click-reviewers-tools-0.5/0000755000000000000000000000000012313576600012503 5ustar click-reviewers-tools-0.5/bin/0000755000000000000000000000000012310336004013240 5ustar click-reviewers-tools-0.5/bin/click-run-checks0000755000000000000000000000225512222224535016326 0ustar #!/bin/sh if [ -z "$1" ]; then echo "Please specific path to click package" exit 1 fi c="$1" if [ ! -f "$c" ]; then echo "Could not find '$c'" exit 1 fi # prefer local script for testing, otherwise use system location prefer_local() { path="$(dirname $(readlink -f "$0"))/$1" if [ -x $path ]; then "$path" "$2" || set_rc "$?" return fi "$(which $1)" "$2" || set_rc "$?" } rc="0" set_rc() { # return worst offending rc if [ "$1" = "1" ]; then if [ "$rc" != "2" ]; then rc="$1" fi elif [ "$1" = "2" ]; then rc="$1" fi } prefer_local click-show-files "$c" echo "" echo "= click-check-lint =" prefer_local click-check-lint "$c" echo "" echo "= click-check-desktop =" prefer_local click-check-desktop "$c" echo "" echo "= click-check-security =" prefer_local click-check-security "$c" echo "" echo "= click-check-functional =" prefer_local click-check-functional "$c" echo "" echo "" if [ "$rc" = "1" ]; then echo "** Warnings found **" elif [ "$rc" = "2" ]; then echo "** Errors found **" fi echo -n "$c: " if [ "$rc" = "0" ]; then echo "pass" else echo "FAIL" fi exit $rc click-reviewers-tools-0.5/bin/repack-click0000755000000000000000000000413312221320160015514 0ustar #!/usr/bin/python3 # Repack a click package by using lowlevel tools so as not to change anything # in the package (ie, don't use 'click build .' to avoid updating DEBIAN/, etc) import sys import os from clickreviews import cr_common from debian.deb822 import Deb822 import glob import shutil import tempfile def repack_click(unpack_dir, click_package): '''Repack the click package''' if not os.path.isdir(unpack_dir): cr_common.error("'%s' does not exist" % unpack_dir) if os.path.exists(click_package): cr_common.error("'%s' exists" % click_package) control_fn = os.path.join(unpack_dir, "DEBIAN/control") if not os.path.exists(control_fn): cr_common.error("Could not find '%s'" % control_fn) fh = cr_common.open_file_read(control_fn) tmp = list(Deb822.iter_paragraphs(fh.readlines())) fh.close() if len(tmp) != 1: cr_common.error("malformed control file: too many paragraphs") control = tmp[0] click_fn = "%s_%s_%s.click" % (control['Package'], control['Version'], control['Architecture']) if os.path.basename(click_package) != click_fn: cr_common.warn("'%s' should be '%s'" % (click_package, click_fn)) tmpdir = tempfile.mkdtemp(prefix='clickreview-') curdir = os.getcwd() os.chdir(tmpdir) (rc, out) = cr_common.cmd(['dpkg-deb', '-b', '--nocheck', os.path.abspath(unpack_dir), os.path.join(tmpdir, click_fn)]) os.chdir(curdir) if rc != 0: cr_common.recursive_rm(tmpdir) cr_common.error("dpkg-deb -b failed with '%d':\n%s" % (rc, out)) debfile = glob.glob("%s/*.click" % tmpdir)[0] shutil.move(debfile, os.path.abspath(click_package)) cr_common.recursive_rm(tmpdir) if __name__ == '__main__': if len(sys.argv) != 3: cr_common.error("%s " % os.path.basename(sys.argv[0])) dir = sys.argv[1] pkg = sys.argv[2] repack_click(dir, pkg) print("Successfully repacked to '%s'" % pkg) click-reviewers-tools-0.5/bin/click-check-skeleton0000755000000000000000000000207412221320160017150 0ustar #!/usr/bin/python3 '''click-check-skeleton: perform click skeleton checks''' # # Copyright (C) 2013 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import print_function import sys import clickreviews.cr_common as cr_common import clickreviews.cr_skeleton as cr_skeleton if __name__ == "__main__": if len(sys.argv) < 2: cr_common.error("Must give path to click package") review = cr_skeleton.ClickReviewSkeleton(sys.argv[1]) review.do_checks() rc = review.do_report() sys.exit(rc) click-reviewers-tools-0.5/bin/click-check-desktop0000755000000000000000000000204512222545266017014 0ustar #!/usr/bin/python3 '''click-check-desktop: perform click desktop checks''' # # Copyright (C) 2013 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import print_function import sys from clickreviews import cr_common from clickreviews import cr_desktop if __name__ == "__main__": if len(sys.argv) < 2: cr_common.error("Must give path to click package") review = cr_desktop.ClickReviewDesktop(sys.argv[1]) review.do_checks() rc = review.do_report() sys.exit(rc) click-reviewers-tools-0.5/bin/unpack-click0000755000000000000000000000052712221320160015533 0ustar #!/usr/bin/python3 import os import sys from clickreviews import cr_common if __name__ == '__main__': if len(sys.argv) != 3: cr_common.error("%s " % os.path.basename(sys.argv[0])) pkg = sys.argv[1] dir = sys.argv[2] cr_common.unpack_click(pkg, dir) print("Successfully unpacked to '%s'" % dir) click-reviewers-tools-0.5/bin/click-check-lint0000755000000000000000000000204412221320160016267 0ustar #!/usr/bin/python3 '''click-check-lint: perform click lint checks''' # # Copyright (C) 2013 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import print_function import sys import clickreviews.cr_common as cr_common import clickreviews.cr_lint as cr_lint if __name__ == "__main__": if len(sys.argv) < 2: cr_common.error("Must give path to click package") review = cr_lint.ClickReviewLint(sys.argv[1]) review.do_checks() rc = review.do_report() sys.exit(rc) click-reviewers-tools-0.5/bin/click-check-security0000755000000000000000000000207412221320160017173 0ustar #!/usr/bin/python3 '''click-check-security: perform click security checks''' # # Copyright (C) 2013 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import print_function import sys import clickreviews.cr_common as cr_common import clickreviews.cr_security as cr_security if __name__ == "__main__": if len(sys.argv) < 2: cr_common.error("Must give path to click package") review = cr_security.ClickReviewSecurity(sys.argv[1]) review.do_checks() rc = review.do_report() sys.exit(rc) click-reviewers-tools-0.5/bin/clickreviews0000777000000000000000000000000012310336004020561 2../clickreviews/ustar click-reviewers-tools-0.5/bin/click-show-files0000755000000000000000000000450212303304457016343 0ustar #!/usr/bin/python3 '''check-skeleton: perform click skeleton checks''' # # Copyright (C) 2013 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import print_function import os import sys from clickreviews import cr_common from clickreviews import cr_desktop from clickreviews import cr_lint from clickreviews import cr_security # This script just dumps important files to stdout if __name__ == "__main__": if len(sys.argv) < 2: cr_common.error("Must give path to click package") review = cr_lint.ClickReviewLint(sys.argv[1]) for i in sorted(review.control_files): fh = cr_common.open_file_read(review.control_files[i]) print("= %s =" % os.path.basename(i)) for line in fh.readlines(): print(line, end="") fh.close() print("") cr_common.cleanup_unpack() print("= hooks =") review_apparmor = cr_security.ClickReviewSecurity(sys.argv[1]) for f in sorted(review_apparmor.security_manifests): fh = cr_common.open_file_read(os.path.join(review_apparmor.unpack_dir, f)) print("== security: %s ==" % os.path.basename(f)) for line in fh.readlines(): print(line, end="") fh.close() print("") cr_common.cleanup_unpack() review_desktop = cr_desktop.ClickReviewDesktop(sys.argv[1]) for app in sorted(review_desktop.desktop_files): f = review_desktop.desktop_files[app] fh = cr_common.open_file_read(os.path.join(review_desktop.unpack_dir, f)) print("== desktop: %s ==" % os.path.basename(f)) for line in fh.readlines(): print(line, end="") fh.close() print("") cr_common.cleanup_unpack() click-reviewers-tools-0.5/bin/download-click0000755000000000000000000001005212223257376016077 0ustar #!/usr/bin/python3 '''download-click: download click apps''' # # Copyright (C) 2013 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . import urllib.request import optparse import os import shutil import simplejson import sys import time from clickreviews import cr_common top_url = "https://search.apps.ubuntu.com" def get_store_json(url): '''Download json from the store and turn it into a python obj''' req = urllib.request.Request(url) opener = urllib.request.build_opener() f = opener.open(req) obj = simplejson.load(f) return obj def download(entry, download_dir=None): '''Download a click app''' if 'resource_url' not in entry: cr_common.error("Could not find 'resource_url' in:\n%s" % entry) resource_url = top_url + entry['resource_url'] res = get_store_json(resource_url) if 'download_url' not in res: cr_common.error("Could not find 'download_url' in:\n%s" % res) download_url = res['download_url'] if download_dir is None: download_dir = os.getcwd() elif not os.path.exists(download_dir): os.mkdir(download_dir) fn = os.path.join(download_dir, download_url.split('/')[-1]) if os.path.exists(fn): cr_common.warn("'%s' already exists, skipping" % os.path.basename(fn)) return True cr_common.msg("Downloading %s" % os.path.basename(fn)) # FIXME: on 2013-10-15 this will break url = download_url + "?noauth=1" cr_common.msg("-- Downloading %s" % url) # attempt to deal with intermittent failures count = 0 max_tries = 10 result = False err_str = "" while not result and count < max_tries: try: (tmp, headers) = urllib.request.urlretrieve(url) shutil.move(tmp, fn) result = True cr_common.msg("-- Success!") except urllib.error.HTTPError as error: err_str = "-- urlretrieve() failed: %d: %s" % (error.code, error.reason) count += 1 time.sleep(5) if not result: cr_common.warn("%s (tried %d times)" % (err_str, max_tries)) return result if __name__ == "__main__": parser = optparse.OptionParser() parser.add_option("--all", help="Download all published apps", action='store_true', default=False) parser.add_option("-d", "--download-dir", dest="download_dir", help="Specifiy download directory", metavar="DIR", default=None) (opt, args) = parser.parse_args() if not opt.all and len(args) < 1: cr_common.error("%s --all|" % os.path.basename(sys.argv[0])) url = top_url + "/api/v1/search?q=" items = get_store_json(url) if not isinstance(items, list): cr_common.error("Didn't get valid result from: %s" % url) errors = False if opt.all: for entry in items: if not download(entry, opt.download_dir): errors = True else: for pkgname in args: entry = None for i in items: if i['name'] == pkgname: entry = i break if not entry: cr_common.warn("Could not find '%s', skipping" % pkgname) continue if not download(entry, opt.download_dir): errors = True if errors: cr_common.error("problem downloading") click-reviewers-tools-0.5/bin/empty-click0000755000000000000000000000301212222767323015421 0ustar #!/usr/bin/python3 import subprocess import tempfile import glob import json import sys import os def create_new_manifest(click_file): try: output = subprocess.check_output(["click", "info", click_file]) except subprocess.CalledProcessError: print >> sys.stderr, "click info %s failed." % click_file sys.exit(1) manifest = json.loads(output.decode()) manifest["version"] = manifest["version"] + "+security" return manifest def create_new_click(manifest): pwd = os.getcwd() directory = tempfile.mkdtemp() os.chdir(directory) with open("manifest.json", "w") as f: f.write(json.dumps(manifest)) subprocess.call(["click", "build", "."]) new_click_file = os.path.abspath(glob.glob("*.click")[0]) subprocess.call(["mv", new_click_file, pwd]) os.chdir(pwd) subprocess.call(["rm", "-r", directory]) return os.path.abspath(os.path.join(pwd, os.path.basename(new_click_file))) def main(): if len(sys.argv) != 2: print("Usage: %s " % sys.argv[0]) sys.exit(1) click_file = sys.argv[1] if not os.path.exists(click_file): print("%s does not exist." % click_file) sys.exit(1) manifest = create_new_manifest(click_file) path = create_new_click(manifest) print("Updated click package generated at: %s" % path) if __name__ == '__main__': try: main() except KeyboardInterrupt: print >> sys.stderr, "Aborted." sys.exit(1) click-reviewers-tools-0.5/bin/click-check-functional0000755000000000000000000000212412222224535017474 0ustar #!/usr/bin/python3 '''click-check-functional: perform functional checks on click packages''' # # Copyright (C) 2013 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import print_function import sys import clickreviews.cr_common as cr_common import clickreviews.cr_functional as cr_functional if __name__ == "__main__": if len(sys.argv) < 2: cr_common.error("Must give path to click package") review = cr_functional.ClickReviewFunctional(sys.argv[1]) review.do_checks() rc = review.do_report() sys.exit(rc) click-reviewers-tools-0.5/run-pep80000755000000000000000000000022712305663727014120 0ustar #!/bin/sh set -e echo "= pep8 =" for i in ./bin/click-check* ./clickreviews/*py ./clickreviews/tests/*py ; do echo "Checking $i" pep8 $i done click-reviewers-tools-0.5/COPYING0000644000000000000000000010451312221320160013524 0ustar GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: Copyright (C) This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see . The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read . click-reviewers-tools-0.5/setup.cfg0000644000000000000000000000005212305663727014331 0ustar # E501 line too long [pep8] ignore = E501 click-reviewers-tools-0.5/README0000644000000000000000000000414012303644570013363 0ustar Runnable tests: - bin/click-check-lint: lint tests - bin/click-check-security: security hook tests - bin/click-check-desktop: desktop hook tests - bin/click-run-checks: all tests Importable tests: - clickreviews/cr_lint.py: lint tests - clickreviews/cr_security.py: security hook tests - clickreviews/cr_desktop.py: desktop hook tests In general, add or modify tests and report by using: self._add_result(, , ) Where is one of 'info', 'warn', 'error'. is the name of the test (prefixed by _), which is set when creating a ClickReview object. After all tests are run, if there are any errors, the exit status is '2', if there are no errors but some warnings, the exit status is '1', otherwise it is '0. See click-check-skeleton and cr_skeleton.py for how to create new tests. In short: * create a click-check- and a cr_.py script based off of the skeleton. IMPORTANT: the new script must be click-check- so other tools that use click-reviewers-tools (eg, ubuntu-sdk) can find them. * modify click-check- to use cr_.py * add tests to cr_.py. If you name the tests 'check_' ClickReview.do_checks() will enumerate and run them automatically To run tests, just execute: run-tests If you are going to develop the tools regularly, you might want to add a bzr hook to run the testsuite before committing. Eg, add something like this to ~/.bazaar/plugins/hooks/__init__.py: #!/usr/bin/python from bzrlib.branch import Branch def run_tests_crt(local, master, old_revno, old_revid, new_revno, new_revid, seven, eight): #print local, master, old_revno, old_revid, new_revno, new_revid, seven, eight if 'click-reviewers-tools' in master.base: import subprocess print '' rc = subprocess.call(['./run-tests']) if rc != 0: import sys sys.exit(1) Branch.hooks.install_named_hook('pre_commit', run_tests_crt, 'click-reviewers-tools tests') click-reviewers-tools-0.5/debian/0000755000000000000000000000000012313576601013726 5ustar click-reviewers-tools-0.5/debian/docs0000644000000000000000000000000712313576600014575 0ustar README click-reviewers-tools-0.5/debian/copyright0000644000000000000000000000163412313576600015664 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: click-reviewers-tools Upstream-Contact: Ubuntu App Developers Source: https://launchpad.net/click-reviewers-tools Files: * Copyright: 2013 Canonical Ltd. License: GPL-3 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. . This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. . On Debian systems, the complete text of the GNU General Public License version 3 can be found in the /usr/share/common-licenses/GPL-3 file. click-reviewers-tools-0.5/debian/changelog0000644000000000000000000000276212313576600015606 0ustar click-reviewers-tools (0.5build1) trusty; urgency=medium * No-change rebuild to drop Python 3.3 support. -- Matthias Klose Sun, 23 Mar 2014 15:28:00 +0000 click-reviewers-tools (0.5) trusty; urgency=medium [ Jamie Strandboge ] * mock self.supported_policy_versions * support multiple frameworks on system in security tests * add/update tests for multiple frameworks in security tests -- Daniel Holbach Thu, 27 Feb 2014 15:30:51 +0100 click-reviewers-tools (0.4) trusty; urgency=medium [ Daniel Holbach ] * Check for broken icon paths in .desktop files. (LP: #1257429) * Add initial set of askubuntu answers. * Add ubuntu-html5-app-launcher to expected_execs. [ Jamie Strandboge ] * Documented and clarified the use of the scripts. * Fix crash in __del__. (LP: #1282652) * Add webapp-container tests. * Document bzr hook to run tests. -- Daniel Holbach Wed, 22 Jan 2014 17:59:26 +0100 click-reviewers-tools (0.3) trusty; urgency=medium * d/compat: bump to 9. * d/control: - bump Standards-Version, - drop X-Python-Version, we have X-Python3-Version, - programmatical -> programmatic * d/copyright: fix license mistake (GPL-3+ vs. GPL-3) -- Daniel Holbach Wed, 22 Jan 2014 17:38:47 +0100 click-reviewers-tools (0.2) trusty; urgency=low * Initial release (LP: #1230248) -- Daniel Holbach Wed, 25 Sep 2013 14:32:32 +0200 click-reviewers-tools-0.5/debian/compat0000644000000000000000000000000212313576600015123 0ustar 9 click-reviewers-tools-0.5/debian/control0000644000000000000000000000216612313576600015335 0ustar Source: click-reviewers-tools Section: devel Priority: optional Maintainer: Ubuntu Appstore Developers Build-Depends: apparmor-easyprof, apparmor-easyprof-ubuntu, debhelper (>= 9~), python3-all (>= 3.2~), python3-apt, python3-debian, python3-magic, python3-setuptools, python3-simplejson, python3-xdg Standards-Version: 3.9.5 Homepage: https://launchpad.net/click-reviewers-tools Vcs-Bzr: lp:ubuntu-dev-tools Vcs-Browser: http://bazaar.launchpad.net/~click-reviewers/click-reviewers-tools/trunk/files X-Python3-Version: >= 3.2 Package: click-reviewers-tools Architecture: all Depends: apparmor-easyprof, apparmor-easyprof-ubuntu, python3-apt, python3-debian, python3-magic, python3-simplejson, python3-xdg, ${misc:Depends}, ${python3:Depends} Description: tools to review click packages These scripts can be used to review click packages both manually and in a programmatic fashion. click-reviewers-tools-0.5/debian/rules0000755000000000000000000000233112313576600015004 0ustar #!/usr/bin/make -f # -*- makefile -*- # Uncomment this to turn on verbose mode. export DH_VERBOSE=1 %: dh $@ --with python3 --buildsystem pybuild PY3REQUESTED := $(shell py3versions -r) PY3DEFAULT := $(shell py3versions -d) # Run setup.py with the default python3 last so that the scripts use # #!/usr/bin/python3 and not #!/usr/bin/python3.X. PY3 := $(filter-out $(PY3DEFAULT),$(PY3REQUESTED)) python3 override_dh_auto_clean: dh_clean rm -rf build *.egg-info .pybuild find -name \*.pyc -print0 | xargs -0r rm -f find -name __pycache__ -print0 | xargs -0r rm -rf override_dh_auto_build: dh_auto_build set -ex; for python in $(PY3); do \ $$python setup.py build; \ done override_dh_auto_install: # setuptools likes to leave some debris around, which confuses things. find build -name \*.pyc -print0 | xargs -0r rm -f find build -name __pycache__ -print0 | xargs -0r rm -rf find build -name \*.egg-info -print0 | xargs -0r rm -rf dh_auto_install set -ex; for python in $(PY3); do \ $$python setup.py install --install-layout=deb \ --root=$(CURDIR)/debian/tmp; \ done ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) override_dh_auto_test: set -ex; for python in $(PY3); do \ $$python setup.py test; \ done endif click-reviewers-tools-0.5/run-tests0000755000000000000000000000157212222767154014407 0ustar #!/usr/bin/python3 '''run-tests: run the test suite''' # # Copyright (C) 2013 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . import unittest test_directory = 'clickreviews/tests/' test_filename = 'test_*' suite = unittest.TestLoader().discover(test_directory, pattern=test_filename) unittest.TextTestRunner(verbosity=2).run(suite) click-reviewers-tools-0.5/setup.py0000755000000000000000000000106212222767124014221 0ustar #! /usr/bin/env python3 from setuptools import setup, find_packages import glob import os import re # look/set what version we have changelog = 'debian/changelog' if os.path.exists(changelog): head = open(changelog).readline() match = re.compile('.*\((.*)\).*').match(head) if match: version = match.group(1) scripts = glob.glob('bin/click-*') scripts.remove('bin/click-check-skeleton') setup( name='click-reviewers-tools', version=version, scripts=scripts, packages=find_packages(), test_suite='clickreviews.tests', ) click-reviewers-tools-0.5/clickreviews/0000755000000000000000000000000012310336004015162 5ustar click-reviewers-tools-0.5/clickreviews/__init__.py0000644000000000000000000000000012221320160017256 0ustar click-reviewers-tools-0.5/clickreviews/cr_functional.py0000644000000000000000000001214712274753150020405 0ustar '''cr_functional.py: click functional''' # # Copyright (C) 2013-2014 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import print_function import binascii import os import re from clickreviews.cr_common import ClickReview, open_file_read # TODO: for QML apps, see if i18n.domain('%s') matches X-Ubuntu-Gettext-Domain # compiled apps can use organizationName to match X-Ubuntu-Gettext-Domain class ClickReviewFunctional(ClickReview): '''This class represents click lint reviews''' def __init__(self, fn): ClickReview.__init__(self, fn, "functional") self.qml_files = [] for i in self.pkg_files: if i.endswith(".qml"): self.qml_files.append(i) self._list_all_compiled_binaries() def check_applicationName(self): '''Check applicationName matches click manifest''' t = 'info' n = 'qml_applicationName_matches_manifest' s = "OK" l = None # find file with MainView in the QML mv = '\s*MainView\s*(\s+{)?' pat_mv = re.compile(r'\n%s' % mv) qmls = dict() for i in self.qml_files: qml = open_file_read(i).read() if pat_mv.search(qml): qmls[i] = qml # LP: #1256841 - QML apps with C++ using QSettings shouldn't # typically set applicationName in the QML for i in self.pkg_bin_files: f = open(i, 'rb') data = str(binascii.b2a_qp(f.read())) f.close() if 'QSettings' in data: s = "OK (binary uses QSettings)" self._add_result(t, n, s) return if len(self.qml_files) == 0: s = "OK (not QML)" self._add_result(t, n, s) return elif len(qmls) == 0: s = "SKIP: could not find MainView in QML files" self._add_result(t, n, s) return pat_mvl = re.compile(r'^%s' % mv) pat_appname = re.compile(r'^\s*applicationName\s*:\s*["\']') ok = False appnames = dict() for k in qmls.keys(): in_mainview = False for line in qmls[k].splitlines(): if in_mainview and pat_appname.search(line): appname = line.split(':', 1)[1].strip('"\' \t\n\r\f\v;') appnames[os.path.relpath(k, self.unpack_dir)] = appname if appname == self.click_pkgname: ok = True break elif pat_mvl.search(line): in_mainview = True if ok: break if len(appnames) == 0 or not ok: if len(self.pkg_bin_files) == 0: t = "warn" l = 'http://askubuntu.com/questions/417371/what-does-functional-qml-applicationname-matches-manifest-mean/417372' if len(appnames) == 0: s = "could not find applicationName in: %s" % \ ", ".join(list(map( lambda x: os.path.relpath(x, self.unpack_dir), qmls) )) else: # not ok s = "click manifest name '%s' not found in: " % \ self.click_pkgname + "%s" % \ ", ".join(list(map( lambda x: "%s ('%s')" % (x, appnames[x]), appnames) )) if len(self.pkg_bin_files) == 0: s += ". Application may not work properly when confined." else: s += ". May be ok (detected as compiled application)." self._add_result(t, n, s, l) def check_qtwebkit(self): '''Check that QML applications don't use QtWebKit''' t = 'info' n = 'qml_application_uses_QtWebKit' s = "OK" l = None qmls = [] pat_mv = re.compile(r'\n\s*import\s+QtWebKit') for i in self.qml_files: qml = open_file_read(i).read() if pat_mv.search(qml): qmls.append(os.path.relpath(i, self.unpack_dir)) if len(qmls) > 0: t = 'warn' s = "Found files that use unsupported QtWebKit (should use " + \ "UbuntuWebview or Oxide instead): %s" % " ,".join(qmls) l = "http://askubuntu.com/questions/417342/what-does-functional-qml-application-uses-qtwebkit-mean/417343" self._add_result(t, n, s, l) click-reviewers-tools-0.5/clickreviews/cr_tests.py0000644000000000000000000003512212305400621017366 0ustar '''cr_tests.py: common setup and tests for test modules''' # # Copyright (C) 2013-2014 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . import io import json import os import tempfile from xdg.DesktopEntry import DesktopEntry from unittest.mock import patch from unittest import TestCase from clickreviews.cr_lint import MINIMUM_CLICK_FRAMEWORK_VERSION import clickreviews.cr_common as cr_common # These should be set in the test cases TEST_CONTROL = "" TEST_MANIFEST = "" TEST_SECURITY = dict() TEST_DESKTOP = dict() TEST_WEBAPP_MANIFESTS = dict() # # Mock override functions # def _mock_func(self): '''Fake test function''' return def _extract_control_file(self): '''Pretend we read the control file''' return io.StringIO(TEST_CONTROL) def _extract_manifest_file(self): '''Pretend we read the manifest file''' return io.StringIO(TEST_MANIFEST) def _extract_security_manifest(self, app): '''Pretend we read the security manifest file''' return io.StringIO(TEST_SECURITY[app]) def _get_security_manifest(self, app): '''Pretend we read the security manifest file''' return ("%s.json" % app, json.loads(TEST_SECURITY[app])) def _get_security_supported_policy_versions(self): '''Pretend we read the contens of /usr/share/apparmor/easyprof''' return [1.0, 1.1] def _extract_desktop_entry(self, app): '''Pretend we read the desktop file''' return ("%s.desktop" % app, TEST_DESKTOP[app]) def _get_desktop_entry(self, app): '''Pretend we read the desktop file''' return TEST_DESKTOP[app] def _extract_webapp_manifests(self): '''Pretend we read the webapp manifest files''' return TEST_WEBAPP_MANIFESTS # http://docs.python.org/3.4/library/unittest.mock-examples.html # Mock patching. Don't use decorators but instead patch in setUp() of the # child. Set up a list of patches, but don't start them. Create the helper # method mock_patch() to start all the patches. The child can do this in a # setUp() like so: # import clickreviews.cr_tests as cr_tests # class TestClickReviewFoo(cr_tests.TestClickReview): # def setUp(self): # # Monkey patch various file access classes. stop() is handled with # # addCleanup in super() # cr_tests.mock_patch() # super() patches = [] patches.append(patch('clickreviews.cr_common.ClickReview._check_path_exists', _mock_func)) patches.append(patch( 'clickreviews.cr_common.ClickReview._extract_control_file', _extract_control_file)) patches.append(patch( 'clickreviews.cr_common.ClickReview._extract_manifest_file', _extract_manifest_file)) patches.append(patch('clickreviews.cr_common.unpack_click', _mock_func)) patches.append(patch('clickreviews.cr_common.ClickReview._list_all_files', _mock_func)) patches.append(patch( 'clickreviews.cr_common.ClickReview._list_all_compiled_binaries', _mock_func)) # lint overrides patches.append(patch( 'clickreviews.cr_lint.ClickReviewLint._list_control_files', _mock_func)) patches.append(patch('clickreviews.cr_lint.ClickReviewLint._list_all_files', _mock_func)) patches.append(patch( 'clickreviews.cr_lint.ClickReview._list_all_compiled_binaries', _mock_func)) # security overrides patches.append(patch( 'clickreviews.cr_security.ClickReviewSecurity._extract_security_manifest', _extract_security_manifest)) patches.append(patch( 'clickreviews.cr_security.ClickReviewSecurity._get_security_manifest', _get_security_manifest)) patches.append(patch( 'clickreviews.cr_security.ClickReviewSecurity._get_supported_policy_versions', _get_security_supported_policy_versions)) # desktop overrides patches.append(patch( 'clickreviews.cr_desktop.ClickReviewDesktop._extract_desktop_entry', _extract_desktop_entry)) patches.append(patch( 'clickreviews.cr_desktop.ClickReviewDesktop._get_desktop_entry', _get_desktop_entry)) patches.append(patch( 'clickreviews.cr_desktop.ClickReviewDesktop._extract_webapp_manifests', _extract_webapp_manifests)) def mock_patch(): '''Call in setup of child''' global patches for p in patches: try: p.start() except ImportError: # This is only needed because we are importing ClickReviewLint # in the security tests and ClickReviewSecurity in the lint tests. # If we move those patches outside of this file, then we can # remove this. pass class TestClickReview(TestCase): """Tests for the lint review tool.""" def __init__(self, *args): if not hasattr(self, 'desktop_tmpdir'): self.desktop_tmpdir = \ tempfile.mkdtemp(prefix="clickreview-test-desktop-") TestCase.__init__(self, *args) self._reset_test_data() def _reset_test_data(self): # dictionary representing DEBIAN/control self.test_control = dict() self.set_test_control('Package', "com.ubuntu.developer.someuser.testapp") self.set_test_control('Version', "1.0") self.set_test_control('Click-Version', MINIMUM_CLICK_FRAMEWORK_VERSION) self.set_test_control('Architecture', "all") self.set_test_control('Maintainer', "Some User ") self.set_test_control('Installed-Size', "111") self.set_test_control('Description', "My Test App") # dictionary representing DEBIAN/manifest self.test_manifest = dict() self.set_test_manifest("description", "Some longish description of My Test App") self.set_test_manifest("framework", "ubuntu-sdk-13.10") self.set_test_manifest("maintainer", self.test_control['Maintainer']) self.set_test_manifest("name", self.test_control['Package']) self.set_test_manifest("title", self.test_control['Description']) self.set_test_manifest("version", self.test_control['Version']) self.test_manifest["hooks"] = dict() self.default_appname = "test-app" self.test_manifest["hooks"][self.default_appname] = dict() self.test_manifest["hooks"][self.default_appname]["apparmor"] = \ "%s.json" % self.default_appname self.test_manifest["hooks"][self.default_appname]["desktop"] = \ "%s.desktop" % self.default_appname self._update_test_manifest() # hooks self.test_security_manifests = dict() self.test_desktop_files = dict() for app in self.test_manifest["hooks"].keys(): # setup security manifest for each app self.set_test_security_manifest(app, 'policy_groups', ['networking']) self.set_test_security_manifest(app, 'policy_version', 1.0) # setup desktop file for each app self.set_test_desktop(app, 'Name', self.default_appname, no_update=True) self.set_test_desktop(app, 'Comment', '%s test comment' % app, no_update=True) self.set_test_desktop(app, 'Exec', 'qmlscene %s.qml' % app, no_update=True) self.set_test_desktop(app, 'Icon', '%s.png' % app, no_update=True) self.set_test_desktop(app, 'Terminal', 'false', no_update=True) self.set_test_desktop(app, 'Type', 'Application', no_update=True) self.set_test_desktop(app, 'X-Ubuntu-Touch', 'true', no_update=True) self._update_test_security_manifests() self._update_test_desktop_files() # webapps manifests (leave empty for now) self.test_webapp_manifests = dict() self._update_test_webapp_manifests() # mockup a click package name based on the above self._update_test_name() def _update_test_control(self): global TEST_CONTROL TEST_CONTROL = "" for k in self.test_control.keys(): TEST_CONTROL += "%s: %s\n" % (k, self.test_control[k]) def _update_test_manifest(self): global TEST_MANIFEST TEST_MANIFEST = json.dumps(self.test_manifest) def _update_test_security_manifests(self): global TEST_SECURITY TEST_SECURITY = dict() for app in self.test_security_manifests.keys(): TEST_SECURITY[app] = json.dumps(self.test_security_manifests[app]) def _update_test_desktop_files(self): global TEST_DESKTOP TEST_DESKTOP = dict() for app in self.test_desktop_files.keys(): contents = '''[Desktop Entry]''' for k in self.test_desktop_files[app].keys(): contents += '\n%s=%s' % (k, self.test_desktop_files[app][k]) contents += "\n" fn = os.path.join(self.desktop_tmpdir, "%s.desktop" % app) with open(fn, "w") as f: f.write(contents) f.close() TEST_DESKTOP[app] = DesktopEntry(fn) def _update_test_webapp_manifests(self): global TEST_WEBAPP_MANIFESTS TEST_WEBAPP_MANIFESTS = dict() for i in self.test_webapp_manifests.keys(): TEST_WEBAPP_MANIFESTS[i] = self.test_webapp_manifests[i] def _update_test_name(self): self.test_name = "%s_%s_%s.click" % (self.test_control['Package'], self.test_control['Version'], self.test_control['Architecture']) # # check_results(report, expected_counts, expected) # Verify exact counts of types # expected_counts={'info': 1, 'warn': 0, 'error': 0} # self.check_results(report, expected_counts) # Verify counts of warn and error types # expected_counts={'info': None, 'warn': 0, 'error': 0} # self.check_results(report, expected_counts) # Verify exact messages: # expected = dict() # expected['info'] = dict() # expected['warn'] = dict() # expected['warn']['skeleton_baz'] = "TODO" # expected['error'] = dict() # self.check_results(r, expected=expected) # def check_results(self, report, expected_counts={'info': 1, 'warn': 0, 'error': 0}, expected=None): if expected is not None: for t in expected.keys(): for r in expected[t]: self.assertTrue(r in report[t], "Could not find '%s' (%s) in:\n%s" % (r, t, json.dumps(report, indent=2))) for k in expected[t][r]: self.assertTrue(k in report[t][r], "Could not find '%s' (%s) in:\n%s" % (k, r, json.dumps(report, indent=2))) self.assertEqual(expected[t][r][k], report[t][r][k]) else: for k in expected_counts.keys(): if expected_counts[k] is None: continue self.assertEqual(len(report[k]), expected_counts[k], "(%s not equal)\n%s" % (k, json.dumps(report, indent=2))) def set_test_control(self, key, value): '''Set key in DEBIAN/control to value. If value is None, remove key''' if value is None: if key in self.test_control: self.test_control.pop(key, None) else: self.test_control[key] = value self._update_test_control() def set_test_manifest(self, key, value): '''Set key in DEBIAN/manifest to value. If value is None, remove key''' if value is None: if key in self.test_manifest: self.test_manifest.pop(key, None) else: self.test_manifest[key] = value self._update_test_manifest() def set_test_security_manifest(self, app, key, value): '''Set key in security manifest to value. If value is None, remove key''' if app not in self.test_security_manifests: self.test_security_manifests[app] = dict() if value is None: if key in self.test_security_manifests[app]: self.test_security_manifests[app].pop(key, None) else: self.test_security_manifests[app][key] = value self._update_test_security_manifests() def set_test_desktop(self, app, key, value, no_update=False): '''Set key in desktop file to value. If value is None, remove key''' if app not in self.test_desktop_files: self.test_desktop_files[app] = dict() if value is None: if key in self.test_desktop_files[app]: self.test_desktop_files[app].pop(key, None) else: self.test_desktop_files[app][key] = value if not no_update: self._update_test_desktop_files() def set_test_webapp_manifest(self, fn, key, value): '''Set key in webapp manifest to value. If value is None, remove key''' if key is None and value is None: self.test_webapp_manifests[fn] = None self._update_test_webapp_manifests() return if fn not in self.test_webapp_manifests: self.test_webapp_manifests[fn] = dict() if value is None: if key in self.test_webapp_manifests[fn]: self.test_webapp_manifests[fn].pop(key, None) else: self.test_webapp_manifests[fn][key] = value self._update_test_webapp_manifests() def setUp(self): '''Make sure our patches are applied everywhere''' global patches for p in patches: self.addCleanup(p.stop()) def tearDown(self): '''Make sure we reset everything to known good values''' global TEST_CONTROL TEST_CONTROL = "" global TEST_MANIFEST TEST_MANIFEST = "" global TEST_SECURITY TEST_SECURITY = dict() global TEST_DESKTOP TEST_DESKTOP = dict() self._reset_test_data() cr_common.recursive_rm(self.desktop_tmpdir) click-reviewers-tools-0.5/clickreviews/cr_security.py0000644000000000000000000004647012305663727020125 0ustar '''cr_security.py: click security checks''' # # Copyright (C) 2013-2014 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import print_function from clickreviews.cr_common import ClickReview, error, warn import clickreviews.cr_common as cr_common import glob import json import os easyprof_dir = "/usr/share/apparmor/easyprof" if not os.path.isdir(easyprof_dir): error("Error importing easyprof. Please install apparmor-easyprof") if not os.path.isdir(os.path.join(easyprof_dir, "templates/ubuntu")): error("Error importing easyprof. Please install apparmor-easyprof-ubuntu") import apparmor.easyprof class ClickReviewSecurity(ClickReview): '''This class represents click lint reviews''' def __init__(self, fn): ClickReview.__init__(self, fn, "security") self.supported_policy_versions = self._get_supported_policy_versions() self.all_fields = ['abstractions', 'author', 'binary', 'comment', 'copyright', 'name', 'policy_groups', 'policy_vendor', 'policy_version', 'read_path', 'template', 'template_variables', 'write_path'] self.ignored_fields = ['author', 'comment', 'copyright', 'name'] self.required_fields = ['policy_groups', 'policy_version'] self.redflag_fields = ['abstractions', 'binary', 'policy_vendor', 'read_path', 'template_variables', 'write_path'] self.allowed_webapp_policy_groups = ['audio', 'location', 'networking', 'video'] self.redflag_templates = ['unconfined'] self.extraneous_templates = ['ubuntu-sdk', 'default'] # framework policy is based on major framework version. In 13.10, there # was only 'ubuntu-sdk-13.10', but in 14.04, there will be several, # like 'ubuntu-sdk-14.04-html5', 'ubuntu-sdk-14.04-platform', etc self.major_framework_policy = {'ubuntu-sdk-13.10': 1.0, 'ubuntu-sdk-14.04': 1.1, } self.security_manifests = dict() for app in self.manifest['hooks']: if 'apparmor' not in self.manifest['hooks'][app]: error("could not find apparmor hook for '%s'" % app) if not isinstance(self.manifest['hooks'][app]['apparmor'], str): error("manifest malformed: hooks/%s/apparmor is not str" % app) rel_fn = self.manifest['hooks'][app]['apparmor'] self.security_manifests[rel_fn] = \ self._extract_security_manifest(app) def _extract_security_manifest(self, app): '''Extract security manifest and verify it has the expected structure''' d = self.manifest['hooks'][app]['apparmor'] fn = os.path.join(self.unpack_dir, d) rel_fn = self.manifest['hooks'][app]['apparmor'] try: m = json.load(cr_common.open_file_read(fn)) except Exception: error("Could not load '%s'. Is it properly formatted?" % rel_fn) mp = json.dumps(m, sort_keys=True, indent=2, separators=(',', ': ')) if not isinstance(m, dict): error("'%s' malformed:\n%s" % (rel_fn, mp)) for k in sorted(m): if k not in self.all_fields: error("'%s' malformed: unsupported field '%s':\n%s" % (rel_fn, k, mp)) if k in ['abstractions', 'policy_groups', 'read_path', 'write_path']: if not isinstance(m[k], list): error("'%s' malformed: '%s' is not list:\n%s" % (rel_fn, k, mp)) elif k == 'template_variables': if not isinstance(m[k], dict): error("'%s' malformed: '%s' is not dict:\n%s" % (rel_fn, k, mp)) elif k == "policy_version": # python and Qt don't agree on the JSON output of floats that # are integers (ie, 1.0 vs 1). LP: #1214618 if not isinstance(m[k], float) and not isinstance(m[k], int): error("'%s' malformed: '%s' is not a JSON number:\n%s" % (rel_fn, k, mp)) if isinstance(m[k], int): m[k] = float(m[k]) else: if not isinstance(m[k], str): error("'%s' malformed: '%s' is not str:\n%s" % (rel_fn, k, mp)) return m def _get_policy_group_meta(self, group, meta, vendor, version): '''Get meta-information from the policy group''' cmd_args = ['--show-policy-group', '--policy-groups=%s' % group, '--policy-version=%s' % version, '--policy-vendor=%s' % vendor] (options, args) = apparmor.easyprof.parse_args(cmd_args) try: easyp = apparmor.easyprof.AppArmorEasyProfile(None, options) tmp = easyp.get_policygroup(group) except apparmor.easyprof.AppArmorException: warn("'%s' failed" % " ".join(cmd_args)) return "" text = "" for line in tmp.splitlines(): if line.startswith("# %s: " % meta): text = line.split(':', 1)[1].strip() elif text != "": if line.startswith("# "): text += line[2:] else: break return text def _get_security_manifest(self, app): '''Get the security manifest for app''' if app not in self.manifest['hooks']: error("Could not find '%s' in click manifest" % app) elif 'apparmor' not in self.manifest['hooks'][app]: error("Could not find apparmor hook for '%s' in click manifest" % app) f = self.manifest['hooks'][app]['apparmor'] m = self.security_manifests[f] return (f, m) def _get_supported_policy_versions(self): '''Get the supported AppArmor policy versions''' version_dirs = sorted(glob.glob("%s/templates/ubuntu/*" % easyprof_dir)) supported_policy_versions = [] for d in version_dirs: if not os.path.isdir(d): continue try: supported_policy_versions.append(float(os.path.basename(d))) except TypeError: continue supported_policy_versions = sorted(supported_policy_versions) return supported_policy_versions def check_policy_vendor(self): '''Check policy_vendor''' for app in sorted(self.manifest['hooks']): (f, m) = self._get_security_manifest(app) t = 'info' n = 'policy_vendor (%s)' % f s = "OK" if 'policy_vendor' in m and m['policy_vendor'] != "ubuntu": t = 'error' s = "policy_vendor '%s' not found" % m['policy_vendor'] self._add_result(t, n, s) def check_policy_version(self): '''Check policy version''' for app in sorted(self.manifest['hooks']): (f, m) = self._get_security_manifest(app) n = 'policy_version_exists (%s)' % f if 'policy_version' not in m: self._add_result('error', n, 'could not find policy_version in manifest') continue t = 'info' s = "OK" vendor = "ubuntu" if 'policy_vendor' in m: vendor = m['policy_vendor'] version = str(m['policy_version']) cmd_args = ['--list-templates', '--policy-vendor=%s' % vendor, '--policy-version=%s' % version] (options, args) = apparmor.easyprof.parse_args(cmd_args) try: apparmor.easyprof.AppArmorEasyProfile(None, options) except Exception: t = 'error' s = 'could not find policy for %s/%s' % (vendor, version) self._add_result(t, n, s) highest = sorted(self.supported_policy_versions)[-1] t = 'info' n = 'policy_version_is_highest (%s, %s)' % (str(highest), f) s = "OK" if float(m['policy_version']) != highest: t = 'info' s = '%s != %s' % (str(m['policy_version']), str(highest)) self._add_result(t, n, s) t = 'info' n = 'policy_version_matches_framework (%s)' % (f) s = "OK" found_major = False for k in self.major_framework_policy.keys(): # TODO: use libclick when it is available if not self.manifest['framework'].startswith(k): continue found_major = True if m['policy_version'] != self.major_framework_policy[k]: t = 'error' s = '%s != %s (%s)' % (str(m['policy_version']), self.major_framework_policy[k], self.manifest['framework']) if not found_major: t = 'error' s = "Invalid framework '%s'" % self.manifest['framework'] self._add_result(t, n, s) def check_template(self): '''Check template''' for app in sorted(self.manifest['hooks']): (f, m) = self._get_security_manifest(app) t = 'info' n = 'template_with_policy_version (%s)' % f s = "OK" if 'policy_version' not in m: self._add_result('error', n, 'could not find policy_version in manifest') continue self._add_result(t, n, s) t = 'info' n = 'template_valid (%s)' % f s = "OK" if 'template' not in m: # If template not specified, we just use the default self._add_result(t, n, 'OK (none specified)') continue elif m['template'] in self.redflag_templates: t = 'error' s = "(MANUAL REVIEW) '%s' not allowed" % m['template'] elif m['template'] in self.extraneous_templates: t = 'warn' s = "No need to specify '%s' template" % m['template'] self._add_result(t, n, s) t = 'info' n = 'template_exists (%s)' % f s = "OK" vendor = "ubuntu" if 'policy_vendor' in m: vendor = m['policy_vendor'] version = str(m['policy_version']) cmd_args = ['--list-templates', '--policy-vendor=%s' % vendor, '--policy-version=%s' % version] (options, args) = apparmor.easyprof.parse_args(cmd_args) templates = [] try: easyp = apparmor.easyprof.AppArmorEasyProfile(None, options) templates = easyp.get_templates() except Exception: t = 'error' s = 'could not find policy for %s/%s' % (vendor, version) self._add_result(t, n, s) continue if len(templates) < 1: t = 'error' s = 'could not find templates' self._add_result(t, n, s) continue # If we got here, we can see if a valid template was specified found = False for i in templates: if os.path.basename(i) == m['template']: found = True break if not found: t = 'error' s = "specified unsupported template '%s'" % m['template'] self._add_result(t, n, s) def check_policy_groups_webapps(self): '''Check policy_groups for webapps''' for app in sorted(self.manifest['hooks']): (f, m) = self._get_security_manifest(app) t = 'info' n = 'policy_groups_webapp (%s)' % f s = "OK" webapp_template = "ubuntu-webapp" if 'template' not in m or m['template'] != webapp_template: # self._add_result(t, n, s) continue if 'policy_groups' not in m or \ 'networking' not in m['policy_groups']: self._add_result('error', n, "required group 'networking' not found") continue bad = [] for p in m['policy_groups']: if p not in self.allowed_webapp_policy_groups: bad.append(p) if len(bad) > 0: t = 'error' s = "found unusual policy groups: %s" % ", ".join(bad) self._add_result(t, n, s) def check_policy_groups(self): '''Check policy_groups''' for app in sorted(self.manifest['hooks']): (f, m) = self._get_security_manifest(app) t = 'info' n = 'policy_groups_exists (%s)' % f if 'policy_groups' not in m: # If template not specified, we just use the default self._add_result('warn', n, 'no policy groups specified') continue elif 'policy_version' not in m: self._add_result('error', n, 'could not find policy_version in manifest') continue s = "OK" vendor = "ubuntu" if 'policy_vendor' in m: vendor = m['policy_vendor'] version = str(m['policy_version']) cmd_args = ['--list-policy-groups', '--policy-vendor=%s' % vendor, '--policy-version=%s' % version] (options, args) = apparmor.easyprof.parse_args(cmd_args) policy_groups = [] try: easyp = apparmor.easyprof.AppArmorEasyProfile(None, options) policy_groups = easyp.get_policy_groups() except Exception: t = 'error' s = 'could not find policy for %s/%s' % (vendor, version) self._add_result(t, n, s) continue if len(policy_groups) < 1: t = 'error' s = 'could not find policy groups' self._add_result(t, n, s) continue self._add_result(t, n, s) # Check for duplicates t = 'info' n = 'policy_groups_duplicates (%s)' % f s = 'OK' tmp = [] for p in m['policy_groups']: if m['policy_groups'].count(p) > 1 and p not in tmp: tmp.append(p) if len(tmp) > 0: tmp.sort() t = 'error' s = 'duplicate policy groups found: %s' % ", ".join(tmp) self._add_result(t, n, s) # If we got here, we can see if valid policy groups were specified for i in m['policy_groups']: t = 'info' n = 'policy_groups_valid (%s)' % i s = 'OK' # SDK will leave and empty policy group, report but don't # deny if i == "": t = 'error' s = 'found empty policy group' self._add_result(t, n, s) continue found = False for j in policy_groups: if i == os.path.basename(j): found = True break if not found: t = 'error' s = "unsupported policy_group '%s'" % i self._add_result(t, n, s) if found: t = 'info' n = 'policy_groups_safe (%s)' % i s = 'OK' usage = self._get_policy_group_meta(i, "Usage", vendor, version) if usage != "common": desc = self._get_policy_group_meta(i, "Description", vendor, version) t = 'error' s = "(MANUAL REVIEW) %s policy group " % usage + \ "'%s': %s" % (i, desc) self._add_result(t, n, s) def check_ignored(self): '''Check ignored fields''' for app in sorted(self.manifest['hooks']): (f, m) = self._get_security_manifest(app) t = 'info' n = 'ignored_fields (%s)' % f s = "OK" found = [] for i in self.ignored_fields: if i in m: found.append(i) if len(found) > 0: t = 'warn' s = "found ignored fields: %s" % ", ".join(found) self._add_result(t, n, s) def check_redflag(self): '''Check redflag fields''' for app in sorted(self.manifest['hooks']): (f, m) = self._get_security_manifest(app) t = 'info' n = 'redflag_fields (%s)' % f s = "OK" found = [] for i in self.redflag_fields: if i in m: found.append(i) if len(found) > 0: t = 'error' s = "found redflagged fields (needs human review): %s" % \ ", ".join(found) self._add_result(t, n, s) def check_required(self): '''Check required fields''' for app in sorted(self.manifest['hooks']): (f, m) = self._get_security_manifest(app) t = 'info' n = 'ignored_fields (%s)' % f s = "OK" not_found = [] for i in self.required_fields: if i not in m: not_found.append(i) if len(not_found) > 0: t = 'error' s = "missing required fields: %s" % ", ".join(not_found) self._add_result(t, n, s) click-reviewers-tools-0.5/clickreviews/cr_skeleton.py0000644000000000000000000000314312267705013020060 0ustar '''cr_skeleton.py: click skeleton''' # # Copyright (C) 2013 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import print_function from clickreviews.cr_common import ClickReview class ClickReviewSkeleton(ClickReview): '''This class represents click lint reviews''' def __init__(self, fn): ClickReview.__init__(self, fn, "skeleton") def check_foo(self): '''Check foo''' t = 'info' n = 'foo' s = "OK" if False: t = 'error' s = "some message" self._add_result(t, n, s) def check_bar(self): '''Check bar''' t = 'info' n = 'bar' s = "OK" if True: t = 'error' s = "some message" self._add_result(t, n, s) def check_baz(self): '''Check baz''' self._add_result('warn', 'baz', 'TODO', link="http://example.com") # Spawn a shell to pause the script (run 'exit' to continue) # import subprocess # print(self.unpack_dir) # subprocess.call(['bash']) click-reviewers-tools-0.5/clickreviews/cr_desktop.py0000644000000000000000000007265212305663727017730 0ustar '''cr_desktop.py: click desktop checks''' # # Copyright (C) 2013-2014 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import print_function from clickreviews.cr_common import ClickReview, error, open_file_read import glob import json import os import re from urllib.parse import urlsplit from xdg.DesktopEntry import DesktopEntry from xdg.Exceptions import ParsingError as xdgParsingError class ClickReviewDesktop(ClickReview): '''This class represents click lint reviews''' def __init__(self, fn): ClickReview.__init__(self, fn, "desktop") self.desktop_files = dict() # click-show-files and a couple tests self.desktop_entries = dict() self.desktop_hook_entries = 0 for app in self.manifest['hooks']: if 'desktop' not in self.manifest['hooks'][app]: error("could not find desktop hook for '%s'" % app) if not isinstance(self.manifest['hooks'][app]['desktop'], str): error("manifest malformed: hooks/%s/desktop is not str" % app) self.desktop_hook_entries += 1 (de, full_fn) = self._extract_desktop_entry(app) self.desktop_entries[app] = de self.desktop_files[app] = full_fn self.required_keys = ['Name', 'Type', 'Icon', 'Exec', 'X-Ubuntu-Touch', ] self.expected_execs = ['qmlscene', 'webbrowser-app', 'webapp-container', 'cordova-ubuntu-2.8', 'ubuntu-html5-app-launcher', ] # TODO: the desktop hook will actually handle this correctly self.blacklisted_keys = ['Path'] def _extract_desktop_entry(self, app): '''Get DesktopEntry for desktop file and verify it''' d = self.manifest['hooks'][app]['desktop'] fn = os.path.join(self.unpack_dir, d) bn = os.path.basename(fn) if not os.path.exists(fn): error("Could not find '%s'" % bn) fh = open_file_read(fn) contents = "" for line in fh.readlines(): contents += line fh.close() try: de = DesktopEntry(fn) except xdgParsingError as e: error("desktop file unparseable: %s (%s):\n%s" % (bn, str(e), contents)) try: de.parse(fn) except Exception as e: error("desktop file unparseable: %s (%s):\n%s" % (bn, str(e), contents)) return de, fn def _get_desktop_entry(self, app): '''Get DesktopEntry from parsed values''' return self.desktop_entries[app] def _get_desktop_files(self): '''Get desktop_files (abstracted out for mock)''' return self.desktop_files def _get_desktop_filename(self, app): '''Get desktop file filenames''' return self.desktop_files[app] def check_desktop_file(self): '''Check desktop file''' t = 'info' n = 'files_available' s = 'OK' if len(self._get_desktop_files().keys()) < 1: t = 'error' s = 'No .desktop files available.' self._add_result(t, n, s) t = 'info' n = 'files_usable' s = 'OK' if len(self._get_desktop_files().keys()) != self.desktop_hook_entries: t = 'error' s = 'Could not use all specified .desktop files' self._add_result(t, n, s) def check_desktop_file_valid(self): '''Check desktop file validates''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'validates (%s)' % app s = 'OK' l = None try: de.validate() except Exception as e: t = 'error' s = 'did not validate: (%s)' % str(e) l = 'http://askubuntu.com/questions/417377/what-does-desktop-validates-mean/417378' self._add_result(t, n, s, l) def check_desktop_required_keys(self): '''Check for required keys''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'required_keys (%s)' % app s = "OK" missing = [] for f in self.required_keys: if not de.hasKey(f): missing.append(f) if len(missing) > 0: t = 'error' s = 'missing required keys: %s' % ",".join(missing) self._add_result(t, n, s) t = 'info' n = 'required_fields_not_empty (%s)' % app s = "OK" empty = [] for f in self.required_keys: if de.hasKey(f) and de.get(f) == "": empty.append(f) if len(empty) > 0: t = 'error' s = 'Empty required keys: %s' % ",".join(empty) self._add_result(t, n, s) def check_desktop_blacklisted_keys(self): '''Check for blacklisted keys''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'blacklisted_keys (%s)' % app s = "OK" found = [] for f in self.blacklisted_keys: if de.hasKey(f): found.append(f) if len(found) > 0: t = 'error' s = 'found blacklisted keys: %s' % ",".join(found) self._add_result(t, n, s) def check_desktop_exec(self): '''Check Exec entry''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'Exec (%s)' % app s = 'OK' l = None if not de.hasKey('Exec'): t = 'error' s = "missing key 'Exec'" elif de.getExec().startswith('/'): t = 'error' s = "absolute path '%s' for Exec given in .desktop file." % \ de.getExec() l = 'http://askubuntu.com/questions/417381/what-does-desktop-exec-mean/417382' elif de.getExec().split()[0] not in self.expected_execs: if self.click_arch == "all": # interpreted file s = "found unexpected Exec with architecture '%s': %s" % \ (self.click_arch, de.getExec().split()[0]) t = 'warn' else: # compiled # TODO: this can be a lot smarter s = "Non-standard Exec with architecture " + \ "'%s': %s (ok for compiled code)" % \ (self.click_arch, de.getExec().split()[0]) t = 'info' self._add_result(t, n, s, l) def check_desktop_exec_webapp_container(self): '''Check Exec=webapp-container entry''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'Exec_webapp_container (%s)' % app s = 'OK' if not de.hasKey('Exec'): t = 'error' s = "missing key 'Exec'" self._add_result(t, n, s) continue elif de.getExec().split()[0] != "webapp-container": s = "SKIPPED (not webapp-container)" self._add_result(t, n, s) continue t = 'info' n = 'Exec_webapp_container_webapp (%s)' % (app) s = 'OK' if '--webapp' in de.getExec().split(): t = 'error' s = "should not use --webapp in '%s'" % \ (de.getExec()) self._add_result(t, n, s) t = 'info' n = 'Exec_webapp_container_13.10 (%s)' % (app) s = 'OK' if self.manifest['framework'] == "ubuntu-sdk-13.10": t = 'info' s = "'webapp-container' not available in 13.10 release " \ "images (ok if targeting 14.04 images with %s " \ "framework" % self.manifest['framework'] self._add_result(t, n, s) def check_desktop_exec_webbrowser(self): '''Check Exec=webbrowser-app entry''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'Exec_webbrowser (%s)' % app s = 'OK' if not de.hasKey('Exec'): t = 'error' s = "missing key 'Exec'" self._add_result(t, n, s) continue elif de.getExec().split()[0] != "webbrowser-app": s = "SKIPPED (not webbrowser-app)" self._add_result(t, n, s) continue t = 'info' n = 'Exec_webbrowser_webapp (%s)' % (app) s = 'OK' if not '--webapp' in de.getExec().split(): t = 'error' s = "could not find --webapp in '%s'" % \ (de.getExec()) self._add_result(t, n, s) t = 'info' n = 'Exec_webbrowser_13.10 (%s)' % (app) s = 'OK' if self.manifest['framework'] != "ubuntu-sdk-13.10": t = 'error' s = "may not use 'webbrowser-app' with framework '%s'" % \ self.manifest['framework'] self._add_result(t, n, s) def check_desktop_exec_webapp_args(self): '''Check Exec=web* args''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'Exec_webapp_args (%s)' % app s = 'OK' if not de.hasKey('Exec'): t = 'error' s = "missing key 'Exec'" self._add_result(t, n, s) continue elif de.getExec().split()[0] != "webbrowser-app" and \ de.getExec().split()[0] != "webapp-container": s = "SKIPPED (not webapp-container or webbrowser-app)" self._add_result(t, n, s) continue t = 'info' n = 'Exec_webapp_args_minimal_chrome (%s)' % (app) s = 'OK' if not '--enable-back-forward' in de.getExec().split(): t = 'error' s = "could not find --enable-back-forward in '%s'" % \ (de.getExec()) self._add_result(t, n, s) # verify the presence of either webappUrlPatterns or # webappModelSearchPath t = 'info' n = 'Exec_webapp_args_required (%s)' % (app) s = 'OK' found_url_patterns = False found_model_search_path = False for i in de.getExec().split(): if i.startswith('--webappUrlPatterns'): found_url_patterns = True if i.startswith('--webappModelSearchPath'): found_model_search_path = True if found_url_patterns and found_model_search_path: t = 'error' s = "should not specify --webappUrlPatterns when using " + \ "--webappModelSearchPath" elif not found_url_patterns and not found_model_search_path: t = 'error' s = "must specify one of --webappUrlPatterns or " + \ "--webappModelSearchPath" self._add_result(t, n, s) def _check_patterns(self, app, patterns, args): pattern_count = 1 for pattern in patterns: urlp_scheme_pat = pattern[:-1].split(':')[0] urlp_p = urlsplit(re.sub('\?', '', pattern[:-1])) target = args[-1] urlp_t = urlsplit(target) t = 'info' n = 'Exec_webbrowser_webapp_url_patterns_has_https? (%s, %s)' % \ (app, pattern) s = 'OK' if not pattern.startswith('https?://'): t = 'warn' s = "'https?://' not found in '%s'" % pattern + \ " (may cause needless redirect)" self._add_result(t, n, s) t = 'info' n = 'Exec_webbrowser_webapp_url_patterns_uses_trailing_glob ' + \ '(%s, %s)' % (app, pattern) s = 'OK' if not pattern.endswith('*'): t = 'warn' s = "'%s' does not end with '*'" % pattern + \ " (may cause needless redirect) - %s" % urlp_p.path self._add_result(t, n, s) t = 'info' n = 'Exec_webbrowser_webapp_url_patterns_uses_unsafe_glob ' + \ '(%s, %s)' % (app, pattern) s = 'OK' if len(urlp_p.path) == 0 and pattern.endswith('*'): t = 'error' s = "'%s' contains trailing glob in netloc" % pattern self._add_result(t, n, s) t = 'info' n = 'Exec_webbrowser_webapp_url_patterns_uses_safe_glob ' + \ '(%s, %s)' % (app, pattern) s = 'OK' if '*' in pattern[:-1] and (pattern[:-1].count('*') != 1 or not pattern.startswith('https?://*')): t = 'warn' s = "'%s' contains nested '*'" % pattern + \ " (needs human review)" self._add_result(t, n, s) t = 'info' n = 'Exec_webbrowser_target_exists (%s)' % (app) s = 'OK' if urlp_t.scheme == "": t = 'error' s = 'Exec line does not end with parseable URL' self._add_result(t, n, s) continue self._add_result(t, n, s) t = 'info' n = 'Exec_webbrowser_target_scheme_matches_patterns ' + \ '(%s, %s)' % (app, pattern) s = 'OK' if not re.match(r'^%s$' % urlp_scheme_pat, urlp_t.scheme): t = 'error' s = "'%s' doesn't match '%s' " % (urlp_t.scheme, urlp_scheme_pat) + \ "(will likely cause needless redirect)" self._add_result(t, n, s) t = 'info' n = 'Exec_webbrowser_target_netloc_matches_patterns ' + \ '(%s, %s)' % (app, pattern) s = 'OK' # TODO: this is admittedly simple, but matches Canonical # webapps currently, so ok for now if urlp_p.netloc.startswith('*') and len(urlp_p.netloc) > 2 and \ urlp_t.netloc.endswith(urlp_p.netloc[1:]): s = "OK ('%s' matches '%s')" % (urlp_t.netloc, urlp_p.netloc) elif urlp_t.netloc != urlp_p.netloc: if pattern_count == 1: t = 'warn' s = "'%s' != primary pattern '%s'" % \ (urlp_t.netloc, urlp_p.netloc) + \ " (may cause needless redirect)" else: t = 'info' s = "target '%s' != non-primary pattern '%s'" % \ (urlp_t.netloc, urlp_p.netloc) self._add_result(t, n, s) pattern_count += 1 def check_desktop_exec_webbrowser_urlpatterns(self): '''Check Exec=webbrowser-app entry has valid --webappUrlPatterns''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) execline = de.getExec().split() if not de.hasKey('Exec'): continue elif execline[0] != "webbrowser-app": continue elif len(execline) < 2: continue args = execline[1:] t = 'info' n = 'Exec_webbrowser_webappUrlPatterns (%s)' % app s = 'OK' pats = "" count = 0 for a in args: if not a.startswith('--webappUrlPatterns='): continue pats = a.split('=', maxsplit=1)[1] count += 1 if count == 0: # one of --webappUrlPatterns or --webappModelSearchPath is a # required arg and generates an error so just make this info t = 'info' s = "SKIPPED (--webappUrlPatterns not specified)" self._add_result(t, n, s) continue elif count > 1: t = 'error' s = "found multiple '--webappUrlPatterns=' in '%s'" % \ " ".join(args) self._add_result(t, n, s) continue self._check_patterns(app, pats.split(','), args) def _extract_webapp_manifests(self): '''Extract webapp manifest file''' files = sorted(glob.glob("%s/unity-webapps-*/manifest.json" % self.unpack_dir)) manifests = dict() for fn in files: key = os.path.relpath(fn, self.unpack_dir) try: manifests[key] = json.load(open_file_read(fn)) except Exception: manifests[key] = None error("Could not parse '%s'" % fn, do_exit=False) return manifests def check_desktop_exec_webbrowser_modelsearchpath(self): '''Check Exec=webbrowser-app entry has valid --webappModelSearchPath''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) execline = de.getExec().split() if not de.hasKey('Exec'): continue elif execline[0] != "webbrowser-app": continue elif len(execline) < 2: continue args = execline[1:] t = 'info' n = 'Exec_webbrowser_webappModelSearchPath present (%s)' % app s = 'OK' path = "" count = 0 for a in args: if not a.startswith('--webappModelSearchPath='): continue path = a.split('=', maxsplit=1)[1] count += 1 if count == 0: # one of --webappUrlPatterns or --webappModelSearchPath is a # required arg and generates an error so just make this info t = 'info' s = "SKIPPED (--webappModelSearchPath not specified)" self._add_result(t, n, s) continue elif count > 1: t = 'error' s = "found multiple '--webappModelSearchPath=' in '%s'" % \ " ".join(args) self._add_result(t, n, s) continue if not path: t = 'error' s = 'empty arg to --webappModelSearchPath' self._add_result(t, n, s) continue self._add_result(t, n, s) # if --webappModelSearchPath is specified, that means we should # look for webapp configuration in the manifest.json in # ubuntu-webapps-*/ manifests = self._extract_webapp_manifests() t = 'info' n = 'Exec_webbrowser_webapp_manifest (%s)' % app s = 'OK' if len(manifests) == 0: t = 'error' s = 'could not find unity-webaps-*/manifest.json' self._add_result(t, n, s) continue elif len(manifests) > 1: # for now error on this since having # multiple manifests is unknown t = 'error' fns = [] for f in manifests.keys(): fns.append(f) s = 'found multiple webapp manifest files: %s' % ",".join(fns) self._add_result(t, n, s) continue self._add_result(t, n, s) for k in manifests.keys(): m = manifests[k] t = 'info' n = 'Exec_webbrowser_webapp_manifest_wellformed (%s, %s)' % \ (app, k) s = 'OK' if m is None or m == 'null': # 'null' is for testsuite t = 'error' s = 'could not load webapp manifest file. Is it ' + \ 'properly formatted?' self._add_result(t, n, s) continue self._add_result(t, n, s) # 'includes' contains the patterns t = 'info' n = 'Exec_webbrowser_webapp_manifest_includes_present ' + \ '(%s, %s)' % (app, k) s = 'OK' if 'includes' not in m: t = 'error' s = "could not find 'includes' in webapp manifest" elif not isinstance(m['includes'], list): t = 'error' s = "'includes' in webapp manifest is not list" self._add_result(t, n, s) if t == 'error': continue self._check_patterns(app, m['includes'], args) def check_desktop_groups(self): '''Check Desktop Entry entry''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'groups (%s)' % app s = "OK" if len(de.groups()) != 1: t = 'error' s = 'too many desktop groups' elif "Desktop Entry" not in de.groups(): t = 'error' s = "'[Desktop Entry]' group not found" self._add_result(t, n, s) def check_desktop_type(self): '''Check Type entry''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'Type (%s)' % app s = "OK" if not de.hasKey('Type'): t = 'error' s = "missing key 'Type'" elif de.getType() != "Application": t = 'error' s = 'does not use Type=Application' self._add_result(t, n, s) def check_desktop_x_ubuntu_touch(self): '''Check X-Ubuntu-Touch entry''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'X-Ubuntu-Touch (%s)' % app s = "OK" if not de.hasKey('X-Ubuntu-Touch'): t = 'error' s = "missing key 'X-Ubuntu-Touch'" elif de.get("X-Ubuntu-Touch") != "true" and \ de.get("X-Ubuntu-Touch") != "True": t = 'error' s = 'does not use X-Ubuntu-Touch=true' self._add_result(t, n, s) def check_desktop_x_ubuntu_stagehint(self): '''Check X-Ubuntu-StageHint entry''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'X-Ubuntu-StageHint (%s)' % app s = "OK" if not de.hasKey('X-Ubuntu-StageHint'): t = 'info' s = "OK (not specified)" elif de.get("X-Ubuntu-StageHint") != "SideStage": t = 'error' s = "unsupported X-Ubuntu-StageHint=%s " % \ de.get("X-Ubuntu-StageHint") + \ "(should be for example, 'SideStage')" self._add_result(t, n, s) def check_desktop_x_ubuntu_gettext_domain(self): '''Check X-Ubuntu-Gettext-Domain entry''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'X-Ubuntu-Gettext-Domain (%s)' % app s = "OK" if not de.hasKey('X-Ubuntu-Gettext-Domain'): t = 'info' s = "OK (not specified)" elif de.get("X-Ubuntu-Gettext-Domain") == "": t = 'error' s = "X-Ubuntu-Gettext-Domain is empty" elif de.get("X-Ubuntu-Gettext-Domain") != self.click_pkgname: t = 'warn' s = "'%s' != '%s'" % (de.get("X-Ubuntu-Gettext-Domain"), self.click_pkgname) s += " (ok if app uses i18n.domain('%s')" % \ de.get("X-Ubuntu-Gettext-Domain") + \ " or uses organizationName" self._add_result(t, n, s) def check_desktop_terminal(self): '''Check Terminal entry''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'Terminal (%s)' % app s = "OK" if not de.hasKey('Terminal'): s = "OK (not specified)" elif de.getTerminal() is not False: t = 'error' s = 'does not use Terminal=false (%s)' % de.getTerminal() self._add_result(t, n, s) def check_desktop_version(self): '''Check Version entry''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'Version (%s)' % app s = "OK" l = None if not de.hasKey('Version'): s = "OK (not specified)" elif de.getVersionString() != "1.0": # http://standards.freedesktop.org/desktop-entry-spec/latest t = 'error' s = "'%s' does not match freedesktop.org version '1.0'" % \ de.getVersionString() l = 'http://askubuntu.com/questions/419907/what-does-version-mean-in-the-desktop-file/419908' self._add_result(t, n, s, l) def check_desktop_comment(self): '''Check Comment entry''' for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'Comment_boilerplate (%s)' % app s = "OK" l = None if de.hasKey('Comment') and \ de.getComment() == "My project description": t = 'warn' s = "Comment uses SDK boilerplate '%s'" % de.getComment() l = 'http://askubuntu.com/questions/417359/what-does-desktop-comment-boilerplate-mean/417360' self._add_result(t, n, s, l) def check_desktop_icon(self): '''Check Icon entry''' ICON_SUFFIXES = ['.svg', '.png', '.jpg', ] for app in sorted(self.desktop_entries): de = self._get_desktop_entry(app) t = 'info' n = 'Icon (%s)' % app s = 'OK' l = None if not de.hasKey('Icon'): t = 'error' s = "missing key 'Icon'" l = 'http://askubuntu.com/questions/417369/what-does-desktop-icon-mean/417370' elif de.getIcon().startswith('/'): t = 'error' s = "absolute path '%s' for icon given in .desktop file." % \ de.getIcon() l = 'http://askubuntu.com/questions/417369/what-does-desktop-icon-mean/417370' elif not os.path.exists(os.path.join(self.unpack_dir, de.getIcon())) and \ True not in filter(lambda a: os.path.exists(os.path.join( self.unpack_dir, de.getIcon() + a)), ICON_SUFFIXES): t = 'error' s = "'%s' specified as icon in .desktop file for app '%s', " \ "which is not available in the click package." % \ (de.getIcon(), app) l = 'http://askubuntu.com/questions/417369/what-does-desktop-icon-mean/417370' self._add_result(t, n, s, l) def check_desktop_duplicate_entries(self): '''Check desktop for duplicate entries''' for app in sorted(self.desktop_entries): found = [] dupes = [] t = 'info' n = 'duplicate_keys (%s)' % app s = 'OK' fn = self._get_desktop_filename(app) content = open_file_read(fn).readlines() for line in content: tmp = line.split('=') if len(tmp) < 2: continue if tmp[0] in found: dupes.append(tmp[0]) else: found.append(tmp[0]) if len(dupes) > 0: t = 'error' s = 'found duplicate keys: %s' % ",".join(dupes) self._add_result(t, n, s) click-reviewers-tools-0.5/clickreviews/cr_lint.py0000644000000000000000000006641412310035052017200 0ustar '''cr_lint.py: click lint checks''' # # Copyright (C) 2013-2014 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import print_function from apt import apt_pkg from debian.deb822 import Deb822 import glob import os import re from clickreviews.cr_common import ClickReview, open_file_read, cmd CONTROL_FILE_NAMES = ["control", "manifest", "md5sums", "preinst"] MINIMUM_CLICK_FRAMEWORK_VERSION = "0.4" class ClickReviewLint(ClickReview): '''This class represents click lint reviews''' def __init__(self, fn): '''Set up the class.''' ClickReview.__init__(self, fn, "lint") self.control_files = dict() self._list_control_files() # LP: #1214380 # self.valid_control_architectures = ['amd64', 'i386', 'armhf', # 'powerpc', 'all'] self.valid_control_architectures = ['all', # no compiled code 'multi', # fat packages 'armhf', # compiled, single arch # 'i386', # not on desktop yet # 'amd64', # not on desktop yet ] self.vcs_dirs = ['.bzr*', '.git*', '.svn*', '.hg', 'CVS*', 'RCS*'] if 'maintainer' in self.manifest: maintainer = self.manifest['maintainer'] self.email = maintainer.partition('<')[2].rstrip('>') self.is_core_app = (self.click_pkgname.startswith('com.ubuntu.') and not self.click_pkgname.startswith( 'com.ubuntu.developer.') and self.email == 'ubuntu-touch-coreapps@lists.launchpad.net') else: self.email = None self.is_core_app = False self._list_all_compiled_binaries() def _list_control_files(self): '''List all control files with their full path.''' for i in CONTROL_FILE_NAMES: self.control_files[i] = os.path.join(self.unpack_dir, "DEBIAN/%s" % i) def check_control_files(self): '''Check DEBIAN/* files''' for f in self.control_files: t = 'info' n = 'DEBIAN_has_%s' % os.path.basename(f) s = "OK" if not os.path.isfile(self.control_files[os.path.basename(f)]): t = 'error' s = "'%s' not found in DEBIAN/" % os.path.basename(f) self._add_result(t, n, s) found = [] for f in sorted(glob.glob("%s/DEBIAN/*" % self.unpack_dir)): if os.path.basename(f) not in self.control_files: found.append(os.path.basename(f)) t = 'info' n = 'DEBIAN_extra_files' s = 'OK' if len(found) > 0: t = 'warn' s = 'found extra files in DEBIAN/: %s' % ", ".join(found) self._add_result(t, n, s) def check_control(self): '''Check control()''' fh = self._extract_control_file() tmp = list(Deb822.iter_paragraphs(fh)) t = 'info' n = 'control_structure' s = 'OK' if len(tmp) != 1: self._add_result('error', n, 'control malformed: too many paragraphs') return self._add_result(t, n, s) control = tmp[0] fields = ['Package', 'Version', 'Click-Version', 'Architecture', 'Maintainer', 'Installed-Size', 'Description'] error = False for f in sorted(fields): t = 'info' n = 'control_has_%s' % f s = 'OK' if f not in control: t = 'error' s = "'%s' missing" % f error = True self._add_result(t, n, s) if error is True: return t = 'info' n = 'control_extra_fields' s = 'OK' found = [] for k in sorted(control.keys()): if k not in fields: found.append(k) if len(found) > 0: self._add_result('error', n, "found extra fields: '%s'" % (", ".join(found))) t = 'info' n = 'control_package_match' s = "OK" if self.manifest['name'] != self.click_pkgname: t = 'error' s = "Package=%s does not match manifest name=%s" % \ (self.manifest['name'], self.click_pkgname) self._add_result(t, n, s) t = 'info' n = 'control_version_match' s = "OK" if self.manifest['version'] != self.click_version: t = 'error' s = "Version=%s does not match manifest version=%s" % \ (self.manifest['version'], self.click_version) self._add_result(t, n, s) t = 'info' n = 'control_architecture_match' s = 'OK' if 'architecture' in self.manifest: if control['Architecture'] != self.manifest['architecture']: t = 'error' s = "Architecture=%s " % control['Architecture'] + \ "does not match manifest architecture=%s" % \ self.manifest['architecture'] else: # Lack of architecture in manifest is not an error t = 'info' s = 'OK: architecture not specified in manifest' self._add_result(t, n, s) t = 'info' n = 'control_maintainer_match' s = 'OK' if 'maintainer' in self.manifest: if control['Maintainer'] != self.manifest['maintainer']: t = 'error' s = "Maintainer=%s does not match manifest maintainer=%s" % \ (control['Maintainer'], self.manifest['maintainer']) else: t = 'warn' s = 'Skipped: maintainer not in manifest' self._add_result(t, n, s) # TODO: click currently sets the Description to be the manifest title. # Is this intended behavior? t = 'info' n = 'control_description_match' s = 'OK' if 'title' in self.manifest: if control['Description'] != self.manifest['title']: t = 'error' s = "Description=%s does not match manifest title=%s" % \ (control['Description'], self.manifest['title']) else: t = 'warn' s = 'Skipped: title not in manifest' self._add_result(t, n, s) t = 'info' n = 'control_click_version_up_to_date' s = 'OK' l = None if apt_pkg.version_compare( control['Click-Version'], MINIMUM_CLICK_FRAMEWORK_VERSION) < 0: t = 'error' s = "Click-Version is too old, has '%s', needs '%s' or newer" % ( control['Click-Version'], MINIMUM_CLICK_FRAMEWORK_VERSION) l = 'http://askubuntu.com/questions/417366/what-does-lint-control-click-version-up-to-date-mean/417367' self._add_result(t, n, s, l) t = 'info' n = 'control_installed_size' s = 'OK' try: int(control['Installed-Size']) except TypeError: t = 'error' s = "invalid Installed-Size '%s'" % (control['Installed-Size']) self._add_result(t, n, s) def check_md5sums(self): '''Check md5sums()''' curdir = os.getcwd() fh = open_file_read(self.control_files["md5sums"]) badsums = [] os.chdir(self.unpack_dir) for line in fh.readlines(): split_line = line.strip().split() fn = " ".join(split_line[1:]) (rc, out) = cmd(['md5sum', fn]) if line != out: badsums.append(fn) fh.close() os.chdir(curdir) t = 'info' n = 'md5sums' s = 'OK' if len(badsums) > 0: t = 'error' s = 'found bad checksums: %s' % ", ".join(badsums) self._add_result(t, n, s) def check_preinst(self): '''Check preinst()''' expected = '''#! /bin/sh echo "Click packages may not be installed directly using dpkg." echo "Use 'click install' instead." exit 1 ''' fh = open_file_read(self.control_files["preinst"]) contents = "" for line in fh.readlines(): contents += line fh.close() t = 'info' n = 'preinst' s = "OK" if contents != expected: t = 'error' s = "unexpected preinst contents" self._add_result(t, n, s) def check_hooks(self): '''Check click manifest hooks''' # Some checks are already handled in # cr_common.py:_verify_manifest_structure() # We don't support multiple apps in 13.10 if len(self.manifest['hooks'].keys()) != 1: self._add_result('error', 'hooks', "more than one app key specified in hooks") return # Verify keys are well-formatted for app in self.manifest['hooks']: t = 'info' n = 'hooks_%s_valid' % app s = "OK" if not re.search(r'^[A-Za-z0-9+-.:~-]+$', app): t = 'error' s = "malformed application name: '%s'" % app self._add_result(t, n, s) # Verify we have the required hooks required = ['apparmor', 'desktop'] for f in required: for app in self.manifest['hooks']: t = 'info' n = 'hooks_%s_%s' % (app, f) s = "OK" if f == "apparmor": s = "OK (run check-security for more checks)" elif f == "desktop": s = "OK (run check-desktop for more checks)" if f not in self.manifest['hooks'][app]: t = 'error' s = "'%s' hook not found for '%s'" % (f, app) self._add_result(t, n, s) def check_external_symlinks(self): '''Check if symlinks in the click package go out to the system.''' t = 'info' n = 'external_symlinks' s = 'OK' external_symlinks = list(filter(lambda link: not os.path.realpath(link).startswith( self.unpack_dir), self.pkg_files)) if external_symlinks: t = 'error' s = 'package contains external symlinks: %s' % \ ', '.join(external_symlinks) self._add_result(t, n, s) def check_pkgname(self): '''Check package name valid''' p = self.manifest['name'] # http://www.debian.org/doc/debian-policy/ch-controlfields.html t = 'info' n = 'pkgname_valid' s = "OK" if not re.search(r'^[a-z0-9][a-z0-9+.-]+$', p): t = 'error' s = "'%s' not properly formatted" % p self._add_result(t, n, s) def check_version(self): '''Check package version is valid''' # deb-version(5) t = 'info' n = 'version_valid' s = "OK" # From debian_support.py re_valid_version = re.compile(r'^((\d+):)?' # epoch '([A-Za-z0-9.+:~-]+?)' # upstream '(-([A-Za-z0-9+.~]+))?$') # debian if not re_valid_version.match(self.click_version): t = 'error' s = "'%s' not properly formatted" % self.click_version self._add_result(t, n, s) def check_architecture(self): '''Check package architecture in DEBIAN/control is valid''' t = 'info' n = 'control_architecture_valid' s = 'OK' if self.click_arch not in self.valid_control_architectures: t = 'error' s = "not a valid architecture: %s" % self.click_arch self._add_result(t, n, s) def check_architecture_all(self): '''Check if actually architecture all''' t = 'info' n = 'control_architecture_valid_contents' s = 'OK' if self.click_arch != "all": self._add_result(t, n, s) return # look for compiled code x_binaries = [] for i in self.pkg_bin_files: x_binaries.append(os.path.relpath(i, self.unpack_dir)) if len(x_binaries) > 0: t = 'error' s = "found binaries for architecture 'all': %s" % \ ", ".join(x_binaries) self._add_result(t, n, s) def check_architecture_specified_needed(self): '''Check if the specified architecture is actually needed''' t = 'info' n = 'control_architecture_specified_needed' s = 'OK' if self.click_arch == "all": s = "SKIPPED: architecture is 'all'" self._add_result(t, n, s) return if len(self.pkg_bin_files) == 0: t = 'error' s = "Could not find compiled binaries for architecture '%s'" % \ self.click_arch self._add_result(t, n, s) def check_maintainer(self): '''Check maintainer()''' t = 'info' n = 'maintainer_present' s = 'OK' if 'maintainer' not in self.manifest: s = 'required maintainer field not specified in manifest' self._add_result('error', n, s) return self._add_result(t, n, s) # Simple regex as used by python3-debian. If we wanted to be more # thorough we could use email_re from django.core.validators t = 'info' n = 'maintainer_format' s = 'OK' if self.manifest['maintainer'] == "": self._add_result('error', n, 'invalid maintainer (empty), (should be ' 'like "Joe Bloggs ")', 'http://askubuntu.com/questions/417351/what-does-lint-maintainer-format-mean/417352') return elif not re.search(r"^(.*)\s+<(.*@.*)>$", self.manifest['maintainer']): self._add_result('error', n, 'invalid format for maintainer: %s (should be ' 'like "Joe Bloggs ")' % self.manifest['maintainer'], 'http://askubuntu.com/questions/417351/what-does-lint-maintainer-format-mean/417352') return self._add_result(t, n, s) t = 'info' n = 'maintainer_domain' s = 'OK' defaults = ('com.ubuntu.developer.', 'net.launchpad.') # Some domains give out email addresses in their toplevel namespace # (eg @ubuntu.com is used by Ubuntu members). Anything in these in # domains should show a warning (for now) special_domains = ('com.ubuntu', 'com.facebook', 'com.yahoo') if self.click_pkgname.startswith(defaults): # com.ubuntu.developer is Ubuntu's appstore-- people can use their # own addresses s = "OK (package domain=%s)" % str(defaults) else: domain_rev = self.email.partition('@')[2].split('.') domain_rev.reverse() pkg_domain_rev = self.click_pkgname.split('.') if len(domain_rev) < 2: # don't impersonate .com t = 'error' s = "(EMAIL NEEDS HUMAN REVIEW) email domain too short: '%s'" \ % self.email elif len(domain_rev) >= len(pkg_domain_rev): # also '=' to leave # room for app name # Core apps have a long email, domain, but that's all right if self.is_core_app: t = 'info' s = "OK (email '%s' long, but special case of core apps " \ "'com.ubuntu.*')" % self.email else: t = 'error' s = "(EMAIL NEEDS HUMAN REVIEW) email domain too " \ "long '%s' " % self.email + "for app name '%s'" % \ ".".join(pkg_domain_rev) elif domain_rev == pkg_domain_rev[:len(domain_rev)]: is_special = False for special in special_domains: if self.click_pkgname.startswith(special + '.'): is_special = True break if is_special: t = 'warn' s = "email=%s matches special domain=%s" % (self.email, ".".join(pkg_domain_rev)) else: s = "OK (email=%s, package domain=%s)" % (self.email, ".".join(pkg_domain_rev)) else: t = 'error' s = "email=%s does not match package domain=%s " \ "(Your email domain needs to match the reverse package " \ "namespace.)" % (self.email, ".".join(pkg_domain_rev)) self._add_result(t, n, s) def check_title(self): '''Check title()''' t = 'info' n = 'title_present' s = 'OK' if 'title' not in self.manifest: s = 'required title field not specified in manifest' self._add_result('error', n, s) return self._add_result(t, n, s) t = 'info' n = 'title' s = 'OK' pkgname_base = self.click_pkgname.split('.')[-1] if len(self.manifest['title']) < len(pkgname_base): t = 'info' s = "'%s' may be too short" % self.manifest['title'] self._add_result(t, n, s) def check_description(self): '''Check description()''' t = 'info' n = 'description_present' s = 'OK' if 'description' not in self.manifest: s = 'required description field not specified in manifest' self._add_result('error', n, s) return self._add_result(t, n, s) t = 'info' n = 'description' s = 'OK' pkgname_base = self.click_pkgname.split('.')[-1] if len(self.manifest['description']) < len(pkgname_base): t = 'warn' s = "'%s' is too short" % self.manifest['description'] self._add_result(t, n, s) def check_framework(self): '''Check framework()''' t = 'info' n = 'framework' s = 'OK' if self.manifest['framework'] not in self.valid_frameworks: t = 'error' s = "'%s' is not a supported framework" % \ self.manifest['framework'] self._add_result(t, n, s) def check_click_local_extensions(self): '''Report any click local extensions''' t = 'info' n = 'click_local_extensions' s = 'OK' found = [] for k in sorted(self.manifest): if k.startswith('x-'): found.append(k) if len(found) > 0: t = 'warn' plural = "" if len(found) > 1: plural = "s" s = 'found unofficial extension%s: %s' % (plural, ', '.join(found)) if 'x-source' in k and self.is_core_app: s += ' (x-source found, but app is a core app, which is fine)' self._add_result(t, n, s) def check_package_filename(self): '''Check filename of package''' tmp = os.path.basename(self.click_package).split('_') t = 'info' n = 'package_filename_format' s = 'OK' if len(tmp) != 3: t = 'warn' s = "'%s' not of form $pkgname_$version_$arch.click" % \ os.path.basename(self.click_package) self._add_result(t, n, s) # handle $pkgname.click pkgname = tmp[0].partition('\.click')[0] t = 'info' n = 'package_filename_pkgname_match' s = 'OK' l = None if pkgname != self.click_pkgname: t = 'error' s = "'%s' != '%s' from DEBIAN/control" % (pkgname, self.click_pkgname) l = 'http://askubuntu.com/questions/417361/what-does-lint-package-filename-pkgname-match-mean' self._add_result(t, n, s, l) # check if namespaces matches with filename t = 'info' n = 'package_filename_matches_namespace' s = 'OK' namespace_bits = self.click_pkgname.split('.')[:-1] len_namespace = len(namespace_bits) pkgname_bits = pkgname.split('.')[:len_namespace] if namespace_bits != pkgname_bits: t = 'error' s = "Package name '%s' does not match namespace '%s'." % \ ('.'.join(namespace_bits), '.'.join(pkgname_bits)) self._add_result(t, n, s) t = 'info' n = 'package_filename_version_match' s = 'OK' l = None if len(tmp) >= 2: # handle $pkgname_$version.click version = tmp[1].partition('.click')[0] if version != self.click_version: t = 'error' s = "'%s' != '%s' from DEBIAN/control" % (version, self.click_version) l = 'http://askubuntu.com/questions/417384/what-does-lint-package-filename-version-match-mean/417385' else: t = 'warn' s = "could not determine version from '%s'" % \ os.path.basename(self.click_package) self._add_result(t, n, s, l) t = 'info' n = 'package_filename_arch_valid' s = 'OK' if len(tmp) >= 3: arch = tmp[2].partition('.click')[0] if arch == "unknown": # short-circuit here since the appstore # doesn't determine the version yet t = 'info' s = "SKIP: architecture 'unknown'" self._add_result(t, n, s) return if arch not in self.valid_control_architectures: t = 'warn' s = "not a valid architecture: %s" % arch else: t = 'warn' s = "could not determine architecture from '%s'" % \ os.path.basename(self.click_package) self._add_result(t, n, s) t = 'info' n = 'package_filename_arch_match' s = 'OK' if len(tmp) >= 3: arch = tmp[2].partition('.click')[0] if arch != self.click_arch: t = 'error' s = "'%s' != '%s' from DEBIAN/control" % (arch, self.click_arch) else: t = 'warn' s = "could not determine architecture from '%s'" % \ os.path.basename(self.click_package) self._add_result(t, n, s) def check_vcs(self): '''Check for VCS files in the click package''' t = 'info' n = 'vcs_files' s = 'OK' found = [] for d in self.vcs_dirs: entries = glob.glob("%s/%s" % (self.unpack_dir, d)) if len(entries) > 0: for i in entries: found.append(os.path.relpath(i, self.unpack_dir)) if len(found) > 0: t = 'warn' s = 'found VCS files in package: %s' % ", ".join(found) self._add_result(t, n, s) def check_click_in_package(self): '''Check for *.click files in the toplevel click package''' t = 'info' n = 'click_files' s = 'OK' found = [] entries = glob.glob("%s/*.click" % self.unpack_dir) if len(entries) > 0: for i in entries: found.append(os.path.relpath(i, self.unpack_dir)) if len(found) > 0: t = 'warn' s = 'found click packages in toplevel dir: %s' % ", ".join(found) self._add_result(t, n, s) def check_contents_for_hardcoded_paths(self): '''Check for known hardcoded paths.''' PATH_BLACKLIST = ["/opt/click.ubuntu.com/"] t = 'info' n = 'hardcoded_paths' s = 'OK' for dirpath, dirnames, filenames in os.walk(self.unpack_dir): for filename in filenames: full_fn = os.path.join(dirpath, filename) (rc, out) = cmd(['file', '-b', full_fn]) if 'text' not in out: continue try: lines = open_file_read(full_fn).readlines() for bad_path in PATH_BLACKLIST: if list(filter(lambda line: bad_path in line, lines)): t = 'error' s = "Hardcoded path '%s' found in '%s'." % ( bad_path, full_fn) except UnicodeDecodeError: pass self._add_result(t, n, s) def check_manifest_architecture(self): '''Check package architecture in manifest is valid''' t = 'info' n = 'manifest_architecture_valid' s = 'OK' if 'architecture' not in self.manifest: s = 'OK (architecture not specified)' self._add_result(t, n, s) return manifest_archs_list = list(self.valid_control_architectures) manifest_archs_list.remove("multi") if isinstance(self.manifest['architecture'], str) and \ self.manifest['architecture'] not in manifest_archs_list: t = 'error' s = "not a valid architecture: %s" % self.manifest['architecture'] elif isinstance(self.manifest['architecture'], list): manifest_archs_list.remove("all") bad_archs = [] for a in self.manifest['architecture']: if a not in manifest_archs_list: bad_archs.append(a) if len(bad_archs) > 0: t = 'error' s = "not valid multi architecture: %s" % \ ",".join(bad_archs) self._add_result(t, n, s) def check_icon(self): '''Check icon()''' t = 'info' n = 'icon_present' s = 'OK' if 'icon' not in self.manifest: s = 'Skipped, optional icon not present' self._add_result(t, n, s) return self._add_result(t, n, s) t = 'info' n = 'icon_empty' s = 'OK' if len(self.manifest['icon']) == 0: t = 'error' s = "icon manifest entry is empty" return self._add_result(t, n, s) t = 'info' n = 'icon_absolute_path' s = 'OK' if self.manifest['icon'].startswith('/'): t = 'error' s = "icon manifest entry '%s' should not specify absolute path" % \ self.manifest['icon'] self._add_result(t, n, s) click-reviewers-tools-0.5/clickreviews/tests/0000755000000000000000000000000012310336004016324 5ustar click-reviewers-tools-0.5/clickreviews/tests/__init__.py0000644000000000000000000000000012221320160020420 0ustar click-reviewers-tools-0.5/clickreviews/tests/test_cr_lint.py0000644000000000000000000006241712267705013021414 0ustar '''test_cr_lint.py: tests for the cr_lint module''' # # Copyright (C) 2013-2014 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from unittest.mock import patch from clickreviews.cr_lint import ClickReviewLint from clickreviews.cr_lint import MINIMUM_CLICK_FRAMEWORK_VERSION import clickreviews.cr_tests as cr_tests class TestClickReviewLint(cr_tests.TestClickReview): """Tests for the lint review tool.""" def setUp(self): # Monkey patch various file access classes. stop() is handled with # addCleanup in super() cr_tests.mock_patch() super() def test_check_architecture(self): '''Test check_architecture()''' c = ClickReviewLint(self.test_name) c.check_architecture() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_architecture_all(self): '''Test check_architecture_all() - no binaries''' self.set_test_control("Architecture", "all") self.set_test_manifest("architecture", "all") c = ClickReviewLint(self.test_name) c.pkg_bin_files = [] c.check_architecture_all() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_architecture_all2(self): '''Test check_architecture_all() - binaries''' self.set_test_control("Architecture", "all") self.set_test_manifest("architecture", "all") c = ClickReviewLint(self.test_name) c.pkg_bin_files = ["path/to/some/compiled/binary"] c.check_architecture_all() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_architecture_nonexistent(self): '''Test check_architecture() - nonexistent''' self.set_test_control("Architecture", "nonexistent") c = ClickReviewLint(self.test_name) c.check_architecture() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_control_architecture(self): '''Test check_control() (architecture)''' c = ClickReviewLint(self.test_name) c.check_control() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_control_architecture_missing(self): '''Test check_control() (architecture missing)''' self.set_test_control("Architecture", None) try: ClickReviewLint(self.test_name) except KeyError: return raise Exception("Should have raised a KeyError") def test_check_control_matches_manifest_architecture(self): '''Test check_control() (architecture matches manifest)''' self.set_test_control("Architecture", "armhf") self.set_test_manifest("architecture", "armhf") c = ClickReviewLint(self.test_name) c.check_control() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_control_mismatches_manifest_architecture(self): '''Test check_control() (architecture mismatches manifest)''' self.set_test_control("Architecture", "armhf") self.set_test_manifest("architecture", "amd64") c = ClickReviewLint(self.test_name) c.check_control() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_control_manifest_architecture_missing(self): '''Test check_control() (manifest architecture)''' self.set_test_control("Architecture", "armhf") self.set_test_manifest("architecture", None) c = ClickReviewLint(self.test_name) c.check_control() r = c.click_report expected = dict() expected['info'] = dict() expected['warn'] = dict() expected['error'] = dict() expected['info']["lint_control_architecture_match"] = \ {"text": "OK: architecture not specified in manifest"} self.check_results(r, expected=expected) def test_check_architecture_specified_needed(self): '''Test check_architecture_specified_needed() - no binaries''' self.set_test_control("Architecture", "armhf") self.set_test_manifest("architecture", "armhf") c = ClickReviewLint(self.test_name) c.pkg_bin_files = [] c.check_architecture_specified_needed() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_architecture_specified_needed2(self): '''Test check_architecture_specified_needed2() - binaries''' self.set_test_control("Architecture", "armhf") self.set_test_manifest("architecture", "armhf") c = ClickReviewLint(self.test_name) c.pkg_bin_files = ["path/to/some/compiled/binary"] c.check_architecture_specified_needed() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_package_filename(self): '''Test check_package_filename()''' c = ClickReviewLint(self.test_name) c.check_package_filename() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_package_filename_missing_version(self): '''Test check_package_filename() - missing version''' test_name = "%s_%s.click" % (self.test_control['Package'], self.test_control['Architecture']) c = ClickReviewLint(test_name) c.check_package_filename() r = c.click_report expected_counts = {'info': None, 'warn': 3, 'error': 1} self.check_results(r, expected_counts) def test_check_package_filename_missing_arch(self): '''Test check_package_filename() - missing arch''' test_name = "%s_%s.click" % (self.test_control['Package'], self.test_control['Version']) c = ClickReviewLint(test_name) c.check_package_filename() r = c.click_report expected_counts = {'info': None, 'warn': 3, 'error': 0} self.check_results(r, expected_counts) def test_check_package_filename_missing_package(self): '''Test check_package_filename() - missing package''' test_name = "%s_%s.click" % (self.test_control['Version'], self.test_control['Architecture']) c = ClickReviewLint(test_name) c.check_package_filename() r = c.click_report expected_counts = {'info': None, 'warn': 3, 'error': 3} self.check_results(r, expected_counts) def test_check_package_filename_extra_underscore(self): '''Test check_package_filename() - extra underscore''' test_name = "_%s_%s_%s.click" % (self.test_control['Package'], self.test_control['Version'], self.test_control['Architecture']) c = ClickReviewLint(test_name) c.check_package_filename() r = c.click_report expected_counts = {'info': None, 'warn': 2, 'error': 4} self.check_results(r, expected_counts) def test_check_package_filename_control_mismatches(self): '''Test check_package_filename() (control mismatches filename)''' self.set_test_control("Package", "test-match") c = ClickReviewLint(self.test_name) c.check_package_filename() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_package_filename_namespace_mismatches(self): '''Test check_package_filename() (control mismatches filename)''' test_name = "%s_%s_%s.click" % ("com.example.someuser", self.test_control['Version'], self.test_control['Architecture']) c = ClickReviewLint(test_name) c.check_package_filename() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 2} self.check_results(r, expected_counts) def test_check_package_filename_version_mismatches(self): '''Test check_package_filename() (version mismatches filename)''' self.set_test_control("Version", "100.1.1") c = ClickReviewLint(self.test_name) c.check_package_filename() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_package_filename_valid_arch(self): '''Test check_package_filename() (valid arch)''' arch = "armhf" self.set_test_control("Architecture", arch) test_name = "%s_%s_%s.click" % (self.test_control['Package'], self.test_control['Version'], self.test_control['Architecture']) c = ClickReviewLint(test_name) c.check_package_filename() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_package_filename_valid_arch_multi(self): '''Test check_package_filename() (valid multi arch)''' arch = "multi" self.set_test_control("Architecture", arch) test_name = "%s_%s_%s.click" % (self.test_control['Package'], self.test_control['Version'], arch) c = ClickReviewLint(test_name) c.check_package_filename() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_manifest_missing_arch(self): '''Test check_manifest_architecture() (missing)''' self.set_test_manifest("architecture", None) c = ClickReviewLint(self.test_name) c.check_manifest_architecture() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_manifest_arch_all(self): '''Test check_manifest_architecture() (all)''' self.set_test_manifest("architecture", "all") c = ClickReviewLint(self.test_name) c.check_manifest_architecture() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_manifest_arch_single(self): '''Test check_manifest_architecture() (single arch)''' self.set_test_manifest("architecture", "armhf") c = ClickReviewLint(self.test_name) c.check_manifest_architecture() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_manifest_arch_single_nonexistent(self): '''Test check_manifest_architecture() (single nonexistent arch)''' self.set_test_manifest("architecture", "nonexistent") c = ClickReviewLint(self.test_name) c.check_manifest_architecture() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_manifest_arch_single_multi(self): '''Test check_manifest_architecture() (single arch: invalid multi)''' self.set_test_manifest("architecture", "multi") c = ClickReviewLint(self.test_name) c.check_manifest_architecture() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_manifest_valid_arch_multi(self): '''Test check_manifest_architecture() (valid multi)''' arch = "multi" self.set_test_manifest("architecture", ["armhf"]) self.set_test_control("Architecture", arch) test_name = "%s_%s_%s.click" % (self.test_control['Package'], self.test_control['Version'], arch) c = ClickReviewLint(test_name) c.check_manifest_architecture() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_manifest_invalid_arch_multi_nonexistent(self): '''Test check_manifest_architecture() (invalid multi)''' arch = "multi" self.set_test_manifest("architecture", ["armhf", "nonexistent"]) self.set_test_control("Architecture", arch) test_name = "%s_%s_%s.click" % (self.test_control['Package'], self.test_control['Version'], arch) c = ClickReviewLint(test_name) c.check_manifest_architecture() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_manifest_invalid_arch_multi_all(self): '''Test check_manifest_architecture() (invalid all)''' arch = "multi" self.set_test_manifest("architecture", ["armhf", "all"]) self.set_test_control("Architecture", arch) test_name = "%s_%s_%s.click" % (self.test_control['Package'], self.test_control['Version'], arch) c = ClickReviewLint(test_name) c.check_manifest_architecture() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_manifest_invalid_arch_multi_multi(self): '''Test check_manifest_architecture() (invalid multi)''' arch = "multi" self.set_test_manifest("architecture", ["multi", "armhf"]) self.set_test_control("Architecture", arch) test_name = "%s_%s_%s.click" % (self.test_control['Package'], self.test_control['Version'], arch) c = ClickReviewLint(test_name) c.check_manifest_architecture() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_package_filename_mismatch_arch(self): '''Test check_package_filename() (control mismatches arch)''' arch = "armhf" self.set_test_control("Architecture", "all") test_name = "%s_%s_%s.click" % (self.test_control['Package'], self.test_control['Version'], arch) c = ClickReviewLint(test_name) c.check_package_filename() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_package_filename_with_extra_click(self): """Test namespaces with the word "click" in them.""" c = ClickReviewLint(self.test_name) c.check_package_filename() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_control(self): """A very basic test to make sure check_control can be tested.""" c = ClickReviewLint(self.test_name) c.check_control() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) # Make the current MINIMUM_CLICK_FRAMEWORK_VERSION newer @patch('clickreviews.cr_lint.MINIMUM_CLICK_FRAMEWORK_VERSION', MINIMUM_CLICK_FRAMEWORK_VERSION + '.1') def test_check_control_click_framework_version(self): """Test that enforcing click framework versions works.""" test_name = 'net.launchpad.click-webapps.test-app_3_all.click' c = ClickReviewLint(test_name) c.check_control() r = c.click_report # We should end up with an error as the click version is out of date expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) # Lets check that the right error is triggering m = r['error']['lint_control_click_version_up_to_date']['text'] self.assertIn('Click-Version is too old', m) def test_check_maintainer(self): '''Test check_maintainer()''' c = ClickReviewLint(self.test_name) c.check_maintainer() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_maintainer_non_default(self): '''Test check_maintainer() - non-default''' self.set_test_control("Package", "com.example.app") self.set_test_manifest("maintainer", "Foo User ") c = ClickReviewLint(self.test_name) c.check_maintainer() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_maintainer_non_match(self): '''Test check_maintainer() - non-match''' self.set_test_control("Package", "com.example.app") self.set_test_manifest("maintainer", "Foo User ") c = ClickReviewLint(self.test_name) c.check_maintainer() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_maintainer_empty(self): '''Test check_maintainer() - empty''' self.set_test_manifest("maintainer", "") c = ClickReviewLint(self.test_name) c.check_maintainer() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_maintainer_missing(self): '''Test check_maintainer() - missing''' self.set_test_manifest("maintainer", None) c = ClickReviewLint(self.test_name) c.check_maintainer() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_maintainer_badformat(self): '''Test check_maintainer() - badly formatted''' self.set_test_manifest("maintainer", "$%^@*") c = ClickReviewLint(self.test_name) c.check_maintainer() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_maintainer_bad_email_missing_name(self): '''Test check_maintainer() - bad email (missing name)''' self.set_test_manifest("name", "com.ubuntu.developer.user.app") self.set_test_manifest("maintainer", "user@example.com") c = ClickReviewLint(self.test_name) c.check_maintainer() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_maintainer_bad_email_short_domain(self): '''Test check_maintainer() - bad email (short domain)''' self.set_test_control("Package", "com.example.app") self.set_test_manifest("maintainer", "Foo User ") c = ClickReviewLint(self.test_name) c.check_maintainer() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_maintainer_bad_email_long_domain(self): '''Test check_maintainer() - bad email (long domain)''' self.set_test_control("Package", "com.example.app") self.set_test_manifest("maintainer", "Foo User ") c = ClickReviewLint(self.test_name) c.check_maintainer() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_maintainer_domain_appstore(self): '''Test check_maintainer() - appstore domain (com.ubuntu.developer)''' self.set_test_manifest("name", "com.ubuntu.developer.user.app") self.set_test_manifest("maintainer", "Foo User ") c = ClickReviewLint(self.test_name) c.check_maintainer() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_maintainer_domain_special(self): '''Test check_maintainer() - special (com.facebook)''' self.set_test_control("Package", "com.facebook.app") self.set_test_manifest("maintainer", "Foo User ") c = ClickReviewLint(self.test_name) c.check_maintainer() r = c.click_report expected_counts = {'info': None, 'warn': 1, 'error': 0} self.check_results(r, expected_counts) def test_check_icon(self): '''Test check_icon()''' self.set_test_manifest("icon", "someicon") c = ClickReviewLint(self.test_name) c.check_icon() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_icon_unspecified(self): '''Test check_icon()''' self.set_test_manifest("icon", None) c = ClickReviewLint(self.test_name) c.check_icon() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_icon_empty(self): '''Test check_icon() - empty''' self.set_test_manifest("icon", "") c = ClickReviewLint(self.test_name) c.check_icon() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_icon_absolute_path(self): '''Test check_icon() - absolute path''' self.set_test_manifest("icon", "/foo/bar/someicon") c = ClickReviewLint(self.test_name) c.check_icon() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_click_local_extensions_missing(self): '''Testeck_click_local_extensions() - missing''' for k in self.test_manifest.keys(): if k.startswith("x-"): self.set_test_manifest(k, None) c = ClickReviewLint(self.test_name) c.check_click_local_extensions() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_click_local_extensions_empty(self): '''Testeck_click_local_extensions() - empty''' for k in self.test_manifest.keys(): if k.startswith("x-"): self.set_test_manifest(k, None) self.set_test_manifest("x-test", "") c = ClickReviewLint(self.test_name) c.check_click_local_extensions() r = c.click_report expected_counts = {'info': 0, 'warn': 1, 'error': 0} self.check_results(r, expected_counts) def test_check_click_local_extensions(self): '''Testeck_click_local_extensions()''' for k in self.test_manifest.keys(): if k.startswith("x-"): self.set_test_manifest(k, None) self.set_test_manifest("x-source", {"vcs-bzr": "lp:notes-app", "vcs-bzr-revno": "209"}) c = ClickReviewLint(self.test_name) c.check_click_local_extensions() r = c.click_report expected_counts = {'info': 0, 'warn': 1, 'error': 0} self.check_results(r, expected_counts) def test_check_framework(self): '''Test check_framework()''' c = ClickReviewLint(self.test_name) c.check_framework() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_framework_bad(self): '''Test check_framework() - bad''' self.set_test_manifest("framework", "nonexistent") c = ClickReviewLint(self.test_name) c.check_framework() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) click-reviewers-tools-0.5/clickreviews/tests/test_cr_desktop.py0000644000000000000000000010156512305663727022125 0ustar '''test_cr_desktop.py: tests for the cr_desktop module''' # # Copyright (C) 2013 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from clickreviews.cr_desktop import ClickReviewDesktop import clickreviews.cr_tests as cr_tests class TestClickReviewDesktop(cr_tests.TestClickReview): """Tests for the desktop review tool.""" def setUp(self): # Monkey patch various file access classes. stop() is handled with # addCleanup in super() cr_tests.mock_patch() super() def test_check_desktop_file(self): '''Test check_desktop_file()''' c = ClickReviewDesktop(self.test_name) c.check_desktop_file() r = c.click_report expected = dict() expected['info'] = dict() expected['warn'] = dict() expected['error'] = dict() expected['info']['desktop_files_usable'] = {"text": "OK"} expected['info']['desktop_files_available'] = {"text": "OK"} self.check_results(r, expected=expected) def test_check_desktop_file_valid(self): '''Test check_desktop_file_valid()''' c = ClickReviewDesktop(self.test_name) c.check_desktop_file_valid() r = c.click_report expected = dict() expected['info'] = dict() expected['warn'] = dict() expected['error'] = dict() expected['info']['desktop_validates (%s)' % self.default_appname] = \ {"text": "OK"} self.check_results(r, expected=expected) def test_check_desktop_file_valid_missing_exec(self): '''Test check_desktop_file_valid() - missing Exec''' c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "Exec", None) c.check_desktop_file_valid() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_file_valid_empty_name(self): '''Test check_desktop_file_valid() - empty Name''' c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "Name", "") c.check_desktop_file_valid() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_required_keys(self): '''Test check_desktop_required_keys()''' c = ClickReviewDesktop(self.test_name) c.check_desktop_required_keys() r = c.click_report expected_counts = {'info': 2, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_required_keys_missing(self): '''Test check_desktop_required_keys()''' c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "Name", None) c.check_desktop_required_keys() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_x_ubuntu_gettext_domain_missing(self): '''Test check_desktop_x_ubuntu_gettext_domain when missing''' c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "X-Ubuntu-Gettext-Domain", None) c.check_desktop_x_ubuntu_gettext_domain() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_x_ubuntu_gettext_domain_empty(self): '''Test check_desktop_x_ubuntu_gettext_domain when empty''' c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "X-Ubuntu-Gettext-Domain", "") c.check_desktop_x_ubuntu_gettext_domain() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_x_ubuntu_gettext_domain_valid(self): '''Test check_desktop_x_ubuntu_gettext_domain valid''' c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "X-Ubuntu-Gettext-Domain", self.test_control['Package']) c.check_desktop_x_ubuntu_gettext_domain() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_x_ubuntu_gettext_domain_mismatch(self): '''Test check_desktop_x_ubuntu_gettext_domain doesn't match''' c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "X-Ubuntu-Gettext-Domain", "com.example.mismatch") c.check_desktop_x_ubuntu_gettext_domain() r = c.click_report expected_counts = {'info': 0, 'warn': 1, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webapp_args_with_url_patterns(self): '''Test check_desktop_exec_webapp_args with --webappUrlPatterns''' for exe in ['webbrowser-app --webapp', 'webapp-container']: c = ClickReviewDesktop(self.test_name) ex = "%s --enable-back-forward --webapp " % exe + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webapp_args() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webapp_args_with_model_search_path(self): '''Test check_desktop_exec_webapp_args with --webappModelSearchPath''' c = ClickReviewDesktop(self.test_name) for exe in ['webbrowser-app --webapp', 'webapp-container']: ex = "%s --enable-back-forward " % exe + \ "--webappModelSearchPath=. " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webapp_args() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webapp_args_without_required(self): '''Test check_desktop_exec_webapp_args without required''' for exe in ['webbrowser-app --webapp', 'webapp-container']: c = ClickReviewDesktop(self.test_name) ex = "%s --enable-back-forward " % exe + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webapp_args() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webapp_args_without_minimal(self): '''Test check_desktop_exec_webapp_args without minimal''' for exe in ['webbrowser-app --webapp', 'webapp-container']: c = ClickReviewDesktop(self.test_name) ex = "%s " % exe + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webapp_args() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webapp_args_with_both_required(self): '''Test check_desktop_exec_webbrowser with both required''' for exe in ['webbrowser-app --webapp', 'webapp-container']: c = ClickReviewDesktop(self.test_name) ex = "%s --enable-back-forward " % exe + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "--webappModelSearchPath=. " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webapp_args() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_missing_exec(self): '''Test check_desktop_exec_webbrowser - missing exec''' c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "Exec", None) c.check_desktop_exec_webbrowser() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_missing_webapp(self): '''Test check_desktop_exec_webbrowser - missing --webapp''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward " + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "http://mobile.twitter.com" c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_non1310(self): '''Test check_desktop_exec_webbrowser without 13.10''' self.set_test_manifest("framework", "not-ubuntu-sdk-13.10") c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --webapp --enable-back-forward " + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "http://mobile.twitter.com" c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webapp_container_has_webapp(self): '''Test check_desktop_exec_webapp_container - has --webapp''' c = ClickReviewDesktop(self.test_name) ex = "webapp-container --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "http://mobile.twitter.com" c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webapp_container() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webapp_container_1310a(self): '''Test check_desktop_exec_webapp_container on 13.10 framework''' c = ClickReviewDesktop(self.test_name) ex = "webapp-container --enable-back-forward " + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "http://mobile.twitter.com" c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webapp_container() r = c.click_report expected_counts = {'info': 2, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webapp_container_1310b(self): '''Test check_desktop_exec_webapp_container on non-13.10 framework''' self.set_test_manifest("framework", "not-ubuntu-sdk-13.10") c = ClickReviewDesktop(self.test_name) ex = "webapp-container --enable-back-forward " + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "http://mobile.twitter.com" c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webapp_container() r = c.click_report expected_counts = {'info': 2, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webapp_container_missing_exec(self): '''Test check_desktop_exec_webapp_container - missing exec''' c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "Exec", None) c.check_desktop_exec_webapp_container() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_valid(self): '''Test check_desktop_exec_webbrowser_urlpatterns() valid''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_missing_exec(self): '''Test check_desktop_exec_webbrowser_urlpatterns() - missing exec''' c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "Exec", None) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_missing_arg(self): '''Test check_desktop_exec_webbrowser_urlpatterns() missing arg''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_multiple_args(self): '''Test check_desktop_exec_webbrowser_urlpatterns() multiple args''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_no_https(self): '''Test check_desktop_exec_webbrowser_urlpatterns() missing https?''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=http://mobile.twitter.com/* " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': None, 'warn': 1, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_no_trailing_glob(self): '''Test check_desktop_exec_webbrowser_urlpatterns() no trailing glob''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://mobile.twitter.com/ " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': None, 'warn': 1, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_trailing_glob1(self): '''Test check_desktop_exec_webbrowser_urlpatterns() - trailing glob1''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_trailing_glob2(self): '''Test check_desktop_exec_webbrowser_urlpatterns() - trailing glob2''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://m.bbc.co.uk/sport* " + \ "http://m.bbc.co.uk/sport" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_trailing_glob3(self): '''Test check_desktop_exec_webbrowser_urlpatterns() - trailing glob3''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://*.bbc.co.uk/sport* " + \ "http://*.bbc.co.uk/sport" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_trailing_glob4(self): '''Test check_desktop_exec_webbrowser_urlpatterns() - trailing glob4''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://www.bbc.co.uk* " + \ "http://www.bbc.co.uk" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_embedded_glob(self): '''Test check_desktop_exec_webbrowser_urlpatterns() embedded glob''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://mobile.twitter.com*/* " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': None, 'warn': 2, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_leading_glob(self): '''Test check_desktop_exec_webbrowser_urlpatterns() leading glob''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://*.twitter.com/* " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_target_mismatch(self): '''Test check_desktop_exec_webbrowser_urlpatterns() target mismatch''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "http://mobile.twitter.net" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': None, 'warn': 1, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_target_mismatch2(self): '''Test check_desktop_exec_webbrowser_urlpatterns() target mismatch2''' c = ClickReviewDesktop(self.test_name) # this shouldn't error or warn, but should give info ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://mobile.twitter.com/* " + \ "ftp://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_target_mismatch3(self): '''Test check_desktop_exec_webbrowser_urlpatterns() target mismatch3''' c = ClickReviewDesktop(self.test_name) # this shouldn't error or warn, but should give info ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://mobile.twitter.com/*," + \ "https?://nonmatch.twitter.com/* " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_urlpatterns_target_missing(self): '''Test check_desktop_exec_webbrowser_urlpatterns() target missing''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappUrlPatterns=https?://mobile.twitter.com/*" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_urlpatterns() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_modelsearchpath_valid(self): '''Test check_desktop_exec_webbrowser_modelsearchpath() valid''' c = ClickReviewDesktop(self.test_name) self.set_test_webapp_manifest("unity-webapps-foo/manifest.json", "name", "foo") self.set_test_webapp_manifest("unity-webapps-foo/manifest.json", "includes", ['https?://mobile.twitter.com/*']) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappModelSearchPath=. http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_modelsearchpath() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_modelsearchpath_missing_exec(self): '''Test check_desktop_exec_webbrowser_modelsearchpath - missing exec''' c = ClickReviewDesktop(self.test_name) self.set_test_desktop(self.default_appname, "Exec", None) c.check_desktop_exec_webbrowser_modelsearchpath() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_modelsearchpath_missing_arg(self): '''Test check_desktop_exec_webbrowser_modelsearchpath() missing arg''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_modelsearchpath() r = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_modelsearchpath_multiple_args(self): '''Test check_desktop_exec_webbrowser_modelsearchpath multiple args''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappModelSearchPath=. " + \ "--webappModelSearchPath=. " + \ "http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_modelsearchpath() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_modelsearchpath_empty(self): '''Test check_desktop_exec_webbrowser_modelsearchpath() empty''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappModelSearchPath= http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_modelsearchpath() r = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_modelsearchpath_no_manifest(self): '''Test check_desktop_exec_webbrowser_modelsearchpath() no manifest''' c = ClickReviewDesktop(self.test_name) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappModelSearchPath=. http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_modelsearchpath() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_modelsearchpath_bad_manifest(self): '''Test check_desktop_exec_webbrowser_modelsearchpath() bad manifest''' c = ClickReviewDesktop(self.test_name) self.set_test_webapp_manifest("unity-webapps-foo/manifest.json", None, None) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappModelSearchPath=. http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_modelsearchpath() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_modelsearchpath_mult_manifest(self): '''Test check_desktop_exec_webbrowser_modelsearchpath mult manifest''' c = ClickReviewDesktop(self.test_name) self.set_test_webapp_manifest("unity-webapps-foo/manifest.json", "name", "foo") self.set_test_webapp_manifest("unity-webapps-bar/manifest.json", "name", "bar") ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappModelSearchPath=. http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_modelsearchpath() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_modelsearchpath_bad_includes(self): '''Test check_desktop_exec_webbrowser_modelsearchpath() bad includes''' c = ClickReviewDesktop(self.test_name) self.set_test_webapp_manifest("unity-webapps-foo/manifest.json", "name", "foo") self.set_test_webapp_manifest("unity-webapps-foo/manifest.json", "includes", "not list") ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappModelSearchPath=. http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_modelsearchpath() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_modelsearchpath_no_includes(self): '''Test check_desktop_exec_webbrowser_modelsearchpath() no includes''' c = ClickReviewDesktop(self.test_name) self.set_test_webapp_manifest("unity-webapps-foo/manifest.json", "name", "foo") ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappModelSearchPath=. http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_modelsearchpath() r = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_desktop_exec_webbrowser_modelsearchpath_mismatch(self): '''Test check_desktop_exec_webbrowser_modelsearchpath() no includes''' c = ClickReviewDesktop(self.test_name) self.set_test_webapp_manifest("unity-webapps-foo/manifest.json", "name", "foo") self.set_test_webapp_manifest("unity-webapps-foo/manifest.json", "includes", ['https?://mobile.twitter.net/*']) ex = "webbrowser-app --enable-back-forward --webapp " + \ "--webappModelSearchPath=. http://mobile.twitter.com" self.set_test_desktop(self.default_appname, "Exec", ex) c.check_desktop_exec_webbrowser_modelsearchpath() r = c.click_report expected_counts = {'info': None, 'warn': 1, 'error': 0} self.check_results(r, expected_counts) click-reviewers-tools-0.5/clickreviews/tests/test_aaa_example_cr_skeleton.py0000644000000000000000000000543112267705013024600 0ustar '''test_cr_skeleton.py: tests for the cr_skeleton module''' # # Copyright (C) 2013 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from clickreviews.cr_skeleton import ClickReviewSkeleton import clickreviews.cr_tests as cr_tests class TestClickReviewSkeleton(cr_tests.TestClickReview): """Tests for the lint review tool.""" def setUp(self): # Monkey patch various file access classes. stop() is handled with # addCleanup in super() cr_tests.mock_patch() super() def test_check_foo(self): '''Test check_foo()''' c = ClickReviewSkeleton(self.test_name) c.check_foo() r = c.click_report # We should end up with 1 info expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(r, expected_counts) def test_check_bar(self): '''Test check_bar()''' c = ClickReviewSkeleton(self.test_name) c.check_bar() r = c.click_report # We should end up with 1 error expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(r, expected_counts) def test_check_baz(self): '''Test check_baz()''' c = ClickReviewSkeleton(self.test_name) c.check_baz() r = c.click_report # We should end up with 1 warning expected_counts = {'info': 0, 'warn': 1, 'error': 0} self.check_results(r, expected_counts) # Check specific entries expected = dict() expected['info'] = dict() expected['warn'] = dict() expected['warn']['skeleton_baz'] = {"text": "TODO", "link": "http://example.com"} expected['error'] = dict() self.check_results(r, expected=expected) def test_output(self): '''Test output''' # Update the control field and output the changes self.set_test_control('Package', "my.mock.app.name") self.set_test_manifest('name', "my.mock.app.name") self._update_test_name() import pprint import json print(''' = test output = == Mock filename == %s == Mock control == %s == Mock manifest ==''' % (self.test_name, cr_tests.TEST_CONTROL)) pprint.pprint(json.loads(cr_tests.TEST_MANIFEST)) click-reviewers-tools-0.5/clickreviews/tests/test_cr_security.py0000644000000000000000000005161112305400621022275 0ustar '''test_cr_security.py: tests for the cr_security module''' # # Copyright (C) 2013-2014 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import print_function import sys from clickreviews.cr_security import ClickReviewSecurity import clickreviews.cr_tests as cr_tests class TestClickReviewSecurity(cr_tests.TestClickReview): """Tests for the security lint review tool.""" def setUp(self): # Monkey patch various file access classes. stop() is handled with # addCleanup in super() cr_tests.mock_patch() super() self.default_security_json = "%s.json" % \ self.default_appname def test_check_policy_version_vendor(self): '''Test check_policy_version() - valid''' for v in [1.0]: # update when have more vendor policy c = ClickReviewSecurity(self.test_name) self.set_test_security_manifest(self.default_appname, "policy_version", v) c.check_policy_version() report = c.click_report expected_counts = {'info': 3, 'warn': 0, 'error': 0} self.check_results(report, expected_counts) def test_check_policy_version_highest(self): '''Test check_policy_version() - highest''' c = ClickReviewSecurity(self.test_name) highest_version = sorted(c.supported_policy_versions)[-1] version = highest_version self.set_test_security_manifest(self.default_appname, "policy_version", version) c.check_policy_version() report = c.click_report expected = dict() expected['info'] = dict() expected['warn'] = dict() expected['error'] = dict() expected['info']["security_policy_version_is_highest (%s, %s)" % (highest_version, self.default_security_json)] = \ {"text": "OK"} self.check_results(report, expected=expected) def test_check_policy_version_bad(self): '''Test check_policy_version() - bad version''' bad_version = 0.1 c = ClickReviewSecurity(self.test_name) self.set_test_security_manifest(self.default_appname, "policy_version", bad_version) highest = sorted(c.supported_policy_versions)[-1] c.check_policy_version() report = c.click_report expected = dict() expected['info'] = dict() expected['warn'] = dict() expected['error'] = dict() expected['info']["security_policy_version_is_highest (%s, %s)" % ( highest, self.default_security_json)] = \ {"text": "0.1 != %s" % highest} expected['error']["security_policy_version_exists (%s)" % self.default_security_json] = \ {"text": "could not find policy for ubuntu/%s" % str(bad_version)} self.check_results(report, expected=expected) def test_check_policy_version_low(self): '''Test check_policy_version() - low version''' c = ClickReviewSecurity(self.test_name) highest = sorted(c.supported_policy_versions)[-1] version = 1.0 if version == highest: print("SKIPPED-- test version '%s' is already highest" % version, file=sys.stderr) return self.set_test_security_manifest(self.default_appname, "policy_version", version) c.check_policy_version() report = c.click_report expected = dict() expected['info'] = dict() expected['warn'] = dict() expected['error'] = dict() expected['info']["security_policy_version_is_highest (%s, %s)" % ( highest, self.default_security_json)] = \ {"text": "%s != %s" % (version, highest)} self.check_results(report, expected=expected) def test_check_policy_version_unspecified(self): '''Test check_policy_version() - unspecified''' c = ClickReviewSecurity(self.test_name) self.set_test_security_manifest(self.default_appname, "policy_version", None) c.check_policy_version() report = c.click_report expected = dict() expected['info'] = dict() expected['warn'] = dict() expected['error'] = dict() expected['error']["security_policy_version_exists (%s)" % self.default_security_json] = \ {"text": "could not find policy_version in manifest"} self.check_results(report, expected=expected) def test_check_policy_version_framework(self): '''Test check_policy_version() - matching framework''' tmp = ClickReviewSecurity(self.test_name) # for each installed framework on the system, verify that the policy # matches the framework for f in tmp.valid_frameworks: self.set_test_manifest("framework", f) policy_version = 0 for k in tmp.major_framework_policy.keys(): if f.startswith(k): policy_version = tmp.major_framework_policy[k] self.set_test_security_manifest(self.default_appname, "policy_version", policy_version) c = ClickReviewSecurity(self.test_name) c.check_policy_version() report = c.click_report expected_counts = {'info': 3, 'warn': 0, 'error': 0} self.check_results(report, expected_counts) def test_check_policy_version_framework_unmatch(self): '''Test check_policy_version() - unmatching framework (lower)''' self.set_test_manifest("framework", "ubuntu-sdk-14.04") self.set_test_security_manifest(self.default_appname, "policy_version", 1.0) c = ClickReviewSecurity(self.test_name) c.check_policy_version() report = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) expected = dict() expected['info'] = dict() expected['warn'] = dict() expected['error'] = dict() expected['error']["security_policy_version_matches_framework (%s)" % self.default_security_json] = \ {"text": "1.0 != 1.1 (ubuntu-sdk-14.04)"} self.check_results(report, expected=expected) def test_check_policy_version_framework_unmatch2(self): '''Test check_policy_version() - unmatching framework (higher)''' self.set_test_manifest("framework", "ubuntu-sdk-13.10") self.set_test_security_manifest(self.default_appname, "policy_version", 1.1) c = ClickReviewSecurity(self.test_name) c.check_policy_version() report = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) expected = dict() expected['info'] = dict() expected['warn'] = dict() expected['error'] = dict() expected['error']["security_policy_version_matches_framework (%s)" % self.default_security_json] = \ {"text": "1.1 != 1.0 (ubuntu-sdk-13.10)"} self.check_results(report, expected=expected) def test_check_policy_version_framework_unmatch3(self): '''Test check_policy_version() - unmatching framework (nonexistent)''' self.set_test_manifest("framework", "nonexistent") self.set_test_security_manifest(self.default_appname, "policy_version", 1.1) c = ClickReviewSecurity(self.test_name) c.check_policy_version() report = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) expected = dict() expected['info'] = dict() expected['warn'] = dict() expected['error'] = dict() expected['error']["security_policy_version_matches_framework (%s)" % self.default_security_json] = \ {"text": "Invalid framework 'nonexistent'"} self.check_results(report, expected=expected) def test_check_policy_vendor_unspecified(self): '''Test check_policy_vendor() - unspecified''' c = ClickReviewSecurity(self.test_name) c.check_policy_vendor() report = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(report, expected_counts) def test_check_policy_vendor_ubuntu(self): '''Test check_policy_vendor() - ubuntu''' c = ClickReviewSecurity(self.test_name) self.set_test_security_manifest(self.default_appname, "policy_vendor", "ubuntu") c.check_policy_vendor() report = c.click_report expected_counts = {'info': 1, 'warn': 0, 'error': 0} self.check_results(report, expected_counts) def test_check_policy_vendor_nonexistent(self): '''Test check_policy_vendor() - nonexistent''' c = ClickReviewSecurity(self.test_name) self.set_test_security_manifest(self.default_appname, "policy_vendor", "nonexistent") c.check_policy_vendor() report = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) def test_check_template_unspecified(self): '''Test check_template() - unspecified''' c = ClickReviewSecurity(self.test_name) self.set_test_security_manifest(self.default_appname, "template", None) c.check_template() report = c.click_report expected_counts = {'info': 2, 'warn': 0, 'error': 0} self.check_results(report, expected_counts) def test_check_template_ubuntu_sdk(self): '''Test check_template() - ubuntu-sdk''' c = ClickReviewSecurity(self.test_name) self.set_test_security_manifest(self.default_appname, "template", "ubuntu-sdk") c.check_template() report = c.click_report expected = dict() expected['info'] = dict() expected['warn'] = dict() expected['error'] = dict() expected['info']["security_template_with_policy_version (%s)" % self.default_security_json] = {"text": "OK"} expected['info']["security_template_exists (%s)" % self.default_security_json] = {"text": "OK"} expected['warn']["security_template_valid (%s)" % self.default_security_json] = \ {"text": "No need to specify 'ubuntu-sdk' template"} self.check_results(report, expected=expected) def test_check_template_webapp(self): '''Test check_template() - webapp''' c = ClickReviewSecurity(self.test_name) self.set_test_security_manifest(self.default_appname, "template", "ubuntu-webapp") c.check_template() report = c.click_report expected_counts = {'info': 3, 'warn': 0, 'error': 0} self.check_results(report, expected_counts) def test_check_template_unconfined(self): '''Test check_template() - unconfined''' c = ClickReviewSecurity(self.test_name) self.set_test_security_manifest(self.default_appname, "template", "unconfined") c.check_template() report = c.click_report expected_counts = {'info': 2, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) def test_check_policy_groups_webapps(self): '''Test check_policy_groups_webapps()''' self.set_test_security_manifest(self.default_appname, "template", "ubuntu-webapp") self.set_test_security_manifest(self.default_appname, "policy_groups", ["audio", "location", "networking", "video"]) c = ClickReviewSecurity(self.test_name) c.check_policy_groups_webapps() report = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(report, expected_counts) def test_check_policy_groups_webapps_ubuntu_sdk(self): '''Test check_policy_groups_webapps() - ubuntu-sdk template''' self.set_test_security_manifest(self.default_appname, "template", "ubuntu-sdk") self.set_test_security_manifest(self.default_appname, "policy_groups", ["audio", "location", "networking", "video"]) c = ClickReviewSecurity(self.test_name) c.check_policy_groups_webapps() report = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 0} self.check_results(report, expected_counts) def test_check_policy_groups_webapps_nonexistent(self): '''Test check_policy_groups_webapps() - nonexistent''' self.set_test_security_manifest(self.default_appname, "template", "ubuntu-webapp") self.set_test_security_manifest(self.default_appname, "policy_groups", ["networking", "nonexistent"]) c = ClickReviewSecurity(self.test_name) c.check_policy_groups_webapps() report = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) def test_check_policy_groups_webapps_missing(self): '''Test check_policy_groups_webapps() - missing''' self.set_test_security_manifest(self.default_appname, "template", "ubuntu-webapp") self.set_test_security_manifest(self.default_appname, "policy_groups", None) c = ClickReviewSecurity(self.test_name) c.check_policy_groups_webapps() report = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) def test_check_policy_groups_webapps_bad(self): '''Test check_policy_groups_webapps() - bad''' self.set_test_security_manifest(self.default_appname, "template", "ubuntu-webapp") self.set_test_security_manifest(self.default_appname, "policy_groups", ["video_files", "networking"]) c = ClickReviewSecurity(self.test_name) c.check_policy_groups_webapps() report = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) def test_check_policy_groups(self): '''Test check_policy_groups()''' c = ClickReviewSecurity(self.test_name) c.check_policy_groups() report = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(report, expected_counts) def test_check_policy_groups_multiple(self): '''Test check_policy_groups() - multiple''' self.set_test_security_manifest(self.default_appname, "policy_groups", ['networking', 'audio', 'video']) c = ClickReviewSecurity(self.test_name) c.check_policy_groups() report = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 0} self.check_results(report, expected_counts) def test_check_policy_groups_duplicates(self): '''Test check_policy_groups() - duplicates''' self.set_test_security_manifest(self.default_appname, "policy_groups", ['networking', 'camera', 'microphone', 'camera', 'microphone', 'video']) c = ClickReviewSecurity(self.test_name) c.check_policy_groups() report = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) def test_check_policy_groups_missing_policy_version(self): '''Test check_policy_groups() - missing policy_version''' self.set_test_security_manifest(self.default_appname, "policy_version", None) c = ClickReviewSecurity(self.test_name) c.check_policy_groups() report = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) def test_check_policy_groups_missing(self): '''Test check_policy_groups() - missing''' self.set_test_security_manifest(self.default_appname, "policy_groups", None) c = ClickReviewSecurity(self.test_name) c.check_policy_groups() report = c.click_report expected_counts = {'info': 0, 'warn': 1, 'error': 0} self.check_results(report, expected_counts) def test_check_policy_groups_bad_policy_version(self): '''Test check_policy_groups() - bad policy_version''' self.set_test_security_manifest(self.default_appname, "policy_version", 0.1) c = ClickReviewSecurity(self.test_name) c.check_policy_groups() report = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) def test_check_policy_groups_bad_policy_vendor(self): '''Test check_policy_groups() - bad policy_vendor''' self.set_test_security_manifest(self.default_appname, "policy_vendor", "nonexistent") c = ClickReviewSecurity(self.test_name) c.check_policy_groups() report = c.click_report expected_counts = {'info': 0, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) def test_check_policy_groups_nonexistent(self): '''Test check_policy_groups_webapps() - nonexistent''' self.set_test_security_manifest(self.default_appname, "policy_groups", ["networking", "nonexistent"]) c = ClickReviewSecurity(self.test_name) c.check_policy_groups() report = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) def test_check_policy_groups_reserved(self): '''Test check_policy_groups_webapps() - reserved''' self.set_test_security_manifest(self.default_appname, "policy_groups", ["video_files", "networking"]) c = ClickReviewSecurity(self.test_name) c.check_policy_groups() report = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) def test_check_policy_groups_empty(self): '''Test check_policy_groups_webapps() - empty''' self.set_test_security_manifest(self.default_appname, "policy_groups", ["", "networking"]) c = ClickReviewSecurity(self.test_name) c.check_policy_groups() report = c.click_report expected_counts = {'info': None, 'warn': 0, 'error': 1} self.check_results(report, expected_counts) click-reviewers-tools-0.5/clickreviews/cr_common.py0000644000000000000000000003053512305663727017541 0ustar '''common.py: common classes and functions''' # # Copyright (C) 2013-2014 Canonical Ltd. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from __future__ import print_function import codecs from debian.deb822 import Deb822 import glob import inspect import json import magic import os import pprint import shutil import subprocess import sys import tempfile import types DEBUGGING = False UNPACK_DIR = None # cleanup import atexit def cleanup_unpack(): if UNPACK_DIR is not None and os.path.isdir(UNPACK_DIR): recursive_rm(UNPACK_DIR) atexit.register(cleanup_unpack) # # Utility classes # class ClickReviewException(Exception): '''This class represents ClickReview exceptions''' def __init__(self, value): self.value = value def __str__(self): return repr(self.value) class ClickReview(object): '''This class represents click reviews''' def __init__(self, fn, review_type): self.click_package = fn self._check_path_exists() if not self.click_package.endswith(".click"): error("filename does not end with '.click'") self.review_type = review_type self.click_report = dict() self.result_types = ['info', 'warn', 'error'] for r in self.result_types: self.click_report[r] = dict() self.click_report_output = "json" self.unpack_dir = unpack_click(fn) global UNPACK_DIR UNPACK_DIR = self.unpack_dir # Get some basic information from the control file control_file = self._extract_control_file() tmp = list(Deb822.iter_paragraphs(control_file)) if len(tmp) != 1: error("malformed control file: too many paragraphs") control = tmp[0] self.click_pkgname = control['Package'] self.click_version = control['Version'] self.click_arch = control['Architecture'] # Parse and store the manifest manifest_json = self._extract_manifest_file() try: self.manifest = json.load(manifest_json) except Exception: error("Could not load manifest file. Is it properly formatted?") self._verify_manifest_structure() # Get a list of all unpacked files, except DEBIAN/ self.pkg_files = [] self._list_all_files() # Setup what is needed to get a list of all unpacked compiled binaries self.mime = magic.open(magic.MAGIC_MIME) self.mime.load() self.pkg_bin_files = [] # Don't run this here since only cr_lint.py and cr_functional.py need # it now # self._list_all_compiled_binaries() # TODO: update to use libclick API when available self.valid_frameworks = [] frameworks = sorted( glob.glob("/usr/share/click/frameworks/*.framework")) if len(frameworks) == 0: self.valid_frameworks.append('ubuntu-sdk-13.10') else: for f in frameworks: self.valid_frameworks.append(os.path.basename( os.path.splitext(f)[0])) def _extract_manifest_file(self): '''Extract and read the manifest file''' m = os.path.join(self.unpack_dir, "DEBIAN/manifest") if not os.path.isfile(m): error("Could not find manifest file") return open_file_read(m) def _check_path_exists(self): '''Check that the provided path exists''' if not os.path.exists(self.click_package): error("Could not find '%s'" % self.click_package) def _extract_control_file(self): '''Extract ''' fh = open_file_read(os.path.join(self.unpack_dir, "DEBIAN/control")) return fh.readlines() def _list_all_files(self): '''List all files included in this click package.''' for root, dirnames, filenames in os.walk(self.unpack_dir): for f in filenames: self.pkg_files.append(os.path.join(root, f)) def _list_all_compiled_binaries(self): '''List all compiled binaries in this click package.''' for i in self.pkg_files: res = self.mime.file(i) if res in ['application/x-executable; charset=binary', 'application/x-sharedlib; charset=binary']: self.pkg_bin_files.append(i) def _verify_manifest_structure(self): '''Verify manifest has the expected structure''' # lp:click doc/file-format.rst mp = pprint.pformat(self.manifest) if not isinstance(self.manifest, dict): error("manifest malformed:\n%s" % self.manifest) required = ["name", "version", "framework"] # click required for f in required: if f not in self.manifest: error("could not find required '%s' in manifest:\n%s" % (f, mp)) elif not isinstance(self.manifest[f], str): error("manifest malformed: '%s' is not str:\n%s" % (f, mp)) # optional click fields here (may be required by appstore) # http://click.readthedocs.org/en/latest/file-format.html optional = ["title", "description", "maintainer", "architecture", "installed-size", "icon"] for f in optional: if f in self.manifest: if f != "architecture" and \ not isinstance(self.manifest[f], str): error("manifest malformed: '%s' is not str:\n%s" % (f, mp)) elif f == "architecture" and not \ (isinstance(self.manifest[f], str) or isinstance(self.manifest[f], list)): error("manifest malformed: '%s' is not str or list:\n%s" % (f, mp)) # Not required by click, but required by appstore. 'hooks' is assumed # to be present in other checks if 'hooks' not in self.manifest: error("could not find required 'hooks' in manifest:\n%s" % mp) if not isinstance(self.manifest['hooks'], dict): error("manifest malformed: 'hooks' is not dict:\n%s" % mp) # 'hooks' is assumed to be present and non-empty in other checks if len(self.manifest['hooks']) < 1: error("manifest malformed: 'hooks' is empty:\n%s" % mp) for app in self.manifest['hooks']: if not isinstance(self.manifest['hooks'][app], dict): error("manifest malformed: hooks/%s is not dict:\n%s" % (app, mp)) # let cr_lint.py handle required hooks if len(self.manifest['hooks'][app]) < 1: error("manifest malformed: hooks/%s is empty:\n%s" % (app, mp)) for k in sorted(self.manifest): if k not in required + optional + ['hooks']: # click supports local extensions via 'x-...', ignore those # here but report in lint if k.startswith('x-'): continue error("manifest malformed: unsupported field '%s':\n%s" % (k, mp)) def set_review_type(self, name): '''Set review name''' self.review_type = name # click_report[][] = # result_type: info, warn, error # review_name: name of the check (prefixed with self.review_type) # result: contents of the review def _add_result(self, result_type, review_name, result, link=None): '''Add result to report''' if result_type not in self.result_types: error("Invalid result type '%s'" % result_type) name = "%s_%s" % (self.review_type, review_name) if name not in self.click_report[result_type]: self.click_report[result_type][name] = dict() self.click_report[result_type][name]["text"] = result if link is not None: self.click_report[result_type][name]["link"] = link def do_report(self): '''Print report''' if self.click_report_output == "console": # TODO: format better import pprint pprint.pprint(self.click_report) elif self.click_report_output == "json": import json msg(json.dumps(self.click_report, sort_keys=True, indent=2, separators=(',', ': '))) rc = 0 if len(self.click_report['error']): rc = 2 elif len(self.click_report['warn']): rc = 1 return rc def do_checks(self): '''Run all methods that start with check_''' methodList = [name for name, member in inspect.getmembers(self, inspect.ismethod) if isinstance(member, types.MethodType)] for methodname in methodList: if not methodname.startswith("check_"): continue func = getattr(self, methodname) func() # # Utility functions # def error(out, exit_code=1, do_exit=True): '''Print error message and exit''' try: print("ERROR: %s" % (out), file=sys.stderr) except IOError: pass if do_exit: sys.exit(exit_code) def warn(out): '''Print warning message''' try: print("WARN: %s" % (out), file=sys.stderr) except IOError: pass def msg(out, output=sys.stdout): '''Print message''' try: print("%s" % (out), file=output) except IOError: pass def debug(out): '''Print debug message''' global DEBUGGING if DEBUGGING: try: print("DEBUG: %s" % (out), file=sys.stderr) except IOError: pass def cmd(command): '''Try to execute the given command.''' debug(command) try: sp = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.STDOUT) except OSError as ex: return [127, str(ex)] if sys.version_info[0] >= 3: out = sp.communicate()[0].decode('ascii', 'ignore') else: out = sp.communicate()[0] return [sp.returncode, out] def cmd_pipe(command1, command2): '''Try to pipe command1 into command2.''' try: sp1 = subprocess.Popen(command1, stdout=subprocess.PIPE) sp2 = subprocess.Popen(command2, stdin=sp1.stdout) except OSError as ex: return [127, str(ex)] if sys.version_info[0] >= 3: out = sp2.communicate()[0].decode('ascii', 'ignore') else: out = sp2.communicate()[0] return [sp2.returncode, out] def unpack_click(fn, dest=None): '''Unpack click package''' if not os.path.isfile(fn): error("Could not find '%s'" % fn) click_pkg = fn if not click_pkg.startswith('/'): click_pkg = os.path.abspath(click_pkg) if dest is not None and os.path.exists(dest): error("'%s' exists. Aborting." % dest) d = tempfile.mkdtemp(prefix='clickreview-') curdir = os.getcwd() os.chdir(d) (rc, out) = cmd(['dpkg-deb', '-R', click_pkg, d]) os.chdir(curdir) if rc != 0: if os.path.isdir(d): recursive_rm(d) error("dpkg-deb -R failed with '%d':\n%s" % (rc, out)) if dest is None: dest = d else: shutil.move(d, dest) return dest def open_file_read(path): '''Open specified file read-only''' try: orig = codecs.open(path, 'r', "UTF-8") except Exception: raise return orig def recursive_rm(dirPath, contents_only=False): '''recursively remove directory''' names = os.listdir(dirPath) for name in names: path = os.path.join(dirPath, name) if os.path.islink(path) or not os.path.isdir(path): os.unlink(path) else: recursive_rm(path) if contents_only is False: os.rmdir(dirPath)