From 0108615be0eaefa1419bc2aa29c7fa33407a16f1 Mon Sep 17 00:00:00 2001
From: Joe Banks <joseph@josephbanks.me>
Date: Sun, 13 Dec 2020 19:24:40 +0000
Subject: Fix data sanitization method

---
 backend/models/form.py | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/backend/models/form.py b/backend/models/form.py
index 400f8ad..95bc50f 100644
--- a/backend/models/form.py
+++ b/backend/models/form.py
@@ -37,4 +37,18 @@ class Form(BaseModel):
     def dict(self, admin: bool = True, **kwargs: t.Dict) -> t.Dict[str, t.Any]:
         """Wrapper for original function to exclude private data for public access."""
         data = super().dict(**kwargs)
-        return {field: data[field] for field in PUBLIC_FIELDS} if admin else data
+        
+        returned_data = {}
+        
+        if not admin:
+            for field in PUBLIC_FIELDS:
+                if field == "_id" and kwargs.get("by_alias"):
+                    fetch_field = "_id"
+                else:
+                    fetch_field = field
+                    
+                 returned_data[field] = data[fetch_field]
+        else:
+            returned_data = data
+
+        return returned_data
-- 
cgit v1.2.3


From 449f6737c1a755a105413013991e64a3b0db6912 Mon Sep 17 00:00:00 2001
From: Joe Banks <joseph@josephbanks.me>
Date: Sun, 13 Dec 2020 19:25:48 +0000
Subject: Fix dodgy indent and wrong field name

---
 backend/models/form.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/backend/models/form.py b/backend/models/form.py
index 95bc50f..0b436e4 100644
--- a/backend/models/form.py
+++ b/backend/models/form.py
@@ -42,12 +42,12 @@ class Form(BaseModel):
         
         if not admin:
             for field in PUBLIC_FIELDS:
-                if field == "_id" and kwargs.get("by_alias"):
+                if field == "id" and kwargs.get("by_alias"):
                     fetch_field = "_id"
                 else:
                     fetch_field = field
                     
-                 returned_data[field] = data[fetch_field]
+                returned_data[field] = data[fetch_field]
         else:
             returned_data = data
 
-- 
cgit v1.2.3


From 2386a994adc56f03e193c1cefd7f66330bc31501 Mon Sep 17 00:00:00 2001
From: Joe Banks <joseph@josephbanks.me>
Date: Sun, 13 Dec 2020 19:27:05 +0000
Subject: Fix whitespace errors

---
 backend/models/form.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/backend/models/form.py b/backend/models/form.py
index 0b436e4..2cf8486 100644
--- a/backend/models/form.py
+++ b/backend/models/form.py
@@ -37,16 +37,16 @@ class Form(BaseModel):
     def dict(self, admin: bool = True, **kwargs: t.Dict) -> t.Dict[str, t.Any]:
         """Wrapper for original function to exclude private data for public access."""
         data = super().dict(**kwargs)
-        
+
         returned_data = {}
-        
+
         if not admin:
             for field in PUBLIC_FIELDS:
                 if field == "id" and kwargs.get("by_alias"):
                     fetch_field = "_id"
                 else:
                     fetch_field = field
-                    
+
                 returned_data[field] = data[fetch_field]
         else:
             returned_data = data
-- 
cgit v1.2.3