Validate command argument for subprocess/remote-shell execution

[tcompa]

A couple of examples are the FractalSSH.remove_folder method https://github.com/fractal-analytics-platform/fractal-server/blob/05474dbf6b18848b893b994c50ed9d2e6777bba8/fractal_server/ssh/_fabric.py#L291-L308 or the following TaskCollectCustomV2 validator: https://github.com/fractal-analytics-platform/fractal-server/blob/fd3503ccdcffd429391fffb4f728ae4fca0b9998/fractal_server/app/schemas/v2/task_collection.py#L146-L155

Rather than re-defining this validation layer in multiple places, we should have a single validation function similar to these examples, and apply it every time we call e.g. subprocess.run or fabric.Connection.run.

[tcompa]

Ref https://www.oreilly.com/library/view/learning-the-bash/1565923472/ch01s09.html

[tcompa]

The new function validate_cmd is to be placed in https://github.com/fractal-analytics-platform/fractal-server/blob/main/fractal_server/string_tools.py, and used in front of any subprocess.run or FractalSSH.run_command call.

[tcompa]

If we move https://github.com/fractal-analytics-platform/fractal-server/blob/main/fractal_server/app/runner/run_subprocess.py up one level, we could include validate_cmd in this wrapper and then try to always use the wrapper rather than the raw function.

[tcompa]

• [ ] Define validate_cmd as described above (exceptions from the linked list: /, ", ', ~) - in string-tools
• [x] Define sanitize_cmd, with the same logic
• [ ] Unit tests of both
• [ ] Include validate_cmd explicitly before any call to subprocess.run and any fabric.Connection.run (e.g. self._connection.run somewhere)