darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-06 03:13:42 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix static-scan findings

Browse Source
This commit is contained in:
Ryan Ahearn
2022-08-26 16:04:30 +00:00
parent 8b6210eedb
commit a2913f8b9c
6 changed files with 25 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/asset_fingerprinter.py
View File

@@ -37,7 +37,7 @@ class AssetFingerprinter(object):
return self._cache[asset_path]
def get_asset_fingerprint(self, asset_file_path):
return hashlib.md5(
return hashlib.md5( # nosec B324 - hash value is not verified, so md5 is fine
self.get_asset_file_contents(asset_file_path)
).hexdigest()

13
app/broadcast_areas/create-broadcast-areas-db.py
View File

@@ -1,10 +1,10 @@
#!/usr/bin/env python
import csv
import pickle
import sys
from math import isclose
from pathlib import Path
from pickle import dumps # nosec B403
import geojson
from notifications_utils.formatters import formatted_list
@@ -104,8 +104,10 @@ def clean_up_invalid_polygons(polygons, indent=" "):
# Make sure the polygon is now valid, and that we havent
# drastically transformed the polygon by fixing it
assert fixed_polygon.is_valid
assert isclose(fixed_polygon.area, shapely_polygon.area, rel_tol=0.001)
if not fixed_polygon.is_valid:
raise RuntimeError("Fixed polygon is no longer valid")
if not isclose(fixed_polygon.area, shapely_polygon.area, rel_tol=0.001):
raise RuntimeError("Fixed polygon moved too much")
print( # noqa: T201
f"{indent}Polygon {index + 1}/{len(polygons)} fixed!"
@@ -158,7 +160,8 @@ def polygons_and_simplified_polygons(feature):
# Check that the simplification process hasnt introduced bad data
for dataset in output:
for polygon in dataset:
assert Polygon(polygon).is_valid
if not Polygon(polygon).is_valid:
raise RuntimeError('Simplification process introduced bad data')
return output + [simplified.utm_crs]
@@ -360,7 +363,7 @@ def _add_electoral_wards(dataset_id):
except KeyError:
print("Skipping", ward_code, ward_name) # noqa: T201
rtree_index_path.open('wb').write(pickle.dumps(rtree_index))
rtree_index_path.open('wb').write(dumps(rtree_index))
repo.insert_broadcast_areas(areas_to_add, keep_old_polygons)

29
app/broadcast_areas/repo.py
View File

@@ -1,11 +1,11 @@
import json
import os
import pickle
import pickle # nosec B403 - loads only used with trusted input
import sqlite3
from json import dumps, loads
from pathlib import Path
rtree_index_path = Path(__file__).parent / 'rtree.pickle'
rtree_index = pickle.loads(rtree_index_path.read_bytes())
rtree_index = pickle.loads(rtree_index_path.read_bytes()) # nosec B301 - trusted input
class BroadcastAreasRepository(object):
@@ -111,7 +111,7 @@ class BroadcastAreasRepository(object):
))
if not keep_old_features:
conn.execute(features_q, (
id, json.dumps(polygons), json.dumps(simple_polygons), utm_crs
id, dumps(polygons), dumps(simple_polygons), utm_crs
))
def query(self, sql, *args):
@@ -127,13 +127,10 @@ class BroadcastAreasRepository(object):
return sorted(libraries)
def get_areas(self, area_ids):
q = """
SELECT id, name, count_of_phones, broadcast_area_library_id
FROM broadcast_areas
WHERE id IN ({})
""".format(",".join("?" * len(area_ids)))
q = "SELECT id, name, count_of_phones, broadcast_area_library_id FROM broadcast_areas"
where = "WHERE id IN ({})".format(",".join("?" * len(area_ids)))
results = self.query(q, *area_ids)
results = self.query(F"{q} {where}", *area_ids)
areas = [
(row[0], row[1], row[2], row[3])
@@ -147,13 +144,13 @@ class BroadcastAreasRepository(object):
SELECT broadcast_areas.id, name, count_of_phones, broadcast_area_library_id, simple_polygons, utm_crs
FROM broadcast_areas
JOIN broadcast_area_polygons on broadcast_area_polygons.id = broadcast_areas.id
WHERE broadcast_areas.id IN ({})
""".format(",".join("?" * len(area_ids)))
"""
where = "WHERE broadcast_areas.id IN ({})".format(",".join("?" * len(area_ids)))
results = self.query(q, *area_ids)
results = self.query(F"{q} {where}", *area_ids)
areas = [
(row[0], row[1], row[2], row[3], json.loads(row[4]), row[5])
(row[0], row[1], row[2], row[3], loads(row[4]), row[5])
for row in results
]
@@ -239,7 +236,7 @@ class BroadcastAreasRepository(object):
results = self.query(q, area_id)
return json.loads(results[0][0]), results[0][1]
return loads(results[0][0]), results[0][1]
def get_simple_polygons_for_area(self, area_id):
q = """
@@ -250,4 +247,4 @@ class BroadcastAreasRepository(object):
results = self.query(q, area_id)
return json.loads(results[0][0]), results[0][1]
return loads(results[0][0]), results[0][1]

2
app/config.py
View File

@@ -120,7 +120,7 @@ class Development(Config):
# check for local compose orchestration variable
API_HOST_NAME = os.environ.get('DEV_API_HOST_NAME', 'http://dev:6011')
DANGEROUS_SALT = 'dev-notify-salt'
SECRET_KEY = 'dev-notify-secret-key'
SECRET_KEY = 'dev-notify-secret-key' # nosec B105 - only used in development
ANTIVIRUS_API_HOST = 'http://localhost:6016'
ANTIVIRUS_API_KEY = 'test-key'
ANTIVIRUS_ENABLED = os.environ.get('ANTIVIRUS_ENABLED') == '1'

2
app/main/views/api_keys.py
View File

@@ -25,7 +25,7 @@ from app.notify_client.api_key_api_client import (
)
from app.utils.user import user_has_permissions
dummy_bearer_token = 'bearer_token_set'
dummy_bearer_token = 'bearer_token_set' # nosec B105 - this is not a real token
@main.route("/services/<uuid:service_id>/api")

2
app/main/views/user_profile.py
View File

@@ -31,7 +31,7 @@ from app.utils.user import user_is_gov_user, user_is_logged_in
NEW_EMAIL = 'new-email'
NEW_MOBILE = 'new-mob'
NEW_MOBILE_PASSWORD_CONFIRMED = 'new-mob-password-confirmed'
NEW_MOBILE_PASSWORD_CONFIRMED = 'new-mob-password-confirmed' # nosec B105 - this is not a password
@main.route("/user-profile")