parse web CLI input as shell input (#7206)

* add shell quote * use shell quote's parse method to properly escape strings entered in the web cli * add and update tests for the web CLI * fix linting and skip test for ' in a path * skip the correct test
hashicorp · Aug 5, 2019 · d975181 · d975181
1 parent f26452d
commit d975181
Show file tree

Hide file tree

Showing 7 changed files with 26 additions and 10 deletions.
diff --git a/ui/app/lib/console-helpers.js b/ui/app/lib/console-helpers.js
@@ -1,5 +1,6 @@
 import keys from 'vault/lib/keycodes';
 import argTokenizer from 'yargs-parser/lib/tokenize-arg-string.js';
+import { parse } from 'shell-quote';
 
 const supportedCommands = ['read', 'write', 'list', 'delete'];
 const uiCommands = ['api', 'clearall', 'clear', 'fullscreen', 'refresh'];
@@ -45,7 +46,7 @@ export function executeUICommand(command, logAndOutput, commandFns) {
 }
 
 export function parseCommand(command, shouldThrow) {
-  let args = argTokenizer(command);
+  let args = argTokenizer(parse(command));
   if (args[0] === 'vault') {
     args.shift();
   }
@@ -63,8 +64,6 @@ export function parseCommand(command, shouldThrow) {
         let strippedArg = arg
           // we'll have arg=something or arg="lol I need spaces", so need to split on the first =
           .split(/=(.+)/)
-          // remove matched wrapping " or ' from each item
-          .map(item => item.replace(/^("|')(.+)(\1)$/, '$2'))
           // if there were quotes, there's an empty string as the last member in the array that we don't want,
           // so filter it out
           .filter(str => str !== '')

diff --git a/ui/app/services/path-help.js b/ui/app/services/path-help.js
@@ -7,10 +7,8 @@ import Service from '@ember/service';
 import DS from 'ember-data';
 import { encodePath } from 'vault/utils/path-encoding-helpers';
 import { getOwner } from '@ember/application';
-import { capitalize } from '@ember/string';
 import { assign } from '@ember/polyfills';
 import { expandOpenApiProps, combineAttributes } from 'vault/utils/openapi-to-attrs';
-import { supportedAuthBackends } from 'vault/helpers/supported-auth-backends';
 import fieldToAttrs from 'vault/utils/field-to-attrs';
 import { resolve } from 'rsvp';
 import { debug } from '@ember/debug';

diff --git a/ui/package.json b/ui/package.json
@@ -130,6 +130,7 @@
     "qunit-dom": "^0.7.1",
     "route-recognizer": "^0.3.4",
     "sass-svg-uri": "^1.0.0",
+    "shell-quote": "^1.6.1",
     "string.prototype.endswith": "^0.2.0",
     "string.prototype.startswith": "^0.2.0",
     "swagger-ui-dist": "^3.22.3",

diff --git a/ui/tests/acceptance/secrets/backend/kv/secret-test.js b/ui/tests/acceptance/secrets/backend/kv/secret-test.js
@@ -255,7 +255,7 @@ module('Acceptance | secrets/secret/create', function(hooks) {
     let paths = [
       '(',
       ')',
-      //'"',
+      '"',
       //"'",
       '!',
       '#',
@@ -276,7 +276,7 @@ module('Acceptance | secrets/secret/create', function(hooks) {
     ].map(char => `${char}some`);
     assert.expect(paths.length * 2);
     let secretName = '2';
-    let commands = paths.map(path => `write ${backend}/${path}/${secretName} 3=4`);
+    let commands = paths.map(path => `write '${backend}/${path}/${secretName}' 3=4`);
     await consoleComponent.runCommands(['write sys/mounts/kv type=kv', ...commands]);
     for (let path of paths) {
       await listPage.visit({ backend, id: path });

diff --git a/ui/tests/integration/components/edit-form-kmip-role-test.js b/ui/tests/integration/components/edit-form-kmip-role-test.js
@@ -4,7 +4,7 @@ import EmberObject, { computed } from '@ember/object';
 import Service from '@ember/service';
 import { module, test } from 'qunit';
 import { setupRenderingTest } from 'ember-qunit';
-import { click, find, render, settled } from '@ember/test-helpers';
+import { click, render, settled } from '@ember/test-helpers';
 import hbs from 'htmlbars-inline-precompile';
 import sinon from 'sinon';
 import engineResolverFor from 'ember-engines/test-support/engine-resolver-for';

diff --git a/ui/tests/unit/lib/console-helpers-test.js b/ui/tests/unit/lib/console-helpers-test.js
@@ -73,10 +73,28 @@ module('Unit | Lib | console helpers', function() {
       name: 'write with unmatched quotes',
       command: `vault write \
       auth/token/create \
-      policies='foo
+      policies="'foo"
       `,
       expected: ['write', [], 'auth/token/create', ["policies='foo"]],
     },
+    {
+      name: 'write with shell characters',
+      /* eslint-disable no-useless-escape */
+      command: `vault write  database/roles/api-prod db_name=apiprod creation_statements="CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}'; GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";" default_ttl=1h max_ttl=24h
+      `,
+      expected: [
+        'write',
+        [],
+        'database/roles/api-prod',
+        [
+          'db_name=apiprod',
+          `creation_statements=CREATE ROLE {{name}} WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}'; GRANT SELECT ON ALL TABLES IN SCHEMA public TO {{name}};`,
+          'default_ttl=1h',
+          'max_ttl=24h',
+        ],
+      ],
+    },
+
     {
       name: 'read with field',
       command: `vault read -field=access_key aws/creds/my-role`,

diff --git a/ui/yarn.lock b/ui/yarn.lock
@@ -16697,7 +16697,7 @@ shebang-regex@^1.0.0:
   resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3"
   integrity sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM=
 
-[email protected]:
+[email protected], shell-quote@^1.6.1:
   version "1.6.1"
   resolved "https://registry.yarnpkg.com/shell-quote/-/shell-quote-1.6.1.tgz#f4781949cce402697127430ea3b3c5476f481767"
   integrity sha1-9HgZSczkAmlxJ0MOo7PFR29IF2c=