diff --git a/python/ql/lib/semmle/python/frameworks/Django.qll b/python/ql/lib/semmle/python/frameworks/Django.qll index 50cc35d33fe..bd84c781d5d 100644 --- a/python/ql/lib/semmle/python/frameworks/Django.qll +++ b/python/ql/lib/semmle/python/frameworks/Django.qll @@ -1337,7 +1337,13 @@ module PrivateDjango { } /** Gets a reference to the `django.http.response.HttpResponse` class or any subclass. */ - API::Node classRef() { result = baseClassRef().getASubclass*() } + API::Node classRef() { + result = baseClassRef().getASubclass*() + or + result = + ModelOutput::getATypeNode("django.http.response.HttpResponse~Subclass") + .getASubclass*() + } /** * A source of instances of `django.http.response.HttpResponse`, extend this class to model new instances. @@ -1398,7 +1404,12 @@ module PrivateDjango { } /** Gets a reference to a subclass of the `django.http.response.HttpResponseRedirect` class. */ - API::Node classRef() { result = baseClassRef().getASubclass*() } + API::Node classRef() { + result = baseClassRef().getASubclass*() or + result = + ModelOutput::getATypeNode("django.http.response.HttpResponseRedirect~Subclass") + .getASubclass*() + } /** * A source of instances of `django.http.response.HttpResponseRedirect`, extend this class to model new instances. @@ -1461,7 +1472,12 @@ module PrivateDjango { } /** Gets a reference to the `django.http.response.HttpResponsePermanentRedirect` class. */ - API::Node classRef() { result = baseClassRef().getASubclass*() } + API::Node classRef() { + result = baseClassRef().getASubclass*() or + result = + ModelOutput::getATypeNode("Django.http.response.HttpResponsePermanentRedirect~Subclass") + .getASubclass*() + } /** * A source of instances of `django.http.response.HttpResponsePermanentRedirect`, extend this class to model new instances. @@ -1525,7 +1541,12 @@ module PrivateDjango { } /** Gets a reference to the `django.http.response.HttpResponseNotModified` class. */ - API::Node classRef() { result = baseClassRef().getASubclass*() } + API::Node classRef() { + result = baseClassRef().getASubclass*() or + result = + ModelOutput::getATypeNode("django.http.response.HttpResponseNotModified~Subclass") + .getASubclass*() + } /** * A source of instances of `django.http.response.HttpResponseNotModified`, extend this class to model new instances. @@ -1577,7 +1598,12 @@ module PrivateDjango { } /** Gets a reference to the `django.http.response.HttpResponseBadRequest` class. */ - API::Node classRef() { result = baseClassRef().getASubclass*() } + API::Node classRef() { + result = baseClassRef().getASubclass*() or + result = + ModelOutput::getATypeNode("django.http.response.HttpResponseBadRequest~Subclass") + .getASubclass*() + } /** * A source of instances of `django.http.response.HttpResponseBadRequest`, extend this class to model new instances. @@ -1631,7 +1657,12 @@ module PrivateDjango { } /** Gets a reference to the `django.http.response.HttpResponseNotFound` class. */ - API::Node classRef() { result = baseClassRef().getASubclass*() } + API::Node classRef() { + result = baseClassRef().getASubclass*() or + result = + ModelOutput::getATypeNode("django.http.response.HttpResponseNotFound~Subclass") + .getASubclass*() + } /** * A source of instances of `django.http.response.HttpResponseNotFound`, extend this class to model new instances. @@ -1685,7 +1716,12 @@ module PrivateDjango { } /** Gets a reference to the `django.http.response.HttpResponseForbidden` class. */ - API::Node classRef() { result = baseClassRef().getASubclass*() } + API::Node classRef() { + result = baseClassRef().getASubclass*() or + result = + ModelOutput::getATypeNode("django.http.response.HttpResponseForbidden~Subclass") + .getASubclass*() + } /** * A source of instances of `django.http.response.HttpResponseForbidden`, extend this class to model new instances. @@ -1739,7 +1775,12 @@ module PrivateDjango { } /** Gets a reference to the `django.http.response.HttpResponseNotAllowed` class. */ - API::Node classRef() { result = baseClassRef().getASubclass*() } + API::Node classRef() { + result = baseClassRef().getASubclass*() or + result = + ModelOutput::getATypeNode("django.http.response.HttpResponseNotAllowed~Subclass") + .getASubclass*() + } /** * A source of instances of `django.http.response.HttpResponseNotAllowed`, extend this class to model new instances. @@ -1794,7 +1835,12 @@ module PrivateDjango { } /** Gets a reference to the `django.http.response.HttpResponseGone` class. */ - API::Node classRef() { result = baseClassRef().getASubclass*() } + API::Node classRef() { + result = baseClassRef().getASubclass*() or + result = + ModelOutput::getATypeNode("django.http.response.HttpResponseGone~Subclass") + .getASubclass*() + } /** * A source of instances of `django.http.response.HttpResponseGone`, extend this class to model new instances. @@ -1848,7 +1894,12 @@ module PrivateDjango { } /** Gets a reference to the `django.http.response.HttpResponseServerError` class. */ - API::Node classRef() { result = baseClassRef().getASubclass*() } + API::Node classRef() { + result = baseClassRef().getASubclass*() or + result = + ModelOutput::getATypeNode("django.http.response.HttpResponseServerError~Subclass") + .getASubclass*() + } /** * A source of instances of `django.http.response.HttpResponseServerError`, extend this class to model new instances. @@ -1902,7 +1953,12 @@ module PrivateDjango { } /** Gets a reference to the `django.http.response.JsonResponse` class. */ - API::Node classRef() { result = baseClassRef().getASubclass*() } + API::Node classRef() { + result = baseClassRef().getASubclass*() or + result = + ModelOutput::getATypeNode("django.http.response.JsonResponse~Subclass") + .getASubclass*() + } /** * A source of instances of `django.http.response.JsonResponse`, extend this class to model new instances. @@ -1959,7 +2015,12 @@ module PrivateDjango { } /** Gets a reference to the `django.http.response.StreamingHttpResponse` class. */ - API::Node classRef() { result = baseClassRef().getASubclass*() } + API::Node classRef() { + result = baseClassRef().getASubclass*() or + result = + ModelOutput::getATypeNode("django.http.response.StreamingHttpResponse~Subclass") + .getASubclass*() + } /** * A source of instances of `django.http.response.StreamingHttpResponse`, extend this class to model new instances. @@ -2013,7 +2074,12 @@ module PrivateDjango { } /** Gets a reference to the `django.http.response.FileResponse` class. */ - API::Node classRef() { result = baseClassRef().getASubclass*() } + API::Node classRef() { + result = baseClassRef().getASubclass*() or + result = + ModelOutput::getATypeNode("django.http.response.FileResponse~Subclass") + .getASubclass*() + } /** * A source of instances of `django.http.response.FileResponse`, extend this class to model new instances. diff --git a/python/ql/src/meta/ClassHierarchy/Find.ql b/python/ql/src/meta/ClassHierarchy/Find.ql index 2888bd32908..3c77926b772 100644 --- a/python/ql/src/meta/ClassHierarchy/Find.ql +++ b/python/ql/src/meta/ClassHierarchy/Find.ql @@ -99,6 +99,115 @@ class StdlibCgiFieldStorage extends FindSubclassesSpec { } } +class DjangoHttpResponse extends FindSubclassesSpec { + DjangoHttpResponse() { this = "django.http.response.HttpResponse~Subclass" } + + override API::Node getAlreadyModeledClass() { + result = PrivateDjango::DjangoImpl::DjangoHttp::Response::HttpResponse::classRef() + } +} + +class DjangoHttpResponseRedirect extends FindSubclassesSpec { + DjangoHttpResponseRedirect() { this = "django.http.response.HttpResponseRedirect~Subclass" } + + override API::Node getAlreadyModeledClass() { + result = PrivateDjango::DjangoImpl::DjangoHttp::Response::HttpResponseRedirect::classRef() + } +} + +class DjangoHttpResponsePermanentRedirect extends FindSubclassesSpec { + DjangoHttpResponsePermanentRedirect() { + this = "django.http.response.HttpResponsePermanentRedirect~Subclass" + } + + override API::Node getAlreadyModeledClass() { + result = + PrivateDjango::DjangoImpl::DjangoHttp::Response::HttpResponsePermanentRedirect::classRef() + } +} + +class DjangoHttpResponseNotModified extends FindSubclassesSpec { + DjangoHttpResponseNotModified() { this = "django.http.response.HttpResponseNotModified~Subclass" } + + override API::Node getAlreadyModeledClass() { + result = PrivateDjango::DjangoImpl::DjangoHttp::Response::HttpResponseNotModified::classRef() + } +} + +class DjangoHttpResponseBadRequest extends FindSubclassesSpec { + DjangoHttpResponseBadRequest() { this = "django.http.response.HttpResponseBadRequest~Subclass" } + + override API::Node getAlreadyModeledClass() { + result = PrivateDjango::DjangoImpl::DjangoHttp::Response::HttpResponseBadRequest::classRef() + } +} + +class DjangoHttpResponseNotFound extends FindSubclassesSpec { + DjangoHttpResponseNotFound() { this = "django.http.response.HttpResponseNotFound~Subclass" } + + override API::Node getAlreadyModeledClass() { + result = PrivateDjango::DjangoImpl::DjangoHttp::Response::HttpResponseNotFound::classRef() + } +} + +class DjangoHttpResponseForbidden extends FindSubclassesSpec { + DjangoHttpResponseForbidden() { this = "django.http.response.HttpResponseForbidden~Subclass" } + + override API::Node getAlreadyModeledClass() { + result = PrivateDjango::DjangoImpl::DjangoHttp::Response::HttpResponseForbidden::classRef() + } +} + +class DjangoHttpResponseNotAllowed extends FindSubclassesSpec { + DjangoHttpResponseNotAllowed() { this = "django.http.response.HttpResponseNotAllowed~Subclass" } + + override API::Node getAlreadyModeledClass() { + result = PrivateDjango::DjangoImpl::DjangoHttp::Response::HttpResponseNotAllowed::classRef() + } +} + +class DjangoHttpResponseGone extends FindSubclassesSpec { + DjangoHttpResponseGone() { this = "django.http.response.HttpResponseGone~Subclass" } + + override API::Node getAlreadyModeledClass() { + result = PrivateDjango::DjangoImpl::DjangoHttp::Response::HttpResponseGone::classRef() + } +} + +class DjangoHttpResponseServerError extends FindSubclassesSpec { + DjangoHttpResponseServerError() { this = "django.http.response.HttpResponseServerError~Subclass" } + + override API::Node getAlreadyModeledClass() { + result = PrivateDjango::DjangoImpl::DjangoHttp::Response::HttpResponseServerError::classRef() + } +} + +class DjangoHttpResponseJsonResponse extends FindSubclassesSpec { + DjangoHttpResponseJsonResponse() { this = "django.http.response.JsonResponse~Subclass" } + + override API::Node getAlreadyModeledClass() { + result = PrivateDjango::DjangoImpl::DjangoHttp::Response::JsonResponse::classRef() + } +} + +class DjangoHttpResponseStreamingResponse extends FindSubclassesSpec { + DjangoHttpResponseStreamingResponse() { + this = "django.http.response.StreamingHttpResponse~Subclass" + } + + override API::Node getAlreadyModeledClass() { + result = PrivateDjango::DjangoImpl::DjangoHttp::Response::StreamingHttpResponse::classRef() + } +} + +class DjangoHttpResponseFileResponse extends FindSubclassesSpec { + DjangoHttpResponseFileResponse() { this = "django.http.response.FileResponse~Subclass" } + + override API::Node getAlreadyModeledClass() { + result = PrivateDjango::DjangoImpl::DjangoHttp::Response::FileResponse::classRef() + } +} + bindingset[fullyQualified] predicate fullyQualifiedToYamlFormat(string fullyQualified, string type2, string path) { exists(int firstDot | firstDot = fullyQualified.indexOf(".", 0, 0) |