Skip to content

Commit

Permalink
ci: fix builds by downgrading python to 3.7
Browse files Browse the repository at this point in the history
PyCQA/bandit#658

The above bug currently makes Bandit report some security issues that
are false positives because it ignores our # nosec comments.

Signed-off-by: Jakob Sinclair <[email protected]>
  • Loading branch information
AntiSC2 committed Dec 25, 2020
1 parent b9e124c commit 7494d41
Show file tree
Hide file tree
Showing 3 changed files with 2 additions and 52 deletions.
2 changes: 1 addition & 1 deletion .gitlab-ci.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# This file is a template, and might need editing before it works on your project.
# Official language image. Look for the different tagged releases at:
# https://hub.docker.com/r/library/python/tags/
image: python:3.8-alpine
image: python:3.7-alpine

# Change pip's cache directory to be inside the project directory since we can
# only cache local items.
Expand Down
50 changes: 0 additions & 50 deletions app/database/dao/users.py
Original file line number Diff line number Diff line change
Expand Up @@ -105,56 +105,6 @@ async def remove_user(self, user_id: UUID) -> None:
async with self.pool.acquire() as con: # type: Connection
await con.execute(sql, user_id)

async def get_users(self, search: str, order_column: str, order_dir_asc: bool) -> list:
"""
Get a list only containing account data
:return: A list filled dicts
"""
order_dir = "DESC"

if order_dir_asc is True:
order_dir = "ASC"

if order_column != "name" and order_column != "email" and order_column != "created":
order_column = "name"

if search == "":
sql = """ SELECT u.id, u.email, u.name, u.created
FROM users u
LEFT JOIN members m
ON u.id = m."user"
WHERE m."user" IS NULL
ORDER BY """ + order_column + " " + order_dir + ";" # noqa: S608 # nosec

async with self.pool.acquire() as con: # type: Connection
rows = await con.fetch(sql)
else:
search = "%"+search+"%"
sql = """ SELECT u.id, u.email, u.name, u.created
FROM users u
WHERE u.name LIKE $1
OR u.email LIKE $1
OR to_char(u.created, 'YYYY-MM-DD HH24:MI:SS.US') LIKE $1
LEFT JOIN members m
ON u.id = m."user"
WHERE m."user" IS NULL
ORDER BY """ + order_column + " " + order_dir + ";" # noqa: S608 # nosec

async with self.pool.acquire() as con: # type: Connection
rows = await con.fetch(sql, search)

users = []
for row in rows:
user = User()
user.id = row["id"]
user.email = row["email"]
user.name = row["name"]
user.created = row["created"]

users.append(user)

return users

async def get_user_by_id(self, user_id: UUID) -> User:
return await self._get_user(user_id=user_id)

Expand Down
2 changes: 1 addition & 1 deletion app/test/web_testcase.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ def get_app(self):
return configure_application(options)


def get_mock_session():
async def get_mock_session():
session = Session()
session.id = uuid4()
session.hash = "ccd70ecea6d9f0833b07688e69bf2368f86f9127de17de102e17788a805afb7f"
Expand Down

0 comments on commit 7494d41

Please sign in to comment.