From d8e1d6fe627c719d8603492b7166b30d1639af79 Mon Sep 17 00:00:00 2001
From: Jaimos Skriletz <jaimosskriletz@gmail.com>
Date: Thu, 12 Dec 2024 16:08:29 -0700
Subject: [PATCH] Store acting confirmation in session for proctor logins.

Store the confirmation state when creating or viewing an open
test version for another user with appropriate permissions in
the session. This is used to confirm prior proctor authentication
and not ask for a second after user confirmation.

Credit to drgrice1.
---
 lib/WeBWorK.pm                                |  1 +
 lib/WeBWorK/Authen/Proctor.pm                 | 15 +++++++++----
 lib/WeBWorK/ContentGenerator/GatewayQuiz.pm   | 21 ++++++++++++-------
 .../ContentGenerator/GatewayQuiz.html.ep      |  7 +++----
 4 files changed, 29 insertions(+), 15 deletions(-)

diff --git a/lib/WeBWorK.pm b/lib/WeBWorK.pm
index 319ea19c82..95499668ca 100644
--- a/lib/WeBWorK.pm
+++ b/lib/WeBWorK.pm
@@ -217,6 +217,7 @@ async sub dispatch ($c) {
 				# current server time during a gateway quiz, and that definitely should not revoke proctor
 				# authorization.
 				delete $c->authen->session->{proctor_authorization_granted};
+				delete $c->authen->session->{acting_proctor};
 			}
 			return 1;
 		} else {
diff --git a/lib/WeBWorK/Authen/Proctor.pm b/lib/WeBWorK/Authen/Proctor.pm
index 2cd91db890..ccd9903991 100644
--- a/lib/WeBWorK/Authen/Proctor.pm
+++ b/lib/WeBWorK/Authen/Proctor.pm
@@ -96,10 +96,17 @@ sub verify_normal_user {
 	# is 'No', then the verify method will have returned 1, and this never happens.  For an ongoing login session, only
 	# a key with versioned set information is accepted, and that version must match the requested set version.  The set
 	# id will not have a version when opening a new version. For that new proctor credentials are required.
-	if ($self->{login_type} eq 'proctor_login'
-		&& $c->stash('setID') =~ /,v\d+$/
-		&& $c->authen->session('proctor_authorization_granted')
-		&& $c->authen->session('proctor_authorization_granted') eq $c->stash('setID'))
+	if (
+		$self->{login_type} eq 'proctor_login'
+		&& (
+			(
+				$c->stash('setID') =~ /,v\d+$/
+				&& $c->authen->session('proctor_authorization_granted')
+				&& $c->authen->session('proctor_authorization_granted') eq $c->stash('setID')
+			)
+			|| $c->authen->session('acting_proctor')
+		)
+		)
 	{
 		return 1;
 	} else {
diff --git a/lib/WeBWorK/ContentGenerator/GatewayQuiz.pm b/lib/WeBWorK/ContentGenerator/GatewayQuiz.pm
index 5b156d7b98..1171fe745d 100644
--- a/lib/WeBWorK/ContentGenerator/GatewayQuiz.pm
+++ b/lib/WeBWorK/ContentGenerator/GatewayQuiz.pm
@@ -609,7 +609,7 @@ async sub pre_header_initialize ($c) {
 					|| $authz->hasPermissions($userID, 'create_new_set_version_when_acting_as_student'))
 				)
 			{
-				$c->{actingConformation} = $c->maketext(
+				$c->stash->{actingConfirmation} = $c->maketext(
 					'You are acting as user [_1].  If you continue, you will create a new version of '
 						. 'this test for that user, which will count against their allowed maximum '
 						. 'number of versions for the current time interval.  In general, this is not '
@@ -617,8 +617,7 @@ async sub pre_header_initialize ($c) {
 						. 'the "Create New Test Version" button below.  Alternatively, click "Cancel".',
 					$effectiveUserID
 				);
-				$c->{actingConformationCreate} = 1;
-				return;
+				$c->stash->{actingConfirmationButton} = $c->maketext('Create New Test Version');
 
 			} elsif ($effectiveUserID ne $userID) {
 				$c->{actingCreationError} = 1;
@@ -659,7 +658,7 @@ async sub pre_header_initialize ($c) {
 					# student which is dangerous for open test versions. Give a warning unless the user
 					# has already confirmed they understand the risk.
 					if ($effectiveUserID ne $userID && !$c->param('submit_for_student_ok')) {
-						$c->{actingConformation} = $c->maketext(
+						$c->stash->{actingConfirmation} = $c->maketext(
 							'You are trying to view an open test version for [_1] and have the permission to submit '
 								. 'answers for that user.  This is dangerous, as your answers can overwrite the '
 								. q/student's answers as you move between test pages, preview, or check answers.  /
@@ -669,7 +668,7 @@ async sub pre_header_initialize ($c) {
 								. 'before viewing open test versions.',
 							$effectiveUserID
 						);
-						return;
+						$c->stash->{actingConfirmationButton} = $c->maketext('View Test Version');
 					}
 				}
 			}
@@ -688,6 +687,13 @@ async sub pre_header_initialize ($c) {
 		else                   { delete $c->authen->session->{proctor_authorization_granted}; }
 	}
 
+	if ($c->stash->{actingConfirmation}) {
+		# Store session while waiting for confirmation for proctored tests.
+		$c->authen->session(acting_proctor => 1) if $c->{assignment_type} eq 'proctored_gateway';
+		return;
+	}
+	delete $c->authen->session->{acting_proctor};
+
 	# If the set is invalid, then delete any proctor session keys and return.
 	if ($c->{invalidSet} || $c->{actingCreationError}) {
 		if (defined $c->{assignment_type} && $c->{assignment_type} eq 'proctored_gateway') {
@@ -1362,7 +1368,8 @@ sub path ($c, $args) {
 		$args,
 		'WeBWorK'   => $navigation_allowed ? $c->url_for('root')     : '',
 		$courseName => $navigation_allowed ? $c->url_for('set_list') : '',
-		$setID eq 'Undefined_Set' || $c->{invalidSet} || $c->{actingCreationError} || $c->{actingConformation}
+		$setID eq 'Undefined_Set'
+			|| $c->{invalidSet} || $c->{actingCreationError} || $c->stash->{actingConfirmation}
 		? ($setID => '')
 		: (
 			$c->{set}->set_id           => $c->url_for('problem_list', setID => $c->{set}->set_id),
@@ -1376,7 +1383,7 @@ sub nav ($c, $args) {
 	my $userID          = $c->param('user');
 	my $effectiveUserID = $c->param('effectiveUser');
 
-	return '' if $c->{invalidSet} || $c->{actingCreationError} || $c->{actingConformation};
+	return '' if $c->{invalidSet} || $c->{actingCreationError} || $c->stash->{actingConfirmation};
 
 	# Set up and display a student navigation for those that have permission to act as a student.
 	if ($c->authz->hasPermissions($userID, 'become_student') && $effectiveUserID ne $userID) {
diff --git a/templates/ContentGenerator/GatewayQuiz.html.ep b/templates/ContentGenerator/GatewayQuiz.html.ep
index 7b251f1f24..52ab0a94bb 100644
--- a/templates/ContentGenerator/GatewayQuiz.html.ep
+++ b/templates/ContentGenerator/GatewayQuiz.html.ep
@@ -87,12 +87,11 @@
 	% last;
 % }
 % # Get confirmation before creating new test version or working on an open test for another user.
-% if ($c->{actingConformation}) {
+% if ($actingConfirmation) {
 	<div class="alert alert-danger mb-2">
-		<div class="mb-2"><%= $c->{actingConformation} =%></div>
+		<div class="mb-2"><%= $actingConfirmation =%></div>
 		<div>
-			<%= link_to $c->{actingConformationCreate}
-				? maketext('Create New Test Version') : maketext('View Test Version') => $c->systemLink(
+			<%= link_to $actingConfirmationButton => $c->systemLink(
 					url_for,
 					params => { effectiveUser => $effectiveUserID, user => $userID, submit_for_student_ok => 1 }
 				),