Merge pull request #24 from python-discord/fix-data-sanitisation

1 files changed, 15 insertions, 1 deletions

diff --git a/backend/models/form.py b/backend/models/form.py
index 400f8ad..2cf8486 100644
--- a/backend/models/form.py
+++ b/backend/models/form.py
@@ -37,4 +37,18 @@ class Form(BaseModel):
     def dict(self, admin: bool = True, **kwargs: t.Dict) -> t.Dict[str, t.Any]:
         """Wrapper for original function to exclude private data for public access."""
         data = super().dict(**kwargs)
-        return {field: data[field] for field in PUBLIC_FIELDS} if admin else data
+
+        returned_data = {}
+
+        if not admin:
+            for field in PUBLIC_FIELDS:
+                if field == "id" and kwargs.get("by_alias"):
+                    fetch_field = "_id"
+                else:
+                    fetch_field = field
+
+                returned_data[field] = data[fetch_field]
+        else:
+            returned_data = data
+
+        return returned_data