1 let router
= require("express").Router();
2 const access
= require("../utils/access");
3 const UserModel
= require("../models/user");
4 const AssessmentModel
= require("../models/assessment");
5 const CourseModel
= require("../models/course");
6 const params
= require("../config/parameters");
7 const validator
= require("../public/javascripts/utils/validation");
8 const ObjectId
= require("bson-objectid");
9 const sanitizeHtml
= require('sanitize-html');
10 const sanitizeOpts
= {
11 allowedTags: sanitizeHtml
.defaults
.allowedTags
.concat([ 'img', 'u' ]),
13 img: [ 'src','style' ],
20 router
.get("/add/assessment", access
.ajax
, access
.logged
, (req
,res
) => {
21 const name
= req
.query
["name"];
22 const cid
= req
.query
["cid"];
23 let error
= validator({cid:cid
, name:name
}, "Assessment");
25 return res
.json({errmsg:error
});
26 AssessmentModel
.add(req
.user
._id
, ObjectId(cid
), name
, (err
,assessment
) => {
27 access
.checkRequest(res
, err
, assessment
, "Assessment addition failed", () => {
33 router
.post("/update/assessment", access
.ajax
, access
.logged
, (req
,res
) => {
34 const assessment
= JSON
.parse(req
.body
["assessment"]);
35 let error
= validator(assessment
, "Assessment");
37 return res
.json({errmsg:error
});
38 assessment
.introduction
= sanitizeHtml(assessment
.introduction
, sanitizeOpts
);
39 assessment
.questions
.forEach( q
=> {
40 q
.wording
= sanitizeHtml(q
.wording
, sanitizeOpts
);
41 //q.answer = sanitizeHtml(q.answer); //if text (TODO: it's an array in this case?!)
42 for (let i
=0; i
<q
.options
.length
; i
++) //if QCM
43 q
.options
[i
] = sanitizeHtml(q
.options
[i
], sanitizeOpts
);
45 AssessmentModel
.update(req
.user
._id
, assessment
, (err
,ret
) => {
46 access
.checkRequest(res
, err
, ret
, "Assessment update failed", () => {
52 // Generate and set student password, return it
53 router
.get("/start/assessment", access
.ajax
, (req
,res
) => {
54 let number
= req
.query
["number"];
55 let aid
= req
.query
["aid"];
56 let password
= req
.cookies
["password"]; //potentially from cookies, resuming
57 let error
= validator({ _id:aid
, papers:[{number:number
,password:password
|| "samplePwd"}] }, "Assessment");
59 return res
.json({errmsg:error
});
60 AssessmentModel
.startSession(ObjectId(aid
), number
, password
, (err
,ret
) => {
61 access
.checkRequest(res
,err
,ret
,"Failed session initialization", () => {
65 res
.cookie("password", ret
.password
, {
67 maxAge: params
.cookieExpire
,
70 res
.json(ret
); //contains password (or paper if resuming)
75 router
.get("/start/monitoring", access
.ajax
, (req
,res
) => {
76 const password
= req
.query
["password"];
77 const examName
= req
.query
["aname"];
78 const courseCode
= req
.query
["ccode"];
79 const initials
= req
.query
["initials"];
80 // TODO: sanity checks
81 CourseModel
.getByRefs(initials
, courseCode
, (err
,course
) => {
82 access
.checkRequest(res
,err
,course
,"Course not found", () => {
83 if (password
!= course
.password
)
84 return res
.json({errmsg: "Wrong password"});
85 AssessmentModel
.getByRefs(initials
, courseCode
, examName
, (err2
,assessment
) => {
86 access
.checkRequest(res
,err2
,assessment
,"Assessment not found", () => {
88 students: course
.students
,
89 assessment: assessment
,
90 secret: params
.secret
,
98 router
.get("/send/answer", access
.ajax
, (req
,res
) => {
99 let aid
= req
.query
["aid"];
100 let number
= req
.query
["number"];
101 let password
= req
.query
["password"];
102 let input
= JSON
.parse(req
.query
["answer"]);
103 let error
= validator({ _id:aid
, papers:[{number:number
,password:password
,inputs:[input
]}] }, "Assessment");
104 if (error
.length
> 0)
105 return res
.json({errmsg:error
});
106 AssessmentModel
.newAnswer(ObjectId(aid
), number
, password
, input
, (err
,ret
) => {
107 access
.checkRequest(res
,err
,ret
,"Cannot send answer", () => {
113 router
.get("/end/assessment", access
.ajax
, (req
,res
) => {
114 let aid
= req
.query
["aid"];
115 let number
= req
.query
["number"];
116 let password
= req
.query
["password"];
117 let error
= validator({ _id:aid
, papers:[{number:number
,password:password
}] }, "Assessment");
118 if (error
.length
> 0)
119 return res
.json({errmsg:error
});
120 // Destroy pwd, set endTime
121 AssessmentModel
.endAssessment(ObjectId(aid
), number
, password
, (err
,ret
) => {
122 access
.checkRequest(res
,err
,ret
,"Cannot end assessment", () => {
123 res
.clearCookie('password');
129 module
.exports
= router
;