Module: TrainPlugins::Juniper::CommandExecutor

Included in:

Connection

Defined in:

lib/train-juniper/connection/command_executor.rb

Overview

Handles command execution, sanitization, and output formatting

Constant Summary

DANGEROUS_COMMAND_PATTERNS =

Command sanitization patterns Note: Pipe (|) is allowed as it's commonly used in JunOS commands

[
  /[;&<>$`]/,     # Shell metacharacters (excluding pipe)
  /\n|\r/,        # Newlines that could inject commands
  /\\(?![nrt])/   # Escape sequences (except valid ones like \n, \r, \t)
].freeze

Instance Method Summary

• #clean_output(output, cmd) ⇒ Object private

  Clean command output.

• #error_result(message) ⇒ Train::Extras::CommandResult private

  Factory method for error command results.

• #format_junos_result(output, cmd) ⇒ Object private

  Format JunOS command results.

• #mock_command_result(cmd) ⇒ Object private

  Mock command execution for testing.

• #run_command_via_connection(cmd) ⇒ CommandResult

  Execute commands on Juniper device via SSH.

• #sanitize_command(cmd) ⇒ Object private

  Sanitize command to prevent injection attacks.

• #success_result(output, cmd = nil) ⇒ Train::Extras::CommandResult private

  Factory method for successful command results.

Instance Method Details

#clean_output(output, cmd) ⇒ Object (private)

Clean command output

# File 'lib/train-juniper/connection/command_executor.rb', line 74

def clean_output(output, cmd)
  # Handle nil output gracefully
  return '' if output.nil?

  # Remove command echo and prompts
  lines = output.to_s.split("\n")
  lines.reject! { |line| line.strip == cmd.strip }

  # Remove JunOS prompt patterns from the end
  lines.pop while lines.last&.strip&.match?(/^[%>$#]+\s*$/)

  lines.join("\n")
end

#error_result(message) ⇒ Train::Extras::CommandResult (private)

Factory method for error command results

Parameters:

• message (String) —

  Error message

Returns:

• (Train::Extras::CommandResult) —

  Error result object

# File 'lib/train-juniper/connection/command_executor.rb', line 107

def error_result(message)
  Train::Extras::CommandResult.new('', message, 1)
end

#format_junos_result(output, cmd) ⇒ Object (private)

Format JunOS command results

# File 'lib/train-juniper/connection/command_executor.rb', line 64

def format_junos_result(output, cmd)
  # Parse JunOS-specific error patterns
  if junos_error?(output)
    error_result(output)
  else
    success_result(output, cmd)
  end
end

#mock_command_result(cmd) ⇒ Object (private)

Mock command execution for testing

# File 'lib/train-juniper/connection/command_executor.rb', line 89

def mock_command_result(cmd)
  output, exit_status = MockResponses.response_for(cmd)
  # For mock mode, network devices return errors as stdout
  Train::Extras::CommandResult.new(output, '', exit_status)
end

#run_command_via_connection(cmd) ⇒ CommandResult

Execute commands on Juniper device via SSH

Examples:

result = connection.run_command('show version')
puts result.stdout

Parameters:

• cmd (String) —

  The JunOS command to execute

Returns:

• (CommandResult) —

  Result object with stdout, stderr, and exit status

Raises:

• (Train::ClientError) —

  If command contains dangerous characters

# File 'lib/train-juniper/connection/command_executor.rb', line 22

def run_command_via_connection(cmd)
  # Sanitize command to prevent injection
  safe_cmd = sanitize_command(cmd)

  return mock_command_result(safe_cmd) if @options[:mock]

  begin
    # :nocov: Real SSH execution cannot be tested without actual devices
    # Ensure we're connected
    connect unless connected?

    log_command(safe_cmd)

    # Execute command via SSH session
    output = @ssh_session.exec!(safe_cmd)

    @logger.debug("Command output: #{output}")

    # Format JunOS result
    format_junos_result(output, safe_cmd)
  rescue StandardError => e
    log_error(e, "Command execution failed for: #{safe_cmd}")
    # Handle connection errors gracefully
    error_result("#{e.message} (command: #{safe_cmd})")
    # :nocov:
  end
end

#sanitize_command(cmd) ⇒ Object (private)

Sanitize command to prevent injection attacks

# File 'lib/train-juniper/connection/command_executor.rb', line 53

def sanitize_command(cmd)
  cmd_str = cmd.to_s.strip

  if DANGEROUS_COMMAND_PATTERNS.any? { |pattern| cmd_str.match?(pattern) }
    raise Train::ClientError, "Invalid characters in command: #{cmd_str.inspect}"
  end

  cmd_str
end

#success_result(output, cmd = nil) ⇒ Train::Extras::CommandResult (private)

Factory method for successful command results

Parameters:

• output (String) —

  Command output

• cmd (String, nil) (defaults to: nil) —

  Original command for cleaning output

Returns:

• (Train::Extras::CommandResult) —

  Successful result object

# File 'lib/train-juniper/connection/command_executor.rb', line 99

def success_result(output, cmd = nil)
  output = clean_output(output, cmd) if cmd
  Train::Extras::CommandResult.new(output, '', 0)
end