mirror of
https://github.com/inspec/inspec
synced 2024-12-18 00:53:22 +00:00
eeeeda18d8
* quote password when generating mysql command string * added a test for mysql_session, added shellwords escaping to mysql_session resource * changed the name of the escape method * clarified test conditions Signed-off-by: Tom Hodder <tom@limepepper.co.uk>
18 lines
770 B
Ruby
18 lines
770 B
Ruby
# encoding: utf-8
|
|
# author: Christoph Hartmann
|
|
# author: Dominik Richter
|
|
|
|
require 'helper'
|
|
|
|
describe 'Inspec::Resources::MysqlSession' do
|
|
it 'verify mysql_session escaped login details with single quotes correctly' do
|
|
resource = load_resource('mysql_session',
|
|
'root',
|
|
%q{'%"'"&^*&()'*%})
|
|
_(resource.send(:create_mysql_cmd, 'SELECT 1 FROM DUAL;').must_equal(%q{mysql -uroot -p\'\%\"\'\"\&\^\*\&\(\)\'\*\% -h localhost -s -e "SELECT 1 FROM DUAL;"}))
|
|
end
|
|
it 'verify mysql_session omits optional username and password' do
|
|
resource = load_resource('mysql_session')
|
|
_(resource.send(:create_mysql_cmd, 'SELECT 1 FROM DUAL;').must_equal('mysql -h localhost -s -e "SELECT 1 FROM DUAL;"'))
|
|
end
|
|
end
|