Open KevinHock opened 6 years ago
cc @davidoc
Hi @KevinHock , I am new to projects ,how can i contribute to this issue? Need some help to start
Hi @nightwarrior-xxx, nice to meet you. Let me know if this helps, it's a rough idea on how to do this:
Read the framework part of the docs
__usage__.py
Making
https://github.com/python-security/pyt/blob/master/pyt/usage.py#L34
'Flask(Default), Django, Every or Pylons'
->
'Flask(Default), Class-Based Views, Django, Every or Pylons'
__main__.py
Adding
elif args.adaptor and args.adaptor.lower().startswith('c'):
framework_route_criteria = is_class_based_view_function
See https://github.com/python-security/pyt/pull/75/files for something similar
The part I will leave up to you, unless you would like me to try to figure it out:
framework_adaptor.py
Use my _get_class_nodes
function to iterate through all classes in FrameworkAdaptor.
when the is_class_based_view_function function is passed
framework_helper.py
Make an is_class_based_view_function
function with something that checks endswith,
similar to if definition.name.endswith('.get') or definition.name.endswith('.post'):
Extra/Optional, check the class being inherited from ends in View. Do this in _get_class_nodes
(to check if it is MethodView/TemplateView etc.) (Or find a counter-example, a base view class that does not end in View, from Flask or Django etc.)
Use my examples/class_based_views/flask_bb.py
test file or something similar to write tests
Update the framework part of the docs
It may be possible to look at the class hierarchy of a ClassDef
node recursively until you find the View
class (or object
) since it seems like every view type in Flask ends up inheriting from flask.views.View
.
Then if the class does not have flask.views.MethodView
in their base classes, look for a method called dispatch_request
. On the other hand, if it is a descendant of MethodView
then you need to look for methods named as HTTP verbs (as per https://github.com/pallets/flask/blob/master/flask/views.py#L16).
I'm not very familiar with pyt so I'm not sure if this idea fits its current design.
I wrote some of the code to do this in a branch https://github.com/python-security/pyt/compare/class_based_views, but since I'm working on other things and this feature seems cool and important I'm making this issue 👍
Let me know if you would like any help in implementing.