openstack
/
magnum
Code Issues Proposed changes

Eliminate eval from swagger.py in k8sclient 

Change-Id: I84bc12f3a42d5476e67fee5b090731b490286566
Partially-Implements: blueprint gate-bandit
Partial-Bug: #1459717
This commit is contained in:
Zane Bitter 2015-06-03 11:55:55 -04:00 committed by Madhuri Kumari
parent b0702211bf
commit 218a76e2c0
1 changed files with 18 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
magnum/common/pythonk8sclient/client/swagger.py
View File

@ -19,7 +19,8 @@ server communication, and is invariant across implementations. Specifics of
the methods and models for each application are generated from the Swagger the methods and models for each application are generated from the Swagger
templates.""" templates."""
import ast import __builtin__
import sys import sys
import os import os
import re import re
@ -33,7 +34,8 @@ import random
import string import string
from magnum.common import utils from magnum.common import utils
from models import *
from oslo_utils import importutils
class ApiClient(object): class ApiClient(object):
@ -223,23 +225,29 @@ class ApiClient(object):
subClass = match.group(1) subClass = match.group(1)
return [self.deserialize(subObj, subClass) for subObj in obj] return [self.deserialize(subObj, subClass) for subObj in obj]
if (objClass in ['int', 'float', 'long', 'dict', 'list', 'str', 'bool', 'datetime']): classname = objClass
objClass = ast.literal_eval(objClass) if classname in {'int', 'float', 'long', 'dict', 'list', 'str', 'bool'}:
objClass = getattr(__builtin__, classname)
elif classname == 'datetime':
objClass = self.__parse_string_to_datetime
else: # not a native type, must be model class else: # not a native type, must be model class
objClass = ast.literal_eval(objClass + '.' + objClass) model = ('magnum.common.pythonk8sclient.client.models.%s.%s' %
(classname, classname))
objClass = importutils.import_class(model)
else:
classname = None
if objClass in [int, long, float, dict, list, str, bool]: if ((getattr(objClass, '__module__', None) == __builtin__.__name__) or
(classname == 'datetime')):
return objClass(obj) return objClass(obj)
elif objClass == datetime:
return self.__parse_string_to_datetime(obj)
instance = objClass() instance = objClass()
for attr, attrType in instance.swaggerTypes.iteritems(): for attr, attrType in instance.swaggerTypes.iteritems():
if obj is not None and instance.attributeMap[attr] in obj and type(obj) in [list, dict]: if obj is not None and instance.attributeMap[attr] in obj and type(obj) in [list, dict]:
value = obj[instance.attributeMap[attr]] value = obj[instance.attributeMap[attr]]
if attrType in ['str', 'int', 'long', 'float', 'bool']: if attrType in {'str', 'int', 'long', 'float', 'bool'}:
attrType = ast.literal_eval(attrType) attrType = getattr(__builtin__, attrType)
try: try:
value = attrType(value) value = attrType(value)
except UnicodeEncodeError: except UnicodeEncodeError: