Example #1
0
    def test_context_create(self):
        ref_context = mock.Mock()
        new_context = context.Context(context_object=ref_context)
        self.assertEqual(ref_context, new_context._context)

        new_context = context.Context()
        self.assertIsInstance(new_context._context, dict)
Example #2
0
    def test_is_module_imported_like(self):
        ref_context = dict(imports=[["spam"], ["eggs"]])
        new_context = context.Context(context_object=ref_context)
        self.assertTrue(new_context.is_module_imported_like("spam"))
        self.assertFalse(new_context.is_module_imported_like("bacon"))

        new_context = context.Context()
        self.assertFalse(new_context.is_module_imported_like("spam"))
Example #3
0
    def test_is_module_being_imported(self):
        ref_context = dict(module="spam")
        new_context = context.Context(context_object=ref_context)
        self.assertTrue(new_context.is_module_being_imported("spam"))
        self.assertFalse(new_context.is_module_being_imported("eggs"))

        new_context = context.Context()
        self.assertFalse(new_context.is_module_being_imported("spam"))
Example #4
0
    def test_node(self):
        expected_node = 'spam'
        ref_context = dict(node=expected_node)
        new_context = context.Context(context_object=ref_context)
        self.assertEqual(expected_node, new_context.node)

        new_context = context.Context()
        self.assertIsNone(new_context.node)
Example #5
0
    def test_filename(self):
        ref_context = dict(filename='spam.py')
        new_context = context.Context(context_object=ref_context)

        self.assertEqual(new_context.filename, 'spam.py')

        new_context = context.Context()
        self.assertIsNone(new_context.filename)
Example #6
0
    def test_is_module_imported_like(self):
        ref_context = dict(imports=[['spam'], ['eggs']])
        new_context = context.Context(context_object=ref_context)
        self.assertTrue(new_context.is_module_imported_like('spam'))
        self.assertFalse(new_context.is_module_imported_like('bacon'))

        new_context = context.Context()
        self.assertFalse(new_context.is_module_imported_like('spam'))
Example #7
0
    def test_call_function_name_qual(self):
        expected_string = 'spam'
        ref_context = dict(qualname=expected_string)
        new_context = context.Context(context_object=ref_context)
        self.assertEqual(expected_string, new_context.call_function_name_qual)

        new_context = context.Context()
        self.assertIsNone(new_context.call_function_name_qual)
Example #8
0
    def test_is_module_imported_exact(self):
        ref_context = dict(imports=['spam'])
        new_context = context.Context(context_object=ref_context)
        self.assertTrue(new_context.is_module_imported_exact('spam'))
        self.assertFalse(new_context.is_module_imported_exact('eggs'))

        new_context = context.Context()
        self.assertFalse(new_context.is_module_being_imported('spam'))
Example #9
0
    def test_statement(self):
        expected_string = 'spam'
        ref_context = dict(statement=expected_string)
        new_context = context.Context(context_object=ref_context)
        self.assertEqual(expected_string, new_context.statement)

        new_context = context.Context()
        self.assertIsNone(new_context.statement)
Example #10
0
    def test_string_val(self):
        expected_string = "spam"
        ref_context = dict(str=expected_string)
        new_context = context.Context(context_object=ref_context)
        self.assertEqual(expected_string, new_context.string_val)

        new_context = context.Context()
        self.assertIsNone(new_context.string_val)
Example #11
0
    def test_get_lineno_for_call_arg(self, node):
        expected_lineno = 42
        keyword1 = mock.Mock(arg='spam',
                             value=mock.Mock(lineno=expected_lineno))
        node.return_value = mock.Mock(keywords=[keyword1])
        new_context = context.Context()
        actual_lineno = new_context.get_lineno_for_call_arg('spam')
        self.assertEqual(expected_lineno, actual_lineno)

        new_context = context.Context()
        missing_lineno = new_context.get_lineno_for_call_arg('eggs')
        self.assertIsNone(missing_lineno)
Example #12
0
    def test_check_call_arg_value(self, call_keywords):
        new_context = context.Context()
        call_keywords.return_value = dict(spam='eggs')
        self.assertTrue(new_context.check_call_arg_value('spam', 'eggs'))
        self.assertTrue(new_context.check_call_arg_value('spam',
                                                         ['spam', 'eggs']))
        self.assertFalse(new_context.check_call_arg_value('spam', 'spam'))
        self.assertFalse(new_context.check_call_arg_value('spam'))
        self.assertFalse(new_context.check_call_arg_value('eggs'))

        new_context = context.Context()
        self.assertIsNone(new_context.check_call_arg_value(None))
Example #13
0
    def test_check_call_arg_value(self, call_keywords):
        new_context = context.Context()
        call_keywords.return_value = dict(spam="eggs")
        self.assertTrue(new_context.check_call_arg_value("spam", "eggs"))
        self.assertTrue(
            new_context.check_call_arg_value("spam", ["spam", "eggs"]))
        self.assertFalse(new_context.check_call_arg_value("spam", "spam"))
        self.assertFalse(new_context.check_call_arg_value("spam"))
        self.assertFalse(new_context.check_call_arg_value("eggs"))

        new_context = context.Context()
        self.assertIsNone(new_context.check_call_arg_value(None))
Example #14
0
    def test_call_args_count(self):
        ref_call = mock.Mock()
        ref_call.args = ['spam', 'eggs']
        ref_context = dict(call=ref_call)
        new_context = context.Context(context_object=ref_context)
        self.assertEqual(len(ref_call.args), new_context.call_args_count)

        ref_context = dict(call={})
        new_context = context.Context(context_object=ref_context)
        self.assertIsNone(new_context.call_args_count)

        new_context = context.Context()
        self.assertIsNone(new_context.call_args_count)
Example #15
0
    def test_function_def_defaults_qual(self, get_qual_attr):
        get_qual_attr.return_value = 'spam'
        ref_node = mock.Mock(args=mock.Mock(defaults=['spam']))
        ref_context = dict(node=ref_node, import_aliases=None)
        new_context = context.Context(context_object=ref_context)
        self.assertListEqual(['spam'], new_context.function_def_defaults_qual)

        ref_node = mock.Mock(args=mock.Mock(defaults=[]))
        ref_context = dict(node=ref_node, import_aliases=None)
        new_context = context.Context(context_object=ref_context)
        self.assertListEqual([], new_context.function_def_defaults_qual)

        new_context = context.Context()
        self.assertListEqual([], new_context.function_def_defaults_qual)
Example #16
0
    def run_tests(self, raw_context, checktype):
        '''Runs all tests for a certain type of check, for example

        Runs all tests for a certain type of check, for example 'functions'
        store results in results.

        :param raw_context: Raw context dictionary
        :param checktype: The type of checks to run
        :param nosec_lines: Lines which should be skipped because of nosec
        :return: a score based on the number and type of test results
        '''

        scores = {
            'SEVERITY': [0] * len(constants.RANKING),
            'CONFIDENCE': [0] * len(constants.RANKING)
        }

        tests = self.testset.get_tests(checktype)
        for test in tests:
            name = test.__name__
            # execute test with the an instance of the context class
            temp_context = copy.copy(raw_context)
            context = b_context.Context(temp_context)
            try:
                if hasattr(test, '_config'):
                    result = test(context, test._config)
                else:
                    result = test(context)

                # if we have a result, record it and update scores
                if (result is not None and
                        result.lineno not in self.nosec_lines and
                        temp_context['lineno'] not in self.nosec_lines):
                    result.fname = temp_context['filename']
                    if result.lineno is None:
                        result.lineno = temp_context['lineno']
                    result.linerange = temp_context['linerange']
                    result.test = name
                    if result.test_id == "":
                        result.test_id = test._test_id

                    self.results.append(result)

                    logger.debug(
                        "Issue identified by %s: %s", name, result
                    )
                    sev = constants.RANKING.index(result.severity)
                    val = constants.RANKING_VALUES[result.severity]
                    scores['SEVERITY'][sev] += val
                    con = constants.RANKING.index(result.confidence)
                    val = constants.RANKING_VALUES[result.confidence]
                    scores['CONFIDENCE'][con] += val

            except Exception as e:
                self.report_error(name, context, e)
                if self.debug:
                    raise
        logger.debug("Returning scores: %s", scores)
        return scores
Example #17
0
 def test_call_args(self, get_literal_value):
     get_literal_value.return_value = "eggs"
     ref_call = mock.Mock()
     ref_call.args = [mock.Mock(attr="spam"), "eggs"]
     ref_context = dict(call=ref_call)
     new_context = context.Context(context_object=ref_context)
     expected_args = ["spam", "eggs"]
     self.assertListEqual(expected_args, new_context.call_args)
Example #18
0
    def test_get_call_arg_at_position(self):
        expected_arg = 'spam'
        ref_call = mock.Mock()
        ref_call.args = [ast.Str(expected_arg)]
        ref_context = dict(call=ref_call)
        new_context = context.Context(context_object=ref_context)
        self.assertEqual(expected_arg, new_context.get_call_arg_at_position(0))
        self.assertIsNone(new_context.get_call_arg_at_position(1))

        ref_call = mock.Mock()
        ref_call.args = []
        ref_context = dict(call=ref_call)
        new_context = context.Context(context_object=ref_context)
        self.assertIsNone(new_context.get_call_arg_at_position(0))

        new_context = context.Context()
        self.assertIsNone(new_context.get_call_arg_at_position(0))
Example #19
0
    def test_call_keywords(self, get_literal_value):
        get_literal_value.return_value = 'eggs'
        ref_keyword1 = mock.Mock(arg='arg1', value=mock.Mock(attr='spam'))
        ref_keyword2 = mock.Mock(arg='arg2', value='eggs')
        ref_call = mock.Mock()
        ref_call.keywords = [ref_keyword1, ref_keyword2]
        ref_context = dict(call=ref_call)
        new_context = context.Context(context_object=ref_context)
        expected_dict = dict(arg1='spam', arg2='eggs')
        self.assertDictEqual(expected_dict, new_context.call_keywords)

        ref_context = dict(call=None)
        new_context = context.Context(context_object=ref_context)
        self.assertIsNone(new_context.call_keywords)

        new_context = context.Context()
        self.assertIsNone(new_context.call_keywords)
Example #20
0
    def test_call_keywords(self, get_literal_value):
        get_literal_value.return_value = "eggs"
        ref_keyword1 = mock.Mock(arg="arg1", value=mock.Mock(attr="spam"))
        ref_keyword2 = mock.Mock(arg="arg2", value="eggs")
        ref_call = mock.Mock()
        ref_call.keywords = [ref_keyword1, ref_keyword2]
        ref_context = dict(call=ref_call)
        new_context = context.Context(context_object=ref_context)
        expected_dict = dict(arg1="spam", arg2="eggs")
        self.assertDictEqual(expected_dict, new_context.call_keywords)

        ref_context = dict(call=None)
        new_context = context.Context(context_object=ref_context)
        self.assertIsNone(new_context.call_keywords)

        new_context = context.Context()
        self.assertIsNone(new_context.call_keywords)
Example #21
0
 def test_call_args(self, get_literal_value):
     get_literal_value.return_value = 'eggs'
     ref_call = mock.Mock()
     ref_call.args = [mock.Mock(attr='spam'), 'eggs']
     ref_context = dict(call=ref_call)
     new_context = context.Context(context_object=ref_context)
     expected_args = ['spam', 'eggs']
     self.assertListEqual(expected_args, new_context.call_args)
Example #22
0
    def test__get_literal_value(self):
        new_context = context.Context()

        value = ast.Num(42)
        expected = value.n
        self.assertEqual(expected, new_context._get_literal_value(value))

        value = ast.Str('spam')
        expected = value.s
        self.assertEqual(expected, new_context._get_literal_value(value))

        value = ast.List([ast.Str('spam'), ast.Num(42)], ast.Load())
        expected = [ast.Str('spam').s, ast.Num(42).n]
        self.assertListEqual(expected, new_context._get_literal_value(value))

        value = ast.Tuple([ast.Str('spam'), ast.Num(42)], ast.Load())
        expected = (ast.Str('spam').s, ast.Num(42).n)
        self.assertTupleEqual(expected, new_context._get_literal_value(value))

        value = ast.Set([ast.Str('spam'), ast.Num(42)])
        expected = set([ast.Str('spam').s, ast.Num(42).n])
        self.assertSetEqual(expected, new_context._get_literal_value(value))

        value = ast.Dict(['spam', 'eggs'], [42, 'foo'])
        expected = dict(spam=42, eggs='foo')
        self.assertDictEqual(expected, new_context._get_literal_value(value))

        value = ast.Ellipsis()
        self.assertIsNone(new_context._get_literal_value(value))

        value = ast.Name('spam', ast.Load())
        expected = value.id
        self.assertEqual(expected, new_context._get_literal_value(value))

        if six.PY3:
            value = ast.NameConstant(True)
            expected = str(value.value)
            self.assertEqual(expected, new_context._get_literal_value(value))

        if six.PY3:
            value = ast.Bytes(b'spam')
            expected = value.s
            self.assertEqual(expected, new_context._get_literal_value(value))

        self.assertIsNone(new_context._get_literal_value(None))
Example #23
0
    def test__get_literal_value(self):
        new_context = context.Context()

        value = ast.Num(42)
        expected = value.n
        self.assertEqual(expected, new_context._get_literal_value(value))

        value = ast.Str("spam")
        expected = value.s
        self.assertEqual(expected, new_context._get_literal_value(value))

        value = ast.List([ast.Str("spam"), ast.Num(42)], ast.Load())
        expected = [ast.Str("spam").s, ast.Num(42).n]
        self.assertListEqual(expected, new_context._get_literal_value(value))

        value = ast.Tuple([ast.Str("spam"), ast.Num(42)], ast.Load())
        expected = (ast.Str("spam").s, ast.Num(42).n)
        self.assertTupleEqual(expected, new_context._get_literal_value(value))

        value = ast.Set([ast.Str("spam"), ast.Num(42)])
        expected = {ast.Str("spam").s, ast.Num(42).n}
        self.assertSetEqual(expected, new_context._get_literal_value(value))

        value = ast.Dict(["spam", "eggs"], [42, "foo"])
        expected = dict(spam=42, eggs="foo")
        self.assertDictEqual(expected, new_context._get_literal_value(value))

        value = ast.Ellipsis()
        self.assertIsNone(new_context._get_literal_value(value))

        value = ast.Name("spam", ast.Load())
        expected = value.id
        self.assertEqual(expected, new_context._get_literal_value(value))

        value = ast.Bytes(b"spam")
        expected = value.s
        self.assertEqual(expected, new_context._get_literal_value(value))

        self.assertIsNone(new_context._get_literal_value(None))
Example #24
0
    def run_tests(self, raw_context, checktype):
        '''Runs all tests for a certain type of check, for example

        Runs all tests for a certain type of check, for example 'functions'
        store results in results.

        :param raw_context: Raw context dictionary
        :param checktype: The type of checks to run
        :return: a score based on the number and type of test results
        '''

        scores = {
            'SEVERITY': [0] * len(constants.RANKING),
            'CONFIDENCE': [0] * len(constants.RANKING)
        }

        tests = self.testset.get_tests(checktype)
        for name, test in six.iteritems(tests):
            # execute test with the an instance of the context class
            temp_context = copy.copy(raw_context)
            context = b_context.Context(temp_context)
            try:
                if hasattr(test, '_takes_config'):
                    # TODO(??): Possibly allow override from profile
                    test_config = self.config.get_option(
                        test._takes_config)
                    result = test(context, test_config)
                else:
                    result = test(context)

                # the test call returns a 2- or 3-tuple
                # - (issue_severity, issue_text) or
                # - (issue_severity, issue_confidence, issue_text)

                # add default confidence level, if not returned by test
                if (result is not None and len(result) == 2):
                    result = (
                        result[0],
                        constants.CONFIDENCE_DEFAULT,
                        result[1]
                    )

                # if we have a result, record it and update scores
                if result is not None:
                    self.results.add(temp_context, name, result)
                    self.logger.debug(
                        "Issue identified by %s: %s", name, result
                    )
                    sev = constants.RANKING.index(result[0])
                    val = constants.RANKING_VALUES[result[0]]
                    scores['SEVERITY'][sev] += val
                    con = constants.RANKING.index(result[1])
                    val = constants.RANKING_VALUES[result[1]]
                    scores['CONFIDENCE'][con] += val

            except Exception as e:
                self.report_error(name, context, e)
                if self.debug:
                    raise
        self.logger.debug("Returning scores: %s", scores)
        return scores
Example #25
0
    def run_tests(self, raw_context, checktype):
        """Runs all tests for a certain type of check, for example

        Runs all tests for a certain type of check, for example 'functions'
        store results in results.

        :param raw_context: Raw context dictionary
        :param checktype: The type of checks to run
        :return: a score based on the number and type of test results with
                extra metrics about nosec comments
        """

        scores = {
            "SEVERITY": [0] * len(constants.RANKING),
            "CONFIDENCE": [0] * len(constants.RANKING),
        }

        tests = self.testset.get_tests(checktype)
        for test in tests:
            name = test.__name__
            # execute test with the an instance of the context class
            temp_context = copy.copy(raw_context)
            context = b_context.Context(temp_context)
            try:
                if hasattr(test, "_config"):
                    result = test(context, test._config)
                else:
                    result = test(context)

                if result is not None:
                    nosec_tests_to_skip = self._get_nosecs_from_contexts(
                        temp_context, test_result=result)

                    if isinstance(temp_context["filename"], bytes):
                        result.fname = temp_context["filename"].decode("utf-8")
                    else:
                        result.fname = temp_context["filename"]
                    result.fdata = temp_context["file_data"]

                    if result.lineno is None:
                        result.lineno = temp_context["lineno"]
                    result.linerange = temp_context["linerange"]
                    result.col_offset = temp_context["col_offset"]
                    result.end_col_offset = temp_context.get(
                        "end_col_offset", 0)
                    result.test = name
                    if result.test_id == "":
                        result.test_id = test._test_id

                    # don't skip the test if there was no nosec comment
                    if nosec_tests_to_skip is not None:
                        # if the set is empty or the test id is in the set of
                        # tests to skip, log and increment the skip by test
                        # count
                        if not nosec_tests_to_skip or (result.test_id
                                                       in nosec_tests_to_skip):
                            LOG.debug("skipped, nosec for test %s" %
                                      result.test_id)
                            self.metrics.note_skipped_test()
                            continue

                    self.results.append(result)

                    LOG.debug("Issue identified by %s: %s", name, result)
                    sev = constants.RANKING.index(result.severity)
                    val = constants.RANKING_VALUES[result.severity]
                    scores["SEVERITY"][sev] += val
                    con = constants.RANKING.index(result.confidence)
                    val = constants.RANKING_VALUES[result.confidence]
                    scores["CONFIDENCE"][con] += val
                else:
                    nosec_tests_to_skip = self._get_nosecs_from_contexts(
                        temp_context)
                    if (nosec_tests_to_skip
                            and test._test_id in nosec_tests_to_skip):
                        LOG.warning(
                            f"nosec encountered ({test._test_id}), but no "
                            f"failed test on line {temp_context['lineno']}")

            except Exception as e:
                self.report_error(name, context, e)
                if self.debug:
                    raise
        LOG.debug("Returning scores: %s", scores)
        return scores
Example #26
0
    def run_tests(self, raw_context, checktype):
        '''Runs all tests for a certain type of check, for example

        Runs all tests for a certain type of check, for example 'functions'
        store results in results.

        :param raw_context: Raw context dictionary
        :param checktype: The type of checks to run
        :return: a score based on the number and type of test results
        '''

        scores = {
            'SEVERITY': [0] * len(constants.RANKING),
            'CONFIDENCE': [0] * len(constants.RANKING)
        }

        tests = self.testset.get_tests(checktype)
        for name, test in six.iteritems(tests):
            # execute test with the an instance of the context class
            temp_context = copy.copy(raw_context)
            context = b_context.Context(temp_context)
            try:
                if hasattr(test, '_takes_config'):
                    # TODO(??): Possibly allow override from profile
                    test_config = self.config.get_option(
                        test._takes_config)
                    if test_config is None:
                        warnings.warn(
                            '"{0}" has been skipped due to missing config '
                            '"{1}".'.format(test.__name__, test._takes_config)
                        )
                        continue
                    result = test(context, test_config)
                else:
                    result = test(context)

                # if we have a result, record it and update scores
                if result is not None:
                    result.fname = temp_context['filename']
                    result.lineno = temp_context['lineno']
                    result.linerange = temp_context['linerange']
                    result.test = test.__name__

                    self.results.append(result)

                    logger.debug(
                        "Issue identified by %s: %s", name, result
                    )
                    sev = constants.RANKING.index(result.severity)
                    val = constants.RANKING_VALUES[result.severity]
                    scores['SEVERITY'][sev] += val
                    con = constants.RANKING.index(result.confidence)
                    val = constants.RANKING_VALUES[result.confidence]
                    scores['CONFIDENCE'][con] += val

            except Exception as e:
                self.report_error(name, context, e)
                if self.debug:
                    raise
        logger.debug("Returning scores: %s", scores)
        return scores
Example #27
0
 def test_repr(self):
     ref_object = dict(spam="eggs")
     expected_repr = f"<Context {ref_object}>"
     new_context = context.Context(context_object=ref_object)
     self.assertEqual(expected_repr, repr(new_context))
Example #28
0
 def test_repr(self):
     ref_object = dict(spam='eggs')
     expected_repr = '<Context {}>'.format(ref_object)
     new_context = context.Context(context_object=ref_object)
     self.assertEqual(expected_repr, repr(new_context))