This commit is contained in:
Ross
2021-12-22 18:03:45 +00:00
parent 6214be9939
commit 5680abf95e
2 changed files with 7 additions and 6 deletions
+6 -5
View File
@@ -228,8 +228,9 @@ def loadJsonAnswer(answer):
# TODO Update to only allow valid Candidates
eid = int(answer["eid"].split("/")[1])
cid = int(answer["cid"])
# As access is not restricted make sure the data appears valid
if (not isinstance(answer["cid"], int)) or (
if (not isinstance(cid, int)) or (
not isinstance(eid, int) or (not isinstance(answer["ans"], str))
):
return False, JsonResponse(
@@ -238,13 +239,13 @@ def loadJsonAnswer(answer):
# The model should catch invalid data but this should be less intensive
max_int = 999999999999999999999
if answer["cid"] > max_int or eid > max_int:
if cid > max_int or eid > max_int:
return False, JsonResponse({"success": False, "error": "invalid cid"})
exam = get_object_or_404(Exam, pk=eid)
if not exam.check_cid_user(answer["cid"], answer["passcode"]):
if not exam.check_cid_user(cid, answer["passcode"]):
return False, JsonResponse(
{"success": False, "error": "invalid cid / passcode"}
)
@@ -255,11 +256,11 @@ def loadJsonAnswer(answer):
# )
exiting_answers = CidUserAnswer.objects.filter(
question__id=answer["qid"], exam__id=eid, cid=answer["cid"]
question__id=answer["qid"], exam__id=eid, cid=cid
)
if not exiting_answers:
ans = CidUserAnswer(answer=answer["ans"], cid=answer["cid"])
ans = CidUserAnswer(answer=answer["ans"], cid=cid)
ans.question_id = answer["qid"]
ans.exam_id = eid
ans.score = Answer.MarkOptions.UNMARKED
+1 -1
View File
@@ -1318,7 +1318,7 @@ def group_email(request, pk, resend=False):
if resend:
users = group.ciduser_set.filter()
else:
users = gGroup.ciduser_set.filter(login_email_sent=False)
users = group.ciduser_set.filter(login_email_sent=False)
sent = []
not_sent = []