is not '
 						. 'what you want to do.  Please be sure that you want to do this before clicking '
 						. 'the "Create New Test Version" button below.  Alternatively, click "Cancel".',
 					$effectiveUserID
 				);
-				$c->{actingConformationCreate} = 1;
-				return;
+				$c->stash->{actingConfirmationButton} = $c->maketext('Create New Test Version');
 
 			} elsif ($effectiveUserID ne $userID) {
 				$c->{actingCreationError} = 1;
@@ -659,7 +658,7 @@ async sub pre_header_initialize ($c) {
 					# student which is dangerous for open test versions. Give a warning unless the user
 					# has already confirmed they understand the risk.
 					if ($effectiveUserID ne $userID && !$c->param('submit_for_student_ok')) {
-						$c->{actingConformation} = $c->maketext(
+						$c->stash->{actingConfirmation} = $c->maketext(
 							'You are trying to view an open test version for [_1] and have the permission to submit '
 								. 'answers for that user.  This is dangerous, as your answers can overwrite the '
 								. q/student's answers as you move between test pages, preview, or check answers.  /
@@ -669,7 +668,7 @@ async sub pre_header_initialize ($c) {
 								. 'before viewing open test versions.',
 							$effectiveUserID
 						);
-						return;
+						$c->stash->{actingConfirmationButton} = $c->maketext('View Test Version');
 					}
 				}
 			}
@@ -688,6 +687,13 @@ async sub pre_header_initialize ($c) {
 		else                   { delete $c->authen->session->{proctor_authorization_granted}; }
 	}
 
+	if ($c->stash->{actingConfirmation}) {
+		# Store session while waiting for confirmation for proctored tests.
+		$c->authen->session(acting_proctor => 1) if $c->{assignment_type} eq 'proctored_gateway';
+		return;
+	}
+	delete $c->authen->session->{acting_proctor};
+
 	# If the set is invalid, then delete any proctor session keys and return.
 	if ($c->{invalidSet} || $c->{actingCreationError}) {
 		if (defined $c->{assignment_type} && $c->{assignment_type} eq 'proctored_gateway') {
@@ -1362,7 +1368,8 @@ sub path ($c, $args) {
 		$args,
 		'WeBWorK'   => $navigation_allowed ? $c->url_for('root')     : '',
 		$courseName => $navigation_allowed ? $c->url_for('set_list') : '',
-		$setID eq 'Undefined_Set' || $c->{invalidSet} || $c->{actingCreationError} || $c->{actingConformation}
+		$setID eq 'Undefined_Set'
+			|| $c->{invalidSet} || $c->{actingCreationError} || $c->stash->{actingConfirmation}
 		? ($setID => '')
 		: (
 			$c->{set}->set_id           => $c->url_for('problem_list', setID => $c->{set}->set_id),
@@ -1376,7 +1383,7 @@ sub nav ($c, $args) {
 	my $userID          = $c->param('user');
 	my $effectiveUserID = $c->param('effectiveUser');
 
-	return '' if $c->{invalidSet} || $c->{actingCreationError} || $c->{actingConformation};
+	return '' if $c->{invalidSet} || $c->{actingCreationError} || $c->stash->{actingConfirmation};
 
 	# Set up and display a student navigation for those that have permission to act as a student.
 	if ($c->authz->hasPermissions($userID, 'become_student') && $effectiveUserID ne $userID) {

templates/ContentGenerator/GatewayQuiz.html.ep

@@ -87,12 +87,11 @@
 	% last;
 % }
 % # Get confirmation before creating new test version or working on an open test for another user.
-% if ($c->{actingConformation}) {
+% if ($actingConfirmation) {
 	<div class="alert alert-danger mb-2">
-		<div class="mb-2"><%= $c->{actingConformation} =%></div>
+		<div class="mb-2"><%= $actingConfirmation =%></div>
 		<div>
-			<%= link_to $c->{actingConformationCreate}
-				? maketext('Create New Test Version') : maketext('View Test Version') => $c->systemLink(
+			<%= link_to $actingConfirmationButton => $c->systemLink(
 					url_for,
 					params => { effectiveUser => $effectiveUserID, user => $userID, submit_for_student_ok => 1 }
 				),