1 let router
= require("express").Router();
2 const access
= require("../utils/access");
3 const UserModel
= require("../models/user");
4 const AssessmentModel
= require("../models/assessment");
5 const AssessmentEntity
= require("../entities/assessment");
6 const CourseModel
= require("../models/course");
7 const params
= require("../config/parameters");
8 const validator
= require("../public/javascripts/utils/validation");
9 const ObjectId
= require("bson-objectid");
10 const sanitizeHtml
= require('sanitize-html');
11 const sanitizeOpts
= {
12 allowedTags: sanitizeHtml
.defaults
.allowedTags
.concat([ 'img' ]),
13 allowedAttributes: { code: [ 'class' ] },
16 router
.get("/add/assessment", access
.ajax
, access
.logged
, (req
,res
) => {
17 const name
= req
.query
["name"];
18 const cid
= req
.query
["cid"];
19 let error
= validator({cid:cid
, name:name
}, "Assessment");
21 return res
.json({errmsg:error
});
22 AssessmentModel
.add(req
.user
._id
, ObjectId(cid
), name
, (err
,assessment
) => {
23 access
.checkRequest(res
, err
, assessment
, "Assessment addition failed", () => {
29 router
.post("/update/assessment", access
.ajax
, access
.logged
, (req
,res
) => {
30 const assessment
= JSON
.parse(req
.body
["assessment"]);
31 let error
= validator(assessment
, "Assessment");
33 return res
.json({errmsg:error
});
34 assessment
.introduction
= sanitizeHtml(assessment
.introduction
, sanitizeOpts
);
35 assessment
.conclusion
= sanitizeHtml(assessment
.conclusion
, sanitizeOpts
);
36 assessment
.questions
.forEach( q
=> {
37 q
.wording
= sanitizeHtml(q
.wording
, sanitizeOpts
);
38 //q.answer = sanitizeHtml(q.answer); //if text (TODO: it's an array in this case?!)
39 for (let i
=0; i
<q
.options
.length
; i
++) //if QCM
40 q
.options
[i
] = sanitizeHtml(q
.options
[i
], sanitizeOpts
);
42 AssessmentModel
.update(req
.user
._id
, assessment
, (err
,ret
) => {
43 access
.checkRequest(res
, err
, ret
, "Assessment update failed", () => {
49 // Generate and set student password, return it
50 router
.get("/start/assessment", access
.ajax
, (req
,res
) => {
51 let number
= req
.query
["number"];
52 let aid
= req
.query
["aid"];
53 let password
= req
.cookies
["password"]; //potentially from cookies, resuming
54 let error
= validator({ _id:aid
, papers:[{number:number
,password:password
|| "samplePwd"}] }, "Assessment");
56 return res
.json({errmsg:error
});
57 AssessmentModel
.startSession(ObjectId(aid
), number
, password
, (err
,ret
) => {
58 access
.checkRequest(res
,err
,ret
,"Failed session initialization", () => {
62 res
.cookie("password", ret
.password
, {
64 maxAge: params
.cookieExpire
,
67 res
.json(ret
); //contains questions+password(or paper if resuming)
72 router
.get("/send/answer", access
.ajax
, (req
,res
) => {
73 let aid
= req
.query
["aid"];
74 let number
= req
.query
["number"];
75 let password
= req
.query
["password"];
76 let input
= JSON
.parse(req
.query
["answer"]);
77 let error
= validator({ _id:aid
, papers:[{number:number
,password:password
,inputs:[input
]}] }, "Assessment");
79 return res
.json({errmsg:error
});
80 AssessmentModel
.newAnswer(ObjectId(aid
), number
, password
, input
, (err
,ret
) => {
81 access
.checkRequest(res
,err
,ret
,"Cannot send answer", () => {
87 router
.get("/end/assessment", access
.ajax
, (req
,res
) => {
88 let aid
= req
.query
["aid"];
89 let number
= req
.query
["number"];
90 let password
= req
.query
["password"];
91 let error
= validator({ _id:aid
, papers:[{number:number
,password:password
}] }, "Assessment");
93 return res
.json({errmsg:error
});
94 // Destroy pwd, set endTime, return conclusion
95 AssessmentModel
.endSession(ObjectId(aid
), number
, password
, (err
,conclusion
) => {
96 access
.checkRequest(res
,err
,conclusion
,"Cannot end assessment", () => {
97 res
.clearCookie('password');
103 module
.exports
= router
;