• last updated 11 hours ago
Constraints: committers
Constraints: files
Constraints: dates
added tailored title for "logout button, fixed typos in message catalog

reduce further redundancy

    • -25
    • +13
reduce frequent small SQL queries and streamline code

    • -19
    • +28
removed deprecated call to db_quote

use ns_dbquotevalue instead

add possibility to filter for state

tighten edit rights for answer workflows

VS: ----------------------------------------------------------------------

remove some obsolete files

    • -72
    • +0
    • -151
    • +0
Fully qualify the parameter command to not conflict with the class having the same name in the ::xo namespace

tighten policy for viewing an exam

fix collateral damage on cleanup (never trust to much on watching files)

Make so that upon package deletion, also the leftover site nodes are deleted (if they do no have children nodes)

prefer standard OpenACS API for accessing parameters

    • -3
    • +4
    • -2
    • +2
file TestItemPoolQuestion.form.page was initially added on branch oacs-5-10.

Support for pool questions in the test-item family


- select random questions from some folder

(Currently siblings, i.e., folders of the same package instance)

- one exam can have multiple pool questions, potentially from other pools

- pools can be links to other folders (which are no siblings)

- The current folder can be used as well as a pool folder. In this

case, other not-used items can be selected as replacement items

given these match the specified filter characteristics

- Question filtering

* filter by item type:

allow one to select from all/some/some item types

(mc, sc, short text, reordering, composite, ...):

use as replacement items only examples of these types

* filter by minutes and/or points:

use as replacement items only items with matching points/minutes

* filter by language:

use as replacement items only items in a certain language

* Filter per item name pattern:

use as replacement items only items matching a name.

When (short-) names are used systematically, one can e.g.

use the date in the name and specify only items from e.g.

one year ago, via "*2020*", or from some chapter "*ch01", ...

Certainly, it is also possible to use different item

folders for this

Potential further steps:

- Currently, exams containing pool questions are treated as

auto-correctable (which implies automated exam-review (Einsicht), when

from the question pools only question from strictly closed questions

are selected (MC, SC, Ordering). Depending on the detailed settings,

also other item types could be possible (via correct-when), but this

requires a deeper analysis of every question, which is so far not


- Categorized items: technically, the infrastructure is mostly here to

allow also filtering by categories. This would allow one to select

e.g. from technical questions, case examples, knowledge transfer

questions, research-oriented questions... which are orthogonal to

the filtering currently available. Every lecturer can define

own categories depending on their needs, we could provide

university-wide category-trees, etc. Of course, one could also

define separate pools for these purposes, but categorizing is

probably more convenient and more flexible.

- Performance: when question pools become large (500+ questions) and

the cohorts as well (500+), the current version might require more

tuning. The only critical time is the exam-start, where the random

question placeholders have to be resolved for every student. The

approach from this weekend uses basic caching, but maybe this has to

be extended.

- Protecting selected questions: Question pools are more detached from

an exam than single exercises, a lecturer might have in mind. One

should not allow one to delete questions/question pools when these are

in use. Probably deletion should be a move to a trash-can, which is

actually, an issue for all exams, but getting more important with

pool questions.

- Handling of potential duplicates: When items are pulled from a

question pool, a replacement item is selected by making sure that

this item does not occur already in the query selection. Therefore,

one can safely draw two questions from the same question pool

without fearing that a student gets the same question twice.

This duplicate checking might require some fine-tuning:

* the system checks for duplicates in an exam via POOL/NAME.

* if a lecturer uses two pool-questions in an exam pointing to the same pool,

the systems makes sure, the same question is not used twice.

* however, if a teacher adds a question q1 to pool1 and the same question to pool2,

these two instances have different item ids and are regarded as two different

questions. One could make a test for only checking NAME (without POOL),

but then it might be the case that certain questions are not accepted

although these are different, because they have the same name.

- Statistics: so far, i have not provided any special answer

statistics for treating pool questions.

    • -1
    • +11
    • -95
    • +698
    • -1
    • +10
    • -2
    • +2
fix title of form-page (was probably a cut&paste leftover)

provide tailed labels in table of contents for instances of the edit-interaction workflow

minor cleanup and improved documentation

    • -7
    • +14
ease usage of "folder" includelet functions in other code by provide defaults

    • -18
    • +24
added optional link to "new" pulldown menu

Don't complain when flushing per-thread cache without content

Added per-request-cache for parameter::get similar to parameter handling in xotcl-core

This change improves scalability especially on sites with high numbers

of concurrent requests by reducing the number of required locks in

general. This change keeps the parameter dict in a per-request cache

to reduce potentially high number of nsv locks, when parameters of a

package are queried a often per request. Without this change we see on

some sites > 100 locks on the ad_param-nsv per request. Alone the

request-procesor queries a larger set of parameters from the acs-core

package, which requires now a single lock operation.

Using the per-request cache has the advantave of avoiding locks and

keeping the internal representations of tcl-objs (whereas ns_cache or

nsvs use plain strings).

extend/debug simplified where/unless query language

    • -17
    • +36
modernize idiom

use fully qualified cmd name in directdispatch

    • -2
    • +2
Added support for tailored messages when autosave is rejected

Optionally, the AJAX call from autosave can be answered with

a JSON structure containing a "feedback". If this is provided, this

is presented to the user. The mechanism can be extended in the

future to include some reason code, etc. for further automatic

processing in JavaScript.

With this change, the inclass-exam-answer workflow will use this

to comminicate the reasone for rejected autosave operations in

situations, where the examtime is up.

keep track of position of a question in the form for correct scrambling also for filtering by form object

background: randomization depends on the per-user random values and by the position

of a test-item in an exam. If one is filtering just for the test-item,

the position of this item in the exam was lost. Now, we keep track

in the filtering cases

minor update of call pattern and debug line

mitigate attacks, where the referer header field is changed to a malicious value

The problem does not exist, when CSP is defined properly.

Many thanks to Frank Bergmann for sharing the pen-test protocol

make sure, the end_clock is always an integer (as required by "clock format")

improve input checking

    • -7
    • +16