diff options
| author |  Hassan Abouelela <[email protected]> | 2022-02-05 17:39:33 +0400 |
|---|---|---|
| committer | Hassan Abouelela <[email protected]> | 2022-02-05 18:27:11 +0400 |
| commit | 513de6945d40b66368a061dff6a81646e8bda7a0 (patch) | |
| tree | 64f3ad8670cc9c1fffb6c8c2c0a5e9a8da04582f /backend/models | |
| parent | Overhaul Scope System (diff) | |
Add Role Based Authorized Readers
Adds a new property on forms to declare which roles are authorized to
access form responses.
Signed-off-by: Hassan Abouelela <[email protected]>
Diffstat (limited to 'backend/models')
| -rw-r--r-- | backend/models/form.py | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/backend/models/form.py b/backend/models/form.py index f19ed85..45a7e0b 100644 --- a/backend/models/form.py +++ b/backend/models/form.py @@ -1,10 +1,10 @@ import typing as t import httpx -from pydantic import constr, BaseModel, Field, root_validator, validator +from pydantic import BaseModel, Field, constr, root_validator, validator from pydantic.error_wrappers import ErrorWrapper, ValidationError -from backend.constants import FormFeatures, WebHook +from backend.constants import DISCORD_GUILD, FormFeatures, WebHook from .question import Question PUBLIC_FIELDS = [ @@ -43,6 +43,7 @@ class Form(BaseModel): submitted_text: t.Optional[str] = None webhook: _WebHook = None discord_role: t.Optional[str] + response_readers: t.Optional[list[str]] class Config: allow_population_by_field_name = True @@ -67,6 +68,13 @@ class Form(BaseModel): return value + @validator("response_readers") + def validate_role_scoping(cls, value: t.Optional[list[str]]): + """Ensure special role based permissions aren't granted to the @everyone role.""" + if value and str(DISCORD_GUILD) in value: + raise ValueError("You can not add the everyone role as an access scope.") + return value + @root_validator def validate_role(cls, values: dict[str, t.Any]) -> t.Optional[dict[str, t.Any]]: """Validates does Discord role provided when flag provided.""" |