github-advanced-security[bot] commented on code in PR #58476: URL: https://github.com/apache/airflow/pull/58476#discussion_r2540449744
########## providers/google/tests/unit/google/cloud/links/test_cloud_storage_transfer.py: ########## @@ -0,0 +1,462 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +"""Real tests for Google Cloud Storage Transfer Service links.""" + +from __future__ import annotations + +import pytest + +from airflow.providers.google.cloud.links.cloud_storage_transfer import ( + CloudStorageTransferDetailsLink, + CloudStorageTransferJobLink, + CloudStorageTransferLinkHelper, + CloudStorageTransferListLink, +) + +REAL_PROJECT_ID = "my-gcp-project-123456" +REAL_TRANSFER_JOB = "transferJobs-1234567890123456789" +REAL_TRANSFER_OPERATION = "transferOperations/9876543210987654321" +REAL_OPERATION_NAME = f"{REAL_TRANSFER_OPERATION}-{REAL_TRANSFER_JOB}" + +EXPECTED_LIST_URL = f"https://console.cloud.google.com/transfer/jobs?project={REAL_PROJECT_ID}"; +EXPECTED_JOB_URL = f"https://console.cloud.google.com/transfer/jobs/transferJobs%2F{REAL_TRANSFER_JOB}/runs?project={REAL_PROJECT_ID}"; +EXPECTED_DETAILS_URL = ( + f"https://console.cloud.google.com/transfer/jobs/transferJobs%2FtransferJobs"; + f"/runs/transferOperations%2F9876543210987654321-transferJobs-1234567890123456789?project={REAL_PROJECT_ID}" +) + + +class TestCloudStorageTransferLinkHelper: + """Test the CloudStorageTransferLinkHelper with real operation names.""" + + def test_extract_parts_with_real_operation_name(self): + """Test extract_parts with a real Google Cloud Storage Transfer operation name.""" + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts(REAL_OPERATION_NAME) + + assert transfer_operation == "9876543210987654321-transferJobs-1234567890123456789" + assert transfer_job == "transferJobs" + + def test_extract_parts_with_various_real_formats(self): + """Test extract_parts with various real operation name formats.""" + test_cases = [ + ("transferOperations/12345-transferJobs-67890", "12345-transferJobs-67890", "transferJobs"), + ("transferOperations/op123-transferJobs-job456", "op123-transferJobs-job456", "transferJobs"), + ( + "transferOperations/99999999999999999999-transferJobs-11111111111111111111", + "99999999999999999999-transferJobs-11111111111111111111", + "transferJobs", + ), + ] + + for operation_name, expected_operation, expected_job in test_cases: + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts(operation_name) + assert transfer_operation == expected_operation + assert transfer_job == expected_job + + def test_extract_parts_with_none_operation_name(self): + """Test extract_parts with None operation name.""" + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts(None) + + assert transfer_operation == "" + assert transfer_job == "" + + def test_extract_parts_with_empty_operation_name(self): + """Test extract_parts with empty operation name.""" + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts("") + + assert transfer_operation == "" + assert transfer_job == "" + + def test_extract_parts_with_malformed_operation_names(self): + """Test extract_parts with malformed operation names that might occur in real scenarios.""" + test_cases = [ + ("invalid-format", IndexError), + ("transferOperations/", IndexError), + ("transferOperations/123", IndexError), + ("transferOperations/123-", ("123-", "")), + ("-transferJobs-job456", IndexError), + ("transferOperations/123-transferJobs", ("123-transferJobs", "transferJobs")), + ] + + for operation_name, expected in test_cases: + if expected is IndexError: + with pytest.raises(IndexError): + CloudStorageTransferLinkHelper.extract_parts(operation_name) + else: + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts( + operation_name + ) + assert transfer_operation == expected[0] + assert transfer_job == expected[1] + + +class TestCloudStorageTransferListLink: + """Test the CloudStorageTransferListLink with real scenarios.""" + + def test_link_properties(self): + """Test that link properties are set correctly for real usage.""" + link = CloudStorageTransferListLink() + + assert link.name == "Cloud Storage Transfer" + assert link.key == "cloud_storage_transfer" + assert "{project_id}" in link.format_str + + def test_format_str_with_real_project_id(self): + """Test format_str generates correct URL for real project ID.""" + link = CloudStorageTransferListLink() + formatted_url = link.format_str.format(project_id=REAL_PROJECT_ID) + + assert formatted_url == EXPECTED_LIST_URL + assert "console.cloud.google.com" in formatted_url + assert REAL_PROJECT_ID in formatted_url + + def test_format_str_with_various_project_ids(self): + """Test format_str with various real project ID formats.""" + project_ids = [ + "my-project", + "project-123456", + "my-gcp-project-123", + "a" * 30, + ] + + link = CloudStorageTransferListLink() + for project_id in project_ids: + formatted_url = link.format_str.format(project_id=project_id) + assert project_id in formatted_url + assert formatted_url.startswith("https://console.cloud.google.com/transfer/jobs?";) + + +class TestCloudStorageTransferJobLink: + """Test the CloudStorageTransferJobLink with real scenarios.""" + + def test_link_properties(self): + """Test that link properties are set correctly for real usage.""" + link = CloudStorageTransferJobLink() + + assert link.name == "Cloud Storage Transfer Job" + assert link.key == "cloud_storage_transfer_job" + assert "{project_id}" in link.format_str + assert "{transfer_job}" in link.format_str + + def test_format_str_with_real_parameters(self): + """Test format_str generates correct URL for real transfer job.""" + link = CloudStorageTransferJobLink() + formatted_url = link.format_str.format(project_id=REAL_PROJECT_ID, transfer_job=REAL_TRANSFER_JOB) + + assert formatted_url == EXPECTED_JOB_URL + assert "console.cloud.google.com" in formatted_url + assert REAL_PROJECT_ID in formatted_url + assert REAL_TRANSFER_JOB in formatted_url + + def test_format_str_url_encoding(self): + """Test that transfer job ID is properly URL encoded.""" + link = CloudStorageTransferJobLink() + formatted_url = link.format_str.format(project_id=REAL_PROJECT_ID, transfer_job=REAL_TRANSFER_JOB) + + assert "transferJobs%2F" in formatted_url + assert "transferJobs/" not in formatted_url + + +class TestCloudStorageTransferDetailsLink: + """Test the CloudStorageTransferDetailsLink with real scenarios.""" + + def test_link_properties(self): + """Test that link properties are set correctly for real usage.""" + link = CloudStorageTransferDetailsLink() + + assert link.name == "Cloud Storage Transfer Details" + assert link.key == "cloud_storage_transfer_details" + assert "{project_id}" in link.format_str + assert "{transfer_job}" in link.format_str + assert "{transfer_operation}" in link.format_str + + def test_format_str_with_real_parameters(self): + """Test format_str generates correct URL for real transfer operation.""" + link = CloudStorageTransferDetailsLink() + + formatted_url = link.format_str.format( + project_id=REAL_PROJECT_ID, + transfer_job="transferJobs", + transfer_operation="9876543210987654321-transferJobs-1234567890123456789", + ) + + assert formatted_url == EXPECTED_DETAILS_URL + assert "console.cloud.google.com" in formatted_url Review Comment: ## Incomplete URL substring sanitization The string [console.cloud.google.com](1) may be at an arbitrary position in the sanitized URL. [Show more details](https://github.com/apache/airflow/security/code-scanning/555) ########## providers/google/tests/unit/google/cloud/links/test_cloud_storage_transfer.py: ########## @@ -0,0 +1,462 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +"""Real tests for Google Cloud Storage Transfer Service links.""" + +from __future__ import annotations + +import pytest + +from airflow.providers.google.cloud.links.cloud_storage_transfer import ( + CloudStorageTransferDetailsLink, + CloudStorageTransferJobLink, + CloudStorageTransferLinkHelper, + CloudStorageTransferListLink, +) + +REAL_PROJECT_ID = "my-gcp-project-123456" +REAL_TRANSFER_JOB = "transferJobs-1234567890123456789" +REAL_TRANSFER_OPERATION = "transferOperations/9876543210987654321" +REAL_OPERATION_NAME = f"{REAL_TRANSFER_OPERATION}-{REAL_TRANSFER_JOB}" + +EXPECTED_LIST_URL = f"https://console.cloud.google.com/transfer/jobs?project={REAL_PROJECT_ID}"; +EXPECTED_JOB_URL = f"https://console.cloud.google.com/transfer/jobs/transferJobs%2F{REAL_TRANSFER_JOB}/runs?project={REAL_PROJECT_ID}"; +EXPECTED_DETAILS_URL = ( + f"https://console.cloud.google.com/transfer/jobs/transferJobs%2FtransferJobs"; + f"/runs/transferOperations%2F9876543210987654321-transferJobs-1234567890123456789?project={REAL_PROJECT_ID}" +) + + +class TestCloudStorageTransferLinkHelper: + """Test the CloudStorageTransferLinkHelper with real operation names.""" + + def test_extract_parts_with_real_operation_name(self): + """Test extract_parts with a real Google Cloud Storage Transfer operation name.""" + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts(REAL_OPERATION_NAME) + + assert transfer_operation == "9876543210987654321-transferJobs-1234567890123456789" + assert transfer_job == "transferJobs" + + def test_extract_parts_with_various_real_formats(self): + """Test extract_parts with various real operation name formats.""" + test_cases = [ + ("transferOperations/12345-transferJobs-67890", "12345-transferJobs-67890", "transferJobs"), + ("transferOperations/op123-transferJobs-job456", "op123-transferJobs-job456", "transferJobs"), + ( + "transferOperations/99999999999999999999-transferJobs-11111111111111111111", + "99999999999999999999-transferJobs-11111111111111111111", + "transferJobs", + ), + ] + + for operation_name, expected_operation, expected_job in test_cases: + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts(operation_name) + assert transfer_operation == expected_operation + assert transfer_job == expected_job + + def test_extract_parts_with_none_operation_name(self): + """Test extract_parts with None operation name.""" + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts(None) + + assert transfer_operation == "" + assert transfer_job == "" + + def test_extract_parts_with_empty_operation_name(self): + """Test extract_parts with empty operation name.""" + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts("") + + assert transfer_operation == "" + assert transfer_job == "" + + def test_extract_parts_with_malformed_operation_names(self): + """Test extract_parts with malformed operation names that might occur in real scenarios.""" + test_cases = [ + ("invalid-format", IndexError), + ("transferOperations/", IndexError), + ("transferOperations/123", IndexError), + ("transferOperations/123-", ("123-", "")), + ("-transferJobs-job456", IndexError), + ("transferOperations/123-transferJobs", ("123-transferJobs", "transferJobs")), + ] + + for operation_name, expected in test_cases: + if expected is IndexError: + with pytest.raises(IndexError): + CloudStorageTransferLinkHelper.extract_parts(operation_name) + else: + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts( + operation_name + ) + assert transfer_operation == expected[0] + assert transfer_job == expected[1] + + +class TestCloudStorageTransferListLink: + """Test the CloudStorageTransferListLink with real scenarios.""" + + def test_link_properties(self): + """Test that link properties are set correctly for real usage.""" + link = CloudStorageTransferListLink() + + assert link.name == "Cloud Storage Transfer" + assert link.key == "cloud_storage_transfer" + assert "{project_id}" in link.format_str + + def test_format_str_with_real_project_id(self): + """Test format_str generates correct URL for real project ID.""" + link = CloudStorageTransferListLink() + formatted_url = link.format_str.format(project_id=REAL_PROJECT_ID) + + assert formatted_url == EXPECTED_LIST_URL + assert "console.cloud.google.com" in formatted_url Review Comment: ## Incomplete URL substring sanitization The string [console.cloud.google.com](1) may be at an arbitrary position in the sanitized URL. [Show more details](https://github.com/apache/airflow/security/code-scanning/553) ########## providers/google/tests/unit/google/cloud/links/test_cloud_storage_transfer.py: ########## @@ -0,0 +1,462 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +"""Real tests for Google Cloud Storage Transfer Service links.""" + +from __future__ import annotations + +import pytest + +from airflow.providers.google.cloud.links.cloud_storage_transfer import ( + CloudStorageTransferDetailsLink, + CloudStorageTransferJobLink, + CloudStorageTransferLinkHelper, + CloudStorageTransferListLink, +) + +REAL_PROJECT_ID = "my-gcp-project-123456" +REAL_TRANSFER_JOB = "transferJobs-1234567890123456789" +REAL_TRANSFER_OPERATION = "transferOperations/9876543210987654321" +REAL_OPERATION_NAME = f"{REAL_TRANSFER_OPERATION}-{REAL_TRANSFER_JOB}" + +EXPECTED_LIST_URL = f"https://console.cloud.google.com/transfer/jobs?project={REAL_PROJECT_ID}"; +EXPECTED_JOB_URL = f"https://console.cloud.google.com/transfer/jobs/transferJobs%2F{REAL_TRANSFER_JOB}/runs?project={REAL_PROJECT_ID}"; +EXPECTED_DETAILS_URL = ( + f"https://console.cloud.google.com/transfer/jobs/transferJobs%2FtransferJobs"; + f"/runs/transferOperations%2F9876543210987654321-transferJobs-1234567890123456789?project={REAL_PROJECT_ID}" +) + + +class TestCloudStorageTransferLinkHelper: + """Test the CloudStorageTransferLinkHelper with real operation names.""" + + def test_extract_parts_with_real_operation_name(self): + """Test extract_parts with a real Google Cloud Storage Transfer operation name.""" + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts(REAL_OPERATION_NAME) + + assert transfer_operation == "9876543210987654321-transferJobs-1234567890123456789" + assert transfer_job == "transferJobs" + + def test_extract_parts_with_various_real_formats(self): + """Test extract_parts with various real operation name formats.""" + test_cases = [ + ("transferOperations/12345-transferJobs-67890", "12345-transferJobs-67890", "transferJobs"), + ("transferOperations/op123-transferJobs-job456", "op123-transferJobs-job456", "transferJobs"), + ( + "transferOperations/99999999999999999999-transferJobs-11111111111111111111", + "99999999999999999999-transferJobs-11111111111111111111", + "transferJobs", + ), + ] + + for operation_name, expected_operation, expected_job in test_cases: + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts(operation_name) + assert transfer_operation == expected_operation + assert transfer_job == expected_job + + def test_extract_parts_with_none_operation_name(self): + """Test extract_parts with None operation name.""" + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts(None) + + assert transfer_operation == "" + assert transfer_job == "" + + def test_extract_parts_with_empty_operation_name(self): + """Test extract_parts with empty operation name.""" + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts("") + + assert transfer_operation == "" + assert transfer_job == "" + + def test_extract_parts_with_malformed_operation_names(self): + """Test extract_parts with malformed operation names that might occur in real scenarios.""" + test_cases = [ + ("invalid-format", IndexError), + ("transferOperations/", IndexError), + ("transferOperations/123", IndexError), + ("transferOperations/123-", ("123-", "")), + ("-transferJobs-job456", IndexError), + ("transferOperations/123-transferJobs", ("123-transferJobs", "transferJobs")), + ] + + for operation_name, expected in test_cases: + if expected is IndexError: + with pytest.raises(IndexError): + CloudStorageTransferLinkHelper.extract_parts(operation_name) + else: + transfer_operation, transfer_job = CloudStorageTransferLinkHelper.extract_parts( + operation_name + ) + assert transfer_operation == expected[0] + assert transfer_job == expected[1] + + +class TestCloudStorageTransferListLink: + """Test the CloudStorageTransferListLink with real scenarios.""" + + def test_link_properties(self): + """Test that link properties are set correctly for real usage.""" + link = CloudStorageTransferListLink() + + assert link.name == "Cloud Storage Transfer" + assert link.key == "cloud_storage_transfer" + assert "{project_id}" in link.format_str + + def test_format_str_with_real_project_id(self): + """Test format_str generates correct URL for real project ID.""" + link = CloudStorageTransferListLink() + formatted_url = link.format_str.format(project_id=REAL_PROJECT_ID) + + assert formatted_url == EXPECTED_LIST_URL + assert "console.cloud.google.com" in formatted_url + assert REAL_PROJECT_ID in formatted_url + + def test_format_str_with_various_project_ids(self): + """Test format_str with various real project ID formats.""" + project_ids = [ + "my-project", + "project-123456", + "my-gcp-project-123", + "a" * 30, + ] + + link = CloudStorageTransferListLink() + for project_id in project_ids: + formatted_url = link.format_str.format(project_id=project_id) + assert project_id in formatted_url + assert formatted_url.startswith("https://console.cloud.google.com/transfer/jobs?";) + + +class TestCloudStorageTransferJobLink: + """Test the CloudStorageTransferJobLink with real scenarios.""" + + def test_link_properties(self): + """Test that link properties are set correctly for real usage.""" + link = CloudStorageTransferJobLink() + + assert link.name == "Cloud Storage Transfer Job" + assert link.key == "cloud_storage_transfer_job" + assert "{project_id}" in link.format_str + assert "{transfer_job}" in link.format_str + + def test_format_str_with_real_parameters(self): + """Test format_str generates correct URL for real transfer job.""" + link = CloudStorageTransferJobLink() + formatted_url = link.format_str.format(project_id=REAL_PROJECT_ID, transfer_job=REAL_TRANSFER_JOB) + + assert formatted_url == EXPECTED_JOB_URL + assert "console.cloud.google.com" in formatted_url Review Comment: ## Incomplete URL substring sanitization The string [console.cloud.google.com](1) may be at an arbitrary position in the sanitized URL. [Show more details](https://github.com/apache/airflow/security/code-scanning/554) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
