1
0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-11-16 20:00:11 +01:00
fdroidserver/tests/lint.TestCase
Hans-Christoph Steiner 18f3acc32e split out options from read_config()
There is no longer any reason for these to be intertwined.

This deliberately avoids touching some files as much as possible because
they are super tangled and due to be replaced.  Those files are:

* fdroidserver/build.py
* fdroidserver/update.py

# Conflicts:
#	tests/testcommon.py

# Conflicts:
#	fdroidserver/btlog.py
#	fdroidserver/import_subcommand.py
2024-05-08 16:26:46 +02:00

544 lines
20 KiB
Python
Executable File

#!/usr/bin/env python3
# http://www.drdobbs.com/testing/unit-testing-with-python/240165163
import logging
import os
import ruamel.yaml
import shutil
import sys
import tempfile
import unittest
from pathlib import Path
localmodule = Path(__file__).resolve().parent.parent
print('localmodule: ' + str(localmodule))
if localmodule not in sys.path:
sys.path.insert(0, str(localmodule))
import fdroidserver.common
import fdroidserver.lint
import fdroidserver.metadata
from fdroidserver.common import CATEGORIES_CONFIG_NAME
from testcommon import mkdtemp, parse_args_for_test
class LintTest(unittest.TestCase):
'''fdroidserver/lint.py'''
def setUp(self):
logging.basicConfig(level=logging.DEBUG)
self.basedir = localmodule / 'tests'
self.tmpdir = localmodule / '.testfiles'
self.tmpdir.mkdir(exist_ok=True)
os.chdir(self.basedir)
fdroidserver.common.config = None
fdroidserver.lint.config = None
fdroidserver.lint.CATEGORIES_KEYS = None
self._td = mkdtemp()
self.testdir = self._td.name
def tearDown(self):
self._td.cleanup()
def test_check_for_unsupported_metadata_files(self):
self.assertTrue(fdroidserver.lint.check_for_unsupported_metadata_files())
with tempfile.TemporaryDirectory(dir=str(self.tmpdir)) as testdir:
testdir = Path(testdir)
self.assertFalse(
fdroidserver.lint.check_for_unsupported_metadata_files(testdir)
)
shutil.copytree(
self.basedir / 'metadata',
testdir / 'metadata',
ignore=shutil.ignore_patterns('apk', 'dump', '*.json'),
)
self.assertFalse(
fdroidserver.lint.check_for_unsupported_metadata_files(testdir)
)
(testdir / 'metadata/org.adaway.json').write_text('placeholder')
self.assertTrue(
fdroidserver.lint.check_for_unsupported_metadata_files(testdir)
)
def test_forbidden_html_tags(self):
config = dict()
fdroidserver.common.fill_config_defaults(config)
fdroidserver.common.config = config
fdroidserver.lint.config = config
app = {
'Name': 'Bad App',
'Summary': 'We pwn you',
'Description': 'This way: <style><img src="</style><img src=x onerror=alert(1)//">',
}
anywarns = False
for warn in fdroidserver.lint.check_regexes(app):
anywarns = True
logging.debug(warn)
self.assertTrue(anywarns)
def test_source_urls(self):
config = dict()
fdroidserver.common.fill_config_defaults(config)
fdroidserver.common.config = config
fdroidserver.lint.config = config
app = {
'Name': 'My App',
'Summary': 'just a placeholder',
'Description': 'This app does all sorts of useful stuff',
}
good_urls = [
'https://github.com/Matteljay/mastermindy-android',
'https://gitlab.com/origin/master',
'https://gitlab.com/group/subgroup/masterthing',
'https://raw.githubusercontent.com/Seva-coder/Finder/HEAD/ChangeLog.txt',
'https://github.com/scoutant/blokish/blob/HEAD/README.md#changelog',
'https://git.ieval.ro/?p=fonbot.git;a=blob;f=Changes;hb=HEAD',
'https://htmlpreview.github.io/?https://github.com/YasuakiHonda/Maxima-on-Android-AS/blob/HEAD/app/src/main/assets/About_MoA/index.html',
'',
]
anywarns = False
for url in good_urls:
app['SourceCode'] = url
for warn in fdroidserver.lint.check_regexes(app):
anywarns = True
logging.debug(warn)
self.assertFalse(anywarns)
bad_urls = [
'github.com/my/proj',
'http://github.com/not/secure',
'https://github.com/foo/bar.git',
'https://gitlab.com/group/subgroup/project.git',
'https://raw.githubusercontent.com/Seva-coder/Finder/master/ChangeLog.txt',
'https://github.com/scoutant/blokish/blob/master/README.md#changelog',
'http://htmlpreview.github.io/?https://github.com/my/project/blob/HEAD/index.html',
'http://fdroid.gitlab.io/fdroid-website',
]
logging.debug('bad urls:')
for url in bad_urls:
anywarns = False
app['SourceCode'] = url
for warn in fdroidserver.lint.check_regexes(app):
anywarns = True
logging.debug(warn)
self.assertTrue(anywarns, url + " does not fail lint!")
def test_check_app_field_types(self):
config = dict()
fdroidserver.common.fill_config_defaults(config)
fdroidserver.common.config = config
fdroidserver.lint.config = config
app = fdroidserver.metadata.App()
app.id = 'fake.app'
app.Name = 'Bad App'
app.Summary = 'We pwn you'
app.Description = 'These are some back'
fields = {
'Categories': {
'good': [
['Sports & Health'],
['Multimedia', 'Graphics'],
],
'bad': [
'Science & Education',
'Multimedia,Graphics',
],
},
'WebSite': {
'good': [
'https://homepage.com',
],
'bad': [
[],
[
'nope',
],
29,
],
},
}
for field, values in fields.items():
for bad in values['bad']:
anywarns = False
app[field] = bad
for warn in fdroidserver.lint.check_app_field_types(app):
anywarns = True
logging.debug(warn)
self.assertTrue(anywarns)
for good in values['good']:
anywarns = False
app[field] = good
for warn in fdroidserver.lint.check_app_field_types(app):
anywarns = True
logging.debug(warn)
self.assertFalse(anywarns)
def test_check_vercode_operation(self):
config = dict()
fdroidserver.common.fill_config_defaults(config)
fdroidserver.common.config = config
fdroidserver.lint.config = config
app = fdroidserver.metadata.App()
app.Name = 'Bad App'
app.Summary = 'We pwn you'
app.Description = 'These are some back'
good_fields = [
'6%c',
'%c - 1',
'%c + 10',
'%c*10',
'%c*10 + 3',
'%c*10 + 8',
'%c + 2 ',
'%c + 3',
'%c + 7',
]
bad_fields = [
'open("/etc/passwd")',
'%C + 1',
'%%c * 123',
'123 + %%',
'%c % 7',
]
anywarns = False
for good in good_fields:
app.VercodeOperation = [good]
for warn in fdroidserver.lint.check_vercode_operation(app):
anywarns = True
logging.debug(warn)
self.assertFalse(anywarns)
for bad in bad_fields:
anywarns = False
app.VercodeOperation = [bad]
for warn in fdroidserver.lint.check_vercode_operation(app):
anywarns = True
logging.debug(warn)
self.assertTrue(anywarns)
def test_check_license_tag_no_custom_pass(self):
config = dict()
fdroidserver.common.fill_config_defaults(config)
fdroidserver.common.config = config
fdroidserver.lint.config = config
app = fdroidserver.metadata.App()
app.License = "GPL-3.0-or-later"
anywarns = False
for warn in fdroidserver.lint.check_license_tag(app):
anywarns = True
logging.debug(warn)
self.assertFalse(anywarns)
def test_check_license_tag_no_custom_fail(self):
config = dict()
fdroidserver.common.fill_config_defaults(config)
fdroidserver.common.config = config
fdroidserver.lint.config = config
app = fdroidserver.metadata.App()
app.License = "Adobe-2006"
anywarns = False
for warn in fdroidserver.lint.check_license_tag(app):
anywarns = True
logging.debug(warn)
self.assertTrue(anywarns)
def test_check_license_tag_with_custom_pass(self):
config = dict()
fdroidserver.common.fill_config_defaults(config)
fdroidserver.common.config = config
fdroidserver.lint.config = config
config['lint_licenses'] = ['fancy-license', 'GPL-3.0-or-later']
app = fdroidserver.metadata.App()
app.License = "fancy-license"
anywarns = False
for warn in fdroidserver.lint.check_license_tag(app):
anywarns = True
logging.debug(warn)
self.assertFalse(anywarns)
def test_check_license_tag_with_custom_fail(self):
config = dict()
fdroidserver.common.fill_config_defaults(config)
fdroidserver.common.config = config
fdroidserver.lint.config = config
config['lint_licenses'] = ['fancy-license', 'GPL-3.0-or-later']
app = fdroidserver.metadata.App()
app.License = "Apache-2.0"
anywarns = False
for warn in fdroidserver.lint.check_license_tag(app):
anywarns = True
logging.debug(warn)
self.assertTrue(anywarns)
def test_check_license_tag_with_custom_empty(self):
config = dict()
fdroidserver.common.fill_config_defaults(config)
fdroidserver.common.config = config
fdroidserver.lint.config = config
config['lint_licenses'] = []
app = fdroidserver.metadata.App()
app.License = "Apache-2.0"
anywarns = False
for warn in fdroidserver.lint.check_license_tag(app):
anywarns = True
logging.debug(warn)
self.assertTrue(anywarns)
def test_check_license_tag_disabled(self):
config = dict()
fdroidserver.common.fill_config_defaults(config)
fdroidserver.common.config = config
fdroidserver.lint.config = config
config['lint_licenses'] = None
app = fdroidserver.metadata.App()
app.License = "Apache-2.0"
anywarns = False
for warn in fdroidserver.lint.check_license_tag(app):
anywarns = True
logging.debug(warn)
self.assertFalse(anywarns)
def test_check_categories_in_config(self):
fdroidserver.lint.config = {CATEGORIES_CONFIG_NAME: ['InConfig']}
fdroidserver.lint.load_categories_config()
app = fdroidserver.metadata.App({'Categories': ['InConfig']})
self.assertEqual(0, len(list(fdroidserver.lint.check_categories(app))))
def test_check_categories_not_in_config(self):
fdroidserver.lint.config = dict()
fdroidserver.lint.load_categories_config()
app = fdroidserver.metadata.App({'Categories': ['NotInConfig']})
self.assertEqual(1, len(list(fdroidserver.lint.check_categories(app))))
def test_check_categories_empty_is_error(self):
fdroidserver.lint.config = {CATEGORIES_CONFIG_NAME: []}
fdroidserver.lint.load_categories_config()
app = fdroidserver.metadata.App({'Categories': ['something']})
self.assertEqual(1, len(list(fdroidserver.lint.check_categories(app))))
def test_check_categories_old_hardcoded_not_defined(self):
fdroidserver.lint.config = {CATEGORIES_CONFIG_NAME: ['foo', 'bar']}
fdroidserver.lint.load_categories_config()
app = fdroidserver.metadata.App({'Categories': ['Writing']})
self.assertEqual(1, len(list(fdroidserver.lint.check_categories(app))))
def test_check_categories_from_config_yml(self):
"""In config.yml, categories is a list."""
os.chdir(self.testdir)
Path('config.yml').write_text('categories: [foo, bar]')
fdroidserver.lint.config = fdroidserver.common.read_config()
fdroidserver.lint.load_categories_config()
self.assertEqual(fdroidserver.lint.CATEGORIES_KEYS, ['foo', 'bar'])
app = fdroidserver.metadata.App({'Categories': ['bar']})
self.assertEqual(0, len(list(fdroidserver.lint.check_categories(app))))
def test_check_categories_from_config_categories_yml(self):
"""In config/categories.yml, categories is a localized STRINGMAP dict."""
os.chdir(self.testdir)
os.mkdir('config')
Path('config/categories.yml').write_text('{foo: {name: foo}, bar: {name: bar}}')
fdroidserver.lint.config = fdroidserver.common.read_config()
fdroidserver.lint.load_categories_config()
self.assertEqual(fdroidserver.lint.CATEGORIES_KEYS, ['foo', 'bar'])
app = fdroidserver.metadata.App({'Categories': ['bar']})
self.assertEqual(0, len(list(fdroidserver.lint.check_categories(app))))
def test_lint_config_basic_mirrors_yml(self):
os.chdir(self.testdir)
yaml = ruamel.yaml.YAML(typ='safe')
with Path('mirrors.yml').open('w') as fp:
yaml.dump([{'url': 'https://example.com/fdroid/repo'}], fp)
self.assertTrue(fdroidserver.lint.lint_config('mirrors.yml'))
def test_lint_config_mirrors_yml_kenya_countryCode(self):
os.chdir(self.testdir)
yaml = ruamel.yaml.YAML(typ='safe')
with Path('mirrors.yml').open('w') as fp:
yaml.dump([{'url': 'https://foo.com/fdroid/repo', 'countryCode': 'KE'}], fp)
self.assertTrue(fdroidserver.lint.lint_config('mirrors.yml'))
def test_lint_config_mirrors_yml_invalid_countryCode(self):
"""WV is "indeterminately reserved" so it should never be used."""
os.chdir(self.testdir)
yaml = ruamel.yaml.YAML(typ='safe')
with Path('mirrors.yml').open('w') as fp:
yaml.dump([{'url': 'https://foo.com/fdroid/repo', 'countryCode': 'WV'}], fp)
self.assertFalse(fdroidserver.lint.lint_config('mirrors.yml'))
def test_lint_config_mirrors_yml_alpha3_countryCode(self):
"""Only ISO 3166-1 alpha 2 are supported"""
os.chdir(self.testdir)
yaml = ruamel.yaml.YAML(typ='safe')
with Path('mirrors.yml').open('w') as fp:
yaml.dump([{'url': 'https://de.com/fdroid/repo', 'countryCode': 'DEU'}], fp)
self.assertFalse(fdroidserver.lint.lint_config('mirrors.yml'))
def test_lint_config_mirrors_yml_one_invalid_countryCode(self):
"""WV is "indeterminately reserved" so it should never be used."""
os.chdir(self.testdir)
yaml = ruamel.yaml.YAML(typ='safe')
with Path('mirrors.yml').open('w') as fp:
yaml.dump(
[
{'url': 'https://bar.com/fdroid/repo', 'countryCode': 'BA'},
{'url': 'https://foo.com/fdroid/repo', 'countryCode': 'FO'},
{'url': 'https://wv.com/fdroid/repo', 'countryCode': 'WV'},
],
fp,
)
self.assertFalse(fdroidserver.lint.lint_config('mirrors.yml'))
def test_lint_config_bad_mirrors_yml_dict(self):
os.chdir(self.testdir)
Path('mirrors.yml').write_text('baz: [foo, bar]\n')
with self.assertRaises(TypeError):
fdroidserver.lint.lint_config('mirrors.yml')
def test_lint_config_bad_mirrors_yml_float(self):
os.chdir(self.testdir)
Path('mirrors.yml').write_text('1.0\n')
with self.assertRaises(TypeError):
fdroidserver.lint.lint_config('mirrors.yml')
def test_lint_config_bad_mirrors_yml_int(self):
os.chdir(self.testdir)
Path('mirrors.yml').write_text('1\n')
with self.assertRaises(TypeError):
fdroidserver.lint.lint_config('mirrors.yml')
def test_lint_config_bad_mirrors_yml_str(self):
os.chdir(self.testdir)
Path('mirrors.yml').write_text('foo\n')
with self.assertRaises(TypeError):
fdroidserver.lint.lint_config('mirrors.yml')
def test_check_certificate_pinned_binaries_empty(self):
fdroidserver.common.config = {}
app = fdroidserver.metadata.App()
app.AllowedAPKSigningKeys = [
'a40da80a59d170caa950cf15c18c454d47a39b26989d8b640ecd745ba71bf5dc'
]
self.assertEqual(
[],
list(fdroidserver.lint.check_certificate_pinned_binaries(app)),
"when the config is empty, any signing key should be allowed",
)
def test_lint_known_debug_keys_no_match(self):
fdroidserver.common.config = {
"apk_signing_key_block_list": "a40da80a59d170caa950cf15c18c454d47a39b26989d8b640ecd745ba71bf5dc"
}
app = fdroidserver.metadata.App()
app.AllowedAPKSigningKeys = [
'2fd4fd5f54babba4bcb21237809bb653361d0d2583c80964ec89b28a26e9539e'
]
self.assertEqual(
[],
list(fdroidserver.lint.check_certificate_pinned_binaries(app)),
"A signing key that does not match one in the config should be allowed",
)
def test_lint_known_debug_keys(self):
fdroidserver.common.config = {
'apk_signing_key_block_list': 'a40da80a59d170caa950cf15c18c454d47a39b26989d8b640ecd745ba71bf5dc'
}
app = fdroidserver.metadata.App()
app.AllowedAPKSigningKeys = [
'a40da80a59d170caa950cf15c18c454d47a39b26989d8b640ecd745ba71bf5dc'
]
for warn in fdroidserver.lint.check_certificate_pinned_binaries(app):
anywarns = True
logging.debug(warn)
self.assertTrue(anywarns)
class LintAntiFeaturesTest(unittest.TestCase):
def setUp(self):
self.basedir = localmodule / 'tests'
os.chdir(self.basedir)
fdroidserver.common.config = dict()
fdroidserver.lint.ANTIFEATURES_KEYS = None
fdroidserver.lint.load_antiFeatures_config()
def test_check_antiFeatures_empty(self):
app = fdroidserver.metadata.App()
self.assertEqual([], list(fdroidserver.lint.check_antiFeatures(app)))
def test_check_antiFeatures_empty_AntiFeatures(self):
app = fdroidserver.metadata.App()
app['AntiFeatures'] = []
self.assertEqual([], list(fdroidserver.lint.check_antiFeatures(app)))
def test_check_antiFeatures(self):
app = fdroidserver.metadata.App()
app['AntiFeatures'] = ['Ads', 'UpstreamNonFree']
self.assertEqual([], list(fdroidserver.lint.check_antiFeatures(app)))
def test_check_antiFeatures_fails_one(self):
app = fdroidserver.metadata.App()
app['AntiFeatures'] = ['Ad']
self.assertEqual(1, len(list(fdroidserver.lint.check_antiFeatures(app))))
def test_check_antiFeatures_fails_many(self):
app = fdroidserver.metadata.App()
app['AntiFeatures'] = ['Adss', 'Tracker', 'NoSourceSince', 'FAKE', 'NonFree']
self.assertEqual(4, len(list(fdroidserver.lint.check_antiFeatures(app))))
def test_check_antiFeatures_build_empty(self):
app = fdroidserver.metadata.App()
app['Builds'] = [{'antifeatures': []}]
self.assertEqual([], list(fdroidserver.lint.check_antiFeatures(app)))
def test_check_antiFeatures_build(self):
app = fdroidserver.metadata.App()
app['Builds'] = [{'antifeatures': ['Tracking']}]
self.assertEqual(0, len(list(fdroidserver.lint.check_antiFeatures(app))))
def test_check_antiFeatures_build_fail(self):
app = fdroidserver.metadata.App()
app['Builds'] = [{'antifeatures': ['Ads', 'Tracker']}]
self.assertEqual(1, len(list(fdroidserver.lint.check_antiFeatures(app))))
if __name__ == "__main__":
import argparse
parser = argparse.ArgumentParser()
parser.add_argument(
"-v",
"--verbose",
action="store_true",
default=False,
help="Spew out even more information than normal",
)
fdroidserver.lint.options = parse_args_for_test(parser, sys.argv)
newSuite = unittest.TestSuite()
newSuite.addTest(unittest.makeSuite(LintTest))
unittest.main(failfast=False)