Fixed #442

No special characters are allowed for license_key, license_name and
license_expression

Author: chinyeungli

SPECIFICATION.rst

@@ -1,4 +1,4 @@
-ABOUT File Specification v3.1.5
+ABOUT File Specification v3.2.0
 
 
 Purpose
@@ -323,11 +323,11 @@ Optional Licensing fields
 - license_expression: The DejaCode license expression that apply to the component. You
   can separate each identifier using " or " and " and " to document the
   relationship between multiple license identifiers, such as a choice among
-  multiple licenses.
+  multiple licenses (No special characters are allowed).
 
-- license_name: The DejaCode license short name for the license.
+- license_name: The DejaCode license short name for the license (No special characters are allowed).
 
-- license_key: The DejaCode license key(s) for the component.
+- license_key: The DejaCode license key(s) for the component (No special characters are allowed).
 
 
 Optional Boolean flag fields

src/attributecode/__init__.py

@@ -33,7 +33,7 @@
 
 __version__ = '5.0.0'
 
-__about_spec_version__ = '3.1.4'
+__about_spec_version__ = '3.2.0'
 
 __copyright__ = """
 Copyright (c) 2013-2020 nexB Inc. All rights reserved. http://dejacode.org

src/attributecode/cmd.py

@@ -185,6 +185,7 @@ def inventory(location, output, format, quiet, verbose):  # NOQA
     errors, abouts = collect_inventory(location)
     write_errors = write_output(abouts=abouts, location=output, format=format)
     errors.extend(write_errors)
+    errors = unique(errors)
     errors_count = report_errors(errors, quiet, verbose, log_file_loc=output + '-error.log')
     if not quiet:
         msg = 'Inventory collected in {output}.'.format(**locals())
@@ -262,6 +263,7 @@ def gen(location, output, android, fetch_license, reference, quiet, verbose):
         fetch_license=fetch_license,
     )
 
+    errors = unique(errors)
     errors_count = report_errors(errors, quiet, verbose, log_file_loc=output + '-error.log')
     if not quiet:
         abouts_count = len(abouts)
@@ -351,7 +353,7 @@ def attrib(location, output, template, vartext, quiet, verbose):
         variables=vartext,
     )
     errors.extend(attrib_errors)
-
+    errors = unique(errors)
     errors_count = report_errors(errors, quiet, verbose, log_file_loc=output + '-error.log')
 
     if not quiet:
@@ -391,6 +393,7 @@ def check(location, verbose):
     print_version()
     click.echo('Checking ABOUT files...')
     errors, _abouts = collect_inventory(location)
+    errors = unique(errors)
     severe_errors_count = report_errors(errors, quiet=False, verbose=verbose)
     sys.exit(severe_errors_count)
 
@@ -475,6 +478,7 @@ def transform(location, output, configuration, quiet, verbose):  # NOQA
         print_version()
         click.echo('Transforming...')
 
+    errors = unique(errors)
     errors_count = report_errors(errors, quiet, verbose, log_file_loc=output + '-error.log')
     if not quiet and not errors:
         msg = 'Transformed file written to {output}.'.format(**locals())

src/attributecode/model.py

@@ -239,6 +239,15 @@ class StringField(Field):
     """
     def _validate(self, *args, **kwargs):
         errors = super(StringField, self)._validate(*args, ** kwargs)
+        no_special_char_field = ['license_expression', 'license_key', 'license_name']
+        name = self.name
+        if name in no_special_char_field:
+            val = self.value
+            special_char = detect_special_char(val)
+            if special_char:
+                msg = (u'The following character(s) cannot be in the %(name)s: '
+                       '%(special_char)r' % locals())
+                errors.append(Error(ERROR, msg))
         return errors
 
     def _serialized_value(self):
@@ -1388,7 +1397,7 @@ def pre_process_and_fetch_license_dict(abouts, api_url, api_key):
         if about.license_expression.present:
             special_char_in_expression, lic_list = parse_license_expression(about.license_expression.value)
             if special_char_in_expression:
-                msg = (u"The following character(s) cannot be in the licesne_expression: " +
+                msg = (u"The following character(s) cannot be in the license_expression: " +
                        str(special_char_in_expression))
                 errors.append(Error(ERROR, msg))
             else:
@@ -1412,20 +1421,20 @@ def pre_process_and_fetch_license_dict(abouts, api_url, api_key):
 def parse_license_expression(lic_expression):
     licensing = Licensing()
     lic_list = []
-    special_char = special_char_in_license_expresion(lic_expression)
+    special_char = detect_special_char(lic_expression)
     if not special_char:
         # Parse the license expression and save it into a list
         lic_list = licensing.license_keys(lic_expression)
     return special_char, lic_list
 
 
-def special_char_in_license_expresion(lic_expression):
+def detect_special_char(expression):
     not_support_char = [
         '!', '@', '#', '$', '%', '^', '&', '*', '=', '{', '}',
         '|', '[', ']', '\\', ':', ';', '<', '>', '?', ',', '/']
     special_character = []
     for char in not_support_char:
-        if char in lic_expression:
+        if char in expression:
             special_character.append(char)
     return special_character
 

tests/test_model.py

@@ -685,6 +685,12 @@ def test_get_field_names_does_not_return_duplicates_custom_fields(self):
         result = model.get_field_names(abouts)
         assert expected == result
 
+    def test_comma_in_license(self):
+        test_file = get_test_loc('test_model/special_char/about.ABOUT')
+        a = model.About(test_file)
+        expected = Error(ERROR,  "The following character(s) cannot be in the license_key: [',']")
+        assert a.errors[0] == expected
+
     def test_load_dict_issue_433(self):
         package_data = {
             'about_resource': 'package1.zip',

tests/testdata/test_model/special_char/about.ABOUT

@@ -0,0 +1,6 @@
+about_resource: .
+
+name: AboutCode
+version: 0.11.0
+
+license_key: mit, gpl-2.0