From 02eb02a14056bd9ffea6e1fa454239364a490cb4 Mon Sep 17 00:00:00 2001 From: Michael Howitz Date: Thu, 2 Feb 2017 19:57:27 +0100 Subject: [PATCH] Flake8 the code + enable it in the tests. --- .travis.yml | 6 +++--- setup.cfg | 5 +++++ src/RestrictedPython/Eval.py | 2 +- src/RestrictedPython/Guards.py | 9 +++++++- src/RestrictedPython/Limits.py | 6 ++++++ src/RestrictedPython/RCompile.py | 8 +++---- src/RestrictedPython/RestrictionMutator.py | 1 + src/RestrictedPython/Utilities.py | 7 +++++- src/RestrictedPython/__init__.py | 10 ++++----- src/RestrictedPython/compile.py | 14 +++++++----- src/RestrictedPython/transformer.py | 25 ++++++++++++++-------- tox.ini | 2 +- 12 files changed, 65 insertions(+), 30 deletions(-) diff --git a/.travis.yml b/.travis.yml index 6b59d3e..f36f24e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -8,13 +8,13 @@ python: - pypy-5.4 env: - ENVIRON=py - - ENVIRON=isort + - ENVIRON=isort,flake8 matrix: exclude: - - env: ENVIRON=isort + - env: ENVIRON=isort,flake8 include: - python: "3.6" - env: ENVIRON=isort + env: ENVIRON=isort,flake8 install: - pip install tox coveralls coverage script: diff --git a/setup.cfg b/setup.cfg index 8802da3..f1d5016 100644 --- a/setup.cfg +++ b/setup.cfg @@ -20,3 +20,8 @@ force_single_line = True lines_after_imports = 2 line_length = 200 not_skip = __init__.py + +[flake8] +exclude = src/RestrictedPython/tests, + src/RestrictedPython/__init__.py, + src/RestrictedPython/SelectCompiler.py, diff --git a/src/RestrictedPython/Eval.py b/src/RestrictedPython/Eval.py index 502d106..5051a6d 100644 --- a/src/RestrictedPython/Eval.py +++ b/src/RestrictedPython/Eval.py @@ -13,7 +13,6 @@ """Restricted Python Expressions.""" from RestrictedPython.RCompile import compile_restricted_eval -#from RestrictedPython.compile import compile_restricted_eval from string import strip from string import translate @@ -29,6 +28,7 @@ def default_guarded_getitem(ob, index): # No restrictions. return ob[index] + PROFILE = 0 diff --git a/src/RestrictedPython/Guards.py b/src/RestrictedPython/Guards.py index 9032a86..245dcb0 100644 --- a/src/RestrictedPython/Guards.py +++ b/src/RestrictedPython/Guards.py @@ -229,7 +229,8 @@ def __init__(self, ob): def _full_write_guard(): # Nested scope abuse! # safetype and Wrapper variables are used by guard() - safetype = {dict: True, list: True}.has_key if IS_PY2 else {dict: True, list: True}.keys + safetype = ({dict: True, list: True}.has_key if IS_PY2 else + {dict: True, list: True}.keys) Wrapper = _write_wrapper() def guard(ob): @@ -240,16 +241,22 @@ def guard(ob): # Hand the object to the Wrapper instance, then return the instance. return Wrapper(ob) return guard + + full_write_guard = _full_write_guard() def guarded_setattr(object, name, value): setattr(full_write_guard(object), name, value) + + safe_builtins['setattr'] = guarded_setattr def guarded_delattr(object, name): delattr(full_write_guard(object), name) + + safe_builtins['delattr'] = guarded_delattr diff --git a/src/RestrictedPython/Limits.py b/src/RestrictedPython/Limits.py index 1176421..2b984ea 100644 --- a/src/RestrictedPython/Limits.py +++ b/src/RestrictedPython/Limits.py @@ -33,6 +33,8 @@ def _limited_range(iFirst, *args): if iLen >= RANGELIMIT: raise ValueError('range() too large') return range(iStart, iEnd, iStep) + + limited_builtins['range'] = _limited_range @@ -40,6 +42,8 @@ def _limited_list(seq): if isinstance(seq, str): raise TypeError('cannot convert string to list') return list(seq) + + limited_builtins['list'] = _limited_list @@ -47,4 +51,6 @@ def _limited_tuple(seq): if isinstance(seq, str): raise TypeError('cannot convert string to tuple') return tuple(seq) + + limited_builtins['tuple'] = _limited_tuple diff --git a/src/RestrictedPython/RCompile.py b/src/RestrictedPython/RCompile.py index d046076..c17d7d3 100644 --- a/src/RestrictedPython/RCompile.py +++ b/src/RestrictedPython/RCompile.py @@ -22,7 +22,7 @@ from compiler.pycodegen import AbstractCompileMode from compiler.pycodegen import Expression from compiler.pycodegen import findOp -from compiler.pycodegen import FunctionCodeGenerator +from compiler.pycodegen import FunctionCodeGenerator # noqa from compiler.pycodegen import Interactive from compiler.pycodegen import Module from compiler.pycodegen import ModuleCodeGenerator @@ -259,13 +259,13 @@ def parse(self): if len(f.code.nodes) > 0: stmt1 = f.code.nodes[0] if (isinstance(stmt1, c_ast.Discard) and - isinstance(stmt1.expr, c_ast.Const) and - isinstance(stmt1.expr.value, str)): + isinstance(stmt1.expr, c_ast.Const) and + isinstance(stmt1.expr.value, str)): f.doc = stmt1.expr.value # The caller may specify that certain variables are globals # so that they can be referenced before a local assignment. # The only known example is the variables context, container, # script, traverse_subpath in PythonScripts. if self.globals: - f.code.nodes.insert(0, ast.Global(self.globals)) + f.code.nodes.insert(0, c_ast.Global(self.globals)) return tree diff --git a/src/RestrictedPython/RestrictionMutator.py b/src/RestrictedPython/RestrictionMutator.py index 41f50fe..3c22f90 100644 --- a/src/RestrictedPython/RestrictionMutator.py +++ b/src/RestrictedPython/RestrictionMutator.py @@ -42,6 +42,7 @@ def stmtNode(txt): rmLineno(node) return node + # The security checks are performed by a set of six functions that # must be provided by the restricted environment. diff --git a/src/RestrictedPython/Utilities.py b/src/RestrictedPython/Utilities.py index dcd5f18..4bb8f48 100644 --- a/src/RestrictedPython/Utilities.py +++ b/src/RestrictedPython/Utilities.py @@ -14,7 +14,6 @@ import math import random import string -import warnings # _old_filters = warnings.filters[:] @@ -50,6 +49,8 @@ def same_type(arg1, *args): if getattr(arg, '__class__', type(arg)) is not t: return 0 return 1 + + utility_builtins['same_type'] = same_type @@ -61,6 +62,8 @@ def test(*args): if length % 2: return args[-1] + + utility_builtins['test'] = test @@ -98,4 +101,6 @@ def reorder(s, with_=None, without=()): del orig[key] return result + + utility_builtins['reorder'] = reorder diff --git a/src/RestrictedPython/__init__.py b/src/RestrictedPython/__init__.py index 3c1c6da..8b9ef76 100644 --- a/src/RestrictedPython/__init__.py +++ b/src/RestrictedPython/__init__.py @@ -13,10 +13,10 @@ """RestrictedPython package.""" # Old API --> Old Import Locations -#from RestrictedPython.RCompile import compile_restricted -#from RestrictedPython.RCompile import compile_restricted_eval -#from RestrictedPython.RCompile import compile_restricted_exec -#from RestrictedPython.RCompile import compile_restricted_function +# from RestrictedPython.RCompile import compile_restricted +# from RestrictedPython.RCompile import compile_restricted_eval +# from RestrictedPython.RCompile import compile_restricted_exec +# from RestrictedPython.RCompile import compile_restricted_function # new API Style from RestrictedPython.compile import compile_restricted @@ -31,4 +31,4 @@ from RestrictedPython.Utilities import utility_builtins -#from RestrictedPython.Eval import RestrictionCapableEval +# from RestrictedPython.Eval import RestrictionCapableEval diff --git a/src/RestrictedPython/compile.py b/src/RestrictedPython/compile.py index 7f0d674..5e6fdf2 100644 --- a/src/RestrictedPython/compile.py +++ b/src/RestrictedPython/compile.py @@ -6,6 +6,8 @@ CompileResult = namedtuple( 'CompileResult', 'code, errors, warnings, used_names') +syntax_error_template = ( + 'Line {lineno}: {type}: {msg} in on statement: {statement}') def _compile_restricted_mode( @@ -30,7 +32,7 @@ def _compile_restricted_mode( except (TypeError, ValueError) as e: errors.append(str(e)) except SyntaxError as v: - errors.append('Line {lineno}: {type}: {msg} in on statement: {statement}'.format( + errors.append(syntax_error_template.format( lineno=v.lineno, type=v.__class__.__name__, msg=v.msg, @@ -40,8 +42,8 @@ def _compile_restricted_mode( policy(errors, warnings, used_names).visit(c_ast) if not errors: byte_code = compile(c_ast, filename, mode=mode # , - #flags=flags, - #dont_inherit=dont_inherit + # flags=flags, + # dont_inherit=dont_inherit ) return CompileResult(byte_code, tuple(errors), warnings, used_names) @@ -52,6 +54,7 @@ def compile_restricted_exec( flags=0, dont_inherit=0, policy=RestrictingNodeTransformer): + """Compile restricted for the mode `exec`.""" return _compile_restricted_mode( source, filename=filename, @@ -67,7 +70,7 @@ def compile_restricted_eval( flags=0, dont_inherit=0, policy=RestrictingNodeTransformer): - + """Compile restricted for the mode `eval`.""" return _compile_restricted_mode( source, filename=filename, @@ -83,6 +86,7 @@ def compile_restricted_single( flags=0, dont_inherit=0, policy=RestrictingNodeTransformer): + """Compile restricted for the mode `single`.""" return _compile_restricted_mode( source, filename=filename, @@ -98,7 +102,7 @@ def compile_restricted_function( flags=0, dont_inherit=0, policy=RestrictingNodeTransformer): - """Compiles a restricted code object for a function. + """Compile a restricted code object for a function. The function can be reconstituted using the 'new' module: diff --git a/src/RestrictedPython/transformer.py b/src/RestrictedPython/transformer.py index 5ea4447..895dbc1 100644 --- a/src/RestrictedPython/transformer.py +++ b/src/RestrictedPython/transformer.py @@ -107,17 +107,20 @@ def gen_tmp_name(self): def error(self, node, info): """Record a security error discovered during transformation.""" lineno = getattr(node, 'lineno', None) - self.errors.append('Line {lineno}: {info}'.format(lineno=lineno, info=info)) + self.errors.append( + 'Line {lineno}: {info}'.format(lineno=lineno, info=info)) def warn(self, node, info): """Record a security error discovered during transformation.""" lineno = getattr(node, 'lineno', None) - self.warnings.append('Line {lineno}: {info}'.format(lineno=lineno, info=info)) + self.warnings.append( + 'Line {lineno}: {info}'.format(lineno=lineno, info=info)) def use_name(self, node, info): """Record a security error discovered during transformation.""" lineno = getattr(node, 'lineno', None) - self.used_names.append('Line {lineno}: {info}'.format(lineno=lineno, info=info)) + self.used_names.append( + 'Line {lineno}: {info}'.format(lineno=lineno, info=info)) def guard_iter(self, node): """ @@ -161,7 +164,8 @@ def gen_unpack_spec(self, tpl): This spec is used to protect sequence unpacking. The primary goal of this spec is to tell which elements in a sequence - are sequences again. These 'child' sequences have to be protected again. + are sequences again. These 'child' sequences have to be protected + again. For example there is a sequence like this: (a, (b, c), (d, (e, f))) = g @@ -307,14 +311,15 @@ def gen_none_node(self): def gen_lambda(self, args, body): return ast.Lambda( - args=ast.arguments(args=args, vararg=None, kwarg=None, defaults=[]), + args=ast.arguments( + args=args, vararg=None, kwarg=None, defaults=[]), body=body) def gen_del_stmt(self, name_to_del): return ast.Delete(targets=[ast.Name(name_to_del, ast.Del())]) def transform_slice(self, slice_): - """Transforms slices into function parameters. + """Transform slices into function parameters. ast.Slice nodes are only allowed within a ast.Subscript node. To use a slice as an argument of ast.Call it has to be converted. @@ -433,7 +438,8 @@ def inject_print_collector(self, node, position=0): printed_used = self.print_info.printed_used if print_used or printed_used: - # Add '_print = _print_(_getattr_)' add the top of a function/module. + # Add '_print = _print_(_getattr_)' add the top of a + # function/module. _print = ast.Assign( targets=[ast.Name('_print', ast.Store())], value=ast.Call( @@ -1281,7 +1287,7 @@ def visit_withitem(self, node): # Function and class definitions def visit_FunctionDef(self, node): - """Checks a function defintion. + """Check a function defintion. Checks the name of the function and the arguments. """ @@ -1301,7 +1307,8 @@ def visit_FunctionDef(self, node): unpacks = [] for index, arg in enumerate(list(node.args.args)): if isinstance(arg, ast.Tuple): - tmp_target, unpack = self.gen_unpack_wrapper(node, arg, 'param') + tmp_target, unpack = self.gen_unpack_wrapper( + node, arg, 'param') # Replace the tuple with a single (temporary) parameter. node.args.args[index] = tmp_target diff --git a/tox.ini b/tox.ini index 2d36958..33d4da7 100644 --- a/tox.ini +++ b/tox.ini @@ -1,5 +1,6 @@ [tox] envlist = + flake8, coverage-clean, py27, py34, @@ -8,7 +9,6 @@ envlist = pypy, coverage-report, isort, - #flake8, skip_missing_interpreters = False [testenv]