Skip to content

Commit 422733f

Browse files
tausbnRasmusWL
tausbn
authored and
RasmusWL
committed
Python: Add rest_framework model
1 parent 5afead5 commit 422733f

File tree

2 files changed

+22
-3
lines changed

2 files changed

+22
-3
lines changed

python/ql/lib/semmle/python/frameworks/RestFramework.qll

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ private import semmle.python.ApiGraphs
1616
private import semmle.python.frameworks.internal.InstanceTaintStepsHelper
1717
private import semmle.python.frameworks.Django
1818
private import semmle.python.frameworks.Stdlib
19+
private import semmle.python.frameworks.data.ModelsAsData
1920

2021
/**
2122
* INTERNAL: Do not use.
@@ -27,7 +28,7 @@ private import semmle.python.frameworks.Stdlib
2728
* - https://www.django-rest-framework.org/
2829
* - https://pypi.org/project/djangorestframework/
2930
*/
30-
private module RestFramework {
31+
module RestFramework {
3132
// ---------------------------------------------------------------------------
3233
// rest_framework.views.APIView handling
3334
// ---------------------------------------------------------------------------
@@ -215,8 +216,10 @@ private module RestFramework {
215216
*/
216217
module Request {
217218
/** Gets a reference to the `rest_framework.request.Request` class. */
218-
private API::Node classRef() {
219+
API::Node classRef() {
219220
result = API::moduleImport("rest_framework").getMember("request").getMember("Request")
221+
or
222+
result = ModelOutput::getATypeNode("rest_framework.request.Request~Subclass").getASubclass*()
220223
}
221224

222225
/**
@@ -299,8 +302,11 @@ private module RestFramework {
299302
*/
300303
module Response {
301304
/** Gets a reference to the `rest_framework.response.Response` class. */
302-
private API::Node classRef() {
305+
API::Node classRef() {
303306
result = API::moduleImport("rest_framework").getMember("response").getMember("Response")
307+
or
308+
result =
309+
ModelOutput::getATypeNode("rest_framework.response.Response~Subclass").getASubclass*()
304310
}
305311

306312
/** A direct instantiation of `rest_framework.response.Response`. */

python/ql/src/meta/ClassHierarchy/Find.ql

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ private import semmle.python.frameworks.Invoke
2323
private import semmle.python.frameworks.MarkupSafe
2424
private import semmle.python.frameworks.Multidict
2525
private import semmle.python.frameworks.Pycurl
26+
private import semmle.python.frameworks.RestFramework
2627
import semmle.python.frameworks.data.internal.ApiGraphModelsExtensions as Extensions
2728

2829
class FlaskViewClasses extends FindSubclassesSpec {
@@ -324,6 +325,18 @@ class PyCurl extends FindSubclassesSpec {
324325
override API::Node getAlreadyModeledClass() { result = Pycurl::Curl::classRef() }
325326
}
326327

328+
class RestFrameworkRequest extends FindSubclassesSpec {
329+
RestFrameworkRequest() { this = "rest_framework.request.Request~Subclass" }
330+
331+
override API::Node getAlreadyModeledClass() { result = RestFramework::Request::classRef() }
332+
}
333+
334+
class RestFrameworkResponse extends FindSubclassesSpec {
335+
RestFrameworkResponse() { this = "rest_framework.response.Response~Subclass" }
336+
337+
override API::Node getAlreadyModeledClass() { result = RestFramework::Response::classRef() }
338+
}
339+
327340
bindingset[fullyQualified]
328341
predicate fullyQualifiedToYamlFormat(string fullyQualified, string type2, string path) {
329342
exists(int firstDot | firstDot = fullyQualified.indexOf(".", 0, 0) |

0 commit comments

Comments
 (0)