diff options
author | 2022-06-13 22:48:41 +0400 | |
---|---|---|
committer | 2022-06-13 22:48:41 +0400 | |
commit | f886a7f279cf29e2997ad8ef721e0cd1d1a2529c (patch) | |
tree | f55186a886c6d0304d5643a0b74c5cf0b50f6b46 /backend | |
parent | Merge pull request #170 from python-discord/dependabot/pip/httpx-0.23.0 (diff) |
Fix Error For Unauthorized Form Access
Fixes an error where accessing a form without having the proper
authorization would cause an unexpected state and raise a 500.
Closes #175.
Signed-off-by: Hassan Abouelela <[email protected]>
Diffstat (limited to 'backend')
-rw-r--r-- | backend/routes/forms/form.py | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/backend/routes/forms/form.py b/backend/routes/forms/form.py index 567c197..369dc9f 100644 --- a/backend/routes/forms/form.py +++ b/backend/routes/forms/form.py @@ -42,7 +42,7 @@ class SingleForm(Route): if not constants.PRODUCTION and form_id == EMPTY_FORM.id: # Empty form to help with authentication in development. return JSONResponse(EMPTY_FORM.dict(admin=False)) - raise + return JSONResponse({"error": "not_found"}, status_code=404) except discord.UnauthorizedError: admin = False @@ -53,7 +53,11 @@ class SingleForm(Route): if not admin: filters["features"] = {"$in": ["OPEN", "DISCOVERABLE"]} - form = Form(**await request.state.db.forms.find_one(filters)) + form = await request.state.db.forms.find_one(filters) + if not form: + return JSONResponse({"error": "not_found"}, status_code=404) + + form = Form(**form) if not admin: form = filter_unittests(form) |