Skip to content

Commit d06c65d

Browse files
Seppli11Seppli11
committed
SONARPY-2412 clean up flask decorator check
1 parent e759287 commit d06c65d

File tree

1 file changed

+2
-20
lines changed

1 file changed

+2
-20
lines changed

python-checks/src/main/java/org/sonar/python/checks/hotspots/UnsafeHttpMethodsCheck.java

Lines changed: 2 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,6 @@
1919
import java.util.Arrays;
2020
import java.util.HashSet;
2121
import java.util.List;
22-
import java.util.Objects;
2322
import java.util.Optional;
2423
import java.util.Set;
2524
import org.sonar.check.Rule;
@@ -31,17 +30,14 @@
3130
import org.sonar.plugins.python.api.tree.CallExpression;
3231
import org.sonar.plugins.python.api.tree.Decorator;
3332
import org.sonar.plugins.python.api.tree.Expression;
34-
import org.sonar.plugins.python.api.tree.FileInput;
3533
import org.sonar.plugins.python.api.tree.FunctionDef;
3634
import org.sonar.plugins.python.api.tree.ListLiteral;
3735
import org.sonar.plugins.python.api.tree.RegularArgument;
3836
import org.sonar.plugins.python.api.tree.StringLiteral;
3937
import org.sonar.python.semantic.FunctionSymbolImpl;
4038
import org.sonar.python.tree.FunctionDefImpl;
41-
import org.sonar.python.tree.TreeUtils;
4239

4340
import static org.sonar.plugins.python.api.tree.Tree.Kind.CALL_EXPR;
44-
import static org.sonar.plugins.python.api.tree.Tree.Kind.FILE_INPUT;
4541
import static org.sonar.plugins.python.api.tree.Tree.Kind.FUNCDEF;
4642
import static org.sonar.plugins.python.api.tree.Tree.Kind.LIST_LITERAL;
4743
import static org.sonar.plugins.python.api.tree.Tree.Kind.REGULAR_ARGUMENT;
@@ -137,27 +133,13 @@ private static Optional<CallExpression> getFlaskViewDecorator(FunctionDef functi
137133

138134
private static boolean isFlaskRouteDecorator(CallExpression callExpression) {
139135
Symbol calleeSymbol = callExpression.calleeSymbol();
140-
if (calleeSymbol == null) {
141-
return false;
142-
}
143-
return calleeSymbol.name().equals("route");
136+
return calleeSymbol != null && "flask.scaffold.Scaffold.route".equals(calleeSymbol.fullyQualifiedName());
144137
}
145138

146139
private static void checkFlaskView(CallExpression callExpression, SubscriptionContext ctx) {
147140
RegularArgument methodsArg = argumentByKeyword("methods", callExpression.arguments());
148-
if (methodsArg != null && hasBothUnsafeAndSafeHttpMethods(methodsArg) && isFlaskImported(callExpression)) {
141+
if (methodsArg != null && hasBothUnsafeAndSafeHttpMethods(methodsArg)) {
149142
ctx.addIssue(callExpression, MESSAGE);
150143
}
151144
}
152-
153-
private static boolean isFlaskImported(CallExpression callExpression) {
154-
// When SONARPY-834 will be implemented we can have a cleaner implementation
155-
// checking decorator fqn to be equal to flask.blueprints.Blueprint.route
156-
return Optional.ofNullable(TreeUtils.firstAncestorOfKind(callExpression, FILE_INPUT))
157-
.filter(fileInput -> ((FileInput) fileInput).globalVariables().stream()
158-
.map(Symbol::fullyQualifiedName)
159-
.filter(Objects::nonNull)
160-
.anyMatch(fqn -> fqn.contains("flask")))
161-
.isPresent();
162-
}
163145
}

0 commit comments

Comments
 (0)