diff --git a/dojo/engagement/services.py b/dojo/engagement/services.py
index 0331e87c5ba..951d060ce70 100644
--- a/dojo/engagement/services.py
+++ b/dojo/engagement/services.py
@@ -16,7 +16,7 @@ def close_engagement(eng):
eng.save()
if jira_helper.get_jira_project(eng):
- jira_helper.close_epic(eng, True)
+ jira_helper.close_epic(eng, push_to_jira=True)
def reopen_engagement(eng):
diff --git a/dojo/finding/views.py b/dojo/finding/views.py
index 8373022d727..14d17bef55f 100644
--- a/dojo/finding/views.py
+++ b/dojo/finding/views.py
@@ -2406,7 +2406,7 @@ def edit_template(request, tid):
extra_tags="alert-danger",
)
- count = apply_cwe_mitigation(True, template, False)
+ count = apply_cwe_mitigation(apply_to_findings=True, template=template, update=False)
add_breadcrumb(title="Edit Template", top_level=False, request=request)
return render(
request,
diff --git a/dojo/importers/auto_create_context.py b/dojo/importers/auto_create_context.py
index a0c24bffa84..b6b28ef4544 100644
--- a/dojo/importers/auto_create_context.py
+++ b/dojo/importers/auto_create_context.py
@@ -244,6 +244,7 @@ def get_or_create_product(
self,
product_name: str = None,
product_type_name: str = None,
+ *,
auto_create_context: bool = False,
**kwargs: dict,
) -> Product:
@@ -279,6 +280,7 @@ def get_or_create_engagement(
engagement_name: str = None,
product_name: str = None,
product_type_name: str = None,
+ *,
auto_create_context: bool = False,
deduplication_on_engagement: bool = False,
source_code_management_uri: str = None,
diff --git a/dojo/importers/base_importer.py b/dojo/importers/base_importer.py
index a2f4bb67949..6195461c949 100644
--- a/dojo/importers/base_importer.py
+++ b/dojo/importers/base_importer.py
@@ -698,6 +698,7 @@ def mitigate_finding(
self,
finding: Finding,
note_message: str,
+ *,
finding_groups_enabled: bool,
) -> None:
"""
diff --git a/dojo/importers/default_importer.py b/dojo/importers/default_importer.py
index 78bb761feb0..ea836c354b7 100644
--- a/dojo/importers/default_importer.py
+++ b/dojo/importers/default_importer.py
@@ -284,7 +284,7 @@ def close_old_findings(
"This finding has been automatically closed "
"as it is not present anymore in recent scans."
),
- self.findings_groups_enabled,
+ finding_groups_enabled=self.findings_groups_enabled,
)
# push finding groups to jira since we only only want to push whole groups
if self.findings_groups_enabled and self.push_to_jira:
diff --git a/dojo/importers/default_reimporter.py b/dojo/importers/default_reimporter.py
index ad0260f714e..c4da9002415 100644
--- a/dojo/importers/default_reimporter.py
+++ b/dojo/importers/default_reimporter.py
@@ -267,7 +267,7 @@ def close_old_findings(
self.mitigate_finding(
finding,
f"Mitigated by {self.test.test_type} re-upload.",
- self.findings_groups_enabled,
+ finding_groups_enabled=self.findings_groups_enabled,
)
mitigated_findings.append(finding)
# push finding groups to jira since we only only want to push whole groups
diff --git a/dojo/importers/options.py b/dojo/importers/options.py
index 5ae687085a6..27adacb7cea 100644
--- a/dojo/importers/options.py
+++ b/dojo/importers/options.py
@@ -176,6 +176,7 @@ def validate(
self,
field_name: str,
expected_types: List[Callable] = [],
+ *,
required: bool = False,
default: Any = None,
**kwargs: dict,
diff --git a/dojo/management/commands/push_to_jira_update.py b/dojo/management/commands/push_to_jira_update.py
index 2b3c10b0bb1..41c332904d5 100644
--- a/dojo/management/commands/push_to_jira_update.py
+++ b/dojo/management/commands/push_to_jira_update.py
@@ -23,5 +23,5 @@ def handle(self, *args, **options):
for finding in findings:
print("Checking issue:" + str(finding.id))
- jira_helper.update_jira_issue(finding, True)
+ jira_helper.update_jira_issue(finding, *[True])
print("########\n")
diff --git a/dojo/metrics/utils.py b/dojo/metrics/utils.py
index 6de04ee72bf..d6cd9def766 100644
--- a/dojo/metrics/utils.py
+++ b/dojo/metrics/utils.py
@@ -295,12 +295,12 @@ def query_counts(
:return: A method that takes period information to generate statistics for the given QuerySets
"""
def _aggregates_for_period(period: MetricsPeriod, period_count: int) -> dict[str, list[dict]]:
- def _aggregate_data(qs: MetricsQuerySet, include_closed: bool = False) -> list[dict]:
+ def _aggregate_data(qs: MetricsQuerySet, *, include_closed: bool = False) -> list[dict]:
chart_data = partial(get_charting_data, start_date=start_date, period=period, period_count=period_count)
agg_qs = partial(aggregate_counts_by_period, period=period, metrics_type=metrics_type)
return chart_data(agg_qs(qs, include_closed=include_closed), include_closed=include_closed)
return {
- 'opened_per_period': _aggregate_data(open_qs, True),
+ 'opened_per_period': _aggregate_data(open_qs, include_closed=True),
'active_per_period': _aggregate_data(active_qs),
'accepted_per_period': _aggregate_data(accepted_qs),
}
@@ -400,6 +400,7 @@ def get_charting_data(
start_date: date,
period: MetricsPeriod,
period_count: int,
+ *,
include_closed: bool,
) -> list[dict]:
"""
@@ -466,6 +467,7 @@ def aggregate_counts_by_period(
qs: MetricsQuerySet,
period: MetricsPeriod,
metrics_type: MetricsType,
+ *,
include_closed: bool,
) -> QuerySet:
"""
diff --git a/dojo/reports/views.py b/dojo/reports/views.py
index f67b2f40c58..e96a6ac0b1f 100644
--- a/dojo/reports/views.py
+++ b/dojo/reports/views.py
@@ -253,13 +253,13 @@ def test_report(request, tid):
@user_is_authorized(Endpoint, Permissions.Endpoint_View, 'eid')
def endpoint_report(request, eid):
endpoint = get_object_or_404(Endpoint, id=eid)
- return generate_report(request, endpoint, False)
+ return generate_report(request, endpoint, host_view=False)
@user_is_authorized(Endpoint, Permissions.Endpoint_View, 'eid')
def endpoint_host_report(request, eid):
endpoint = get_object_or_404(Endpoint, id=eid)
- return generate_report(request, endpoint, True)
+ return generate_report(request, endpoint, host_view=True)
@user_is_authorized(Product, Permissions.Product_View, 'pid')
diff --git a/dojo/risk_acceptance/helper.py b/dojo/risk_acceptance/helper.py
index 098bf52aaf3..6109e2189be 100644
--- a/dojo/risk_acceptance/helper.py
+++ b/dojo/risk_acceptance/helper.py
@@ -26,7 +26,7 @@ def expire_now(risk_acceptance):
finding.active = True
finding.risk_accepted = False
# Update any endpoint statuses on each of the findings
- update_endpoint_statuses(finding, False)
+ update_endpoint_statuses(finding, accept_risk=False)
if risk_acceptance.restart_sla_expired:
finding.sla_start_date = timezone.now().date()
@@ -68,7 +68,7 @@ def reinstate(risk_acceptance, old_expiration_date):
finding.active = False
finding.risk_accepted = True
# Update any endpoint statuses on each of the findings
- update_endpoint_statuses(finding, True)
+ update_endpoint_statuses(finding, accept_risk=True)
finding.save(dedupe_option=False)
reinstated_findings.append(finding)
else:
@@ -88,7 +88,7 @@ def delete(eng, risk_acceptance):
finding.active = True
finding.risk_accepted = False
# Update any endpoint statuses on each of the findings
- update_endpoint_statuses(finding, False)
+ update_endpoint_statuses(finding, accept_risk=False)
finding.save(dedupe_option=False)
# best effort jira integration, no status changes
@@ -111,7 +111,7 @@ def remove_finding_from_risk_acceptance(risk_acceptance, finding):
finding.active = True
finding.risk_accepted = False
# Update any endpoint statuses on each of the findings
- update_endpoint_statuses(finding, False)
+ update_endpoint_statuses(finding, accept_risk=False)
finding.save(dedupe_option=False)
# best effort jira integration, no status changes
post_jira_comments(risk_acceptance, [finding], unaccepted_message_creator)
@@ -124,7 +124,7 @@ def add_findings_to_risk_acceptance(risk_acceptance, findings):
finding.risk_accepted = True
finding.save(dedupe_option=False)
# Update any endpoint statuses on each of the findings
- update_endpoint_statuses(finding, True)
+ update_endpoint_statuses(finding, accept_risk=True)
risk_acceptance.accepted_findings.add(finding)
risk_acceptance.save()
@@ -279,7 +279,7 @@ def simple_risk_accept(finding, perform_save=True):
# risk accepted, so finding no longer considered active
finding.active = False
# Update any endpoint statuses on each of the findings
- update_endpoint_statuses(finding, True)
+ update_endpoint_statuses(finding, accept_risk=True)
if perform_save:
finding.save(dedupe_option=False)
# post_jira_comment might reload from database so see unaccepted finding. but the comment
@@ -297,7 +297,7 @@ def risk_unaccept(finding, perform_save=True):
finding.active = True
finding.risk_accepted = False
# Update any endpoint statuses on each of the findings
- update_endpoint_statuses(finding, False)
+ update_endpoint_statuses(finding, accept_risk=False)
if perform_save:
logger.debug('saving unaccepted finding %i:%s', finding.id, finding)
finding.save(dedupe_option=False)
@@ -312,7 +312,7 @@ def remove_from_any_risk_acceptance(finding):
r.accepted_findings.remove(finding)
-def update_endpoint_statuses(finding: Finding, accept_risk: bool) -> None:
+def update_endpoint_statuses(finding: Finding, *, accept_risk: bool) -> None:
for status in finding.status_finding.all():
if accept_risk:
status.active = False
diff --git a/dojo/settings/.settings.dist.py.sha256sum b/dojo/settings/.settings.dist.py.sha256sum
index 890d05663e9..d4318dfedc1 100644
--- a/dojo/settings/.settings.dist.py.sha256sum
+++ b/dojo/settings/.settings.dist.py.sha256sum
@@ -1 +1 @@
-cce215fa477d611d45cae69a29185e943eb209526fec2b38659666e5e9513fe3
+09f9dea5143b9be4988917e7ddb28f24086b7d2cc1feb04a1e429bc0260f5847
diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py
index 0c62f004bc6..23abc3591cf 100644
--- a/dojo/settings/settings.dist.py
+++ b/dojo/settings/settings.dist.py
@@ -1085,14 +1085,14 @@ def saml2_attrib_map_format(dict):
# Celery settings
CELERY_BROKER_URL = env('DD_CELERY_BROKER_URL') \
if len(env('DD_CELERY_BROKER_URL')) > 0 else generate_url(
- env('DD_CELERY_BROKER_SCHEME'),
- True,
- env('DD_CELERY_BROKER_USER'),
- env('DD_CELERY_BROKER_PASSWORD'),
- env('DD_CELERY_BROKER_HOST'),
- env('DD_CELERY_BROKER_PORT'),
- env('DD_CELERY_BROKER_PATH'),
- env('DD_CELERY_BROKER_PARAMS'),
+ scheme=env('DD_CELERY_BROKER_SCHEME'),
+ double_slashes=True,
+ user=env('DD_CELERY_BROKER_USER'),
+ password=env('DD_CELERY_BROKER_PASSWORD'),
+ host=env('DD_CELERY_BROKER_HOST'),
+ port=env('DD_CELERY_BROKER_PORT'),
+ path=env('DD_CELERY_BROKER_PATH'),
+ params=env('DD_CELERY_BROKER_PARAMS'),
)
CELERY_TASK_IGNORE_RESULT = env('DD_CELERY_TASK_IGNORE_RESULT')
CELERY_RESULT_BACKEND = env('DD_CELERY_RESULT_BACKEND')
diff --git a/dojo/tools/blackduck_component_risk/parser.py b/dojo/tools/blackduck_component_risk/parser.py
index 274ff74e026..60003fb4093 100644
--- a/dojo/tools/blackduck_component_risk/parser.py
+++ b/dojo/tools/blackduck_component_risk/parser.py
@@ -86,7 +86,7 @@ def ingest_findings(self, components, securities, sources, test):
title = "Review " + self.license_title(component)
description = self.license_description(component, source)
severity = self.license_severity(component)
- mitigation = self.license_mitigation(component, False)
+ mitigation = self.license_mitigation(component, violation=False)
impact = "N/A"
references = self.license_references(component)
finding = Finding(
diff --git a/dojo/tools/qualys_webapp/parser.py b/dojo/tools/qualys_webapp/parser.py
index 47be5bb9482..deb4c0395e1 100644
--- a/dojo/tools/qualys_webapp/parser.py
+++ b/dojo/tools/qualys_webapp/parser.py
@@ -351,22 +351,22 @@ def get_unique_items(
findings = {}
for unique_id, finding in get_unique_vulnerabilities(
- vulnerabilities, test, False, is_app_report,
+ vulnerabilities, test, is_info=False, is_app_report=is_app_report,
).items():
qid = int(finding.vuln_id_from_tool)
if qid in g_qid_list:
index = g_qid_list.index(qid)
findings[unique_id] = get_glossary_item(
- glossary[index], finding, enable_weakness=enable_weakness,
+ glossary[index], finding, is_info=False, enable_weakness=enable_weakness,
)
for unique_id, finding in get_unique_vulnerabilities(
- info_gathered, test, True, is_app_report,
+ info_gathered, test, is_info=True, is_app_report=is_app_report,
).items():
qid = int(finding.vuln_id_from_tool)
if qid in g_qid_list:
index = g_qid_list.index(qid)
finding = get_glossary_item(
- glossary[index], finding, True, enable_weakness=enable_weakness,
+ glossary[index], finding, is_info=True, enable_weakness=enable_weakness,
)
if qid in ig_qid_list:
index = ig_qid_list.index(qid)
@@ -390,20 +390,20 @@ def get_items(
findings = {}
for qid, finding in get_vulnerabilities(
- vulnerabilities, test, False, is_app_report,
+ vulnerabilities, test, is_info=False, is_app_report=is_app_report,
).items():
if qid in g_qid_list:
index = g_qid_list.index(qid)
findings[qid] = get_glossary_item(
- glossary[index], finding, enable_weakness=enable_weakness,
+ glossary[index], finding, is_info=False, enable_weakness=enable_weakness,
)
for qid, finding in get_vulnerabilities(
- info_gathered, test, True, is_app_report,
+ info_gathered, test, is_info=True, is_app_report=is_app_report,
).items():
if qid in g_qid_list:
index = g_qid_list.index(qid)
finding = get_glossary_item(
- glossary[index], finding, True, enable_weakness=enable_weakness,
+ glossary[index], finding, is_info=True, enable_weakness=enable_weakness,
)
if qid in ig_qid_list:
index = ig_qid_list.index(qid)
diff --git a/dojo/tools/xanitizer/parser.py b/dojo/tools/xanitizer/parser.py
index 13a898b9f67..7ec42343a62 100644
--- a/dojo/tools/xanitizer/parser.py
+++ b/dojo/tools/xanitizer/parser.py
@@ -110,11 +110,11 @@ def generate_description(self, finding):
description = "{}\n**Starting at:** {} - **Line** {}".format(
description, startnode.get("classFQN"), startnode.get("lineNo"),
)
- description = self.add_code(startnode, False, description)
+ description = self.add_code(startnode, showline=False, description=description)
description = "{}\n\n**Ending at:** {} - **Line** {}".format(
description, endnode.get("classFQN"), endnode.get("lineNo"),
)
- description = self.add_code(endnode, True, description)
+ description = self.add_code(endnode, showline=True, description=description)
elif finding.find("node") is not None:
node = finding.find("node")
description = f"{description}\n-----\n"
@@ -126,7 +126,7 @@ def generate_description(self, finding):
description = f"{description}\n**Finding at:** {location} - **Line** {line}"
else:
description = f"{description}\n**Finding at:** {location}"
- description = self.add_code(node, True, description)
+ description = self.add_code(node, showline=True, description=description)
return description
diff --git a/ruff.toml b/ruff.toml
index 30a62e2c0c1..f5269eb5a84 100644
--- a/ruff.toml
+++ b/ruff.toml
@@ -41,6 +41,7 @@ select = [
"ASYNC",
"TRIO",
"S2", "S5", "S7",
+ "FBT001", "FBT003",
"COM",
"C4",
"T10",
@@ -72,4 +73,7 @@ fixable = ["ALL"]
unfixable = []
preview = true
-per-file-ignores = {}
\ No newline at end of file
+per-file-ignores = {}
+
+[lint.flake8-boolean-trap]
+extend-allowed-calls = ["dojo.utils.get_system_setting"]
\ No newline at end of file
diff --git a/tests/announcement_banner_test.py b/tests/announcement_banner_test.py
index 5206be7ffdc..99f42c8962d 100644
--- a/tests/announcement_banner_test.py
+++ b/tests/announcement_banner_test.py
@@ -44,7 +44,7 @@ def test_create_announcement(self):
self.assertFalse(self.is_element_by_css_selector_present('.announcement-banner'))
text = 'Big important announcement, definitely pay attention!'
- self.enable_announcement(text, False, self.type)
+ self.enable_announcement(text, dismissable=False, style=self.type)
self.assertTrue(self.is_success_message_present('Announcement updated successfully.'))
self.assertTrue(self.is_element_by_css_selector_present(f'.announcement-banner.alert-{self.type.lower()}', text=text))
@@ -59,7 +59,7 @@ def test_create_dismissable_announcement(self):
self.assertFalse(self.is_element_by_css_selector_present('.announcement-banner'))
text = 'Big important announcement, definitely pay don\'t dismiss this one.'
- self.enable_announcement(text, True, self.type)
+ self.enable_announcement(text, dismissable=True, style=self.type)
self.assertTrue(self.is_success_message_present('Announcement updated successfully.'))
self.assertTrue(self.is_element_by_css_selector_present(f'.announcement-banner.alert-{self.type.lower()}', text=text))
@@ -80,7 +80,7 @@ def test_dismissing_announcement_does_not_dismiss_for_others(self):
self.assertFalse(self.is_element_by_css_selector_present('.announcement-banner'))
text = 'Everyone sees this, right?'
- self.enable_announcement(text, True, self.type)
+ self.enable_announcement(text, dismissable=True, style=self.type)
self.assertTrue(self.is_success_message_present('Announcement updated successfully.'))
self.assertTrue(self.is_element_by_css_selector_present(f'.announcement-banner.alert-{self.type.lower()}', text=text))
@@ -106,7 +106,7 @@ def test_announcement_ui_disabled_when_set(self):
self.assertFalse(self.is_element_by_css_selector_present('.announcement-banner'))
text = 'The most important announcement of the year.'
- self.enable_announcement(text, False, self.type)
+ self.enable_announcement(text, dismissable=False, style=self.type)
self.assertTrue(self.is_success_message_present('Announcement updated successfully.'))
self.assertTrue(self.is_element_by_css_selector_present(f'.announcement-banner.alert-{self.type.lower()}', text=text))
@@ -124,7 +124,7 @@ def test_announcement_empty_after_removal(self):
self.assertFalse(self.is_element_by_css_selector_present('.announcement-banner'))
text = 'Surely no-one would delete this announcement quickly'
- self.enable_announcement(text, False, self.type)
+ self.enable_announcement(text, dismissable=False, style=self.type)
self.assertTrue(self.is_success_message_present('Announcement updated successfully.'))
self.assertTrue(self.is_element_by_css_selector_present(f'.announcement-banner.alert-{self.type.lower()}', text=text))
@@ -142,7 +142,7 @@ def test_html_announcement(self):
self.assertFalse(self.is_element_by_css_selector_present('.announcement-banner'))
text = "Links in announcements? you bet!"
- self.enable_announcement(text, False, self.type)
+ self.enable_announcement(text, dismissable=False, style=self.type)
self.assertTrue(self.is_success_message_present('Announcement updated successfully.'))
driver.find_element(By.XPATH, "//div[contains(@class, 'announcement-banner')]/a[@href='https://github.com/DefectDojo/django-DefectDojo' and @style='color: #224477;' and @target='_blank']")
diff --git a/tests/base_test_class.py b/tests/base_test_class.py
index e676e919160..b04ca82a9f6 100644
--- a/tests/base_test_class.py
+++ b/tests/base_test_class.py
@@ -77,7 +77,7 @@ def setUpClass(cls):
dd_driver_options.add_argument("--window-size=1280,1024")
# dd_driver_options.add_argument("--start-maximized")
- dd_driver_options.set_capability("acceptInsecureCerts", True)
+ dd_driver_options.set_capability(name="acceptInsecureCerts", value=True)
# some extra logging can be turned on if you want to query the browser javascripe console in your tests
desired = webdriver.DesiredCapabilities.CHROME
diff --git a/unittests/test_apiv2_limit_reqresp.py b/unittests/test_apiv2_limit_reqresp.py
index 06e5ad2f4c9..0308d54919a 100644
--- a/unittests/test_apiv2_limit_reqresp.py
+++ b/unittests/test_apiv2_limit_reqresp.py
@@ -16,7 +16,7 @@ def setUp(self: object):
self.client = APIClient()
self.client.credentials(HTTP_AUTHORIZATION='Token ' + token.key)
- def assertReqrespValue(self: object, value: int, expect_notequal: bool = False) -> None:
+ def assertReqrespValue(self: object, value: int, *, expect_notequal: bool = False) -> None:
settings.MAX_REQRESP_FROM_API = value
r = self.client.get(reverse('finding-list'), format='json')
results = r.json()['results']
@@ -37,6 +37,6 @@ def test_reqresp(self: object) -> None:
self.assertReqrespValue(5)
self.assertReqrespValue(10)
self.assertReqrespValue(18) # actual number of reqresp
- self.assertReqrespValue(100, True) # more than the number in the request
- self.assertReqrespValue(-1, True) # default value of MAX_REQRESP_FROM_API
- self.assertReqrespValue(-100, True) # crazy negative value
+ self.assertReqrespValue(100, expect_notequal=True) # more than the number in the request
+ self.assertReqrespValue(-1, expect_notequal=True) # default value of MAX_REQRESP_FROM_API
+ self.assertReqrespValue(-100, expect_notequal=True) # crazy negative value
diff --git a/unittests/test_apply_finding_template.py b/unittests/test_apply_finding_template.py
index 5e58bdde62e..25aa36fab9a 100644
--- a/unittests/test_apply_finding_template.py
+++ b/unittests/test_apply_finding_template.py
@@ -43,7 +43,7 @@ def create():
t.target_end = t.target_start + datetime.timedelta(days=5)
t.save()
- user = FindingTemplateTestUtil.create_user(True)
+ user = FindingTemplateTestUtil.create_user(is_staff=True)
f = Finding()
f.title = 'Finding for Testing Apply Template functionality'
@@ -127,8 +127,8 @@ def make_request(self, user_is_staff, finding_id, template_id, data=None):
return v
def test_apply_template_to_finding_with_data_does_not_display_error_success(self):
- result = self.make_request(True, 1, 1,
- {'title': 'Finding for Testing Apply Template functionality',
+ result = self.make_request(user_is_staff=True, finding_id=1, template_id=1,
+ data={'title': 'Finding for Testing Apply Template functionality',
'cwe': '89',
'severity': 'High',
'description': 'Finding for Testing Apply Template Functionality',
@@ -137,8 +137,8 @@ def test_apply_template_to_finding_with_data_does_not_display_error_success(self
self.assertNotContains(result, 'There appears to be errors on the form', 302)
def test_apply_template_to_finding_with_data_returns_to_view_success(self):
- result = self.make_request(True, 1, 1,
- {'title': 'Finding for Testing Apply Template functionality',
+ result = self.make_request(user_is_staff=True, finding_id=1, template_id=1,
+ data={'title': 'Finding for Testing Apply Template functionality',
'cwe': '89',
'severity': 'High',
'description': 'Finding for Testing Apply Template Functionality',
@@ -156,8 +156,8 @@ def test_apply_template_to_finding_with_data_saves_success(self):
test_mitigation = 'template mitigation'
test_impact = 'template impact'
- self.make_request(True, 1, 1,
- {'title': test_title,
+ self.make_request(user_is_staff=True, finding_id=1, template_id=1,
+ data={'title': test_title,
'cwe': test_cwe,
'severity': test_severity,
'description': test_description,
@@ -173,8 +173,8 @@ def test_apply_template_to_finding_with_data_saves_success(self):
self.assertEqual(test_impact, f.impact)
def test_unauthorized_apply_template_to_finding_fails(self):
- result = self.make_request(False, 1, 1,
- {'title': 'Finding for Testing Apply Template functionality',
+ result = self.make_request(user_is_staff=False, finding_id=1, template_id=1,
+ data={'title': 'Finding for Testing Apply Template functionality',
'cwe': '89',
'severity': 'High',
'description': 'Finding for Testing Apply Template Functionality',
@@ -186,21 +186,21 @@ def test_unauthorized_apply_template_to_finding_fails(self):
def test_apply_template_to_finding_with_illegal_finding_fails(self):
with self.assertRaises(Exception):
- self.make_request(True, None, 1)
+ self.make_request(user_is_staff=True, finding_id=None, template_id=1)
def test_apply_template_to_finding_with_illegal_template_fails(self):
with self.assertRaises(Exception):
- self.make_request(True, 1, None)
+ self.make_request(user_is_staff=True, finding_id=1, template_id=None)
def test_apply_template_to_finding_with_no_data_returns_view_success(self):
- result = self.make_request(True, 1, 1, None)
+ result = self.make_request(user_is_staff=True, finding_id=1, template_id=1, data=None)
self.assertIsNotNone(result)
self.assertEqual(302, result.status_code)
self.assertEqual('/finding/1', result.url)
def test_apply_template_to_finding_without_required_field_displays_field_title_success(self):
- result = self.make_request(True, 1, 1,
- {'title': '',
+ result = self.make_request(user_is_staff=True, finding_id=1, template_id=1,
+ data={'title': '',
'cwe': '89',
'severity': 'High',
'description': 'Finding for Testing Apply Template Functionality',
@@ -209,8 +209,8 @@ def test_apply_template_to_finding_without_required_field_displays_field_title_s
self.assertContains(result, 'The title is required.')
def test_apply_template_to_finding_without_required_field_displays_error_success(self):
- result = self.make_request(True, 1, 1,
- {'title': '',
+ result = self.make_request(user_is_staff=True, finding_id=1, template_id=1,
+ data={'title': '',
'cwe': '89',
'severity': 'High',
'description': 'Finding for Testing Apply Template Functionality',
@@ -241,20 +241,20 @@ def make_request(self, user_is_staff, finding_id, data=None):
return v
def test_unauthorized_find_template_to_apply_fails(self):
- result = self.make_request(False, 1)
+ result = self.make_request(user_is_staff=False, finding_id=1)
self.assertEqual(302, result.status_code)
self.assertIn('login', result.url)
def test_authorized_find_template_to_apply_success(self):
- result = self.make_request(True, 1)
+ result = self.make_request(user_is_staff=True, finding_id=1)
self.assertEqual(200, result.status_code)
def test_find_template_to_apply_displays_templates_success(self):
- result = self.make_request(True, 1)
+ result = self.make_request(user_is_staff=True, finding_id=1)
self.assertContains(result, 'Finding Template for Testing Apply Template functionality')
def test_find_template_to_apply_displays_breadcrumb(self):
- result = self.make_request(True, 1)
+ result = self.make_request(user_is_staff=True, finding_id=1)
self.assertContains(result, 'Apply Template to Finding')
@@ -280,24 +280,24 @@ def make_request(self, user_is_staff, finding_id, template_id, data=None):
return v
def test_unauthorized_choose_finding_template_options_fails(self):
- result = self.make_request(False, 1, 1)
+ result = self.make_request(user_is_staff=False, finding_id=1, template_id=1)
self.assertEqual(302, result.status_code)
self.assertIn('login', result.url)
def test_authorized_choose_finding_template_options_success(self):
- result = self.make_request(True, 1, 1)
+ result = self.make_request(user_is_staff=True, finding_id=1, template_id=1)
self.assertEqual(200, result.status_code)
def test_choose_finding_template_options_with_invalid_finding_fails(self):
with self.assertRaises(Http404):
- result = self.make_request(True, 0, 1)
+ result = self.make_request(user_is_staff=True, finding_id=0, template_id=1)
self.assertEqual(404, result.status_code)
def test_choose_finding_template_options_with_invalid_template_fails(self):
with self.assertRaises(Http404):
- result = self.make_request(True, 1, 0)
+ result = self.make_request(user_is_staff=True, finding_id=1, template_id=0)
self.assertEqual(404, result.status_code)
def test_choose_finding_template_options_with_valid_finding_and_template_renders_apply_finding_template_view(self):
- result = self.make_request(True, 1, 1)
+ result = self.make_request(user_is_staff=True, finding_id=1, template_id=1)
self.assertContains(result, ' Apply template to a Finding
')
diff --git a/unittests/test_jira_import_and_pushing_api.py b/unittests/test_jira_import_and_pushing_api.py
index 2f0c1050bda..7f78a8943dc 100644
--- a/unittests/test_jira_import_and_pushing_api.py
+++ b/unittests/test_jira_import_and_pushing_api.py
@@ -561,7 +561,7 @@ def test_import_with_push_to_jira_update_tags(self):
def test_engagement_epic_creation(self):
eng = self.get_engagement(3)
# Set epic_mapping to true
- self.toggle_jira_project_epic_mapping(eng, True)
+ self.toggle_jira_project_epic_mapping(eng, value=True)
self.create_engagement_epic(eng)
self.assertTrue(eng.has_jira_issue)
@@ -570,7 +570,7 @@ def test_engagement_epic_creation(self):
def test_engagement_epic_mapping_enabled_create_epic_and_push_findings(self):
eng = self.get_engagement(3)
# Set epic_mapping to true
- self.toggle_jira_project_epic_mapping(eng, True)
+ self.toggle_jira_project_epic_mapping(eng, value=True)
self.create_engagement_epic(eng)
import0 = self.import_scan_with_params(self.zap_sample5_filename, push_to_jira=True, engagement=3, verified=True)
test_id = import0['test']
@@ -588,7 +588,7 @@ def test_engagement_epic_mapping_enabled_create_epic_and_push_findings(self):
def test_engagement_epic_mapping_enabled_no_epic_and_push_findings(self):
eng = self.get_engagement(3)
# Set epic_mapping to true
- self.toggle_jira_project_epic_mapping(eng, True)
+ self.toggle_jira_project_epic_mapping(eng, value=True)
import0 = self.import_scan_with_params(self.zap_sample5_filename, push_to_jira=True, engagement=3, verified=True)
test_id = import0['test']
# Correct number of issues are pushed to jira
@@ -605,7 +605,7 @@ def test_engagement_epic_mapping_enabled_no_epic_and_push_findings(self):
def test_engagement_epic_mapping_disabled_create_epic_and_push_findings(self):
eng = self.get_engagement(3)
# Set epic_mapping to true
- self.toggle_jira_project_epic_mapping(eng, False)
+ self.toggle_jira_project_epic_mapping(eng, value=False)
self.create_engagement_epic(eng)
import0 = self.import_scan_with_params(self.zap_sample5_filename, push_to_jira=True, engagement=3, verified=True)
test_id = import0['test']
@@ -623,7 +623,7 @@ def test_engagement_epic_mapping_disabled_create_epic_and_push_findings(self):
def test_engagement_epic_mapping_disabled_no_epic_and_push_findings(self):
eng = self.get_engagement(3)
# Set epic_mapping to true
- self.toggle_jira_project_epic_mapping(eng, False)
+ self.toggle_jira_project_epic_mapping(eng, value=False)
import0 = self.import_scan_with_params(self.zap_sample5_filename, push_to_jira=True, engagement=3, verified=True)
test_id = import0['test']
# Correct number of issues are pushed to jira
diff --git a/unittests/test_parsers.py b/unittests/test_parsers.py
index 53af54d17a0..ab9706ce7a5 100644
--- a/unittests/test_parsers.py
+++ b/unittests/test_parsers.py
@@ -88,7 +88,7 @@ def test_file_existence(self):
read_true = False
i = 0
elif i > 4:
- self.assertTrue(False, "In file " + str(os.path.join('dojo', 'tools', parser_dir.name, file.name)) + " the test is failing because you don't have utf-8 after .read()")
+ self.assertTrue(expr=False, msg="In file " + str(os.path.join('dojo', 'tools', parser_dir.name, file.name)) + " the test is failing because you don't have utf-8 after .read()")
i = 0
read_true = False
else:
diff --git a/unittests/test_rest_framework.py b/unittests/test_rest_framework.py
index 242c95d2232..b372cf18eb1 100644
--- a/unittests/test_rest_framework.py
+++ b/unittests/test_rest_framework.py
@@ -275,7 +275,7 @@ def _check_helper(check):
_check_helper(isinstance(obj, str))
else:
# Default case
- _check_helper(False)
+ _check_helper(check=False)
# print('_check_type ok for: %s: %s' % (schema, obj))
diff --git a/unittests/test_utils.py b/unittests/test_utils.py
index 3bf031ba10c..634d371f473 100644
--- a/unittests/test_utils.py
+++ b/unittests/test_utils.py
@@ -79,7 +79,7 @@ def test_user_post_save_without_template(self, mock_notifications, mock_member,
mock_notifications.return_value = save_mock_notifications
mock_notifications.objects.get.side_effect = Exception("Mock no templates")
- user_post_save(None, user, True)
+ user_post_save(None, user, created=True)
mock_member.assert_called_with(group=group, user=user, role=role)
save_mock_member.save.assert_called_once()
@@ -111,7 +111,7 @@ def test_user_post_save_with_template(self, mock_notifications, mock_member, moc
mock_notifications.objects.get.return_value = template
- user_post_save(None, user, True)
+ user_post_save(None, user, created=True)
mock_member.assert_called_with(group=group, user=user, role=role)
save_mock_member.save.assert_called_once()
@@ -144,7 +144,7 @@ def test_user_post_save_email_pattern_matches(self, mock_notifications, mock_mem
mock_notifications.return_value = save_mock_notifications
mock_notifications.objects.get.side_effect = Exception("Mock no templates")
- user_post_save(None, user, True)
+ user_post_save(None, user, created=True)
mock_member.assert_called_with(group=group, user=user, role=role)
save_mock_member.save.assert_called_once()
@@ -174,7 +174,7 @@ def test_user_post_save_email_pattern_does_not_match(self, mock_notifications, m
save_mock_member = Mock(return_value=Dojo_Group_Member())
mock_member.return_value = save_mock_member
- user_post_save(None, user, True)
+ user_post_save(None, user, created=True)
mock_member.assert_not_called()
save_mock_member.save.assert_not_called()
diff --git a/unittests/tools/test_qualys_webapp_parser.py b/unittests/tools/test_qualys_webapp_parser.py
index 078e8f7dd0b..5a13859843a 100644
--- a/unittests/tools/test_qualys_webapp_parser.py
+++ b/unittests/tools/test_qualys_webapp_parser.py
@@ -48,7 +48,7 @@ def test_qualys_webapp_parser_info_is_vuln(self):
get_unit_tests_path() + "/scans/qualys_webapp/qualys_webapp_many_vuln.xml",
)
parser = QualysWebAppParser()
- findings = parser.get_findings(testfile, Test(), True)
+ findings = parser.get_findings(testfile, Test(), enable_weakness=True)
testfile.close()
for finding in findings:
for endpoint in finding.unsaved_endpoints:
@@ -62,7 +62,7 @@ def test_discussion_10239(self):
get_unit_tests_path() + "/scans/qualys_webapp/discussion_10239.xml",
)
parser = QualysWebAppParser()
- findings = parser.get_findings(testfile, Test(), True)
+ findings = parser.get_findings(testfile, Test(), enable_weakness=True)
testfile.close()
self.assertEqual(1, len(findings))
finding = findings[0]
diff --git a/unittests/tools/test_stackhawk_parser.py b/unittests/tools/test_stackhawk_parser.py
index 94cf2de4705..94ace2cd164 100644
--- a/unittests/tools/test_stackhawk_parser.py
+++ b/unittests/tools/test_stackhawk_parser.py
@@ -45,8 +45,8 @@ def test_stackhawk_parser_with_one_high_vuln_has_one_findings(self):
"https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/20012",
"20012",
"10",
- False,
- False,
+ false_positive=False,
+ risk_accepted=False,
)
def test_stackhawk_parser_with_many_vuln_has_many_findings_and_removes_duplicates(self):
@@ -66,8 +66,8 @@ def test_stackhawk_parser_with_many_vuln_has_many_findings_and_removes_duplicate
"https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/90027",
"90027",
"10",
- False,
- False,
+ false_positive=False,
+ risk_accepted=False,
)
self.__assertFindingEquals(
@@ -80,8 +80,8 @@ def test_stackhawk_parser_with_many_vuln_has_many_findings_and_removes_duplicate
"https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/40025",
"40025",
"10",
- False,
- False,
+ false_positive=False,
+ risk_accepted=False,
)
self.__assertFindingEquals(
@@ -94,8 +94,8 @@ def test_stackhawk_parser_with_many_vuln_has_many_findings_and_removes_duplicate
"https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/20012",
"20012",
"10",
- False,
- False,
+ false_positive=False,
+ risk_accepted=False,
)
self.__assertFindingEquals(
@@ -108,8 +108,8 @@ def test_stackhawk_parser_with_many_vuln_has_many_findings_and_removes_duplicate
"https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/40012",
"40012",
"1",
- False,
- False,
+ false_positive=False,
+ risk_accepted=False,
)
self.__assertFindingEquals(
@@ -122,8 +122,8 @@ def test_stackhawk_parser_with_many_vuln_has_many_findings_and_removes_duplicate
"https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/10038",
"10038",
"12",
- False,
- False,
+ false_positive=False,
+ risk_accepted=False,
)
self.__assertFindingEquals(
@@ -136,8 +136,8 @@ def test_stackhawk_parser_with_many_vuln_has_many_findings_and_removes_duplicate
"https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/10063",
"10063",
"12",
- False,
- False,
+ false_positive=False,
+ risk_accepted=False,
)
def test_that_a_scan_import_updates_the_test_description(self):
@@ -168,8 +168,8 @@ def test_that_a_scan_with_all_false_positive_endpoints_on_a_finding_marks_as_fal
"https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/90027",
"90027",
"3",
- True,
- False,
+ false_positive=True,
+ risk_accepted=False,
)
def test_that_a_scan_with_all_risk_accepted_endpoints_on_a_finding_marks_as_risk_accepted(self):
@@ -188,8 +188,8 @@ def test_that_a_scan_with_all_risk_accepted_endpoints_on_a_finding_marks_as_risk
"https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/90027",
"90027",
"3",
- False,
- True,
+ false_positive=False,
+ risk_accepted=True,
)
def test_that_a_scan_with_endpoints_in_differing_statuses_does_not_mark_as_risk_accepted_or_false_positive(self):
@@ -208,8 +208,8 @@ def test_that_a_scan_with_endpoints_in_differing_statuses_does_not_mark_as_risk_
"https://app.stackhawk.com/scans/e2ff5651-7eef-47e9-b743-0c2f7d861e27/finding/90027",
"90027",
"3",
- False,
- False,
+ false_positive=False,
+ risk_accepted=False,
)
def __assertFindingEquals(