Remove consumer_id from session

* Each external (and also internal) user has a consumer attached. We don't need that information twice.

app/controllers/concerns/lti.rb

@@ -19,16 +19,14 @@ module Lti
   # exercise_id.nil? ==> the user has logged out. All session data is to be destroyed
   # exercise_id.exists? ==> the user has submitted the results of an exercise to the consumer.
   # Only the lti_parameters are deleted.
-  def clear_lti_session_data(exercise_id = nil, user_id = nil, consumer_id = nil)
+  def clear_lti_session_data(exercise_id = nil, user_id = nil)
     if (exercise_id.nil?)
-      session.delete(:consumer_id)
       session.delete(:external_user_id)
       session.delete(:embed_options)
       session.delete(:lti_exercise_id)
       session.delete(:lti_parameters_id)
     end
-    LtiParameter.where(consumers_id: consumer_id,
-                       external_users_id: user_id,
+    LtiParameter.where(external_users_id: user_id,
                        exercises_id: exercise_id).destroy_all
   end
 
@@ -242,7 +240,6 @@ module Lti
     lti_parameters.save!
     @lti_parameters = lti_parameters
 
-    session[:consumer_id] = options[:consumer].id
     session[:external_user_id] = @current_user.id
     session[:lti_parameters_id] = lti_parameters.id
   end

app/controllers/exercises_controller.rb

@@ -393,7 +393,7 @@ class ExercisesController < ApplicationController
 
   def redirect_to_lti_return_path
     Raven.extra_context(
-      consumers_id: session[:consumer_id],
+      consumers_id: @submission.user&.consumer,
       external_users_id: @submission.user_id,
       exercises_id: @submission.exercise_id,
       session: session.to_hash,
@@ -404,15 +404,13 @@ class ExercisesController < ApplicationController
       lti_parameters_id: session[:lti_parameters_id]
     )
 
-    lti_parameter = LtiParameter.where(consumers_id: session[:consumer_id],
-                                       external_users_id: @submission.user_id,
+    lti_parameter = LtiParameter.where(external_users_id: @submission.user_id,
                                        exercises_id: @submission.exercise_id).last
 
-    path = lti_return_path(consumer_id: session[:consumer_id],
-                           submission_id: @submission.id,
-                           url: consumer_return_url(build_tool_provider(consumer: Consumer.find_by(id: session[:consumer_id]),
+    path = lti_return_path(submission_id: @submission.id,
+                           url: consumer_return_url(build_tool_provider(consumer: @submission.user.consumer,
                                                                         parameters: lti_parameter.lti_parameters)))
-    clear_lti_session_data(@submission.exercise_id, @submission.user_id, session[:consumer_id])
+    clear_lti_session_data(@submission.exercise_id, @submission.user_id)
     respond_to do |format|
       format.html { redirect_to(path) }
       format.json { render(json: {redirect: path}) }
@@ -517,7 +515,7 @@ class ExercisesController < ApplicationController
     @submission = Submission.create(submission_params)
     score_submission(@submission)
     current_user = ExternalUser.find(@submission.user_id)
-    if !current_user.nil? && lti_outcome_service?(@submission.exercise_id, current_user.id, current_user.consumer_id)
+    if !current_user.nil? && lti_outcome_service?(@submission.exercise_id, current_user.id)
       transmit_lti_score
     else
       redirect_after_submit
@@ -573,7 +571,7 @@ class ExercisesController < ApplicationController
       # redirect 10 percent pseudorandomly to the feedback page
       if current_user.respond_to? :external_id
         if @submission.redirect_to_feedback? && !@embed_options[:disable_redirect_to_feedback]
-          clear_lti_session_data(@submission.exercise_id, @submission.user_id, session[:consumer_id])
+          clear_lti_session_data(@submission.exercise_id, @submission.user_id)
           redirect_to_user_feedback
           return
         end
@@ -584,7 +582,7 @@ class ExercisesController < ApplicationController
           flash[:notice] = I18n.t('exercises.submit.full_score_redirect_to_own_rfc')
           flash.keep(:notice)
 
-          clear_lti_session_data(@submission.exercise_id, @submission.user_id, session[:consumer_id])
+          clear_lti_session_data(@submission.exercise_id, @submission.user_id)
           respond_to do |format|
             format.html { redirect_to(rfc) }
             format.json { render(json: {redirect: url_for(rfc)}) }
@@ -602,7 +600,7 @@ class ExercisesController < ApplicationController
           # increase counter 'times_featured' in rfc
           rfc.increment!(:times_featured)
 
-          clear_lti_session_data(@submission.exercise_id, @submission.user_id, session[:consumer_id])
+          clear_lti_session_data(@submission.exercise_id, @submission.user_id)
           respond_to do |format|
             format.html { redirect_to(rfc) }
             format.json { render(json: {redirect: url_for(rfc)}) }
@@ -613,7 +611,7 @@ class ExercisesController < ApplicationController
     else
       # redirect to feedback page if score is less than 100 percent
       if @exercise.needs_more_feedback?(@submission) && !@embed_options[:disable_redirect_to_feedback]
-        clear_lti_session_data(@submission.exercise_id, @submission.user_id, session[:consumer_id])
+        clear_lti_session_data(@submission.exercise_id, @submission.user_id)
         redirect_to_user_feedback
       else
         redirect_to_lti_return_path

app/controllers/remote_evaluation_controller.rb

@@ -23,7 +23,7 @@ class RemoteEvaluationController < ApplicationController
 
     if @submission.present?
       current_user = @submission.user
-      if !current_user.nil? && lti_outcome_service?(@submission.exercise_id, current_user.id, current_user.consumer_id)
+      if !current_user.nil? && lti_outcome_service?(@submission.exercise_id, current_user.id)
         lti_response = send_score(@submission)
 
         if lti_response[:status] == 'success' and lti_response[:score_sent] != @submission.normalized_score

app/controllers/sessions_controller.rb

@@ -24,7 +24,7 @@ class SessionsController < ApplicationController
       redirect_to(params[:custom_redirect_target])
     else
       redirect_to(implement_exercise_path(@exercise),
-                  notice: t("sessions.create_through_lti.session_#{lti_outcome_service?(@exercise.id, @current_user.id , @consumer.id) ? 'with' : 'without'}_outcome",
+                  notice: t("sessions.create_through_lti.session_#{lti_outcome_service?(@exercise.id, @current_user.id) ? 'with' : 'without'}_outcome",
                   consumer: @consumer))
     end
   end
@@ -40,7 +40,7 @@ class SessionsController < ApplicationController
 
   def destroy_through_lti
     @submission = Submission.find(params[:submission_id])
-    clear_lti_session_data(@submission.exercise_id, @submission.user_id, params[:consumer_id])
+    clear_lti_session_data(@submission.exercise_id, @submission.user_id)
   end
 
   def new