Skip to content

Commit

Permalink
Do not require authentication credentials for subcommands that don't …
Browse files Browse the repository at this point in the history
…need them

Subcommands such as `ping` or `show` hit unauthenticated endpoints, so they
do not need to enforce users to provide them via the global
-u/-a/-o options.
  • Loading branch information
mprpic committed Oct 3, 2024
1 parent c4129f9 commit 0a1c916
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 16 deletions.
29 changes: 21 additions & 8 deletions cvelib/cli.py
Original file line number Diff line number Diff line change
Expand Up @@ -220,34 +220,47 @@ def init_cve_api(self) -> CveApi:
)


class SkipRequiredOnHelp(click.Group):
class SkipRequiredIf(click.Group):
def parse_args(self, ctx: click.Context, args: list) -> list:
"""If any help options are used, mark global required options as not required.
"""Mark global required options as not required in certain cases
That way, we can skip directly to showing the help without requiring users to specify
values that don't end up getting used anyway.
If any help options are used, we can skip directly to showing the help without requiring
users to specify authentication values.
If certain subcommands are used that don't require authentication (e.g. `ping`), do not
require authentication values.
"""
if any(arg in ctx.help_option_names for arg in args):
if any(arg in ctx.help_option_names for arg in args) or any(
arg in ("ping", "show") for arg in args
):
# Iterate over all options and flip them to not required and not to prompt for input.
for param in self.params:
if isinstance(param, click.Option):
param.required = False
# Type ignored due to `"Option" has no attribute "prompt_required"` error:
# https://github.com/pallets/click/blob/d0af32d8/src/click/core.py#L2455
param.prompt_required = False # type: ignore
return super(SkipRequiredOnHelp, self).parse_args(ctx, args)
return super(SkipRequiredIf, self).parse_args(ctx, args)


@click.group(context_settings=CONTEXT_SETTINGS, cls=SkipRequiredOnHelp)
@click.group(context_settings=CONTEXT_SETTINGS, cls=SkipRequiredIf)
@click.option(
"-u", "--username", envvar="CVE_USER", required=True, help="Your username (env var: CVE_USER)"
"-u",
"--username",
envvar="CVE_USER",
required=True,
help="Your username (env var: CVE_USER)",
prompt="Username",
hide_input=False,
)
@click.option(
"-o",
"--org",
envvar="CVE_ORG",
required=True,
help="Your CNA organization short name (env var: CVE_ORG)",
prompt="Organization",
hide_input=False,
)
@click.option(
"-a",
Expand Down
8 changes: 0 additions & 8 deletions tests/test_cli.py
Original file line number Diff line number Diff line change
Expand Up @@ -717,14 +717,6 @@ def test_show_org():


class TestSubcommandHelp:
def test_required_opts(self):
with mock.patch("cvelib.cli.CveApi.show_org") as show_org:
show_org.return_value = {}
runner = CliRunner()
result = runner.invoke(cli, ["org"])
assert result.exit_code == 2, result.output
assert "Error: Missing option" in result.output

def test_exit_on_help(self):
with mock.patch("cvelib.cli.CveApi.show_org") as show_org:
show_org.return_value = {}
Expand Down

0 comments on commit 0a1c916

Please sign in to comment.