Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Explicit encode role names #1759

Merged
merged 1 commit into from
Jan 17, 2022
Merged

Explicit encode role names #1759

merged 1 commit into from
Jan 17, 2022

Conversation

kairoaraujo
Copy link
Collaborator

This commit explicitly encodes role names.
Also, a slight change in the RepositorySimulator will align
with the tests.

This commit partially covers issue #1634

Signed-off-by: Kairo de Araujo [email protected]

  • The code follows the Code Style Guidelines
  • Tests have been added for the bug fix or new feature
  • Docs have been added for the bug fix or new feature

@coveralls
Copy link

coveralls commented Jan 6, 2022
edited
Loading

Pull Request Test Coverage Report for Build 1707644438

  • 3 of 3 (100.0%) changed or added relevant lines in 1 file are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.0004%) to 97.689%
Totals Coverage Status
Change from base Build 1706961759: 0.0004%
Covered Lines: 4098
Relevant Lines: 4179
💛 - Coveralls

jku
jku reviewed Jan 10, 2022
View reviewed changes
Copy link
Member

@jku jku left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The actual change is correct IMO, but I have some questions on the tests...

We might need some target downloads tests using delegations but your case does not seem to need target downloads: maybe just add the tests into test_updater_delegation_graphs.py -- I've not confirmed but I would expect you can just add new test cases without having to modify the test code in any way?

Also could maybe add some explanation to the commit message: that 99% of this is already happening in the real use case as requests silently encodes everything that is not valid in a URL: we're just making this explicit. The only "breaking" change here for Requests-using-code is that "/" in a rolename will now be encoded

Speaking of "/" or "\" in a rolename: this is a case I'd like to see a test for... which leads to: we should have some tests for when we really use Requests (and not only simulator). These tests should maybe be in test_updater_ng.py as that already runs a webserver but I don't think they absolutely need to be added in this PR.

tests/test_updater_fetch_target.py Outdated
encoded_path="projectA%2Ffile_a.txt",
rolename="A",
delegated_role=DelegatedRole(
"A", [], 1, False, ["projectA/**"], None
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"projectA/**": the double asterisk format (as it's used in many places) is not supported in python-tuf so this looks misleading.

@kairoaraujo
Copy link
Collaborator Author

@jku, I'm still not happy with tests for it. 😔
But I want to move forward with this issue.

@kairoaraujo kairoaraujo force-pushed the issue#1634/encode_role_names branch 2 times, most recently from 6016a8d to 9c33cd3 Compare January 17, 2022 06:16
@kairoaraujo kairoaraujo marked this pull request as ready for review January 17, 2022 06:16
jku
jku approved these changes Jan 17, 2022
View reviewed changes
Copy link
Member

@jku jku left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks looks good. I'm approving this but would not mind a better docstring and/or name for the test if you can improve them: it now tests that rolenames are correctly encoded in both filenames and URLs.

@kairoaraujo
Copy link
Collaborator Author

Thanks looks good. I'm approving this but would not mind a better docstring and/or name for the test if you can improve them: it now tests that rolenames are correctly encoded in both filenames and URLs.

I will improve it. Please wait before merging it.

explicit encode role names
aa6d28f 
This commit explicitly encodes role names. Mostly this encoding is already
happening in ``requests`` for what is not a URL.
The "/" in a role name will now be encoded.

Also, a slight change in the RepositorySimulator will align with the tests.

This commit partially covers issue theupdateframework#1634

Signed-off-by: Kairo de Araujo <[email protected]>
@jku jku merged commit 8ccbd63 into theupdateframework:develop Jan 17, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jku jku jku approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kairoaraujo @coveralls @jku