add warning message using set command

gpgl · May 10, 2017 · 730d229 · 730d229
1 parent ace2e92
commit 730d229
Show file tree

Hide file tree

Showing 4 changed files with 56 additions and 2 deletions.
diff --git a/src/Commands/Connect.php b/src/Commands/Connect.php
@@ -12,6 +12,12 @@
 class Connect extends Command {
     use DatabaseGateway;
 
+    protected static $connected = false;
+    public static function isConnected() : bool
+    {
+        return static::$connected;
+    }
+
     protected function configure()
     {
         $this
@@ -32,6 +38,7 @@ protected function configure()
     protected function execute(InputInterface $input, OutputInterface $output)
     {
         $dbms = $this->accessDatabase($input, $output);
+        static::$connected = true;
 
         $output->writeln($this->getApplication()->getLongVersion().PHP_EOL);
 
@@ -55,6 +62,8 @@ protected function execute(InputInterface $input, OutputInterface $output)
             $command->run(new StringInput($exec), $output);
             $output->writeln('');
         }
+
+        static::$connected = false;
     }
 
     protected function getRecursiveIndexes(array $indices, string $parent = '') : array

diff --git a/src/Commands/Set.php b/src/Commands/Set.php
@@ -25,7 +25,10 @@ protected function configure()
 
             // the full command description shown when running the command with
             // the "--help" option
-            ->setHelp('Saves a value in the locker under a given index.')
+            ->setHelp(
+                'Saves a value in the locker under a given index.'.
+                PHP_EOL.PHP_EOL.static::getWarningMessage()
+            )
 
             ->addDatabaseOption()
 
@@ -39,6 +42,14 @@ protected function configure()
         ;
     }
 
+    public static function getWarningMessage() : string
+    {
+        return
+            'WARNING: Using this command may save sensitive values '.
+            'in plain text to your shell history.'.PHP_EOL.
+            'Use Connect and Set instead.';
+    }
+
     protected function execute(InputInterface $input, OutputInterface $output)
     {
         $dbms = $this->accessDatabase($input, $output);
@@ -48,6 +59,10 @@ protected function execute(InputInterface $input, OutputInterface $output)
 
         $io = new SymfonyStyle($input, $output);
 
+        if (!Connect::isConnected()) {
+            $io->warning(static::getWarningMessage());
+        }
+
         if (!empty($dbms->get(...$at))) {
             $question = "There is already a value saved under this index.\n ";
             $question .= 'Are you sure you want to overwrite?';

diff --git a/tests/unit/ConnectTest.php b/tests/unit/ConnectTest.php
@@ -3,7 +3,7 @@
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\Console\Application;
 use Symfony\Component\Console\Tester\CommandTester;
-use gpgl\console\Commands\{Get,Connect};
+use gpgl\console\Commands\{Get,Set,Connect};
 use gpgl\console\Container;
 
 class ConnectTest extends TestCase
@@ -13,12 +13,14 @@ class ConnectTest extends TestCase
     protected function setUp()
     {
         putenv('GPGL_DB');
+        $this->database_nopw = file_get_contents($this->filename_nopw);
         Container::unsetDbms();
     }
 
     protected function tearDown()
     {
         putenv('GPGL_DB');
+        file_put_contents($this->filename_nopw, $this->database_nopw);
         Container::unsetDbms();
     }
 
@@ -42,4 +44,28 @@ public function test_connects_with_tab_completion()
         $this->assertContains('nopw', $output);
         $this->assertNotContains('none', $output);
     }
+
+    public function test_connects_and_sets_without_warning()
+    {
+        $app = new Application;
+        $app->add(new Set);
+        $app->add(new Connect);
+
+        $command = $app->find('connect');
+        $commandTester = new CommandTester($command);
+
+        // tab completion 'get one password'
+        $commandTester->setInputs(['set value temp']);
+        $commandTester->execute(array(
+            'command'  => $command->getName(),
+            '--database' => $this->filename_nopw,
+        ));
+
+        $output = $commandTester->getDisplay();
+        $this->assertContains('[OK] Value Saved', $output);
+        $this->assertNotContains(
+            'WARNING: Using this command may save sensitive values in plain text',
+            $output
+        );
+    }
 }
diff --git a/tests/unit/SetTest.php b/tests/unit/SetTest.php
@@ -70,6 +70,10 @@ public function test_sets_value()
         ));
         $output = $commandTester->getDisplay();
         $this->assertContains('Value Saved', $output);
+        $this->assertContains(
+            'WARNING: Using this command may save sensitive values in plain text',
+            $output
+        );
 
         $app->add(new Get);
         $command = $app->find('get');