From ab6e970475b39a9eef88dc3031cc822c391973c4 Mon Sep 17 00:00:00 2001
From: Dominik Moritz <domoritz@gmail.com>
Date: Wed, 26 Sep 2012 12:00:24 +0100
Subject: [PATCH] Check passwords for '

---
 ckanext/datastore/commands.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ckanext/datastore/commands.py b/ckanext/datastore/commands.py
index 9fbb504a55b..27da26d7e0f 100644
--- a/ckanext/datastore/commands.py
+++ b/ckanext/datastore/commands.py
@@ -127,6 +127,7 @@ def create_db(self):
 
     def create_read_only_user(self):
         password = self.db_read_url_parts['db_pass']
+        self.validate_password(password)
         sql = read_only_user_sql.format(
             maindb=self.db_ckan_url_parts['db_name'],
             datastore=self.db_write_url_parts['db_name'],
@@ -137,3 +138,7 @@ def create_read_only_user(self):
         self._run_sql(sql,
                       as_sql_user=self.sql_superuser,
                       database=self.db_write_url_parts['db_name'])
+
+    def validate_password(self, password):
+        if "'" in password:
+            raise ValueError("Passwords cannot contain '")