feat(python): add test for internal statement

internal/languages/python/.snapshots/TestImport--import.yml

@@ -0,0 +1,198 @@
+high:
+    - rule:
+        cwe_ids:
+            - "42"
+        id: import_test
+        title: Test detection filter import statements
+        description: Test detection filter import statements
+        documentation_url: ""
+      line_number: 2
+      full_filename: import.py
+      filename: import.py
+      source:
+        location:
+            start: 2
+            end: 2
+            column:
+                start: 1
+                end: 17
+      sink:
+        location:
+            start: 2
+            end: 2
+            column:
+                start: 1
+                end: 17
+        content: ""
+      parent_line_number: 2
+      fingerprint: 55db11cd18d0af4114644d01cefbc79d_0
+      old_fingerprint: 55db11cd18d0af4114644d01cefbc79d_0
+    - rule:
+        cwe_ids:
+            - "42"
+        id: import_test
+        title: Test detection filter import statements
+        description: Test detection filter import statements
+        documentation_url: ""
+      line_number: 5
+      full_filename: import.py
+      filename: import.py
+      source:
+        location:
+            start: 5
+            end: 5
+            column:
+                start: 1
+                end: 18
+      sink:
+        location:
+            start: 5
+            end: 5
+            column:
+                start: 1
+                end: 18
+        content: ""
+      parent_line_number: 5
+      fingerprint: 55db11cd18d0af4114644d01cefbc79d_1
+      old_fingerprint: 55db11cd18d0af4114644d01cefbc79d_1
+    - rule:
+        cwe_ids:
+            - "42"
+        id: import_test
+        title: Test detection filter import statements
+        description: Test detection filter import statements
+        documentation_url: ""
+      line_number: 11
+      full_filename: import.py
+      filename: import.py
+      source:
+        location:
+            start: 11
+            end: 11
+            column:
+                start: 1
+                end: 17
+      sink:
+        location:
+            start: 11
+            end: 11
+            column:
+                start: 1
+                end: 17
+        content: ""
+      parent_line_number: 11
+      fingerprint: 55db11cd18d0af4114644d01cefbc79d_2
+      old_fingerprint: 55db11cd18d0af4114644d01cefbc79d_2
+    - rule:
+        cwe_ids:
+            - "42"
+        id: import_test
+        title: Test detection filter import statements
+        description: Test detection filter import statements
+        documentation_url: ""
+      line_number: 14
+      full_filename: import.py
+      filename: import.py
+      source:
+        location:
+            start: 14
+            end: 14
+            column:
+                start: 1
+                end: 20
+      sink:
+        location:
+            start: 14
+            end: 14
+            column:
+                start: 1
+                end: 20
+        content: ""
+      parent_line_number: 14
+      fingerprint: 55db11cd18d0af4114644d01cefbc79d_3
+      old_fingerprint: 55db11cd18d0af4114644d01cefbc79d_3
+    - rule:
+        cwe_ids:
+            - "42"
+        id: import_test
+        title: Test detection filter import statements
+        description: Test detection filter import statements
+        documentation_url: ""
+      line_number: 21
+      full_filename: import.py
+      filename: import.py
+      source:
+        location:
+            start: 21
+            end: 21
+            column:
+                start: 1
+                end: 11
+      sink:
+        location:
+            start: 21
+            end: 21
+            column:
+                start: 1
+                end: 11
+        content: ""
+      parent_line_number: 21
+      fingerprint: 55db11cd18d0af4114644d01cefbc79d_4
+      old_fingerprint: 55db11cd18d0af4114644d01cefbc79d_4
+    - rule:
+        cwe_ids:
+            - "42"
+        id: import_test
+        title: Test detection filter import statements
+        description: Test detection filter import statements
+        documentation_url: ""
+      line_number: 25
+      full_filename: import.py
+      filename: import.py
+      source:
+        location:
+            start: 25
+            end: 25
+            column:
+                start: 1
+                end: 11
+      sink:
+        location:
+            start: 25
+            end: 25
+            column:
+                start: 1
+                end: 11
+        content: ""
+      parent_line_number: 25
+      fingerprint: 55db11cd18d0af4114644d01cefbc79d_5
+      old_fingerprint: 55db11cd18d0af4114644d01cefbc79d_5
+    - rule:
+        cwe_ids:
+            - "42"
+        id: import_test
+        title: Test detection filter import statements
+        description: Test detection filter import statements
+        documentation_url: ""
+      line_number: 29
+      full_filename: import.py
+      filename: import.py
+      source:
+        location:
+            start: 29
+            end: 29
+            column:
+                start: 1
+                end: 11
+      sink:
+        location:
+            start: 29
+            end: 29
+            column:
+                start: 1
+                end: 11
+        content: ""
+      parent_line_number: 29
+      fingerprint: 55db11cd18d0af4114644d01cefbc79d_6
+      old_fingerprint: 55db11cd18d0af4114644d01cefbc79d_6
+

internal/languages/python/python_test.go

@@ -13,10 +13,17 @@ var loggerRule []byte
 //go:embed testdata/scope_rule.yml
 var scopeRule []byte
 
+//go:embed testdata/import_rule.yml
+var importRule []byte
+
 func TestFlow(t *testing.T) {
 	testhelper.GetRunner(t, loggerRule, "python").RunTest(t, "./testdata/testcases/flow", ".snapshots/flow/")
 }
 
 func TestScope(t *testing.T) {
 	testhelper.GetRunner(t, scopeRule, "python").RunTest(t, "./testdata/scope", ".snapshots/")
 }
+
+func TestImport(t *testing.T) {
+	testhelper.GetRunner(t, importRule, "python").RunTest(t, "./testdata/import", ".snapshots/")
+}

internal/languages/python/testdata/import/import.py

@@ -0,0 +1,29 @@
+from baz import foo
+foo.someMethod()
+
+from baz import foo as asdf
+asdf.someMethod()
+
+from baz import y as z, a as b, foo as j
+j.someMethod() # should be caught
+
+import bar
+bar.someMethod()
+
+import bar as qwerty
+qwerty.someMethod()
+
+import yy as zz, bar as bb
+zz.someMethod() # should be caught
+
+import FooClass
+z = FooClass
+z.qwerty()
+
+from baz import FooClass as Something
+x = Something()
+x.qwerty()
+
+import FooClass as SomethingElse
+y = SomethingElse()
+y.qwerty()

internal/languages/python/testdata/import_rule.yml

@@ -0,0 +1,40 @@
+languages:
+  - python
+patterns:
+  - pattern: $<IMPORT_FROM>.someMethod($<...>)
+    filters:
+      - variable: IMPORT_FROM
+        detection: import_test_import_from
+        scope: result
+  - pattern: $<IMPORT>.someMethod($<...>)
+    filters:
+      - variable: IMPORT
+        detection: import_test_import
+        scope: result
+  - pattern: $<CLASS>.qwerty($<...>)
+    filters:
+      - variable: CLASS
+        detection: import_test_class_import
+        scope: result
+auxiliary:
+  - id: import_test_import_from
+    patterns:
+      - from baz import $<!>foo
+      - from baz import foo as $<!>$<_>
+  - id: import_test_import
+    patterns:
+      - import $<!>bar
+      - import bar as $<!>$<_>
+  - id: import_test_class_import
+    patterns:
+      - import $<!>FooClass
+      - import FooClass as $<!>$<_>
+      - from baz import $<!>FooClass
+      - from baz import FooClass as $<!>$<_>
+severity: high
+metadata:
+  description: Test detection filter import statements
+  remediation_message: Test detection filter import statements
+  cwe_id:
+    - 42
+  id: import_test