diff options
Diffstat (limited to 'backend')
| -rw-r--r-- | backend/discord.py | 4 | ||||
| -rw-r--r-- | backend/routes/forms/form.py | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/backend/discord.py b/backend/discord.py index 5a734db..be12109 100644 --- a/backend/discord.py +++ b/backend/discord.py @@ -164,12 +164,12 @@ async def _verify_access_helper( form_id: str, request: starlette.requests.Request, attribute: str ) -> None: """A low level helper to validate access to a form resource based on the user's scopes.""" - form = await request.state.db.forms.find_one({"id": form_id}) + form = await request.state.db.forms.find_one({"_id": form_id}) if not form: raise FormNotFoundError(status_code=404) - # Short circuit all resources for admins + # Short circuit all resources for forms admins if "admin" in request.auth.scopes: return diff --git a/backend/routes/forms/form.py b/backend/routes/forms/form.py index b6c6f1d..567c197 100644 --- a/backend/routes/forms/form.py +++ b/backend/routes/forms/form.py @@ -78,7 +78,7 @@ class SingleForm(Route): form_id = request.path_params["form_id"].lower() await discord.verify_edit_access(form_id, request) - if raw_form := await request.state.db.forms.find_one({"id": form_id}): + if raw_form := await request.state.db.forms.find_one({"_id": form_id}): if "_id" in data or "id" in data: if (data.get("id") or data.get("_id")) != form_id: return JSONResponse({"error": "locked_field"}, status_code=400) @@ -97,7 +97,7 @@ class SingleForm(Route): except ValidationError as e: return JSONResponse(e.errors(), status_code=422) - await request.state.db.forms.replace_one({"id": form_id}, form.dict()) + await request.state.db.forms.replace_one({"_id": form_id}, form.dict()) return JSONResponse(form.dict()) else: |