AMBARI-2361. Escape spec symbols in data, entered on UI. (Oleksandr Diachenko via swagle)

git-svn-id: https://svn.apache.org/repos/asf/incubator/ambari/trunk@1492919 13f79535-47bb-0310-9956-ffa450edef68

ambari-agent/src/main/puppet/modules/hdp-mysql/manifests/server.pp

@@ -27,7 +27,7 @@ class hdp-mysql::server(
    } elsif ($service_state in ['running','stopped','installed_and_configured']) {
    
     $db_user = $hdp-mysql::params::db_user
-    $db_pw = $hdp-mysql::params::db_pw
+    $db_pw = hdp_escape_spec_characters($hdp-mysql::params::db_pw)
     $db_name = $hdp-mysql::params::db_name
     $host = $hdp::params::hive_mysql_host 
 
@@ -115,7 +115,7 @@ class hdp-mysql::server(
       }
       # We start the DB and add a user
       exec { '/tmp/addMysqlUser.sh':
-        command   => "sh /tmp/addMysqlUser.sh ${service_name} ${db_user} ${db_pw} ${host}",
+        command   => "bash -x /tmp/addMysqlUser.sh ${service_name} ${db_user} \"${db_pw}\" ${host}",
         tries     => 3,
         try_sleep => 5,
         require   => File['/tmp/addMysqlUser.sh'],

ambari-agent/src/main/puppet/modules/hdp/lib/puppet/parser/functions/hdp_escape_spec_characters.rb

@@ -0,0 +1,28 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+#
+#to handle differences in how args passed in
+module Puppet::Parser::Functions
+  newfunction(:hdp_escape_spec_characters, :type => :rvalue) do |args|
+    pw_value = args[0]
+    pattern = /(\!|\'|\$|\)|\(|\*|\"|\.|\\)/
+    pw_value.gsub(pattern){|match|"\\"  + match}
+  end
+end

ambari-agent/src/main/python/ambari_agent/manifestGenerator.py

@@ -160,7 +160,7 @@ def writeParams(outputFile, params, modulesdir):
       outputFile.write('\n}\n')
     else:
       outputFile.write('$' +  paramName + '="' + param + '"\n')
-    
+
 
 #write host attributes
 def writeHostAttributes(outputFile, hostAttributes):
@@ -181,7 +181,7 @@ def writeFlatConfigurations(outputFile, flatConfigs):
     for flatConfig in flatConfigs[flatConfigName].iterkeys():
       flatDict[flatConfig] = flatConfigs[flatConfigName][flatConfig]
   for gconfigKey in flatDict.iterkeys():
-    outputFile.write('$' + gconfigKey + " = '" + flatDict[gconfigKey] + "'" + os.linesep)
+    outputFile.write('$' + gconfigKey + " = '" + escape(flatDict[gconfigKey]) + "'" + os.linesep)
 
 #write xml configurations
 def writeNonGlobalConfigurations(outputFile, xmlConfigs):
@@ -193,7 +193,7 @@ def writeNonGlobalConfigurations(outputFile, xmlConfigs):
     outputFile.write(configName + '=> {\n')
     coma = ''
     for configParam in config.iterkeys():
-      outputFile.write(coma + '"' + configParam + '" => \'' + config[configParam] + '\'')
+      outputFile.write(coma + '"' + configParam + '" => \'' + escape(config[configParam]) + '\'')
       coma = ',\n'
 
     outputFile.write('\n},\n')
@@ -267,7 +267,9 @@ def writeStages(outputFile, numStages):
   
   outputFile.write('\n')
 
-
+#Escape special characters
+def escape(param):
+    return param.replace('\\', '\\\\').replace('\'', '\\\'')
   
 def main():
   logging.basicConfig(level=logging.DEBUG)    

ambari-agent/src/test/python/TestManifestGenerator.py

@@ -77,4 +77,10 @@ class TestManifestGenerator(TestCase):
 
     print file(tmpFileName).read()
 
-    pass
+    pass
+
+  def testEscape(self):
+    shouldBe = '\\\'\\\\'
+    result = manifestGenerator.escape('\'\\')
+    self.assertEqual(result, shouldBe)
+