1 new changeset in galaxy-central:
http://bitbucket.org/galaxy/galaxy-central/changeset/cf7ef2464568/
changeset: cf7ef2464568
branches:
user: greg
date: 2011-06-01 22:21:12
summary: Fix the ToolParamSanitizer unit test. Since mercurial imports locale.getpreferredencoding(), which is part of the Python stdlib, the behavior of python strings is re-sorted, so we have to sort them back...
affected #: 1 file (72 bytes)
--- a/lib/galaxy/tools/parameters/sanitize.py Wed Jun 01 15:47:04 2011 -0400
+++ b/lib/galaxy/tools/parameters/sanitize.py Wed Jun 01 16:21:12 2011 -0400
@@ -19,7 +19,7 @@
... <valid initial="string.letters"/>
... </sanitizer>
... ''' ) )
- >>> sanitizer.sanitize_param( string.printable ) == string.letters
+ >>> sanitizer.sanitize_param( ''.join( sorted( [ c for c in string.printable ] ) ) ) == ''.join( sorted( [ c for c in string.letters ] ) )
True
>>> slash = chr( 92 )
>>> sanitizer = ToolParameterSanitizer.from_element( XML(
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
1 new changeset in galaxy-central:
http://bitbucket.org/galaxy/galaxy-central/changeset/3297ec86d657/
changeset: 3297ec86d657
branches:
user: greg
date: 2011-06-01 21:20:43
summary: Several data library bug fixes:
- Determiining if an accessible dataset exists somewhere in the data library hierarchy now works all the time ( I believe ). It used to work most of the time, but under corner conditions, it would break.
- When importing dataset from a history into a data library, the dataset permissions are now correctly applied to the library dataset. The DATASET_MANAGE_PERMISSIONS permission is a spoecial case in that if it exists on the dataset, the LIBRARY_MANAGE permission must be applied to the library dataset.
- Fix for message display and db flushing when importing library dataset into a history.
- Do not render the folder pop-up menu option for selecting library dataset to import into histories if the folder does not contain any accessible library datasets.
affected #: 3 files (2.6 KB)
--- a/lib/galaxy/security/__init__.py Wed Jun 01 15:12:12 2011 -0400
+++ b/lib/galaxy/security/__init__.py Wed Jun 01 15:20:43 2011 -0400
@@ -287,8 +287,12 @@
if self.can_access_library_item( roles, library_dataset, user ):
return True
if search_downward:
- for folder in folder.active_folders:
- return self.has_accessible_library_datasets( trans, folder, user, roles, search_downward=search_downward )
+ return self.__active_folders_have_accessible_library_datasets( trans, folder, user, roles )
+ return False
+ def __active_folders_have_accessible_library_datasets( self, trans, folder, user, roles ):
+ for active_folder in folder.active_folders:
+ if self.has_accessible_library_datasets( trans, active_folder, user, roles ):
+ return True
return False
def can_access_library_item( self, roles, item, user ):
if type( item ) == self.model.Library:
--- a/lib/galaxy/web/controllers/library_common.py Wed Jun 01 15:12:12 2011 -0400
+++ b/lib/galaxy/web/controllers/library_common.py Wed Jun 01 15:20:43 2011 -0400
@@ -11,6 +11,7 @@
from galaxy.web.form_builder import AddressField, CheckboxField, SelectField, TextArea, TextField, WorkflowField, WorkflowMappingField, HistoryField
import logging, tempfile, zipfile, tarfile, os, sys, operator
from galaxy.eggs import require
+from galaxy.security import Action
# Whoosh is compatible with Python 2.5+ Try to import Whoosh and set flag to indicate whether tool search is enabled.
try:
require( "Whoosh" )
@@ -829,7 +830,7 @@
**kwd )
if created_outputs_dict:
if cntrller == 'api':
- # created_outputs_dict can only ever be a string if cntrller == 'api'
+ # created_outputs_dict can be a string only if cntrller == 'api'
if type( created_outputs_dict ) == str:
return 400, created_outputs_dict
return 200, created_outputs_dict
@@ -1211,6 +1212,27 @@
# LDDA and LibraryDataset.
trans.app.security_agent.copy_library_permissions( folder, ldda )
trans.app.security_agent.copy_library_permissions( folder, ldda.library_dataset )
+ # Make sure to apply any defined dataset permissions, allowing the permissions inherited from the folder to
+ # over-ride the same permissions on the dataset, if they exist.
+ dataset_permissions_dict = trans.app.security_agent.get_permissions( hda.dataset )
+ current_library_dataset_actions = [ permission.action for permission in ldda.library_dataset.actions ]
+ # The DATASET_MANAGE_PERMISSIONS permission on a dataset is a special case because if
+ # it exists, then we need to apply the LIBRARY_MANAGE permission to the library dataset.
+ dataset_manage_permissions_action = trans.app.security_agent.get_action( 'DATASET_MANAGE_PERMISSIONS' ).action
+ flush_needed = False
+ for action, roles in dataset_permissions_dict.items():
+ if isinstance( action, Action ):
+ action = action.action
+ if action == dataset_manage_permissions_action:
+ # Apply the LIBRARY_MANAGE permission to the library dataset.
+ action = trans.app.security_agent.get_action( 'LIBRARY_MANAGE' ).action
+ # Allow the permissions inherited from the folder to over-ride the same permissions on the dataset.
+ if action not in current_library_dataset_actions:
+ for ldp in [ trans.model.LibraryDatasetPermissions( action, ldda.library_dataset, role ) for role in roles ]:
+ trans.sa_session.add( ldp )
+ flush_needed = True
+ if flush_needed:
+ trans.sa_session.flush()
# Permissions must be the same on the LibraryDatasetDatasetAssociation and the associated LibraryDataset
trans.app.security_agent.copy_library_permissions( ldda.library_dataset, ldda )
if created_ldda_ids:
@@ -1605,7 +1627,7 @@
valid_lddas = []
invalid_lddas = []
for ldda in lddas:
- if trans.app.security_agent.can_manage_library_item( current_user_roles, ldda ):
+ if is_admin or trans.app.security_agent.can_manage_library_item( current_user_roles, ldda ):
valid_lddas.append( ldda )
valid_ldda_ids.append( ldda.id )
else:
@@ -1634,7 +1656,7 @@
valid_lddas = []
invalid_lddas = []
for ldda in lddas:
- if trans.app.security_agent.can_modify_library_item( current_user_roles, ldda ):
+ if is_admin or trans.app.security_agent.can_modify_library_item( current_user_roles, ldda ):
valid_lddas.append( ldda )
else:
invalid_lddas.append( ldda )
@@ -1859,6 +1881,7 @@
if len( target_histories ) != len( target_history_ids ):
message += "You do not have permission to add datasets to %i requested histories. " % ( len( target_history_ids ) - len( target_histories ) )
status = 'error'
+ flush_needed = False
for ldda in map( trans.sa_session.query( trans.app.model.LibraryDatasetDatasetAssociation ).get, ldda_ids ):
if ldda is None:
message += "You tried to import a dataset that does not exist. "
@@ -1875,15 +1898,18 @@
else:
for target_history in target_histories:
hda = ldda.to_history_dataset_association( target_history=target_history, add_to_history=True )
- trans.sa_session.flush()
- hist_names_str = ", ".join( [ target_history.name for target_history in target_histories ] )
- num_source = len( ldda_ids ) - invalid_datasets
- num_target = len( target_histories )
- message = "%i %s imported into %i %s: %s" % ( num_source,
- inflector.cond_plural( num_source, "dataset" ),
- num_target,
- inflector.cond_plural( num_target, "history" ),
- hist_names_str )
+ if not flush_needed:
+ flush_needed = True
+ if flush_needed:
+ trans.sa_session.flush()
+ hist_names_str = ", ".join( [ target_history.name for target_history in target_histories ] )
+ num_source = len( ldda_ids ) - invalid_datasets
+ num_target = len( target_histories )
+ message += "%i %s imported into %i %s: %s" % ( num_source,
+ inflector.cond_plural( num_source, "dataset" ),
+ num_target,
+ inflector.cond_plural( num_target, "history" ),
+ hist_names_str )
trans.sa_session.refresh( current_history )
current_user_roles = trans.get_current_user_roles()
source_lddas = []
--- a/templates/library/common/browse_library.mako Wed Jun 01 15:12:12 2011 -0400
+++ b/templates/library/common/browse_library.mako Wed Jun 01 15:20:43 2011 -0400
@@ -314,6 +314,7 @@
from galaxy.web.controllers.library_common import active_folders, active_folders_and_library_datasets, activatable_folders_and_library_datasets, branch_deleted
is_admin = trans.user_is_admin() and cntrller == 'library_admin'
+ has_accessible_library_datasets = trans.app.security_agent.has_accessible_library_datasets( trans, folder, trans.user, current_user_roles, search_downward=False )
if root_folder:
pad = folder_pad
@@ -380,7 +381,7 @@
<a class="action-button" href="${h.url_for( controller='library_common', action='create_folder', cntrller=cntrller, parent_id=trans.security.encode_id( folder.id ), library_id=trans.security.encode_id( library.id ), use_panels=use_panels, show_deleted=show_deleted )}">Add sub-folder</a>
%endif
%if not branch_deleted( folder ):
- %if self.has_accessible_datasets:
+ %if has_accessible_library_datasets:
<a class="action-button" href="${h.url_for( controller='library_common', action='import_datasets_to_histories', cntrller=cntrller, library_id=trans.security.encode_id( library.id ), folder_id=trans.security.encode_id( folder.id ), use_panels=use_panels, show_deleted=show_deleted )}">Select datasets for import into selected histories</a>
%endif
%if can_modify:
@@ -488,6 +489,7 @@
form_type = trans.model.FormDefinition.types.LIBRARY_INFO_TEMPLATE
self.has_accessible_datasets = trans.app.security_agent.has_accessible_library_datasets( trans, library.root_folder, trans.user, current_user_roles )
+ root_folder_has_accessible_library_datasets = trans.app.security_agent.has_accessible_library_datasets( trans, library.root_folder, trans.user, current_user_roles, search_downward=False )
has_accessible_folders = is_admin or trans.app.security_agent.has_accessible_folders( trans, library.root_folder, trans.user, current_user_roles )
tracked_datasets = {}
@@ -500,7 +502,7 @@
def __str__( self ):
return str( self.count )
%>
-
+
<h2>Data Library “${library.name}”</h2><ul class="manage-table-actions">
@@ -534,7 +536,7 @@
%endif
<a class="action-button" href="${h.url_for( controller='library_common', action='library_permissions', cntrller=cntrller, id=trans.security.encode_id( library.id ), use_panels=use_panels, show_deleted=show_deleted )}">Edit permissions</a>
%endif
- %if self.has_accessible_datasets:
+ %if root_folder_has_accessible_library_datasets:
<a class="action-button" href="${h.url_for( controller='library_common', action='import_datasets_to_histories', cntrller=cntrller, library_id=trans.security.encode_id( library.id ), folder_id=trans.security.encode_id( library.root_folder.id ), use_panels=use_panels, show_deleted=show_deleted )}">Select datasets for import into selected histories</a>
%endif
%elif can_modify and not library.purged:
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
1 new changeset in galaxy-central:
http://bitbucket.org/galaxy/galaxy-central/changeset/c1468d790495/
changeset: c1468d790495
branches:
user: natefoo
date: 2011-06-01 21:12:12
summary: Fix the user create/login links in the FTP upload form
affected #: 1 file (34 bytes)
--- a/lib/galaxy/web/form_builder.py Wed Jun 01 11:40:38 2011 -0400
+++ b/lib/galaxy/web/form_builder.py Wed Jun 01 15:12:12 2011 -0400
@@ -185,7 +185,7 @@
def get_html( self, prefix="" ):
rval = FTPFileField.thead
if self.dir is None:
- rval += '<tr><td colspan="3"><em>Please <a href="%s">create</a> or <a href="%s">log in to</a> a Galaxy account to view files uploaded via FTP.</em></td></tr>' % ( url_for( controller='user', action='create', referer=url_for( controller='root' ) ), url_for( controller='user', action='login', referer=url_for( controller='root' ) ) )
+ rval += '<tr><td colspan="3"><em>Please <a href="%s">create</a> or <a href="%s">log in to</a> a Galaxy account to view files uploaded via FTP.</em></td></tr>' % ( url_for( controller='user', action='create', cntrller='user', referer=url_for( controller='root' ) ), url_for( controller='user', action='login', cntrller='user', referer=url_for( controller='root' ) ) )
elif not os.path.exists( self.dir ):
rval += '<tr><td colspan="3"><em>Your FTP upload directory contains no files.</em></td></tr>'
else:
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.