X-Git-Url: https://git.auder.net/images/pieces/%22%20%20%20VariantRules.getPpath%28board%5Bi%5D%5Bj%5D%29%20%20%20%22.svg?a=blobdiff_plain;ds=sidebyside;f=routes%2Fassessments.js;h=c1a99cfd8ecd0debf0cdcf879651057a36e11f66;hb=f87ac54a07e9cc63a28b8eae42fa6ab23ac626d0;hp=dc749ed5503cfc872898068ba5776607fb903142;hpb=6bf4a38e1a82fdcdf1d2742a3e8937b26fe2e873;p=qomet.git diff --git a/routes/assessments.js b/routes/assessments.js index dc749ed..c1a99cf 100644 --- a/routes/assessments.js +++ b/routes/assessments.js @@ -9,8 +9,13 @@ const validator = require("../public/javascripts/utils/validation"); const ObjectId = require("bson-objectid"); const sanitizeHtml = require('sanitize-html'); const sanitizeOpts = { - allowedTags: sanitizeHtml.defaults.allowedTags.concat([ 'img' ]), - allowedAttributes: { code: [ 'class' ] }, + allowedTags: sanitizeHtml.defaults.allowedTags.concat([ 'img', 'u' ]), + allowedAttributes: { + img: [ 'src','style' ], + code: [ 'class' ], + table: [ 'class' ], + div: [ 'style' ], + }, }; router.get("/add/assessment", access.ajax, access.logged, (req,res) => { @@ -32,7 +37,6 @@ router.post("/update/assessment", access.ajax, access.logged, (req,res) => { if (error.length > 0) return res.json({errmsg:error}); assessment.introduction = sanitizeHtml(assessment.introduction, sanitizeOpts); - assessment.conclusion = sanitizeHtml(assessment.conclusion, sanitizeOpts); assessment.questions.forEach( q => { q.wording = sanitizeHtml(q.wording, sanitizeOpts); //q.answer = sanitizeHtml(q.answer); //if text (TODO: it's an array in this case?!) @@ -69,6 +73,29 @@ router.get("/start/assessment", access.ajax, (req,res) => { }); }); +router.get("/start/monitoring", access.ajax, (req,res) => { + const password = req.query["password"]; + const examName = req.query["aname"]; + const courseCode = req.query["ccode"]; + const initials = req.query["initials"]; + // TODO: sanity checks + CourseModel.getByRefs(initials, courseCode, (err,course) => { + access.checkRequest(res,err,course,"Course not found", () => { + if (password != course.password) + return res.json({errmsg: "Wrong password"}); + AssessmentModel.getByRefs(initials, courseCode, examName, (err2,assessment) => { + access.checkRequest(res,err2,assessment,"Assessment not found", () => { + res.json({ + students: course.students, + assessment: assessment, + secret: params.secret, + }); + }); + }); + }); + }); +}); + router.get("/send/answer", access.ajax, (req,res) => { let aid = req.query["aid"]; let number = req.query["number"]; @@ -91,11 +118,11 @@ router.get("/end/assessment", access.ajax, (req,res) => { let error = validator({ _id:aid, papers:[{number:number,password:password}] }, "Assessment"); if (error.length > 0) return res.json({errmsg:error}); - // Destroy pwd, set endTime, return conclusion - AssessmentModel.endSession(ObjectId(aid), number, password, (err,conclusion) => { - access.checkRequest(res,err,conclusion,"Cannot end assessment", () => { + // Destroy pwd, set endTime + AssessmentModel.endSession(ObjectId(aid), number, password, (err,ret) => { + access.checkRequest(res,err,ret,"Cannot end assessment", () => { res.clearCookie('password'); - res.json(conclusion); + res.json({}); }); }); });