Merge "Fix setting passwords with special characters"

2018-05-24 22:02:40 +00:00 · 2018-05-24 22:02:40 +00:00 · 9df60bd4a9
parent ecc2c68134 a0441f7455
commit 9df60bd4a9
3 changed files with 35 additions and 12 deletions
--- a/kolla_cli/api/password.py
+++ b/kolla_cli/api/password.py
@ -23,6 +23,7 @@ from kolla_cli.common.passwords import init_passwords
 from kolla_cli.common.passwords import set_password
 from kolla_cli.common.passwords import set_password_sshkey
 from kolla_cli.common.utils import check_arg
+from kolla_cli.common.utils import disallow_chars


 class PasswordApi(object):
@ -36,9 +37,13 @@ class PasswordApi(object):
        :param value: value of the password
        :type value: string
        """
-        check_arg(name, u._('Password name'), str)
-        check_arg(value, u._('Password value'), str, display_param=False,
+        password_name_string = u._('Password name')
+        password_value_string = u._('Password value')
+        check_arg(name, password_name_string, str)
+        disallow_chars(name, password_name_string, '\'')
+        check_arg(value, password_value_string, str, display_param=False,
                  empty_ok=True, none_ok=True)
+        disallow_chars(value, password_value_string, '\'')
        set_password(name, value)

    def password_set_sshkey(self, name, private_key, public_key):
@ -52,9 +57,15 @@ class PasswordApi(object):
        :param public_key: ssh public key
        :type value: string
        """
-        check_arg(name, u._('Password name'), str)
-        check_arg(private_key, u._('Private key'), str, display_param=False)
-        check_arg(public_key, u._('Public key'), str, display_param=False)
+        password_name_string = u._('Password name')
+        private_key_string = u._('Private key')
+        public_key_string = u._('Public key')
+        check_arg(name, password_name_string, str)
+        disallow_chars(name, password_name_string, '\'')
+        check_arg(private_key, private_key_string, str, display_param=False)
+        disallow_chars(private_key, private_key_string, '\'')
+        check_arg(public_key, public_key_string, str, display_param=False)
+        disallow_chars(public_key, public_key_string, '\'')
        set_password_sshkey(name, private_key, public_key)

    def password_clear(self, name):
@ -64,7 +75,9 @@ class PasswordApi(object):
        :param name: name of the password
        :type name: string
        """
-        check_arg(name, u._('Password name'), str)
+        password_name_string = u._('Password name')
+        check_arg(name, password_name_string, str)
+        disallow_chars(name, password_name_string, '\'')
        clear_password(name)

    def password_get_names(self):
--- a/kolla_cli/common/passwords.py
+++ b/kolla_cli/common/passwords.py
@ -31,8 +31,8 @@ def set_password(pwd_key, pwd_value):
    if not pwd_value:
        pwd_value = ''
        value_switch = ''
-    cmd = '%s -k %s %s %s' % (_get_cmd_prefix(), pwd_key, value_switch,
-                              pwd_value)
+    cmd = '%s -k \'%s\' %s \'%s\'' % (_get_cmd_prefix(), pwd_key, value_switch,
+                                      pwd_value)
    err_msg, output = utils.run_cmd(cmd, print_output=False)
    if err_msg:
        raise FailedOperation(
@ -41,8 +41,8 @@ def set_password(pwd_key, pwd_value):


 def set_password_sshkey(pwd_key, private_key, public_key):
-    cmd = '%s -k %s -r "%s" -u "%s"' % (_get_cmd_prefix(), pwd_key,
-                                        private_key, public_key)
+    cmd = '%s -k \'%s\' -r \'%s\' -u \'%s\'' % (_get_cmd_prefix(), pwd_key,
+                                                private_key, public_key)
    err_msg, output = utils.run_cmd(cmd, print_output=False)
    if err_msg:
        raise FailedOperation(
@ -55,7 +55,7 @@ def clear_password(pwd_key):

    if the password exists, it will be removed from the passwords file
    """
-    cmd = '%s -k %s -c' % (_get_cmd_prefix(), pwd_key)
+    cmd = '%s -k \'%s\' -c' % (_get_cmd_prefix(), pwd_key)
    err_msg, output = utils.run_cmd(cmd, print_output=False)
    if err_msg:
        raise FailedOperation('%s %s' % (err_msg, output))
--- a/kolla_cli/common/utils.py
+++ b/kolla_cli/common/utils.py
@ -140,7 +140,6 @@ def run_cmd(cmd, print_output=True):
                not None=command failed
    - output:   string: all the output of the run command
    """
-    err = None
    output = None
    try:
        process = subprocess.Popen(cmd, shell=True,  # nosec
@ -441,6 +440,17 @@ def check_arg(param, param_name, expected_type, none_ok=False, empty_ok=False,
                                          type=expected_type))


+def disallow_chars(param, param_name, chars):
+    if param is None:
+        return
+
+    for char in chars:
+        if char in param:
+            raise InvalidArgument(
+                u._('{name} contains invalid character {chars}')
+                .format(name=param_name, chars=chars))
+
+
 class Lock(object):
    """Object which represents an exclusive resource lock