db-sync-tool-kmi 2.11.6__py3-none-any.whl → 3.0.2__py3-none-any.whl

db_sync_tool/utility/parser.py

@@ -1,12 +1,13 @@
 #!/usr/bin/env python3
-# -*- coding: future_fstrings -*-
 
 """
 Parser script
 """
 
 import sys
+import types
 from db_sync_tool.utility import mode, system, output, helper
+from db_sync_tool.utility.exceptions import ConfigError, ValidationError
 from db_sync_tool.remote import client as remote_client
 
 
@@ -46,18 +47,18 @@ def get_database_configuration(client):
     :param client: String
     :return:
     """
-    system.config['db'] = {}
+    cfg = system.get_typed_config()
 
     # check framework type
     _base = ''
 
     automatic_type_detection()
 
-    if 'type' in system.config and (
-            'path' in system.config[mode.Client.ORIGIN] or
-            'path' in system.config[mode.Client.TARGET]
-    ):
-        _type = system.config['type'].lower()
+    # Re-get config after type detection may have updated it
+    cfg = system.get_typed_config()
+
+    if cfg.type and (cfg.origin.path != '' or cfg.target.path != ''):
+        _type = cfg.type.lower()
         if _type == 'typo3':
             # TYPO3 sync base
             _base = Framework.TYPO3
@@ -74,25 +75,14 @@ def get_database_configuration(client):
             # Laravel sync base
             _base = Framework.LARAVEL
         else:
-            sys.exit(
-                output.message(
-                    output.Subject.ERROR,
-                    f'Framework type not supported: {_type}',
-                    False
-                )
-            )
-    elif 'db' in system.config['origin'] or 'db' in system.config['target']:
+            raise ConfigError(f'Framework type not supported: {_type}')
+    elif cfg.origin.db.name != '' or cfg.target.db.name != '':
         _base = Framework.MANUAL
     else:
-        sys.exit(
-            output.message(
-                output.Subject.ERROR,
-                f'Missing framework type or database credentials',
-                False
-            )
-        )
+        raise ConfigError('Missing framework type or database credentials')
 
     sys.path.append('../recipes')
+    _parser: types.ModuleType | None = None
     if _base == Framework.TYPO3:
         # Import TYPO3 parser
         from ..recipes import typo3
@@ -143,7 +133,8 @@ def load_parser(client, parser):
     :param parser:
     :return:
     """
-    _path = system.config[client]['path']
+    cfg = system.get_typed_config()
+    _path = cfg.get_client(client).path
 
     output.message(
         output.host_to_subject(client),
@@ -163,13 +154,7 @@ def load_parser(client, parser):
 
     # Check only if database configuration is a file
     if not helper.check_file_exists(client, _path) and _path[-1] != '/':
-        sys.exit(
-            output.message(
-                output.Subject.ERROR,
-                f'Database configuration for {client} not found: {_path}',
-                False
-            )
-        )
+        raise ConfigError(f'Database configuration for {client} not found: {_path}')
     parser.check_configuration(client)
 
 
@@ -179,6 +164,9 @@ def validate_database_credentials(client):
     :param client: String
     :return:
     """
+    cfg = system.get_typed_config()
+    db_cfg = cfg.get_client(client).db
+
     output.message(
         output.host_to_subject(client),
         'Validating database credentials',
@@ -187,21 +175,10 @@ def validate_database_credentials(client):
     _db_credential_keys = ['name', 'host', 'password', 'user']
 
     for _key in _db_credential_keys:
-        if _key not in system.config[client]['db']:
-            sys.exit(
-                output.message(
-                    output.Subject.ERROR,
-                    f'Missing database credential "{_key}" for {client} client',
-                    False
-                )
-            )
-        if system.config[client]['db'][_key] is None or system.config[client]['db'][_key] == '':
-            sys.exit(
-                output.message(
-                    output.Subject.ERROR,
-                    f'Missing database credential "{_key}" for {client} client',
-                    False
-                )
+        _value = getattr(db_cfg, _key, None)
+        if _value is None or _value == '':
+            raise ValidationError(
+                f'Missing database credential "{_key}" for {client} client'
             )
         else:
             output.message(
@@ -215,25 +192,28 @@ def automatic_type_detection():
     """
     Detects the framework type by the provided path using the default mapping
     """
-    if 'type' in system.config or 'db' in system.config['origin'] or 'db' in system.config[
-        'target']:
+    cfg = system.get_typed_config()
+
+    # Skip if type is already set or manual db config is provided
+    if cfg.type or cfg.origin.db.name != '' or cfg.target.db.name != '':
         return
 
-    type = None
+    detected_type = None
     file = None
 
     for _client in [mode.Client.ORIGIN, mode.Client.TARGET]:
-        if 'path' in system.config[_client]:
-            file = helper.get_file_from_path(system.config[_client]['path'])
+        client_cfg = cfg.get_client(_client)
+        if client_cfg.path != '':
+            file = helper.get_file_from_path(client_cfg.path)
             for _key, _files in mapping.items():
                 if file in _files:
-                    type = _key
+                    detected_type = _key
 
-    if type:
+    if detected_type:
         output.message(
             output.Subject.LOCAL,
             f'Automatic framework type detection '
             f'{output.CliFormat.BLACK}{file}{output.CliFormat.ENDC}',
             verbose_only=True
         )
-        system.config['type'] = type
+        system.set_framework_type(detected_type)

db_sync_tool/utility/pure.py

@@ -0,0 +1,93 @@
+#!/usr/bin/env python3
+
+"""
+Pure utility functions with no project dependencies.
+"""
+
+import re
+from pathlib import Path
+from typing import Any
+
+
+def parse_version(version_output: str | None) -> str | None:
+    """
+    Parse version out of console output.
+    https://stackoverflow.com/a/60730346
+
+    :param version_output: Console output string
+    :return: Version string or None
+    """
+    if not version_output:
+        return None
+    _version_pattern = r'\d+(=?\.(\d+(=?\.(\d+)*)*)*)*'
+    _regex_matcher = re.compile(_version_pattern)
+    _version = _regex_matcher.search(version_output)
+    if _version:
+        return _version.group(0)
+    return None
+
+
+def get_file_from_path(path: str) -> str:
+    """
+    Trims a path string to retrieve the file.
+
+    :param path: File path
+    :return: File name
+    """
+    return Path(path).name
+
+
+def remove_surrounding_quotes(s: Any) -> Any:
+    """
+    Removes the enclosing quotes (single or double),
+    if there are quotes at both the beginning and end of the string.
+
+    :param s: The string to be checked
+    :return: The string without enclosing quotes, if available
+    """
+    if isinstance(s, str):
+        if s.startswith('"') and s.endswith('"'):
+            return s[1:-1]
+        elif s.startswith("'") and s.endswith("'"):
+            return s[1:-1]
+    return s
+
+
+def clean_db_config(config: dict[str, Any]) -> dict[str, Any]:
+    """
+    Iterates over all entries of a dictionary and removes enclosing
+    quotes from the values, if present.
+
+    :param config: The dictionary to be edited
+    :return: A new dictionary with adjusted values
+    """
+    return {key: remove_surrounding_quotes(value) for key, value in config.items()}
+
+
+def dict_to_args(data: dict[str, Any]) -> list[str] | None:
+    """
+    Convert a dictionary to an args list.
+
+    :param data: Dictionary to convert
+    :return: List of arguments or None if empty
+    """
+    args = []
+    for key, val in data.items():
+        if val is True:
+            args.append(f'--{key}')
+        elif val is not False and val is not None:
+            args.extend([f'--{key}', str(val)])
+    return args or None
+
+
+def remove_multiple_elements_from_string(elements: list, string: str) -> str:
+    """
+    Removes multiple elements from a string.
+
+    :param elements: List of elements to remove
+    :param string: Input string
+    :return: String with elements removed
+    """
+    for element in elements:
+        string = string.replace(element, '')
+    return string

db_sync_tool/utility/security.py

@@ -0,0 +1,79 @@
+#!/usr/bin/env python3
+
+"""
+Security utility functions.
+
+This module contains pure security functions with minimal dependencies,
+making them safe to import without circular import issues.
+Only depends on utility/exceptions.py which has no other project dependencies.
+"""
+
+import re
+import shlex
+from typing import Any
+
+from db_sync_tool.utility.exceptions import ValidationError
+
+
+def quote_shell_arg(arg: Any) -> str:
+    """
+    Safely quote a string for use as a shell argument.
+    Prevents command injection by escaping special characters.
+
+    :param arg: Value to quote (will be converted to string)
+    :return: Safely quoted string
+    """
+    if arg is None:
+        return "''"
+    return shlex.quote(str(arg))
+
+
+def sanitize_table_name(table: str) -> str:
+    """
+    Validate and sanitize a table name to prevent SQL injection.
+    MySQL table names can contain alphanumeric chars, underscores, and dollar signs.
+    They can also contain hyphens and dots in quoted identifiers.
+
+    :param table: Table name to sanitize
+    :return: Backtick-quoted table name
+    :raises ValidationError: If table name contains invalid characters
+    """
+    if not table:
+        raise ValidationError("Table name cannot be empty")
+
+    # Allow alphanumeric, underscore, hyphen, dot, dollar sign
+    if not re.match(r'^[a-zA-Z0-9_$.-]+$', table):
+        raise ValidationError(f"Invalid table name: {table}")
+
+    return f"`{table}`"
+
+
+def sanitize_command_for_logging(command: str) -> str:
+    """
+    Remove sensitive information from commands before logging.
+    This prevents credentials from appearing in verbose output or logs.
+
+    :param command: Command string to sanitize
+    :return: Sanitized command string
+    """
+    patterns = [
+        # MySQL password patterns
+        (r"-p'[^']*'", "-p'***'"),
+        (r'-p"[^"]*"', '-p"***"'),
+        (r"-p[^\s'\"]+", "-p***"),
+        # SSHPASS patterns
+        (r"SSHPASS='[^']*'", "SSHPASS='***'"),
+        (r'SSHPASS="[^"]*"', 'SSHPASS="***"'),
+        (r"SSHPASS=[^\s]+", "SSHPASS=***"),
+        # MySQL defaults-file/defaults-extra-file (mask path to prevent disclosure)
+        (r"--defaults-file=[^\s]+", "--defaults-file=***"),
+        (r"--defaults-extra-file=[^\s]+", "--defaults-extra-file=***"),
+        # Base64 encoded credentials
+        (r"echo '[A-Za-z0-9+/=]{20,}' \| base64", "echo '***' | base64"),
+    ]
+
+    sanitized = command
+    for pattern, replacement in patterns:
+        sanitized = re.sub(pattern, replacement, sanitized)
+
+    return sanitized