X-Git-Url: https://git.auder.net/?a=blobdiff_plain;f=routes%2Fassessments.js;h=b7dcfd9e98518b0e3fc3eab2c5ef94ce91750a99;hb=8a2b3260841fc5c2e0d24758bf94628ac52300d3;hp=559f08f0bc8f71a098866e67865323c729f7526d;hpb=e99c53fb3be56eb4c685dd061eef0e5b5bf22b73;p=qomet.git

diff --git a/routes/assessments.js b/routes/assessments.js
index 559f08f..b7dcfd9 100644
--- a/routes/assessments.js
+++ b/routes/assessments.js
@@ -8,6 +8,15 @@ const params = require("../config/parameters");
 const validator = require("../public/javascripts/utils/validation");
 const ObjectId = require("bson-objectid");
 const sanitizeHtml = require('sanitize-html');
+const sanitizeOpts = {
+	allowedTags: sanitizeHtml.defaults.allowedTags.concat([ 'img', 'u' ]),
+	allowedAttributes: {
+		img: [ 'src','style' ],
+		code: [ 'class' ],
+		table: [ 'class' ],
+		div: [ 'style' ],
+	},
+};
 
 router.get("/add/assessment", access.ajax, access.logged, (req,res) => {
 	const name = req.query["name"];
@@ -27,7 +36,6 @@ router.post("/update/assessment", access.ajax, access.logged, (req,res) => {
 	let error = validator(assessment, "Assessment");
 	if (error.length > 0)
 		return res.json({errmsg:error});
-	const sanitizeOpts = {allowedTags: sanitizeHtml.defaults.allowedTags.concat([ 'img' ]) };
 	assessment.introduction = sanitizeHtml(assessment.introduction, sanitizeOpts);
 	assessment.conclusion = sanitizeHtml(assessment.conclusion, sanitizeOpts);
 	assessment.questions.forEach( q => {
@@ -47,17 +55,44 @@ router.post("/update/assessment", access.ajax, access.logged, (req,res) => {
 router.get("/start/assessment", access.ajax, (req,res) => {
 	let number = req.query["number"];
 	let aid = req.query["aid"];
-	let error = validator({ _id:aid, papers:[{number:number}] }, "Assessment");
+	let password = req.cookies["password"]; //potentially from cookies, resuming
+	let error = validator({ _id:aid, papers:[{number:number,password:password || "samplePwd"}] }, "Assessment");
 	if (error.length > 0)
 		return res.json({errmsg:error});
-	AssessmentModel.startSession(ObjectId(aid), number, (err,ret) => {
+	AssessmentModel.startSession(ObjectId(aid), number, password, (err,ret) => {
 		access.checkRequest(res,err,ret,"Failed session initialization", () => {
-			// Set password
-			res.cookie("password", ret.password, {
-				httpOnly: true,
-				maxAge: params.cookieExpire,
+			if (!password)
+			{
+				// Set password
+				res.cookie("password", ret.password, {
+					httpOnly: true,
+					maxAge: params.cookieExpire,
+				});
+			}
+			res.json(ret); //contains questions+password(or paper if resuming)
+		});
+	});
+});
+
+router.get("/start/monitoring", access.ajax, (req,res) => {
+	const password = req.query["password"];
+	const examName = req.query["aname"];
+	const courseCode = req.query["ccode"];
+	const initials = req.query["initials"];
+	// TODO: sanity checks
+	CourseModel.getByRefs(initials, courseCode, (err,course) => {
+		access.checkRequest(res,err,course,"Course not found", () => {
+			if (password != course.password)
+				return res.json({errmsg: "Wrong password"});
+			AssessmentModel.getByRefs(initials, courseCode, examName, (err2,assessment) => {
+				access.checkRequest(res,err2,assessment,"Assessment not found", () => {
+					res.json({
+						students: course.students,
+						assessment: assessment,
+						secret: params.secret,
+					});
+				});
 			});
-			res.json(ret); //contains questions+password
 		});
 	});
 });
@@ -70,7 +105,7 @@ router.get("/send/answer", access.ajax, (req,res) => {
 	let error = validator({ _id:aid, papers:[{number:number,password:password,inputs:[input]}] }, "Assessment");
 	if (error.length > 0)
 		return res.json({errmsg:error});
-	AssessmentEntity.setInput(ObjectId(aid), number, password, input, (err,ret) => {
+	AssessmentModel.newAnswer(ObjectId(aid), number, password, input, (err,ret) => {
 		access.checkRequest(res,err,ret,"Cannot send answer", () => {
 			res.json({});
 		});