X-Git-Url: https://git.auder.net/?a=blobdiff_plain;f=routes%2Fassessments.js;h=d9f83ea9c22cc8d5b512eff9662aed5e03b85c29;hb=a80c6a3b87f75653725f54caca1f24abc556afc7;hp=a107d7e15e017a7a439646ff306853b88b61349f;hpb=71d1ca9c594b64d959c608a2abbff926480abad5;p=qomet.git

diff --git a/routes/assessments.js b/routes/assessments.js
index a107d7e..d9f83ea 100644
--- a/routes/assessments.js
+++ b/routes/assessments.js
@@ -2,7 +2,6 @@ let router = require("express").Router();
 const access = require("../utils/access");
 const UserModel = require("../models/user");
 const AssessmentModel = require("../models/assessment");
-const AssessmentEntity = require("../entities/assessment");
 const CourseModel = require("../models/course");
 const params = require("../config/parameters");
 const validator = require("../public/javascripts/utils/validation");
@@ -11,9 +10,10 @@ const sanitizeHtml = require('sanitize-html');
 const sanitizeOpts = {
 	allowedTags: sanitizeHtml.defaults.allowedTags.concat([ 'img', 'u' ]),
 	allowedAttributes: {
-		img: [ 'src' ],
+		img: [ 'src','style' ],
 		code: [ 'class' ],
 		table: [ 'class' ],
+		div: [ 'style' ],
 	},
 };
 
@@ -36,7 +36,6 @@ router.post("/update/assessment", access.ajax, access.logged, (req,res) => {
 	if (error.length > 0)
 		return res.json({errmsg:error});
 	assessment.introduction = sanitizeHtml(assessment.introduction, sanitizeOpts);
-	assessment.conclusion = sanitizeHtml(assessment.conclusion, sanitizeOpts);
 	assessment.questions.forEach( q => {
 		q.wording = sanitizeHtml(q.wording, sanitizeOpts);
 		//q.answer = sanitizeHtml(q.answer); //if text (TODO: it's an array in this case?!)
@@ -68,7 +67,7 @@ router.get("/start/assessment", access.ajax, (req,res) => {
 					maxAge: params.cookieExpire,
 				});
 			}
-			res.json(ret); //contains questions+password(or paper if resuming)
+			res.json(ret); //contains password (or paper if resuming)
 		});
 	});
 });
@@ -118,11 +117,11 @@ router.get("/end/assessment", access.ajax, (req,res) => {
 	let error = validator({ _id:aid, papers:[{number:number,password:password}] }, "Assessment");
 	if (error.length > 0)
 		return res.json({errmsg:error});
-	// Destroy pwd, set endTime, return conclusion
-	AssessmentModel.endSession(ObjectId(aid), number, password, (err,conclusion) => {
-		access.checkRequest(res,err,conclusion,"Cannot end assessment", () => {
+	// Destroy pwd, set endTime
+	AssessmentModel.endAssessment(ObjectId(aid), number, password, (err,ret) => {
+		access.checkRequest(res,err,ret,"Cannot end assessment", () => {
 			res.clearCookie('password');
-			res.json(conclusion);
+			res.json({});
 		});
 	});
 });