From d30ac683746ecf92267884c2fc1ae654a7203dd4 Mon Sep 17 00:00:00 2001
From: ks129 <45097959+ks129@users.noreply.github.com>
Date: Thu, 24 Dec 2020 08:09:53 +0200
Subject: Use Pydantic validation instead manual validation

---
 backend/routes/admin.py | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'backend/routes/admin.py')

diff --git a/backend/routes/admin.py b/backend/routes/admin.py
index ef01fbd..08e97ce 100644
--- a/backend/routes/admin.py
+++ b/backend/routes/admin.py
@@ -1,6 +1,7 @@
 """
 Adds new admin user.
 """
+from pydantic import BaseModel, Field
 from spectree import Response
 from starlette.authentication import requires
 from starlette.requests import Request
@@ -10,6 +11,10 @@ from backend.route import Route
 from backend.validation import ErrorMessage, OkayResponse, api
 
 
+class AdminModel(BaseModel):
+    id: str = Field(alias="_id")
+
+
 class AdminRoute(Route):
     """Adds new admin user."""
 
@@ -18,14 +23,14 @@ class AdminRoute(Route):
 
     @requires(["authenticated", "admin"])
     @api.validate(
+        json=AdminModel,
         resp=Response(HTTP_200=OkayResponse, HTTP_400=ErrorMessage),
         tags=["admin"]
     )
     async def post(self, request: Request) -> JSONResponse:
         """Inserts new administrator user to DB."""
         data = await request.json()
-        if "id" not in data:
-            return JSONResponse({"error": "missing_id"}, status_code=400)
+        admin = AdminModel(**data)
 
-        await request.state.db.admins.insert_one({"_id": str(data["id"])})
+        await request.state.db.admins.insert_one(admin.dict(by_alias=True))
         return JSONResponse({"status": "ok"})
-- 
cgit v1.2.3