#!/bin/bash

# The command rvtysh can be run as root priviledge by any user without password, only allow to execute readonly commands.

# The options in the show command cannot contains any charactors to run multiple sub-commands potentially, such as "\n", "\r", "|", "&", "$" and ";".
if printf -- "$*" | grep -qPz '[\n\r|&$;]'; then
    echo "Not allow to run the command, please use the comand 'sudo vtysh' instead." 1>&2
    exit 1
fi

# The sub commands must start with "show"
LAST_PARA=
for para in "$@"
do
    if [ "$LAST_PARA" == "-c" ] && [[ "$para" != show*  ]]; then
        echo "Not allow to run the command '$para', please use the comand 'sudo vtysh' instead." 1>&2
        exit 1
    fi
    LAST_PARA=$para
done

vtysh "$@"