From b2f00fd32ccd459fdc27989aba064c72cce77fbf Mon Sep 17 00:00:00 2001 From: joshr Date: Sat, 14 Jul 2018 15:17:27 -0400 Subject: [PATCH 1/7] fixes for filenames with spaces quoting improvements, and _list_all_added_files() now sets a global 'filenames' array. --- src/_utils/_git_secret_tools.sh | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/_utils/_git_secret_tools.sh b/src/_utils/_git_secret_tools.sh index 8ccaef76..a12c26da 100644 --- a/src/_utils/_git_secret_tools.sh +++ b/src/_utils/_git_secret_tools.sh @@ -176,6 +176,7 @@ function _delete_line { } +# this sets the global variable 'filename' function _temporary_file { # This function creates temporary file # which will be removed on system exit. @@ -258,7 +259,7 @@ function _fsdb_rm_record { local key="$1" # required local fsdb="$2" # required - _gawk_inplace -v key="$key" "'$AWK_FSDB_RM_RECORD'" "$fsdb" + _gawk_inplace -v key="'$key'" "'$AWK_FSDB_RM_RECORD'" "$fsdb" } function _fsdb_clear_hashes { @@ -462,6 +463,7 @@ function _find_and_clean_formatted { } +# this sets the global array variable 'filenames' function _list_all_added_files { local path_mappings path_mappings=$(_get_secrets_dir_paths_mapping) @@ -470,9 +472,14 @@ function _list_all_added_files { _abort "$path_mappings is missing." fi + local filename + filenames=() # not local while read -r line; do - _get_record_filename "$line" + filename=$(_get_record_filename "$line") + filenames+=("$filename") done < "$path_mappings" + + declare -a filenames # so caller can get list from filenames array } From bb2253af8a97ba323f0df1dadb6ea73dd0d39cee Mon Sep 17 00:00:00 2001 From: joshr Date: Sat, 14 Jul 2018 15:19:11 -0400 Subject: [PATCH 2/7] remove debug code, see #237 --- src/commands/git_secret_remove.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/commands/git_secret_remove.sh b/src/commands/git_secret_remove.sh index 08fffbf8..2122dec1 100644 --- a/src/commands/git_secret_remove.sh +++ b/src/commands/git_secret_remove.sh @@ -33,8 +33,6 @@ function remove { normalized_path=$(_git_normalize_filename "$item") path=$(_append_root_path "$normalized_path") - echo "$item -> $normalized_path -> $path" - # Checking if file exists: if [[ ! -f "$path" ]]; then _abort "file not found: $item" From 5c639cf8e7c819a94cac607a76bc336d40aa6ffe Mon Sep 17 00:00:00 2001 From: joshr Date: Sat, 14 Jul 2018 15:19:47 -0400 Subject: [PATCH 3/7] fixes for filenames with spaces _list_all_added_files() now sets 'filenames' var, and fixed quoting when updating hashes. --- src/commands/git_secret_changes.sh | 8 ++++---- src/commands/git_secret_hide.sh | 2 +- src/commands/git_secret_list.sh | 7 ++++++- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/src/commands/git_secret_changes.sh b/src/commands/git_secret_changes.sh index 61af7aeb..371a3785 100644 --- a/src/commands/git_secret_changes.sh +++ b/src/commands/git_secret_changes.sh @@ -22,16 +22,16 @@ function changes { _user_required - local filenames="$*" - if [[ -z "$filenames" ]]; then + filenames=("$@") # list of positional params. global. + if [[ ${#filenames[@]} -eq 0 ]]; then # Checking if no filenames are passed, show diff for all files. - filenames=$(_list_all_added_files) + _list_all_added_files # this sets the array variable 'filenames' fi IFS=' ' - for filename in $filenames; do + for filename in "${filenames[@]}"; do local decrypted local diff_result diff --git a/src/commands/git_secret_hide.sh b/src/commands/git_secret_hide.sh index 8f227e87..1490bcd7 100644 --- a/src/commands/git_secret_hide.sh +++ b/src/commands/git_secret_hide.sh @@ -74,7 +74,7 @@ function _optional_fsdb_update_hash { fsdb=$(_get_secrets_dir_paths_mapping) - _gawk_inplace -v key="$key" -v hash="$hash" "'$AWK_FSDB_UPDATE_HASH'" "$fsdb" + _gawk_inplace -v key="'$key'" -v hash="$hash" "'$AWK_FSDB_UPDATE_HASH'" "$fsdb" } diff --git a/src/commands/git_secret_list.sh b/src/commands/git_secret_list.sh index dccba3a5..fe757867 100644 --- a/src/commands/git_secret_list.sh +++ b/src/commands/git_secret_list.sh @@ -18,5 +18,10 @@ function list { _user_required # Command logic: - _list_all_added_files + filenames=() + _list_all_added_files # exports 'filenames' array + local filename + for filename in "${filenames[@]}"; do + echo "$filename" + done } From 70964994658a18f39ad4823a6b05b8740dfa17a6 Mon Sep 17 00:00:00 2001 From: joshr Date: Sat, 14 Jul 2018 15:21:41 -0400 Subject: [PATCH 4/7] fix quoting for files with spaces. use filenames from _test_base.bats --- tests/test_remove.bats | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/test_remove.bats b/tests/test_remove.bats index 7a4bb9db..4e6ff2bc 100644 --- a/tests/test_remove.bats +++ b/tests/test_remove.bats @@ -2,8 +2,8 @@ load _test_base -FIRST_FILE="file_to_hide1" -SECOND_FILE="file_to_hide2" +FIRST_FILE="$TEST_DEFAULT_FILENAME" +SECOND_FILE="$TEST_SECOND_FILENAME" function setup { @@ -55,8 +55,8 @@ function _has_line { [ "$other_files" -eq 0 ] # Both files should be present: - local first_encrypted_file=$(_get_encrypted_filename $FIRST_FILE) - local second_encrypted_file=$(_get_encrypted_filename $SECOND_FILE) + local first_encrypted_file=$(_get_encrypted_filename "$FIRST_FILE") + local second_encrypted_file=$(_get_encrypted_filename "$SECOND_FILE") [ -f "$first_encrypted_file" ] [ -f "$second_encrypted_file" ] @@ -74,8 +74,8 @@ function _has_line { [ "$second_line" -eq 1 ] # Both files should be present: - local first_encrypted_file=$(_get_encrypted_filename $FIRST_FILE) - local second_encrypted_file=$(_get_encrypted_filename $SECOND_FILE) + local first_encrypted_file=$(_get_encrypted_filename "$FIRST_FILE") + local second_encrypted_file=$(_get_encrypted_filename "$SECOND_FILE") [ -f "$first_encrypted_file" ] [ -f "$second_encrypted_file" ] @@ -88,7 +88,7 @@ function _has_line { # Prepartions: local folder="somedir" - local file_in_folder="$folder/file_to_hide3" + local file_in_folder="$folder/$TEST_THIRD_FILENAME" mkdir -p "$folder" set_state_secret_add "$file_in_folder" "somecontent3" @@ -101,7 +101,7 @@ function _has_line { local mapping_contains=$(_has_line "$file_in_folder") [ "$mapping_contains" -eq 1 ] - local encrypted_file=$(_get_encrypted_filename $file_in_folder) + local encrypted_file=$(_get_encrypted_filename "$file_in_folder") [ -f "$encrypted_file" ] # Cleaning up: @@ -118,8 +118,8 @@ function _has_line { local mapping_contains=$(_has_line "$SECOND_FILE") [ "$mapping_contains" -eq 1 ] - local first_encrypted_file=$(_get_encrypted_filename $FIRST_FILE) - local second_encrypted_file=$(_get_encrypted_filename $SECOND_FILE) + local first_encrypted_file=$(_get_encrypted_filename "$FIRST_FILE") + local second_encrypted_file=$(_get_encrypted_filename "$SECOND_FILE") echo "$output" echo "$first_encrypted_file and $second_encrypted_file" From c141fd44923559d594c4001d723d457b0ac50ab8 Mon Sep 17 00:00:00 2001 From: joshr Date: Sat, 14 Jul 2018 15:23:17 -0400 Subject: [PATCH 5/7] test with filenames with spaces --- tests/_test_base.bash | 9 +++++++++ tests/test_add.bats | 18 +++++++++--------- tests/test_cat.bats | 2 +- tests/test_changes.bats | 6 +++--- tests/test_clean.bats | 4 ++-- tests/test_hide.bats | 8 ++++---- tests/test_reveal.bats | 2 +- tests/test_reveal_filename.bats | 2 +- 8 files changed, 30 insertions(+), 21 deletions(-) diff --git a/tests/_test_base.bash b/tests/_test_base.bash index bbf14504..fd1ee127 100644 --- a/tests/_test_base.bash +++ b/tests/_test_base.bash @@ -37,6 +37,15 @@ TEST_DEFAULT_USER="user1" TEST_SECOND_USER="user2" # shellcheck disable=2034 TEST_ATTACKER_USER="attacker1" # shellcheck disable=2034 +#TEST_DEFAULT_FILENAME="file_one" # no spaces +#TEST_SECOND_FILENAME="file_two" # no spaces +#TEST_THIRD_FILENAME="file_three" # no spaces + +TEST_DEFAULT_FILENAME="space file" # has spaces +TEST_SECOND_FILENAME="space file two" # has spaces +TEST_THIRD_FILENAME="space file three" # has spaces + + function test_user_password { # It was set on key creation: echo "${1}pass" diff --git a/tests/test_add.bats b/tests/test_add.bats index 27c0a0c6..668c271b 100644 --- a/tests/test_add.bats +++ b/tests/test_add.bats @@ -21,7 +21,7 @@ function teardown { @test "run 'add' normally" { # Preparations: - local filename="local_file" + local filename="$TEST_DEFAULT_FILENAME" echo "content" > "$filename" echo "$filename" > ".gitignore" @@ -41,7 +41,7 @@ function teardown { @test "run 'add' for unignored file" { - local test_file='test_file' + local test_file="$TEST_DEFAULT_FILENAME" touch "$test_file" echo "content" > "$test_file" @@ -53,7 +53,7 @@ function teardown { @test "run 'add' for unignored file with '-i'" { - local test_file='test_file.auto_ignore' + local test_file='test_file.auto_ignore' # TODO - paramaterize filename touch "$test_file" echo "content" > "$test_file" @@ -112,7 +112,7 @@ function teardown { local root='test_dir' local node="$root/node" local sibling="$root/sibling" - local test_file="$node/test_file" + local test_file="$node/$TEST_DEFAULT_FILENAME" local current_dir=$(pwd) mkdir -p "$node" @@ -124,7 +124,7 @@ function teardown { cd "$sibling" # Testing: - run git secret add "../node/test_file" + run git secret add "../node/$TEST_DEFAULT_FILENAME" [ "$status" -eq 0 ] [[ "$output" == *"1 item(s) added."* ]] @@ -143,7 +143,7 @@ function teardown { @test "run 'add' for file in subfolder" { # Preparations: - local test_file='test_file' + local test_file="$TEST_DEFAULT_FILENAME" local test_dir='test_dir' mkdir -p "$test_dir" @@ -163,7 +163,7 @@ function teardown { @test "run 'add' twice for one file" { # Preparations: - local filename="local_file" + local filename="$TEST_DEFAULT_FILENAME" echo "content" > "$filename" echo "$filename" > ".gitignore" @@ -187,11 +187,11 @@ function teardown { @test "run 'add' for multiple files" { # Preparations: - local filename1="local_file1" + local filename1="$TEST_DEFAULT_FILENAME" echo "content1" > "$filename1" echo "$filename1" > ".gitignore" - local filename2="local_file2" + local filename2="$TEST_SECOND_FILENAME" echo "content2" > "$filename2" echo "$filename2" >> ".gitignore" diff --git a/tests/test_cat.bats b/tests/test_cat.bats index 1c17efe0..eab781fd 100644 --- a/tests/test_cat.bats +++ b/tests/test_cat.bats @@ -2,7 +2,7 @@ load _test_base -FILE_TO_HIDE="file_to_hide" +FILE_TO_HIDE="$TEST_DEFAULT_FILENAME" FILE_CONTENTS="hidden content юникод" FINGERPRINT="" diff --git a/tests/test_changes.bats b/tests/test_changes.bats index 1a26bd85..92cd52ab 100644 --- a/tests/test_changes.bats +++ b/tests/test_changes.bats @@ -2,8 +2,8 @@ load _test_base -FILE_TO_HIDE="file_to_hide" -SECOND_FILE_TO_HIDE="second_file_to_hide" +FILE_TO_HIDE="$TEST_DEFAULT_FILENAME" +SECOND_FILE_TO_HIDE="$TEST_SECOND_FILENAME" FILE_CONTENTS="hidden content юникод" FINGERPRINT="" @@ -54,7 +54,7 @@ function teardown { @test "run 'changes' with hidden file missing" { local password=$(test_user_password "$TEST_DEFAULT_USER") - local encrypted_file=$(_get_encrypted_filename $FILE_TO_HIDE) + local encrypted_file=$(_get_encrypted_filename "$FILE_TO_HIDE") rm "$encrypted_file" run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" diff --git a/tests/test_clean.bats b/tests/test_clean.bats index 45dc6550..872bbcd5 100644 --- a/tests/test_clean.bats +++ b/tests/test_clean.bats @@ -2,8 +2,8 @@ load _test_base -FIRST_FILE="file_to_hide1" -SECOND_FILE="file_to_hide2" +FIRST_FILE="$TEST_DEFAULT_FILENAME" +SECOND_FILE="$TEST_SECOND_FILENAME" FOLDER="somedir" FILE_IN_FOLDER="${FOLDER}/file_to_hide3" diff --git a/tests/test_hide.bats b/tests/test_hide.bats index 9fdea916..baf82a1c 100644 --- a/tests/test_hide.bats +++ b/tests/test_hide.bats @@ -2,7 +2,7 @@ load _test_base -FILE_TO_HIDE="file_to_hide" +FILE_TO_HIDE="$TEST_DEFAULT_FILENAME" FILE_CONTENTS="hidden content юникод" @@ -61,7 +61,7 @@ function teardown { @test "run 'hide' with missing file" { # Preparations: - local second_file="second_file.txt" + local second_file="$TEST_SECOND_FILENAME" local second_content="some content" set_state_secret_add "$second_file" "$second_content" @@ -77,7 +77,7 @@ function teardown { @test "run 'hide' with multiple files" { # Preparations: - local second_file="second_file.txt" + local second_file="$TEST_SECOND_FILENAME" local second_content="some content" set_state_secret_add "$second_file" "$second_content" @@ -183,7 +183,7 @@ function teardown { # Preparations: local root_dir='test_sub_dir' mkdir -p "$root_dir" - local second_file="$root_dir/second_file.txt" + local second_file="$root_dir/$TEST_SECOND_FILENAME" local second_content="some content" set_state_secret_add "$second_file" "$second_content" diff --git a/tests/test_reveal.bats b/tests/test_reveal.bats index 87a6bf36..f8bcba9f 100644 --- a/tests/test_reveal.bats +++ b/tests/test_reveal.bats @@ -2,7 +2,7 @@ load _test_base -FILE_TO_HIDE="file_to_hide" +FILE_TO_HIDE="$TEST_DEFAULT_FILENAME" FILE_CONTENTS="hidden content юникод" FINGERPRINT="" diff --git a/tests/test_reveal_filename.bats b/tests/test_reveal_filename.bats index 4c5c0334..4d81131e 100644 --- a/tests/test_reveal_filename.bats +++ b/tests/test_reveal_filename.bats @@ -2,7 +2,7 @@ load _test_base -FILE_TO_HIDE="file_to_hide" +FILE_TO_HIDE="$TEST_DEFAULT_FILENAME" FILE_CONTENTS="hidden content юникод" FINGERPRINT="" From 9906dfb33fbd7c465898020c3bc663d35331bfb3 Mon Sep 17 00:00:00 2001 From: joshr Date: Sat, 14 Jul 2018 15:23:39 -0400 Subject: [PATCH 6/7] show any diagnostics that might come out of bats tests. also adds comment about diagnostic messages in bats. --- utils/tests.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/utils/tests.sh b/utils/tests.sh index 3ac0453b..7a4f2e3e 100755 --- a/utils/tests.sh +++ b/utils/tests.sh @@ -6,4 +6,7 @@ set -e # Running all the bats-tests in a dir with spaces: cd "${SECRET_PROJECT_ROOT}"; rm -rf 'tempdir with spaces'; mkdir 'tempdir with spaces'; cd 'tempdir with spaces'; -bats "${SECRET_PROJECT_ROOT}/tests" + +# bats expects diagnostic lines to be sent to fd 3, matching reges '^ #' (IE, like: echo "# message here") +# 3>&1 shows diagnostic output when errors occur. +bats --tap "${SECRET_PROJECT_ROOT}/tests/" 3>&1 From f2eec71995da66f67a883b12c30c471e04dad528 Mon Sep 17 00:00:00 2001 From: joshr Date: Sat, 14 Jul 2018 19:28:05 -0400 Subject: [PATCH 7/7] corrected comment about how to output diagnostic messages --- utils/tests.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/utils/tests.sh b/utils/tests.sh index 7a4f2e3e..bbb18eb5 100755 --- a/utils/tests.sh +++ b/utils/tests.sh @@ -7,6 +7,6 @@ set -e # Running all the bats-tests in a dir with spaces: cd "${SECRET_PROJECT_ROOT}"; rm -rf 'tempdir with spaces'; mkdir 'tempdir with spaces'; cd 'tempdir with spaces'; -# bats expects diagnostic lines to be sent to fd 3, matching reges '^ #' (IE, like: echo "# message here") -# 3>&1 shows diagnostic output when errors occur. -bats --tap "${SECRET_PROJECT_ROOT}/tests/" 3>&1 +# bats expects diagnostic lines to be sent to fd 3, matching reges '^ #' (IE, like: `echo '# message here' >&3`) +# bats ... 3>&1 shows diagnostic output when errors occur. +bats "${SECRET_PROJECT_ROOT}/tests/" 3>&1