294 lines
9.7 KiB
Python
294 lines
9.7 KiB
Python
# Copyright (c) 2016, GohighSec
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
import ast
|
|
import re
|
|
import six
|
|
|
|
import pep8
|
|
|
|
|
|
"""
|
|
Guidelines for writing new hacking checks
|
|
|
|
- Use only for Barbican specific tests. OpenStack general tests
|
|
should be submitted to the common 'hacking' module.
|
|
- Pick numbers in the range B3xx. Find the current test with
|
|
the highest allocated number and then pick the next value.
|
|
- Keep the test method code in the source file ordered based
|
|
on the B3xx value.
|
|
- List the new rule in the top level HACKING.rst file
|
|
- Add test cases for each new rule to barbican/tests/test_hacking.py
|
|
|
|
"""
|
|
|
|
oslo_namespace_imports = re.compile(r"from[\s]*oslo[.](.*)")
|
|
dict_constructor_with_list_copy_re = re.compile(r".*\bdict\((\[)?(\(|\[)")
|
|
assert_no_xrange_re = re.compile(r"\s*xrange\s*\(")
|
|
assert_True = re.compile(r".*assertEqual\(True, .*\)")
|
|
assert_None = re.compile(r".*assertEqual\(None, .*\)")
|
|
assert_Not_Equal = re.compile(r".*assertNotEqual\(None, .*\)")
|
|
assert_Is_Not = re.compile(r".*assertIsNot\(None, .*\)")
|
|
no_log_warn = re.compile(r".*LOG.warn\(.*\)")
|
|
|
|
|
|
class BaseASTChecker(ast.NodeVisitor):
|
|
"""Provides a simple framework for writing AST-based checks.
|
|
|
|
Subclasses should implement visit_* methods like any other AST visitor
|
|
implementation. When they detect an error for a particular node the
|
|
method should call ``self.add_error(offending_node)``. Details about
|
|
where in the code the error occurred will be pulled from the node
|
|
object.
|
|
|
|
Subclasses should also provide a class variable named CHECK_DESC to
|
|
be used for the human readable error message.
|
|
|
|
"""
|
|
|
|
CHECK_DESC = 'No check message specified'
|
|
|
|
def __init__(self, tree, filename):
|
|
"""This object is created automatically by pep8.
|
|
|
|
:param tree: an AST tree
|
|
:param filename: name of the file being analyzed
|
|
(ignored by our checks)
|
|
"""
|
|
self._tree = tree
|
|
self._errors = []
|
|
|
|
def run(self):
|
|
"""Called automatically by pep8."""
|
|
self.visit(self._tree)
|
|
return self._errors
|
|
|
|
def add_error(self, node, message=None):
|
|
"""Add an error caused by a node to the list of errors for pep8."""
|
|
message = message or self.CHECK_DESC
|
|
error = (node.lineno, node.col_offset, message, self.__class__)
|
|
self._errors.append(error)
|
|
|
|
def _check_call_names(self, call_node, names):
|
|
if isinstance(call_node, ast.Call):
|
|
if isinstance(call_node.func, ast.Name):
|
|
if call_node.func.id in names:
|
|
return True
|
|
return False
|
|
|
|
|
|
class CheckLoggingFormatArgs(BaseASTChecker):
|
|
"""Check for improper use of logging format arguments.
|
|
|
|
LOG.debug("Volume %s caught fire and is at %d degrees C and climbing.",
|
|
('volume1', 500))
|
|
|
|
The format arguments should not be a tuple as it is easy to miss.
|
|
|
|
"""
|
|
|
|
CHECK_DESC = 'B310 Log method arguments should not be a tuple.'
|
|
LOG_METHODS = [
|
|
'debug', 'info',
|
|
'warn', 'warning',
|
|
'error', 'exception',
|
|
'critical', 'fatal',
|
|
'trace', 'log'
|
|
]
|
|
|
|
def _find_name(self, node):
|
|
"""Return the fully qualified name or a Name or Attribute."""
|
|
if isinstance(node, ast.Name):
|
|
return node.id
|
|
elif (isinstance(node, ast.Attribute)
|
|
and isinstance(node.value, (ast.Name, ast.Attribute))):
|
|
method_name = node.attr
|
|
obj_name = self._find_name(node.value)
|
|
if obj_name is None:
|
|
return None
|
|
return obj_name + '.' + method_name
|
|
elif isinstance(node, six.string_types):
|
|
return node
|
|
else: # could be Subscript, Call or many more
|
|
return None
|
|
|
|
def visit_Call(self, node):
|
|
"""Look for the 'LOG.*' calls."""
|
|
# extract the obj_name and method_name
|
|
if isinstance(node.func, ast.Attribute):
|
|
obj_name = self._find_name(node.func.value)
|
|
if isinstance(node.func.value, ast.Name):
|
|
method_name = node.func.attr
|
|
elif isinstance(node.func.value, ast.Attribute):
|
|
obj_name = self._find_name(node.func.value)
|
|
method_name = node.func.attr
|
|
else: # could be Subscript, Call or many more
|
|
return super(CheckLoggingFormatArgs, self).generic_visit(node)
|
|
|
|
# obj must be a logger instance and method must be a log helper
|
|
if (obj_name != 'LOG'
|
|
or method_name not in self.LOG_METHODS):
|
|
return super(CheckLoggingFormatArgs, self).generic_visit(node)
|
|
|
|
# the call must have arguments
|
|
if not len(node.args):
|
|
return super(CheckLoggingFormatArgs, self).generic_visit(node)
|
|
|
|
# any argument should not be a tuple
|
|
for arg in node.args:
|
|
if isinstance(arg, ast.Tuple):
|
|
self.add_error(arg)
|
|
|
|
return super(CheckLoggingFormatArgs, self).generic_visit(node)
|
|
|
|
|
|
class CheckForStrUnicodeExc(BaseASTChecker):
|
|
"""Checks for the use of str() or unicode() on an exception.
|
|
|
|
This currently only handles the case where str() or unicode()
|
|
is used in the scope of an exception handler. If the exception
|
|
is passed into a function, returned from an assertRaises, or
|
|
used on an exception created in the same scope, this does not
|
|
catch it.
|
|
"""
|
|
|
|
CHECK_DESC = ('B314 str() and unicode() cannot be used on an '
|
|
'exception. Remove or use six.text_type()')
|
|
|
|
def __init__(self, tree, filename):
|
|
super(CheckForStrUnicodeExc, self).__init__(tree, filename)
|
|
self.name = []
|
|
self.already_checked = []
|
|
|
|
# Python 2
|
|
def visit_TryExcept(self, node):
|
|
for handler in node.handlers:
|
|
if handler.name:
|
|
self.name.append(handler.name.id)
|
|
super(CheckForStrUnicodeExc, self).generic_visit(node)
|
|
self.name = self.name[:-1]
|
|
else:
|
|
super(CheckForStrUnicodeExc, self).generic_visit(node)
|
|
|
|
# Python 3
|
|
def visit_ExceptHandler(self, node):
|
|
if node.name:
|
|
self.name.append(node.name)
|
|
super(CheckForStrUnicodeExc, self).generic_visit(node)
|
|
self.name = self.name[:-1]
|
|
else:
|
|
super(CheckForStrUnicodeExc, self).generic_visit(node)
|
|
|
|
def visit_Call(self, node):
|
|
if self._check_call_names(node, ['str', 'unicode']):
|
|
if node not in self.already_checked:
|
|
self.already_checked.append(node)
|
|
if isinstance(node.args[0], ast.Name):
|
|
if node.args[0].id in self.name:
|
|
self.add_error(node.args[0])
|
|
super(CheckForStrUnicodeExc, self).generic_visit(node)
|
|
|
|
|
|
def check_oslo_namespace_imports(logical_line, physical_line, filename):
|
|
"""'oslo_' should be used instead of 'oslo.'
|
|
|
|
B317
|
|
"""
|
|
if pep8.noqa(physical_line):
|
|
return
|
|
if re.match(oslo_namespace_imports, logical_line):
|
|
msg = ("B317: '%s' must be used instead of '%s'.") % (
|
|
logical_line.replace('oslo.', 'oslo_'),
|
|
logical_line)
|
|
yield(0, msg)
|
|
|
|
|
|
def dict_constructor_with_list_copy(logical_line):
|
|
"""Use a dict comprehension instead of a dict constructor
|
|
|
|
B318
|
|
"""
|
|
msg = ("B318: Must use a dict comprehension instead of a dict constructor"
|
|
" with a sequence of key-value pairs."
|
|
)
|
|
if dict_constructor_with_list_copy_re.match(logical_line):
|
|
yield (0, msg)
|
|
|
|
|
|
def no_xrange(logical_line):
|
|
"""Do not use 'xrange'
|
|
|
|
B319
|
|
"""
|
|
if assert_no_xrange_re.match(logical_line):
|
|
yield(0, "B319: Do not use xrange().")
|
|
|
|
|
|
def validate_assertTrue(logical_line):
|
|
"""Use 'assertTrue' instead of 'assertEqual'
|
|
|
|
B312
|
|
"""
|
|
if re.match(assert_True, logical_line):
|
|
msg = ("B312: Unit tests should use assertTrue(value) instead"
|
|
" of using assertEqual(True, value).")
|
|
yield(0, msg)
|
|
|
|
|
|
def validate_assertIsNone(logical_line):
|
|
"""Use 'assertIsNone' instead of 'assertEqual'
|
|
|
|
B311
|
|
"""
|
|
if re.match(assert_None, logical_line):
|
|
msg = ("B311: Unit tests should use assertIsNone(value) instead"
|
|
" of using assertEqual(None, value).")
|
|
yield(0, msg)
|
|
|
|
|
|
def no_log_warn_check(logical_line):
|
|
"""Disallow 'LOG.warn'
|
|
|
|
B320
|
|
"""
|
|
msg = ("B320: LOG.warn is deprecated, please use LOG.warning!")
|
|
if re.match(no_log_warn, logical_line):
|
|
yield(0, msg)
|
|
|
|
|
|
def validate_assertIsNotNone(logical_line):
|
|
"""Use 'assertIsNotNone'
|
|
|
|
B321
|
|
"""
|
|
if re.match(assert_Not_Equal, logical_line) or \
|
|
re.match(assert_Is_Not, logical_line):
|
|
msg = ("B321: Unit tests should use assertIsNotNone(value) instead"
|
|
" of using assertNotEqual(None, value) or"
|
|
" assertIsNot(None, value).")
|
|
yield(0, msg)
|
|
|
|
|
|
def factory(register):
|
|
register(CheckForStrUnicodeExc)
|
|
register(CheckLoggingFormatArgs)
|
|
register(check_oslo_namespace_imports)
|
|
register(dict_constructor_with_list_copy)
|
|
register(no_xrange)
|
|
register(validate_assertTrue)
|
|
register(validate_assertIsNone)
|
|
register(no_log_warn_check)
|
|
register(validate_assertIsNotNone)
|