diff options
| -rw-r--r-- | lib/hcl/app.rb | 5 | ||||
| -rw-r--r-- | test/app_test.rb | 13 |
2 files changed, 16 insertions, 2 deletions
diff --git a/lib/hcl/app.rb b/lib/hcl/app.rb index 4f2530b..ab8ef5d 100644 --- a/lib/hcl/app.rb +++ b/lib/hcl/app.rb @@ -1,5 +1,6 @@ require 'yaml' require 'fileutils' +require 'shellwords' require 'trollop' require 'highline/import' @@ -226,10 +227,10 @@ EOM end def save_password config - if system("security add-internet-password -U -l hcl -a '%s' -s '%s.harvestapp.com' -w '%s'" % [ + if system("security add-internet-password -U -l hcl -a '%s' -s '%s.harvestapp.com' -w %s" % [ config['login'], config['subdomain'], - config['password'], + Shellwords.escape(config['password']), ]) then config.delete('password') end end end diff --git a/test/app_test.rb b/test/app_test.rb index 4c997d7..499909d 100644 --- a/test/app_test.rb +++ b/test/app_test.rb @@ -65,4 +65,17 @@ class AppTest < HCl::TestCase assert_match /API failure/i, error_output end + def test_save_password_allows_passwords_with_quotes + app = HCl::App.new + app.expects(:system).with("security add-internet-password -U -l hcl -a 'taco@example.com' -s 'acme.harvestapp.com' -w pass\\ with\\ \\'\\ quote") + + config = { + 'login' => 'taco@example.com', + 'subdomain' => 'acme', + 'password' => "pass with ' quote", + } + + app.send :save_password, config + end + end |