1 new changeset in galaxy-central: http://bitbucket.org/galaxy/galaxy-central/changeset/1748b377cd2f/ changeset: 1748b377cd2f user: greg date: 2011-10-17 23:41:10 summary: Encode the tool shed repository information and include in the request when installing into local Galaxy instances rather than using cookies. affected #: 4 files (-1 bytes) --- a/lib/galaxy/web/controllers/admin.py Mon Oct 17 16:03:47 2011 -0400 +++ b/lib/galaxy/web/controllers/admin.py Mon Oct 17 17:41:10 2011 -0400 @@ -3,7 +3,9 @@ from galaxy.model.orm import * from galaxy.web.framework.helpers import time_ago, iff, grids from galaxy.tools.search import ToolBoxSearch -import logging +from galaxy.tools import json_fix +from galaxy.util.hash_util import * +import simplejson, binascii, logging log = logging.getLogger( __name__ ) from galaxy.actions.admin import AdminActions @@ -688,9 +690,19 @@ @web.require_admin def browse_tool_shed( self, trans, **kwd ): tool_shed_url = kwd[ 'tool_shed_url' ] - trans.set_cookie( trans.request.host, name='toolshedgalaxyurl' ) - url = '%s/repository/browse_downloadable_repositories?webapp=galaxy' % tool_shed_url + galaxy_url = trans.request.host + url = '%s/repository/browse_downloadable_repositories?galaxy_url=%s&webapp=community' % ( tool_shed_url, galaxy_url ) return trans.response.send_redirect( url ) + def _decode( self, trans, value, secure=True ): + if secure: + # Extract and verify hash + a, b = value.split( ":" ) + value = binascii.unhexlify( b ) + test = hmac_new( trans.app.config.tool_secret, value ) + assert a == test + # Restore from string + values = json_fix( simplejson.loads( value ) ) + return values @web.expose @web.require_admin def install_tool_shed_repository( self, trans, **kwd ): @@ -703,10 +715,10 @@ message += 'target=_blank">Automatic installation of Galaxy tool shed repository tools into a local Galaxy instance</a> section of the ' message += '<a href="http://wiki.g2.bx.psu.edu/Tool%20Shed" target="_blank">Galaxy tool shed wiki</a> for all of the details.' return trans.show_error_message( message ) - params = util.Params( kwd ) - message = util.restore_text( params.get( 'message', '' ) ) - status = params.get( 'status', 'done' ) - tool_shed_url = trans.get_cookie( name='galaxytoolshedurl' ) + message = kwd.get( 'message', '' ) + status = kwd.get( 'status', 'done' ) + tool_shed_url = kwd[ 'tool_shed_url' ] + repo_info_dict = kwd[ 'repo_info_dict' ] if kwd.get( 'select_tool_panel_section_button', False ): shed_tool_conf = kwd[ 'shed_tool_conf' ] # Get the tool path. @@ -716,18 +728,12 @@ if 'tool_panel_section' in kwd: section_key = 'section_%s' % kwd[ 'tool_panel_section' ] tool_section = trans.app.toolbox.tool_panel[ section_key ] - # Get the number of repositories to clone from a cookie. - num_repos_to_clone = int( trans.get_cookie( name='numrepostoclone' ) ) + # Decode the encoded repo_info_dict param value. + repo_info_dict = self._decode( trans, repo_info_dict ) # Clone the repository to the configured location. current_working_dir = os.getcwd() - for index in range( 0, num_repos_to_clone ): - cookie_name = 'toolshedrepository%i' % index - clone_repo_info_str = trans.get_cookie( name=cookie_name ) - clone_repo_info_items = clone_repo_info_str.split( '&' ) - name = clone_repo_info_items[ 0 ] - description = clone_repo_info_items[ 1 ] - repository_clone_url = clone_repo_info_items[ 2 ] - changeset_revision = clone_repo_info_items[ 3 ] + for name, repo_info_tuple in repo_info_dict.items(): + description, repository_clone_url, changeset_revision = repo_info_tuple clone_dir = os.path.join( tool_path, self.__generate_tool_path( repository_clone_url, changeset_revision ) ) if os.path.exists( clone_dir ): # Repository and revision has already been cloned. @@ -825,6 +831,8 @@ shed_tool_conf_select_field = None tool_panel_section_select_field = build_tool_panel_section_select_field( trans ) return trans.fill_template( '/admin/select_tool_panel_section.mako', + tool_shed_url=tool_shed_url, + repo_info_dict=repo_info_dict, shed_tool_conf=shed_tool_conf, shed_tool_conf_select_field=shed_tool_conf_select_field, tool_panel_section_select_field=tool_panel_section_select_field, @@ -836,12 +844,11 @@ params = util.Params( kwd ) repository_id = params.get( 'id', None ) repository = get_repository( trans, repository_id ) - trans.set_cookie( trans.request.host, name='toolshedgalaxyurl' ) + galaxy_url = trans.request.host # Send a request to the relevant tool shed to see if there are any updates. # TODO: support https in the following url. - # TODO: Set cookies for name, owner, changeset-revision instead of sending in request - url = 'http://%s/repository/check_for_updates?name=%s&owner=%s&changeset_revision=%s&webapp=community' % \ - ( repository.tool_shed, repository.name, repository.owner, repository.changeset_revision ) + url = 'http://%s/repository/check_for_updates?galaxy_url=%s&name=%s&owner=%s&changeset_revision=%s&webapp=community' % \ + ( repository.tool_shed, galaxy_url, repository.name, repository.owner, repository.changeset_revision ) return trans.response.send_redirect( url ) @web.expose @web.require_admin @@ -1087,10 +1094,10 @@ # http://test@bx.psu.edu:9009/repos/some_username/column items = repository_clone_url.split( '@' ) tmp_url = items[ 1 ] - elif repository_clone_url.find( '\/\/' ) > 0: + elif repository_clone_url.find( '//' ) > 0: # We have an url that includes only a protocol, something like: # http://bx.psu.edu:9009/repos/some_username/column - items = repository_clone_url.split( '\/\/' ) + items = repository_clone_url.split( '//' ) tmp_url = items[ 1 ] else: tmp_url = repository_clone_url --- a/lib/galaxy/web/controllers/workflow.py Mon Oct 17 16:03:47 2011 -0400 +++ b/lib/galaxy/web/controllers/workflow.py Mon Oct 17 17:41:10 2011 -0400 @@ -1156,14 +1156,12 @@ # involved in workflow development needs to figure out what it will take to be able to switch # back and forth between Galaxy (with panels ) and the workflow view (without panels ), having # the Galaxy panels displayed whenever in Galaxy. - trans.set_cookie( trans.request.host, name='toolshedgalaxyurl' ) - galaxy_url = trans.request.host message += "The workflow requires the following tools that are not available in this Galaxy instance." message += "You can likely install the required tools from one of the Galaxy tool sheds listed below.<br/><br/>" for tool_shed_name, tool_shed_url in trans.app.tool_shed_registry.tool_sheds.items(): if tool_shed_url.endswith( '/' ): tool_shed_url = tool_shed_url.rstrip( '/' ) - url = '%s/repository/find_tools?galaxy_url=%s&webapp=galaxy' % ( tool_shed_url, galaxy_url ) + url = '%s/repository/find_tools?galaxy_url=%s&webapp=galaxy' % ( tool_shed_url, trans.request.host ) for missing_tool_tup in missing_tool_tups: missing_tool_id = missing_tool_tup[0] url += '&tool_id=%s' % missing_tool_id --- a/lib/galaxy/webapps/community/controllers/repository.py Mon Oct 17 16:03:47 2011 -0400 +++ b/lib/galaxy/webapps/community/controllers/repository.py Mon Oct 17 17:41:10 2011 -0400 @@ -9,6 +9,7 @@ from galaxy.webapps.community.model import directory_hash_id from galaxy.web.framework.helpers import time_ago, iff, grids from galaxy.util.json import from_json_string, to_json_string +from galaxy.util.hash_util import * from galaxy.model.orm import * from common import * from mercurial import hg, ui, patch, commands @@ -283,7 +284,7 @@ class InstallMatchedRepositoryListGrid( MatchedRepositoryListGrid ): # Grid definition title = "Repositories with required tools" - operations = [ grids.GridOperation( "Preview and install tools", + operations = [ grids.GridOperation( "Install tools", url_args = dict( controller='repository', action='find_tools', webapp='community' ), @@ -408,17 +409,22 @@ return trans.response.send_redirect( web.url_for( controller='repository', action='view_repository', **kwd ) ) - if operation == "preview and install tools": + if operation == "install tools": + repo_info_dict = {} galaxy_url = trans.get_cookie( name='toolshedgalaxyurl' ) - trans.set_cookie( trans.request.host, name='galaxytoolshedurl' ) # TODO: support https in the following url. - url = 'http://%s/admin/install_tool_shed_repository' % ( galaxy_url ) - repos_to_clone = util.listify( kwd[ 'id' ] ) - num_repos_to_clone = len( repos_to_clone ) - trans.set_cookie( num_repos_to_clone, name='numrepostoclone' ) - for index in range( 0, num_repos_to_clone ): - repository_metadata_id = repos_to_clone[ index ] - self._set_clone_repository_cookie( trans, index, repository_metadata_id ) + url = 'http://%s/admin/install_tool_shed_repository?tool_shed_url=%s' % ( galaxy_url, trans.request.host ) + repository_metadata_ids = util.listify( kwd[ 'id' ] ) + for repository_metadata_id in repository_metadata_ids: + #self._set_clone_repository_cookie( trans, index, repository_metadata_id ) + repository_metadata = get_repository_metadata_by_id( trans, repository_metadata_id ) + repository = get_repository( trans, trans.security.encode_id( repository_metadata.repository_id ) ) + repository_id = trans.security.encode_id( repository.id ) + changeset_revision = repository_metadata.changeset_revision + repository_clone_url = generate_clone_url( trans, repository_id ) + repo_info_dict[ repository.name ] = ( repository.description, repository_clone_url, changeset_revision ) + encoded_repo_info_dict = self._encode( trans, repo_info_dict, secure=True ) + url += '&repo_info_dict=%s' % encoded_repo_info_dict return trans.response.send_redirect( url ) tool_ids = [ tid.lower() for tid in util.listify( kwd.get( 'tool_id', '' ) ) ] tool_names = [ tn.lower() for tn in util.listify( kwd.get( 'tool_name', '' ) ) ] @@ -548,16 +554,15 @@ found = ( tool_version == tool_dict_tool_version and tool_name == tool_dict_tool_name ) or \ ( not exact_matches_checked and tool_dict_tool_version.find( tool_version ) >= 0 and tool_dict_tool_name.find( tool_name ) >= 0 ) return found - def _set_clone_repository_cookie( self, trans, index, repository_metadata_id ): - cookie_name = 'toolshedrepository%i' % index - repository_metadata = get_repository_metadata_by_id( trans, repository_metadata_id ) - repository = get_repository( trans, trans.security.encode_id( repository_metadata.repository_id ) ) - repository_id = trans.security.encode_id( repository.id ) - changeset_revision = repository_metadata.changeset_revision - # Redirect back to local Galaxy to perform install. - repository_clone_url = generate_clone_url( trans, repository_id ) - cookie_value = '%s&%s&%s&%s' % ( repository.name, repository.description, repository_clone_url, changeset_revision ) - trans.set_cookie( cookie_value, name=cookie_name ) + def _encode( self, trans, repo_info_dict, secure=True ): + value = simplejson.dumps( repo_info_dict ) + # Make it secure + if secure: + a = hmac_new( trans.app.config.tool_secret, value ) + b = binascii.hexlify( value ) + return "%s:%s" % ( a, b ) + else: + return value @web.expose def preview_tools_in_changeset( self, trans, repository_id, **kwd ): params = util.Params( kwd ) @@ -593,28 +598,24 @@ repository = get_repository( trans, repository_id ) changeset_revision = util.restore_text( params.get( 'changeset_revision', repository.tip ) ) # Redirect back to local Galaxy to perform install. - trans.set_cookie( trans.request.host, name='galaxytoolshedurl' ) repository_clone_url = generate_clone_url( trans, repository_id ) # TODO: support https in the following url. - url = 'http://%s/admin/install_tool_shed_repository?name=%s&description=%s&repository_clone_url=%s&changeset_revision=%s' % \ - ( galaxy_url, repository.name, repository.description, repository_clone_url, changeset_revision ) + url = 'http://%s/admin/install_tool_shed_repository?tool_shed_url=%s&name=%s&description=%s&repository_clone_url=%s&changeset_revision=%s' % \ + ( galaxy_url, trans.request.host, repository.name, repository.description, repository_clone_url, changeset_revision ) return trans.response.send_redirect( url ) @web.expose def check_for_updates( self, trans, **kwd ): params = util.Params( kwd ) message = util.restore_text( params.get( 'message', '' ) ) status = params.get( 'status', 'done' ) - # The sender didn't store galaxy_url in a cookie since - # this method immediately redirects back to the caller. galaxy_url = kwd[ 'galaxy_url' ] name = params.get( 'name', None ) owner = params.get( 'owner', None ) changeset_revision = params.get( 'changeset_revision', None ) webapp = params.get( 'webapp', None ) - trans.set_cookie( trans.request.host, name='galaxytoolshedurl' ) # Start building up the url to redirect back to the calling Galaxy instance. # TODO: support https in the following url. - url = 'http://%s/admin/update_to_changeset_revision' % galaxy_url + url = 'http://%s/admin/update_to_changeset_revision?tool_shed_url=%s' % ( galaxy_url, trans.request.host ) repository = get_repository_by_name_and_owner( trans, name, owner ) url += '&name=%s&owner=%s&changeset_revision=%s&latest_changeset_revision=' % \ ( repository.name, repository.user.username, changeset_revision ) --- a/templates/admin/select_tool_panel_section.mako Mon Oct 17 16:03:47 2011 -0400 +++ b/templates/admin/select_tool_panel_section.mako Mon Oct 17 17:41:10 2011 -0400 @@ -25,7 +25,7 @@ <div class="toolForm"><div class="toolFormTitle">Load tools into tool panel</div><div class="toolFormBody"> - <form name="select_tool_panel_section" id="select_tool_panel_section" action="${h.url_for( controller='admin', action='install_tool_shed_repository' )}" method="post" > + <form name="select_tool_panel_section" id="select_tool_panel_section" action="${h.url_for( controller='admin', action='install_tool_shed_repository', tool_shed_url=tool_shed_url, repo_info_dict=repo_info_dict )}" method="post" > %if shed_tool_conf_select_field: <div class="form-row"><label>Shed tool configuration file:</label> Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.