python-discord
diff --git a/‎SCHEMA.md‎
Lines changed: 20 additions & 17 deletions b/‎SCHEMA.md‎
Lines changed: 20 additions & 17 deletions
diff --git a/‎backend/authentication/backend.py‎
Lines changed: 7 additions & 2 deletions b/‎backend/authentication/backend.py‎
Lines changed: 7 additions & 2 deletions
diff --git a/‎backend/authentication/user.py‎
Lines changed: 34 additions & 7 deletions b/‎backend/authentication/user.py‎
Lines changed: 34 additions & 7 deletions
diff --git a/‎backend/discord.py‎
Lines changed: 164 additions & 7 deletions b/‎backend/discord.py‎
Lines changed: 164 additions & 7 deletions
@@ -12,21 +12,24 @@ In this document:
 
 ## Form
 
-| Field               | Type                                      | Description                                                                               | Example                                  |
-| ------------------- | ----------------------------------------- | ----------------------------------------------------------------------------------------- | ---------------------------------------- |
-| `id`                | Unique identifier                         | A user selected, unique, descriptive identifier (used in URL routes, so no spaces)        | `"ban-appeals"`                          |
-| `features`          | List of [form features](#form-features)   | A list of features to change the behaviour of the form, described in the features section | `["OPEN", "COLLECT_EMAIL"]`              |
-| `questions`         | List of [form questions](#form-question)  | The list of questions to render on a specific form                                        | Too long! See below                      |
-| `name`              | String                                    | Name of the form                                                                          | `"Summer Code Jam 2100"`                 |
-| `description`       | String                                    | Form description                                                                          | `"This is my amazing form description."` |
-| `webhook`           | [Webhook object](#webhooks)               | An optional discord webhook.                                                              | See webhook documentation.               |
-| `submitted_text`    | Optional[String]                          | An optional string for the response upon submitting.                                      | `"This is my amazing form response."`    |
-| `discord_role`      | String (optional)                         | Discord role ID what will be assigned, required when `ASSIGN_ROLE` flag provided.         | `784467518298259466`                     |
+| Field              | Type                                     | Description                                                                                                      | Example                                        |
+|--------------------|------------------------------------------|------------------------------------------------------------------------------------------------------------------|------------------------------------------------|
+| `id`               | Unique identifier                        | A user selected, unique, descriptive identifier (used in URL routes, so no spaces)                               | `"ban-appeals"`                                |
+| `features`         | List of [form features](#form-features)  | A list of features to change the behaviour of the form, described in the features section                        | `["OPEN", "COLLECT_EMAIL"]`                    |
+| `questions`        | List of [form questions](#form-question) | The list of questions to render on a specific form                                                               | Too long! See below                            |
+| `name`             | String                                   | Name of the form                                                                                                 | `"Summer Code Jam 2100"`                       |
+| `description`      | String                                   | Form description                                                                                                 | `"This is my amazing form description."`       |
+| `webhook`          | [Webhook object](#webhooks)              | An optional discord webhook.                                                                                     | See webhook documentation.                     |
+| `submitted_text`   | Optional[String]                         | An optional string for the response upon submitting.                                                             | `"This is my amazing form response."`          |
+| `discord_role`     | String (optional)                        | Discord role ID what will be assigned, required when `ASSIGN_ROLE` flag provided.                                | `784467518298259466`                           |
+| `response_readers` | List[String]                             | Discord roles which can view the responses of the form. Can not be the everyone role.                            | `["267629731250176001", "825337057181696020"]` |
+| `editors`          | List[String]                             | Discord roles which have permission to edit, delete, or otherwise modify the form. Can not be the everyone role. | `["409416496733880320"]`                       |
+
 
 ### Form features
 
 | Flag               | Description                                                                   |
-| ------------------ | ----------------------------------------------------------------------------- |
+|--------------------|-------------------------------------------------------------------------------|
 | `DISCOVERABLE`     | The form should be displayed on the homepage of the forms application.        |
 | `REQUIRES_LOGIN`   | Requires the user to authenticate with Discord before completing the form.    |
 | `OPEN`             | The form is currently accepting responses.                                    |
@@ -39,7 +42,7 @@ In this document:
 Discord webhooks to send information upon form submission.
 
 | Field     | Type   | Description                                                                                               |
-| ----------| ------ | --------------------------------------------------------------------------------------------------------- |
+|-----------|--------|-----------------------------------------------------------------------------------------------------------|
 | `url`     | String | Discord webhook URL.                                                                                      |
 | `message` | String | An optional message to include before the embed. Can use certain [context variables](#webhook-variables). |
 
@@ -48,7 +51,7 @@ Discord webhooks to send information upon form submission.
 The following variables can be used in a webhook's message. The variables must be wrapped by braces (`{}`).
 
 | Name          | Description                                                                  |
-| ------------- | ---------------------------------------------------------------------------- |
+|---------------|------------------------------------------------------------------------------|
 | `user`        | A discord mention of the user submitting the form, or "User" if unavailable. |
 | `response_id` | ID of the submitted response.                                                |
 | `form`        | Name of the submitted form.                                                  |
@@ -59,7 +62,7 @@ The following variables can be used in a webhook's message. The variables must b
 ### Form question
 
 | Field      | Type                                     | Description                                      | Example              |
-| ---------- | ---------------------------------------- | ------------------------------------------------ | -------------------- |
+|------------|------------------------------------------|--------------------------------------------------|----------------------|
 | `id`       | string                                   | Unique identifier of the question                | `"aabbcc"`           |
 | `name`     | string                                   | Name of the question                             | `"What's the time?"` |
 | `type`     | one of [Question types](#question-types) | The type of input for this question              | `"radio"`            |
@@ -69,7 +72,7 @@ The following variables can be used in a webhook's message. The variables must b
 #### Question types
 
 | Name         | Description                                               |
-| ------------ | --------------------------------------------------------- |
+|--------------|-----------------------------------------------------------|
 | `radio`      | Radio buttons                                             |
 | `checkbox`   | Checkbox toggle                                           |
 | `select`     | Dropdown list                                             |
@@ -165,7 +168,7 @@ Textareas require no additional configuration.
 ## Form response
 
 | Field       | Type                                                 | Description                                                                 |
-| ----------- | ---------------------------------------------------- | --------------------------------------------------------------------------- |
+|-------------|------------------------------------------------------|-----------------------------------------------------------------------------|
 | `_id`/`id`  | MongoDB ObjectID                                     | Random identifier used for the response                                     |
 | `user`      | Optional [user details object](#user-details-object) | An object describing the user that submitted if the form is not anonymous   |
 | `antispam`  | Optional [anti spam object](#anti-spam-object)       | An object containing information about the anti-spam on the form submission |
@@ -197,7 +200,7 @@ The user details contains the information returned by Discord alongside an `admi
 The anti-spam object contains information about the source of the form submission.
 
 | Field             | Type    | Description                                     |
-| ----------------- | ------- | ----------------------------------------------- |
+|-------------------|---------|-------------------------------------------------|
 | `ip_hash`         | String  | hash of the submitting users IP address         |
 | `user_agent_hash` | String  | hash of the submitting users user agent         |
 | `captcha_pass`    | Boolean | Whether the user passsed the hCaptcha           |
 
@@ -5,6 +5,7 @@
 from starlette.requests import Request
 
 from backend import constants
+from backend import discord
 # We must import user such way here to avoid circular imports
 from .user import User
 
@@ -60,8 +61,12 @@ async def authenticate(
         except Exception:
             raise authentication.AuthenticationError("Could not parse user details.")
 
-        user = User(token, user_details)
-        if await user.fetch_admin_status(request):
+        user = User(
+            token, user_details, await discord.get_member(request.state.db, user_details["id"])
+        )
+        if await user.fetch_admin_status(request.state.db):
             scopes.append("admin")
 
+        scopes.extend(await user.get_user_roles(request.state.db))
+
         return authentication.AuthCredentials(scopes), user
@@ -1,20 +1,27 @@
+import typing
 import typing as t
 
 import jwt
+from pymongo.database import Database
 from starlette.authentication import BaseUser
-from starlette.requests import Request
 
+from backend import discord, models
 from backend.constants import SECRET_KEY
-from backend.discord import fetch_user_details
 
 
 class User(BaseUser):
     """Starlette BaseUser implementation for JWT authentication."""
 
-    def __init__(self, token: str, payload: dict[str, t.Any]) -> None:
+    def __init__(
+        self,
+        token: str,
+        payload: dict[str, t.Any],
+        member: typing.Optional[models.DiscordMember],
+    ) -> None:
         self.token = token
         self.payload = payload
         self.admin = False
+        self.member = member
 
     @property
     def is_authenticated(self) -> bool:
@@ -34,16 +41,36 @@ def discord_mention(self) -> str:
     def decoded_token(self) -> dict[str, any]:
         return jwt.decode(self.token, SECRET_KEY, algorithms=["HS256"])
 
-    async def fetch_admin_status(self, request: Request) -> bool:
-        self.admin = await request.state.db.admins.find_one(
+    async def get_user_roles(self, database: Database) -> list[str]:
+        """Get a list of the user's discord roles."""
+        if not self.member:
+            return []
+
+        server_roles = await discord.get_roles(database)
+        roles = [role.name for role in server_roles if role.id in self.member.roles]
+
+        if "admin" in roles:
+            # Protect against collision with the forms admin role
+            roles.remove("admin")
+            roles.append("discord admin")
+
+        return roles
+
+    async def fetch_admin_status(self, database: Database) -> bool:
+        self.admin = await database.admins.find_one(
             {"_id": self.payload["id"]}
         ) is not None
 
         return self.admin
 
-    async def refresh_data(self) -> None:
+    async def refresh_data(self, database: Database) -> None:
         """Fetches user data from discord, and updates the instance."""
-        self.payload = await fetch_user_details(self.decoded_token.get("token"))
+        self.member = await discord.get_member(database, self.payload["id"])
+
+        if self.member:
+            self.payload = self.member.user.dict()
+        else:
+            self.payload = await discord.fetch_user_details(self.decoded_token.get("token"))
 
         updated_info = self.decoded_token
         updated_info["user_details"] = self.payload
 
@@ -1,16 +1,22 @@
 """Various utilities for working with the Discord API."""
+
+import datetime
+import json
+import typing
+
 import httpx
+import starlette.requests
+from pymongo.database import Database
+from starlette import exceptions
 
-from backend.constants import (
-    DISCORD_API_BASE_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET
-)
+from backend import constants, models
 
 
 async def fetch_bearer_token(code: str, redirect: str, *, refresh: bool) -> dict:
     async with httpx.AsyncClient() as client:
         data = {
-            "client_id": OAUTH2_CLIENT_ID,
-            "client_secret": OAUTH2_CLIENT_SECRET,
+            "client_id": constants.OAUTH2_CLIENT_ID,
+            "client_secret": constants.OAUTH2_CLIENT_SECRET,
             "redirect_uri": f"{redirect}/callback"
         }
 
@@ -21,7 +27,7 @@ async def fetch_bearer_token(code: str, redirect: str, *, refresh: bool) -> dict
             data["grant_type"] = "authorization_code"
             data["code"] = code
 
-        r = await client.post(f"{DISCORD_API_BASE_URL}/oauth2/token", headers={
+        r = await client.post(f"{constants.DISCORD_API_BASE_URL}/oauth2/token", headers={
             "Content-Type": "application/x-www-form-urlencoded"
         }, data=data)
 
@@ -32,10 +38,161 @@ async def fetch_bearer_token(code: str, redirect: str, *, refresh: bool) -> dict
 
 async def fetch_user_details(bearer_token: str) -> dict:
     async with httpx.AsyncClient() as client:
-        r = await client.get(f"{DISCORD_API_BASE_URL}/users/@me", headers={
+        r = await client.get(f"{constants.DISCORD_API_BASE_URL}/users/@me", headers={
             "Authorization": f"Bearer {bearer_token}"
         })
 
         r.raise_for_status()
 
         return r.json()
+
+
+async def _get_role_info() -> list[models.DiscordRole]:
+    """Get information about the roles in the configured guild."""
+    async with httpx.AsyncClient() as client:
+        r = await client.get(
+            f"{constants.DISCORD_API_BASE_URL}/guilds/{constants.DISCORD_GUILD}/roles",
+            headers={"Authorization": f"Bot {constants.DISCORD_BOT_TOKEN}"}
+        )
+
+        r.raise_for_status()
+        return [models.DiscordRole(**role) for role in r.json()]
+
+
+async def get_roles(
+    database: Database, *, force_refresh: bool = False
+) -> list[models.DiscordRole]:
+    """
+    Get a list of all roles from the cache, or discord API if not available.
+
+    If `force_refresh` is True, the cache is skipped and the roles are updated.
+    """
+    collection = database.get_collection("roles")
+
+    if force_refresh:
+        # Drop all values in the collection
+        await collection.delete_many({})
+
+    # `create_index` creates the index if it does not exist, or passes
+    # This handles TTL on role objects
+    await collection.create_index(
+        "inserted_at",
+        expireAfterSeconds=60 * 60 * 24,  # 1 day
+        name="inserted_at",
+    )
+
+    roles = [models.DiscordRole(**json.loads(role["data"])) async for role in collection.find()]
+
+    if len(roles) == 0:
+        # Fetch roles from the API and insert into the database
+        roles = await _get_role_info()
+        await collection.insert_many({
+            "name": role.name,
+            "id": role.id,
+            "data": role.json(),
+            "inserted_at": datetime.datetime.now(tz=datetime.timezone.utc),
+        } for role in roles)
+
+    return roles
+
+
+async def _fetch_member_api(member_id: str) -> typing.Optional[models.DiscordMember]:
+    """Get a member by ID from the configured guild using the discord API."""
+    async with httpx.AsyncClient() as client:
+        r = await client.get(
+            f"{constants.DISCORD_API_BASE_URL}/guilds/{constants.DISCORD_GUILD}"
+            f"/members/{member_id}",
+            headers={"Authorization": f"Bot {constants.DISCORD_BOT_TOKEN}"}
+        )
+
+        if r.status_code == 404:
+            return None
+
+        r.raise_for_status()
+        return models.DiscordMember(**r.json())
+
+
+async def get_member(
+    database: Database, user_id: str, *, force_refresh: bool = False
+) -> typing.Optional[models.DiscordMember]:
+    """
+    Get a member from the cache, or from the discord API.
+
+    If `force_refresh` is True, the cache is skipped and the entry is updated.
+    None may be returned if the member object does not exist.
+    """
+    collection = database.get_collection("discord_members")
+
+    if force_refresh:
+        await collection.delete_one({"user": user_id})
+
+    # `create_index` creates the index if it does not exist, or passes
+    # This handles TTL on member objects
+    await collection.create_index(
+        "inserted_at",
+        expireAfterSeconds=60 * 60,  # 1 hour
+        name="inserted_at",
+    )
+
+    result = await collection.find_one({"user": user_id})
+
+    if result is not None:
+        return models.DiscordMember(**json.loads(result["data"]))
+
+    member = await _fetch_member_api(user_id)
+
+    if not member:
+        return None
+
+    await collection.insert_one({
+        "user": user_id,
+        "data": member.json(),
+        "inserted_at": datetime.datetime.now(tz=datetime.timezone.utc),
+    })
+    return member
+
+
+class FormNotFoundError(exceptions.HTTPException):
+    """The requested form was not found."""
+
+
+class UnauthorizedError(exceptions.HTTPException):
+    """You are not authorized to use this resource."""
+
+
+async def _verify_access_helper(
+    form_id: str, request: starlette.requests.Request, attribute: str
+) -> None:
+    """A low level helper to validate access to a form resource based on the user's scopes."""
+    form = await request.state.db.forms.find_one({"_id": form_id})
+
+    if not form:
+        raise FormNotFoundError(status_code=404)
+
+    # Short circuit all resources for forms admins
+    if "admin" in request.auth.scopes:
+        return
+
+    form = models.Form(**form)
+
+    for role_id in getattr(form, attribute, []):
+        role = await request.state.db.roles.find_one({"id": role_id})
+        if not role:
+            continue
+
+        role = models.DiscordRole(**json.loads(role["data"]))
+
+        if role.name in request.auth.scopes:
+            return
+
+    raise UnauthorizedError(status_code=401)
+
+
+async def verify_response_access(form_id: str, request: starlette.requests.Request) -> None:
+    """Ensure the user can access responses on the requested resource."""
+    await _verify_access_helper(form_id, request, "response_readers")
+
+
+async def verify_edit_access(form_id: str, request: starlette.requests.Request) -> None:
+    """Ensure the user can view and modify the requested resource."""
+    await _verify_access_helper(form_id, request, "editors")