Fix data sanitization method

author: Joe Banks <[email protected]> 2020-12-13 19:24:40 +0000
committer: GitHub <[email protected]> 2020-12-13 19:24:40 +0000
commit: 0108615be0eaefa1419bc2aa29c7fa33407a16f1 (patch)
tree: ea8709dc5525bb43ea72d402652b2f5f5ea8bf90 /backend/models/form.py
parent: HTTPs URL in OAuth2 callback (diff)
1 files changed, 15 insertions, 1 deletions
diff --git a/backend/models/form.py b/backend/models/form.py
index 400f8ad..95bc50f 100644
--- a/backend/models/form.py
+++ b/backend/models/form.py
@@ -37,4 +37,18 @@ class Form(BaseModel):
     def dict(self, admin: bool = True, **kwargs: t.Dict) -> t.Dict[str, t.Any]:
         """Wrapper for original function to exclude private data for public access."""
         data = super().dict(**kwargs)
-        return {field: data[field] for field in PUBLIC_FIELDS} if admin else data
+        
+        returned_data = {}
+        
+        if not admin:
+            for field in PUBLIC_FIELDS:
+                if field == "_id" and kwargs.get("by_alias"):
+                    fetch_field = "_id"
+                else:
+                    fetch_field = field
+                    
+                 returned_data[field] = data[fetch_field]
+        else:
+            returned_data = data
+
+        return returned_data
author	Joe Banks <[email protected]>	2020-12-13 19:24:40 +0000
committer	GitHub <[email protected]>	2020-12-13 19:24:40 +0000
commit	0108615be0eaefa1419bc2aa29c7fa33407a16f1 (patch)
tree	ea8709dc5525bb43ea72d402652b2f5f5ea8bf90 /backend/models/form.py
parent	HTTPs URL in OAuth2 callback (diff)