Merge pull request #4779 from RasmusWL/django-class-based-handlers

Python: Add modeling of django class based view handlers
2026-05-02 04:05:14 +02:00 · 2020-12-18 15:58:51 +01:00
parent 5106d5df53 3e6296c7b8
commit a08eb99778
9 changed files with 247 additions and 23 deletions
--- a/python/ql/test/experimental/library-tests/frameworks/django-v1/routing_test.py
+++ b/python/ql/test/experimental/library-tests/frameworks/django-v1/routing_test.py
@@ -32,7 +32,7 @@ class Foo(object):

 class ClassView(View, Foo):

-    def get(self, request, untrusted):  # $ MISSING: routeHandler routedParameter=untrusted
+    def get(self, request, untrusted):  # $ routeHandler routedParameter=untrusted
        return HttpResponse('ClassView get: {}'.format(untrusted))  # $HttpResponse


--- a/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/routing_test.py
+++ b/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/routing_test.py
@@ -32,7 +32,7 @@ class Foo(object):

 class ClassView(View, Foo):

-    def get(self, request, untrusted):  # $ MISSING: routeHandler routedParameter=untrusted
+    def get(self, request, untrusted):  # $ routeHandler routedParameter=untrusted
        return HttpResponse('ClassView get: {}'.format(untrusted))  # $HttpResponse


--- a/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/testapp/urls.py
+++ b/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/testapp/urls.py
@@ -12,4 +12,7 @@ urlpatterns = [
    # line)
    re_path(r"^ba[rz]/", views.bar_baz),  # $routeSetup="^ba[rz]/"
    url(r"^deprecated/", views.deprecated),  # $routeSetup="^deprecated/"
+
+    path("basic-view-handler/", views.MyBasicViewHandler.as_view()),  # $routeSetup="basic-view-handler/"
+    path("custom-inheritance-view-handler/", views.MyViewHandlerWithCustomInheritance.as_view()),  # $routeSetup="custom-inheritance-view-handler/"
 ]
--- a/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/testapp/views.py
+++ b/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/testapp/views.py
@@ -1,10 +1,33 @@
 from django.http import HttpRequest, HttpResponse
+from django.views import View
+from django.views.decorators.csrf import csrf_exempt
+

 def foo(request: HttpRequest):  # $routeHandler
    return HttpResponse("foo")  # $HttpResponse

+
 def bar_baz(request: HttpRequest):  # $routeHandler
    return HttpResponse("bar_baz")  # $HttpResponse

+
 def deprecated(request: HttpRequest):  # $routeHandler
    return HttpResponse("deprecated")  # $HttpResponse
+
+
+class MyBasicViewHandler(View):
+    def get(self, request: HttpRequest): # $ routeHandler
+        return HttpResponse("MyViewHandler: GET") # $ HttpResponse
+
+    def post(self, request: HttpRequest): # $ routeHandler
+        return HttpResponse("MyViewHandler: POST") # $ HttpResponse
+
+
+class MyCustomViewBaseClass(View):
+    def post(self, request: HttpRequest): # $ MISSING: routeHandler
+        return HttpResponse("MyCustomViewBaseClass: POST") # $ HttpResponse
+
+
+class MyViewHandlerWithCustomInheritance(MyCustomViewBaseClass):
+    def get(self, request: HttpRequest): # $ routeHandler
+        return HttpResponse("MyViewHandlerWithCustomInheritance: GET") # $ HttpResponse
--- a/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/testproj/settings.py
+++ b/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/testproj/settings.py
@@ -44,7 +44,7 @@ MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
-    'django.middleware.csrf.CsrfViewMiddleware',
+    # 'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',