From 7da4594b98a0c4d5e491ca7396b8eb1323a40f5d Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Nov 14 2017 21:08:28 +0000 Subject: [PATCH 1/9] Remove useless super delegations Signed-off-by: Patrick Uiterwijk --- diff --git a/ipsilon/login/authfas.py b/ipsilon/login/authfas.py index 94b0ca7..0e1aed1 100644 --- a/ipsilon/login/authfas.py +++ b/ipsilon/login/authfas.py @@ -14,9 +14,6 @@ from fedora.client import AuthError class FAS(LoginFormBase): - def __init__(self, site, mgr, page): - super(FAS, self).__init__(site, mgr, page) - def POST(self, *args, **kwargs): username = kwargs.get("login_name") password = kwargs.get("login_password") diff --git a/ipsilon/providers/common.py b/ipsilon/providers/common.py index 7fd357e..5916560 100644 --- a/ipsilon/providers/common.py +++ b/ipsilon/providers/common.py @@ -28,23 +28,14 @@ class ProviderException(cherrypy.HTTPError, Log): class AuthenticationError(ProviderException): statuscode = 403 - def __init__(self, message, code=None): - super(AuthenticationError, self).__init__(message, code) - class InvalidRequest(ProviderException): statuscode = 400 - def __init__(self, message, code=None): - super(InvalidRequest, self).__init__(message, code) - class UnauthorizedRequest(ProviderException): statuscode = 401 - def __init__(self, message, code=None): - super(UnauthorizedRequest, self).__init__(message, code) - class ProviderBase(ConfigHelper, PluginObject): diff --git a/ipsilon/providers/saml2/provider.py b/ipsilon/providers/saml2/provider.py index 8635b00..e913af3 100644 --- a/ipsilon/providers/saml2/provider.py +++ b/ipsilon/providers/saml2/provider.py @@ -67,8 +67,7 @@ def validate_sp_metadata(metadata): class ServiceProviderConfig(ConfigHelper): - def __init__(self): - super(ServiceProviderConfig, self).__init__() + pass class ServiceProvider(ServiceProviderConfig): diff --git a/ipsilon/util/errors.py b/ipsilon/util/errors.py index 0e076fa..7339253 100644 --- a/ipsilon/util/errors.py +++ b/ipsilon/util/errors.py @@ -6,9 +6,6 @@ import cherrypy class Errors(Page): - def __init__(self, *args, **kwargs): - super(Errors, self).__init__(*args, **kwargs) - def _error_template(self, *args, **kwargs): output_page = self._template(*args, **kwargs) # for some reason cherrypy will choke if the output From 109ab4f4cf1104f99708091414059af64676ead7 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Nov 14 2017 21:08:28 +0000 Subject: [PATCH 2/9] Make PluginObject init match all its child inits Signed-off-by: Patrick Uiterwijk --- diff --git a/ipsilon/util/plugin.py b/ipsilon/util/plugin.py index 4b28f9a..2281dcd 100644 --- a/ipsilon/util/plugin.py +++ b/ipsilon/util/plugin.py @@ -117,7 +117,9 @@ class PluginInstaller(PluginLoader): class PluginObject(Log): - def __init__(self, plugins): + def __init__(self, plugins=None): + if plugins is None: + raise ValueError('Please pass all the pargs on to PluginObject') self.name = None self._config = None self._data = AdminStore() From 1425a1bf5e86092b7be843c3f5a0f71e19c84726 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Nov 14 2017 21:08:28 +0000 Subject: [PATCH 3/9] Make infosssd save_plugin_config match parent Signed-off-by: Patrick Uiterwijk --- diff --git a/ipsilon/info/infosssd.py b/ipsilon/info/infosssd.py index a23cc9a..58931cd 100644 --- a/ipsilon/info/infosssd.py +++ b/ipsilon/info/infosssd.py @@ -116,7 +116,7 @@ Info plugin that uses DBus to retrieve user data from SSSd.""" return reply - def save_plugin_config(self, *args, **kwargs): + def save_plugin_config(self, config=None): raise ValueError('Configuration cannot be modified live for SSSD') def get_config_obj(self): From d29d1c789dc265e58f834e33f8a1d23ff4f5d1da Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Nov 14 2017 21:10:17 +0000 Subject: [PATCH 4/9] Make add_constraint argument names consistent Signed-off-by: Patrick Uiterwijk --- diff --git a/ipsilon/util/data.py b/ipsilon/util/data.py index d4170b4..3454429 100644 --- a/ipsilon/util/data.py +++ b/ipsilon/util/data.py @@ -41,7 +41,7 @@ class DatabaseError(Exception): class BaseStore(Log): # Some helper functions used for upgrades - def add_constraint(self, table): + def add_constraint(self, constraint): raise NotImplementedError() def add_index(self, index): @@ -298,7 +298,7 @@ class FileStore(BaseStore): self._config.read(self._filename) return self._config - def add_constraint(self, table): + def add_constraint(self, constraint): raise NotImplementedError() def add_index(self, index): @@ -432,7 +432,7 @@ class EtcdStore(BaseStore): self.is_readonly = False - def add_constraint(self, table): + def add_constraint(self, constraint): raise NotImplementedError() def add_index(self, index): From 7f2e345b756487af8c1680b1efb68b0fb5439451 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Nov 14 2017 21:13:27 +0000 Subject: [PATCH 5/9] Rename storeAssociation argument to match parent Signed-off-by: Patrick Uiterwijk --- diff --git a/ipsilon/providers/openid/store.py b/ipsilon/providers/openid/store.py index 5ae3ea5..bba6792 100644 --- a/ipsilon/providers/openid/store.py +++ b/ipsilon/providers/openid/store.py @@ -16,15 +16,15 @@ class OpenIDStore(Store, OpenIDStoreInterface): def __init__(self, database_url): Store.__init__(self, database_url=database_url) - def storeAssociation(self, server_url, assoc): - iden = '%s-%s' % (server_url, assoc.handle) - datum = {'secret': oidutil.toBase64(assoc.secret), - 'issued': str(assoc.issued), - 'lifetime': str(assoc.lifetime), - 'assoc_type': assoc.assoc_type} + def storeAssociation(self, server_url, association): + iden = '%s-%s' % (server_url, association.handle) + datum = {'secret': oidutil.toBase64(association.secret), + 'issued': str(association.issued), + 'lifetime': str(association.lifetime), + 'assoc_type': association.assoc_type} data = {iden: datum} - self.save_unique_data('association', data, ttl=assoc.lifetime) + self.save_unique_data('association', data, ttl=association.lifetime) def getAssociation(self, server_url, handle=None): iden = '%s-%s' % (server_url, handle) From 47d070d1e82cc55fabf5b1d459e93b82d0eb121d Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Nov 14 2017 21:19:47 +0000 Subject: [PATCH 6/9] Tell pylint that op is actually callable Signed-off-by: Patrick Uiterwijk --- diff --git a/ipsilon/util/page.py b/ipsilon/util/page.py index e3580fa..dbb3037 100644 --- a/ipsilon/util/page.py +++ b/ipsilon/util/page.py @@ -88,6 +88,7 @@ class Page(Endpoint): else: op = getattr(self, 'root', None) if callable(op): + # pylint: disable=not-callable return op(*args, **kwargs).encode('utf-8') return self.default(*args, **kwargs).encode('utf-8') From 699e4271454b6b60534e92afaa2d31256f79422d Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Nov 14 2017 21:20:40 +0000 Subject: [PATCH 7/9] Tell pylint that getgrouplist is callable if it exists Signed-off-by: Patrick Uiterwijk --- diff --git a/ipsilon/info/infonss.py b/ipsilon/info/infonss.py index abc7b89..1585e97 100644 --- a/ipsilon/info/infonss.py +++ b/ipsilon/info/infonss.py @@ -34,6 +34,8 @@ Info plugin that uses the system NSS functions to retrieve user data.""" groups = set() getgrouplist = getattr(os, 'getgrouplist', None) if getgrouplist: + # On python2, None is not callable. On python3, this is a function + # pylint: disable=not-callable ids = getgrouplist(user, group) for i in ids: try: From 86b7afc790a3ffd4bcd6cacd542671d5c0011177 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Nov 14 2017 21:23:38 +0000 Subject: [PATCH 8/9] Tell pylint that we can actually assign in a dict Signed-off-by: Patrick Uiterwijk --- diff --git a/ipsilon/providers/openidc/auth.py b/ipsilon/providers/openidc/auth.py index ac94196..4817654 100644 --- a/ipsilon/providers/openidc/auth.py +++ b/ipsilon/providers/openidc/auth.py @@ -323,9 +323,15 @@ class Authorization(AuthenticateRequest): return self._respond_error(request_data, 'invalid_request', 'claims malformed: %s' % ex) + if not isinstance(request_data['claims'], dict): + return self._respond_error(request_data, + 'invalid_request', + 'claims malformed') if 'userinfo' not in request_data['claims']: + # pylint: disable=unsupported-assignment-operation request_data['claims']['userinfo'] = {} if 'id_token' not in request_data['claims']: + # pylint: disable=unsupported-assignment-operation request_data['claims']['id_token'] = {} scopes_to_claim = { From 0cadf0dec552aab96c1ef5566427a3b473e3b478 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Nov 14 2017 21:26:05 +0000 Subject: [PATCH 9/9] Use Fedora 27's pylint in containerlint Signed-off-by: Patrick Uiterwijk --- diff --git a/Makefile b/Makefile index 536361a..22030f3 100644 --- a/Makefile +++ b/Makefile @@ -173,9 +173,9 @@ containertest-fedora27: container-fedora27 @docker run -v `pwd`:/code -t --rm ipsilon-fedora27 @echo "Fedora 27 passed" -containertest-lint: container-centos7 +containertest-lint: container-fedora27 @echo "Starting code lint tests ..." - @docker run -v `pwd`:/code -t --rm --entrypoint /usr/bin/make ipsilon-centos7 lint pep8 + @docker run -v `pwd`:/code -t --rm --entrypoint /usr/bin/make ipsilon-fedora27 lint pep8 @echo "Code lint tests passed" containertest: containertest-lint containertest-centos6 containertest-centos7 containertest-fedora26 containertest-fedora27