1 new commit in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/5e4060f5ac7a/
Changeset: 5e4060f5ac7a
Branch: stable
User: jmchilton
Date: 2015-02-02 21:30:49+00:00
Summary: Merged in dan/galaxy-central-prs/stable (pull request #657)
[STABLE] Fix for preventing non-admins from running data managers via the api.
Affected #: 4 files
diff -r 96aabc4e66f193d4bb3b7b37d8ad4dce671f1b04 -r 5e4060f5ac7a3c11d4681bc80f94c620df9d0479 lib/galaxy/tools/__init__.py
--- a/lib/galaxy/tools/__init__.py
+++ b/lib/galaxy/tools/__init__.py
@@ -1388,6 +1388,12 @@
return section_id, section_name
return None, None
+ def allow_user_access( self, user ):
+ """
+ :returns: bool -- Whether the user is allowed to access the tool.
+ """
+ return True
+
def parse( self, root, guid=None ):
"""
Read tool configuration from the element `root` and fill in `self`.
@@ -3392,6 +3398,7 @@
self.data_manager_id = self.id
def exec_after_process( self, app, inp_data, out_data, param_dict, job=None, **kwds ):
+ assert self.allow_user_access( job.user ), "You must be an admin to access this tool."
#run original exec_after_process
super( DataManagerTool, self ).exec_after_process( app, inp_data, out_data, param_dict, job=job, **kwds )
#process results of tool
@@ -3415,6 +3422,7 @@
return history
user = trans.user
assert user, 'You must be logged in to use this tool.'
+ assert self.allow_user_access( user ), "You must be an admin to access this tool."
history = user.data_manager_histories
if not history:
#create
@@ -3434,6 +3442,17 @@
history = None
return history
+ def allow_user_access( self, user ):
+ """
+ :returns: bool -- Whether the user is allowed to access the tool.
+ Data Manager tools are only accessible to admins.
+ """
+ if super( DataManagerTool, self ).allow_user_access( user ) and self.app.config.is_admin_user( user ):
+ return True
+ if user:
+ user = user.id
+ log.debug( "User (%s) attempted to access a data manager tool (%s), but is not an admin.", user, self.id )
+ return False
# Populate tool_type to ToolClass mappings
tool_types = {}
diff -r 96aabc4e66f193d4bb3b7b37d8ad4dce671f1b04 -r 5e4060f5ac7a3c11d4681bc80f94c620df9d0479 lib/galaxy/tools/actions/__init__.py
--- a/lib/galaxy/tools/actions/__init__.py
+++ b/lib/galaxy/tools/actions/__init__.py
@@ -155,6 +155,7 @@
submitting the job to the job queue. If history is not specified, use
trans.history as destination for tool's output datasets.
"""
+ assert tool.allow_user_access( trans.user ), "User (%s) is not allowed to access this tool." % ( trans.user )
# Set history.
if not history:
history = tool.get_default_history_by_trans( trans, create=True )
diff -r 96aabc4e66f193d4bb3b7b37d8ad4dce671f1b04 -r 5e4060f5ac7a3c11d4681bc80f94c620df9d0479 lib/galaxy/webapps/galaxy/api/tools.py
--- a/lib/galaxy/webapps/galaxy/api/tools.py
+++ b/lib/galaxy/webapps/galaxy/api/tools.py
@@ -63,7 +63,7 @@
"""
io_details = util.string_as_bool( kwd.get( 'io_details', False ) )
link_details = util.string_as_bool( kwd.get( 'link_details', False ) )
- tool = self._get_tool( id )
+ tool = self._get_tool( id, user=trans.user )
return tool.to_dict( trans, io_details=io_details, link_details=link_details )
@_future_expose_api_anonymous
@@ -89,7 +89,7 @@
@_future_expose_api_anonymous
def citations( self, trans, id, **kwds ):
- tool = self._get_tool( id )
+ tool = self._get_tool( id, user=trans.user )
rval = []
for citation in tool.citations:
rval.append( citation.to_dict( 'bibtex' ) )
@@ -122,7 +122,7 @@
# Get tool.
tool = trans.app.toolbox.get_tool( payload[ 'tool_id' ] ) if 'tool_id' in payload else None
- if not tool:
+ if not tool or not tool.allow_user_access( trans.user ):
trans.response.status = 404
return { "message": { "type": "error", "text" : trans.app.model.Dataset.conversion_messages.NO_TOOL } }
@@ -212,10 +212,10 @@
#
# -- Helper methods --
#
- def _get_tool( self, id ):
+ def _get_tool( self, id, user=None ):
id = urllib.unquote_plus( id )
tool = self.app.toolbox.get_tool( id )
- if not tool:
+ if not tool or not tool.allow_user_access( user ):
raise exceptions.ObjectNotFound("Could not find tool with id '%s'" % id)
return tool
@@ -281,7 +281,7 @@
#
original_job = self.get_hda_job( original_dataset )
tool = trans.app.toolbox.get_tool( original_job.tool_id )
- if not tool:
+ if not tool or not tool.allow_user_access( trans.user ):
return trans.app.model.Dataset.conversion_messages.NO_TOOL
tool_params = dict( [ ( p.name, p.value ) for p in original_job.parameters ] )
diff -r 96aabc4e66f193d4bb3b7b37d8ad4dce671f1b04 -r 5e4060f5ac7a3c11d4681bc80f94c620df9d0479 lib/galaxy/webapps/galaxy/controllers/tool_runner.py
--- a/lib/galaxy/webapps/galaxy/controllers/tool_runner.py
+++ b/lib/galaxy/webapps/galaxy/controllers/tool_runner.py
@@ -65,7 +65,7 @@
get_loaded_tools_by_lineage=False,
set_selected=refreshed_on_change )
# No tool matching the tool id, display an error (shouldn't happen)
- if not tool:
+ if not tool or not tool.allow_user_access( trans.user ):
log.error( "index called with tool id '%s' but no such tool exists", tool_id )
trans.log_event( "Tool id '%s' does not exist" % tool_id )
trans.response.status = 404
@@ -191,6 +191,8 @@
# This is expected so not an exception.
tool_id_version_message = ''
error( "This dataset was created by an obsolete tool (%s). Can't re-run." % tool_id )
+ if not tool.allow_user_access( trans.user ):
+ error( "The requested tool is unknown." )
# Can't rerun upload, external data sources, et cetera. Workflow compatible will proxy this for now
if not tool.is_workflow_compatible:
error( "The '%s' tool does not currently support rerunning." % tool.name )
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
2 new commits in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/0b9127ab708d/
Changeset: 0b9127ab708d
Branch: stable
User: dan
Date: 2015-02-02 21:21:00+00:00
Summary: Fix for preventing non-admins from running data managers via the api.
Affected #: 4 files
diff -r 1b96d3a4ff28da2bd547b65ad86c5ad5a9bbfb90 -r 0b9127ab708d7d8497e80169a3b8636aea1e37c6 lib/galaxy/tools/__init__.py
--- a/lib/galaxy/tools/__init__.py
+++ b/lib/galaxy/tools/__init__.py
@@ -1388,6 +1388,12 @@
return section_id, section_name
return None, None
+ def allow_user_access( self, user ):
+ """
+ :returns: bool -- Whether the user is allowed to access the tool.
+ """
+ return True
+
def parse( self, root, guid=None ):
"""
Read tool configuration from the element `root` and fill in `self`.
@@ -3392,6 +3398,7 @@
self.data_manager_id = self.id
def exec_after_process( self, app, inp_data, out_data, param_dict, job=None, **kwds ):
+ assert self.allow_user_access( job.user ), "You must be an admin to access this tool."
#run original exec_after_process
super( DataManagerTool, self ).exec_after_process( app, inp_data, out_data, param_dict, job=job, **kwds )
#process results of tool
@@ -3415,6 +3422,7 @@
return history
user = trans.user
assert user, 'You must be logged in to use this tool.'
+ assert self.allow_user_access( user ), "You must be an admin to access this tool."
history = user.data_manager_histories
if not history:
#create
@@ -3434,6 +3442,17 @@
history = None
return history
+ def allow_user_access( self, user ):
+ """
+ :returns: bool -- Whether the user is allowed to access the tool.
+ Data Manager tools are only accessible to admins.
+ """
+ if super( DataManagerTool, self ).allow_user_access( user ) and self.app.config.is_admin_user( user ):
+ return True
+ if user:
+ user = user.id
+ log.debug( "User (%s) attempted to access a data manager tool (%s), but is not an admin.", user, self.id )
+ return False
# Populate tool_type to ToolClass mappings
tool_types = {}
diff -r 1b96d3a4ff28da2bd547b65ad86c5ad5a9bbfb90 -r 0b9127ab708d7d8497e80169a3b8636aea1e37c6 lib/galaxy/tools/actions/__init__.py
--- a/lib/galaxy/tools/actions/__init__.py
+++ b/lib/galaxy/tools/actions/__init__.py
@@ -155,6 +155,7 @@
submitting the job to the job queue. If history is not specified, use
trans.history as destination for tool's output datasets.
"""
+ assert tool.allow_user_access( trans.user ), "User (%s) is not allowed to access this tool." % ( trans.user )
# Set history.
if not history:
history = tool.get_default_history_by_trans( trans, create=True )
diff -r 1b96d3a4ff28da2bd547b65ad86c5ad5a9bbfb90 -r 0b9127ab708d7d8497e80169a3b8636aea1e37c6 lib/galaxy/webapps/galaxy/api/tools.py
--- a/lib/galaxy/webapps/galaxy/api/tools.py
+++ b/lib/galaxy/webapps/galaxy/api/tools.py
@@ -63,7 +63,7 @@
"""
io_details = util.string_as_bool( kwd.get( 'io_details', False ) )
link_details = util.string_as_bool( kwd.get( 'link_details', False ) )
- tool = self._get_tool( id )
+ tool = self._get_tool( id, user=trans.user )
return tool.to_dict( trans, io_details=io_details, link_details=link_details )
@_future_expose_api_anonymous
@@ -89,7 +89,7 @@
@_future_expose_api_anonymous
def citations( self, trans, id, **kwds ):
- tool = self._get_tool( id )
+ tool = self._get_tool( id, user=trans.user )
rval = []
for citation in tool.citations:
rval.append( citation.to_dict( 'bibtex' ) )
@@ -122,7 +122,7 @@
# Get tool.
tool = trans.app.toolbox.get_tool( payload[ 'tool_id' ] ) if 'tool_id' in payload else None
- if not tool:
+ if not tool or not tool.allow_user_access( trans.user ):
trans.response.status = 404
return { "message": { "type": "error", "text" : trans.app.model.Dataset.conversion_messages.NO_TOOL } }
@@ -212,10 +212,10 @@
#
# -- Helper methods --
#
- def _get_tool( self, id ):
+ def _get_tool( self, id, user=None ):
id = urllib.unquote_plus( id )
tool = self.app.toolbox.get_tool( id )
- if not tool:
+ if not tool or not tool.allow_user_access( user ):
raise exceptions.ObjectNotFound("Could not find tool with id '%s'" % id)
return tool
@@ -281,7 +281,7 @@
#
original_job = self.get_hda_job( original_dataset )
tool = trans.app.toolbox.get_tool( original_job.tool_id )
- if not tool:
+ if not tool or not tool.allow_user_access( trans.user ):
return trans.app.model.Dataset.conversion_messages.NO_TOOL
tool_params = dict( [ ( p.name, p.value ) for p in original_job.parameters ] )
diff -r 1b96d3a4ff28da2bd547b65ad86c5ad5a9bbfb90 -r 0b9127ab708d7d8497e80169a3b8636aea1e37c6 lib/galaxy/webapps/galaxy/controllers/tool_runner.py
--- a/lib/galaxy/webapps/galaxy/controllers/tool_runner.py
+++ b/lib/galaxy/webapps/galaxy/controllers/tool_runner.py
@@ -65,7 +65,7 @@
get_loaded_tools_by_lineage=False,
set_selected=refreshed_on_change )
# No tool matching the tool id, display an error (shouldn't happen)
- if not tool:
+ if not tool or not tool.allow_user_access( trans.user ):
log.error( "index called with tool id '%s' but no such tool exists", tool_id )
trans.log_event( "Tool id '%s' does not exist" % tool_id )
trans.response.status = 404
@@ -191,6 +191,8 @@
# This is expected so not an exception.
tool_id_version_message = ''
error( "This dataset was created by an obsolete tool (%s). Can't re-run." % tool_id )
+ if not tool.allow_user_access( trans.user ):
+ error( "The requested tool is unknown." )
# Can't rerun upload, external data sources, et cetera. Workflow compatible will proxy this for now
if not tool.is_workflow_compatible:
error( "The '%s' tool does not currently support rerunning." % tool.name )
https://bitbucket.org/galaxy/galaxy-central/commits/5e4060f5ac7a/
Changeset: 5e4060f5ac7a
Branch: stable
User: jmchilton
Date: 2015-02-02 21:30:49+00:00
Summary: Merged in dan/galaxy-central-prs/stable (pull request #657)
[STABLE] Fix for preventing non-admins from running data managers via the api.
Affected #: 4 files
diff -r 96aabc4e66f193d4bb3b7b37d8ad4dce671f1b04 -r 5e4060f5ac7a3c11d4681bc80f94c620df9d0479 lib/galaxy/tools/__init__.py
--- a/lib/galaxy/tools/__init__.py
+++ b/lib/galaxy/tools/__init__.py
@@ -1388,6 +1388,12 @@
return section_id, section_name
return None, None
+ def allow_user_access( self, user ):
+ """
+ :returns: bool -- Whether the user is allowed to access the tool.
+ """
+ return True
+
def parse( self, root, guid=None ):
"""
Read tool configuration from the element `root` and fill in `self`.
@@ -3392,6 +3398,7 @@
self.data_manager_id = self.id
def exec_after_process( self, app, inp_data, out_data, param_dict, job=None, **kwds ):
+ assert self.allow_user_access( job.user ), "You must be an admin to access this tool."
#run original exec_after_process
super( DataManagerTool, self ).exec_after_process( app, inp_data, out_data, param_dict, job=job, **kwds )
#process results of tool
@@ -3415,6 +3422,7 @@
return history
user = trans.user
assert user, 'You must be logged in to use this tool.'
+ assert self.allow_user_access( user ), "You must be an admin to access this tool."
history = user.data_manager_histories
if not history:
#create
@@ -3434,6 +3442,17 @@
history = None
return history
+ def allow_user_access( self, user ):
+ """
+ :returns: bool -- Whether the user is allowed to access the tool.
+ Data Manager tools are only accessible to admins.
+ """
+ if super( DataManagerTool, self ).allow_user_access( user ) and self.app.config.is_admin_user( user ):
+ return True
+ if user:
+ user = user.id
+ log.debug( "User (%s) attempted to access a data manager tool (%s), but is not an admin.", user, self.id )
+ return False
# Populate tool_type to ToolClass mappings
tool_types = {}
diff -r 96aabc4e66f193d4bb3b7b37d8ad4dce671f1b04 -r 5e4060f5ac7a3c11d4681bc80f94c620df9d0479 lib/galaxy/tools/actions/__init__.py
--- a/lib/galaxy/tools/actions/__init__.py
+++ b/lib/galaxy/tools/actions/__init__.py
@@ -155,6 +155,7 @@
submitting the job to the job queue. If history is not specified, use
trans.history as destination for tool's output datasets.
"""
+ assert tool.allow_user_access( trans.user ), "User (%s) is not allowed to access this tool." % ( trans.user )
# Set history.
if not history:
history = tool.get_default_history_by_trans( trans, create=True )
diff -r 96aabc4e66f193d4bb3b7b37d8ad4dce671f1b04 -r 5e4060f5ac7a3c11d4681bc80f94c620df9d0479 lib/galaxy/webapps/galaxy/api/tools.py
--- a/lib/galaxy/webapps/galaxy/api/tools.py
+++ b/lib/galaxy/webapps/galaxy/api/tools.py
@@ -63,7 +63,7 @@
"""
io_details = util.string_as_bool( kwd.get( 'io_details', False ) )
link_details = util.string_as_bool( kwd.get( 'link_details', False ) )
- tool = self._get_tool( id )
+ tool = self._get_tool( id, user=trans.user )
return tool.to_dict( trans, io_details=io_details, link_details=link_details )
@_future_expose_api_anonymous
@@ -89,7 +89,7 @@
@_future_expose_api_anonymous
def citations( self, trans, id, **kwds ):
- tool = self._get_tool( id )
+ tool = self._get_tool( id, user=trans.user )
rval = []
for citation in tool.citations:
rval.append( citation.to_dict( 'bibtex' ) )
@@ -122,7 +122,7 @@
# Get tool.
tool = trans.app.toolbox.get_tool( payload[ 'tool_id' ] ) if 'tool_id' in payload else None
- if not tool:
+ if not tool or not tool.allow_user_access( trans.user ):
trans.response.status = 404
return { "message": { "type": "error", "text" : trans.app.model.Dataset.conversion_messages.NO_TOOL } }
@@ -212,10 +212,10 @@
#
# -- Helper methods --
#
- def _get_tool( self, id ):
+ def _get_tool( self, id, user=None ):
id = urllib.unquote_plus( id )
tool = self.app.toolbox.get_tool( id )
- if not tool:
+ if not tool or not tool.allow_user_access( user ):
raise exceptions.ObjectNotFound("Could not find tool with id '%s'" % id)
return tool
@@ -281,7 +281,7 @@
#
original_job = self.get_hda_job( original_dataset )
tool = trans.app.toolbox.get_tool( original_job.tool_id )
- if not tool:
+ if not tool or not tool.allow_user_access( trans.user ):
return trans.app.model.Dataset.conversion_messages.NO_TOOL
tool_params = dict( [ ( p.name, p.value ) for p in original_job.parameters ] )
diff -r 96aabc4e66f193d4bb3b7b37d8ad4dce671f1b04 -r 5e4060f5ac7a3c11d4681bc80f94c620df9d0479 lib/galaxy/webapps/galaxy/controllers/tool_runner.py
--- a/lib/galaxy/webapps/galaxy/controllers/tool_runner.py
+++ b/lib/galaxy/webapps/galaxy/controllers/tool_runner.py
@@ -65,7 +65,7 @@
get_loaded_tools_by_lineage=False,
set_selected=refreshed_on_change )
# No tool matching the tool id, display an error (shouldn't happen)
- if not tool:
+ if not tool or not tool.allow_user_access( trans.user ):
log.error( "index called with tool id '%s' but no such tool exists", tool_id )
trans.log_event( "Tool id '%s' does not exist" % tool_id )
trans.response.status = 404
@@ -191,6 +191,8 @@
# This is expected so not an exception.
tool_id_version_message = ''
error( "This dataset was created by an obsolete tool (%s). Can't re-run." % tool_id )
+ if not tool.allow_user_access( trans.user ):
+ error( "The requested tool is unknown." )
# Can't rerun upload, external data sources, et cetera. Workflow compatible will proxy this for now
if not tool.is_workflow_compatible:
error( "The '%s' tool does not currently support rerunning." % tool.name )
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
1 new commit in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/ff3c5721f748/
Changeset: ff3c5721f748
User: dan
Date: 2015-02-02 20:57:18+00:00
Summary: Fix for preventing non-admins from running data managers via the api.
Affected #: 4 files
diff -r 8e5b9caba8ff493c25684ebdb6f69b819c34dca6 -r ff3c5721f74857cf689966abfdeb0dc9390bf605 lib/galaxy/tools/__init__.py
--- a/lib/galaxy/tools/__init__.py
+++ b/lib/galaxy/tools/__init__.py
@@ -550,6 +550,12 @@
def get_panel_section( self ):
return self.app.toolbox.get_integrated_section_for_tool( self )
+ def allow_user_access( self, user ):
+ """
+ :returns: bool -- Whether the user is allowed to access the tool.
+ """
+ return True
+
def parse( self, tool_source, guid=None ):
"""
Read tool configuration from the element `root` and fill in `self`.
@@ -2799,6 +2805,7 @@
self.data_manager_id = self.id
def exec_after_process( self, app, inp_data, out_data, param_dict, job=None, **kwds ):
+ assert self.allow_user_access( job.user ), "You must be an admin to access this tool."
#run original exec_after_process
super( DataManagerTool, self ).exec_after_process( app, inp_data, out_data, param_dict, job=job, **kwds )
#process results of tool
@@ -2822,6 +2829,7 @@
return history
user = trans.user
assert user, 'You must be logged in to use this tool.'
+ assert self.allow_user_access( user ), "You must be an admin to access this tool."
history = user.data_manager_histories
if not history:
#create
@@ -2841,6 +2849,17 @@
history = None
return history
+ def allow_user_access( self, user ):
+ """
+ :returns: bool -- Whether the user is allowed to access the tool.
+ Data Manager tools are only accessible to admins.
+ """
+ if super( DataManagerTool, self ).allow_user_access( user ) and self.app.config.is_admin_user( user ):
+ return True
+ if user:
+ user = user.id
+ log.debug( "User (%s) attempted to access a data manager tool (%s), but is not an admin.", user, self.id )
+ return False
# Populate tool_type to ToolClass mappings
tool_types = {}
diff -r 8e5b9caba8ff493c25684ebdb6f69b819c34dca6 -r ff3c5721f74857cf689966abfdeb0dc9390bf605 lib/galaxy/tools/actions/__init__.py
--- a/lib/galaxy/tools/actions/__init__.py
+++ b/lib/galaxy/tools/actions/__init__.py
@@ -155,6 +155,7 @@
submitting the job to the job queue. If history is not specified, use
trans.history as destination for tool's output datasets.
"""
+ assert tool.allow_user_access( trans.user ), "User (%s) is not allowed to access this tool." % ( trans.user )
# Set history.
if not history:
history = tool.get_default_history_by_trans( trans, create=True )
diff -r 8e5b9caba8ff493c25684ebdb6f69b819c34dca6 -r ff3c5721f74857cf689966abfdeb0dc9390bf605 lib/galaxy/webapps/galaxy/api/tools.py
--- a/lib/galaxy/webapps/galaxy/api/tools.py
+++ b/lib/galaxy/webapps/galaxy/api/tools.py
@@ -67,7 +67,7 @@
"""
io_details = util.string_as_bool( kwd.get( 'io_details', False ) )
link_details = util.string_as_bool( kwd.get( 'link_details', False ) )
- tool = self._get_tool( id )
+ tool = self._get_tool( id, user=trans.user )
return tool.to_dict( trans, io_details=io_details, link_details=link_details )
@_future_expose_api_anonymous
@@ -98,7 +98,7 @@
@_future_expose_api_anonymous
def citations( self, trans, id, **kwds ):
- tool = self._get_tool( id )
+ tool = self._get_tool( id, user=trans.user )
rval = []
for citation in tool.citations:
rval.append( citation.to_dict( 'bibtex' ) )
@@ -132,7 +132,7 @@
# Get tool.
tool_version = payload.get( 'tool_version', None )
tool = trans.app.toolbox.get_tool( payload[ 'tool_id' ] , tool_version ) if 'tool_id' in payload else None
- if not tool:
+ if not tool or not tool.allow_user_access( trans.user ):
trans.response.status = 404
return { "message": { "type": "error", "text" : trans.app.model.Dataset.conversion_messages.NO_TOOL } }
@@ -230,10 +230,10 @@
#
# -- Helper methods --
#
- def _get_tool( self, id, tool_version=None ):
+ def _get_tool( self, id, tool_version=None, user=None ):
id = urllib.unquote_plus( id )
tool = self.app.toolbox.get_tool( id, tool_version )
- if not tool:
+ if not tool or not tool.allow_user_access( user ):
raise exceptions.ObjectNotFound("Could not find tool with id '%s'" % id)
return tool
@@ -300,7 +300,7 @@
#
original_job = self.hda_manager.creating_job( original_dataset )
tool = trans.app.toolbox.get_tool( original_job.tool_id )
- if not tool:
+ if not tool or not tool.allow_user_access( trans.user ):
return trans.app.model.Dataset.conversion_messages.NO_TOOL
tool_params = dict( [ ( p.name, p.value ) for p in original_job.parameters ] )
diff -r 8e5b9caba8ff493c25684ebdb6f69b819c34dca6 -r ff3c5721f74857cf689966abfdeb0dc9390bf605 lib/galaxy/webapps/galaxy/controllers/tool_runner.py
--- a/lib/galaxy/webapps/galaxy/controllers/tool_runner.py
+++ b/lib/galaxy/webapps/galaxy/controllers/tool_runner.py
@@ -65,7 +65,7 @@
get_loaded_tools_by_lineage=False,
set_selected=refreshed_on_change )
# No tool matching the tool id, display an error (shouldn't happen)
- if not tool:
+ if not tool or not tool.allow_user_access( trans.user ):
log.error( "index called with tool id '%s' but no such tool exists", tool_id )
trans.log_event( "Tool id '%s' does not exist" % tool_id )
trans.response.status = 404
@@ -191,6 +191,8 @@
# This is expected so not an exception.
tool_id_version_message = ''
error( "This dataset was created by an obsolete tool (%s). Can't re-run." % tool_id )
+ if not tool.allow_user_access( trans.user ):
+ error( "The requested tool is unknown." )
# Can't rerun upload, external data sources, et cetera. Workflow compatible will proxy this for now
if not tool.is_workflow_compatible:
error( "The '%s' tool does not currently support rerunning." % tool.name )
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
1 new commit in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/8e5b9caba8ff/
Changeset: 8e5b9caba8ff
User: carlfeberhard
Date: 2015-02-02 20:37:34+00:00
Summary: Core: error with 403 if user is not logged in *and* there is no session (gen. api call with no api key)
Affected #: 1 file
diff -r e56a78608c79097a6227f8c06cba8a45580a2a7d -r 8e5b9caba8ff493c25684ebdb6f69b819c34dca6 lib/galaxy/web/framework/decorators.py
--- a/lib/galaxy/web/framework/decorators.py
+++ b/lib/galaxy/web/framework/decorators.py
@@ -206,7 +206,10 @@
# TODO: Document this branch, when can this happen,
# I don't understand it.
return __api_error_response( trans, err_msg=trans.error_message )
- if user_required and trans.anonymous:
+ # error if user required and anon
+ # error if anon and no session
+ if ( ( trans.anonymous and user_required )
+ or ( trans.anonymous and not trans.galaxy_session ) ):
error_code = error_codes.USER_NO_API_KEY
# Use error codes default error message.
err_msg = "API authentication required for this request"
@@ -219,8 +222,10 @@
return __api_error_response( trans, status_code=400, err_code=error_code )
trans.response.set_content_type( JSON_CONTENT_TYPE )
+
# send 'do not cache' headers to handle IE's caching of ajax get responses
trans.response.headers[ 'Cache-Control' ] = "max-age=0,no-cache,no-store"
+
# TODO: Refactor next block out into a helper procedure.
# Perform api_run_as processing, possibly changing identity
if 'payload' in kwargs and 'run_as' in kwargs['payload']:
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
1 new commit in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/e56a78608c79/
Changeset: e56a78608c79
User: dannon
Date: 2015-02-02 20:22:32+00:00
Summary: Merged in nsoranzo/galaxy-central (pull request #656)
Merge rolling_restart.sh in run.sh by adding --wait parameter.
Affected #: 2 files
diff -r 8d74daa932a06f7bbd3e357f8216c8f58ae55965 -r e56a78608c79097a6227f8c06cba8a45580a2a7d rolling_restart.sh
--- a/rolling_restart.sh
+++ b/rolling_restart.sh
@@ -2,60 +2,4 @@
cd `dirname $0`
-# If there is a .venv/ directory, assume it contains a virtualenv that we
-# should run this instance in.
-if [ -d .venv ];
-then
- . .venv/bin/activate
-fi
-
-python ./scripts/check_python.py
-[ $? -ne 0 ] && exit 1
-
-./scripts/common_startup.sh
-
-if [ -n "$GALAXY_UNIVERSE_CONFIG_DIR" ]; then
- python ./scripts/build_universe_config.py "$GALAXY_UNIVERSE_CONFIG_DIR"
-fi
-
-if [ -z "$GALAXY_CONFIG_FILE" ]; then
- if [ -f universe_wsgi.ini ]; then
- GALAXY_CONFIG_FILE=universe_wsgi.ini
- elif [ -f config/galaxy.ini ]; then
- GALAXY_CONFIG_FILE=config/galaxy.ini
- else
- GALAXY_CONFIG_FILE=config/galaxy.ini.sample
- fi
- export GALAXY_CONFIG_FILE
-fi
-
-servers=`sed -n 's/^\[server:\(.*\)\]/\1/ p' $GALAXY_CONFIG_FILE | xargs echo`
-for server in $servers; do
- # If there's a pid
- if [ -e $server.pid ]; then
- # Then kill it
- echo "Killing $server"
- pid=`cat $server.pid`
- kill $pid
- else
- # Otherwise just continue
- echo "$server not running"
- fi
- # Start the server (and background) (should this be nohup'd?)
- python ./scripts/paster.py serve $GALAXY_CONFIG_FILE --server-name=$server --pid-file=$server.pid --log-file=$server.log --daemon $@
- while true; do
- sleep 1
- printf "."
- # Grab the current pid from the pid file
- if ! current_pid_in_file=$(cat $server.pid); then
- echo "A Galaxy process died, interrupting" >&2
- exit 1
- fi
- # Search for all pids in the logs and tail for the last one
- latest_pid=`egrep '^Starting server in PID [0-9]+\.$' $server.log -o | sed 's/Starting server in PID //g;s/\.$//g' | tail -n 1`
- # If they're equivalent, then the current pid file agrees with our logs
- # and we've succesfully started
- [ -n "$latest_pid" ] && [ $latest_pid -eq $current_pid_in_file ] && break
- done
- echo
-done
+GALAXY_RUN_ALL=1 ./run.sh restart --wait
diff -r 8d74daa932a06f7bbd3e357f8216c8f58ae55965 -r e56a78608c79097a6227f8c06cba8a45580a2a7d run.sh
--- a/run.sh
+++ b/run.sh
@@ -44,15 +44,38 @@
if [ -n "$GALAXY_RUN_ALL" ]; then
servers=`sed -n 's/^\[server:\(.*\)\]/\1/ p' $GALAXY_CONFIG_FILE | xargs echo`
- daemon=`echo "$@" | grep -q daemon`
+ echo "$@" | grep -q 'daemon\|restart'
if [ $? -ne 0 ]; then
- echo 'ERROR: $GALAXY_RUN_ALL cannot be used without the `--daemon` or `--stop-daemon` arguments to run.sh'
+ echo 'ERROR: $GALAXY_RUN_ALL cannot be used without the `--daemon`, `--stop-daemon` or `restart` arguments to run.sh'
exit 1
fi
+ (echo "$@" | grep -q -e '--daemon\|restart') && (echo "$@" | grep -q -e '--wait')
+ WAIT=$?
+ ARGS=`echo "$@" | sed 's/--wait//'`
for server in $servers; do
- echo "Handling $server with log file $server.log..."
- python ./scripts/paster.py serve $GALAXY_CONFIG_FILE --server-name=$server --pid-file=$server.pid --log-file=$server.log $@
+ if [ $WAIT -eq 0 ]; then
+ python ./scripts/paster.py serve $GALAXY_CONFIG_FILE --server-name=$server --pid-file=$server.pid --log-file=$server.log $ARGS
+ while true; do
+ sleep 1
+ printf "."
+ # Grab the current pid from the pid file
+ if ! current_pid_in_file=$(cat $server.pid); then
+ echo "A Galaxy process died, interrupting" >&2
+ exit 1
+ fi
+ # Search for all pids in the logs and tail for the last one
+ latest_pid=`egrep '^Starting server in PID [0-9]+\.$' $server.log -o | sed 's/Starting server in PID //g;s/\.$//g' | tail -n 1`
+ # If they're equivalent, then the current pid file agrees with our logs
+ # and we've succesfully started
+ [ -n "$latest_pid" ] && [ $latest_pid -eq $current_pid_in_file ] && break
+ done
+ echo
+ else
+ echo "Handling $server with log file $server.log..."
+ python ./scripts/paster.py serve $GALAXY_CONFIG_FILE --server-name=$server --pid-file=$server.pid --log-file=$server.log $@
+ fi
done
else
+ # Handle only 1 server, whose name can be specified with --server-name parameter (defaults to "main")
python ./scripts/paster.py serve $GALAXY_CONFIG_FILE $@
fi
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
4 new commits in galaxy-central:
https://bitbucket.org/galaxy/galaxy-central/commits/1333f32a5063/
Changeset: 1333f32a5063
User: nsoranzo
Date: 2015-02-02 15:46:48+00:00
Summary: Allow "GALAXY_RUN_ALL=1 ./run.sh restart" since --daemon is implied.
Affected #: 1 file
diff -r 5aca28ab8cfbbc1769f68fcfacf3dfbf9352ccde -r 1333f32a50639a2d2dfaca327b20520da358721c run.sh
--- a/run.sh
+++ b/run.sh
@@ -44,9 +44,9 @@
if [ -n "$GALAXY_RUN_ALL" ]; then
servers=`sed -n 's/^\[server:\(.*\)\]/\1/ p' $GALAXY_CONFIG_FILE | xargs echo`
- daemon=`echo "$@" | grep -q daemon`
+ echo "$@" | grep -q 'daemon\|restart'
if [ $? -ne 0 ]; then
- echo 'ERROR: $GALAXY_RUN_ALL cannot be used without the `--daemon` or `--stop-daemon` arguments to run.sh'
+ echo 'ERROR: $GALAXY_RUN_ALL cannot be used without the `--daemon`, `--stop-daemon` or `restart` arguments to run.sh'
exit 1
fi
for server in $servers; do
@@ -54,5 +54,6 @@
python ./scripts/paster.py serve $GALAXY_CONFIG_FILE --server-name=$server --pid-file=$server.pid --log-file=$server.log $@
done
else
+ # Handle only 1 server, whose name can be specified with --server-name parameter (defaults to "main")
python ./scripts/paster.py serve $GALAXY_CONFIG_FILE $@
fi
https://bitbucket.org/galaxy/galaxy-central/commits/6d11484ceb7d/
Changeset: 6d11484ceb7d
User: nsoranzo
Date: 2015-02-02 16:08:13+00:00
Summary: Merge rolling_restart.sh in run.sh by adding --wait parameter.
Also add the following combination:
GALAXY_RUN_ALL=1 ./run.sh --daemon --wait
which, by preventing servers from starting simultaneously, is useful when
multiple servers are configured before creating the database, or when updating
to a new Galaxy release containing a database upgrade.
Affected #: 2 files
diff -r 1333f32a50639a2d2dfaca327b20520da358721c -r 6d11484ceb7d797f5571df24a147d3f59f8ee553 rolling_restart.sh
--- a/rolling_restart.sh
+++ b/rolling_restart.sh
@@ -1,61 +1,3 @@
#!/bin/sh
-cd `dirname $0`
-
-# If there is a .venv/ directory, assume it contains a virtualenv that we
-# should run this instance in.
-if [ -d .venv ];
-then
- . .venv/bin/activate
-fi
-
-python ./scripts/check_python.py
-[ $? -ne 0 ] && exit 1
-
-./scripts/common_startup.sh
-
-if [ -n "$GALAXY_UNIVERSE_CONFIG_DIR" ]; then
- python ./scripts/build_universe_config.py "$GALAXY_UNIVERSE_CONFIG_DIR"
-fi
-
-if [ -z "$GALAXY_CONFIG_FILE" ]; then
- if [ -f universe_wsgi.ini ]; then
- GALAXY_CONFIG_FILE=universe_wsgi.ini
- elif [ -f config/galaxy.ini ]; then
- GALAXY_CONFIG_FILE=config/galaxy.ini
- else
- GALAXY_CONFIG_FILE=config/galaxy.ini.sample
- fi
- export GALAXY_CONFIG_FILE
-fi
-
-servers=`sed -n 's/^\[server:\(.*\)\]/\1/ p' $GALAXY_CONFIG_FILE | xargs echo`
-for server in $servers; do
- # If there's a pid
- if [ -e $server.pid ]; then
- # Then kill it
- echo "Killing $server"
- pid=`cat $server.pid`
- kill $pid
- else
- # Otherwise just continue
- echo "$server not running"
- fi
- # Start the server (and background) (should this be nohup'd?)
- python ./scripts/paster.py serve $GALAXY_CONFIG_FILE --server-name=$server --pid-file=$server.pid --log-file=$server.log --daemon $@
- while true; do
- sleep 1
- printf "."
- # Grab the current pid from the pid file
- if ! current_pid_in_file=$(cat $server.pid); then
- echo "A Galaxy process died, interrupting" >&2
- exit 1
- fi
- # Search for all pids in the logs and tail for the last one
- latest_pid=`egrep '^Starting server in PID [0-9]+\.$' $server.log -o | sed 's/Starting server in PID //g;s/\.$//g' | tail -n 1`
- # If they're equivalent, then the current pid file agrees with our logs
- # and we've succesfully started
- [ -n "$latest_pid" ] && [ $latest_pid -eq $current_pid_in_file ] && break
- done
- echo
-done
+GALAXY_RUN_ALL=1 ./run.sh restart --wait
diff -r 1333f32a50639a2d2dfaca327b20520da358721c -r 6d11484ceb7d797f5571df24a147d3f59f8ee553 run.sh
--- a/run.sh
+++ b/run.sh
@@ -49,9 +49,31 @@
echo 'ERROR: $GALAXY_RUN_ALL cannot be used without the `--daemon`, `--stop-daemon` or `restart` arguments to run.sh'
exit 1
fi
+ (echo "$@" | grep -q -e '--daemon\|restart') && (echo "$@" | grep -q -e '--wait')
+ WAIT=$?
+ ARGS=`echo "$@" | sed 's/--wait//'`
for server in $servers; do
- echo "Handling $server with log file $server.log..."
- python ./scripts/paster.py serve $GALAXY_CONFIG_FILE --server-name=$server --pid-file=$server.pid --log-file=$server.log $@
+ if [ $WAIT -eq 0 ]; then
+ python ./scripts/paster.py serve $GALAXY_CONFIG_FILE --server-name=$server --pid-file=$server.pid --log-file=$server.log $ARGS
+ while true; do
+ sleep 1
+ printf "."
+ # Grab the current pid from the pid file
+ if ! current_pid_in_file=$(cat $server.pid); then
+ echo "A Galaxy process died, interrupting" >&2
+ exit 1
+ fi
+ # Search for all pids in the logs and tail for the last one
+ latest_pid=`egrep '^Starting server in PID [0-9]+\.$' $server.log -o | sed 's/Starting server in PID //g;s/\.$//g' | tail -n 1`
+ # If they're equivalent, then the current pid file agrees with our logs
+ # and we've succesfully started
+ [ -n "$latest_pid" ] && [ $latest_pid -eq $current_pid_in_file ] && break
+ done
+ echo
+ else
+ echo "Handling $server with log file $server.log..."
+ python ./scripts/paster.py serve $GALAXY_CONFIG_FILE --server-name=$server --pid-file=$server.pid --log-file=$server.log $@
+ fi
done
else
# Handle only 1 server, whose name can be specified with --server-name parameter (defaults to "main")
https://bitbucket.org/galaxy/galaxy-central/commits/d9c2dce96ec4/
Changeset: d9c2dce96ec4
User: nsoranzo
Date: 2015-02-02 17:30:03+00:00
Summary: Restore a line deleted by mistake. Thanks John.
Affected #: 1 file
diff -r 6d11484ceb7d797f5571df24a147d3f59f8ee553 -r d9c2dce96ec4376816a0bf23b4ba956616b63a48 rolling_restart.sh
--- a/rolling_restart.sh
+++ b/rolling_restart.sh
@@ -1,3 +1,5 @@
#!/bin/sh
+cd `dirname $0`
+
GALAXY_RUN_ALL=1 ./run.sh restart --wait
https://bitbucket.org/galaxy/galaxy-central/commits/e56a78608c79/
Changeset: e56a78608c79
User: dannon
Date: 2015-02-02 20:22:32+00:00
Summary: Merged in nsoranzo/galaxy-central (pull request #656)
Merge rolling_restart.sh in run.sh by adding --wait parameter.
Affected #: 2 files
diff -r 8d74daa932a06f7bbd3e357f8216c8f58ae55965 -r e56a78608c79097a6227f8c06cba8a45580a2a7d rolling_restart.sh
--- a/rolling_restart.sh
+++ b/rolling_restart.sh
@@ -2,60 +2,4 @@
cd `dirname $0`
-# If there is a .venv/ directory, assume it contains a virtualenv that we
-# should run this instance in.
-if [ -d .venv ];
-then
- . .venv/bin/activate
-fi
-
-python ./scripts/check_python.py
-[ $? -ne 0 ] && exit 1
-
-./scripts/common_startup.sh
-
-if [ -n "$GALAXY_UNIVERSE_CONFIG_DIR" ]; then
- python ./scripts/build_universe_config.py "$GALAXY_UNIVERSE_CONFIG_DIR"
-fi
-
-if [ -z "$GALAXY_CONFIG_FILE" ]; then
- if [ -f universe_wsgi.ini ]; then
- GALAXY_CONFIG_FILE=universe_wsgi.ini
- elif [ -f config/galaxy.ini ]; then
- GALAXY_CONFIG_FILE=config/galaxy.ini
- else
- GALAXY_CONFIG_FILE=config/galaxy.ini.sample
- fi
- export GALAXY_CONFIG_FILE
-fi
-
-servers=`sed -n 's/^\[server:\(.*\)\]/\1/ p' $GALAXY_CONFIG_FILE | xargs echo`
-for server in $servers; do
- # If there's a pid
- if [ -e $server.pid ]; then
- # Then kill it
- echo "Killing $server"
- pid=`cat $server.pid`
- kill $pid
- else
- # Otherwise just continue
- echo "$server not running"
- fi
- # Start the server (and background) (should this be nohup'd?)
- python ./scripts/paster.py serve $GALAXY_CONFIG_FILE --server-name=$server --pid-file=$server.pid --log-file=$server.log --daemon $@
- while true; do
- sleep 1
- printf "."
- # Grab the current pid from the pid file
- if ! current_pid_in_file=$(cat $server.pid); then
- echo "A Galaxy process died, interrupting" >&2
- exit 1
- fi
- # Search for all pids in the logs and tail for the last one
- latest_pid=`egrep '^Starting server in PID [0-9]+\.$' $server.log -o | sed 's/Starting server in PID //g;s/\.$//g' | tail -n 1`
- # If they're equivalent, then the current pid file agrees with our logs
- # and we've succesfully started
- [ -n "$latest_pid" ] && [ $latest_pid -eq $current_pid_in_file ] && break
- done
- echo
-done
+GALAXY_RUN_ALL=1 ./run.sh restart --wait
diff -r 8d74daa932a06f7bbd3e357f8216c8f58ae55965 -r e56a78608c79097a6227f8c06cba8a45580a2a7d run.sh
--- a/run.sh
+++ b/run.sh
@@ -44,15 +44,38 @@
if [ -n "$GALAXY_RUN_ALL" ]; then
servers=`sed -n 's/^\[server:\(.*\)\]/\1/ p' $GALAXY_CONFIG_FILE | xargs echo`
- daemon=`echo "$@" | grep -q daemon`
+ echo "$@" | grep -q 'daemon\|restart'
if [ $? -ne 0 ]; then
- echo 'ERROR: $GALAXY_RUN_ALL cannot be used without the `--daemon` or `--stop-daemon` arguments to run.sh'
+ echo 'ERROR: $GALAXY_RUN_ALL cannot be used without the `--daemon`, `--stop-daemon` or `restart` arguments to run.sh'
exit 1
fi
+ (echo "$@" | grep -q -e '--daemon\|restart') && (echo "$@" | grep -q -e '--wait')
+ WAIT=$?
+ ARGS=`echo "$@" | sed 's/--wait//'`
for server in $servers; do
- echo "Handling $server with log file $server.log..."
- python ./scripts/paster.py serve $GALAXY_CONFIG_FILE --server-name=$server --pid-file=$server.pid --log-file=$server.log $@
+ if [ $WAIT -eq 0 ]; then
+ python ./scripts/paster.py serve $GALAXY_CONFIG_FILE --server-name=$server --pid-file=$server.pid --log-file=$server.log $ARGS
+ while true; do
+ sleep 1
+ printf "."
+ # Grab the current pid from the pid file
+ if ! current_pid_in_file=$(cat $server.pid); then
+ echo "A Galaxy process died, interrupting" >&2
+ exit 1
+ fi
+ # Search for all pids in the logs and tail for the last one
+ latest_pid=`egrep '^Starting server in PID [0-9]+\.$' $server.log -o | sed 's/Starting server in PID //g;s/\.$//g' | tail -n 1`
+ # If they're equivalent, then the current pid file agrees with our logs
+ # and we've succesfully started
+ [ -n "$latest_pid" ] && [ $latest_pid -eq $current_pid_in_file ] && break
+ done
+ echo
+ else
+ echo "Handling $server with log file $server.log..."
+ python ./scripts/paster.py serve $GALAXY_CONFIG_FILE --server-name=$server --pid-file=$server.pid --log-file=$server.log $@
+ fi
done
else
+ # Handle only 1 server, whose name can be specified with --server-name parameter (defaults to "main")
python ./scripts/paster.py serve $GALAXY_CONFIG_FILE $@
fi
Repository URL: https://bitbucket.org/galaxy/galaxy-central/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.