From dbbd7bbd17280ca10b9c417d85e4610d451b88de Mon Sep 17 00:00:00 2001 From: Matt Fleming Date: Mon, 24 May 2021 15:27:45 +0100 Subject: [PATCH] STAR-431: Add option to prevent any file-I/O from cqlsh Co-authored-by: Robert Stupp (cherry picked from commit d7e5ff43b037684c8606cfb2b7c515bb8d51cc20) (cherry picked from commit bd6096e7c7c9a587976bb3ff49f4ac8cf57d5846) (cherry picked from commit 0d7bdd7e8dbdd839dc7e0d2e3b138d009e276980) (cherry picked from commit d3fe3d39bd48e53894f4f0b39f7f03b1efa00ebd) --- bin/cqlsh.py | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/bin/cqlsh.py b/bin/cqlsh.py index 74c9c4dc40eb..a7c5d629c0fc 100755 --- a/bin/cqlsh.py +++ b/bin/cqlsh.py @@ -177,6 +177,7 @@ def find_zip(libprefix): DEFAULT_SSL = False DEFAULT_CONNECT_TIMEOUT_SECONDS = 5 DEFAULT_REQUEST_TIMEOUT_SECONDS = 10 +DEFAULT_NO_FILE_IO = False DEFAULT_FLOAT_PRECISION = 5 DEFAULT_DOUBLE_PRECISION = 5 @@ -231,6 +232,8 @@ def find_zip(libprefix): help='Specify the default request timeout in seconds (default: %default seconds).') parser.add_option("-t", "--tty", action='store_true', dest='tty', help='Force tty mode (command prompt).') +parser.add_option("--no-file-io", action='store_true', dest='no_file_io', + help='Disable cqlsh commands that perform file I/O.') optvalues = optparse.Values() (options, arguments) = parser.parse_args(sys.argv[1:], values=optvalues) @@ -422,6 +425,7 @@ class Shell(cmd.Cmd): last_hist = None shunted_query_out = None use_paging = True + no_file_io = False default_page_size = 100 @@ -442,7 +446,8 @@ def __init__(self, hostname, port, color=False, request_timeout=DEFAULT_REQUEST_TIMEOUT_SECONDS, protocol_version=None, connect_timeout=DEFAULT_CONNECT_TIMEOUT_SECONDS, - is_subshell=False): + is_subshell=False, + no_file_io=False): cmd.Cmd.__init__(self, completekey=completekey) self.hostname = hostname self.port = port @@ -532,6 +537,7 @@ def __init__(self, hostname, port, color=False, self.statement_error = False self.single_statement = single_statement self.is_subshell = is_subshell + self.no_file_io = no_file_io @property def batch_mode(self): @@ -1553,6 +1559,10 @@ def do_copy(self, parsed): on a line by itself to end the data input. """ + if self.no_file_io: + self.printerr('No file I/O permitted') + return + ks = self.cql_unprotect_name(parsed.get_binding('ksname', None)) if ks is None: ks = self.current_keyspace @@ -1637,6 +1647,11 @@ def do_source(self, parsed): See also the --file option to cqlsh. """ + + if self.no_file_io: + self.printerr('No file I/O permitted') + return + fname = parsed.get_binding('fname') fname = os.path.expanduser(self.cql_unprotect_value(fname)) try: @@ -1697,6 +1712,11 @@ def do_capture(self, parsed): To inspect the current capture configuration, use CAPTURE with no arguments. """ + + if self.no_file_io: + self.printerr('No file I/O permitted') + return + fname = parsed.get_binding('fname') if fname is None: if self.shunted_query_out is not None: @@ -1894,6 +1914,11 @@ def do_clear(self, parsed): do_cls = do_clear def do_debug(self, parsed): + + if self.no_file_io: + self.printerr('No file I/O permitted') + return + import pdb pdb.set_trace() @@ -2159,6 +2184,7 @@ def read_options(cmdlineargs, environment): optvalues.connect_timeout = option_with_default(configs.getint, 'connection', 'timeout', DEFAULT_CONNECT_TIMEOUT_SECONDS) optvalues.request_timeout = option_with_default(configs.getint, 'connection', 'request_timeout', DEFAULT_REQUEST_TIMEOUT_SECONDS) optvalues.execute = None + optvalues.no_file_io = option_with_default(configs.getboolean, 'ui', 'no_file_io', False) (options, arguments) = parser.parse_args(cmdlineargs, values=optvalues) # Make sure some user values read from the command line are in unicode @@ -2329,6 +2355,7 @@ def main(options, hostname, port): single_statement=options.execute, request_timeout=options.request_timeout, connect_timeout=options.connect_timeout, + no_file_io=options.no_file_io, encoding=options.encoding) except KeyboardInterrupt: sys.exit('Connection aborted.')