--- loncom/interface/lonexttool.pm	2017/12/06 02:15:35	1.8
+++ loncom/interface/lonexttool.pm	2023/05/22 21:10:55	1.24
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Launch External Tool Provider (LTI)
 #
-# $Id: lonexttool.pm,v 1.8 2017/12/06 02:15:35 raeburn Exp $
+# $Id: lonexttool.pm,v 1.24 2023/05/22 21:10:55 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -43,14 +43,17 @@ package Apache::lonexttool;
 
 use strict;
 use Apache::Constants qw(:common :http);
-use Net::OAuth;
 use Encode;
 use Digest::SHA;
-use UUID::Tiny ':std';
 use HTML::Entities;
 use Apache::lonlocal;
 use Apache::lonnet;
 use Apache::loncommon;
+use Apache::londatecheck;
+use Apache::lonipcheck;
+use Apache::lonhomework;
+use Apache::structuretags;
+use LONCAPA::ltiutils;
 
 sub handler {
     my $r=shift;
@@ -63,12 +66,15 @@ sub handler {
 # ------------------------------------------------------------ Print the screen
     if ($target eq 'tex') {
         $r->print(&Apache::lonprintout::print_latex_header($env{'form.latex_type'}));
+    } else {
+        $target = 'web';
     }
 
 # Is this even in a course?
     unless ($env{'request.course.id'}) {
         if ($target ne 'tex') {
-            &Apache::loncommon::simple_error_page($r,'','Not in a course');
+            &Apache::loncommon::simple_error_page($r,'','Not in a course',
+                                                  {'only_body' => 1});
         } else {
             $r->print('\textbf{Not in a course}\end{document}');
         }
@@ -90,53 +96,31 @@ sub handler {
     my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
     my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
     my $chome = $env{'course.'.$env{'request.course.id'}.'.home'};
-    my $is_tool;
+    my ($idx,$crstool,$is_tool,%toolhash,%toolsettings);
 
     if ($r->uri eq "/adm/$cdom/$cnum/$marker/$exttool") {
-        my %toolsettings=&Apache::lonnet::dump('exttool_'.$marker,$cdom,$cnum);
+        %toolsettings=&Apache::lonnet::dump('exttool_'.$marker,$cdom,$cnum);
         if ($toolsettings{'id'}) {
-            my $idx = $toolsettings{'id'};
-            my %ltitools = &Apache::lonnet::get_domain_lti($cdom,'consumer');
+            my %ltitools;
+            if ($toolsettings{'id'} =~ /^c(\d+)$/) {
+                $idx = $1;
+                $crstool = 1;
+                %ltitools = &Apache::lonnet::get_course_lti($cnum,$cdom,'consumer');
+            } else {
+                $idx = $toolsettings{'id'};
+                %ltitools = &Apache::lonnet::get_domain_lti($cdom,'consumer');
+            }
             if (ref($ltitools{$idx}) eq 'HASH') {
-                my %toolhash = %{$ltitools{$idx}}; 
+                %toolhash = %{$ltitools{$idx}};
                 $toolhash{'display'} = {
                                            target => $toolsettings{'target'},
                                            width  => $toolsettings{'width'},
                                            height => $toolsettings{'height'},
                                        };
-                $toolhash{'crslabel'} = $toolsettings{'crslabel'};
-                $toolhash{'crstitle'} = $toolsettings{'crstitle'};
-                $toolhash{'crsappend'} = $toolsettings{'crsappend'};
-                $is_tool = 1;
-                my $launchok = 1;
-                if ($target eq 'tex') {
-                    $r->print(&mt('External Tool'));
-                } else {
-                    my $now = time;
-                    if ($toolhash{'passback'}) {
-                        unless (&set_callback_secret($cdom,$cnum,$marker,'grade',$now,
-                                                     \%toolsettings,\%toolhash) eq 'ok') {
-                            undef($launchok);
-                        }
-                    }
-                    if ($toolhash{'roster'}) {
-                        &set_callback_secret($cdom,$cnum,$marker,'roster',$now,
-                                             \%toolsettings,\%toolhash);
-                    }
-                    my $submittext = &mt('Launch [_1]',$toolhash{'title'});
-                    if (($toolhash{'key'} ne '') && ($toolhash{'secret'} ne '') && 
-                        ($toolhash{'url'} ne '') && ($launchok)) {
-                        my %lti = &lti_params($r,$cnum,$cdom,$idx,$submittext,\%toolhash);
-                        my $url = $toolhash{'url'};
-                        if ($toolhash{'crsappend'} ne '') {
-                            $url .= $toolhash{'crsappend'};
-                        }
-                        $r->print(&launch_html($url,$toolhash{'key'},$toolhash{'secret'},
-                                               $submittext,\%lti));
-                    } else {
-                        $r->print('<div>'.&mt('External Tool Unavailable').'</div>');
-                    }
+                foreach my $item (qw(crslabel crstitle crsappend gradable)) {
+                    $toolhash{$item} = $toolsettings{$item};
                 }
+                $is_tool = 1;
             }
         }
     }
@@ -146,63 +130,110 @@ sub handler {
         } else {
             $r->print('\textbf{'.&mt(Invalid Call).'}\end{document}');
         }
+        return OK;
     }
-    return OK;
-}
 
-sub set_callback_secret {
-    my ($cdom,$cnum,$marker,$name,$now,$toolsettings,$toolhash) = @_;
-    return unless ((ref($toolsettings) eq 'HASH') && (ref($toolhash) eq 'HASH'));
-    my $warning;
-    my ($needsnew,$oldsecret,$lifetime);
-    if ($name eq 'grade') {  
-        $lifetime = $toolhash->{'passbackvalid'}
-    } elsif ($name eq 'roster') {
-        $lifetime = $toolhash->{'rostervalid'};
-    }  
-    if ($toolsettings->{$name} eq '') {
-        $needsnew = 1;
-    } elsif (($toolsettings->{$name.'date'} + $lifetime) < $now) {
-        $oldsecret = $toolsettings->{$name.'secret'};
-        $needsnew = 1;
-    }
-    if ($needsnew) {
-        if (&get_tool_lock($cdom,$cnum,$marker,$now) eq 'ok') {
-            my $secret = UUID::Tiny::create_uuid_as_string(UUID_V4);
-            $toolhash->{$name.'secret'} = $secret;
-            my %secrethash = (
-                           $name.'secret' => $secret,
-                           $name.'secretdate' => $now,
-                          );
-            if ($oldsecret ne '') {
-                $secrethash{'old'.$name.'secret'} = $oldsecret;
-            }
-            my $putres = &Apache::lonnet::put('exttool_'.$marker,
-                                              \%secrethash,$cdom,$cnum);
-            my $delresult = &release_tool_lock($cdom,$cnum,$marker);
-            if ($delresult ne 'ok') {
-                $warning = $delresult ;
+    my ($symb,$status,$open,$close,$msg,$donebuttonresult,$donemsg);
+    if (($target eq 'tex') || ($toolhash{'gradable'})) {
+        ($symb) = &Apache::lonnet::whichuser();
+    }
+    if ($target eq 'tex') {
+        my $title = &Apache::lonnet::gettitle($symb);
+        $r->print(&mt('External Tool: [_1]','\textit{'.$title.'}').'\\\\');
+    }
+    if ($toolhash{'gradable'}) {
+        $Apache::lonhomework::browse = &Apache::lonnet::allowed('bre',$r->uri);
+        if ($env{'form.markaccess'}) {
+            my @interval=&Apache::lonnet::EXT('resource.0.interval',$symb);
+            my ($timelimit) = split(/_/,$interval[0]);
+            &Apache::lonnet::set_first_access($interval[1],$timelimit);
+        } elsif ($symb && $env{'form.LC_interval_done'} eq 'true') {
+            # Set the event timer to zero if the "done button" was clicked.  The button is
+            # part of the doneButton form created in lonmenu.pm
+            ($donebuttonresult,$donemsg) = &Apache::lonhomework::zero_timer($symb);
+            undef($env{'form.LC_interval_done'});
+            undef($env{'form.LC_interval_done_proctorpass'});
+        }
+        ($status,$msg) = &gradabletool_access_check($target);
+        undef($Apache::lonhomework::browse);
+        if ($status eq 'SHOW_ANSWER') {
+            $r->print(&display_score($target));
+            if ($target eq 'tex') {
+                $r->print('\end{document}');
+            }
+            return OK;
+        } elsif ($status ne 'CAN_ANSWER') {
+            if ($target eq 'tex') {
+                $r->print('\end{document}');
+            } else {
+                $r->print($msg);
             }
-            if ($putres eq 'ok') {
-                return 'ok';
+            return OK;
+        }
+    } else {
+        my ($status,$open,$close,$msg)=&Apache::londatecheck::content_date_check();
+        if ($status ne 'OPEN') {
+            if ($target eq 'tex') {
+                $r->print(&mt('Not open to be viewed').'\end{document}');
+            } else {
+                $r->print($msg);
             }
+            return OK;
         } else {
-            $warning = '<span class="LC_error">'.
-                       &mt('Could not obtain exclusive lock').
-                       '</span>';
+            ($status,$msg)=&Apache::lonipcheck::ip_access_check();
+            if ($status ne 'OPEN') {
+                if ($target eq 'tex') {
+                    $r->print(&mt('Not open to be viewed').'\end{document}');
+                } else {
+                    $r->print($msg);
+                }
+                return OK;
+            }
         }
+    }
+    my $launchok = 1;
+    if ($target eq 'tex') {
+        $r->print('\end{document}');
     } else {
-        $toolhash->{$name.'secret'} = $toolsettings->{$name.'secret'};
-        return 'ok';
+        my $now = time;
+        if ($toolhash{'passback'}) {
+            if (&LONCAPA::ltiutils::set_service_secret($cdom,$cnum,$marker,'grade',$now,
+                                                       \%toolsettings,\%toolhash) eq 'ok') {
+                $toolhash{'gradesecret'} = $toolsettings{'gradesecret'};
+            } else {
+                undef($launchok);
+            }
+        }
+        if ($toolhash{'roster'}) {
+            if (&LONCAPA::ltiutils::set_service_secret($cdom,$cnum,$marker,'roster',$now,
+                                                       \%toolsettings,\%toolhash) eq 'ok') {
+                $toolhash{'rostersecret'} = $toolsettings{'rostersecret'};
+            }
+        }
+        my $submittext = &mt('Launch [_1]',$toolhash{'title'});
+        if (($toolhash{'url'} ne '') && ($launchok)) {
+            my %lti = &lti_params($r,$cnum,$cdom,$idx,$submittext,\%toolhash);
+            my $url = $toolhash{'url'};
+            if ($toolhash{'crsappend'} ne '') {
+                $url .= $toolhash{'crsappend'};
+            }
+            my %info = (
+                         method => $toolhash{'sigmethod'},
+                       );
+            $r->print(&launch_html($cdom,$cnum,$crstool,$url,$idx,
+                                   $toolhash{'cipher'},$submittext,\%lti,\%info));
+        } else {
+            $r->print('<div class="LC_warning">'.&mt('External Tool Unavailable').'</div>');
+        }
     }
-    return;
+    return OK;
 }
 
 sub lti_params {
     my ($r,$cnum,$cdom,$idx,$submittext,$toolsref) = @_;
     my ($version,$context_type,$msgtype,$toolname,$passback,$roster,$locale,
         $crslabel,$crstitle,$gradesecret,$rostersecret,%fields,%rolesmap,
-        %display,%custom,@userlangs);
+        %display,%custom,@userlangs,$incdom);
     if (ref($toolsref) eq 'HASH') {
         $version = $toolsref->{'version'};
         $toolname = $toolsref->{'title'};
@@ -211,6 +242,7 @@ sub lti_params {
         $roster = $toolsref->{'roster'};
         $rostersecret = $toolsref->{'rostersecret'};
         $msgtype = $toolsref->{'messagetype'};
+        $incdom = $toolsref->{'incdom'};
         if (ref($toolsref->{'fields'}) eq 'HASH') {
             %fields = %{$toolsref->{'fields'}};
         }
@@ -236,10 +268,10 @@ sub lti_params {
         $msgtype = 'basic-lti-launch-request';
     }
     if ($crslabel eq '') {
-        $crslabel = $env{'course.'.$env{'request.course.id'}.'.internal.coursecode'},
+        $crslabel = $env{'course.'.$env{'request.course.id'}.'.internal.coursecode'};
     }
     if ($crstitle eq '') {
-        $crstitle = $env{'course.'.$env{'request.course.id'}.'.description'},;
+        $crstitle = $env{'course.'.$env{'request.course.id'}.'.description'};
     }
     my $lonhost = $r->dir_config('lonHostID');
     my $loncaparev = $r->dir_config('lonVersion');
@@ -251,8 +283,10 @@ sub lti_params {
     unless (grep(/^\Q$ltirole\E$/,@possroles)) {
         $ltirole = 'Learner';
     }
-    my $digest_user = &Encode::decode_utf8($uname.':'.$udom);
+    my @possdigest;
+    my $digest_user = &Encode::decode('UTF-8',$uname.':'.$udom);
     $digest_user = &Digest::SHA::sha1_hex($digest_user);
+    push(@possdigest,$digest_user);
     if ($env{'course.'.$env{'request.course.id'}.'.languages'} ne '') {
         @userlangs=(@userlangs,split(/\s*(\,|\;|\:)\s*/,
                     $env{'course.'.$env{'request.course.id'}.'.languages'}));
@@ -273,8 +307,9 @@ sub lti_params {
     my ($title,$digest_symb);
     my ($symb) = &Apache::lonnet::whichuser();
     if ($symb) {
-        $digest_symb = &Encode::decode_utf8($symb);
+        $digest_symb = &Encode::decode('UTF-8',$symb);
         $digest_symb = &Digest::SHA::sha1_hex($digest_symb);
+        push(@possdigest,$digest_symb);
         my $navmap = Apache::lonnavmaps::navmap->new();
         if (ref($navmap)) {
             my $res = $navmap->getBySymb($symb);
@@ -286,7 +321,7 @@ sub lti_params {
     my $domdesc = &Apache::lonnet::domain($cdom);
     my $primary_id = &Apache::lonnet::domain($cdom,'primary');
     my $int_dom = &Apache::lonnet::internet_dom($primary_id);
-    my $portal_url = &Apache::lonnet::course_portal_url($cnum,$cdom);
+    my $portal_url = &Apache::lonnet::course_portal_url($cnum,$cdom,$r);
 
     my %ltiparams = (
         lti_version                            => $version,
@@ -296,7 +331,7 @@ sub lti_params {
         tool_consumer_instance_guid            => $lonhost,
         tool_consumer_instance_description     => $domdesc,
         tool_consumer_info_product_family_code => 'loncapa',
-        tool_consumer_instance_name            => $int_dom,  
+        tool_consumer_instance_name            => $int_dom,
         tool_consumer_instance_url             => $portal_url,
         tool_consumer_info_version             => $loncaparev,
         user_id                                => $digest_user,
@@ -315,37 +350,37 @@ sub lti_params {
             $crsprotocol = 'http';
         }
         if (($passback) || ($roster)) {
+            my (%currdigest,%digesthash);
+            if (@possdigest) {
+                %currdigest = &Apache::lonnet::get('exttools',\@possdigest,
+                                                   $cdom,$cnum);
+            }
             if ($passback) {
                 $ltiparams{'lis_outcome_service_url'} = $crsprotocol.'://'.$crshostname.'/adm/service/passback';
                 $ltiparams{'ext_ims_lis_basic_outcome_url'} = $ltiparams{'lis_outcome_service_url'};
                 if ($gradesecret) {
-                    my $result_sig = 
-                        Digest::SHA::sha1_hex($gradesecret.':::'.$digest_symb.':::'.$digest_user.':::'.$env{'request.course.id'});
-                    $ltiparams{'lis_result_sourcedid'} =
-                        $result_sig.':::'.$digest_symb.':::'.$digest_user.':::'.$env{'request.course.id'};
+                    my $uniqid = $digest_symb.':::'.$digest_user.':::'.$env{'request.course.id'};
+                    $ltiparams{'lis_result_sourcedid'} = &LONCAPA::ltiutils::get_service_id($gradesecret,$uniqid);
                 }
             }
             if ($roster) {
                 if (&Apache::lonnet::allowed('opa',$env{'request.course.id'})) {
                     $ltiparams{'ext_ims_lis_memberships_url'} = $crsprotocol.'://'.$crshostname.'/adm/service/roster';
                     if ($rostersecret) {
-                        my $roster_sig = Digest::SHA::sha1_hex($rostersecret.':::'.$digest_symb.':::'.$env{'request.course.id'});
-                        $ltiparams{'ext_ims_lis_memberships_id'} = $roster_sig.':::'.$digest_symb.':::'.$env{'request.course.id'};
+                        my $uniqid = $digest_symb.':::'.$env{'request.course.id'};
+                        $ltiparams{'ext_ims_lis_memberships_id'} = &LONCAPA::ltiutils::get_service_id($rostersecret,$uniqid);
                     }
                 }
             }
-            my %digesthash;
-            if ($ltiparams{'lis_result_sourcedid'}) {
-                $digesthash{$ltiparams{'lis_result_sourcedid'}} = "$idx\0".time; 
-            }
-            if ($ltiparams{'ext_ims_lis_memberships_id'}) {
-                $digesthash{$ltiparams{'ext_ims_lis_memberships_id'}} = "$idx\0".time; 
-            }
             if (($digest_symb) && ($gradesecret || $rostersecret)) {
-                $digesthash{$digest_symb} = $symb;
+                unless ((exists($currdigest{$digest_symb})) && ($currdigest{$digest_symb} eq $symb)) {
+                    $digesthash{$digest_symb} = $symb;
+                }
             }
             if (($passback) && ($gradesecret)) {
-                $digesthash{$digest_user} = $uname.':'.$udom;
+                unless ((exists($currdigest{$digest_user})) && ($currdigest{$digest_user} eq $uname.':'.$udom)) {
+                    $digesthash{$digest_user} = $uname.':'.$udom;
+                }
             }
             if (keys(%digesthash)) {
                 &Apache::lonnet::put('exttools',\%digesthash,$cdom,$cnum);
@@ -382,7 +417,11 @@ sub lti_params {
         $ltiparams{'lis_person_contact_email_primary'} = $contact_email;
     }
     if ($fields{'user'}) {
-        $ltiparams{'lis_person_sourcedid'} = $uname.':'.$udom;
+        if ($incdom) {
+            $ltiparams{'lis_person_sourcedid'} = $uname.':'.$udom;
+        } else {
+            $ltiparams{'lis_person_sourcedid'} = $uname;
+        }
     }
     if (keys(%custom)) {
         foreach my $key (keys(%custom)) {
@@ -397,15 +436,20 @@ sub lti_params {
         }
     }
     foreach my $key (keys(%ltiparams)) {
-        $ltiparams{$key} = &Encode::decode_utf8($ltiparams{$key});
+        $ltiparams{$key} = &Encode::decode('UTF-8',$ltiparams{$key});
     }
     $ltiparams{'basiclti_submit'} = $submittext;
     return %ltiparams;
 }
 
 sub launch_html {
-    my ($url,$key,$secret,$submittext,$paramsref) = @_;
-    my $hashref = &sign_params($url,$key,$secret,$paramsref);
+    my ($cdom,$cnum,$crstool,$url,$idx,$keynum,$submittext,$paramsref,$inforef) = @_;
+    my ($status,$hashref) =
+        &Apache::lonnet::sign_lti($cdom,$cnum,$crstool,$url,$idx,$keynum,
+                                  '',$paramsref,$inforef);
+    unless ($status eq 'ok') {
+        return '<div class="LC_warning">'.&mt('External Tool Unavailable').'</div>';
+    }
     my $action = &HTML::Entities::encode($url,'<>&"');
     my $form = <<"END";
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
@@ -439,57 +483,97 @@ ENDJS
     return $form;
 }
 
-sub sign_params {
-    my ($url,$key,$secret,$paramsref) = @_;
-    my $nonce = Digest::SHA::sha1_hex(sprintf("%06x%06x",rand(0xfffff0),rand(0xfffff0)));
-
-    my $request = Net::OAuth->request("request token")->new(
-            consumer_key => $key,
-            consumer_secret => $secret,
-            request_url => $url,
-            request_method => 'POST',
-            signature_method => 'HMAC-SHA1',
-            timestamp => time,
-            nonce => $nonce,
-            callback => 'about:blank',
-            extra_params => $paramsref,
-            version      => '1.0',
-            );
-    $request->sign;
-    return $request->to_hash();
-}
-
-sub get_tool_lock {
-    my ($cdom,$cnum,$marker,$now) = @_;
-    # get lock for tool for which gradesecret is being set
-    my $lockhash = {
-                  $marker."\0".'lock' => $now.':'.$env{'user.name'}.
-                                         ':'.$env{'user.domain'},
-                   };
-    my $tries = 0;
-    my $gotlock = &Apache::lonnet::newput('exttools',$lockhash,$cdom,$cnum);
-
-    while (($gotlock ne 'ok') && $tries <3) {
-        $tries ++;
-        sleep(1);
-        $gotlock = &Apache::lonnet::newput('exttools',$lockhash,$cdom,$cnum);
+sub gradabletool_access_check {
+    my ($target) = @_;
+    my ($result,$resource_due);
+    my $status;
+    my ($symb,$courseid,$udom,$uname) = &Apache::lonnet::whichuser();
+    my @targets;
+    if ($target) {
+        @targets = ($target);
+    } elsif (defined($env{'form.submitted'}) && defined($env{'form.validate'})) {
+        @targets = ('grade','web');
+    } else {
+        @targets = ('web');
     }
-    return $gotlock;
+    foreach my $target (@targets) {
+        &Apache::structuretags::initialize_storage($symb);
+        &Apache::lonhomework::set_show_problem_status(&Apache::lonnet::EXT('resource.0.problemstatus'));
+        my ($accessmsg,$slot_name,$slot,$ipused);
+        ($status,$accessmsg,$slot_name,$slot,$ipused) =
+            &Apache::lonhomework::check_slot_access('0','tool',$symb);
+        if (( $status eq 'CLOSED' ) ||
+            ( $status eq 'UNCHECKEDOUT') ||
+            ( $status eq 'NOT_YET_VIEWED') ||
+            ( $status eq 'BANNED') ||
+            ( $status eq 'UNAVAILABLE') ||
+            ( $status eq 'NOT_IN_A_SLOT') ||
+            ( $status eq 'NOTRESERVABLE') ||
+            ( $status eq 'RESERVABLE') ||
+            ( $status eq 'RESERVABLE_LATER') ||
+            ( $status eq 'INVALID_ACCESS') ||
+            ( $status eq 'NEED_DIFFERENT_IP') ||
+            ( $status eq 'WAITING_FOR_GRADE')) {
+            $result = &Apache::structuretags::access_status_msg('tool',$status,$symb,
+                                                                $target,$ipused,$accessmsg);
+        } elsif ($status eq 'NEEDS_CHECKIN') {
+            $result = &Apache::structuretags::checkin_prompt($target,$slot_name,$slot,'tool');
+        } elsif ($target eq 'web') {
+            if ($status eq 'CAN_ANSWER') {
+                $resource_due = &Apache::lonhomework::due_date(0, $env{'request.symb'});
+                if ($slot_name ne '') {
+                    $resource_due = &Apache::structuretags::selfcheckin_resource($resource_due,
+                                                                                 $slot_name,$slot,
+                                                                                 $env{'request.symb'});
+                }
+            }
+        }
+        if (keys(%Apache::lonhomework::results)) {
+            &Apache::structuretags::finalize_storage();
+        }
+    }
+    return ($status,$result,$resource_due);
 }
 
-sub release_tool_lock {
-    my ($cdom,$cnum,$marker) = @_;
-    #  remove lock
-    my @del_lock = ($marker."\0".'lock');
-    my $dellockoutcome=&Apache::lonnet::del('exttools',\@del_lock,$cdom,$cnum);
-    if ($dellockoutcome ne 'ok') {
-        return ('<div class="LC_error">'
-               .&mt('Warning: failed to release lock for exttool: [_1].','<tt>'.$marker.'</tt>')
-               .'</div>'
-               );
+sub display_score {
+    my ($target) = @_;
+    my $weight = &Apache::lonnet::EXT('resource.0.weight');
+    if ((!defined($weight)) || ($weight eq '')) { $weight=1; }
+    my $awarded = $Apache::lonhomework::history{'resource.0.awarded'};
+    if (!defined($awarded)) { $awarded=0; }
+    my $display='';
+    if ($target eq 'tex') {
+        $display = '\\\\';
+    }
+    if (!defined($awarded)) {
+        $display .= &mt('[_1] possible points.',$weight);
+    } else {
+        my $points = $awarded*$weight;
+        my $result = sprintf('%.2f',$points);
+        $display .= &mt('You have [_1] out of [quant,_2,possible point]',
+                       $result,$weight);
+    }
+    my $comment = $Apache::lonhomework::history{'resource.0.comment'};
+    if (!defined($comment) || $comment!~/\w/) {
+        $comment='';
     } else {
-        return 'ok';
+        if ($target eq 'tex') {
+            $comment = '\\\\'.$comment;
+        } else {
+            $comment='<br /><table><tr><td bgcolor="#FFFFDD">'.$comment.'</td></tr></table>';
+        }
+    }
+    my $gradeinfo = $Apache::lonhomework::history{'resource.0.gradeinfo'};
+    if (!defined($gradeinfo) || $gradeinfo!~/\w/) {
+        $gradeinfo='';
+    } else {
+        if ($target eq 'tex') {
+            $gradeinfo = '\\\\'.$gradeinfo;
+        } else {
+            $gradeinfo='<br /><table><tr><td bgcolor="#DDDDFF"><font size="+2">'.$gradeinfo.'</font></td></tr></table>';
+        }
     }
+    return $display.$comment.$gradeinfo;
 }
 
 1;