18f57f7ed7ed45c89b9b3969028f6e768e6a9c34
1 let router
= require("express").Router();
2 const access
= require("../utils/access");
3 const UserModel
= require("../models/user");
4 const EvaluationModel
= require("../models/evaluation");
5 const CourseModel
= require("../models/course");
6 const params
= require("../config/parameters");
7 const validator
= require("../public/javascripts/utils/validation");
8 const ObjectId
= require("bson-objectid");
9 const sanitizeHtml
= require('sanitize-html');
10 const sanitizeOpts
= {
11 allowedTags: sanitizeHtml
.defaults
.allowedTags
.concat([ 'img', 'u' ]),
13 img: [ 'src','style' ],
20 router
.post("/evaluations", access
.ajax
, access
.logged
, (req
,res
) => {
21 const name
= req
.body
["name"];
22 const cid
= req
.body
["cid"];
23 let error
= validator({cid:cid
, name:name
}, "Evaluation");
25 return res
.json({errmsg:error
});
26 EvaluationModel
.add(req
.user
._id
, ObjectId(cid
), name
, (err
,evaluation
) => {
27 access
.checkRequest(res
, err
, evaluation
, "Evaluation addition failed", () => {
33 router
.put("/evaluations", access
.ajax
, access
.logged
, (req
,res
) => {
34 const evaluation
= JSON
.parse(req
.body
["evaluation"]);
35 let error
= validator(evaluation
, "Evaluation");
37 return res
.json({errmsg:error
});
38 evaluation
.introduction
= sanitizeHtml(evaluation
.introduction
, sanitizeOpts
);
39 evaluation
.questions
.forEach( q
=> {
40 q
.wording
= sanitizeHtml(q
.wording
, sanitizeOpts
);
41 //q.answer = sanitizeHtml(q.answer); //if text (TODO: it's an array in this case?!)
42 for (let i
=0; i
<q
.options
.length
; i
++) //if QCM
43 q
.options
[i
] = sanitizeHtml(q
.options
[i
], sanitizeOpts
);
45 EvaluationModel
.update(req
.user
._id
, evaluation
, (err
,ret
) => {
46 access
.checkRequest(res
, err
, ret
, "Evaluation update failed", () => {
52 // Generate and set student password, return it
53 router
.put("/evaluations/start", access
.ajax
, (req
,res
) => {
54 let number
= req
.body
["number"];
55 let eid
= req
.body
["eid"];
56 let password
= req
.cookies
["password"]; //potentially from cookies, resuming
57 let error
= validator({ _id:eid
, papers:[{number:number
,password:password
|| "samplePwd"}] }, "Evaluation");
59 return res
.json({errmsg:error
});
60 EvaluationModel
.startSession(ObjectId(eid
), number
, password
, (err
,ret
) => {
61 access
.checkRequest(res
,err
,ret
,"Failed session initialization", () => {
65 res
.cookie("password", ret
.password
, {
67 maxAge: params
.cookieExpire
,
70 res
.json(ret
); //contains password (or paper if resuming)
75 router
.get("/evaluations/monitor", access
.ajax
, (req
,res
) => {
76 const password
= req
.query
["password"];
77 const examName
= req
.query
["aname"];
78 const courseCode
= req
.query
["ccode"];
79 const initials
= req
.query
["initials"];
80 // TODO: sanity checks
81 CourseModel
.getByRefs(initials
, courseCode
, (err
,course
) => {
82 access
.checkRequest(res
,err
,course
,"Course not found", () => {
83 if (password
!= course
.password
)
84 return res
.json({errmsg: "Wrong password"});
85 EvaluationModel
.getByRefs(initials
, courseCode
, examName
, (err2
,evaluation
) => {
86 access
.checkRequest(res
,err2
,evaluation
,"Evaluation not found", () => {
88 students: course
.students
,
89 evaluation: evaluation
,
90 secret: params
.secret
,
98 router
.put("/evaluations/answer", access
.ajax
, (req
,res
) => {
99 let eid
= req
.body
["eid"];
100 let number
= req
.body
["number"];
101 let password
= req
.body
["password"];
102 let input
= JSON
.parse(req
.body
["answer"]);
103 let error
= validator({ _id:eid
, papers:[{number:number
,password:password
,inputs:[input
]}] }, "Evaluation");
104 if (error
.length
> 0)
105 return res
.json({errmsg:error
});
106 EvaluationModel
.newAnswer(ObjectId(eid
), number
, password
, input
, (err
,ret
) => {
107 access
.checkRequest(res
,err
,ret
,"Cannot send answer", () => {
113 router
.put("/evaluations/end", access
.ajax
, (req
,res
) => {
114 let eid
= req
.body
["eid"];
115 let number
= req
.body
["number"];
116 let password
= req
.body
["password"];
117 let error
= validator({ _id:eid
, papers:[{number:number
,password:password
}] }, "Evaluation");
118 if (error
.length
> 0)
119 return res
.json({errmsg:error
});
120 // Destroy pwd, set endTime
121 EvaluationModel
.endEvaluation(ObjectId(eid
), number
, password
, (err
,ret
) => {
122 access
.checkRequest(res
,err
,ret
,"Cannot end evaluation", () => {
123 res
.clearCookie('password');
129 module
.exports
= router
;