Python: Django test: Add simple route handler and annotations

2025-12-20 10:46:30 +01:00 · 2020-10-08 12:50:29 +02:00
parent 44b9b7f084
commit ca60132e24
8 changed files with 35 additions and 6 deletions
--- a/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/ConceptsTest.expected
+++ b/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/ConceptsTest.expected
@@ -0,0 +1,4 @@
+| testapp/urls.py:6:31:6:50 | Comment # $routeSetup="foo/" | Missing result:routeSetup="foo/" |
+| testapp/urls.py:10:43:10:67 | Comment # $routeSetup=r"^ba[rz]/" | Missing result:routeSetup=r"^ba[rz]/" |
+| testapp/views.py:3:33:3:47 | Comment # $routeHandler | Missing result:routeHandler= |
+| testapp/views.py:6:37:6:51 | Comment # $routeHandler | Missing result:routeHandler= |
--- a/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/ConceptsTest.ql
+++ b/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/ConceptsTest.ql
@@ -0,0 +1,2 @@
+import python
+import experimental.meta.ConceptsTest
--- a/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/TestTaint.expected
+++ b/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/TestTaint.expected
--- a/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/TestTaint.ql
+++ b/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/TestTaint.ql
@@ -0,0 +1,6 @@
+import experimental.dataflow.tainttracking.TestTaintLib
+import experimental.dataflow.RemoteFlowSources
+
+class RemoteFlowTestTaintConfiguration extends TestTaintTrackingConfiguration {
+  override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
+}
--- a/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/dummy_import.py
+++ b/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/dummy_import.py
@@ -1,5 +1,6 @@
-# to force extractor to see files under `testproj/` since we use `--max-import-depth=1`,
-# we use this "fake" import that doesn't actually work, but tricks the python extractor
-# to look at all the files
+# to force extractor to see files. since we use `--max-import-depth=1`, we use this
+# "fake" import that doesn't actually work, but tricks the python extractor to look at
+# all the files

 from testproj import *
+from testapp import *
--- a/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/testapp/urls.py
+++ b/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/testapp/urls.py
@@ -0,0 +1,11 @@
+from django.urls import path, re_path
+
+from . import views
+
+urlpatterns = [
+    path("foo/", views.foo),  # $routeSetup="foo/"
+    # TODO: Doesn't include standard `$` to mark end of string, due to problems with
+    # inline expectation tests (which thinks the `$` would mark the beginning of a new
+    # line)
+    re_path(r"^ba[rz]/", views.bar_baz),  # $routeSetup=r"^ba[rz]/"
+]
--- a/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/testapp/views.py
+++ b/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/testapp/views.py
@@ -1,3 +1,7 @@
-from django.shortcuts import render
+from django.http import HttpRequest, HttpResponse

-# Create your views here.
+def foo(request: HttpRequest):  # $routeHandler
+    return HttpResponse("foo")
+
+def bar_baz(request: HttpRequest):  # $routeHandler
+    return HttpResponse("bar_baz")
--- a/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/testproj/urls.py
+++ b/python/ql/test/experimental/library-tests/frameworks/django-v2-v3/testproj/urls.py
@@ -14,8 +14,9 @@ Including another URLconf
    2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
 """
 from django.contrib import admin
-from django.urls import path
+from django.urls import path, include

 urlpatterns = [
    path('admin/', admin.site.urls),
+    path("app/", include("testapp.urls")),
 ]