1 new commit in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/44ed4f642427/ Changeset: 44ed4f642427 User: martenson Date: 2014-08-28 16:54:13 Summary: allowing backward compatibility on setting library permissions API as per John's suggestion Affected #: 2 files diff -r 03e9b373ec42cf727a5d735876f55ab442f73310 -r 44ed4f6424270850a56c44f85be4a8ad37a2879a lib/galaxy/webapps/galaxy/api/libraries.py --- a/lib/galaxy/webapps/galaxy/api/libraries.py +++ b/lib/galaxy/webapps/galaxy/api/libraries.py @@ -385,7 +385,8 @@ action = kwd.get( 'action', None ) if action is None: - raise exceptions.RequestParameterMissingException( 'The mandatory parameter "action" is missing.' ) + return self.set_permissions_old( trans, library ) + # raise exceptions.RequestParameterMissingException( 'The mandatory parameter "action" is missing.' ) elif action == 'remove_restrictions': trans.app.security_agent.make_library_public( library ) if not trans.app.security_agent.library_is_public( library ): @@ -397,7 +398,6 @@ invalid_access_roles_names = [] for role_id in new_access_roles_ids: role = self._load_role( trans, role_id ) - # Check whether role is in the set of allowed roles valid_roles, total_roles = trans.app.security_agent.get_valid_roles( trans, library, is_library_access=True ) if role in valid_roles: valid_access_roles.append( role ) @@ -411,7 +411,6 @@ invalid_add_roles_names = [] for role_id in new_add_roles_ids: role = self._load_role( trans, role_id ) - # Check whether role is in the set of allowed roles valid_roles, total_roles = trans.app.security_agent.get_valid_roles( trans, library ) if role in valid_roles: valid_add_roles.append( role ) @@ -425,7 +424,6 @@ invalid_manage_roles_names = [] for role_id in new_manage_roles_ids: role = self._load_role( trans, role_id ) - # Check whether role is in the set of allowed roles valid_roles, total_roles = trans.app.security_agent.get_valid_roles( trans, library ) if role in valid_roles: valid_manage_roles.append( role ) @@ -439,7 +437,6 @@ invalid_modify_roles_names = [] for role_id in new_modify_roles_ids: role = self._load_role( trans, role_id ) - # Check whether role is in the set of allowed roles valid_roles, total_roles = trans.app.security_agent.get_valid_roles( trans, library ) if role in valid_roles: valid_modify_roles.append( role ) @@ -454,6 +451,9 @@ permissions.update( { trans.app.security_agent.permitted_actions.LIBRARY_MODIFY : valid_modify_roles } ) trans.app.security_agent.set_all_library_permissions( trans, library, permissions ) + trans.sa_session.refresh( library ) + # Copy the permissions to the root folder + trans.app.security_agent.copy_library_permissions( trans, library, library.root_folder ) else: raise exceptions.RequestParameterInvalidException( 'The mandatory parameter "action" has an invalid value.' 'Allowed values are: "remove_restrictions", set_permissions"' ) @@ -485,4 +485,26 @@ return dict( access_library_role_list=access_library_role_list, modify_library_role_list=modify_library_role_list, manage_library_role_list=manage_library_role_list, add_library_item_role_list=add_library_item_role_list ) + @expose_api + def set_permissions_old( self, trans, library, payload, **kwd ): + """ + *** old implementation for backward compatibility *** + POST /api/libraries/{encoded_library_id}/permissions + Updates the library permissions. + """ + params = galaxy.util.Params( payload ) + permissions = {} + for k, v in trans.app.model.Library.permitted_actions.items(): + role_params = params.get( k + '_in', [] ) + in_roles = [ trans.sa_session.query( trans.app.model.Role ).get( trans.security.decode_id( x ) ) for x in galaxy.util.listify( role_params ) ] + permissions[ trans.app.security_agent.get_action( v.action ) ] = in_roles + trans.app.security_agent.set_all_library_permissions( trans, library, permissions ) + trans.sa_session.refresh( library ) + # Copy the permissions to the root folder + trans.app.security_agent.copy_library_permissions( trans, library, library.root_folder ) + message = "Permissions updated for library '%s'." % library.name + + item = library.to_dict( view='element', value_mapper={ 'id' : trans.security.encode_id , 'root_folder_id' : trans.security.encode_id } ) + return item + diff -r 03e9b373ec42cf727a5d735876f55ab442f73310 -r 44ed4f6424270850a56c44f85be4a8ad37a2879a lib/galaxy/webapps/galaxy/api/permissions.py --- a/lib/galaxy/webapps/galaxy/api/permissions.py +++ /dev/null @@ -1,52 +0,0 @@ -""" -API operations on the permissions of a library. -""" -import logging, os, string, shutil, urllib, re, socket -from cgi import escape, FieldStorage -import galaxy.util -from galaxy import util, datatypes, jobs, web -from galaxy.web.base.controller import * -from galaxy.util.sanitize_html import sanitize_html -from galaxy.model.orm import * - -log = logging.getLogger( __name__ ) - - -class PermissionsController( BaseAPIController ): - - # Method not ideally named - @web.expose_api - def create( self, trans, library_id, payload, **kwd ): - """ - POST /api/libraries/{encoded_library_id}/permissions - Updates the library permissions. - """ - if not trans.user_is_admin(): - trans.response.status = 403 - return "You are not authorized to update library permissions." - - params = galaxy.util.Params( payload ) - try: - decoded_library_id = trans.security.decode_id( library_id ) - except TypeError: - trans.response.status = 400 - return "Malformed library id ( %s ) specified, unable to decode." % str( library_id ) - - try: - library = trans.sa_session.query( trans.app.model.Library ).get( decoded_library_id ) - except: - library = None - - permissions = {} - for k, v in trans.app.model.Library.permitted_actions.items(): - role_params = params.get( k + '_in', [] ) - in_roles = [ trans.sa_session.query( trans.app.model.Role ).get( trans.security.decode_id( x ) ) for x in galaxy.util.listify( role_params ) ] - permissions[ trans.app.security_agent.get_action( v.action ) ] = in_roles - trans.app.security_agent.set_all_library_permissions( trans, library, permissions ) - trans.sa_session.refresh( library ) - # Copy the permissions to the root folder - trans.app.security_agent.copy_library_permissions( trans, library, library.root_folder ) - message = "Permissions updated for library '%s'." % library.name - - item = library.to_dict( view='element', value_mapper={ 'id' : trans.security.encode_id , 'root_folder_id' : trans.security.encode_id } ) - return item Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.