// Validate grading capability and stop and log unauthorized access.
if (!$usercangrade && !$ownsubmission && !has_capability('mod/emarking:submit', $context)) {
$item = array('context' => $context, 'objectid' => $draft->id);
// Add to Moodle log so some auditing can be done.
\mod_emarking\event\unauthorizedajax_attempted::create($item)->trigger();
emarking_json_error('Unauthorized access!');
}
// Ping action for fast validation of user logged in and communication with server.
if ($action === 'ping') {
include '../version.php';
// Start with a default Node JS path, and get the configuration one if any.
$nodejspath = 'http://127.0.0.1:9091';
if (isset($CFG->emarking_nodejspath)) {
$nodejspath = $CFG->emarking_nodejspath;
}
emarking_json_array(array('user' => $USER->id, 'student' => $userid, 'username' => $USER->firstname . ' ' . $USER->lastname, 'realUsername' => $USER->username, 'groupID' => $emarking->id, 'sesskey' => $USER->sesskey, 'adminemail' => $CFG->supportemail, 'cm' => $cm->id, 'studentanonymous' => $studentanonymous ? 'true' : 'false', 'markeranonymous' => $markeranonymous ? 'true' : 'false', 'readonly' => $readonly, 'supervisor' => $issupervisor, 'markingtype' => $emarking->type, 'totalTests' => $totaltest, 'inProgressTests' => $inprogesstest, 'publishedTests' => $publishtest, 'heartbeat' => $emarking->heartbeatenabled, 'linkrubric' => $linkrubric, 'collaborativefeatures' => $emarking->collaborativefeatures, 'coursemodule' => $cm->id, 'nodejspath' => $nodejspath, 'motives' => emarking_get_regrade_motives(), 'keywords' => $emarking->keywords, 'version' => $plugin->version));
}
$url = new moodle_url('/mod/emarking/ajax/a.php', array('ids' => $ids, 'action' => $action, 'pageno' => $pageno));
// Switch according to action.
switch ($action) {
case 'addchatmessage':
$output = emarking_add_chat_message();
emarking_json_array($output);
break;
case 'addcomment':
emarking_check_grade_permission($readonly, $draft, $context);
$output = emarking_add_comment($submission, $draft);
emarking_json_array($output);
break;
case 'addmark':
emarking_check_grade_permission($readonly, $draft, $context);
} else {
if ($usercangrade == 1 && $issupervisor == 1) {
$userRole = "teacher";
}
}
$linkrubric = $emarking->linkrubric;
// $totaltest, $inprogesstest, $publishtest
// Ping action for fast validation of user logged in and communication with server
if ($action === 'ping') {
include "../version.php";
// Start with a default Node JS path, and get the configuration one if any
$nodejspath = 'http://127.0.0.1:9091';
if (isset($CFG->emarking_nodejspath)) {
$nodejspath = $CFG->emarking_nodejspath;
}
emarking_json_array(array('user' => $USER->id, 'student' => $userid, 'username' => $USER->firstname . " " . $USER->lastname, 'realUsername' => $USER->username, 'role' => $userRole, 'groupID' => $emarking->id, 'sesskey' => $USER->sesskey, 'adminemail' => $CFG->supportemail, 'cm' => $cm->id, 'studentanonymous' => $studentanonymous ? "true" : "false", 'markeranonymous' => $markeranonymous ? "true" : "false", 'hascapability' => $usercangrade, 'supervisor' => $issupervisor, 'markingtype' => $emarking->type, 'totalTests' => $totaltest, 'inProgressTests' => $inprogesstest, 'publishedTests' => $publishtest, 'agreeLevel' => $agreeLevelAvg, 'heartbeat' => $emarking->heartbeatenabled, 'linkrubric' => $linkrubric, 'collaborativefeatures' => $emarking->collaborativefeatures, 'coursemodule' => $cm->id, 'nodejspath' => $nodejspath, 'motives' => emarking_get_regrade_motives(), 'version' => $module->version));
}
// Now require login so full security is checked
require_login($course->id, false, $cm);
$url = new moodle_url('/mod/emarking/ajax/a.php', array('ids' => $ids, 'action' => $action, 'pageno' => $pageno));
$readonly = true;
// Validate grading capability and stop and log unauthorized access
if (!$usercangrade) {
// If the student owns the exam
if ($ownsubmission) {
$readonly = true;
} else {
if (has_capability('mod/emarking:submit', $context)) {
// If the student belongs to the course and is allowed to submit
$readonly = true;
} else {