404

[ Avaa Bypassed ]




Upload:

Command:

botdev@18.117.107.190: ~ $
"""
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: MIT-0
"""
import regex as re

from cfnlint.helpers import RESOURCE_SPECS
from cfnlint.rules import CloudFormationLintRule, RuleMatch


class AllowedPattern(CloudFormationLintRule):
    """Check if properties have a valid value"""

    id = "E3031"
    shortdesc = "Check if property values adhere to a specific pattern"
    description = "Check if properties have a valid value in case of a pattern (Regular Expression)"
    source_url = "https://github.com/awslabs/cfn-python-lint/blob/main/docs/cfn-resource-specification.md#allowedpattern"
    tags = ["resources", "property", "allowed pattern", "regex"]

    def __init__(self):
        """Init"""
        super().__init__()
        self.config_definition = {
            "exceptions": {
                "default": [],
                "type": "list",
                "itemtype": "string",
            }
        }
        self.configure()

    def initialize(self, cfn):
        """Initialize the rule"""
        for resource_type_spec in RESOURCE_SPECS.get(cfn.regions[0]).get(
            "ResourceTypes"
        ):
            self.resource_property_types.append(resource_type_spec)
        for property_type_spec in RESOURCE_SPECS.get(cfn.regions[0]).get(
            "PropertyTypes"
        ):
            self.resource_sub_property_types.append(property_type_spec)

    def check_value(self, value, path, property_name, **kwargs):
        """Check Value"""
        matches = []

        # Get the Allowed Pattern Regex
        value_pattern_regex = kwargs.get("value_specs", {}).get(
            "AllowedPatternRegex", {}
        )
        # Get the "Human Readable" version for the error message. Optional, if not specified,
        # the RegEx itself is used.
        value_pattern = kwargs.get("value_specs", {}).get(
            "AllowedPattern", value_pattern_regex
        )

        if isinstance(value, (int, float)):
            value = str(value)

        if isinstance(value, str):
            if value_pattern_regex:
                regex = re.compile(value_pattern_regex, re.ASCII)

                # Ignore values with dynamic references. Simple check to prevent false-positives
                # See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html
                if "{{resolve:" not in value:
                    if not regex.match(value):
                        for exception in self.config.get("exceptions"):
                            exception_regex = re.compile(exception)
                            if exception_regex.match(value):
                                return matches
                        full_path = "/".join(str(x) for x in path)

                        message = "{} contains invalid characters (Pattern: {}) at {}"
                        matches.append(
                            RuleMatch(
                                path,
                                message.format(property_name, value_pattern, full_path),
                            )
                        )

        return matches

    def check(self, cfn, properties, value_specs, property_specs, path):
        """Check itself"""
        matches = []
        for p_value, p_path in properties.items_safe(path[:]):
            for prop in p_value:
                if prop in value_specs:
                    value = value_specs.get(prop).get("Value", {})
                    if value:
                        value_type = value.get("ValueType", "")
                        property_type = (
                            property_specs.get("Properties").get(prop).get("Type")
                        )
                        value_specs = (
                            RESOURCE_SPECS.get(cfn.regions[0])
                            .get("ValueTypes")
                            .get(value_type, {})
                        )
                        if value_specs == "CACHED":
                            value_specs = (
                                RESOURCE_SPECS.get("us-east-1")
                                .get("ValueTypes")
                                .get(value_type, {})
                            )
                        matches.extend(
                            cfn.check_value(
                                p_value,
                                prop,
                                p_path,
                                check_value=self.check_value,
                                value_specs=value_specs,
                                cfn=cfn,
                                property_type=property_type,
                                property_name=prop,
                            )
                        )
        return matches

    def match_resource_sub_properties(self, properties, property_type, path, cfn):
        """Match for sub properties"""
        matches = []

        specs = (
            RESOURCE_SPECS.get(cfn.regions[0])
            .get("PropertyTypes")
            .get(property_type, {})
            .get("Properties", {})
        )
        property_specs = (
            RESOURCE_SPECS.get(cfn.regions[0]).get("PropertyTypes").get(property_type)
        )
        matches.extend(self.check(cfn, properties, specs, property_specs, path))

        return matches

    def match_resource_properties(self, properties, resource_type, path, cfn):
        """Check CloudFormation Properties"""
        matches = []

        specs = (
            RESOURCE_SPECS.get(cfn.regions[0])
            .get("ResourceTypes")
            .get(resource_type, {})
            .get("Properties", {})
        )
        resource_specs = (
            RESOURCE_SPECS.get(cfn.regions[0]).get("ResourceTypes").get(resource_type)
        )
        matches.extend(self.check(cfn, properties, specs, resource_specs, path))

        return matches

Filemanager

Name Type Size Permission Actions
__pycache__ Folder 0755
AllowedPattern.py File 5.76 KB 0644
AllowedValue.py File 4.8 KB 0644
AtLeastOne.py File 4.11 KB 0644
AvailabilityZone.py File 3.41 KB 0644
BasedOnValue.py File 6.33 KB 0644
Exclusive.py File 3.98 KB 0644
ImageId.py File 2.37 KB 0644
Inclusive.py File 3.7 KB 0644
JsonSize.py File 6.08 KB 0644
ListDuplicates.py File 4.39 KB 0644
ListDuplicatesAllowed.py File 4.76 KB 0644
ListSize.py File 4.88 KB 0644
NumberSize.py File 4.88 KB 0644
OnlyOne.py File 3.89 KB 0644
Password.py File 3.63 KB 0644
Properties.py File 27.49 KB 0644
PropertiesTemplated.py File 2.44 KB 0644
Required.py File 4.1 KB 0644
RequiredBasedOnValue.py File 831 B 0644
StringSize.py File 4.52 KB 0644
UnwantedBasedOnValue.py File 837 B 0644
ValuePrimitiveType.py File 11.6 KB 0644
ValueRefGetAtt.py File 11.96 KB 0644
__init__.py File 106 B 0644