This way we know the student has seen it given that student_view should
only be called when it's rendered for viewing. Changed the randomize's
history field from a json String to xblock.fields.List as it should have
been in the first place. Randomize history is now always stored
regardless of no_repeats, however, no_repeats must still be specified in
order to prevent duplicates.

Problems can now be suspended by adding a 'suspended' xml attribute to
the <randomize> tag. To suspend a problem simply specify a comma
separated list of problem url_name's in the 'suspended' xml attribute.
Previously setting any attribute at the <problem> level was causing the
system to drop grades for any student that had successfully completed a
suspended problem. This new approach for suspended problem fixes that
issue.

The StudentModuleHistory db entries are filled with incomplete/invalid
entries. Add more checks to ensure the state is complete with attempts,
correct_map, and student_answers and ensure that both grade and
max_grade are not null. There are also some entries whose score doesn't
match the correct_map which we filter by manually counting the
'correctness'='correct' entries in the correct_map and comparing that to
the grade.

Can't compare JSON strings reliably since the order of keys may change
between loads/dumps.

This shows the entire submission history for every problem in a course
for a given user. Takes a course id and student username as input.

Staff users can now navigate to a problem, click 'Proctor Submission
History' button in the proctor admin panel, type a username and view
the user's attempts for each problem they've attempted within the
problem bank.

This is similar to courseware.views.submission_history except that:

1. It works for a list of locations and returns a dictionary rather than a Fragment
2. It filters StudentModuleHistory to those that have 'attempts' in their state.
3. It strips any duplicate (ie identical state) StudentModuleHistory entries.
4. It propagates all exceptions

The proctor server's status call now additionally returns whether the
problem has been requested or not. If it's not been requested yet the
proctor xmodule now automatically submits a request on behalf of the
user. This completely skips the 'request access' page when MIT card
integration is active.

* Use params for GET calls and data for POST

* Update the filter on the list of assignments to reset to include
  assignments that have None for 'earned' or 'attempted'.
* Added --wipe-randomize-history flag to reset_attempts which blasts the
  randomize history for users that have seen/attempted all problems
  (should only be used for testing!)
* Added 'Wipe randomize history?' checkbox to proctor student admin form
* Moved cache/modulestore/signal configuration out of the reset_attempts
  and attempt_stats management command and into module_tree_reset module
* Use student.email instead of student.username + '@mit.edu'

Runs a Python script within the edx platform's lms environment.

* Updated URLs to match latest urls in xproctor repo.
* Use POST for the request call and GET for status.
* Reuse status() in is_released()

(cherry picked from commit 2c8f82f0)

Conflicts:
	AUTHORS

Updated handle_ajax to explicitly handle each proctor server command
individually without accepting any parameters from the client. This
completely avoids users being able to interact with the proctor server
API directly. Updated the JS code to do a POST when requesting access
(TODO: proctor server still needs to be updated to require POST - for
now the proctor xmodule still uses GET under the hood until this
gets changed)

Turns out we can avoid the weird collectstatic issue (extra hash at end
of js filename) by not invoking leanModal from javascript at all.
Instead just use static namespace from 'static_content.html'
and put rel="leanModal" in the <a> DOM element that links to the modal
DOM tree via it's href attribute.

Combined the 'release' and 'disable' dispatch urls in handle_ajax into a
single 'override' dispatch. The new 'override' dispatch expects the user
to POST and toggles the proctor xmodule's staff_release based on the
'enabled' key (true or false) in the request data.

Updated the client js to connect to the ProctorModule via
system.ajax_url and updated the ProctorModule to proxy the requests to
the proctor server. This avoids disclosing both the proctor server url
and basic auth username/password in the LMS html source. This also
removes the need for CORS.

edx-platform's collectstatic is broken for some reason and adding an
extra hash to the filename.

Support a new 'hidden' xml attribute for <problem>. If set to 'true' the
problem will be excluded from the list of choices within the randomize
xmodule.

* Added proctor admin buttons for staff override and student reset -
  uses the same buttons/theme as staff debug/submission history.
  These buttons are *always* visible at the top of the page for staff
  users. The override button shows the current override status and the
  student admin button displays a modal with a form to reset a given
  user.
* Combined all proctor templates into proctor.html
* Removed all proctor JS alert() calls

StudentModule.state is allowed to be None (null=True, blank=True) so
json.loads calls have to provide a default in this case (e.g. '{}').

* Add _get_student_obj that fetches and returns the django user if the
  input is a string otherwise returns the original input
* Updated all ProctorModuleInfo methods that take 'student' as an arg to
  use _get_student_obj
* Changed 'student' kwarg to required arg in get_grades

* Require staff in randomize xmodule's handle_ajax!!!
* Use .val() instead of .text() in rand_jump JS
* Disable all alert() calls when using 'next' or 'jump' controls

...will be reimplemented in Proctor xmodule soon.

StudentModule specifies student, course id, and module state key must
all be unique together. The reset code in module_tree_reset was calling
get without specifying course_id which means if two courses (with
different course ids) share the same users and module state keys then
calling StudentModule.objects.get with only the student and module state
key raises an error for users that tried both courses. Specifying all
unique_together fields fixes the issue.