2 new commits in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/changeset/48560a3547e2/ changeset: 48560a3547e2 user: fubar date: 2012-08-11 01:21:45 summary: Add - and . to re.sub exclusion list for user supplied filename at Scott's suggestion and use _ as a substitute for all other characters so 'cd \/; rm -rf' becomes 'cd_____rm_-rf' FastQC wrapper should now be reasonably hard to pervert but user filenames will be at least vaguely recognizable... affected #: 1 file diff -r 18462a6cbf46566307eaa4fd33c8891b5979d699 -r 48560a3547e2bc8691f16d525fac117befe58829 tools/rgenetics/rgFastQC.py --- a/tools/rgenetics/rgFastQC.py +++ b/tools/rgenetics/rgFastQC.py @@ -1,4 +1,7 @@ """ +# added sanitizer for user supplied name +# removed shell and make cl a sequence for Popen call +# ross lazarus August 10 2012 in response to anon insecurity report wrapper for fastqc called as @@ -53,7 +56,7 @@ cl.append('-c %s' % self.opts.contaminants) # patch suggested by bwlang https://bitbucket.org/galaxy/galaxy-central/pull-request/30 # use a symlink in a temporary directory so that the FastQC report reflects the history input file name - fastqinfilename = re.sub('[^a-zA-Z0-9_]+', '', os.path.basename(self.opts.inputfilename)) + fastqinfilename = re.sub('[^a-zA-Z0-9_\-\.]', '_', os.path.basename(self.opts.inputfilename)) link_name = os.path.join(self.opts.outputdir, fastqinfilename) os.symlink(self.opts.input, link_name) cl.append(link_name) https://bitbucket.org/galaxy/galaxy-central/changeset/0a800e817e84/ changeset: 0a800e817e84 user: fubar date: 2012-08-11 01:22:57 summary: Branch merge affected #: 9 files diff -r 48560a3547e2bc8691f16d525fac117befe58829 -r 0a800e817e84abba99331e784f622dd3ce54e900 lib/galaxy/jobs/runners/__init__.py --- a/lib/galaxy/jobs/runners/__init__.py +++ b/lib/galaxy/jobs/runners/__init__.py @@ -40,7 +40,18 @@ if job_wrapper.dependency_shell_commands: commands = "; ".join( job_wrapper.dependency_shell_commands + [ commands ] ) - # Append commands to copy job outputs based on from_work_dir attribute. + # -- Append commands to copy job outputs based on from_work_dir attribute. -- + + # Set up dict of dataset id --> output path; output path can be real or + # false depending on outputs_to_working_directory + output_paths = {} + for dataset_path in job_wrapper.get_output_fnames(): + path = dataset_path.real_path + if self.app.config.outputs_to_working_directory: + path = dataset_path.false_path + output_paths[ dataset_path.dataset_id ] = path + + # Walk job's output associations to find and use from_work_dir attributes. job = job_wrapper.get_job() job_tool = self.app.toolbox.tools_by_id.get( job.tool_id, None ) for dataset_assoc in job.output_datasets + job.output_library_datasets: @@ -53,12 +64,13 @@ # Copy from working dir to HDA. # TODO: move instead of copy to save time? source_file = os.path.join( os.path.abspath( job_wrapper.working_directory ), hda_tool_output.from_work_dir ) + destination = output_paths[ dataset.dataset_id ] if in_directory( source_file, job_wrapper.working_directory ): try: - commands += "; cp %s %s" % ( source_file, dataset.file_name ) - log.debug( "Copying %s to %s as directed by from_work_dir" % ( source_file, dataset.file_name ) ) + commands += "; cp %s %s" % ( source_file, destination ) + log.debug( "Copying %s to %s as directed by from_work_dir" % ( source_file, destination ) ) except ( IOError, OSError ): - log.debug( "Could not copy %s to %s as directed by from_work_dir" % ( source_file, dataset.file_name ) ) + log.debug( "Could not copy %s to %s as directed by from_work_dir" % ( source_file, destination ) ) else: # Security violation. log.exception( "from_work_dir specified a location not in the working directory: %s, %s" % ( source_file, job_wrapper.working_directory ) ) diff -r 48560a3547e2bc8691f16d525fac117befe58829 -r 0a800e817e84abba99331e784f622dd3ce54e900 lib/galaxy/jobs/runners/lwr.py --- a/lib/galaxy/jobs/runners/lwr.py +++ b/lib/galaxy/jobs/runners/lwr.py @@ -112,16 +112,30 @@ class Client(object): """ """ - def __init__(self, remote_host, job_id): + """ + """ + def __init__(self, remote_host, job_id, private_key=None): if not remote_host.endswith("/"): remote_host = remote_host + "/" + ## If we don't have an explicit private_key defined, check for + ## one embedded in the URL. A URL of the form + ## https://moo@cow:8913 will try to contact https://cow:8913 + ## with a private key of moo + private_key_format = "https?://(.*)@.*/?" + private_key_match= re.match(private_key_format, remote_host) + if not private_key and private_key_match: + private_key = private_key_match.group(1) + remote_host = remote_host.replace("%s@" % private_key, '', 1) self.remote_host = remote_host self.job_id = job_id + self.private_key = private_key def url_open(self, request, data): return urllib2.urlopen(request, data) def __build_url(self, command, args): + if self.private_key: + args["private_key"] = self.private_key data = urllib.urlencode(args) url = self.remote_host + command + "?" + data return url diff -r 48560a3547e2bc8691f16d525fac117befe58829 -r 0a800e817e84abba99331e784f622dd3ce54e900 lib/galaxy/tools/__init__.py --- a/lib/galaxy/tools/__init__.py +++ b/lib/galaxy/tools/__init__.py @@ -1083,7 +1083,9 @@ help_pages = self.help.findall( "page" ) help_header = self.help.text try: - self.help = Template( util.rst_to_html(self.help.text) ) + self.help = Template( util.rst_to_html(self.help.text), input_encoding='utf-8', + output_encoding='utf-8', default_filters=[ 'decode.utf8' ], + encoding_errors='replace' ) except: log.exception( "error in help for tool %s" % self.name ) # Multiple help page case @@ -1093,7 +1095,10 @@ help_footer = help_footer + help_page.tail # Each page has to rendered all-together because of backreferences allowed by rst try: - self.help_by_page = [ Template( util.rst_to_html( help_header + x + help_footer ) ) + self.help_by_page = [ Template( util.rst_to_html( help_header + x + help_footer, + input_encoding='utf-8', output_encoding='utf-8', + default_filters=[ 'decode.utf8' ], + encoding_errors='replace' ) ) for x in self.help_by_page ] except: log.exception( "error in multi-page help for tool %s" % self.name ) diff -r 48560a3547e2bc8691f16d525fac117befe58829 -r 0a800e817e84abba99331e784f622dd3ce54e900 tools/rgenetics/rgCaCo.xml --- a/tools/rgenetics/rgCaCo.xml +++ b/tools/rgenetics/rgCaCo.xml @@ -1,4 +1,5 @@ <tool id="rgCaCo1" name="Case Control:"> + <requirements><requirement type="package">plink</requirement></requirements><description>for unrelated subjects</description><command interpreter="python"> rgCaCo.py '$i.extra_files_path/$i.metadata.base_name' "$title" '$out_file1' '$logf' '$logf.files_path' '$gffout' diff -r 48560a3547e2bc8691f16d525fac117befe58829 -r 0a800e817e84abba99331e784f622dd3ce54e900 tools/rgenetics/rgClean.xml --- a/tools/rgenetics/rgClean.xml +++ b/tools/rgenetics/rgClean.xml @@ -1,4 +1,5 @@ <tool id="rgClean1" name="Clean genotypes:"> + <requirements><requirement type="package">plink</requirement></requirements><description>filter markers, subjects</description><command interpreter="python"> diff -r 48560a3547e2bc8691f16d525fac117befe58829 -r 0a800e817e84abba99331e784f622dd3ce54e900 tools/rgenetics/rgGLM.xml --- a/tools/rgenetics/rgGLM.xml +++ b/tools/rgenetics/rgGLM.xml @@ -1,4 +1,5 @@ <tool id="rgGLM1" name="Linear Models:" version="0.2"> + <requirements><requirement type="package">plink</requirement></requirements><description>for genotype data</description><code file="rgGLM_code.py"/><command interpreter="python"> diff -r 48560a3547e2bc8691f16d525fac117befe58829 -r 0a800e817e84abba99331e784f622dd3ce54e900 tools/rgenetics/rgLDIndep.xml --- a/tools/rgenetics/rgLDIndep.xml +++ b/tools/rgenetics/rgLDIndep.xml @@ -1,4 +1,5 @@ <tool id="rgLDIndep1" name="LD Independent:"> + <requirements><requirement type="package">plink</requirement></requirements><code file="rgLDIndep_code.py"/><description>filter high LD pairs - decrease redundancy</description> diff -r 48560a3547e2bc8691f16d525fac117befe58829 -r 0a800e817e84abba99331e784f622dd3ce54e900 tools/rgenetics/rgQC.xml --- a/tools/rgenetics/rgQC.xml +++ b/tools/rgenetics/rgQC.xml @@ -1,5 +1,6 @@ <tool id="rgQC1" name="QC reports:"> - + <requirements><requirement type="package">plink</requirement></requirements> + <description>Marker and Subject measures</description><command interpreter="python"> diff -r 48560a3547e2bc8691f16d525fac117befe58829 -r 0a800e817e84abba99331e784f622dd3ce54e900 tools/rgenetics/rgTDT.xml --- a/tools/rgenetics/rgTDT.xml +++ b/tools/rgenetics/rgTDT.xml @@ -1,4 +1,6 @@ <tool id="rgTDT1" name="Transmission Distortion:"> + <requirements><requirement type="package">plink</requirement></requirements> + <description>for family data</description><command interpreter="python"> Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.