added proxy exercise dispatching to LTI module. Submissions now set user before the exercise token gets validated. this we need to set the exercise behind the proxy exercise

2017-02-21 18:31:42 +01:00
parent 16a3bad453
commit d5b2ea4269
4 changed files with 23 additions and 10 deletions
--- a/app/controllers/concerns/lti.rb
+++ b/app/controllers/concerns/lti.rb
@ -74,7 +74,12 @@ module Lti
  private :require_valid_consumer_key

  def require_valid_exercise_token
-    @exercise = Exercise.find_by(token: params[:custom_token])
+    proxy_exercise = ProxyExercise.find_by(token: params[:custom_token])
+    unless proxy_exercise.nil?
+      @exercise = proxy_exercise.getMatchingExercise(@current_user)
+    else
+      @exercise = Exercise.find_by(token: params[:custom_token])
+    end
    refuse_lti_launch(message: t('sessions.oauth.invalid_exercise_token')) unless @exercise
  end
  private :require_valid_exercise_token
@ -129,19 +134,15 @@ module Lti
  private :set_current_user

  def store_lti_session_data(options = {})
-    exercise = Exercise.where(token: options[:parameters][:custom_token]).first
-    exercise_id = exercise.id unless exercise.nil?
-
-    current_user = ExternalUser.find_or_create_by(consumer_id: options[:consumer].id, external_id: options[:parameters][:user_id].to_s)
    lti_parameters = LtiParameter.find_or_create_by(consumers_id: options[:consumer].id,
-                                                    external_users_id: current_user.id,
-                                                    exercises_id: exercise_id)
+                                                    external_users_id: @current_user.id,
+                                                    exercises_id: @exercise.id)

    lti_parameters.lti_parameters = options[:parameters].slice(*SESSION_PARAMETERS).to_json
    lti_parameters.save!

    session[:consumer_id] = options[:consumer].id
-    session[:external_user_id] = current_user.id
+    session[:external_user_id] = @current_user.id
  end
  private :store_lti_session_data

--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -1,7 +1,7 @@
 class SessionsController < ApplicationController
  include Lti

-  [:require_oauth_parameters, :require_valid_consumer_key, :require_valid_oauth_signature, :require_unique_oauth_nonce, :require_valid_exercise_token].each do |method_name|
+  [:require_oauth_parameters, :require_valid_consumer_key, :require_valid_oauth_signature, :require_unique_oauth_nonce, :set_current_user, :require_valid_exercise_token].each do |method_name|
    before_action(method_name, only: :create_through_lti)
  end

@ -18,7 +18,6 @@ class SessionsController < ApplicationController
  end

  def create_through_lti
-    set_current_user
    store_lti_session_data(consumer: @consumer, parameters: params)
    store_nonce(params[:oauth_nonce])
    redirect_to(implement_exercise_path(@exercise),
--- a/spec/controllers/sessions_controller_spec.rb
+++ b/spec/controllers/sessions_controller_spec.rb
@ -129,6 +129,12 @@ describe SessionsController do
        request
        expect(controller).to redirect_to(implement_exercise_path(exercise.id))
      end
+
+      it 'redirects to recommended exercise if requested token of proxy exercise' do
+        FactoryGirl.create(:proxy_exercise, exercises: [exercise])
+        post :create_through_lti, custom_locale: locale, custom_token: ProxyExercise.first.token, oauth_consumer_key: consumer.oauth_key, oauth_nonce: nonce, oauth_signature: SecureRandom.hex, user_id: user.external_id
+        expect(controller).to redirect_to(implement_exercise_path(exercise.id))
+      end
    end
  end

--- a/spec/factories/proxy_exercise.rb
+++ b/spec/factories/proxy_exercise.rb
@ -0,0 +1,7 @@
+FactoryGirl.define do
+  factory :proxy_exercise, class: ProxyExercise do
+    token 'dummytoken'
+    title 'Dummy'
+  end
+
+end