Fix hacking check error

This patch includes changes:

  1. use more specified 'assert' check
  2. remove use of str() on an exception
  3. use a dict comprehension instead of a dict constructor

Change-Id: I24fbf16d0bcbe5ca9780770212b511f49927303d

barbican/api/middleware/context.py

@@ -37,8 +37,10 @@ class BaseContextMiddleware(mw.Middleware):
 
         resp.headers['x-openstack-request-id'] = resp.request.request_id
 
-        LOG.info('%s: %s - %s %s', u._LI('Processed request'),
-                 resp.status, resp.request.method, resp.request.url)
+        LOG.info(u._LI('Processed request: %(status)s - %(method)s %(url)s'),
+                 {"status": resp.status,
+                  "method": resp.request.method,
+                  "url": resp.request.url})
         return resp
 
 

barbican/model/repositories.py

@@ -1434,9 +1434,9 @@ class ContainerConsumerRepo(BaseRepo):
             session.rollback()  # We know consumer already exists.
 
             # This operation is idempotent, so log this and move on
-            LOG.debug("Consumer %s already exists for container %s,"
-                      " continuing...", (new_consumer.name, new_consumer.URL),
-                      new_consumer.container_id)
+            LOG.debug("Consumer %s with URL %s already exists for "
+                      "container %s, continuing...", new_consumer.name,
+                      new_consumer.URL, new_consumer.container_id)
             # Get the existing entry and reuse it by clearing the deleted flags
             existing_consumer = self.get_by_values(
                 new_consumer.container_id, new_consumer.name, new_consumer.URL,
@@ -1716,7 +1716,7 @@ class CertificateAuthorityMetadatumRepo(BaseRepo):
         except sa_orm.exc.NoResultFound:
             metadata = dict()
 
-        return dict((m.key, m.value) for m in metadata)
+        return {(m.key, m.value) for m in metadata}
 
     def _do_entity_name(self):
         """Sub-class hook: return entity name, such as for debugging."""

barbican/plugin/crypto/p11_crypto.py

@@ -145,7 +145,7 @@ class P11CryptoPlugin(plugin.CryptoPluginBase):
         try:
             return func(*args, **kwargs)
         except (exception.PKCS11Exception) as pe:
-            LOG.warning("Reinitializing PKCS#11 library: {e}".format(e=pe))
+            LOG.warning(u._LW("Reinitializing PKCS#11 library: %s"), pe)
             self._reinitialize_pkcs11()
             return func(*args, **kwargs)
 

barbican/plugin/dogtag.py

@@ -141,8 +141,8 @@ def _import_kra_transport_cert_to_nss_db(conf, crypto):
         transport_cert = systemcert_client.get_transport_cert()
         crypto.import_cert(KRA_TRANSPORT_NICK, transport_cert, "u,u,u")
     except Exception as e:
-        LOG.error("Error in importing transport cert."
-                  " KRA may not be enabled: " + str(e))
+        LOG.error(u._LE("Error in importing transport cert."
+                        " KRA may not be enabled: %s"), e)
 
 
 def create_connection(conf, subsystem_path):

barbican/plugin/kmip_secret_store.py

@@ -292,7 +292,7 @@ class KMIPSecretStore(ss.SecretStoreBase):
                 return {KMIPSecretStore.KEY_UUID: uuid}
         except Exception as e:
             LOG.exception(u._LE("Error opening or writing to client"))
-            raise ss.SecretGeneralException(str(e))
+            raise ss.SecretGeneralException(e)
 
     def generate_asymmetric_key(self, key_spec):
         """Generate an asymmetric key pair.
@@ -341,7 +341,7 @@ class KMIPSecretStore(ss.SecretStoreBase):
                                                    passphrase_metadata)
         except Exception as e:
             LOG.exception(u._LE("Error opening or writing to client"))
-            raise ss.SecretGeneralException(str(e))
+            raise ss.SecretGeneralException(e)
 
     def store_secret(self, secret_dto):
         """Stores a secret
@@ -375,7 +375,7 @@ class KMIPSecretStore(ss.SecretStoreBase):
                 return {KMIPSecretStore.KEY_UUID: uuid}
         except Exception as e:
             LOG.exception(u._LE("Error opening or writing to client"))
-            raise ss.SecretGeneralException(str(e))
+            raise ss.SecretGeneralException(e)
 
     def get_secret(self, secret_type, secret_metadata):
         """Gets a secret
@@ -396,7 +396,7 @@ class KMIPSecretStore(ss.SecretStoreBase):
                 return self._get_barbican_secret(managed_object, secret_type)
         except Exception as e:
             LOG.exception(u._LE("Error opening or writing to client"))
-            raise ss.SecretGeneralException(str(e))
+            raise ss.SecretGeneralException(e)
 
     def generate_supports(self, key_spec):
         """Key generation supported?
@@ -435,7 +435,7 @@ class KMIPSecretStore(ss.SecretStoreBase):
                 self.client.destroy(uuid)
         except Exception as e:
             LOG.exception(u._LE("Error opening or writing to client"))
-            raise ss.SecretGeneralException(str(e))
+            raise ss.SecretGeneralException(e)
 
     def store_secret_supports(self, key_spec):
         """Key storage supported?

barbican/tests/api/controllers/test_secretstores.py

@@ -115,7 +115,7 @@ class WhenTestingSecretStores(utils.BarbicanAPIBaseTestCase,
                             expect_errors=False)
         self.assertEqual(200, resp.status_int)
         resp_data = resp.json
-        self.assertEqual(True, resp_data['global_default'])
+        self.assertTrue(resp_data['global_default'])
         self.assertIn('kmip', resp_data['name'].lower())
         self.assertIsNotNone(resp_data['secret_store_ref'])
         self.assertIsNotNone(resp_data['secret_store_plugin'])

barbican/tests/common/test_validators.py

@@ -415,9 +415,8 @@ class WhenTestingSecretValidator(utils.BaseTestCase):
         try:
             self.validator.validate(self.secret_req)
         except excep.InvalidObject as e:
-            self.assertNotEqual(str(e), 'None')
+            self.assertIsNotNone(e)
             self.assertIsNotNone(e.message)
-            self.assertNotEqual(e.message, 'None')
         else:
             self.fail('No validation exception was raised')
 

barbican/tests/model/repositories/test_repositories_secret_stores.py

@@ -53,7 +53,7 @@ class WhenTestingSecretStoresRepo(database_utils.RepositoryTestCase):
         self.assertIsNotNone(s_stores)
         self.assertEqual(self.def_store_plugin, s_stores.store_plugin)
         self.assertEqual(self.def_crypto_plugin, s_stores.crypto_plugin)
-        self.assertEqual(True, s_stores.global_default)
+        self.assertTrue(s_stores.global_default)
         self.assertEqual(models.States.ACTIVE, s_stores.status)
 
     def test_should_raise_notfound_exception_get_by_entity_id(self):

barbican/tests/model/test_models.py

@@ -654,7 +654,7 @@ class WhenCreatingNewSecretStores(utils.BaseTestCase):
         self.assertEqual(store_plugin, ss.store_plugin)
         self.assertEqual(crypto_plugin, ss.crypto_plugin)
         self.assertEqual(name, ss.name)
-        self.assertEqual(True, ss.global_default)
+        self.assertTrue(ss.global_default)
         self.assertEqual(models.States.ACTIVE, ss.status)
 
     def test_new_secret_stores_required_input_only(self):
@@ -692,8 +692,7 @@ class WhenCreatingNewSecretStores(utils.BaseTestCase):
                          ss.to_dict_fields()['store_plugin'])
         self.assertEqual(crypto_plugin,
                          ss.to_dict_fields()['crypto_plugin'])
-        self.assertEqual(True,
-                         ss.to_dict_fields()['global_default'])
+        self.assertTrue(ss.to_dict_fields()['global_default'])
         self.assertEqual(models.States.ACTIVE,
                          ss.to_dict_fields()['status'])
         self.assertEqual(name, ss.to_dict_fields()['name'])

barbican/tests/plugin/test_kmip.py

@@ -447,12 +447,8 @@ class WhenTestingKMIPSecretStore(utils.BaseTestCase):
         proxy = self.secret_store.client.proxy
         register_call_args, _ = proxy.register.call_args
         actual_secret = register_call_args[2]
-        self.assertEqual(
-            None,
-            actual_secret.key_block.cryptographic_length)
-        self.assertEqual(
-            None,
-            actual_secret.key_block.cryptographic_algorithm)
+        self.assertIsNone(actual_secret.key_block.cryptographic_length)
+        self.assertIsNone(actual_secret.key_block.cryptographic_algorithm)
         self.assertEqual(
             passphrase,
             actual_secret.key_block.key_value.key_material.value)

barbican/tests/plugin/test_snakeoil_ca.py

@@ -78,7 +78,7 @@ class CaTestCase(BaseTestCase):
         self.assertEqual(
             ca.chain,
             crypto.dump_certificate(crypto.FILETYPE_PEM, ca.cert))
-        self.assertNotEqual(None, ca.key)
+        self.assertIsNotNone(ca.key)
         self.assertEqual("Test ST", subject.ST)
         self.assertEqual("Test L", subject.L)
         self.assertEqual("Test O", subject.O)

barbican/tests/plugin/util/test_multiple_backends.py

@@ -68,7 +68,7 @@ class WhenReadingMultipleBackendsConfig(test_utils.MultipleBackendsTestCase):
         self.assertEqual(False, stores[0].global_default)
         self.assertEqual('ss_p2', stores[1].store_plugin)
         self.assertEqual('cr_p2', stores[1].crypto_plugin)
-        self.assertEqual(True, stores[1].global_default)
+        self.assertTrue(stores[1].global_default)
         self.assertEqual('ss_p3', stores[2].store_plugin)
         self.assertEqual('cr_p3', stores[2].crypto_plugin)
         self.assertEqual(False, stores[2].global_default)

functionaltests/api/v1/functional/test_secretstores.py

@@ -169,7 +169,7 @@ class SecretStoresTestCase(base.TestCase):
         self.assertEqual(expected_return, resp.status_code)
         if expected_return == 200:
             self._validate_secret_store_fields(json_data)
-            self.assertEqual(True, json_data['global_default'])
+            self.assertTrue(json_data['global_default'])
 
     @testcase.skipIf(base.conf_multiple_backends_enabled, 'executed only when '
                      'multiple backends support is NOT enabled in barbican '