remove extra step in end assessment process

[qomet.git] / routes / assessments.js

diff --git a/routes/assessments.js b/routes/assessments.js
index 49410c4..3a91b5a 100644 (file)
--- a/routes/assessments.js
+++ b/routes/assessments.js
@@ -8,6 +8,15 @@ const params = require("../config/parameters");
 const validator = require("../public/javascripts/utils/validation");
 const ObjectId = require("bson-objectid");
 const sanitizeHtml = require('sanitize-html');
+const sanitizeOpts = {
+       allowedTags: sanitizeHtml.defaults.allowedTags.concat([ 'img', 'u' ]),
+       allowedAttributes: {
+               img: [ 'src','style' ],
+               code: [ 'class' ],
+               table: [ 'class' ],
+               div: [ 'style' ],
+       },
+};
 
 router.get("/add/assessment", access.ajax, access.logged, (req,res) => {
        const name = req.query["name"];
@@ -27,9 +36,7 @@ router.post("/update/assessment", access.ajax, access.logged, (req,res) => {
        let error = validator(assessment, "Assessment");
        if (error.length > 0)
                return res.json({errmsg:error});
-       const sanitizeOpts = {allowedTags: sanitizeHtml.defaults.allowedTags.concat([ 'img' ]) };
        assessment.introduction = sanitizeHtml(assessment.introduction, sanitizeOpts);
-       assessment.conclusion = sanitizeHtml(assessment.conclusion, sanitizeOpts);
        assessment.questions.forEach( q => {
                q.wording = sanitizeHtml(q.wording, sanitizeOpts);
                //q.answer = sanitizeHtml(q.answer); //if text (TODO: it's an array in this case?!)
@@ -66,6 +73,29 @@ router.get("/start/assessment", access.ajax, (req,res) => {
        });
 });
 
+router.get("/start/monitoring", access.ajax, (req,res) => {
+       const password = req.query["password"];
+       const examName = req.query["aname"];
+       const courseCode = req.query["ccode"];
+       const initials = req.query["initials"];
+       // TODO: sanity checks
+       CourseModel.getByRefs(initials, courseCode, (err,course) => {
+               access.checkRequest(res,err,course,"Course not found", () => {
+                       if (password != course.password)
+                               return res.json({errmsg: "Wrong password"});
+                       AssessmentModel.getByRefs(initials, courseCode, examName, (err2,assessment) => {
+                               access.checkRequest(res,err2,assessment,"Assessment not found", () => {
+                                       res.json({
+                                               students: course.students,
+                                               assessment: assessment,
+                                               secret: params.secret,
+                                       });
+                               });
+                       });
+               });
+       });
+});
+
 router.get("/send/answer", access.ajax, (req,res) => {
        let aid = req.query["aid"];
        let number = req.query["number"];
@@ -88,11 +118,11 @@ router.get("/end/assessment", access.ajax, (req,res) => {
        let error = validator({ _id:aid, papers:[{number:number,password:password}] }, "Assessment");
        if (error.length > 0)
                return res.json({errmsg:error});
-       // Destroy pwd, set endTime, return conclusion
-       AssessmentModel.endSession(ObjectId(aid), number, password, (err,conclusion) => {
-               access.checkRequest(res,err,conclusion,"Cannot end assessment", () => {
+       // Destroy pwd, set endTime
+       AssessmentEntity.endAssessment(ObjectId(aid), number, password, (err,ret) => {
+               access.checkRequest(res,err,ret,"Cannot end assessment", () => {
                        res.clearCookie('password');
-                       res.json(conclusion);
+                       res.json({});
                });
        });
 });