From ce7aeb9a3a2e84176bed4a2b7c5244696c05ab98 Mon Sep 17 00:00:00 2001
From: Matthew Irish <matthew@hashicorp.com>
Date: Fri, 26 Jul 2019 16:28:23 -0500
Subject: [PATCH 1/5] add shell quote

---
 ui/package.json | 1 +
 ui/yarn.lock    | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/ui/package.json b/ui/package.json
index a3b3957dde59..3392fe45aed9 100644
--- a/ui/package.json
+++ b/ui/package.json
@@ -130,6 +130,7 @@
     "qunit-dom": "^0.7.1",
     "route-recognizer": "^0.3.4",
     "sass-svg-uri": "^1.0.0",
+    "shell-quote": "^1.6.1",
     "string.prototype.endswith": "^0.2.0",
     "string.prototype.startswith": "^0.2.0",
     "swagger-ui-dist": "^3.22.3",
diff --git a/ui/yarn.lock b/ui/yarn.lock
index 109879739caf..a207b87b2971 100644
--- a/ui/yarn.lock
+++ b/ui/yarn.lock
@@ -16697,7 +16697,7 @@ shebang-regex@^1.0.0:
   resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3"
   integrity sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM=
 
-shell-quote@1.6.1:
+shell-quote@1.6.1, shell-quote@^1.6.1:
   version "1.6.1"
   resolved "https://registry.yarnpkg.com/shell-quote/-/shell-quote-1.6.1.tgz#f4781949cce402697127430ea3b3c5476f481767"
   integrity sha1-9HgZSczkAmlxJ0MOo7PFR29IF2c=

From d6f4a00b1a9475adcc4b723827a5f328cedc7117 Mon Sep 17 00:00:00 2001
From: Matthew Irish <matthew@hashicorp.com>
Date: Mon, 29 Jul 2019 09:26:35 -0500
Subject: [PATCH 2/5] use shell quote's parse method to properly escape strings
 entered in the web cli

---
 ui/app/lib/console-helpers.js | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/ui/app/lib/console-helpers.js b/ui/app/lib/console-helpers.js
index 65ea1b3c5662..12d7e3c529ad 100644
--- a/ui/app/lib/console-helpers.js
+++ b/ui/app/lib/console-helpers.js
@@ -1,5 +1,6 @@
 import keys from 'vault/lib/keycodes';
 import argTokenizer from 'yargs-parser/lib/tokenize-arg-string.js';
+import { parse } from 'shell-quote';
 
 const supportedCommands = ['read', 'write', 'list', 'delete'];
 const uiCommands = ['api', 'clearall', 'clear', 'fullscreen', 'refresh'];
@@ -45,7 +46,7 @@ export function executeUICommand(command, logAndOutput, commandFns) {
 }
 
 export function parseCommand(command, shouldThrow) {
-  let args = argTokenizer(command);
+  let args = argTokenizer(parse(command));
   if (args[0] === 'vault') {
     args.shift();
   }
@@ -63,8 +64,6 @@ export function parseCommand(command, shouldThrow) {
         let strippedArg = arg
           // we'll have arg=something or arg="lol I need spaces", so need to split on the first =
           .split(/=(.+)/)
-          // remove matched wrapping " or ' from each item
-          .map(item => item.replace(/^("|')(.+)(\1)$/, '$2'))
           // if there were quotes, there's an empty string as the last member in the array that we don't want,
           // so filter it out
           .filter(str => str !== '')

From 3eb7ed7131ed3bf4af701d4fe0d7cb254dbd34ef Mon Sep 17 00:00:00 2001
From: Matthew Irish <matthew@hashicorp.com>
Date: Mon, 29 Jul 2019 09:51:39 -0500
Subject: [PATCH 3/5] add and update tests for the web CLI

---
 .../secrets/backend/kv/secret-test.js         |  6 +++---
 ui/tests/unit/lib/console-helpers-test.js     | 19 ++++++++++++++++++-
 2 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/ui/tests/acceptance/secrets/backend/kv/secret-test.js b/ui/tests/acceptance/secrets/backend/kv/secret-test.js
index 7fb54e5ced4f..61810250a117 100644
--- a/ui/tests/acceptance/secrets/backend/kv/secret-test.js
+++ b/ui/tests/acceptance/secrets/backend/kv/secret-test.js
@@ -255,8 +255,8 @@ module('Acceptance | secrets/secret/create', function(hooks) {
     let paths = [
       '(',
       ')',
-      //'"',
-      //"'",
+      '"',
+      "'",
       '!',
       '#',
       '$',
@@ -276,7 +276,7 @@ module('Acceptance | secrets/secret/create', function(hooks) {
     ].map(char => `${char}some`);
     assert.expect(paths.length * 2);
     let secretName = '2';
-    let commands = paths.map(path => `write ${backend}/${path}/${secretName} 3=4`);
+    let commands = paths.map(path => `write '${backend}/${path}/${secretName}' 3=4`);
     await consoleComponent.runCommands(['write sys/mounts/kv type=kv', ...commands]);
     for (let path of paths) {
       await listPage.visit({ backend, id: path });
diff --git a/ui/tests/unit/lib/console-helpers-test.js b/ui/tests/unit/lib/console-helpers-test.js
index d3c7fafd1c4c..ccdfacf0093a 100644
--- a/ui/tests/unit/lib/console-helpers-test.js
+++ b/ui/tests/unit/lib/console-helpers-test.js
@@ -73,10 +73,27 @@ module('Unit | Lib | console helpers', function() {
       name: 'write with unmatched quotes',
       command: `vault write \
       auth/token/create \
-      policies='foo
+      policies="'foo"
       `,
       expected: ['write', [], 'auth/token/create', ["policies='foo"]],
     },
+    {
+      name: 'write with shell characters',
+      command: `vault write  database/roles/api-prod db_name=apiprod creation_statements="CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}'; GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";" default_ttl=1h max_ttl=24h
+      `,
+      expected: [
+        'write',
+        [],
+        'database/roles/api-prod',
+        [
+          'db_name=apiprod',
+          `creation_statements=CREATE ROLE {{name}} WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}'; GRANT SELECT ON ALL TABLES IN SCHEMA public TO {{name}};`,
+          'default_ttl=1h',
+          'max_ttl=24h',
+        ],
+      ],
+    },
+
     {
       name: 'read with field',
       command: `vault read -field=access_key aws/creds/my-role`,

From c8ccff4249c84959a17ca185fc089ab1a1cdde9d Mon Sep 17 00:00:00 2001
From: Matthew Irish <matthew@hashicorp.com>
Date: Mon, 29 Jul 2019 14:51:54 -0500
Subject: [PATCH 4/5] fix linting and skip test for ' in a path

---
 ui/app/services/path-help.js                                | 2 --
 ui/tests/acceptance/secrets/backend/kv/secret-test.js       | 2 +-
 ui/tests/integration/components/edit-form-kmip-role-test.js | 2 +-
 ui/tests/unit/lib/console-helpers-test.js                   | 1 +
 4 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/ui/app/services/path-help.js b/ui/app/services/path-help.js
index a2b6dbf3db15..6ac8e80ae7e1 100644
--- a/ui/app/services/path-help.js
+++ b/ui/app/services/path-help.js
@@ -7,10 +7,8 @@ import Service from '@ember/service';
 import DS from 'ember-data';
 import { encodePath } from 'vault/utils/path-encoding-helpers';
 import { getOwner } from '@ember/application';
-import { capitalize } from '@ember/string';
 import { assign } from '@ember/polyfills';
 import { expandOpenApiProps, combineAttributes } from 'vault/utils/openapi-to-attrs';
-import { supportedAuthBackends } from 'vault/helpers/supported-auth-backends';
 import fieldToAttrs from 'vault/utils/field-to-attrs';
 import { resolve } from 'rsvp';
 import { debug } from '@ember/debug';
diff --git a/ui/tests/acceptance/secrets/backend/kv/secret-test.js b/ui/tests/acceptance/secrets/backend/kv/secret-test.js
index 61810250a117..fa5242249157 100644
--- a/ui/tests/acceptance/secrets/backend/kv/secret-test.js
+++ b/ui/tests/acceptance/secrets/backend/kv/secret-test.js
@@ -255,7 +255,7 @@ module('Acceptance | secrets/secret/create', function(hooks) {
     let paths = [
       '(',
       ')',
-      '"',
+      //'"',
       "'",
       '!',
       '#',
diff --git a/ui/tests/integration/components/edit-form-kmip-role-test.js b/ui/tests/integration/components/edit-form-kmip-role-test.js
index 910ea172a781..904c3e2fe1ab 100644
--- a/ui/tests/integration/components/edit-form-kmip-role-test.js
+++ b/ui/tests/integration/components/edit-form-kmip-role-test.js
@@ -4,7 +4,7 @@ import EmberObject, { computed } from '@ember/object';
 import Service from '@ember/service';
 import { module, test } from 'qunit';
 import { setupRenderingTest } from 'ember-qunit';
-import { click, find, render, settled } from '@ember/test-helpers';
+import { click, render, settled } from '@ember/test-helpers';
 import hbs from 'htmlbars-inline-precompile';
 import sinon from 'sinon';
 import engineResolverFor from 'ember-engines/test-support/engine-resolver-for';
diff --git a/ui/tests/unit/lib/console-helpers-test.js b/ui/tests/unit/lib/console-helpers-test.js
index ccdfacf0093a..b38f6195cd10 100644
--- a/ui/tests/unit/lib/console-helpers-test.js
+++ b/ui/tests/unit/lib/console-helpers-test.js
@@ -79,6 +79,7 @@ module('Unit | Lib | console helpers', function() {
     },
     {
       name: 'write with shell characters',
+      /* eslint-disable no-useless-escape */
       command: `vault write  database/roles/api-prod db_name=apiprod creation_statements="CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}'; GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";" default_ttl=1h max_ttl=24h
       `,
       expected: [

From 3c763e4fca8af4ec7935c1b2a888029b0a99b23c Mon Sep 17 00:00:00 2001
From: Matthew Irish <matthew@hashicorp.com>
Date: Mon, 29 Jul 2019 15:02:12 -0500
Subject: [PATCH 5/5] skip the correct test

---
 ui/tests/acceptance/secrets/backend/kv/secret-test.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ui/tests/acceptance/secrets/backend/kv/secret-test.js b/ui/tests/acceptance/secrets/backend/kv/secret-test.js
index fa5242249157..625076c17bed 100644
--- a/ui/tests/acceptance/secrets/backend/kv/secret-test.js
+++ b/ui/tests/acceptance/secrets/backend/kv/secret-test.js
@@ -255,8 +255,8 @@ module('Acceptance | secrets/secret/create', function(hooks) {
     let paths = [
       '(',
       ')',
-      //'"',
-      "'",
+      '"',
+      //"'",
       '!',
       '#',
       '$',