1 new changeset in galaxy-central: http://bitbucket.org/galaxy/galaxy-central/changeset/1291bc31fec6/ changeset: 1291bc31fec6 user: jgoecks date: 2011-08-09 17:11:13 summary: Refactor validation of user account data--email, username, password--into own module and use module for validating user data throughout Galaxy. affected #: 8 files (2.8 KB) --- a/lib/galaxy/web/base/controller.py Mon Aug 08 16:16:46 2011 -0400 +++ b/lib/galaxy/web/base/controller.py Tue Aug 09 11:11:13 2011 -0400 @@ -11,6 +11,7 @@ from galaxy.web.form_builder import AddressField, CheckboxField, SelectField, TextArea, TextField, WorkflowField, WorkflowMappingField, HistoryField, PasswordField, build_select_field from galaxy.visualization.tracks.data_providers import get_data_provider from galaxy.visualization.tracks.visual_analytics import get_tool_def +from galaxy.security.validate_user_input import validate_username from Cheetah.Template import Template @@ -1035,40 +1036,45 @@ @web.require_login( "share Galaxy items" ) def set_public_username( self, trans, id, username, **kwargs ): """ Set user's public username and delegate to sharing() """ - trans.get_user().username = username + user = trans.get_user() + message = validate_username( trans, username, user ) + if message: + return trans.fill_template( '/sharing_base.mako', item=self.get_item( trans, id ), message=message, status='error' ) + user.username = username trans.sa_session.flush return self.sharing( trans, id, **kwargs ) + # Abstract methods. @web.expose @web.require_login( "modify Galaxy items" ) def set_slug_async( self, trans, id, new_slug ): """ Set item slug asynchronously. """ - pass + raise "Unimplemented Method" @web.expose @web.require_login( "share Galaxy items" ) def sharing( self, trans, id, **kwargs ): """ Handle item sharing. """ - pass + raise "Unimplemented Method" @web.expose @web.require_login( "share Galaxy items" ) def share( self, trans, id=None, email="", **kwd ): """ Handle sharing an item with a particular user. """ - pass + raise "Unimplemented Method" @web.expose def display_by_username_and_slug( self, trans, username, slug ): """ Display item by username and slug. """ - pass + raise "Unimplemented Method" @web.expose @web.json @web.require_login( "get item name and link" ) def get_name_and_link_async( self, trans, id=None ): """ Returns item's name and link. """ - pass + raise "Unimplemented Method" @web.expose @web.require_login("get item content asynchronously") def get_item_content_async( self, trans, id ): """ Returns item content in HTML format. """ - pass + raise "Unimplemented Method" # Helper methods. def _make_item_accessible( self, sa_session, item ): """ Makes item accessible--viewable and importable--and sets item's slug. Does not flush/commit changes, however. Item must have name, user, importable, and slug attributes. """ @@ -1099,6 +1105,9 @@ item.slug = slug return True return False + def get_item( self, trans, id ): + """ Return item based on id. """ + raise "Unimplemented Method" """ Deprecated: `BaseController` used to be available under the name `Root` --- a/lib/galaxy/web/controllers/history.py Mon Aug 08 16:16:46 2011 -0400 +++ b/lib/galaxy/web/controllers/history.py Tue Aug 09 11:11:13 2011 -0400 @@ -1204,3 +1204,7 @@ hist = trans.sa_session.query( trans.app.model.History ).get( decoded_id ) trans.set_history( hist ) return trans.response.send_redirect( url_for( "/" ) ) + + def get_item( self, trans, id ): + return self.get_history( trans, id ) + \ No newline at end of file --- a/lib/galaxy/web/controllers/page.py Mon Aug 08 16:16:46 2011 -0400 +++ b/lib/galaxy/web/controllers/page.py Tue Aug 09 11:11:13 2011 -0400 @@ -716,7 +716,7 @@ return trans.fill_template( "page/wymiframe.mako" ) def get_page( self, trans, id, check_ownership=True, check_accessible=False ): - """Get a page from the database by id, verifying ownership.""" + """Get a page from the database by id.""" # Load history from database id = trans.security.decode_id( id ) page = trans.sa_session.query( model.Page ).get( id ) @@ -724,6 +724,9 @@ err+msg( "Page not found" ) else: return self.security_check( trans.get_user(), page, check_ownership, check_accessible ) + + def get_item( self, trans, id ): + return self.get_page( trans, id ) def _get_embed_html( self, trans, item_class, item_id ): """ Returns HTML for embedding an item in a page. """ --- a/lib/galaxy/web/controllers/requests_common.py Mon Aug 08 16:16:46 2011 -0400 +++ b/lib/galaxy/web/controllers/requests_common.py Tue Aug 09 11:11:13 2011 -0400 @@ -4,6 +4,7 @@ from galaxy import model, util from galaxy.util.odict import odict from galaxy.web.form_builder import * +from galaxy.security.validate_user_input import validate_email import logging, os, csv log = logging.getLogger( __name__ ) @@ -643,7 +644,7 @@ # Make sure email addresses are valid err_msg = '' for email_address in email_addresses: - err_msg += self.__validate_email( email_address ) + err_msg += validate_email( email_address ) if err_msg: status = 'error' message += err_msg @@ -1899,13 +1900,6 @@ if not unique: break return message - def __validate_email( self, email ): - error = '' - if len( email ) == 0 or "@" not in email or "." not in email: - error = "(%s) is not a valid email address. " % str( email ) - elif len( email ) > 255: - error = "(%s) exceeds maximum allowable length. " % str( email ) - return error # ===== Other miscellaneous utility methods ===== def __get_encoded_selected_sample_ids( self, trans, request, **kwd ): encoded_selected_sample_ids = [] --- a/lib/galaxy/web/controllers/user.py Mon Aug 08 16:16:46 2011 -0400 +++ b/lib/galaxy/web/controllers/user.py Tue Aug 09 11:11:13 2011 -0400 @@ -10,6 +10,7 @@ from galaxy.web.form_builder import * from galaxy.util.json import from_json_string, to_json_string from galaxy.web.framework.helpers import iff +from galaxy.security.validate_user_input import validate_email, validate_username, validate_password log = logging.getLogger( __name__ ) @@ -24,8 +25,6 @@ require_login_nocreation_template = require_login_template % "" require_login_creation_template = require_login_template % " If you don't already have an account, <a href='%s'>you may create one</a>." -VALID_USERNAME_RE = re.compile( "^[a-z0-9\-]+$" ) - OPENID_PROVIDERS = { 'Google' : 'https://www.google.com/accounts/o8/id', 'Yahoo!' : 'http://yahoo.com', 'AOL/AIM' : 'http://openid.aol.com', @@ -586,57 +585,6 @@ message = 'Now logged in as %s.<br><a target="_top" href="%s">Return to the home page.</a>' % ( user.email, url_for( '/' ) ) success = True return ( message, status, user, success ) - def __validate_email( self, trans, email, user=None ): - message = '' - if user and user.email == email: - return message - if len( email ) == 0 or "@" not in email or "." not in email: - message = "Enter a real email address" - elif len( email ) > 255: - message = "Email address exceeds maximum allowable length" - elif trans.sa_session.query( trans.app.model.User ).filter_by( email=email ).first(): - message = "User with that email already exists" - return message - def __validate_username( self, trans, username, user=None ): - # User names must be at least four characters in length and contain only lower-case - # letters, numbers, and the '-' character. - if username in [ 'None', None, '' ]: - return '' - if user and user.username == username: - return '' - if len( username ) < 4: - return "User name must be at least 4 characters in length" - if len( username ) > 255: - return "User name cannot be more than 255 characters in length" - if not( VALID_USERNAME_RE.match( username ) ): - return "User name must contain only lower-case letters, numbers and '-'" - if trans.sa_session.query( trans.app.model.User ).filter_by( username=username ).first(): - return "This user name is not available" - return '' - def __validate_password( self, trans, password, confirm ): - if len( password ) < 6: - return "Use a password of at least 6 characters" - elif password != confirm: - return "Passwords do not match" - return '' - def __validate( self, trans, params, email, password, confirm, username, webapp ): - # If coming from the community webapp, we'll require a public user name - if webapp == 'community' and not username: - return "A public user name is required" - message = self.__validate_email( trans, email ) - if not message: - message = self.__validate_password( trans, password, confirm ) - if not message and username: - message = self.__validate_username( trans, username ) - if not message: - if webapp == 'galaxy': - if self.get_all_forms( trans, - filter=dict( deleted=False ), - form_type=trans.app.model.FormDefinition.types.USER_INFO ): - user_type_fd_id = params.get( 'user_type_fd_id', 'none' ) - if user_type_fd_id in [ 'none' ]: - return "Select the user's type and information" - return message def __get_user_type_form_definition( self, trans, user=None, **kwd ): params = util.Params( kwd ) if user and user.values: @@ -748,7 +696,7 @@ if user and params.get( 'change_username_button', False ): username = kwd.get( 'username', '' ) if username: - message = self.__validate_username( trans, username, user ) + message = validate_username( trans, username, user ) if message: status = 'error' else: @@ -784,9 +732,9 @@ email = util.restore_text( params.get( 'email', '' ) ) username = util.restore_text( params.get( 'username', '' ) ).lower() # Validate the new values for email and username - message = self.__validate_email( trans, email, user ) + message = validate_email( trans, email, user ) if not message and username: - message = self.__validate_username( trans, username, user ) + message = validate_username( trans, username, user ) if message: status = 'error' else: @@ -815,7 +763,7 @@ ok = False if ok: # Validate the new password - message = self.__validate_password( trans, password, confirm ) + message = validate_password( trans, password, confirm ) if message: status = 'error' else: @@ -859,6 +807,8 @@ kwd[ 'id' ] = user_id if message: kwd[ 'message' ] = util.sanitize_text( message ) + if status: + kwd[ 'status' ] = status return trans.response.send_redirect( web.url_for( controller='user', action='manage_user_info', cntrller=cntrller, @@ -911,6 +861,24 @@ webapp=webapp, message=message, status=status ) + def __validate( self, trans, params, email, password, confirm, username, webapp ): + # If coming from the community webapp, we'll require a public user name + if webapp == 'community' and not username: + return "A public user name is required" + message = validate_email( trans, email ) + if not message: + message = validate_password( trans, password, confirm ) + if not message and username: + message = validate_username( trans, username ) + if not message: + if webapp == 'galaxy': + if self.get_all_forms( trans, + filter=dict( deleted=False ), + form_type=trans.app.model.FormDefinition.types.USER_INFO ): + user_type_fd_id = params.get( 'user_type_fd_id', 'none' ) + if user_type_fd_id in [ 'none' ]: + return "Select the user's type and information" + return message @web.expose def set_default_permissions( self, trans, cntrller, **kwd ): """Sets the user's default permissions for the new histories""" --- a/lib/galaxy/web/controllers/visualization.py Mon Aug 08 16:16:46 2011 -0400 +++ b/lib/galaxy/web/controllers/visualization.py Tue Aug 09 11:11:13 2011 -0400 @@ -451,4 +451,6 @@ help="A description of the visualization; annotation is shown alongside published visualizations."), template="visualization/create.mako" ) + def get_item( self, trans, id ): + return self.get_visualization( trans, id ) \ No newline at end of file --- a/lib/galaxy/web/controllers/workflow.py Mon Aug 08 16:16:46 2011 -0400 +++ b/lib/galaxy/web/controllers/workflow.py Tue Aug 09 11:11:13 2011 -0400 @@ -1436,7 +1436,10 @@ has_upgrade_messages=has_upgrade_messages, errors=errors, incoming=kwargs ) - + + def get_item( self, trans, id ): + return self.get_stored_workflow( trans, id ) + @web.expose def tag_outputs( self, trans, id, **kwargs ): stored = self.get_stored_workflow( trans, id, check_ownership=False ) Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.