-
Notifications
You must be signed in to change notification settings - Fork 7
/
viewer.php
104 lines (91 loc) · 2.83 KB
/
viewer.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<?php
require_once('internal/app.php');
// ================= CHECK FOR LTI LAUNCH DATA =======================
if(!isset($_REQUEST['loID']) && \lti\API::hasLtiLaunchData($_REQUEST))
{
// Change behavior to LTI launch
$instID = \lti\API::handleLtiLaunch();
$loggedIn = \obo\API::getInstance()->getSessionValid();
}
else
{
// Not an LTI, behave like a normal view/preview
require('internal/includes/login.php');
}
$API = \obo\API::getInstance();
// ================= CHECK FOR REQUIRED ROLE TO SEE PREVIEW =======================
if($loggedIn === true && isset($_REQUEST['loID']))
{
$hasRole = $API->getSessionRoleValid(array(\cfg_obo_Role::CONTENT_CREATOR, \cfg_obo_Role::LIBRARY_USER));
if(!in_array(\cfg_obo_Role::LIBRARY_USER, $hasRole['hasRoles']) && !in_array(\cfg_obo_Role::CONTENT_CREATOR, $hasRole['hasRoles']))
{
$loggedIn = false;
$notice = 'You do not have permission to preview this learning object. For more information view our <a href="/help/faq/">FAQ</a>.';
}
}
// ================ DISPLAY OUTPUT =================================
if($loggedIn === true)
{
// logged in, show the viewer
$instID = isset($instID) ? $instID : filter_input(INPUT_GET, 'instID', FILTER_VALIDATE_INT);
$loID = filter_input(INPUT_GET, 'loID', FILTER_VALIDATE_INT);
$globalJSVars = [
'_materiaLtiUrl' => \AppCfg::MATERIA_LTI_URL,
'_webUrl' => \AppCfg::URL_WEB,
'_credhubUrl' => \AppCfg::CREDHUB_URL,
'_credhubTimeout' => (int) \AppCfg::CREDHUB_TIMEOUT,
];
header('X-UA-Compatible: IE=edge');
include('assets/templates/viewer.php');
}
else
{
// not logged in, show login screen
$title = 'Obojobo';
// Instance requested - student mode
if(isset($_REQUEST['instID']))
{
if($instData = $API->getInstanceData($_REQUEST['instID']))
{
// Reject access if this is attempted direct access to an LTI instance:
if(!empty($instData->externalLink))
{
if(!\lti\API::getAssessmentSessionData($_REQUEST['instID']))
{
// No session data for LTI - Either they got logged out or they accessed the instance directly.
header('Location: ' . \AppCfg::URL_WEB . 'error/no-access.html');
exit();
}
}
$title = $instData->name;
$course = $instData->courseID;
$instructor = $instData->userName;
$startTime = $instData->startTime;
$endTime = $instData->endTime;
}
else
{
header("HTTP/1.0 404 Not Found");
exit();
}
}
// lo requested - preview mode
elseif(isset($_REQUEST['loID']))
{
if($loMeta = $API->getLOMeta($_REQUEST['loID']))
{
$title = $loMeta->title . ' ' . $loMeta->version . '.' . $loMeta->subVersion;
$course = 'PREVIEW ONLY';
$instructor = 'only visible to authors';
$startTime = 0;
$endTime = 0;
}
else
{
header("HTTP/1.0 404 Not Found");
exit();
}
}
// =============== RENDER LOGIN TEMPLATE ========================
include('assets/templates/login.php');
}