From 8b23289e24a3df56734be287eff39a750b3f9517 Mon Sep 17 00:00:00 2001
From: kiblik <5609770+kiblik@users.noreply.github.com>
Date: Fri, 3 May 2024 15:23:41 +0200
Subject: [PATCH] Ruff: fix RET
---
dojo/announcement/views.py | 15 +-
dojo/api_v2/mixins.py | 3 +-
dojo/api_v2/permissions.py | 211 ++++++++----------
dojo/api_v2/serializers.py | 48 ++--
dojo/api_v2/views.py | 31 ++-
dojo/apps.py | 3 +-
dojo/authorization/authorization.py | 47 ++--
dojo/cred/queries.py | 4 +-
dojo/cred/views.py | 6 +-
dojo/decorators.py | 9 +-
dojo/endpoint/queries.py | 8 +-
dojo/endpoint/utils.py | 27 ++-
dojo/endpoint/views.py | 8 +-
dojo/engagement/queries.py | 4 +-
dojo/engagement/views.py | 67 +++---
dojo/filters.py | 7 +-
dojo/finding/queries.py | 12 +-
dojo/finding/views.py | 169 +++++++-------
dojo/finding_group/queries.py | 4 +-
dojo/forms.py | 39 ++--
dojo/github_issue_link/views.py | 10 +-
dojo/group/queries.py | 3 +-
dojo/group/views.py | 28 +--
dojo/importers/auto_create_context.py | 19 +-
dojo/importers/base_importer.py | 15 +-
dojo/importers/default_reimporter.py | 102 ++++-----
dojo/importers/endpoint_manager.py | 14 +-
dojo/jira_link/helper.py | 61 +++--
dojo/jira_link/queries.py | 8 +-
dojo/jira_link/views.py | 10 +-
.../commands/jira_status_reconciliation.py | 3 +-
dojo/metrics/utils.py | 3 +-
dojo/models.py | 210 ++++++++---------
dojo/notes/views.py | 12 +-
dojo/notifications/helper.py | 23 +-
dojo/object/views.py | 17 +-
dojo/pipeline.py | 28 +--
dojo/product/queries.py | 30 +--
dojo/product/views.py | 92 +++-----
dojo/product_type/queries.py | 10 +-
dojo/product_type/views.py | 24 +-
dojo/regulations/views.py | 2 +-
dojo/remote_user.py | 24 +-
dojo/reports/views.py | 28 +--
dojo/risk_acceptance/helper.py | 6 +-
dojo/risk_acceptance/queries.py | 4 +-
dojo/search/views.py | 4 +-
dojo/sla_config/views.py | 13 +-
dojo/survey/views.py | 130 +++++------
dojo/system_settings/views.py | 2 +-
dojo/tags_signals.py | 1 +
dojo/templatetags/display_tags.py | 43 ++--
dojo/templatetags/event_tags.py | 3 +-
dojo/templatetags/get_attribute.py | 3 +-
dojo/templatetags/get_banner.py | 6 +-
dojo/templatetags/get_config_setting.py | 4 +-
dojo/templatetags/get_endpoint_status.py | 3 +-
dojo/templatetags/get_note_status.py | 1 +
.../templatetags/get_notetype_availability.py | 4 +-
dojo/test/queries.py | 8 +-
dojo/test/views.py | 37 ++-
dojo/tool_config/factory.py | 3 +-
dojo/tool_product/queries.py | 4 +-
dojo/tool_product/views.py | 3 +-
dojo/tools/acunetix/parse_acunetix_xml.py | 15 +-
dojo/tools/acunetix/parser.py | 3 +-
dojo/tools/anchore_grype/parser.py | 8 +-
dojo/tools/api_blackduck/api_client.py | 2 +
dojo/tools/api_bugcrowd/api_client.py | 16 +-
dojo/tools/api_bugcrowd/parser.py | 22 +-
dojo/tools/api_cobalt/api_client.py | 35 ++-
dojo/tools/api_cobalt/importer.py | 3 +-
dojo/tools/api_cobalt/parser.py | 14 +-
dojo/tools/api_edgescan/api_client.py | 5 +-
dojo/tools/api_edgescan/importer.py | 3 +-
dojo/tools/api_sonarqube/importer.py | 17 +-
dojo/tools/api_sonarqube/updater.py | 6 +-
dojo/tools/api_vulners/importer.py | 6 +-
dojo/tools/appspider/parser.py | 2 +-
dojo/tools/aqua/parser.py | 16 +-
dojo/tools/asff/parser.py | 11 +-
dojo/tools/auditjs/parser.py | 9 +-
dojo/tools/aws_prowler/parser.py | 17 +-
dojo/tools/aws_prowler_v3/parser.py | 8 +-
.../parser.py | 5 +-
dojo/tools/bandit/parser.py | 7 +-
dojo/tools/bearer_cli/parser.py | 3 +-
dojo/tools/blackduck/importer.py | 3 +-
dojo/tools/blackduck/parser.py | 3 +-
.../tools/blackduck_binary_analysis/parser.py | 7 +-
.../blackduck_component_risk/importer.py | 5 +-
dojo/tools/blackduck_component_risk/parser.py | 6 +-
dojo/tools/burp_api/parser.py | 7 +-
dojo/tools/burp_enterprise/parser.py | 6 +-
dojo/tools/burp_graphql/parser.py | 3 +-
dojo/tools/checkmarx/parser.py | 14 +-
dojo/tools/checkmarx_one/parser.py | 8 +-
dojo/tools/chefinspect/parser.py | 9 +-
dojo/tools/clair/clairklar_parser.py | 3 +-
dojo/tools/clair/parser.py | 6 +-
dojo/tools/cloudsploit/parser.py | 3 +-
dojo/tools/codechecker/parser.py | 7 +-
dojo/tools/contrast/parser.py | 3 +-
dojo/tools/crashtest_security/parser.py | 19 +-
dojo/tools/crunch42/parser.py | 6 +-
dojo/tools/cyclonedx/json_parser.py | 2 +-
dojo/tools/cyclonedx/parser.py | 3 +-
.../deepfence_threatmapper/compliance.py | 3 +-
dojo/tools/deepfence_threatmapper/malware.py | 6 +-
dojo/tools/deepfence_threatmapper/secret.py | 3 +-
.../deepfence_threatmapper/vulnerability.py | 6 +-
dojo/tools/dependency_check/parser.py | 11 +-
dojo/tools/dependency_track/parser.py | 11 +-
dojo/tools/dockerbench/parser.py | 4 +-
dojo/tools/drheader/parser.py | 7 +-
dojo/tools/eslint/parser.py | 5 +-
dojo/tools/fortify/parser.py | 3 +-
dojo/tools/generic/csv_parser.py | 3 +-
dojo/tools/generic/parser.py | 6 +-
dojo/tools/github_vulnerability/parser.py | 6 +-
dojo/tools/gitlab_dep_scan/parser.py | 3 +-
dojo/tools/gitlab_sast/parser.py | 3 +-
dojo/tools/harbor_vulnerability/parser.py | 3 +-
dojo/tools/hcl_appscan/parser.py | 3 +-
dojo/tools/huskyci/parser.py | 7 +-
dojo/tools/hydra/parser.py | 4 +-
dojo/tools/intsights/parser.py | 3 +-
.../parser.py | 6 +-
dojo/tools/kubebench/parser.py | 7 +-
dojo/tools/kubescape/parser.py | 7 +-
dojo/tools/microfocus_webinspect/parser.py | 14 +-
dojo/tools/mobsf/parser.py | 3 +-
dojo/tools/mobsfscan/parser.py | 91 ++++----
dojo/tools/mozilla_observatory/parser.py | 7 +-
dojo/tools/ms_defender/parser.py | 48 ++--
dojo/tools/neuvector/parser.py | 16 +-
dojo/tools/neuvector_compliance/parser.py | 22 +-
dojo/tools/nikto/parser.py | 7 +-
dojo/tools/nmap/parser.py | 9 +-
dojo/tools/noseyparker/parser.py | 4 +-
dojo/tools/npm_audit/parser.py | 6 +-
dojo/tools/npm_audit_7_plus/parser.py | 2 +-
dojo/tools/nsp/parser.py | 7 +-
dojo/tools/nuclei/parser.py | 2 +-
dojo/tools/openvas/csv_parser.py | 5 +-
dojo/tools/openvas/parser.py | 3 +-
dojo/tools/openvas/xml_parser.py | 9 +-
dojo/tools/ort/parser.py | 33 ++-
dojo/tools/ossindex_devaudit/parser.py | 7 +-
dojo/tools/php_security_audit_v2/parser.py | 7 +-
.../php_symfony_security_check/parser.py | 2 +-
dojo/tools/popeye/parser.py | 10 +-
dojo/tools/pwn_sast/parser.py | 1 +
dojo/tools/qualys/csv_parser.py | 8 +-
dojo/tools/qualys/parser.py | 3 +-
dojo/tools/qualys_infrascan_webgui/parser.py | 11 +-
dojo/tools/qualys_webapp/parser.py | 6 +-
dojo/tools/retirejs/parser.py | 4 +-
dojo/tools/risk_recon/parser.py | 1 +
dojo/tools/rusty_hog/parser.py | 5 +-
dojo/tools/sarif/parser.py | 25 +--
dojo/tools/scout_suite/parser.py | 3 +-
dojo/tools/semgrep/parser.py | 11 +-
dojo/tools/snyk/parser.py | 6 +-
dojo/tools/snyk_code/parser.py | 6 +-
dojo/tools/sonarqube/parser.py | 27 +--
.../tools/sonarqube/sonarqube_restapi_json.py | 7 +-
dojo/tools/sonarqube/soprasteria_helper.py | 17 +-
dojo/tools/sonatype/parser.py | 7 +-
dojo/tools/ssh_audit/parser.py | 9 +-
dojo/tools/sslyze/parser.py | 7 +-
dojo/tools/sslyze/parser_json.py | 8 +-
dojo/tools/stackhawk/parser.py | 11 +-
dojo/tools/sysdig_reports/parser.py | 5 +-
dojo/tools/tenable/csv_format.py | 3 +-
dojo/tools/tenable/parser.py | 7 +-
dojo/tools/trivy/parser.py | 148 ++++++------
dojo/tools/trufflehog/parser.py | 8 +-
dojo/tools/trustwave_fusion_api/parser.py | 7 +-
dojo/tools/twistlock/parser.py | 20 +-
dojo/tools/utils.py | 2 +-
dojo/tools/vcg/parser.py | 19 +-
dojo/tools/veracode/json_parser.py | 4 +-
dojo/tools/veracode/parser.py | 7 +-
dojo/tools/veracode/xml_parser.py | 3 +-
dojo/tools/veracode_sca/parser.py | 9 +-
dojo/tools/wapiti/parser.py | 3 +-
dojo/tools/wfuzz/parser.py | 7 +-
dojo/tools/whitehat_sentinel/parser.py | 4 +-
dojo/tools/xanitizer/parser.py | 5 +-
dojo/tools/yarn_audit/parser.py | 7 +-
dojo/user/utils.py | 29 +--
dojo/user/validators.py | 21 +-
dojo/user/views.py | 11 +-
dojo/utils.py | 76 +++----
tests/product_test.py | 3 +-
unittests/dojo_test_case.py | 15 +-
unittests/test_apply_finding_template.py | 12 +-
unittests/test_import_reimport.py | 7 +-
unittests/test_rest_framework.py | 25 ++-
.../tools/test_api_sonarqube_importer.py | 27 +--
unittests/tools/test_api_sonarqube_parser.py | 12 +-
202 files changed, 1387 insertions(+), 1872 deletions(-)
diff --git a/dojo/announcement/views.py b/dojo/announcement/views.py
index 5c01ffaaf49..cfd9122ca60 100644
--- a/dojo/announcement/views.py
+++ b/dojo/announcement/views.py
@@ -81,12 +81,11 @@ def dismiss_announcement(request):
extra_tags="alert-success",
)
return HttpResponseRedirect("dashboard")
- else:
- messages.add_message(
- request,
- messages.ERROR,
- _("Failed to remove announcement."),
- extra_tags="alert-danger",
- )
- return render(request, "dojo/dismiss_announcement.html")
+ messages.add_message(
+ request,
+ messages.ERROR,
+ _("Failed to remove announcement."),
+ extra_tags="alert-danger",
+ )
+ return render(request, "dojo/dismiss_announcement.html")
return render(request, "dojo/dismiss_announcement.html")
diff --git a/dojo/api_v2/mixins.py b/dojo/api_v2/mixins.py
index 749f7ab8b56..f22f40a9cf6 100644
--- a/dojo/api_v2/mixins.py
+++ b/dojo/api_v2/mixins.py
@@ -29,8 +29,7 @@ def delete_preview(self, request, pk=None):
def flatten(elem):
if isinstance(elem, list):
return itertools.chain.from_iterable(map(flatten, elem))
- else:
- return [elem]
+ return [elem]
rels = [
{
diff --git a/dojo/api_v2/permissions.py b/dojo/api_v2/permissions.py
index 10991bb3e5f..c47bfcbc762 100644
--- a/dojo/api_v2/permissions.py
+++ b/dojo/api_v2/permissions.py
@@ -35,8 +35,7 @@ def check_post_permission(request, post_model, post_pk, post_permission):
raise ParseError(msg)
object = get_object_or_404(post_model, pk=request.data.get(post_pk))
return user_has_permission(request.user, object, post_permission)
- else:
- return True
+ return True
def check_object_permission(
@@ -49,14 +48,13 @@ def check_object_permission(
):
if request.method == "GET":
return user_has_permission(request.user, object, get_permission)
- elif request.method == "PUT" or request.method == "PATCH":
+ if request.method == "PUT" or request.method == "PATCH":
return user_has_permission(request.user, object, put_permission)
- elif request.method == "DELETE":
+ if request.method == "DELETE":
return user_has_permission(request.user, object, delete_permission)
- elif request.method == "POST":
+ if request.method == "POST":
return user_has_permission(request.user, object, post_permission)
- else:
- return False
+ return False
class UserHasAppAnalysisPermission(permissions.BasePermission):
@@ -113,12 +111,11 @@ def has_permission(self, request, view):
return user_has_configuration_permission(
request.user, "auth.view_group"
)
- elif request.method == "POST":
+ if request.method == "POST":
return user_has_configuration_permission(
request.user, "auth.add_group"
)
- else:
- return True
+ return True
def has_object_permission(self, request, view, obj):
if request.method == "GET":
@@ -130,14 +127,13 @@ def has_object_permission(self, request, view, obj):
) and user_has_permission(
request.user, obj, Permissions.Group_View
)
- else:
- return check_object_permission(
- request,
- obj,
- Permissions.Group_View,
- Permissions.Group_Edit,
- Permissions.Group_Delete,
- )
+ return check_object_permission(
+ request,
+ obj,
+ Permissions.Group_View,
+ Permissions.Group_Edit,
+ Permissions.Group_Delete,
+ )
class UserHasDojoGroupMemberPermission(permissions.BasePermission):
@@ -188,8 +184,7 @@ def has_permission(self, request, view):
)
)
return has_permission_result
- else:
- return True
+ return True
def has_object_permission(self, request, view, obj):
has_permission_result = True
@@ -293,9 +288,8 @@ def has_permission(self, request, view):
return check_post_permission(
request, Product, "product", Permissions.Engagement_Add
)
- else:
- # related object only need object permission
- return True
+ # related object only need object permission
+ return True
def has_object_permission(self, request, view, obj):
if UserHasEngagementPermission.path_engagement_post.match(
@@ -308,15 +302,14 @@ def has_object_permission(self, request, view, obj):
Permissions.Engagement_Edit,
Permissions.Engagement_Delete,
)
- else:
- return check_object_permission(
- request,
- obj,
- Permissions.Engagement_View,
- Permissions.Engagement_Edit,
- Permissions.Engagement_Edit,
- Permissions.Engagement_Edit,
- )
+ return check_object_permission(
+ request,
+ obj,
+ Permissions.Engagement_View,
+ Permissions.Engagement_Edit,
+ Permissions.Engagement_Edit,
+ Permissions.Engagement_Edit,
+ )
class UserHasRiskAcceptancePermission(permissions.BasePermission):
@@ -334,9 +327,8 @@ def has_permission(self, request, view):
return check_post_permission(
request, Product, "product", Permissions.Risk_Acceptance
)
- else:
- # related object only need object permission
- return True
+ # related object only need object permission
+ return True
def has_object_permission(self, request, view, obj):
if UserHasRiskAcceptancePermission.path_risk_acceptance_post.match(
@@ -351,15 +343,14 @@ def has_object_permission(self, request, view, obj):
Permissions.Risk_Acceptance,
Permissions.Risk_Acceptance,
)
- else:
- return check_object_permission(
- request,
- obj,
- Permissions.Risk_Acceptance,
- Permissions.Risk_Acceptance,
- Permissions.Risk_Acceptance,
- Permissions.Risk_Acceptance,
- )
+ return check_object_permission(
+ request,
+ obj,
+ Permissions.Risk_Acceptance,
+ Permissions.Risk_Acceptance,
+ Permissions.Risk_Acceptance,
+ Permissions.Risk_Acceptance,
+ )
class UserHasFindingPermission(permissions.BasePermission):
@@ -382,9 +373,8 @@ def has_permission(self, request, view):
return check_post_permission(
request, Test, "test", Permissions.Finding_Add
)
- else:
- # related object only need object permission
- return True
+ # related object only need object permission
+ return True
def has_object_permission(self, request, view, obj):
if (
@@ -402,15 +392,14 @@ def has_object_permission(self, request, view, obj):
Permissions.Finding_Edit,
Permissions.Finding_Delete,
)
- else:
- return check_object_permission(
- request,
- obj,
- Permissions.Finding_View,
- Permissions.Finding_Edit,
- Permissions.Finding_Edit,
- Permissions.Finding_Edit,
- )
+ return check_object_permission(
+ request,
+ obj,
+ Permissions.Finding_View,
+ Permissions.Finding_Edit,
+ Permissions.Finding_Edit,
+ Permissions.Finding_Edit,
+ )
class UserHasImportPermission(permissions.BasePermission):
@@ -435,7 +424,7 @@ def has_permission(self, request, view):
return user_has_permission(
request.user, engagement, Permissions.Import_Scan_Result
)
- elif engagement_id := converted_dict.get("engagement_id"):
+ if engagement_id := converted_dict.get("engagement_id"):
# engagement_id doesn't exist
msg = f'Engagement "{engagement_id}" does not exist'
raise serializers.ValidationError(msg)
@@ -452,19 +441,19 @@ def has_permission(self, request, view):
converted_dict.get("product_type"),
"Need engagement_id or product_name + engagement_name to perform import",
)
- else:
- # the engagement doesn't exist, so we need to check if the user has
- # requested and is allowed to use auto_create
- return check_auto_create_permission(
- request.user,
- converted_dict.get("product"),
- converted_dict.get("product_name"),
- converted_dict.get("engagement"),
- converted_dict.get("engagement_name"),
- converted_dict.get("product_type"),
- converted_dict.get("product_type_name"),
- "Need engagement_id or product_name + engagement_name to perform import",
- )
+ return None
+ # the engagement doesn't exist, so we need to check if the user has
+ # requested and is allowed to use auto_create
+ return check_auto_create_permission(
+ request.user,
+ converted_dict.get("product"),
+ converted_dict.get("product_name"),
+ converted_dict.get("engagement"),
+ converted_dict.get("engagement_name"),
+ converted_dict.get("product_type"),
+ converted_dict.get("product_type_name"),
+ "Need engagement_id or product_name + engagement_name to perform import",
+ )
class UserHasMetaImportPermission(permissions.BasePermission):
@@ -490,13 +479,12 @@ def has_permission(self, request, view):
return user_has_permission(
request.user, product, Permissions.Import_Scan_Result
)
- elif product_id := converted_dict.get("product_id"):
+ if product_id := converted_dict.get("product_id"):
# product_id doesn't exist
msg = f'Product "{product_id}" does not exist'
raise serializers.ValidationError(msg)
- else:
- msg = "Need product_id or product_name to perform import"
- raise serializers.ValidationError(msg)
+ msg = "Need product_id or product_name to perform import"
+ raise serializers.ValidationError(msg)
class UserHasProductPermission(permissions.BasePermission):
@@ -556,8 +544,7 @@ def has_permission(self, request, view):
return user_has_global_permission(
request.user, Permissions.Product_Type_Add
)
- else:
- return True
+ return True
def has_object_permission(self, request, view, obj):
return check_object_permission(
@@ -631,7 +618,7 @@ def has_permission(self, request, view):
return user_has_permission(
request.user, test, Permissions.Import_Scan_Result
)
- elif test_id := converted_dict.get("test_id"):
+ if test_id := converted_dict.get("test_id"):
# test_id doesn't exist
msg = f'Test "{test_id}" does not exist'
raise serializers.ValidationError(msg)
@@ -648,19 +635,19 @@ def has_permission(self, request, view):
converted_dict.get("product_type"),
"Need test_id or product_name + engagement_name + scan_type to perform reimport",
)
- else:
- # the test doesn't exist, so we need to check if the user has
- # requested and is allowed to use auto_create
- return check_auto_create_permission(
- request.user,
- converted_dict.get("product"),
- converted_dict.get("product_name"),
- converted_dict.get("engagement"),
- converted_dict.get("engagement_name"),
- converted_dict.get("product_type"),
- converted_dict.get("product_type_name"),
- "Need test_id or product_name + engagement_name + scan_type to perform reimport",
- )
+ return None
+ # the test doesn't exist, so we need to check if the user has
+ # requested and is allowed to use auto_create
+ return check_auto_create_permission(
+ request.user,
+ converted_dict.get("product"),
+ converted_dict.get("product_name"),
+ converted_dict.get("engagement"),
+ converted_dict.get("engagement_name"),
+ converted_dict.get("product_type"),
+ converted_dict.get("product_type_name"),
+ "Need test_id or product_name + engagement_name + scan_type to perform reimport",
+ )
class UserHasTestPermission(permissions.BasePermission):
@@ -676,9 +663,8 @@ def has_permission(self, request, view):
return check_post_permission(
request, Engagement, "engagement", Permissions.Test_Add
)
- else:
- # related object only need object permission
- return True
+ # related object only need object permission
+ return True
def has_object_permission(self, request, view, obj):
if UserHasTestPermission.path_tests_post.match(
@@ -691,15 +677,14 @@ def has_object_permission(self, request, view, obj):
Permissions.Test_Edit,
Permissions.Test_Delete,
)
- else:
- return check_object_permission(
- request,
- obj,
- Permissions.Test_View,
- Permissions.Test_Edit,
- Permissions.Test_Edit,
- Permissions.Test_Edit,
- )
+ return check_object_permission(
+ request,
+ obj,
+ Permissions.Test_View,
+ Permissions.Test_Edit,
+ Permissions.Test_Edit,
+ Permissions.Test_Edit,
+ )
class UserHasTestImportPermission(permissions.BasePermission):
@@ -776,8 +761,7 @@ def has_permission(self, request, view):
)
)
return has_permission_result
- else:
- return True
+ return True
def has_object_permission(self, request, view, obj):
has_permission_result = True
@@ -840,8 +824,7 @@ def has_permission(self, request, view):
)
)
return has_permission_result
- else:
- return True
+ return True
def has_object_permission(self, request, view, obj):
has_permission_result = True
@@ -934,9 +917,8 @@ def raise_no_auto_create_import_validation_error(
if product_type_name:
msg = f'Product "{product_name}" does not exist in Product_Type "{product_type_name}"'
raise serializers.ValidationError(msg)
- else:
- msg = f'Product "{product_name}" does not exist'
- raise serializers.ValidationError(msg)
+ msg = f'Product "{product_name}" does not exist'
+ raise serializers.ValidationError(msg)
if engagement_name and not engagement:
msg = f'Engagement "{engagement_name}" does not exist in Product "{product_name}"'
@@ -1021,12 +1003,11 @@ def check_auto_create_permission(
# new product type can be created with current user as owner, so
# all objects in it can be created as well
return True
- else:
- if not user_has_permission(
- user, product_type, Permissions.Product_Type_Add_Product
- ):
- msg = f'No permission to create products in product_type "{product_type}"'
- raise PermissionDenied(msg)
+ if not user_has_permission(
+ user, product_type, Permissions.Product_Type_Add_Product
+ ):
+ msg = f'No permission to create products in product_type "{product_type}"'
+ raise PermissionDenied(msg)
# product can be created, so objects in it can be created as well
return True
diff --git a/dojo/api_v2/serializers.py b/dojo/api_v2/serializers.py
index 4de5d536d07..0131ae4f48d 100644
--- a/dojo/api_v2/serializers.py
+++ b/dojo/api_v2/serializers.py
@@ -225,9 +225,7 @@ def to_internal_value(self, data):
substrings = re.findall(r'(?:"[^"]*"|[^",]+)', s)
data_safe.extend(substrings)
- internal_value = tagulous.utils.render_tags(data_safe)
-
- return internal_value
+ return tagulous.utils.render_tags(data_safe)
def to_representation(self, value):
if not isinstance(value, list):
@@ -303,8 +301,7 @@ def __str__(self):
return json.dumps(
self, sort_keys=True, indent=4, separators=(",", ": ")
)
- else:
- return json.dumps(self)
+ return json.dumps(self)
class RequestResponseSerializerField(serializers.ListSerializer):
@@ -554,8 +551,7 @@ def validate(self, data):
):
msg = "Update of password though API is not allowed"
raise ValidationError(msg)
- else:
- return super().validate(data)
+ return super().validate(data)
class UserContactInfoSerializer(serializers.ModelSerializer):
@@ -820,6 +816,7 @@ def validate(self, data):
)
raise ValidationError(msg)
return data
+ return None
class RawFileSerializer(serializers.ModelSerializer):
@@ -1072,8 +1069,7 @@ def to_representation(self, data):
"title": file.title,
}
)
- new_data = {"engagement_id": engagement.id, "files": new_files}
- return new_data
+ return {"engagement_id": engagement.id, "files": new_files}
class EngagementCheckListSerializer(serializers.ModelSerializer):
@@ -1149,8 +1145,7 @@ def create(self, validated_data):
if "endpoint-finding relation" in str(ie):
msg = "This endpoint-finding relation already exists"
raise serializers.ValidationError(msg)
- else:
- raise
+ raise
status.mitigated = validated_data.get("mitigated", False)
status.false_positive = validated_data.get("false_positive", False)
status.out_of_scope = validated_data.get("out_of_scope", False)
@@ -1166,8 +1161,7 @@ def update(self, instance, validated_data):
if "endpoint-finding relation" in str(ie):
msg = "This endpoint-finding relation already exists"
raise serializers.ValidationError(msg)
- else:
- raise
+ raise
class EndpointSerializer(TaggitSerializer, serializers.ModelSerializer):
@@ -1429,8 +1423,7 @@ def to_representation(self, data):
"title": file.title,
}
)
- new_data = {"test_id": test.id, "files": new_files}
- return new_data
+ return {"test_id": test.id, "files": new_files}
class TestImportFindingActionSerializer(serializers.ModelSerializer):
@@ -1686,8 +1679,7 @@ def get_related_fields(self, obj):
return FindingRelatedFieldsSerializer(
required=False
).to_representation(obj)
- else:
- return None
+ return None
def get_display_status(self, obj) -> str:
return obj.status()
@@ -1731,8 +1723,7 @@ def update(self, instance, validated_data):
# not sure why we are returning a tag_object, but don't want to change
# too much now as we're just fixing a bug
- tag_object = self._save_tags(instance, to_be_tagged)
- return tag_object
+ return self._save_tags(instance, to_be_tagged)
def validate(self, data):
if self.context["request"].method == "PATCH":
@@ -1868,8 +1859,7 @@ def create(self, validated_data):
# not sure why we are returning a tag_object, but don't want to change
# too much now as we're just fixing a bug
- tag_object = self._save_tags(new_finding, to_be_tagged)
- return tag_object
+ return self._save_tags(new_finding, to_be_tagged)
def validate(self, data):
if "reporter" not in data:
@@ -2782,8 +2772,7 @@ def to_representation(self, data):
"title": file.title,
}
)
- new_data = {"finding_id": finding.id, "files": new_files}
- return new_data
+ return {"finding_id": finding.id, "files": new_files}
class FindingCloseSerializer(serializers.ModelSerializer):
@@ -3038,10 +3027,9 @@ class QuestionnaireQuestionSerializer(serializers.ModelSerializer):
def to_representation(self, instance):
if isinstance(instance, TextQuestion):
return TextQuestionSerializer(instance=instance).data
- elif isinstance(instance, ChoiceQuestion):
+ if isinstance(instance, ChoiceQuestion):
return ChoiceQuestionSerializer(instance=instance).data
- else:
- return QuestionSerializer(instance=instance).data
+ return QuestionSerializer(instance=instance).data
class Meta:
model = Question
@@ -3078,10 +3066,9 @@ class QuestionnaireAnswerSerializer(serializers.ModelSerializer):
def to_representation(self, instance):
if isinstance(instance, TextAnswer):
return TextAnswerSerializer(instance=instance).data
- elif isinstance(instance, ChoiceAnswer):
+ if isinstance(instance, ChoiceAnswer):
return ChoiceAnswerSerializer(instance=instance).data
- else:
- return AnswerSerializer(instance=instance).data
+ return AnswerSerializer(instance=instance).data
class Meta:
model = Answer
@@ -3155,5 +3142,4 @@ def create(self, validated_data):
if 'duplicate key value violates unique constraint "dojo_announcement_pkey"' in str(e):
msg = "No more than one Announcement is allowed"
raise serializers.ValidationError(msg)
- else:
- raise
+ raise
diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py
index d0fe775b070..39a23ca5bf8 100644
--- a/dojo/api_v2/views.py
+++ b/dojo/api_v2/views.py
@@ -879,8 +879,7 @@ def get_queryset(self):
def get_serializer_class(self):
if self.request and self.request.method == "POST":
return serializers.FindingCreateSerializer
- else:
- return serializers.FindingSerializer
+ return serializers.FindingSerializer
@extend_schema(
methods=["POST"],
@@ -1240,10 +1239,9 @@ def remove_tags(self, request, pk=None):
{"success": "Tag(s) Removed"},
status=status.HTTP_204_NO_CONTENT,
)
- else:
- return Response(
- delete_tags.errors, status=status.HTTP_400_BAD_REQUEST
- )
+ return Response(
+ delete_tags.errors, status=status.HTTP_400_BAD_REQUEST
+ )
@extend_schema(
responses={
@@ -1381,10 +1379,9 @@ def _add_metadata(self, request, finding):
)
return Response(data=metadata_data.data, status=status.HTTP_200_OK)
- else:
- return Response(
- metadata_data.errors, status=status.HTTP_400_BAD_REQUEST
- )
+ return Response(
+ metadata_data.errors, status=status.HTTP_400_BAD_REQUEST
+ )
def _remove_metadata(self, request, finding):
name = request.query_params.get("name", None)
@@ -1471,13 +1468,13 @@ def metadata(self, request, pk=None):
if request.method == "GET":
return self._get_metadata(request, finding)
- elif request.method == "POST":
+ if request.method == "POST":
return self._add_metadata(request, finding)
- elif request.method == "PUT":
+ if request.method == "PUT":
return self._edit_metadata(request, finding)
- elif request.method == "PATCH":
+ if request.method == "PATCH":
return self._edit_metadata(request, finding)
- elif request.method == "DELETE":
+ if request.method == "DELETE":
return self._remove_metadata(request, finding)
return Response(
@@ -2102,8 +2099,7 @@ def get_queryset(self):
def get_serializer_class(self):
if self.request and self.request.method == "POST":
return serializers.StubFindingCreateSerializer
- else:
- return serializers.StubFindingSerializer
+ return serializers.StubFindingSerializer
# Authorization: authenticated, configuration
@@ -2152,8 +2148,7 @@ def get_serializer_class(self):
if self.action == "accept_risks":
return ra_api.AcceptedRiskSerializer
return serializers.TestCreateSerializer
- else:
- return serializers.TestSerializer
+ return serializers.TestSerializer
@extend_schema(
request=serializers.ReportGenerateOptionSerializer,
diff --git a/dojo/apps.py b/dojo/apps.py
index e12ea7459be..8cdc16a5470 100644
--- a/dojo/apps.py
+++ b/dojo/apps.py
@@ -87,8 +87,7 @@ def get_model_fields_with_extra(model, extra_fields=()):
def get_model_fields(default_fields, extra_fields=()):
- combined = default_fields + extra_fields
- return combined
+ return default_fields + extra_fields
def get_model_default_fields(model):
diff --git a/dojo/authorization/authorization.py b/dojo/authorization/authorization.py
index 8538101cf52..3a607cfe4cd 100644
--- a/dojo/authorization/authorization.py
+++ b/dojo/authorization/authorization.py
@@ -66,7 +66,7 @@ def user_has_permission(user, obj, permission):
if role_has_permission(product_type_group.role.id, permission):
return True
return False
- elif (
+ if (
isinstance(obj, Product)
and permission.value >= Permissions.Product_View.value
):
@@ -87,51 +87,51 @@ def user_has_permission(user, obj, permission):
if role_has_permission(product_group.role.id, permission):
return True
return False
- elif (
+ if (
isinstance(obj, Engagement)
and permission in Permissions.get_engagement_permissions()
):
return user_has_permission(user, obj.product, permission)
- elif (
+ if (
isinstance(obj, Test)
and permission in Permissions.get_test_permissions()
):
return user_has_permission(user, obj.engagement.product, permission)
- elif (
+ if (
isinstance(obj, Finding) or isinstance(obj, Stub_Finding)
) and permission in Permissions.get_finding_permissions():
return user_has_permission(
user, obj.test.engagement.product, permission
)
- elif (
+ if (
isinstance(obj, Finding_Group)
and permission in Permissions.get_finding_group_permissions()
):
return user_has_permission(
user, obj.test.engagement.product, permission
)
- elif (
+ if (
isinstance(obj, Endpoint)
and permission in Permissions.get_endpoint_permissions()
):
return user_has_permission(user, obj.product, permission)
- elif (
+ if (
isinstance(obj, Languages)
and permission in Permissions.get_language_permissions()
):
return user_has_permission(user, obj.product, permission)
- elif (
+ if (
isinstance(obj, App_Analysis)
and permission in Permissions.get_technology_permissions()
):
return user_has_permission(user, obj.product, permission)
- elif (
+ if (
isinstance(obj, Product_API_Scan_Configuration)
and permission
in Permissions.get_product_api_scan_configuration_permissions()
):
return user_has_permission(user, obj.product, permission)
- elif (
+ if (
isinstance(obj, Product_Type_Member)
and permission in Permissions.get_product_type_member_permissions()
):
@@ -140,9 +140,8 @@ def user_has_permission(user, obj, permission):
return obj.user == user or user_has_permission(
user, obj.product_type, permission
)
- else:
- return user_has_permission(user, obj.product_type, permission)
- elif (
+ return user_has_permission(user, obj.product_type, permission)
+ if (
isinstance(obj, Product_Member)
and permission in Permissions.get_product_member_permissions()
):
@@ -151,19 +150,18 @@ def user_has_permission(user, obj, permission):
return obj.user == user or user_has_permission(
user, obj.product, permission
)
- else:
- return user_has_permission(user, obj.product, permission)
- elif (
+ return user_has_permission(user, obj.product, permission)
+ if (
isinstance(obj, Product_Type_Group)
and permission in Permissions.get_product_type_group_permissions()
):
return user_has_permission(user, obj.product_type, permission)
- elif (
+ if (
isinstance(obj, Product_Group)
and permission in Permissions.get_product_group_permissions()
):
return user_has_permission(user, obj.product, permission)
- elif (
+ if (
isinstance(obj, Dojo_Group)
and permission in Permissions.get_group_permissions()
):
@@ -173,7 +171,7 @@ def user_has_permission(user, obj, permission):
return group_member is not None and role_has_permission(
group_member.role.id, permission
)
- elif (
+ if (
isinstance(obj, Dojo_Group_Member)
and permission in Permissions.get_group_member_permissions()
):
@@ -182,9 +180,8 @@ def user_has_permission(user, obj, permission):
return obj.user == user or user_has_permission(
user, obj.group, permission
)
- else:
- return user_has_permission(user, obj.group, permission)
- elif (
+ return user_has_permission(user, obj.group, permission)
+ if (
isinstance(obj, Cred_Mapping)
and permission in Permissions.get_credential_permissions()
):
@@ -202,9 +199,9 @@ def user_has_permission(user, obj, permission):
return user_has_permission(
user, obj.finding.test.engagement.product, permission
)
- else:
- msg = f"No authorization implemented for class {type(obj).__name__} and permission {permission}"
- raise NoAuthorizationImplementedError(msg)
+ return None
+ msg = f"No authorization implemented for class {type(obj).__name__} and permission {permission}"
+ raise NoAuthorizationImplementedError(msg)
def user_has_global_permission(user, permission):
diff --git a/dojo/cred/queries.py b/dojo/cred/queries.py
index d86c432fc69..e009b38202f 100644
--- a/dojo/cred/queries.py
+++ b/dojo/cred/queries.py
@@ -44,8 +44,6 @@ def get_authorized_cred_mappings(permission, queryset=None):
product__member=Exists(authorized_product_roles),
product__prod_type__authorized_group=Exists(authorized_product_type_groups),
product__authorized_group=Exists(authorized_product_groups))
- cred_mappings = cred_mappings.filter(
+ return cred_mappings.filter(
Q(product__prod_type__member=True) | Q(product__member=True)
| Q(product__prod_type__authorized_group=True) | Q(product__authorized_group=True))
-
- return cred_mappings
diff --git a/dojo/cred/views.py b/dojo/cred/views.py
index 26d5d62f875..a2c36b5a6d2 100644
--- a/dojo/cred/views.py
+++ b/dojo/cred/views.py
@@ -640,10 +640,8 @@ def delete_cred_controller(request, destination_url, id, ttid):
if destination_url == "cred":
return HttpResponseRedirect(reverse(destination_url))
- else:
- return HttpResponseRedirect(reverse(destination_url, args=(id, )))
- else:
- tform = CredMappingForm(instance=cred)
+ return HttpResponseRedirect(reverse(destination_url, args=(id, )))
+ tform = CredMappingForm(instance=cred)
add_breadcrumb(title="Delete Credential", top_level=False, request=request)
product_tab = None
diff --git a/dojo/decorators.py b/dojo/decorators.py
index c919a2995bc..a9efa556a27 100644
--- a/dojo/decorators.py
+++ b/dojo/decorators.py
@@ -43,8 +43,7 @@ def __wrapper__(*args, **kwargs):
countdown = kwargs.pop("countdown", 0)
if we_want_async(*args, func=func, **kwargs):
return func.apply_async(args=args, kwargs=kwargs, countdown=countdown)
- else:
- return func(*args, **kwargs)
+ return func(*args, **kwargs)
return __wrapper__
@@ -78,8 +77,7 @@ def __wrapper__(*args, **kwargs):
if _func is None:
# decorator called without parameters
return dojo_model_to_id_internal
- else:
- return dojo_model_to_id_internal(_func)
+ return dojo_model_to_id_internal(_func)
# decorator with parameters needs another wrapper layer
@@ -123,8 +121,7 @@ def __wrapper__(*args, **kwargs):
if _func is None:
# decorator called without parameters
return dojo_model_from_id_internal
- else:
- return dojo_model_from_id_internal(_func)
+ return dojo_model_from_id_internal(_func)
def get_parameter_froms_args_kwargs(args, kwargs, parameter):
diff --git a/dojo/endpoint/queries.py b/dojo/endpoint/queries.py
index e9facac14fe..3f37b9d6b58 100644
--- a/dojo/endpoint/queries.py
+++ b/dojo/endpoint/queries.py
@@ -53,12 +53,10 @@ def get_authorized_endpoints(permission, queryset=None, user=None):
product__member=Exists(authorized_product_roles),
product__prod_type__authorized_group=Exists(authorized_product_type_groups),
product__authorized_group=Exists(authorized_product_groups))
- endpoints = endpoints.filter(
+ return endpoints.filter(
Q(product__prod_type__member=True) | Q(product__member=True)
| Q(product__prod_type__authorized_group=True) | Q(product__authorized_group=True))
- return endpoints
-
def get_authorized_endpoint_status(permission, queryset=None, user=None):
@@ -101,8 +99,6 @@ def get_authorized_endpoint_status(permission, queryset=None, user=None):
endpoint__product__member=Exists(authorized_product_roles),
endpoint__product__prod_type__authorized_group=Exists(authorized_product_type_groups),
endpoint__product__authorized_group=Exists(authorized_product_groups))
- endpoint_status = endpoint_status.filter(
+ return endpoint_status.filter(
Q(endpoint__product__prod_type__member=True) | Q(endpoint__product__member=True)
| Q(endpoint__product__prod_type__authorized_group=True) | Q(endpoint__product__authorized_group=True))
-
- return endpoint_status
diff --git a/dojo/endpoint/utils.py b/dojo/endpoint/utils.py
index e40de5c5e17..0c9671190eb 100644
--- a/dojo/endpoint/utils.py
+++ b/dojo/endpoint/utils.py
@@ -79,15 +79,14 @@ def endpoint_get_or_create(**kwargs):
count = qs.count()
if count == 0:
return Endpoint.objects.get_or_create(**kwargs)
- else:
- logger.warning(
- f"Endpoints in your database are broken. "
- f"Please access {reverse('endpoint_migrate')} and migrate them to new format or remove them."
- )
- # Get the oldest endpoint first, and return that instead
- # a datetime is not captured on the endpoint model, so ID
- # will have to work here instead
- return qs.order_by("id").first(), False
+ logger.warning(
+ f"Endpoints in your database are broken. "
+ f"Please access {reverse('endpoint_migrate')} and migrate them to new format or remove them."
+ )
+ # Get the oldest endpoint first, and return that instead
+ # a datetime is not captured on the endpoint model, so ID
+ # will have to work here instead
+ return qs.order_by("id").first(), False
def clean_hosts_run(apps, change):
@@ -323,7 +322,7 @@ def endpoint_meta_import(file, product, create_endpoints, create_tags, create_me
'The column "hostname" must be present to map host to Endpoint.',
extra_tags='alert-danger')
return HttpResponseRedirect(reverse('import_endpoint_meta', args=(product.id, )))
- elif origin == 'API':
+ if origin == 'API':
msg = 'The column "hostname" must be present to map host to Endpoint.'
raise ValidationError(msg)
@@ -359,14 +358,14 @@ def endpoint_meta_import(file, product, create_endpoints, create_tags, create_me
for tag in existing_tags:
if item[0] not in tag:
continue
- else:
- # found existing. Update it
- existing_tags.remove(tag)
- break
+ # found existing. Update it
+ existing_tags.remove(tag)
+ break
existing_tags += [item[0] + ':' + item[1]]
# if tags are not supposed to be added, this value remain unchanged
endpoint.tags = existing_tags
endpoint.save()
+ return None
def remove_broken_endpoint_statuses(apps):
diff --git a/dojo/endpoint/views.py b/dojo/endpoint/views.py
index 46a20980061..b02a534219b 100644
--- a/dojo/endpoint/views.py
+++ b/dojo/endpoint/views.py
@@ -96,9 +96,8 @@ def get_endpoint_ids(endpoints):
key = f"{e.host}-{e.product.id}"
if key in hosts:
continue
- else:
- hosts.append(key)
- ids.append(e.id)
+ hosts.append(key)
+ ids.append(e.id)
return ids
@@ -302,8 +301,7 @@ def add_meta_data(request, eid):
extra_tags='alert-success')
if 'add_another' in request.POST:
return HttpResponseRedirect(reverse('add_endpoint_meta_data', args=(eid,)))
- else:
- return HttpResponseRedirect(reverse('view_endpoint', args=(eid,)))
+ return HttpResponseRedirect(reverse('view_endpoint', args=(eid,)))
else:
form = DojoMetaDataForm()
diff --git a/dojo/engagement/queries.py b/dojo/engagement/queries.py
index d5a7f445931..5a33e38220a 100644
--- a/dojo/engagement/queries.py
+++ b/dojo/engagement/queries.py
@@ -39,8 +39,6 @@ def get_authorized_engagements(permission):
product__member=Exists(authorized_product_roles),
product__prod_type__authorized_group=Exists(authorized_product_type_groups),
product__authorized_group=Exists(authorized_product_groups))
- engagements = engagements.filter(
+ return engagements.filter(
Q(product__prod_type__member=True) | Q(product__member=True)
| Q(product__prod_type__authorized_group=True) | Q(product__authorized_group=True))
-
- return engagements
diff --git a/dojo/engagement/views.py b/dojo/engagement/views.py
index 2fdc7e34a43..3686e171cdd 100644
--- a/dojo/engagement/views.py
+++ b/dojo/engagement/views.py
@@ -163,15 +163,13 @@ def get_filtered_engagements(request, view):
filter_string_matching = get_system_setting("filter_string_matching", False)
filter_class = EngagementDirectFilterWithoutObjectLookups if filter_string_matching else EngagementDirectFilter
- engagements = filter_class(request.GET, queryset=engagements)
-
- return engagements
+ return filter_class(request.GET, queryset=engagements)
def get_test_counts(engagements):
# Get the test counts per engagement. As a separate query, this is much
# faster than annotating the above `engagements` query.
- engagement_test_counts = {
+ return {
test['engagement']: test['test_count']
for test in Test.objects.filter(
engagement__in=engagements
@@ -181,7 +179,6 @@ def get_test_counts(engagements):
test_count=Count('engagement')
)
}
- return engagement_test_counts
def engagements(request, view):
@@ -300,9 +297,8 @@ def edit_engagement(request, eid):
if '_Add Tests' in request.POST:
return HttpResponseRedirect(
reverse('add_tests', args=(engagement.id, )))
- else:
- return HttpResponseRedirect(
- reverse('view_engagement', args=(engagement.id, )))
+ return HttpResponseRedirect(
+ reverse('view_engagement', args=(engagement.id, )))
else:
logger.debug(form.errors)
@@ -400,12 +396,11 @@ def copy_engagement(request, eid):
recipients=[engagement.lead],
icon="exclamation-triangle")
return redirect_to_return_url_or_else(request, reverse("view_engagements", args=(product.id, )))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- 'Unable to copy engagement, please try again.',
- extra_tags='alert-danger')
+ messages.add_message(
+ request,
+ messages.ERROR,
+ 'Unable to copy engagement, please try again.',
+ extra_tags='alert-danger')
product_tab = Product_Tab(product, title="Copy Engagement", tab="engagements")
return render(request, 'dojo/copy_object.html', {
@@ -423,8 +418,7 @@ def get_template(self):
return 'dojo/view_eng.html'
def get_risks_accepted(self, eng):
- risks_accepted = eng.risk_acceptance.all().select_related('owner').annotate(accepted_findings_count=Count('accepted_findings__id'))
- return risks_accepted
+ return eng.risk_acceptance.all().select_related('owner').annotate(accepted_findings_count=Count('accepted_findings__id'))
def get_filtered_tests(
self,
@@ -666,10 +660,10 @@ def add_tests(request, eid):
if '_Add Another Test' in request.POST:
return HttpResponseRedirect(
reverse('add_tests', args=(eng.id, )))
- elif '_Add Findings' in request.POST:
+ if '_Add Findings' in request.POST:
return HttpResponseRedirect(
reverse('add_findings', args=(new_test.id, )))
- elif '_Finished' in request.POST:
+ if '_Finished' in request.POST:
return HttpResponseRedirect(
reverse('view_engagement', args=(eng.id, )))
else:
@@ -744,8 +738,7 @@ def get_form(
"""
if request.method == "POST":
return ImportScanForm(request.POST, request.FILES, **kwargs)
- else:
- return ImportScanForm(**kwargs)
+ return ImportScanForm(**kwargs)
def get_credential_form(
self,
@@ -759,18 +752,17 @@ def get_credential_form(
"""
if request.method == "POST":
return CredMappingForm(request.POST)
- else:
- # If the engagement is not present, return an empty form
- if engagement is None:
- return CredMappingForm()
- # Otherwise get all creds in the associated engagement
- return CredMappingForm(
- initial={
- "cred_user_queryset": Cred_Mapping.objects.filter(
- engagement=engagement
- ).order_by('cred_id'),
- }
- )
+ # If the engagement is not present, return an empty form
+ if engagement is None:
+ return CredMappingForm()
+ # Otherwise get all creds in the associated engagement
+ return CredMappingForm(
+ initial={
+ "cred_user_queryset": Cred_Mapping.objects.filter(
+ engagement=engagement
+ ).order_by('cred_id'),
+ }
+ )
def get_jira_form(
self,
@@ -1385,8 +1377,7 @@ def view_edit_risk_acceptance(request, eid, raid, edit_mode=False):
if not errors:
logger.debug('redirecting to return_url')
return redirect_to_return_url_or_else(request, reverse("view_risk_acceptance", args=(eid, raid)))
- else:
- logger.error('errors found')
+ logger.error('errors found')
else:
if edit_mode:
@@ -1533,8 +1524,7 @@ def upload_threatmodel(request, eid):
@user_is_authorized(Engagement, Permissions.Engagement_View, 'eid')
def view_threatmodel(request, eid):
eng = get_object_or_404(Engagement, pk=eid)
- response = FileResponse(open(eng.tmodel_path, 'rb'))
- return response
+ return FileResponse(open(eng.tmodel_path, 'rb'))
@user_is_authorized(Engagement, Permissions.Engagement_View, 'eid')
@@ -1573,9 +1563,8 @@ def get_engagements(request):
if not url:
msg = 'Please use the export button when exporting engagements'
raise ValidationError(msg)
- else:
- if url.startswith('url='):
- url = url[4:]
+ if url.startswith('url='):
+ url = url[4:]
path_items = list(filter(None, re.split(r'/|\?', url)))
diff --git a/dojo/filters.py b/dojo/filters.py
index 76c65b92a6c..2fc972e2f8b 100644
--- a/dojo/filters.py
+++ b/dojo/filters.py
@@ -331,8 +331,7 @@ def get_tags_model_from_field_name(field):
def get_tags_label_from_model(model):
if model:
return f'Tags ({model.__name__.title()})'
- else:
- return 'Tags (Unknown)'
+ return 'Tags (Unknown)'
def get_finding_filterset_fields(metrics=False, similar=False, filter_string_matching=False):
@@ -780,6 +779,7 @@ def any(self, qs, name):
self.start_date = _truncate(start_date - timedelta(days=1))
self.end_date = _truncate(now() + timedelta(days=1))
return qs.all()
+ return None
def current_month(self, qs, name):
self.start_date = local_tz.localize(
@@ -1918,8 +1918,7 @@ def set_hash_codes(self, *args: list, **kwargs: dict):
def filter_queryset(self, *args: list, **kwargs: dict):
queryset = super().filter_queryset(*args, **kwargs)
queryset = get_authorized_findings(Permissions.Finding_View, queryset, self.user)
- queryset = queryset.exclude(pk=self.finding.pk)
- return queryset
+ return queryset.exclude(pk=self.finding.pk)
class SimilarFindingFilter(FindingFilter, SimilarFindingHelper):
diff --git a/dojo/finding/queries.py b/dojo/finding/queries.py
index e10cfca3ddd..808b0e79a5e 100644
--- a/dojo/finding/queries.py
+++ b/dojo/finding/queries.py
@@ -68,14 +68,12 @@ def get_authorized_findings(permission, queryset=None, user=None):
test__engagement__product__member=Exists(authorized_product_roles),
test__engagement__product__prod_type__authorized_group=Exists(authorized_product_type_groups),
test__engagement__product__authorized_group=Exists(authorized_product_groups))
- findings = findings.filter(
+ return findings.filter(
Q(test__engagement__product__prod_type__member=True)
| Q(test__engagement__product__member=True)
| Q(test__engagement__product__prod_type__authorized_group=True)
| Q(test__engagement__product__authorized_group=True))
- return findings
-
def get_authorized_stub_findings(permission):
user = get_current_user()
@@ -101,14 +99,12 @@ def get_authorized_stub_findings(permission):
test__engagement__product__member=Exists(authorized_product_roles),
test__engagement__product__prod_type__authorized_group=Exists(authorized_product_type_groups),
test__engagement__product__authorized_group=Exists(authorized_product_groups))
- findings = findings.filter(
+ return findings.filter(
Q(test__engagement__product__prod_type__member=True)
| Q(test__engagement__product__member=True)
| Q(test__engagement__product__prod_type__authorized_group=True)
| Q(test__engagement__product__authorized_group=True))
- return findings
-
def get_authorized_vulnerability_ids(permission, queryset=None, user=None):
@@ -151,10 +147,8 @@ def get_authorized_vulnerability_ids(permission, queryset=None, user=None):
finding__test__engagement__product__member=Exists(authorized_product_roles),
finding__test__engagement__product__prod_type__authorized_group=Exists(authorized_product_type_groups),
finding__test__engagement__product__authorized_group=Exists(authorized_product_groups))
- vulnerability_ids = vulnerability_ids.filter(
+ return vulnerability_ids.filter(
Q(finding__test__engagement__product__prod_type__member=True)
| Q(finding__test__engagement__product__member=True)
| Q(finding__test__engagement__product__prod_type__authorized_group=True)
| Q(finding__test__engagement__product__authorized_group=True))
-
- return vulnerability_ids
diff --git a/dojo/finding/views.py b/dojo/finding/views.py
index c84154804af..45a9b57a6fc 100644
--- a/dojo/finding/views.py
+++ b/dojo/finding/views.py
@@ -310,31 +310,29 @@ def get_test_id(self):
def filter_findings_by_object(self, findings: QuerySet[Finding]):
if product_id := self.get_product_id():
return findings.filter(test__engagement__product__id=product_id)
- elif engagement_id := self.get_engagement_id():
+ if engagement_id := self.get_engagement_id():
return findings.filter(test__engagement=engagement_id)
- elif test_id := self.get_test_id():
+ if test_id := self.get_test_id():
return findings.filter(test=test_id)
- else:
- return findings
+ return findings
def filter_findings_by_filter_name(self, findings: QuerySet[Finding]):
filter_name = self.get_filter_name()
if filter_name == "Open":
return findings.filter(finding_helper.OPEN_FINDINGS_QUERY)
- elif filter_name == "Verified":
+ if filter_name == "Verified":
return findings.filter(finding_helper.VERIFIED_FINDINGS_QUERY)
- elif filter_name == "Out of Scope":
+ if filter_name == "Out of Scope":
return findings.filter(finding_helper.OUT_OF_SCOPE_FINDINGS_QUERY)
- elif filter_name == "False Positive":
+ if filter_name == "False Positive":
return findings.filter(finding_helper.FALSE_POSITIVE_FINDINGS_QUERY)
- elif filter_name == "Inactive":
+ if filter_name == "Inactive":
return findings.filter(finding_helper.INACTIVE_FINDINGS_QUERY)
- elif filter_name == "Accepted":
+ if filter_name == "Accepted":
return findings.filter(finding_helper.ACCEPTED_FINDINGS_QUERY)
- elif filter_name == "Closed":
+ if filter_name == "Closed":
return findings.filter(finding_helper.CLOSED_FINDINGS_QUERY)
- else:
- return findings
+ return findings
def filter_findings_by_form(self, request: HttpRequest, findings: QuerySet[Finding]):
# Set up the args for the form
@@ -357,9 +355,7 @@ def filter_findings_by_form(self, request: HttpRequest, findings: QuerySet[Findi
def get_filtered_findings(self):
findings = get_authorized_findings(Permissions.Finding_View).order_by(self.get_order_by())
findings = self.filter_findings_by_object(findings)
- findings = self.filter_findings_by_filter_name(findings)
-
- return findings
+ return self.filter_findings_by_filter_name(findings)
def get_fully_filtered_findings(self, request: HttpRequest):
findings = self.get_filtered_findings()
@@ -1014,9 +1010,8 @@ def process_finding_form(self, request: HttpRequest, finding: Finding, context:
)
return finding, request, True
- else:
- add_error_message_to_response("The form has errors, please correct them below.")
- add_field_errors_to_response(context["form"])
+ add_error_message_to_response("The form has errors, please correct them below.")
+ add_field_errors_to_response(context["form"])
return finding, request, False
@@ -1071,8 +1066,7 @@ def process_jira_form(self, request: HttpRequest, finding: Finding, context: dic
)
return request, True, push_to_jira
- else:
- add_field_errors_to_response(context["jform"])
+ add_field_errors_to_response(context["jform"])
return request, False, False
@@ -1087,8 +1081,7 @@ def process_github_form(self, request: HttpRequest, finding: Finding, context: d
add_external_issue(finding, "github")
return request, True
- else:
- add_field_errors_to_response(context["gform"])
+ add_field_errors_to_response(context["gform"])
return request, False
@@ -1309,10 +1302,9 @@ def close_finding(request, fid):
return HttpResponseRedirect(
reverse("view_test", args=(finding.test.id,))
)
- else:
- return HttpResponseRedirect(
- reverse("close_finding", args=(finding.id,))
- )
+ return HttpResponseRedirect(
+ reverse("close_finding", args=(finding.id,))
+ )
product_tab = Product_Tab(
finding.test.engagement.product, title="Close", tab="findings"
@@ -1492,15 +1484,14 @@ def apply_template_cwe(request, fid):
extra_tags="alert-success",
)
return HttpResponseRedirect(reverse("view_finding", args=(fid,)))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- "Unable to apply CWE template finding, please try again.",
- extra_tags="alert-danger",
- )
- else:
- raise PermissionDenied
+ messages.add_message(
+ request,
+ messages.ERROR,
+ "Unable to apply CWE template finding, please try again.",
+ extra_tags="alert-danger",
+ )
+ return None
+ raise PermissionDenied
@user_is_authorized(Finding, Permissions.Finding_Edit, "fid")
@@ -1539,13 +1530,12 @@ def copy_finding(request, fid):
return redirect_to_return_url_or_else(
request, reverse("view_test", args=(test.id,))
)
- else:
- messages.add_message(
- request,
- messages.ERROR,
- "Unable to copy finding, please try again.",
- extra_tags="alert-danger",
- )
+ messages.add_message(
+ request,
+ messages.ERROR,
+ "Unable to copy finding, please try again.",
+ extra_tags="alert-danger",
+ )
product_tab = Product_Tab(product, title="Copy Finding", tab="findings")
return render(
@@ -1989,8 +1979,7 @@ def apply_template_to_finding(request, fid, tid):
)
return HttpResponseRedirect(reverse("view_finding", args=(finding.id,)))
- else:
- return HttpResponseRedirect(reverse("view_finding", args=(finding.id,)))
+ return HttpResponseRedirect(reverse("view_finding", args=(finding.id,)))
@user_is_authorized(Test, Permissions.Finding_Add, "tid")
@@ -2050,15 +2039,14 @@ def delete_stub_finding(request, fid):
extra_tags="alert-success",
)
return HttpResponseRedirect(reverse("view_test", args=(tid,)))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- "Unable to delete potential finding, please try again.",
- extra_tags="alert-danger",
- )
- else:
- raise PermissionDenied
+ messages.add_message(
+ request,
+ messages.ERROR,
+ "Unable to delete potential finding, please try again.",
+ extra_tags="alert-danger",
+ )
+ return None
+ raise PermissionDenied
@user_is_authorized(Stub_Finding, Permissions.Finding_Edit, "fid")
@@ -2175,13 +2163,12 @@ def promote_to_finding(request, fid):
)
return HttpResponseRedirect(reverse("view_test", args=(test.id,)))
- else:
- form_error = True
- add_error_message_to_response(
- "The form has errors, please correct them below."
- )
- add_field_errors_to_response(jform)
- add_field_errors_to_response(form)
+ form_error = True
+ add_error_message_to_response(
+ "The form has errors, please correct them below."
+ )
+ add_field_errors_to_response(jform)
+ add_field_errors_to_response(form)
else:
form = PromoteFindingForm(
initial={
@@ -2343,13 +2330,12 @@ def add_template(request):
extra_tags="alert-success",
)
return HttpResponseRedirect(reverse("templates"))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- "Template form has error, please revise and try again.",
- extra_tags="alert-danger",
- )
+ messages.add_message(
+ request,
+ messages.ERROR,
+ "Template form has error, please revise and try again.",
+ extra_tags="alert-danger",
+ )
add_breadcrumb(title="Add Template", top_level=False, request=request)
return render(
request, "dojo/add_template.html", {"form": form, "name": "Add Template"}
@@ -2398,13 +2384,12 @@ def edit_template(request, tid):
extra_tags="alert-success",
)
return HttpResponseRedirect(reverse("templates"))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- "Template form has error, please revise and try again.",
- extra_tags="alert-danger",
- )
+ messages.add_message(
+ request,
+ messages.ERROR,
+ "Template form has error, please revise and try again.",
+ extra_tags="alert-danger",
+ )
count = apply_cwe_mitigation(True, template, False)
add_breadcrumb(title="Edit Template", top_level=False, request=request)
@@ -2434,15 +2419,14 @@ def delete_template(request, tid):
extra_tags="alert-success",
)
return HttpResponseRedirect(reverse("templates"))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- "Unable to delete Template, please revise and try again.",
- extra_tags="alert-danger",
- )
- else:
- raise PermissionDenied
+ messages.add_message(
+ request,
+ messages.ERROR,
+ "Unable to delete Template, please revise and try again.",
+ extra_tags="alert-danger",
+ )
+ return None
+ raise PermissionDenied
def download_finding_pic(request, token):
@@ -2648,13 +2632,12 @@ def merge_finding_product(request, pid):
return HttpResponseRedirect(
reverse("edit_finding", args=(finding_to_merge_into.id,))
)
- else:
- messages.add_message(
- request,
- messages.ERROR,
- "Unable to merge findings. Findings to merge contained in finding to merge into.",
- extra_tags="alert-danger",
- )
+ messages.add_message(
+ request,
+ messages.ERROR,
+ "Unable to merge findings. Findings to merge contained in finding to merge into.",
+ extra_tags="alert-danger",
+ )
else:
messages.add_message(
request,
@@ -3133,8 +3116,7 @@ def find_available_notetypes(notes):
break
else:
available_note_types.append(note_type_id)
- queryset = Note_Type.objects.filter(id__in=available_note_types).order_by("-id")
- return queryset
+ return Note_Type.objects.filter(id__in=available_note_types).order_by("-id")
def get_missing_mandatory_notetypes(finding):
@@ -3149,8 +3131,7 @@ def get_missing_mandatory_notetypes(finding):
break
else:
notes_to_be_added.append(note_type_id)
- queryset = Note_Type.objects.filter(id__in=notes_to_be_added)
- return queryset
+ return Note_Type.objects.filter(id__in=notes_to_be_added)
@user_is_authorized(Finding, Permissions.Finding_Edit, "original_id")
diff --git a/dojo/finding_group/queries.py b/dojo/finding_group/queries.py
index 9bc4b95ffac..645a7f60858 100644
--- a/dojo/finding_group/queries.py
+++ b/dojo/finding_group/queries.py
@@ -46,10 +46,8 @@ def get_authorized_finding_groups(permission, queryset=None, user=None):
test__engagement__product__member=Exists(authorized_product_roles),
test__engagement__product__prod_type__authorized_group=Exists(authorized_product_type_groups),
test__engagement__product__authorized_group=Exists(authorized_product_groups))
- finding_groups = finding_groups.filter(
+ return finding_groups.filter(
Q(test__engagement__product__prod_type__member=True)
| Q(test__engagement__product__member=True)
| Q(test__engagement__product__prod_type__authorized_group=True)
| Q(test__engagement__product__authorized_group=True))
-
- return finding_groups
diff --git a/dojo/forms.py b/dojo/forms.py
index 734d97586aa..caec3a27645 100644
--- a/dojo/forms.py
+++ b/dojo/forms.py
@@ -594,8 +594,7 @@ def clean(self):
endpoints_to_add_list, errors = validate_endpoints_to_add(cleaned_data['endpoints_to_add'])
if errors:
raise forms.ValidationError(errors)
- else:
- self.endpoints_to_add_list = endpoints_to_add_list
+ self.endpoints_to_add_list = endpoints_to_add_list
return cleaned_data
@@ -608,8 +607,7 @@ def clean_scan_date(self):
return date
def get_scan_type(self):
- TGT_scan = self.cleaned_data['scan_type']
- return TGT_scan
+ return self.cleaned_data['scan_type']
class ReImportScanForm(forms.Form):
@@ -1143,8 +1141,7 @@ def clean(self):
endpoints_to_add_list, errors = validate_endpoints_to_add(cleaned_data['endpoints_to_add'])
if errors:
raise forms.ValidationError(errors)
- else:
- self.endpoints_to_add_list = endpoints_to_add_list
+ self.endpoints_to_add_list = endpoints_to_add_list
return cleaned_data
@@ -1221,8 +1218,7 @@ def clean(self):
endpoints_to_add_list, errors = validate_endpoints_to_add(cleaned_data['endpoints_to_add'])
if errors:
raise forms.ValidationError(errors)
- else:
- self.endpoints_to_add_list = endpoints_to_add_list
+ self.endpoints_to_add_list = endpoints_to_add_list
return cleaned_data
@@ -1279,8 +1275,7 @@ def clean(self):
endpoints_to_add_list, errors = validate_endpoints_to_add(cleaned_data['endpoints_to_add'])
if errors:
raise forms.ValidationError(errors)
- else:
- self.endpoints_to_add_list = endpoints_to_add_list
+ self.endpoints_to_add_list = endpoints_to_add_list
return cleaned_data
@@ -1403,8 +1398,7 @@ def clean(self):
endpoints_to_add_list, errors = validate_endpoints_to_add(cleaned_data['endpoints_to_add'])
if errors:
raise forms.ValidationError(errors)
- else:
- self.endpoints_to_add_list = endpoints_to_add_list
+ self.endpoints_to_add_list = endpoints_to_add_list
return cleaned_data
@@ -1674,8 +1668,7 @@ def clean(self):
endpoints_to_add_list, errors = validate_endpoints_to_add(endpoint)
if errors:
raise forms.ValidationError(errors)
- else:
- self.endpoints_to_process = endpoints_to_add_list
+ self.endpoints_to_process = endpoints_to_add_list
return cleaned_data
@@ -2680,9 +2673,7 @@ def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
def clean(self):
- form_data = self.cleaned_data
-
- return form_data
+ return self.cleaned_data
class CredMappingForm(forms.ModelForm):
@@ -2943,9 +2934,9 @@ def clean(self):
if self.target == 'engagement':
msg = 'JIRA Project needs a JIRA Instance, JIRA Project Key, and Epic issue type name, or choose to inherit settings from product'
raise ValidationError(msg)
- else:
- msg = 'JIRA Project needs a JIRA Instance, JIRA Project Key, and Epic issue type name, leave empty to have no JIRA integration setup'
- raise ValidationError(msg)
+ msg = 'JIRA Project needs a JIRA Instance, JIRA Project Key, and Epic issue type name, leave empty to have no JIRA integration setup'
+ raise ValidationError(msg)
+ return None
class GITHUBFindingForm(forms.Form):
@@ -3129,8 +3120,7 @@ class LoginBanner(forms.Form):
)
def clean(self):
- cleaned_data = super().clean()
- return cleaned_data
+ return super().clean()
class AnnouncementCreateForm(forms.ModelForm):
@@ -3364,7 +3354,7 @@ def clean_expiration(self):
if expiration < today:
msg = "The expiration cannot be in the past"
raise forms.ValidationError(msg)
- elif expiration.day == today.day:
+ if expiration.day == today.day:
msg = "The expiration cannot be today"
raise forms.ValidationError(msg)
else:
@@ -3454,8 +3444,7 @@ def __init__(self, attrs=None):
def decompress(self, value):
if value:
return pickle.loads(value)
- else:
- return [None, None, None, None, None, None]
+ return [None, None, None, None, None, None]
def format_output(self, rendered_widgets):
return '
'.join(rendered_widgets)
diff --git a/dojo/github_issue_link/views.py b/dojo/github_issue_link/views.py
index aa4e9269cb3..5598c9b757b 100644
--- a/dojo/github_issue_link/views.py
+++ b/dojo/github_issue_link/views.py
@@ -52,11 +52,11 @@ def new_github(request):
'Unable to authenticate on GitHub.',
extra_tags='alert-danger')
return HttpResponseRedirect(reverse('github', ))
- else:
- gform = GITHUBForm()
- add_breadcrumb(title="New GitHub Configuration", top_level=False, request=request)
- return render(request, 'dojo/new_github.html',
- {'gform': gform})
+ return None
+ gform = GITHUBForm()
+ add_breadcrumb(title="New GitHub Configuration", top_level=False, request=request)
+ return render(request, 'dojo/new_github.html',
+ {'gform': gform})
@user_is_configuration_authorized('dojo.view_github_conf')
diff --git a/dojo/group/queries.py b/dojo/group/queries.py
index db4d8d633df..663c4179084 100644
--- a/dojo/group/queries.py
+++ b/dojo/group/queries.py
@@ -38,8 +38,7 @@ def get_authorized_group_members(permission):
def get_authorized_group_members_for_user(user):
groups = get_authorized_groups(Permissions.Group_View)
- group_members = Dojo_Group_Member.objects.filter(user=user, group__in=groups).order_by('group__name').select_related('role', 'group')
- return group_members
+ return Dojo_Group_Member.objects.filter(user=user, group__in=groups).order_by('group__name').select_related('role', 'group')
def get_group_members_for_group(group):
diff --git a/dojo/group/views.py b/dojo/group/views.py
index 46d2dd31967..62422dc6ff0 100644
--- a/dojo/group/views.py
+++ b/dojo/group/views.py
@@ -179,12 +179,11 @@ def process_forms(self, request: HttpRequest, group: Dojo_Group, context: dict):
extra_tags='alert-success')
return request, True
- else:
- messages.add_message(
- request,
- messages.ERROR,
- 'Group was not saved successfully.',
- extra_tags='alert_danger')
+ messages.add_message(
+ request,
+ messages.ERROR,
+ 'Group was not saved successfully.',
+ extra_tags='alert_danger')
return request, False
@@ -439,8 +438,7 @@ def edit_group_member(request, mid):
extra_tags='alert-warning')
if is_title_in_breadcrumbs('View User'):
return HttpResponseRedirect(reverse('view_user', args=(member.user.id, )))
- else:
- return HttpResponseRedirect(reverse('view_group', args=(member.group.id, )))
+ return HttpResponseRedirect(reverse('view_group', args=(member.group.id, )))
if member.role.is_owner and not user_has_permission(request.user, member.group, Permissions.Group_Add_Owner):
messages.add_message(request,
messages.WARNING,
@@ -454,8 +452,7 @@ def edit_group_member(request, mid):
extra_tags='alert-success')
if is_title_in_breadcrumbs('View User'):
return HttpResponseRedirect(reverse('view_user', args=(member.user.id, )))
- else:
- return HttpResponseRedirect(reverse('view_group', args=(member.group.id, )))
+ return HttpResponseRedirect(reverse('view_group', args=(member.group.id, )))
add_breadcrumb(title="Edit a Group Member", top_level=False, request=request)
return render(request, 'dojo/edit_group_member.html', {
@@ -481,8 +478,7 @@ def delete_group_member(request, mid):
extra_tags='alert-warning')
if is_title_in_breadcrumbs('View User'):
return HttpResponseRedirect(reverse('view_user', args=(member.user.id, )))
- else:
- return HttpResponseRedirect(reverse('view_group', args=(member.group.id, )))
+ return HttpResponseRedirect(reverse('view_group', args=(member.group.id, )))
user = member.user
member.delete()
@@ -492,11 +488,9 @@ def delete_group_member(request, mid):
extra_tags='alert-success')
if is_title_in_breadcrumbs('View User'):
return HttpResponseRedirect(reverse('view_user', args=(member.user.id, )))
- else:
- if user == request.user:
- return HttpResponseRedirect(reverse('groups'))
- else:
- return HttpResponseRedirect(reverse('view_group', args=(member.group.id, )))
+ if user == request.user:
+ return HttpResponseRedirect(reverse('groups'))
+ return HttpResponseRedirect(reverse('view_group', args=(member.group.id, )))
add_breadcrumb("Delete a group member", top_level=False, request=request)
return render(request, 'dojo/delete_group_member.html', {
diff --git a/dojo/importers/auto_create_context.py b/dojo/importers/auto_create_context.py
index 6122196d486..4e925d7b5d6 100644
--- a/dojo/importers/auto_create_context.py
+++ b/dojo/importers/auto_create_context.py
@@ -229,16 +229,15 @@ def get_or_create_product_type(
# Look for an existing object
if product_type := self.get_target_product_type_if_exists(product_type_name=product_type_name):
return product_type
- else:
- with transaction.atomic():
- product_type, created = Product_Type.objects.select_for_update().get_or_create(name=product_type_name)
- if created:
- Product_Type_Member.objects.create(
- user=get_current_user(),
- product_type=product_type,
- role=Role.objects.get(is_owner=True),
- )
- return product_type
+ with transaction.atomic():
+ product_type, created = Product_Type.objects.select_for_update().get_or_create(name=product_type_name)
+ if created:
+ Product_Type_Member.objects.create(
+ user=get_current_user(),
+ product_type=product_type,
+ role=Role.objects.get(is_owner=True),
+ )
+ return product_type
def get_or_create_product(
self,
diff --git a/dojo/importers/base_importer.py b/dojo/importers/base_importer.py
index 449a9074b8e..6a892216699 100644
--- a/dojo/importers/base_importer.py
+++ b/dojo/importers/base_importer.py
@@ -258,11 +258,10 @@ def determine_process_method(
parsed_findings,
**kwargs,
)
- else:
- return self.sync_process_findings(
- parsed_findings,
- **kwargs,
- )
+ return self.sync_process_findings(
+ parsed_findings,
+ **kwargs,
+ )
def update_test_meta(self):
"""
@@ -279,7 +278,7 @@ def update_test_meta(self):
if not self.commit_hash.isspace():
self.test.commit_hash = self.commit_hash
- return None
+ return
def update_timestamps(self):
"""
@@ -511,7 +510,7 @@ def verify_tool_configuration_from_test(self):
# Return early as there is no value in validating further
return
# Validate that the test has a value
- elif self.test is not None:
+ if self.test is not None:
# Make sure the Tool_Configuration is connected to the product that the test is
if self.api_scan_configuration.product != self.test.engagement.product:
msg = "API Scan Configuration has to be from same product as the Test"
@@ -537,7 +536,7 @@ def verify_tool_configuration_from_engagement(self):
# Return early as there is no value in validating further
return
# Validate that the engagement has a value
- elif self.engagement is not None:
+ if self.engagement is not None:
# Make sure the Tool_Configuration is connected to the engagement that the test is
if self.api_scan_configuration.product != self.engagement.product:
msg = "API Scan Configuration has to be from same product as the Engagement"
diff --git a/dojo/importers/default_reimporter.py b/dojo/importers/default_reimporter.py
index 0c930d9df78..1abfd99ce3c 100644
--- a/dojo/importers/default_reimporter.py
+++ b/dojo/importers/default_reimporter.py
@@ -374,12 +374,12 @@ def match_new_finding_to_existing_finding(
test=self.test,
hash_code=unsaved_finding.hash_code
).exclude(hash_code=None).order_by('id')
- elif self.deduplication_algorithm == 'unique_id_from_tool':
+ if self.deduplication_algorithm == 'unique_id_from_tool':
return Finding.objects.filter(
test=self.test,
unique_id_from_tool=unsaved_finding.unique_id_from_tool
).exclude(unique_id_from_tool=None).order_by('id')
- elif self.deduplication_algorithm == 'unique_id_from_tool_or_hash_code':
+ if self.deduplication_algorithm == 'unique_id_from_tool_or_hash_code':
query = Finding.objects.filter(
Q(test=self.test),
(Q(hash_code__isnull=False) & Q(hash_code=unsaved_finding.hash_code))
@@ -387,7 +387,7 @@ def match_new_finding_to_existing_finding(
).order_by('id')
deduplicationLogger.debug(query.query)
return query
- elif self.deduplication_algorithm == 'legacy':
+ if self.deduplication_algorithm == 'legacy':
# This is the legacy reimport behavior. Although it's pretty flawed and doesn't match the legacy algorithm for deduplication,
# this is left as is for simplicity.
# Re-writing the legacy deduplication here would be complicated and counter-productive.
@@ -398,9 +398,8 @@ def match_new_finding_to_existing_finding(
test=self.test,
severity=unsaved_finding.severity,
numerical_severity=Finding.get_numerical_severity(unsaved_finding.severity)).order_by('id')
- else:
- logger.error(f'Internal error: unexpected deduplication_algorithm: "{self.deduplication_algorithm}"')
- return None
+ logger.error(f'Internal error: unexpected deduplication_algorithm: "{self.deduplication_algorithm}"')
+ return None
def process_matched_finding(
self,
@@ -416,16 +415,15 @@ def process_matched_finding(
unsaved_finding,
existing_finding,
)
- elif existing_finding.is_mitigated:
+ if existing_finding.is_mitigated:
return self.process_matched_mitigated_finding(
unsaved_finding,
existing_finding,
)
- else:
- return self.process_matched_active_finding(
- unsaved_finding,
- existing_finding,
- )
+ return self.process_matched_active_finding(
+ unsaved_finding,
+ existing_finding,
+ )
def process_matched_special_status_finding(
self,
@@ -489,47 +487,44 @@ def process_matched_mitigated_finding(
logger.debug(msg)
# Return True here to force the loop to continue
return existing_finding, True
- else:
- # even if there is no mitigation time, skip it, because both the current finding and
- # the reimported finding are is_mitigated
- # Return True here to force the loop to continue
- return existing_finding, True
- else:
- if self.do_not_reactivate:
- logger.debug(
- "Skipping reactivating by user's choice do_not_reactivate: "
- f" - {existing_finding.id}: {existing_finding.title} "
- f"({existing_finding.component_name} - {existing_finding.component_version})"
- )
- # Search for an existing note that this finding has been skipped for reactivation
- # before this current time
- reactivated_note_text = f"Finding has skipped reactivation from {self.scan_type} re-upload with user decision do_not_reactivate."
- existing_note = existing_finding.notes.filter(
+ # even if there is no mitigation time, skip it, because both the current finding and
+ # the reimported finding are is_mitigated
+ # Return True here to force the loop to continue
+ return existing_finding, True
+ if self.do_not_reactivate:
+ logger.debug(
+ "Skipping reactivating by user's choice do_not_reactivate: "
+ f" - {existing_finding.id}: {existing_finding.title} "
+ f"({existing_finding.component_name} - {existing_finding.component_version})"
+ )
+ # Search for an existing note that this finding has been skipped for reactivation
+ # before this current time
+ reactivated_note_text = f"Finding has skipped reactivation from {self.scan_type} re-upload with user decision do_not_reactivate."
+ existing_note = existing_finding.notes.filter(
+ entry=reactivated_note_text,
+ author=self.user,
+ )
+ # If a note has not been left before, we can skip this finding
+ if len(existing_note) == 0:
+ note = Notes(
entry=reactivated_note_text,
author=self.user,
)
- # If a note has not been left before, we can skip this finding
- if len(existing_note) == 0:
- note = Notes(
- entry=reactivated_note_text,
- author=self.user,
- )
- note.save()
- existing_finding.notes.add(note)
- existing_finding.save(dedupe_option=False)
- # Return True here to force the loop to continue
- return existing_finding, True
- else:
- logger.debug(
- f"Reactivating: - {existing_finding.id}: {existing_finding.title} "
- f"({existing_finding.component_name} - {existing_finding.component_version})"
- )
- existing_finding.mitigated = None
- existing_finding.is_mitigated = False
- existing_finding.mitigated_by = None
- existing_finding.active = True
- if self.verified is not None:
- existing_finding.verified = self.verified
+ note.save()
+ existing_finding.notes.add(note)
+ existing_finding.save(dedupe_option=False)
+ # Return True here to force the loop to continue
+ return existing_finding, True
+ logger.debug(
+ f"Reactivating: - {existing_finding.id}: {existing_finding.title} "
+ f"({existing_finding.component_name} - {existing_finding.component_version})"
+ )
+ existing_finding.mitigated = None
+ existing_finding.is_mitigated = False
+ existing_finding.mitigated_by = None
+ existing_finding.active = True
+ if self.verified is not None:
+ existing_finding.verified = self.verified
component_name = getattr(unsaved_finding, "component_name", None)
component_version = getattr(unsaved_finding, "component_version", None)
@@ -672,9 +667,7 @@ def finding_post_processing(
finding.unsaved_files = finding_from_report.unsaved_files
self.process_files(finding)
# Process vulnerability IDs
- finding = self.process_vulnerability_ids(finding)
-
- return finding
+ return self.process_vulnerability_ids(finding)
def process_groups_for_all_findings(
self,
@@ -733,8 +726,7 @@ def process_results(
serialized_to_mitigate,
serialized_untouched,
)
- else:
- return self.new_items, self.reactivated_items, self.to_mitigate, self.untouched
+ return self.new_items, self.reactivated_items, self.to_mitigate, self.untouched
def calculate_unsaved_finding_hash_code(
self,
diff --git a/dojo/importers/endpoint_manager.py b/dojo/importers/endpoint_manager.py
index e7b21043e1b..b1f08a0a484 100644
--- a/dojo/importers/endpoint_manager.py
+++ b/dojo/importers/endpoint_manager.py
@@ -57,7 +57,7 @@ def add_endpoints_to_unsaved_finding(
endpoint=ep,
defaults={'date': finding.date})
logger.debug(f"IMPORT_SCAN: {len(endpoints)} imported")
- return None
+ return
@dojo_async_task
@app.task()
@@ -79,7 +79,7 @@ def mitigate_endpoint_status(
endpoint_status.mitigated_by = user
endpoint_status.mitigated = True
endpoint_status.save()
- return None
+ return
@dojo_async_task
@app.task()
@@ -100,7 +100,7 @@ def reactivate_endpoint_status(
endpoint_status.mitigated = False
endpoint_status.last_modified = timezone.now()
endpoint_status.save()
- return None
+ return
def chunk_endpoints(
self,
@@ -158,7 +158,7 @@ def clean_unsaved_endpoints(
endpoint.clean()
except ValidationError as e:
logger.warning(f"DefectDojo is storing broken endpoint because cleaning wasn't successful: {e}")
- return None
+ return
def chunk_endpoints_and_reactivate(
self,
@@ -182,7 +182,7 @@ def chunk_endpoints_and_reactivate(
self.reactivate_endpoint_status(endpoint_status_list, sync=False)
else:
self.reactivate_endpoint_status(endpoint_status_list, sync=True)
- return None
+ return
def chunk_endpoints_and_mitigate(
self,
@@ -207,7 +207,7 @@ def chunk_endpoints_and_mitigate(
self.mitigate_endpoint_status(endpoint_status_list, user, sync=False)
else:
self.mitigate_endpoint_status(endpoint_status_list, user, sync=True)
- return None
+ return
def update_endpoint_status(
self,
@@ -242,4 +242,4 @@ def update_endpoint_status(
)
self.chunk_endpoints_and_reactivate(endpoint_status_to_reactivate)
self.chunk_endpoints_and_mitigate(endpoint_status_to_mitigate, user)
- return None
+ return
diff --git a/dojo/jira_link/helper.py b/dojo/jira_link/helper.py
index 32329431d7f..b9dc61250ec 100644
--- a/dojo/jira_link/helper.py
+++ b/dojo/jira_link/helper.py
@@ -99,6 +99,7 @@ def is_push_all_issues(instance):
jira_project = get_jira_project(instance)
if jira_project:
return jira_project.push_all_issues
+ return None
# checks if a finding can be pushed to JIRA
@@ -173,12 +174,11 @@ def get_jira_project(obj, use_inheritance=True):
if obj.jira_project:
return obj.jira_project
# some old jira_issue records don't have a jira_project, so try to go via the finding instead
- elif hasattr(obj, 'finding') and obj.finding:
+ if hasattr(obj, 'finding') and obj.finding:
return get_jira_project(obj.finding, use_inheritance=use_inheritance)
- elif hasattr(obj, 'engagement') and obj.engagement:
+ if hasattr(obj, 'engagement') and obj.engagement:
return get_jira_project(obj.finding, use_inheritance=use_inheritance)
- else:
- return None
+ return None
if isinstance(obj, Finding) or isinstance(obj, Stub_Finding):
finding = obj
@@ -205,9 +205,8 @@ def get_jira_project(obj, use_inheritance=True):
if use_inheritance:
logger.debug('delegating to product %s for %s', engagement.product, engagement)
return get_jira_project(engagement.product)
- else:
- logger.debug('not delegating to product %s for %s', engagement.product, engagement)
- return None
+ logger.debug('not delegating to product %s for %s', engagement.product, engagement)
+ return None
if isinstance(obj, Product):
# TODO refactor relationships, but now this would brake APIv1 (and v2?)
@@ -241,7 +240,7 @@ def get_jira_url(obj):
issue = get_jira_issue(obj)
if issue is not None:
return get_jira_issue_url(issue)
- elif isinstance(obj, Finding):
+ if isinstance(obj, Finding):
# finding must only have url if there is a jira_issue
# engagement can continue to show url of jiraproject instead of jira issue
return None
@@ -320,8 +319,7 @@ def get_jira_issue_template(obj):
if isinstance(obj, Finding_Group):
return os.path.join(template_dir, 'jira-finding-group-description.tpl')
- else:
- return os.path.join(template_dir, 'jira-description.tpl')
+ return os.path.join(template_dir, 'jira-description.tpl')
def get_jira_creation(obj):
@@ -357,6 +355,7 @@ def get_jira_issue(obj):
return obj.jira_issue
except JIRA_Issue.DoesNotExist:
return None
+ return None
def has_jira_configured(obj):
@@ -424,6 +423,7 @@ def get_jira_connection(obj):
if jira_instance is not None:
return get_jira_connection_raw(jira_instance.url, jira_instance.username, jira_instance.password)
+ return None
def jira_get_resolution_id(jira, issue, status):
@@ -468,6 +468,7 @@ def get_jira_updated(finding):
project = get_jira_project(finding)
issue = jira_get_issue(project, j_issue)
return issue.fields.updated
+ return None
# Used for unit testing so geting all the connections is manadatory
@@ -481,6 +482,7 @@ def get_jira_status(finding):
project = get_jira_project(finding)
issue = jira_get_issue(project, j_issue)
return issue.fields.status
+ return None
# Used for unit testing so geting all the connections is manadatory
@@ -494,6 +496,7 @@ def get_jira_comments(finding):
project = get_jira_project(finding)
issue = jira_get_issue(project, j_issue)
return issue.fields.comment.comments
+ return None
# Logs the error to the alerts table, which appears in the notification toolbar
@@ -617,7 +620,7 @@ def jira_priority(obj):
def jira_environment(obj):
if isinstance(obj, Finding):
return "\n".join([str(endpoint) for endpoint in obj.endpoints.all()])
- elif isinstance(obj, Finding_Group):
+ if isinstance(obj, Finding_Group):
envs = [
jira_environment(finding)
for finding in obj.findings.all()
@@ -625,8 +628,7 @@ def jira_environment(obj):
jira_environments = [env for env in envs if env]
return "\n".join(jira_environments)
- else:
- return ''
+ return ''
def push_to_jira(obj, *args, **kwargs):
@@ -638,25 +640,22 @@ def push_to_jira(obj, *args, **kwargs):
finding = obj
if finding.has_jira_issue:
return update_jira_issue_for_finding(finding, *args, **kwargs)
- else:
- return add_jira_issue_for_finding(finding, *args, **kwargs)
+ return add_jira_issue_for_finding(finding, *args, **kwargs)
- elif isinstance(obj, Engagement):
+ if isinstance(obj, Engagement):
engagement = obj
if engagement.has_jira_issue:
return update_epic(engagement, *args, **kwargs)
- else:
- return add_epic(engagement, *args, **kwargs)
+ return add_epic(engagement, *args, **kwargs)
- elif isinstance(obj, Finding_Group):
+ if isinstance(obj, Finding_Group):
group = obj
if group.has_jira_issue:
return update_jira_issue_for_finding_group(group, *args, **kwargs)
- else:
- return add_jira_issue_for_finding_group(group, *args, **kwargs)
+ return add_jira_issue_for_finding_group(group, *args, **kwargs)
- else:
- logger.error('unsupported object passed to push_to_jira: %s %i %s', obj.__name__, obj.id, obj)
+ logger.error('unsupported object passed to push_to_jira: %s %i %s', obj.__name__, obj.id, obj)
+ return None
def add_issues_to_epic(jira, obj, epic_id, issue_keys, ignore_epics=True):
@@ -1022,9 +1021,7 @@ def get_jira_issue_from_jira(find):
jira = get_jira_connection(jira_instance)
logger.debug('getting issue from JIRA')
- issue_from_jira = jira.issue(j_issue.jira_id)
-
- return issue_from_jira
+ return jira.issue(j_issue.jira_id)
except JIRAError as e:
logger.exception(e)
@@ -1191,6 +1188,7 @@ def jira_attachment(finding, jira, issue, file, jira_filename=None):
logger.exception(e)
log_jira_alert("Attachment: " + e.text, finding)
return False
+ return None
def jira_check_attachment(issue, source_file_name):
@@ -1242,9 +1240,9 @@ def close_epic(eng, push_to_jira, **kwargs):
logger.exception(e)
log_jira_generic_alert('Jira Engagement/Epic Close Error', str(e))
return False
- else:
- add_error_message_to_response('Push to JIRA for Epic skipped because enable_engagement_epic_mapping is not checked for this engagement')
- return False
+ return None
+ add_error_message_to_response('Push to JIRA for Epic skipped because enable_engagement_epic_mapping is not checked for this engagement')
+ return False
@dojo_model_to_id
@@ -1350,9 +1348,8 @@ def jira_get_issue(jira_project, issue_key):
try:
jira_instance = jira_project.jira_instance
jira = get_jira_connection(jira_instance)
- issue = jira.issue(issue_key)
+ return jira.issue(issue_key)
- return issue
except JIRAError as jira_error:
logger.debug('error retrieving jira issue ' + issue_key + ' ' + str(jira_error))
logger.exception(jira_error)
@@ -1386,6 +1383,8 @@ def add_comment(obj, note, force_push=False, **kwargs):
except JIRAError as e:
log_jira_generic_alert('Jira Add Comment Error', str(e))
return False
+ return None
+ return None
def add_simple_jira_comment(jira_instance, jira_issue, comment):
diff --git a/dojo/jira_link/queries.py b/dojo/jira_link/queries.py
index 4b9d9c09b7d..d46be9795ea 100644
--- a/dojo/jira_link/queries.py
+++ b/dojo/jira_link/queries.py
@@ -63,7 +63,7 @@ def get_authorized_jira_projects(permission, user=None):
product__member=Exists(product_authorized_product_roles),
product__prod_type__authorized_group=Exists(product_authorized_product_type_groups),
product__authorized_group=Exists(product_authorized_product_groups))
- jira_projects = jira_projects.filter(
+ return jira_projects.filter(
Q(engagement__product__prod_type__member=True)
| Q(engagement__product__member=True)
| Q(engagement__product__prod_type__authorized_group=True)
@@ -73,8 +73,6 @@ def get_authorized_jira_projects(permission, user=None):
| Q(product__prod_type__authorized_group=True)
| Q(product__authorized_group=True))
- return jira_projects
-
def get_authorized_jira_issues(permission):
user = get_current_user()
@@ -152,7 +150,7 @@ def get_authorized_jira_issues(permission):
finding__test__engagement__product__member=Exists(finding_authorized_product_roles),
finding__test__engagement__product__prod_type__authorized_group=Exists(finding_authorized_product_type_groups),
finding__test__engagement__product__authorized_group=Exists(finding_authorized_product_groups))
- jira_issues = jira_issues.filter(
+ return jira_issues.filter(
Q(engagement__product__prod_type__member=True)
| Q(engagement__product__member=True)
| Q(engagement__product__prod_type__authorized_group=True)
@@ -165,5 +163,3 @@ def get_authorized_jira_issues(permission):
| Q(finding__test__engagement__product__member=True)
| Q(finding__test__engagement__product__prod_type__authorized_group=True)
| Q(finding__test__engagement__product__authorized_group=True))
-
- return jira_issues
diff --git a/dojo/jira_link/views.py b/dojo/jira_link/views.py
index e0c43884c46..b6163c4b232 100644
--- a/dojo/jira_link/views.py
+++ b/dojo/jira_link/views.py
@@ -66,10 +66,10 @@ def webhook(request, secret=None):
if not system_settings.enable_jira:
return webhook_responser_handler("info", "Ignoring incoming webhook as JIRA is disabled.")
# If the webhook is not enabled, then return a 404
- elif not system_settings.enable_jira_web_hook:
+ if not system_settings.enable_jira_web_hook:
return webhook_responser_handler("info", "Ignoring incoming webhook as JIRA Webhook is disabled.")
# Determine if the request should be "authenticated"
- elif not system_settings.disable_jira_webhook_secret:
+ if not system_settings.disable_jira_webhook_secret:
# Make sure there is a value for the webhook secret before making a comparison
if not system_settings.jira_webhook_secret:
return webhook_responser_handler("info", "Ignoring incoming webhook as JIRA Webhook secret is empty in Defect Dojo system settings.")
@@ -210,7 +210,7 @@ def check_for_and_create_comment(parsed_json):
"""
comment = parsed_json.get("comment", None)
if comment is None:
- return
+ return None
comment_text = comment.get('body')
commenter = ''
@@ -270,6 +270,7 @@ def check_for_and_create_comment(parsed_json):
finding.jira_issue.jira_change = timezone.now()
finding.jira_issue.save()
finding.save()
+ return None
def get_custom_field(jira, label):
@@ -431,8 +432,7 @@ def post(self, request):
url=request.build_absolute_uri(reverse('jira')))
return HttpResponseRedirect(reverse('jira', ))
- else:
- logger.error('jform.errors: %s', jform.errors)
+ logger.error('jform.errors: %s', jform.errors)
return render(request, self.get_template(), {'jform': jform})
diff --git a/dojo/management/commands/jira_status_reconciliation.py b/dojo/management/commands/jira_status_reconciliation.py
index 918b91a28f1..92f9d7b8630 100644
--- a/dojo/management/commands/jira_status_reconciliation.py
+++ b/dojo/management/commands/jira_status_reconciliation.py
@@ -86,7 +86,7 @@ def jira_status_reconciliation(*args, **kwargs):
messages.append(message)
logger.info(message)
continue
- elif find.risk_accepted:
+ if find.risk_accepted:
message = '%s; %s/finding/%d;%s;%s;%s;%s;%s;%s;%s;%s;%s;%s;%sskipping risk accepted findings;%s' % \
(find.jira_issue.jira_key, settings.SITE_URL, find.id, find.status(), resolution_name, None, None, None,
find.jira_issue.jira_change, issue_from_jira.fields.updated, find.last_status_update, issue_from_jira.fields.updated, find.last_reviewed, issue_from_jira.fields.updated, 'skipped')
@@ -196,6 +196,7 @@ def jira_status_reconciliation(*args, **kwargs):
logger.info('results (semicolon seperated)')
for message in messages:
print(message)
+ return None
class Command(BaseCommand):
diff --git a/dojo/metrics/utils.py b/dojo/metrics/utils.py
index 1a9d3f07c48..4d2a8ed4d03 100644
--- a/dojo/metrics/utils.py
+++ b/dojo/metrics/utils.py
@@ -594,5 +594,4 @@ def findings_queryset(
"""
if qs.model is Endpoint_Status:
return Finding.objects.filter(status_finding__in=qs)
- else:
- return qs
+ return qs
diff --git a/dojo/models.py b/dojo/models.py
index 364f714b4a4..573a9540d52 100644
--- a/dojo/models.py
+++ b/dojo/models.py
@@ -752,9 +752,8 @@ def get_absolute_url(self):
return reverse('product_type', args=[str(self.id)])
def get_breadcrumbs(self):
- bc = [{'title': str(self),
+ return [{'title': str(self),
'url': reverse('edit_product_type', args=(self.id,))}]
- return bc
@cached_property
def critical_present(self):
@@ -762,6 +761,7 @@ def critical_present(self):
test__engagement__product__prod_type=self, severity='Critical')
if c_findings.count() > 0:
return True
+ return None
@cached_property
def high_present(self):
@@ -769,6 +769,7 @@ def high_present(self):
test__engagement__product__prod_type=self, severity='High')
if c_findings.count() > 0:
return True
+ return None
@cached_property
def calc_health(self):
@@ -786,8 +787,7 @@ def calc_health(self):
health = health - ((h_findings.count() - 1) * 2)
if health < 5:
return 5
- else:
- return health
+ return health
# only used by bulk risk acceptance api
@property
@@ -820,9 +820,8 @@ def __str__(self):
return self.name
def get_breadcrumbs(self):
- bc = [{'title': str(self),
+ return [{'title': str(self),
'url': None}]
- return bc
class DojoMeta(models.Model):
@@ -1165,8 +1164,7 @@ def endpoint_host_count(self):
for e in endpoints:
if e.host in hosts:
continue
- else:
- hosts.append(e.host)
+ hosts.append(e.host)
return len(hosts)
@@ -1181,53 +1179,51 @@ def endpoint_count(self):
def open_findings(self, start_date=None, end_date=None):
if start_date is None or end_date is None:
return {}
- else:
- critical = Finding.objects.filter(test__engagement__product=self,
- mitigated__isnull=True,
- verified=True,
- false_p=False,
- duplicate=False,
- out_of_scope=False,
- severity="Critical",
- date__range=[start_date,
- end_date]).count()
- high = Finding.objects.filter(test__engagement__product=self,
+ critical = Finding.objects.filter(test__engagement__product=self,
mitigated__isnull=True,
verified=True,
false_p=False,
duplicate=False,
out_of_scope=False,
- severity="High",
+ severity="Critical",
date__range=[start_date,
end_date]).count()
- medium = Finding.objects.filter(test__engagement__product=self,
- mitigated__isnull=True,
- verified=True,
- false_p=False,
- duplicate=False,
- out_of_scope=False,
- severity="Medium",
- date__range=[start_date,
- end_date]).count()
- low = Finding.objects.filter(test__engagement__product=self,
- mitigated__isnull=True,
- verified=True,
- false_p=False,
- duplicate=False,
- out_of_scope=False,
- severity="Low",
- date__range=[start_date,
- end_date]).count()
- return {'Critical': critical,
- 'High': high,
- 'Medium': medium,
- 'Low': low,
- 'Total': (critical + high + medium + low)}
+ high = Finding.objects.filter(test__engagement__product=self,
+ mitigated__isnull=True,
+ verified=True,
+ false_p=False,
+ duplicate=False,
+ out_of_scope=False,
+ severity="High",
+ date__range=[start_date,
+ end_date]).count()
+ medium = Finding.objects.filter(test__engagement__product=self,
+ mitigated__isnull=True,
+ verified=True,
+ false_p=False,
+ duplicate=False,
+ out_of_scope=False,
+ severity="Medium",
+ date__range=[start_date,
+ end_date]).count()
+ low = Finding.objects.filter(test__engagement__product=self,
+ mitigated__isnull=True,
+ verified=True,
+ false_p=False,
+ duplicate=False,
+ out_of_scope=False,
+ severity="Low",
+ date__range=[start_date,
+ end_date]).count()
+ return {'Critical': critical,
+ 'High': high,
+ 'Medium': medium,
+ 'Low': low,
+ 'Total': (critical + high + medium + low)}
def get_breadcrumbs(self):
- bc = [{'title': str(self),
+ return [{'title': str(self),
'url': reverse('view_product', args=(self.id,))}]
- return bc
@property
def get_product_type(self):
@@ -1685,9 +1681,8 @@ def __str__(self):
msg = 'hyperlink lib did not create URL as was expected'
raise ValueError(msg)
return clean_url
- else:
- msg = 'Missing host'
- raise ValueError(msg)
+ msg = 'Missing host'
+ raise ValueError(msg)
except:
url = ''
if self.protocol:
@@ -1799,11 +1794,9 @@ def __eq__(self, other):
products_match = (self.product) == other.product
# Check if the contents match
return products_match and contents_match
- else:
- return contents_match
+ return contents_match
- else:
- return NotImplemented
+ return NotImplemented
@property
def is_broken(self):
@@ -1814,8 +1807,7 @@ def is_broken(self):
else:
if self.product:
return False
- else:
- return True
+ return True
@property
def mitigated(self):
@@ -1836,7 +1828,7 @@ def findings_count(self):
return self.findings.all().count()
def active_findings(self):
- findings = self.findings.filter(
+ return self.findings.filter(
active=True,
out_of_scope=False,
mitigated__isnull=True,
@@ -1846,10 +1838,9 @@ def active_findings(self):
status_finding__out_of_scope=False,
status_finding__risk_accepted=False
).order_by('numerical_severity')
- return findings
def active_verified_findings(self):
- findings = self.findings.filter(
+ return self.findings.filter(
active=True,
verified=True,
out_of_scope=False,
@@ -1860,7 +1851,6 @@ def active_verified_findings(self):
status_finding__out_of_scope=False,
status_finding__risk_accepted=False
).order_by('numerical_severity')
- return findings
@property
def active_findings_count(self):
@@ -1904,7 +1894,7 @@ def host_findings_count(self):
return self.host_findings().count()
def host_active_findings(self):
- findings = Finding.objects.filter(
+ return Finding.objects.filter(
active=True,
out_of_scope=False,
mitigated__isnull=True,
@@ -1915,10 +1905,9 @@ def host_active_findings(self):
status_finding__risk_accepted=False,
endpoints__in=self.host_endpoints()
).order_by('numerical_severity')
- return findings
def host_active_verified_findings(self):
- findings = Finding.objects.filter(
+ return Finding.objects.filter(
active=True,
verified=True,
out_of_scope=False,
@@ -1930,7 +1919,6 @@ def host_active_verified_findings(self):
status_finding__risk_accepted=False,
endpoints__in=self.host_endpoints()
).order_by('numerical_severity')
- return findings
@property
def host_active_findings_count(self):
@@ -2205,8 +2193,7 @@ def get_queryset(self):
super_query = super_query.annotate(created_findings_count=Count('findings', filter=Q(test_import_finding_action__action=IMPORT_CREATED_FINDING)))
super_query = super_query.annotate(closed_findings_count=Count('findings', filter=Q(test_import_finding_action__action=IMPORT_CLOSED_FINDING)))
super_query = super_query.annotate(reactivated_findings_count=Count('findings', filter=Q(test_import_finding_action__action=IMPORT_REACTIVATED_FINDING)))
- super_query = super_query.annotate(untouched_findings_count=Count('findings', filter=Q(test_import_finding_action__action=IMPORT_UNTOUCHED_FINDING)))
- return super_query
+ return super_query.annotate(untouched_findings_count=Count('findings', filter=Q(test_import_finding_action__action=IMPORT_UNTOUCHED_FINDING)))
class Meta:
ordering = ('-id',)
@@ -2870,53 +2857,47 @@ def hash_fields(self, fields_to_hash):
def duplicate_finding_set(self):
if self.duplicate:
if self.duplicate_finding is not None:
- originals = Finding.objects.get(
+ return Finding.objects.get(
id=self.duplicate_finding.id).original_finding.all().order_by('title')
- return originals # we need to add the duplicate_finding here as well
- else:
- return []
- else:
- return self.original_finding.all().order_by('title')
+ return []
+ return self.original_finding.all().order_by('title')
def get_scanner_confidence_text(self):
if self.scanner_confidence and isinstance(self.scanner_confidence, int):
if self.scanner_confidence <= 2:
return "Certain"
- elif self.scanner_confidence >= 3 and self.scanner_confidence <= 5:
+ if self.scanner_confidence >= 3 and self.scanner_confidence <= 5:
return "Firm"
- else:
- return "Tentative"
+ return "Tentative"
return ""
@staticmethod
def get_numerical_severity(severity):
if severity == 'Critical':
return 'S0'
- elif severity == 'High':
+ if severity == 'High':
return 'S1'
- elif severity == 'Medium':
+ if severity == 'Medium':
return 'S2'
- elif severity == 'Low':
+ if severity == 'Low':
return 'S3'
- elif severity == 'Info':
+ if severity == 'Info':
return 'S4'
- else:
- return 'S5'
+ return 'S5'
@staticmethod
def get_number_severity(severity):
if severity == 'Critical':
return 4
- elif severity == 'High':
+ if severity == 'High':
return 3
- elif severity == 'Medium':
+ if severity == 'Medium':
return 2
- elif severity == 'Low':
+ if severity == 'Low':
return 1
- elif severity == 'Info':
+ if severity == 'Info':
return 0
- else:
- return 5
+ return 5
@staticmethod
def get_severity(num_severity):
@@ -2990,8 +2971,7 @@ def sla_age(self):
def get_sla_start_date(self):
if self.sla_start_date:
return self.sla_start_date
- else:
- return self.date
+ return self.date
def get_sla_period(self):
sla_configuration = SLA_Configuration.objects.filter(id=self.test.engagement.product.sla_configuration_id).first()
@@ -3002,7 +2982,7 @@ def get_sla_period(self):
def set_sla_expiration_date(self):
system_settings = System_Settings.objects.get()
if not system_settings.enable_finding_sla:
- return None
+ return
days_remaining = None
sla_period, enforce_period = self.get_sla_period()
@@ -3010,7 +2990,7 @@ def set_sla_expiration_date(self):
days_remaining = sla_period - self.sla_age
else:
self.sla_expiration_date = Finding().sla_expiration_date
- return None
+ return
if days_remaining:
if self.mitigated:
@@ -3028,8 +3008,7 @@ def sla_days_remaining(self):
if isinstance(mitigated_date, datetime):
mitigated_date = self.mitigated.date()
return (self.sla_expiration_date - mitigated_date).days
- else:
- return (self.sla_expiration_date - get_current_date()).days
+ return (self.sla_expiration_date - get_current_date()).days
return None
def sla_deadline(self):
@@ -3071,9 +3050,8 @@ def has_jira_issue(self):
@cached_property
def finding_group(self):
- group = self.finding_group_set.all().first()
+ return self.finding_group_set.all().first()
# logger.debug('finding.finding_group: %s', group)
- return group
@cached_property
def has_jira_group_issue(self):
@@ -3123,21 +3101,20 @@ def get_valid_request_response_pairs(self):
# Get a list of all req/resp pairs
all_req_resps = self.burprawrequestresponse_set.all()
# Filter away those that do not have any contents
- valid_req_resps = all_req_resps.exclude(
+ return all_req_resps.exclude(
burpRequestBase64__exact=empty_value,
burpResponseBase64__exact=empty_value,
)
- return valid_req_resps
-
def get_report_requests(self):
# Get the list of request response pairs that are non empty
request_response_pairs = self.get_valid_request_response_pairs()
# Determine how many to return
if request_response_pairs.count() >= 3:
return request_response_pairs[0:3]
- elif request_response_pairs.count() > 0:
+ if request_response_pairs.count() > 0:
return request_response_pairs
+ return None
def get_request(self):
# Get the list of request response pairs that are non empty
@@ -3155,8 +3132,7 @@ def get_response(self):
reqres = request_response_pairs.first()
res = base64.b64decode(reqres.burpResponseBase64)
# Removes all blank lines
- res = re.sub(r'\n\s*\n', '\n', res)
- return res
+ return re.sub(r'\n\s*\n', '\n', res)
def latest_note(self):
if self.notes.all():
@@ -3242,8 +3218,7 @@ def bitbucket_standalone_prepare_scm_base_link(self, uri):
project = parts_project[0]
if project.startswith('~'):
return parts_scm[0] + '/users/' + parts_project[0][1:] + '/repos/' + parts_project[1] + '/browse'
- else:
- return parts_scm[0] + '/projects/' + parts_project[0] + '/repos/' + parts_project[1] + '/browse'
+ return parts_scm[0] + '/projects/' + parts_project[0] + '/repos/' + parts_project[1] + '/browse'
def bitbucket_standalone_prepare_scm_link(self, uri):
# if commit hash or branch/tag is set for engagement/test -
@@ -3328,9 +3303,7 @@ def vulnerability_ids(self):
vulnerability_ids = [self.cve]
# Remove duplicates
- vulnerability_ids = list(dict.fromkeys(vulnerability_ids))
-
- return vulnerability_ids
+ return list(dict.fromkeys(vulnerability_ids))
def inherit_tags(self, potentially_existing_tags):
# get a copy of the tags to be inherited
@@ -3504,9 +3477,8 @@ def get_absolute_url(self):
return reverse('edit_template', args=[str(self.id)])
def get_breadcrumbs(self):
- bc = [{'title': str(self),
+ return [{'title': str(self),
'url': reverse('view_template', args=(self.id,))}]
- return bc
@cached_property
def vulnerability_ids(self):
@@ -3527,9 +3499,7 @@ def vulnerability_ids(self):
vulnerability_ids = [self.cve]
# Remove duplicates
- vulnerability_ids = list(dict.fromkeys(vulnerability_ids))
-
- return vulnerability_ids
+ return list(dict.fromkeys(vulnerability_ids))
class Vulnerability_Id_Template(models.Model):
@@ -3577,10 +3547,9 @@ class Check_List(models.Model):
def get_status(pass_fail):
if pass_fail == 'Pass':
return 'success'
- elif pass_fail == 'Fail':
+ if pass_fail == 'Fail':
return 'danger'
- else:
- return 'warning'
+ return 'warning'
def get_breadcrumb(self):
bc = self.engagement.get_breadcrumb()
@@ -3601,8 +3570,7 @@ def get_request(self):
def get_response(self):
res = str(base64.b64decode(self.burpResponseBase64), errors='ignore')
# Removes all blank lines
- res = re.sub(r'\n\s*\n', '\n', res)
- return res
+ return re.sub(r'\n\s*\n', '\n', res)
class Risk_Acceptance(models.Model):
@@ -3858,16 +3826,15 @@ def false_positive_resolutions(self):
def get_priority(self, status):
if status == 'Info':
return self.info_mapping_severity
- elif status == 'Low':
+ if status == 'Low':
return self.low_mapping_severity
- elif status == 'Medium':
+ if status == 'Medium':
return self.medium_mapping_severity
- elif status == 'High':
+ if status == 'High':
return self.high_mapping_severity
- elif status == 'Critical':
+ if status == 'Critical':
return self.critical_mapping_severity
- else:
- return 'N/A'
+ return 'N/A'
# declare form here as we can't import forms.py due to circular imports not even locally
@@ -4548,8 +4515,7 @@ class ChoiceAnswer(Answer):
def __str__(self):
if len(self.answer.all()):
return str(self.answer.all()[0])
- else:
- return 'No Response'
+ return 'No Response'
if settings.ENABLE_AUDITLOG:
diff --git a/dojo/notes/views.py b/dojo/notes/views.py
index 3ccb8ae1f80..cbe0244a411 100644
--- a/dojo/notes/views.py
+++ b/dojo/notes/views.py
@@ -118,11 +118,10 @@ def edit_note(request, id, page, objid):
_('Note edited.'),
extra_tags='alert-success')
return HttpResponseRedirect(reverse(reverse_url, args=(object_id, )))
- else:
- messages.add_message(request,
- messages.SUCCESS,
- _('Note was not succesfully edited.'),
- extra_tags='alert-danger')
+ messages.add_message(request,
+ messages.SUCCESS,
+ _('Note was not succesfully edited.'),
+ extra_tags='alert-danger')
else:
if note_type_activation:
form = TypedNoteForm(available_note_types=available_note_types, instance=note)
@@ -190,5 +189,4 @@ def find_available_notetypes(finding, editing_note):
available_note_types.append(note_type_id)
available_note_types.append(editing_note.note_type_id)
available_note_types = list(set(available_note_types))
- queryset = Note_Type.objects.filter(id__in=available_note_types).order_by('-id')
- return queryset
+ return Note_Type.objects.filter(id__in=available_note_types).order_by('-id')
diff --git a/dojo/notifications/helper.py b/dojo/notifications/helper.py
index 0afb0d6b36f..8bf6e71fd5d 100644
--- a/dojo/notifications/helper.py
+++ b/dojo/notifications/helper.py
@@ -354,18 +354,17 @@ def get_slack_user_id(user_email):
logger.error("Slack is complaining. See error message below.")
logger.error(user)
raise RuntimeError('Error getting user list from Slack: ' + res.text)
- else:
- if "email" in user["user"]["profile"]:
- if user_email == user["user"]["profile"]["email"]:
- if "id" in user["user"]:
- user_id = user["user"]["id"]
- logger.debug(f"Slack user ID is {user_id}")
- slack_user_is_found = True
- else:
- logger.warning(f"A user with email {user_email} could not be found in this Slack workspace.")
-
- if not slack_user_is_found:
- logger.warning("The Slack user was not found.")
+ if "email" in user["user"]["profile"]:
+ if user_email == user["user"]["profile"]["email"]:
+ if "id" in user["user"]:
+ user_id = user["user"]["id"]
+ logger.debug(f"Slack user ID is {user_id}")
+ slack_user_is_found = True
+ else:
+ logger.warning(f"A user with email {user_email} could not be found in this Slack workspace.")
+
+ if not slack_user_is_found:
+ logger.warning("The Slack user was not found.")
return user_id
diff --git a/dojo/object/views.py b/dojo/object/views.py
index 86d45e067ff..782c3a59ba6 100644
--- a/dojo/object/views.py
+++ b/dojo/object/views.py
@@ -30,14 +30,14 @@ def new_object(request, pid):
'Added Tracked File to a Product',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('view_objects', args=(pid,)))
- else:
- tform = ObjectSettingsForm()
- product_tab = Product_Tab(prod, title="Add Tracked Files to a Product", tab="settings")
+ return None
+ tform = ObjectSettingsForm()
+ product_tab = Product_Tab(prod, title="Add Tracked Files to a Product", tab="settings")
- return render(request, 'dojo/new_object.html',
- {'tform': tform,
- 'product_tab': product_tab,
- 'pid': prod.id})
+ return render(request, 'dojo/new_object.html',
+ {'tform': tform,
+ 'product_tab': product_tab,
+ 'pid': prod.id})
@user_is_authorized(Product, Permissions.Product_Tracking_Files_View, 'pid')
@@ -101,8 +101,7 @@ def delete_object(request, pid, ttid):
'Tracked Product Files Deleted.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('view_objects', args=(pid,)))
- else:
- tform = DeleteObjectsSettingsForm(instance=object)
+ tform = DeleteObjectsSettingsForm(instance=object)
product_tab = Product_Tab(product, title="Delete Product Tool Configuration", tab="settings")
return render(request,
diff --git a/dojo/pipeline.py b/dojo/pipeline.py
index 8f05d35d4c1..fc7cd270f57 100644
--- a/dojo/pipeline.py
+++ b/dojo/pipeline.py
@@ -31,7 +31,7 @@ def social_uid(backend, details, response, *args, **kwargs):
'first_name': first_name,
'last_name': last_name,
'uid': uid}
- elif settings.GOOGLE_OAUTH_ENABLED and isinstance(backend, GoogleOAuth2):
+ if settings.GOOGLE_OAUTH_ENABLED and isinstance(backend, GoogleOAuth2):
"""Return user details from Google account"""
if 'sub' in response:
google_uid = response['sub']
@@ -51,15 +51,13 @@ def social_uid(backend, details, response, *args, **kwargs):
'first_name': first_name,
'last_name': last_name,
'uid': google_uid}
- else:
- uid = backend.get_user_id(details, response)
- # Used for most backends
- if uid:
- return {'uid': uid}
- # Until OKTA PR in social-core is merged
- # This modified way needs to work
- else:
- return {'uid': response.get('preferred_username')}
+ uid = backend.get_user_id(details, response)
+ # Used for most backends
+ if uid:
+ return {'uid': uid}
+ # Until OKTA PR in social-core is merged
+ # This modified way needs to work
+ return {'uid': response.get('preferred_username')}
def modify_permissions(backend, uid, user=None, social=None, *args, **kwargs):
@@ -107,8 +105,7 @@ def update_azure_groups(backend, uid, user=None, social=None, *args, **kwargs):
def is_group_id(group):
if re.search(r'^[a-zA-Z0-9]{8,}-[a-zA-Z0-9]{4,}-[a-zA-Z0-9]{4,}-[a-zA-Z0-9]{4,}-[a-zA-Z0-9]{12,}$', group):
return True
- else:
- return False
+ return False
def assign_user_to_groups(user, group_names, social_provider):
@@ -183,7 +180,6 @@ def sanitize_username(username):
def create_user(strategy, details, backend, user=None, *args, **kwargs):
if not settings.SOCIAL_AUTH_CREATE_USER:
- return
- else:
- details["username"] = sanitize_username(details.get("username"))
- return social_core.pipeline.user.create_user(strategy, details, backend, user, args, kwargs)
+ return None
+ details["username"] = sanitize_username(details.get("username"))
+ return social_core.pipeline.user.create_user(strategy, details, backend, user, args, kwargs)
diff --git a/dojo/product/queries.py b/dojo/product/queries.py
index 96f1b626cb3..9e0be4e68de 100644
--- a/dojo/product/queries.py
+++ b/dojo/product/queries.py
@@ -59,20 +59,17 @@ def get_authorized_products(permission, user=None):
member=Exists(authorized_product_roles),
prod_type__authorized_group=Exists(authorized_product_type_groups),
authorized_group=Exists(authorized_product_groups)).order_by('name')
- products = products.filter(
+ return products.filter(
Q(prod_type__member=True) | Q(member=True)
| Q(prod_type__authorized_group=True) | Q(authorized_group=True))
- return products
-
def get_authorized_members_for_product(product, permission):
user = get_current_user()
if user.is_superuser or user_has_permission(user, product, permission):
return Product_Member.objects.filter(product=product).order_by('user__first_name', 'user__last_name').select_related('role', 'user')
- else:
- return None
+ return None
def get_authorized_groups_for_product(product, permission):
@@ -81,8 +78,7 @@ def get_authorized_groups_for_product(product, permission):
if user.is_superuser or user_has_permission(user, product, permission):
authorized_groups = get_authorized_groups(Permissions.Group_View)
return Product_Group.objects.filter(product=product, group__in=authorized_groups).order_by('group__name').select_related('role')
- else:
- return None
+ return None
def get_authorized_product_members(permission):
@@ -164,12 +160,10 @@ def get_authorized_app_analysis(permission):
product__member=Exists(authorized_product_roles),
product__prod_type__authorized_group=Exists(authorized_product_type_groups),
product__authorized_group=Exists(authorized_product_groups)).order_by('name')
- app_analysis = app_analysis.filter(
+ return app_analysis.filter(
Q(product__prod_type__member=True) | Q(product__member=True)
| Q(product__prod_type__authorized_group=True) | Q(product__authorized_group=True))
- return app_analysis
-
def get_authorized_dojo_meta(permission):
user = get_current_user()
@@ -246,7 +240,7 @@ def get_authorized_dojo_meta(permission):
finding__test__engagement__product__prod_type__authorized_group=Exists(finding_authorized_product_type_groups),
finding__test__engagement__product__authorized_group=Exists(finding_authorized_product_groups)
).order_by('name')
- dojo_meta = dojo_meta.filter(
+ return dojo_meta.filter(
Q(product__prod_type__member=True)
| Q(product__member=True)
| Q(product__prod_type__authorized_group=True)
@@ -260,8 +254,6 @@ def get_authorized_dojo_meta(permission):
| Q(finding__test__engagement__product__prod_type__authorized_group=True)
| Q(finding__test__engagement__product__authorized_group=True))
- return dojo_meta
-
def get_authorized_languages(permission):
user = get_current_user()
@@ -297,12 +289,10 @@ def get_authorized_languages(permission):
product__member=Exists(authorized_product_roles),
product__prod_type__authorized_group=Exists(authorized_product_type_groups),
product__authorized_group=Exists(authorized_product_groups)).order_by('language')
- languages = languages.filter(
+ return languages.filter(
Q(product__prod_type__member=True) | Q(product__member=True)
| Q(product__prod_type__authorized_group=True) | Q(product__authorized_group=True))
- return languages
-
def get_authorized_engagement_presets(permission):
user = get_current_user()
@@ -338,12 +328,10 @@ def get_authorized_engagement_presets(permission):
product__member=Exists(authorized_product_roles),
product__prod_type__authorized_group=Exists(authorized_product_type_groups),
product__authorized_group=Exists(authorized_product_groups)).order_by('title')
- engagement_presets = engagement_presets.filter(
+ return engagement_presets.filter(
Q(product__prod_type__member=True) | Q(product__member=True)
| Q(product__prod_type__authorized_group=True) | Q(product__authorized_group=True))
- return engagement_presets
-
def get_authorized_product_api_scan_configurations(permission):
user = get_current_user()
@@ -379,8 +367,6 @@ def get_authorized_product_api_scan_configurations(permission):
product__member=Exists(authorized_product_roles),
product__prod_type__authorized_group=Exists(authorized_product_type_groups),
product__authorized_group=Exists(authorized_product_groups))
- product_api_scan_configurations = product_api_scan_configurations.filter(
+ return product_api_scan_configurations.filter(
Q(product__prod_type__member=True) | Q(product__member=True)
| Q(product__prod_type__authorized_group=True) | Q(product__authorized_group=True))
-
- return product_api_scan_configurations
diff --git a/dojo/product/views.py b/dojo/product/views.py
index c3afce15245..a65dc721ad5 100644
--- a/dojo/product/views.py
+++ b/dojo/product/views.py
@@ -350,11 +350,10 @@ def identify_view(request):
return view
msg = 'invalid view, view must be "Endpoint" or "Finding"'
raise ValueError(msg)
- else:
- if get_data.get('finding__severity', None):
- return 'Endpoint'
- elif get_data.get('false_positive', None):
- return 'Endpoint'
+ if get_data.get('finding__severity', None):
+ return 'Endpoint'
+ if get_data.get('false_positive', None):
+ return 'Endpoint'
referer = request.META.get('HTTP_REFERER', None)
if referer:
if referer.find('type=Endpoint') > -1:
@@ -904,9 +903,8 @@ def new_product(request, ptid=None):
if not error:
return HttpResponseRedirect(reverse('view_product', args=(product.id,)))
- else:
- # engagement was saved, but JIRA errors, so goto edit_product
- return HttpResponseRedirect(reverse('edit_product', args=(product.id,)))
+ # engagement was saved, but JIRA errors, so goto edit_product
+ return HttpResponseRedirect(reverse('edit_product', args=(product.id,)))
else:
if get_system_setting('enable_jira'):
jira_project_form = JIRAProjectForm()
@@ -1029,9 +1027,8 @@ def delete_product(request, pid):
extra_tags='alert-success')
logger.debug('delete_product: POST RETURN')
return HttpResponseRedirect(reverse('product'))
- else:
- logger.debug('delete_product: POST INVALID FORM')
- logger.error(form.errors)
+ logger.debug('delete_product: POST INVALID FORM')
+ logger.error(form.errors)
logger.debug('delete_product: GET')
@@ -1104,16 +1101,13 @@ def new_eng_for_app(request, pid, cicd=False):
if not error:
if "_Add Tests" in request.POST:
return HttpResponseRedirect(reverse('add_tests', args=(engagement.id,)))
- elif "_Import Scan Results" in request.POST:
+ if "_Import Scan Results" in request.POST:
return HttpResponseRedirect(reverse('import_scan_results', args=(engagement.id,)))
- else:
- return HttpResponseRedirect(reverse('view_engagement', args=(engagement.id,)))
- else:
- # engagement was saved, but JIRA errors, so goto edit_engagement
- logger.debug('new_eng_for_app: jira errors')
- return HttpResponseRedirect(reverse('edit_engagement', args=(engagement.id,)))
- else:
- logger.debug(form.errors)
+ return HttpResponseRedirect(reverse('view_engagement', args=(engagement.id,)))
+ # engagement was saved, but JIRA errors, so goto edit_engagement
+ logger.debug('new_eng_for_app: jira errors')
+ return HttpResponseRedirect(reverse('edit_engagement', args=(engagement.id,)))
+ logger.debug(form.errors)
else:
form = EngForm(initial={'lead': request.user, 'target_start': timezone.now().date(),
'target_end': timezone.now().date() + timedelta(days=7), 'product': product}, cicd=cicd,
@@ -1223,8 +1217,7 @@ def add_meta_data(request, pid):
extra_tags='alert-success')
if 'add_another' in request.POST:
return HttpResponseRedirect(reverse('add_meta_data', args=(pid,)))
- else:
- return HttpResponseRedirect(reverse('view_product', args=(pid,)))
+ return HttpResponseRedirect(reverse('view_product', args=(pid,)))
else:
form = DojoMetaDataForm()
@@ -1288,12 +1281,11 @@ def get_engagement(self, product: Product):
def get_test(self, engagement: Engagement, test_type: Test_Type):
if test := Test.objects.filter(engagement=engagement).first():
return test
- else:
- return Test.objects.create(
- engagement=engagement,
- test_type=test_type,
- target_start=timezone.now(),
- target_end=timezone.now())
+ return Test.objects.create(
+ engagement=engagement,
+ test_type=test_type,
+ target_start=timezone.now(),
+ target_end=timezone.now())
def create_nested_objects(self, product: Product):
engagement = self.get_engagement(product)
@@ -1406,9 +1398,8 @@ def process_finding_form(self, request: HttpRequest, test: Test, context: dict):
finding.save()
return finding, request, True
- else:
- add_error_message_to_response("The form has errors, please correct them below.")
- add_field_errors_to_response(context["form"])
+ add_error_message_to_response("The form has errors, please correct them below.")
+ add_field_errors_to_response(context["form"])
return finding, request, False
@@ -1451,8 +1442,7 @@ def process_jira_form(self, request: HttpRequest, finding: Finding, context: dic
)
return request, True, push_to_jira
- else:
- add_field_errors_to_response(context["jform"])
+ add_field_errors_to_response(context["jform"])
return request, False, False
@@ -1464,8 +1454,7 @@ def process_github_form(self, request: HttpRequest, finding: Finding, context: d
add_external_issue(finding, 'github')
return request, True
- else:
- add_field_errors_to_response(context["gform"])
+ add_field_errors_to_response(context["gform"])
return request, False
@@ -1537,10 +1526,8 @@ def post(self, request: HttpRequest, product_id: int):
if success:
if '_Finished' in request.POST:
return HttpResponseRedirect(reverse('view_test', args=(test.id,)))
- else:
- return HttpResponseRedirect(reverse('add_findings', args=(test.id,)))
- else:
- context["form_error"] = True
+ return HttpResponseRedirect(reverse('add_findings', args=(test.id,)))
+ context["form_error"] = True
# Render the form
return render(request, self.get_template(), context)
@@ -1718,8 +1705,7 @@ def edit_product_member(request, memberid):
extra_tags='alert-success')
if is_title_in_breadcrumbs('View User'):
return HttpResponseRedirect(reverse('view_user', args=(member.user.id,)))
- else:
- return HttpResponseRedirect(reverse('view_product', args=(member.product.id,)))
+ return HttpResponseRedirect(reverse('view_product', args=(member.product.id,)))
product_tab = Product_Tab(member.product, title=_("Edit Product Member"), tab="settings")
return render(request, 'dojo/edit_product_member.html', {
'memberid': memberid,
@@ -1743,11 +1729,9 @@ def delete_product_member(request, memberid):
extra_tags='alert-success')
if is_title_in_breadcrumbs('View User'):
return HttpResponseRedirect(reverse('view_user', args=(member.user.id,)))
- else:
- if user == request.user:
- return HttpResponseRedirect(reverse('product'))
- else:
- return HttpResponseRedirect(reverse('view_product', args=(member.product.id,)))
+ if user == request.user:
+ return HttpResponseRedirect(reverse('product'))
+ return HttpResponseRedirect(reverse('view_product', args=(member.product.id,)))
product_tab = Product_Tab(member.product, title=_("Delete Product Member"), tab="settings")
return render(request, 'dojo/delete_product_member.html', {
'memberid': memberid,
@@ -1779,8 +1763,7 @@ def add_api_scan_configuration(request, pid):
extra_tags='alert-success')
if 'add_another' in request.POST:
return HttpResponseRedirect(reverse('add_api_scan_configuration', args=(pid,)))
- else:
- return HttpResponseRedirect(reverse('view_api_scan_configurations', args=(pid,)))
+ return HttpResponseRedirect(reverse('view_api_scan_configurations', args=(pid,)))
except Exception as e:
logger.exception(e)
messages.add_message(request,
@@ -1877,8 +1860,7 @@ def delete_api_scan_configuration(request, pid, pascid):
_('API Scan Configuration deleted.'),
extra_tags='alert-success')
return HttpResponseRedirect(reverse('view_api_scan_configurations', args=(pid,)))
- else:
- form = DeleteProduct_API_Scan_ConfigurationForm(instance=product_api_scan_configuration)
+ form = DeleteProduct_API_Scan_ConfigurationForm(instance=product_api_scan_configuration)
product_tab = Product_Tab(get_object_or_404(Product, id=pid), title=_("Delete Tool Configuration"), tab="settings")
return render(request,
@@ -1912,8 +1894,7 @@ def edit_product_group(request, groupid):
extra_tags='alert-success')
if is_title_in_breadcrumbs('View Group'):
return HttpResponseRedirect(reverse('view_group', args=(group.group.id,)))
- else:
- return HttpResponseRedirect(reverse('view_product', args=(group.product.id,)))
+ return HttpResponseRedirect(reverse('view_product', args=(group.product.id,)))
product_tab = Product_Tab(group.product, title=_("Edit Product Group"), tab="settings")
return render(request, 'dojo/edit_product_group.html', {
@@ -1938,10 +1919,9 @@ def delete_product_group(request, groupid):
extra_tags='alert-success')
if is_title_in_breadcrumbs('View Group'):
return HttpResponseRedirect(reverse('view_group', args=(group.group.id,)))
- else:
- # TODO: If user was in the group that was deleted and no longer has access, redirect back to product listing
- # page
- return HttpResponseRedirect(reverse('view_product', args=(group.product.id,)))
+ # TODO: If user was in the group that was deleted and no longer has access, redirect back to product listing
+ # page
+ return HttpResponseRedirect(reverse('view_product', args=(group.product.id,)))
product_tab = Product_Tab(group.product, title=_("Delete Product Group"), tab="settings")
return render(request, 'dojo/delete_product_group.html', {
diff --git a/dojo/product_type/queries.py b/dojo/product_type/queries.py
index 4b658798e29..51cda3af8f6 100644
--- a/dojo/product_type/queries.py
+++ b/dojo/product_type/queries.py
@@ -35,9 +35,7 @@ def get_authorized_product_types(permission):
product_types = Product_Type.objects.annotate(
member=Exists(authorized_roles),
authorized_group=Exists(authorized_groups)).order_by('name')
- product_types = product_types.filter(Q(member=True) | Q(authorized_group=True))
-
- return product_types
+ return product_types.filter(Q(member=True) | Q(authorized_group=True))
def get_authorized_members_for_product_type(product_type, permission):
@@ -45,8 +43,7 @@ def get_authorized_members_for_product_type(product_type, permission):
if user.is_superuser or user_has_permission(user, product_type, permission):
return Product_Type_Member.objects.filter(product_type=product_type).order_by('user__first_name', 'user__last_name').select_related('role', 'product_type', 'user')
- else:
- return None
+ return None
def get_authorized_groups_for_product_type(product_type, permission):
@@ -55,8 +52,7 @@ def get_authorized_groups_for_product_type(product_type, permission):
if user.is_superuser or user_has_permission(user, product_type, permission):
authorized_groups = get_authorized_groups(Permissions.Group_View)
return Product_Type_Group.objects.filter(product_type=product_type, group__in=authorized_groups).order_by('group__name').select_related('role', 'group')
- else:
- return None
+ return None
def get_authorized_product_type_members(permission):
diff --git a/dojo/product_type/views.py b/dojo/product_type/views.py
index efa46f73a8d..ba1b6e388f2 100644
--- a/dojo/product_type/views.py
+++ b/dojo/product_type/views.py
@@ -242,8 +242,7 @@ def edit_product_type_member(request, memberid):
extra_tags='alert-warning')
if is_title_in_breadcrumbs('View User'):
return HttpResponseRedirect(reverse('view_user', args=(member.user.id, )))
- else:
- return HttpResponseRedirect(reverse('view_product_type', args=(member.product_type.id, )))
+ return HttpResponseRedirect(reverse('view_product_type', args=(member.product_type.id, )))
if member.role.is_owner and not user_has_permission(request.user, member.product_type, Permissions.Product_Type_Member_Add_Owner):
messages.add_message(request,
messages.WARNING,
@@ -257,8 +256,7 @@ def edit_product_type_member(request, memberid):
extra_tags='alert-success')
if is_title_in_breadcrumbs('View User'):
return HttpResponseRedirect(reverse('view_user', args=(member.user.id, )))
- else:
- return HttpResponseRedirect(reverse('view_product_type', args=(member.product_type.id, )))
+ return HttpResponseRedirect(reverse('view_product_type', args=(member.product_type.id, )))
add_breadcrumb(title=page_name, top_level=False, request=request)
return render(request, 'dojo/edit_product_type_member.html', {
'name': page_name,
@@ -292,11 +290,9 @@ def delete_product_type_member(request, memberid):
extra_tags='alert-success')
if is_title_in_breadcrumbs('View User'):
return HttpResponseRedirect(reverse('view_user', args=(member.user.id, )))
- else:
- if user == request.user:
- return HttpResponseRedirect(reverse('product_type'))
- else:
- return HttpResponseRedirect(reverse('view_product_type', args=(member.product_type.id, )))
+ if user == request.user:
+ return HttpResponseRedirect(reverse('product_type'))
+ return HttpResponseRedirect(reverse('view_product_type', args=(member.product_type.id, )))
add_breadcrumb(title=page_name, top_level=False, request=request)
return render(request, 'dojo/delete_product_type_member.html', {
'name': page_name,
@@ -365,8 +361,7 @@ def edit_product_type_group(request, groupid):
extra_tags='alert-success')
if is_title_in_breadcrumbs('View Group'):
return HttpResponseRedirect(reverse('view_group', args=(group.group.id,)))
- else:
- return HttpResponseRedirect(reverse('view_product_type', args=(group.product_type.id,)))
+ return HttpResponseRedirect(reverse('view_product_type', args=(group.product_type.id,)))
add_breadcrumb(title=page_name, top_level=False, request=request)
return render(request, 'dojo/edit_product_type_group.html', {
@@ -392,10 +387,9 @@ def delete_product_type_group(request, groupid):
extra_tags='alert-success')
if is_title_in_breadcrumbs('View Group'):
return HttpResponseRedirect(reverse('view_group', args=(group.group.id, )))
- else:
- # TODO: If user was in the group that was deleted and no longer has access, redirect them to the product
- # types page
- return HttpResponseRedirect(reverse('view_product_type', args=(group.product_type.id, )))
+ # TODO: If user was in the group that was deleted and no longer has access, redirect them to the product
+ # types page
+ return HttpResponseRedirect(reverse('view_product_type', args=(group.product_type.id, )))
add_breadcrumb(page_name, top_level=False, request=request)
return render(request, 'dojo/delete_product_type_group.html', {
diff --git a/dojo/regulations/views.py b/dojo/regulations/views.py
index 0bcd19bf7b9..4f77f695633 100644
--- a/dojo/regulations/views.py
+++ b/dojo/regulations/views.py
@@ -45,7 +45,7 @@ def edit_regulations(request, ttid):
'Regulation Deleted.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('regulations', ))
- elif request.method == 'POST':
+ if request.method == 'POST':
tform = RegulationForm(request.POST, instance=regulation)
if tform.is_valid():
tform.save()
diff --git a/dojo/remote_user.py b/dojo/remote_user.py
index ed48ce3190a..3d9c1a5fadf 100644
--- a/dojo/remote_user.py
+++ b/dojo/remote_user.py
@@ -20,32 +20,28 @@ def authenticate(self, request):
self.header = settings.AUTH_REMOTEUSER_USERNAME_HEADER
if self.header in request.META:
return super().authenticate(request)
- else:
- return None
- else:
- logger.debug('Requested came from untrusted proxy %s; This is list of trusted proxies: %s',
- IPAddress(request.META['REMOTE_ADDR']),
- settings.AUTH_REMOTEUSER_TRUSTED_PROXY)
return None
+ logger.debug('Requested came from untrusted proxy %s; This is list of trusted proxies: %s',
+ IPAddress(request.META['REMOTE_ADDR']),
+ settings.AUTH_REMOTEUSER_TRUSTED_PROXY)
+ return None
class RemoteUserMiddleware(OriginalRemoteUserMiddleware):
def process_request(self, request):
if not settings.AUTH_REMOTEUSER_ENABLED:
- return
+ return None
# process only if request is comming from the trusted proxy node
if IPAddress(request.META['REMOTE_ADDR']) in settings.AUTH_REMOTEUSER_TRUSTED_PROXY:
self.header = settings.AUTH_REMOTEUSER_USERNAME_HEADER
if self.header in request.META:
return super().process_request(request)
- else:
- return
- else:
- logger.debug('Requested came from untrusted proxy %s; This is list of trusted proxies: %s',
- IPAddress(request.META['REMOTE_ADDR']),
- settings.AUTH_REMOTEUSER_TRUSTED_PROXY)
- return
+ return None
+ logger.debug('Requested came from untrusted proxy %s; This is list of trusted proxies: %s',
+ IPAddress(request.META['REMOTE_ADDR']),
+ settings.AUTH_REMOTEUSER_TRUSTED_PROXY)
+ return None
class PersistentRemoteUserMiddleware(RemoteUserMiddleware):
diff --git a/dojo/reports/views.py b/dojo/reports/views.py
index b815c81eca1..f6bc2e5cdbf 100644
--- a/dojo/reports/views.py
+++ b/dojo/reports/views.py
@@ -122,8 +122,7 @@ def post(self, request: HttpRequest) -> HttpResponse:
if form.is_valid():
self._set_state(request)
return render(request, self.get_template(), self.get_context())
- else:
- raise PermissionDenied
+ raise PermissionDenied
def _set_state(self, request: HttpRequest):
self.request = request
@@ -154,10 +153,9 @@ def get_form(self, request):
def get_template(self):
if self.report_format == 'AsciiDoc':
return 'dojo/custom_asciidoc_report.html',
- elif self.report_format == 'HTML':
+ if self.report_format == 'HTML':
return 'dojo/custom_html_report.html'
- else:
- raise PermissionDenied
+ raise PermissionDenied
def get_context(self):
return {
@@ -349,7 +347,7 @@ def product_endpoint_report(request, pid):
'user': request.user,
'title': 'Generate Report',
})
- elif report_format == 'HTML':
+ if report_format == 'HTML':
return render(request,
template,
{'product_type': None,
@@ -368,8 +366,7 @@ def product_endpoint_report(request, pid):
'user': request.user,
'title': 'Generate Report',
})
- else:
- raise Http404
+ raise Http404
product_tab = Product_Tab(product, "Product Endpoint Report", tab="endpoints")
return render(request,
@@ -409,9 +406,8 @@ def generate_report(request, obj, host_view=False):
if obj is None:
msg = 'No object is given to generate report for'
raise Exception(msg)
- else:
- msg = f'Report cannot be generated for object of type {type(obj).__name__}'
- raise Exception(msg)
+ msg = f'Report cannot be generated for object of type {type(obj).__name__}'
+ raise Exception(msg)
report_format = request.GET.get('report_type', 'AsciiDoc')
include_finding_notes = int(request.GET.get('include_finding_notes', 0))
@@ -638,7 +634,7 @@ def generate_report(request, obj, host_view=False):
'host_view': host_view,
'context': context,
})
- elif report_format == 'HTML':
+ if report_format == 'HTML':
return render(request,
template,
{'product_type': product_type,
@@ -664,8 +660,7 @@ def generate_report(request, obj, host_view=False):
'context': context,
})
- else:
- raise Http404
+ raise Http404
paged_findings = get_page_items(request, findings.qs.distinct().order_by('numerical_severity'), 25)
product_tab = None
@@ -734,9 +729,8 @@ def get_findings(request):
if not url:
msg = 'Please use the report button when viewing findings'
raise Http404(msg)
- else:
- if url.startswith('url='):
- url = url[4:]
+ if url.startswith('url='):
+ url = url[4:]
views = ['all', 'open', 'inactive', 'verified',
'closed', 'accepted', 'out_of_scope',
diff --git a/dojo/risk_acceptance/helper.py b/dojo/risk_acceptance/helper.py
index 9ceedfaab47..06f3eb82fba 100644
--- a/dojo/risk_acceptance/helper.py
+++ b/dojo/risk_acceptance/helper.py
@@ -204,16 +204,14 @@ def accepted_message_creator(risk_acceptance, heads_up_days=0):
(escape_for_jira(risk_acceptance.name),
get_full_url(reverse('view_risk_acceptance', args=(risk_acceptance.engagement.id, risk_acceptance.id))),
len(risk_acceptance.accepted_findings.all()), timezone.localtime(risk_acceptance.expiration_date).strftime("%b %d, %Y"))
- else:
- return 'Finding has been risk accepted'
+ return 'Finding has been risk accepted'
def unaccepted_message_creator(risk_acceptance, heads_up_days=0):
if risk_acceptance:
return 'finding was unaccepted/deleted from risk acceptance [({})|{}]'.format(escape_for_jira(risk_acceptance.name),
get_full_url(reverse('view_risk_acceptance', args=(risk_acceptance.engagement.id, risk_acceptance.id))))
- else:
- return 'Finding is no longer risk accepted'
+ return 'Finding is no longer risk accepted'
def post_jira_comment(finding, message_factory, heads_up_days=0):
diff --git a/dojo/risk_acceptance/queries.py b/dojo/risk_acceptance/queries.py
index 2d45fb64457..d0dddfdd6ce 100644
--- a/dojo/risk_acceptance/queries.py
+++ b/dojo/risk_acceptance/queries.py
@@ -39,8 +39,6 @@ def get_authorized_risk_acceptances(permission):
product__member=Exists(authorized_product_roles),
product__prod_type__authorized_group=Exists(authorized_product_type_groups),
product__authorized_group=Exists(authorized_product_groups))
- risk_acceptances = risk_acceptances.filter(
+ return risk_acceptances.filter(
Q(product__prod_type__member=True) | Q(product__member=True)
| Q(product__prod_type__authorized_group=True) | Q(product__authorized_group=True))
-
- return risk_acceptances
diff --git a/dojo/search/views.py b/dojo/search/views.py
index 6ae591063cb..d72913f5236 100644
--- a/dojo/search/views.py
+++ b/dojo/search/views.py
@@ -401,6 +401,7 @@ def simple_search(request):
operators: {'tags': ['anchore'], 'vulnerability_id': ['CVE-2020-1234']}
keywords: ['jquery']
"""
+ return None
# it's not google grade parsing, but let's do some basic stuff right
@@ -448,8 +449,7 @@ def vulnerability_id_fix(keyword):
if vulnerability_ids:
return ' '.join(vulnerability_ids)
- else:
- return keyword
+ return keyword
def apply_tag_filters(qs, operators, skip_relations=False):
diff --git a/dojo/sla_config/views.py b/dojo/sla_config/views.py
index da0c6b6a28f..17071d9fafa 100644
--- a/dojo/sla_config/views.py
+++ b/dojo/sla_config/views.py
@@ -56,14 +56,13 @@ def edit_sla_config(request, slaid):
'SLA Configuration Deleted.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('sla_config', ))
- else:
- messages.add_message(request,
- messages.ERROR,
- 'The Default SLA Configuration cannot be deleted.',
- extra_tags='alert-danger')
- return HttpResponseRedirect(reverse('sla_config', ))
+ messages.add_message(request,
+ messages.ERROR,
+ 'The Default SLA Configuration cannot be deleted.',
+ extra_tags='alert-danger')
+ return HttpResponseRedirect(reverse('sla_config', ))
- elif request.method == 'POST':
+ if request.method == 'POST':
form = SLAConfigForm(request.POST, instance=sla_config)
if form.is_valid():
form.save(commit=True)
diff --git a/dojo/survey/views.py b/dojo/survey/views.py
index 091d68492e1..e2e1763907c 100644
--- a/dojo/survey/views.py
+++ b/dojo/survey/views.py
@@ -75,12 +75,11 @@ def delete_engagement_survey(request, eid, sid):
'Questionnaire deleted successfully.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('view_engagement', args=(engagement.id, )))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- 'Unable to delete Questionnaire.',
- extra_tags='alert-danger')
+ messages.add_message(
+ request,
+ messages.ERROR,
+ 'Unable to delete Questionnaire.',
+ extra_tags='alert-danger')
add_breadcrumb(
title="Delete " + survey.survey.name + " Questionnaire",
@@ -143,12 +142,11 @@ def answer_questionnaire(request, eid, sid):
'Successfully answered, all answers valid.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('view_engagement', args=(engagement.id, )))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- 'Questionnaire has errors, please correct.',
- extra_tags='alert-danger')
+ messages.add_message(
+ request,
+ messages.ERROR,
+ 'Questionnaire has errors, please correct.',
+ extra_tags='alert-danger')
add_breadcrumb(
title="Answer " + survey.survey.name + " Survey",
top_level=False,
@@ -241,12 +239,11 @@ def add_questionnaire(request, eid):
if 'respond_survey' in request.POST:
return HttpResponseRedirect(reverse('answer_questionnaire', args=(eid, survey.id)))
return HttpResponseRedirect(reverse('view_engagement', args=(eid,)))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- 'Questionnaire could not be added.',
- extra_tags='alert-danger')
+ messages.add_message(
+ request,
+ messages.ERROR,
+ 'Questionnaire could not be added.',
+ extra_tags='alert-danger')
form.fields["survey"].queryset = surveys
add_breadcrumb(title="Add Questionnaire", top_level=False, request=request)
@@ -288,12 +285,11 @@ def edit_questionnaire(request, sid):
'Questionnaire successfully updated, you may now add/edit questions.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('edit_questionnaire', args=(survey.id,)))
- else:
- messages.add_message(
- request,
- messages.SUCCESS,
- 'No changes detected, questionnaire not updated.',
- extra_tags='alert-warning')
+ messages.add_message(
+ request,
+ messages.SUCCESS,
+ 'No changes detected, questionnaire not updated.',
+ extra_tags='alert-warning')
if 'add_questions' in request.POST:
return HttpResponseRedirect(reverse('edit_questionnaire_questions', args=(survey.id,)))
else:
@@ -355,14 +351,12 @@ def create_questionnaire(request):
extra_tags='alert-success')
if 'add_questions' in request.POST:
return HttpResponseRedirect(reverse('edit_questionnaire_questions', args=(survey.id,)))
- else:
- return HttpResponseRedirect(reverse('questionnaire'))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- 'Please correct any errors displayed below.',
- extra_tags='alert-danger')
+ return HttpResponseRedirect(reverse('questionnaire'))
+ messages.add_message(
+ request,
+ messages.ERROR,
+ 'Please correct any errors displayed below.',
+ extra_tags='alert-danger')
add_breadcrumb(title="Create Questionnaire", top_level=False, request=request)
return render(request, 'defectDojo-engagement-survey/create_questionnaire.html', {
@@ -406,12 +400,11 @@ def edit_questionnaire_questions(request, sid):
'Questionnaire questions successfully saved.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('questionnaire'))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- 'Questionnaire questions not saved, please correct any errors displayed below.',
- extra_tags='alert-success')
+ messages.add_message(
+ request,
+ messages.ERROR,
+ 'Questionnaire questions not saved, please correct any errors displayed below.',
+ extra_tags='alert-success')
add_breadcrumb(title="Update Questionnaire Questions", top_level=False, request=request)
return render(request, 'defectDojo-engagement-survey/edit_survey_questions.html', {
@@ -483,8 +476,7 @@ def create_question(request):
'Text Question added successfully.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('questions'))
- else:
- error = True
+ error = True
elif type == 'choice':
if choiceQuestionFrom.is_valid():
@@ -506,8 +498,7 @@ def create_question(request):
'Choice Question added successfully.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('questions'))
- else:
- error = True
+ error = True
if '_popup' in request.GET and not error:
resp = f''
@@ -633,12 +624,11 @@ def add_empty_questionnaire(request):
if 'respond_survey' in request.POST:
return HttpResponseRedirect(reverse('dashboard'))
return HttpResponseRedirect(reverse('questionnaire'))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- 'Questionnaire could not be added.',
- extra_tags='alert-danger')
+ messages.add_message(
+ request,
+ messages.ERROR,
+ 'Questionnaire could not be added.',
+ extra_tags='alert-danger')
form.fields["survey"].queryset = surveys
add_breadcrumb(title="Add Empty Questionnaire", top_level=False, request=request)
@@ -690,12 +680,11 @@ def delete_empty_questionnaire(request, esid):
'Questionnaire deleted successfully.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('survey'))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- 'Unable to delete Questionnaire.',
- extra_tags='alert-danger')
+ messages.add_message(
+ request,
+ messages.ERROR,
+ 'Unable to delete Questionnaire.',
+ extra_tags='alert-danger')
add_breadcrumb(
title="Delete " + survey.survey.name + " Questionnaire",
@@ -726,12 +715,11 @@ def delete_general_questionnaire(request, esid):
'Questionnaire deleted successfully.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('questionnaire'))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- 'Unable to delete questionnaire.',
- extra_tags='alert-danger')
+ messages.add_message(
+ request,
+ messages.ERROR,
+ 'Unable to delete questionnaire.',
+ extra_tags='alert-danger')
add_breadcrumb(
title="Delete " + survey.survey.name + " Questionnaire",
@@ -810,12 +798,11 @@ def answer_empty_survey(request, esid):
extra_tags='alert-success')
return HttpResponseRedirect(
reverse('dashboard'))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- 'Questionnaire has errors, please correct.',
- extra_tags='alert-danger')
+ messages.add_message(
+ request,
+ messages.ERROR,
+ 'Questionnaire has errors, please correct.',
+ extra_tags='alert-danger')
add_breadcrumb(
title="Answer Empty " + engagement_survey.name + " Questionnaire",
top_level=False,
@@ -852,12 +839,11 @@ def engagement_empty_survey(request, esid):
'Engagement created and questionnaire successfully linked.',
extra_tags='alert-success')
return HttpResponseRedirect(reverse('edit_engagement', args=(engagement.id, )))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- 'Questionnaire could not be added.',
- extra_tags='alert-danger')
+ messages.add_message(
+ request,
+ messages.ERROR,
+ 'Questionnaire could not be added.',
+ extra_tags='alert-danger')
add_breadcrumb(
title="Link Questionnaire to new Engagement",
top_level=False,
diff --git a/dojo/system_settings/views.py b/dojo/system_settings/views.py
index 365f06ca635..c01f45513b7 100644
--- a/dojo/system_settings/views.py
+++ b/dojo/system_settings/views.py
@@ -116,7 +116,7 @@ def get_celery_status(
context["celery_msg"] = "Celery needs to have the setting CELERY_RESULT_BACKEND = 'db+sqlite:///dojo.celeryresults.sqlite' set in settings.py."
context["celery_status"] = "Unknown"
- return None
+ return
def get_template(self) -> str:
return "dojo/system_settings.html"
diff --git a/dojo/tags_signals.py b/dojo/tags_signals.py
index 10869a5f282..e72984be6c4 100644
--- a/dojo/tags_signals.py
+++ b/dojo/tags_signals.py
@@ -77,3 +77,4 @@ def get_product(instance):
return instance.engagement.product
if isinstance(instance, Finding):
return instance.test.engagement.product
+ return None
diff --git a/dojo/templatetags/display_tags.py b/dojo/templatetags/display_tags.py
index 514cc685df7..9c566af365e 100644
--- a/dojo/templatetags/display_tags.py
+++ b/dojo/templatetags/display_tags.py
@@ -86,6 +86,7 @@ def markdown_render(value):
'markdown.extensions.toc',
'markdown.extensions.tables'])
return mark_safe(bleach.clean(markdown_text, tags=markdown_tags, attributes=markdown_attrs, css_sanitizer=markdown_styles))
+ return None
def text_shortener(value, length):
@@ -377,8 +378,7 @@ def overdue(date1):
def notspecified(text):
if text:
return text
- else:
- return mark_safe('Not Specified')
+ return mark_safe('Not Specified')
@register.tag
@@ -507,32 +507,29 @@ def business_criticality_icon(value):
return mark_safe(stars(1, 5, 'Very Low'))
if value == Product.NONE_CRITICALITY:
return mark_safe(stars(0, 5, 'None'))
- else:
- return "" # mark_safe(not_specified_icon('Business Criticality Not Specified'))
+ return "" # mark_safe(not_specified_icon('Business Criticality Not Specified'))
@register.filter
def last_value(value):
if "/" in value:
return value.rsplit("/")[-1:][0]
- else:
- return value
+ return value
@register.filter
def platform_icon(value):
if value == Product.WEB_PLATFORM:
return mark_safe(icon('list-alt', 'Web'))
- elif value == Product.DESKTOP_PLATFORM:
+ if value == Product.DESKTOP_PLATFORM:
return mark_safe(icon('desktop', 'Desktop'))
- elif value == Product.MOBILE_PLATFORM:
+ if value == Product.MOBILE_PLATFORM:
return mark_safe(icon('mobile', 'Mobile'))
- elif value == Product.WEB_SERVICE_PLATFORM:
+ if value == Product.WEB_SERVICE_PLATFORM:
return mark_safe(icon('plug', 'Web Service'))
- elif value == Product.IOT:
+ if value == Product.IOT:
return mark_safe(icon('random', 'Internet of Things'))
- else:
- return "" # mark_safe(not_specified_icon('Platform Not Specified'))
+ return "" # mark_safe(not_specified_icon('Platform Not Specified'))
@register.filter
@@ -543,8 +540,7 @@ def lifecycle_icon(value):
return mark_safe(icon('ship', 'Sustain'))
if value == Product.RETIREMENT:
return mark_safe(icon('moon-o', 'Retire'))
- else:
- return "" # mark_safe(not_specified_icon('Lifecycle Not Specified'))
+ return "" # mark_safe(not_specified_icon('Lifecycle Not Specified'))
@register.filter
@@ -561,24 +557,21 @@ def origin_icon(value):
return mark_safe(icon('code', 'Open Source'))
if value == Product.OUTSOURCED_ORIGIN:
return mark_safe(icon('globe', 'Outsourced'))
- else:
- return "" # mark_safe(not_specified_icon('Origin Not Specified'))
+ return "" # mark_safe(not_specified_icon('Origin Not Specified'))
@register.filter
def external_audience_icon(value):
if value:
return mark_safe(icon('users', 'External Audience'))
- else:
- return ''
+ return ''
@register.filter
def internet_accessible_icon(value):
if value:
return mark_safe(icon('cloud', 'Internet Accessible'))
- else:
- return ''
+ return ''
@register.filter
@@ -703,9 +696,7 @@ def get_severity_count(id, table):
elif table == "product":
display_counts.append("Total: " + str(total) + " Active Findings")
- display_counts = ", ".join([str(item) for item in display_counts])
-
- return display_counts
+ return ", ".join([str(item) for item in display_counts])
@register.filter
@@ -793,8 +784,7 @@ def first_vulnerability_id(finding):
vulnerability_ids = finding.vulnerability_ids
if vulnerability_ids:
return vulnerability_ids[0]
- else:
- return None
+ return None
@register.filter
@@ -805,8 +795,7 @@ def additional_vulnerability_ids(finding):
for vulnerability_id in vulnerability_ids[1:]:
references.append(vulnerability_id)
return references
- else:
- return None
+ return None
@register.filter
diff --git a/dojo/templatetags/event_tags.py b/dojo/templatetags/event_tags.py
index 1c69ab8d8fb..3a00c9a9473 100644
--- a/dojo/templatetags/event_tags.py
+++ b/dojo/templatetags/event_tags.py
@@ -80,7 +80,6 @@ def nice_title(title):
pat = re.compile(r'Finding [0-9][0-9][0-9]:*')
s = pat.split(title, 2)
try:
- ret = s[1]
- return ret
+ return s[1]
except:
return title
diff --git a/dojo/templatetags/get_attribute.py b/dojo/templatetags/get_attribute.py
index 625a722c4fa..1840ae734b5 100644
--- a/dojo/templatetags/get_attribute.py
+++ b/dojo/templatetags/get_attribute.py
@@ -8,5 +8,4 @@ def get_attribute(obj, name):
if hasattr(obj, name):
return getattr(obj, name)
- else:
- return ''
+ return ''
diff --git a/dojo/templatetags/get_banner.py b/dojo/templatetags/get_banner.py
index da1a0f2e010..11e280c6c21 100644
--- a/dojo/templatetags/get_banner.py
+++ b/dojo/templatetags/get_banner.py
@@ -22,9 +22,7 @@ def get_banner_conf(attribute):
value,
attributes=allowed_attributes,
css_sanitizer=CSSSanitizer(allowed_css_properties=['color', 'font-weight'])))
- else:
- return value
- else:
- return False
+ return value
+ return False
except Exception:
return False
diff --git a/dojo/templatetags/get_config_setting.py b/dojo/templatetags/get_config_setting.py
index 1425985c4cd..ca917968b75 100644
--- a/dojo/templatetags/get_config_setting.py
+++ b/dojo/templatetags/get_config_setting.py
@@ -9,7 +9,5 @@ def get_config_setting(config_setting):
if hasattr(settings, config_setting):
if getattr(settings, config_setting, None):
return True
- else:
- return False
- else:
return False
+ return False
diff --git a/dojo/templatetags/get_endpoint_status.py b/dojo/templatetags/get_endpoint_status.py
index c3dbfd9cead..3dca96a02ee 100644
--- a/dojo/templatetags/get_endpoint_status.py
+++ b/dojo/templatetags/get_endpoint_status.py
@@ -43,8 +43,7 @@ def endpoint_display_status(endpoint, finding):
statuses.append("Mitigated")
if statuses:
return ', '.join(statuses)
- else:
- return "Active"
+ return "Active"
@register.filter
diff --git a/dojo/templatetags/get_note_status.py b/dojo/templatetags/get_note_status.py
index 17aff8a8f04..2e9c63a5661 100644
--- a/dojo/templatetags/get_note_status.py
+++ b/dojo/templatetags/get_note_status.py
@@ -7,3 +7,4 @@
def get_public_notes(notes):
if notes:
return notes.filter(private=False)
+ return None
diff --git a/dojo/templatetags/get_notetype_availability.py b/dojo/templatetags/get_notetype_availability.py
index e3529ab97d3..8ed823af612 100644
--- a/dojo/templatetags/get_notetype_availability.py
+++ b/dojo/templatetags/get_notetype_availability.py
@@ -7,6 +7,4 @@
def get_notetype_notes_count(notes):
notes_without_type = notes.filter(note_type=None).count()
notes_count = notes.count()
- notes_with_type = notes_count - notes_without_type
-
- return notes_with_type
+ return notes_count - notes_without_type
diff --git a/dojo/test/queries.py b/dojo/test/queries.py
index 29400451a0d..403be375ef8 100644
--- a/dojo/test/queries.py
+++ b/dojo/test/queries.py
@@ -46,14 +46,12 @@ def get_authorized_tests(permission, product=None):
engagement__product__prod_type__authorized_group=Exists(authorized_product_type_groups),
engagement__product__authorized_group=Exists(authorized_product_groups))
- tests = tests.filter(
+ return tests.filter(
Q(engagement__product__prod_type__member=True)
| Q(engagement__product__member=True)
| Q(engagement__product__prod_type__authorized_group=True)
| Q(engagement__product__authorized_group=True))
- return tests
-
def get_authorized_test_imports(permission):
user = get_current_user()
@@ -89,10 +87,8 @@ def get_authorized_test_imports(permission):
test__engagement__product__member=Exists(authorized_product_roles),
test__engagement__product__prod_type__authorized_group=Exists(authorized_product_type_groups),
test__engagement__product__authorized_group=Exists(authorized_product_groups))
- test_imports = test_imports.filter(
+ return test_imports.filter(
Q(test__engagement__product__prod_type__member=True)
| Q(test__engagement__product__member=True)
| Q(test__engagement__product__prod_type__authorized_group=True)
| Q(test__engagement__product__authorized_group=True))
-
- return test_imports
diff --git a/dojo/test/views.py b/dojo/test/views.py
index d15d518863d..105ada4f242 100644
--- a/dojo/test/views.py
+++ b/dojo/test/views.py
@@ -380,12 +380,11 @@ def copy_test(request, tid):
recipients=[test.engagement.lead],
icon="exclamation-triangle")
return redirect_to_return_url_or_else(request, reverse('view_engagement', args=(engagement.id, )))
- else:
- messages.add_message(
- request,
- messages.ERROR,
- 'Unable to copy test, please try again.',
- extra_tags='alert-danger')
+ messages.add_message(
+ request,
+ messages.ERROR,
+ 'Unable to copy test, please try again.',
+ extra_tags='alert-danger')
product_tab = Product_Tab(product, title="Copy Test", tab="engagements")
return render(request, 'dojo/copy_object.html', {
@@ -539,9 +538,8 @@ def process_finding_form(self, request: HttpRequest, test: Test, context: dict):
finding.save()
return finding, request, True
- else:
- add_error_message_to_response("The form has errors, please correct them below.")
- add_field_errors_to_response(context["form"])
+ add_error_message_to_response("The form has errors, please correct them below.")
+ add_field_errors_to_response(context["form"])
return finding, request, False
@@ -583,8 +581,7 @@ def process_jira_form(self, request: HttpRequest, finding: Finding, context: dic
)
return request, True, push_to_jira
- else:
- add_field_errors_to_response(context["jform"])
+ add_field_errors_to_response(context["jform"])
return request, False, False
@@ -664,10 +661,8 @@ def post(self, request: HttpRequest, test_id: int):
if success:
if '_Finished' in request.POST:
return HttpResponseRedirect(reverse('view_test', args=(test.id,)))
- else:
- return HttpResponseRedirect(reverse('add_findings', args=(test.id,)))
- else:
- context["form_error"] = True
+ return HttpResponseRedirect(reverse('add_findings', args=(test.id,)))
+ context["form_error"] = True
# Render the form
return render(request, self.get_template(), context)
@@ -746,11 +741,10 @@ def add_temp_finding(request, tid, fid):
extra_tags='alert-success')
return HttpResponseRedirect(reverse('view_test', args=(test.id,)))
- else:
- messages.add_message(request,
- messages.ERROR,
- _('The form has errors, please correct them below.'),
- extra_tags='alert-danger')
+ messages.add_message(request,
+ messages.ERROR,
+ _('The form has errors, please correct them below.'),
+ extra_tags='alert-danger')
else:
form = AddFindingForm(req_resp=None, product=test.engagement.product, initial={'active': False,
@@ -822,8 +816,7 @@ def get_form(
"""
if request.method == "POST":
return ReImportScanForm(request.POST, request.FILES, test=test, **kwargs)
- else:
- return ReImportScanForm(test=test, **kwargs)
+ return ReImportScanForm(test=test, **kwargs)
def get_jira_form(
self,
diff --git a/dojo/tool_config/factory.py b/dojo/tool_config/factory.py
index 8a1bb203f40..2e83815338a 100644
--- a/dojo/tool_config/factory.py
+++ b/dojo/tool_config/factory.py
@@ -19,5 +19,4 @@ def create_API(tool_configuration):
if tool_configuration.tool_type.name in SCAN_APIS:
api_class = SCAN_APIS.get(tool_configuration.tool_type.name)
return api_class(tool_configuration)
- else:
- return None
+ return None
diff --git a/dojo/tool_product/queries.py b/dojo/tool_product/queries.py
index b098ef050a9..54c982695de 100644
--- a/dojo/tool_product/queries.py
+++ b/dojo/tool_product/queries.py
@@ -39,8 +39,6 @@ def get_authorized_tool_product_settings(permission):
product__member=Exists(authorized_product_roles),
product__prod_type__authorized_group=Exists(authorized_product_type_groups),
product__authorized_group=Exists(authorized_product_groups))
- tool_product_settings = tool_product_settings.filter(
+ return tool_product_settings.filter(
Q(product__prod_type__member=True) | Q(product__member=True)
| Q(product__prod_type__authorized_group=True) | Q(product__authorized_group=True))
-
- return tool_product_settings
diff --git a/dojo/tool_product/views.py b/dojo/tool_product/views.py
index 1564cb0ad52..83cdea4cdd1 100644
--- a/dojo/tool_product/views.py
+++ b/dojo/tool_product/views.py
@@ -102,8 +102,7 @@ def delete_tool_product(request, pid, ttid):
_('Tool Product Successfully Deleted.'),
extra_tags='alert-success')
return HttpResponseRedirect(reverse('all_tool_product', args=(pid, )))
- else:
- tform = ToolProductSettingsForm(instance=tool_product)
+ tform = ToolProductSettingsForm(instance=tool_product)
product_tab = Product_Tab(product, title=_("Delete Product Tool Configuration"), tab="settings")
diff --git a/dojo/tools/acunetix/parse_acunetix_xml.py b/dojo/tools/acunetix/parse_acunetix_xml.py
index ae6ca8d5ee5..6b8f6ac6a04 100644
--- a/dojo/tools/acunetix/parse_acunetix_xml.py
+++ b/dojo/tools/acunetix/parse_acunetix_xml.py
@@ -145,8 +145,7 @@ def get_cwe_number(self, cwe):
"""
if cwe is None:
return None
- else:
- return int(cwe.split("-")[1])
+ return int(cwe.split("-")[1])
def get_severity(self, severity):
"""
@@ -156,14 +155,13 @@ def get_severity(self, severity):
"""
if severity == "high":
return "High"
- elif severity == "medium":
+ if severity == "medium":
return "Medium"
- elif severity == "low":
+ if severity == "low":
return "Low"
- elif severity == "informational":
+ if severity == "informational":
return "Info"
- else:
- return "Critical"
+ return "Critical"
def get_false_positive(self, false_p):
"""
@@ -173,5 +171,4 @@ def get_false_positive(self, false_p):
"""
if false_p:
return True
- else:
- return False
+ return False
diff --git a/dojo/tools/acunetix/parser.py b/dojo/tools/acunetix/parser.py
index 272f295acf4..9c1100d3a89 100644
--- a/dojo/tools/acunetix/parser.py
+++ b/dojo/tools/acunetix/parser.py
@@ -17,5 +17,6 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, filename, test):
if '.xml' in str(filename):
return AcunetixXMLParser().get_findings(filename, test)
- elif '.json' in str(filename):
+ if '.json' in str(filename):
return AcunetixJSONParser().get_findings(filename, test)
+ return None
diff --git a/dojo/tools/anchore_grype/parser.py b/dojo/tools/anchore_grype/parser.py
index 395955b1eba..d9e144e851e 100644
--- a/dojo/tools/anchore_grype/parser.py
+++ b/dojo/tools/anchore_grype/parser.py
@@ -187,10 +187,9 @@ def get_findings(self, file, test):
def _convert_severity(self, val):
if "Unknown" == val:
return "Info"
- elif "Negligible" == val:
+ if "Negligible" == val:
return "Info"
- else:
- return val.title()
+ return val.title()
def get_cvss(self, cvss):
if cvss:
@@ -213,5 +212,4 @@ def get_vulnerability_ids(self, vuln_id, related_vulnerabilities):
vulnerability_ids.append(related_vulnerability.get("id"))
if vulnerability_ids:
return vulnerability_ids
- else:
- return None
+ return None
diff --git a/dojo/tools/api_blackduck/api_client.py b/dojo/tools/api_blackduck/api_client.py
index 6d5342d580c..e0bfb29e163 100644
--- a/dojo/tools/api_blackduck/api_client.py
+++ b/dojo/tools/api_blackduck/api_client.py
@@ -36,11 +36,13 @@ def get_project_by_name(self, project_name):
for project in self.client.get_resource("projects"):
if project["name"] == project_name:
return project
+ return None
def get_version_by_name(self, project, version_name):
for version in self.client.get_resource("versions", project):
if version["versionName"] == version_name:
return version
+ return None
def get_vulnerable_bom_components(self, version):
return self.client.get_resource("vulnerable-components", version)
diff --git a/dojo/tools/api_bugcrowd/api_client.py b/dojo/tools/api_bugcrowd/api_client.py
index 6bed971e31a..a4acdb4ab45 100644
--- a/dojo/tools/api_bugcrowd/api_client.py
+++ b/dojo/tools/api_bugcrowd/api_client.py
@@ -112,18 +112,16 @@ def test_connection(self):
f"you can use these as Service key 1 for filtering submissions "
f'You also have targets "{target_names}" that can be used in Service key 2'
)
- else:
- msg = (
- "Bugcrowd API test not successful, no targets were defined in Bugcrowd which is used for "
- f"filtering, check your configuration, HTTP response was: {response_targets.text}"
- )
- raise Exception(msg)
- else:
msg = (
- "Bugcrowd API test not successful, could not retrieve the programs or submissions, check your "
- f"configuration, HTTP response for programs was: {response_programs.text}, HTTP response for submissions was: {response_subs.text}"
+ "Bugcrowd API test not successful, no targets were defined in Bugcrowd which is used for "
+ f"filtering, check your configuration, HTTP response was: {response_targets.text}"
)
raise Exception(msg)
+ msg = (
+ "Bugcrowd API test not successful, could not retrieve the programs or submissions, check your "
+ f"configuration, HTTP response for programs was: {response_programs.text}, HTTP response for submissions was: {response_subs.text}"
+ )
+ raise Exception(msg)
def test_product_connection(self, api_scan_configuration):
submissions = []
diff --git a/dojo/tools/api_bugcrowd/parser.py b/dojo/tools/api_bugcrowd/parser.py
index 6ad71f295ca..427d5ba89b1 100644
--- a/dojo/tools/api_bugcrowd/parser.py
+++ b/dojo/tools/api_bugcrowd/parser.py
@@ -199,13 +199,12 @@ def include_finding(self, entry):
if entry["attributes"]["state"] in allowed_states:
return True
- else:
- msg = (
- "{} not in allowed bugcrowd submission states".format(
- entry["attributes"]["state"]
- )
+ msg = (
+ "{} not in allowed bugcrowd submission states".format(
+ entry["attributes"]["state"]
)
- raise ValueError(msg)
+ )
+ raise ValueError(msg)
def convert_log_timestamp(self, timestamp):
"""Convert a log entry's timestamp to a DefectDojo date"""
@@ -216,16 +215,15 @@ def convert_severity(self, bugcrowd_severity):
"""Convert severity value"""
if bugcrowd_severity == 5:
return "Info"
- elif bugcrowd_severity == 4:
+ if bugcrowd_severity == 4:
return "Low"
- elif bugcrowd_severity == 3:
+ if bugcrowd_severity == 3:
return "Medium"
- elif bugcrowd_severity == 2:
+ if bugcrowd_severity == 2:
return "High"
- elif bugcrowd_severity == 1:
+ if bugcrowd_severity == 1:
return "Critical"
- else:
- return "Info"
+ return "Info"
def is_active(self, bugcrowd_state):
return (bugcrowd_state == "unresolved") or not (
diff --git a/dojo/tools/api_cobalt/api_client.py b/dojo/tools/api_cobalt/api_client.py
index 36f37d734db..b37b3f06538 100644
--- a/dojo/tools/api_cobalt/api_client.py
+++ b/dojo/tools/api_cobalt/api_client.py
@@ -41,13 +41,12 @@ def get_assets(self):
if response.ok:
return response.json().get("data")
- else:
- msg = (
- "Unable to get assets due to {} - {}".format(
- response.status_code, response.content.decode("utf-8")
- )
+ msg = (
+ "Unable to get assets due to {} - {}".format(
+ response.status_code, response.content.decode("utf-8")
)
- raise Exception(msg)
+ )
+ raise Exception(msg)
def get_findings(self, asset_id):
"""
@@ -62,13 +61,12 @@ def get_findings(self, asset_id):
if response.ok:
return response.json()
- else:
- msg = (
- "Unable to get asset findings due to {} - {}".format(
- response.status_code, response.content.decode("utf-8")
- )
+ msg = (
+ "Unable to get asset findings due to {} - {}".format(
+ response.status_code, response.content.decode("utf-8")
)
- raise Exception(msg)
+ )
+ raise Exception(msg)
def test_connection(self):
# Request orgs for the org name
@@ -91,14 +89,13 @@ def test_connection(self):
org = list(orgs)[0]
org_name = org["resource"]["name"]
return f'You have access to the "{org_name}" organization'
- else:
- msg = (
- "Connection failed (error: {} - {})".format(
- response_assets.status_code,
- response_assets.content.decode("utf-8"),
- )
+ msg = (
+ "Connection failed (error: {} - {})".format(
+ response_assets.status_code,
+ response_assets.content.decode("utf-8"),
)
- raise Exception(msg)
+ )
+ raise Exception(msg)
def test_product_connection(self, api_scan_configuration):
asset = self.get_asset(api_scan_configuration.service_key_1)
diff --git a/dojo/tools/api_cobalt/importer.py b/dojo/tools/api_cobalt/importer.py
index 068745cfee7..8c74c6c8cfe 100644
--- a/dojo/tools/api_cobalt/importer.py
+++ b/dojo/tools/api_cobalt/importer.py
@@ -16,8 +16,7 @@ class CobaltApiImporter:
def get_findings(self, test):
client, config = self.prepare_client(test)
- findings = client.get_findings(config.service_key_1)
- return findings
+ return client.get_findings(config.service_key_1)
def prepare_client(self, test):
product = test.engagement.product
diff --git a/dojo/tools/api_cobalt/parser.py b/dojo/tools/api_cobalt/parser.py
index df0425d92b4..2a6b23d6006 100644
--- a/dojo/tools/api_cobalt/parser.py
+++ b/dojo/tools/api_cobalt/parser.py
@@ -132,8 +132,7 @@ def include_finding(self, resource):
if resource["state"] in allowed_states:
return True
- else:
- return False
+ return False
def convert_endpoints(self, affected_targets):
"""Convert Cobalt affected_targets into DefectDojo endpoints"""
@@ -152,16 +151,15 @@ def convert_severity(self, cobalt_severity):
"""Convert severity value"""
if cobalt_severity == "informational":
return "Info"
- elif cobalt_severity == "low":
+ if cobalt_severity == "low":
return "Low"
- elif cobalt_severity == "medium":
+ if cobalt_severity == "medium":
return "Medium"
- elif cobalt_severity == "high":
+ if cobalt_severity == "high":
return "High"
- elif cobalt_severity == "critical":
+ if cobalt_severity == "critical":
return "Critical"
- else:
- return "Info"
+ return "Info"
def is_active(self, cobalt_state):
return (
diff --git a/dojo/tools/api_edgescan/api_client.py b/dojo/tools/api_edgescan/api_client.py
index e74c6b94095..c7fdc735172 100644
--- a/dojo/tools/api_edgescan/api_client.py
+++ b/dojo/tools/api_edgescan/api_client.py
@@ -28,6 +28,7 @@ def get_extra_options(tool_config):
except (JSONDecodeError, TypeError):
msg = "JSON not provided in Extras field."
raise ValueError(msg)
+ return None
def get_findings(self, asset_ids):
if asset_ids:
@@ -47,14 +48,12 @@ def get_findings(self, asset_ids):
return response.json()
def get_headers(self):
- headers = {
+ return {
"X-API-TOKEN": self.api_key,
"Content-Type": "application/json",
"User-Agent": "DefectDojo",
}
- return headers
-
def get_proxies(self):
if self.options and "proxy" in self.options:
return {"https": self.options["proxy"]}
diff --git a/dojo/tools/api_edgescan/importer.py b/dojo/tools/api_edgescan/importer.py
index e740051afa0..136a6ddd4db 100644
--- a/dojo/tools/api_edgescan/importer.py
+++ b/dojo/tools/api_edgescan/importer.py
@@ -12,8 +12,7 @@ class EdgescanImporter:
def get_findings(self, test):
client, config = self.prepare_client(test)
- findings = client.get_findings(config.service_key_1)
- return findings
+ return client.get_findings(config.service_key_1)
def prepare_client(self, test):
product = test.engagement.product
diff --git a/dojo/tools/api_sonarqube/importer.py b/dojo/tools/api_sonarqube/importer.py
index 79794e3a569..5acddcb12dc 100644
--- a/dojo/tools/api_sonarqube/importer.py
+++ b/dojo/tools/api_sonarqube/importer.py
@@ -356,32 +356,31 @@ def clean_cwe(raw_html):
search = re.search(r"CWE-(\d+)", raw_html)
if search:
return int(search.group(1))
+ return None
@staticmethod
def convert_sonar_severity(sonar_severity):
sev = sonar_severity.lower()
if sev == "blocker":
return "Critical"
- elif sev == "critical":
+ if sev == "critical":
return "High"
- elif sev == "major":
+ if sev == "major":
return "Medium"
- elif sev == "minor":
+ if sev == "minor":
return "Low"
- else:
- return "Info"
+ return "Info"
@staticmethod
def convert_scanner_confidence(sonar_scanner_confidence):
sev = sonar_scanner_confidence.lower()
if sev == "high":
return 1
- elif sev == "medium":
+ if sev == "medium":
return 4
- elif sev == "low":
- return 7
- else:
+ if sev == "low":
return 7
+ return 7
@staticmethod
def get_references(vuln_details):
diff --git a/dojo/tools/api_sonarqube/updater.py b/dojo/tools/api_sonarqube/updater.py
index 67c724660d9..2ab05db9185 100644
--- a/dojo/tools/api_sonarqube/updater.py
+++ b/dojo/tools/api_sonarqube/updater.py
@@ -72,7 +72,7 @@ def get_sonarqube_required_transitions_for(
):
# If current and target is the same... do nothing
if current_status == target_status:
- return
+ return None
# Check if there is at least one transition from current_status...
if not [
@@ -80,7 +80,7 @@ def get_sonarqube_required_transitions_for(
for x in self.MAPPING_SONARQUBE_STATUS_TRANSITION
if current_status in x.get("from")
]:
- return
+ return None
# Starting from target_status... find out possible origin statuses that
# can transition to target_status
@@ -113,6 +113,8 @@ def get_sonarqube_required_transitions_for(
if possible_transition:
transitions_result.extendleft(possible_transition)
return list(transitions_result)
+ return None
+ return None
def update_sonarqube_finding(self, finding):
sonarqube_issue = finding.sonarqube_issue
diff --git a/dojo/tools/api_vulners/importer.py b/dojo/tools/api_vulners/importer.py
index 89950ae97d7..a6662978314 100644
--- a/dojo/tools/api_vulners/importer.py
+++ b/dojo/tools/api_vulners/importer.py
@@ -16,13 +16,11 @@ class VulnersImporter:
def get_findings(self, test):
client, _config = self.prepare_client(test)
- findings = client.get_findings()
- return findings
+ return client.get_findings()
def get_vulns_description(self, test, vulns_id):
client, _config = self.prepare_client(test)
- description = client.get_vulns_description(vulns_id)
- return description
+ return client.get_vulns_description(vulns_id)
def prepare_client(self, test):
product = test.engagement.product
diff --git a/dojo/tools/appspider/parser.py b/dojo/tools/appspider/parser.py
index bf9ed6eb415..d6ccf54611c 100644
--- a/dojo/tools/appspider/parser.py
+++ b/dojo/tools/appspider/parser.py
@@ -18,7 +18,7 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, filename, test):
if filename is None:
- return
+ return None
vscan = ElementTree.parse(filename)
root = vscan.getroot()
diff --git a/dojo/tools/aqua/parser.py b/dojo/tools/aqua/parser.py
index d6ea61edc9a..2ba97db3614 100644
--- a/dojo/tools/aqua/parser.py
+++ b/dojo/tools/aqua/parser.py
@@ -158,22 +158,20 @@ def aqua_severity_of(score):
return "High"
if score == "medium":
return "Medium"
- elif score == "low":
+ if score == "low":
return "Low"
- elif score == "negligible":
+ if score == "negligible":
return "Info"
- else:
- return "Critical"
+ return "Critical"
def severity_of(score):
if score == 0:
return "Info"
- elif score < 4:
+ if score < 4:
return "Low"
- elif 4.0 < score < 7.0:
+ if 4.0 < score < 7.0:
return "Medium"
- elif 7.0 < score < 9.0:
+ if 7.0 < score < 9.0:
return "High"
- else:
- return "Critical"
+ return "Critical"
diff --git a/dojo/tools/asff/parser.py b/dojo/tools/asff/parser.py
index 3b01ef7c3e3..d82571b0986 100644
--- a/dojo/tools/asff/parser.py
+++ b/dojo/tools/asff/parser.py
@@ -85,7 +85,7 @@ def get_findings(self, file, test):
def get_severity(self, data):
if data.get("Label"):
return SEVERITY_MAPPING[data.get("Label")]
- elif isinstance(data.get("Normalized"), int):
+ if isinstance(data.get("Normalized"), int):
# 0 - INFORMATIONAL
# 1–39 - LOW
# 40–69 - MEDIUM
@@ -93,12 +93,11 @@ def get_severity(self, data):
# 90–100 - CRITICAL
if data.get("Normalized") > 89:
return "Critical"
- elif data.get("Normalized") > 69:
+ if data.get("Normalized") > 69:
return "High"
- elif data.get("Normalized") > 39:
+ if data.get("Normalized") > 39:
return "Medium"
- elif data.get("Normalized") > 0:
+ if data.get("Normalized") > 0:
return "Low"
- else:
- return "Info"
+ return "Info"
return None
diff --git a/dojo/tools/auditjs/parser.py b/dojo/tools/auditjs/parser.py
index 678e11e8e6f..42021ce6ab1 100644
--- a/dojo/tools/auditjs/parser.py
+++ b/dojo/tools/auditjs/parser.py
@@ -25,14 +25,13 @@ def get_severity(self, cvss):
cvss = float(cvss)
if cvss > 0 and cvss < 4:
return "Low"
- elif cvss >= 4 and cvss < 7:
+ if cvss >= 4 and cvss < 7:
return "Medium"
- elif cvss >= 7 and cvss < 9:
+ if cvss >= 7 and cvss < 9:
return "High"
- elif cvss >= 9:
+ if cvss >= 9:
return "Critical"
- else:
- return "Informational"
+ return "Informational"
def get_findings(self, filename, test):
try:
diff --git a/dojo/tools/aws_prowler/parser.py b/dojo/tools/aws_prowler/parser.py
index 4a1ed7af917..b00c316f19b 100644
--- a/dojo/tools/aws_prowler/parser.py
+++ b/dojo/tools/aws_prowler/parser.py
@@ -23,11 +23,10 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, file, test):
if file.name.lower().endswith(".csv"):
return self.process_csv(file, test)
- elif file.name.lower().endswith(".json"):
+ if file.name.lower().endswith(".json"):
return self.process_json(file, test)
- else:
- msg = "Unknown file format"
- raise ValueError(msg)
+ msg = "Unknown file format"
+ raise ValueError(msg)
def process_csv(self, file, test):
content = file.read()
@@ -218,8 +217,7 @@ def process_json(self, file, test):
def formatview(self, depth):
if depth > 1:
return "* "
- else:
- return ""
+ return ""
# Criticality rating
def getCriticalityRating(self, result, level, severity):
@@ -233,10 +231,9 @@ def getCriticalityRating(self, result, level, severity):
if severity == "Informational":
return "Low"
return severity
+ if level == "Level 1":
+ criticality = "Critical"
else:
- if level == "Level 1":
- criticality = "Critical"
- else:
- criticality = "High"
+ criticality = "High"
return criticality
diff --git a/dojo/tools/aws_prowler_v3/parser.py b/dojo/tools/aws_prowler_v3/parser.py
index 60f7a5dc7e8..e106080282e 100644
--- a/dojo/tools/aws_prowler_v3/parser.py
+++ b/dojo/tools/aws_prowler_v3/parser.py
@@ -22,9 +22,8 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, file, test):
if file.name.lower().endswith('.json'):
return self.process_json(file, test)
- else:
- msg = 'Unknown file format'
- raise ValueError(msg)
+ msg = 'Unknown file format'
+ raise ValueError(msg)
def process_json(self, file, test):
dupes = {}
@@ -100,5 +99,4 @@ def process_json(self, file, test):
def formatview(self, depth):
if depth > 1:
return "* "
- else:
- return ""
+ return ""
diff --git a/dojo/tools/azure_security_center_recommendations/parser.py b/dojo/tools/azure_security_center_recommendations/parser.py
index e4f02cf3b83..a0a2c00be9f 100644
--- a/dojo/tools/azure_security_center_recommendations/parser.py
+++ b/dojo/tools/azure_security_center_recommendations/parser.py
@@ -22,9 +22,8 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, file, test):
if file.name.lower().endswith(".csv"):
return self.process_csv(file, test)
- else:
- msg = "Unknown file format"
- raise ValueError(msg)
+ msg = "Unknown file format"
+ raise ValueError(msg)
def process_csv(self, file, test):
content = file.read()
diff --git a/dojo/tools/bandit/parser.py b/dojo/tools/bandit/parser.py
index b2096488478..50b41e6a616 100644
--- a/dojo/tools/bandit/parser.py
+++ b/dojo/tools/bandit/parser.py
@@ -66,9 +66,8 @@ def get_findings(self, filename, test):
def convert_confidence(self, value):
if "high" == value.lower():
return 2
- elif "medium" == value.lower():
+ if "medium" == value.lower():
return 3
- elif "low" == value.lower():
+ if "low" == value.lower():
return 6
- else:
- return None
+ return None
diff --git a/dojo/tools/bearer_cli/parser.py b/dojo/tools/bearer_cli/parser.py
index 0aca0bcbe43..1e86dd01ca4 100644
--- a/dojo/tools/bearer_cli/parser.py
+++ b/dojo/tools/bearer_cli/parser.py
@@ -29,8 +29,7 @@ def get_findings(self, file, test):
if bearerfinding["fingerprint"] in dupes:
continue
- else:
- dupes.add(bearerfinding["fingerprint"])
+ dupes.add(bearerfinding["fingerprint"])
finding = Finding(
title=bearerfinding["title"] + " in " + bearerfinding["filename"] + ":" + str(bearerfinding["line_number"]),
diff --git a/dojo/tools/blackduck/importer.py b/dojo/tools/blackduck/importer.py
index 7c1e098a374..b9e82bc21f7 100644
--- a/dojo/tools/blackduck/importer.py
+++ b/dojo/tools/blackduck/importer.py
@@ -24,8 +24,7 @@ def parse_findings(self, report: Path) -> Iterable[BlackduckFinding]:
if zipfile.is_zipfile(str(report)):
return self._process_zipfile(report)
- else:
- return self._process_csvfile(report)
+ return self._process_csvfile(report)
def _process_csvfile(self, report):
"""
diff --git a/dojo/tools/blackduck/parser.py b/dojo/tools/blackduck/parser.py
index 4b21c28619f..02e534814d0 100644
--- a/dojo/tools/blackduck/parser.py
+++ b/dojo/tools/blackduck/parser.py
@@ -28,10 +28,9 @@ def get_findings(self, filename, test):
def normalize_findings(self, filename):
importer = BlackduckImporter()
- findings = sorted(
+ return sorted(
importer.parse_findings(filename), key=lambda f: f.vuln_id
)
- return findings
def ingest_findings(self, normalized_findings, test):
dupes = {}
diff --git a/dojo/tools/blackduck_binary_analysis/parser.py b/dojo/tools/blackduck_binary_analysis/parser.py
index 2f0523223e3..e120b8299ed 100644
--- a/dojo/tools/blackduck_binary_analysis/parser.py
+++ b/dojo/tools/blackduck_binary_analysis/parser.py
@@ -29,10 +29,9 @@ def get_findings(self, filename, test):
def sort_findings(self, filename):
importer = BlackduckBinaryAnalysisImporter()
- findings = sorted(
+ return sorted(
importer.parse_findings(filename), key=lambda f: f.cve,
)
- return findings
def ingest_findings(self, sorted_findings, test):
findings = {}
@@ -138,9 +137,7 @@ def format_description(self, i):
return description
def format_mitigation(self, i):
- mitigation = f"Upgrade {str(i.component)} to latest version: {str(i.latest_version)}.\n"
-
- return mitigation
+ return f"Upgrade {str(i.component)} to latest version: {str(i.latest_version)}.\n"
def format_impact(self, i):
impact = "The use of vulnerable third-party open source software in applications can have numerous negative impacts:\n\n"
diff --git a/dojo/tools/blackduck_component_risk/importer.py b/dojo/tools/blackduck_component_risk/importer.py
index 14bf05ce47d..e73a11ed7ab 100644
--- a/dojo/tools/blackduck_component_risk/importer.py
+++ b/dojo/tools/blackduck_component_risk/importer.py
@@ -29,9 +29,8 @@ def parse_findings(self, report: Path) -> (dict, dict, dict):
report = Path(report.temporary_file_path())
if zipfile.is_zipfile(str(report)):
return self._process_zipfile(report)
- else:
- msg = f"File {report} not a zip!"
- raise ValueError(msg)
+ msg = f"File {report} not a zip!"
+ raise ValueError(msg)
def _process_zipfile(self, report: Path) -> (dict, dict, dict):
"""
diff --git a/dojo/tools/blackduck_component_risk/parser.py b/dojo/tools/blackduck_component_risk/parser.py
index 7e683364f48..df8395da9ef 100644
--- a/dojo/tools/blackduck_component_risk/parser.py
+++ b/dojo/tools/blackduck_component_risk/parser.py
@@ -206,10 +206,9 @@ def security_title(self, vulns):
:param vulns: Dictionary {component_version_identifier: [vulns]}
:return:
"""
- title = "Security Risk: {}:{}".format(
+ return "Security Risk: {}:{}".format(
vulns[0]["Component name"], vulns[0]["Component version name"]
)
- return title
def security_description(self, vulns):
"""
@@ -289,10 +288,9 @@ def security_mitigation(self, vulns):
:param vulns: Dictionary {component_version_identifier: [vulns]}
:return:
"""
- mit = "Update component {}:{} to a secure version".format(
+ return "Update component {}:{} to a secure version".format(
vulns[0]["Component name"], vulns[0]["Component version name"]
)
- return mit
def security_impact(self, vulns):
"""
diff --git a/dojo/tools/burp_api/parser.py b/dojo/tools/burp_api/parser.py
index 75e4e87507b..8ce6db7b77e 100644
--- a/dojo/tools/burp_api/parser.py
+++ b/dojo/tools/burp_api/parser.py
@@ -159,9 +159,8 @@ def convert_confidence(issue):
value = issue.get("confidence", "undefined").lower()
if "certain" == value:
return 2
- elif "firm" == value:
+ if "firm" == value:
return 3
- elif "tentative" == value:
+ if "tentative" == value:
return 6
- else:
- return None
+ return None
diff --git a/dojo/tools/burp_enterprise/parser.py b/dojo/tools/burp_enterprise/parser.py
index 1984cc65d78..bb728586227 100644
--- a/dojo/tools/burp_enterprise/parser.py
+++ b/dojo/tools/burp_enterprise/parser.py
@@ -23,8 +23,7 @@ def get_findings(self, filename, test):
tree = etree.parse(filename, parser)
if tree:
return self.get_items(tree, test)
- else:
- return ()
+ return ()
def get_content(self, container):
s = ""
@@ -193,8 +192,7 @@ def get_cwe(self, vuln_references):
cweSearch = re.search("CWE-([0-9]*)", vuln_references, re.IGNORECASE)
if cweSearch:
return cweSearch.group(1)
- else:
- return 0
+ return 0
def create_findings(self, items, test):
# Dictonary to hold the aggregated findings with:
diff --git a/dojo/tools/burp_graphql/parser.py b/dojo/tools/burp_graphql/parser.py
index f6d032bc281..17e1e00e7fd 100644
--- a/dojo/tools/burp_graphql/parser.py
+++ b/dojo/tools/burp_graphql/parser.py
@@ -222,5 +222,4 @@ def get_cwe(self, cwe_html):
cweSearch = re.search("CWE-([0-9]*)", cwe_html, re.IGNORECASE)
if cweSearch:
return cweSearch.group(1)
- else:
- return 0
+ return 0
diff --git a/dojo/tools/checkmarx/parser.py b/dojo/tools/checkmarx/parser.py
index 1cfdfdac259..553dc805577 100644
--- a/dojo/tools/checkmarx/parser.py
+++ b/dojo/tools/checkmarx/parser.py
@@ -21,8 +21,7 @@ def get_label_for_scan_types(self, scan_type):
def get_description_for_scan_types(self, scan_type):
if scan_type == "Checkmarx Scan":
return "Simple Report. Aggregates vulnerabilities per categories, cwe, name, sinkFilename"
- else:
- return "Detailed Report. Import all vulnerabilities from checkmarx without aggregation"
+ return "Detailed Report. Import all vulnerabilities from checkmarx without aggregation"
# mode:
# None (default): aggregates vulnerabilites per sink filename (legacy behavior)
@@ -333,8 +332,7 @@ def get_description_detailed(self, pathnode, findingdetail):
codefragment.find("Code").text.strip(),
)
- findingdetail = f"{findingdetail}-----\n"
- return findingdetail
+ return f"{findingdetail}-----\n"
# Get name, cwe and categories from the global query tag (1 query = 1 type
# of vulnerability)
@@ -362,16 +360,14 @@ def isVerified(self, state):
def get_findings(self, file, test):
if file.name.strip().lower().endswith(".json"):
return self._get_findings_json(file, test)
- else:
- return self._get_findings_xml(file, test)
+ return self._get_findings_xml(file, test)
def _parse_date(self, value):
if isinstance(value, str):
return parser.parse(value).date()
- elif isinstance(value, dict) and isinstance(value.get("seconds"), int):
+ if isinstance(value, dict) and isinstance(value.get("seconds"), int):
return datetime.datetime.utcfromtimestamp(value.get("seconds")).date()
- else:
- return None
+ return None
def _get_findings_json(self, file, test):
""""""
diff --git a/dojo/tools/checkmarx_one/parser.py b/dojo/tools/checkmarx_one/parser.py
index 381f705f82d..b7d98ccc210 100644
--- a/dojo/tools/checkmarx_one/parser.py
+++ b/dojo/tools/checkmarx_one/parser.py
@@ -21,10 +21,9 @@ def get_description_for_scan_types(self, scan_type):
def _parse_date(self, value):
if isinstance(value, str):
return parser.parse(value)
- elif isinstance(value, dict) and isinstance(value.get("seconds"), int):
+ if isinstance(value, dict) and isinstance(value.get("seconds"), int):
return datetime.datetime.utcfromtimestamp(value.get("seconds"))
- else:
- return None
+ return None
def parse_vulnerabilities_from_scan_list(
self,
@@ -101,8 +100,7 @@ def parse_sca_vulnerabilities(
cwe_store: list,
) -> List[Finding]:
# Not implemented yet
- findings = []
- return findings
+ return []
def parse_sast_vulnerabilities(
self,
diff --git a/dojo/tools/chefinspect/parser.py b/dojo/tools/chefinspect/parser.py
index 1dd413df62c..50566564744 100644
--- a/dojo/tools/chefinspect/parser.py
+++ b/dojo/tools/chefinspect/parser.py
@@ -17,14 +17,13 @@ def convert_score(self, raw_value):
val = float(raw_value)
if val == 0.0:
return "Info"
- elif val < 0.4:
+ if val < 0.4:
return "Low"
- elif val < 0.7:
+ if val < 0.7:
return "Medium"
- elif val < 0.9:
+ if val < 0.9:
return "High"
- else:
- return "Critical"
+ return "Critical"
def get_findings(self, file, test):
lines = file.read()
diff --git a/dojo/tools/clair/clairklar_parser.py b/dojo/tools/clair/clairklar_parser.py
index c42ba78b32d..191f989e32e 100644
--- a/dojo/tools/clair/clairklar_parser.py
+++ b/dojo/tools/clair/clairklar_parser.py
@@ -79,7 +79,7 @@ def get_item_clairklar(self, item_node, test):
if "Link" in item_node:
link = item_node["Link"]
- finding = Finding(
+ return Finding(
title=item_node["Name"]
+ " - "
+ "("
@@ -101,4 +101,3 @@ def get_item_clairklar(self, item_node, test):
dynamic_finding=False,
impact="No impact provided",
)
- return finding
diff --git a/dojo/tools/clair/parser.py b/dojo/tools/clair/parser.py
index dd03c49d7ca..f4e021cd05e 100644
--- a/dojo/tools/clair/parser.py
+++ b/dojo/tools/clair/parser.py
@@ -19,10 +19,10 @@ def get_findings(self, json_output, test):
if tree:
if self.scanner == "clair":
return ClairScan().get_items_clair(tree, test)
- elif self.scanner == "clairklar":
+ if self.scanner == "clairklar":
return ClairKlarScan().get_items_klar(tree, test)
- else:
- return []
+ return None
+ return []
def parse_json(self, json_output):
try:
diff --git a/dojo/tools/cloudsploit/parser.py b/dojo/tools/cloudsploit/parser.py
index 22e8de1a2be..6bfd0b66964 100644
--- a/dojo/tools/cloudsploit/parser.py
+++ b/dojo/tools/cloudsploit/parser.py
@@ -75,5 +75,4 @@ def convert_severity(self, status):
return "Medium"
if status == "FAIL":
return "Critical"
- else:
- return "Info"
+ return "Info"
diff --git a/dojo/tools/codechecker/parser.py b/dojo/tools/codechecker/parser.py
index 41998099e56..5e96c75be35 100644
--- a/dojo/tools/codechecker/parser.py
+++ b/dojo/tools/codechecker/parser.py
@@ -19,11 +19,12 @@ def get_requires_file(self, scan_type):
def get_findings(self, json_output, test):
if json_output is None:
- return
+ return None
tree = self.parse_json(json_output)
if tree:
return self.get_items(tree)
+ return None
def parse_json(self, json_output):
data = json_output.read()
@@ -99,7 +100,7 @@ def get_item(vuln):
else:
title = unique_id_from_tool
- finding = Finding(
+ return Finding(
title=title,
description=description,
severity=severity,
@@ -119,8 +120,6 @@ def get_item(vuln):
],
)
- return finding
-
def get_mapped_severity(severity):
switcher = {
diff --git a/dojo/tools/contrast/parser.py b/dojo/tools/contrast/parser.py
index 73e3b94c7be..65c0d1617b5 100644
--- a/dojo/tools/contrast/parser.py
+++ b/dojo/tools/contrast/parser.py
@@ -124,8 +124,7 @@ def format_description(self, row):
+ row.get("Vulnerability Name")
+ "\n"
)
- description = description + "**Status:** " + row.get("Status") + "\n"
- return description
+ return description + "**Status:** " + row.get("Status") + "\n"
def format_cwe(self, url):
# Get the last path
diff --git a/dojo/tools/crashtest_security/parser.py b/dojo/tools/crashtest_security/parser.py
index 8770013b791..063b10ad2a0 100644
--- a/dojo/tools/crashtest_security/parser.py
+++ b/dojo/tools/crashtest_security/parser.py
@@ -131,14 +131,13 @@ def get_severity(self, cvss_base_score):
"""
if cvss_base_score == 0:
return "Info"
- elif cvss_base_score < 4:
+ if cvss_base_score < 4:
return "Low"
- elif cvss_base_score < 7:
+ if cvss_base_score < 7:
return "Medium"
- elif cvss_base_score < 9:
+ if cvss_base_score < 9:
return "High"
- else:
- return "Critical"
+ return "Critical"
class CrashtestSecurityXmlParser:
@@ -153,8 +152,7 @@ def get_findings(self, xml_output, test):
if tree:
return self.get_items(tree, test)
- else:
- return []
+ return []
def parse_xml(self, xml_output):
"""
@@ -244,8 +242,7 @@ def get_findings(self, filename, test):
if filename.name.lower().endswith(".xml"):
return CrashtestSecurityXmlParser().get_findings(filename, test)
- elif filename.name.lower().endswith(".json"):
+ if filename.name.lower().endswith(".json"):
return CrashtestSecurityJsonParser().get_findings(filename, test)
- else:
- msg = "Unknown File Format"
- raise ValueError(msg)
+ msg = "Unknown File Format"
+ raise ValueError(msg)
diff --git a/dojo/tools/crunch42/parser.py b/dojo/tools/crunch42/parser.py
index ff09dddcd67..65568da17e3 100644
--- a/dojo/tools/crunch42/parser.py
+++ b/dojo/tools/crunch42/parser.py
@@ -38,8 +38,7 @@ def get_findings(self, filename, test):
for moduleTree in reportTree:
temp += self.process_tree(moduleTree, test)
return temp
- else:
- return self.process_tree(reportTree, test)
+ return self.process_tree(reportTree, test)
def get_items(self, tree, test):
items = {}
@@ -72,7 +71,7 @@ def get_item(self, issue, title, test):
else:
severity = "Critical"
# create the finding object
- finding = Finding(
+ return Finding(
unique_id_from_tool=fingerprint,
title=title,
test=test,
@@ -87,4 +86,3 @@ def get_item(self, issue, title, test):
static_finding=True,
dynamic_finding=False,
)
- return finding
diff --git a/dojo/tools/cyclonedx/json_parser.py b/dojo/tools/cyclonedx/json_parser.py
index a57b6debafb..cacf85f53d6 100644
--- a/dojo/tools/cyclonedx/json_parser.py
+++ b/dojo/tools/cyclonedx/json_parser.py
@@ -144,4 +144,4 @@ def _flatten_components(self, components, flatted_components):
# tools don't provide it
if "bom-ref" in component:
flatted_components[component["bom-ref"]] = component
- return None
+ return
diff --git a/dojo/tools/cyclonedx/parser.py b/dojo/tools/cyclonedx/parser.py
index 8fe80a51136..d01798e3583 100644
--- a/dojo/tools/cyclonedx/parser.py
+++ b/dojo/tools/cyclonedx/parser.py
@@ -20,5 +20,4 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, file, test):
if file.name.strip().lower().endswith(".json"):
return CycloneDXJSONParser()._get_findings_json(file, test)
- else:
- return CycloneDXXMLParser()._get_findings_xml(file, test)
+ return CycloneDXXMLParser()._get_findings_xml(file, test)
diff --git a/dojo/tools/deepfence_threatmapper/compliance.py b/dojo/tools/deepfence_threatmapper/compliance.py
index 5cd4f5b6340..f948a18c929 100644
--- a/dojo/tools/deepfence_threatmapper/compliance.py
+++ b/dojo/tools/deepfence_threatmapper/compliance.py
@@ -32,7 +32,7 @@ def get_findings(self, row, headers, test):
description += "**test_number:** " + str(test_number) + "\n"
description += "**count:** " + str(count) + "\n"
description += "**doc_id:** " + str(doc_id) + "\n"
- finding = Finding(
+ return Finding(
title="Threatmapper_Compliance_Report-" + test_number,
description=description,
severity=self.compliance_severity(status),
@@ -40,7 +40,6 @@ def get_findings(self, row, headers, test):
dynamic_finding=True,
test=test,
)
- return finding
def compliance_severity(self, input):
if input == "pass":
diff --git a/dojo/tools/deepfence_threatmapper/malware.py b/dojo/tools/deepfence_threatmapper/malware.py
index f1931e42623..f764a2ce4b0 100644
--- a/dojo/tools/deepfence_threatmapper/malware.py
+++ b/dojo/tools/deepfence_threatmapper/malware.py
@@ -21,7 +21,7 @@ def get_findings(self, row, headers, test):
description += "**NodeType:** " + str(NodeType) + "\n"
description += "**Container Name:** " + str(Container_Name) + "\n"
description += "**Kubernetes Cluster Name:** " + str(Kubernetes_Cluster_Name) + "\n"
- finding = Finding(
+ return Finding(
title=Rule_Name,
description=description,
file_path=File_Name,
@@ -30,10 +30,8 @@ def get_findings(self, row, headers, test):
dynamic_finding=True,
test=test,
)
- return finding
def severity(self, input):
if input is None:
return "Info"
- else:
- return input.capitalize()
+ return input.capitalize()
diff --git a/dojo/tools/deepfence_threatmapper/secret.py b/dojo/tools/deepfence_threatmapper/secret.py
index fd102be834a..2eae14bc76b 100644
--- a/dojo/tools/deepfence_threatmapper/secret.py
+++ b/dojo/tools/deepfence_threatmapper/secret.py
@@ -38,5 +38,4 @@ def get_findings(self, row, headers, test):
def severity(self, input):
if input is None:
return "Info"
- else:
- return input.capitalize()
+ return input.capitalize()
diff --git a/dojo/tools/deepfence_threatmapper/vulnerability.py b/dojo/tools/deepfence_threatmapper/vulnerability.py
index 61c1e505cdc..b76505613af 100644
--- a/dojo/tools/deepfence_threatmapper/vulnerability.py
+++ b/dojo/tools/deepfence_threatmapper/vulnerability.py
@@ -29,7 +29,7 @@ def get_findings(self, row, headers, test):
description += "**host_name:** " + str(host_name) + "\n"
description += "**cloud_account_id:** " + str(cloud_account_id) + "\n"
description += "**masked:** " + str(masked) + "\n"
- finding = Finding(
+ return Finding(
title="Threatmapper_Vuln_Report-" + cve_id,
description=description,
component_name=cve_caused_by_package,
@@ -41,10 +41,8 @@ def get_findings(self, row, headers, test):
cve=cve_id,
test=test,
)
- return finding
def severity(self, input):
if input is None:
return "Info"
- else:
- return input.capitalize()
+ return input.capitalize()
diff --git a/dojo/tools/dependency_check/parser.py b/dojo/tools/dependency_check/parser.py
index 870aba11fb6..db83c70eba1 100644
--- a/dojo/tools/dependency_check/parser.py
+++ b/dojo/tools/dependency_check/parser.py
@@ -46,12 +46,11 @@ def get_filename_and_path_from_dependency(
return related_dependency.findtext(
f"{namespace}fileName"
), related_dependency.findtext(f"{namespace}filePath")
- else:
- # without filename, it would be just a duplicate finding so we have to skip it. filename
- # is only present for relateddependencies since v6.0.0
- # logger.debug('related_dependency: %s',
- # ElementTree.tostring(related_dependency, encoding='utf8', method='xml'))
- return None, None
+ # without filename, it would be just a duplicate finding so we have to skip it. filename
+ # is only present for relateddependencies since v6.0.0
+ # logger.debug('related_dependency: %s',
+ # ElementTree.tostring(related_dependency, encoding='utf8', method='xml'))
+ return None, None
def get_component_name_and_version_from_dependency(
self, dependency, related_dependency, namespace
diff --git a/dojo/tools/dependency_track/parser.py b/dojo/tools/dependency_track/parser.py
index e7a39ea4bdf..8c9fd81e1e6 100644
--- a/dojo/tools/dependency_track/parser.py
+++ b/dojo/tools/dependency_track/parser.py
@@ -92,16 +92,15 @@ def _convert_dependency_track_severity_to_dojo_severity(self, dependency_track_s
severity = dependency_track_severity.lower()
if severity == "critical":
return "Critical"
- elif severity == "high":
+ if severity == "high":
return "High"
- elif severity == "medium":
+ if severity == "medium":
return "Medium"
- elif severity == "low":
+ if severity == "low":
return "Low"
- elif severity.startswith("info"):
+ if severity.startswith("info"):
return "Informational"
- else:
- return None
+ return None
def _convert_dependency_track_finding_to_dojo_finding(self, dependency_track_finding, test):
"""
diff --git a/dojo/tools/dockerbench/parser.py b/dojo/tools/dockerbench/parser.py
index 4c08b850e02..a718106de7b 100644
--- a/dojo/tools/dockerbench/parser.py
+++ b/dojo/tools/dockerbench/parser.py
@@ -111,7 +111,7 @@ def get_item(vuln, test, test_start, test_end, description):
vuln["remediation-impact"]
)
- finding = Finding(
+ return Finding(
title=title,
date=datetime.fromtimestamp(int(test_end)),
test=test,
@@ -122,5 +122,3 @@ def get_item(vuln, test, test_start, test_end, description):
static_finding=True,
dynamic_finding=False,
)
-
- return finding
diff --git a/dojo/tools/drheader/parser.py b/dojo/tools/drheader/parser.py
index 158da541bd3..bf8435f63ab 100644
--- a/dojo/tools/drheader/parser.py
+++ b/dojo/tools/drheader/parser.py
@@ -50,7 +50,6 @@ def get_findings(self, filename, test):
for finding in item["report"]:
items.append(self.return_finding(test=test, finding=finding, url=url))
return items
- else:
- for finding in data:
- items.append(self.return_finding(test=test, finding=finding))
- return items
+ for finding in data:
+ items.append(self.return_finding(test=test, finding=finding))
+ return items
diff --git a/dojo/tools/eslint/parser.py b/dojo/tools/eslint/parser.py
index 2b698e7b17b..7246a2dcd5a 100644
--- a/dojo/tools/eslint/parser.py
+++ b/dojo/tools/eslint/parser.py
@@ -16,10 +16,9 @@ def get_description_for_scan_types(self, scan_type):
def _convert_eslint_severity_to_dojo_severity(self, eslint_severity):
if eslint_severity == 2:
return "High"
- elif eslint_severity == 1:
+ if eslint_severity == 1:
return "Medium"
- else:
- return "Info"
+ return "Info"
def get_findings(self, filename, test):
tree = filename.read()
diff --git a/dojo/tools/fortify/parser.py b/dojo/tools/fortify/parser.py
index 85fdc6d33eb..5e4ddb8ceb9 100644
--- a/dojo/tools/fortify/parser.py
+++ b/dojo/tools/fortify/parser.py
@@ -15,5 +15,6 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, filename, test):
if str(filename.name).endswith('.xml'):
return FortifyXMLParser().parse_xml(filename, test)
- elif str(filename.name).endswith('.fpr'):
+ if str(filename.name).endswith('.fpr'):
return FortifyFPRParser().parse_fpr(filename, test)
+ return None
diff --git a/dojo/tools/generic/csv_parser.py b/dojo/tools/generic/csv_parser.py
index 2bf500da1bd..0a4d7782ab4 100644
--- a/dojo/tools/generic/csv_parser.py
+++ b/dojo/tools/generic/csv_parser.py
@@ -105,5 +105,4 @@ def _convert_bool(self, val):
def get_severity(self, input):
if input in ["Info", "Low", "Medium", "High", "Critical"]:
return input
- else:
- return "Info"
+ return "Info"
diff --git a/dojo/tools/generic/parser.py b/dojo/tools/generic/parser.py
index e2fb66086bb..cf03d9753bc 100644
--- a/dojo/tools/generic/parser.py
+++ b/dojo/tools/generic/parser.py
@@ -20,12 +20,12 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, filename, test):
if filename.name.lower().endswith(".csv"):
return GenericCSVParser()._get_findings_csv(filename)
- elif filename.name.lower().endswith(".json"):
+ if filename.name.lower().endswith(".json"):
data = json.load(filename)
test_internal = GenericJSONParser()._get_test_json(data)
return test_internal.findings
- else: # default to CSV like before
- return GenericCSVParser()._get_findings_csv(filename)
+ # default to CSV like before
+ return GenericCSVParser()._get_findings_csv(filename)
def get_tests(self, scan_type, filename):
# if the file is a CSV just use the old function
diff --git a/dojo/tools/github_vulnerability/parser.py b/dojo/tools/github_vulnerability/parser.py
index 3739fc6f20f..fe7aface953 100644
--- a/dojo/tools/github_vulnerability/parser.py
+++ b/dojo/tools/github_vulnerability/parser.py
@@ -131,7 +131,7 @@ def get_findings(self, filename, test):
else:
dupes[dupe_key] = finding
return list(dupes.values())
- elif isinstance(data, list):
+ if isinstance(data, list):
findings = []
for vuln in data:
url = vuln["url"]
@@ -185,6 +185,7 @@ def get_findings(self, filename, test):
)
findings.append(finding)
return findings
+ return None
def _search_vulnerability_alerts(self, data):
if isinstance(data, list):
@@ -204,5 +205,4 @@ def _search_vulnerability_alerts(self, data):
def _convert_security(self, val):
if val.lower() == "moderate":
return "Medium"
- else:
- return val.title()
+ return val.title()
diff --git a/dojo/tools/gitlab_dep_scan/parser.py b/dojo/tools/gitlab_dep_scan/parser.py
index 2ec561500cd..cc365c8acba 100644
--- a/dojo/tools/gitlab_dep_scan/parser.py
+++ b/dojo/tools/gitlab_dep_scan/parser.py
@@ -15,11 +15,12 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, json_output, test):
if json_output is None:
- return
+ return None
tree = self.parse_json(json_output)
if tree:
return self.get_items(tree, test)
+ return None
def parse_json(self, json_output):
try:
diff --git a/dojo/tools/gitlab_sast/parser.py b/dojo/tools/gitlab_sast/parser.py
index b00a04a5e63..f65a49169b8 100644
--- a/dojo/tools/gitlab_sast/parser.py
+++ b/dojo/tools/gitlab_sast/parser.py
@@ -18,11 +18,12 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, json_output, test):
if json_output is None:
- return
+ return None
tree = self.parse_json(json_output)
if tree:
return self.get_items(tree)
+ return None
def get_tests(self, scan_type, handle):
tree = self.parse_json(handle)
diff --git a/dojo/tools/harbor_vulnerability/parser.py b/dojo/tools/harbor_vulnerability/parser.py
index 4186544b214..3e6821d7e34 100644
--- a/dojo/tools/harbor_vulnerability/parser.py
+++ b/dojo/tools/harbor_vulnerability/parser.py
@@ -105,5 +105,4 @@ def get_findings(self, filename, test):
def transpose_severity(severity):
if severity in Finding.SEVERITIES:
return severity
- else:
- return "Info"
+ return "Info"
diff --git a/dojo/tools/hcl_appscan/parser.py b/dojo/tools/hcl_appscan/parser.py
index fbf1a49b25f..c30c19e7850 100644
--- a/dojo/tools/hcl_appscan/parser.py
+++ b/dojo/tools/hcl_appscan/parser.py
@@ -119,5 +119,4 @@ def get_findings(self, file, test):
except UnboundLocalError:
pass
return findings
- else:
- return findings
+ return findings
diff --git a/dojo/tools/huskyci/parser.py b/dojo/tools/huskyci/parser.py
index 472ffbbf6fe..362ab15b4e2 100644
--- a/dojo/tools/huskyci/parser.py
+++ b/dojo/tools/huskyci/parser.py
@@ -20,11 +20,12 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, json_output, test):
if json_output is None:
- return
+ return None
tree = self.parse_json(json_output)
if tree:
return self.get_items(tree, test)
+ return None
def parse_json(self, json_output):
try:
@@ -71,7 +72,7 @@ def get_item(item_node, test):
if "securitytool" in item_node:
description += "\nSecurity Tool: " + item_node.get("securitytool")
- finding = Finding(
+ return Finding(
title=item_node.get("title"),
test=test,
severity=item_node.get("severity"),
@@ -88,5 +89,3 @@ def get_item(item_node, test):
dynamic_finding=False,
impact="No impact provided"
)
-
- return finding
diff --git a/dojo/tools/hydra/parser.py b/dojo/tools/hydra/parser.py
index 677130bd477..f27ea8f3bc0 100644
--- a/dojo/tools/hydra/parser.py
+++ b/dojo/tools/hydra/parser.py
@@ -39,9 +39,7 @@ def get_findings(self, json_output, test):
report = self.__parse_json(json_output)
metadata = HydraScanMetadata(report["generator"])
- findings = self.__extract_findings(report["results"], metadata, test)
-
- return findings
+ return self.__extract_findings(report["results"], metadata, test)
def __extract_findings(
self, raw_findings, metadata: HydraScanMetadata, test
diff --git a/dojo/tools/intsights/parser.py b/dojo/tools/intsights/parser.py
index cd6a61a57ad..2a9f5875c67 100644
--- a/dojo/tools/intsights/parser.py
+++ b/dojo/tools/intsights/parser.py
@@ -29,7 +29,7 @@ def _build_finding_description(self, alert: dict) -> str:
Returns: A markdown formatted description
"""
- description = "\n".join(
+ return "\n".join(
[
alert["description"],
f'**Date Found**: `{alert.get("report_date", "None provided")} `',
@@ -41,7 +41,6 @@ def _build_finding_description(self, alert: dict) -> str:
f'**Alert Link**: {alert.get("alert_link", "None provided")}'
]
)
- return description
def get_findings(self, file, test):
duplicates = {}
diff --git a/dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py b/dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py
index 786635b3ffe..6ea825d1bc2 100644
--- a/dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py
+++ b/dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py
@@ -66,8 +66,7 @@ def get_references(vulnerability):
else:
ref += "- " + reference + "\n"
return ref
- else:
- return None
+ return None
def get_remediation(extended_information):
@@ -125,8 +124,7 @@ def process_component(component):
def get_cve(vulnerability):
if "cves" in vulnerability:
- cves = vulnerability["cves"]
- return cves
+ return vulnerability["cves"]
return []
diff --git a/dojo/tools/kubebench/parser.py b/dojo/tools/kubebench/parser.py
index f288da95426..a2263dce841 100644
--- a/dojo/tools/kubebench/parser.py
+++ b/dojo/tools/kubebench/parser.py
@@ -17,8 +17,7 @@ def get_findings(self, json_output, test):
tree = json.load(json_output)
if "Controls" in tree:
return self.get_chapters(tree["Controls"], test)
- else:
- return self.get_chapters(tree, test)
+ return self.get_chapters(tree, test)
def get_chapters(self, tree, test):
items = []
@@ -105,7 +104,7 @@ def get_item(vuln, test, description):
mitigation = vuln.get("remediation", None)
vuln_id_from_tool = test_number
- finding = Finding(
+ return Finding(
title=title,
test=test,
description=description,
@@ -115,5 +114,3 @@ def get_item(vuln, test, description):
static_finding=True,
dynamic_finding=False,
)
-
- return finding
diff --git a/dojo/tools/kubescape/parser.py b/dojo/tools/kubescape/parser.py
index be9cd6d741e..574bc314800 100644
--- a/dojo/tools/kubescape/parser.py
+++ b/dojo/tools/kubescape/parser.py
@@ -29,12 +29,13 @@ def __hyperlink(link: str) -> str:
def severity_mapper(self, input):
if input <= 4:
return "Low"
- elif input <= 7:
+ if input <= 7:
return "Medium"
- elif input <= 9:
+ if input <= 9:
return "High"
- elif input <= 10:
+ if input <= 10:
return "Critical"
+ return None
def parse_resource_id(self, resource_id):
try:
diff --git a/dojo/tools/microfocus_webinspect/parser.py b/dojo/tools/microfocus_webinspect/parser.py
index 9764a2e8db6..b74b236e123 100644
--- a/dojo/tools/microfocus_webinspect/parser.py
+++ b/dojo/tools/microfocus_webinspect/parser.py
@@ -97,16 +97,15 @@ def get_findings(self, file, test):
def convert_severity(val):
if val == "0":
return "Info"
- elif val == "1":
+ if val == "1":
return "Low"
- elif val == "2":
+ if val == "2":
return "Medium"
- elif val == "3":
+ if val == "3":
return "High"
- elif val == "4":
+ if val == "4":
return "Critical"
- else:
- return "Info"
+ return "Info"
@staticmethod
def get_cwe(val):
@@ -114,5 +113,4 @@ def get_cwe(val):
cweSearch = re.search("CWE-(\\d+)", val, re.IGNORECASE)
if cweSearch:
return int(cweSearch.group(1))
- else:
- return 0
+ return 0
diff --git a/dojo/tools/mobsf/parser.py b/dojo/tools/mobsf/parser.py
index 2cbdca7920b..2b7494700c9 100644
--- a/dojo/tools/mobsf/parser.py
+++ b/dojo/tools/mobsf/parser.py
@@ -378,8 +378,7 @@ def getSeverityForPermission(self, status):
"""
if "dangerous" == status:
return "High"
- else:
- return "Info"
+ return "Info"
# Criticality rating
def getCriticalityRating(self, rating):
diff --git a/dojo/tools/mobsfscan/parser.py b/dojo/tools/mobsfscan/parser.py
index 67c30ffb1cf..fa62c421a58 100644
--- a/dojo/tools/mobsfscan/parser.py
+++ b/dojo/tools/mobsfscan/parser.py
@@ -29,53 +29,52 @@ def get_findings(self, filename, test):
data = json.load(filename)
if len(data.get("results")) == 0:
return []
- else:
- dupes = {}
- for key, item in data.get("results").items():
- metadata = item.get("metadata")
- cwe = int(
- re.match(r"(cwe|CWE)-([0-9]+)", metadata.get("cwe")).group(
- 2
- )
+ dupes = {}
+ for key, item in data.get("results").items():
+ metadata = item.get("metadata")
+ cwe = int(
+ re.match(r"(cwe|CWE)-([0-9]+)", metadata.get("cwe")).group(
+ 2
)
- masvs = metadata.get("masvs")
- owasp_mobile = metadata.get("owasp-mobile")
- description = "\n".join(
- [
- f"**Description:** `{metadata.get('description')}`",
- f"**OWASP MASVS:** `{masvs}`",
- f"**OWASP Mobile:** `{owasp_mobile}`",
- ]
- )
- references = metadata.get("reference")
- if metadata.get("severity") in self.SEVERITY:
- severity = self.SEVERITY[metadata.get("severity")]
- else:
- severity = "Info"
+ )
+ masvs = metadata.get("masvs")
+ owasp_mobile = metadata.get("owasp-mobile")
+ description = "\n".join(
+ [
+ f"**Description:** `{metadata.get('description')}`",
+ f"**OWASP MASVS:** `{masvs}`",
+ f"**OWASP Mobile:** `{owasp_mobile}`",
+ ]
+ )
+ references = metadata.get("reference")
+ if metadata.get("severity") in self.SEVERITY:
+ severity = self.SEVERITY[metadata.get("severity")]
+ else:
+ severity = "Info"
- finding = Finding(
- title=f"{key}",
- test=test,
- severity=severity,
- nb_occurences=1,
- cwe=cwe,
- description=description,
- references=references,
- )
- if item.get("files"):
- for file in item.get("files"):
- file_path = file.get("file_path")
- line = file.get("match_lines")[0]
- finding.file_path = file_path
- finding.line = line
+ finding = Finding(
+ title=f"{key}",
+ test=test,
+ severity=severity,
+ nb_occurences=1,
+ cwe=cwe,
+ description=description,
+ references=references,
+ )
+ if item.get("files"):
+ for file in item.get("files"):
+ file_path = file.get("file_path")
+ line = file.get("match_lines")[0]
+ finding.file_path = file_path
+ finding.line = line
- dupe_key = hashlib.sha256(
- (key + str(cwe) + masvs + owasp_mobile).encode("utf-8")
- ).hexdigest()
+ dupe_key = hashlib.sha256(
+ (key + str(cwe) + masvs + owasp_mobile).encode("utf-8")
+ ).hexdigest()
- if dupe_key in dupes:
- finding = dupes[dupe_key]
- finding.nb_occurences += 1
- else:
- dupes[dupe_key] = finding
- return list(dupes.values())
+ if dupe_key in dupes:
+ finding = dupes[dupe_key]
+ finding.nb_occurences += 1
+ else:
+ dupes[dupe_key] = finding
+ return list(dupes.values())
diff --git a/dojo/tools/mozilla_observatory/parser.py b/dojo/tools/mozilla_observatory/parser.py
index 1d88b3cf116..4bf1039093c 100644
--- a/dojo/tools/mozilla_observatory/parser.py
+++ b/dojo/tools/mozilla_observatory/parser.py
@@ -61,9 +61,8 @@ def get_findings(self, file, test):
def get_severity(self, num_severity):
if 0 > num_severity >= -10:
return "Low"
- elif -11 >= num_severity > -26:
+ if -11 >= num_severity > -26:
return "Medium"
- elif num_severity <= -26:
+ if num_severity <= -26:
return "High"
- else:
- return "Info"
+ return "Info"
diff --git a/dojo/tools/ms_defender/parser.py b/dojo/tools/ms_defender/parser.py
index 6eed53b7dcc..ec8929bce1f 100644
--- a/dojo/tools/ms_defender/parser.py
+++ b/dojo/tools/ms_defender/parser.py
@@ -34,29 +34,28 @@ def get_findings(self, file, test):
zipdata = {name: input_zip.read(name) for name in input_zip.namelist()}
if zipdata.get('machines/') is None or zipdata.get('vulnerabilities/') is None:
return []
- else:
- vulnerabilityfiles = []
- machinefiles = []
- for content in list(zipdata):
- if "vulnerabilities/" in content and "vulnerabilities/" != content:
- vulnerabilityfiles.append(content)
- if "machines/" in content and "machines/" != content:
- machinefiles.append(content)
- vulnerabilities = []
- machines = {}
- for vulnerabilityfile in vulnerabilityfiles:
- output = json.loads(zipdata[vulnerabilityfile].decode('ascii'))['value']
- for data in output:
- vulnerabilities.append(data)
- for machinefile in machinefiles:
- output = json.loads(zipdata[machinefile].decode('ascii'))['value']
- for data in output:
- machines[data.get('id')] = data
- for vulnerability in vulnerabilities:
- try:
- self.process_zip(vulnerability, machines[vulnerability['machineId']])
- except (IndexError, KeyError):
- self.process_json(vulnerability)
+ vulnerabilityfiles = []
+ machinefiles = []
+ for content in list(zipdata):
+ if "vulnerabilities/" in content and "vulnerabilities/" != content:
+ vulnerabilityfiles.append(content)
+ if "machines/" in content and "machines/" != content:
+ machinefiles.append(content)
+ vulnerabilities = []
+ machines = {}
+ for vulnerabilityfile in vulnerabilityfiles:
+ output = json.loads(zipdata[vulnerabilityfile].decode('ascii'))['value']
+ for data in output:
+ vulnerabilities.append(data)
+ for machinefile in machinefiles:
+ output = json.loads(zipdata[machinefile].decode('ascii'))['value']
+ for data in output:
+ machines[data.get('id')] = data
+ for vulnerability in vulnerabilities:
+ try:
+ self.process_zip(vulnerability, machines[vulnerability['machineId']])
+ except (IndexError, KeyError):
+ self.process_json(vulnerability)
else:
return []
return self.findings
@@ -141,5 +140,4 @@ def process_zip(self, vulnerability, machine):
def severity_check(self, input):
if input in ['Informational', 'Low', 'Medium', 'High', 'Critical']:
return input
- else:
- return "Informational"
+ return "Informational"
diff --git a/dojo/tools/neuvector/parser.py b/dojo/tools/neuvector/parser.py
index f2f20ebd531..12fd5142224 100644
--- a/dojo/tools/neuvector/parser.py
+++ b/dojo/tools/neuvector/parser.py
@@ -116,16 +116,15 @@ def get_item(vulnerability, test):
def convert_severity(severity):
if severity.lower() == "critical":
return "Critical"
- elif severity.lower() == "high":
+ if severity.lower() == "high":
return "High"
- elif severity.lower() == "medium":
+ if severity.lower() == "medium":
return "Medium"
- elif severity.lower() == "low":
+ if severity.lower() == "low":
return "Low"
- elif severity == "":
+ if severity == "":
return "Info"
- else:
- return severity.title()
+ return severity.title()
class NeuVectorParser:
@@ -144,6 +143,5 @@ def get_findings(self, filename, test):
if filename.name.lower().endswith(".json"):
return NeuVectorJsonParser().parse(filename, test)
- else:
- msg = "Unknown File Format"
- raise ValueError(msg)
+ msg = "Unknown File Format"
+ raise ValueError(msg)
diff --git a/dojo/tools/neuvector_compliance/parser.py b/dojo/tools/neuvector_compliance/parser.py
index adf05d0729d..b3bd18bf6cf 100644
--- a/dojo/tools/neuvector_compliance/parser.py
+++ b/dojo/tools/neuvector_compliance/parser.py
@@ -101,7 +101,7 @@ def get_item(node, test):
for m in messages:
full_description += f"{str(m).rstrip()}\n"
- finding = Finding(
+ return Finding(
title=title,
test=test,
description=full_description,
@@ -112,25 +112,22 @@ def get_item(node, test):
dynamic_finding=False,
)
- return finding
-
# see neuvector/share/clus_apis.go
def convert_severity(severity):
if severity.lower() == "high":
return "High"
- elif severity.lower() == "warn":
+ if severity.lower() == "warn":
return "Medium"
- elif severity.lower() == "info":
+ if severity.lower() == "info":
return "Low"
- elif severity.lower() == "pass":
+ if severity.lower() == "pass":
return "Info"
- elif severity.lower() == "note":
+ if severity.lower() == "note":
return "Info"
- elif severity.lower() == "error":
+ if severity.lower() == "error":
return "Info"
- else:
- return severity.title()
+ return severity.title()
class NeuVectorComplianceParser:
@@ -149,6 +146,5 @@ def get_findings(self, filename, test):
if filename.name.lower().endswith(".json"):
return parse(filename, test)
- else:
- msg = "Unknown File Format"
- raise ValueError(msg)
+ msg = "Unknown File Format"
+ raise ValueError(msg)
diff --git a/dojo/tools/nikto/parser.py b/dojo/tools/nikto/parser.py
index 6e0f49dbb92..019c7a67d7f 100644
--- a/dojo/tools/nikto/parser.py
+++ b/dojo/tools/nikto/parser.py
@@ -27,8 +27,7 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, filename, test):
if filename.name.lower().endswith(".xml"):
return NiktoXMLParser().process_xml(filename, test)
- elif filename.name.lower().endswith(".json"):
+ if filename.name.lower().endswith(".json"):
return NiktoJSONParser().process_json(filename, test)
- else:
- msg = "Unknown File Format"
- raise ValueError(msg)
+ msg = "Unknown File Format"
+ raise ValueError(msg)
diff --git a/dojo/tools/nmap/parser.py b/dojo/tools/nmap/parser.py
index f0eb0128959..2a776ca71a6 100644
--- a/dojo/tools/nmap/parser.py
+++ b/dojo/tools/nmap/parser.py
@@ -143,14 +143,13 @@ def convert_cvss_score(self, raw_value):
val = float(raw_value)
if val == 0.0:
return "Info"
- elif val < 4.0:
+ if val < 4.0:
return "Low"
- elif val < 7.0:
+ if val < 7.0:
return "Medium"
- elif val < 9.0:
+ if val < 9.0:
return "High"
- else:
- return "Critical"
+ return "Critical"
def manage_vulner_script(
self, test, dupes, script_element, endpoint, report_date=None
diff --git a/dojo/tools/noseyparker/parser.py b/dojo/tools/noseyparker/parser.py
index 965b9e28f5c..667a1d08473 100644
--- a/dojo/tools/noseyparker/parser.py
+++ b/dojo/tools/noseyparker/parser.py
@@ -29,8 +29,8 @@ def get_findings(self, file, test):
# Turn JSONL file into DataFrame
if file is None:
- return
- elif file.name.lower().endswith(".jsonl"):
+ return None
+ if file.name.lower().endswith(".jsonl"):
# Process JSON lines into Dict
data = [json.loads(line) for line in file]
diff --git a/dojo/tools/npm_audit/parser.py b/dojo/tools/npm_audit/parser.py
index fc07e281007..f5143f72af3 100644
--- a/dojo/tools/npm_audit/parser.py
+++ b/dojo/tools/npm_audit/parser.py
@@ -24,7 +24,7 @@ def get_findings(self, json_output, test):
def parse_json(self, json_output):
if json_output is None:
- return
+ return None
try:
data = json_output.read()
try:
@@ -46,9 +46,7 @@ def parse_json(self, json_output):
msg = "npm audit report contains errors: %s, %s"
raise ValueError(msg, code, summary)
- subtree = tree.get("advisories")
-
- return subtree
+ return tree.get("advisories")
def get_items(self, tree, test):
items = {}
diff --git a/dojo/tools/npm_audit_7_plus/parser.py b/dojo/tools/npm_audit_7_plus/parser.py
index 77d3b77c0fd..ff3e4d5bf0c 100644
--- a/dojo/tools/npm_audit_7_plus/parser.py
+++ b/dojo/tools/npm_audit_7_plus/parser.py
@@ -44,7 +44,7 @@ def get_findings(self, json_output, test):
def parse_json(self, json_output):
"""Parse the json format to get findings."""
if json_output is None:
- return
+ return None
try:
data = json_output.read()
try:
diff --git a/dojo/tools/nsp/parser.py b/dojo/tools/nsp/parser.py
index 0b4da91c4e4..466ed6dfa60 100644
--- a/dojo/tools/nsp/parser.py
+++ b/dojo/tools/nsp/parser.py
@@ -17,8 +17,7 @@ def get_findings(self, json_output, test):
tree = self.parse_json(json_output)
if tree:
return self.get_items(tree, test)
- else:
- return []
+ return []
def parse_json(self, json_output):
try:
@@ -56,7 +55,7 @@ def get_item(item_node, test):
else:
severity = "Critical"
- finding = Finding(
+ return Finding(
title=item_node["title"]
+ " - "
+ "("
@@ -89,5 +88,3 @@ def get_item(item_node, test):
mitigated=None,
impact="No impact provided",
)
-
- return finding
diff --git a/dojo/tools/nuclei/parser.py b/dojo/tools/nuclei/parser.py
index 4e97c4f6b73..bd7aa771b9b 100644
--- a/dojo/tools/nuclei/parser.py
+++ b/dojo/tools/nuclei/parser.py
@@ -33,7 +33,7 @@ def get_findings(self, filename, test):
data = []
if filecontent == "" or len(filecontent) == 0:
return []
- elif filecontent[0] == "[":
+ if filecontent[0] == "[":
content = json.loads(filecontent)
for template in content:
data.append(template)
diff --git a/dojo/tools/openvas/csv_parser.py b/dojo/tools/openvas/csv_parser.py
index ff9e8bf8883..0fa3f4fab5d 100644
--- a/dojo/tools/openvas/csv_parser.py
+++ b/dojo/tools/openvas/csv_parser.py
@@ -21,10 +21,9 @@ def map_column_value(self, finding, column_value):
def evaluate_bool_value(column_value):
if column_value.lower() == "true":
return True
- elif column_value.lower() == "false":
+ if column_value.lower() == "false":
return False
- else:
- return None
+ return None
def process_column(self, column_name, column_value, finding):
if (
diff --git a/dojo/tools/openvas/parser.py b/dojo/tools/openvas/parser.py
index ce548db5878..42bf34790e1 100644
--- a/dojo/tools/openvas/parser.py
+++ b/dojo/tools/openvas/parser.py
@@ -15,5 +15,6 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, filename, test):
if str(filename.name).endswith('.csv'):
return OpenVASCSVParser().get_findings(filename, test)
- elif str(filename.name).endswith('.xml'):
+ if str(filename.name).endswith('.xml'):
return OpenVASXMLParser().get_findings(filename, test)
+ return None
diff --git a/dojo/tools/openvas/xml_parser.py b/dojo/tools/openvas/xml_parser.py
index 3746d5c27b1..68ab02a973e 100644
--- a/dojo/tools/openvas/xml_parser.py
+++ b/dojo/tools/openvas/xml_parser.py
@@ -50,11 +50,10 @@ def convert_cvss_score(self, raw_value):
val = float(raw_value)
if val == 0.0:
return "Info"
- elif val < 4.0:
+ if val < 4.0:
return "Low"
- elif val < 7.0:
+ if val < 7.0:
return "Medium"
- elif val < 9.0:
+ if val < 9.0:
return "High"
- else:
- return "Critical"
+ return "Critical"
diff --git a/dojo/tools/ort/parser.py b/dojo/tools/ort/parser.py
index b2c33b0c45b..175ed72edbf 100644
--- a/dojo/tools/ort/parser.py
+++ b/dojo/tools/ort/parser.py
@@ -24,8 +24,7 @@ def get_findings(self, json_output, test):
evaluated_model = self.parse_json(json_output)
if evaluated_model:
return self.get_items(evaluated_model, test)
- else:
- return []
+ return []
def parse_json(self, json_output):
try:
@@ -78,17 +77,14 @@ def is_rule_violation_unresolved(rule_violation):
def find_in_dependency_tree(tree, package_id):
if "pkg" in tree and tree["pkg"] == package_id:
return True
- else:
- if "children" in tree:
- found_in_child = False
- for child in tree["children"]:
- if found_in_child:
- break
- else:
- found_in_child = find_in_dependency_tree(child, package_id)
- return found_in_child
- else:
- return False
+ if "children" in tree:
+ found_in_child = False
+ for child in tree["children"]:
+ if found_in_child:
+ break
+ found_in_child = find_in_dependency_tree(child, package_id)
+ return found_in_child
+ return False
def get_project_ids_for_package(dependency_trees, package_id):
@@ -172,7 +168,7 @@ def get_item(model, test):
severity = get_severity(model.rule_violation)
- finding = Finding(
+ return Finding(
title=model.rule_violation["rule"],
test=test,
references=model.rule_violation["message"],
@@ -181,8 +177,6 @@ def get_item(model, test):
static_finding=True,
)
- return finding
-
# TODO with python 3.7
# @dataclass
@@ -200,9 +194,8 @@ def get_item(model, test):
def get_severity(rule_violation):
if rule_violation["severity"] == "ERROR":
return "High"
- elif rule_violation["severity"] == "WARNING":
+ if rule_violation["severity"] == "WARNING":
return "Medium"
- elif rule_violation["severity"] == "HINT":
+ if rule_violation["severity"] == "HINT":
return "Info"
- else:
- return "Critical"
+ return "Critical"
diff --git a/dojo/tools/ossindex_devaudit/parser.py b/dojo/tools/ossindex_devaudit/parser.py
index e9abb97770a..af9592f6b0e 100644
--- a/dojo/tools/ossindex_devaudit/parser.py
+++ b/dojo/tools/ossindex_devaudit/parser.py
@@ -24,8 +24,7 @@ def get_findings(self, json_file, test):
if tree:
return list(self.get_items(tree, test))
- else:
- return []
+ return []
def parse_json(self, json_file):
if json_file is None:
@@ -71,7 +70,7 @@ def get_item(
msg = "Attempting to convert the CWE value to an integer failed"
raise ValueError(msg)
- finding = Finding(
+ return Finding(
title=dependency_source
+ ":"
+ dependency_name
@@ -97,8 +96,6 @@ def get_item(
impact="No impact provided by scan",
)
- return finding
-
def get_severity(cvss_score):
result = "Info"
diff --git a/dojo/tools/php_security_audit_v2/parser.py b/dojo/tools/php_security_audit_v2/parser.py
index 91b7e4c6c34..b38fd347380 100644
--- a/dojo/tools/php_security_audit_v2/parser.py
+++ b/dojo/tools/php_security_audit_v2/parser.py
@@ -73,9 +73,8 @@ def get_severity_word(severity):
if sev == 5:
return "Critical"
- elif sev == 4:
+ if sev == 4:
return "High"
- elif sev == 3:
+ if sev == 3:
return "Medium"
- else:
- return "Low"
+ return "Low"
diff --git a/dojo/tools/php_symfony_security_check/parser.py b/dojo/tools/php_symfony_security_check/parser.py
index a124a4d4191..a4c7bbbde78 100644
--- a/dojo/tools/php_symfony_security_check/parser.py
+++ b/dojo/tools/php_symfony_security_check/parser.py
@@ -19,7 +19,7 @@ def get_findings(self, json_file, test):
def parse_json(self, json_file):
if json_file is None:
- return
+ return None
try:
data = json_file.read()
try:
diff --git a/dojo/tools/popeye/parser.py b/dojo/tools/popeye/parser.py
index 65ac0d85805..0e8c7a0c858 100644
--- a/dojo/tools/popeye/parser.py
+++ b/dojo/tools/popeye/parser.py
@@ -78,15 +78,13 @@ def get_findings(self, file, test):
def get_popeye_level_string(self, level):
if level == 1:
return "Info"
- elif level == 2:
+ if level == 2:
return "Warning"
- else:
- return "Error"
+ return "Error"
def get_defect_dojo_severity(self, level):
if level == 1:
return "Info"
- elif level == 2:
+ if level == 2:
return "Low"
- else:
- return "High"
+ return "High"
diff --git a/dojo/tools/pwn_sast/parser.py b/dojo/tools/pwn_sast/parser.py
index 0a4ba9652e9..bb5e7e1e9f1 100644
--- a/dojo/tools/pwn_sast/parser.py
+++ b/dojo/tools/pwn_sast/parser.py
@@ -119,3 +119,4 @@ def get_findings(self, filename, test):
findings[unique_finding_key] = finding
return list(findings.values())
+ return None
diff --git a/dojo/tools/qualys/csv_parser.py b/dojo/tools/qualys/csv_parser.py
index 20f53143056..dd4d7e2e14b 100644
--- a/dojo/tools/qualys/csv_parser.py
+++ b/dojo/tools/qualys/csv_parser.py
@@ -27,9 +27,7 @@ def parse_csv(csv_file) -> [Finding]:
)
report_findings = get_report_findings(csv_reader)
- dojo_findings = build_findings_from_dict(report_findings)
-
- return dojo_findings
+ return build_findings_from_dict(report_findings)
def get_report_findings(csv_reader) -> [dict]:
@@ -92,6 +90,7 @@ def _extract_cvss_vectors(cvss_base, cvss_temporal):
)
return cvss_vector
+ return None
def _clean_cve_data(cve_string: str) -> list:
@@ -130,8 +129,7 @@ def get_severity(value: str) -> str:
if settings.USE_QUALYS_LEGACY_SEVERITY_PARSING:
return legacy_severity_lookup.get(value, "Info")
- else:
- return qualys_severity_lookup.get(value, "Info")
+ return qualys_severity_lookup.get(value, "Info")
def build_findings_from_dict(report_findings: [dict]) -> [Finding]:
diff --git a/dojo/tools/qualys/parser.py b/dojo/tools/qualys/parser.py
index 2af9a528f12..27d72c6d985 100644
--- a/dojo/tools/qualys/parser.py
+++ b/dojo/tools/qualys/parser.py
@@ -310,5 +310,4 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, file, test):
if file.name.lower().endswith(".csv"):
return csv_parser.parse_csv(file)
- else:
- return qualys_parser(file)
+ return qualys_parser(file)
diff --git a/dojo/tools/qualys_infrascan_webgui/parser.py b/dojo/tools/qualys_infrascan_webgui/parser.py
index 1ac6909eeae..19d219654c3 100644
--- a/dojo/tools/qualys_infrascan_webgui/parser.py
+++ b/dojo/tools/qualys_infrascan_webgui/parser.py
@@ -114,16 +114,15 @@ def qualys_convert_severity(raw_val):
val = str(raw_val).strip()
if "1" == val:
return "Info"
- elif "2" == val:
+ if "2" == val:
return "Low"
- elif "3" == val:
+ if "3" == val:
return "Medium"
- elif "4" == val:
+ if "4" == val:
return "High"
- elif "5" == val:
+ if "5" == val:
return "Critical"
- else:
- return "Info"
+ return "Info"
class QualysInfrascanWebguiParser:
diff --git a/dojo/tools/qualys_webapp/parser.py b/dojo/tools/qualys_webapp/parser.py
index 4c8c595cf12..5a6aece9385 100644
--- a/dojo/tools/qualys_webapp/parser.py
+++ b/dojo/tools/qualys_webapp/parser.py
@@ -35,8 +35,7 @@ def get_cwe(cwe):
cweSearch = re.search("CWE-([0-9]*)", cwe, re.IGNORECASE)
if cweSearch:
return cweSearch.group(1)
- else:
- return 0
+ return 0
def attach_unique_extras(
@@ -169,8 +168,7 @@ def decode_tag(tag):
if tag is not None:
if tag.get("base64") == "true":
return base64.b64decode(tag.text).decode("utf8", "replace")
- else:
- return tag.text
+ return tag.text
return ""
diff --git a/dojo/tools/retirejs/parser.py b/dojo/tools/retirejs/parser.py
index aaf038f8985..3af8ac04ed2 100644
--- a/dojo/tools/retirejs/parser.py
+++ b/dojo/tools/retirejs/parser.py
@@ -62,7 +62,7 @@ def get_item(self, item_node, test, file):
elif "osvdb" in item_node["identifiers"]:
title = "".join(item_node["identifiers"]["osvdb"])
- finding = Finding(
+ return Finding(
title=title,
test=test,
cwe=1035, # Vulnerable Third Party Component
@@ -74,5 +74,3 @@ def get_item(self, item_node, test, file):
duplicate=False,
out_of_scope=False,
)
-
- return finding
diff --git a/dojo/tools/risk_recon/parser.py b/dojo/tools/risk_recon/parser.py
index 7d14b6ebcee..d61d293d47d 100644
--- a/dojo/tools/risk_recon/parser.py
+++ b/dojo/tools/risk_recon/parser.py
@@ -36,6 +36,7 @@ def get_findings(self, filename, test):
findings = data.get("findings")
return self._get_findings_internal(findings, test)
+ return None
def _get_findings_internal(self, findings, test):
dupes = {}
diff --git a/dojo/tools/rusty_hog/parser.py b/dojo/tools/rusty_hog/parser.py
index 4ffd6c9ade7..160cf4f8f8d 100644
--- a/dojo/tools/rusty_hog/parser.py
+++ b/dojo/tools/rusty_hog/parser.py
@@ -19,8 +19,7 @@ def get_findings(self, json_output, test):
return self.get_items(tree, test)
def parse_json(self, json_output):
- tree = json.load(json_output)
- return tree
+ return json.load(json_output)
def get_items(self, json_output, scanner, test):
items = {}
@@ -79,7 +78,7 @@ def __getitem(self, vulnerabilities, scanner):
for vulnerability in vulnerabilities:
if scanner == "Rusty Hog":
break
- elif scanner == "Choctaw Hog":
+ if scanner == "Choctaw Hog":
"""Choctaw Hog"""
found_secret_string = vulnerability.get("stringsFound")
description = f"**This string was found:** {found_secret_string}"
diff --git a/dojo/tools/sarif/parser.py b/dojo/tools/sarif/parser.py
index 2fe52197b15..1161b740c91 100644
--- a/dojo/tools/sarif/parser.py
+++ b/dojo/tools/sarif/parser.py
@@ -146,9 +146,9 @@ def get_message_from_multiformatMessageString(data, rule):
text = text.replace(substitution_str, arguments[i])
else:
return text
- else:
- # TODO manage markdown
- return data.get("text")
+ return None
+ # TODO manage markdown
+ return data.get("text")
def cve_try(val):
@@ -156,8 +156,7 @@ def cve_try(val):
cveSearch = re.search("(CVE-[0-9]+-[0-9]+)", val, re.IGNORECASE)
if cveSearch:
return cveSearch.group(1).upper()
- else:
- return None
+ return None
def get_title(result, rule):
@@ -327,14 +326,13 @@ def cvss_to_severity(cvss):
if cvss >= 9:
return severity_mapping.get(5)
- elif cvss >= 7:
+ if cvss >= 7:
return severity_mapping.get(4)
- elif cvss >= 4:
+ if cvss >= 4:
return severity_mapping.get(3)
- elif cvss > 0:
+ if cvss > 0:
return severity_mapping.get(2)
- else:
- return severity_mapping.get(1)
+ return severity_mapping.get(1)
def get_severity(result, rule):
@@ -346,12 +344,11 @@ def get_severity(result, rule):
if "note" == severity:
return "Info"
- elif "warning" == severity:
+ if "warning" == severity:
return "Medium"
- elif "error" == severity:
+ if "error" == severity:
return "High"
- else:
- return "Medium"
+ return "Medium"
def get_item(result, rules, artifacts, run_date):
diff --git a/dojo/tools/scout_suite/parser.py b/dojo/tools/scout_suite/parser.py
index e6344fa67a1..bae8f2cabb6 100644
--- a/dojo/tools/scout_suite/parser.py
+++ b/dojo/tools/scout_suite/parser.py
@@ -150,8 +150,7 @@ def __get_items(self, data):
def formatview(self, depth):
if depth > 1:
return "* "
- else:
- return ""
+ return ""
def recursive_print(self, src, depth=0, key=""):
def tabs(n):
diff --git a/dojo/tools/semgrep/parser.py b/dojo/tools/semgrep/parser.py
index 97e711bf237..7cfabbbff32 100644
--- a/dojo/tools/semgrep/parser.py
+++ b/dojo/tools/semgrep/parser.py
@@ -132,15 +132,14 @@ def get_findings(self, filename, test):
def convert_severity(self, val):
if "CRITICAL" == val.upper():
return "Critical"
- elif "WARNING" == val.upper():
+ if "WARNING" == val.upper():
return "Medium"
- elif "ERROR" == val.upper() or "HIGH" == val.upper():
+ if "ERROR" == val.upper() or "HIGH" == val.upper():
return "High"
- elif "INFO" == val.upper():
+ if "INFO" == val.upper():
return "Info"
- else:
- msg = f"Unknown value for severity: {val}"
- raise ValueError(msg)
+ msg = f"Unknown value for severity: {val}"
+ raise ValueError(msg)
def get_description(self, item):
description = ""
diff --git a/dojo/tools/snyk/parser.py b/dojo/tools/snyk/parser.py
index 055d278d29c..0e89c579b37 100644
--- a/dojo/tools/snyk/parser.py
+++ b/dojo/tools/snyk/parser.py
@@ -23,8 +23,7 @@ def get_findings(self, json_output, test):
for moduleTree in reportTree:
temp += self.process_tree(moduleTree, test)
return temp
- else:
- return self.process_tree(reportTree, test)
+ return self.process_tree(reportTree, test)
def process_tree(self, tree, test):
return list(self.get_items(tree, test)) if tree else []
@@ -238,7 +237,7 @@ def get_code_item(self, vulnerability, test):
else:
severity = "Critical"
# create the finding object
- finding = Finding(
+ return Finding(
title=ruleId + "_" + locations_uri,
test=test,
severity=severity,
@@ -259,4 +258,3 @@ def get_code_item(self, vulnerability, test):
static_finding=True,
dynamic_finding=False,
)
- return finding
diff --git a/dojo/tools/snyk_code/parser.py b/dojo/tools/snyk_code/parser.py
index cd7d74a4a42..6e59986cf66 100644
--- a/dojo/tools/snyk_code/parser.py
+++ b/dojo/tools/snyk_code/parser.py
@@ -23,8 +23,7 @@ def get_findings(self, json_output, test):
for moduleTree in reportTree:
temp += self.process_tree(moduleTree, test)
return temp
- else:
- return self.process_tree(reportTree, test)
+ return self.process_tree(reportTree, test)
def process_tree(self, tree, test):
return list(self.get_items(tree, test)) if tree else []
@@ -235,7 +234,7 @@ def get_code_item(self, vulnerability, test):
else:
severity = "Critical"
# create the finding object
- finding = Finding(
+ return Finding(
vuln_id_from_tool=ruleId,
file_path=locations_uri,
title=ruleId + "_" + locations_uri,
@@ -258,4 +257,3 @@ def get_code_item(self, vulnerability, test):
static_finding=True,
dynamic_finding=False,
)
- return finding
diff --git a/dojo/tools/sonarqube/parser.py b/dojo/tools/sonarqube/parser.py
index 1f268001d8c..97ce111fccd 100644
--- a/dojo/tools/sonarqube/parser.py
+++ b/dojo/tools/sonarqube/parser.py
@@ -27,18 +27,16 @@ def get_label_for_scan_types(self, scan_type):
def get_description_for_scan_types(self, scan_type):
if scan_type == "SonarQube Scan":
return "Aggregates findings per cwe, title, description, file_path. SonarQube output file can be imported in HTML format or JSON format. You can get the JSON output directly if you use the SonarQube API or generate with https://github.com/soprasteria/sonar-report version >= 1.1.0, recommend version >= 3.1.2"
- else:
- return "Import all findings from sonarqube html report or JSON format. SonarQube output file can be imported in HTML format or JSON format. Generate with https://github.com/soprasteria/sonar-report version >= 1.1.0, recommend version >= 3.1.2"
+ return "Import all findings from sonarqube html report or JSON format. SonarQube output file can be imported in HTML format or JSON format. Generate with https://github.com/soprasteria/sonar-report version >= 1.1.0, recommend version >= 3.1.2"
def get_findings(self, file, test):
if file.name.endswith(".json"):
json_content = json.load(file)
if json_content.get("date") and json_content.get("projectName") and json_content.get("hotspotKeys"):
return SonarQubeSoprasteriaJSON().get_json_items(json_content, test, self.mode)
- elif json_content.get("paging") and json_content.get("components"):
+ if json_content.get("paging") and json_content.get("components"):
return SonarQubeRESTAPIJSON().get_json_items(json_content, test, self.mode)
- else:
- return []
+ return []
if file.name.endswith(".zip"):
if str(file.__class__) == "":
input_zip = zipfile.ZipFile(file.name, 'r')
@@ -46,13 +44,12 @@ def get_findings(self, file, test):
input_zip = zipfile.ZipFile(file, 'r')
zipdata = {name: input_zip.read(name) for name in input_zip.namelist()}
return SonarQubeRESTAPIZIP().get_items(zipdata, test, self.mode)
- else:
- parser = etree.HTMLParser()
- tree = etree.parse(file, parser)
- if self.mode not in [None, "detailed"]:
- raise ValueError(
- "Internal error: Invalid mode "
- + self.mode
- + ". Expected: one of None, 'detailed'"
- )
- return SonarQubeSoprasteriaHTML().get_items(tree, test, self.mode)
+ parser = etree.HTMLParser()
+ tree = etree.parse(file, parser)
+ if self.mode not in [None, "detailed"]:
+ raise ValueError(
+ "Internal error: Invalid mode "
+ + self.mode
+ + ". Expected: one of None, 'detailed'"
+ )
+ return SonarQubeSoprasteriaHTML().get_items(tree, test, self.mode)
diff --git a/dojo/tools/sonarqube/sonarqube_restapi_json.py b/dojo/tools/sonarqube/sonarqube_restapi_json.py
index 409007e7b8d..df0dadd50e9 100644
--- a/dojo/tools/sonarqube/sonarqube_restapi_json.py
+++ b/dojo/tools/sonarqube/sonarqube_restapi_json.py
@@ -233,12 +233,11 @@ def get_json_items(self, json_content, test, mode):
def severitytranslator(self, severity):
if severity == "BLOCKER":
return "High"
- elif severity == "MAJOR":
+ if severity == "MAJOR":
return "Medium"
- elif severity == "MINOR":
+ if severity == "MINOR":
return "Low"
- else:
- return severity.lower().capitalize()
+ return severity.lower().capitalize()
def returncomponent(self, json_content, key):
components = json_content.get("components")
diff --git a/dojo/tools/sonarqube/soprasteria_helper.py b/dojo/tools/sonarqube/soprasteria_helper.py
index 99d2c3125f0..a8058ce13b3 100644
--- a/dojo/tools/sonarqube/soprasteria_helper.py
+++ b/dojo/tools/sonarqube/soprasteria_helper.py
@@ -14,16 +14,15 @@ def convert_sonar_severity(self, sonar_severity):
sev = sonar_severity.lower()
if sev == "blocker":
return "Critical"
- elif sev == "critical":
+ if sev == "critical":
return "High"
- elif sev == "major":
+ if sev == "major":
return "Medium"
- elif sev == "minor":
+ if sev == "minor":
return "Low"
- elif sev in ["high", "medium", "low"]:
+ if sev in ["high", "medium", "low"]:
return sev.capitalize()
- else:
- return "Info"
+ return "Info"
def get_description(self, vuln_details):
rule_description = etree.tostring(
@@ -32,8 +31,7 @@ def get_description(self, vuln_details):
rule_description = rule_description.split("See", 1)[0]
rule_description = (str(rule_description)).replace("", "**")
rule_description = (str(rule_description)).replace("
", "**")
- rule_description = strip_tags(rule_description).strip()
- return rule_description
+ return strip_tags(rule_description).strip()
def get_references(self, rule_name, vuln_details):
rule_references = rule_name
@@ -46,8 +44,7 @@ def get_cwe(self, vuln_references):
cweSearch = re.search("CWE-([0-9]*)", vuln_references, re.IGNORECASE)
if cweSearch:
return cweSearch.group(1)
- else:
- return 0
+ return 0
# Process one vuln from the report for "SonarQube Scan"
# Create the finding and add it into the dupes list
diff --git a/dojo/tools/sonatype/parser.py b/dojo/tools/sonatype/parser.py
index ef2f0df367a..effee4832b3 100644
--- a/dojo/tools/sonatype/parser.py
+++ b/dojo/tools/sonatype/parser.py
@@ -78,9 +78,8 @@ def get_finding(security_issue, component, test):
def get_severity(vulnerability):
if vulnerability["severity"] <= 3.9:
return "Low"
- elif vulnerability["severity"] <= 6.9:
+ if vulnerability["severity"] <= 6.9:
return "Medium"
- elif vulnerability["severity"] <= 8.9:
+ if vulnerability["severity"] <= 8.9:
return "High"
- else:
- return "Critical"
+ return "Critical"
diff --git a/dojo/tools/ssh_audit/parser.py b/dojo/tools/ssh_audit/parser.py
index 4e3ddb4b363..42d53b8f11b 100644
--- a/dojo/tools/ssh_audit/parser.py
+++ b/dojo/tools/ssh_audit/parser.py
@@ -23,14 +23,13 @@ def convert_cvss_score(self, raw_value):
val = float(raw_value)
if val == 0.0:
return "Info"
- elif val < 4.0:
+ if val < 4.0:
return "Low"
- elif val < 7.0:
+ if val < 7.0:
return "Medium"
- elif val < 9.0:
+ if val < 9.0:
return "High"
- else:
- return "Critical"
+ return "Critical"
def get_findings(self, filename, test):
items = []
diff --git a/dojo/tools/sslyze/parser.py b/dojo/tools/sslyze/parser.py
index a80965f294b..a90edaa5db3 100644
--- a/dojo/tools/sslyze/parser.py
+++ b/dojo/tools/sslyze/parser.py
@@ -22,8 +22,7 @@ def get_findings(self, filename, test):
if filename.name.lower().endswith(".xml"):
return SSLyzeXMLParser().get_findings(filename, test)
- elif filename.name.lower().endswith(".json"):
+ if filename.name.lower().endswith(".json"):
return SSLyzeJSONParser().get_findings(filename, test)
- else:
- msg = "Unknown File Format"
- raise ValueError(msg)
+ msg = "Unknown File Format"
+ raise ValueError(msg)
diff --git a/dojo/tools/sslyze/parser_json.py b/dojo/tools/sslyze/parser_json.py
index 48dc625c043..63bd77f3927 100644
--- a/dojo/tools/sslyze/parser_json.py
+++ b/dojo/tools/sslyze/parser_json.py
@@ -71,12 +71,13 @@
class SSLyzeJSONParser:
def get_findings(self, json_output, test):
if json_output is None:
- return
+ return None
tree = self.parse_json(json_output)
if tree:
return self.get_items(tree, test)
+ return None
def parse_json(self, json_output):
try:
@@ -403,7 +404,7 @@ def get_weak_protocol(cipher, text, node, test, endpoint):
return get_finding(
title, description, None, REFERENCES, test, endpoint
)
- elif "result" in weak_node:
+ if "result" in weak_node:
weak_node_result = weak_node["result"]
if (
"accepted_cipher_suites" in weak_node_result
@@ -622,5 +623,4 @@ def get_endpoint(node):
port = si_node["port"]
if hostname is not None:
return Endpoint(host=hostname, port=port)
- else:
- return None
+ return None
diff --git a/dojo/tools/stackhawk/parser.py b/dojo/tools/stackhawk/parser.py
index 5aa85dfa49c..6883421c20a 100644
--- a/dojo/tools/stackhawk/parser.py
+++ b/dojo/tools/stackhawk/parser.py
@@ -33,9 +33,7 @@ def get_findings(self, json_output, test):
completed_scan = self.__parse_json(json_output)
metadata = StackHawkScanMetadata(completed_scan)
- findings = self.__extract_findings(completed_scan, metadata, test)
-
- return findings
+ return self.__extract_findings(completed_scan, metadata, test)
def __extract_findings(
self, completed_scan, metadata: StackHawkScanMetadata, test
@@ -142,12 +140,11 @@ def __hyperlink(link: str) -> str:
def __endpoint_status(status: str) -> str:
if status == "NEW":
return "** - New**"
- elif status == "RISK_ACCEPTED":
+ if status == "RISK_ACCEPTED":
return '** - Marked "Risk Accepted"**'
- elif status == "FALSE_POSITIVE":
+ if status == "FALSE_POSITIVE":
return '** - Marked "False Positive"**'
- else:
- return ""
+ return ""
@staticmethod
def __are_all_endpoints_in_status(paths, check_status: str) -> bool:
diff --git a/dojo/tools/sysdig_reports/parser.py b/dojo/tools/sysdig_reports/parser.py
index 7d1ad6dc898..cf62c97e11d 100644
--- a/dojo/tools/sysdig_reports/parser.py
+++ b/dojo/tools/sysdig_reports/parser.py
@@ -27,15 +27,14 @@ def get_findings(self, filename, test):
if filename.name.lower().endswith('.csv'):
arr_data = CSVParser().parse(filename=filename)
return self.parse_csv(arr_data=arr_data, test=test)
- elif filename.name.lower().endswith('.json'):
+ if filename.name.lower().endswith('.json'):
scan_data = filename.read()
try:
data = json.loads(str(scan_data, "utf-8"))
except Exception:
data = json.loads(scan_data)
return self.parse_json(data=data, test=test)
- else:
- return ()
+ return ()
def parse_json(self, data, test):
vulnerability = data.get("data", None)
diff --git a/dojo/tools/tenable/csv_format.py b/dojo/tools/tenable/csv_format.py
index c88287cf6ed..8ceaeb2d53a 100644
--- a/dojo/tools/tenable/csv_format.py
+++ b/dojo/tools/tenable/csv_format.py
@@ -70,8 +70,7 @@ def detect_delimiter(self, content: str):
first_line = content.split('\n')[0]
if ';' in first_line:
return ';'
- else:
- return ',' # default to comma if no semicolon found
+ return ',' # default to comma if no semicolon found
def get_findings(self, filename: str, test: Test):
# Read the CSV
diff --git a/dojo/tools/tenable/parser.py b/dojo/tools/tenable/parser.py
index b24b072a680..f7d4cb77c9a 100644
--- a/dojo/tools/tenable/parser.py
+++ b/dojo/tools/tenable/parser.py
@@ -19,8 +19,7 @@ def get_findings(self, filename, test):
".xml"
) or filename.name.lower().endswith(".nessus"):
return TenableXMLParser().get_findings(filename, test)
- elif filename.name.lower().endswith(".csv"):
+ if filename.name.lower().endswith(".csv"):
return TenableCSVParser().get_findings(filename, test)
- else:
- msg = "Filename extension not recognized. Use .xml, .nessus or .csv"
- raise ValueError(msg)
+ msg = "Filename extension not recognized. Use .xml, .nessus or .csv"
+ raise ValueError(msg)
diff --git a/dojo/tools/trivy/parser.py b/dojo/tools/trivy/parser.py
index 400f71c36df..26509e1992b 100644
--- a/dojo/tools/trivy/parser.py
+++ b/dojo/tools/trivy/parser.py
@@ -57,18 +57,16 @@ def get_description_for_scan_types(self, scan_type):
def convert_cvss_score(self, raw_value):
if raw_value is None:
return "Info"
- else:
- val = float(raw_value)
- if val == 0.0:
- return "Info"
- elif val < 4.0:
- return "Low"
- elif val < 7.0:
- return "Medium"
- elif val < 9.0:
- return "High"
- else:
- return "Critical"
+ val = float(raw_value)
+ if val == 0.0:
+ return "Info"
+ if val < 4.0:
+ return "Low"
+ if val < 7.0:
+ return "Medium"
+ if val < 9.0:
+ return "High"
+ return "Critical"
def get_findings(self, scan_file, test):
scan_data = scan_file.read()
@@ -82,71 +80,69 @@ def get_findings(self, scan_file, test):
if data is None:
return []
# Legacy format with results
- elif isinstance(data, list):
+ if isinstance(data, list):
return self.get_result_items(test, data)
- else:
- schema_version = data.get("SchemaVersion", None)
- artifact_name = data.get("ArtifactName", "")
- cluster_name = data.get("ClusterName")
- if schema_version == 2:
- results = data.get("Results", [])
- return self.get_result_items(test, results, artifact_name=artifact_name)
- elif cluster_name:
- findings = []
- vulnerabilities = data.get("Vulnerabilities", [])
- for service in vulnerabilities:
- namespace = service.get("Namespace")
- kind = service.get("Kind")
- name = service.get("Name")
- service_name = ""
- if namespace:
- service_name = f"{namespace} / "
- if kind:
- service_name += f"{kind} / "
- if name:
- service_name += f"{name} / "
- if len(service_name) >= 3:
- service_name = service_name[:-3]
- findings += self.get_result_items(
- test, service.get("Results", []), service_name
- )
- misconfigurations = data.get("Misconfigurations", [])
- for service in misconfigurations:
- namespace = service.get("Namespace")
- kind = service.get("Kind")
- name = service.get("Name")
- service_name = ""
- if namespace:
- service_name = f"{namespace} / "
- if kind:
- service_name += f"{kind} / "
- if name:
- service_name += f"{name} / "
- if len(service_name) >= 3:
- service_name = service_name[:-3]
- findings += self.get_result_items(
- test, service.get("Results", []), service_name
- )
- resources = data.get("Resources", [])
- for resource in resources:
- namespace = resource.get("Namespace")
- kind = resource.get("Kind")
- name = resource.get("Name")
- if namespace:
- resource_name = f"{namespace} / "
- if kind:
- resource_name += f"{kind} / "
- if name:
- resource_name += f"{name} / "
- if len(resource_name) >= 3:
- resource_name = resource_name[:-3]
- findings += self.get_result_items(
- test, resource.get("Results", []), resource_name
- )
- return findings
- else:
- msg = "Schema of Trivy json report is not supported"
- raise ValueError(msg)
+ schema_version = data.get("SchemaVersion", None)
+ artifact_name = data.get("ArtifactName", "")
+ cluster_name = data.get("ClusterName")
+ if schema_version == 2:
+ results = data.get("Results", [])
+ return self.get_result_items(test, results, artifact_name=artifact_name)
+ if cluster_name:
+ findings = []
+ vulnerabilities = data.get("Vulnerabilities", [])
+ for service in vulnerabilities:
+ namespace = service.get("Namespace")
+ kind = service.get("Kind")
+ name = service.get("Name")
+ service_name = ""
+ if namespace:
+ service_name = f"{namespace} / "
+ if kind:
+ service_name += f"{kind} / "
+ if name:
+ service_name += f"{name} / "
+ if len(service_name) >= 3:
+ service_name = service_name[:-3]
+ findings += self.get_result_items(
+ test, service.get("Results", []), service_name
+ )
+ misconfigurations = data.get("Misconfigurations", [])
+ for service in misconfigurations:
+ namespace = service.get("Namespace")
+ kind = service.get("Kind")
+ name = service.get("Name")
+ service_name = ""
+ if namespace:
+ service_name = f"{namespace} / "
+ if kind:
+ service_name += f"{kind} / "
+ if name:
+ service_name += f"{name} / "
+ if len(service_name) >= 3:
+ service_name = service_name[:-3]
+ findings += self.get_result_items(
+ test, service.get("Results", []), service_name
+ )
+ resources = data.get("Resources", [])
+ for resource in resources:
+ namespace = resource.get("Namespace")
+ kind = resource.get("Kind")
+ name = resource.get("Name")
+ if namespace:
+ resource_name = f"{namespace} / "
+ if kind:
+ resource_name += f"{kind} / "
+ if name:
+ resource_name += f"{name} / "
+ if len(resource_name) >= 3:
+ resource_name = resource_name[:-3]
+ findings += self.get_result_items(
+ test, resource.get("Results", []), resource_name
+ )
+ return findings
+ msg = "Schema of Trivy json report is not supported"
+ raise ValueError(msg)
def get_result_items(self, test, results, service_name=None, artifact_name=""):
items = []
diff --git a/dojo/tools/trufflehog/parser.py b/dojo/tools/trufflehog/parser.py
index 7c6dc905f01..4d9f912d557 100644
--- a/dojo/tools/trufflehog/parser.py
+++ b/dojo/tools/trufflehog/parser.py
@@ -26,10 +26,9 @@ def get_findings(self, filename, test):
if "SourceMetadata" in json_data:
return self.get_findings_v3(dict_strs, test)
- elif "path" in json_data:
+ if "path" in json_data:
return self.get_findings_v2(dict_strs, test)
- else:
- return []
+ return []
def get_findings_v2(self, data, test):
dupes = {}
@@ -210,6 +209,5 @@ def walk_dict(self, obj, tab_count=1):
value, tab_count=(tab_count + 1)
)
continue
- else:
- return_string += f"{tab_string}{key}: {value}\n"
+ return_string += f"{tab_string}{key}: {value}\n"
return return_string
diff --git a/dojo/tools/trustwave_fusion_api/parser.py b/dojo/tools/trustwave_fusion_api/parser.py
index 6b6bf2a27aa..f806a2bfc95 100644
--- a/dojo/tools/trustwave_fusion_api/parser.py
+++ b/dojo/tools/trustwave_fusion_api/parser.py
@@ -49,12 +49,11 @@ def convert_severity(self, num_severity):
"""Convert severity value"""
if num_severity >= -10:
return "Low"
- elif -11 >= num_severity > -26:
+ if -11 >= num_severity > -26:
return "Medium"
- elif num_severity <= -26:
+ if num_severity <= -26:
return "High"
- else:
- return "Info"
+ return "Info"
def get_item(vuln, test):
diff --git a/dojo/tools/twistlock/parser.py b/dojo/tools/twistlock/parser.py
index d561555042c..c589040f84a 100644
--- a/dojo/tools/twistlock/parser.py
+++ b/dojo/tools/twistlock/parser.py
@@ -67,7 +67,7 @@ def parse_issue(self, row, test):
def parse(self, filename, test):
if filename is None:
- return
+ return None
content = filename.read()
dupes = {}
if isinstance(content, bytes):
@@ -190,16 +190,15 @@ def get_item(vulnerability, test):
def convert_severity(severity):
if severity.lower() == "important":
return "High"
- elif severity.lower() == "moderate":
+ if severity.lower() == "moderate":
return "Medium"
- elif severity.lower() == "information":
+ if severity.lower() == "information":
return "Info"
- elif severity.lower() == "informational":
+ if severity.lower() == "informational":
return "Info"
- elif severity == "":
+ if severity == "":
return "Info"
- else:
- return severity.title()
+ return severity.title()
class TwistlockParser:
@@ -218,8 +217,7 @@ def get_findings(self, filename, test):
if filename.name.lower().endswith(".json"):
return TwistlockJsonParser().parse(filename, test)
- elif filename.name.lower().endswith(".csv"):
+ if filename.name.lower().endswith(".csv"):
return TwistlockCSVParser().parse(filename, test)
- else:
- msg = "Unknown File Format"
- raise ValueError(msg)
+ msg = "Unknown File Format"
+ raise ValueError(msg)
diff --git a/dojo/tools/utils.py b/dojo/tools/utils.py
index 4820382ef8f..beaef5c1a5c 100644
--- a/dojo/tools/utils.py
+++ b/dojo/tools/utils.py
@@ -16,7 +16,7 @@ def get_npm_cwe(item_node):
if cwe_node:
if isinstance(cwe_node, list):
return int(cwe_node[0][4:])
- elif cwe_node.startswith('CWE-'):
+ if cwe_node.startswith('CWE-'):
cwe_string = cwe_node[4:]
if cwe_string:
return int(cwe_string)
diff --git a/dojo/tools/vcg/parser.py b/dojo/tools/vcg/parser.py
index 9c2bc3a5404..fab91b606f9 100644
--- a/dojo/tools/vcg/parser.py
+++ b/dojo/tools/vcg/parser.py
@@ -65,8 +65,7 @@ def get_field_from_xml(issue, field):
and issue.find(field).text is not None
):
return issue.find(field).text
- else:
- return None
+ return None
def __init__(self):
pass
@@ -97,8 +96,7 @@ def parse_issue(self, issue, test):
data.code_line = self.get_field_from_xml(issue, "CodeLine")
# data.line = self.get_field_from_xml(issue, 'CodeLine')
- finding = data.to_finding(test)
- return finding
+ return data.to_finding(test)
def parse(self, content, test):
dupes = {}
@@ -133,8 +131,7 @@ class VCGCsvParser:
def get_field_from_row(row, column):
if row[column] is not None:
return row[column]
- else:
- return None
+ return None
def parse_issue(self, row, test):
if not row:
@@ -168,8 +165,7 @@ def parse_issue(self, row, test):
data.line = self.get_field_from_row(row, line_column)
data.code_line = self.get_field_from_row(row, code_line_column)
- finding = data.to_finding(test)
- return finding
+ return data.to_finding(test)
def parse(self, content, test):
dupes = {}
@@ -219,8 +215,7 @@ def get_findings(self, filename, test):
# 'utf-8' This line was added to pass a unittest in test_parsers.TestParsers.test_file_existence.
if filename.name.lower().endswith(".xml"):
return list(VCGXmlParser().parse(content, test).values())
- elif filename.name.lower().endswith(".csv"):
+ if filename.name.lower().endswith(".csv"):
return list(VCGCsvParser().parse(content, test).values())
- else:
- msg = "Unknown File Format"
- raise ValueError(msg)
+ msg = "Unknown File Format"
+ raise ValueError(msg)
diff --git a/dojo/tools/veracode/json_parser.py b/dojo/tools/veracode/json_parser.py
index 9e6818effc1..b89c04b1569 100644
--- a/dojo/tools/veracode/json_parser.py
+++ b/dojo/tools/veracode/json_parser.py
@@ -133,9 +133,9 @@ def create_finding_from_details(self, finding_details, scan_type, policy_violate
# Fill in extra info based on the scan type
if scan_type == "STATIC":
return self.add_static_details(finding, finding_details, backup_title=cwe_title)
- elif scan_type == "DYNAMIC":
+ if scan_type == "DYNAMIC":
return self.add_dynamic_details(finding, finding_details, backup_title=cwe_title)
- elif scan_type == "SCA":
+ if scan_type == "SCA":
return self.add_sca_details(finding, finding_details, backup_title=cwe_title)
return None
diff --git a/dojo/tools/veracode/parser.py b/dojo/tools/veracode/parser.py
index ec3f5ba00d9..80f2e68c186 100644
--- a/dojo/tools/veracode/parser.py
+++ b/dojo/tools/veracode/parser.py
@@ -17,8 +17,7 @@ def get_description_for_scan_types(self, scan_type):
def get_findings(self, filename, test):
if filename.name.lower().endswith(".xml"):
return VeracodeXMLParser().get_findings(filename, test)
- elif filename.name.lower().endswith(".json"):
+ if filename.name.lower().endswith(".json"):
return VeracodeJSONParser().get_findings(filename, test)
- else:
- msg = "Filename extension not recognized. Use .xml or .json"
- raise ValueError(msg)
+ msg = "Filename extension not recognized. Use .xml or .json"
+ raise ValueError(msg)
diff --git a/dojo/tools/veracode/xml_parser.py b/dojo/tools/veracode/xml_parser.py
index ce08e14f455..f492b5a2578 100644
--- a/dojo/tools/veracode/xml_parser.py
+++ b/dojo/tools/veracode/xml_parser.py
@@ -274,8 +274,7 @@ def _get_cwe(val):
cweSearch = re.search("CWE-(\\d+)", val, re.IGNORECASE)
if cweSearch:
return int(cweSearch.group(1))
- else:
- return None
+ return None
@classmethod
def __xml_sca_flaw_to_finding(
diff --git a/dojo/tools/veracode_sca/parser.py b/dojo/tools/veracode_sca/parser.py
index a37a08cf7ed..436c029b1f0 100644
--- a/dojo/tools/veracode_sca/parser.py
+++ b/dojo/tools/veracode_sca/parser.py
@@ -237,11 +237,10 @@ def fix_severity(self, severity):
def __cvss_to_severity(cls, cvss):
if cvss >= 9:
return cls.vc_severity_mapping.get(5)
- elif cvss >= 7:
+ if cvss >= 7:
return cls.vc_severity_mapping.get(4)
- elif cvss >= 4:
+ if cvss >= 4:
return cls.vc_severity_mapping.get(3)
- elif cvss > 0:
+ if cvss > 0:
return cls.vc_severity_mapping.get(2)
- else:
- return cls.vc_severity_mapping.get(1)
+ return cls.vc_severity_mapping.get(1)
diff --git a/dojo/tools/wapiti/parser.py b/dojo/tools/wapiti/parser.py
index 4245e72f1ae..20260385bd2 100644
--- a/dojo/tools/wapiti/parser.py
+++ b/dojo/tools/wapiti/parser.py
@@ -108,5 +108,4 @@ def get_cwe(val):
cweSearch = re.search("CWE-(\\d+)", val, re.IGNORECASE)
if cweSearch:
return int(cweSearch.group(1))
- else:
- return None
+ return None
diff --git a/dojo/tools/wfuzz/parser.py b/dojo/tools/wfuzz/parser.py
index 2ac1dfbb27a..59196b263aa 100644
--- a/dojo/tools/wfuzz/parser.py
+++ b/dojo/tools/wfuzz/parser.py
@@ -15,12 +15,13 @@ class WFuzzParser:
def severity_mapper(self, input):
if 200 <= int(input) <= 299:
return "High"
- elif 300 <= int(input) <= 399:
+ if 300 <= int(input) <= 399:
return "Low"
- elif 400 <= int(input) <= 499:
+ if 400 <= int(input) <= 499:
return "Medium"
- elif 500 <= int(input):
+ if 500 <= int(input):
return "Low"
+ return None
def get_scan_types(self):
return ["WFuzz JSON report"]
diff --git a/dojo/tools/whitehat_sentinel/parser.py b/dojo/tools/whitehat_sentinel/parser.py
index 77428939ec3..94fb4ee68e5 100644
--- a/dojo/tools/whitehat_sentinel/parser.py
+++ b/dojo/tools/whitehat_sentinel/parser.py
@@ -42,7 +42,7 @@ def get_findings(self, file, test):
# Convert a WhiteHat Vuln with Attack Vectors to a list of DefectDojo
# findings
- dojo_findings = self._convert_whitehat_sentinel_vulns_to_dojo_finding(
+ return self._convert_whitehat_sentinel_vulns_to_dojo_finding(
findings_collection["collection"], test
)
@@ -51,7 +51,6 @@ def get_findings(self, file, test):
#
# # Append DefectDojo findings to list
# dojo_findings.append(dojo_finding)
- return dojo_findings
def _convert_whitehat_severity_id_to_dojo_severity(
self, whitehat_severity_id: int
@@ -87,6 +86,7 @@ def _parse_cwe_from_tags(self, whitehat_sentinel_tags) -> str:
for tag in whitehat_sentinel_tags:
if tag.startswith("CWE-"):
return tag.split("-")[1]
+ return None
def _parse_description(self, whitehat_sentinel_description: dict):
"""
diff --git a/dojo/tools/xanitizer/parser.py b/dojo/tools/xanitizer/parser.py
index 04869675173..09f046e157e 100644
--- a/dojo/tools/xanitizer/parser.py
+++ b/dojo/tools/xanitizer/parser.py
@@ -24,8 +24,7 @@ def get_findings(self, filename, test):
root = self.parse_xml(filename)
if root is not None:
return self.get_findings_internal(root, test)
- else:
- return []
+ return []
def parse_xml(self, filename):
try:
@@ -161,7 +160,7 @@ def generate_file_path(self, finding):
"relativePath"
):
return finding.find("endNode").get("relativePath")
- elif finding.find("node") is not None and finding.find("node").get(
+ if finding.find("node") is not None and finding.find("node").get(
"relativePath"
):
return finding.find("node").get("relativePath")
diff --git a/dojo/tools/yarn_audit/parser.py b/dojo/tools/yarn_audit/parser.py
index ff26ba37b4b..dc59db03974 100644
--- a/dojo/tools/yarn_audit/parser.py
+++ b/dojo/tools/yarn_audit/parser.py
@@ -25,13 +25,12 @@ def get_findings(self, json_output, test):
lines = lines.split('\n')
tree = (json.loads(line) for line in lines if "{" in line)
return self.get_items_yarn(tree, test)
- elif '"value"' in lines:
+ if '"value"' in lines:
lines = lines.split('\n')
tree = (json.loads(line) for line in lines if "{" in line)
return self.get_items_yarn2(tree, test)
- else:
- tree = json.loads(lines)
- return self.get_items_auditci(tree, test)
+ tree = json.loads(lines)
+ return self.get_items_auditci(tree, test)
def get_items_yarn(self, tree, test):
items = {}
diff --git a/dojo/user/utils.py b/dojo/user/utils.py
index 1c48859dba3..91bd1424f69 100644
--- a/dojo/user/utils.py
+++ b/dojo/user/utils.py
@@ -13,42 +13,37 @@ def __init__(self, *args, **kwargs):
def display_name(self):
if self.name == 'bannerconf':
return 'Login Banner'
- elif self.name == 'cred user':
+ if self.name == 'cred user':
return 'Credentials'
- elif self.name == 'github conf':
+ if self.name == 'github conf':
return 'GitHub Configurations'
- elif self.name == 'engagement survey':
+ if self.name == 'engagement survey':
return 'Questionnaires'
- elif self.name == 'permission':
+ if self.name == 'permission':
return 'Configuration Permissions'
- elif self.name == 'sla configuration':
+ if self.name == 'sla configuration':
return 'SLA Configurations'
- else:
- return self.name.title() + 's'
+ return self.name.title() + 's'
def view_codename(self):
if self.view:
return f'view_{self.name.replace(" ", "_")}'
- else:
- return None
+ return None
def add_codename(self):
if self.add:
return f'add_{self.name.replace(" ", "_")}'
- else:
- return None
+ return None
def change_codename(self):
if self.change:
return f'change_{self.name.replace(" ", "_")}'
- else:
- return None
+ return None
def delete_codename(self):
if self.delete:
return f'delete_{self.name.replace(" ", "_")}'
- else:
- return None
+ return None
def codenames(self):
codenames = []
@@ -95,7 +90,7 @@ def get_configuration_permissions_fields():
questionnaire_permissions = []
rules_permissions = []
- permission_fields = [
+ return [
Permission_Helper(name='cred user', app='dojo', view=True, add=True, change=True, delete=True),
Permission_Helper(name='development environment', app='dojo', add=True, change=True, delete=True),
Permission_Helper(name='finding template', app='dojo', view=True, add=True, change=True, delete=True)] + \
@@ -118,8 +113,6 @@ def get_configuration_permissions_fields():
Permission_Helper(name='user', app='auth', view=True, add=True, change=True, delete=True),
]
- return permission_fields
-
def get_configuration_permissions_codenames():
codenames = []
diff --git a/dojo/user/validators.py b/dojo/user/validators.py
index 17e35c781bd..767ef33eb16 100644
--- a/dojo/user/validators.py
+++ b/dojo/user/validators.py
@@ -13,8 +13,7 @@ def validate(self, password, user=None):
raise ValidationError(
self.get_help_text(),
code='password_too_short')
- else:
- return None
+ return
def get_help_text(self):
return gettext('Password must be at least {minimum_length} characters long.'.format(
@@ -27,8 +26,7 @@ def validate(self, password, user=None):
raise ValidationError(
self.get_help_text(),
code='password_too_short')
- else:
- return None
+ return
def get_help_text(self):
return gettext('Password must be less than {maximum_length} characters long.'.format(
@@ -41,8 +39,7 @@ def validate(self, password, user=None):
raise ValidationError(
self.get_help_text(),
code='password_no_number')
- else:
- return None
+ return
def get_help_text(self):
return gettext('Password must contain at least 1 digit, 0-9.')
@@ -54,8 +51,7 @@ def validate(self, password, user=None):
raise ValidationError(
self.get_help_text(),
code='password_no_upper')
- else:
- return None
+ return
def get_help_text(self):
return gettext('Password must contain at least 1 uppercase letter, A-Z.')
@@ -67,8 +63,7 @@ def validate(self, password, user=None):
raise ValidationError(
self.get_help_text(),
code='password_no_lower')
- else:
- return None
+ return
def get_help_text(self):
return gettext('Password must contain at least 1 lowercase letter, a-z.')
@@ -81,8 +76,7 @@ def validate(self, password, user=None):
raise ValidationError(
self.get_help_text(),
code='password_no_symbol')
- else:
- return None
+ return
def get_help_text(self):
return gettext('The password must contain at least 1 special character, '
@@ -93,5 +87,4 @@ class DojoCommonPasswordValidator(CommonPasswordValidator):
def validate(self, password, user=None):
if get_system_setting('non_common_password_required'):
return super().validate(password, user)
- else:
- return None
+ return None
diff --git a/dojo/user/views.py b/dojo/user/views.py
index ea60c93fc1b..09937c1938f 100644
--- a/dojo/user/views.py
+++ b/dojo/user/views.py
@@ -158,13 +158,12 @@ def logout_view(request):
if not settings.SHOW_LOGIN_FORM:
return login_view(request)
- else:
- messages.add_message(request,
- messages.SUCCESS,
- _('You have logged out successfully.'),
- extra_tags='alert-success')
+ messages.add_message(request,
+ messages.SUCCESS,
+ _('You have logged out successfully.'),
+ extra_tags='alert-success')
- return HttpResponseRedirect(reverse('login'))
+ return HttpResponseRedirect(reverse('login'))
@user_passes_test(lambda u: u.is_active)
diff --git a/dojo/utils.py b/dojo/utils.py
index d66c5385290..7efba323ab3 100644
--- a/dojo/utils.py
+++ b/dojo/utils.py
@@ -177,7 +177,7 @@ def match_finding_to_existing_findings(finding, product=None, engagement=None, t
.order_by('id')
)
- elif deduplication_algorithm == 'unique_id_from_tool':
+ if deduplication_algorithm == 'unique_id_from_tool':
return (
Finding.objects.filter(
**custom_filter,
@@ -187,7 +187,7 @@ def match_finding_to_existing_findings(finding, product=None, engagement=None, t
.order_by('id')
)
- elif deduplication_algorithm == 'unique_id_from_tool_or_hash_code':
+ if deduplication_algorithm == 'unique_id_from_tool_or_hash_code':
query = Finding.objects.filter(
Q(**custom_filter),
(
@@ -198,7 +198,7 @@ def match_finding_to_existing_findings(finding, product=None, engagement=None, t
deduplicationLogger.debug(query.query)
return query
- elif deduplication_algorithm == 'legacy':
+ if deduplication_algorithm == 'legacy':
# This is the legacy reimport behavior. Although it's pretty flawed and
# doesn't match the legacy algorithm for deduplication, this is left as is for simplicity.
# Re-writing the legacy deduplication here would be complicated and counter-productive.
@@ -213,9 +213,8 @@ def match_finding_to_existing_findings(finding, product=None, engagement=None, t
).order_by('id')
)
- else:
- logger.error("Internal error: unexpected deduplication_algorithm: '%s' ", deduplication_algorithm)
- return None
+ logger.error("Internal error: unexpected deduplication_algorithm: '%s' ", deduplication_algorithm)
+ return None
# true if both findings are on an engagement that have a different "deduplication on engagement" configuration
@@ -703,8 +702,7 @@ def add_breadcrumb(parent=None,
if clear:
request.session['dojo_breadcrumbs'] = None
return
- else:
- crumbs = request.session.get('dojo_breadcrumbs', None)
+ crumbs = request.session.get('dojo_breadcrumbs', None)
if top_level or crumbs is None:
crumbs = [
@@ -832,27 +830,26 @@ def get_punchcard_data(objs, start_date, weeks, view='Finding'):
if created < start_of_week:
raise ValueError('date found outside supported range: ' + str(created))
+ if created >= start_of_week and created < start_of_next_week:
+ # add day count to current week data
+ day_counts[day_offset[created.weekday()]] = day_count
+ highest_day_count = max(highest_day_count, day_count)
else:
- if created >= start_of_week and created < start_of_next_week:
- # add day count to current week data
- day_counts[day_offset[created.weekday()]] = day_count
- highest_day_count = max(highest_day_count, day_count)
- else:
- # created >= start_of_next_week, so store current week, prepare for next
- while created >= start_of_next_week:
- week_data, label = get_week_data(start_of_week, tick, day_counts)
- punchcard.extend(week_data)
- ticks.append(label)
- tick += 1
-
- # new week, new values!
- day_counts = [0, 0, 0, 0, 0, 0, 0]
- start_of_week = start_of_next_week
- start_of_next_week += relativedelta(weeks=1)
-
- # finally a day that falls into the week bracket
- day_counts[day_offset[created.weekday()]] = day_count
- highest_day_count = max(highest_day_count, day_count)
+ # created >= start_of_next_week, so store current week, prepare for next
+ while created >= start_of_next_week:
+ week_data, label = get_week_data(start_of_week, tick, day_counts)
+ punchcard.extend(week_data)
+ ticks.append(label)
+ tick += 1
+
+ # new week, new values!
+ day_counts = [0, 0, 0, 0, 0, 0, 0]
+ start_of_week = start_of_next_week
+ start_of_next_week += relativedelta(weeks=1)
+
+ # finally a day that falls into the week bracket
+ day_counts[day_offset[created.weekday()]] = day_count
+ highest_day_count = max(highest_day_count, day_count)
# add week in progress + empty weeks on the end if needed
while tick < weeks + 1:
@@ -1209,8 +1206,7 @@ def __next__(self):
data = self.flo.read(self.chunk_size)
if data:
return data
- else:
- raise StopIteration
+ raise StopIteration
def __iter__(self):
return self
@@ -1280,9 +1276,7 @@ def template_search_helper(fields=None, query_string=None):
return findings
entry_query = build_query(query_string, fields)
- found_entries = findings.filter(entry_query)
-
- return found_entries
+ return findings.filter(entry_query)
def get_page_items(request, items, page_size, prefix=''):
@@ -1424,8 +1418,7 @@ def decrypt(key, iv, encrypted_text):
encrypted_text_bytes = binascii.a2b_hex(encrypted_text)
decryptor = cipher.decryptor()
decrypted_text = decryptor.update(encrypted_text_bytes) + decryptor.finalize()
- decrypted_text = _unpad_string(decrypted_text)
- return decrypted_text
+ return _unpad_string(decrypted_text)
def _pad_string(value):
@@ -1721,9 +1714,8 @@ def get_full_url(relative_url):
def get_site_url():
if settings.SITE_URL:
return settings.SITE_URL
- else:
- logger.warning('SITE URL undefined in settings, full_url cannot be created')
- return "settings.SITE_URL"
+ logger.warning('SITE URL undefined in settings, full_url cannot be created')
+ return "settings.SITE_URL"
@receiver(post_save, sender=User)
@@ -1791,11 +1783,10 @@ def redirect_to_return_url_or_else(request, or_else):
if return_url:
# logger.debug('redirecting to %s: ', return_url.strip())
return redirect(request, return_url.strip())
- elif or_else:
+ if or_else:
return redirect(request, or_else)
- else:
- messages.add_message(request, messages.ERROR, 'Unable to redirect anywhere.', extra_tags='alert-danger')
- return redirect(request, request.get_full_path())
+ messages.add_message(request, messages.ERROR, 'Unable to redirect anywhere.', extra_tags='alert-danger')
+ return redirect(request, request.get_full_path())
def redirect(request, redirect_to):
@@ -2234,6 +2225,7 @@ def get_product(obj):
if isinstance(obj, Product):
return obj
+ return None
def prod_name(obj):
diff --git a/tests/product_test.py b/tests/product_test.py
index 79ac3ac3c7f..7bf16c79538 100644
--- a/tests/product_test.py
+++ b/tests/product_test.py
@@ -25,8 +25,7 @@ def __exit__(self, *_):
while time.time() < self.timeout:
if self.page_has_loaded():
return True
- else:
- time.sleep(0.2)
+ time.sleep(0.2)
msg = f'Timeout waiting for {self.timeout}s'
raise Exception(msg)
diff --git a/unittests/dojo_test_case.py b/unittests/dojo_test_case.py
index 1a4468c6f07..663914f5617 100644
--- a/unittests/dojo_test_case.py
+++ b/unittests/dojo_test_case.py
@@ -359,18 +359,15 @@ def empty_jira_project_for_product(self, product, expected_delta_jira_project_db
def get_jira_issue_status(self, finding_id):
finding = Finding.objects.get(id=finding_id)
- updated = jira_helper.get_jira_status(finding)
- return updated
+ return jira_helper.get_jira_status(finding)
def get_jira_issue_updated(self, finding_id):
finding = Finding.objects.get(id=finding_id)
- updated = jira_helper.get_jira_updated(finding)
- return updated
+ return jira_helper.get_jira_updated(finding)
def get_jira_comments(self, finding_id):
finding = Finding.objects.get(id=finding_id)
- comments = jira_helper.get_jira_comments(finding)
- return comments
+ return jira_helper.get_jira_comments(finding)
def get_jira_issue_updated_map(self, test_id):
findings = Test.objects.get(id=test_id).finding_set.all()
@@ -716,12 +713,10 @@ def do_finding_remove_tags_api(self, http_method, finding_id, tags=None, expecte
return response.data
def put_finding_remove_tags_api(self, finding_id, tags, *args, **kwargs):
- response = self.do_finding_remove_tags_api(self.client.put, finding_id, tags, *args, **kwargs)
- return response
+ return self.do_finding_remove_tags_api(self.client.put, finding_id, tags, *args, **kwargs)
def patch_finding_remove_tags_api(self, finding_id, tags, *args, **kwargs):
- response = self.do_finding_remove_tags_api(self.client.patch, finding_id, tags, *args, **kwargs)
- return response
+ return self.do_finding_remove_tags_api(self.client.patch, finding_id, tags, *args, **kwargs)
def do_finding_notes_api(self, http_method, finding_id, note=None):
data = None
diff --git a/unittests/test_apply_finding_template.py b/unittests/test_apply_finding_template.py
index 3042098b412..7d28264435e 100644
--- a/unittests/test_apply_finding_template.py
+++ b/unittests/test_apply_finding_template.py
@@ -122,9 +122,7 @@ def make_request(self, user_is_staff, finding_id, template_id, data=None):
else:
request = FindingTemplateTestUtil.create_get_request(user, self.apply_template_url)
- v = views.apply_template_to_finding(request, finding_id, template_id)
-
- return v
+ return views.apply_template_to_finding(request, finding_id, template_id)
def test_apply_template_to_finding_with_data_does_not_display_error_success(self):
result = self.make_request(True, 1, 1,
@@ -236,9 +234,7 @@ def make_request(self, user_is_staff, finding_id, data=None):
else:
request = FindingTemplateTestUtil.create_get_request(user, self.choose_template_url)
- v = views.find_template_to_apply(request, finding_id)
-
- return v
+ return views.find_template_to_apply(request, finding_id)
def test_unauthorized_find_template_to_apply_fails(self):
result = self.make_request(False, 1)
@@ -275,9 +271,7 @@ def make_request(self, user_is_staff, finding_id, template_id, data=None):
else:
request = FindingTemplateTestUtil.create_get_request(user, self.finding_template_options_url)
- v = views.choose_finding_template_options(request, finding_id, template_id)
-
- return v
+ return views.choose_finding_template_options(request, finding_id, template_id)
def test_unauthorized_choose_finding_template_options_fails(self):
result = self.make_request(False, 1, 1)
diff --git a/unittests/test_import_reimport.py b/unittests/test_import_reimport.py
index dfbd9c21ca7..5f5fd20453a 100644
--- a/unittests/test_import_reimport.py
+++ b/unittests/test_import_reimport.py
@@ -1825,9 +1825,7 @@ def import_scan_with_params_ui(self, filename, scan_type='ZAP Scan', engagement=
if service is not None:
payload['service'] = service
- result = self.import_scan_ui(engagement, payload)
-
- return result
+ return self.import_scan_ui(engagement, payload)
def reimport_scan_with_params_ui(self, test_id, filename, scan_type='ZAP Scan', minimum_severity='Low', active=True, verified=False, push_to_jira=None, tags=None, close_old_findings=True, scan_date=None):
# Mimic old functionality for active/verified to avoid breaking tests
@@ -1858,8 +1856,7 @@ def reimport_scan_with_params_ui(self, test_id, filename, scan_type='ZAP Scan',
if scan_date is not None:
payload['scan_date'] = scan_date
- result = self.reimport_scan_ui(test_id, payload)
- return result
+ return self.reimport_scan_ui(test_id, payload)
# Observations:
# - When reopening a mitigated finding, almost no fields are updated such as title, description, severity, impact, references, ....
diff --git a/unittests/test_rest_framework.py b/unittests/test_rest_framework.py
index ce1ad77da16..e58682f93f6 100644
--- a/unittests/test_rest_framework.py
+++ b/unittests/test_rest_framework.py
@@ -261,21 +261,28 @@ def _check_helper(check):
if obj is None:
self._check_or_fail(is_nullable, f"{self._get_prefix()} is not nullable yet the value returned was null")
- elif schema_type == TYPE_BOOLEAN:
+ return None
+ if schema_type == TYPE_BOOLEAN:
_check_helper(isinstance(obj, bool))
- elif schema_type == TYPE_INTEGER:
+ return None
+ if schema_type == TYPE_INTEGER:
_check_helper(isinstance(obj, int))
- elif schema_type == TYPE_NUMBER:
+ return None
+ if schema_type == TYPE_NUMBER:
_check_helper(obj.isdecimal())
- elif schema_type == TYPE_ARRAY:
+ return None
+ if schema_type == TYPE_ARRAY:
_check_helper(isinstance(obj, list))
- elif schema_type == TYPE_OBJECT:
+ return None
+ if schema_type == TYPE_OBJECT:
_check_helper(isinstance(obj, OrderedDict) or isinstance(obj, dict))
- elif schema_type == TYPE_STRING:
+ return None
+ if schema_type == TYPE_STRING:
_check_helper(isinstance(obj, str))
- else:
- # Default case
- _check_helper(False)
+ return None
+ # Default case
+ _check_helper(False)
+ return None
# print('_check_type ok for: %s: %s' % (schema, obj))
diff --git a/unittests/tools/test_api_sonarqube_importer.py b/unittests/tools/test_api_sonarqube_importer.py
index 0b30008c1c3..e338bd88c2a 100644
--- a/unittests/tools/test_api_sonarqube_importer.py
+++ b/unittests/tools/test_api_sonarqube_importer.py
@@ -10,56 +10,47 @@
def dummy_product(self, *args, **kwargs):
with open(get_unit_tests_path() + '/scans/api_sonarqube/product.json') as json_file:
- data = json.load(json_file)
- return data
+ return json.load(json_file)
def dummy_issues(self, *args, **kwargs):
with open(get_unit_tests_path() + '/scans/api_sonarqube/issues.json') as json_file:
- data = json.load(json_file)
- return data
+ return json.load(json_file)
def dummy_rule(self, *args, **kwargs):
with open(get_unit_tests_path() + '/scans/api_sonarqube/rule.json') as json_file:
- data = json.load(json_file)
- return data
+ return json.load(json_file)
def dummy_rule_wo_html_desc(self, *args, **kwargs):
with open(get_unit_tests_path() + '/scans/api_sonarqube/rule_wo_html_desc.json') as json_file:
- data = json.load(json_file)
- return data
+ return json.load(json_file)
def dummy_no_hotspot(self, *args, **kwargs):
with open(get_unit_tests_path() + '/scans/api_sonarqube/hotspots/no_vuln.json') as json_file:
- data = json.load(json_file)
- return data
+ return json.load(json_file)
def dummy_one_hotspot(self, *args, **kwargs):
with open(get_unit_tests_path() + '/scans/api_sonarqube/hotspots/one_vuln.json') as json_file:
- data = json.load(json_file)
- return data
+ return json.load(json_file)
def dummy_many_hotspots(self, *args, **kwargs):
with open(get_unit_tests_path() + '/scans/api_sonarqube/hotspots/many_vulns.json') as json_file:
- data = json.load(json_file)
- return data
+ return json.load(json_file)
def dummy_hotspot_rule(self, *args, **kwargs):
with open(get_unit_tests_path() + '/scans/api_sonarqube/hotspots/rule.json') as json_file:
- data = json.load(json_file)
- return data
+ return json.load(json_file)
def dummy_hotspot_rule_wo_risk_description(self, *args, **kwargs):
with open(get_unit_tests_path() + '/scans/api_sonarqube/hotspots/rule_wo_risk_description.json') as json_file:
- data = json.load(json_file)
- return data
+ return json.load(json_file)
def empty_list(self, *args, **kwargs):
diff --git a/unittests/tools/test_api_sonarqube_parser.py b/unittests/tools/test_api_sonarqube_parser.py
index ffb33b76ee9..df4f5e16b61 100644
--- a/unittests/tools/test_api_sonarqube_parser.py
+++ b/unittests/tools/test_api_sonarqube_parser.py
@@ -16,26 +16,22 @@
def dummy_product(self, *args, **kwargs):
with open("unittests/scans/api_sonarqube/product.json") as json_file:
- data = json.load(json_file)
- return data
+ return json.load(json_file)
def dummy_issues(self, *args, **kwargs):
with open("unittests/scans/api_sonarqube/issues.json") as json_file:
- data = json.load(json_file)
- return data
+ return json.load(json_file)
def dummy_rule(self, *args, **kwargs):
with open("unittests/scans/api_sonarqube/rule.json") as json_file:
- data = json.load(json_file)
- return data
+ return json.load(json_file)
def dummy_hotspot_rule(self, *args, **kwargs):
with open(get_unit_tests_path() + '/scans/api_sonarqube/hotspots/rule.json') as json_file:
- data = json.load(json_file)
- return data
+ return json.load(json_file)
def empty_list(self, *args, **kwargs):