app/controllers/lti/consent.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84

<?php

use Lti\ResourceLink;
use Studip\Lti\Enum\LtiVersion;
use Lti\RegistrationPrivacySettings;

final class Lti_ConsentController extends AuthenticatedController
{
    public function edit_action(ResourceLink $resourceLink): void
    {
        PageLayout::disableSidebar();

        $registration = $resourceLink->deployment->registration;
        $privacySettings = RegistrationPrivacySettings::findOneBySQL(
            'registration_id = :registration_id AND user_id = :user_id',
            [
                'registration_id' => $registration->id,
                'user_id' => User::findCurrent()->id
            ]
        );

        if (!$privacySettings) {
            $privacySettings = new RegistrationPrivacySettings();
            $privacySettings->registration_id = $registration->id;
            $privacySettings->user_id = User::findCurrent()->id;
        }

        if (Request::isPost()) {
            CSRFProtection::verifyUnsafeRequest();

            if (Request::submitted('save')) {
                if (!Request::get('confirmed')) {
                    PageLayout::postError(_('Ohne die aktive Zustimmung zur Weitergabe Ihrer personenbezogenen Daten können Sie das LTI-Tool nicht nutzen!'));
                    return;
                }

                $privacySettings->accepted = 1;

                //Check which optional fields are allowed to be transmitted to the tool:
                $optionalFieldList = Request::getArray('submit_optional_field');
                $optionalFields = [];
                if (array_key_exists('lang', $optionalFieldList)) {
                    $optionalFields[] = 'lang';
                }
                if (array_key_exists('avatar_url', $optionalFieldList)) {
                    $optionalFields[] = 'avatar_url';
                }

                $privacySettings->allowed_optional_fields = implode(',', $optionalFields);

                $privacySettings->store();

                if (Request::get('redirect') === 'launch') {
                    if ($registration->version == LtiVersion::Lti1p3a->value) {
                        $this->redirect('lti/1p3/index/launch/' . $resourceLink->id);
                    }

                    if ($registration->version == LtiVersion::Lti1P1->value) {
                        $this->redirect('lti/1p1/index/launch/' . $resourceLink->id);
                    }

                    return;
                }
            }
            if (Request::isDialog()) {
                //Close the dialog:
                $this->response->add_header('X-Dialog-Close', '1');
                return;
            } else {
                //Redirect to the LTI tool page of the course:
                $this->redirect('course/lti/index');
            }
        }

        $this->resourceLink = $resourceLink;
        $this->privacySettings = $privacySettings;

        if (Request::get('launch_container') === 'iframe') {
            PageLayout::disableHeader();
            PageLayout::disableFooter();
            PageLayout::disableSidebar();
        }
    }
}