allow @ in parameters and sanitize all parameters using base.set

core/addAndCheckGitRepository.sh

@@ -1,11 +1,12 @@
 #!/bin/bash
+source /cis/core/base.module.sh
 
 #WARNING: Used for core functionality in setup.sh
 #         DO NOT rename the script and test changes well!
 
 
 
-function checkPermissions(){
+function checkPermissions() {
     local _FOLDER _RIGHTS
     _FOLDER="${1:?"Missing first parameter FOLDER"}"
     _RIGHTS="${2:?"Missing second parameter RIGHTS"}"
@@ -27,7 +28,7 @@ function checkPermissions(){
     return 1
 }
 
-function cloneOrPull {
+function cloneOrPull() {
     local _FOLDER _REPOSITORY
     _FOLDER="${1:?"Missing first parameter FOLDER"}"
     _REPOSITORY="${2:?"Missing second parameter REPOSITORY"}"
@@ -47,7 +48,7 @@ function cloneOrPull {
     return 1
 }
 
-function printRepository(){
+function printRepository() {
     local _FOLDER _CONFIGURED_REPOSITORY _SUGGESTED_REPOSITORY
     _FOLDER="${1:?"Missing first parameter FOLDER"}"
     _CONFIGURED_REPOSITORY="$(git -C "${_FOLDER:?"Missing FOLDER"}" config --get remote.origin.url 2> /dev/null)"
@@ -98,10 +99,13 @@ function addAndCheckGitRepository() {
 }
 
 # sanitizes all parameters
+base.set FOLDER "${1}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
+base.set RIGHTS "${2}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
+base.set SUGGESTED_REPOSITORY "${3}" '^([-a-zA-Z0-9/:@._]*)?$' || exit 1
 addAndCheckGitRepository \
-    "$(echo ${1} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
-    "$(echo ${2} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
-    "$(echo ${3} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
+    "${FOLDER:?"Missing FOLDER"}" \
+    "${RIGHTS:?"Missing RIGHTS"}" \
+    "${SUGGESTED_REPOSITORY}" \
     && exit 0
 
 exit 1

core/addNormalUser.sh

@@ -1,4 +1,5 @@
 #!/bin/bash
+source /cis/core/base.module.sh
 
 #WARNING: Used for core functionality in setup.sh
 #         DO NOT rename the script and test changes well!
@@ -36,7 +37,8 @@ function addNormalUser() {
 }
 
 # sanitizes all parameters
-addNormalUser "$(echo ${1} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
+base.set USER "${1}" '^[a-z][-a-z0-9_.]*$' || exit 1
+addNormalUser "${USER:?"Missing USER"}" \
     && exit 0
 
 exit 1

core/addToCrontabEveryHour.sh

@@ -1,14 +1,11 @@
 #!/bin/bash
+source /cis/core/base.module.sh
 
 #WARNING: Used for core functionality in setup.sh
 #         DO NOT rename the script and test changes well!
 
 
 
-# Folders always ends with an tailing '/'
-_SCRIPT="$(readlink -f "${0}" 2> /dev/null)"
-_CIS_ROOT="${_SCRIPT%%/core/*}/"               #Removes longest  matching pattern '/core/*' from the end
-
 # Note that an unprivileged user can use this script successfully,
 # if no user has to be added to the host because it already exists.
 function addToCrontabEveryHour() {
@@ -24,11 +21,11 @@ function addToCrontabEveryHour() {
         && return 0
 
     [ "$(id -u)" == "0" ] \
-        && echo "${_CIS_ROOT:?"Missing CIS_ROOT"}" | grep -F 'home' &> /dev/null \
+        && echo "${CIS[ROOT]:?"Missing CIS_ROOT"}" | grep -F 'home' &> /dev/null \
         && echo "SUCCESS: Although the entry will be skipped:       ("$(readlink -f ${0})")" \
         && echo "  - '${_STRING}'" \
         && echo "  that is because the current environment is:" \
-        && echo "    - ${_CIS_ROOT}" \
+        && echo "    - ${CIS[ROOT]}" \
         && return 0
 
     [ "$(id -u)" == "0" ] \
@@ -47,9 +44,11 @@ function addToCrontabEveryHour() {
 }
 
 # sanitizes all parameters
+base.set COMMAND "${1}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
+base.set MINUTE_VALUE "${2}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
 addToCrontabEveryHour \
-    "$(echo ${1} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
-    "$(echo ${2} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
+    "${COMMAND:?"Missing COMMAND"}" \
+    "${MINUTE_VALUE:?"Missing MINUTE_VALUE"}" \
     && exit 0
 
 exit 1

core/base.module.sh

@@ -14,7 +14,7 @@
 function base.checkAllInputParameters() {
     local _ALLOWED_CHARS _ARG _SUCCESS
     # Global whitelist for all start-parameters ($1, $2, ...)
-    _ALLOWED_CHARS='-[:alnum:]/_.:'
+    _ALLOWED_CHARS='-[:alnum:]@/_.:'
     readonly _ALLOWED_CHARS
 
     _SUCCESS="true"

core/defineAuthorizedKeysOfUser.sh

@@ -1,8 +1,11 @@
 #!/bin/bash
+source /cis/core/base.module.sh
 
 #WARNING: Used for core functionality in setup.sh
 #         DO NOT rename the script and test changes well!
 
+
+
 function prepareFolder() {
     local _HOME_FOLDER _SSH_FOLDER _USER
     _SSH_FOLDER="${1:?"prepareFolder(): Missing parameter SSH_PATH"}"
@@ -133,9 +136,11 @@ function defineAuthorizedKeysOfUser() {
 }
 
 # sanitizes all parameters
+base.set DEFINITIONS "${1}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
+base.set USER "${2}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
 defineAuthorizedKeysOfUser \
-    "$(echo ${1} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
-    "$(echo ${2} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
+    "${DEFINITIONS:?"Missing DEFINITIONS"}" \
+    "${USER:?"Missing USER"}" \
     && exit 0
 
 exit 1

core/ensureUsageOfDefinitions.sh

@@ -1,8 +1,11 @@
 #!/bin/bash
+source /cis/core/base.module.sh
 
 #WARNING: Used for core functionality in setup.sh
 #         DO NOT rename the script and test changes well!
 
+
+
 function printIfEqual() {
     [ "${1:?"Missing first parameter"}" == "${2}" ] \
         && echo "${1}" \
@@ -215,9 +218,11 @@ function ensureUsageOfDefinitions() {
 }
 
 # sanitizes all parameters
+base.set DEFINITIONS "${1}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
+base.set CURRENT_FULLFILE "${2}" '^[-a-zA-Z0-9/:@._]*$' || exit 1
 ensureUsageOfDefinitions \
-    "$(echo ${1} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
-    "$(echo ${2} | sed -E 's|[^a-zA-Z0-9/:@._-]*||g')" \
+    "${DEFINITIONS:?"Missing DEFINITIONS"}" \
+    "${CURRENT_FULLFILE:?"Missing CURRENT_FULLFILE"}" \
     && exit 0
 
 exit 1