Fixed EM101 (raw-string-in-exception): Exception must not use a string literal, assign to variable first

This commit is contained in:
Teal Dulcet 2023-12-22 07:10:48 -08:00 committed by Joshua Tauberer
parent 49124cc9ca
commit dd61844ced
7 changed files with 42 additions and 21 deletions

View File

@ -49,10 +49,12 @@ class AuthService:
username, password = parse_http_authorization_basic(request.headers.get('Authorization', ''))
if username in {None, ""}:
raise ValueError("Authorization header invalid.")
msg = "Authorization header invalid."
raise ValueError(msg)
if username.strip() == "" and password.strip() == "":
raise ValueError("No email address, password, session key, or API key provided.")
msg = "No email address, password, session key, or API key provided."
raise ValueError(msg)
# If user passed the system API key, grant administrative privs. This key
# is not associated with a user.
@ -72,7 +74,8 @@ class AuthService:
# If no password was given, but a username was given, we're missing some information.
elif password.strip() == "":
raise ValueError("Enter a password.")
msg = "Enter a password."
raise ValueError(msg)
else:
# The user is trying to log in with a username and a password
@ -114,7 +117,8 @@ class AuthService:
])
except:
# Login failed.
raise ValueError("Incorrect email address or password.")
msg = "Incorrect email address or password."
raise ValueError(msg)
# If MFA is enabled, check that MFA passes.
status, hints = validate_auth_mfa(email, request, env)

View File

@ -507,7 +507,8 @@ def list_target_files(config):
path = ''
if bucket == "":
raise ValueError("Enter an S3 bucket name.")
msg = "Enter an S3 bucket name."
raise ValueError(msg)
# connect to the region & bucket
try:
@ -535,7 +536,8 @@ def list_target_files(config):
b2_api.authorize_account("production", b2_application_keyid, b2_application_key)
bucket = b2_api.get_bucket_by_name(b2_bucket)
except NonExistentBucket as e:
raise ValueError("B2 Bucket does not exist. Please double check your information!")
msg = "B2 Bucket does not exist. Please double check your information!"
raise ValueError(msg)
return [(key.file_name, key.size) for key, _ in bucket.ls()]
else:

View File

@ -919,7 +919,8 @@ def set_custom_dns_record(qname, rtype, value, action, env):
rtype = rtype.upper()
if value is not None and qname != "_secondary_nameserver":
if not re.search(DOMAIN_RE, qname):
raise ValueError("Invalid name.")
msg = "Invalid name."
raise ValueError(msg)
if rtype in {"A", "AAAA"}:
if value != "local": # "local" is a special flag for us
@ -928,14 +929,16 @@ def set_custom_dns_record(qname, rtype, value, action, env):
if rtype == "AAAA" and not isinstance(v, ipaddress.IPv6Address): raise ValueError("That's an IPv4 address.")
elif rtype in {"CNAME", "NS"}:
if rtype == "NS" and qname == zone:
raise ValueError("NS records can only be set for subdomains.")
msg = "NS records can only be set for subdomains."
raise ValueError(msg)
# ensure value has a trailing dot
if not value.endswith("."):
value = value + "."
if not re.search(DOMAIN_RE, value):
raise ValueError("Invalid value.")
msg = "Invalid value."
raise ValueError(msg)
elif rtype in {"CNAME", "TXT", "SRV", "MX", "SSHFP", "CAA"}:
# anything goes
pass

View File

@ -608,9 +608,11 @@ def kick(env, mail_result=None):
def validate_password(pw):
# validate password
if pw.strip() == "":
raise ValueError("No password provided.")
msg = "No password provided."
raise ValueError(msg)
if len(pw) < 8:
raise ValueError("Passwords must be at least eight characters.")
msg = "Passwords must be at least eight characters."
raise ValueError(msg)
if __name__ == "__main__":
import sys

View File

@ -41,9 +41,11 @@ def enable_mfa(email, type, secret, token, label, env):
# Sanity check with the provide current token.
totp = pyotp.TOTP(secret)
if not totp.verify(token, valid_window=1):
raise ValueError("Invalid token.")
msg = "Invalid token."
raise ValueError(msg)
else:
raise ValueError("Invalid MFA type.")
msg = "Invalid MFA type."
raise ValueError(msg)
conn, c = open_database(env, with_connection=True)
c.execute('INSERT INTO mfa (user_id, type, secret, label) VALUES (?, ?, ?, ?)', (get_user_id(email, c), type, secret, label))
@ -67,9 +69,11 @@ def disable_mfa(email, mfa_id, env):
def validate_totp_secret(secret):
if type(secret) != str or secret.strip() == "":
raise ValueError("No secret provided.")
msg = "No secret provided."
raise ValueError(msg)
if len(secret) != 32:
raise ValueError("Secret should be a 32 characters base32 string")
msg = "Secret should be a 32 characters base32 string"
raise ValueError(msg)
def provision_totp(email, env):
# Make a new secret.

View File

@ -624,7 +624,8 @@ def load_cert_chain(pemfile):
pem = f.read() + b"\n" # ensure trailing newline
pemblocks = re.findall(re_pem, pem)
if len(pemblocks) == 0:
raise ValueError("File does not contain valid PEM data.")
msg = "File does not contain valid PEM data."
raise ValueError(msg)
return pemblocks
def load_pem(pem):
@ -635,7 +636,8 @@ def load_pem(pem):
from cryptography.hazmat.backends import default_backend
pem_type = re.match(b"-+BEGIN (.*?)-+[\r\n]", pem)
if pem_type is None:
raise ValueError("File is not a valid PEM-formatted file.")
msg = "File is not a valid PEM-formatted file."
raise ValueError(msg)
pem_type = pem_type.group(1)
if pem_type in {b"RSA PRIVATE KEY", b"PRIVATE KEY"}:
return serialization.load_pem_private_key(pem, password=None, backend=default_backend())

View File

@ -39,7 +39,8 @@ def smtp_test():
try:
server.login("fakeuser", "fakepassword")
raise Exception("authentication didn't fail")
msg = "authentication didn't fail"
raise Exception(msg)
except smtplib.SMTPAuthenticationError:
# athentication should fail
pass
@ -61,7 +62,8 @@ def imap_test():
try:
M.login("fakeuser", "fakepassword")
raise Exception("authentication didn't fail")
msg = "authentication didn't fail"
raise Exception(msg)
except imaplib.IMAP4.error:
# authentication should fail
pass
@ -85,7 +87,8 @@ def pop_test():
M = None # don't .quit()
return
M.list()
raise Exception("authentication didn't fail")
msg = "authentication didn't fail"
raise Exception(msg)
finally:
if M:
M.quit()
@ -103,7 +106,8 @@ def managesieve_test():
try:
M.login("fakeuser", "fakepassword")
raise Exception("authentication didn't fail")
msg = "authentication didn't fail"
raise Exception(msg)
except imaplib.IMAP4.error:
# authentication should fail
pass