From 8cc86a5ec2327e070f1d576d61bbaadf861597ea Mon Sep 17 00:00:00 2001 From: Benjamin Bengfort Date: Sat, 11 Nov 2017 10:20:25 -0500 Subject: [PATCH] use safe load instead of load --- confire/config.py | 2 +- tests/test_conf.py | 4 ++-- tests/test_descriptors.py | 4 ++-- tests/test_environ.py | 4 ++-- tests/test_paths.py | 4 ++-- tests/test_safety.py | 40 +++++++++++++++++++++++++++++++++++++++ 6 files changed, 49 insertions(+), 9 deletions(-) create mode 100644 tests/test_safety.py diff --git a/confire/config.py b/confire/config.py index ac7a86b..5403fb2 100644 --- a/confire/config.py +++ b/confire/config.py @@ -143,7 +143,7 @@ def load(klass): for path in klass.CONF_PATHS: if os.path.exists(path): with open(path, 'r') as conf: - config.configure(yaml.load(conf)) + config.configure(yaml.safe_load(conf)) return config def configure(self, conf={}): diff --git a/tests/test_conf.py b/tests/test_conf.py index 7675afb..c0aadf5 100644 --- a/tests/test_conf.py +++ b/tests/test_conf.py @@ -1,4 +1,4 @@ -# tests.conf_tests +# tests.test_conf # Testing the configuration module for Confire # # Author: Benjamin Bengfort @@ -7,7 +7,7 @@ # Copyright (C) 2014 Bengfort.com # For license information, see LICENSE.txt # -# ID: conf_tests.py [] benjamin@bengfort.com $ +# ID: test_conf.py [] benjamin@bengfort.com $ """ Testing the configuration module for Confire diff --git a/tests/test_descriptors.py b/tests/test_descriptors.py index 14373f6..ea7db1a 100644 --- a/tests/test_descriptors.py +++ b/tests/test_descriptors.py @@ -1,4 +1,4 @@ -# tests.descriptors_tests +# tests.test_descriptors # Implements a base SettingsDescriptor for advanced configurations # # Author: Benjamin Bengfort @@ -7,7 +7,7 @@ # Copyright (C) 2015 Bengfort.com # For license information, see LICENSE.txt # -# ID: descriptors_tests.py [] benjamin@bengfort.com $ +# ID: test_descriptors.py [] benjamin@bengfort.com $ """ Implements a base SettingsDescriptor for advanced configurations diff --git a/tests/test_environ.py b/tests/test_environ.py index 31a52f2..d91762e 100644 --- a/tests/test_environ.py +++ b/tests/test_environ.py @@ -1,4 +1,4 @@ -# tests.environ_tests +# tests.test_environ # Tests the environment configuration ability # # Author: Benjamin Bengfort @@ -7,7 +7,7 @@ # Copyright (C) 2014 Bengfort.com # For license information, see LICENSE.txt # -# ID: environ_tests.py [] benjamin@bengfort.com $ +# ID: test_environ.py [] benjamin@bengfort.com $ """ Tests the environment configuration ability diff --git a/tests/test_paths.py b/tests/test_paths.py index d27999f..a0f5da4 100644 --- a/tests/test_paths.py +++ b/tests/test_paths.py @@ -1,4 +1,4 @@ -# tests.paths_tests +# tests.test_paths # Testing the paths descriptor # # Author: Benjamin Bengfort @@ -7,7 +7,7 @@ # Copyright (C) 2014 Bengfort.com # For license information, see LICENSE.txt # -# ID: paths_tests.py [] benjamin@bengfort.com $ +# ID: test_paths.py [] benjamin@bengfort.com $ """ Testing the paths descriptor diff --git a/tests/test_safety.py b/tests/test_safety.py new file mode 100644 index 0000000..05d10a4 --- /dev/null +++ b/tests/test_safety.py @@ -0,0 +1,40 @@ +# tests.test_safety +# Test that we're using safe methods +# +# Author: Benjamin Bengfort +# Created: Fri Nov 10 12:22:35 2017 -0500 +# +# Copyright (C) 2014 Bengfort.com +# For license information, see LICENSE.txt +# +# ID: test_safety.py [] benjamin@bengfort.com $ + +""" +Testing the paths descriptor +""" + +########################################################################## +## Imports +########################################################################## + +import os + +from unittest import mock + + +# Cannot import from test_conf.py to ensure correct mock +TESTDATA = os.path.join(os.path.dirname(__file__), "testdata") +TESTCONF = os.path.join(TESTDATA, "testconf.yaml") + + +@mock.patch('confire.config.yaml') +def test_use_yaml_safe_load(mock_yaml): + """ + Ensure we're using yaml.safe_load not yaml.load + """ + from confire.config import Configuration + Configuration.CONF_PATHS = [TESTCONF] + Configuration.load() + + mock_yaml.safe_load.assert_called_once() + mock_yaml.load.assert_not_called()