python routes

Signed-off-by: Prabhu Subramanian <[email protected]>

build.sbt

@@ -1,6 +1,6 @@
 name                     := "chen"
 ThisBuild / organization := "io.appthreat"
-ThisBuild / version      := "0.5.1"
+ThisBuild / version      := "0.5.2"
 ThisBuild / scalaVersion := "3.3.1"
 
 val cpgVersion = "1.4.22"

platform/frontends/x2cpg/src/main/scala/io/appthreat/x2cpg/passes/taggers/ChennaiTagsPass.scala

@@ -3,18 +3,34 @@ package io.appthreat.x2cpg.passes.taggers
 import io.circe.*
 import io.circe.parser.*
 import io.shiftleft.codepropertygraph.Cpg
-import io.shiftleft.codepropertygraph.generated.EdgeTypes
-import io.shiftleft.codepropertygraph.generated.nodes.NewNamespace
+import io.shiftleft.codepropertygraph.generated.Languages
 import io.shiftleft.passes.CpgPass
 import io.shiftleft.semanticcpg.language.*
+
 import java.util.regex.Pattern
 
 /** Creates tags on any node
   */
-class ChennaiTagsPass(cpg: Cpg) extends CpgPass(cpg) {
+class ChennaiTagsPass(atom: Cpg) extends CpgPass(atom) {
+
+  val language: String                   = atom.metaData.language.head
+  private val FRAMEWORK_ROUTE            = "framework-route"
+  private val PYTHON_ROUTES_CALL_REGEXES = Array("django/urls.py:<module>.(path|re_path)", ".*(route|web\\.).*")
+
+  private def tagPythonRoutes(dstGraph: DiffGraphBuilder): Unit = {
+    PYTHON_ROUTES_CALL_REGEXES.foreach { r =>
+      atom.call
+        .where(_.methodFullName(r))
+        .argument
+        .isLiteral
+        .newTagNode(FRAMEWORK_ROUTE)
+        .store()(dstGraph)
+    }
+  }
 
   override def run(dstGraph: DiffGraphBuilder): Unit = {
-    cpg.configFile("chennai.json").content.foreach { cdxData =>
+    if (language == Languages.PYTHON || language == Languages.PYTHONSRC) tagPythonRoutes(dstGraph)
+    atom.configFile("chennai.json").content.foreach { cdxData =>
       val ctagsJson       = parse(cdxData).getOrElse(Json.Null)
       val cursor: HCursor = ctagsJson.hcursor
       val tags            = cursor.downField("tags").focus.flatMap(_.asArray).getOrElse(Vector.empty)
@@ -27,36 +43,36 @@ class ChennaiTagsPass(cpg: Cpg) extends CpgPass(cpg) {
         tagParams.foreach { paramName =>
           val pn = paramName.asString.getOrElse("")
           if (pn.nonEmpty) {
-            cpg.method.parameter.typeFullNameExact(pn).newTagNode(tagName).store()(dstGraph)
+            atom.method.parameter.typeFullNameExact(pn).newTagNode(tagName).store()(dstGraph)
             if (!pn.contains("[") && !pn.contains("*"))
-              cpg.method.parameter.typeFullName(s".*${Pattern.quote(pn)}.*").newTagNode(tagName).store()(dstGraph)
+              atom.method.parameter.typeFullName(s".*${Pattern.quote(pn)}.*").newTagNode(tagName).store()(dstGraph)
           }
         }
         tagMethods.foreach { methodName =>
           val mn = methodName.asString.getOrElse("")
           if (mn.nonEmpty) {
-            cpg.method.fullNameExact(mn).newTagNode(tagName).store()(dstGraph)
+            atom.method.fullNameExact(mn).newTagNode(tagName).store()(dstGraph)
             if (!mn.contains("[") && !mn.contains("*"))
-              cpg.method.fullName(s".*${Pattern.quote(mn)}.*").newTagNode(tagName).store()(dstGraph)
+              atom.method.fullName(s".*${Pattern.quote(mn)}.*").newTagNode(tagName).store()(dstGraph)
           }
         }
         tagTypes.foreach { typeName =>
           val tn = typeName.asString.getOrElse("")
           if (tn.nonEmpty) {
-            cpg.method.parameter.typeFullNameExact(tn).newTagNode(tagName).store()(dstGraph)
+            atom.method.parameter.typeFullNameExact(tn).newTagNode(tagName).store()(dstGraph)
             if (!tn.contains("[") && !tn.contains("*"))
-              cpg.method.parameter.typeFullName(s".*${Pattern.quote(tn)}.*").newTagNode(tagName).store()(dstGraph)
-            cpg.call.typeFullNameExact(tn).newTagNode(tagName).store()(dstGraph)
+              atom.method.parameter.typeFullName(s".*${Pattern.quote(tn)}.*").newTagNode(tagName).store()(dstGraph)
+            atom.call.typeFullNameExact(tn).newTagNode(tagName).store()(dstGraph)
             if (!tn.contains("[") && !tn.contains("*"))
-              cpg.call.typeFullName(s".*${Pattern.quote(tn)}.*").newTagNode(tagName).store()(dstGraph)
+              atom.call.typeFullName(s".*${Pattern.quote(tn)}.*").newTagNode(tagName).store()(dstGraph)
           }
         }
         tagFiles.foreach { fileName =>
           val fn = fileName.asString.getOrElse("")
           if (fn.nonEmpty) {
-            cpg.file.nameExact(fn).newTagNode(tagName).store()(dstGraph)
+            atom.file.nameExact(fn).newTagNode(tagName).store()(dstGraph)
             if (!fn.contains("[") && !fn.contains("*"))
-              cpg.file.name(s".*${Pattern.quote(fn)}.*").newTagNode(tagName).store()(dstGraph)
+              atom.file.name(s".*${Pattern.quote(fn)}.*").newTagNode(tagName).store()(dstGraph)
           }
         }
       }

pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "appthreat-chen"
-version = "0.5.1"
+version = "0.5.2"
 description = "Code Hierarchy Exploration Net (chen)"
 authors = ["Team AppThreat <[email protected]>"]
 license = "Apache-2.0"