Merge pull request #8120 from chaen/9.0_fix_passwordQuote

fix: escape db password when passing to sqlalchemy

Author: chrisburr

src/DIRAC/Core/Base/SQLAlchemyDB.py

@@ -3,6 +3,7 @@
 
     Uses sqlalchemy
 """
+
 import datetime
 from urllib import parse as urlparse
 from sqlalchemy import create_engine, desc, exc

src/DIRAC/DataManagementSystem/DB/FTS3DB.py

@@ -1,12 +1,13 @@
-""" Frontend to FTS3 MySQL DB. Written using sqlalchemy
-"""
+"""Frontend to FTS3 MySQL DB. Written using sqlalchemy"""
+
 # We disable the no-member error because
 # they are constructed by SQLAlchemy for all
 # the objects mapped to a table.
 # pylint: disable=no-member
 
 import datetime
 import errno
+from urllib.parse import quote_plus
 
 from sqlalchemy import (
     BigInteger,
@@ -184,7 +185,7 @@ def __getDBConnectionInfo(self, fullname):
         self.dbHost = dbParameters["Host"]
         self.dbPort = dbParameters["Port"]
         self.dbUser = dbParameters["User"]
-        self.dbPass = dbParameters["Password"]
+        self.dbPass = quote_plus(dbParameters["Password"])
         self.dbName = dbParameters["DBName"]
 
     def __init__(self, pool_size=15, url=None, parentLogger=None):

src/DIRAC/RequestManagementSystem/DB/RequestDB.py

@@ -16,6 +16,8 @@
 import errno
 import random
 
+from urllib.parse import quote_plus
+
 from sqlalchemy import (
     TEXT,
     BigInteger,
@@ -198,7 +200,7 @@ def __getDBConnectionInfo(self, fullname):
         self.dbHost = dbParameters["Host"]
         self.dbPort = dbParameters["Port"]
         self.dbUser = dbParameters["User"]
-        self.dbPass = dbParameters["Password"]
+        self.dbPass = quote_plus(dbParameters["Password"])
         self.dbName = dbParameters["DBName"]
 
     def __init__(self, parentLogger=None):