Merge "Assert problems in Glance raised by Bandit"

This commit is contained in:
Jenkins 2016-01-19 01:15:29 +00:00 committed by Gerrit Code Review
commit fc818fdb97
11 changed files with 29 additions and 20 deletions

View File

@ -33,7 +33,7 @@ profiles:
include:
- any_other_function_with_shell_equals_true
# - assert_used # TODO: enable this test
- assert_used
- blacklist_calls
- blacklist_import_func

View File

@ -142,7 +142,6 @@ class ImagesController(object):
for change in changes:
change_method_name = '_do_%s' % change['op']
assert hasattr(self, change_method_name)
change_method = getattr(self, change_method_name)
change_method(req, image, change)

View File

@ -112,7 +112,7 @@ class Controller(object):
:params excluded: List of methods to exclude.
:params refiner: Callable to use as filter for methods.
:raises: AssertionError: If refiner is not callable.
:raises TypeError: If refiner is not callable.
"""
funcs = filter(lambda x: not x.startswith("_"), dir(resource))
@ -124,7 +124,6 @@ class Controller(object):
funcs = [f for f in funcs if f not in excluded]
if refiner:
assert callable(refiner), "Refiner must be callable"
funcs = filter(refiner, funcs)
for name in funcs:

View File

@ -161,8 +161,9 @@ class ImageRepo(object):
def get(self, image_id):
try:
db_api_image = dict(self.db_api.image_get(self.context, image_id))
assert not db_api_image['deleted']
except (exception.ImageNotFound, exception.Forbidden, AssertionError):
if db_api_image['deleted']:
raise exception.ImageNotFound()
except (exception.ImageNotFound, exception.Forbidden):
msg = _("No image found with ID %s") % image_id
raise exception.ImageNotFound(msg)
tags = self.db_api.image_tag_get_all(self.context, image_id)

View File

@ -349,17 +349,21 @@ def _paginate_query(query, model, limit, sort_keys, marker=None,
# the actual primary key, rather than assuming its id
LOG.warn(_LW('Id not in sort_keys; is sort_keys unique?'))
assert(not (sort_dir and sort_dirs))
assert(not (sort_dir and sort_dirs)) # nosec
# nosec: This function runs safely if the assertion fails.
# Default the sort direction to ascending
if sort_dirs is None and sort_dir is None:
if sort_dir is None:
sort_dir = 'asc'
# Ensure a per-column sort direction
if sort_dirs is None:
sort_dirs = [sort_dir for _sort_key in sort_keys]
sort_dirs = [sort_dir] * len(sort_keys)
assert(len(sort_dirs) == len(sort_keys))
assert(len(sort_dirs) == len(sort_keys)) # nosec
# nosec: This function runs safely if the assertion fails.
if len(sort_dirs) < len(sort_keys):
sort_dirs += [sort_dir] * (len(sort_keys) - len(sort_dirs))
# Add sorting
for current_sort_key, current_sort_dir in zip(sort_keys, sort_dirs):

View File

@ -326,14 +326,16 @@ def _get_all(context, session, filters=None, marker=None,
def _do_paginate_query(query, sort_keys=None, sort_dirs=None,
marker=None, limit=None):
# Default the sort direction to ascending
if sort_dirs is None:
sort_dir = 'asc'
sort_dir = 'asc'
# Ensure a per-column sort direction
if sort_dirs is None:
sort_dirs = [sort_dir for _sort_key in sort_keys]
sort_dirs = [sort_dir] * len(sort_keys)
assert(len(sort_dirs) == len(sort_keys))
assert(len(sort_dirs) == len(sort_keys)) # nosec
# nosec: This function runs safely if the assertion fails.
if len(sort_dirs) < len(sort_keys):
sort_dirs += [sort_dir] * (len(sort_keys) - len(sort_dirs))
# Add sorting
for current_sort_key, current_sort_dir in zip(sort_keys, sort_dirs):

View File

@ -96,7 +96,9 @@ def legacy_parse_uri(uri, to_quote):
raise exception.BadStoreUri(message=reason)
pieces = urlparse.urlparse(uri)
assert pieces.scheme in ('swift', 'swift+http', 'swift+https')
if pieces.scheme not in ('swift', 'swift+http', 'swift+https'):
raise exception.BadStoreUri(message="Unacceptable scheme: '%s'" %
pieces.scheme)
scheme = pieces.scheme
netloc = pieces.netloc
path = pieces.path.lstrip('/')

View File

@ -158,7 +158,9 @@ def legacy_parse_uri(uri, to_quote):
raise exception.BadStoreUri(message=reason)
pieces = urlparse.urlparse(uri)
assert pieces.scheme in ('swift', 'swift+http', 'swift+https')
if pieces.scheme not in ('swift', 'swift+http', 'swift+https'):
raise exception.BadStoreUri(message="Unacceptable scheme: '%s'" %
pieces.scheme)
scheme = pieces.scheme
netloc = pieces.netloc
path = pieces.path.lstrip('/')

View File

@ -108,7 +108,7 @@ class TestRPCController(base.IsolatedUnitTest):
controller = rpc.Controller()
# Not callable
self.assertRaises(AssertionError,
self.assertRaises(TypeError,
controller.register,
res, refiner="get_all_images")

View File

@ -419,7 +419,7 @@ class MigrationsMixin(test_migrations.WalkVersionsMixin):
invalid_scheme_uri = ('http://acct:usr:pass@example.com'
'/container/obj-id')
self.assertRaises(AssertionError,
self.assertRaises(exception.BadStoreUri,
legacy_parse_uri_fn,
invalid_scheme_uri,
True)

View File

@ -1899,8 +1899,8 @@ class TestImagesController(base.IsolatedUnitTest):
change = {'op': 'test', 'path': 'options', 'value': 'puts'}
try:
self.controller.update(request, UUID1, [change])
except AssertionError:
pass # AssertionError is the desired behavior
except AttributeError:
pass # AttributeError is the desired behavior
else:
self.fail('Failed to raise AssertionError on %s' % change)