commit/galaxy-central: guerler: ToolForm: Add data collection parameter
by commits-noreplyï¼ bitbucket.org 04 Dec '14
by commits-noreplyï¼ bitbucket.org 04 Dec '14
04 Dec '14
1 new commit in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/f2e8f6fdeb72/
Changeset: f2e8f6fdeb72
User: guerler
Date: 2014-12-03 22:29:34+00:00
Summary: ToolForm: Add data collection parameter
Affected #: 7 files
diff -r caf0f2bf161d9cd6e8fe6a205c6c967d5495c0fe -r f2e8f6fdeb720a4c1d4643306f45f13bb9fc8924 client/galaxy/scripts/mvc/tools/tools-section.js
--- a/client/galaxy/scripts/mvc/tools/tools-section.js
+++ b/client/galaxy/scripts/mvc/tools/tools-section.js
@@ -307,6 +307,11 @@
field = this._fieldData(input_def);
break;
+ // collection selector
+ //case 'data_collection':
+ // field = this._fieldData(input_def);
+ // break;
+
// data column
case 'data_column':
field = this._fieldSelect(input_def);
@@ -383,6 +388,7 @@
id : 'field-' + input_def.id,
extensions : input_def.extensions,
multiple : input_def.multiple,
+ type : input_def.type,
data : input_def.options,
onchange : function() {
self.app.refresh();
diff -r caf0f2bf161d9cd6e8fe6a205c6c967d5495c0fe -r f2e8f6fdeb720a4c1d4643306f45f13bb9fc8924 client/galaxy/scripts/mvc/tools/tools-select-content.js
--- a/client/galaxy/scripts/mvc/tools/tools-select-content.js
+++ b/client/galaxy/scripts/mvc/tools/tools-select-content.js
@@ -20,15 +20,23 @@
// radio button options
var radio_buttons = [];
+ // identify selector type
+ if (options.type == 'data_collection') {
+ this.mode = 'collection';
+ } else {
+ if (options.multiple) {
+ this.mode = 'multiple';
+ } else {
+ this.mode = 'single';
+ }
+ }
+
// set initial state
- if (!options.multiple) {
- this.current = 'single';
- } else {
- this.current = 'multiple';
- }
-
+ this.current = this.mode;
+ this.list = {};
+
// add single dataset selector
- if (!options.multiple) {
+ if (this.mode == 'single') {
radio_buttons.push({icon: 'fa-file-o', label : 'Single dataset', value : 'single'});
this.select_single = new Ui.Select.View({
onchange : function() {
@@ -42,29 +50,33 @@
}
// add multiple dataset selector
- radio_buttons.push({icon: 'fa-files-o', label : 'Multiple datasets', value : 'multiple' });
- this.select_multiple = new Ui.Select.View({
- multiple : true,
- onchange : function() {
- self.trigger('change');
- }
- });
- this.list['multiple'] = {
- field: this.select_multiple,
- type : 'hda'
- };
+ if (this.mode == 'single' || this.mode == 'multiple') {
+ radio_buttons.push({icon: 'fa-files-o', label : 'Multiple datasets', value : 'multiple' });
+ this.select_multiple = new Ui.Select.View({
+ multiple : true,
+ onchange : function() {
+ self.trigger('change');
+ }
+ });
+ this.list['multiple'] = {
+ field: this.select_multiple,
+ type : 'hda'
+ };
+ }
// add collection selector
- radio_buttons.push({icon: 'fa-folder-o', label : 'List of datasets', value : 'collection' });
- this.select_collection = new Ui.Select.View({
- onchange : function() {
- self.trigger('change');
- }
- });
- this.list['collection'] = {
- field: this.select_collection,
- type : 'hdca'
- };
+ if (this.mode == 'single' || this.mode == 'collection') {
+ radio_buttons.push({icon: 'fa-folder-o', label : 'List of datasets', value : 'collection' });
+ this.select_collection = new Ui.Select.View({
+ onchange : function() {
+ self.trigger('change');
+ }
+ });
+ this.list['collection'] = {
+ field: this.select_collection,
+ type : 'hdca'
+ };
+ }
// create button
this.button_type = new Ui.RadioButton.View({
@@ -81,7 +93,9 @@
this.$batch = $(ToolTemplate.batchMode());
// add elements to dom
- this.$el.append(Utils.wrap(this.button_type.$el));
+ if (_.size(this.list) > 1) {
+ this.$el.append(Utils.wrap(this.button_type.$el));
+ }
for (var i in this.list) {
this.$el.append(this.list[i].field.$el);
}
@@ -144,8 +158,8 @@
// update selection fields
this.select_single && this.select_single.update(dataset_options);
- this.select_multiple.update(dataset_options);
- this.select_collection.update(collection_options);
+ this.select_multiple && this.select_multiple.update(dataset_options);
+ this.select_collection && this.select_collection.update(collection_options);
// add to content list
this.app.content.add(options);
@@ -167,7 +181,7 @@
this.current = 'collection';
this.select_collection.value(list[0]);
} else {
- if (list.length > 1 || this.options.multiple) {
+ if (this.mode == 'multiple') {
this.current = 'multiple';
this.select_multiple.value(list);
} else {
@@ -195,7 +209,7 @@
// prepare result dict
var result = {
- batch : !this.options.multiple && this.current != 'single',
+ batch : this.mode == 'single' && this.current != 'single',
values : []
}
@@ -227,7 +241,7 @@
$el.hide();
}
}
- if (this.current != 'single' && !this.options.multiple) {
+ if (this.mode == 'single' && this.current != 'single') {
this.$batch.show();
} else {
this.$batch.hide();
diff -r caf0f2bf161d9cd6e8fe6a205c6c967d5495c0fe -r f2e8f6fdeb720a4c1d4643306f45f13bb9fc8924 lib/galaxy/tools/parameters/basic.py
--- a/lib/galaxy/tools/parameters/basic.py
+++ b/lib/galaxy/tools/parameters/basic.py
@@ -2314,6 +2314,47 @@
return d
+ def to_dict( self, trans, view='collection', value_mapper=None, other_values=None ):
+ # create dictionary and fill default parameters
+ d = super( DataCollectionToolParameter, self ).to_dict( trans )
+ d['multiple'] = self.multiple
+ d['is_dynamic'] = False
+ d['options'] = {'hda': [], 'hdca': []}
+
+ # return default content if context is not available
+ if other_values is None:
+ return d
+
+ # prepare dataset/collection matching
+ dataset_matcher = DatasetMatcher( trans, self, None, other_values )
+ history = trans.history
+
+ # append directly matched collections
+ for hdca in self.match_collections( trans, history, dataset_matcher ):
+ d['options']['hdca'].append({
+ 'id' : trans.security.encode_id( hdca.id ),
+ 'id_uncoded' : hdca.id,
+ 'hid' : hdca.hid,
+ 'name' : hdca.name,
+ 'src' : 'hdca'
+ })
+
+ # append matching subcollections
+ for hdca in self.match_multirun_collections( trans, history, dataset_matcher ):
+ subcollection_type = self._history_query( trans ).collection_type_description.collection_type
+ d['options']['hdca'].append({
+ 'id' : trans.security.encode_id( hdca.id ),
+ 'id_uncoded' : hdca.id,
+ 'hid' : hdca.hid,
+ 'name' : hdca.name,
+ 'src' : 'hdca'
+ })
+
+ # sort both lists
+ d['options']['hdca'] = sorted(d['options']['hdca'], key=lambda k: k['hid'], reverse=True)
+
+ # return final dictionary
+ return d
class HiddenDataToolParameter( HiddenToolParameter, DataToolParameter ):
"""
diff -r caf0f2bf161d9cd6e8fe6a205c6c967d5495c0fe -r f2e8f6fdeb720a4c1d4643306f45f13bb9fc8924 static/scripts/mvc/tools/tools-section.js
--- a/static/scripts/mvc/tools/tools-section.js
+++ b/static/scripts/mvc/tools/tools-section.js
@@ -307,6 +307,11 @@
field = this._fieldData(input_def);
break;
+ // collection selector
+ //case 'data_collection':
+ // field = this._fieldData(input_def);
+ // break;
+
// data column
case 'data_column':
field = this._fieldSelect(input_def);
@@ -383,6 +388,7 @@
id : 'field-' + input_def.id,
extensions : input_def.extensions,
multiple : input_def.multiple,
+ type : input_def.type,
data : input_def.options,
onchange : function() {
self.app.refresh();
diff -r caf0f2bf161d9cd6e8fe6a205c6c967d5495c0fe -r f2e8f6fdeb720a4c1d4643306f45f13bb9fc8924 static/scripts/mvc/tools/tools-select-content.js
--- a/static/scripts/mvc/tools/tools-select-content.js
+++ b/static/scripts/mvc/tools/tools-select-content.js
@@ -20,15 +20,23 @@
// radio button options
var radio_buttons = [];
+ // identify selector type
+ if (options.type == 'data_collection') {
+ this.mode = 'collection';
+ } else {
+ if (options.multiple) {
+ this.mode = 'multiple';
+ } else {
+ this.mode = 'single';
+ }
+ }
+
// set initial state
- if (!options.multiple) {
- this.current = 'single';
- } else {
- this.current = 'multiple';
- }
-
+ this.current = this.mode;
+ this.list = {};
+
// add single dataset selector
- if (!options.multiple) {
+ if (this.mode == 'single') {
radio_buttons.push({icon: 'fa-file-o', label : 'Single dataset', value : 'single'});
this.select_single = new Ui.Select.View({
onchange : function() {
@@ -42,29 +50,33 @@
}
// add multiple dataset selector
- radio_buttons.push({icon: 'fa-files-o', label : 'Multiple datasets', value : 'multiple' });
- this.select_multiple = new Ui.Select.View({
- multiple : true,
- onchange : function() {
- self.trigger('change');
- }
- });
- this.list['multiple'] = {
- field: this.select_multiple,
- type : 'hda'
- };
+ if (this.mode == 'single' || this.mode == 'multiple') {
+ radio_buttons.push({icon: 'fa-files-o', label : 'Multiple datasets', value : 'multiple' });
+ this.select_multiple = new Ui.Select.View({
+ multiple : true,
+ onchange : function() {
+ self.trigger('change');
+ }
+ });
+ this.list['multiple'] = {
+ field: this.select_multiple,
+ type : 'hda'
+ };
+ }
// add collection selector
- radio_buttons.push({icon: 'fa-folder-o', label : 'List of datasets', value : 'collection' });
- this.select_collection = new Ui.Select.View({
- onchange : function() {
- self.trigger('change');
- }
- });
- this.list['collection'] = {
- field: this.select_collection,
- type : 'hdca'
- };
+ if (this.mode == 'single' || this.mode == 'collection') {
+ radio_buttons.push({icon: 'fa-folder-o', label : 'List of datasets', value : 'collection' });
+ this.select_collection = new Ui.Select.View({
+ onchange : function() {
+ self.trigger('change');
+ }
+ });
+ this.list['collection'] = {
+ field: this.select_collection,
+ type : 'hdca'
+ };
+ }
// create button
this.button_type = new Ui.RadioButton.View({
@@ -81,7 +93,9 @@
this.$batch = $(ToolTemplate.batchMode());
// add elements to dom
- this.$el.append(Utils.wrap(this.button_type.$el));
+ if (_.size(this.list) > 1) {
+ this.$el.append(Utils.wrap(this.button_type.$el));
+ }
for (var i in this.list) {
this.$el.append(this.list[i].field.$el);
}
@@ -144,8 +158,8 @@
// update selection fields
this.select_single && this.select_single.update(dataset_options);
- this.select_multiple.update(dataset_options);
- this.select_collection.update(collection_options);
+ this.select_multiple && this.select_multiple.update(dataset_options);
+ this.select_collection && this.select_collection.update(collection_options);
// add to content list
this.app.content.add(options);
@@ -167,7 +181,7 @@
this.current = 'collection';
this.select_collection.value(list[0]);
} else {
- if (list.length > 1 || this.options.multiple) {
+ if (this.mode == 'multiple') {
this.current = 'multiple';
this.select_multiple.value(list);
} else {
@@ -195,7 +209,7 @@
// prepare result dict
var result = {
- batch : !this.options.multiple && this.current != 'single',
+ batch : this.mode == 'single' && this.current != 'single',
values : []
}
@@ -227,7 +241,7 @@
$el.hide();
}
}
- if (this.current != 'single' && !this.options.multiple) {
+ if (this.mode == 'single' && this.current != 'single') {
this.$batch.show();
} else {
this.$batch.hide();
diff -r caf0f2bf161d9cd6e8fe6a205c6c967d5495c0fe -r f2e8f6fdeb720a4c1d4643306f45f13bb9fc8924 static/scripts/packed/mvc/tools/tools-section.js
--- a/static/scripts/packed/mvc/tools/tools-section.js
+++ b/static/scripts/packed/mvc/tools/tools-section.js
@@ -1,1 +1,1 @@
-define(["utils/utils","mvc/ui/ui-table","mvc/ui/ui-misc","mvc/tools/tools-repeat","mvc/tools/tools-select-content","mvc/tools/tools-input"],function(d,b,g,c,a,e){var f=Backbone.View.extend({initialize:function(i,h){this.app=i;this.inputs=h.inputs;h.cls_tr="section-row";this.table=new b.View(h);this.setElement(this.table.$el);this.render()},render:function(){this.table.delAll();for(var h in this.inputs){this._add(this.inputs[h])}},_add:function(j){var i=this;var h=jQuery.extend(true,{},j);h.id=j.id=d.uuid();this.app.input_list[h.id]=h;var k=h.type;switch(k){case"conditional":this._addConditional(h);break;case"repeat":this._addRepeat(h);break;default:this._addRow(h)}},_addConditional:function(h){var j=this;h.test_param.id=h.id;var m=this._addRow(h.test_param);m.options.onchange=function(t){var p=j.app.tree.matchCase(h,t);for(var r in h.cases){var w=h.cases[r];var u=h.id+"-section-"+r;var o=j.table.get(u);var v=false;for(var q in w.inputs){var s=w.inputs[q].type;if(s&&s!=="hidden"){v=true;break}}if(r==p&&v){o.fadeIn("fast")}else{o.hide()}}j.app.refresh()};for(var l in h.cases){var k=h.id+"-section-"+l;var n=new f(this.app,{inputs:h.cases[l].inputs,cls:"ui-table-plain"});n.$el.addClass("ui-table-form-section");this.table.add(n.$el);this.table.append(k)}m.trigger("change")},_addRepeat:function(o){var r=this;var p=0;function m(i,t){var s=o.id+"-section-"+(p++);var u=null;if(t){u=function(){k.del(s);k.retitle(o.title);r.app.rebuild();r.app.refresh()}}var v=new f(r.app,{inputs:i,cls:"ui-table-plain"});k.add({id:s,title:o.title,$el:v.$el,ondel:u});k.retitle(o.title)}var k=new c.View({title_new:o.title,max:o.max,onnew:function(){m(o.inputs,true);r.app.rebuild();r.app.refresh()}});var h=o.min;var q=_.size(o.cache);for(var l=0;l<Math.max(q,h);l++){var n=null;if(l<q){n=o.cache[l]}else{n=o.inputs}m(n,l>=h)}var j=new e(this.app,{label:o.title,help:o.help,field:k});j.$el.addClass("ui-table-form-section");this.table.add(j.$el);this.table.append(o.id)},_addRow:function(h){var k=h.id;var i=this._createField(h);if(h.is_dynamic){this.app.is_dynamic=true}this.app.field_list[k]=i;var j=new e(this.app,{label:h.label,optional:h.optional,help:h.help,field:i});this.app.element_list[k]=j;this.table.add(j.$el);this.table.append(k);return i},_createField:function(h){var i=null;switch(h.type){case"text":i=this._fieldText(h);break;case"select":i=this._fieldSelect(h);break;case"data":i=this._fieldData(h);break;case"data_column":i=this._fieldSelect(h);break;case"hidden":i=this._fieldHidden(h);break;case"integer":i=this._fieldSlider(h);break;case"float":i=this._fieldSlider(h);break;case"boolean":i=this._fieldBoolean(h);break;case"genomebuild":h.searchable=true;i=this._fieldSelect(h);break;case"drill_down":i=this._fieldDrilldown(h);break;case"baseurl":i=this._fieldHidden(h);break;default:this.app.incompatible=true;if(h.options){i=this._fieldSelect(h)}else{i=this._fieldText(h)}console.debug("tools-form::_addRow() : Auto matched field type ("+h.type+").")}if(h.value!==undefined){i.value(h.value)}return i},_fieldData:function(h){var i=this;return new a.View(this.app,{id:"field-"+h.id,extensions:h.extensions,multiple:h.multiple,data:h.options,onchange:function(){i.app.refresh()}})},_fieldSelect:function(h){var k=[];for(var l in h.options){var m=h.options[l];k.push({label:m[0],value:m[1]})}var n=g.Select;switch(h.display){case"checkboxes":n=g.Checkbox;break;case"radio":n=g.Radio;break}var j=this;return new n.View({id:"field-"+h.id,data:k,multiple:h.multiple,searchable:h.searchable,onchange:function(){j.app.refresh()}})},_fieldDrilldown:function(h){var i=this;return new g.Drilldown.View({id:"field-"+h.id,data:h.options,display:h.display,onchange:function(){i.app.refresh()}})},_fieldText:function(h){var i=this;return new g.Input({id:"field-"+h.id,area:h.area,onchange:function(){i.app.refresh()}})},_fieldSlider:function(h){return new g.Slider.View({id:"field-"+h.id,precise:h.type=="float",min:h.min,max:h.max})},_fieldHidden:function(h){return new g.Hidden({id:"field-"+h.id})},_fieldBoolean:function(h){return new g.RadioButton.View({id:"field-"+h.id,data:[{label:"Yes",value:"true"},{label:"No",value:"false"}]})}});return{View:f}});
\ No newline at end of file
+define(["utils/utils","mvc/ui/ui-table","mvc/ui/ui-misc","mvc/tools/tools-repeat","mvc/tools/tools-select-content","mvc/tools/tools-input"],function(d,b,g,c,a,e){var f=Backbone.View.extend({initialize:function(i,h){this.app=i;this.inputs=h.inputs;h.cls_tr="section-row";this.table=new b.View(h);this.setElement(this.table.$el);this.render()},render:function(){this.table.delAll();for(var h in this.inputs){this._add(this.inputs[h])}},_add:function(j){var i=this;var h=jQuery.extend(true,{},j);h.id=j.id=d.uuid();this.app.input_list[h.id]=h;var k=h.type;switch(k){case"conditional":this._addConditional(h);break;case"repeat":this._addRepeat(h);break;default:this._addRow(h)}},_addConditional:function(h){var j=this;h.test_param.id=h.id;var m=this._addRow(h.test_param);m.options.onchange=function(t){var p=j.app.tree.matchCase(h,t);for(var r in h.cases){var w=h.cases[r];var u=h.id+"-section-"+r;var o=j.table.get(u);var v=false;for(var q in w.inputs){var s=w.inputs[q].type;if(s&&s!=="hidden"){v=true;break}}if(r==p&&v){o.fadeIn("fast")}else{o.hide()}}j.app.refresh()};for(var l in h.cases){var k=h.id+"-section-"+l;var n=new f(this.app,{inputs:h.cases[l].inputs,cls:"ui-table-plain"});n.$el.addClass("ui-table-form-section");this.table.add(n.$el);this.table.append(k)}m.trigger("change")},_addRepeat:function(o){var r=this;var p=0;function m(i,t){var s=o.id+"-section-"+(p++);var u=null;if(t){u=function(){k.del(s);k.retitle(o.title);r.app.rebuild();r.app.refresh()}}var v=new f(r.app,{inputs:i,cls:"ui-table-plain"});k.add({id:s,title:o.title,$el:v.$el,ondel:u});k.retitle(o.title)}var k=new c.View({title_new:o.title,max:o.max,onnew:function(){m(o.inputs,true);r.app.rebuild();r.app.refresh()}});var h=o.min;var q=_.size(o.cache);for(var l=0;l<Math.max(q,h);l++){var n=null;if(l<q){n=o.cache[l]}else{n=o.inputs}m(n,l>=h)}var j=new e(this.app,{label:o.title,help:o.help,field:k});j.$el.addClass("ui-table-form-section");this.table.add(j.$el);this.table.append(o.id)},_addRow:function(h){var k=h.id;var i=this._createField(h);if(h.is_dynamic){this.app.is_dynamic=true}this.app.field_list[k]=i;var j=new e(this.app,{label:h.label,optional:h.optional,help:h.help,field:i});this.app.element_list[k]=j;this.table.add(j.$el);this.table.append(k);return i},_createField:function(h){var i=null;switch(h.type){case"text":i=this._fieldText(h);break;case"select":i=this._fieldSelect(h);break;case"data":i=this._fieldData(h);break;case"data_column":i=this._fieldSelect(h);break;case"hidden":i=this._fieldHidden(h);break;case"integer":i=this._fieldSlider(h);break;case"float":i=this._fieldSlider(h);break;case"boolean":i=this._fieldBoolean(h);break;case"genomebuild":h.searchable=true;i=this._fieldSelect(h);break;case"drill_down":i=this._fieldDrilldown(h);break;case"baseurl":i=this._fieldHidden(h);break;default:this.app.incompatible=true;if(h.options){i=this._fieldSelect(h)}else{i=this._fieldText(h)}console.debug("tools-form::_addRow() : Auto matched field type ("+h.type+").")}if(h.value!==undefined){i.value(h.value)}return i},_fieldData:function(h){var i=this;return new a.View(this.app,{id:"field-"+h.id,extensions:h.extensions,multiple:h.multiple,type:h.type,data:h.options,onchange:function(){i.app.refresh()}})},_fieldSelect:function(h){var k=[];for(var l in h.options){var m=h.options[l];k.push({label:m[0],value:m[1]})}var n=g.Select;switch(h.display){case"checkboxes":n=g.Checkbox;break;case"radio":n=g.Radio;break}var j=this;return new n.View({id:"field-"+h.id,data:k,multiple:h.multiple,searchable:h.searchable,onchange:function(){j.app.refresh()}})},_fieldDrilldown:function(h){var i=this;return new g.Drilldown.View({id:"field-"+h.id,data:h.options,display:h.display,onchange:function(){i.app.refresh()}})},_fieldText:function(h){var i=this;return new g.Input({id:"field-"+h.id,area:h.area,onchange:function(){i.app.refresh()}})},_fieldSlider:function(h){return new g.Slider.View({id:"field-"+h.id,precise:h.type=="float",min:h.min,max:h.max})},_fieldHidden:function(h){return new g.Hidden({id:"field-"+h.id})},_fieldBoolean:function(h){return new g.RadioButton.View({id:"field-"+h.id,data:[{label:"Yes",value:"true"},{label:"No",value:"false"}]})}});return{View:f}});
\ No newline at end of file
diff -r caf0f2bf161d9cd6e8fe6a205c6c967d5495c0fe -r f2e8f6fdeb720a4c1d4643306f45f13bb9fc8924 static/scripts/packed/mvc/tools/tools-select-content.js
--- a/static/scripts/packed/mvc/tools/tools-select-content.js
+++ b/static/scripts/packed/mvc/tools/tools-select-content.js
@@ -1,1 +1,1 @@
-define(["utils/utils","mvc/ui/ui-misc","mvc/ui/ui-tabs","mvc/tools/tools-template"],function(c,e,b,a){var d=Backbone.View.extend({initialize:function(k,g){this.app=k;this.options=g;var f=this;this.setElement("<div/>");this.list={};var j=[];if(!g.multiple){this.current="single"}else{this.current="multiple"}if(!g.multiple){j.push({icon:"fa-file-o",label:"Single dataset",value:"single"});this.select_single=new e.Select.View({onchange:function(){f.trigger("change")}});this.list.single={field:this.select_single,type:"hda"}}j.push({icon:"fa-files-o",label:"Multiple datasets",value:"multiple"});this.select_multiple=new e.Select.View({multiple:true,onchange:function(){f.trigger("change")}});this.list.multiple={field:this.select_multiple,type:"hda"};j.push({icon:"fa-folder-o",label:"List of datasets",value:"collection"});this.select_collection=new e.Select.View({onchange:function(){f.trigger("change")}});this.list.collection={field:this.select_collection,type:"hdca"};this.button_type=new e.RadioButton.View({value:this.current,data:j,onchange:function(i){f.current=i;f.refresh();f.trigger("change")}});this.$batch=$(a.batchMode());this.$el.append(c.wrap(this.button_type.$el));for(var h in this.list){this.$el.append(this.list[h].field.$el)}this.$el.append(this.$batch);this.update(g.data);if(this.options.value!==undefined){this.value(this.options.value)}this.refresh();this.on("change",function(){if(g.onchange){g.onchange(f.value())}})},wait:function(){for(var f in this.list){this.list[f].field.wait()}},unwait:function(){for(var f in this.list){this.list[f].field.unwait()}},update:function(g){var l=[];for(var j in g.hda){var k=g.hda[j];l.push({label:k.hid+": "+k.name,value:k.id})}var f=[];for(var j in g.hdca){var h=g.hdca[j];f.push({label:h.hid+": "+h.name,value:h.id})}this.select_single&&this.select_single.update(l);this.select_multiple.update(l);this.select_collection.update(f);this.app.content.add(g)},value:function(m){if(m&&m.values){try{var l=[];for(var h in m.values){l.push(m.values[h].id)}if(m&&m.values.length>0&&m.values[0].src=="hcda"){this.current="collection";this.select_collection.value(l[0])}else{if(l.length>1||this.options.multiple){this.current="multiple";this.select_multiple.value(l)}else{this.current="single";this.select_single.value(l[0])}}this.refresh();var g=this._select();if(!g.validate()){g.value(g.first())}}catch(k){console.debug("tools-select-content::value() - Skipped.")}}var j=this._select().value();if(!(j instanceof Array)){j=[j]}var f={batch:!this.options.multiple&&this.current!="single",values:[]};for(var h in j){f.values.push({id:j[h],src:this.list[this.current].type})}return f},validate:function(){return this._select().validate()},refresh:function(){for(var g in this.list){var f=this.list[g].field.$el;if(this.current==g){f.show()}else{f.hide()}}if(this.current!="single"&&!this.options.multiple){this.$batch.show()}else{this.$batch.hide()}},_select:function(){return this.list[this.current].field}});return{View:d}});
\ No newline at end of file
+define(["utils/utils","mvc/ui/ui-misc","mvc/ui/ui-tabs","mvc/tools/tools-template"],function(c,e,b,a){var d=Backbone.View.extend({initialize:function(k,g){this.app=k;this.options=g;var f=this;this.setElement("<div/>");this.list={};var j=[];if(g.type=="data_collection"){this.mode="collection"}else{if(g.multiple){this.mode="multiple"}else{this.mode="single"}}this.current=this.mode;this.list={};if(this.mode=="single"){j.push({icon:"fa-file-o",label:"Single dataset",value:"single"});this.select_single=new e.Select.View({onchange:function(){f.trigger("change")}});this.list.single={field:this.select_single,type:"hda"}}if(this.mode=="single"||this.mode=="multiple"){j.push({icon:"fa-files-o",label:"Multiple datasets",value:"multiple"});this.select_multiple=new e.Select.View({multiple:true,onchange:function(){f.trigger("change")}});this.list.multiple={field:this.select_multiple,type:"hda"}}if(this.mode=="single"||this.mode=="collection"){j.push({icon:"fa-folder-o",label:"List of datasets",value:"collection"});this.select_collection=new e.Select.View({onchange:function(){f.trigger("change")}});this.list.collection={field:this.select_collection,type:"hdca"}}this.button_type=new e.RadioButton.View({value:this.current,data:j,onchange:function(i){f.current=i;f.refresh();f.trigger("change")}});this.$batch=$(a.batchMode());if(_.size(this.list)>1){this.$el.append(c.wrap(this.button_type.$el))}for(var h in this.list){this.$el.append(this.list[h].field.$el)}this.$el.append(this.$batch);this.update(g.data);if(this.options.value!==undefined){this.value(this.options.value)}this.refresh();this.on("change",function(){if(g.onchange){g.onchange(f.value())}})},wait:function(){for(var f in this.list){this.list[f].field.wait()}},unwait:function(){for(var f in this.list){this.list[f].field.unwait()}},update:function(g){var l=[];for(var j in g.hda){var k=g.hda[j];l.push({label:k.hid+": "+k.name,value:k.id})}var f=[];for(var j in g.hdca){var h=g.hdca[j];f.push({label:h.hid+": "+h.name,value:h.id})}this.select_single&&this.select_single.update(l);this.select_multiple&&this.select_multiple.update(l);this.select_collection&&this.select_collection.update(f);this.app.content.add(g)},value:function(m){if(m&&m.values){try{var l=[];for(var h in m.values){l.push(m.values[h].id)}if(m&&m.values.length>0&&m.values[0].src=="hcda"){this.current="collection";this.select_collection.value(l[0])}else{if(this.mode=="multiple"){this.current="multiple";this.select_multiple.value(l)}else{this.current="single";this.select_single.value(l[0])}}this.refresh();var g=this._select();if(!g.validate()){g.value(g.first())}}catch(k){console.debug("tools-select-content::value() - Skipped.")}}var j=this._select().value();if(!(j instanceof Array)){j=[j]}var f={batch:this.mode=="single"&&this.current!="single",values:[]};for(var h in j){f.values.push({id:j[h],src:this.list[this.current].type})}return f},validate:function(){return this._select().validate()},refresh:function(){for(var g in this.list){var f=this.list[g].field.$el;if(this.current==g){f.show()}else{f.hide()}}if(this.mode=="single"&&this.current!="single"){this.$batch.show()}else{this.$batch.hide()}},_select:function(){return this.list[this.current].field}});return{View:d}});
\ No newline at end of file
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
1
0
2 new commits in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/06d53d20887d/
Changeset: 06d53d20887d
Branch: next-stable
User: dan
Date: 2014-12-03 21:52:56+00:00
Summary: Fix for DynamicOptions AdditionalValueFilter when columns have not been assigned and to give value preference over name.
Affected #: 1 file
diff -r 4b6b1d2d740732a982c922b264d2027ed2c90370 -r 06d53d20887d55bf27f412c2248741e940d5424f lib/galaxy/tools/parameters/dynamic_options.py
--- a/lib/galaxy/tools/parameters/dynamic_options.py
+++ b/lib/galaxy/tools/parameters/dynamic_options.py
@@ -301,8 +301,11 @@
add_value = []
for i in range( self.dynamic_option.largest_index + 1 ):
add_value.append( "" )
- add_value[self.dynamic_option.columns['value']] = self.value
- add_value[self.dynamic_option.columns['name']] = self.name
+ value_col = self.dynamic_option.columns.get( 'value', 0 )
+ name_col = self.dynamic_option.columns.get( 'name', value_col )
+ # Set name first, then value, in case they are the same column
+ add_value[ name_col ] = self.name
+ add_value[ value_col ] = self.value
if self.index is not None:
rval.insert( self.index, add_value )
else:
https://bitbucket.org/galaxy/galaxy-central/commits/caf0f2bf161d/
Changeset: caf0f2bf161d
User: dan
Date: 2014-12-03 21:54:10+00:00
Summary: merge
Affected #: 0 files
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
1
0
commit/galaxy-central: dan: Fix for DynamicOptions AdditionalValueFilter when columns have not been assigned and to give value preference over name.
by commits-noreplyï¼ bitbucket.org 04 Dec '14
by commits-noreplyï¼ bitbucket.org 04 Dec '14
04 Dec '14
1 new commit in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/c85032480141/
Changeset: c85032480141
User: dan
Date: 2014-12-03 21:52:56+00:00
Summary: Fix for DynamicOptions AdditionalValueFilter when columns have not been assigned and to give value preference over name.
Affected #: 1 file
diff -r 37cf9cd764fa3a306e5a74ec05ddfe4046060ae7 -r c85032480141d4280903fc11382e38e9176f39b0 lib/galaxy/tools/parameters/dynamic_options.py
--- a/lib/galaxy/tools/parameters/dynamic_options.py
+++ b/lib/galaxy/tools/parameters/dynamic_options.py
@@ -301,8 +301,11 @@
add_value = []
for i in range( self.dynamic_option.largest_index + 1 ):
add_value.append( "" )
- add_value[self.dynamic_option.columns['value']] = self.value
- add_value[self.dynamic_option.columns['name']] = self.name
+ value_col = self.dynamic_option.columns.get( 'value', 0 )
+ name_col = self.dynamic_option.columns.get( 'name', value_col )
+ # Set name first, then value, in case they are the same column
+ add_value[ name_col ] = self.name
+ add_value[ value_col ] = self.value
if self.index is not None:
rval.insert( self.index, add_value )
else:
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
1
0
commit/galaxy-central: jmchilton: Small tweak to DataCollectionToolParameter interface for uniformity with DataToolParameter.
by commits-noreplyï¼ bitbucket.org 04 Dec '14
by commits-noreplyï¼ bitbucket.org 04 Dec '14
04 Dec '14
1 new commit in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/37cf9cd764fa/
Changeset: 37cf9cd764fa
User: jmchilton
Date: 2014-12-03 21:34:00+00:00
Summary: Small tweak to DataCollectionToolParameter interface for uniformity with DataToolParameter.
Affected #: 1 file
diff -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 -r 37cf9cd764fa3a306e5a74ec05ddfe4046060ae7 lib/galaxy/tools/parameters/basic.py
--- a/lib/galaxy/tools/parameters/basic.py
+++ b/lib/galaxy/tools/parameters/basic.py
@@ -2222,6 +2222,10 @@
raise ValueError( "History does not include a dataset collection of the correct type or containing the correct types of datasets" )
if value in [None, "None"]:
return None
+ # would really like to not need to handle lists in here but
+ # doing it for uniformity with DataToolParameters for now.
+ if isinstance( value, list ):
+ value = value[ 0 ]
if isinstance( value, str ) and value.find( "," ) > 0:
value = [ int( value_part ) for value_part in value.split( "," ) ]
elif isinstance( value, trans.app.model.HistoryDatasetCollectionAssociation ):
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
1
0
04 Dec '14
Branch: refs/heads/master
Home: https://github.com/galaxyproject/usegalaxy-playbook
Commit: bf3e33ebe79612a317eace809ba1a71c32390f76
https://github.com/galaxyproject/usegalaxy-playbook/commit/bf3e33ebe79612a3…
Author: Nate Coraor <nate(a)bx.psu.edu>
Date: 2014-12-03 (Wed, 03 Dec 2014)
Changed paths:
M files/galaxy/test.galaxyproject.org/var/shed_tool_conf.xml
Log Message:
-----------
Install Guru's rhmm tool on Test.
1
0
Branch: refs/heads/master
Home: https://github.com/galaxyproject/usegalaxy-playbook
Commit: a4d7d206a9fba51bb975863201bc8ffda81d0d5a
https://github.com/galaxyproject/usegalaxy-playbook/commit/a4d7d206a9fba51b…
Author: Nate Coraor <nate(a)bx.psu.edu>
Date: 2014-12-03 (Wed, 03 Dec 2014)
Changed paths:
M files/galaxy/test.galaxyproject.org/var/integrated_tool_panel.xml
M files/galaxy/test.galaxyproject.org/var/shed_tool_conf.xml
M stage/group_vars/all.yml
Log Message:
-----------
Update Test
Commit: 5755dc1564f69a276a9a3b57f4d1ee840e17097e
https://github.com/galaxyproject/usegalaxy-playbook/commit/5755dc1564f69a27…
Author: Nate Coraor <nate(a)bx.psu.edu>
Date: 2014-12-03 (Wed, 03 Dec 2014)
Changed paths:
M production/group_vars/all.yml
Log Message:
-----------
Update Main.
Compare: https://github.com/galaxyproject/usegalaxy-playbook/compare/ecd10db580aa...…
1
0
commit/galaxy-central: dannon: Merged in martenson/galaxy-central-marten/stable (pull request #585)
by commits-noreplyï¼ bitbucket.org 04 Dec '14
by commits-noreplyï¼ bitbucket.org 04 Dec '14
04 Dec '14
1 new commit in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/0e663285c743/
Changeset: 0e663285c743
Branch: stable
User: dannon
Date: 2014-12-03 19:15:51+00:00
Summary: Merged in martenson/galaxy-central-marten/stable (pull request #585)
[STABLE] propagate the commit of 795336f22d8b94b86256b1d4738ee1bf24e18b57 that is already in next-stable to the stable
Affected #: 18 files
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/forms/create_form.mako
--- a/templates/admin/forms/create_form.mako
+++ b/templates/admin/forms/create_form.mako
@@ -9,7 +9,7 @@
<div class="toolFormTitle">Create a new form definition</div>
%for label, input in inputs:
<div class="form-row">
- <label>${label}</label>
+ <label>${label | h}</label>
${input.get_html()}
<div style="clear: both"></div></div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/forms/edit_form_definition.mako
--- a/templates/admin/forms/edit_form_definition.mako
+++ b/templates/admin/forms/edit_form_definition.mako
@@ -96,14 +96,14 @@
<form id="edit_form_definition" name="edit_form_definition" action="${h.url_for( controller='forms', action='edit_form_definition', id=trans.security.encode_id( form_definition.current.id ) )}" method="post" ><div class="toolForm">
- <div class="toolFormTitle">Edit form definition "${form_definition.name}" (${form_definition.type})</div>
+ <div class="toolFormTitle">Edit form definition "${form_definition.name | h}" (${form_definition.type | h})</div>
%if response_redirect:
<input type="hidden" name="response_redirect" value="${response_redirect}" size="40" />
%endif
%for label, input in form_details:
<div class="form-row">
%if label != 'Type':
- <label>${label}</label>
+ <label>${label | h}</label>
%endif
<div style="float: left; width: 250px; margin-right: 10px;">
${input.get_html()}
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/request_type/common.mako
--- a/templates/admin/request_type/common.mako
+++ b/templates/admin/request_type/common.mako
@@ -2,7 +2,7 @@
<div class="repeat-group-item"><div class="form-row"><label>${1+element_count}. State name:</label>
- <input type="text" name="state_name_${element_count}" value="${state_name}" size="40"/>
+ <input type="text" name="state_name_${element_count}" value="${state_name | h}" size="40"/>
## Do not show remove button for the first state
%if element_count > 0:
<input type="submit" name="remove_state_button" value="Remove state ${1+element_count}"/>
@@ -10,7 +10,7 @@
</div><div class="form-row"><label>Description:</label>
- <input type="text" name="state_desc_${element_count}" value="${state_desc}" size="40"/>
+ <input type="text" name="state_desc_${element_count}" value="${state_desc | h}" size="40"/><div class="toolParamHelp" style="clear: both;">
optional
</div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/request_type/create_request_type.mako
--- a/templates/admin/request_type/create_request_type.mako
+++ b/templates/admin/request_type/create_request_type.mako
@@ -23,7 +23,7 @@
<div class="toolFormTitle">Create a new request type</div>
%for rt_info in rt_info_widgets:
<div class="form-row">
- <label>${rt_info['label']}</label>
+ <label>${rt_info['label'] | h}</label><div style="float: left; width: 250px; margin-right: 10px;">
${rt_info['widget'].get_html()}
</div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/request_type/edit_request_type.mako
--- a/templates/admin/request_type/edit_request_type.mako
+++ b/templates/admin/request_type/edit_request_type.mako
@@ -32,26 +32,26 @@
<form name="edit_request_type" action="${h.url_for( controller='request_type', action='edit_request_type', id=trans.security.encode_id( request_type.id ) )}" method="post" ><div class="toolForm">
- <div class="toolFormTitle">"Edit ${request_type.name}" request type</div>
+ <div class="toolFormTitle">"Edit ${request_type.name | h}" request type</div><div class="form-row"><label>Name:</label>
- <input type="text" name="name" value="${request_type.name}" size="40"/>
+ <input type="text" name="name" value="${request_type.name | }" size="40"/><div style="clear: both"></div></div><div class="form-row"><label>Description:</label>
- <input type="text" name="desc" value="${request_type.desc}" size="40"/>
+ <input type="text" name="desc" value="${request_type.desc | h}" size="40"/><div style="clear: both"></div></div><div class="form-row"><label>Sequencing request form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name | h}</a>
## Hidden field needed by the __save_request_type() method
<input type="hidden" name="request_form_id" value="${trans.security.encode_id( request_type.request_form_id )}" size="40"/></div><div class="form-row"><label>Sample form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name | h}</a>
## Hidden field needed by the __save_request_type() method
<input type="hidden" name="sample_form_id" value="${trans.security.encode_id( request_type.sample_form_id )}" size="40"/></div>
@@ -63,11 +63,11 @@
<div class="repeat-group-item"><div class="form-row"><label>${1+element_count}. State name:</label>
- <input type="text" name="state_name_${trans.security.encode_id( state.id )}" value="${state.name}" size="40"/>
+ <input type="text" name="state_name_${trans.security.encode_id( state.id )}" value="${state.name | h}" size="40"/></div><div class="form-row"><label>Description:</label>
- <input type="text" name="state_desc_${trans.security.encode_id( state.id )}" value="${state.desc}" size="40"/>
+ <input type="text" name="state_desc_${trans.security.encode_id( state.id )}" value="${state.desc | h}" size="40"/><div class="toolParamHelp" style="clear: both;">
optional
</div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/request_type/request_type_permissions.mako
--- a/templates/admin/request_type/request_type_permissions.mako
+++ b/templates/admin/request_type/request_type_permissions.mako
@@ -48,7 +48,7 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">Manage access permissions on request type "${request_type.name}"</div>
+ <div class="toolFormTitle">Manage access permissions on request type "${request_type.name | h}"</div><div class="toolFormBody"><form name="request_type_permissions" id="request_type_permissions" action="${h.url_for( controller='request_type', action='request_type_permissions', id=trans.security.encode_id( request_type.id ) )}" method="post"><div class="form-row">
@@ -65,13 +65,13 @@
in_roles.add( a.role )
out_roles = filter( lambda x: x not in in_roles, all_roles )
%>
- ${action.description}<br/><br/>
+ ${action.description | h}<br/><br/><div style="width: 100%; white-space: nowrap;"><div style="float: left; width: 50%;">
Roles associated:<br/><select name="${action_key}_in" id="${action_key}_in_select" class="in_select" style="max-width: 98%; width: 98%; height: 150px; font-size: 100%;" multiple>
%for role in in_roles:
- <option value="${role.id}">${role.name}</option>
+ <option value="${role.id}">${role.name | h}</option>
%endfor
</select><br/><div style="width: 98%; text-align: right"><input type="submit" id="${action_key}_remove_button" class="role_remove_button" value=">>"/></div>
@@ -80,7 +80,7 @@
Roles not associated:<br/><select name="${action_key}_out" id="${action_key}_out_select" style="max-width: 98%; width: 98%; height: 150px; font-size: 100%;" multiple>
%for role in out_roles:
- <option value="${role.id}">${role.name}</option>
+ <option value="${role.id}">${role.name | h}</option>
%endfor
</select><br/><input type="submit" id="${action_key}_add_button" class="role_add_button" value="<<"/>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/request_type/view_request_type.mako
--- a/templates/admin/request_type/view_request_type.mako
+++ b/templates/admin/request_type/view_request_type.mako
@@ -30,24 +30,24 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">"${request_type.name}" request type</div>
+ <div class="toolFormTitle">"${request_type.name | h}" request type</div><div class="form-row"><label>Name:</label>
- ${request_type.name}
+ ${request_type.name | h}
<div style="clear: both"></div></div><div class="form-row"><label>Description:</label>
- ${request_type.desc}
+ ${request_type.desc | h}
<div style="clear: both"></div></div><div class="form-row"><label>Sequencing request form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name | h}</a></div><div class="form-row"><label>Sample form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name | h}</a></div></div><p/>
@@ -55,8 +55,8 @@
<div class="toolFormTitle">Sample states defined for this request type</div>
%for state in request_type.states:
<div class="form-row">
- <label>${state.name}</label>
- ${state.desc}
+ <label>${state.name | h}</label>
+ ${state.desc | h}
</div><div style="clear: both"></div>
%endfor
@@ -67,8 +67,8 @@
%if request_type.external_services:
%for index, external_service in enumerate( request_type.external_services ):
<div class="form-row">
- <label><a href="${h.url_for( controller='external_service', action='view_external_service', id=trans.security.encode_id( external_service.id ) )}">${external_service.name}</a></label>
- ${external_service.get_external_service_type( trans ).name}
+ <label><a href="${h.url_for( controller='external_service', action='view_external_service', id=trans.security.encode_id( external_service.id ) )}">${external_service.name | h}</a></label>
+ ${external_service.get_external_service_type( trans ).name | h}
</div>
%endfor
%else:
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/requests/reject.mako
--- a/templates/admin/requests/reject.mako
+++ b/templates/admin/requests/reject.mako
@@ -15,7 +15,7 @@
</ul><div class="toolForm">
- <div class="toolFormTitle">Reject sequencing request "${request.name}"</div>
+ <div class="toolFormTitle">Reject sequencing request "${request.name | h}"</div><form name="event" action="${h.url_for( controller='requests_admin', action='reject_request', id=trans.security.encode_id( request.id ) )}" method="post" ><div class="form-row">
Rejecting this request will move the request state to <b>Rejected</b>.
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/requests/rename_datasets.mako
--- a/templates/admin/requests/rename_datasets.mako
+++ b/templates/admin/requests/rename_datasets.mako
@@ -3,7 +3,7 @@
<% from galaxy.webapps.galaxy.controllers.requests_admin import build_rename_datasets_for_sample_select_field %>
-<h3>Rename datasets for Sample "${sample.name}"</h3>
+<h3>Rename datasets for Sample "${sample.name | h}"</h3><ul class="manage-table-actions"><li><a class="action-button" href="${h.url_for( controller='requests_admin', action='manage_datasets', sample_id=trans.security.encode_id( sample.id ) )}">Browse datasets</a></li>
@@ -35,7 +35,7 @@
${rename_datasets_for_sample_select_field.get_html()}
</td><td>
- <input type="text" name="new_name_${trans.security.encode_id( sample_dataset.id ) }" value="${sample_dataset.name}" size="100"/>
+ <input type="text" name="new_name_${trans.security.encode_id( sample_dataset.id ) }" value="${sample_dataset.name | h}" size="100"/></td><td>${sample_dataset.file_path}</td></tr>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/requests/view_sample_dataset.mako
--- a/templates/admin/requests/view_sample_dataset.mako
+++ b/templates/admin/requests/view_sample_dataset.mako
@@ -21,19 +21,19 @@
</ul><div class="toolForm">
- <div class="toolFormTitle">"${sample.name}" Dataset</div>
+ <div class="toolFormTitle">"${sample.name | h}" Dataset</div><div class="toolFormBody"><div class="form-row"><label>Name:</label><div style="float: left; width: 250px; margin-right: 10px;">
- ${sample_dataset.name}
+ ${sample_dataset.name | h}
</div><div style="clear: both"></div></div><div class="form-row"><label>External service:</label><div style="float: left; width: 250px; margin-right: 10px;">
- ${sample_dataset.external_service.name} (${sample_dataset.external_service.get_external_service_type( trans ).name})
+ ${sample_dataset.external_service.name | h} (${sample_dataset.external_service.get_external_service_type( trans ).name | h})
</div><div style="clear: both"></div></div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/common.mako
--- a/templates/webapps/galaxy/requests/common/common.mako
+++ b/templates/webapps/galaxy/requests/common/common.mako
@@ -257,18 +257,18 @@
<td valign="top"><input type="checkbox" name=select_sample_${sample.id} id="sample_checkbox" value="true" ${checked_str}/><input type="hidden" name=select_sample_${sample.id} id="sample_checkbox" value="true"/></td>
%endif
<td valign="top">
- <input type="text" name="sample_${sample_widget_index}_name" value="${sample_widget['name']}" size="10"/>
+ <input type="text" name="sample_${sample_widget_index}_name" value="${sample_widget['name'] | h}" size="10"/><div class="toolParamHelp" style="clear: both;">
- <i>${' (required)' }</i>
+ <i>(required)</i></div></td>
%if display_bar_code:
<td valign="top">
%if is_admin and is_submitted:
- <input type="text" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code']}" size="10"/>
+ <input type="text" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code'] | h}" size="10"/>
%else:
- ${sample_widget['bar_code']}
- <input type="hidden" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code']}"/>
+ ${sample_widget['bar_code'] | h}
+ <input type="hidden" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code'] | h}"/>
%endif
</td>
%endif
@@ -416,7 +416,7 @@
transferred_dataset_files = []
%><div style="float: left; margin-left: 2px;" class="menubutton split popup" id="sample-${sample.id}-popup">
- <a class="view-info" href="${h.url_for( controller='requests_common', action='view_sample', cntrller=cntrller, id=trans.security.encode_id( sample.id ) )}">${sample.name}</a>
+ <a class="view-info" href="${h.url_for( controller='requests_common', action='view_sample', cntrller=cntrller, id=trans.security.encode_id( sample.id ) )}">${sample.name | h}</a></div><div popupmenu="sample-${sample.id}-popup">
%if can_select_datasets:
@@ -439,11 +439,11 @@
%endif
</div>
%else:
- ${sample_widget_name}
+ ${sample_widget_name | h}
%endif
</td>
%if display_bar_code:
- <td>${sample_widget_bar_code}</td>
+ <td>${sample_widget_bar_code | h}</td>
%endif
%if is_unsubmitted:
<td>Unsubmitted</td>
@@ -451,12 +451,12 @@
<td><a id="sampleState-${sample.id}" href="${h.url_for( controller='requests_common', action='view_sample_history', cntrller=cntrller, sample_id=trans.security.encode_id( sample.id ) )}">${render_sample_state( sample )}</a></td>
%endif
%if sample_widget_library and library_cntrller is not None:
- <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=library_cntrller, id=trans.security.encode_id( sample_widget_library.id ) )}">${sample_widget_library.name}</a></td>
+ <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=library_cntrller, id=trans.security.encode_id( sample_widget_library.id ) )}">${sample_widget_library.name | h}</a></td>
%else:
<td></td>
%endif
%if sample_widget_folder:
- <td>${sample_widget_folder.name}</td>
+ <td>${sample_widget_folder.name | h}</td>
%else:
<td></td>
%endif
@@ -464,11 +464,11 @@
%if trans.user == sample_widget_history.user:
<td><a target='_parent' href="${h.url_for( controller='history', action='list', operation="Switch", id=trans.security.encode_id(sample_widget_history.id), use_panels=False )}">
- ${sample_widget_history.name}
+ ${sample_widget_history.name | h}
</a></td>
%else:
- <td>${sample_widget_history.name}</td>
+ <td>${sample_widget_history.name | h}</td>
%endif
%else:
<td></td>
@@ -477,11 +477,11 @@
%if trans.user == sample_widget_workflow.stored_workflow.user:
<td><a target='_parent' href="${h.url_for( controller='workflow', action='editor', id=trans.security.encode_id(sample_widget_workflow.stored_workflow.id) )}">
- ${sample_widget_workflow.name}
+ ${sample_widget_workflow.name | h}
</a></td>
%else:
- <td>${sample_widget_workflow.name}</td>
+ <td>${sample_widget_workflow.name | h}</td>
%endif
%else:
<td></td>
@@ -519,7 +519,7 @@
<%def name="render_sample_form( index, sample_name, sample_values, fields_dict, display_only )"><tr>
- <td>${sample_name}</td>
+ <td>${sample_name | h}</td>
%for field_index, field in fields_dict.items():
<%
field_type = field[ 'type' ]
@@ -532,17 +532,17 @@
%if field_type == 'WorkflowField':
%if str( field_value ) != 'none':
<% workflow = trans.sa_session.query( trans.app.model.StoredWorkflow ).get( int( field_value ) ) %>
- <a href="${h.url_for( controller='workflow', action='run', id=trans.security.encode_id( workflow.id ) )}">${workflow.name}</a>
+ <a href="${h.url_for( controller='workflow', action='run', id=trans.security.encode_id( workflow.id ) )}">${workflow.name | h}</a>
%endif
%else:
- ${field_value}
+ ${field_value | h}
%endif
%else:
<i>None</i>
%endif
%else:
%if field_type == 'TextField':
- <input type="text" name="sample_${index}_field_${field_index}" value="${field_value}" size="7"/>
+ <input type="text" name="sample_${index}_field_${field_index}" value="${field_value | h}" size="7"/>
%elif field_type == 'SelectField':
<select name="sample_${index}_field_${field_index}" last_selected_value="2">
%for option_index, option in enumerate(field[ 'selectlist' ]):
@@ -695,7 +695,7 @@
%if is_admin:
<span class="expandLink dataset-${dataset}-click"><span class="rowIcon"></span><div style="float: left; margin-left: 2px;" class="menubutton split popup" id="dataset-${dataset.id}-popup">
- <a class="dataset-${encoded_id}-click" href="${h.url_for( controller='requests_admin', action='manage_datasets', operation='view', id=trans.security.encode_id( dataset.id ) )}">${dataset.name}</a>
+ <a class="dataset-${encoded_id}-click" href="${h.url_for( controller='requests_admin', action='manage_datasets', operation='view', id=trans.security.encode_id( dataset.id ) )}">${dataset.name | h}</a></div></span><div popupmenu="dataset-${dataset.id}-popup">
@@ -704,12 +704,12 @@
%endif
</div>
%else:
- ${dataset.name}
+ ${dataset.name | h}
%endif
</td><td>${dataset.size}</td>
- <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=cntrller, id=trans.security.encode_id( sample.library.id ) )}">${dataset.sample.library.name}</a></td>
- <td>${dataset.sample.folder.name}</td>
+ <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=cntrller, id=trans.security.encode_id( sample.library.id ) )}">${dataset.sample.library.name | h}</a></td>
+ <td>${dataset.sample.folder.name | h}</td><td id="datasetTransferStatus-${encoded_id}">${dataset.status}</td></tr>
%endfor
@@ -723,7 +723,7 @@
<%def name="render_samples_messages( request, is_admin=False, is_submitted=False, message=None, status=None)">
%if request.is_rejected:
<div class='errormessage'>
- ${request.last_comment}
+ ${request.last_comment | h}
</div><br/>
%endif
%if is_admin and is_submitted and request.samples_without_library_destinations:
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/create_request.mako
--- a/templates/webapps/galaxy/requests/common/create_request.mako
+++ b/templates/webapps/galaxy/requests/common/create_request.mako
@@ -23,7 +23,7 @@
<div class="toolForm"><div class="toolFormTitle">Create a new sequencing request</div>
%if len( request_type_select_field.options ) < 1:
- There are no request types available for ${trans.user.email} to create sequencing requests.
+ There are no request types available for ${trans.user.email | h} to create sequencing requests.
%else:
<div class="toolFormBody"><form name="create_request" id="create_request" action="${h.url_for( controller='requests_common', action='create_request', cntrller=cntrller )}" method="post" >
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/edit_basic_request_info.mako
--- a/templates/webapps/galaxy/requests/common/edit_basic_request_info.mako
+++ b/templates/webapps/galaxy/requests/common/edit_basic_request_info.mako
@@ -31,7 +31,7 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">Edit sequencing request "${request.name}"</div>
+ <div class="toolFormTitle">Edit sequencing request "${request.name | h}"</div><div class="toolFormBody"><form name="edit_basic_request_info" id="edit_basic_request_info" action="${h.url_for( controller='requests_common', action='edit_basic_request_info', cntrller=cntrller, id=trans.security.encode_id( request.id ) )}" method="post" >
%for i, field in enumerate( widgets ):
@@ -70,11 +70,11 @@
%><div class="form-row"><label>Send to:</label>
- <input type="checkbox" name="email_address" value="true" ${email_address}>${request.user.email} (sequencing request owner)<input type="hidden" name="email_address" value="true">
+ <input type="checkbox" name="email_address" value="true" ${email_address}>${request.user.email | h} (sequencing request owner)<input type="hidden" name="email_address" value="true"></div><div class="form-row"><label>Additional email addresses:</label>
- <textarea name="additional_email_addresses" rows="3" cols="40">${emails}</textarea>
+ <textarea name="additional_email_addresses" rows="3" cols="40">${emails | h}</textarea><div class="toolParamHelp" style="clear: both;">
Enter one email address per line
</div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/find_samples.mako
--- a/templates/webapps/galaxy/requests/common/find_samples.mako
+++ b/templates/webapps/galaxy/requests/common/find_samples.mako
@@ -72,7 +72,7 @@
%if samples:
%for sample in samples:
<div class="form-row">
- Sample: <b>${sample.name}</b> | Barcode: ${sample.bar_code}<br/>
+ Sample: <b>${sample.name | h}</b> | Barcode: ${sample.bar_code | h}<br/>
%if sample.request.is_new or not sample.state:
State: Unsubmitted<br/>
%else:
@@ -85,10 +85,10 @@
%>
Datasets: <a href="${h.url_for( controller='requests_common', action='view_sample_datasets', cntrller=cntrller, external_service_id=trans.security.encode_id( external_service.id ), sample_id=trans.security.encode_id( sample.id ) )}">${len( sample.datasets )}</a><br/>
%if is_admin:
- <i>User: ${sample.request.user.email}</i>
+ <i>User: ${sample.request.user.email | h}</i>
%endif
<div class="toolParamHelp" style="clear: both;">
- <a href="${h.url_for( controller='requests_common', action='view_request', cntrller=cntrller, id=trans.security.encode_id( sample.request.id ) )}">Sequencing request: ${sample.request.name} | Type: ${sample.request.type.name} | State: ${sample.request.state}</a>
+ <a href="${h.url_for( controller='requests_common', action='view_request', cntrller=cntrller, id=trans.security.encode_id( sample.request.id ) )}">Sequencing request: ${sample.request.name | h} | Type: ${sample.request.type.name} | State: ${sample.request.state}</a></div></div><br/>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/view_request.mako
--- a/templates/webapps/galaxy/requests/common/view_request.mako
+++ b/templates/webapps/galaxy/requests/common/view_request.mako
@@ -58,7 +58,7 @@
${render_samples_messages(request, is_admin, is_submitted, message, status)}
<div class="toolForm">
- <div class="toolFormTitle">Sequencing request "${request.name}"</div>
+ <div class="toolFormTitle">Sequencing request "${request.name | h}"</div><div class="toolFormBody"><div class="form-row"><label>Current state:</label>
@@ -67,12 +67,12 @@
</div><div class="form-row"><label>Description:</label>
- ${request.desc}
+ ${request.desc | h}
<div style="clear: both"></div></div><div class="form-row"><label>User:</label>
- ${request.user.email}
+ ${request.user.email | h}
<div style="clear: both"></div></div><div class="form-row">
@@ -94,7 +94,7 @@
%><div class="form-row"><label>${field_label}:</label>
- ${field_value}
+ ${field_value | h}
</div><div style="clear: both"></div>
%endfor
@@ -116,7 +116,7 @@
else:
emails = ''
%>
- ${emails}
+ ${emails | h}
<div style="clear: both"></div></div><div class="form-row">
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/view_request_history.mako
--- a/templates/webapps/galaxy/requests/common/view_request_history.mako
+++ b/templates/webapps/galaxy/requests/common/view_request_history.mako
@@ -36,7 +36,7 @@
${render_msg( message, status )}
%endif
-<h3>History of sequencing request "${request.name}"</h3>
+<h3>History of sequencing request "${request.name | h}"</h3><div class="toolForm"><table class="grid">
@@ -52,7 +52,7 @@
<tr><td><b>${event.state}</b></td><td>${time_ago( event.update_time )}</td>
- <td>${event.comment}</td>
+ <td>${event.comment | h}</td></tr>
%endfor
</tbody>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/view_sample.mako
--- a/templates/webapps/galaxy/requests/common/view_sample.mako
+++ b/templates/webapps/galaxy/requests/common/view_sample.mako
@@ -6,7 +6,7 @@
%if external_service:
<p><div class="toolForm">
- <div class="toolFormTitle">Available External Service Actions for ${sample.name} at ${external_service.name}</div>
+ <div class="toolFormTitle">Available External Service Actions for ${sample.name | h} at ${external_service.name | h}</div><div class="toolFormBody"><div class="toolMenu">
%for item in external_service.actions:
@@ -25,7 +25,7 @@
<div class="form-row"><div class="toolSectionList"><div class="toolSectionTitle">
- <span>${external_service_group.label}</span>
+ <span>${external_service_group.label | h}</span></div><div class="toolSectionBody"><div class="toolSectionBg">
@@ -54,7 +54,7 @@
target = 'galaxy_main'
%><div class="toolTitle">
- <a href="${external_service_action.get_action_access_link( trans )}" target="${target}">${external_service_action.label}</a>
+ <a href="${external_service_action.get_action_access_link( trans )}" target="${target}">${external_service_action.label | h}</a></div></%def>
@@ -75,38 +75,38 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">Sample "${sample.name}"</div>
+ <div class="toolFormTitle">Sample "${sample.name | h}"</div><div class="toolFormBody"><div class="form-row"><label>Name:</label>
- ${sample.name}
+ ${sample.name | h}
<div style="clear: both"></div></div><div class="form-row"><label>Description:</label>
- ${sample.desc}
+ ${sample.desc | h}
<div style="clear: both"></div></div><div class="form-row"><label>Barcode:</label>
- ${sample.bar_code}
+ ${sample.bar_code | h}
<div style="clear: both"></div></div>
%if sample.library:
<div class="form-row"><label>Library:</label>
- ${sample.library.name}
+ ${sample.library.name | h}
<div style="clear: both"></div></div><div class="form-row"><label>Folder:</label>
- ${sample.folder.name}
+ ${sample.folder.name | h}
<div style="clear: both"></div></div>
%endif
<div class="form-row"><label>Request:</label>
- ${sample.request.name}
+ ${sample.request.name | h}
<div style="clear: both"></div></div></div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/view_sample_history.mako
--- a/templates/webapps/galaxy/requests/common/view_sample_history.mako
+++ b/templates/webapps/galaxy/requests/common/view_sample_history.mako
@@ -12,7 +12,7 @@
${render_msg( message, status )}
%endif
-<h3>History of sample "${sample.name}"</h3>
+<h3>History of sample "${sample.name | h}"</h3><div class="toolForm"><table class="grid">
@@ -27,10 +27,10 @@
<tbody>
%for event in sample.events:
<tr>
- <td><b>${event.state.name}</b></td>
- <td>${event.state.desc}</td>
+ <td><b>${event.state.name | h}</b></td>
+ <td>${event.state.desc | h}</td><td>${time_ago( event.update_time )}</td>
- <td>${event.comment}</td>
+ <td>${event.comment | h}</td></tr>
%endfor
</tbody>
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
1
0
2 new commits in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/5f61882fd1c1/
Changeset: 5f61882fd1c1
Branch: stable
User: martenson
Date: 2014-12-03 18:29:03+00:00
Summary: propagate the commit of 795336f22d8b94b86256b1d4738ee1bf24e18b57 that is already in next-stable to the stable
original commit msg:
none of the requests & forms controllers used escaping so I escaped the variables exclusively in the templates
Affected #: 18 files
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/admin/forms/create_form.mako
--- a/templates/admin/forms/create_form.mako
+++ b/templates/admin/forms/create_form.mako
@@ -9,7 +9,7 @@
<div class="toolFormTitle">Create a new form definition</div>
%for label, input in inputs:
<div class="form-row">
- <label>${label}</label>
+ <label>${label | h}</label>
${input.get_html()}
<div style="clear: both"></div></div>
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/admin/forms/edit_form_definition.mako
--- a/templates/admin/forms/edit_form_definition.mako
+++ b/templates/admin/forms/edit_form_definition.mako
@@ -96,14 +96,14 @@
<form id="edit_form_definition" name="edit_form_definition" action="${h.url_for( controller='forms', action='edit_form_definition', id=trans.security.encode_id( form_definition.current.id ) )}" method="post" ><div class="toolForm">
- <div class="toolFormTitle">Edit form definition "${form_definition.name}" (${form_definition.type})</div>
+ <div class="toolFormTitle">Edit form definition "${form_definition.name | h}" (${form_definition.type | h})</div>
%if response_redirect:
<input type="hidden" name="response_redirect" value="${response_redirect}" size="40" />
%endif
%for label, input in form_details:
<div class="form-row">
%if label != 'Type':
- <label>${label}</label>
+ <label>${label | h}</label>
%endif
<div style="float: left; width: 250px; margin-right: 10px;">
${input.get_html()}
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/admin/request_type/common.mako
--- a/templates/admin/request_type/common.mako
+++ b/templates/admin/request_type/common.mako
@@ -2,7 +2,7 @@
<div class="repeat-group-item"><div class="form-row"><label>${1+element_count}. State name:</label>
- <input type="text" name="state_name_${element_count}" value="${state_name}" size="40"/>
+ <input type="text" name="state_name_${element_count}" value="${state_name | h}" size="40"/>
## Do not show remove button for the first state
%if element_count > 0:
<input type="submit" name="remove_state_button" value="Remove state ${1+element_count}"/>
@@ -10,7 +10,7 @@
</div><div class="form-row"><label>Description:</label>
- <input type="text" name="state_desc_${element_count}" value="${state_desc}" size="40"/>
+ <input type="text" name="state_desc_${element_count}" value="${state_desc | h}" size="40"/><div class="toolParamHelp" style="clear: both;">
optional
</div>
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/admin/request_type/create_request_type.mako
--- a/templates/admin/request_type/create_request_type.mako
+++ b/templates/admin/request_type/create_request_type.mako
@@ -23,7 +23,7 @@
<div class="toolFormTitle">Create a new request type</div>
%for rt_info in rt_info_widgets:
<div class="form-row">
- <label>${rt_info['label']}</label>
+ <label>${rt_info['label'] | h}</label><div style="float: left; width: 250px; margin-right: 10px;">
${rt_info['widget'].get_html()}
</div>
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/admin/request_type/edit_request_type.mako
--- a/templates/admin/request_type/edit_request_type.mako
+++ b/templates/admin/request_type/edit_request_type.mako
@@ -32,26 +32,26 @@
<form name="edit_request_type" action="${h.url_for( controller='request_type', action='edit_request_type', id=trans.security.encode_id( request_type.id ) )}" method="post" ><div class="toolForm">
- <div class="toolFormTitle">"Edit ${request_type.name}" request type</div>
+ <div class="toolFormTitle">"Edit ${request_type.name | h}" request type</div><div class="form-row"><label>Name:</label>
- <input type="text" name="name" value="${request_type.name}" size="40"/>
+ <input type="text" name="name" value="${request_type.name | }" size="40"/><div style="clear: both"></div></div><div class="form-row"><label>Description:</label>
- <input type="text" name="desc" value="${request_type.desc}" size="40"/>
+ <input type="text" name="desc" value="${request_type.desc | h}" size="40"/><div style="clear: both"></div></div><div class="form-row"><label>Sequencing request form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name | h}</a>
## Hidden field needed by the __save_request_type() method
<input type="hidden" name="request_form_id" value="${trans.security.encode_id( request_type.request_form_id )}" size="40"/></div><div class="form-row"><label>Sample form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name | h}</a>
## Hidden field needed by the __save_request_type() method
<input type="hidden" name="sample_form_id" value="${trans.security.encode_id( request_type.sample_form_id )}" size="40"/></div>
@@ -63,11 +63,11 @@
<div class="repeat-group-item"><div class="form-row"><label>${1+element_count}. State name:</label>
- <input type="text" name="state_name_${trans.security.encode_id( state.id )}" value="${state.name}" size="40"/>
+ <input type="text" name="state_name_${trans.security.encode_id( state.id )}" value="${state.name | h}" size="40"/></div><div class="form-row"><label>Description:</label>
- <input type="text" name="state_desc_${trans.security.encode_id( state.id )}" value="${state.desc}" size="40"/>
+ <input type="text" name="state_desc_${trans.security.encode_id( state.id )}" value="${state.desc | h}" size="40"/><div class="toolParamHelp" style="clear: both;">
optional
</div>
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/admin/request_type/request_type_permissions.mako
--- a/templates/admin/request_type/request_type_permissions.mako
+++ b/templates/admin/request_type/request_type_permissions.mako
@@ -48,7 +48,7 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">Manage access permissions on request type "${request_type.name}"</div>
+ <div class="toolFormTitle">Manage access permissions on request type "${request_type.name | h}"</div><div class="toolFormBody"><form name="request_type_permissions" id="request_type_permissions" action="${h.url_for( controller='request_type', action='request_type_permissions', id=trans.security.encode_id( request_type.id ) )}" method="post"><div class="form-row">
@@ -65,13 +65,13 @@
in_roles.add( a.role )
out_roles = filter( lambda x: x not in in_roles, all_roles )
%>
- ${action.description}<br/><br/>
+ ${action.description | h}<br/><br/><div style="width: 100%; white-space: nowrap;"><div style="float: left; width: 50%;">
Roles associated:<br/><select name="${action_key}_in" id="${action_key}_in_select" class="in_select" style="max-width: 98%; width: 98%; height: 150px; font-size: 100%;" multiple>
%for role in in_roles:
- <option value="${role.id}">${role.name}</option>
+ <option value="${role.id}">${role.name | h}</option>
%endfor
</select><br/><div style="width: 98%; text-align: right"><input type="submit" id="${action_key}_remove_button" class="role_remove_button" value=">>"/></div>
@@ -80,7 +80,7 @@
Roles not associated:<br/><select name="${action_key}_out" id="${action_key}_out_select" style="max-width: 98%; width: 98%; height: 150px; font-size: 100%;" multiple>
%for role in out_roles:
- <option value="${role.id}">${role.name}</option>
+ <option value="${role.id}">${role.name | h}</option>
%endfor
</select><br/><input type="submit" id="${action_key}_add_button" class="role_add_button" value="<<"/>
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/admin/request_type/view_request_type.mako
--- a/templates/admin/request_type/view_request_type.mako
+++ b/templates/admin/request_type/view_request_type.mako
@@ -30,24 +30,24 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">"${request_type.name}" request type</div>
+ <div class="toolFormTitle">"${request_type.name | h}" request type</div><div class="form-row"><label>Name:</label>
- ${request_type.name}
+ ${request_type.name | h}
<div style="clear: both"></div></div><div class="form-row"><label>Description:</label>
- ${request_type.desc}
+ ${request_type.desc | h}
<div style="clear: both"></div></div><div class="form-row"><label>Sequencing request form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name | h}</a></div><div class="form-row"><label>Sample form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name | h}</a></div></div><p/>
@@ -55,8 +55,8 @@
<div class="toolFormTitle">Sample states defined for this request type</div>
%for state in request_type.states:
<div class="form-row">
- <label>${state.name}</label>
- ${state.desc}
+ <label>${state.name | h}</label>
+ ${state.desc | h}
</div><div style="clear: both"></div>
%endfor
@@ -67,8 +67,8 @@
%if request_type.external_services:
%for index, external_service in enumerate( request_type.external_services ):
<div class="form-row">
- <label><a href="${h.url_for( controller='external_service', action='view_external_service', id=trans.security.encode_id( external_service.id ) )}">${external_service.name}</a></label>
- ${external_service.get_external_service_type( trans ).name}
+ <label><a href="${h.url_for( controller='external_service', action='view_external_service', id=trans.security.encode_id( external_service.id ) )}">${external_service.name | h}</a></label>
+ ${external_service.get_external_service_type( trans ).name | h}
</div>
%endfor
%else:
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/admin/requests/reject.mako
--- a/templates/admin/requests/reject.mako
+++ b/templates/admin/requests/reject.mako
@@ -15,7 +15,7 @@
</ul><div class="toolForm">
- <div class="toolFormTitle">Reject sequencing request "${request.name}"</div>
+ <div class="toolFormTitle">Reject sequencing request "${request.name | h}"</div><form name="event" action="${h.url_for( controller='requests_admin', action='reject_request', id=trans.security.encode_id( request.id ) )}" method="post" ><div class="form-row">
Rejecting this request will move the request state to <b>Rejected</b>.
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/admin/requests/rename_datasets.mako
--- a/templates/admin/requests/rename_datasets.mako
+++ b/templates/admin/requests/rename_datasets.mako
@@ -3,7 +3,7 @@
<% from galaxy.webapps.galaxy.controllers.requests_admin import build_rename_datasets_for_sample_select_field %>
-<h3>Rename datasets for Sample "${sample.name}"</h3>
+<h3>Rename datasets for Sample "${sample.name | h}"</h3><ul class="manage-table-actions"><li><a class="action-button" href="${h.url_for( controller='requests_admin', action='manage_datasets', sample_id=trans.security.encode_id( sample.id ) )}">Browse datasets</a></li>
@@ -35,7 +35,7 @@
${rename_datasets_for_sample_select_field.get_html()}
</td><td>
- <input type="text" name="new_name_${trans.security.encode_id( sample_dataset.id ) }" value="${sample_dataset.name}" size="100"/>
+ <input type="text" name="new_name_${trans.security.encode_id( sample_dataset.id ) }" value="${sample_dataset.name | h}" size="100"/></td><td>${sample_dataset.file_path}</td></tr>
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/admin/requests/view_sample_dataset.mako
--- a/templates/admin/requests/view_sample_dataset.mako
+++ b/templates/admin/requests/view_sample_dataset.mako
@@ -21,19 +21,19 @@
</ul><div class="toolForm">
- <div class="toolFormTitle">"${sample.name}" Dataset</div>
+ <div class="toolFormTitle">"${sample.name | h}" Dataset</div><div class="toolFormBody"><div class="form-row"><label>Name:</label><div style="float: left; width: 250px; margin-right: 10px;">
- ${sample_dataset.name}
+ ${sample_dataset.name | h}
</div><div style="clear: both"></div></div><div class="form-row"><label>External service:</label><div style="float: left; width: 250px; margin-right: 10px;">
- ${sample_dataset.external_service.name} (${sample_dataset.external_service.get_external_service_type( trans ).name})
+ ${sample_dataset.external_service.name | h} (${sample_dataset.external_service.get_external_service_type( trans ).name | h})
</div><div style="clear: both"></div></div>
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/webapps/galaxy/requests/common/common.mako
--- a/templates/webapps/galaxy/requests/common/common.mako
+++ b/templates/webapps/galaxy/requests/common/common.mako
@@ -257,18 +257,18 @@
<td valign="top"><input type="checkbox" name=select_sample_${sample.id} id="sample_checkbox" value="true" ${checked_str}/><input type="hidden" name=select_sample_${sample.id} id="sample_checkbox" value="true"/></td>
%endif
<td valign="top">
- <input type="text" name="sample_${sample_widget_index}_name" value="${sample_widget['name']}" size="10"/>
+ <input type="text" name="sample_${sample_widget_index}_name" value="${sample_widget['name'] | h}" size="10"/><div class="toolParamHelp" style="clear: both;">
- <i>${' (required)' }</i>
+ <i>(required)</i></div></td>
%if display_bar_code:
<td valign="top">
%if is_admin and is_submitted:
- <input type="text" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code']}" size="10"/>
+ <input type="text" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code'] | h}" size="10"/>
%else:
- ${sample_widget['bar_code']}
- <input type="hidden" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code']}"/>
+ ${sample_widget['bar_code'] | h}
+ <input type="hidden" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code'] | h}"/>
%endif
</td>
%endif
@@ -416,7 +416,7 @@
transferred_dataset_files = []
%><div style="float: left; margin-left: 2px;" class="menubutton split popup" id="sample-${sample.id}-popup">
- <a class="view-info" href="${h.url_for( controller='requests_common', action='view_sample', cntrller=cntrller, id=trans.security.encode_id( sample.id ) )}">${sample.name}</a>
+ <a class="view-info" href="${h.url_for( controller='requests_common', action='view_sample', cntrller=cntrller, id=trans.security.encode_id( sample.id ) )}">${sample.name | h}</a></div><div popupmenu="sample-${sample.id}-popup">
%if can_select_datasets:
@@ -439,11 +439,11 @@
%endif
</div>
%else:
- ${sample_widget_name}
+ ${sample_widget_name | h}
%endif
</td>
%if display_bar_code:
- <td>${sample_widget_bar_code}</td>
+ <td>${sample_widget_bar_code | h}</td>
%endif
%if is_unsubmitted:
<td>Unsubmitted</td>
@@ -451,12 +451,12 @@
<td><a id="sampleState-${sample.id}" href="${h.url_for( controller='requests_common', action='view_sample_history', cntrller=cntrller, sample_id=trans.security.encode_id( sample.id ) )}">${render_sample_state( sample )}</a></td>
%endif
%if sample_widget_library and library_cntrller is not None:
- <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=library_cntrller, id=trans.security.encode_id( sample_widget_library.id ) )}">${sample_widget_library.name}</a></td>
+ <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=library_cntrller, id=trans.security.encode_id( sample_widget_library.id ) )}">${sample_widget_library.name | h}</a></td>
%else:
<td></td>
%endif
%if sample_widget_folder:
- <td>${sample_widget_folder.name}</td>
+ <td>${sample_widget_folder.name | h}</td>
%else:
<td></td>
%endif
@@ -464,11 +464,11 @@
%if trans.user == sample_widget_history.user:
<td><a target='_parent' href="${h.url_for( controller='history', action='list', operation="Switch", id=trans.security.encode_id(sample_widget_history.id), use_panels=False )}">
- ${sample_widget_history.name}
+ ${sample_widget_history.name | h}
</a></td>
%else:
- <td>${sample_widget_history.name}</td>
+ <td>${sample_widget_history.name | h}</td>
%endif
%else:
<td></td>
@@ -477,11 +477,11 @@
%if trans.user == sample_widget_workflow.stored_workflow.user:
<td><a target='_parent' href="${h.url_for( controller='workflow', action='editor', id=trans.security.encode_id(sample_widget_workflow.stored_workflow.id) )}">
- ${sample_widget_workflow.name}
+ ${sample_widget_workflow.name | h}
</a></td>
%else:
- <td>${sample_widget_workflow.name}</td>
+ <td>${sample_widget_workflow.name | h}</td>
%endif
%else:
<td></td>
@@ -519,7 +519,7 @@
<%def name="render_sample_form( index, sample_name, sample_values, fields_dict, display_only )"><tr>
- <td>${sample_name}</td>
+ <td>${sample_name | h}</td>
%for field_index, field in fields_dict.items():
<%
field_type = field[ 'type' ]
@@ -532,17 +532,17 @@
%if field_type == 'WorkflowField':
%if str( field_value ) != 'none':
<% workflow = trans.sa_session.query( trans.app.model.StoredWorkflow ).get( int( field_value ) ) %>
- <a href="${h.url_for( controller='workflow', action='run', id=trans.security.encode_id( workflow.id ) )}">${workflow.name}</a>
+ <a href="${h.url_for( controller='workflow', action='run', id=trans.security.encode_id( workflow.id ) )}">${workflow.name | h}</a>
%endif
%else:
- ${field_value}
+ ${field_value | h}
%endif
%else:
<i>None</i>
%endif
%else:
%if field_type == 'TextField':
- <input type="text" name="sample_${index}_field_${field_index}" value="${field_value}" size="7"/>
+ <input type="text" name="sample_${index}_field_${field_index}" value="${field_value | h}" size="7"/>
%elif field_type == 'SelectField':
<select name="sample_${index}_field_${field_index}" last_selected_value="2">
%for option_index, option in enumerate(field[ 'selectlist' ]):
@@ -695,7 +695,7 @@
%if is_admin:
<span class="expandLink dataset-${dataset}-click"><span class="rowIcon"></span><div style="float: left; margin-left: 2px;" class="menubutton split popup" id="dataset-${dataset.id}-popup">
- <a class="dataset-${encoded_id}-click" href="${h.url_for( controller='requests_admin', action='manage_datasets', operation='view', id=trans.security.encode_id( dataset.id ) )}">${dataset.name}</a>
+ <a class="dataset-${encoded_id}-click" href="${h.url_for( controller='requests_admin', action='manage_datasets', operation='view', id=trans.security.encode_id( dataset.id ) )}">${dataset.name | h}</a></div></span><div popupmenu="dataset-${dataset.id}-popup">
@@ -704,12 +704,12 @@
%endif
</div>
%else:
- ${dataset.name}
+ ${dataset.name | h}
%endif
</td><td>${dataset.size}</td>
- <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=cntrller, id=trans.security.encode_id( sample.library.id ) )}">${dataset.sample.library.name}</a></td>
- <td>${dataset.sample.folder.name}</td>
+ <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=cntrller, id=trans.security.encode_id( sample.library.id ) )}">${dataset.sample.library.name | h}</a></td>
+ <td>${dataset.sample.folder.name | h}</td><td id="datasetTransferStatus-${encoded_id}">${dataset.status}</td></tr>
%endfor
@@ -723,7 +723,7 @@
<%def name="render_samples_messages( request, is_admin=False, is_submitted=False, message=None, status=None)">
%if request.is_rejected:
<div class='errormessage'>
- ${request.last_comment}
+ ${request.last_comment | h}
</div><br/>
%endif
%if is_admin and is_submitted and request.samples_without_library_destinations:
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/webapps/galaxy/requests/common/create_request.mako
--- a/templates/webapps/galaxy/requests/common/create_request.mako
+++ b/templates/webapps/galaxy/requests/common/create_request.mako
@@ -23,7 +23,7 @@
<div class="toolForm"><div class="toolFormTitle">Create a new sequencing request</div>
%if len( request_type_select_field.options ) < 1:
- There are no request types available for ${trans.user.email} to create sequencing requests.
+ There are no request types available for ${trans.user.email | h} to create sequencing requests.
%else:
<div class="toolFormBody"><form name="create_request" id="create_request" action="${h.url_for( controller='requests_common', action='create_request', cntrller=cntrller )}" method="post" >
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/webapps/galaxy/requests/common/edit_basic_request_info.mako
--- a/templates/webapps/galaxy/requests/common/edit_basic_request_info.mako
+++ b/templates/webapps/galaxy/requests/common/edit_basic_request_info.mako
@@ -31,7 +31,7 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">Edit sequencing request "${request.name}"</div>
+ <div class="toolFormTitle">Edit sequencing request "${request.name | h}"</div><div class="toolFormBody"><form name="edit_basic_request_info" id="edit_basic_request_info" action="${h.url_for( controller='requests_common', action='edit_basic_request_info', cntrller=cntrller, id=trans.security.encode_id( request.id ) )}" method="post" >
%for i, field in enumerate( widgets ):
@@ -70,11 +70,11 @@
%><div class="form-row"><label>Send to:</label>
- <input type="checkbox" name="email_address" value="true" ${email_address}>${request.user.email} (sequencing request owner)<input type="hidden" name="email_address" value="true">
+ <input type="checkbox" name="email_address" value="true" ${email_address}>${request.user.email | h} (sequencing request owner)<input type="hidden" name="email_address" value="true"></div><div class="form-row"><label>Additional email addresses:</label>
- <textarea name="additional_email_addresses" rows="3" cols="40">${emails}</textarea>
+ <textarea name="additional_email_addresses" rows="3" cols="40">${emails | h}</textarea><div class="toolParamHelp" style="clear: both;">
Enter one email address per line
</div>
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/webapps/galaxy/requests/common/find_samples.mako
--- a/templates/webapps/galaxy/requests/common/find_samples.mako
+++ b/templates/webapps/galaxy/requests/common/find_samples.mako
@@ -72,7 +72,7 @@
%if samples:
%for sample in samples:
<div class="form-row">
- Sample: <b>${sample.name}</b> | Barcode: ${sample.bar_code}<br/>
+ Sample: <b>${sample.name | h}</b> | Barcode: ${sample.bar_code | h}<br/>
%if sample.request.is_new or not sample.state:
State: Unsubmitted<br/>
%else:
@@ -85,10 +85,10 @@
%>
Datasets: <a href="${h.url_for( controller='requests_common', action='view_sample_datasets', cntrller=cntrller, external_service_id=trans.security.encode_id( external_service.id ), sample_id=trans.security.encode_id( sample.id ) )}">${len( sample.datasets )}</a><br/>
%if is_admin:
- <i>User: ${sample.request.user.email}</i>
+ <i>User: ${sample.request.user.email | h}</i>
%endif
<div class="toolParamHelp" style="clear: both;">
- <a href="${h.url_for( controller='requests_common', action='view_request', cntrller=cntrller, id=trans.security.encode_id( sample.request.id ) )}">Sequencing request: ${sample.request.name} | Type: ${sample.request.type.name} | State: ${sample.request.state}</a>
+ <a href="${h.url_for( controller='requests_common', action='view_request', cntrller=cntrller, id=trans.security.encode_id( sample.request.id ) )}">Sequencing request: ${sample.request.name | h} | Type: ${sample.request.type.name} | State: ${sample.request.state}</a></div></div><br/>
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/webapps/galaxy/requests/common/view_request.mako
--- a/templates/webapps/galaxy/requests/common/view_request.mako
+++ b/templates/webapps/galaxy/requests/common/view_request.mako
@@ -58,7 +58,7 @@
${render_samples_messages(request, is_admin, is_submitted, message, status)}
<div class="toolForm">
- <div class="toolFormTitle">Sequencing request "${request.name}"</div>
+ <div class="toolFormTitle">Sequencing request "${request.name | h}"</div><div class="toolFormBody"><div class="form-row"><label>Current state:</label>
@@ -67,12 +67,12 @@
</div><div class="form-row"><label>Description:</label>
- ${request.desc}
+ ${request.desc | h}
<div style="clear: both"></div></div><div class="form-row"><label>User:</label>
- ${request.user.email}
+ ${request.user.email | h}
<div style="clear: both"></div></div><div class="form-row">
@@ -94,7 +94,7 @@
%><div class="form-row"><label>${field_label}:</label>
- ${field_value}
+ ${field_value | h}
</div><div style="clear: both"></div>
%endfor
@@ -116,7 +116,7 @@
else:
emails = ''
%>
- ${emails}
+ ${emails | h}
<div style="clear: both"></div></div><div class="form-row">
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/webapps/galaxy/requests/common/view_request_history.mako
--- a/templates/webapps/galaxy/requests/common/view_request_history.mako
+++ b/templates/webapps/galaxy/requests/common/view_request_history.mako
@@ -36,7 +36,7 @@
${render_msg( message, status )}
%endif
-<h3>History of sequencing request "${request.name}"</h3>
+<h3>History of sequencing request "${request.name | h}"</h3><div class="toolForm"><table class="grid">
@@ -52,7 +52,7 @@
<tr><td><b>${event.state}</b></td><td>${time_ago( event.update_time )}</td>
- <td>${event.comment}</td>
+ <td>${event.comment | h}</td></tr>
%endfor
</tbody>
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/webapps/galaxy/requests/common/view_sample.mako
--- a/templates/webapps/galaxy/requests/common/view_sample.mako
+++ b/templates/webapps/galaxy/requests/common/view_sample.mako
@@ -6,7 +6,7 @@
%if external_service:
<p><div class="toolForm">
- <div class="toolFormTitle">Available External Service Actions for ${sample.name} at ${external_service.name}</div>
+ <div class="toolFormTitle">Available External Service Actions for ${sample.name | h} at ${external_service.name | h}</div><div class="toolFormBody"><div class="toolMenu">
%for item in external_service.actions:
@@ -25,7 +25,7 @@
<div class="form-row"><div class="toolSectionList"><div class="toolSectionTitle">
- <span>${external_service_group.label}</span>
+ <span>${external_service_group.label | h}</span></div><div class="toolSectionBody"><div class="toolSectionBg">
@@ -54,7 +54,7 @@
target = 'galaxy_main'
%><div class="toolTitle">
- <a href="${external_service_action.get_action_access_link( trans )}" target="${target}">${external_service_action.label}</a>
+ <a href="${external_service_action.get_action_access_link( trans )}" target="${target}">${external_service_action.label | h}</a></div></%def>
@@ -75,38 +75,38 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">Sample "${sample.name}"</div>
+ <div class="toolFormTitle">Sample "${sample.name | h}"</div><div class="toolFormBody"><div class="form-row"><label>Name:</label>
- ${sample.name}
+ ${sample.name | h}
<div style="clear: both"></div></div><div class="form-row"><label>Description:</label>
- ${sample.desc}
+ ${sample.desc | h}
<div style="clear: both"></div></div><div class="form-row"><label>Barcode:</label>
- ${sample.bar_code}
+ ${sample.bar_code | h}
<div style="clear: both"></div></div>
%if sample.library:
<div class="form-row"><label>Library:</label>
- ${sample.library.name}
+ ${sample.library.name | h}
<div style="clear: both"></div></div><div class="form-row"><label>Folder:</label>
- ${sample.folder.name}
+ ${sample.folder.name | h}
<div style="clear: both"></div></div>
%endif
<div class="form-row"><label>Request:</label>
- ${sample.request.name}
+ ${sample.request.name | h}
<div style="clear: both"></div></div></div>
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 5f61882fd1c18b0f32f8c9fd40260f37257186de templates/webapps/galaxy/requests/common/view_sample_history.mako
--- a/templates/webapps/galaxy/requests/common/view_sample_history.mako
+++ b/templates/webapps/galaxy/requests/common/view_sample_history.mako
@@ -12,7 +12,7 @@
${render_msg( message, status )}
%endif
-<h3>History of sample "${sample.name}"</h3>
+<h3>History of sample "${sample.name | h}"</h3><div class="toolForm"><table class="grid">
@@ -27,10 +27,10 @@
<tbody>
%for event in sample.events:
<tr>
- <td><b>${event.state.name}</b></td>
- <td>${event.state.desc}</td>
+ <td><b>${event.state.name | h}</b></td>
+ <td>${event.state.desc | h}</td><td>${time_ago( event.update_time )}</td>
- <td>${event.comment}</td>
+ <td>${event.comment | h}</td></tr>
%endfor
</tbody>
https://bitbucket.org/galaxy/galaxy-central/commits/0e663285c743/
Changeset: 0e663285c743
Branch: stable
User: dannon
Date: 2014-12-03 19:15:51+00:00
Summary: Merged in martenson/galaxy-central-marten/stable (pull request #585)
[STABLE] propagate the commit of 795336f22d8b94b86256b1d4738ee1bf24e18b57 that is already in next-stable to the stable
Affected #: 18 files
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/forms/create_form.mako
--- a/templates/admin/forms/create_form.mako
+++ b/templates/admin/forms/create_form.mako
@@ -9,7 +9,7 @@
<div class="toolFormTitle">Create a new form definition</div>
%for label, input in inputs:
<div class="form-row">
- <label>${label}</label>
+ <label>${label | h}</label>
${input.get_html()}
<div style="clear: both"></div></div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/forms/edit_form_definition.mako
--- a/templates/admin/forms/edit_form_definition.mako
+++ b/templates/admin/forms/edit_form_definition.mako
@@ -96,14 +96,14 @@
<form id="edit_form_definition" name="edit_form_definition" action="${h.url_for( controller='forms', action='edit_form_definition', id=trans.security.encode_id( form_definition.current.id ) )}" method="post" ><div class="toolForm">
- <div class="toolFormTitle">Edit form definition "${form_definition.name}" (${form_definition.type})</div>
+ <div class="toolFormTitle">Edit form definition "${form_definition.name | h}" (${form_definition.type | h})</div>
%if response_redirect:
<input type="hidden" name="response_redirect" value="${response_redirect}" size="40" />
%endif
%for label, input in form_details:
<div class="form-row">
%if label != 'Type':
- <label>${label}</label>
+ <label>${label | h}</label>
%endif
<div style="float: left; width: 250px; margin-right: 10px;">
${input.get_html()}
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/request_type/common.mako
--- a/templates/admin/request_type/common.mako
+++ b/templates/admin/request_type/common.mako
@@ -2,7 +2,7 @@
<div class="repeat-group-item"><div class="form-row"><label>${1+element_count}. State name:</label>
- <input type="text" name="state_name_${element_count}" value="${state_name}" size="40"/>
+ <input type="text" name="state_name_${element_count}" value="${state_name | h}" size="40"/>
## Do not show remove button for the first state
%if element_count > 0:
<input type="submit" name="remove_state_button" value="Remove state ${1+element_count}"/>
@@ -10,7 +10,7 @@
</div><div class="form-row"><label>Description:</label>
- <input type="text" name="state_desc_${element_count}" value="${state_desc}" size="40"/>
+ <input type="text" name="state_desc_${element_count}" value="${state_desc | h}" size="40"/><div class="toolParamHelp" style="clear: both;">
optional
</div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/request_type/create_request_type.mako
--- a/templates/admin/request_type/create_request_type.mako
+++ b/templates/admin/request_type/create_request_type.mako
@@ -23,7 +23,7 @@
<div class="toolFormTitle">Create a new request type</div>
%for rt_info in rt_info_widgets:
<div class="form-row">
- <label>${rt_info['label']}</label>
+ <label>${rt_info['label'] | h}</label><div style="float: left; width: 250px; margin-right: 10px;">
${rt_info['widget'].get_html()}
</div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/request_type/edit_request_type.mako
--- a/templates/admin/request_type/edit_request_type.mako
+++ b/templates/admin/request_type/edit_request_type.mako
@@ -32,26 +32,26 @@
<form name="edit_request_type" action="${h.url_for( controller='request_type', action='edit_request_type', id=trans.security.encode_id( request_type.id ) )}" method="post" ><div class="toolForm">
- <div class="toolFormTitle">"Edit ${request_type.name}" request type</div>
+ <div class="toolFormTitle">"Edit ${request_type.name | h}" request type</div><div class="form-row"><label>Name:</label>
- <input type="text" name="name" value="${request_type.name}" size="40"/>
+ <input type="text" name="name" value="${request_type.name | }" size="40"/><div style="clear: both"></div></div><div class="form-row"><label>Description:</label>
- <input type="text" name="desc" value="${request_type.desc}" size="40"/>
+ <input type="text" name="desc" value="${request_type.desc | h}" size="40"/><div style="clear: both"></div></div><div class="form-row"><label>Sequencing request form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name | h}</a>
## Hidden field needed by the __save_request_type() method
<input type="hidden" name="request_form_id" value="${trans.security.encode_id( request_type.request_form_id )}" size="40"/></div><div class="form-row"><label>Sample form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name | h}</a>
## Hidden field needed by the __save_request_type() method
<input type="hidden" name="sample_form_id" value="${trans.security.encode_id( request_type.sample_form_id )}" size="40"/></div>
@@ -63,11 +63,11 @@
<div class="repeat-group-item"><div class="form-row"><label>${1+element_count}. State name:</label>
- <input type="text" name="state_name_${trans.security.encode_id( state.id )}" value="${state.name}" size="40"/>
+ <input type="text" name="state_name_${trans.security.encode_id( state.id )}" value="${state.name | h}" size="40"/></div><div class="form-row"><label>Description:</label>
- <input type="text" name="state_desc_${trans.security.encode_id( state.id )}" value="${state.desc}" size="40"/>
+ <input type="text" name="state_desc_${trans.security.encode_id( state.id )}" value="${state.desc | h}" size="40"/><div class="toolParamHelp" style="clear: both;">
optional
</div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/request_type/request_type_permissions.mako
--- a/templates/admin/request_type/request_type_permissions.mako
+++ b/templates/admin/request_type/request_type_permissions.mako
@@ -48,7 +48,7 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">Manage access permissions on request type "${request_type.name}"</div>
+ <div class="toolFormTitle">Manage access permissions on request type "${request_type.name | h}"</div><div class="toolFormBody"><form name="request_type_permissions" id="request_type_permissions" action="${h.url_for( controller='request_type', action='request_type_permissions', id=trans.security.encode_id( request_type.id ) )}" method="post"><div class="form-row">
@@ -65,13 +65,13 @@
in_roles.add( a.role )
out_roles = filter( lambda x: x not in in_roles, all_roles )
%>
- ${action.description}<br/><br/>
+ ${action.description | h}<br/><br/><div style="width: 100%; white-space: nowrap;"><div style="float: left; width: 50%;">
Roles associated:<br/><select name="${action_key}_in" id="${action_key}_in_select" class="in_select" style="max-width: 98%; width: 98%; height: 150px; font-size: 100%;" multiple>
%for role in in_roles:
- <option value="${role.id}">${role.name}</option>
+ <option value="${role.id}">${role.name | h}</option>
%endfor
</select><br/><div style="width: 98%; text-align: right"><input type="submit" id="${action_key}_remove_button" class="role_remove_button" value=">>"/></div>
@@ -80,7 +80,7 @@
Roles not associated:<br/><select name="${action_key}_out" id="${action_key}_out_select" style="max-width: 98%; width: 98%; height: 150px; font-size: 100%;" multiple>
%for role in out_roles:
- <option value="${role.id}">${role.name}</option>
+ <option value="${role.id}">${role.name | h}</option>
%endfor
</select><br/><input type="submit" id="${action_key}_add_button" class="role_add_button" value="<<"/>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/request_type/view_request_type.mako
--- a/templates/admin/request_type/view_request_type.mako
+++ b/templates/admin/request_type/view_request_type.mako
@@ -30,24 +30,24 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">"${request_type.name}" request type</div>
+ <div class="toolFormTitle">"${request_type.name | h}" request type</div><div class="form-row"><label>Name:</label>
- ${request_type.name}
+ ${request_type.name | h}
<div style="clear: both"></div></div><div class="form-row"><label>Description:</label>
- ${request_type.desc}
+ ${request_type.desc | h}
<div style="clear: both"></div></div><div class="form-row"><label>Sequencing request form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name | h}</a></div><div class="form-row"><label>Sample form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name | h}</a></div></div><p/>
@@ -55,8 +55,8 @@
<div class="toolFormTitle">Sample states defined for this request type</div>
%for state in request_type.states:
<div class="form-row">
- <label>${state.name}</label>
- ${state.desc}
+ <label>${state.name | h}</label>
+ ${state.desc | h}
</div><div style="clear: both"></div>
%endfor
@@ -67,8 +67,8 @@
%if request_type.external_services:
%for index, external_service in enumerate( request_type.external_services ):
<div class="form-row">
- <label><a href="${h.url_for( controller='external_service', action='view_external_service', id=trans.security.encode_id( external_service.id ) )}">${external_service.name}</a></label>
- ${external_service.get_external_service_type( trans ).name}
+ <label><a href="${h.url_for( controller='external_service', action='view_external_service', id=trans.security.encode_id( external_service.id ) )}">${external_service.name | h}</a></label>
+ ${external_service.get_external_service_type( trans ).name | h}
</div>
%endfor
%else:
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/requests/reject.mako
--- a/templates/admin/requests/reject.mako
+++ b/templates/admin/requests/reject.mako
@@ -15,7 +15,7 @@
</ul><div class="toolForm">
- <div class="toolFormTitle">Reject sequencing request "${request.name}"</div>
+ <div class="toolFormTitle">Reject sequencing request "${request.name | h}"</div><form name="event" action="${h.url_for( controller='requests_admin', action='reject_request', id=trans.security.encode_id( request.id ) )}" method="post" ><div class="form-row">
Rejecting this request will move the request state to <b>Rejected</b>.
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/requests/rename_datasets.mako
--- a/templates/admin/requests/rename_datasets.mako
+++ b/templates/admin/requests/rename_datasets.mako
@@ -3,7 +3,7 @@
<% from galaxy.webapps.galaxy.controllers.requests_admin import build_rename_datasets_for_sample_select_field %>
-<h3>Rename datasets for Sample "${sample.name}"</h3>
+<h3>Rename datasets for Sample "${sample.name | h}"</h3><ul class="manage-table-actions"><li><a class="action-button" href="${h.url_for( controller='requests_admin', action='manage_datasets', sample_id=trans.security.encode_id( sample.id ) )}">Browse datasets</a></li>
@@ -35,7 +35,7 @@
${rename_datasets_for_sample_select_field.get_html()}
</td><td>
- <input type="text" name="new_name_${trans.security.encode_id( sample_dataset.id ) }" value="${sample_dataset.name}" size="100"/>
+ <input type="text" name="new_name_${trans.security.encode_id( sample_dataset.id ) }" value="${sample_dataset.name | h}" size="100"/></td><td>${sample_dataset.file_path}</td></tr>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/admin/requests/view_sample_dataset.mako
--- a/templates/admin/requests/view_sample_dataset.mako
+++ b/templates/admin/requests/view_sample_dataset.mako
@@ -21,19 +21,19 @@
</ul><div class="toolForm">
- <div class="toolFormTitle">"${sample.name}" Dataset</div>
+ <div class="toolFormTitle">"${sample.name | h}" Dataset</div><div class="toolFormBody"><div class="form-row"><label>Name:</label><div style="float: left; width: 250px; margin-right: 10px;">
- ${sample_dataset.name}
+ ${sample_dataset.name | h}
</div><div style="clear: both"></div></div><div class="form-row"><label>External service:</label><div style="float: left; width: 250px; margin-right: 10px;">
- ${sample_dataset.external_service.name} (${sample_dataset.external_service.get_external_service_type( trans ).name})
+ ${sample_dataset.external_service.name | h} (${sample_dataset.external_service.get_external_service_type( trans ).name | h})
</div><div style="clear: both"></div></div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/common.mako
--- a/templates/webapps/galaxy/requests/common/common.mako
+++ b/templates/webapps/galaxy/requests/common/common.mako
@@ -257,18 +257,18 @@
<td valign="top"><input type="checkbox" name=select_sample_${sample.id} id="sample_checkbox" value="true" ${checked_str}/><input type="hidden" name=select_sample_${sample.id} id="sample_checkbox" value="true"/></td>
%endif
<td valign="top">
- <input type="text" name="sample_${sample_widget_index}_name" value="${sample_widget['name']}" size="10"/>
+ <input type="text" name="sample_${sample_widget_index}_name" value="${sample_widget['name'] | h}" size="10"/><div class="toolParamHelp" style="clear: both;">
- <i>${' (required)' }</i>
+ <i>(required)</i></div></td>
%if display_bar_code:
<td valign="top">
%if is_admin and is_submitted:
- <input type="text" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code']}" size="10"/>
+ <input type="text" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code'] | h}" size="10"/>
%else:
- ${sample_widget['bar_code']}
- <input type="hidden" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code']}"/>
+ ${sample_widget['bar_code'] | h}
+ <input type="hidden" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code'] | h}"/>
%endif
</td>
%endif
@@ -416,7 +416,7 @@
transferred_dataset_files = []
%><div style="float: left; margin-left: 2px;" class="menubutton split popup" id="sample-${sample.id}-popup">
- <a class="view-info" href="${h.url_for( controller='requests_common', action='view_sample', cntrller=cntrller, id=trans.security.encode_id( sample.id ) )}">${sample.name}</a>
+ <a class="view-info" href="${h.url_for( controller='requests_common', action='view_sample', cntrller=cntrller, id=trans.security.encode_id( sample.id ) )}">${sample.name | h}</a></div><div popupmenu="sample-${sample.id}-popup">
%if can_select_datasets:
@@ -439,11 +439,11 @@
%endif
</div>
%else:
- ${sample_widget_name}
+ ${sample_widget_name | h}
%endif
</td>
%if display_bar_code:
- <td>${sample_widget_bar_code}</td>
+ <td>${sample_widget_bar_code | h}</td>
%endif
%if is_unsubmitted:
<td>Unsubmitted</td>
@@ -451,12 +451,12 @@
<td><a id="sampleState-${sample.id}" href="${h.url_for( controller='requests_common', action='view_sample_history', cntrller=cntrller, sample_id=trans.security.encode_id( sample.id ) )}">${render_sample_state( sample )}</a></td>
%endif
%if sample_widget_library and library_cntrller is not None:
- <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=library_cntrller, id=trans.security.encode_id( sample_widget_library.id ) )}">${sample_widget_library.name}</a></td>
+ <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=library_cntrller, id=trans.security.encode_id( sample_widget_library.id ) )}">${sample_widget_library.name | h}</a></td>
%else:
<td></td>
%endif
%if sample_widget_folder:
- <td>${sample_widget_folder.name}</td>
+ <td>${sample_widget_folder.name | h}</td>
%else:
<td></td>
%endif
@@ -464,11 +464,11 @@
%if trans.user == sample_widget_history.user:
<td><a target='_parent' href="${h.url_for( controller='history', action='list', operation="Switch", id=trans.security.encode_id(sample_widget_history.id), use_panels=False )}">
- ${sample_widget_history.name}
+ ${sample_widget_history.name | h}
</a></td>
%else:
- <td>${sample_widget_history.name}</td>
+ <td>${sample_widget_history.name | h}</td>
%endif
%else:
<td></td>
@@ -477,11 +477,11 @@
%if trans.user == sample_widget_workflow.stored_workflow.user:
<td><a target='_parent' href="${h.url_for( controller='workflow', action='editor', id=trans.security.encode_id(sample_widget_workflow.stored_workflow.id) )}">
- ${sample_widget_workflow.name}
+ ${sample_widget_workflow.name | h}
</a></td>
%else:
- <td>${sample_widget_workflow.name}</td>
+ <td>${sample_widget_workflow.name | h}</td>
%endif
%else:
<td></td>
@@ -519,7 +519,7 @@
<%def name="render_sample_form( index, sample_name, sample_values, fields_dict, display_only )"><tr>
- <td>${sample_name}</td>
+ <td>${sample_name | h}</td>
%for field_index, field in fields_dict.items():
<%
field_type = field[ 'type' ]
@@ -532,17 +532,17 @@
%if field_type == 'WorkflowField':
%if str( field_value ) != 'none':
<% workflow = trans.sa_session.query( trans.app.model.StoredWorkflow ).get( int( field_value ) ) %>
- <a href="${h.url_for( controller='workflow', action='run', id=trans.security.encode_id( workflow.id ) )}">${workflow.name}</a>
+ <a href="${h.url_for( controller='workflow', action='run', id=trans.security.encode_id( workflow.id ) )}">${workflow.name | h}</a>
%endif
%else:
- ${field_value}
+ ${field_value | h}
%endif
%else:
<i>None</i>
%endif
%else:
%if field_type == 'TextField':
- <input type="text" name="sample_${index}_field_${field_index}" value="${field_value}" size="7"/>
+ <input type="text" name="sample_${index}_field_${field_index}" value="${field_value | h}" size="7"/>
%elif field_type == 'SelectField':
<select name="sample_${index}_field_${field_index}" last_selected_value="2">
%for option_index, option in enumerate(field[ 'selectlist' ]):
@@ -695,7 +695,7 @@
%if is_admin:
<span class="expandLink dataset-${dataset}-click"><span class="rowIcon"></span><div style="float: left; margin-left: 2px;" class="menubutton split popup" id="dataset-${dataset.id}-popup">
- <a class="dataset-${encoded_id}-click" href="${h.url_for( controller='requests_admin', action='manage_datasets', operation='view', id=trans.security.encode_id( dataset.id ) )}">${dataset.name}</a>
+ <a class="dataset-${encoded_id}-click" href="${h.url_for( controller='requests_admin', action='manage_datasets', operation='view', id=trans.security.encode_id( dataset.id ) )}">${dataset.name | h}</a></div></span><div popupmenu="dataset-${dataset.id}-popup">
@@ -704,12 +704,12 @@
%endif
</div>
%else:
- ${dataset.name}
+ ${dataset.name | h}
%endif
</td><td>${dataset.size}</td>
- <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=cntrller, id=trans.security.encode_id( sample.library.id ) )}">${dataset.sample.library.name}</a></td>
- <td>${dataset.sample.folder.name}</td>
+ <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=cntrller, id=trans.security.encode_id( sample.library.id ) )}">${dataset.sample.library.name | h}</a></td>
+ <td>${dataset.sample.folder.name | h}</td><td id="datasetTransferStatus-${encoded_id}">${dataset.status}</td></tr>
%endfor
@@ -723,7 +723,7 @@
<%def name="render_samples_messages( request, is_admin=False, is_submitted=False, message=None, status=None)">
%if request.is_rejected:
<div class='errormessage'>
- ${request.last_comment}
+ ${request.last_comment | h}
</div><br/>
%endif
%if is_admin and is_submitted and request.samples_without_library_destinations:
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/create_request.mako
--- a/templates/webapps/galaxy/requests/common/create_request.mako
+++ b/templates/webapps/galaxy/requests/common/create_request.mako
@@ -23,7 +23,7 @@
<div class="toolForm"><div class="toolFormTitle">Create a new sequencing request</div>
%if len( request_type_select_field.options ) < 1:
- There are no request types available for ${trans.user.email} to create sequencing requests.
+ There are no request types available for ${trans.user.email | h} to create sequencing requests.
%else:
<div class="toolFormBody"><form name="create_request" id="create_request" action="${h.url_for( controller='requests_common', action='create_request', cntrller=cntrller )}" method="post" >
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/edit_basic_request_info.mako
--- a/templates/webapps/galaxy/requests/common/edit_basic_request_info.mako
+++ b/templates/webapps/galaxy/requests/common/edit_basic_request_info.mako
@@ -31,7 +31,7 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">Edit sequencing request "${request.name}"</div>
+ <div class="toolFormTitle">Edit sequencing request "${request.name | h}"</div><div class="toolFormBody"><form name="edit_basic_request_info" id="edit_basic_request_info" action="${h.url_for( controller='requests_common', action='edit_basic_request_info', cntrller=cntrller, id=trans.security.encode_id( request.id ) )}" method="post" >
%for i, field in enumerate( widgets ):
@@ -70,11 +70,11 @@
%><div class="form-row"><label>Send to:</label>
- <input type="checkbox" name="email_address" value="true" ${email_address}>${request.user.email} (sequencing request owner)<input type="hidden" name="email_address" value="true">
+ <input type="checkbox" name="email_address" value="true" ${email_address}>${request.user.email | h} (sequencing request owner)<input type="hidden" name="email_address" value="true"></div><div class="form-row"><label>Additional email addresses:</label>
- <textarea name="additional_email_addresses" rows="3" cols="40">${emails}</textarea>
+ <textarea name="additional_email_addresses" rows="3" cols="40">${emails | h}</textarea><div class="toolParamHelp" style="clear: both;">
Enter one email address per line
</div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/find_samples.mako
--- a/templates/webapps/galaxy/requests/common/find_samples.mako
+++ b/templates/webapps/galaxy/requests/common/find_samples.mako
@@ -72,7 +72,7 @@
%if samples:
%for sample in samples:
<div class="form-row">
- Sample: <b>${sample.name}</b> | Barcode: ${sample.bar_code}<br/>
+ Sample: <b>${sample.name | h}</b> | Barcode: ${sample.bar_code | h}<br/>
%if sample.request.is_new or not sample.state:
State: Unsubmitted<br/>
%else:
@@ -85,10 +85,10 @@
%>
Datasets: <a href="${h.url_for( controller='requests_common', action='view_sample_datasets', cntrller=cntrller, external_service_id=trans.security.encode_id( external_service.id ), sample_id=trans.security.encode_id( sample.id ) )}">${len( sample.datasets )}</a><br/>
%if is_admin:
- <i>User: ${sample.request.user.email}</i>
+ <i>User: ${sample.request.user.email | h}</i>
%endif
<div class="toolParamHelp" style="clear: both;">
- <a href="${h.url_for( controller='requests_common', action='view_request', cntrller=cntrller, id=trans.security.encode_id( sample.request.id ) )}">Sequencing request: ${sample.request.name} | Type: ${sample.request.type.name} | State: ${sample.request.state}</a>
+ <a href="${h.url_for( controller='requests_common', action='view_request', cntrller=cntrller, id=trans.security.encode_id( sample.request.id ) )}">Sequencing request: ${sample.request.name | h} | Type: ${sample.request.type.name} | State: ${sample.request.state}</a></div></div><br/>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/view_request.mako
--- a/templates/webapps/galaxy/requests/common/view_request.mako
+++ b/templates/webapps/galaxy/requests/common/view_request.mako
@@ -58,7 +58,7 @@
${render_samples_messages(request, is_admin, is_submitted, message, status)}
<div class="toolForm">
- <div class="toolFormTitle">Sequencing request "${request.name}"</div>
+ <div class="toolFormTitle">Sequencing request "${request.name | h}"</div><div class="toolFormBody"><div class="form-row"><label>Current state:</label>
@@ -67,12 +67,12 @@
</div><div class="form-row"><label>Description:</label>
- ${request.desc}
+ ${request.desc | h}
<div style="clear: both"></div></div><div class="form-row"><label>User:</label>
- ${request.user.email}
+ ${request.user.email | h}
<div style="clear: both"></div></div><div class="form-row">
@@ -94,7 +94,7 @@
%><div class="form-row"><label>${field_label}:</label>
- ${field_value}
+ ${field_value | h}
</div><div style="clear: both"></div>
%endfor
@@ -116,7 +116,7 @@
else:
emails = ''
%>
- ${emails}
+ ${emails | h}
<div style="clear: both"></div></div><div class="form-row">
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/view_request_history.mako
--- a/templates/webapps/galaxy/requests/common/view_request_history.mako
+++ b/templates/webapps/galaxy/requests/common/view_request_history.mako
@@ -36,7 +36,7 @@
${render_msg( message, status )}
%endif
-<h3>History of sequencing request "${request.name}"</h3>
+<h3>History of sequencing request "${request.name | h}"</h3><div class="toolForm"><table class="grid">
@@ -52,7 +52,7 @@
<tr><td><b>${event.state}</b></td><td>${time_ago( event.update_time )}</td>
- <td>${event.comment}</td>
+ <td>${event.comment | h}</td></tr>
%endfor
</tbody>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/view_sample.mako
--- a/templates/webapps/galaxy/requests/common/view_sample.mako
+++ b/templates/webapps/galaxy/requests/common/view_sample.mako
@@ -6,7 +6,7 @@
%if external_service:
<p><div class="toolForm">
- <div class="toolFormTitle">Available External Service Actions for ${sample.name} at ${external_service.name}</div>
+ <div class="toolFormTitle">Available External Service Actions for ${sample.name | h} at ${external_service.name | h}</div><div class="toolFormBody"><div class="toolMenu">
%for item in external_service.actions:
@@ -25,7 +25,7 @@
<div class="form-row"><div class="toolSectionList"><div class="toolSectionTitle">
- <span>${external_service_group.label}</span>
+ <span>${external_service_group.label | h}</span></div><div class="toolSectionBody"><div class="toolSectionBg">
@@ -54,7 +54,7 @@
target = 'galaxy_main'
%><div class="toolTitle">
- <a href="${external_service_action.get_action_access_link( trans )}" target="${target}">${external_service_action.label}</a>
+ <a href="${external_service_action.get_action_access_link( trans )}" target="${target}">${external_service_action.label | h}</a></div></%def>
@@ -75,38 +75,38 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">Sample "${sample.name}"</div>
+ <div class="toolFormTitle">Sample "${sample.name | h}"</div><div class="toolFormBody"><div class="form-row"><label>Name:</label>
- ${sample.name}
+ ${sample.name | h}
<div style="clear: both"></div></div><div class="form-row"><label>Description:</label>
- ${sample.desc}
+ ${sample.desc | h}
<div style="clear: both"></div></div><div class="form-row"><label>Barcode:</label>
- ${sample.bar_code}
+ ${sample.bar_code | h}
<div style="clear: both"></div></div>
%if sample.library:
<div class="form-row"><label>Library:</label>
- ${sample.library.name}
+ ${sample.library.name | h}
<div style="clear: both"></div></div><div class="form-row"><label>Folder:</label>
- ${sample.folder.name}
+ ${sample.folder.name | h}
<div style="clear: both"></div></div>
%endif
<div class="form-row"><label>Request:</label>
- ${sample.request.name}
+ ${sample.request.name | h}
<div style="clear: both"></div></div></div>
diff -r 7ba05957588aff263132db3d7c0fad6a94b3a466 -r 0e663285c74326737d4ff3c637d4c8aba8847755 templates/webapps/galaxy/requests/common/view_sample_history.mako
--- a/templates/webapps/galaxy/requests/common/view_sample_history.mako
+++ b/templates/webapps/galaxy/requests/common/view_sample_history.mako
@@ -12,7 +12,7 @@
${render_msg( message, status )}
%endif
-<h3>History of sample "${sample.name}"</h3>
+<h3>History of sample "${sample.name | h}"</h3><div class="toolForm"><table class="grid">
@@ -27,10 +27,10 @@
<tbody>
%for event in sample.events:
<tr>
- <td><b>${event.state.name}</b></td>
- <td>${event.state.desc}</td>
+ <td><b>${event.state.name | h}</b></td>
+ <td>${event.state.desc | h}</td><td>${time_ago( event.update_time )}</td>
- <td>${event.comment}</td>
+ <td>${event.comment | h}</td></tr>
%endfor
</tbody>
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
1
0
commit/galaxy-central: natefoo: Update tag latest_2014.10.06 for changeset 546ff6ef27b4
by commits-noreplyï¼ bitbucket.org 04 Dec '14
by commits-noreplyï¼ bitbucket.org 04 Dec '14
04 Dec '14
1 new commit in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/7ba05957588a/
Changeset: 7ba05957588a
Branch: stable
User: natefoo
Date: 2014-12-03 19:00:28+00:00
Summary: Update tag latest_2014.10.06 for changeset 546ff6ef27b4
Affected #: 1 file
diff -r 546ff6ef27b4b83e26ae228c292fd981173ac550 -r 7ba05957588aff263132db3d7c0fad6a94b3a466 .hgtags
--- a/.hgtags
+++ b/.hgtags
@@ -20,4 +20,4 @@
ca45b78adb4152fc6e7395514d46eba6b7d0b838 release_2014.08.11
548ab24667d6206780237bd807f7d857a484c461 latest_2014.08.11
2092948937ac30ef82f71463a235c66d34987088 release_2014.10.06
-acb2548443ae42d39ef200d035ccc0481d6b930c latest_2014.10.06
+546ff6ef27b4b83e26ae228c292fd981173ac550 latest_2014.10.06
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
1
0
2 new commits in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/4b6b1d2d7407/
Changeset: 4b6b1d2d7407
Branch: next-stable
User: natefoo
Date: 2014-12-03 18:30:44+00:00
Summary: Merge stable changes to next-stable.
Affected #: 9 files
diff -r 3808622909a6bb561c46d2ff5a5675f1da589c8b -r 4b6b1d2d740732a982c922b264d2027ed2c90370 lib/galaxy/webapps/galaxy/controllers/user.py
--- a/lib/galaxy/webapps/galaxy/controllers/user.py
+++ b/lib/galaxy/webapps/galaxy/controllers/user.py
@@ -28,7 +28,7 @@
from galaxy.web.base.controller import CreatesApiKeysMixin
from galaxy.web.form_builder import CheckboxField
from galaxy.web.form_builder import build_select_field
-from galaxy.web.framework.helpers import time_ago, grids
+from galaxy.web.framework.helpers import time_ago, grids, escape
from datetime import datetime, timedelta
from galaxy.util import hash_util, biostar
@@ -164,7 +164,7 @@
user_openid.provider = openid_provider
if trans.user:
if user_openid.user and user_openid.user.id != trans.user.id:
- message = "The OpenID <strong>%s</strong> is already associated with another Galaxy account, <strong>%s</strong>. Please disassociate it from that account before attempting to associate it with a new account." % ( display_identifier, user_openid.user.email )
+ message = "The OpenID <strong>%s</strong> is already associated with another Galaxy account, <strong>%s</strong>. Please disassociate it from that account before attempting to associate it with a new account." % ( escape( display_identifier ), escape( user_openid.user.email ) )
if not trans.user.active and trans.app.config.user_activation_on: # Account activation is ON and the user is INACTIVE.
if ( trans.app.config.activation_grace_period != 0 ): # grace period is ON
if self.is_outside_grace_period( trans, trans.user.create_time ): # User is outside the grace period. Login is disabled and he will have the activation email resent.
@@ -179,23 +179,23 @@
user_openid.session = trans.galaxy_session
if not openid_provider_obj.never_associate_with_user:
if not auto_associate and ( user_openid.user and user_openid.user.id == trans.user.id ):
- message = "The OpenID <strong>%s</strong> is already associated with your Galaxy account, <strong>%s</strong>." % ( display_identifier, trans.user.email )
+ message = "The OpenID <strong>%s</strong> is already associated with your Galaxy account, <strong>%s</strong>." % ( escape( display_identifier ), escape( trans.user.email ) )
status = "warning"
else:
- message = "The OpenID <strong>%s</strong> has been associated with your Galaxy account, <strong>%s</strong>." % ( display_identifier, trans.user.email )
+ message = "The OpenID <strong>%s</strong> has been associated with your Galaxy account, <strong>%s</strong>." % ( escape( display_identifier ), escape( trans.user.email ) )
status = "done"
user_openid.user = trans.user
trans.sa_session.add( user_openid )
trans.sa_session.flush()
trans.log_event( "User associated OpenID: %s" % display_identifier )
else:
- message = "The OpenID <strong>%s</strong> cannot be used to log into your Galaxy account, but any post authentication actions have been performed." % ( openid_provider_obj.name )
+ message = "The OpenID <strong>%s</strong> cannot be used to log into your Galaxy account, but any post authentication actions have been performed." % escape( openid_provider_obj.name )
status = "info"
openid_provider_obj.post_authentication( trans, trans.app.openid_manager, info )
if redirect:
- message = '%s<br>Click <a href="%s"><strong>here</strong></a> to return to the page you were previously viewing.' % ( message, redirect )
+ message = '%s<br>Click <a href="%s"><strong>here</strong></a> to return to the page you were previously viewing.' % ( message, escape( self.__get_redirect_url( redirect ) ) )
if redirect and status != "error":
- return trans.response.send_redirect( redirect )
+ return trans.response.send_redirect( self.__get_redirect_url( redirect ) )
return trans.response.send_redirect( url_for( controller='user',
action='openid_manage',
use_panels=True,
@@ -208,6 +208,7 @@
openid_provider_obj.post_authentication( trans, trans.app.openid_manager, info )
if not redirect:
redirect = url_for( '/' )
+ redirect = self.__get_redirect_url( redirect )
return trans.response.send_redirect( redirect )
trans.sa_session.add( user_openid )
trans.sa_session.flush()
@@ -448,18 +449,9 @@
@web.expose
def login( self, trans, refresh_frames=[], **kwd ):
- """Handle Galaxy login"""
- redirect = kwd.get( 'redirect', trans.request.referer ).strip()
- root_url = url_for( '/', qualified=True )
- # Always start with redirect_url being empty.
- redirect_url = ''
- # Compare urls, to prevent a redirect from pointing (directly)
- # outside of galaxy or to enter a logout/login loop.
- if not util.compare_urls( root_url, redirect, compare_path=False ) or util.compare_urls( url_for( controller='user', action='logout', qualified=True ), redirect ):
- redirect = root_url
- if kwd.get( 'noredirect', False ):
- # The referrer is explicitly asking not to redirect.
- redirect = ''
+ '''Handle Galaxy Log in'''
+ redirect = self.__get_redirect_url( kwd.get( 'redirect', trans.request.referer ).strip() )
+ redirect_url = '' # always start with redirect_url being empty
use_panels = util.string_as_bool( kwd.get( 'use_panels', False ) )
message = kwd.get( 'message', '' )
status = kwd.get( 'status', 'done' )
@@ -910,7 +902,7 @@
username = util.restore_text( params.get( 'username', '' ) )
if not username:
username = user.username
- message = util.restore_text( params.get( 'message', '' ) )
+ message = escape( util.restore_text( params.get( 'message', '' ) ) )
status = params.get( 'status', 'done' )
if trans.webapp.name == 'galaxy':
user_type_form_definition = self.__get_user_type_form_definition( trans, user=user, **kwd )
@@ -1119,8 +1111,8 @@
"""Reset the user's password. Send an email with the new password."""
if trans.app.config.smtp_server is None:
return trans.show_error_message( "Mail is not configured for this Galaxy instance. Please contact your local Galaxy administrator." )
- message = util.sanitize_text( util.restore_text( kwd.get( 'message', '' ) ) )
- status = 'done'
+ message = util.sanitize_text(util.restore_text( kwd.get( 'message', '' ) ))
+ status = kwd.get( 'status', 'done' )
if kwd.get( 'reset_password_button', False ):
reset_user = trans.sa_session.query( trans.app.model.User ).filter( trans.app.model.User.table.c.email == email ).first()
user = trans.get_user()
@@ -1146,7 +1138,7 @@
trans.sa_session.add( reset_user )
trans.sa_session.flush()
trans.log_event( "User reset password: %s" % email )
- message = "Password has been reset and emailed to: %s. <a href='%s'>Click here</a> to return to the login form." % ( email, web.url_for( controller='user', action='login', noredirect='true' ) )
+ message = "Password has been reset and emailed to: %s. <a href='%s'>Click here</a> to return to the login form." % ( escape( email ), web.url_for( controller='user', action='login', noredirect='true' ) )
except Exception, e:
message = 'Failed to reset password: %s' % str( e )
status = 'error'
@@ -1370,17 +1362,20 @@
# User not logged in, history group must be only public
return trans.show_error_message( "You must be logged in to change your default permitted actions." )
+ @web.require_login( "to add addresses" )
@web.expose
def new_address( self, trans, cntrller, **kwd ):
params = util.Params( kwd )
message = util.restore_text( params.get( 'message', '' ) )
status = params.get( 'status', 'done' )
is_admin = cntrller == 'admin' and trans.user_is_admin()
- user_id = params.get( 'user_id', False )
- if not user_id:
- # User must be logged in to create a new address
- return trans.show_error_message( "You must be logged in to create a new address." )
- user = trans.sa_session.query( trans.app.model.User ).get( trans.security.decode_id( user_id ) )
+ user_id = params.get( 'id', False )
+ if is_admin:
+ if not user_id:
+ return trans.show_error_message( "You must specify a user to add a new address to." )
+ user = trans.sa_session.query( trans.app.model.User ).get( trans.security.decode_id( user_id ) )
+ else:
+ user = trans.user
short_desc = util.restore_text( params.get( 'short_desc', '' ) )
name = util.restore_text( params.get( 'name', '' ) )
institution = util.restore_text( params.get( 'institution', '' ) )
@@ -1431,10 +1426,10 @@
phone=phone )
trans.sa_session.add( user_address )
trans.sa_session.flush()
- message = 'Address (%s) has been added' % user_address.desc
+ message = 'Address (%s) has been added' % escape( user_address.desc )
new_kwd = dict( message=message, status=status )
if is_admin:
- new_kwd[ 'user_id' ] = trans.security.encode_id( user.id )
+ new_kwd[ 'id' ] = trans.security.encode_id( user.id )
return trans.response.send_redirect( web.url_for( controller='user',
action='manage_user_info',
cntrller=cntrller,
@@ -1452,24 +1447,29 @@
postal_code=postal_code,
country=country,
phone=phone,
- message=message,
+ message=escape(message),
status=status )
+ @web.require_login( "to edit addresses" )
@web.expose
def edit_address( self, trans, cntrller, **kwd ):
params = util.Params( kwd )
message = util.restore_text( params.get( 'message', '' ) )
status = params.get( 'status', 'done' )
is_admin = cntrller == 'admin' and trans.user_is_admin()
- user_id = params.get( 'user_id', False )
- if not user_id:
- # User must be logged in to create a new address
- return trans.show_error_message( "You must be logged in to create a new address." )
- user = trans.sa_session.query( trans.app.model.User ).get( trans.security.decode_id( user_id ) )
+ user_id = params.get( 'id', False )
+ if is_admin:
+ if not user_id:
+ return trans.show_error_message( "You must specify a user to add a new address to." )
+ user = trans.sa_session.query( trans.app.model.User ).get( trans.security.decode_id( user_id ) )
+ else:
+ user = trans.user
address_id = params.get( 'address_id', None )
if not address_id:
- return trans.show_error_message( "No address id received for editing." )
+ return trans.show_error_message( "Invalid address id." )
address_obj = trans.sa_session.query( trans.app.model.UserAddress ).get( trans.security.decode_id( address_id ) )
+ if address_obj.user_id != user.id:
+ return trans.show_error_message( "Invalid address id." )
if params.get( 'edit_address_button', False ):
short_desc = util.restore_text( params.get( 'short_desc', '' ) )
name = util.restore_text( params.get( 'name', '' ) )
@@ -1517,10 +1517,10 @@
address_obj.phone = phone
trans.sa_session.add( address_obj )
trans.sa_session.flush()
- message = 'Address (%s) has been updated.' % address_obj.desc
+ message = 'Address (%s) has been updated.' % escape( address_obj.desc )
new_kwd = dict( message=message, status=status )
if is_admin:
- new_kwd[ 'user_id' ] = trans.security.encode_id( user.id )
+ new_kwd[ 'id' ] = trans.security.encode_id( user.id )
return trans.response.send_redirect( web.url_for( controller='user',
action='manage_user_info',
cntrller=cntrller,
@@ -1530,45 +1530,44 @@
cntrller=cntrller,
user=user,
address_obj=address_obj,
- message=message,
+ message=escape( message ),
status=status )
+ @web.require_login( "to delete addresses" )
@web.expose
- def delete_address( self, trans, cntrller, address_id=None, user_id=None ):
+ def delete_address( self, trans, cntrller, address_id=None, **kwd ):
+ return self.__delete_undelete_address( trans, cntrller, 'delete', address_id=address_id, **kwd )
+
+ @web.require_login( "to undelete addresses" )
+ @web.expose
+ def undelete_address( self, trans, cntrller, address_id=None, **kwd ):
+ return self.__delete_undelete_address( trans, cntrller, 'undelete', address_id=address_id, **kwd )
+
+ def __delete_undelete_address( self, trans, cntrller, op, address_id=None, **kwd ):
+ is_admin = cntrller == 'admin' and trans.user_is_admin()
+ user_id = kwd.get( 'id', False )
+ if is_admin:
+ if not user_id:
+ return trans.show_error_message( "You must specify a user to %s an address from." % op )
+ user = trans.sa_session.query( trans.app.model.User ).get( trans.security.decode_id( user_id ) )
+ else:
+ user = trans.user
try:
user_address = trans.sa_session.query( trans.app.model.UserAddress ).get( trans.security.decode_id( address_id ) )
except:
- message = 'Invalid address is (%s)' % address_id
- status = 'error'
+ return trans.show_error_message( "Invalid address id." )
if user_address:
- user_address.deleted = True
+ if user_address.user_id != user.id:
+ return trans.show_error_message( "Invalid address id." )
+ user_address.deleted = True if op == 'delete' else False
trans.sa_session.add( user_address )
trans.sa_session.flush()
- message = 'Address (%s) deleted' % user_address.desc
+ message = 'Address (%s) %sd' % ( escape( user_address.desc ), op )
status = 'done'
return trans.response.send_redirect( web.url_for( controller='user',
action='manage_user_info',
cntrller=cntrller,
- user_id=user_id,
- message=message,
- status=status ) )
-
- @web.expose
- def undelete_address( self, trans, cntrller, address_id=None, user_id=None ):
- try:
- user_address = trans.sa_session.query( trans.app.model.UserAddress ).get( trans.security.decode_id( address_id ) )
- except:
- message = 'Invalid address is (%s)' % address_id
- status = 'error'
- if user_address:
- user_address.deleted = False
- trans.sa_session.flush()
- message = 'Address (%s) undeleted' % user_address.desc
- status = 'done'
- return trans.response.send_redirect( web.url_for( controller='user',
- action='manage_user_info',
- cntrller=cntrller,
- user_id=user_id,
+ id=trans.security.encode_id( user.id ),
message=message,
status=status ) )
@@ -1728,7 +1727,7 @@
@web.require_login()
def api_keys( self, trans, cntrller, **kwd ):
params = util.Params( kwd )
- message = util.restore_text( params.get( 'message', '' ) )
+ message = escape( util.restore_text( params.get( 'message', '' ) ) )
status = params.get( 'status', 'done' )
if params.get( 'new_api_key_button', False ):
self.create_api_key( trans, trans.user )
@@ -1740,6 +1739,18 @@
message=message,
status=status )
+ def __get_redirect_url( self, redirect ):
+ root_url = url_for( '/', qualified=True )
+ redirect_url = '' # always start with redirect_url being empty
+ # compare urls, to prevent a redirect from pointing (directly) outside of galaxy
+ # or to enter a logout/login loop
+ if not util.compare_urls( root_url, redirect, compare_path=False ) or util.compare_urls( url_for( controller='user', action='logout', qualified=True ), redirect ):
+ log.warning('Redirect URL is outside of Galaxy, will redirect to Galaxy root instead: %s', redirect)
+ redirect = root_url
+ elif util.compare_urls( url_for( controller='user', action='logout', qualified=True ), redirect ):
+ redirect = root_url
+ return redirect
+
# ===== Methods for building SelectFields ================================
def __build_user_type_fd_id_select_field( self, trans, selected_value ):
# Get all the user information forms
diff -r 3808622909a6bb561c46d2ff5a5675f1da589c8b -r 4b6b1d2d740732a982c922b264d2027ed2c90370 lib/galaxy/webapps/galaxy/controllers/userskeys.py
--- a/lib/galaxy/webapps/galaxy/controllers/userskeys.py
+++ b/lib/galaxy/webapps/galaxy/controllers/userskeys.py
@@ -3,12 +3,11 @@
"""
import logging
-import pprint
from galaxy import web
from galaxy import util, model
from galaxy.web.base.controller import BaseUIController, UsesFormDefinitionsMixin
-from galaxy.web.framework.helpers import time_ago, grids
+from galaxy.web.framework.helpers import time_ago, grids, escape
from inspect import getmembers
@@ -21,65 +20,46 @@
<p/>
"""
-class UserOpenIDGrid( grids.Grid ):
- use_panels = False
- title = "OpenIDs linked to your account"
- model_class = model.UserOpenID
- template = '/user/openid_manage.mako'
- default_filter = { "openid" : "All" }
- default_sort_key = "-create_time"
- columns = [
- grids.TextColumn( "OpenID URL", key="openid", link=( lambda x: dict( action='openid_auth', login_button="Login", openid_url=x.openid if not x.provider else '', openid_provider=x.provider, auto_associate=True ) ) ),
- grids.GridColumn( "Created", key="create_time", format=time_ago ),
- ]
- operations = [
- grids.GridOperation( "Delete", async_compatible=True ),
- ]
- def build_initial_query( self, trans, **kwd ):
- return trans.sa_session.query( self.model_class ).filter( self.model_class.user_id == trans.user.id )
+# FIXME: This controller is using unencoded IDs, but I am not going to address
+# this now since it is admin-side and should be reimplemented in the API
+# anyway.
+
class User( BaseUIController, UsesFormDefinitionsMixin ):
- user_openid_grid = UserOpenIDGrid()
- installed_len_files = None
-
-
@web.expose
@web.require_login()
@web.require_admin
def index( self, trans, cntrller, **kwd ):
return trans.fill_template( 'webapps/galaxy/user/list_users.mako', action='all_users', cntrller=cntrller )
-
-
@web.expose
@web.require_login()
@web.require_admin
def admin_api_keys( self, trans, cntrller, uid, **kwd ):
params = util.Params( kwd )
- message = util.restore_text( params.get( 'message', '' ) )
+ message = escape( util.restore_text( params.get( 'message', '' ) ) )
status = params.get( 'status', 'done' )
uid = params.get('uid', uid)
- pprint.pprint(uid)
if params.get( 'new_api_key_button', False ):
new_key = trans.app.model.APIKeys()
new_key.user_id = uid
new_key.key = trans.app.security.get_new_guid()
trans.sa_session.add( new_key )
trans.sa_session.flush()
- message = "Generated a new web API key"
+ message = "A new web API key has been generated for (%s)" % escape( new_key.user.email )
status = "done"
- return trans.fill_template( 'webapps/galaxy/user/ok_admin_api_keys.mako',
- cntrller=cntrller,
- message=message,
- status=status )
-
-
+ return trans.response.send_redirect( web.url_for( controller='userskeys',
+ action='all_users',
+ cntrller=cntrller,
+ message=message,
+ status=status ) )
+
@web.expose
@web.require_login()
@web.require_admin
def all_users( self, trans, cntrller="userskeys", **kwd ):
params = util.Params( kwd )
- message = util.restore_text( params.get( 'message', '' ) )
+ message = escape( util.restore_text( params.get( 'message', '' ) ) )
status = params.get( 'status', 'done' )
users = []
for user in trans.sa_session.query( trans.app.model.User ) \
diff -r 3808622909a6bb561c46d2ff5a5675f1da589c8b -r 4b6b1d2d740732a982c922b264d2027ed2c90370 templates/user/edit_address.mako
--- a/templates/user/edit_address.mako
+++ b/templates/user/edit_address.mako
@@ -10,17 +10,17 @@
<ul class="manage-table-actions"><li>
- <a class="action-button" href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, user_id=trans.security.encode_id( user.id) )}">Manage user information</a>
+ <a class="action-button" href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, id=trans.security.encode_id( user.id) )}">Manage user information</a></li></ul><div class="toolForm"><div class="toolFormTitle">Edit address</div><div class="toolFormBody">
- <form name="login_info" id="login_info" action="${h.url_for( controller='user', action='edit_address', cntrller=cntrller, address_id=trans.security.encode_id( address_obj.id ), user_id=trans.security.encode_id( user.id ) )}" method="post" >
+ <form name="login_info" id="login_info" action="${h.url_for( controller='user', action='edit_address', cntrller=cntrller, address_id=trans.security.encode_id( address_obj.id ), id=trans.security.encode_id( user.id ) )}" method="post" ><div class="form-row"><label>Short Description:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="short_desc" value="${address_obj.desc}" size="40">
+ <input type="text" name="short_desc" value="${address_obj.desc | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -28,7 +28,7 @@
<div class="form-row"><label>Name:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="name" value="${address_obj.name}" size="40">
+ <input type="text" name="name" value="${address_obj.name | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -36,7 +36,7 @@
<div class="form-row"><label>Institution:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="institution" value="${address_obj.institution}" size="40">
+ <input type="text" name="institution" value="${address_obj.institution | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -44,7 +44,7 @@
<div class="form-row"><label>Address:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="address" value="${address_obj.address}" size="40">
+ <input type="text" name="address" value="${address_obj.address | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -52,7 +52,7 @@
<div class="form-row"><label>City:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="city" value="${address_obj.city}" size="40">
+ <input type="text" name="city" value="${address_obj.city | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -60,7 +60,7 @@
<div class="form-row"><label>State/Province/Region:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="state" value="${address_obj.state}" size="40">
+ <input type="text" name="state" value="${address_obj.state | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -68,7 +68,7 @@
<div class="form-row"><label>Postal Code:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="postal_code" value="${address_obj.postal_code}" size="40">
+ <input type="text" name="postal_code" value="${address_obj.postal_code | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -76,7 +76,7 @@
<div class="form-row"><label>Country:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="country" value="${address_obj.country}" size="40">
+ <input type="text" name="country" value="${address_obj.country | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -84,7 +84,7 @@
<div class="form-row"><label>Phone:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="phone" value="${address_obj.phone}" size="40">
+ <input type="text" name="phone" value="${address_obj.phone | h}" size="40"></div><div style="clear: both"></div></div>
diff -r 3808622909a6bb561c46d2ff5a5675f1da589c8b -r 4b6b1d2d740732a982c922b264d2027ed2c90370 templates/user/index.mako
--- a/templates/user/index.mako
+++ b/templates/user/index.mako
@@ -1,9 +1,4 @@
<%inherit file="/base.mako"/>
-<%namespace file="/message.mako" import="render_msg" />
-
-%if message:
- ${render_msg( message, status )}
-%endif
%if trans.user:
<h2>${_('User preferences')}</h2>
diff -r 3808622909a6bb561c46d2ff5a5675f1da589c8b -r 4b6b1d2d740732a982c922b264d2027ed2c90370 templates/user/info.mako
--- a/templates/user/info.mako
+++ b/templates/user/info.mako
@@ -90,7 +90,7 @@
<div class="toolFormTitle">Login Information</div><div class="form-row"><label>Email address:</label>
- <input type="text" id ="email_input" name="email" value="${email}" size="40"/>
+ <input type="text" id ="email_input" name="email" value="${email | h}" size="40"/><div class="toolParamHelp" style="clear: both;">
If you change your email address you will receive an activation link in the new mailbox and you have to activate your account by visiting it.
</div>
@@ -99,13 +99,13 @@
<label>Public name:</label>
%if t.webapp.name == 'tool_shed':
%if user.active_repositories:
- <input type="hidden" name="username" value="${username}"/>
- ${username}
+ <input type="hidden" name="username" value="${username | h}"/>
+ ${username | h}
<div class="toolParamHelp" style="clear: both;">
You cannot change your public name after you have created a repository in this tool shed.
</div>
%else:
- <input type="text" name="username" size="40" value="${username}"/>
+ <input type="text" name="username" size="40" value="${username | h}"/><div class="toolParamHelp" style="clear: both;">
Your public name provides a means of identifying you publicly within this tool shed. Public
names must be at least four characters in length and contain only lower-case letters, numbers,
@@ -114,7 +114,7 @@
</div>
%endif
%else:
- <input type="text" id="name_input" name="username" size="40" value="${username}"/>
+ <input type="text" id="name_input" name="username" size="40" value="${username | h}"/><div class="toolParamHelp" style="clear: both;">
Your public name is an optional identifier that will be used to generate addresses for information
you share publicly. Public names must be at least four characters in length and contain only lower-case
diff -r 3808622909a6bb561c46d2ff5a5675f1da589c8b -r 4b6b1d2d740732a982c922b264d2027ed2c90370 templates/user/new_address.mako
--- a/templates/user/new_address.mako
+++ b/templates/user/new_address.mako
@@ -10,18 +10,18 @@
<ul class="manage-table-actions"><li>
- <a class="action-button" href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, user_id=trans.security.encode_id( user.id) )}">
+ <a class="action-button" href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, id=trans.security.encode_id( user.id) )}"><span>Manage User Information</span></a></li></ul><div class="toolForm"><div class="toolFormTitle">Add new address</div><div class="toolFormBody">
- <form name="login_info" id="login_info" action="${h.url_for( controller='user', action='new_address', cntrller=cntrller, user_id=trans.security.encode_id( user.id ) )}" method="post" >
+ <form name="login_info" id="login_info" action="${h.url_for( controller='user', action='new_address', cntrller=cntrller, id=trans.security.encode_id( user.id ) )}" method="post" ><div class="form-row"><label>Short Description:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="short_desc" value="${short_desc}" size="40">
+ <input type="text" name="short_desc" value="${short_desc | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -29,7 +29,7 @@
<div class="form-row"><label>Name:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="name" value="${name}" size="40">
+ <input type="text" name="name" value="${name | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -37,7 +37,7 @@
<div class="form-row"><label>Institution:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="institution" value="${institution}" size="40">
+ <input type="text" name="institution" value="${institution | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -45,7 +45,7 @@
<div class="form-row"><label>Address:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="address" value="${address}" size="40">
+ <input type="text" name="address" value="${address | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -53,7 +53,7 @@
<div class="form-row"><label>City:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="city" value="${city}" size="40">
+ <input type="text" name="city" value="${city | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -61,7 +61,7 @@
<div class="form-row"><label>State/Province/Region:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="state" value="${state}" size="40">
+ <input type="text" name="state" value="${state | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -69,7 +69,7 @@
<div class="form-row"><label>Postal Code:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="postal_code" value="${postal_code}" size="40">
+ <input type="text" name="postal_code" value="${postal_code | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -77,7 +77,7 @@
<div class="form-row"><label>Country:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="country" value="${country}" size="40">
+ <input type="text" name="country" value="${country | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -85,7 +85,7 @@
<div class="form-row"><label>Phone:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="phone" value="${phone}" size="40">
+ <input type="text" name="phone" value="${phone | h}" size="40"></div><div style="clear: both"></div></div>
diff -r 3808622909a6bb561c46d2ff5a5675f1da589c8b -r 4b6b1d2d740732a982c922b264d2027ed2c90370 templates/webapps/galaxy/user/list_users.mako
--- a/templates/webapps/galaxy/user/list_users.mako
+++ b/templates/webapps/galaxy/user/list_users.mako
@@ -1,4 +1,5 @@
<%inherit file="/base.mako"/>
+<%namespace file="/message.mako" import="render_msg" />
%if message:
${render_msg( message, status )}
diff -r 3808622909a6bb561c46d2ff5a5675f1da589c8b -r 4b6b1d2d740732a982c922b264d2027ed2c90370 templates/webapps/galaxy/user/manage_info.mako
--- a/templates/webapps/galaxy/user/manage_info.mako
+++ b/templates/webapps/galaxy/user/manage_info.mako
@@ -42,7 +42,7 @@
<p/><div class="toolForm">
- <form name="user_addresses" id="user_addresses" action="${h.url_for( controller='user', action='new_address', cntrller=cntrller, user_id=trans.security.encode_id( user.id ) )}" method="post" >
+ <form name="user_addresses" id="user_addresses" action="${h.url_for( controller='user', action='new_address', cntrller=cntrller, id=trans.security.encode_id( user.id ) )}" method="post" ><div class="toolFormTitle">User Addresses</div><div class="toolFormBody">
%if user.addresses:
@@ -53,9 +53,9 @@
<span>|</span>
%endif
%if show_filter == filter:
- <span class="filter"><a href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, show_filter=filter, user_id=trans.security.encode_id( user.id ) )}"><b>${filter}</b></a></span>
+ <span class="filter"><a href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, show_filter=filter, id=trans.security.encode_id( user.id ) )}"><b>${filter}</b></a></span>
%else:
- <span class="filter"><a href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, show_filter=filter, user_id=trans.security.encode_id( user.id ) )}">${filter}</a></span>
+ <span class="filter"><a href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, show_filter=filter, id=trans.security.encode_id( user.id ) )}">${filter}</a></span>
%endif
%endfor
</div>
@@ -73,10 +73,10 @@
<ul class="manage-table-actions"><li>
%if not address.deleted:
- <a class="action-button" href="${h.url_for( controller='user', action='edit_address', cntrller=cntrller, address_id=trans.security.encode_id( address.id ), user_id=trans.security.encode_id( user.id ) )}">Edit</a>
- <a class="action-button" href="${h.url_for( controller='user', action='delete_address', cntrller=cntrller, address_id=trans.security.encode_id( address.id ), user_id=trans.security.encode_id( user.id ) )}">Delete</a>
+ <a class="action-button" href="${h.url_for( controller='user', action='edit_address', cntrller=cntrller, address_id=trans.security.encode_id( address.id ), id=trans.security.encode_id( user.id ) )}">Edit</a>
+ <a class="action-button" href="${h.url_for( controller='user', action='delete_address', cntrller=cntrller, address_id=trans.security.encode_id( address.id ), id=trans.security.encode_id( user.id ) )}">Delete</a>
%else:
- <a class="action-button" href="${h.url_for( controller='user', action='undelete_address', cntrller=cntrller, address_id=trans.security.encode_id( address.id ), user_id=trans.security.encode_id( user.id ) )}">Undelete</a>
+ <a class="action-button" href="${h.url_for( controller='user', action='undelete_address', cntrller=cntrller, address_id=trans.security.encode_id( address.id ), id=trans.security.encode_id( user.id ) )}">Undelete</a>
%endif
</li></ul>
diff -r 3808622909a6bb561c46d2ff5a5675f1da589c8b -r 4b6b1d2d740732a982c922b264d2027ed2c90370 templates/webapps/galaxy/user/ok_admin_api_keys.mako
--- a/templates/webapps/galaxy/user/ok_admin_api_keys.mako
+++ /dev/null
@@ -1,28 +0,0 @@
-<%inherit file="/base.mako"/>
-<%namespace file="/message.mako" import="render_msg" />
-
-<br/><br/>
-<ul class="manage-table-actions">
- <li>
- <a class="action-button" href="${h.url_for( controller='userskeys', action='all_users', cntrller=cntrller )}">List users API keys</a>
- </li>
-</ul>
-
-%if message:
- ${render_msg( message, status )}
-%endif
-
- <div>
- <div style="clear: both;">
- SUCCESS. A new API key has been generated.
- </div>
-
-
- <div style="clear: both;">
- An API key will allow you to access Galaxy via its web
- API (documentation forthcoming). Please note that
- <strong>this key acts as an alternate means to access
- your account, and should be treated with the same care
- as your login password</strong>.
- </div>
- </div>
https://bitbucket.org/galaxy/galaxy-central/commits/25d6c1903ece/
Changeset: 25d6c1903ece
User: natefoo
Date: 2014-12-03 18:41:00+00:00
Summary: Merge next-stable to default.
Affected #: 28 files
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 lib/galaxy/webapps/galaxy/controllers/user.py
--- a/lib/galaxy/webapps/galaxy/controllers/user.py
+++ b/lib/galaxy/webapps/galaxy/controllers/user.py
@@ -28,7 +28,7 @@
from galaxy.web.base.controller import CreatesApiKeysMixin
from galaxy.web.form_builder import CheckboxField
from galaxy.web.form_builder import build_select_field
-from galaxy.web.framework.helpers import time_ago, grids
+from galaxy.web.framework.helpers import time_ago, grids, escape
from datetime import datetime, timedelta
from galaxy.util import hash_util, biostar
@@ -164,7 +164,7 @@
user_openid.provider = openid_provider
if trans.user:
if user_openid.user and user_openid.user.id != trans.user.id:
- message = "The OpenID <strong>%s</strong> is already associated with another Galaxy account, <strong>%s</strong>. Please disassociate it from that account before attempting to associate it with a new account." % ( display_identifier, user_openid.user.email )
+ message = "The OpenID <strong>%s</strong> is already associated with another Galaxy account, <strong>%s</strong>. Please disassociate it from that account before attempting to associate it with a new account." % ( escape( display_identifier ), escape( user_openid.user.email ) )
if not trans.user.active and trans.app.config.user_activation_on: # Account activation is ON and the user is INACTIVE.
if ( trans.app.config.activation_grace_period != 0 ): # grace period is ON
if self.is_outside_grace_period( trans, trans.user.create_time ): # User is outside the grace period. Login is disabled and he will have the activation email resent.
@@ -179,23 +179,23 @@
user_openid.session = trans.galaxy_session
if not openid_provider_obj.never_associate_with_user:
if not auto_associate and ( user_openid.user and user_openid.user.id == trans.user.id ):
- message = "The OpenID <strong>%s</strong> is already associated with your Galaxy account, <strong>%s</strong>." % ( display_identifier, trans.user.email )
+ message = "The OpenID <strong>%s</strong> is already associated with your Galaxy account, <strong>%s</strong>." % ( escape( display_identifier ), escape( trans.user.email ) )
status = "warning"
else:
- message = "The OpenID <strong>%s</strong> has been associated with your Galaxy account, <strong>%s</strong>." % ( display_identifier, trans.user.email )
+ message = "The OpenID <strong>%s</strong> has been associated with your Galaxy account, <strong>%s</strong>." % ( escape( display_identifier ), escape( trans.user.email ) )
status = "done"
user_openid.user = trans.user
trans.sa_session.add( user_openid )
trans.sa_session.flush()
trans.log_event( "User associated OpenID: %s" % display_identifier )
else:
- message = "The OpenID <strong>%s</strong> cannot be used to log into your Galaxy account, but any post authentication actions have been performed." % ( openid_provider_obj.name )
+ message = "The OpenID <strong>%s</strong> cannot be used to log into your Galaxy account, but any post authentication actions have been performed." % escape( openid_provider_obj.name )
status = "info"
openid_provider_obj.post_authentication( trans, trans.app.openid_manager, info )
if redirect:
- message = '%s<br>Click <a href="%s"><strong>here</strong></a> to return to the page you were previously viewing.' % ( message, redirect )
+ message = '%s<br>Click <a href="%s"><strong>here</strong></a> to return to the page you were previously viewing.' % ( message, escape( self.__get_redirect_url( redirect ) ) )
if redirect and status != "error":
- return trans.response.send_redirect( redirect )
+ return trans.response.send_redirect( self.__get_redirect_url( redirect ) )
return trans.response.send_redirect( url_for( controller='user',
action='openid_manage',
use_panels=True,
@@ -208,6 +208,7 @@
openid_provider_obj.post_authentication( trans, trans.app.openid_manager, info )
if not redirect:
redirect = url_for( '/' )
+ redirect = self.__get_redirect_url( redirect )
return trans.response.send_redirect( redirect )
trans.sa_session.add( user_openid )
trans.sa_session.flush()
@@ -448,18 +449,9 @@
@web.expose
def login( self, trans, refresh_frames=[], **kwd ):
- """Handle Galaxy login"""
- redirect = kwd.get( 'redirect', trans.request.referer ).strip()
- root_url = url_for( '/', qualified=True )
- # Always start with redirect_url being empty.
- redirect_url = ''
- # Compare urls, to prevent a redirect from pointing (directly)
- # outside of galaxy or to enter a logout/login loop.
- if not util.compare_urls( root_url, redirect, compare_path=False ) or util.compare_urls( url_for( controller='user', action='logout', qualified=True ), redirect ):
- redirect = root_url
- if kwd.get( 'noredirect', False ):
- # The referrer is explicitly asking not to redirect.
- redirect = ''
+ '''Handle Galaxy Log in'''
+ redirect = self.__get_redirect_url( kwd.get( 'redirect', trans.request.referer ).strip() )
+ redirect_url = '' # always start with redirect_url being empty
use_panels = util.string_as_bool( kwd.get( 'use_panels', False ) )
message = kwd.get( 'message', '' )
status = kwd.get( 'status', 'done' )
@@ -910,7 +902,7 @@
username = util.restore_text( params.get( 'username', '' ) )
if not username:
username = user.username
- message = util.restore_text( params.get( 'message', '' ) )
+ message = escape( util.restore_text( params.get( 'message', '' ) ) )
status = params.get( 'status', 'done' )
if trans.webapp.name == 'galaxy':
user_type_form_definition = self.__get_user_type_form_definition( trans, user=user, **kwd )
@@ -1146,7 +1138,7 @@
trans.sa_session.add( reset_user )
trans.sa_session.flush()
trans.log_event( "User reset password: %s" % email )
- message = "Password has been reset and emailed to: %s. <a href='%s'>Click here</a> to return to the login form." % ( email, web.url_for( controller='user', action='login', noredirect='true' ) )
+ message = "Password has been reset and emailed to: %s. <a href='%s'>Click here</a> to return to the login form." % ( escape( email ), web.url_for( controller='user', action='login', noredirect='true' ) )
except Exception, e:
status = 'error'
message = 'Failed to reset password: %s' % str( e )
@@ -1371,17 +1363,20 @@
# User not logged in, history group must be only public
return trans.show_error_message( "You must be logged in to change your default permitted actions." )
+ @web.require_login( "to add addresses" )
@web.expose
def new_address( self, trans, cntrller, **kwd ):
params = util.Params( kwd )
message = util.restore_text( params.get( 'message', '' ) )
status = params.get( 'status', 'done' )
is_admin = cntrller == 'admin' and trans.user_is_admin()
- user_id = params.get( 'user_id', False )
- if not user_id:
- # User must be logged in to create a new address
- return trans.show_error_message( "You must be logged in to create a new address." )
- user = trans.sa_session.query( trans.app.model.User ).get( trans.security.decode_id( user_id ) )
+ user_id = params.get( 'id', False )
+ if is_admin:
+ if not user_id:
+ return trans.show_error_message( "You must specify a user to add a new address to." )
+ user = trans.sa_session.query( trans.app.model.User ).get( trans.security.decode_id( user_id ) )
+ else:
+ user = trans.user
short_desc = util.restore_text( params.get( 'short_desc', '' ) )
name = util.restore_text( params.get( 'name', '' ) )
institution = util.restore_text( params.get( 'institution', '' ) )
@@ -1432,10 +1427,10 @@
phone=phone )
trans.sa_session.add( user_address )
trans.sa_session.flush()
- message = 'Address (%s) has been added' % user_address.desc
+ message = 'Address (%s) has been added' % escape( user_address.desc )
new_kwd = dict( message=message, status=status )
if is_admin:
- new_kwd[ 'user_id' ] = trans.security.encode_id( user.id )
+ new_kwd[ 'id' ] = trans.security.encode_id( user.id )
return trans.response.send_redirect( web.url_for( controller='user',
action='manage_user_info',
cntrller=cntrller,
@@ -1453,24 +1448,29 @@
postal_code=postal_code,
country=country,
phone=phone,
- message=message,
+ message=escape(message),
status=status )
+ @web.require_login( "to edit addresses" )
@web.expose
def edit_address( self, trans, cntrller, **kwd ):
params = util.Params( kwd )
message = util.restore_text( params.get( 'message', '' ) )
status = params.get( 'status', 'done' )
is_admin = cntrller == 'admin' and trans.user_is_admin()
- user_id = params.get( 'user_id', False )
- if not user_id:
- # User must be logged in to create a new address
- return trans.show_error_message( "You must be logged in to create a new address." )
- user = trans.sa_session.query( trans.app.model.User ).get( trans.security.decode_id( user_id ) )
+ user_id = params.get( 'id', False )
+ if is_admin:
+ if not user_id:
+ return trans.show_error_message( "You must specify a user to add a new address to." )
+ user = trans.sa_session.query( trans.app.model.User ).get( trans.security.decode_id( user_id ) )
+ else:
+ user = trans.user
address_id = params.get( 'address_id', None )
if not address_id:
- return trans.show_error_message( "No address id received for editing." )
+ return trans.show_error_message( "Invalid address id." )
address_obj = trans.sa_session.query( trans.app.model.UserAddress ).get( trans.security.decode_id( address_id ) )
+ if address_obj.user_id != user.id:
+ return trans.show_error_message( "Invalid address id." )
if params.get( 'edit_address_button', False ):
short_desc = util.restore_text( params.get( 'short_desc', '' ) )
name = util.restore_text( params.get( 'name', '' ) )
@@ -1518,10 +1518,10 @@
address_obj.phone = phone
trans.sa_session.add( address_obj )
trans.sa_session.flush()
- message = 'Address (%s) has been updated.' % address_obj.desc
+ message = 'Address (%s) has been updated.' % escape( address_obj.desc )
new_kwd = dict( message=message, status=status )
if is_admin:
- new_kwd[ 'user_id' ] = trans.security.encode_id( user.id )
+ new_kwd[ 'id' ] = trans.security.encode_id( user.id )
return trans.response.send_redirect( web.url_for( controller='user',
action='manage_user_info',
cntrller=cntrller,
@@ -1531,45 +1531,44 @@
cntrller=cntrller,
user=user,
address_obj=address_obj,
- message=message,
+ message=escape( message ),
status=status )
+ @web.require_login( "to delete addresses" )
@web.expose
- def delete_address( self, trans, cntrller, address_id=None, user_id=None ):
+ def delete_address( self, trans, cntrller, address_id=None, **kwd ):
+ return self.__delete_undelete_address( trans, cntrller, 'delete', address_id=address_id, **kwd )
+
+ @web.require_login( "to undelete addresses" )
+ @web.expose
+ def undelete_address( self, trans, cntrller, address_id=None, **kwd ):
+ return self.__delete_undelete_address( trans, cntrller, 'undelete', address_id=address_id, **kwd )
+
+ def __delete_undelete_address( self, trans, cntrller, op, address_id=None, **kwd ):
+ is_admin = cntrller == 'admin' and trans.user_is_admin()
+ user_id = kwd.get( 'id', False )
+ if is_admin:
+ if not user_id:
+ return trans.show_error_message( "You must specify a user to %s an address from." % op )
+ user = trans.sa_session.query( trans.app.model.User ).get( trans.security.decode_id( user_id ) )
+ else:
+ user = trans.user
try:
user_address = trans.sa_session.query( trans.app.model.UserAddress ).get( trans.security.decode_id( address_id ) )
except:
- message = 'Invalid address is (%s)' % address_id
- status = 'error'
+ return trans.show_error_message( "Invalid address id." )
if user_address:
- user_address.deleted = True
+ if user_address.user_id != user.id:
+ return trans.show_error_message( "Invalid address id." )
+ user_address.deleted = True if op == 'delete' else False
trans.sa_session.add( user_address )
trans.sa_session.flush()
- message = 'Address (%s) deleted' % user_address.desc
+ message = 'Address (%s) %sd' % ( escape( user_address.desc ), op )
status = 'done'
return trans.response.send_redirect( web.url_for( controller='user',
action='manage_user_info',
cntrller=cntrller,
- user_id=user_id,
- message=message,
- status=status ) )
-
- @web.expose
- def undelete_address( self, trans, cntrller, address_id=None, user_id=None ):
- try:
- user_address = trans.sa_session.query( trans.app.model.UserAddress ).get( trans.security.decode_id( address_id ) )
- except:
- message = 'Invalid address is (%s)' % address_id
- status = 'error'
- if user_address:
- user_address.deleted = False
- trans.sa_session.flush()
- message = 'Address (%s) undeleted' % user_address.desc
- status = 'done'
- return trans.response.send_redirect( web.url_for( controller='user',
- action='manage_user_info',
- cntrller=cntrller,
- user_id=user_id,
+ id=trans.security.encode_id( user.id ),
message=message,
status=status ) )
@@ -1729,7 +1728,7 @@
@web.require_login()
def api_keys( self, trans, cntrller, **kwd ):
params = util.Params( kwd )
- message = util.restore_text( params.get( 'message', '' ) )
+ message = escape( util.restore_text( params.get( 'message', '' ) ) )
status = params.get( 'status', 'done' )
if params.get( 'new_api_key_button', False ):
self.create_api_key( trans, trans.user )
@@ -1741,6 +1740,18 @@
message=message,
status=status )
+ def __get_redirect_url( self, redirect ):
+ root_url = url_for( '/', qualified=True )
+ redirect_url = '' # always start with redirect_url being empty
+ # compare urls, to prevent a redirect from pointing (directly) outside of galaxy
+ # or to enter a logout/login loop
+ if not util.compare_urls( root_url, redirect, compare_path=False ) or util.compare_urls( url_for( controller='user', action='logout', qualified=True ), redirect ):
+ log.warning('Redirect URL is outside of Galaxy, will redirect to Galaxy root instead: %s', redirect)
+ redirect = root_url
+ elif util.compare_urls( url_for( controller='user', action='logout', qualified=True ), redirect ):
+ redirect = root_url
+ return redirect
+
# ===== Methods for building SelectFields ================================
def __build_user_type_fd_id_select_field( self, trans, selected_value ):
# Get all the user information forms
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 lib/galaxy/webapps/galaxy/controllers/userskeys.py
--- a/lib/galaxy/webapps/galaxy/controllers/userskeys.py
+++ b/lib/galaxy/webapps/galaxy/controllers/userskeys.py
@@ -3,12 +3,11 @@
"""
import logging
-import pprint
from galaxy import web
from galaxy import util, model
from galaxy.web.base.controller import BaseUIController, UsesFormDefinitionsMixin
-from galaxy.web.framework.helpers import time_ago, grids
+from galaxy.web.framework.helpers import time_ago, grids, escape
from inspect import getmembers
@@ -21,65 +20,46 @@
<p/>
"""
-class UserOpenIDGrid( grids.Grid ):
- use_panels = False
- title = "OpenIDs linked to your account"
- model_class = model.UserOpenID
- template = '/user/openid_manage.mako'
- default_filter = { "openid" : "All" }
- default_sort_key = "-create_time"
- columns = [
- grids.TextColumn( "OpenID URL", key="openid", link=( lambda x: dict( action='openid_auth', login_button="Login", openid_url=x.openid if not x.provider else '', openid_provider=x.provider, auto_associate=True ) ) ),
- grids.GridColumn( "Created", key="create_time", format=time_ago ),
- ]
- operations = [
- grids.GridOperation( "Delete", async_compatible=True ),
- ]
- def build_initial_query( self, trans, **kwd ):
- return trans.sa_session.query( self.model_class ).filter( self.model_class.user_id == trans.user.id )
+# FIXME: This controller is using unencoded IDs, but I am not going to address
+# this now since it is admin-side and should be reimplemented in the API
+# anyway.
+
class User( BaseUIController, UsesFormDefinitionsMixin ):
- user_openid_grid = UserOpenIDGrid()
- installed_len_files = None
-
-
@web.expose
@web.require_login()
@web.require_admin
def index( self, trans, cntrller, **kwd ):
return trans.fill_template( 'webapps/galaxy/user/list_users.mako', action='all_users', cntrller=cntrller )
-
-
@web.expose
@web.require_login()
@web.require_admin
def admin_api_keys( self, trans, cntrller, uid, **kwd ):
params = util.Params( kwd )
- message = util.restore_text( params.get( 'message', '' ) )
+ message = escape( util.restore_text( params.get( 'message', '' ) ) )
status = params.get( 'status', 'done' )
uid = params.get('uid', uid)
- pprint.pprint(uid)
if params.get( 'new_api_key_button', False ):
new_key = trans.app.model.APIKeys()
new_key.user_id = uid
new_key.key = trans.app.security.get_new_guid()
trans.sa_session.add( new_key )
trans.sa_session.flush()
- message = "Generated a new web API key"
+ message = "A new web API key has been generated for (%s)" % escape( new_key.user.email )
status = "done"
- return trans.fill_template( 'webapps/galaxy/user/ok_admin_api_keys.mako',
- cntrller=cntrller,
- message=message,
- status=status )
-
-
+ return trans.response.send_redirect( web.url_for( controller='userskeys',
+ action='all_users',
+ cntrller=cntrller,
+ message=message,
+ status=status ) )
+
@web.expose
@web.require_login()
@web.require_admin
def all_users( self, trans, cntrller="userskeys", **kwd ):
params = util.Params( kwd )
- message = util.restore_text( params.get( 'message', '' ) )
+ message = escape( util.restore_text( params.get( 'message', '' ) ) )
status = params.get( 'status', 'done' )
users = []
for user in trans.sa_session.query( trans.app.model.User ) \
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 lib/tool_shed/util/basic_util.py
--- a/lib/tool_shed/util/basic_util.py
+++ b/lib/tool_shed/util/basic_util.py
@@ -4,7 +4,7 @@
import sys
from string import Template
-from galaxy.util import unicodify
+from galaxy.util import unicodify, nice_size
from galaxy import eggs
@@ -13,10 +13,10 @@
log = logging.getLogger( __name__ )
-CHUNK_SIZE = 2**20 # 1Mb
+CHUNK_SIZE = 2**20 # 1Mb
INSTALLATION_LOG = 'INSTALLATION.log'
# Set no activity timeout to 20 minutes.
-NO_OUTPUT_TIMEOUT = 1200.0
+NO_OUTPUT_TIMEOUT = 3600.0
MAXDIFFSIZE = 8000
MAX_DISPLAY_SIZE = 32768
@@ -48,6 +48,7 @@
RUN install-repository "--url ${tool_shed_url} -o ${repository_owner} --name ${repository_name}"
'''
+
def evaluate_template( text, install_environment ):
"""
Substitute variables defined in XML blocks from dependencies file. The value of the received
@@ -57,6 +58,7 @@
"""
return Template( text ).safe_substitute( get_env_var_values( install_environment ) )
+
def get_env_var_values( install_environment ):
"""
Return a dictionary of values, some of which enable substitution of reserved words for the values.
@@ -73,6 +75,7 @@
env_var_dict[ '__is64bit__' ] = sys.maxsize > 2**32
return env_var_dict
+
def get_file_type_str( changeset_revision, file_type ):
if file_type == 'zip':
file_type_str = '%s.zip' % changeset_revision
@@ -84,6 +87,7 @@
file_type_str = ''
return file_type_str
+
def move_file( current_dir, source, destination, rename_to=None ):
source_path = os.path.abspath( os.path.join( current_dir, source ) )
source_file = os.path.basename( source_path )
@@ -98,6 +102,7 @@
os.makedirs( destination_directory )
shutil.move( source_path, destination_path )
+
def remove_dir( dir ):
"""Attempt to remove a directory from disk."""
if dir:
@@ -107,18 +112,21 @@
except:
pass
+
def size_string( raw_text, size=MAX_DISPLAY_SIZE ):
"""Return a subset of a string (up to MAX_DISPLAY_SIZE) translated to a safe string for display in a browser."""
if raw_text and len( raw_text ) >= size:
- large_str = '\nFile contents truncated because file size is larger than maximum viewing size of %s\n' % util.nice_size( size )
+ large_str = '\nFile contents truncated because file size is larger than maximum viewing size of %s\n' % nice_size( size )
raw_text = '%s%s' % ( raw_text[ 0:size ], large_str )
return raw_text or ''
+
def stringify( list ):
if list:
return ','.join( list )
return ''
+
def strip_path( fpath ):
"""Attempt to strip the path from a file name."""
if not fpath:
@@ -129,6 +137,7 @@
file_name = fpath
return file_name
+
def to_html_string( text ):
"""Translates the characters in text to an html string"""
if text:
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/admin/forms/create_form.mako
--- a/templates/admin/forms/create_form.mako
+++ b/templates/admin/forms/create_form.mako
@@ -9,7 +9,7 @@
<div class="toolFormTitle">Create a new form definition</div>
%for label, input in inputs:
<div class="form-row">
- <label>${label}</label>
+ <label>${label | h}</label>
${input.get_html()}
<div style="clear: both"></div></div>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/admin/forms/edit_form_definition.mako
--- a/templates/admin/forms/edit_form_definition.mako
+++ b/templates/admin/forms/edit_form_definition.mako
@@ -96,14 +96,14 @@
<form id="edit_form_definition" name="edit_form_definition" action="${h.url_for( controller='forms', action='edit_form_definition', id=trans.security.encode_id( form_definition.current.id ) )}" method="post" ><div class="toolForm">
- <div class="toolFormTitle">Edit form definition "${form_definition.name}" (${form_definition.type})</div>
+ <div class="toolFormTitle">Edit form definition "${form_definition.name | h}" (${form_definition.type | h})</div>
%if response_redirect:
<input type="hidden" name="response_redirect" value="${response_redirect}" size="40" />
%endif
%for label, input in form_details:
<div class="form-row">
%if label != 'Type':
- <label>${label}</label>
+ <label>${label | h}</label>
%endif
<div style="float: left; width: 250px; margin-right: 10px;">
${input.get_html()}
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/admin/request_type/common.mako
--- a/templates/admin/request_type/common.mako
+++ b/templates/admin/request_type/common.mako
@@ -2,7 +2,7 @@
<div class="repeat-group-item"><div class="form-row"><label>${1+element_count}. State name:</label>
- <input type="text" name="state_name_${element_count}" value="${state_name}" size="40"/>
+ <input type="text" name="state_name_${element_count}" value="${state_name | h}" size="40"/>
## Do not show remove button for the first state
%if element_count > 0:
<input type="submit" name="remove_state_button" value="Remove state ${1+element_count}"/>
@@ -10,7 +10,7 @@
</div><div class="form-row"><label>Description:</label>
- <input type="text" name="state_desc_${element_count}" value="${state_desc}" size="40"/>
+ <input type="text" name="state_desc_${element_count}" value="${state_desc | h}" size="40"/><div class="toolParamHelp" style="clear: both;">
optional
</div>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/admin/request_type/create_request_type.mako
--- a/templates/admin/request_type/create_request_type.mako
+++ b/templates/admin/request_type/create_request_type.mako
@@ -23,7 +23,7 @@
<div class="toolFormTitle">Create a new request type</div>
%for rt_info in rt_info_widgets:
<div class="form-row">
- <label>${rt_info['label']}</label>
+ <label>${rt_info['label'] | h}</label><div style="float: left; width: 250px; margin-right: 10px;">
${rt_info['widget'].get_html()}
</div>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/admin/request_type/edit_request_type.mako
--- a/templates/admin/request_type/edit_request_type.mako
+++ b/templates/admin/request_type/edit_request_type.mako
@@ -32,26 +32,26 @@
<form name="edit_request_type" action="${h.url_for( controller='request_type', action='edit_request_type', id=trans.security.encode_id( request_type.id ) )}" method="post" ><div class="toolForm">
- <div class="toolFormTitle">"Edit ${request_type.name}" request type</div>
+ <div class="toolFormTitle">"Edit ${request_type.name | h}" request type</div><div class="form-row"><label>Name:</label>
- <input type="text" name="name" value="${request_type.name}" size="40"/>
+ <input type="text" name="name" value="${request_type.name | }" size="40"/><div style="clear: both"></div></div><div class="form-row"><label>Description:</label>
- <input type="text" name="desc" value="${request_type.desc}" size="40"/>
+ <input type="text" name="desc" value="${request_type.desc | h}" size="40"/><div style="clear: both"></div></div><div class="form-row"><label>Sequencing request form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name | h}</a>
## Hidden field needed by the __save_request_type() method
<input type="hidden" name="request_form_id" value="${trans.security.encode_id( request_type.request_form_id )}" size="40"/></div><div class="form-row"><label>Sample form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name | h}</a>
## Hidden field needed by the __save_request_type() method
<input type="hidden" name="sample_form_id" value="${trans.security.encode_id( request_type.sample_form_id )}" size="40"/></div>
@@ -63,11 +63,11 @@
<div class="repeat-group-item"><div class="form-row"><label>${1+element_count}. State name:</label>
- <input type="text" name="state_name_${trans.security.encode_id( state.id )}" value="${state.name}" size="40"/>
+ <input type="text" name="state_name_${trans.security.encode_id( state.id )}" value="${state.name | h}" size="40"/></div><div class="form-row"><label>Description:</label>
- <input type="text" name="state_desc_${trans.security.encode_id( state.id )}" value="${state.desc}" size="40"/>
+ <input type="text" name="state_desc_${trans.security.encode_id( state.id )}" value="${state.desc | h}" size="40"/><div class="toolParamHelp" style="clear: both;">
optional
</div>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/admin/request_type/request_type_permissions.mako
--- a/templates/admin/request_type/request_type_permissions.mako
+++ b/templates/admin/request_type/request_type_permissions.mako
@@ -48,7 +48,7 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">Manage access permissions on request type "${request_type.name}"</div>
+ <div class="toolFormTitle">Manage access permissions on request type "${request_type.name | h}"</div><div class="toolFormBody"><form name="request_type_permissions" id="request_type_permissions" action="${h.url_for( controller='request_type', action='request_type_permissions', id=trans.security.encode_id( request_type.id ) )}" method="post"><div class="form-row">
@@ -65,13 +65,13 @@
in_roles.add( a.role )
out_roles = filter( lambda x: x not in in_roles, all_roles )
%>
- ${action.description}<br/><br/>
+ ${action.description | h}<br/><br/><div style="width: 100%; white-space: nowrap;"><div style="float: left; width: 50%;">
Roles associated:<br/><select name="${action_key}_in" id="${action_key}_in_select" class="in_select" style="max-width: 98%; width: 98%; height: 150px; font-size: 100%;" multiple>
%for role in in_roles:
- <option value="${role.id}">${role.name}</option>
+ <option value="${role.id}">${role.name | h}</option>
%endfor
</select><br/><div style="width: 98%; text-align: right"><input type="submit" id="${action_key}_remove_button" class="role_remove_button" value=">>"/></div>
@@ -80,7 +80,7 @@
Roles not associated:<br/><select name="${action_key}_out" id="${action_key}_out_select" style="max-width: 98%; width: 98%; height: 150px; font-size: 100%;" multiple>
%for role in out_roles:
- <option value="${role.id}">${role.name}</option>
+ <option value="${role.id}">${role.name | h}</option>
%endfor
</select><br/><input type="submit" id="${action_key}_add_button" class="role_add_button" value="<<"/>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/admin/request_type/view_request_type.mako
--- a/templates/admin/request_type/view_request_type.mako
+++ b/templates/admin/request_type/view_request_type.mako
@@ -30,24 +30,24 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">"${request_type.name}" request type</div>
+ <div class="toolFormTitle">"${request_type.name | h}" request type</div><div class="form-row"><label>Name:</label>
- ${request_type.name}
+ ${request_type.name | h}
<div style="clear: both"></div></div><div class="form-row"><label>Description:</label>
- ${request_type.desc}
+ ${request_type.desc | h}
<div style="clear: both"></div></div><div class="form-row"><label>Sequencing request form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.request_form_id ) )}">${request_type.request_form.name | h}</a></div><div class="form-row"><label>Sample form definition:</label>
- <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name}</a>
+ <a href="${h.url_for( controller='request_type', action='view_form_definition', id=trans.security.encode_id( request_type.sample_form_id ) )}">${request_type.sample_form.name | h}</a></div></div><p/>
@@ -55,8 +55,8 @@
<div class="toolFormTitle">Sample states defined for this request type</div>
%for state in request_type.states:
<div class="form-row">
- <label>${state.name}</label>
- ${state.desc}
+ <label>${state.name | h}</label>
+ ${state.desc | h}
</div><div style="clear: both"></div>
%endfor
@@ -67,8 +67,8 @@
%if request_type.external_services:
%for index, external_service in enumerate( request_type.external_services ):
<div class="form-row">
- <label><a href="${h.url_for( controller='external_service', action='view_external_service', id=trans.security.encode_id( external_service.id ) )}">${external_service.name}</a></label>
- ${external_service.get_external_service_type( trans ).name}
+ <label><a href="${h.url_for( controller='external_service', action='view_external_service', id=trans.security.encode_id( external_service.id ) )}">${external_service.name | h}</a></label>
+ ${external_service.get_external_service_type( trans ).name | h}
</div>
%endfor
%else:
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/admin/requests/reject.mako
--- a/templates/admin/requests/reject.mako
+++ b/templates/admin/requests/reject.mako
@@ -15,7 +15,7 @@
</ul><div class="toolForm">
- <div class="toolFormTitle">Reject sequencing request "${request.name}"</div>
+ <div class="toolFormTitle">Reject sequencing request "${request.name | h}"</div><form name="event" action="${h.url_for( controller='requests_admin', action='reject_request', id=trans.security.encode_id( request.id ) )}" method="post" ><div class="form-row">
Rejecting this request will move the request state to <b>Rejected</b>.
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/admin/requests/rename_datasets.mako
--- a/templates/admin/requests/rename_datasets.mako
+++ b/templates/admin/requests/rename_datasets.mako
@@ -3,7 +3,7 @@
<% from galaxy.webapps.galaxy.controllers.requests_admin import build_rename_datasets_for_sample_select_field %>
-<h3>Rename datasets for Sample "${sample.name}"</h3>
+<h3>Rename datasets for Sample "${sample.name | h}"</h3><ul class="manage-table-actions"><li><a class="action-button" href="${h.url_for( controller='requests_admin', action='manage_datasets', sample_id=trans.security.encode_id( sample.id ) )}">Browse datasets</a></li>
@@ -35,7 +35,7 @@
${rename_datasets_for_sample_select_field.get_html()}
</td><td>
- <input type="text" name="new_name_${trans.security.encode_id( sample_dataset.id ) }" value="${sample_dataset.name}" size="100"/>
+ <input type="text" name="new_name_${trans.security.encode_id( sample_dataset.id ) }" value="${sample_dataset.name | h}" size="100"/></td><td>${sample_dataset.file_path}</td></tr>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/admin/requests/view_sample_dataset.mako
--- a/templates/admin/requests/view_sample_dataset.mako
+++ b/templates/admin/requests/view_sample_dataset.mako
@@ -21,19 +21,19 @@
</ul><div class="toolForm">
- <div class="toolFormTitle">"${sample.name}" Dataset</div>
+ <div class="toolFormTitle">"${sample.name | h}" Dataset</div><div class="toolFormBody"><div class="form-row"><label>Name:</label><div style="float: left; width: 250px; margin-right: 10px;">
- ${sample_dataset.name}
+ ${sample_dataset.name | h}
</div><div style="clear: both"></div></div><div class="form-row"><label>External service:</label><div style="float: left; width: 250px; margin-right: 10px;">
- ${sample_dataset.external_service.name} (${sample_dataset.external_service.get_external_service_type( trans ).name})
+ ${sample_dataset.external_service.name | h} (${sample_dataset.external_service.get_external_service_type( trans ).name | h})
</div><div style="clear: both"></div></div>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/user/edit_address.mako
--- a/templates/user/edit_address.mako
+++ b/templates/user/edit_address.mako
@@ -10,17 +10,17 @@
<ul class="manage-table-actions"><li>
- <a class="action-button" href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, user_id=trans.security.encode_id( user.id) )}">Manage user information</a>
+ <a class="action-button" href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, id=trans.security.encode_id( user.id) )}">Manage user information</a></li></ul><div class="toolForm"><div class="toolFormTitle">Edit address</div><div class="toolFormBody">
- <form name="login_info" id="login_info" action="${h.url_for( controller='user', action='edit_address', cntrller=cntrller, address_id=trans.security.encode_id( address_obj.id ), user_id=trans.security.encode_id( user.id ) )}" method="post" >
+ <form name="login_info" id="login_info" action="${h.url_for( controller='user', action='edit_address', cntrller=cntrller, address_id=trans.security.encode_id( address_obj.id ), id=trans.security.encode_id( user.id ) )}" method="post" ><div class="form-row"><label>Short Description:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="short_desc" value="${address_obj.desc}" size="40">
+ <input type="text" name="short_desc" value="${address_obj.desc | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -28,7 +28,7 @@
<div class="form-row"><label>Name:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="name" value="${address_obj.name}" size="40">
+ <input type="text" name="name" value="${address_obj.name | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -36,7 +36,7 @@
<div class="form-row"><label>Institution:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="institution" value="${address_obj.institution}" size="40">
+ <input type="text" name="institution" value="${address_obj.institution | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -44,7 +44,7 @@
<div class="form-row"><label>Address:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="address" value="${address_obj.address}" size="40">
+ <input type="text" name="address" value="${address_obj.address | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -52,7 +52,7 @@
<div class="form-row"><label>City:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="city" value="${address_obj.city}" size="40">
+ <input type="text" name="city" value="${address_obj.city | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -60,7 +60,7 @@
<div class="form-row"><label>State/Province/Region:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="state" value="${address_obj.state}" size="40">
+ <input type="text" name="state" value="${address_obj.state | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -68,7 +68,7 @@
<div class="form-row"><label>Postal Code:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="postal_code" value="${address_obj.postal_code}" size="40">
+ <input type="text" name="postal_code" value="${address_obj.postal_code | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -76,7 +76,7 @@
<div class="form-row"><label>Country:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="country" value="${address_obj.country}" size="40">
+ <input type="text" name="country" value="${address_obj.country | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -84,7 +84,7 @@
<div class="form-row"><label>Phone:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="phone" value="${address_obj.phone}" size="40">
+ <input type="text" name="phone" value="${address_obj.phone | h}" size="40"></div><div style="clear: both"></div></div>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/user/index.mako
--- a/templates/user/index.mako
+++ b/templates/user/index.mako
@@ -1,9 +1,4 @@
<%inherit file="/base.mako"/>
-<%namespace file="/message.mako" import="render_msg" />
-
-%if message:
- ${render_msg( message, status )}
-%endif
%if trans.user:
<h2>${_('User preferences')}</h2>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/user/info.mako
--- a/templates/user/info.mako
+++ b/templates/user/info.mako
@@ -90,7 +90,7 @@
<div class="toolFormTitle">Login Information</div><div class="form-row"><label>Email address:</label>
- <input type="text" id ="email_input" name="email" value="${email}" size="40"/>
+ <input type="text" id ="email_input" name="email" value="${email | h}" size="40"/><div class="toolParamHelp" style="clear: both;">
If you change your email address you will receive an activation link in the new mailbox and you have to activate your account by visiting it.
</div>
@@ -99,13 +99,13 @@
<label>Public name:</label>
%if t.webapp.name == 'tool_shed':
%if user.active_repositories:
- <input type="hidden" name="username" value="${username}"/>
- ${username}
+ <input type="hidden" name="username" value="${username | h}"/>
+ ${username | h}
<div class="toolParamHelp" style="clear: both;">
You cannot change your public name after you have created a repository in this tool shed.
</div>
%else:
- <input type="text" name="username" size="40" value="${username}"/>
+ <input type="text" name="username" size="40" value="${username | h}"/><div class="toolParamHelp" style="clear: both;">
Your public name provides a means of identifying you publicly within this tool shed. Public
names must be at least four characters in length and contain only lower-case letters, numbers,
@@ -114,7 +114,7 @@
</div>
%endif
%else:
- <input type="text" id="name_input" name="username" size="40" value="${username}"/>
+ <input type="text" id="name_input" name="username" size="40" value="${username | h}"/><div class="toolParamHelp" style="clear: both;">
Your public name is an optional identifier that will be used to generate addresses for information
you share publicly. Public names must be at least four characters in length and contain only lower-case
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/user/new_address.mako
--- a/templates/user/new_address.mako
+++ b/templates/user/new_address.mako
@@ -10,18 +10,18 @@
<ul class="manage-table-actions"><li>
- <a class="action-button" href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, user_id=trans.security.encode_id( user.id) )}">
+ <a class="action-button" href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, id=trans.security.encode_id( user.id) )}"><span>Manage User Information</span></a></li></ul><div class="toolForm"><div class="toolFormTitle">Add new address</div><div class="toolFormBody">
- <form name="login_info" id="login_info" action="${h.url_for( controller='user', action='new_address', cntrller=cntrller, user_id=trans.security.encode_id( user.id ) )}" method="post" >
+ <form name="login_info" id="login_info" action="${h.url_for( controller='user', action='new_address', cntrller=cntrller, id=trans.security.encode_id( user.id ) )}" method="post" ><div class="form-row"><label>Short Description:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="short_desc" value="${short_desc}" size="40">
+ <input type="text" name="short_desc" value="${short_desc | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -29,7 +29,7 @@
<div class="form-row"><label>Name:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="name" value="${name}" size="40">
+ <input type="text" name="name" value="${name | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -37,7 +37,7 @@
<div class="form-row"><label>Institution:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="institution" value="${institution}" size="40">
+ <input type="text" name="institution" value="${institution | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -45,7 +45,7 @@
<div class="form-row"><label>Address:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="address" value="${address}" size="40">
+ <input type="text" name="address" value="${address | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -53,7 +53,7 @@
<div class="form-row"><label>City:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="city" value="${city}" size="40">
+ <input type="text" name="city" value="${city | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -61,7 +61,7 @@
<div class="form-row"><label>State/Province/Region:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="state" value="${state}" size="40">
+ <input type="text" name="state" value="${state | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -69,7 +69,7 @@
<div class="form-row"><label>Postal Code:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="postal_code" value="${postal_code}" size="40">
+ <input type="text" name="postal_code" value="${postal_code | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -77,7 +77,7 @@
<div class="form-row"><label>Country:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="country" value="${country}" size="40">
+ <input type="text" name="country" value="${country | h}" size="40"></div><div class="toolParamHelp" style="clear: both;">Required</div><div style="clear: both"></div>
@@ -85,7 +85,7 @@
<div class="form-row"><label>Phone:</label><div style="float: left; width: 250px; margin-right: 10px;">
- <input type="text" name="phone" value="${phone}" size="40">
+ <input type="text" name="phone" value="${phone | h}" size="40"></div><div style="clear: both"></div></div>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/webapps/galaxy/requests/common/common.mako
--- a/templates/webapps/galaxy/requests/common/common.mako
+++ b/templates/webapps/galaxy/requests/common/common.mako
@@ -257,18 +257,18 @@
<td valign="top"><input type="checkbox" name=select_sample_${sample.id} id="sample_checkbox" value="true" ${checked_str}/><input type="hidden" name=select_sample_${sample.id} id="sample_checkbox" value="true"/></td>
%endif
<td valign="top">
- <input type="text" name="sample_${sample_widget_index}_name" value="${sample_widget['name']}" size="10"/>
+ <input type="text" name="sample_${sample_widget_index}_name" value="${sample_widget['name'] | h}" size="10"/><div class="toolParamHelp" style="clear: both;">
- <i>${' (required)' }</i>
+ <i>(required)</i></div></td>
%if display_bar_code:
<td valign="top">
%if is_admin and is_submitted:
- <input type="text" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code']}" size="10"/>
+ <input type="text" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code'] | h}" size="10"/>
%else:
- ${sample_widget['bar_code']}
- <input type="hidden" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code']}"/>
+ ${sample_widget['bar_code'] | h}
+ <input type="hidden" name="sample_${sample_widget_index}_bar_code" value="${sample_widget['bar_code'] | h}"/>
%endif
</td>
%endif
@@ -416,7 +416,7 @@
transferred_dataset_files = []
%><div style="float: left; margin-left: 2px;" class="menubutton split popup" id="sample-${sample.id}-popup">
- <a class="view-info" href="${h.url_for( controller='requests_common', action='view_sample', cntrller=cntrller, id=trans.security.encode_id( sample.id ) )}">${sample.name}</a>
+ <a class="view-info" href="${h.url_for( controller='requests_common', action='view_sample', cntrller=cntrller, id=trans.security.encode_id( sample.id ) )}">${sample.name | h}</a></div><div popupmenu="sample-${sample.id}-popup">
%if can_select_datasets:
@@ -439,11 +439,11 @@
%endif
</div>
%else:
- ${sample_widget_name}
+ ${sample_widget_name | h}
%endif
</td>
%if display_bar_code:
- <td>${sample_widget_bar_code}</td>
+ <td>${sample_widget_bar_code | h}</td>
%endif
%if is_unsubmitted:
<td>Unsubmitted</td>
@@ -451,12 +451,12 @@
<td><a id="sampleState-${sample.id}" href="${h.url_for( controller='requests_common', action='view_sample_history', cntrller=cntrller, sample_id=trans.security.encode_id( sample.id ) )}">${render_sample_state( sample )}</a></td>
%endif
%if sample_widget_library and library_cntrller is not None:
- <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=library_cntrller, id=trans.security.encode_id( sample_widget_library.id ) )}">${sample_widget_library.name}</a></td>
+ <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=library_cntrller, id=trans.security.encode_id( sample_widget_library.id ) )}">${sample_widget_library.name | h}</a></td>
%else:
<td></td>
%endif
%if sample_widget_folder:
- <td>${sample_widget_folder.name}</td>
+ <td>${sample_widget_folder.name | h}</td>
%else:
<td></td>
%endif
@@ -464,11 +464,11 @@
%if trans.user == sample_widget_history.user:
<td><a target='_parent' href="${h.url_for( controller='history', action='list', operation="Switch", id=trans.security.encode_id(sample_widget_history.id), use_panels=False )}">
- ${sample_widget_history.name}
+ ${sample_widget_history.name | h}
</a></td>
%else:
- <td>${sample_widget_history.name}</td>
+ <td>${sample_widget_history.name | h}</td>
%endif
%else:
<td></td>
@@ -477,11 +477,11 @@
%if trans.user == sample_widget_workflow.stored_workflow.user:
<td><a target='_parent' href="${h.url_for( controller='workflow', action='editor', id=trans.security.encode_id(sample_widget_workflow.stored_workflow.id) )}">
- ${sample_widget_workflow.name}
+ ${sample_widget_workflow.name | h}
</a></td>
%else:
- <td>${sample_widget_workflow.name}</td>
+ <td>${sample_widget_workflow.name | h}</td>
%endif
%else:
<td></td>
@@ -519,7 +519,7 @@
<%def name="render_sample_form( index, sample_name, sample_values, fields_dict, display_only )"><tr>
- <td>${sample_name}</td>
+ <td>${sample_name | h}</td>
%for field_index, field in fields_dict.items():
<%
field_type = field[ 'type' ]
@@ -532,17 +532,17 @@
%if field_type == 'WorkflowField':
%if str( field_value ) != 'none':
<% workflow = trans.sa_session.query( trans.app.model.StoredWorkflow ).get( int( field_value ) ) %>
- <a href="${h.url_for( controller='workflow', action='run', id=trans.security.encode_id( workflow.id ) )}">${workflow.name}</a>
+ <a href="${h.url_for( controller='workflow', action='run', id=trans.security.encode_id( workflow.id ) )}">${workflow.name | h}</a>
%endif
%else:
- ${field_value}
+ ${field_value | h}
%endif
%else:
<i>None</i>
%endif
%else:
%if field_type == 'TextField':
- <input type="text" name="sample_${index}_field_${field_index}" value="${field_value}" size="7"/>
+ <input type="text" name="sample_${index}_field_${field_index}" value="${field_value | h}" size="7"/>
%elif field_type == 'SelectField':
<select name="sample_${index}_field_${field_index}" last_selected_value="2">
%for option_index, option in enumerate(field[ 'selectlist' ]):
@@ -695,7 +695,7 @@
%if is_admin:
<span class="expandLink dataset-${dataset}-click"><span class="rowIcon"></span><div style="float: left; margin-left: 2px;" class="menubutton split popup" id="dataset-${dataset.id}-popup">
- <a class="dataset-${encoded_id}-click" href="${h.url_for( controller='requests_admin', action='manage_datasets', operation='view', id=trans.security.encode_id( dataset.id ) )}">${dataset.name}</a>
+ <a class="dataset-${encoded_id}-click" href="${h.url_for( controller='requests_admin', action='manage_datasets', operation='view', id=trans.security.encode_id( dataset.id ) )}">${dataset.name | h}</a></div></span><div popupmenu="dataset-${dataset.id}-popup">
@@ -704,12 +704,12 @@
%endif
</div>
%else:
- ${dataset.name}
+ ${dataset.name | h}
%endif
</td><td>${dataset.size}</td>
- <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=cntrller, id=trans.security.encode_id( sample.library.id ) )}">${dataset.sample.library.name}</a></td>
- <td>${dataset.sample.folder.name}</td>
+ <td><a href="${h.url_for( controller='library_common', action='browse_library', cntrller=cntrller, id=trans.security.encode_id( sample.library.id ) )}">${dataset.sample.library.name | h}</a></td>
+ <td>${dataset.sample.folder.name | h}</td><td id="datasetTransferStatus-${encoded_id}">${dataset.status}</td></tr>
%endfor
@@ -723,7 +723,7 @@
<%def name="render_samples_messages( request, is_admin=False, is_submitted=False, message=None, status=None)">
%if request.is_rejected:
<div class='errormessage'>
- ${request.last_comment}
+ ${request.last_comment | h}
</div><br/>
%endif
%if is_admin and is_submitted and request.samples_without_library_destinations:
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/webapps/galaxy/requests/common/create_request.mako
--- a/templates/webapps/galaxy/requests/common/create_request.mako
+++ b/templates/webapps/galaxy/requests/common/create_request.mako
@@ -23,7 +23,7 @@
<div class="toolForm"><div class="toolFormTitle">Create a new sequencing request</div>
%if len( request_type_select_field.options ) < 1:
- There are no request types available for ${trans.user.email} to create sequencing requests.
+ There are no request types available for ${trans.user.email | h} to create sequencing requests.
%else:
<div class="toolFormBody"><form name="create_request" id="create_request" action="${h.url_for( controller='requests_common', action='create_request', cntrller=cntrller )}" method="post" >
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/webapps/galaxy/requests/common/edit_basic_request_info.mako
--- a/templates/webapps/galaxy/requests/common/edit_basic_request_info.mako
+++ b/templates/webapps/galaxy/requests/common/edit_basic_request_info.mako
@@ -31,7 +31,7 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">Edit sequencing request "${request.name}"</div>
+ <div class="toolFormTitle">Edit sequencing request "${request.name | h}"</div><div class="toolFormBody"><form name="edit_basic_request_info" id="edit_basic_request_info" action="${h.url_for( controller='requests_common', action='edit_basic_request_info', cntrller=cntrller, id=trans.security.encode_id( request.id ) )}" method="post" >
%for i, field in enumerate( widgets ):
@@ -70,11 +70,11 @@
%><div class="form-row"><label>Send to:</label>
- <input type="checkbox" name="email_address" value="true" ${email_address}>${request.user.email} (sequencing request owner)<input type="hidden" name="email_address" value="true">
+ <input type="checkbox" name="email_address" value="true" ${email_address}>${request.user.email | h} (sequencing request owner)<input type="hidden" name="email_address" value="true"></div><div class="form-row"><label>Additional email addresses:</label>
- <textarea name="additional_email_addresses" rows="3" cols="40">${emails}</textarea>
+ <textarea name="additional_email_addresses" rows="3" cols="40">${emails | h}</textarea><div class="toolParamHelp" style="clear: both;">
Enter one email address per line
</div>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/webapps/galaxy/requests/common/find_samples.mako
--- a/templates/webapps/galaxy/requests/common/find_samples.mako
+++ b/templates/webapps/galaxy/requests/common/find_samples.mako
@@ -72,7 +72,7 @@
%if samples:
%for sample in samples:
<div class="form-row">
- Sample: <b>${sample.name}</b> | Barcode: ${sample.bar_code}<br/>
+ Sample: <b>${sample.name | h}</b> | Barcode: ${sample.bar_code | h}<br/>
%if sample.request.is_new or not sample.state:
State: Unsubmitted<br/>
%else:
@@ -85,10 +85,10 @@
%>
Datasets: <a href="${h.url_for( controller='requests_common', action='view_sample_datasets', cntrller=cntrller, external_service_id=trans.security.encode_id( external_service.id ), sample_id=trans.security.encode_id( sample.id ) )}">${len( sample.datasets )}</a><br/>
%if is_admin:
- <i>User: ${sample.request.user.email}</i>
+ <i>User: ${sample.request.user.email | h}</i>
%endif
<div class="toolParamHelp" style="clear: both;">
- <a href="${h.url_for( controller='requests_common', action='view_request', cntrller=cntrller, id=trans.security.encode_id( sample.request.id ) )}">Sequencing request: ${sample.request.name} | Type: ${sample.request.type.name} | State: ${sample.request.state}</a>
+ <a href="${h.url_for( controller='requests_common', action='view_request', cntrller=cntrller, id=trans.security.encode_id( sample.request.id ) )}">Sequencing request: ${sample.request.name | h} | Type: ${sample.request.type.name} | State: ${sample.request.state}</a></div></div><br/>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/webapps/galaxy/requests/common/view_request.mako
--- a/templates/webapps/galaxy/requests/common/view_request.mako
+++ b/templates/webapps/galaxy/requests/common/view_request.mako
@@ -58,7 +58,7 @@
${render_samples_messages(request, is_admin, is_submitted, message, status)}
<div class="toolForm">
- <div class="toolFormTitle">Sequencing request "${request.name}"</div>
+ <div class="toolFormTitle">Sequencing request "${request.name | h}"</div><div class="toolFormBody"><div class="form-row"><label>Current state:</label>
@@ -67,12 +67,12 @@
</div><div class="form-row"><label>Description:</label>
- ${request.desc}
+ ${request.desc | h}
<div style="clear: both"></div></div><div class="form-row"><label>User:</label>
- ${request.user.email}
+ ${request.user.email | h}
<div style="clear: both"></div></div><div class="form-row">
@@ -94,7 +94,7 @@
%><div class="form-row"><label>${field_label}:</label>
- ${field_value}
+ ${field_value | h}
</div><div style="clear: both"></div>
%endfor
@@ -116,7 +116,7 @@
else:
emails = ''
%>
- ${emails}
+ ${emails | h}
<div style="clear: both"></div></div><div class="form-row">
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/webapps/galaxy/requests/common/view_request_history.mako
--- a/templates/webapps/galaxy/requests/common/view_request_history.mako
+++ b/templates/webapps/galaxy/requests/common/view_request_history.mako
@@ -36,7 +36,7 @@
${render_msg( message, status )}
%endif
-<h3>History of sequencing request "${request.name}"</h3>
+<h3>History of sequencing request "${request.name | h}"</h3><div class="toolForm"><table class="grid">
@@ -52,7 +52,7 @@
<tr><td><b>${event.state}</b></td><td>${time_ago( event.update_time )}</td>
- <td>${event.comment}</td>
+ <td>${event.comment | h}</td></tr>
%endfor
</tbody>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/webapps/galaxy/requests/common/view_sample.mako
--- a/templates/webapps/galaxy/requests/common/view_sample.mako
+++ b/templates/webapps/galaxy/requests/common/view_sample.mako
@@ -6,7 +6,7 @@
%if external_service:
<p><div class="toolForm">
- <div class="toolFormTitle">Available External Service Actions for ${sample.name} at ${external_service.name}</div>
+ <div class="toolFormTitle">Available External Service Actions for ${sample.name | h} at ${external_service.name | h}</div><div class="toolFormBody"><div class="toolMenu">
%for item in external_service.actions:
@@ -25,7 +25,7 @@
<div class="form-row"><div class="toolSectionList"><div class="toolSectionTitle">
- <span>${external_service_group.label}</span>
+ <span>${external_service_group.label | h}</span></div><div class="toolSectionBody"><div class="toolSectionBg">
@@ -54,7 +54,7 @@
target = 'galaxy_main'
%><div class="toolTitle">
- <a href="${external_service_action.get_action_access_link( trans )}" target="${target}">${external_service_action.label}</a>
+ <a href="${external_service_action.get_action_access_link( trans )}" target="${target}">${external_service_action.label | h}</a></div></%def>
@@ -75,38 +75,38 @@
%endif
<div class="toolForm">
- <div class="toolFormTitle">Sample "${sample.name}"</div>
+ <div class="toolFormTitle">Sample "${sample.name | h}"</div><div class="toolFormBody"><div class="form-row"><label>Name:</label>
- ${sample.name}
+ ${sample.name | h}
<div style="clear: both"></div></div><div class="form-row"><label>Description:</label>
- ${sample.desc}
+ ${sample.desc | h}
<div style="clear: both"></div></div><div class="form-row"><label>Barcode:</label>
- ${sample.bar_code}
+ ${sample.bar_code | h}
<div style="clear: both"></div></div>
%if sample.library:
<div class="form-row"><label>Library:</label>
- ${sample.library.name}
+ ${sample.library.name | h}
<div style="clear: both"></div></div><div class="form-row"><label>Folder:</label>
- ${sample.folder.name}
+ ${sample.folder.name | h}
<div style="clear: both"></div></div>
%endif
<div class="form-row"><label>Request:</label>
- ${sample.request.name}
+ ${sample.request.name | h}
<div style="clear: both"></div></div></div>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/webapps/galaxy/requests/common/view_sample_history.mako
--- a/templates/webapps/galaxy/requests/common/view_sample_history.mako
+++ b/templates/webapps/galaxy/requests/common/view_sample_history.mako
@@ -12,7 +12,7 @@
${render_msg( message, status )}
%endif
-<h3>History of sample "${sample.name}"</h3>
+<h3>History of sample "${sample.name | h}"</h3><div class="toolForm"><table class="grid">
@@ -27,10 +27,10 @@
<tbody>
%for event in sample.events:
<tr>
- <td><b>${event.state.name}</b></td>
- <td>${event.state.desc}</td>
+ <td><b>${event.state.name | h}</b></td>
+ <td>${event.state.desc | h}</td><td>${time_ago( event.update_time )}</td>
- <td>${event.comment}</td>
+ <td>${event.comment | h}</td></tr>
%endfor
</tbody>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/webapps/galaxy/user/list_users.mako
--- a/templates/webapps/galaxy/user/list_users.mako
+++ b/templates/webapps/galaxy/user/list_users.mako
@@ -1,4 +1,5 @@
<%inherit file="/base.mako"/>
+<%namespace file="/message.mako" import="render_msg" />
%if message:
${render_msg( message, status )}
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/webapps/galaxy/user/manage_info.mako
--- a/templates/webapps/galaxy/user/manage_info.mako
+++ b/templates/webapps/galaxy/user/manage_info.mako
@@ -42,7 +42,7 @@
<p/><div class="toolForm">
- <form name="user_addresses" id="user_addresses" action="${h.url_for( controller='user', action='new_address', cntrller=cntrller, user_id=trans.security.encode_id( user.id ) )}" method="post" >
+ <form name="user_addresses" id="user_addresses" action="${h.url_for( controller='user', action='new_address', cntrller=cntrller, id=trans.security.encode_id( user.id ) )}" method="post" ><div class="toolFormTitle">User Addresses</div><div class="toolFormBody">
%if user.addresses:
@@ -53,9 +53,9 @@
<span>|</span>
%endif
%if show_filter == filter:
- <span class="filter"><a href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, show_filter=filter, user_id=trans.security.encode_id( user.id ) )}"><b>${filter}</b></a></span>
+ <span class="filter"><a href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, show_filter=filter, id=trans.security.encode_id( user.id ) )}"><b>${filter}</b></a></span>
%else:
- <span class="filter"><a href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, show_filter=filter, user_id=trans.security.encode_id( user.id ) )}">${filter}</a></span>
+ <span class="filter"><a href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, show_filter=filter, id=trans.security.encode_id( user.id ) )}">${filter}</a></span>
%endif
%endfor
</div>
@@ -73,10 +73,10 @@
<ul class="manage-table-actions"><li>
%if not address.deleted:
- <a class="action-button" href="${h.url_for( controller='user', action='edit_address', cntrller=cntrller, address_id=trans.security.encode_id( address.id ), user_id=trans.security.encode_id( user.id ) )}">Edit</a>
- <a class="action-button" href="${h.url_for( controller='user', action='delete_address', cntrller=cntrller, address_id=trans.security.encode_id( address.id ), user_id=trans.security.encode_id( user.id ) )}">Delete</a>
+ <a class="action-button" href="${h.url_for( controller='user', action='edit_address', cntrller=cntrller, address_id=trans.security.encode_id( address.id ), id=trans.security.encode_id( user.id ) )}">Edit</a>
+ <a class="action-button" href="${h.url_for( controller='user', action='delete_address', cntrller=cntrller, address_id=trans.security.encode_id( address.id ), id=trans.security.encode_id( user.id ) )}">Delete</a>
%else:
- <a class="action-button" href="${h.url_for( controller='user', action='undelete_address', cntrller=cntrller, address_id=trans.security.encode_id( address.id ), user_id=trans.security.encode_id( user.id ) )}">Undelete</a>
+ <a class="action-button" href="${h.url_for( controller='user', action='undelete_address', cntrller=cntrller, address_id=trans.security.encode_id( address.id ), id=trans.security.encode_id( user.id ) )}">Undelete</a>
%endif
</li></ul>
diff -r f7e9759b27a00e7e4a0d6c455dfa4e3744f484f9 -r 25d6c1903eceb8a2ed47459d1fefcfaed57e8995 templates/webapps/galaxy/user/ok_admin_api_keys.mako
--- a/templates/webapps/galaxy/user/ok_admin_api_keys.mako
+++ /dev/null
@@ -1,28 +0,0 @@
-<%inherit file="/base.mako"/>
-<%namespace file="/message.mako" import="render_msg" />
-
-<br/><br/>
-<ul class="manage-table-actions">
- <li>
- <a class="action-button" href="${h.url_for( controller='userskeys', action='all_users', cntrller=cntrller )}">List users API keys</a>
- </li>
-</ul>
-
-%if message:
- ${render_msg( message, status )}
-%endif
-
- <div>
- <div style="clear: both;">
- SUCCESS. A new API key has been generated.
- </div>
-
-
- <div style="clear: both;">
- An API key will allow you to access Galaxy via its web
- API (documentation forthcoming). Please note that
- <strong>this key acts as an alternate means to access
- your account, and should be treated with the same care
- as your login password</strong>.
- </div>
- </div>
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
1
0