rename cached forced_protection_off to should_skip_attack_scan

Author: bitterpanda63

aikido_zen/context/__init__.py

@@ -54,7 +54,7 @@ def __init__(self, context_obj=None, body=None, req=None, source=None):
         self.headers: Headers = Headers()
         self.cookies = dict()
         self.query = dict()
-        self.protection_forced_off = None
+        self.should_skip_attack_scan = None
 
         # Parse WSGI/ASGI/... request :
         self.method = self.remote_address = self.url = None
@@ -139,5 +139,5 @@ def get_route_metadata(self):
     def get_user_agent(self):
         return self.headers.get_header("USER_AGENT")
 
-    def set_force_protection_off(self, value: bool):
-        self.protection_forced_off = value
+    def set_should_skip_attack_scan(self, value: bool):
+        self.should_skip_attack_scan = value

aikido_zen/context/init_test.py

@@ -72,7 +72,7 @@ def test_wsgi_context_1():
         "outgoing_req_redirects": [],
         "executed_middleware": False,
         "route_params": [],
-        "protection_forced_off": None,
+        "should_skip_attack_scan": None,
     }
     assert context.get_user_agent() is None
 
@@ -104,7 +104,7 @@ def test_wsgi_context_2():
         "outgoing_req_redirects": [],
         "executed_middleware": False,
         "route_params": [],
-        "protection_forced_off": None,
+        "should_skip_attack_scan": None,
     }
     assert context.get_user_agent() == "Mozilla/5.0"
 
@@ -288,11 +288,11 @@ def test_set_valid_json_with_special_characters_bytes():
     assert context.body == {"key": "value with special characters !@#$%^&*()"}
 
 
-def test_set_protection_forced_off():
+def test_set_should_skip_attack_scan():
     context = Context(req=basic_wsgi_req, body=None, source="flask")
-    context.set_force_protection_off(True)
-    assert context.protection_forced_off is True
-    context.set_force_protection_off(False)
-    assert context.protection_forced_off is False
-    context.set_force_protection_off(None)
-    assert context.protection_forced_off is None
+    context.set_should_skip_attack_scan(True)
+    assert context.should_skip_attack_scan is True
+    context.set_should_skip_attack_scan(False)
+    assert context.should_skip_attack_scan is False
+    context.set_should_skip_attack_scan(None)
+    assert context.should_skip_attack_scan is None

aikido_zen/helpers/should_skip_attack_scan.py

@@ -13,10 +13,10 @@ def should_skip_attack_scan(context: Context) -> bool:
     if not context:
         return False
 
-    if context.protection_forced_off is not None:
+    if context.should_skip_attack_scan is not None:
         # Retrieving from cache, we don't want to constantly go through
         # all the endpoints for every single vulnerability check.
-        return context.protection_forced_off
+        return context.should_skip_attack_scan
 
     thread_cache = get_cache()
     if not thread_cache:

aikido_zen/sinks/tests/clickhouse_driver_test.py

@@ -17,7 +17,7 @@ def __init__(self, body):
         self.source = "express"
         self.route = "/"
         self.parsed_userinput = {}
-        self.protection_forced_off = False
+        self.should_skip_attack_scan = False
 
 
 @pytest.fixture(autouse=True)

aikido_zen/vulnerabilities/init_test.py

@@ -209,9 +209,9 @@ def test_ssrf_vulnerability_scan_protection_gets_forced_off(get_context):
     dns_results = MagicMock()
     hostname = "example.com"
     port = 80
-    assert get_context.protection_forced_off is None
+    assert get_context.should_skip_attack_scan is None
     run_vulnerability_scan(kind="ssrf", op="test", args=(dns_results, hostname, port))
-    assert get_context.protection_forced_off is False
+    assert get_context.should_skip_attack_scan is False
 
 
 def test_sql_injection_with_protection_forced_off(caplog, get_context, monkeypatch):
@@ -227,7 +227,7 @@ def test_sql_injection_with_protection_forced_off(caplog, get_context, monkeypat
                 op="test_op",
                 args=("INSERT * INTO VALUES ('doggoss2', TRUE);", "mysql"),
             )
-        get_context.set_force_protection_off(True)
+        get_context.set_should_skip_attack_scan(True)
         run_vulnerability_scan(
             kind="sql_injection",
             op="test_op",