Runs a Python script within the edx platform's lms environment.

* Updated URLs to match latest urls in xproctor repo.
* Use POST for the request call and GET for status.
* Reuse status() in is_released()

(cherry picked from commit 2c8f82f0)

Conflicts:
	AUTHORS

Updated handle_ajax to explicitly handle each proctor server command
individually without accepting any parameters from the client. This
completely avoids users being able to interact with the proctor server
API directly. Updated the JS code to do a POST when requesting access
(TODO: proctor server still needs to be updated to require POST - for
now the proctor xmodule still uses GET under the hood until this
gets changed)

Turns out we can avoid the weird collectstatic issue (extra hash at end
of js filename) by not invoking leanModal from javascript at all.
Instead just use static namespace from 'static_content.html'
and put rel="leanModal" in the <a> DOM element that links to the modal
DOM tree via it's href attribute.

Combined the 'release' and 'disable' dispatch urls in handle_ajax into a
single 'override' dispatch. The new 'override' dispatch expects the user
to POST and toggles the proctor xmodule's staff_release based on the
'enabled' key (true or false) in the request data.

Updated the client js to connect to the ProctorModule via
system.ajax_url and updated the ProctorModule to proxy the requests to
the proctor server. This avoids disclosing both the proctor server url
and basic auth username/password in the LMS html source. This also
removes the need for CORS.

edx-platform's collectstatic is broken for some reason and adding an
extra hash to the filename.

Support a new 'hidden' xml attribute for <problem>. If set to 'true' the
problem will be excluded from the list of choices within the randomize
xmodule.

* Added proctor admin buttons for staff override and student reset -
  uses the same buttons/theme as staff debug/submission history.
  These buttons are *always* visible at the top of the page for staff
  users. The override button shows the current override status and the
  student admin button displays a modal with a form to reset a given
  user.
* Combined all proctor templates into proctor.html
* Removed all proctor JS alert() calls

StudentModule.state is allowed to be None (null=True, blank=True) so
json.loads calls have to provide a default in this case (e.g. '{}').

* Add _get_student_obj that fetches and returns the django user if the
  input is a string otherwise returns the original input
* Updated all ProctorModuleInfo methods that take 'student' as an arg to
  use _get_student_obj
* Changed 'student' kwarg to required arg in get_grades

* Require staff in randomize xmodule's handle_ajax!!!
* Use .val() instead of .text() in rand_jump JS
* Disable all alert() calls when using 'next' or 'jump' controls

...will be reimplemented in Proctor xmodule soon.

StudentModule specifies student, course id, and module state key must
all be unique together. The reset code in module_tree_reset was calling
get without specifying course_id which means if two courses (with
different course ids) share the same users and module state keys then
calling StudentModule.objects.get with only the student and module state
key raises an error for users that tried both courses. Specifying all
unique_together fields fixes the issue.

reset_3091_exam_attempts -> reset_attempts
get_submission_history_statistics -> attempt_stats

History tracking enables never selecting the same child twice. Currently
this functionality is tied to the randomize xmodule's use_randrange
attribute.

TODO: Add new xml attribute `no_repeats` to toggle history tracking

Massive code clean-up as well.

Massive code clean-up as well.

The 'index' view still contains baked-in course ids - will fix this
later ideally by getting rid of 'index' and using the instructor API
instead which mostly does the same thing.

cleaner than having periodic_check calling itself in a loop via
setTimeout

* pep8/pyflakes fixes
* removed old code