1 new changeset in galaxy-central: http://bitbucket.org/galaxy/galaxy-central/changeset/148dc33de394/ changeset: 148dc33de394 user: dan date: 2011-09-09 16:16:48 summary: Add the ability for a user to log out of all user sessions. Function can be accessed under user preferences when logged in. affected #: 3 files (1.2 KB) --- a/lib/galaxy/web/controllers/user.py Thu Sep 08 12:09:10 2011 -0400 +++ b/lib/galaxy/web/controllers/user.py Fri Sep 09 10:16:48 2011 -0400 @@ -363,7 +363,7 @@ else: refresh_frames = [ 'masthead', 'history' ] message, status, user, success = self.__validate_login( trans, webapp, **kwd ) - if success and referer and referer != trans.request.base + url_for( controller='user', action='logout' ): + if success and referer and not referer.startswith( trans.request.base + url_for( controller='user', action='logout' ) ): redirect_url = referer elif success: redirect_url = url_for( '/' ) @@ -414,7 +414,7 @@ success = True return ( message, status, user, success ) @web.expose - def logout( self, trans, webapp='galaxy' ): + def logout( self, trans, webapp='galaxy', logout_all=False ): if webapp == 'galaxy': if trans.app.config.require_login: refresh_frames = [ 'masthead', 'history', 'tools' ] @@ -424,7 +424,7 @@ refresh_frames = [ 'masthead' ] # Since logging an event requires a session, we'll log prior to ending the session trans.log_event( "User logged out" ) - trans.handle_user_logout() + trans.handle_user_logout( logout_all=logout_all ) message = 'You have been logged out.<br>You can log in again, <a target="_top" href="%s">go back to the page you were visiting</a> or <a target="_top" href="%s">go to the home page</a>.' % \ ( trans.request.referer, url_for( '/' ) ) return trans.fill_template( '/user/logout.mako', --- a/lib/galaxy/web/framework/__init__.py Thu Sep 08 12:09:10 2011 -0400 +++ b/lib/galaxy/web/framework/__init__.py Fri Sep 09 10:16:48 2011 -0400 @@ -543,7 +543,7 @@ self.sa_session.flush() # This method is not called from the Galaxy reports, so the cookie will always be galaxysession self.__update_session_cookie( name=cookie_name ) - def handle_user_logout( self ): + def handle_user_logout( self, logout_all=False ): """ Logout the current user: - invalidate the current session @@ -553,6 +553,14 @@ prev_galaxy_session.is_valid = False self.galaxy_session = self.__create_new_session( prev_galaxy_session ) self.sa_session.add_all( ( prev_galaxy_session, self.galaxy_session ) ) + galaxy_user_id = prev_galaxy_session.user_id + if logout_all and galaxy_user_id is not None: + for other_galaxy_session in self.sa_session.query( self.app.model.GalaxySession ) \ + .filter( and_( self.app.model.GalaxySession.table.c.user_id==galaxy_user_id, + self.app.model.GalaxySession.table.c.is_valid==True, + self.app.model.GalaxySession.table.c.id!=prev_galaxy_session.id ) ): + other_galaxy_session.is_valid = False + self.sa_session.add( other_galaxy_session ) self.sa_session.flush() # This method is not called from the Galaxy reports, so the cookie will always be galaxysession self.__update_session_cookie( name='galaxysession' ) --- a/templates/user/index.mako Thu Sep 08 12:09:10 2011 -0400 +++ b/templates/user/index.mako Fri Sep 09 10:16:48 2011 -0400 @@ -18,6 +18,13 @@ %if trans.app.config.enable_openid: <li><a href="${h.url_for( controller='user', action='openid_manage', cntrller=cntrller )}">${ ('Manage OpenIDs')}</a> linked to your account</li> %endif + %if trans.app.config.use_remote_user: + %if trans.app.config.remote_user_logout_href: + <li><a href="${trans.app.config.remote_user_logout_href}" target="_top">${_('Logout')}</a></li> + %endif + %else: + <li><a href="${h.url_for( controller='user', action='logout', logout_all=True )}" target="_top">${_('Logout')}</a> ${_('of all user sessions')}</li> + %endif %else: <li><a href="${h.url_for( controller='user', action='manage_user_info', cntrller=cntrller, webapp='community' )}">${_('Manage your information')}</a></li> %endif Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.