fix: extend pattern and add tests

Bearer · May 20, 2024 · cf8e2d2 · cf8e2d2
1 parent 28bd3a9
commit cf8e2d2
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 1 deletion.
diff --git a/rules/python/django/debug_mode_enabled.yml b/rules/python/django/debug_mode_enabled.yml
@@ -1,9 +1,27 @@
+imports:
+  - python_shared_lang_import3
 patterns:
   - pattern: DEBUG = $<TRUE>
     filters:
       - variable: "TRUE"
         detection: python_django_debug_mode_enabled_true
         scope: cursor
+  - pattern: $<SETTINGS_CONFIGURE>(DEBUG = $<TRUE>)
+    filters:
+      - variable: SETTINGS_CONFIGURE
+        detection: python_shared_lang_import3
+        filters:
+          - variable: MODULE1
+            values: [django]
+          - variable: MODULE2
+            values: [conf]
+          - variable: MODULE3
+            values: [settings]
+          - variable: NAME
+            values: [configure]
+      - variable: "TRUE"
+        detection: python_django_debug_mode_enabled_true
+        scope: cursor
 auxiliary:
   - id: python_django_debug_mode_enabled_true
     patterns:

diff --git a/tests/python/django/debug_mode_enabled/testdata/main.py b/tests/python/django/debug_mode_enabled/testdata/main.py
@@ -1 +1,13 @@
-# Use bearer:expected python_django_debug_mode_enabled to flag expected findings
+from django.conf import settings
+
+# bearer:expected python_django_debug_mode_enabled
+DEBUG = True
+
+def bad():
+  # bearer:expected python_django_debug_mode_enabled
+  settings.configure(DEBUG=True)
+
+DEBUG = False
+
+def ok():
+  settings.configure(DEBUG=False)