Python: Add (only) basic $HttpResponse tag to other tests files

This seems really nice to me, but you might disagree
2026-05-04 21:25:44 +02:00 · 2020-10-22 11:57:44 +02:00
parent 8b0b87ae62
commit e38ac18e46
5 changed files with 57 additions and 77 deletions
--- a/python/ql/test/experimental/meta/ConceptsTest.qll
+++ b/python/ql/test/experimental/meta/ConceptsTest.qll
@@ -144,39 +144,49 @@ class HttpServerRouteSetupTest extends InlineExpectationsTest {
 }

 class HttpServerHttpResponseTest extends InlineExpectationsTest {
-  HttpServerHttpResponseTest() { this = "HttpServerHttpResponseTest" }
+  File file;
+
+  HttpServerHttpResponseTest() { this = "HttpServerHttpResponseTest: " + file }

  override string getARelevantTag() {
    result in ["HttpResponse", "responseBody", "contentType", "statusCode"]
  }

  override predicate hasActualResult(Location location, string element, string tag, string value) {
-    exists(HTTP::Server::HttpResponse response |
-      location = response.getLocation() and
-      element = response.toString() and
-      value = "" and
-      tag = "HttpResponse"
-    )
-    or
-    exists(HTTP::Server::HttpResponse response |
-      location = response.getLocation() and
-      element = response.toString() and
-      value = value_from_expr(response.getBody().asExpr()) and
-      tag = "responseBody"
-    )
-    or
-    exists(HTTP::Server::HttpResponse response |
-      location = response.getLocation() and
-      element = response.toString() and
-      value = response.getContentType() and
-      tag = "contentType"
-    )
-    or
-    exists(HTTP::Server::HttpResponse response |
-      location = response.getLocation() and
-      element = response.toString() and
-      value = response.getStatusCode().toString() and
-      tag = "statusCode"
+    // By adding `file` as a class field, and these two restrictions, it's possible to
+    // say that we only want to check _some_ tags for certain files. This helped make
+    // flask tests more readable since adding full annotations for HttpResponses in the
+    // the tests for routing setup is both annoying and not very useful.
+    location.getFile() = file and
+    tag = getARelevantTag() and
+    (
+      exists(HTTP::Server::HttpResponse response |
+        location = response.getLocation() and
+        element = response.toString() and
+        value = "" and
+        tag = "HttpResponse"
+      )
+      or
+      exists(HTTP::Server::HttpResponse response |
+        location = response.getLocation() and
+        element = response.toString() and
+        value = value_from_expr(response.getBody().asExpr()) and
+        tag = "responseBody"
+      )
+      or
+      exists(HTTP::Server::HttpResponse response |
+        location = response.getLocation() and
+        element = response.toString() and
+        value = response.getContentType() and
+        tag = "contentType"
+      )
+      or
+      exists(HTTP::Server::HttpResponse response |
+        location = response.getLocation() and
+        element = response.toString() and
+        value = response.getStatusCode().toString() and
+        tag = "statusCode"
+      )
    )
  }
 }