Remove sqlalchemy-utils

- Vulnerability not addressed for years: kvesteri/sqlalchemy-utils#166 - No bandit on prod code. - ZeroVer
tucked · Feb 24, 2023 · 524e07d · 524e07d
1 parent aca525f
commit 524e07d
Show file tree

Hide file tree

Showing 9 changed files with 24 additions and 50 deletions.
diff --git a/Pipfile b/Pipfile
@@ -11,7 +11,6 @@ psycopg2 = {version = ">=2.9"}
 python-magic = {version = ">=0.4"}
 pyyaml = {version = ">=6.0"}
 sqlalchemy = {version = "~=1.4"}
-sqlalchemy-utils = {version = ">=0.38"}
 
 [dev-packages]
 

diff --git a/Pipfile.lock b/Pipfile.lock
diff --git a/docker-compose.test.yaml b/docker-compose.test.yaml
@@ -3,6 +3,7 @@ services:
   db:
     image: postgres:9.6
     environment:
+      - POSTGRES_DB=pastedb
       - POSTGRES_USER=postgres
       - POSTGRES_PASSWORD=postgres
   app:

diff --git a/pbnh/db/createdb.py b/pbnh/db/createdb.py
@@ -1,40 +1,24 @@
 import argparse
 from sqlalchemy import create_engine
-from sqlalchemy_utils import create_database
 
 from pbnh import conf
-from pbnh import app
 from pbnh.db import models
 from pbnh.db.connect import DBConnect
 
 
-class CreateDB():
-    def __init__(self, dialect=None, driver=None, username=None, password=None,
-                 host=None, port=None, dbname=None):
-        """Grab connection information to pass to DBConnect"""
-        self.dialect = dialect or 'sqlite'
-        self.dbname = dbname or app.app.config['CONFIG'].get('database').get('dbname')
-        self.driver = driver
-        self.username = username
-        self.password = password
-        self.host = host
-        self.port = port
+class CreateDB:
+    def __init__(self, *args, **kwargs):
+        self._dbconnect = DBConnect(*args, **kwargs)
+        self.engine = create_engine(str(self))
+
+    def __str__(self):
+        return str(self._dbconnect)
 
     def create(self):
-        connection = DBConnect(
-                dialect=self.dialect,
-                driver=self.driver,
-                username=self.username,
-                password=self.password,
-                host=self.host,
-                port=self.port,
-                dbname=self.dbname
-                )
-        print(connection)
-        create_database(str(connection))
-        engine = create_engine(str(connection))
-        models.Base.metadata.create_all(engine)
-        return connection
+        models.Base.metadata.create_all(self.engine)
+
+    def delete(self):
+        models.Paste.__table__.drop(self.engine)
 
 
 def main():

diff --git a/pbnh/tests/paste_curl_test.py b/pbnh/tests/paste_curl_test.py
@@ -36,7 +36,7 @@ def setUp(self):
         self.app = app.app.test_client()
 
     def tearDown(self):
-        os.unlink(DEFAULTS['database']['dbname'])
+        self.newdb.delete()
 
     def test_home(self):
         response = self.app.get('/')

diff --git a/pbnh/tests/paste_psql_test.py b/pbnh/tests/paste_psql_test.py
@@ -1,7 +1,6 @@
 import unittest
 
 from datetime import datetime
-from sqlalchemy_utils import drop_database
 
 from pbnh.db.createdb import CreateDB
 from pbnh.db.connect import DBConnect
@@ -16,7 +15,7 @@ def setUp(self):
         self.newdb.create()
 
     def tearDown(self):
-        drop_database(str(DBConnect(dialect=dialect, dbname=dbname)))
+        self.newdb.delete()
 
     def test_create_new(self):
         with paste.Paster(dialect=dialect, dbname=dbname) as p:

diff --git a/pbnh/tests/paste_sqlite_test.py b/pbnh/tests/paste_sqlite_test.py
@@ -15,7 +15,7 @@ def setUp(self):
         self.newdb.create()
 
     def tearDown(self):
-        os.remove('/tmp/pbnh_test.db')
+        self.newdb.delete()
 
     def test_create_new(self):
         with paste.Paster(dialect=dialect, dbname=dbname) as p:

diff --git a/run_tests.sh b/run_tests.sh
@@ -2,5 +2,4 @@
 set -o errexit
 set -o xtrace
 pipenv install --deploy --dev
-# https://github.com/kvesteri/sqlalchemy-utils/issues/166
-pipenv check --ignore 42194 --ignore 51668  # https://github.com/sqlalchemy/sqlalchemy/pull/8563
+pipenv check --ignore 51668  # https://github.com/sqlalchemy/sqlalchemy/pull/8563
diff --git a/sample_config.yml b/sample_config.yml
@@ -5,7 +5,7 @@ server:
   debug     : True
 
 database:
-  dbname    : "database_name"
+  dbname    : "pastedb"
   dialect   : "postgresql"
   driver    : null
   host      : "db"