X-Git-Url: https://git.auder.net/?a=blobdiff_plain;f=routes%2Fassessments.js;h=d9f83ea9c22cc8d5b512eff9662aed5e03b85c29;hb=43828378be054cf3604b753e8d9ab24af911188f;hp=dc749ed5503cfc872898068ba5776607fb903142;hpb=6bf4a38e1a82fdcdf1d2742a3e8937b26fe2e873;p=qomet.git diff --git a/routes/assessments.js b/routes/assessments.js index dc749ed..d9f83ea 100644 --- a/routes/assessments.js +++ b/routes/assessments.js @@ -2,15 +2,19 @@ let router = require("express").Router(); const access = require("../utils/access"); const UserModel = require("../models/user"); const AssessmentModel = require("../models/assessment"); -const AssessmentEntity = require("../entities/assessment"); const CourseModel = require("../models/course"); const params = require("../config/parameters"); const validator = require("../public/javascripts/utils/validation"); const ObjectId = require("bson-objectid"); const sanitizeHtml = require('sanitize-html'); const sanitizeOpts = { - allowedTags: sanitizeHtml.defaults.allowedTags.concat([ 'img' ]), - allowedAttributes: { code: [ 'class' ] }, + allowedTags: sanitizeHtml.defaults.allowedTags.concat([ 'img', 'u' ]), + allowedAttributes: { + img: [ 'src','style' ], + code: [ 'class' ], + table: [ 'class' ], + div: [ 'style' ], + }, }; router.get("/add/assessment", access.ajax, access.logged, (req,res) => { @@ -32,7 +36,6 @@ router.post("/update/assessment", access.ajax, access.logged, (req,res) => { if (error.length > 0) return res.json({errmsg:error}); assessment.introduction = sanitizeHtml(assessment.introduction, sanitizeOpts); - assessment.conclusion = sanitizeHtml(assessment.conclusion, sanitizeOpts); assessment.questions.forEach( q => { q.wording = sanitizeHtml(q.wording, sanitizeOpts); //q.answer = sanitizeHtml(q.answer); //if text (TODO: it's an array in this case?!) @@ -64,7 +67,30 @@ router.get("/start/assessment", access.ajax, (req,res) => { maxAge: params.cookieExpire, }); } - res.json(ret); //contains questions+password(or paper if resuming) + res.json(ret); //contains password (or paper if resuming) + }); + }); +}); + +router.get("/start/monitoring", access.ajax, (req,res) => { + const password = req.query["password"]; + const examName = req.query["aname"]; + const courseCode = req.query["ccode"]; + const initials = req.query["initials"]; + // TODO: sanity checks + CourseModel.getByRefs(initials, courseCode, (err,course) => { + access.checkRequest(res,err,course,"Course not found", () => { + if (password != course.password) + return res.json({errmsg: "Wrong password"}); + AssessmentModel.getByRefs(initials, courseCode, examName, (err2,assessment) => { + access.checkRequest(res,err2,assessment,"Assessment not found", () => { + res.json({ + students: course.students, + assessment: assessment, + secret: params.secret, + }); + }); + }); }); }); }); @@ -91,11 +117,11 @@ router.get("/end/assessment", access.ajax, (req,res) => { let error = validator({ _id:aid, papers:[{number:number,password:password}] }, "Assessment"); if (error.length > 0) return res.json({errmsg:error}); - // Destroy pwd, set endTime, return conclusion - AssessmentModel.endSession(ObjectId(aid), number, password, (err,conclusion) => { - access.checkRequest(res,err,conclusion,"Cannot end assessment", () => { + // Destroy pwd, set endTime + AssessmentModel.endAssessment(ObjectId(aid), number, password, (err,ret) => { + access.checkRequest(res,err,ret,"Cannot end assessment", () => { res.clearCookie('password'); - res.json(conclusion); + res.json({}); }); }); });