From 7670210ffb5c38cef8dd153e823029d5237080b6 Mon Sep 17 00:00:00 2001 From: Artur Jankowski Date: Tue, 8 Aug 2023 09:25:29 +0200 Subject: [PATCH] fix: Fix escaped slashes when passing an input to command (#486) --- src/commands/file-requests/copy.js | 2 ++ src/commands/file-requests/update.js | 2 ++ src/commands/files/rename.js | 3 ++- src/commands/files/update.js | 3 ++- src/commands/folders/create.js | 3 ++- src/commands/folders/rename.js | 3 ++- src/commands/folders/update.js | 3 ++- src/commands/groups/create.js | 3 ++- src/commands/groups/update.js | 3 ++- src/commands/legal-hold-policies/create.js | 3 ++- src/commands/legal-hold-policies/update.js | 3 ++- src/commands/retention-policies/create.js | 4 +++- src/commands/web-links/create.js | 4 +++- src/commands/web-links/update.js | 4 +++- src/util.js | 14 ++++++++++++++ test/commands/folders.test.js | 2 +- 16 files changed, 46 insertions(+), 13 deletions(-) diff --git a/src/commands/file-requests/copy.js b/src/commands/file-requests/copy.js index 6555ff94..2e686983 100644 --- a/src/commands/file-requests/copy.js +++ b/src/commands/file-requests/copy.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class FileRequestsCopyCommand extends BoxCommand { async run() { @@ -50,6 +51,7 @@ FileRequestsCopyCommand.flags = { ...BoxCommand.flags, description: flags.string({ description: 'New description of file request', + parse: utils.unescapeSlashes }), 'expires-at': flags.string({ description: 'New date when file request expires', diff --git a/src/commands/file-requests/update.js b/src/commands/file-requests/update.js index d93827a9..d4c4ab8e 100644 --- a/src/commands/file-requests/update.js +++ b/src/commands/file-requests/update.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class FileRequestsUpdateCommand extends BoxCommand { async run() { @@ -56,6 +57,7 @@ FileRequestsUpdateCommand.flags = { ...BoxCommand.flags, description: flags.string({ description: 'New description of file request', + parse: utils.unescapeSlashes }), 'expires-at': flags.string({ description: 'New date when file request expires', diff --git a/src/commands/files/rename.js b/src/commands/files/rename.js index 189482df..c241f5d9 100644 --- a/src/commands/files/rename.js +++ b/src/commands/files/rename.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class FilesRenameCommand extends BoxCommand { async run() { @@ -28,7 +29,7 @@ FilesRenameCommand.examples = ['box files:rename 11111 "New File Name.pdf"']; FilesRenameCommand.flags = { ...BoxCommand.flags, - description: flags.string({ description: 'Change the file description' }), + description: flags.string({ description: 'Change the file description', parse: utils.unescapeSlashes }), etag: flags.string({ description: 'Only rename if etag value matches' }) }; diff --git a/src/commands/files/update.js b/src/commands/files/update.js index d64f0e53..e91ea9d7 100644 --- a/src/commands/files/update.js +++ b/src/commands/files/update.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class FileUpdateCommand extends BoxCommand { async run() { @@ -38,7 +39,7 @@ FileUpdateCommand._endpoint = 'put_files_id'; FileUpdateCommand.flags = { ...BoxCommand.flags, name: flags.string({ description: 'New name for the file' }), - description: flags.string({ description: 'New description for the file' }), + description: flags.string({ description: 'New description for the file', parse: utils.unescapeSlashes }), tags: flags.string({ description: 'Set tags on the file, specified as comma-separated tags' }), etag: flags.string({ description: 'Only apply updates if the ETag value matches' }), 'disposition-at': flags.string({ description: 'The retention expiration timestamp for the given file. This date cannot be shortened once set on a file'}) diff --git a/src/commands/folders/create.js b/src/commands/folders/create.js index e6b6dd00..4196365f 100644 --- a/src/commands/folders/create.js +++ b/src/commands/folders/create.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class FoldersCreateCommand extends BoxCommand { async run() { @@ -31,7 +32,7 @@ FoldersCreateCommand._endpoint = 'post_folders'; FoldersCreateCommand.flags = { ...BoxCommand.flags, - description: flags.string({ description: 'A description for folder ' }), + description: flags.string({ description: 'A description for folder ', parse: utils.unescapeSlashes }), 'id-only': flags.boolean({ description: 'Return only an ID to output from this command' }) diff --git a/src/commands/folders/rename.js b/src/commands/folders/rename.js index 263959a2..d307d8ef 100644 --- a/src/commands/folders/rename.js +++ b/src/commands/folders/rename.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class FoldersRenameCommand extends BoxCommand { async run() { @@ -28,7 +29,7 @@ FoldersRenameCommand.examples = ['box folders:rename 22222 "New Folder Name"']; FoldersRenameCommand.flags = { ...BoxCommand.flags, - description: flags.string({ description: 'Change the folder description' }), + description: flags.string({ description: 'Change the folder description', parse: utils.unescapeSlashes }), etag: flags.string({ description: 'Only rename if etag value matches' }) }; diff --git a/src/commands/folders/update.js b/src/commands/folders/update.js index bf2cc54c..2c529618 100644 --- a/src/commands/folders/update.js +++ b/src/commands/folders/update.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class FoldersUpdateCommand extends BoxCommand { async run() { @@ -62,7 +63,7 @@ FoldersUpdateCommand.flags = { description: 'Restricts collaborators who are not the owner of this folder from viewing other collaborations on this folder.', allowNo: true, }), - description: flags.string({ description: 'New description for folder' }), + description: flags.string({ description: 'New description for folder', parse: utils.unescapeSlashes }), 'upload-email-access': flags.string({ description: 'Upload email access level', options: [ diff --git a/src/commands/groups/create.js b/src/commands/groups/create.js index e448df07..4c674170 100644 --- a/src/commands/groups/create.js +++ b/src/commands/groups/create.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class GroupsCreateCommand extends BoxCommand { async run() { @@ -35,7 +36,7 @@ GroupsCreateCommand._endpoint = 'post_groups'; GroupsCreateCommand.flags = { ...BoxCommand.flags, - description: flags.string({ description: 'Description of the group' }), + description: flags.string({ description: 'Description of the group', parse: utils.unescapeSlashes }), 'external-sync-identifier': flags.string({ description: 'Group identifier for groups coming from an external source', }), diff --git a/src/commands/groups/update.js b/src/commands/groups/update.js index f09d0a39..cb932a9f 100644 --- a/src/commands/groups/update.js +++ b/src/commands/groups/update.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class GroupsUpdateCommand extends BoxCommand { async run() { @@ -42,7 +43,7 @@ GroupsUpdateCommand.flags = { char: 'n', description: 'The name of the group', }), - description: flags.string({ description: 'Description of the group' }), + description: flags.string({ description: 'Description of the group', parse: utils.unescapeSlashes }), 'external-sync-identifier': flags.string({ description: 'group identifier for groups coming from an external source' }), provenance: flags.string({ description: 'Track the external source where the group is coming from' }), invite: flags.string({ diff --git a/src/commands/legal-hold-policies/create.js b/src/commands/legal-hold-policies/create.js index 4ebf63dd..4e25c270 100644 --- a/src/commands/legal-hold-policies/create.js +++ b/src/commands/legal-hold-policies/create.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class LegalHoldPoliciesCreateCommand extends BoxCommand { async run() { @@ -32,7 +33,7 @@ LegalHoldPoliciesCreateCommand._endpoint = 'post_legal_hold_policies'; LegalHoldPoliciesCreateCommand.flags = { ...BoxCommand.flags, - description: flags.string({ description: 'Description of legal hold policy' }), + description: flags.string({ description: 'Description of legal hold policy', parse: utils.unescapeSlashes }), 'filter-started-at': flags.string({ description: 'Date filter applies to Custodian assignments only. Should be today\'s date or before. Use a RFC3339 timestamp or shorthand syntax 0t, like -5w for 5 weeks ago', dependsOn: ['filter-ended-at'], diff --git a/src/commands/legal-hold-policies/update.js b/src/commands/legal-hold-policies/update.js index d0629413..3558818e 100644 --- a/src/commands/legal-hold-policies/update.js +++ b/src/commands/legal-hold-policies/update.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class LegalHoldPoliciesUpdateCommand extends BoxCommand { async run() { @@ -29,7 +30,7 @@ LegalHoldPoliciesUpdateCommand._endpoint = 'put_legal_hold_policies_id'; LegalHoldPoliciesUpdateCommand.flags = { ...BoxCommand.flags, - description: flags.string({ description: 'Description of legal hold policy. Max characters 500' }), + description: flags.string({ description: 'Description of legal hold policy. Max characters 500', parse: utils.unescapeSlashes }), 'policy-name': flags.string({ description: 'Name of legal hold policy. Max characters 254' }), 'release-notes': flags.string({ description: 'Notes around why the policy was released. Max characters 500' }) }; diff --git a/src/commands/retention-policies/create.js b/src/commands/retention-policies/create.js index a576709c..52993f7d 100644 --- a/src/commands/retention-policies/create.js +++ b/src/commands/retention-policies/create.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class RetentionPoliciesCreateCommand extends BoxCommand { async run() { @@ -95,7 +96,8 @@ RetentionPoliciesCreateCommand.flags = { }), description: flags.string({ required: false, - description: 'The additional text description of the retention policy' + description: 'The additional text description of the retention policy', + parse: utils.unescapeSlashes }), 'custom-notification-recipient': flags.string({ description: 'A list of users notified when the retention policy duration is about to end. ' + diff --git a/src/commands/web-links/create.js b/src/commands/web-links/create.js index 6eac0425..cbb49357 100644 --- a/src/commands/web-links/create.js +++ b/src/commands/web-links/create.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class WebLinksCreateCommand extends BoxCommand { async run() { @@ -28,7 +29,8 @@ WebLinksCreateCommand.flags = { ...BoxCommand.flags, description: flags.string({ char: 'd', - description: 'Description of the web link' + description: 'Description of the web link', + parse: utils.unescapeSlashes }), name: flags.string({ char: 'n', diff --git a/src/commands/web-links/update.js b/src/commands/web-links/update.js index 962b58fc..de25c8a4 100644 --- a/src/commands/web-links/update.js +++ b/src/commands/web-links/update.js @@ -2,6 +2,7 @@ const BoxCommand = require('../../box-command'); const { flags } = require('@oclif/command'); +const utils = require('../../util'); class WebLinksUpdateCommand extends BoxCommand { async run() { @@ -31,7 +32,8 @@ WebLinksUpdateCommand.flags = { ...BoxCommand.flags, description: flags.string({ char: 'd', - description: 'Description of the web link' + description: 'Description of the web link', + parse: utils.unescapeSlashes }), name: flags.string({ char: 'n', diff --git a/src/util.js b/src/util.js index d6926a23..2f0a6706 100644 --- a/src/util.js +++ b/src/util.js @@ -291,6 +291,20 @@ module.exports = { return path.resolve(value); }, + /** + * Unescape slashes from the given string. + * + * @param {string} value The raw string which can contains escaped slashes + * @returns {string} A string with unescaped escaping in newline and tab characters. + */ + unescapeSlashes(value) { + try { + return JSON.parse(`"${value}"`); + } catch (e) { + return value; + } + }, + /** * Parses the key=val string format for metadata into an object {key: val} * diff --git a/test/commands/folders.test.js b/test/commands/folders.test.js index 864d0779..ab77190d 100644 --- a/test/commands/folders.test.js +++ b/test/commands/folders.test.js @@ -1190,7 +1190,7 @@ describe('Folders', () => { describe('folders:update', () => { let folderId = '0', name = 'New Folder', - description = 'New description', + description = 'New \ndescription', tags = 'foo,bar', fixture = getFixture('folders/put_folders_id'), yamlOutput = getFixture('output/folders_update_yaml.txt');