diff options
| author |  Hassan Abouelela <[email protected]> | 2020-12-21 04:44:12 +0300 |
|---|---|---|
| committer | Hassan Abouelela <[email protected]> | 2020-12-21 04:44:31 +0300 |
| commit | 934be7a6c02d6f4e3741af5e1104a0d9822ea82d (patch) | |
| tree | dfa6e6779a451bc9bcf4ac22c3217ade1ccadee6 /backend/routes/forms | |
| parent | Adds and Documents Webhook Message Variables (diff) | |
| parent | Merge pull request #40 from python-discord/ks123/form-patch (diff) | |
Merge branch 'main' into discord-webhook
Signed-off-by: Hassan Abouelela <[email protected]>
# Conflicts:
# backend/routes/forms/submit.py
Diffstat (limited to 'backend/routes/forms')
| -rw-r--r-- | backend/routes/forms/form.py | 39 | ||||
| -rw-r--r-- | backend/routes/forms/submit.py | 7 |
2 files changed, 38 insertions, 8 deletions
diff --git a/backend/routes/forms/form.py b/backend/routes/forms/form.py index c953135..b87c7cf 100644 --- a/backend/routes/forms/form.py +++ b/backend/routes/forms/form.py @@ -1,6 +1,7 @@ """ -Returns or deletes a single form given an ID. +Returns, updates or deletes a single form given an ID. """ +from pydantic import ValidationError from spectree.response import Response from starlette.authentication import requires from starlette.requests import Request @@ -13,7 +14,7 @@ from backend.validation import OkayResponse, api, ErrorMessage class SingleForm(Route): """ - Returns or deletes a single form given an ID. + Returns, updates or deletes a single form given an ID. Returns all fields for admins, otherwise only public fields. """ @@ -41,6 +42,40 @@ class SingleForm(Route): @requires(["authenticated", "admin"]) @api.validate( + resp=Response( + HTTP_200=OkayResponse, + HTTP_400=ErrorMessage, + HTTP_404=ErrorMessage + ), + tags=["forms"] + ) + async def patch(self, request: Request) -> JSONResponse: + """Updates form by ID.""" + data = await request.json() + + if raw_form := await request.state.db.forms.find_one( + {"_id": request.path_params["form_id"]} + ): + if "_id" in data or "id" in data: + return JSONResponse({"error": "locked_field"}, status_code=400) + + raw_form.update(data) + try: + form = Form(**raw_form) + except ValidationError as e: + return JSONResponse(e.errors(), status_code=422) + + await request.state.db.forms.replace_one( + {"_id": request.path_params["form_id"]}, + form.dict() + ) + + return JSONResponse(form.dict()) + else: + return JSONResponse({"error": "not_found"}, status_code=404) + + @requires(["authenticated", "admin"]) + @api.validate( resp=Response(HTTP_200=OkayResponse, HTTP_404=ErrorMessage), tags=["forms"] ) diff --git a/backend/routes/forms/submit.py b/backend/routes/forms/submit.py index 5c0cfdd..82caa81 100644 --- a/backend/routes/forms/submit.py +++ b/backend/routes/forms/submit.py @@ -8,7 +8,6 @@ import uuid from typing import Any, Optional import httpx -import pydnsbl from pydantic import ValidationError from pydantic.main import BaseModel from spectree import Response @@ -77,9 +76,6 @@ class SubmitForm(Route): user_agent_hash_ctx.update(request.headers["User-Agent"].encode()) user_agent_hash = binascii.hexlify(user_agent_hash_ctx.digest()) - dsn_checker = pydnsbl.DNSBLIpChecker() - dsn_blacklist = await dsn_checker.check_async(request.client.host) - async with httpx.AsyncClient() as client: query_params = { "secret": HCAPTCHA_API_SECRET, @@ -96,8 +92,7 @@ class SubmitForm(Route): response["antispam"] = { "ip_hash": ip_hash.decode(), "user_agent_hash": user_agent_hash.decode(), - "captcha_pass": captcha_data["success"], - "dns_blacklisted": dsn_blacklist.blacklisted, + "captcha_pass": captcha_data["success"] } if FormFeatures.REQUIRES_LOGIN.value in form.features: |