Skip to content

Commit 8acac6a

Browse files
committed
fix linting
1 parent 7d3b4cf commit 8acac6a

File tree

4 files changed

+23
-16
lines changed

4 files changed

+23
-16
lines changed

cloudsplaining/scan/authorization_details.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -110,7 +110,7 @@ def inline_policies(self) -> Dict[str, Dict[str, Any]]:
110110
return results
111111

112112
@property
113-
def links(self) -> Dict[str, str]:
113+
def links(self) -> Dict[str, str | None]:
114114
"""Return a dictionary of the action names as keys and their API documentation links as values"""
115115
results = {}
116116
unique_action_names = set()

cloudsplaining/scan/managed_policy_detail.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -247,7 +247,7 @@ def account_id(self) -> str: # pragma: no cover
247247
if is_aws_managed(self.arn):
248248
return "N/A"
249249
else:
250-
return get_account_from_arn(self.arn) # type: ignore
250+
return get_account_from_arn(self.arn)
251251

252252
def getFindingLinks(self, findings: List[Dict[str, Any]]) -> Dict[Any, str]:
253253
links = {}

cloudsplaining/scan/statement_detail.py

+18-12
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44

55
from cached_property import cached_property
66

7-
from policy_sentry.analysis.analyze import determine_actions_to_expand
7+
from policy_sentry.analysis.expand import determine_actions_to_expand
88
from policy_sentry.querying.actions import (
99
remove_actions_not_matching_access_level,
1010
get_actions_matching_arn,
@@ -33,7 +33,12 @@ class StatementDetail:
3333
Analyzes individual statements within a policy
3434
"""
3535

36-
def __init__(self, statement: Dict[str, Any], flag_conditional_statements: bool = False, flag_resource_arn_statements: bool = False) -> None:
36+
def __init__(
37+
self,
38+
statement: Dict[str, Any],
39+
flag_conditional_statements: bool = False,
40+
flag_resource_arn_statements: bool = False,
41+
) -> None:
3742
self.json = statement
3843
self.statement = statement
3944
self.effect = statement["Effect"]
@@ -78,7 +83,8 @@ def _resources(self) -> List[str]:
7883

7984
def _not_action(self) -> List[str]:
8085
"""Holds the NotAction details.
81-
We won't do anything with it - but we will flag it as something for the assessor to triage."""
86+
We won't do anything with it - but we will flag it as something for the assessor to triage.
87+
"""
8288
not_action = self.statement.get("NotAction")
8389
if not not_action:
8490
return []
@@ -88,7 +94,8 @@ def _not_action(self) -> List[str]:
8894

8995
def _not_resource(self) -> List[str]:
9096
"""Holds the NotResource details.
91-
We won't do anything with it - but we will flag it as something for the assessor to triage."""
97+
We won't do anything with it - but we will flag it as something for the assessor to triage.
98+
"""
9299
not_resource = self.statement.get("NotResource")
93100
if not not_resource:
94101
return []
@@ -98,7 +105,7 @@ def _not_resource(self) -> List[str]:
98105

99106
# @property
100107
def _not_action_effective_actions(self) -> Optional[List[str]]:
101-
"""If NotAction is used, calculate the allowed actions - i.e., what it would be """
108+
"""If NotAction is used, calculate the allowed actions - i.e., what it would be"""
102109
effective_actions = []
103110
if not self.not_action:
104111
return None
@@ -149,7 +156,8 @@ def _not_action_effective_actions(self) -> Optional[List[str]]:
149156
@property
150157
def has_not_resource_with_allow(self) -> bool:
151158
"""Per the AWS documentation, the NotResource should NEVER be used with the Allow Effect.
152-
See documentation here. https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_notresource.html#notresource-element-combinations"""
159+
See documentation here. https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_notresource.html#notresource-element-combinations
160+
"""
153161
if self.not_resource and self.effect_allow:
154162
logger.warning(
155163
"Per the AWS documentation, the NotResource should never be used with the "
@@ -198,9 +206,8 @@ def permissions_management_actions_without_constraints(self) -> List[str]:
198206
do not have resource constraints"""
199207
result = []
200208
if (
201-
(not self.has_resource_constraints or self.flag_resource_arn_statements) and
202-
not self.has_condition
203-
):
209+
not self.has_resource_constraints or self.flag_resource_arn_statements
210+
) and not self.has_condition:
204211
result = remove_actions_not_matching_access_level(
205212
self.restrictable_actions, "Permissions management"
206213
)
@@ -213,9 +220,8 @@ def write_actions_without_constraints(self) -> List[str]:
213220
do not have resource constraints"""
214221
result = []
215222
if (
216-
(not self.has_resource_constraints or self.flag_resource_arn_statements) and
217-
not self.has_condition
218-
):
223+
not self.has_resource_constraints or self.flag_resource_arn_statements
224+
) and not self.has_condition:
219225
result = remove_actions_not_matching_access_level(
220226
self.restrictable_actions, "Write"
221227
)

cloudsplaining/shared/utils.py

+3-2
Original file line numberDiff line numberDiff line change
@@ -40,9 +40,10 @@ def remove_wildcard_only_actions(actions_list: List[str]) -> List[str]:
4040
continue # pragma: no cover
4141
action_data = get_action_data(service_prefix, action_name)
4242
if action_data:
43-
if len(action_data.get(service_prefix)) == 0:
43+
service_data_len = len(action_data.get(service_prefix, []))
44+
if service_data_len == 0:
4445
pass # pragma: no cover
45-
elif len(action_data.get(service_prefix)) == 1:
46+
elif service_data_len == 1:
4647
if action_data[service_prefix][0]["resource_arn_format"] == "*":
4748
pass
4849
else:

0 commit comments

Comments
 (0)