November 2014 - galaxy-commits - lists.galaxyproject.org

commit/galaxy-central: 4 new changesets
by commits-noreply＠bitbucket.org 25 Nov '14

25 Nov '14

4 new commits in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/b040f24f2dff/ Changeset: b040f24f2dff User: gvk Date: 2014-11-21 18:35:02+00:00 Summary: Enhance the collect_primary_datasets() method to allow assignment of the defined output parameter for 3rd-party tools that manage tool outputs internally. Affected #: 1 file diff -r 7cb167299a13cc273a794f19363f32083096efdb -r b040f24f2dff8e748ff4385637916363d43ce1e2 lib/galaxy/tools/parameters/output_collect.py --- a/lib/galaxy/tools/parameters/output_collect.py +++ b/lib/galaxy/tools/parameters/output_collect.py @@ -5,7 +5,6 @@ import glob import json - from galaxy import jobs from galaxy import util from galaxy.util import odict @@ -30,8 +29,10 @@ # Loop through output file names, looking for generated primary # datasets in form of: # 'primary_associatedWithDatasetID_designation_visibility_extension(_DBKEY)' + primary_output_assigned = False + new_outdata_name = None primary_datasets = {} - for name, outdata in output.items(): + for output_index, ( name, outdata ) in enumerate( output.items() ): dataset_collectors = tool.outputs[ name ].dataset_collectors if name in tool.outputs else [ DEFAULT_DATASET_COLLECTOR ] filenames = odict.odict() if 'new_file_path' in app.config.collect_outputs_from: @@ -56,14 +57,20 @@ continue if extra_file_collector.match( outdata, filename ): filenames[ path ] = extra_file_collector - for filename, extra_file_collector in filenames.iteritems(): - if not name in primary_datasets: - primary_datasets[name] = {} + for filename_index, ( filename, extra_file_collector ) in enumerate( filenames.iteritems() ): fields_match = extra_file_collector.match( outdata, os.path.basename( filename ) ) if not fields_match: # Before I guess pop() would just have thrown an IndexError raise Exception( "Problem parsing metadata fields for file %s" % filename ) designation = fields_match.designation + if filename_index == 0 and extra_file_collector.assign_primary_output and output_index == 0: + new_outdata_name = fields_match.name or "%s (%s)" % ( outdata.name, designation ) + # Move data from temp location to dataset location + app.object_store.update_from_file( outdata.dataset, file_name=filename, create=True ) + primary_output_assigned = True + continue + if not name in primary_datasets: + primary_datasets[ name ] = {} visible = fields_match.visible ext = fields_match.ext if ext == "input": @@ -145,6 +152,13 @@ dataset.history.add_dataset( new_data ) sa_session.add( new_data ) sa_session.flush() + if primary_output_assigned: + outdata.name = new_outdata_name + outdata.init_meta() + outdata.set_meta() + outdata.set_peek() + sa_session.add( outdata ) + sa_session.flush() return primary_datasets @@ -178,6 +192,7 @@ self.default_ext = kwargs.get( "ext", None ) self.default_visible = util.asbool( kwargs.get( "visible", None ) ) self.directory = kwargs.get( "directory", None ) + self.assign_primary_output = util.asbool( kwargs.get( 'assign_primary_output', False ) ) def pattern_for_dataset( self, dataset_instance=None ): token_replacement = r'\d+' https://bitbucket.org/galaxy/galaxy-central/commits/45f92195479a/ Changeset: 45f92195479a User: jmchilton Date: 2014-11-26 03:01:49+00:00 Summary: Make dynamic discovery of output datasets deterministic. Should aid in testing and ... lets say ... reproducibility because that is popular in these parts. Affected #: 1 file diff -r b040f24f2dff8e748ff4385637916363d43ce1e2 -r 45f92195479ad49c8bf5a9564bfc6078dbc59bc1 lib/galaxy/tools/parameters/output_collect.py --- a/lib/galaxy/tools/parameters/output_collect.py +++ b/lib/galaxy/tools/parameters/output_collect.py @@ -51,7 +51,7 @@ raise Exception( "Problem with tool configuration, attempting to pull in datasets from outside working directory." ) if not os.path.isdir( directory ): continue - for filename in os.listdir( directory ): + for filename in sorted( os.listdir( directory ) ): path = os.path.join( directory, filename ) if not os.path.isfile( path ): continue https://bitbucket.org/galaxy/galaxy-central/commits/ef0e65b55ebb/ Changeset: ef0e65b55ebb User: jmchilton Date: 2014-11-26 03:13:17+00:00 Summary: Implement tool test demonstrating pull request 569. The new assign_primary_output attribute on discover_datasets tag. Affected #: 2 files diff -r 45f92195479ad49c8bf5a9564bfc6078dbc59bc1 -r ef0e65b55ebba822c8420f825e4b306e8018d7cb test/functional/tools/multi_output_assign_primary.xml --- /dev/null +++ b/test/functional/tools/multi_output_assign_primary.xml @@ -0,0 +1,34 @@ +<tool id="multi_output_assign_primary" name="multi_output_assign_primary" description="multi_output_assign_primary" version="0.1.0"> + <command> + echo "1" > sample1.report.tsv; + echo "2" > sample2.report.tsv; + echo "3" > sample3.report.tsv; + </command> + <inputs> + <param name="num_param" type="integer" value="7" /> + <param name="input" type="data" /> + </inputs> + <outputs> + <data format="tabular" name="sample"> + <discover_datasets pattern="(?P<designation>.+)\.report\.tsv" ext="tabular" visible="true" assign_primary_output="true" /> + </data> + </outputs> + <tests> + <test> + <param name="num_param" value="7" /> + <param name="input" ftype="txt" value="simple_line.txt"/> + <output name="sample"> + <assert_contents> + <has_line line="1" /> + </assert_contents> +  + <discovered_dataset designation="sample2" ftype="tabular"> + <assert_contents><has_line line="2" /></assert_contents> + </discovered_dataset> + <discovered_dataset designation="sample3" ftype="tabular"> + <assert_contents><has_line line="3" /></assert_contents> + </discovered_dataset> + </output> + </test> + </tests> +</tool> diff -r 45f92195479ad49c8bf5a9564bfc6078dbc59bc1 -r ef0e65b55ebba822c8420f825e4b306e8018d7cb test/functional/tools/samples_tool_conf.xml --- a/test/functional/tools/samples_tool_conf.xml +++ b/test/functional/tools/samples_tool_conf.xml @@ -9,6 +9,7 @@ <tool file="multi_select.xml" /><tool file="multi_output.xml" /><tool file="multi_output_configured.xml" /> + <tool file="multi_output_assign_primary.xml" /><tool file="composite_output.xml" /><tool file="metadata.xml" /><tool file="output_order.xml" /> https://bitbucket.org/galaxy/galaxy-central/commits/30132ca365ef/ Changeset: 30132ca365ef User: jmchilton Date: 2014-11-26 03:14:18+00:00 Summary: Merge pull request 569 with test implemented to demonstrate. Affected #: 3 files diff -r e4e1f70bc2d1a84219038b7e58b933a94b424da7 -r 30132ca365effac14fe5fd419ed39d20b83fcbc6 lib/galaxy/tools/parameters/output_collect.py --- a/lib/galaxy/tools/parameters/output_collect.py +++ b/lib/galaxy/tools/parameters/output_collect.py @@ -5,7 +5,6 @@ import glob import json - from galaxy import jobs from galaxy import util from galaxy.util import odict @@ -30,8 +29,10 @@ # Loop through output file names, looking for generated primary # datasets in form of: # 'primary_associatedWithDatasetID_designation_visibility_extension(_DBKEY)' + primary_output_assigned = False + new_outdata_name = None primary_datasets = {} - for name, outdata in output.items(): + for output_index, ( name, outdata ) in enumerate( output.items() ): dataset_collectors = tool.outputs[ name ].dataset_collectors if name in tool.outputs else [ DEFAULT_DATASET_COLLECTOR ] filenames = odict.odict() if 'new_file_path' in app.config.collect_outputs_from: @@ -50,20 +51,26 @@ raise Exception( "Problem with tool configuration, attempting to pull in datasets from outside working directory." ) if not os.path.isdir( directory ): continue - for filename in os.listdir( directory ): + for filename in sorted( os.listdir( directory ) ): path = os.path.join( directory, filename ) if not os.path.isfile( path ): continue if extra_file_collector.match( outdata, filename ): filenames[ path ] = extra_file_collector - for filename, extra_file_collector in filenames.iteritems(): - if not name in primary_datasets: - primary_datasets[name] = {} + for filename_index, ( filename, extra_file_collector ) in enumerate( filenames.iteritems() ): fields_match = extra_file_collector.match( outdata, os.path.basename( filename ) ) if not fields_match: # Before I guess pop() would just have thrown an IndexError raise Exception( "Problem parsing metadata fields for file %s" % filename ) designation = fields_match.designation + if filename_index == 0 and extra_file_collector.assign_primary_output and output_index == 0: + new_outdata_name = fields_match.name or "%s (%s)" % ( outdata.name, designation ) + # Move data from temp location to dataset location + app.object_store.update_from_file( outdata.dataset, file_name=filename, create=True ) + primary_output_assigned = True + continue + if not name in primary_datasets: + primary_datasets[ name ] = {} visible = fields_match.visible ext = fields_match.ext if ext == "input": @@ -145,6 +152,13 @@ dataset.history.add_dataset( new_data ) sa_session.add( new_data ) sa_session.flush() + if primary_output_assigned: + outdata.name = new_outdata_name + outdata.init_meta() + outdata.set_meta() + outdata.set_peek() + sa_session.add( outdata ) + sa_session.flush() return primary_datasets @@ -178,6 +192,7 @@ self.default_ext = kwargs.get( "ext", None ) self.default_visible = util.asbool( kwargs.get( "visible", None ) ) self.directory = kwargs.get( "directory", None ) + self.assign_primary_output = util.asbool( kwargs.get( 'assign_primary_output', False ) ) def pattern_for_dataset( self, dataset_instance=None ): token_replacement = r'\d+' diff -r e4e1f70bc2d1a84219038b7e58b933a94b424da7 -r 30132ca365effac14fe5fd419ed39d20b83fcbc6 test/functional/tools/multi_output_assign_primary.xml --- /dev/null +++ b/test/functional/tools/multi_output_assign_primary.xml @@ -0,0 +1,34 @@ +<tool id="multi_output_assign_primary" name="multi_output_assign_primary" description="multi_output_assign_primary" version="0.1.0"> + <command> + echo "1" > sample1.report.tsv; + echo "2" > sample2.report.tsv; + echo "3" > sample3.report.tsv; + </command> + <inputs> + <param name="num_param" type="integer" value="7" /> + <param name="input" type="data" /> + </inputs> + <outputs> + <data format="tabular" name="sample"> + <discover_datasets pattern="(?P<designation>.+)\.report\.tsv" ext="tabular" visible="true" assign_primary_output="true" /> + </data> + </outputs> + <tests> + <test> + <param name="num_param" value="7" /> + <param name="input" ftype="txt" value="simple_line.txt"/> + <output name="sample"> + <assert_contents> + <has_line line="1" /> + </assert_contents> +  + <discovered_dataset designation="sample2" ftype="tabular"> + <assert_contents><has_line line="2" /></assert_contents> + </discovered_dataset> + <discovered_dataset designation="sample3" ftype="tabular"> + <assert_contents><has_line line="3" /></assert_contents> + </discovered_dataset> + </output> + </test> + </tests> +</tool> diff -r e4e1f70bc2d1a84219038b7e58b933a94b424da7 -r 30132ca365effac14fe5fd419ed39d20b83fcbc6 test/functional/tools/samples_tool_conf.xml --- a/test/functional/tools/samples_tool_conf.xml +++ b/test/functional/tools/samples_tool_conf.xml @@ -9,6 +9,7 @@ <tool file="multi_select.xml" /><tool file="multi_output.xml" /><tool file="multi_output_configured.xml" /> + <tool file="multi_output_assign_primary.xml" /><tool file="composite_output.xml" /><tool file="metadata.xml" /><tool file="output_order.xml" /> Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.

1 0

commit/galaxy-central: jmchilton: PEP-8 fixes for test.base.asserts.
by commits-noreply＠bitbucket.org 25 Nov '14

25 Nov '14

1 new commit in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/e4e1f70bc2d1/ Changeset: e4e1f70bc2d1 User: jmchilton Date: 2014-11-26 01:57:56+00:00 Summary: PEP-8 fixes for test.base.asserts. Some of the first Python code I ever wrote - and one can tell :). Affected #: 4 files diff -r bfa13d090966889c74512497bfcaafb732c08a41 -r e4e1f70bc2d1a84219038b7e58b933a94b424da7 test/base/asserts/__init__.py --- a/test/base/asserts/__init__.py +++ b/test/base/asserts/__init__.py @@ -8,7 +8,7 @@ # Code for loading modules containing assertion checking functions, to # create a new module of assertion functions, create the needed python # source file "test/base/asserts/<MODULE_NAME>.py" and add -# <MODULE_NAME> to the list of assertion module names defined above. +# <MODULE_NAME> to the list of assertion module names defined above. assertion_modules = [] for assertion_module_name in assertion_module_names: full_assertion_module_name = 'base.asserts.' + assertion_module_name @@ -19,7 +19,8 @@ assertion_module = sys.modules[full_assertion_module_name] assertion_modules.append(assertion_module) except Exception, e: - log.exception( 'Failed to load assertion module: %s %s' % (assertion_module_name, str(e))) + log.exception('Failed to load assertion module: %s %s' % (assertion_module_name, str(e))) + def verify_assertions(data, assertion_description_list): """ This function takes a list of assertions and a string to check @@ -27,6 +28,7 @@ for assertion_description in assertion_description_list: verify_assertion(data, assertion_description) + def verify_assertion(data, assertion_description): tag = assertion_description["tag"] assert_function_name = "assert_" + tag @@ -73,4 +75,3 @@ # TODO: Verify all needed function arguments are specified. assert_function(**args) - diff -r bfa13d090966889c74512497bfcaafb732c08a41 -r e4e1f70bc2d1a84219038b7e58b933a94b424da7 test/base/asserts/tabular.py --- a/test/base/asserts/tabular.py +++ b/test/base/asserts/tabular.py @@ -1,13 +1,15 @@ import re + def get_first_line(output): - match = re.search("^(.*)$", output, flags = re.MULTILINE) + match = re.search("^(.*)$", output, flags=re.MULTILINE) if match is None: return None else: return match.group(1) -def assert_has_n_columns(output, n, sep = '\t'): + +def assert_has_n_columns(output, n, sep='\t'): """ Asserts the tabular output contains n columns. The optional sep argument specifies the column seperator used to determine the number of columns.""" diff -r bfa13d090966889c74512497bfcaafb732c08a41 -r e4e1f70bc2d1a84219038b7e58b933a94b424da7 test/base/asserts/text.py --- a/test/base/asserts/text.py +++ b/test/base/asserts/text.py @@ -1,30 +1,34 @@ import re + def assert_has_text(output, text): """ Asserts specified output contains the substring specified by the argument text.""" assert output.find(text) >= 0, "Output file did not contain expected text '%s' (ouptut '%s')" % (text, output) - + + def assert_not_has_text(output, text): """ Asserts specified output does not contain the substring specified the argument text.""" assert output.find(text) < 0, "Output file contains unexpected text '%s'" % text + def assert_has_line(output, line): """ Asserts the specified output contains the line specified the argument line.""" - match = re.search("^%s$" % re.escape(line), output, flags = re.MULTILINE) - assert match != None, "No line of output file was '%s' (output was '%s') " % (line, output) + match = re.search("^%s$" % re.escape(line), output, flags=re.MULTILINE) + assert match is not None, "No line of output file was '%s' (output was '%s') " % (line, output) + def assert_has_text_matching(output, expression): """ Asserts the specified output contains text matching the regular expression specified by the argument expression.""" match = re.search(expression, output) - assert match != None, "No text matching expression '%s' was found in output file." % expression + assert match is not None, "No text matching expression '%s' was found in output file." % expression + def assert_has_line_matching(output, expression): """ Asserts the specified output contains a line matching the regular expression specified by the argument expression.""" - match = re.search("^%s$" % expression, output, flags = re.MULTILINE) - assert match != None, "No line matching expression '%s' was found in output file." % expression - + match = re.search("^%s$" % expression, output, flags=re.MULTILINE) + assert match is not None, "No line matching expression '%s' was found in output file." % expression diff -r bfa13d090966889c74512497bfcaafb732c08a41 -r e4e1f70bc2d1a84219038b7e58b933a94b424da7 test/base/asserts/xml.py --- a/test/base/asserts/xml.py +++ b/test/base/asserts/xml.py @@ -1,77 +1,88 @@ import elementtree.ElementTree import re + # Helper functions used to work with XML output. def to_xml(output): - return elementtree.ElementTree.fromstring(output) + return elementtree.ElementTree.fromstring(output) + def xml_find_text(output, path): - xml = to_xml(output) - text = xml.findtext(path) - return text + xml = to_xml(output) + text = xml.findtext(path) + return text + def xml_find(output, path): - xml = to_xml(output) - return xml.find(path) + xml = to_xml(output) + return xml.find(path) + def assert_is_valid_xml(output): - """ Simple assertion that just verifies the specified output - is valid XML.""" - try: - to_xml(output) - except Exception, e: - # TODO: Narrow caught exception to just parsing failure - raise AssertionError("Expected valid XML, but could not parse output. %s" % str(e)) + """ Simple assertion that just verifies the specified output + is valid XML.""" + try: + to_xml(output) + except Exception, e: + # TODO: Narrow caught exception to just parsing failure + raise AssertionError("Expected valid XML, but could not parse output. %s" % str(e)) + def assert_has_element_with_path(output, path): - """ Asserts the specified output has at least one XML element with a - path matching the specified path argument. Valid paths are the - simplified subsets of XPath implemented by elementtree (currently - Galaxy makes use of elementtree 1.2). See - http://effbot.org/zone/element-xpath.htm for more information.""" - if xml_find(output, path) is None: - errmsg = "Expected to find XML element matching expression %s, not such match was found." % path - raise AssertionError(errmsg) + """ Asserts the specified output has at least one XML element with a + path matching the specified path argument. Valid paths are the + simplified subsets of XPath implemented by elementtree (currently + Galaxy makes use of elementtree 1.2). See + http://effbot.org/zone/element-xpath.htm for more information.""" + if xml_find(output, path) is None: + errmsg = "Expected to find XML element matching expression %s, not such match was found." % path + raise AssertionError(errmsg) + def assert_has_n_elements_with_path(output, path, n): - """ Asserts the specified output has exactly n elements matching the - path specified.""" - xml = to_xml(output) - n = int(n) - num_elements = len(xml.findall(path)) - if num_elements != n: - errmsg = "Expected to find %d elements with path %s, but %d were found." % (n, path, num_elements) - raise AssertionError(errmsg) + """ Asserts the specified output has exactly n elements matching the + path specified.""" + xml = to_xml(output) + n = int(n) + num_elements = len(xml.findall(path)) + if num_elements != n: + errmsg = "Expected to find %d elements with path %s, but %d were found." % (n, path, num_elements) + raise AssertionError(errmsg) + def assert_element_text_matches(output, path, expression): - """ Asserts the text of the first element matching the specified - path matches the specified regular expression.""" - text = xml_find_text(output, path) - if re.match(expression, text) is None: - errmsg = "Expected element with path '%s' to contain text matching '%s', instead text '%s' was found." % (path, text, actual_text) - raise AssertionError(errmsg) + """ Asserts the text of the first element matching the specified + path matches the specified regular expression.""" + text = xml_find_text(output, path) + if re.match(expression, text) is None: + errmsg = "Expected element with path '%s' to contain text matching '%s', instead text '%s' was found." % (path, expression, text) + raise AssertionError(errmsg) + def assert_element_text_is(output, path, text): - """ Asserts the text of the first element matching the specified - path matches exactly the specified text. """ - assert_element_text_matches(output, path, re.escape(text)) + """ Asserts the text of the first element matching the specified + path matches exactly the specified text. """ + assert_element_text_matches(output, path, re.escape(text)) + def assert_attribute_matches(output, path, attribute, expression): - """ Asserts the specified attribute of the first element matching - the specified path matches the specified regular expression.""" - xml = xml_find(output, path) - attribute_value = xml.attrib[attribute] - if re.match(expression, attribute_value) is None: - errmsg = "Expected attribute '%s' on element with path '%s' to match '%s', instead attribute value was '%s'." % (attribute, path, expression, attribute_value) - raise AssertionError(errmsg) + """ Asserts the specified attribute of the first element matching + the specified path matches the specified regular expression.""" + xml = xml_find(output, path) + attribute_value = xml.attrib[attribute] + if re.match(expression, attribute_value) is None: + errmsg = "Expected attribute '%s' on element with path '%s' to match '%s', instead attribute value was '%s'." % (attribute, path, expression, attribute_value) + raise AssertionError(errmsg) + def assert_attribute_is(output, path, attribute, text): - """ Asserts the specified attribute of the first element matching - the specified path matches exactly the specified text.""" - assert_attribute_matches(output, path, attribute, re.escape(text)) + """ Asserts the specified attribute of the first element matching + the specified path matches exactly the specified text.""" + assert_attribute_matches(output, path, attribute, re.escape(text)) + def assert_element_text(output, path, verify_assertions_function, children): - """ Recursively checks the specified assertions against the text of - the first element matching the specified path.""" - text = xml_find_text(output, path) - verify_assertions_function(text, children) + """ Recursively checks the specified assertions against the text of + the first element matching the specified path.""" + text = xml_find_text(output, path) + verify_assertions_function(text, children) Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.

1 0

commit/galaxy-central: 2 new changesets
by commits-noreply＠bitbucket.org 25 Nov '14

25 Nov '14

2 new commits in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/c16fea918b33/ Changeset: c16fea918b33 Branch: next-stable User: jmchilton Date: 2014-11-26 01:52:30+00:00 Summary: Fixes for /dataset_collections API endpoint. Guess this is not as utilized as the variant under /histories. Affected #: 1 file diff -r 2d80e9cfb833b7cf50d5f60ae77368bc966ca29a -r c16fea918b33fd4e1ec52c3b5c38981d9c88cfa0 lib/galaxy/webapps/galaxy/api/dataset_collections.py --- a/lib/galaxy/webapps/galaxy/api/dataset_collections.py +++ b/lib/galaxy/webapps/galaxy/api/dataset_collections.py @@ -56,7 +56,8 @@ @expose_api def show( self, trans, instance_type, id, **kwds ): - dataset_collection_instance = self.__service( trans ).get( + dataset_collection_instance = self.__service( trans ).get_dataset_collection_instance( + trans, id=id, instance_type=instance_type, ) @@ -67,7 +68,12 @@ else: trans.status = 501 return - return dictify_dataset_collection_instance( trans, dataset_collection_instance, parent ) + return dictify_dataset_collection_instance( + dataset_collection_instance, + security=trans.security, + parent=parent, + view='element' + ) def __service( self, trans ): service = trans.app.dataset_collections_service https://bitbucket.org/galaxy/galaxy-central/commits/bfa13d090966/ Changeset: bfa13d090966 User: jmchilton Date: 2014-11-26 01:53:50+00:00 Summary: Merge next-stable into default. Affected #: 12 files diff -r ce8a617dcdb199e97e7d4249f548e78a4530d18a -r bfa13d090966889c74512497bfcaafb732c08a41 client/galaxy/scripts/galaxy.masthead.js --- a/client/galaxy/scripts/galaxy.masthead.js +++ b/client/galaxy/scripts/galaxy.masthead.js @@ -251,28 +251,31 @@ }, // initialize - initialize: function (options){ + initialize: function ( options ){ // read in defaults - if (options) - this.options = _.defaults(options, this.options); - + if ( options ){ + this.options = _.defaults( options, this.options ); + } + // update url - if (this.options.content && this.options.content.indexOf('//') === -1) + if ( this.options.content !== undefined && this.options.content.indexOf( '//' ) === -1 ){ this.options.content = galaxy_config.root + this.options.content; + } // add template for tab - this.setElement($(this._template(this.options))); + this.setElement( $( this._template( this.options ) ) ); // disable menu items that are not available to anonymous user // also show title to explain why they are disabled - if (this.options.disabled){ - $(this.el).find('.root').addClass('disabled'); + if ( this.options.disabled ){ + $( this.el ).find( '.root' ).addClass( 'disabled' ); this._attachPopover(); } // visiblity - if (!this.options.visible) + if ( !this.options.visible ){ this.hide(); + } }, // show diff -r ce8a617dcdb199e97e7d4249f548e78a4530d18a -r bfa13d090966889c74512497bfcaafb732c08a41 client/galaxy/scripts/galaxy.menu.js --- a/client/galaxy/scripts/galaxy.menu.js +++ b/client/galaxy/scripts/galaxy.menu.js @@ -167,7 +167,7 @@ var tab_admin = new mod_masthead.GalaxyMastheadTab({ id : "admin", title : "Admin", - content : "admin/index", + content : "admin", extra_class : "admin-only", title_attribute : 'Administer this Galaxy' }); diff -r ce8a617dcdb199e97e7d4249f548e78a4530d18a -r bfa13d090966889c74512497bfcaafb732c08a41 lib/galaxy/webapps/galaxy/api/dataset_collections.py --- a/lib/galaxy/webapps/galaxy/api/dataset_collections.py +++ b/lib/galaxy/webapps/galaxy/api/dataset_collections.py @@ -56,7 +56,8 @@ @expose_api def show( self, trans, instance_type, id, **kwds ): - dataset_collection_instance = self.__service( trans ).get( + dataset_collection_instance = self.__service( trans ).get_dataset_collection_instance( + trans, id=id, instance_type=instance_type, ) @@ -67,7 +68,12 @@ else: trans.status = 501 return - return dictify_dataset_collection_instance( trans, dataset_collection_instance, parent ) + return dictify_dataset_collection_instance( + dataset_collection_instance, + security=trans.security, + parent=parent, + view='element' + ) def __service( self, trans ): service = trans.app.dataset_collections_service diff -r ce8a617dcdb199e97e7d4249f548e78a4530d18a -r bfa13d090966889c74512497bfcaafb732c08a41 lib/galaxy/webapps/galaxy/controllers/dataset.py --- a/lib/galaxy/webapps/galaxy/controllers/dataset.py +++ b/lib/galaxy/webapps/galaxy/controllers/dataset.py @@ -9,8 +9,7 @@ from galaxy.util.sanitize_html import sanitize_html from galaxy.util.json import loads from galaxy.web.base.controller import BaseUIController, ERROR, SUCCESS, url_for, UsesHistoryDatasetAssociationMixin, UsesHistoryMixin, UsesExtendedMetadataMixin -from galaxy.web.framework.helpers import grids, iff, time_ago -from galaxy.web.framework.helpers import to_unicode +from galaxy.web.framework.helpers import grids, iff, time_ago, to_unicode, escape from galaxy.tools.errors import EmailErrorReporter eggs.require( "Paste" ) @@ -506,7 +505,7 @@ # Set referer message. referer = trans.request.referer if referer is not "": - referer_message = "<a href='%s'>return to the previous page</a>" % referer + referer_message = "<a href='%s'>return to the previous page</a>" % escape(referer) else: referer_message = "<a href='%s'>go to Galaxy's start page</a>" % url_for( '/' ) # Error checking. diff -r ce8a617dcdb199e97e7d4249f548e78a4530d18a -r bfa13d090966889c74512497bfcaafb732c08a41 lib/galaxy/webapps/galaxy/controllers/history.py --- a/lib/galaxy/webapps/galaxy/controllers/history.py +++ b/lib/galaxy/webapps/galaxy/controllers/history.py @@ -19,7 +19,7 @@ from galaxy.web.base.controller import ExportsHistoryMixin from galaxy.web.base.controller import ImportsHistoryMixin from galaxy.web.base.controller import ERROR, INFO, SUCCESS, WARNING -from galaxy.web.framework.helpers import grids, iff, time_ago +from galaxy.web.framework.helpers import grids, iff, time_ago, escape log = logging.getLogger( __name__ ) @@ -1291,7 +1291,7 @@ else: referer = trans.request.referer if referer is not "": - referer_message = "<a href='%s'>return to the previous page</a>" % referer + referer_message = "<a href='%s'>return to the previous page</a>" % escape(referer) else: referer_message = "<a href='%s'>go to Galaxy's start page</a>" % url_for( '/' ) diff -r ce8a617dcdb199e97e7d4249f548e78a4530d18a -r bfa13d090966889c74512497bfcaafb732c08a41 lib/galaxy/webapps/galaxy/controllers/user.py --- a/lib/galaxy/webapps/galaxy/controllers/user.py +++ b/lib/galaxy/webapps/galaxy/controllers/user.py @@ -611,8 +611,8 @@ else: refresh_frames = [ 'masthead' ] trans.handle_user_logout( logout_all=logout_all ) - message = 'You have been logged out.<br>You can log in again, <a target="_top" href="%s">go back to the page you were visiting</a> or <a target="_top" href="%s">go to the home page</a>.' % \ - ( trans.request.referer, url_for( '/' ) ) + message = 'You have been logged out.<br>To log in again <a target="_top" href="%s">go to the home page</a>.' % \ + ( url_for( '/' ) ) if biostar.biostar_logged_in( trans ): biostar_url = biostar.biostar_logout( trans ) if biostar_url: diff -r ce8a617dcdb199e97e7d4249f548e78a4530d18a -r bfa13d090966889c74512497bfcaafb732c08a41 lib/galaxy/webapps/galaxy/controllers/visualization.py --- a/lib/galaxy/webapps/galaxy/controllers/visualization.py +++ b/lib/galaxy/webapps/galaxy/controllers/visualization.py @@ -9,7 +9,7 @@ from galaxy import model, web from galaxy.model.item_attrs import UsesAnnotations, UsesItemRatings from galaxy.web.base.controller import BaseUIController, SharableMixin, UsesVisualizationMixin -from galaxy.web.framework.helpers import time_ago, grids +from galaxy.web.framework.helpers import time_ago, grids, escape from galaxy import util from galaxy.datatypes.interval import Bed from galaxy.util.json import loads @@ -123,7 +123,7 @@ # or_( "metadata like '%%\"dbkey\": [\"?\"]%%'", "metadata like '%%\"dbkey\": \"?\"%%'" ) \ # ) # ) - + class HistoryColumn( grids.GridColumn ): """ Column for filtering by history id. """ @@ -360,7 +360,7 @@ @web.expose @web.require_login( "use Galaxy visualizations", use_panels=True ) def list( self, trans, *args, **kwargs ): - + # Handle operation if 'operation' in kwargs and 'id' in kwargs: session = trans.sa_session @@ -388,7 +388,7 @@ kwargs[ 'embedded' ] = True grid = self._user_list_grid( trans, *args, **kwargs ) return trans.fill_template( "visualization/list.mako", embedded_grid=grid, shared_by_others=shared_by_others ) - + # # -- Functions for operating on visualizations. -- # @@ -459,7 +459,7 @@ # Set referer message. referer = trans.request.referer if referer is not "": - referer_message = "<a href='%s'>return to the previous page</a>" % referer + referer_message = "<a href='%s'>return to the previous page</a>" % escape(referer) else: referer_message = "<a href='%s'>go to Galaxy's start page</a>" % web.url_for( '/' ) diff -r ce8a617dcdb199e97e7d4249f548e78a4530d18a -r bfa13d090966889c74512497bfcaafb732c08a41 lib/galaxy/webapps/galaxy/controllers/workflow.py --- a/lib/galaxy/webapps/galaxy/controllers/workflow.py +++ b/lib/galaxy/webapps/galaxy/controllers/workflow.py @@ -22,8 +22,7 @@ from galaxy.web import error, url_for from galaxy.web.base.controller import BaseUIController, SharableMixin, UsesStoredWorkflowMixin from galaxy.web.framework.formbuilder import form -from galaxy.web.framework.helpers import grids, time_ago -from galaxy.web.framework.helpers import to_unicode +from galaxy.web.framework.helpers import grids, time_ago, to_unicode, escape from galaxy.workflow.modules import WorkflowModuleInjector from galaxy.workflow.modules import MissingToolException from galaxy.workflow.modules import module_factory, is_tool_module_type @@ -389,7 +388,7 @@ # Set referer message. referer = trans.request.referer if referer is not "": - referer_message = "<a href='%s'>return to the previous page</a>" % referer + referer_message = "<a href='%s'>return to the previous page</a>" % escape(referer) else: referer_message = "<a href='%s'>go to Galaxy's start page</a>" % url_for( '/' ) diff -r ce8a617dcdb199e97e7d4249f548e78a4530d18a -r bfa13d090966889c74512497bfcaafb732c08a41 static/scripts/galaxy.masthead.js --- a/static/scripts/galaxy.masthead.js +++ b/static/scripts/galaxy.masthead.js @@ -251,28 +251,31 @@ }, // initialize - initialize: function (options){ + initialize: function ( options ){ // read in defaults - if (options) - this.options = _.defaults(options, this.options); - + if ( options ){ + this.options = _.defaults( options, this.options ); + } + // update url - if (this.options.content && this.options.content.indexOf('//') === -1) + if ( this.options.content !== undefined && this.options.content.indexOf( '//' ) === -1 ){ this.options.content = galaxy_config.root + this.options.content; + } // add template for tab - this.setElement($(this._template(this.options))); + this.setElement( $( this._template( this.options ) ) ); // disable menu items that are not available to anonymous user // also show title to explain why they are disabled - if (this.options.disabled){ - $(this.el).find('.root').addClass('disabled'); + if ( this.options.disabled ){ + $( this.el ).find( '.root' ).addClass( 'disabled' ); this._attachPopover(); } // visiblity - if (!this.options.visible) + if ( !this.options.visible ){ this.hide(); + } }, // show diff -r ce8a617dcdb199e97e7d4249f548e78a4530d18a -r bfa13d090966889c74512497bfcaafb732c08a41 static/scripts/galaxy.menu.js --- a/static/scripts/galaxy.menu.js +++ b/static/scripts/galaxy.menu.js @@ -167,7 +167,7 @@ var tab_admin = new mod_masthead.GalaxyMastheadTab({ id : "admin", title : "Admin", - content : "admin/index", + content : "admin", extra_class : "admin-only", title_attribute : 'Administer this Galaxy' }); diff -r ce8a617dcdb199e97e7d4249f548e78a4530d18a -r bfa13d090966889c74512497bfcaafb732c08a41 static/scripts/packed/galaxy.masthead.js --- a/static/scripts/packed/galaxy.masthead.js +++ b/static/scripts/packed/galaxy.masthead.js @@ -1,1 +1,1 @@ -define([],function(){var a=Backbone.View.extend({el_masthead:"#everything",options:null,$background:null,list:[],initialize:function(e){this.options=e;$("body").off();this.setElement($(this._template(e)));$(this.el_masthead).append($(this.el));this.$background=$(this.el).find("#masthead-background");var d=this;$(window).on("beforeunload",function(){var g="";for(key in d.list){if(d.list[key].options.onunload){var f=d.list[key].options.onunload();if(f){g+=f+" "}}}if(g!=""){return g}})},events:{click:"_click",mousedown:function(d){d.preventDefault()}},append:function(d){return this._add(d,true)},prepend:function(d){return this._add(d,false)},highlight:function(e){var d=$(this.el).find("#"+e+"> li");if(d){d.addClass("active")}},_add:function(g,e){var d=$(this.el).find("#"+g.location);if(d){var f=$(g.el);f.addClass("masthead-item");if(e){d.append(f)}else{d.prepend(f)}this.list.push(g)}return null},_click:function(g){var f=$(this.el).find(".popup");if(f){f.hide()}var d=$(g.target).closest(".masthead-item").find(".popup");if($(g.target).hasClass("head")){d.show();this.$background.show()}else{this.$background.hide()}},_template:function(d){var e=d.brand?("/ "+d.brand):"";return'<div><div id="masthead" class="navbar navbar-fixed-top navbar-inverse"><div style="position: relative; right: -50%; float: left;"><div id="navbar" style="display: block; position: relative; right: 50%;"></div></div><div class="navbar-brand"><a href="'+d.logo_url+'"><img border="0" src="'+galaxy_config.root+'static/images/galaxyIcon_noText.png"><span id="brand"> Galaxy '+e+'</span></a></div><div class="quota-meter-container"></div><div id="iconbar" class="iconbar"></div></div><div id="masthead-background" style="display: none; position: absolute; top: 33px; width: 100%; height: 100%; z-index: 1010"></div></div>'}});var b=Backbone.View.extend({options:{id:"",icon:"fa-cog",tooltip:"",with_number:false,onclick:function(){alert("clicked")},onunload:null,visible:true},location:"iconbar",initialize:function(e){if(e){this.options=_.defaults(e,this.options)}this.setElement($(this._template(this.options)));var d=this;$(this.el).find(".icon").tooltip({title:this.options.tooltip,placement:"bottom"}).on("mouseup",d.options.onclick);if(!this.options.visible){this.hide()}},show:function(){$(this.el).css({visibility:"visible"})},hide:function(){$(this.el).css({visibility:"hidden"})},icon:function(d){$(this.el).find(".icon").removeClass(this.options.icon).addClass(d);this.options.icon=d},toggle:function(){$(this.el).addClass("toggle")},untoggle:function(){$(this.el).removeClass("toggle")},number:function(d){$(this.el).find(".number").text(d)},_template:function(e){var d='<div id="'+e.id+'" class="symbol"><div class="icon fa fa-2x '+e.icon+'"></div>';if(e.with_number){d+='<div class="number"></div>'}d+="</div>";return d}});var c=Backbone.View.extend({options:{id:"",title:"",target:"_parent",content:"",type:"url",scratchbook:false,onunload:null,visible:true,disabled:false,title_attribute:""},location:"navbar",$menu:null,events:{"click .head":"_head"},initialize:function(d){if(d){this.options=_.defaults(d,this.options)}if(this.options.content&&this.options.content.indexOf("//")===-1){this.options.content=galaxy_config.root+this.options.content}this.setElement($(this._template(this.options)));if(this.options.disabled){$(this.el).find(".root").addClass("disabled");this._attachPopover()}if(!this.options.visible){this.hide()}},show:function(){$(this.el).css({visibility:"visible"})},hide:function(){$(this.el).css({visibility:"hidden"})},add:function(f){var g={title:"Title",content:"",type:"url",target:"_parent",scratchbook:false,divider:false};if(f){g=_.defaults(f,g)}if(g.content&&g.content.indexOf("//")===-1){g.content=galaxy_config.root+g.content}if(!this.$menu){$(this.el).find(".root").append(this._templateMenu());$(this.el).find(".symbol").addClass("caret");this.$menu=$(this.el).find(".popup")}var e=$(this._templateMenuItem(g));this.$menu.append(e);var d=this;e.on("click",function(h){h.preventDefault();if(d.options.target==="_blank"){return true}Galaxy.frame.add(f)});if(g.divider){this.$menu.append($(this._templateDivider()))}},_head:function(d){d.preventDefault();if(this.options.disabled){return}if(!this.$menu){Galaxy.frame.add(this.options)}},_attachPopover:function(){var d=$(this.el).find(".head");d.popover({html:true,content:'Please <a href="'+galaxy_config.root+'/user/login">log in</a> or <a href="'+galaxy_config.root+'/user/create">register</a> to use this feature.',placement:"bottom"}).on("shown.bs.popover",function(){setTimeout(function(){d.popover("hide")},5000)})},_templateMenuItem:function(d){return'<li><a href="'+d.content+'" target="'+d.target+'">'+d.title+"</a></li>"},_templateMenu:function(){return'<ul class="popup dropdown-menu"></ul>'},_templateDivider:function(){return'<li class="divider"></li>'},_template:function(e){var d='<ul id="'+e.id+'" class="nav navbar-nav" border="0" cellspacing="0"><li class="root dropdown" style=""><a class="head dropdown-toggle" data-toggle="dropdown" target="'+e.target+'" href="'+e.content+'" title="'+e.title_attribute+'">'+e.title+'<b class="symbol"></b></a></li></ul>';return d}});return{GalaxyMasthead:a,GalaxyMastheadTab:c,GalaxyMastheadIcon:b}}); \ No newline at end of file +define([],function(){var a=Backbone.View.extend({el_masthead:"#everything",options:null,$background:null,list:[],initialize:function(e){this.options=e;$("body").off();this.setElement($(this._template(e)));$(this.el_masthead).append($(this.el));this.$background=$(this.el).find("#masthead-background");var d=this;$(window).on("beforeunload",function(){var g="";for(key in d.list){if(d.list[key].options.onunload){var f=d.list[key].options.onunload();if(f){g+=f+" "}}}if(g!=""){return g}})},events:{click:"_click",mousedown:function(d){d.preventDefault()}},append:function(d){return this._add(d,true)},prepend:function(d){return this._add(d,false)},highlight:function(e){var d=$(this.el).find("#"+e+"> li");if(d){d.addClass("active")}},_add:function(g,e){var d=$(this.el).find("#"+g.location);if(d){var f=$(g.el);f.addClass("masthead-item");if(e){d.append(f)}else{d.prepend(f)}this.list.push(g)}return null},_click:function(g){var f=$(this.el).find(".popup");if(f){f.hide()}var d=$(g.target).closest(".masthead-item").find(".popup");if($(g.target).hasClass("head")){d.show();this.$background.show()}else{this.$background.hide()}},_template:function(d){var e=d.brand?("/ "+d.brand):"";return'<div><div id="masthead" class="navbar navbar-fixed-top navbar-inverse"><div style="position: relative; right: -50%; float: left;"><div id="navbar" style="display: block; position: relative; right: 50%;"></div></div><div class="navbar-brand"><a href="'+d.logo_url+'"><img border="0" src="'+galaxy_config.root+'static/images/galaxyIcon_noText.png"><span id="brand"> Galaxy '+e+'</span></a></div><div class="quota-meter-container"></div><div id="iconbar" class="iconbar"></div></div><div id="masthead-background" style="display: none; position: absolute; top: 33px; width: 100%; height: 100%; z-index: 1010"></div></div>'}});var b=Backbone.View.extend({options:{id:"",icon:"fa-cog",tooltip:"",with_number:false,onclick:function(){alert("clicked")},onunload:null,visible:true},location:"iconbar",initialize:function(e){if(e){this.options=_.defaults(e,this.options)}this.setElement($(this._template(this.options)));var d=this;$(this.el).find(".icon").tooltip({title:this.options.tooltip,placement:"bottom"}).on("mouseup",d.options.onclick);if(!this.options.visible){this.hide()}},show:function(){$(this.el).css({visibility:"visible"})},hide:function(){$(this.el).css({visibility:"hidden"})},icon:function(d){$(this.el).find(".icon").removeClass(this.options.icon).addClass(d);this.options.icon=d},toggle:function(){$(this.el).addClass("toggle")},untoggle:function(){$(this.el).removeClass("toggle")},number:function(d){$(this.el).find(".number").text(d)},_template:function(e){var d='<div id="'+e.id+'" class="symbol"><div class="icon fa fa-2x '+e.icon+'"></div>';if(e.with_number){d+='<div class="number"></div>'}d+="</div>";return d}});var c=Backbone.View.extend({options:{id:"",title:"",target:"_parent",content:"",type:"url",scratchbook:false,onunload:null,visible:true,disabled:false,title_attribute:""},location:"navbar",$menu:null,events:{"click .head":"_head"},initialize:function(d){if(d){this.options=_.defaults(d,this.options)}if(this.options.content!==undefined&&this.options.content.indexOf("//")===-1){this.options.content=galaxy_config.root+this.options.content}this.setElement($(this._template(this.options)));if(this.options.disabled){$(this.el).find(".root").addClass("disabled");this._attachPopover()}if(!this.options.visible){this.hide()}},show:function(){$(this.el).css({visibility:"visible"})},hide:function(){$(this.el).css({visibility:"hidden"})},add:function(f){var g={title:"Title",content:"",type:"url",target:"_parent",scratchbook:false,divider:false};if(f){g=_.defaults(f,g)}if(g.content&&g.content.indexOf("//")===-1){g.content=galaxy_config.root+g.content}if(!this.$menu){$(this.el).find(".root").append(this._templateMenu());$(this.el).find(".symbol").addClass("caret");this.$menu=$(this.el).find(".popup")}var e=$(this._templateMenuItem(g));this.$menu.append(e);var d=this;e.on("click",function(h){h.preventDefault();if(d.options.target==="_blank"){return true}Galaxy.frame.add(f)});if(g.divider){this.$menu.append($(this._templateDivider()))}},_head:function(d){d.preventDefault();if(this.options.disabled){return}if(!this.$menu){Galaxy.frame.add(this.options)}},_attachPopover:function(){var d=$(this.el).find(".head");d.popover({html:true,content:'Please <a href="'+galaxy_config.root+'/user/login">log in</a> or <a href="'+galaxy_config.root+'/user/create">register</a> to use this feature.',placement:"bottom"}).on("shown.bs.popover",function(){setTimeout(function(){d.popover("hide")},5000)})},_templateMenuItem:function(d){return'<li><a href="'+d.content+'" target="'+d.target+'">'+d.title+"</a></li>"},_templateMenu:function(){return'<ul class="popup dropdown-menu"></ul>'},_templateDivider:function(){return'<li class="divider"></li>'},_template:function(e){var d='<ul id="'+e.id+'" class="nav navbar-nav" border="0" cellspacing="0"><li class="root dropdown" style=""><a class="head dropdown-toggle" data-toggle="dropdown" target="'+e.target+'" href="'+e.content+'" title="'+e.title_attribute+'">'+e.title+'<b class="symbol"></b></a></li></ul>';return d}});return{GalaxyMasthead:a,GalaxyMastheadTab:c,GalaxyMastheadIcon:b}}); \ No newline at end of file diff -r ce8a617dcdb199e97e7d4249f548e78a4530d18a -r bfa13d090966889c74512497bfcaafb732c08a41 static/scripts/packed/galaxy.menu.js --- a/static/scripts/packed/galaxy.menu.js +++ b/static/scripts/packed/galaxy.menu.js @@ -1,1 +1,1 @@ -define(["galaxy.masthead"],function(b){var a=Backbone.Model.extend({options:null,masthead:null,initialize:function(c){this.options=c.config;this.masthead=c.masthead;this.create()},create:function(){var e=new b.GalaxyMastheadTab({id:"analysis",title:"Analyze Data",content:"",title_attribute:"Analysis home view"});this.masthead.append(e);var g={id:"workflow",title:"Workflow",content:"workflow",title_attribute:"Chain tools into workflows"};if(!this.options.user.valid){g.disabled=true}var d=new b.GalaxyMastheadTab(g);this.masthead.append(d);var i=new b.GalaxyMastheadTab({id:"shared",title:"Shared Data",content:"library/index",title_attribute:"Access published resources"});i.add({title:"Data Libraries",content:"library/index"});i.add({title:"Data Libraries Beta",content:"library/list",divider:true});i.add({title:"Published Histories",content:"history/list_published"});i.add({title:"Published Workflows",content:"workflow/list_published"});i.add({title:"Published Visualizations",content:"visualization/list_published"});i.add({title:"Published Pages",content:"page/list_published"});this.masthead.append(i);if(this.options.user.requests){var j=new b.GalaxyMastheadTab({id:"lab",title:"Lab"});j.add({title:"Sequencing Requests",content:"requests/index"});j.add({title:"Find Samples",content:"requests/find_samples_index"});j.add({title:"Help",content:this.options.lims_doc_url});this.masthead.append(j)}var c={id:"visualization",title:"Visualization",content:"visualization/list",title_attribute:"Visualize datasets"};if(!this.options.user.valid){c.disabled=true}var m=new b.GalaxyMastheadTab(c);if(this.options.user.valid){m.add({title:"New Track Browser",content:"visualization/trackster",target:"_frame"});m.add({title:"Saved Visualizations",content:"visualization/list",target:"_frame"})}this.masthead.append(m);if(this.options.enable_cloud_launch){var f=new b.GalaxyMastheadTab({id:"cloud",title:"Cloud",content:"cloudlaunch/index"});f.add({title:"New Cloud Cluster",content:"cloudlaunch/index"});this.masthead.append(f)}if(this.options.is_admin_user){var h=new b.GalaxyMastheadTab({id:"admin",title:"Admin",content:"admin/index",extra_class:"admin-only",title_attribute:"Administer this Galaxy"});this.masthead.append(h)}var l=new b.GalaxyMastheadTab({id:"help",title:"Help",title_attribute:"Support, contact, and community hubs"});if(this.options.biostar_url){l.add({title:"Galaxy Biostar",content:this.options.biostar_url_redirect,target:"_blank"});l.add({title:"Ask a question",content:"biostar/biostar_question_redirect",target:"_blank"})}l.add({title:"Support",content:this.options.support_url,target:"_blank"});l.add({title:"Search",content:this.options.search_url,target:"_blank"});l.add({title:"Mailing Lists",content:this.options.mailing_lists,target:"_blank"});l.add({title:"Videos",content:this.options.screencasts_url,target:"_blank"});l.add({title:"Wiki",content:this.options.wiki_url,target:"_blank"});l.add({title:"How to Cite Galaxy",content:this.options.citation_url,target:"_blank"});if(this.options.terms_url){l.add({title:"Terms and Conditions",content:this.options.terms_url,target:"_blank"})}this.masthead.append(l);if(!this.options.user.valid){var k=new b.GalaxyMastheadTab({id:"user",title:"User",extra_class:"loggedout-only",title_attribute:"Account registration or login"});k.add({title:"Login",content:"user/login",target:"galaxy_main"});if(this.options.allow_user_creation){k.add({title:"Register",content:"user/create",target:"galaxy_main"})}this.masthead.append(k)}else{var k=new b.GalaxyMastheadTab({id:"user",title:"User",extra_class:"loggedin-only",title_attribute:"Account preferences and saved data"});k.add({title:"Logged in as "+this.options.user.email});k.add({title:"Preferences",content:"user?cntrller=user",target:"galaxy_main"});k.add({title:"Custom Builds",content:"user/dbkeys",target:"galaxy_main"});k.add({title:"Logout",content:"user/logout",target:"_top",divider:true});k.add({title:"Saved Histories",content:"history/list",target:"galaxy_main"});k.add({title:"Saved Datasets",content:"dataset/list",target:"galaxy_main"});k.add({title:"Saved Pages",content:"page/list",target:"_top"});k.add({title:"API Keys",content:"user/api_keys?cntrller=user",target:"galaxy_main"});if(this.options.use_remote_user){k.add({title:"Public Name",content:"user/edit_username?cntrller=user",target:"galaxy_main"})}this.masthead.append(k)}if(this.options.active_view){this.masthead.highlight(this.options.active_view)}}});return{GalaxyMenu:a}}); \ No newline at end of file +define(["galaxy.masthead"],function(b){var a=Backbone.Model.extend({options:null,masthead:null,initialize:function(c){this.options=c.config;this.masthead=c.masthead;this.create()},create:function(){var e=new b.GalaxyMastheadTab({id:"analysis",title:"Analyze Data",content:"",title_attribute:"Analysis home view"});this.masthead.append(e);var g={id:"workflow",title:"Workflow",content:"workflow",title_attribute:"Chain tools into workflows"};if(!this.options.user.valid){g.disabled=true}var d=new b.GalaxyMastheadTab(g);this.masthead.append(d);var i=new b.GalaxyMastheadTab({id:"shared",title:"Shared Data",content:"library/index",title_attribute:"Access published resources"});i.add({title:"Data Libraries",content:"library/index"});i.add({title:"Data Libraries Beta",content:"library/list",divider:true});i.add({title:"Published Histories",content:"history/list_published"});i.add({title:"Published Workflows",content:"workflow/list_published"});i.add({title:"Published Visualizations",content:"visualization/list_published"});i.add({title:"Published Pages",content:"page/list_published"});this.masthead.append(i);if(this.options.user.requests){var j=new b.GalaxyMastheadTab({id:"lab",title:"Lab"});j.add({title:"Sequencing Requests",content:"requests/index"});j.add({title:"Find Samples",content:"requests/find_samples_index"});j.add({title:"Help",content:this.options.lims_doc_url});this.masthead.append(j)}var c={id:"visualization",title:"Visualization",content:"visualization/list",title_attribute:"Visualize datasets"};if(!this.options.user.valid){c.disabled=true}var m=new b.GalaxyMastheadTab(c);if(this.options.user.valid){m.add({title:"New Track Browser",content:"visualization/trackster",target:"_frame"});m.add({title:"Saved Visualizations",content:"visualization/list",target:"_frame"})}this.masthead.append(m);if(this.options.enable_cloud_launch){var f=new b.GalaxyMastheadTab({id:"cloud",title:"Cloud",content:"cloudlaunch/index"});f.add({title:"New Cloud Cluster",content:"cloudlaunch/index"});this.masthead.append(f)}if(this.options.is_admin_user){var h=new b.GalaxyMastheadTab({id:"admin",title:"Admin",content:"admin",extra_class:"admin-only",title_attribute:"Administer this Galaxy"});this.masthead.append(h)}var l=new b.GalaxyMastheadTab({id:"help",title:"Help",title_attribute:"Support, contact, and community hubs"});if(this.options.biostar_url){l.add({title:"Galaxy Biostar",content:this.options.biostar_url_redirect,target:"_blank"});l.add({title:"Ask a question",content:"biostar/biostar_question_redirect",target:"_blank"})}l.add({title:"Support",content:this.options.support_url,target:"_blank"});l.add({title:"Search",content:this.options.search_url,target:"_blank"});l.add({title:"Mailing Lists",content:this.options.mailing_lists,target:"_blank"});l.add({title:"Videos",content:this.options.screencasts_url,target:"_blank"});l.add({title:"Wiki",content:this.options.wiki_url,target:"_blank"});l.add({title:"How to Cite Galaxy",content:this.options.citation_url,target:"_blank"});if(this.options.terms_url){l.add({title:"Terms and Conditions",content:this.options.terms_url,target:"_blank"})}this.masthead.append(l);if(!this.options.user.valid){var k=new b.GalaxyMastheadTab({id:"user",title:"User",extra_class:"loggedout-only",title_attribute:"Account registration or login"});k.add({title:"Login",content:"user/login",target:"galaxy_main"});if(this.options.allow_user_creation){k.add({title:"Register",content:"user/create",target:"galaxy_main"})}this.masthead.append(k)}else{var k=new b.GalaxyMastheadTab({id:"user",title:"User",extra_class:"loggedin-only",title_attribute:"Account preferences and saved data"});k.add({title:"Logged in as "+this.options.user.email});k.add({title:"Preferences",content:"user?cntrller=user",target:"galaxy_main"});k.add({title:"Custom Builds",content:"user/dbkeys",target:"galaxy_main"});k.add({title:"Logout",content:"user/logout",target:"_top",divider:true});k.add({title:"Saved Histories",content:"history/list",target:"galaxy_main"});k.add({title:"Saved Datasets",content:"dataset/list",target:"galaxy_main"});k.add({title:"Saved Pages",content:"page/list",target:"_top"});k.add({title:"API Keys",content:"user/api_keys?cntrller=user",target:"galaxy_main"});if(this.options.use_remote_user){k.add({title:"Public Name",content:"user/edit_username?cntrller=user",target:"galaxy_main"})}this.masthead.append(k)}if(this.options.active_view){this.masthead.highlight(this.options.active_view)}}});return{GalaxyMenu:a}}); \ No newline at end of file Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.

1 0

commit/galaxy-central: 3 new changesets
by commits-noreply＠bitbucket.org 25 Nov '14

25 Nov '14

3 new commits in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/ba9188b955ef/ Changeset: ba9188b955ef Branch: next-stable User: dannon Date: 2014-11-25 20:14:25+00:00 Summary: Referer-in-okmessage reflective xss fix Affected #: 4 files diff -r b017300f1867b23c4e77fa3810a7cdbf196e7de1 -r ba9188b955ef5fadbf261271555297b7ba57c162 lib/galaxy/webapps/galaxy/controllers/dataset.py --- a/lib/galaxy/webapps/galaxy/controllers/dataset.py +++ b/lib/galaxy/webapps/galaxy/controllers/dataset.py @@ -9,8 +9,7 @@ from galaxy.util.sanitize_html import sanitize_html from galaxy.util.json import loads from galaxy.web.base.controller import BaseUIController, ERROR, SUCCESS, url_for, UsesHistoryDatasetAssociationMixin, UsesHistoryMixin, UsesExtendedMetadataMixin -from galaxy.web.framework.helpers import grids, iff, time_ago -from galaxy.web.framework.helpers import to_unicode +from galaxy.web.framework.helpers import grids, iff, time_ago, to_unicode, escape from galaxy.tools.errors import EmailErrorReporter eggs.require( "Paste" ) @@ -506,7 +505,7 @@ # Set referer message. referer = trans.request.referer if referer is not "": - referer_message = "<a href='%s'>return to the previous page</a>" % referer + referer_message = "<a href='%s'>return to the previous page</a>" % escape(referer) else: referer_message = "<a href='%s'>go to Galaxy's start page</a>" % url_for( '/' ) # Error checking. diff -r b017300f1867b23c4e77fa3810a7cdbf196e7de1 -r ba9188b955ef5fadbf261271555297b7ba57c162 lib/galaxy/webapps/galaxy/controllers/history.py --- a/lib/galaxy/webapps/galaxy/controllers/history.py +++ b/lib/galaxy/webapps/galaxy/controllers/history.py @@ -19,7 +19,7 @@ from galaxy.web.base.controller import ExportsHistoryMixin from galaxy.web.base.controller import ImportsHistoryMixin from galaxy.web.base.controller import ERROR, INFO, SUCCESS, WARNING -from galaxy.web.framework.helpers import grids, iff, time_ago +from galaxy.web.framework.helpers import grids, iff, time_ago, escape log = logging.getLogger( __name__ ) @@ -1291,7 +1291,7 @@ else: referer = trans.request.referer if referer is not "": - referer_message = "<a href='%s'>return to the previous page</a>" % referer + referer_message = "<a href='%s'>return to the previous page</a>" % escape(referer) else: referer_message = "<a href='%s'>go to Galaxy's start page</a>" % url_for( '/' ) diff -r b017300f1867b23c4e77fa3810a7cdbf196e7de1 -r ba9188b955ef5fadbf261271555297b7ba57c162 lib/galaxy/webapps/galaxy/controllers/visualization.py --- a/lib/galaxy/webapps/galaxy/controllers/visualization.py +++ b/lib/galaxy/webapps/galaxy/controllers/visualization.py @@ -9,7 +9,7 @@ from galaxy import model, web from galaxy.model.item_attrs import UsesAnnotations, UsesItemRatings from galaxy.web.base.controller import BaseUIController, SharableMixin, UsesVisualizationMixin -from galaxy.web.framework.helpers import time_ago, grids +from galaxy.web.framework.helpers import time_ago, grids, escape from galaxy import util from galaxy.datatypes.interval import Bed from galaxy.util.json import loads @@ -123,7 +123,7 @@ # or_( "metadata like '%%\"dbkey\": [\"?\"]%%'", "metadata like '%%\"dbkey\": \"?\"%%'" ) \ # ) # ) - + class HistoryColumn( grids.GridColumn ): """ Column for filtering by history id. """ @@ -360,7 +360,7 @@ @web.expose @web.require_login( "use Galaxy visualizations", use_panels=True ) def list( self, trans, *args, **kwargs ): - + # Handle operation if 'operation' in kwargs and 'id' in kwargs: session = trans.sa_session @@ -388,7 +388,7 @@ kwargs[ 'embedded' ] = True grid = self._user_list_grid( trans, *args, **kwargs ) return trans.fill_template( "visualization/list.mako", embedded_grid=grid, shared_by_others=shared_by_others ) - + # # -- Functions for operating on visualizations. -- # @@ -459,7 +459,7 @@ # Set referer message. referer = trans.request.referer if referer is not "": - referer_message = "<a href='%s'>return to the previous page</a>" % referer + referer_message = "<a href='%s'>return to the previous page</a>" % escape(referer) else: referer_message = "<a href='%s'>go to Galaxy's start page</a>" % web.url_for( '/' ) diff -r b017300f1867b23c4e77fa3810a7cdbf196e7de1 -r ba9188b955ef5fadbf261271555297b7ba57c162 lib/galaxy/webapps/galaxy/controllers/workflow.py --- a/lib/galaxy/webapps/galaxy/controllers/workflow.py +++ b/lib/galaxy/webapps/galaxy/controllers/workflow.py @@ -22,8 +22,7 @@ from galaxy.web import error, url_for from galaxy.web.base.controller import BaseUIController, SharableMixin, UsesStoredWorkflowMixin from galaxy.web.framework.formbuilder import form -from galaxy.web.framework.helpers import grids, time_ago -from galaxy.web.framework.helpers import to_unicode +from galaxy.web.framework.helpers import grids, time_ago, to_unicode, escape from galaxy.workflow.modules import WorkflowModuleInjector from galaxy.workflow.modules import MissingToolException from galaxy.workflow.modules import module_factory, is_tool_module_type @@ -389,7 +388,7 @@ # Set referer message. referer = trans.request.referer if referer is not "": - referer_message = "<a href='%s'>return to the previous page</a>" % referer + referer_message = "<a href='%s'>return to the previous page</a>" % escape(referer) else: referer_message = "<a href='%s'>go to Galaxy's start page</a>" % url_for( '/' ) https://bitbucket.org/galaxy/galaxy-central/commits/7c635c1a08ad/ Changeset: 7c635c1a08ad Branch: next-stable User: dannon Date: 2014-11-25 20:14:58+00:00 Summary: Referer-in-logout reflective xss fix. Affected #: 1 file diff -r ba9188b955ef5fadbf261271555297b7ba57c162 -r 7c635c1a08adb89bc968bffb1a57bdf4ed1f825d lib/galaxy/webapps/galaxy/controllers/user.py --- a/lib/galaxy/webapps/galaxy/controllers/user.py +++ b/lib/galaxy/webapps/galaxy/controllers/user.py @@ -611,8 +611,8 @@ else: refresh_frames = [ 'masthead' ] trans.handle_user_logout( logout_all=logout_all ) - message = 'You have been logged out.<br>You can log in again, <a target="_top" href="%s">go back to the page you were visiting</a> or <a target="_top" href="%s">go to the home page</a>.' % \ - ( trans.request.referer, url_for( '/' ) ) + message = 'You have been logged out.<br>To log in again <a target="_top" href="%s">go to the home page</a>.' % \ + ( url_for( '/' ) ) if biostar.biostar_logged_in( trans ): biostar_url = biostar.biostar_logout( trans ) if biostar_url: https://bitbucket.org/galaxy/galaxy-central/commits/2d80e9cfb833/ Changeset: 2d80e9cfb833 Branch: next-stable User: dannon Date: 2014-11-25 20:25:25+00:00 Summary: Merge. Affected #: 6 files diff -r 7c635c1a08adb89bc968bffb1a57bdf4ed1f825d -r 2d80e9cfb833b7cf50d5f60ae77368bc966ca29a client/galaxy/scripts/galaxy.masthead.js --- a/client/galaxy/scripts/galaxy.masthead.js +++ b/client/galaxy/scripts/galaxy.masthead.js @@ -251,28 +251,31 @@ }, // initialize - initialize: function (options){ + initialize: function ( options ){ // read in defaults - if (options) - this.options = _.defaults(options, this.options); - + if ( options ){ + this.options = _.defaults( options, this.options ); + } + // update url - if (this.options.content && this.options.content.indexOf('//') === -1) + if ( this.options.content !== undefined && this.options.content.indexOf( '//' ) === -1 ){ this.options.content = galaxy_config.root + this.options.content; + } // add template for tab - this.setElement($(this._template(this.options))); + this.setElement( $( this._template( this.options ) ) ); // disable menu items that are not available to anonymous user // also show title to explain why they are disabled - if (this.options.disabled){ - $(this.el).find('.root').addClass('disabled'); + if ( this.options.disabled ){ + $( this.el ).find( '.root' ).addClass( 'disabled' ); this._attachPopover(); } // visiblity - if (!this.options.visible) + if ( !this.options.visible ){ this.hide(); + } }, // show diff -r 7c635c1a08adb89bc968bffb1a57bdf4ed1f825d -r 2d80e9cfb833b7cf50d5f60ae77368bc966ca29a client/galaxy/scripts/galaxy.menu.js --- a/client/galaxy/scripts/galaxy.menu.js +++ b/client/galaxy/scripts/galaxy.menu.js @@ -167,7 +167,7 @@ var tab_admin = new mod_masthead.GalaxyMastheadTab({ id : "admin", title : "Admin", - content : "admin/index", + content : "admin", extra_class : "admin-only", title_attribute : 'Administer this Galaxy' }); diff -r 7c635c1a08adb89bc968bffb1a57bdf4ed1f825d -r 2d80e9cfb833b7cf50d5f60ae77368bc966ca29a static/scripts/galaxy.masthead.js --- a/static/scripts/galaxy.masthead.js +++ b/static/scripts/galaxy.masthead.js @@ -251,28 +251,31 @@ }, // initialize - initialize: function (options){ + initialize: function ( options ){ // read in defaults - if (options) - this.options = _.defaults(options, this.options); - + if ( options ){ + this.options = _.defaults( options, this.options ); + } + // update url - if (this.options.content && this.options.content.indexOf('//') === -1) + if ( this.options.content !== undefined && this.options.content.indexOf( '//' ) === -1 ){ this.options.content = galaxy_config.root + this.options.content; + } // add template for tab - this.setElement($(this._template(this.options))); + this.setElement( $( this._template( this.options ) ) ); // disable menu items that are not available to anonymous user // also show title to explain why they are disabled - if (this.options.disabled){ - $(this.el).find('.root').addClass('disabled'); + if ( this.options.disabled ){ + $( this.el ).find( '.root' ).addClass( 'disabled' ); this._attachPopover(); } // visiblity - if (!this.options.visible) + if ( !this.options.visible ){ this.hide(); + } }, // show diff -r 7c635c1a08adb89bc968bffb1a57bdf4ed1f825d -r 2d80e9cfb833b7cf50d5f60ae77368bc966ca29a static/scripts/galaxy.menu.js --- a/static/scripts/galaxy.menu.js +++ b/static/scripts/galaxy.menu.js @@ -167,7 +167,7 @@ var tab_admin = new mod_masthead.GalaxyMastheadTab({ id : "admin", title : "Admin", - content : "admin/index", + content : "admin", extra_class : "admin-only", title_attribute : 'Administer this Galaxy' }); diff -r 7c635c1a08adb89bc968bffb1a57bdf4ed1f825d -r 2d80e9cfb833b7cf50d5f60ae77368bc966ca29a static/scripts/packed/galaxy.masthead.js --- a/static/scripts/packed/galaxy.masthead.js +++ b/static/scripts/packed/galaxy.masthead.js @@ -1,1 +1,1 @@ -define([],function(){var a=Backbone.View.extend({el_masthead:"#everything",options:null,$background:null,list:[],initialize:function(e){this.options=e;$("body").off();this.setElement($(this._template(e)));$(this.el_masthead).append($(this.el));this.$background=$(this.el).find("#masthead-background");var d=this;$(window).on("beforeunload",function(){var g="";for(key in d.list){if(d.list[key].options.onunload){var f=d.list[key].options.onunload();if(f){g+=f+" "}}}if(g!=""){return g}})},events:{click:"_click",mousedown:function(d){d.preventDefault()}},append:function(d){return this._add(d,true)},prepend:function(d){return this._add(d,false)},highlight:function(e){var d=$(this.el).find("#"+e+"> li");if(d){d.addClass("active")}},_add:function(g,e){var d=$(this.el).find("#"+g.location);if(d){var f=$(g.el);f.addClass("masthead-item");if(e){d.append(f)}else{d.prepend(f)}this.list.push(g)}return null},_click:function(g){var f=$(this.el).find(".popup");if(f){f.hide()}var d=$(g.target).closest(".masthead-item").find(".popup");if($(g.target).hasClass("head")){d.show();this.$background.show()}else{this.$background.hide()}},_template:function(d){var e=d.brand?("/ "+d.brand):"";return'<div><div id="masthead" class="navbar navbar-fixed-top navbar-inverse"><div style="position: relative; right: -50%; float: left;"><div id="navbar" style="display: block; position: relative; right: 50%;"></div></div><div class="navbar-brand"><a href="'+d.logo_url+'"><img border="0" src="'+galaxy_config.root+'static/images/galaxyIcon_noText.png"><span id="brand"> Galaxy '+e+'</span></a></div><div class="quota-meter-container"></div><div id="iconbar" class="iconbar"></div></div><div id="masthead-background" style="display: none; position: absolute; top: 33px; width: 100%; height: 100%; z-index: 1010"></div></div>'}});var b=Backbone.View.extend({options:{id:"",icon:"fa-cog",tooltip:"",with_number:false,onclick:function(){alert("clicked")},onunload:null,visible:true},location:"iconbar",initialize:function(e){if(e){this.options=_.defaults(e,this.options)}this.setElement($(this._template(this.options)));var d=this;$(this.el).find(".icon").tooltip({title:this.options.tooltip,placement:"bottom"}).on("mouseup",d.options.onclick);if(!this.options.visible){this.hide()}},show:function(){$(this.el).css({visibility:"visible"})},hide:function(){$(this.el).css({visibility:"hidden"})},icon:function(d){$(this.el).find(".icon").removeClass(this.options.icon).addClass(d);this.options.icon=d},toggle:function(){$(this.el).addClass("toggle")},untoggle:function(){$(this.el).removeClass("toggle")},number:function(d){$(this.el).find(".number").text(d)},_template:function(e){var d='<div id="'+e.id+'" class="symbol"><div class="icon fa fa-2x '+e.icon+'"></div>';if(e.with_number){d+='<div class="number"></div>'}d+="</div>";return d}});var c=Backbone.View.extend({options:{id:"",title:"",target:"_parent",content:"",type:"url",scratchbook:false,onunload:null,visible:true,disabled:false,title_attribute:""},location:"navbar",$menu:null,events:{"click .head":"_head"},initialize:function(d){if(d){this.options=_.defaults(d,this.options)}if(this.options.content&&this.options.content.indexOf("//")===-1){this.options.content=galaxy_config.root+this.options.content}this.setElement($(this._template(this.options)));if(this.options.disabled){$(this.el).find(".root").addClass("disabled");this._attachPopover()}if(!this.options.visible){this.hide()}},show:function(){$(this.el).css({visibility:"visible"})},hide:function(){$(this.el).css({visibility:"hidden"})},add:function(f){var g={title:"Title",content:"",type:"url",target:"_parent",scratchbook:false,divider:false};if(f){g=_.defaults(f,g)}if(g.content&&g.content.indexOf("//")===-1){g.content=galaxy_config.root+g.content}if(!this.$menu){$(this.el).find(".root").append(this._templateMenu());$(this.el).find(".symbol").addClass("caret");this.$menu=$(this.el).find(".popup")}var e=$(this._templateMenuItem(g));this.$menu.append(e);var d=this;e.on("click",function(h){h.preventDefault();if(d.options.target==="_blank"){return true}Galaxy.frame.add(f)});if(g.divider){this.$menu.append($(this._templateDivider()))}},_head:function(d){d.preventDefault();if(this.options.disabled){return}if(!this.$menu){Galaxy.frame.add(this.options)}},_attachPopover:function(){var d=$(this.el).find(".head");d.popover({html:true,content:'Please <a href="'+galaxy_config.root+'/user/login">log in</a> or <a href="'+galaxy_config.root+'/user/create">register</a> to use this feature.',placement:"bottom"}).on("shown.bs.popover",function(){setTimeout(function(){d.popover("hide")},5000)})},_templateMenuItem:function(d){return'<li><a href="'+d.content+'" target="'+d.target+'">'+d.title+"</a></li>"},_templateMenu:function(){return'<ul class="popup dropdown-menu"></ul>'},_templateDivider:function(){return'<li class="divider"></li>'},_template:function(e){var d='<ul id="'+e.id+'" class="nav navbar-nav" border="0" cellspacing="0"><li class="root dropdown" style=""><a class="head dropdown-toggle" data-toggle="dropdown" target="'+e.target+'" href="'+e.content+'" title="'+e.title_attribute+'">'+e.title+'<b class="symbol"></b></a></li></ul>';return d}});return{GalaxyMasthead:a,GalaxyMastheadTab:c,GalaxyMastheadIcon:b}}); \ No newline at end of file +define([],function(){var a=Backbone.View.extend({el_masthead:"#everything",options:null,$background:null,list:[],initialize:function(e){this.options=e;$("body").off();this.setElement($(this._template(e)));$(this.el_masthead).append($(this.el));this.$background=$(this.el).find("#masthead-background");var d=this;$(window).on("beforeunload",function(){var g="";for(key in d.list){if(d.list[key].options.onunload){var f=d.list[key].options.onunload();if(f){g+=f+" "}}}if(g!=""){return g}})},events:{click:"_click",mousedown:function(d){d.preventDefault()}},append:function(d){return this._add(d,true)},prepend:function(d){return this._add(d,false)},highlight:function(e){var d=$(this.el).find("#"+e+"> li");if(d){d.addClass("active")}},_add:function(g,e){var d=$(this.el).find("#"+g.location);if(d){var f=$(g.el);f.addClass("masthead-item");if(e){d.append(f)}else{d.prepend(f)}this.list.push(g)}return null},_click:function(g){var f=$(this.el).find(".popup");if(f){f.hide()}var d=$(g.target).closest(".masthead-item").find(".popup");if($(g.target).hasClass("head")){d.show();this.$background.show()}else{this.$background.hide()}},_template:function(d){var e=d.brand?("/ "+d.brand):"";return'<div><div id="masthead" class="navbar navbar-fixed-top navbar-inverse"><div style="position: relative; right: -50%; float: left;"><div id="navbar" style="display: block; position: relative; right: 50%;"></div></div><div class="navbar-brand"><a href="'+d.logo_url+'"><img border="0" src="'+galaxy_config.root+'static/images/galaxyIcon_noText.png"><span id="brand"> Galaxy '+e+'</span></a></div><div class="quota-meter-container"></div><div id="iconbar" class="iconbar"></div></div><div id="masthead-background" style="display: none; position: absolute; top: 33px; width: 100%; height: 100%; z-index: 1010"></div></div>'}});var b=Backbone.View.extend({options:{id:"",icon:"fa-cog",tooltip:"",with_number:false,onclick:function(){alert("clicked")},onunload:null,visible:true},location:"iconbar",initialize:function(e){if(e){this.options=_.defaults(e,this.options)}this.setElement($(this._template(this.options)));var d=this;$(this.el).find(".icon").tooltip({title:this.options.tooltip,placement:"bottom"}).on("mouseup",d.options.onclick);if(!this.options.visible){this.hide()}},show:function(){$(this.el).css({visibility:"visible"})},hide:function(){$(this.el).css({visibility:"hidden"})},icon:function(d){$(this.el).find(".icon").removeClass(this.options.icon).addClass(d);this.options.icon=d},toggle:function(){$(this.el).addClass("toggle")},untoggle:function(){$(this.el).removeClass("toggle")},number:function(d){$(this.el).find(".number").text(d)},_template:function(e){var d='<div id="'+e.id+'" class="symbol"><div class="icon fa fa-2x '+e.icon+'"></div>';if(e.with_number){d+='<div class="number"></div>'}d+="</div>";return d}});var c=Backbone.View.extend({options:{id:"",title:"",target:"_parent",content:"",type:"url",scratchbook:false,onunload:null,visible:true,disabled:false,title_attribute:""},location:"navbar",$menu:null,events:{"click .head":"_head"},initialize:function(d){if(d){this.options=_.defaults(d,this.options)}if(this.options.content!==undefined&&this.options.content.indexOf("//")===-1){this.options.content=galaxy_config.root+this.options.content}this.setElement($(this._template(this.options)));if(this.options.disabled){$(this.el).find(".root").addClass("disabled");this._attachPopover()}if(!this.options.visible){this.hide()}},show:function(){$(this.el).css({visibility:"visible"})},hide:function(){$(this.el).css({visibility:"hidden"})},add:function(f){var g={title:"Title",content:"",type:"url",target:"_parent",scratchbook:false,divider:false};if(f){g=_.defaults(f,g)}if(g.content&&g.content.indexOf("//")===-1){g.content=galaxy_config.root+g.content}if(!this.$menu){$(this.el).find(".root").append(this._templateMenu());$(this.el).find(".symbol").addClass("caret");this.$menu=$(this.el).find(".popup")}var e=$(this._templateMenuItem(g));this.$menu.append(e);var d=this;e.on("click",function(h){h.preventDefault();if(d.options.target==="_blank"){return true}Galaxy.frame.add(f)});if(g.divider){this.$menu.append($(this._templateDivider()))}},_head:function(d){d.preventDefault();if(this.options.disabled){return}if(!this.$menu){Galaxy.frame.add(this.options)}},_attachPopover:function(){var d=$(this.el).find(".head");d.popover({html:true,content:'Please <a href="'+galaxy_config.root+'/user/login">log in</a> or <a href="'+galaxy_config.root+'/user/create">register</a> to use this feature.',placement:"bottom"}).on("shown.bs.popover",function(){setTimeout(function(){d.popover("hide")},5000)})},_templateMenuItem:function(d){return'<li><a href="'+d.content+'" target="'+d.target+'">'+d.title+"</a></li>"},_templateMenu:function(){return'<ul class="popup dropdown-menu"></ul>'},_templateDivider:function(){return'<li class="divider"></li>'},_template:function(e){var d='<ul id="'+e.id+'" class="nav navbar-nav" border="0" cellspacing="0"><li class="root dropdown" style=""><a class="head dropdown-toggle" data-toggle="dropdown" target="'+e.target+'" href="'+e.content+'" title="'+e.title_attribute+'">'+e.title+'<b class="symbol"></b></a></li></ul>';return d}});return{GalaxyMasthead:a,GalaxyMastheadTab:c,GalaxyMastheadIcon:b}}); \ No newline at end of file diff -r 7c635c1a08adb89bc968bffb1a57bdf4ed1f825d -r 2d80e9cfb833b7cf50d5f60ae77368bc966ca29a static/scripts/packed/galaxy.menu.js --- a/static/scripts/packed/galaxy.menu.js +++ b/static/scripts/packed/galaxy.menu.js @@ -1,1 +1,1 @@ -define(["galaxy.masthead"],function(b){var a=Backbone.Model.extend({options:null,masthead:null,initialize:function(c){this.options=c.config;this.masthead=c.masthead;this.create()},create:function(){var e=new b.GalaxyMastheadTab({id:"analysis",title:"Analyze Data",content:"",title_attribute:"Analysis home view"});this.masthead.append(e);var g={id:"workflow",title:"Workflow",content:"workflow",title_attribute:"Chain tools into workflows"};if(!this.options.user.valid){g.disabled=true}var d=new b.GalaxyMastheadTab(g);this.masthead.append(d);var i=new b.GalaxyMastheadTab({id:"shared",title:"Shared Data",content:"library/index",title_attribute:"Access published resources"});i.add({title:"Data Libraries",content:"library/index"});i.add({title:"Data Libraries Beta",content:"library/list",divider:true});i.add({title:"Published Histories",content:"history/list_published"});i.add({title:"Published Workflows",content:"workflow/list_published"});i.add({title:"Published Visualizations",content:"visualization/list_published"});i.add({title:"Published Pages",content:"page/list_published"});this.masthead.append(i);if(this.options.user.requests){var j=new b.GalaxyMastheadTab({id:"lab",title:"Lab"});j.add({title:"Sequencing Requests",content:"requests/index"});j.add({title:"Find Samples",content:"requests/find_samples_index"});j.add({title:"Help",content:this.options.lims_doc_url});this.masthead.append(j)}var c={id:"visualization",title:"Visualization",content:"visualization/list",title_attribute:"Visualize datasets"};if(!this.options.user.valid){c.disabled=true}var m=new b.GalaxyMastheadTab(c);if(this.options.user.valid){m.add({title:"New Track Browser",content:"visualization/trackster",target:"_frame"});m.add({title:"Saved Visualizations",content:"visualization/list",target:"_frame"})}this.masthead.append(m);if(this.options.enable_cloud_launch){var f=new b.GalaxyMastheadTab({id:"cloud",title:"Cloud",content:"cloudlaunch/index"});f.add({title:"New Cloud Cluster",content:"cloudlaunch/index"});this.masthead.append(f)}if(this.options.is_admin_user){var h=new b.GalaxyMastheadTab({id:"admin",title:"Admin",content:"admin/index",extra_class:"admin-only",title_attribute:"Administer this Galaxy"});this.masthead.append(h)}var l=new b.GalaxyMastheadTab({id:"help",title:"Help",title_attribute:"Support, contact, and community hubs"});if(this.options.biostar_url){l.add({title:"Galaxy Biostar",content:this.options.biostar_url_redirect,target:"_blank"});l.add({title:"Ask a question",content:"biostar/biostar_question_redirect",target:"_blank"})}l.add({title:"Support",content:this.options.support_url,target:"_blank"});l.add({title:"Search",content:this.options.search_url,target:"_blank"});l.add({title:"Mailing Lists",content:this.options.mailing_lists,target:"_blank"});l.add({title:"Videos",content:this.options.screencasts_url,target:"_blank"});l.add({title:"Wiki",content:this.options.wiki_url,target:"_blank"});l.add({title:"How to Cite Galaxy",content:this.options.citation_url,target:"_blank"});if(this.options.terms_url){l.add({title:"Terms and Conditions",content:this.options.terms_url,target:"_blank"})}this.masthead.append(l);if(!this.options.user.valid){var k=new b.GalaxyMastheadTab({id:"user",title:"User",extra_class:"loggedout-only",title_attribute:"Account registration or login"});k.add({title:"Login",content:"user/login",target:"galaxy_main"});if(this.options.allow_user_creation){k.add({title:"Register",content:"user/create",target:"galaxy_main"})}this.masthead.append(k)}else{var k=new b.GalaxyMastheadTab({id:"user",title:"User",extra_class:"loggedin-only",title_attribute:"Account preferences and saved data"});k.add({title:"Logged in as "+this.options.user.email});k.add({title:"Preferences",content:"user?cntrller=user",target:"galaxy_main"});k.add({title:"Custom Builds",content:"user/dbkeys",target:"galaxy_main"});k.add({title:"Logout",content:"user/logout",target:"_top",divider:true});k.add({title:"Saved Histories",content:"history/list",target:"galaxy_main"});k.add({title:"Saved Datasets",content:"dataset/list",target:"galaxy_main"});k.add({title:"Saved Pages",content:"page/list",target:"_top"});k.add({title:"API Keys",content:"user/api_keys?cntrller=user",target:"galaxy_main"});if(this.options.use_remote_user){k.add({title:"Public Name",content:"user/edit_username?cntrller=user",target:"galaxy_main"})}this.masthead.append(k)}if(this.options.active_view){this.masthead.highlight(this.options.active_view)}}});return{GalaxyMenu:a}}); \ No newline at end of file +define(["galaxy.masthead"],function(b){var a=Backbone.Model.extend({options:null,masthead:null,initialize:function(c){this.options=c.config;this.masthead=c.masthead;this.create()},create:function(){var e=new b.GalaxyMastheadTab({id:"analysis",title:"Analyze Data",content:"",title_attribute:"Analysis home view"});this.masthead.append(e);var g={id:"workflow",title:"Workflow",content:"workflow",title_attribute:"Chain tools into workflows"};if(!this.options.user.valid){g.disabled=true}var d=new b.GalaxyMastheadTab(g);this.masthead.append(d);var i=new b.GalaxyMastheadTab({id:"shared",title:"Shared Data",content:"library/index",title_attribute:"Access published resources"});i.add({title:"Data Libraries",content:"library/index"});i.add({title:"Data Libraries Beta",content:"library/list",divider:true});i.add({title:"Published Histories",content:"history/list_published"});i.add({title:"Published Workflows",content:"workflow/list_published"});i.add({title:"Published Visualizations",content:"visualization/list_published"});i.add({title:"Published Pages",content:"page/list_published"});this.masthead.append(i);if(this.options.user.requests){var j=new b.GalaxyMastheadTab({id:"lab",title:"Lab"});j.add({title:"Sequencing Requests",content:"requests/index"});j.add({title:"Find Samples",content:"requests/find_samples_index"});j.add({title:"Help",content:this.options.lims_doc_url});this.masthead.append(j)}var c={id:"visualization",title:"Visualization",content:"visualization/list",title_attribute:"Visualize datasets"};if(!this.options.user.valid){c.disabled=true}var m=new b.GalaxyMastheadTab(c);if(this.options.user.valid){m.add({title:"New Track Browser",content:"visualization/trackster",target:"_frame"});m.add({title:"Saved Visualizations",content:"visualization/list",target:"_frame"})}this.masthead.append(m);if(this.options.enable_cloud_launch){var f=new b.GalaxyMastheadTab({id:"cloud",title:"Cloud",content:"cloudlaunch/index"});f.add({title:"New Cloud Cluster",content:"cloudlaunch/index"});this.masthead.append(f)}if(this.options.is_admin_user){var h=new b.GalaxyMastheadTab({id:"admin",title:"Admin",content:"admin",extra_class:"admin-only",title_attribute:"Administer this Galaxy"});this.masthead.append(h)}var l=new b.GalaxyMastheadTab({id:"help",title:"Help",title_attribute:"Support, contact, and community hubs"});if(this.options.biostar_url){l.add({title:"Galaxy Biostar",content:this.options.biostar_url_redirect,target:"_blank"});l.add({title:"Ask a question",content:"biostar/biostar_question_redirect",target:"_blank"})}l.add({title:"Support",content:this.options.support_url,target:"_blank"});l.add({title:"Search",content:this.options.search_url,target:"_blank"});l.add({title:"Mailing Lists",content:this.options.mailing_lists,target:"_blank"});l.add({title:"Videos",content:this.options.screencasts_url,target:"_blank"});l.add({title:"Wiki",content:this.options.wiki_url,target:"_blank"});l.add({title:"How to Cite Galaxy",content:this.options.citation_url,target:"_blank"});if(this.options.terms_url){l.add({title:"Terms and Conditions",content:this.options.terms_url,target:"_blank"})}this.masthead.append(l);if(!this.options.user.valid){var k=new b.GalaxyMastheadTab({id:"user",title:"User",extra_class:"loggedout-only",title_attribute:"Account registration or login"});k.add({title:"Login",content:"user/login",target:"galaxy_main"});if(this.options.allow_user_creation){k.add({title:"Register",content:"user/create",target:"galaxy_main"})}this.masthead.append(k)}else{var k=new b.GalaxyMastheadTab({id:"user",title:"User",extra_class:"loggedin-only",title_attribute:"Account preferences and saved data"});k.add({title:"Logged in as "+this.options.user.email});k.add({title:"Preferences",content:"user?cntrller=user",target:"galaxy_main"});k.add({title:"Custom Builds",content:"user/dbkeys",target:"galaxy_main"});k.add({title:"Logout",content:"user/logout",target:"_top",divider:true});k.add({title:"Saved Histories",content:"history/list",target:"galaxy_main"});k.add({title:"Saved Datasets",content:"dataset/list",target:"galaxy_main"});k.add({title:"Saved Pages",content:"page/list",target:"_top"});k.add({title:"API Keys",content:"user/api_keys?cntrller=user",target:"galaxy_main"});if(this.options.use_remote_user){k.add({title:"Public Name",content:"user/edit_username?cntrller=user",target:"galaxy_main"})}this.masthead.append(k)}if(this.options.active_view){this.masthead.highlight(this.options.active_view)}}});return{GalaxyMenu:a}}); \ No newline at end of file Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.

1 0

commit/galaxy-central: martenson: fix the behavior of masthead.js when passed an empty string as a item content (link target)
by commits-noreply＠bitbucket.org 25 Nov '14

25 Nov '14

1 new commit in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/15f7c2ef93c1/ Changeset: 15f7c2ef93c1 Branch: next-stable User: martenson Date: 2014-11-25 20:19:08+00:00 Summary: fix the behavior of masthead.js when passed an empty string as a item content (link target) Affected #: 6 files diff -r b017300f1867b23c4e77fa3810a7cdbf196e7de1 -r 15f7c2ef93c1296aa61607fcceb190d94eb2701b client/galaxy/scripts/galaxy.masthead.js --- a/client/galaxy/scripts/galaxy.masthead.js +++ b/client/galaxy/scripts/galaxy.masthead.js @@ -251,28 +251,31 @@ }, // initialize - initialize: function (options){ + initialize: function ( options ){ // read in defaults - if (options) - this.options = _.defaults(options, this.options); - + if ( options ){ + this.options = _.defaults( options, this.options ); + } + // update url - if (this.options.content && this.options.content.indexOf('//') === -1) + if ( this.options.content !== undefined && this.options.content.indexOf( '//' ) === -1 ){ this.options.content = galaxy_config.root + this.options.content; + } // add template for tab - this.setElement($(this._template(this.options))); + this.setElement( $( this._template( this.options ) ) ); // disable menu items that are not available to anonymous user // also show title to explain why they are disabled - if (this.options.disabled){ - $(this.el).find('.root').addClass('disabled'); + if ( this.options.disabled ){ + $( this.el ).find( '.root' ).addClass( 'disabled' ); this._attachPopover(); } // visiblity - if (!this.options.visible) + if ( !this.options.visible ){ this.hide(); + } }, // show diff -r b017300f1867b23c4e77fa3810a7cdbf196e7de1 -r 15f7c2ef93c1296aa61607fcceb190d94eb2701b client/galaxy/scripts/galaxy.menu.js --- a/client/galaxy/scripts/galaxy.menu.js +++ b/client/galaxy/scripts/galaxy.menu.js @@ -167,7 +167,7 @@ var tab_admin = new mod_masthead.GalaxyMastheadTab({ id : "admin", title : "Admin", - content : "admin/index", + content : "admin", extra_class : "admin-only", title_attribute : 'Administer this Galaxy' }); diff -r b017300f1867b23c4e77fa3810a7cdbf196e7de1 -r 15f7c2ef93c1296aa61607fcceb190d94eb2701b static/scripts/galaxy.masthead.js --- a/static/scripts/galaxy.masthead.js +++ b/static/scripts/galaxy.masthead.js @@ -251,28 +251,31 @@ }, // initialize - initialize: function (options){ + initialize: function ( options ){ // read in defaults - if (options) - this.options = _.defaults(options, this.options); - + if ( options ){ + this.options = _.defaults( options, this.options ); + } + // update url - if (this.options.content && this.options.content.indexOf('//') === -1) + if ( this.options.content !== undefined && this.options.content.indexOf( '//' ) === -1 ){ this.options.content = galaxy_config.root + this.options.content; + } // add template for tab - this.setElement($(this._template(this.options))); + this.setElement( $( this._template( this.options ) ) ); // disable menu items that are not available to anonymous user // also show title to explain why they are disabled - if (this.options.disabled){ - $(this.el).find('.root').addClass('disabled'); + if ( this.options.disabled ){ + $( this.el ).find( '.root' ).addClass( 'disabled' ); this._attachPopover(); } // visiblity - if (!this.options.visible) + if ( !this.options.visible ){ this.hide(); + } }, // show diff -r b017300f1867b23c4e77fa3810a7cdbf196e7de1 -r 15f7c2ef93c1296aa61607fcceb190d94eb2701b static/scripts/galaxy.menu.js --- a/static/scripts/galaxy.menu.js +++ b/static/scripts/galaxy.menu.js @@ -167,7 +167,7 @@ var tab_admin = new mod_masthead.GalaxyMastheadTab({ id : "admin", title : "Admin", - content : "admin/index", + content : "admin", extra_class : "admin-only", title_attribute : 'Administer this Galaxy' }); diff -r b017300f1867b23c4e77fa3810a7cdbf196e7de1 -r 15f7c2ef93c1296aa61607fcceb190d94eb2701b static/scripts/packed/galaxy.masthead.js --- a/static/scripts/packed/galaxy.masthead.js +++ b/static/scripts/packed/galaxy.masthead.js @@ -1,1 +1,1 @@ -define([],function(){var a=Backbone.View.extend({el_masthead:"#everything",options:null,$background:null,list:[],initialize:function(e){this.options=e;$("body").off();this.setElement($(this._template(e)));$(this.el_masthead).append($(this.el));this.$background=$(this.el).find("#masthead-background");var d=this;$(window).on("beforeunload",function(){var g="";for(key in d.list){if(d.list[key].options.onunload){var f=d.list[key].options.onunload();if(f){g+=f+" "}}}if(g!=""){return g}})},events:{click:"_click",mousedown:function(d){d.preventDefault()}},append:function(d){return this._add(d,true)},prepend:function(d){return this._add(d,false)},highlight:function(e){var d=$(this.el).find("#"+e+"> li");if(d){d.addClass("active")}},_add:function(g,e){var d=$(this.el).find("#"+g.location);if(d){var f=$(g.el);f.addClass("masthead-item");if(e){d.append(f)}else{d.prepend(f)}this.list.push(g)}return null},_click:function(g){var f=$(this.el).find(".popup");if(f){f.hide()}var d=$(g.target).closest(".masthead-item").find(".popup");if($(g.target).hasClass("head")){d.show();this.$background.show()}else{this.$background.hide()}},_template:function(d){var e=d.brand?("/ "+d.brand):"";return'<div><div id="masthead" class="navbar navbar-fixed-top navbar-inverse"><div style="position: relative; right: -50%; float: left;"><div id="navbar" style="display: block; position: relative; right: 50%;"></div></div><div class="navbar-brand"><a href="'+d.logo_url+'"><img border="0" src="'+galaxy_config.root+'static/images/galaxyIcon_noText.png"><span id="brand"> Galaxy '+e+'</span></a></div><div class="quota-meter-container"></div><div id="iconbar" class="iconbar"></div></div><div id="masthead-background" style="display: none; position: absolute; top: 33px; width: 100%; height: 100%; z-index: 1010"></div></div>'}});var b=Backbone.View.extend({options:{id:"",icon:"fa-cog",tooltip:"",with_number:false,onclick:function(){alert("clicked")},onunload:null,visible:true},location:"iconbar",initialize:function(e){if(e){this.options=_.defaults(e,this.options)}this.setElement($(this._template(this.options)));var d=this;$(this.el).find(".icon").tooltip({title:this.options.tooltip,placement:"bottom"}).on("mouseup",d.options.onclick);if(!this.options.visible){this.hide()}},show:function(){$(this.el).css({visibility:"visible"})},hide:function(){$(this.el).css({visibility:"hidden"})},icon:function(d){$(this.el).find(".icon").removeClass(this.options.icon).addClass(d);this.options.icon=d},toggle:function(){$(this.el).addClass("toggle")},untoggle:function(){$(this.el).removeClass("toggle")},number:function(d){$(this.el).find(".number").text(d)},_template:function(e){var d='<div id="'+e.id+'" class="symbol"><div class="icon fa fa-2x '+e.icon+'"></div>';if(e.with_number){d+='<div class="number"></div>'}d+="</div>";return d}});var c=Backbone.View.extend({options:{id:"",title:"",target:"_parent",content:"",type:"url",scratchbook:false,onunload:null,visible:true,disabled:false,title_attribute:""},location:"navbar",$menu:null,events:{"click .head":"_head"},initialize:function(d){if(d){this.options=_.defaults(d,this.options)}if(this.options.content&&this.options.content.indexOf("//")===-1){this.options.content=galaxy_config.root+this.options.content}this.setElement($(this._template(this.options)));if(this.options.disabled){$(this.el).find(".root").addClass("disabled");this._attachPopover()}if(!this.options.visible){this.hide()}},show:function(){$(this.el).css({visibility:"visible"})},hide:function(){$(this.el).css({visibility:"hidden"})},add:function(f){var g={title:"Title",content:"",type:"url",target:"_parent",scratchbook:false,divider:false};if(f){g=_.defaults(f,g)}if(g.content&&g.content.indexOf("//")===-1){g.content=galaxy_config.root+g.content}if(!this.$menu){$(this.el).find(".root").append(this._templateMenu());$(this.el).find(".symbol").addClass("caret");this.$menu=$(this.el).find(".popup")}var e=$(this._templateMenuItem(g));this.$menu.append(e);var d=this;e.on("click",function(h){h.preventDefault();if(d.options.target==="_blank"){return true}Galaxy.frame.add(f)});if(g.divider){this.$menu.append($(this._templateDivider()))}},_head:function(d){d.preventDefault();if(this.options.disabled){return}if(!this.$menu){Galaxy.frame.add(this.options)}},_attachPopover:function(){var d=$(this.el).find(".head");d.popover({html:true,content:'Please <a href="'+galaxy_config.root+'/user/login">log in</a> or <a href="'+galaxy_config.root+'/user/create">register</a> to use this feature.',placement:"bottom"}).on("shown.bs.popover",function(){setTimeout(function(){d.popover("hide")},5000)})},_templateMenuItem:function(d){return'<li><a href="'+d.content+'" target="'+d.target+'">'+d.title+"</a></li>"},_templateMenu:function(){return'<ul class="popup dropdown-menu"></ul>'},_templateDivider:function(){return'<li class="divider"></li>'},_template:function(e){var d='<ul id="'+e.id+'" class="nav navbar-nav" border="0" cellspacing="0"><li class="root dropdown" style=""><a class="head dropdown-toggle" data-toggle="dropdown" target="'+e.target+'" href="'+e.content+'" title="'+e.title_attribute+'">'+e.title+'<b class="symbol"></b></a></li></ul>';return d}});return{GalaxyMasthead:a,GalaxyMastheadTab:c,GalaxyMastheadIcon:b}}); \ No newline at end of file +define([],function(){var a=Backbone.View.extend({el_masthead:"#everything",options:null,$background:null,list:[],initialize:function(e){this.options=e;$("body").off();this.setElement($(this._template(e)));$(this.el_masthead).append($(this.el));this.$background=$(this.el).find("#masthead-background");var d=this;$(window).on("beforeunload",function(){var g="";for(key in d.list){if(d.list[key].options.onunload){var f=d.list[key].options.onunload();if(f){g+=f+" "}}}if(g!=""){return g}})},events:{click:"_click",mousedown:function(d){d.preventDefault()}},append:function(d){return this._add(d,true)},prepend:function(d){return this._add(d,false)},highlight:function(e){var d=$(this.el).find("#"+e+"> li");if(d){d.addClass("active")}},_add:function(g,e){var d=$(this.el).find("#"+g.location);if(d){var f=$(g.el);f.addClass("masthead-item");if(e){d.append(f)}else{d.prepend(f)}this.list.push(g)}return null},_click:function(g){var f=$(this.el).find(".popup");if(f){f.hide()}var d=$(g.target).closest(".masthead-item").find(".popup");if($(g.target).hasClass("head")){d.show();this.$background.show()}else{this.$background.hide()}},_template:function(d){var e=d.brand?("/ "+d.brand):"";return'<div><div id="masthead" class="navbar navbar-fixed-top navbar-inverse"><div style="position: relative; right: -50%; float: left;"><div id="navbar" style="display: block; position: relative; right: 50%;"></div></div><div class="navbar-brand"><a href="'+d.logo_url+'"><img border="0" src="'+galaxy_config.root+'static/images/galaxyIcon_noText.png"><span id="brand"> Galaxy '+e+'</span></a></div><div class="quota-meter-container"></div><div id="iconbar" class="iconbar"></div></div><div id="masthead-background" style="display: none; position: absolute; top: 33px; width: 100%; height: 100%; z-index: 1010"></div></div>'}});var b=Backbone.View.extend({options:{id:"",icon:"fa-cog",tooltip:"",with_number:false,onclick:function(){alert("clicked")},onunload:null,visible:true},location:"iconbar",initialize:function(e){if(e){this.options=_.defaults(e,this.options)}this.setElement($(this._template(this.options)));var d=this;$(this.el).find(".icon").tooltip({title:this.options.tooltip,placement:"bottom"}).on("mouseup",d.options.onclick);if(!this.options.visible){this.hide()}},show:function(){$(this.el).css({visibility:"visible"})},hide:function(){$(this.el).css({visibility:"hidden"})},icon:function(d){$(this.el).find(".icon").removeClass(this.options.icon).addClass(d);this.options.icon=d},toggle:function(){$(this.el).addClass("toggle")},untoggle:function(){$(this.el).removeClass("toggle")},number:function(d){$(this.el).find(".number").text(d)},_template:function(e){var d='<div id="'+e.id+'" class="symbol"><div class="icon fa fa-2x '+e.icon+'"></div>';if(e.with_number){d+='<div class="number"></div>'}d+="</div>";return d}});var c=Backbone.View.extend({options:{id:"",title:"",target:"_parent",content:"",type:"url",scratchbook:false,onunload:null,visible:true,disabled:false,title_attribute:""},location:"navbar",$menu:null,events:{"click .head":"_head"},initialize:function(d){if(d){this.options=_.defaults(d,this.options)}if(this.options.content!==undefined&&this.options.content.indexOf("//")===-1){this.options.content=galaxy_config.root+this.options.content}this.setElement($(this._template(this.options)));if(this.options.disabled){$(this.el).find(".root").addClass("disabled");this._attachPopover()}if(!this.options.visible){this.hide()}},show:function(){$(this.el).css({visibility:"visible"})},hide:function(){$(this.el).css({visibility:"hidden"})},add:function(f){var g={title:"Title",content:"",type:"url",target:"_parent",scratchbook:false,divider:false};if(f){g=_.defaults(f,g)}if(g.content&&g.content.indexOf("//")===-1){g.content=galaxy_config.root+g.content}if(!this.$menu){$(this.el).find(".root").append(this._templateMenu());$(this.el).find(".symbol").addClass("caret");this.$menu=$(this.el).find(".popup")}var e=$(this._templateMenuItem(g));this.$menu.append(e);var d=this;e.on("click",function(h){h.preventDefault();if(d.options.target==="_blank"){return true}Galaxy.frame.add(f)});if(g.divider){this.$menu.append($(this._templateDivider()))}},_head:function(d){d.preventDefault();if(this.options.disabled){return}if(!this.$menu){Galaxy.frame.add(this.options)}},_attachPopover:function(){var d=$(this.el).find(".head");d.popover({html:true,content:'Please <a href="'+galaxy_config.root+'/user/login">log in</a> or <a href="'+galaxy_config.root+'/user/create">register</a> to use this feature.',placement:"bottom"}).on("shown.bs.popover",function(){setTimeout(function(){d.popover("hide")},5000)})},_templateMenuItem:function(d){return'<li><a href="'+d.content+'" target="'+d.target+'">'+d.title+"</a></li>"},_templateMenu:function(){return'<ul class="popup dropdown-menu"></ul>'},_templateDivider:function(){return'<li class="divider"></li>'},_template:function(e){var d='<ul id="'+e.id+'" class="nav navbar-nav" border="0" cellspacing="0"><li class="root dropdown" style=""><a class="head dropdown-toggle" data-toggle="dropdown" target="'+e.target+'" href="'+e.content+'" title="'+e.title_attribute+'">'+e.title+'<b class="symbol"></b></a></li></ul>';return d}});return{GalaxyMasthead:a,GalaxyMastheadTab:c,GalaxyMastheadIcon:b}}); \ No newline at end of file diff -r b017300f1867b23c4e77fa3810a7cdbf196e7de1 -r 15f7c2ef93c1296aa61607fcceb190d94eb2701b static/scripts/packed/galaxy.menu.js --- a/static/scripts/packed/galaxy.menu.js +++ b/static/scripts/packed/galaxy.menu.js @@ -1,1 +1,1 @@ -define(["galaxy.masthead"],function(b){var a=Backbone.Model.extend({options:null,masthead:null,initialize:function(c){this.options=c.config;this.masthead=c.masthead;this.create()},create:function(){var e=new b.GalaxyMastheadTab({id:"analysis",title:"Analyze Data",content:"",title_attribute:"Analysis home view"});this.masthead.append(e);var g={id:"workflow",title:"Workflow",content:"workflow",title_attribute:"Chain tools into workflows"};if(!this.options.user.valid){g.disabled=true}var d=new b.GalaxyMastheadTab(g);this.masthead.append(d);var i=new b.GalaxyMastheadTab({id:"shared",title:"Shared Data",content:"library/index",title_attribute:"Access published resources"});i.add({title:"Data Libraries",content:"library/index"});i.add({title:"Data Libraries Beta",content:"library/list",divider:true});i.add({title:"Published Histories",content:"history/list_published"});i.add({title:"Published Workflows",content:"workflow/list_published"});i.add({title:"Published Visualizations",content:"visualization/list_published"});i.add({title:"Published Pages",content:"page/list_published"});this.masthead.append(i);if(this.options.user.requests){var j=new b.GalaxyMastheadTab({id:"lab",title:"Lab"});j.add({title:"Sequencing Requests",content:"requests/index"});j.add({title:"Find Samples",content:"requests/find_samples_index"});j.add({title:"Help",content:this.options.lims_doc_url});this.masthead.append(j)}var c={id:"visualization",title:"Visualization",content:"visualization/list",title_attribute:"Visualize datasets"};if(!this.options.user.valid){c.disabled=true}var m=new b.GalaxyMastheadTab(c);if(this.options.user.valid){m.add({title:"New Track Browser",content:"visualization/trackster",target:"_frame"});m.add({title:"Saved Visualizations",content:"visualization/list",target:"_frame"})}this.masthead.append(m);if(this.options.enable_cloud_launch){var f=new b.GalaxyMastheadTab({id:"cloud",title:"Cloud",content:"cloudlaunch/index"});f.add({title:"New Cloud Cluster",content:"cloudlaunch/index"});this.masthead.append(f)}if(this.options.is_admin_user){var h=new b.GalaxyMastheadTab({id:"admin",title:"Admin",content:"admin/index",extra_class:"admin-only",title_attribute:"Administer this Galaxy"});this.masthead.append(h)}var l=new b.GalaxyMastheadTab({id:"help",title:"Help",title_attribute:"Support, contact, and community hubs"});if(this.options.biostar_url){l.add({title:"Galaxy Biostar",content:this.options.biostar_url_redirect,target:"_blank"});l.add({title:"Ask a question",content:"biostar/biostar_question_redirect",target:"_blank"})}l.add({title:"Support",content:this.options.support_url,target:"_blank"});l.add({title:"Search",content:this.options.search_url,target:"_blank"});l.add({title:"Mailing Lists",content:this.options.mailing_lists,target:"_blank"});l.add({title:"Videos",content:this.options.screencasts_url,target:"_blank"});l.add({title:"Wiki",content:this.options.wiki_url,target:"_blank"});l.add({title:"How to Cite Galaxy",content:this.options.citation_url,target:"_blank"});if(this.options.terms_url){l.add({title:"Terms and Conditions",content:this.options.terms_url,target:"_blank"})}this.masthead.append(l);if(!this.options.user.valid){var k=new b.GalaxyMastheadTab({id:"user",title:"User",extra_class:"loggedout-only",title_attribute:"Account registration or login"});k.add({title:"Login",content:"user/login",target:"galaxy_main"});if(this.options.allow_user_creation){k.add({title:"Register",content:"user/create",target:"galaxy_main"})}this.masthead.append(k)}else{var k=new b.GalaxyMastheadTab({id:"user",title:"User",extra_class:"loggedin-only",title_attribute:"Account preferences and saved data"});k.add({title:"Logged in as "+this.options.user.email});k.add({title:"Preferences",content:"user?cntrller=user",target:"galaxy_main"});k.add({title:"Custom Builds",content:"user/dbkeys",target:"galaxy_main"});k.add({title:"Logout",content:"user/logout",target:"_top",divider:true});k.add({title:"Saved Histories",content:"history/list",target:"galaxy_main"});k.add({title:"Saved Datasets",content:"dataset/list",target:"galaxy_main"});k.add({title:"Saved Pages",content:"page/list",target:"_top"});k.add({title:"API Keys",content:"user/api_keys?cntrller=user",target:"galaxy_main"});if(this.options.use_remote_user){k.add({title:"Public Name",content:"user/edit_username?cntrller=user",target:"galaxy_main"})}this.masthead.append(k)}if(this.options.active_view){this.masthead.highlight(this.options.active_view)}}});return{GalaxyMenu:a}}); \ No newline at end of file +define(["galaxy.masthead"],function(b){var a=Backbone.Model.extend({options:null,masthead:null,initialize:function(c){this.options=c.config;this.masthead=c.masthead;this.create()},create:function(){var e=new b.GalaxyMastheadTab({id:"analysis",title:"Analyze Data",content:"",title_attribute:"Analysis home view"});this.masthead.append(e);var g={id:"workflow",title:"Workflow",content:"workflow",title_attribute:"Chain tools into workflows"};if(!this.options.user.valid){g.disabled=true}var d=new b.GalaxyMastheadTab(g);this.masthead.append(d);var i=new b.GalaxyMastheadTab({id:"shared",title:"Shared Data",content:"library/index",title_attribute:"Access published resources"});i.add({title:"Data Libraries",content:"library/index"});i.add({title:"Data Libraries Beta",content:"library/list",divider:true});i.add({title:"Published Histories",content:"history/list_published"});i.add({title:"Published Workflows",content:"workflow/list_published"});i.add({title:"Published Visualizations",content:"visualization/list_published"});i.add({title:"Published Pages",content:"page/list_published"});this.masthead.append(i);if(this.options.user.requests){var j=new b.GalaxyMastheadTab({id:"lab",title:"Lab"});j.add({title:"Sequencing Requests",content:"requests/index"});j.add({title:"Find Samples",content:"requests/find_samples_index"});j.add({title:"Help",content:this.options.lims_doc_url});this.masthead.append(j)}var c={id:"visualization",title:"Visualization",content:"visualization/list",title_attribute:"Visualize datasets"};if(!this.options.user.valid){c.disabled=true}var m=new b.GalaxyMastheadTab(c);if(this.options.user.valid){m.add({title:"New Track Browser",content:"visualization/trackster",target:"_frame"});m.add({title:"Saved Visualizations",content:"visualization/list",target:"_frame"})}this.masthead.append(m);if(this.options.enable_cloud_launch){var f=new b.GalaxyMastheadTab({id:"cloud",title:"Cloud",content:"cloudlaunch/index"});f.add({title:"New Cloud Cluster",content:"cloudlaunch/index"});this.masthead.append(f)}if(this.options.is_admin_user){var h=new b.GalaxyMastheadTab({id:"admin",title:"Admin",content:"admin",extra_class:"admin-only",title_attribute:"Administer this Galaxy"});this.masthead.append(h)}var l=new b.GalaxyMastheadTab({id:"help",title:"Help",title_attribute:"Support, contact, and community hubs"});if(this.options.biostar_url){l.add({title:"Galaxy Biostar",content:this.options.biostar_url_redirect,target:"_blank"});l.add({title:"Ask a question",content:"biostar/biostar_question_redirect",target:"_blank"})}l.add({title:"Support",content:this.options.support_url,target:"_blank"});l.add({title:"Search",content:this.options.search_url,target:"_blank"});l.add({title:"Mailing Lists",content:this.options.mailing_lists,target:"_blank"});l.add({title:"Videos",content:this.options.screencasts_url,target:"_blank"});l.add({title:"Wiki",content:this.options.wiki_url,target:"_blank"});l.add({title:"How to Cite Galaxy",content:this.options.citation_url,target:"_blank"});if(this.options.terms_url){l.add({title:"Terms and Conditions",content:this.options.terms_url,target:"_blank"})}this.masthead.append(l);if(!this.options.user.valid){var k=new b.GalaxyMastheadTab({id:"user",title:"User",extra_class:"loggedout-only",title_attribute:"Account registration or login"});k.add({title:"Login",content:"user/login",target:"galaxy_main"});if(this.options.allow_user_creation){k.add({title:"Register",content:"user/create",target:"galaxy_main"})}this.masthead.append(k)}else{var k=new b.GalaxyMastheadTab({id:"user",title:"User",extra_class:"loggedin-only",title_attribute:"Account preferences and saved data"});k.add({title:"Logged in as "+this.options.user.email});k.add({title:"Preferences",content:"user?cntrller=user",target:"galaxy_main"});k.add({title:"Custom Builds",content:"user/dbkeys",target:"galaxy_main"});k.add({title:"Logout",content:"user/logout",target:"_top",divider:true});k.add({title:"Saved Histories",content:"history/list",target:"galaxy_main"});k.add({title:"Saved Datasets",content:"dataset/list",target:"galaxy_main"});k.add({title:"Saved Pages",content:"page/list",target:"_top"});k.add({title:"API Keys",content:"user/api_keys?cntrller=user",target:"galaxy_main"});if(this.options.use_remote_user){k.add({title:"Public Name",content:"user/edit_username?cntrller=user",target:"galaxy_main"})}this.masthead.append(k)}if(this.options.active_view){this.masthead.highlight(this.options.active_view)}}});return{GalaxyMenu:a}}); \ No newline at end of file Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.

1 0

commit/galaxy-central: dannon: Merge next stable.
by commits-noreply＠bitbucket.org 25 Nov '14

25 Nov '14

1 new commit in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/ce8a617dcdb1/ Changeset: ce8a617dcdb1 User: dannon Date: 2014-11-25 19:35:25+00:00 Summary: Merge next stable. Affected #: 2 files diff -r 720b9c3936980d5af25df714c5c65e5d4793327c -r ce8a617dcdb199e97e7d4249f548e78a4530d18a lib/galaxy/web/framework/helpers/__init__.py --- a/lib/galaxy/web/framework/helpers/__init__.py +++ b/lib/galaxy/web/framework/helpers/__init__.py @@ -3,13 +3,13 @@ """ import time -from cgi import escape from datetime import datetime, timedelta from galaxy import eggs from galaxy.util import hash_util from galaxy.util.json import safe_dumps as dumps eggs.require( "MarkupSafe" ) #required by WebHelpers eggs.require( "WebHelpers" ) +from markupsafe import escape from webhelpers import date from webhelpers.html.tags import stylesheet_link, javascript_link diff -r 720b9c3936980d5af25df714c5c65e5d4793327c -r ce8a617dcdb199e97e7d4249f548e78a4530d18a lib/galaxy/webapps/galaxy/controllers/tool_runner.py --- a/lib/galaxy/webapps/galaxy/controllers/tool_runner.py +++ b/lib/galaxy/webapps/galaxy/controllers/tool_runner.py @@ -15,8 +15,8 @@ from galaxy.tools.parameters.basic import UnvalidatedValue from galaxy.util.bunch import Bunch from galaxy.util.hash_util import is_hashable -from galaxy.web import error -from galaxy.web import url_for +from galaxy.web import error, url_for +from galaxy.web.framework.helpers import escape from galaxy.web.base.controller import BaseUIController import tool_shed.util.shed_util_common as suc @@ -57,7 +57,7 @@ return trans.response.send_redirect( url_for( controller="root", action="welcome" ) ) # When the tool form is initially loaded, the received kwd will not include a 'refresh' # entry (which only is included when another option is selected in the tool_version_select_field), - # so the default selected option should be the most recent version of the tool. The following + # so the default selected option should be the most recent version of the tool. The following # check will mae sure this occurs. refreshed_on_change = kwd.get( 'refresh', False ) tool_version_select_field, tools, tool = self.__get_tool_components( tool_id, @@ -69,7 +69,7 @@ log.error( "index called with tool id '%s' but no such tool exists", tool_id ) trans.log_event( "Tool id '%s' does not exist" % tool_id ) trans.response.status = 404 - return "Tool '%s' does not exist, kwd=%s " % ( tool_id, kwd ) + return trans.show_error_message("Tool '%s' does not exist." % ( escape(tool_id) )) if tool.require_login and not trans.user: message = "You must be logged in to use this tool." status = "info" @@ -291,7 +291,7 @@ log.error( "data_source_redirect called with tool id '%s' but no such tool exists", tool_id ) trans.log_event( "Tool id '%s' does not exist" % tool_id ) trans.response.status = 404 - return "Tool '%s' does not exist, kwd=%s " % ( tool_id, kwd ) + return trans.show_error_message("Tool '%s' does not exist." % ( escape(tool_id) )) if isinstance( tool, DataSourceTool ): link = url_for( tool.action, **tool.get_static_param_values( trans ) ) Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.

1 0

commit/galaxy-central: 4 new changesets
by commits-noreply＠bitbucket.org 25 Nov '14

25 Nov '14

4 new commits in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/4ecb1efececd/ Changeset: 4ecb1efececd Branch: next-stable User: dannon Date: 2014-11-25 19:26:52+00:00 Summary: Prevent XSS in unknown tool display, update to actually use show_error_message instead of replying with plain text. Affected #: 2 files diff -r c53f747732a115c7ec6ed3e192bb059d12266865 -r 4ecb1efececdb58d16087a58d1f168851899aa4a lib/galaxy/web/framework/helpers/__init__.py --- a/lib/galaxy/web/framework/helpers/__init__.py +++ b/lib/galaxy/web/framework/helpers/__init__.py @@ -3,13 +3,13 @@ """ import time -from cgi import escape from datetime import datetime, timedelta from galaxy import eggs from galaxy.util import hash_util from galaxy.util.json import safe_dumps as dumps eggs.require( "MarkupSafe" ) #required by WebHelpers eggs.require( "WebHelpers" ) +from markupsafe import escape from webhelpers import date from webhelpers.html.tags import stylesheet_link, javascript_link diff -r c53f747732a115c7ec6ed3e192bb059d12266865 -r 4ecb1efececdb58d16087a58d1f168851899aa4a lib/galaxy/webapps/galaxy/controllers/tool_runner.py --- a/lib/galaxy/webapps/galaxy/controllers/tool_runner.py +++ b/lib/galaxy/webapps/galaxy/controllers/tool_runner.py @@ -15,8 +15,8 @@ from galaxy.tools.parameters.basic import UnvalidatedValue from galaxy.util.bunch import Bunch from galaxy.util.hash_util import is_hashable -from galaxy.web import error -from galaxy.web import url_for +from galaxy.web import error, url_for +from galaxy.web.framework.helpers import escape from galaxy.web.base.controller import BaseUIController import tool_shed.util.shed_util_common as suc @@ -57,7 +57,7 @@ return trans.response.send_redirect( url_for( controller="root", action="welcome" ) ) # When the tool form is initially loaded, the received kwd will not include a 'refresh' # entry (which only is included when another option is selected in the tool_version_select_field), - # so the default selected option should be the most recent version of the tool. The following + # so the default selected option should be the most recent version of the tool. The following # check will mae sure this occurs. refreshed_on_change = kwd.get( 'refresh', False ) tool_version_select_field, tools, tool = self.__get_tool_components( tool_id, @@ -69,7 +69,7 @@ log.error( "index called with tool id '%s' but no such tool exists", tool_id ) trans.log_event( "Tool id '%s' does not exist" % tool_id ) trans.response.status = 404 - return "Tool '%s' does not exist, kwd=%s " % ( tool_id, kwd ) + return trans.show_error_message("Tool '%s' does not exist." % ( escape(tool_id) )) if tool.require_login and not trans.user: message = "You must be logged in to use this tool." status = "info" https://bitbucket.org/galaxy/galaxy-central/commits/988dd20de45b/ Changeset: 988dd20de45b Branch: next-stable User: dannon Date: 2014-11-25 19:27:04+00:00 Summary: Merge. Affected #: 8 files diff -r 4ecb1efececdb58d16087a58d1f168851899aa4a -r 988dd20de45bb4d6a361da1febe7ca0631cb7b95 lib/galaxy/tags/tag_handler.py --- a/lib/galaxy/tags/tag_handler.py +++ b/lib/galaxy/tags/tag_handler.py @@ -1,5 +1,7 @@ -import re, logging -from sqlalchemy.sql.expression import func, and_ +import re +import logging +from sqlalchemy.sql.expression import func +from sqlalchemy.sql.expression import and_ from sqlalchemy.sql import select log = logging.getLogger( __name__ ) @@ -25,12 +27,15 @@ self.key_value_separators = "=:" # Initialize with known classes - add to this in subclasses. self.item_tag_assoc_info = {} + def get_tag_assoc_class( self, item_class ): """Returns tag association class for item class.""" return self.item_tag_assoc_info[item_class.__name__].tag_assoc_class + def get_id_col_in_item_tag_assoc_table( self, item_class ): """Returns item id column in class' item-tag association table.""" return self.item_tag_assoc_info[item_class.__name__].item_id_col + def get_community_tags( self, trans, item=None, limit=None ): """Returns community tags for an item.""" # Get item-tag association class. @@ -58,6 +63,7 @@ tag_id = row[0] community_tags.append( self.get_tag_by_id( trans, tag_id ) ) return community_tags + def get_tool_tags( self, trans ): result_set = trans.sa_session.execute( select( columns=[ trans.app.model.ToolTagAssociation.table.c.tag_id ], from_obj=trans.app.model.ToolTagAssociation.table ).distinct() ) @@ -67,6 +73,7 @@ tag_id = row[0] tags.append( self.get_tag_by_id( trans, tag_id ) ) return tags + def remove_item_tag( self, trans, user, item, tag_name ): """Remove a tag from an item.""" # Get item tag association. @@ -78,6 +85,7 @@ item.tags.remove( item_tag_assoc ) return True return False + def delete_item_tags( self, trans, user, item ): """Delete tags from an item.""" # Delete item-tag associations. @@ -85,6 +93,7 @@ trans.sa_session.delete( tag ) # Delete tags from item. del item.tags[:] + def item_has_tag( self, trans, user, item, tag ): """Returns true if item is has a given tag.""" # Get tag name. @@ -97,6 +106,7 @@ if item_tag_assoc: return True return False + def apply_item_tag( self, trans, user, item, name, value=None ): # Use lowercase name for searching/creating tag. lc_name = name.lower() @@ -124,6 +134,7 @@ item_tag_assoc.user_value = value item_tag_assoc.value = lc_value return item_tag_assoc + def apply_item_tags( self, trans, user, item, tags_str ): """Apply tags to an item.""" # Parse tags. @@ -131,6 +142,7 @@ # Apply each tag. for name, value in parsed_tags.items(): self.apply_item_tag( trans, user, item, name, value ) + def get_tags_str( self, tags ): """Build a string from an item's tags.""" # Return empty string if there are no tags. @@ -144,14 +156,17 @@ tag_str += ":" + tag.user_value tags_str_list.append( tag_str ) return ", ".join( tags_str_list ) + def get_tag_by_id( self, trans, tag_id ): """Get a Tag object from a tag id.""" return trans.sa_session.query( trans.app.model.Tag ).filter_by( id=tag_id ).first() + def get_tag_by_name( self, trans, tag_name ): """Get a Tag object from a tag name (string).""" if tag_name: return trans.sa_session.query( trans.app.model.Tag ).filter_by( name=tag_name.lower() ).first() return None + def _create_tag( self, trans, tag_str ): """Create a Tag object from a tag string.""" tag_hierarchy = tag_str.split( self.hierarchy_separator ) @@ -169,6 +184,7 @@ parent_tag = tag tag_prefix = tag.name + self.hierarchy_separator return tag + def _get_or_create_tag( self, trans, tag_str ): """Get or create a Tag object from a tag string.""" # Scrub tag; if tag is None after being scrubbed, return None. @@ -181,6 +197,7 @@ if tag is None: tag = self._create_tag( trans, scrubbed_tag_str ) return tag + def _get_item_tag_assoc( self, user, item, tag_name ): """ Return ItemTagAssociation object for a user, item, and tag string; returns None if there is @@ -191,6 +208,7 @@ if ( item_tag_assoc.user == user ) and ( item_tag_assoc.user_tname == scrubbed_tag_name ): return item_tag_assoc return None + def parse_tags( self, tag_str ): """ Returns a list of raw (tag-name, value) pairs derived from a string; method scrubs tag names and values as well. @@ -210,6 +228,7 @@ scrubbed_value = self._scrub_tag_value( nv_pair[1] ) name_value_pairs[scrubbed_name] = scrubbed_value return name_value_pairs + def _scrub_tag_value( self, value ): """Scrub a tag value.""" # Gracefully handle None: @@ -219,6 +238,7 @@ reg_exp = re.compile( '\s' ) scrubbed_value = re.sub( reg_exp, "", value ) return scrubbed_value + def _scrub_tag_name( self, name ): """Scrub a tag name.""" # Gracefully handle None: @@ -234,12 +254,14 @@ if len( scrubbed_name ) < self.min_tag_len or len( scrubbed_name ) > self.max_tag_len: return None return scrubbed_name + def _scrub_tag_name_list( self, tag_name_list ): """Scrub a tag name list.""" scrubbed_tag_list = list() for tag in tag_name_list: scrubbed_tag_list.append( self._scrub_tag_name( tag ) ) return scrubbed_tag_list + def _get_name_value_pair( self, tag_str ): """Get name, value pair from a tag string.""" # Use regular expression to parse name, value. @@ -250,6 +272,7 @@ name_value_pair.append( None ) return name_value_pair + class GalaxyTagHandler( TagHandler ): def __init__( self ): from galaxy import model @@ -271,6 +294,7 @@ model.VisualizationTagAssociation, model.VisualizationTagAssociation.table.c.visualization_id ) + class CommunityTagHandler( TagHandler ): def __init__( self ): from galaxy.webapps.tool_shed import model diff -r 4ecb1efececdb58d16087a58d1f168851899aa4a -r 988dd20de45bb4d6a361da1febe7ca0631cb7b95 lib/galaxy/util/json.py --- a/lib/galaxy/util/json.py +++ b/lib/galaxy/util/json.py @@ -52,7 +52,7 @@ return val -def safe_dumps(*args, **kwargs): +def safe_dumps( *args, **kwargs ): """ This is a wrapper around dumps that encodes Infinity and NaN values. It's a fairly rare case (which will be low in request volume). Basically, we tell @@ -60,10 +60,12 @@ re-encoding. """ try: - dumped = json.dumps(*args, allow_nan=False, **kwargs) + dumped = json.dumps( *args, allow_nan=False, **kwargs ) except ValueError: - obj = swap_inf_nan(copy.deepcopy(args[0])) - dumped = json.dumps(obj, allow_nan=False, **kwargs) + obj = swap_inf_nan( copy.deepcopy( args[0] ) ) + dumped = json.dumps( obj, allow_nan=False, **kwargs ) + if kwargs.get( 'escape_closing_tags', True ): + return dumped.replace( '</', '<\\/' ) return dumped diff -r 4ecb1efececdb58d16087a58d1f168851899aa4a -r 988dd20de45bb4d6a361da1febe7ca0631cb7b95 lib/galaxy/util/validation.py --- a/lib/galaxy/util/validation.py +++ b/lib/galaxy/util/validation.py @@ -8,8 +8,8 @@ def validate_and_sanitize_basestring( key, val ): if not isinstance( val, basestring ): - raise exceptions.RequestParameterInvalidException( '%s must be a string or unicode: %s' - % ( key, str( type( val ) ) ) ) + raise exceptions.RequestParameterInvalidException( '%s must be a string or unicode: %s' + % ( key, str( type( val ) ) ) ) return unicode( sanitize_html( val, 'utf-8', 'text/html' ), 'utf-8' ) diff -r 4ecb1efececdb58d16087a58d1f168851899aa4a -r 988dd20de45bb4d6a361da1febe7ca0631cb7b95 lib/galaxy/web/framework/helpers/__init__.py --- a/lib/galaxy/web/framework/helpers/__init__.py +++ b/lib/galaxy/web/framework/helpers/__init__.py @@ -111,4 +111,3 @@ Returns true if input is a boolean and true or is a string and looks like a true value. """ return val == True or val in [ 'True', 'true', 'T', 't' ] - diff -r 4ecb1efececdb58d16087a58d1f168851899aa4a -r 988dd20de45bb4d6a361da1febe7ca0631cb7b95 lib/galaxy/webapps/galaxy/controllers/tag.py --- a/lib/galaxy/webapps/galaxy/controllers/tag.py +++ b/lib/galaxy/webapps/galaxy/controllers/tag.py @@ -64,7 +64,7 @@ trans.log_action( user, unicode( "untag" ), context, params ) # Retag an item. All previous tags are deleted and new tags are applied. - #(a)web.expose + @web.expose @web.require_login( "Apply a new set of tags to an item; previous tags are deleted." ) def retag_async( self, trans, item_id=None, item_class=None, new_tags=None ): """ @@ -73,7 +73,7 @@ # Apply tags. item = self._get_item( trans, item_class, trans.security.decode_id( item_id ) ) user = trans.user - self.get_tag_handler( trans ).delete_item_tags( trans, item ) + self.get_tag_handler( trans ).delete_item_tags( trans, user, item ) self.get_tag_handler( trans ).apply_item_tags( trans, user, item, new_tags.encode( 'utf-8' ) ) trans.sa_session.flush() diff -r 4ecb1efececdb58d16087a58d1f168851899aa4a -r 988dd20de45bb4d6a361da1febe7ca0631cb7b95 templates/galaxy_client_app.mako --- a/templates/galaxy_client_app.mako +++ b/templates/galaxy_client_app.mako @@ -15,7 +15,7 @@ //TODO: global... %for key in kwargs: ( window.bootstrapped = window.bootstrapped || {} )[ '${key}' ] = ( - ${ h.dumps( kwargs[ key ], indent=( 2 if trans.debug else 0 ) )} ); + ${ h.dumps( kwargs[ key ], indent=( 2 if trans.debug else 0 ) ).replace( '</', '<\\/' ) } ); %endfor define( 'bootstrapped-data', function(){ return window.bootstrapped; @@ -76,11 +76,17 @@ user_dict = trans.user.to_dict( view='element', value_mapper={ 'id': trans.security.encode_id, 'total_disk_usage': float } ) user_dict[ 'quota_percent' ] = trans.app.quota_agent.get_percent( trans=trans ) + user_dict[ 'is_admin' ] = trans.user_is_admin() # tags used users_api_controller = trans.webapp.api_controllers[ 'users' ] - user_dict[ 'tags_used' ] = users_api_controller.get_user_tags_used( trans, user=trans.user ) - user_dict[ 'is_admin' ] = trans.user_is_admin() + tags_used = [] + for tag in users_api_controller.get_user_tags_used( trans, user=trans.user ): + tag = tag | h + if tag: + tags_used.append( tag ) + user_dict[ 'tags_used' ] = tags_used + return user_dict usage = 0 diff -r 4ecb1efececdb58d16087a58d1f168851899aa4a -r 988dd20de45bb4d6a361da1febe7ca0631cb7b95 templates/tagging_common.mako --- a/templates/tagging_common.mako +++ b/templates/tagging_common.mako @@ -19,7 +19,7 @@ ## Render HTML for a list of tags. <%def name="render_tagging_element_html(elt_id=None, tags=None, editable=True, use_toggle_link=True, input_size='15', in_form=False, tag_type='individual', render_add_tag_button=True)"> ## Useful attributes. - <% + <% num_tags = len( tags ) %><div class="tag-element" @@ -50,6 +50,7 @@ elif isinstance( tag, ItemTagAssociation ): tag_name = tag.user_tname tag_value = tag.user_value + ## Convert tag name, value to unicode. if isinstance( tag_name, str ): tag_name = unicode( escape( tag_name ), 'utf-8' ) @@ -61,7 +62,7 @@ tag_str = tag_name %><span class="tag-button"> - <span class="tag-name">${tag_str}</span> + <span class="tag-name">${tag_str | h}</span> %if editable: <img class="delete-tag-img" src="${h.url_for('/static/images/delete_tag_icon_gray.png')}"/> %endif @@ -186,10 +187,11 @@ ## Build dict of tag name, values. tag_names_and_values = dict() for tag in item_tags: - tag_name = tag.user_tname + tag_name = escape( tag.user_tname ) tag_value = "" if tag.value is not None: - tag_value = tag.user_value + tag_value = escape( tag.user_value ) + ## Tag names and values may be string or unicode object. if isinstance( tag_name, str ): tag_names_and_values[unicode(tag_name, 'utf-8')] = unicode(tag_value, 'utf-8') diff -r 4ecb1efececdb58d16087a58d1f168851899aa4a -r 988dd20de45bb4d6a361da1febe7ca0631cb7b95 templates/webapps/galaxy/galaxy.masthead.mako --- a/templates/webapps/galaxy/galaxy.masthead.mako +++ b/templates/webapps/galaxy/galaxy.masthead.mako @@ -1,32 +1,4 @@ -## get user data -<%def name="get_user_json()"> -<% - """Bootstrapping user API JSON""" - #TODO: move into common location (poss. BaseController) - if trans.user: - user_dict = trans.user.to_dict( view='element', value_mapper={ 'id': trans.security.encode_id, - 'total_disk_usage': float } ) - user_dict[ 'quota_percent' ] = trans.app.quota_agent.get_percent( trans=trans ) - users_api_controller = trans.webapp.api_controllers[ 'users' ] - user_dict[ 'tags_used' ] = users_api_controller.get_user_tags_used( trans, user=trans.user ) - user_dict[ 'is_admin' ] = trans.user_is_admin() - else: - usage = 0 - percent = None - try: - usage = trans.app.quota_agent.get_usage( trans, history=trans.history ) - percent = trans.app.quota_agent.get_percent( trans=trans, usage=usage ) - except AssertionError, assertion: - # no history for quota_agent.get_usage assertion - pass - user_dict = { - 'total_disk_usage' : int( usage ), - 'nice_total_disk_usage' : util.nice_size( usage ), - 'quota_percent' : percent - } - return user_dict -%> -</%def> +<%namespace file="/galaxy_client_app.mako" import="get_user_json" /> ## masthead head generator <%def name="load(active_view = None)"> @@ -87,7 +59,7 @@ ], function( mod_masthead, mod_menu, mod_modal, mod_frame, GalaxyUpload, user, quotameter ){ if( !Galaxy.currUser ){ // this doesn't need to wait for the page being readied - Galaxy.currUser = new user.User(${ h.dumps( get_user_json(), indent=2 ) }); + Galaxy.currUser = new user.User(${ h.dumps( masthead_config[ 'user' ][ 'json' ], indent=2 ) }); } $(function() { https://bitbucket.org/galaxy/galaxy-central/commits/66ea70fbc161/ Changeset: 66ea70fbc161 Branch: next-stable User: dannon Date: 2014-11-25 19:31:55+00:00 Summary: Another instance of tool_id reflected xss (in data_source_redirect). Affected #: 1 file diff -r 988dd20de45bb4d6a361da1febe7ca0631cb7b95 -r 66ea70fbc161602121d364f4ef7d8c3a9126d01d lib/galaxy/webapps/galaxy/controllers/tool_runner.py --- a/lib/galaxy/webapps/galaxy/controllers/tool_runner.py +++ b/lib/galaxy/webapps/galaxy/controllers/tool_runner.py @@ -291,7 +291,7 @@ log.error( "data_source_redirect called with tool id '%s' but no such tool exists", tool_id ) trans.log_event( "Tool id '%s' does not exist" % tool_id ) trans.response.status = 404 - return "Tool '%s' does not exist, kwd=%s " % ( tool_id, kwd ) + return trans.show_error_message("Tool '%s' does not exist." % ( escape(tool_id) )) if isinstance( tool, DataSourceTool ): link = url_for( tool.action, **tool.get_static_param_values( trans ) ) https://bitbucket.org/galaxy/galaxy-central/commits/b017300f1867/ Changeset: b017300f1867 Branch: next-stable User: dannon Date: 2014-11-25 19:34:20+00:00 Summary: Merge. Affected #: 1 file diff -r 66ea70fbc161602121d364f4ef7d8c3a9126d01d -r b017300f1867b23c4e77fa3810a7cdbf196e7de1 templates/galaxy_client_app.mako --- a/templates/galaxy_client_app.mako +++ b/templates/galaxy_client_app.mako @@ -15,7 +15,7 @@ //TODO: global... %for key in kwargs: ( window.bootstrapped = window.bootstrapped || {} )[ '${key}' ] = ( - ${ h.dumps( kwargs[ key ], indent=( 2 if trans.debug else 0 ) ).replace( '</', '<\\/' ) } ); + ${ h.dumps( kwargs[ key ], indent=( 2 if trans.debug else 0 ) ) } ); %endfor define( 'bootstrapped-data', function(){ return window.bootstrapped; Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.

1 0

commit/galaxy-central: 2 new changesets
by commits-noreply＠bitbucket.org 25 Nov '14

25 Nov '14

2 new commits in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/fdfdf8341266/ Changeset: fdfdf8341266 Branch: next-stable User: carlfeberhard Date: 2014-11-25 19:29:48+00:00 Summary: Fix to 04a072e98658: remove unnecessary replace Affected #: 1 file diff -r 04a072e98658bb4a386726ece90b8efc7f6a5f69 -r fdfdf8341266f7d19d0086b1fd3e1ff685d0908d templates/galaxy_client_app.mako --- a/templates/galaxy_client_app.mako +++ b/templates/galaxy_client_app.mako @@ -15,7 +15,7 @@ //TODO: global... %for key in kwargs: ( window.bootstrapped = window.bootstrapped || {} )[ '${key}' ] = ( - ${ h.dumps( kwargs[ key ], indent=( 2 if trans.debug else 0 ) ).replace( '</', '<\\/' ) } ); + ${ h.dumps( kwargs[ key ], indent=( 2 if trans.debug else 0 ) ) } ); %endfor define( 'bootstrapped-data', function(){ return window.bootstrapped; https://bitbucket.org/galaxy/galaxy-central/commits/720b9c393698/ Changeset: 720b9c393698 User: carlfeberhard Date: 2014-11-25 19:30:04+00:00 Summary: merge Affected #: 1 file diff -r 123b9f6a67cce32f205103ee2d2a4f6ca72f6901 -r 720b9c3936980d5af25df714c5c65e5d4793327c templates/galaxy_client_app.mako --- a/templates/galaxy_client_app.mako +++ b/templates/galaxy_client_app.mako @@ -15,7 +15,7 @@ //TODO: global... %for key in kwargs: ( window.bootstrapped = window.bootstrapped || {} )[ '${key}' ] = ( - ${ h.dumps( kwargs[ key ], indent=( 2 if trans.debug else 0 ) ).replace( '</', '<\\/' ) } ); + ${ h.dumps( kwargs[ key ], indent=( 2 if trans.debug else 0 ) ) } ); %endfor define( 'bootstrapped-data', function(){ return window.bootstrapped; Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.

1 0

commit/galaxy-central: 2 new changesets
by commits-noreply＠bitbucket.org 25 Nov '14

25 Nov '14

2 new commits in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/04a072e98658/ Changeset: 04a072e98658 Branch: next-stable User: carlfeberhard Date: 2014-11-25 19:22:08+00:00 Summary: Sanitize tag output in tagging_common and user.tags_used; protect against closing tags in bootstrapped JSON (http://benalpert.com/2012/08/03/preventing-xss-json.html) minor fixes Affected #: 8 files diff -r c53f747732a115c7ec6ed3e192bb059d12266865 -r 04a072e98658bb4a386726ece90b8efc7f6a5f69 lib/galaxy/tags/tag_handler.py --- a/lib/galaxy/tags/tag_handler.py +++ b/lib/galaxy/tags/tag_handler.py @@ -1,5 +1,7 @@ -import re, logging -from sqlalchemy.sql.expression import func, and_ +import re +import logging +from sqlalchemy.sql.expression import func +from sqlalchemy.sql.expression import and_ from sqlalchemy.sql import select log = logging.getLogger( __name__ ) @@ -25,12 +27,15 @@ self.key_value_separators = "=:" # Initialize with known classes - add to this in subclasses. self.item_tag_assoc_info = {} + def get_tag_assoc_class( self, item_class ): """Returns tag association class for item class.""" return self.item_tag_assoc_info[item_class.__name__].tag_assoc_class + def get_id_col_in_item_tag_assoc_table( self, item_class ): """Returns item id column in class' item-tag association table.""" return self.item_tag_assoc_info[item_class.__name__].item_id_col + def get_community_tags( self, trans, item=None, limit=None ): """Returns community tags for an item.""" # Get item-tag association class. @@ -58,6 +63,7 @@ tag_id = row[0] community_tags.append( self.get_tag_by_id( trans, tag_id ) ) return community_tags + def get_tool_tags( self, trans ): result_set = trans.sa_session.execute( select( columns=[ trans.app.model.ToolTagAssociation.table.c.tag_id ], from_obj=trans.app.model.ToolTagAssociation.table ).distinct() ) @@ -67,6 +73,7 @@ tag_id = row[0] tags.append( self.get_tag_by_id( trans, tag_id ) ) return tags + def remove_item_tag( self, trans, user, item, tag_name ): """Remove a tag from an item.""" # Get item tag association. @@ -78,6 +85,7 @@ item.tags.remove( item_tag_assoc ) return True return False + def delete_item_tags( self, trans, user, item ): """Delete tags from an item.""" # Delete item-tag associations. @@ -85,6 +93,7 @@ trans.sa_session.delete( tag ) # Delete tags from item. del item.tags[:] + def item_has_tag( self, trans, user, item, tag ): """Returns true if item is has a given tag.""" # Get tag name. @@ -97,6 +106,7 @@ if item_tag_assoc: return True return False + def apply_item_tag( self, trans, user, item, name, value=None ): # Use lowercase name for searching/creating tag. lc_name = name.lower() @@ -124,6 +134,7 @@ item_tag_assoc.user_value = value item_tag_assoc.value = lc_value return item_tag_assoc + def apply_item_tags( self, trans, user, item, tags_str ): """Apply tags to an item.""" # Parse tags. @@ -131,6 +142,7 @@ # Apply each tag. for name, value in parsed_tags.items(): self.apply_item_tag( trans, user, item, name, value ) + def get_tags_str( self, tags ): """Build a string from an item's tags.""" # Return empty string if there are no tags. @@ -144,14 +156,17 @@ tag_str += ":" + tag.user_value tags_str_list.append( tag_str ) return ", ".join( tags_str_list ) + def get_tag_by_id( self, trans, tag_id ): """Get a Tag object from a tag id.""" return trans.sa_session.query( trans.app.model.Tag ).filter_by( id=tag_id ).first() + def get_tag_by_name( self, trans, tag_name ): """Get a Tag object from a tag name (string).""" if tag_name: return trans.sa_session.query( trans.app.model.Tag ).filter_by( name=tag_name.lower() ).first() return None + def _create_tag( self, trans, tag_str ): """Create a Tag object from a tag string.""" tag_hierarchy = tag_str.split( self.hierarchy_separator ) @@ -169,6 +184,7 @@ parent_tag = tag tag_prefix = tag.name + self.hierarchy_separator return tag + def _get_or_create_tag( self, trans, tag_str ): """Get or create a Tag object from a tag string.""" # Scrub tag; if tag is None after being scrubbed, return None. @@ -181,6 +197,7 @@ if tag is None: tag = self._create_tag( trans, scrubbed_tag_str ) return tag + def _get_item_tag_assoc( self, user, item, tag_name ): """ Return ItemTagAssociation object for a user, item, and tag string; returns None if there is @@ -191,6 +208,7 @@ if ( item_tag_assoc.user == user ) and ( item_tag_assoc.user_tname == scrubbed_tag_name ): return item_tag_assoc return None + def parse_tags( self, tag_str ): """ Returns a list of raw (tag-name, value) pairs derived from a string; method scrubs tag names and values as well. @@ -210,6 +228,7 @@ scrubbed_value = self._scrub_tag_value( nv_pair[1] ) name_value_pairs[scrubbed_name] = scrubbed_value return name_value_pairs + def _scrub_tag_value( self, value ): """Scrub a tag value.""" # Gracefully handle None: @@ -219,6 +238,7 @@ reg_exp = re.compile( '\s' ) scrubbed_value = re.sub( reg_exp, "", value ) return scrubbed_value + def _scrub_tag_name( self, name ): """Scrub a tag name.""" # Gracefully handle None: @@ -234,12 +254,14 @@ if len( scrubbed_name ) < self.min_tag_len or len( scrubbed_name ) > self.max_tag_len: return None return scrubbed_name + def _scrub_tag_name_list( self, tag_name_list ): """Scrub a tag name list.""" scrubbed_tag_list = list() for tag in tag_name_list: scrubbed_tag_list.append( self._scrub_tag_name( tag ) ) return scrubbed_tag_list + def _get_name_value_pair( self, tag_str ): """Get name, value pair from a tag string.""" # Use regular expression to parse name, value. @@ -250,6 +272,7 @@ name_value_pair.append( None ) return name_value_pair + class GalaxyTagHandler( TagHandler ): def __init__( self ): from galaxy import model @@ -271,6 +294,7 @@ model.VisualizationTagAssociation, model.VisualizationTagAssociation.table.c.visualization_id ) + class CommunityTagHandler( TagHandler ): def __init__( self ): from galaxy.webapps.tool_shed import model diff -r c53f747732a115c7ec6ed3e192bb059d12266865 -r 04a072e98658bb4a386726ece90b8efc7f6a5f69 lib/galaxy/util/json.py --- a/lib/galaxy/util/json.py +++ b/lib/galaxy/util/json.py @@ -52,7 +52,7 @@ return val -def safe_dumps(*args, **kwargs): +def safe_dumps( *args, **kwargs ): """ This is a wrapper around dumps that encodes Infinity and NaN values. It's a fairly rare case (which will be low in request volume). Basically, we tell @@ -60,10 +60,12 @@ re-encoding. """ try: - dumped = json.dumps(*args, allow_nan=False, **kwargs) + dumped = json.dumps( *args, allow_nan=False, **kwargs ) except ValueError: - obj = swap_inf_nan(copy.deepcopy(args[0])) - dumped = json.dumps(obj, allow_nan=False, **kwargs) + obj = swap_inf_nan( copy.deepcopy( args[0] ) ) + dumped = json.dumps( obj, allow_nan=False, **kwargs ) + if kwargs.get( 'escape_closing_tags', True ): + return dumped.replace( '</', '<\\/' ) return dumped diff -r c53f747732a115c7ec6ed3e192bb059d12266865 -r 04a072e98658bb4a386726ece90b8efc7f6a5f69 lib/galaxy/util/validation.py --- a/lib/galaxy/util/validation.py +++ b/lib/galaxy/util/validation.py @@ -8,8 +8,8 @@ def validate_and_sanitize_basestring( key, val ): if not isinstance( val, basestring ): - raise exceptions.RequestParameterInvalidException( '%s must be a string or unicode: %s' - % ( key, str( type( val ) ) ) ) + raise exceptions.RequestParameterInvalidException( '%s must be a string or unicode: %s' + % ( key, str( type( val ) ) ) ) return unicode( sanitize_html( val, 'utf-8', 'text/html' ), 'utf-8' ) diff -r c53f747732a115c7ec6ed3e192bb059d12266865 -r 04a072e98658bb4a386726ece90b8efc7f6a5f69 lib/galaxy/web/framework/helpers/__init__.py --- a/lib/galaxy/web/framework/helpers/__init__.py +++ b/lib/galaxy/web/framework/helpers/__init__.py @@ -111,4 +111,3 @@ Returns true if input is a boolean and true or is a string and looks like a true value. """ return val == True or val in [ 'True', 'true', 'T', 't' ] - diff -r c53f747732a115c7ec6ed3e192bb059d12266865 -r 04a072e98658bb4a386726ece90b8efc7f6a5f69 lib/galaxy/webapps/galaxy/controllers/tag.py --- a/lib/galaxy/webapps/galaxy/controllers/tag.py +++ b/lib/galaxy/webapps/galaxy/controllers/tag.py @@ -64,7 +64,7 @@ trans.log_action( user, unicode( "untag" ), context, params ) # Retag an item. All previous tags are deleted and new tags are applied. - #(a)web.expose + @web.expose @web.require_login( "Apply a new set of tags to an item; previous tags are deleted." ) def retag_async( self, trans, item_id=None, item_class=None, new_tags=None ): """ @@ -73,7 +73,7 @@ # Apply tags. item = self._get_item( trans, item_class, trans.security.decode_id( item_id ) ) user = trans.user - self.get_tag_handler( trans ).delete_item_tags( trans, item ) + self.get_tag_handler( trans ).delete_item_tags( trans, user, item ) self.get_tag_handler( trans ).apply_item_tags( trans, user, item, new_tags.encode( 'utf-8' ) ) trans.sa_session.flush() diff -r c53f747732a115c7ec6ed3e192bb059d12266865 -r 04a072e98658bb4a386726ece90b8efc7f6a5f69 templates/galaxy_client_app.mako --- a/templates/galaxy_client_app.mako +++ b/templates/galaxy_client_app.mako @@ -15,7 +15,7 @@ //TODO: global... %for key in kwargs: ( window.bootstrapped = window.bootstrapped || {} )[ '${key}' ] = ( - ${ h.dumps( kwargs[ key ], indent=( 2 if trans.debug else 0 ) )} ); + ${ h.dumps( kwargs[ key ], indent=( 2 if trans.debug else 0 ) ).replace( '</', '<\\/' ) } ); %endfor define( 'bootstrapped-data', function(){ return window.bootstrapped; @@ -76,11 +76,17 @@ user_dict = trans.user.to_dict( view='element', value_mapper={ 'id': trans.security.encode_id, 'total_disk_usage': float } ) user_dict[ 'quota_percent' ] = trans.app.quota_agent.get_percent( trans=trans ) + user_dict[ 'is_admin' ] = trans.user_is_admin() # tags used users_api_controller = trans.webapp.api_controllers[ 'users' ] - user_dict[ 'tags_used' ] = users_api_controller.get_user_tags_used( trans, user=trans.user ) - user_dict[ 'is_admin' ] = trans.user_is_admin() + tags_used = [] + for tag in users_api_controller.get_user_tags_used( trans, user=trans.user ): + tag = tag | h + if tag: + tags_used.append( tag ) + user_dict[ 'tags_used' ] = tags_used + return user_dict usage = 0 diff -r c53f747732a115c7ec6ed3e192bb059d12266865 -r 04a072e98658bb4a386726ece90b8efc7f6a5f69 templates/tagging_common.mako --- a/templates/tagging_common.mako +++ b/templates/tagging_common.mako @@ -19,7 +19,7 @@ ## Render HTML for a list of tags. <%def name="render_tagging_element_html(elt_id=None, tags=None, editable=True, use_toggle_link=True, input_size='15', in_form=False, tag_type='individual', render_add_tag_button=True)"> ## Useful attributes. - <% + <% num_tags = len( tags ) %><div class="tag-element" @@ -50,6 +50,7 @@ elif isinstance( tag, ItemTagAssociation ): tag_name = tag.user_tname tag_value = tag.user_value + ## Convert tag name, value to unicode. if isinstance( tag_name, str ): tag_name = unicode( escape( tag_name ), 'utf-8' ) @@ -61,7 +62,7 @@ tag_str = tag_name %><span class="tag-button"> - <span class="tag-name">${tag_str}</span> + <span class="tag-name">${tag_str | h}</span> %if editable: <img class="delete-tag-img" src="${h.url_for('/static/images/delete_tag_icon_gray.png')}"/> %endif @@ -186,10 +187,11 @@ ## Build dict of tag name, values. tag_names_and_values = dict() for tag in item_tags: - tag_name = tag.user_tname + tag_name = escape( tag.user_tname ) tag_value = "" if tag.value is not None: - tag_value = tag.user_value + tag_value = escape( tag.user_value ) + ## Tag names and values may be string or unicode object. if isinstance( tag_name, str ): tag_names_and_values[unicode(tag_name, 'utf-8')] = unicode(tag_value, 'utf-8') diff -r c53f747732a115c7ec6ed3e192bb059d12266865 -r 04a072e98658bb4a386726ece90b8efc7f6a5f69 templates/webapps/galaxy/galaxy.masthead.mako --- a/templates/webapps/galaxy/galaxy.masthead.mako +++ b/templates/webapps/galaxy/galaxy.masthead.mako @@ -1,32 +1,4 @@ -## get user data -<%def name="get_user_json()"> -<% - """Bootstrapping user API JSON""" - #TODO: move into common location (poss. BaseController) - if trans.user: - user_dict = trans.user.to_dict( view='element', value_mapper={ 'id': trans.security.encode_id, - 'total_disk_usage': float } ) - user_dict[ 'quota_percent' ] = trans.app.quota_agent.get_percent( trans=trans ) - users_api_controller = trans.webapp.api_controllers[ 'users' ] - user_dict[ 'tags_used' ] = users_api_controller.get_user_tags_used( trans, user=trans.user ) - user_dict[ 'is_admin' ] = trans.user_is_admin() - else: - usage = 0 - percent = None - try: - usage = trans.app.quota_agent.get_usage( trans, history=trans.history ) - percent = trans.app.quota_agent.get_percent( trans=trans, usage=usage ) - except AssertionError, assertion: - # no history for quota_agent.get_usage assertion - pass - user_dict = { - 'total_disk_usage' : int( usage ), - 'nice_total_disk_usage' : util.nice_size( usage ), - 'quota_percent' : percent - } - return user_dict -%> -</%def> +<%namespace file="/galaxy_client_app.mako" import="get_user_json" /> ## masthead head generator <%def name="load(active_view = None)"> @@ -87,7 +59,7 @@ ], function( mod_masthead, mod_menu, mod_modal, mod_frame, GalaxyUpload, user, quotameter ){ if( !Galaxy.currUser ){ // this doesn't need to wait for the page being readied - Galaxy.currUser = new user.User(${ h.dumps( get_user_json(), indent=2 ) }); + Galaxy.currUser = new user.User(${ h.dumps( masthead_config[ 'user' ][ 'json' ], indent=2 ) }); } $(function() { https://bitbucket.org/galaxy/galaxy-central/commits/123b9f6a67cc/ Changeset: 123b9f6a67cc User: carlfeberhard Date: 2014-11-25 19:22:27+00:00 Summary: merge Affected #: 8 files diff -r c0a41931fcfc00b52423667d33910eeb59cf5ac6 -r 123b9f6a67cce32f205103ee2d2a4f6ca72f6901 lib/galaxy/tags/tag_handler.py --- a/lib/galaxy/tags/tag_handler.py +++ b/lib/galaxy/tags/tag_handler.py @@ -1,5 +1,7 @@ -import re, logging -from sqlalchemy.sql.expression import func, and_ +import re +import logging +from sqlalchemy.sql.expression import func +from sqlalchemy.sql.expression import and_ from sqlalchemy.sql import select log = logging.getLogger( __name__ ) @@ -25,12 +27,15 @@ self.key_value_separators = "=:" # Initialize with known classes - add to this in subclasses. self.item_tag_assoc_info = {} + def get_tag_assoc_class( self, item_class ): """Returns tag association class for item class.""" return self.item_tag_assoc_info[item_class.__name__].tag_assoc_class + def get_id_col_in_item_tag_assoc_table( self, item_class ): """Returns item id column in class' item-tag association table.""" return self.item_tag_assoc_info[item_class.__name__].item_id_col + def get_community_tags( self, trans, item=None, limit=None ): """Returns community tags for an item.""" # Get item-tag association class. @@ -58,6 +63,7 @@ tag_id = row[0] community_tags.append( self.get_tag_by_id( trans, tag_id ) ) return community_tags + def get_tool_tags( self, trans ): result_set = trans.sa_session.execute( select( columns=[ trans.app.model.ToolTagAssociation.table.c.tag_id ], from_obj=trans.app.model.ToolTagAssociation.table ).distinct() ) @@ -67,6 +73,7 @@ tag_id = row[0] tags.append( self.get_tag_by_id( trans, tag_id ) ) return tags + def remove_item_tag( self, trans, user, item, tag_name ): """Remove a tag from an item.""" # Get item tag association. @@ -78,6 +85,7 @@ item.tags.remove( item_tag_assoc ) return True return False + def delete_item_tags( self, trans, user, item ): """Delete tags from an item.""" # Delete item-tag associations. @@ -85,6 +93,7 @@ trans.sa_session.delete( tag ) # Delete tags from item. del item.tags[:] + def item_has_tag( self, trans, user, item, tag ): """Returns true if item is has a given tag.""" # Get tag name. @@ -97,6 +106,7 @@ if item_tag_assoc: return True return False + def apply_item_tag( self, trans, user, item, name, value=None ): # Use lowercase name for searching/creating tag. lc_name = name.lower() @@ -124,6 +134,7 @@ item_tag_assoc.user_value = value item_tag_assoc.value = lc_value return item_tag_assoc + def apply_item_tags( self, trans, user, item, tags_str ): """Apply tags to an item.""" # Parse tags. @@ -131,6 +142,7 @@ # Apply each tag. for name, value in parsed_tags.items(): self.apply_item_tag( trans, user, item, name, value ) + def get_tags_str( self, tags ): """Build a string from an item's tags.""" # Return empty string if there are no tags. @@ -144,14 +156,17 @@ tag_str += ":" + tag.user_value tags_str_list.append( tag_str ) return ", ".join( tags_str_list ) + def get_tag_by_id( self, trans, tag_id ): """Get a Tag object from a tag id.""" return trans.sa_session.query( trans.app.model.Tag ).filter_by( id=tag_id ).first() + def get_tag_by_name( self, trans, tag_name ): """Get a Tag object from a tag name (string).""" if tag_name: return trans.sa_session.query( trans.app.model.Tag ).filter_by( name=tag_name.lower() ).first() return None + def _create_tag( self, trans, tag_str ): """Create a Tag object from a tag string.""" tag_hierarchy = tag_str.split( self.hierarchy_separator ) @@ -169,6 +184,7 @@ parent_tag = tag tag_prefix = tag.name + self.hierarchy_separator return tag + def _get_or_create_tag( self, trans, tag_str ): """Get or create a Tag object from a tag string.""" # Scrub tag; if tag is None after being scrubbed, return None. @@ -181,6 +197,7 @@ if tag is None: tag = self._create_tag( trans, scrubbed_tag_str ) return tag + def _get_item_tag_assoc( self, user, item, tag_name ): """ Return ItemTagAssociation object for a user, item, and tag string; returns None if there is @@ -191,6 +208,7 @@ if ( item_tag_assoc.user == user ) and ( item_tag_assoc.user_tname == scrubbed_tag_name ): return item_tag_assoc return None + def parse_tags( self, tag_str ): """ Returns a list of raw (tag-name, value) pairs derived from a string; method scrubs tag names and values as well. @@ -210,6 +228,7 @@ scrubbed_value = self._scrub_tag_value( nv_pair[1] ) name_value_pairs[scrubbed_name] = scrubbed_value return name_value_pairs + def _scrub_tag_value( self, value ): """Scrub a tag value.""" # Gracefully handle None: @@ -219,6 +238,7 @@ reg_exp = re.compile( '\s' ) scrubbed_value = re.sub( reg_exp, "", value ) return scrubbed_value + def _scrub_tag_name( self, name ): """Scrub a tag name.""" # Gracefully handle None: @@ -234,12 +254,14 @@ if len( scrubbed_name ) < self.min_tag_len or len( scrubbed_name ) > self.max_tag_len: return None return scrubbed_name + def _scrub_tag_name_list( self, tag_name_list ): """Scrub a tag name list.""" scrubbed_tag_list = list() for tag in tag_name_list: scrubbed_tag_list.append( self._scrub_tag_name( tag ) ) return scrubbed_tag_list + def _get_name_value_pair( self, tag_str ): """Get name, value pair from a tag string.""" # Use regular expression to parse name, value. @@ -250,6 +272,7 @@ name_value_pair.append( None ) return name_value_pair + class GalaxyTagHandler( TagHandler ): def __init__( self ): from galaxy import model @@ -271,6 +294,7 @@ model.VisualizationTagAssociation, model.VisualizationTagAssociation.table.c.visualization_id ) + class CommunityTagHandler( TagHandler ): def __init__( self ): from galaxy.webapps.tool_shed import model diff -r c0a41931fcfc00b52423667d33910eeb59cf5ac6 -r 123b9f6a67cce32f205103ee2d2a4f6ca72f6901 lib/galaxy/util/json.py --- a/lib/galaxy/util/json.py +++ b/lib/galaxy/util/json.py @@ -52,7 +52,7 @@ return val -def safe_dumps(*args, **kwargs): +def safe_dumps( *args, **kwargs ): """ This is a wrapper around dumps that encodes Infinity and NaN values. It's a fairly rare case (which will be low in request volume). Basically, we tell @@ -60,10 +60,12 @@ re-encoding. """ try: - dumped = json.dumps(*args, allow_nan=False, **kwargs) + dumped = json.dumps( *args, allow_nan=False, **kwargs ) except ValueError: - obj = swap_inf_nan(copy.deepcopy(args[0])) - dumped = json.dumps(obj, allow_nan=False, **kwargs) + obj = swap_inf_nan( copy.deepcopy( args[0] ) ) + dumped = json.dumps( obj, allow_nan=False, **kwargs ) + if kwargs.get( 'escape_closing_tags', True ): + return dumped.replace( '</', '<\\/' ) return dumped diff -r c0a41931fcfc00b52423667d33910eeb59cf5ac6 -r 123b9f6a67cce32f205103ee2d2a4f6ca72f6901 lib/galaxy/util/validation.py --- a/lib/galaxy/util/validation.py +++ b/lib/galaxy/util/validation.py @@ -8,8 +8,8 @@ def validate_and_sanitize_basestring( key, val ): if not isinstance( val, basestring ): - raise exceptions.RequestParameterInvalidException( '%s must be a string or unicode: %s' - % ( key, str( type( val ) ) ) ) + raise exceptions.RequestParameterInvalidException( '%s must be a string or unicode: %s' + % ( key, str( type( val ) ) ) ) return unicode( sanitize_html( val, 'utf-8', 'text/html' ), 'utf-8' ) diff -r c0a41931fcfc00b52423667d33910eeb59cf5ac6 -r 123b9f6a67cce32f205103ee2d2a4f6ca72f6901 lib/galaxy/web/framework/helpers/__init__.py --- a/lib/galaxy/web/framework/helpers/__init__.py +++ b/lib/galaxy/web/framework/helpers/__init__.py @@ -111,4 +111,3 @@ Returns true if input is a boolean and true or is a string and looks like a true value. """ return val == True or val in [ 'True', 'true', 'T', 't' ] - diff -r c0a41931fcfc00b52423667d33910eeb59cf5ac6 -r 123b9f6a67cce32f205103ee2d2a4f6ca72f6901 lib/galaxy/webapps/galaxy/controllers/tag.py --- a/lib/galaxy/webapps/galaxy/controllers/tag.py +++ b/lib/galaxy/webapps/galaxy/controllers/tag.py @@ -64,7 +64,7 @@ trans.log_action( user, unicode( "untag" ), context, params ) # Retag an item. All previous tags are deleted and new tags are applied. - #(a)web.expose + @web.expose @web.require_login( "Apply a new set of tags to an item; previous tags are deleted." ) def retag_async( self, trans, item_id=None, item_class=None, new_tags=None ): """ @@ -73,7 +73,7 @@ # Apply tags. item = self._get_item( trans, item_class, trans.security.decode_id( item_id ) ) user = trans.user - self.get_tag_handler( trans ).delete_item_tags( trans, item ) + self.get_tag_handler( trans ).delete_item_tags( trans, user, item ) self.get_tag_handler( trans ).apply_item_tags( trans, user, item, new_tags.encode( 'utf-8' ) ) trans.sa_session.flush() diff -r c0a41931fcfc00b52423667d33910eeb59cf5ac6 -r 123b9f6a67cce32f205103ee2d2a4f6ca72f6901 templates/galaxy_client_app.mako --- a/templates/galaxy_client_app.mako +++ b/templates/galaxy_client_app.mako @@ -15,7 +15,7 @@ //TODO: global... %for key in kwargs: ( window.bootstrapped = window.bootstrapped || {} )[ '${key}' ] = ( - ${ h.dumps( kwargs[ key ], indent=( 2 if trans.debug else 0 ) )} ); + ${ h.dumps( kwargs[ key ], indent=( 2 if trans.debug else 0 ) ).replace( '</', '<\\/' ) } ); %endfor define( 'bootstrapped-data', function(){ return window.bootstrapped; @@ -76,11 +76,17 @@ user_dict = trans.user.to_dict( view='element', value_mapper={ 'id': trans.security.encode_id, 'total_disk_usage': float } ) user_dict[ 'quota_percent' ] = trans.app.quota_agent.get_percent( trans=trans ) + user_dict[ 'is_admin' ] = trans.user_is_admin() # tags used users_api_controller = trans.webapp.api_controllers[ 'users' ] - user_dict[ 'tags_used' ] = users_api_controller.get_user_tags_used( trans, user=trans.user ) - user_dict[ 'is_admin' ] = trans.user_is_admin() + tags_used = [] + for tag in users_api_controller.get_user_tags_used( trans, user=trans.user ): + tag = tag | h + if tag: + tags_used.append( tag ) + user_dict[ 'tags_used' ] = tags_used + return user_dict usage = 0 diff -r c0a41931fcfc00b52423667d33910eeb59cf5ac6 -r 123b9f6a67cce32f205103ee2d2a4f6ca72f6901 templates/tagging_common.mako --- a/templates/tagging_common.mako +++ b/templates/tagging_common.mako @@ -19,7 +19,7 @@ ## Render HTML for a list of tags. <%def name="render_tagging_element_html(elt_id=None, tags=None, editable=True, use_toggle_link=True, input_size='15', in_form=False, tag_type='individual', render_add_tag_button=True)"> ## Useful attributes. - <% + <% num_tags = len( tags ) %><div class="tag-element" @@ -50,6 +50,7 @@ elif isinstance( tag, ItemTagAssociation ): tag_name = tag.user_tname tag_value = tag.user_value + ## Convert tag name, value to unicode. if isinstance( tag_name, str ): tag_name = unicode( escape( tag_name ), 'utf-8' ) @@ -61,7 +62,7 @@ tag_str = tag_name %><span class="tag-button"> - <span class="tag-name">${tag_str}</span> + <span class="tag-name">${tag_str | h}</span> %if editable: <img class="delete-tag-img" src="${h.url_for('/static/images/delete_tag_icon_gray.png')}"/> %endif @@ -186,10 +187,11 @@ ## Build dict of tag name, values. tag_names_and_values = dict() for tag in item_tags: - tag_name = tag.user_tname + tag_name = escape( tag.user_tname ) tag_value = "" if tag.value is not None: - tag_value = tag.user_value + tag_value = escape( tag.user_value ) + ## Tag names and values may be string or unicode object. if isinstance( tag_name, str ): tag_names_and_values[unicode(tag_name, 'utf-8')] = unicode(tag_value, 'utf-8') diff -r c0a41931fcfc00b52423667d33910eeb59cf5ac6 -r 123b9f6a67cce32f205103ee2d2a4f6ca72f6901 templates/webapps/galaxy/galaxy.masthead.mako --- a/templates/webapps/galaxy/galaxy.masthead.mako +++ b/templates/webapps/galaxy/galaxy.masthead.mako @@ -1,32 +1,4 @@ -## get user data -<%def name="get_user_json()"> -<% - """Bootstrapping user API JSON""" - #TODO: move into common location (poss. BaseController) - if trans.user: - user_dict = trans.user.to_dict( view='element', value_mapper={ 'id': trans.security.encode_id, - 'total_disk_usage': float } ) - user_dict[ 'quota_percent' ] = trans.app.quota_agent.get_percent( trans=trans ) - users_api_controller = trans.webapp.api_controllers[ 'users' ] - user_dict[ 'tags_used' ] = users_api_controller.get_user_tags_used( trans, user=trans.user ) - user_dict[ 'is_admin' ] = trans.user_is_admin() - else: - usage = 0 - percent = None - try: - usage = trans.app.quota_agent.get_usage( trans, history=trans.history ) - percent = trans.app.quota_agent.get_percent( trans=trans, usage=usage ) - except AssertionError, assertion: - # no history for quota_agent.get_usage assertion - pass - user_dict = { - 'total_disk_usage' : int( usage ), - 'nice_total_disk_usage' : util.nice_size( usage ), - 'quota_percent' : percent - } - return user_dict -%> -</%def> +<%namespace file="/galaxy_client_app.mako" import="get_user_json" /> ## masthead head generator <%def name="load(active_view = None)"> @@ -87,7 +59,7 @@ ], function( mod_masthead, mod_menu, mod_modal, mod_frame, GalaxyUpload, user, quotameter ){ if( !Galaxy.currUser ){ // this doesn't need to wait for the page being readied - Galaxy.currUser = new user.User(${ h.dumps( get_user_json(), indent=2 ) }); + Galaxy.currUser = new user.User(${ h.dumps( masthead_config[ 'user' ][ 'json' ], indent=2 ) }); } $(function() { Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.

1 0

commit/galaxy-central: dannon: Branch prune.
by commits-noreply＠bitbucket.org 25 Nov '14

25 Nov '14

1 new commit in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/18d438ee1c51/ Changeset: 18d438ee1c51 Branch: fix_galaxy_url_parsing User: dannon Date: 2014-11-25 19:07:34+00:00 Summary: Branch prune. Affected #: 0 files Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.

1 0