From 30de8736770c3ab4f963aa4a334ff33a7aece2aa Mon Sep 17 00:00:00 2001 From: ks129 <45097959+ks129@users.noreply.github.com> Date: Fri, 18 Dec 2020 15:52:36 +0200 Subject: Add PATCH method to form endpoint --- backend/routes/forms/form.py | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/backend/routes/forms/form.py b/backend/routes/forms/form.py index c953135..b88f464 100644 --- a/backend/routes/forms/form.py +++ b/backend/routes/forms/form.py @@ -1,6 +1,7 @@ """ -Returns or deletes a single form given an ID. +Returns, updates or deletes a single form given an ID. """ +from pydantic import ValidationError from spectree.response import Response from starlette.authentication import requires from starlette.requests import Request @@ -13,7 +14,7 @@ from backend.validation import OkayResponse, api, ErrorMessage class SingleForm(Route): """ - Returns or deletes a single form given an ID. + Returns, updates or deletes a single form given an ID. Returns all fields for admins, otherwise only public fields. """ @@ -39,6 +40,35 @@ class SingleForm(Route): return JSONResponse({"error": "not_found"}, status_code=404) + @requires(["authenticated", "admin"]) + @api.validate( + resp=Response( + HTTP_200=OkayResponse, + HTTP_400=ErrorMessage, + HTTP_404=ErrorMessage + ), + tags=["forms"] + ) + async def patch(self, request: Request) -> JSONResponse: + """Updates form by ID.""" + data = await request.json() + + if raw_form := await request.state.db.forms.find_one( + {"_id": request.path_params["form_id"]} + ): + if "_id" in data or "id" in data: + return JSONResponse({"error": "locked_field"}, status_code=400) + + raw_form.update(data) + try: + form = Form(**raw_form) + except ValidationError as e: + return JSONResponse(e.errors(), status_code=400) + + return JSONResponse(form.dict()) + else: + return JSONResponse({"error": "not_found"}, status_code=404) + @requires(["authenticated", "admin"]) @api.validate( resp=Response(HTTP_200=OkayResponse, HTTP_404=ErrorMessage), -- cgit v1.2.3 From 473f61d77b54c6974adc03d7b600ef6806806487 Mon Sep 17 00:00:00 2001 From: ks129 <45097959+ks129@users.noreply.github.com> Date: Fri, 18 Dec 2020 19:22:19 +0200 Subject: Actually update form in DB in PATCH method --- backend/routes/forms/form.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/backend/routes/forms/form.py b/backend/routes/forms/form.py index b88f464..55f78df 100644 --- a/backend/routes/forms/form.py +++ b/backend/routes/forms/form.py @@ -65,6 +65,11 @@ class SingleForm(Route): except ValidationError as e: return JSONResponse(e.errors(), status_code=400) + await request.state.db.forms.replace_one( + {"_id": request.path_params["form_id"]}, + form.dict() + ) + return JSONResponse(form.dict()) else: return JSONResponse({"error": "not_found"}, status_code=404) -- cgit v1.2.3 From 1b82bac0767003edf1e848e1d855b1a54291972b Mon Sep 17 00:00:00 2001 From: ks129 <45097959+ks129@users.noreply.github.com> Date: Fri, 18 Dec 2020 19:22:55 +0200 Subject: Update status code of pydantic errors response Co-authored-by: Joe Banks --- backend/routes/forms/form.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/routes/forms/form.py b/backend/routes/forms/form.py index 55f78df..b87c7cf 100644 --- a/backend/routes/forms/form.py +++ b/backend/routes/forms/form.py @@ -63,7 +63,7 @@ class SingleForm(Route): try: form = Form(**raw_form) except ValidationError as e: - return JSONResponse(e.errors(), status_code=400) + return JSONResponse(e.errors(), status_code=422) await request.state.db.forms.replace_one( {"_id": request.path_params["form_id"]}, -- cgit v1.2.3