Merge branch 'main' into discord-webhook

Signed-off-by: Hassan Abouelela <[email protected]>

# Conflicts:
#	backend/routes/forms/submit.py

3 files changed, 38 insertions, 9 deletions

diff --git a/backend/models/antispam.py b/backend/models/antispam.py
index b16f686..b596d4d 100644
--- a/backend/models/antispam.py
+++ b/backend/models/antispam.py
@@ -7,4 +7,3 @@ class AntiSpam(BaseModel):
     ip_hash: str
     user_agent_hash: str
     captcha_pass: bool
-    dns_blacklisted: bool
diff --git a/backend/routes/forms/form.py b/backend/routes/forms/form.py
index c953135..b87c7cf 100644
--- a/backend/routes/forms/form.py
+++ b/backend/routes/forms/form.py
@@ -1,6 +1,7 @@
 """
-Returns or deletes a single form given an ID.
+Returns, updates or deletes a single form given an ID.
 """
+from pydantic import ValidationError
 from spectree.response import Response
 from starlette.authentication import requires
 from starlette.requests import Request
@@ -13,7 +14,7 @@ from backend.validation import OkayResponse, api, ErrorMessage
 
 class SingleForm(Route):
     """
-    Returns or deletes a single form given an ID.
+    Returns, updates or deletes a single form given an ID.
 
     Returns all fields for admins, otherwise only public fields.
     """
@@ -41,6 +42,40 @@ class SingleForm(Route):
 
     @requires(["authenticated", "admin"])
     @api.validate(
+        resp=Response(
+            HTTP_200=OkayResponse,
+            HTTP_400=ErrorMessage,
+            HTTP_404=ErrorMessage
+        ),
+        tags=["forms"]
+    )
+    async def patch(self, request: Request) -> JSONResponse:
+        """Updates form by ID."""
+        data = await request.json()
+
+        if raw_form := await request.state.db.forms.find_one(
+            {"_id": request.path_params["form_id"]}
+        ):
+            if "_id" in data or "id" in data:
+                return JSONResponse({"error": "locked_field"}, status_code=400)
+
+            raw_form.update(data)
+            try:
+                form = Form(**raw_form)
+            except ValidationError as e:
+                return JSONResponse(e.errors(), status_code=422)
+
+            await request.state.db.forms.replace_one(
+                {"_id": request.path_params["form_id"]},
+                form.dict()
+            )
+
+            return JSONResponse(form.dict())
+        else:
+            return JSONResponse({"error": "not_found"}, status_code=404)
+
+    @requires(["authenticated", "admin"])
+    @api.validate(
         resp=Response(HTTP_200=OkayResponse, HTTP_404=ErrorMessage),
         tags=["forms"]
     )
diff --git a/backend/routes/forms/submit.py b/backend/routes/forms/submit.py
index 5c0cfdd..82caa81 100644
--- a/backend/routes/forms/submit.py
+++ b/backend/routes/forms/submit.py
@@ -8,7 +8,6 @@ import uuid
 from typing import Any, Optional
 
 import httpx
-import pydnsbl
 from pydantic import ValidationError
 from pydantic.main import BaseModel
 from spectree import Response
@@ -77,9 +76,6 @@ class SubmitForm(Route):
                 user_agent_hash_ctx.update(request.headers["User-Agent"].encode())
                 user_agent_hash = binascii.hexlify(user_agent_hash_ctx.digest())
 
-                dsn_checker = pydnsbl.DNSBLIpChecker()
-                dsn_blacklist = await dsn_checker.check_async(request.client.host)
-
                 async with httpx.AsyncClient() as client:
                     query_params = {
                         "secret": HCAPTCHA_API_SECRET,
@@ -96,8 +92,7 @@ class SubmitForm(Route):
                 response["antispam"] = {
                     "ip_hash": ip_hash.decode(),
                     "user_agent_hash": user_agent_hash.decode(),
-                    "captcha_pass": captcha_data["success"],
-                    "dns_blacklisted": dsn_blacklist.blacklisted,
+                    "captcha_pass": captcha_data["success"]
                 }
 
             if FormFeatures.REQUIRES_LOGIN.value in form.features: