From b9797e6320a10b5eb53c9da466c1aaedcfca4531 Mon Sep 17 00:00:00 2001 From: kiblik <5609770+kiblik@users.noreply.github.com> Date: Mon, 2 Sep 2024 17:39:56 +0200 Subject: [PATCH] Ruff: Add and fix D2 --- dojo/admin.py | 40 ++++------ dojo/api_v2/prefetch/prefetcher.py | 9 ++- dojo/api_v2/prefetch/schema.py | 7 +- dojo/api_v2/prefetch/utils.py | 9 ++- dojo/api_v2/views.py | 4 + .../authorization/authorization_decorators.py | 7 +- dojo/authorization/roles_permissions.py | 4 +- dojo/engagement/views.py | 48 +++--------- dojo/finding/helper.py | 2 +- dojo/forms.py | 6 +- dojo/importers/auto_create_context.py | 6 +- dojo/importers/base_importer.py | 11 ++- dojo/importers/default_importer.py | 2 + dojo/importers/default_reimporter.py | 11 +-- dojo/importers/endpoint_manager.py | 16 +--- dojo/importers/options.py | 2 + dojo/jira_link/helper.py | 2 +- dojo/jira_link/views.py | 76 +++++++++---------- dojo/management/commands/dedupe.py | 2 + .../commands/import_github_languages.py | 2 + .../commands/initialize_permissions.py | 6 +- .../commands/jira_status_reconciliation.py | 1 + .../commands/migrate_authorization_v2.py | 2 + dojo/management/commands/migrate_cve.py | 5 +- .../commands/migrate_staff_users.py | 2 + .../commands/migrate_textquestions.py | 2 + dojo/metrics/utils.py | 17 +++-- dojo/middleware.py | 7 +- dojo/models.py | 55 +++++++------- dojo/request_cache/middleware.py | 2 + dojo/risk_acceptance/helper.py | 1 - dojo/search/views.py | 2 - dojo/test/views.py | 40 +++------- dojo/tools/acunetix/parse_acunetix360_json.py | 2 + dojo/tools/acunetix/parse_acunetix_xml.py | 2 + dojo/tools/acunetix/parser.py | 1 + dojo/tools/anchore_grype/parser.py | 4 +- dojo/tools/api_blackduck/api_client.py | 5 +- dojo/tools/api_blackduck/importer.py | 5 +- dojo/tools/api_blackduck/parser.py | 5 +- dojo/tools/api_bugcrowd/api_client.py | 5 +- dojo/tools/api_bugcrowd/importer.py | 5 +- dojo/tools/api_bugcrowd/parser.py | 5 +- dojo/tools/api_cobalt/api_client.py | 5 +- dojo/tools/api_cobalt/importer.py | 5 +- dojo/tools/api_cobalt/parser.py | 5 +- dojo/tools/api_edgescan/api_client.py | 5 +- dojo/tools/api_edgescan/importer.py | 5 +- dojo/tools/api_edgescan/parser.py | 5 +- dojo/tools/api_sonarqube/api_client.py | 5 +- dojo/tools/api_sonarqube/importer.py | 1 + dojo/tools/api_sonarqube/updater.py | 1 + .../api_sonarqube/updater_from_source.py | 1 + dojo/tools/api_vulners/api_client.py | 5 +- dojo/tools/api_vulners/importer.py | 5 +- dojo/tools/api_vulners/parser.py | 1 + .../engines/appcheck.py | 2 + .../engines/base.py | 18 +++-- .../engines/nmap.py | 2 + .../engines/openvas.py | 2 + .../parser.py | 1 + dojo/tools/appspider/parser.py | 1 + dojo/tools/arachni/parser.py | 4 +- dojo/tools/auditjs/parser.py | 1 + dojo/tools/bearer_cli/parser.py | 5 +- dojo/tools/blackduck/importer.py | 4 +- dojo/tools/blackduck/parser.py | 1 + .../blackduck_binary_analysis/importer.py | 8 +- .../tools/blackduck_binary_analysis/parser.py | 1 + .../blackduck_component_risk/importer.py | 1 + dojo/tools/blackduck_component_risk/parser.py | 1 + dojo/tools/burp/parser.py | 1 + dojo/tools/burp_api/parser.py | 7 +- dojo/tools/cargo_audit/parser.py | 5 +- dojo/tools/checkmarx/parser.py | 6 +- dojo/tools/checkov/parser.py | 3 +- dojo/tools/cloudsploit/parser.py | 5 +- dojo/tools/contrast/parser.py | 1 + dojo/tools/coverity_api/parser.py | 1 + dojo/tools/coverity_scan/parser.py | 1 + dojo/tools/crashtest_security/parser.py | 8 +- dojo/tools/cred_scan/parser.py | 1 + dojo/tools/cyclonedx/parser.py | 4 +- dojo/tools/dependency_track/parser.py | 1 + dojo/tools/detect_secrets/parser.py | 5 +- dojo/tools/dockle/parser.py | 5 +- dojo/tools/ggshield/parser.py | 9 +-- dojo/tools/gitlab_api_fuzzing/parser.py | 1 + dojo/tools/gitlab_container_scan/parser.py | 1 + dojo/tools/gitlab_dast/parser.py | 5 +- .../gitlab_secret_detection_report/parser.py | 1 + dojo/tools/gitleaks/parser.py | 9 +-- dojo/tools/h1/parser.py | 10 +-- dojo/tools/harbor_vulnerability/parser.py | 5 +- dojo/tools/horusec/parser.py | 1 + dojo/tools/humble/parser.py | 1 + dojo/tools/huskyci/parser.py | 5 +- dojo/tools/hydra/parser.py | 5 +- dojo/tools/ibm_app/parser.py | 4 +- dojo/tools/intsights/parser.py | 6 +- dojo/tools/invicti/parser.py | 3 +- .../parser.py | 1 + dojo/tools/jfrog_xray_unified/parser.py | 1 + dojo/tools/jfrogxray/parser.py | 1 + dojo/tools/kics/parser.py | 5 +- dojo/tools/kubehunter/parser.py | 5 +- dojo/tools/mend/parser.py | 4 +- dojo/tools/microfocus_webinspect/parser.py | 1 + dojo/tools/mobsf/parser.py | 3 +- dojo/tools/mobsfscan/parser.py | 5 +- dojo/tools/mozilla_observatory/parser.py | 4 +- dojo/tools/ms_defender/parser.py | 6 +- dojo/tools/nexpose/parser.py | 5 +- dojo/tools/nikto/parser.py | 4 +- dojo/tools/nmap/parser.py | 6 +- dojo/tools/noseyparker/parser.py | 5 +- dojo/tools/npm_audit_7_plus/parser.py | 1 + dojo/tools/nuclei/parser.py | 5 +- dojo/tools/ort/parser.py | 1 + dojo/tools/ossindex_devaudit/parser.py | 4 +- dojo/tools/pip_audit/parser.py | 1 + dojo/tools/popeye/parser.py | 5 +- dojo/tools/pwn_sast/parser.py | 5 +- dojo/tools/qualys/csv_parser.py | 3 - dojo/tools/rapplex/parser.py | 6 +- dojo/tools/sarif/parser.py | 7 +- dojo/tools/scantist/parser.py | 1 + dojo/tools/scout_suite/parser.py | 1 + dojo/tools/solar_appscreener/parser.py | 5 +- dojo/tools/spotbugs/parser.py | 1 + dojo/tools/ssh_audit/parser.py | 6 +- dojo/tools/sslyze/parser.py | 1 + dojo/tools/stackhawk/parser.py | 5 +- dojo/tools/sysdig_reports/parser.py | 5 +- .../tools/sysdig_reports/sysdig_csv_parser.py | 5 +- dojo/tools/talisman/parser.py | 21 ++--- dojo/tools/terrascan/parser.py | 5 +- dojo/tools/tfsec/parser.py | 5 +- dojo/tools/threagile/parser.py | 5 +- dojo/tools/threat_composer/parser.py | 5 +- dojo/tools/trivy/parser.py | 4 +- dojo/tools/trivy_operator/parser.py | 4 +- dojo/tools/trustwave_fusion_api/parser.py | 5 +- dojo/tools/utils.py | 10 +-- dojo/tools/vcg/parser.py | 1 + dojo/tools/veracode/json_parser.py | 4 +- dojo/tools/veracode/xml_parser.py | 4 +- dojo/tools/wapiti/parser.py | 4 +- dojo/tools/wazuh/parser.py | 1 + dojo/tools/wfuzz/parser.py | 5 +- dojo/tools/whispers/parser.py | 5 +- dojo/tools/whitehat_sentinel/parser.py | 5 +- dojo/tools/wiz/parser.py | 14 +++- dojo/tools/wizcli_dir/parser.py | 5 +- dojo/tools/wizcli_iac/parser.py | 5 +- dojo/tools/wizcli_img/parser.py | 5 +- dojo/tools/wpscan/parser.py | 4 +- dojo/tools/zap/parser.py | 1 + dojo/utils.py | 22 +++--- ruff.toml | 5 +- tests/base_test_class.py | 1 - unittests/test_apiv2_endpoint.py | 6 +- unittests/test_apiv2_limit_reqresp.py | 5 +- unittests/test_apiv2_metadata.py | 6 +- unittests/test_apiv2_notifications.py | 10 +-- unittests/test_apiv2_scan_import_options.py | 10 +-- unittests/test_apiv2_user.py | 6 +- unittests/test_finding_model.py | 20 ++--- unittests/test_import_reimport.py | 8 +- unittests/test_metrics_queries.py | 4 +- unittests/test_rest_framework.py | 8 +- unittests/tools/test_sonarqube_parser.py | 3 +- unittests/tools/test_spotbugs_parser.py | 3 +- unittests/tools/test_zap_parser.py | 6 +- 174 files changed, 502 insertions(+), 540 deletions(-) diff --git a/dojo/admin.py b/dojo/admin.py index a2452ce1e54..c40d39e3c23 100644 --- a/dojo/admin.py +++ b/dojo/admin.py @@ -22,29 +22,25 @@ class QuestionChildAdmin(PolymorphicChildModelAdmin): - """ - Base admin class for all child models of Question - """ + + """Base admin class for all child models of Question""" base_model = Question class TextQuestionAdmin(QuestionChildAdmin): - """ - ModelAdmin for a TextQuestion - """ + + """ModelAdmin for a TextQuestion""" class ChoiceQuestionAdmin(QuestionChildAdmin): - """ - ModelAdmin for a ChoiceQuestion - """ + + """ModelAdmin for a ChoiceQuestion""" class QuestionParentAdmin(PolymorphicParentModelAdmin): - """ - Question parent model admin - """ + + """Question parent model admin""" base_model = Question child_models = ( @@ -60,29 +56,25 @@ class QuestionParentAdmin(PolymorphicParentModelAdmin): class AnswerChildAdmin(PolymorphicChildModelAdmin): - """ - Base admin class for all child Answer models - """ + + """Base admin class for all child Answer models""" base_model = Answer class TextAnswerAdmin(AnswerChildAdmin): - """ - ModelAdmin for TextAnswer - """ + + """ModelAdmin for TextAnswer""" class ChoiceAnswerAdmin(AnswerChildAdmin): - """ - ModelAdmin for ChoiceAnswer - """ + + """ModelAdmin for ChoiceAnswer""" class AnswerParentAdmin(PolymorphicParentModelAdmin): - """ - The parent model admin for answer - """ + + """The parent model admin for answer""" list_display = ( "answered_survey", diff --git a/dojo/api_v2/prefetch/prefetcher.py b/dojo/api_v2/prefetch/prefetcher.py index 79a4b0e7314..d41abf765fa 100644 --- a/dojo/api_v2/prefetch/prefetcher.py +++ b/dojo/api_v2/prefetch/prefetcher.py @@ -12,7 +12,8 @@ class _Prefetcher: @staticmethod def _build_serializers(): - """Returns a map model -> serializer where model is a django model and serializer is the corresponding + """ + Returns a map model -> serializer where model is a django model and serializer is the corresponding serializer used to serialize the model Returns: @@ -42,7 +43,8 @@ def __init__(self): self._prefetch_data = {} def _find_serializer(self, field_type): - """Find the best suited serializer for the given type. + """ + Find the best suited serializer for the given type. Args: field_type (django.db.models.fields): the field type for which we need to find a serializer @@ -62,7 +64,8 @@ def _find_serializer(self, field_type): return self._find_serializer(parent_class) def _prefetch(self, entry, fields_to_fetch): - """Apply prefetching for the given field on the given entry + """ + Apply prefetching for the given field on the given entry Args: entry (ModelInstance): Instance of a model as returned by a django queryset diff --git a/dojo/api_v2/prefetch/schema.py b/dojo/api_v2/prefetch/schema.py index 535e01e4e6c..ef5cbbf389f 100644 --- a/dojo/api_v2/prefetch/schema.py +++ b/dojo/api_v2/prefetch/schema.py @@ -18,7 +18,8 @@ def _get_path_to_GET_serializer_map(generator): def get_serializer_ref_name(serializer): - """Get serializer's ref_name + """ + Get serializer's ref_name inspired by https://github.com/axnsan12/drf-yasg/blob/78031f0c189585c30fccb5005a6899f2d34289a9/src/drf_yasg/utils.py#L416 :param serializer: Serializer instance @@ -37,14 +38,14 @@ def get_serializer_ref_name(serializer): def prefetch_postprocessing_hook(result, generator, request, public): - """OpenAPI v3 (drf-spectacular) Some endpoints are using the PrefetchListMixin and PrefetchRetrieveMixin. + """ + OpenAPI v3 (drf-spectacular) Some endpoints are using the PrefetchListMixin and PrefetchRetrieveMixin. These have nothing to do with Django prefetch_related. The endpoints have an @extend_schema configured with an extra parameter 'prefetch' This parameter contains an array of relations to prefetch. These prefetched models will be returned in an additional property in the response. The below processor ensures the result schema matches this. """ - serializer_classes = _get_path_to_GET_serializer_map(generator) paths = result.get("paths", {}) diff --git a/dojo/api_v2/prefetch/utils.py b/dojo/api_v2/prefetch/utils.py index de7ea2b3834..5e588e03ce8 100644 --- a/dojo/api_v2/prefetch/utils.py +++ b/dojo/api_v2/prefetch/utils.py @@ -2,7 +2,8 @@ def _is_many_to_many_relation(field): - """Check if a field specified a many-to-many relationship as defined by django. + """ + Check if a field specified a many-to-many relationship as defined by django. This is the case if the field is an instance of the ManyToManyDescriptor as generated by the django framework @@ -16,7 +17,8 @@ def _is_many_to_many_relation(field): def _is_one_to_one_relation(field): - """Check if a field specified a one-to-one relationship as defined by django. + """ + Check if a field specified a one-to-one relationship as defined by django. This is the case if the field is an instance of the ForwardManyToOne as generated by the django framework @@ -30,7 +32,8 @@ def _is_one_to_one_relation(field): def _get_prefetchable_fields(serializer): - """Get the fields that are prefetchable according to the serializer description. + """ + Get the fields that are prefetchable according to the serializer description. Method mainly used by for automatic schema generation. Args: diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py index ae77e923553..276322bd293 100644 --- a/dojo/api_v2/views.py +++ b/dojo/api_v2/views.py @@ -2571,6 +2571,7 @@ def get(self, request, format=None): # Authorization: authenticated users, DjangoModelPermissions class ImportScanView(mixins.CreateModelMixin, viewsets.GenericViewSet): + """ Imports a scan report into an engagement or product. @@ -2634,6 +2635,7 @@ def get_queryset(self): class EndpointMetaImporterView( mixins.CreateModelMixin, viewsets.GenericViewSet, ): + """ Imports a CSV file into a product to propagate arbitrary meta and tags on endpoints. @@ -2732,6 +2734,7 @@ def get_queryset(self): # Authorization: object-based class ReImportScanView(mixins.CreateModelMixin, viewsets.GenericViewSet): + """ Reimports a scan report into an existing test. @@ -3132,6 +3135,7 @@ def report_generate(request, obj, options): class SystemSettingsViewSet( mixins.ListModelMixin, mixins.UpdateModelMixin, viewsets.GenericViewSet, ): + """Basic control over System Settings. Use 'id' 1 for PUT, PATCH operations""" permission_classes = (permissions.IsSuperUser, DjangoModelPermissions) diff --git a/dojo/authorization/authorization_decorators.py b/dojo/authorization/authorization_decorators.py index 3063d0821d1..1f1bc9dbcb9 100644 --- a/dojo/authorization/authorization_decorators.py +++ b/dojo/authorization/authorization_decorators.py @@ -12,7 +12,6 @@ def user_is_authorized(model, permission, arg, lookup="pk", func=None): """Decorator for functions that ensures the user has permission on an object.""" - if func is None: return functools.partial( user_is_authorized, model, permission, arg, lookup, @@ -41,7 +40,6 @@ def _wrapped(request, *args, **kwargs): def user_has_global_permission(permission, func=None): """Decorator for functions that ensures the user has a (global) permission""" - if func is None: return functools.partial(user_has_global_permission, permission) @@ -54,10 +52,7 @@ def _wrapped(request, *args, **kwargs): def user_is_configuration_authorized(permission, func=None): - """ - Decorator for views that checks whether a user has a particular permission enabled. - """ - + """Decorator for views that checks whether a user has a particular permission enabled.""" if func is None: return functools.partial(user_is_configuration_authorized, permission) diff --git a/dojo/authorization/roles_permissions.py b/dojo/authorization/roles_permissions.py index 779463258ff..530008a2f7a 100644 --- a/dojo/authorization/roles_permissions.py +++ b/dojo/authorization/roles_permissions.py @@ -517,9 +517,7 @@ def get_roles_with_permissions(): def get_global_roles_with_permissions(): - """ - Extra permissions for global roles, on top of the permissions granted to the "normal" roles above. - """ + """Extra permissions for global roles, on top of the permissions granted to the "normal" roles above.""" return { Roles.Maintainer: {Permissions.Product_Type_Add}, Roles.Owner: {Permissions.Product_Type_Add}, diff --git a/dojo/engagement/views.py b/dojo/engagement/views.py index d9d3cef0340..a1596564df3 100644 --- a/dojo/engagement/views.py +++ b/dojo/engagement/views.py @@ -693,9 +693,7 @@ def add_tests(request, eid): class ImportScanResultsView(View): def get_template(self) -> str: - """ - Returns the template that will be presented to the user - """ + """Returns the template that will be presented to the user""" return "dojo/import_scan_results.html" def get_development_environment( @@ -715,9 +713,7 @@ def get_engagement_or_product( engagement_id: Optional[int] = None, product_id: Optional[int] = None, ) -> Tuple[Engagement, Product, Product | Engagement]: - """ - Using the path parameters, either fetch the product or engagement - """ + """Using the path parameters, either fetch the product or engagement""" engagement = product = engagement_or_product = None # Get the product if supplied # Get the engagement if supplied @@ -740,9 +736,7 @@ def get_form( request: HttpRequest, **kwargs: dict, ) -> ImportScanForm: - """ - Returns the default import form for importing findings - """ + """Returns the default import form for importing findings""" if request.method == "POST": return ImportScanForm(request.POST, request.FILES, **kwargs) return ImportScanForm(**kwargs) @@ -776,9 +770,7 @@ def get_jira_form( request: HttpRequest, engagement_or_product: Engagement | Product, ) -> Tuple[JIRAImportScanForm | None, bool]: - """ - Returns a JiraImportScanForm if jira is enabled - """ + """Returns a JiraImportScanForm if jira is enabled""" jira_form = None push_all_jira_issues = False # Determine if jira issues should be pushed automatically @@ -919,18 +911,14 @@ def get_importer( self, context: dict, ) -> BaseImporter: - """ - Gets the importer to use - """ + """Gets the importer to use""" return DefaultImporter(**context) def import_findings( self, context: dict, ) -> str | None: - """ - Attempt to import with all the supplied information - """ + """Attempt to import with all the supplied information""" try: importer_client = self.get_importer(context) context["test"], _, finding_count, closed_finding_count, _, _, _ = importer_client.process_scan( @@ -952,9 +940,7 @@ def process_form( form: ImportScanForm, context: dict, ) -> str | None: - """ - Process the form and manipulate the input in any way that is appropriate - """ + """Process the form and manipulate the input in any way that is appropriate""" # Update the running context dict with cleaned form input context.update({ "scan": request.FILES.get("file", None), @@ -1024,9 +1010,7 @@ def process_credentials_form( form: CredMappingForm, context: dict, ) -> str | None: - """ - Process the credentials form by creating - """ + """Process the credentials form by creating""" if cred_user := form.cleaned_data["cred_user"]: # Select the credential mapping object from the selected list and only allow if the credential is associated with the product cred_user = Cred_Mapping.objects.filter( @@ -1046,18 +1030,14 @@ def success_redirect( self, context: dict, ) -> HttpResponseRedirect: - """ - Redirect the user to a place that indicates a successful import - """ + """Redirect the user to a place that indicates a successful import""" return HttpResponseRedirect(reverse("view_test", args=(context.get("test").id, ))) def failure_redirect( self, context: dict, ) -> HttpResponseRedirect: - """ - Redirect the user to a place that indicates a failed import - """ + """Redirect the user to a place that indicates a failed import""" return HttpResponseRedirect(reverse( "import_scan_results", args=(context.get("engagement", context.get("product")).id, ), @@ -1069,9 +1049,7 @@ def get( engagement_id: Optional[int] = None, product_id: Optional[int] = None, ) -> HttpResponse: - """ - Process GET requests for the Import View - """ + """Process GET requests for the Import View""" # process the request and path parameters request, context = self.handle_request( request, @@ -1087,9 +1065,7 @@ def post( engagement_id: Optional[int] = None, product_id: Optional[int] = None, ) -> HttpResponse: - """ - Process POST requests for the Import View - """ + """Process POST requests for the Import View""" # process the request and path parameters request, context = self.handle_request( request, diff --git a/dojo/finding/helper.py b/dojo/finding/helper.py index d52857f2291..1182cb26d68 100644 --- a/dojo/finding/helper.py +++ b/dojo/finding/helper.py @@ -566,7 +566,7 @@ def engagement_post_delete(sender, instance, **kwargs): def fix_loop_duplicates(): - """ Due to bugs in the past and even currently when under high parallel load, there can be transitive duplicates. """ + """Due to bugs in the past and even currently when under high parallel load, there can be transitive duplicates.""" """ i.e. A -> B -> C. This can lead to problems when deleting findingns, performing deduplication, etc """ candidates = Finding.objects.filter(duplicate_finding__isnull=False, original_finding__isnull=False).order_by("-id") diff --git a/dojo/forms.py b/dojo/forms.py index cdff2b53d52..06a514b30c1 100644 --- a/dojo/forms.py +++ b/dojo/forms.py @@ -140,6 +140,7 @@ def render(self, name, *args, **kwargs): class MonthYearWidget(Widget): + """ A Widget that splits date input into two