Python: Apply suggestions from code review

RasmusWL · yoff · web-flow · commit 46f7a2b5725e · 2021-06-11T11:28:11.000+02:00
Co-authored-by: yoff &lt;lerchedahl@gmail.com&gt;
diff --git a/python/ql/src/semmle/python/frameworks/Aiohttp.qll b/python/ql/src/semmle/python/frameworks/Aiohttp.qll
@@ -27,14 +27,14 @@ module AiohttpWebModel {
    * See https://docs.aiohttp.org/en/stable/web_reference.html#view.
    */
   module View {
-    /** Gets a reference to the `flask.views.View` class or any subclass. */
+    /** Gets a reference to the `aiohttp.web.View` class or any subclass. */
     API::Node subclassRef() {
       result = API::moduleImport("aiohttp").getMember("web").getMember("View").getASubclass*()
     }
   }
 
   // -- route modeling --
-  /** Gets a reference to a `aiohttp.web.Application` instance. */
+  /** Gets a reference to an `aiohttp.web.Application` instance. */
   API::Node applicationInstance() {
     // Not sure whether you're allowed to add routes _after_ starting the app, for
     // example in the middle of handling a http request... but I'm guessing that for 99%
@@ -43,7 +43,7 @@ module AiohttpWebModel {
     result = API::moduleImport("aiohttp").getMember("web").getMember("Application").getReturn()
   }
 
-  /** Gets a reference to a `aiohttp.web.UrlDispatcher` instance. */
+  /** Gets a reference to an `aiohttp.web.UrlDispatcher` instance. */
   API::Node urlDispathcerInstance() {
     result = API::moduleImport("aiohttp").getMember("web").getMember("UrlDispatcher").getReturn()
     or
@@ -106,9 +106,7 @@ module AiohttpWebModel {
       Function getARequestHandler() {
         this.getHandlerArg() = poorMansFunctionTracker(result)
         or
-        exists(AiohttpViewClass cls |
-          cls = this.getViewClass() and
-          result = cls.getARequestHandler()
+       result = this.getViewClass().(AiohttpViewClass).getARequestHandler()
         )
       }
     }
@@ -142,7 +140,7 @@ module AiohttpWebModel {
     }
   }
 
-  /** An aiohttp route setup that uses coroutines (async function) as request handler. */
+  /** An aiohttp route setup that uses coroutines (async function) as request handlers. */
   class AiohttpCoroutineRouteSetup extends AiohttpRouteSetup {
     AiohttpCoroutineRouteSetup() { this.getHandlerArg() = poorMansFunctionTracker(_) }
   }
@@ -187,7 +185,7 @@ module AiohttpWebModel {
     }
   }
 
-  /** A route-setup using a decorator, such as `route`, `view`, `get`, `post`, etc. on a `aiohttp.web.RouteTableDef`. */
+  /** A route-setup using a decorator, such as `route`, `view`, `get`, `post`, etc. on an `aiohttp.web.RouteTableDef`. */
   class AiohttpDecoratorRouteSetup extends AiohttpRouteSetup::Range, DataFlow::CallCfgNode {
     /** At what index route arguments starts, so we can handle "route" version together with get/post/... */
     int routeArgsStart;
@@ -232,7 +230,7 @@ module AiohttpWebModel {
     }
   }
 
-  /** A class that we consider a aiohttp.web View class. */
+  /** A class that we consider an aiohttp.web View class. */
   abstract class AiohttpViewClass extends Class, SelfRefMixin {
     /** Gets a function that could handle incoming requests, if any. */
     Function getARequestHandler() {
@@ -243,12 +241,12 @@ module AiohttpWebModel {
     }
   }
 
-  /** A class that has a super-type which is a aiohttp.web View class. */
+  /** A class that has a super-type which is an aiohttp.web View class. */
   class AiohttpViewClassFromSuperClass extends AiohttpViewClass {
     AiohttpViewClassFromSuperClass() { this.getABase() = View::subclassRef().getAUse().asExpr() }
   }
 
-  /** A class that is used in a route-setup, therefore being considered a aiohttp.web View class. */
+  /** A class that is used in a route-setup, therefore being considered an aiohttp.web View class. */
   class AiohttpViewClassFromRouteSetup extends AiohttpViewClass {
     AiohttpViewClassFromRouteSetup() { this = any(AiohttpRouteSetup rs).getViewClass() }
   }
@@ -299,7 +297,7 @@ module AiohttpWebModel {
   }
 
   /**
-   * A parameter that will receive a `aiohttp.web.Request` instance when a request
+   * A parameter that will receive an `aiohttp.web.Request` instance when a request
    * handler is invoked.
    */
   class AiohttpRequestHandlerRequestParam extends Request::InstanceSource, RemoteFlowSource::Range,
@@ -329,7 +327,7 @@ module AiohttpWebModel {
   }
 
   /**
-   * A read of the `request` attribute on an instance of a aiohttp.web View class,
+   * A read of the `request` attribute on an instance of an aiohttp.web View class,
    * which is the request being processed currently.
    */
   class AiohttpViewClassRequestAttributeRead extends Request::InstanceSource,
@@ -382,15 +380,15 @@ module AiohttpWebModel {
     }
   }
 
-  /** An attribute read on a `aiohttp.web.Request` that is a `MultiDictProxy` instance. */
+  /** An attribute read on an `aiohttp.web.Request` that is a `MultiDictProxy` instance. */
   class AiohttpRequestMultiDictProxyInstances extends Multidict::MultiDictProxy::InstanceSource {
     AiohttpRequestMultiDictProxyInstances() {
       this.(DataFlow::AttrRead).getObject() = Request::instance() and
       this.(DataFlow::AttrRead).getAttributeName() in ["query", "headers"]
     }
   }
 
-  /** An attribute read on a `aiohttp.web.Request` that is a `yarl.URL` instance. */
+  /** An attribute read on an `aiohttp.web.Request` that is a `yarl.URL` instance. */
   class AiohttpRequestYarlUrlInstances extends Yarl::Url::InstanceSource {
     AiohttpRequestYarlUrlInstances() {
       this.(DataFlow::AttrRead).getObject() = Request::instance() and

Original file line number	Diff line number	Diff line change
`@@ -27,14 +27,14 @@ module AiohttpWebModel {`
`27`	`27`	`* See https://docs.aiohttp.org/en/stable/web_reference.html#view.`
`28`	`28`	`*/`
`29`	`29`	`module View {`
`30`		- /** Gets a reference to the `flask.views.View` class or any subclass. */
	`30`	+ /** Gets a reference to the `aiohttp.web.View` class or any subclass. */
`31`	`31`	`API::Node subclassRef() {`
`32`	`32`	`result = API::moduleImport("aiohttp").getMember("web").getMember("View").getASubclass*()`
`33`	`33`	`}`
`34`	`34`	`}`
`35`	`35`
`36`	`36`	`// -- route modeling --`
`37`		- /** Gets a reference to a `aiohttp.web.Application` instance. */
	`37`	+ /** Gets a reference to an `aiohttp.web.Application` instance. */
`38`	`38`	`API::Node applicationInstance() {`
`39`	`39`	`// Not sure whether you're allowed to add routes _after_ starting the app, for`
`40`	`40`	`// example in the middle of handling a http request... but I'm guessing that for 99%`
`@@ -43,7 +43,7 @@ module AiohttpWebModel {`
`43`	`43`	`result = API::moduleImport("aiohttp").getMember("web").getMember("Application").getReturn()`
`44`	`44`	`}`
`45`	`45`
`46`		- /** Gets a reference to a `aiohttp.web.UrlDispatcher` instance. */
	`46`	+ /** Gets a reference to an `aiohttp.web.UrlDispatcher` instance. */
`47`	`47`	`API::Node urlDispathcerInstance() {`
`48`	`48`	`result = API::moduleImport("aiohttp").getMember("web").getMember("UrlDispatcher").getReturn()`
`49`	`49`	`or`
`@@ -106,9 +106,7 @@ module AiohttpWebModel {`
`106`	`106`	`Function getARequestHandler() {`
`107`	`107`	`this.getHandlerArg() = poorMansFunctionTracker(result)`
`108`	`108`	`or`
`109`		`- exists(AiohttpViewClass cls \|`
`110`		`- cls = this.getViewClass() and`
`111`		`- result = cls.getARequestHandler()`
	`109`	`+ result = this.getViewClass().(AiohttpViewClass).getARequestHandler()`
`112`	`110`	`)`
`113`	`111`	`}`
`114`	`112`	`}`
`@@ -142,7 +140,7 @@ module AiohttpWebModel {`
`142`	`140`	`}`
`143`	`141`	`}`
`144`	`142`
`145`		`- /** An aiohttp route setup that uses coroutines (async function) as request handler. */`
	`143`	`+ /** An aiohttp route setup that uses coroutines (async function) as request handlers. */`
`146`	`144`	`class AiohttpCoroutineRouteSetup extends AiohttpRouteSetup {`
`147`	`145`	`AiohttpCoroutineRouteSetup() { this.getHandlerArg() = poorMansFunctionTracker(_) }`
`148`	`146`	`}`
`@@ -187,7 +185,7 @@ module AiohttpWebModel {`
`187`	`185`	`}`
`188`	`186`	`}`
`189`	`187`
`190`		- /** A route-setup using a decorator, such as `route`, `view`, `get`, `post`, etc. on a `aiohttp.web.RouteTableDef`. */
	`188`	+ /** A route-setup using a decorator, such as `route`, `view`, `get`, `post`, etc. on an `aiohttp.web.RouteTableDef`. */
`191`	`189`	`class AiohttpDecoratorRouteSetup extends AiohttpRouteSetup::Range, DataFlow::CallCfgNode {`
`192`	`190`	`/** At what index route arguments starts, so we can handle "route" version together with get/post/... */`
`193`	`191`	`int routeArgsStart;`
`@@ -232,7 +230,7 @@ module AiohttpWebModel {`
`232`	`230`	`}`
`233`	`231`	`}`
`234`	`232`
`235`		`- /** A class that we consider a aiohttp.web View class. */`
	`233`	`+ /** A class that we consider an aiohttp.web View class. */`
`236`	`234`	`abstract class AiohttpViewClass extends Class, SelfRefMixin {`
`237`	`235`	`/** Gets a function that could handle incoming requests, if any. */`
`238`	`236`	`Function getARequestHandler() {`
`@@ -243,12 +241,12 @@ module AiohttpWebModel {`
`243`	`241`	`}`
`244`	`242`	`}`
`245`	`243`
`246`		`- /** A class that has a super-type which is a aiohttp.web View class. */`
	`244`	`+ /** A class that has a super-type which is an aiohttp.web View class. */`
`247`	`245`	`class AiohttpViewClassFromSuperClass extends AiohttpViewClass {`
`248`	`246`	`AiohttpViewClassFromSuperClass() { this.getABase() = View::subclassRef().getAUse().asExpr() }`
`249`	`247`	`}`
`250`	`248`
`251`		`- /** A class that is used in a route-setup, therefore being considered a aiohttp.web View class. */`
	`249`	`+ /** A class that is used in a route-setup, therefore being considered an aiohttp.web View class. */`
`252`	`250`	`class AiohttpViewClassFromRouteSetup extends AiohttpViewClass {`
`253`	`251`	`AiohttpViewClassFromRouteSetup() { this = any(AiohttpRouteSetup rs).getViewClass() }`
`254`	`252`	`}`
`@@ -299,7 +297,7 @@ module AiohttpWebModel {`
`299`	`297`	`}`
`300`	`298`
`301`	`299`	`/**`
`302`		- * A parameter that will receive a `aiohttp.web.Request` instance when a request
	`300`	+ * A parameter that will receive an `aiohttp.web.Request` instance when a request
`303`	`301`	`* handler is invoked.`
`304`	`302`	`*/`
`305`	`303`	`class AiohttpRequestHandlerRequestParam extends Request::InstanceSource, RemoteFlowSource::Range,`
`@@ -329,7 +327,7 @@ module AiohttpWebModel {`
`329`	`327`	`}`
`330`	`328`
`331`	`329`	`/**`
`332`		- * A read of the `request` attribute on an instance of a aiohttp.web View class,
	`330`	+ * A read of the `request` attribute on an instance of an aiohttp.web View class,
`333`	`331`	`* which is the request being processed currently.`
`334`	`332`	`*/`
`335`	`333`	`class AiohttpViewClassRequestAttributeRead extends Request::InstanceSource,`
`@@ -382,15 +380,15 @@ module AiohttpWebModel {`
`382`	`380`	`}`
`383`	`381`	`}`
`384`	`382`
`385`		- /** An attribute read on a `aiohttp.web.Request` that is a `MultiDictProxy` instance. */
	`383`	+ /** An attribute read on an `aiohttp.web.Request` that is a `MultiDictProxy` instance. */
`386`	`384`	`class AiohttpRequestMultiDictProxyInstances extends Multidict::MultiDictProxy::InstanceSource {`
`387`	`385`	`AiohttpRequestMultiDictProxyInstances() {`
`388`	`386`	`this.(DataFlow::AttrRead).getObject() = Request::instance() and`
`389`	`387`	`this.(DataFlow::AttrRead).getAttributeName() in ["query", "headers"]`
`390`	`388`	`}`
`391`	`389`	`}`
`392`	`390`
`393`		- /** An attribute read on a `aiohttp.web.Request` that is a `yarl.URL` instance. */
	`391`	+ /** An attribute read on an `aiohttp.web.Request` that is a `yarl.URL` instance. */
`394`	`392`	`class AiohttpRequestYarlUrlInstances extends Yarl::Url::InstanceSource {`
`395`	`393`	`AiohttpRequestYarlUrlInstances() {`
`396`	`394`	`this.(DataFlow::AttrRead).getObject() = Request::instance() and`