From e6c776714c5c02a6b55c8294e3c1a9d3bfe5d24c Mon Sep 17 00:00:00 2001 From: kiblik <5609770+kiblik@users.noreply.github.com> Date: Fri, 21 Jun 2024 23:25:03 +0200 Subject: [PATCH] Ruff: add and fix RSE (#10093) * Ruff: add and fix RSE * Ruff: Fix RSE --- dojo/api_v2/views.py | 2 +- dojo/authorization/authorization.py | 6 +++--- dojo/decorators.py | 2 +- dojo/engagement/views.py | 8 ++++---- dojo/finding/views.py | 12 ++++++------ dojo/metrics/views.py | 2 +- dojo/notifications/views.py | 2 +- dojo/product/views.py | 6 +++--- dojo/reports/views.py | 10 +++++----- dojo/risk_acceptance/helper.py | 2 +- dojo/survey/views.py | 8 ++++---- dojo/test/views.py | 2 +- dojo/views.py | 8 ++++---- ruff.toml | 1 + 14 files changed, 36 insertions(+), 35 deletions(-) diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py index 588f5bb1cef..cbc61ff2125 100644 --- a/dojo/api_v2/views.py +++ b/dojo/api_v2/views.py @@ -2964,7 +2964,7 @@ def report_generate(request, obj, options): report_name = "Finding" else: - raise Http404() + raise Http404 result = { "product_type": product_type, diff --git a/dojo/authorization/authorization.py b/dojo/authorization/authorization.py index 28885137156..8538101cf52 100644 --- a/dojo/authorization/authorization.py +++ b/dojo/authorization/authorization.py @@ -243,17 +243,17 @@ def user_has_global_permission(user, permission): def user_has_configuration_permission_or_403(user, permission): if not user_has_configuration_permission(user, permission): - raise PermissionDenied() + raise PermissionDenied def user_has_permission_or_403(user, obj, permission): if not user_has_permission(user, obj, permission): - raise PermissionDenied() + raise PermissionDenied def user_has_global_permission_or_403(user, permission): if not user_has_global_permission(user, permission): - raise PermissionDenied() + raise PermissionDenied def get_roles_for_permission(permission): diff --git a/dojo/decorators.py b/dojo/decorators.py index 664989f8ffc..c919a2995bc 100644 --- a/dojo/decorators.py +++ b/dojo/decorators.py @@ -182,7 +182,7 @@ def _wrapped(request, *args, **kw): dojo_user = Dojo_User.objects.filter(username=username).first() if dojo_user: Dojo_User.enable_force_password_reset(dojo_user) - raise Ratelimited() + raise Ratelimited return fn(request, *args, **kw) return _wrapped return decorator diff --git a/dojo/engagement/views.py b/dojo/engagement/views.py index b2fc5bff906..f0c542e2d96 100644 --- a/dojo/engagement/views.py +++ b/dojo/engagement/views.py @@ -114,7 +114,7 @@ def engagement_calendar(request): if not get_system_setting('enable_calendar'): - raise Resolver404() + raise Resolver404 if 'lead' not in request.GET or '0' in request.GET.getlist('lead'): engagements = get_authorized_engagements(Permissions.Engagement_View) @@ -1205,7 +1205,7 @@ def add_risk_acceptance(request, eid, fid=None): finding = get_object_or_404(Finding, id=fid) if not eng.product.enable_full_risk_acceptance: - raise PermissionDenied() + raise PermissionDenied if request.method == 'POST': form = RiskAcceptanceForm(request.POST, request.FILES) @@ -1283,7 +1283,7 @@ def view_edit_risk_acceptance(request, eid, raid, edit_mode=False): eng = get_object_or_404(Engagement, pk=eid) if edit_mode and not eng.product.enable_full_risk_acceptance: - raise PermissionDenied() + raise PermissionDenied risk_acceptance_form = None errors = False @@ -1455,7 +1455,7 @@ def reinstate_risk_acceptance(request, eid, raid): eng = get_object_or_404(Engagement, pk=eid) if not eng.product.enable_full_risk_acceptance: - raise PermissionDenied() + raise PermissionDenied ra_helper.reinstate(risk_acceptance, risk_acceptance.expiration_date) diff --git a/dojo/finding/views.py b/dojo/finding/views.py index d54baafb40c..f7624c996ce 100644 --- a/dojo/finding/views.py +++ b/dojo/finding/views.py @@ -1212,7 +1212,7 @@ def post(self, request: HttpRequest, finding_id): # Handle the case of a successful form if success: return redirect_to_return_url_or_else(request, reverse("view_test", args=(finding.test.id,))) - raise PermissionDenied() + raise PermissionDenied @user_is_authorized(Finding, Permissions.Finding_Edit, "fid") @@ -1500,7 +1500,7 @@ def apply_template_cwe(request, fid): extra_tags="alert-danger", ) else: - raise PermissionDenied() + raise PermissionDenied @user_is_authorized(Finding, Permissions.Finding_Edit, "fid") @@ -1614,7 +1614,7 @@ def simple_risk_accept(request, fid): finding = get_object_or_404(Finding, id=fid) if not finding.test.engagement.product.enable_simple_risk_acceptance: - raise PermissionDenied() + raise PermissionDenied ra_helper.simple_risk_accept(finding) @@ -1741,7 +1741,7 @@ def clear_finding_review(request, fid): # the review or one of the users requested to provide the review, then # do not allow the user to clear the review. if user != finding.review_requested_by and user not in finding.reviewers.all(): - raise PermissionDenied() + raise PermissionDenied # in order to clear a review for a finding, we need to capture why and how it was reviewed # we can do this with a Note @@ -2058,7 +2058,7 @@ def delete_stub_finding(request, fid): extra_tags="alert-danger", ) else: - raise PermissionDenied() + raise PermissionDenied @user_is_authorized(Stub_Finding, Permissions.Finding_Edit, "fid") @@ -2442,7 +2442,7 @@ def delete_template(request, tid): extra_tags="alert-danger", ) else: - raise PermissionDenied() + raise PermissionDenied def download_finding_pic(request, token): diff --git a/dojo/metrics/views.py b/dojo/metrics/views.py index f0348f348e0..42e7bb31b9a 100644 --- a/dojo/metrics/views.py +++ b/dojo/metrics/views.py @@ -903,7 +903,7 @@ def view_engineer(request, eid): user = get_object_or_404(Dojo_User, pk=eid) if not (request.user.is_superuser or request.user.username == user.username): - raise PermissionDenied() + raise PermissionDenied now = timezone.now() findings = Finding.objects.filter(reporter=user, verified=True) diff --git a/dojo/notifications/views.py b/dojo/notifications/views.py index 10616dd1b11..f20e45224fe 100644 --- a/dojo/notifications/views.py +++ b/dojo/notifications/views.py @@ -25,7 +25,7 @@ def get_notifications(self, request: HttpRequest): def check_user_permissions(self, request: HttpRequest): if not request.user.is_superuser: - raise PermissionDenied() + raise PermissionDenied def get_form(self, request: HttpRequest, notifications: Notifications): # Set up the args for the form diff --git a/dojo/product/views.py b/dojo/product/views.py index 580bb2c6442..9a70751ae1a 100644 --- a/dojo/product/views.py +++ b/dojo/product/views.py @@ -839,7 +839,7 @@ def import_scan_results_prod(request, pid=None): def new_product(request, ptid=None): if get_authorized_product_types(Permissions.Product_Type_Add_Product).count() == 0: - raise PermissionDenied() + raise PermissionDenied jira_project_form = None error = False @@ -1822,7 +1822,7 @@ def edit_api_scan_configuration(request, pid, pascid): if product_api_scan_configuration.product.pk != int( pid): # user is trying to edit Tool Configuration from another product (trying to by-pass auth) - raise Http404() + raise Http404 if request.method == 'POST': form = Product_API_Scan_ConfigurationForm(request.POST, instance=product_api_scan_configuration) @@ -1868,7 +1868,7 @@ def delete_api_scan_configuration(request, pid, pascid): if product_api_scan_configuration.product.pk != int( pid): # user is trying to delete Tool Configuration from another product (trying to by-pass auth) - raise Http404() + raise Http404 if request.method == 'POST': form = Product_API_Scan_ConfigurationForm(request.POST) diff --git a/dojo/reports/views.py b/dojo/reports/views.py index 99d5480b775..a8102142764 100644 --- a/dojo/reports/views.py +++ b/dojo/reports/views.py @@ -115,7 +115,7 @@ def post(self, request: HttpRequest) -> HttpResponse: self._set_state(request) return render(request, self.get_template(), self.get_context()) else: - raise PermissionDenied() + raise PermissionDenied def _set_state(self, request: HttpRequest): self.request = request @@ -149,7 +149,7 @@ def get_template(self): elif self.report_format == 'HTML': return 'dojo/custom_html_report.html' else: - raise PermissionDenied() + raise PermissionDenied def get_context(self): return { @@ -360,7 +360,7 @@ def product_endpoint_report(request, pid): 'title': 'Generate Report', }) else: - raise Http404() + raise Http404 product_tab = Product_Tab(product, "Product Endpoint Report", tab="endpoints") return render(request, @@ -599,7 +599,7 @@ def generate_report(request, obj, host_view=False): 'host': report_url_resolver(request), 'user_id': request.user.id} else: - raise Http404() + raise Http404 report_form = ReportOptionsForm() @@ -655,7 +655,7 @@ def generate_report(request, obj, host_view=False): }) else: - raise Http404() + raise Http404 paged_findings = get_page_items(request, findings.qs.distinct().order_by('numerical_severity'), 25) product_tab = None diff --git a/dojo/risk_acceptance/helper.py b/dojo/risk_acceptance/helper.py index 0159517ebfe..9ceedfaab47 100644 --- a/dojo/risk_acceptance/helper.py +++ b/dojo/risk_acceptance/helper.py @@ -272,7 +272,7 @@ def prefetch_for_expiration(risk_acceptances): def simple_risk_accept(finding, perform_save=True): if not finding.test.engagement.product.enable_simple_risk_acceptance: - raise PermissionDenied() + raise PermissionDenied logger.debug('accepting finding %i:%s', finding.id, finding) finding.risk_accepted = True diff --git a/dojo/survey/views.py b/dojo/survey/views.py index 3dc704fe6e9..091d68492e1 100644 --- a/dojo/survey/views.py +++ b/dojo/survey/views.py @@ -377,7 +377,7 @@ def edit_questionnaire_questions(request, sid): survey = get_object_or_404(Engagement_Survey, id=sid) if not user_has_configuration_permission(request.user, 'dojo.add_engagement_survey') and \ not user_has_configuration_permission(request.user, 'dojo.change_engagement_survey'): - raise PermissionDenied() + raise PermissionDenied answered_surveys = Answered_Survey.objects.filter(survey=survey) reverted = False @@ -548,7 +548,7 @@ def edit_question(request, qid): elif type == 'dojo | choice question': form = EditChoiceQuestionForm(instance=question) else: - raise Http404() + raise Http404 if request.method == 'POST': if type == 'dojo | text question': @@ -556,7 +556,7 @@ def edit_question(request, qid): elif type == 'dojo | choice question': form = EditChoiceQuestionForm(request.POST, instance=question) else: - raise Http404() + raise Http404 if form.is_valid(): form.save() @@ -759,7 +759,7 @@ def answer_empty_survey(request, esid): 'You must be logged in to answer questionnaire. Otherwise, enable anonymous response in system settings.', extra_tags='alert-danger') # will render 403 - raise PermissionDenied() + raise PermissionDenied questions = [ q.get_form()( diff --git a/dojo/test/views.py b/dojo/test/views.py index bcb38514cd8..d15d518863d 100644 --- a/dojo/test/views.py +++ b/dojo/test/views.py @@ -402,7 +402,7 @@ def copy_test(request, tid): def test_calendar(request): if not get_system_setting('enable_calendar'): - raise Resolver404() + raise Resolver404 if 'lead' not in request.GET or '0' in request.GET.getlist('lead'): tests = get_authorized_tests(Permissions.Test_View) diff --git a/dojo/views.py b/dojo/views.py index 1baee23ad8f..09a0dcad73e 100644 --- a/dojo/views.py +++ b/dojo/views.py @@ -39,7 +39,7 @@ def action_history(request, cid, oid): ct = ContentType.objects.get_for_id(cid) obj = ct.get_object_for_this_type(pk=oid) except (KeyError, ObjectDoesNotExist): - raise Http404() + raise Http404 product_id = None active_tab = None @@ -136,7 +136,7 @@ def manage_files(request, oid, obj_type): user_has_permission_or_403(request.user, obj, Permissions.Finding_Edit) obj_vars = ('view_finding', 'finding_set') else: - raise Http404() + raise Http404 files_formset = ManageFileFormSet(queryset=obj.files.all()) error = False @@ -194,7 +194,7 @@ def manage_files(request, oid, obj_type): def protected_serve(request, path, document_root=None, show_indexes=False): file = FileUpload.objects.get(file=path) if not file: - raise Http404() + raise Http404 object_set = list(file.engagement_set.all()) + list(file.test_set.all()) + list(file.finding_set.all()) # Should only one item (but not sure what type) in the list, so O(n=1) for obj in object_set: @@ -218,7 +218,7 @@ def access_file(request, fid, oid, obj_type, url=False): obj = get_object_or_404(Finding, pk=oid) user_has_permission_or_403(request.user, obj, Permissions.Finding_View) else: - raise Http404() + raise Http404 # If reaching this far, user must have permission to get file file = get_object_or_404(FileUpload, pk=fid) redirect_url = f'{settings.MEDIA_ROOT}/{file.file.url.lstrip(settings.MEDIA_URL)}' diff --git a/ruff.toml b/ruff.toml index b6d1566e9f1..1349d475e92 100644 --- a/ruff.toml +++ b/ruff.toml @@ -50,6 +50,7 @@ select = [ "LOG", "INP", "SLOT", + "RSE", "PD", "PGH", "TRY003",