commit/galaxy-central: 3 new changesets
3 new commits in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/e2fb8fe53e8e/ Changeset: e2fb8fe53e8e Branch: next-stable User: jmchilton Date: 2014-05-21 21:33:24 Summary: Fix admin check in security_check for userless admin keys. ... by removing duplicated check of trans.user, this check is done in trans.user_is_admin if needed. Affected #: 1 file diff -r 65ca3d67f90b6617981cd75663dca2246643c047 -r e2fb8fe53e8ec833881a7e45f7946f09a078c3fd lib/galaxy/web/base/controller.py --- a/lib/galaxy/web/base/controller.py +++ b/lib/galaxy/web/base/controller.py @@ -304,7 +304,7 @@ def security_check( self, trans, item, check_ownership=False, check_accessible=False ): """ Security checks for an item: checks if (a) user owns item or (b) item is accessible to user. """ # all items are accessible to an admin - if trans.user and trans.user_is_admin(): + if trans.user_is_admin(): return item # Verify ownership: there is a current user and that user is the same as the item's https://bitbucket.org/galaxy/galaxy-central/commits/fc89661b92dc/ Changeset: fc89661b92dc Branch: next-stable User: jmchilton Date: 2014-05-21 21:33:24 Summary: Fix provenance controller for non-admins. Cannot pass check_accessible=True to get_object with HistoryDatasetAssociations (because item.user is undefined.). Affected #: 2 files diff -r e2fb8fe53e8ec833881a7e45f7946f09a078c3fd -r fc89661b92dcbd9684ac779171235525601d0f4a lib/galaxy/webapps/galaxy/api/provenance.py --- a/lib/galaxy/webapps/galaxy/api/provenance.py +++ b/lib/galaxy/webapps/galaxy/api/provenance.py @@ -5,6 +5,7 @@ from galaxy import web from galaxy.web.base.controller import BaseAPIController, UsesHistoryMixin from paste.httpexceptions import HTTPNotImplemented, HTTPBadRequest +from galaxy.managers import hdas log = logging.getLogger( __name__ ) @@ -12,6 +13,10 @@ class BaseProvenanceController( BaseAPIController, UsesHistoryMixin ): """ """ + def __init__( self, app ): + super( BaseProvenanceController, self ).__init__( app ) + self.hdas = hdas.HDAManager() + @web.expose_api def index( self, trans, **kwd ): follow = kwd.get('follow', False) @@ -34,7 +39,11 @@ raise HTTPBadRequest("Cannot Delete Provenance") def _get_provenance(self, trans, item_class_name, item_id, follow=True): - provenance_item = self.get_object( trans, item_id, item_class_name, check_ownership=False, check_accessible=True ) + provenance_item = self.get_object( trans, item_id, item_class_name, check_ownership=False, check_accessible=False) + if item_class_name == "HistoryDatasetAssociation": + self.hdas.check_accessible(trans, provenance_item) + else: + self.security_check(trans, provenance_item, check_accessible=True) out = self._get_record(trans, provenance_item, follow) return out diff -r e2fb8fe53e8ec833881a7e45f7946f09a078c3fd -r fc89661b92dcbd9684ac779171235525601d0f4a test/api/test_history_contents_provenance.py --- /dev/null +++ b/test/api/test_history_contents_provenance.py @@ -0,0 +1,16 @@ +from base import api +from .helpers import DatasetPopulator + + +class TestProvenance( api.ApiTestCase ): + + def setUp( self ): + super( TestProvenance, self ).setUp( ) + self.dataset_populator = DatasetPopulator( self.galaxy_interactor ) + + def test_show_prov( self ): + history_id = self.dataset_populator.new_history() + new_dataset1 = self.dataset_populator.new_dataset( history_id, content='for prov' ) + prov_response = self._get( "histories/%s/contents/%s/provenance" % ( history_id, new_dataset1[ "id" ] ) ) + self._assert_status_code_is( prov_response, 200 ) + self._assert_has_keys( prov_response.json(), "job_id", "id", "stdout", "stderr", "parameters", "tool_id" ) https://bitbucket.org/galaxy/galaxy-central/commits/a769e2248066/ Changeset: a769e2248066 User: jmchilton Date: 2014-05-21 21:33:51 Summary: Merge next-stable. Affected #: 3 files diff -r 2601a535a02267e6af2c43b4a1a3e22ac9e78193 -r a769e22480662ec5d1205816bd162b6cfa6649f7 lib/galaxy/web/base/controller.py --- a/lib/galaxy/web/base/controller.py +++ b/lib/galaxy/web/base/controller.py @@ -304,7 +304,7 @@ def security_check( self, trans, item, check_ownership=False, check_accessible=False ): """ Security checks for an item: checks if (a) user owns item or (b) item is accessible to user. """ # all items are accessible to an admin - if trans.user and trans.user_is_admin(): + if trans.user_is_admin(): return item # Verify ownership: there is a current user and that user is the same as the item's diff -r 2601a535a02267e6af2c43b4a1a3e22ac9e78193 -r a769e22480662ec5d1205816bd162b6cfa6649f7 lib/galaxy/webapps/galaxy/api/provenance.py --- a/lib/galaxy/webapps/galaxy/api/provenance.py +++ b/lib/galaxy/webapps/galaxy/api/provenance.py @@ -5,6 +5,7 @@ from galaxy import web from galaxy.web.base.controller import BaseAPIController, UsesHistoryMixin from paste.httpexceptions import HTTPNotImplemented, HTTPBadRequest +from galaxy.managers import hdas log = logging.getLogger( __name__ ) @@ -12,6 +13,10 @@ class BaseProvenanceController( BaseAPIController, UsesHistoryMixin ): """ """ + def __init__( self, app ): + super( BaseProvenanceController, self ).__init__( app ) + self.hdas = hdas.HDAManager() + @web.expose_api def index( self, trans, **kwd ): follow = kwd.get('follow', False) @@ -34,7 +39,11 @@ raise HTTPBadRequest("Cannot Delete Provenance") def _get_provenance(self, trans, item_class_name, item_id, follow=True): - provenance_item = self.get_object( trans, item_id, item_class_name, check_ownership=False, check_accessible=True ) + provenance_item = self.get_object( trans, item_id, item_class_name, check_ownership=False, check_accessible=False) + if item_class_name == "HistoryDatasetAssociation": + self.hdas.check_accessible(trans, provenance_item) + else: + self.security_check(trans, provenance_item, check_accessible=True) out = self._get_record(trans, provenance_item, follow) return out diff -r 2601a535a02267e6af2c43b4a1a3e22ac9e78193 -r a769e22480662ec5d1205816bd162b6cfa6649f7 test/api/test_history_contents_provenance.py --- /dev/null +++ b/test/api/test_history_contents_provenance.py @@ -0,0 +1,16 @@ +from base import api +from .helpers import DatasetPopulator + + +class TestProvenance( api.ApiTestCase ): + + def setUp( self ): + super( TestProvenance, self ).setUp( ) + self.dataset_populator = DatasetPopulator( self.galaxy_interactor ) + + def test_show_prov( self ): + history_id = self.dataset_populator.new_history() + new_dataset1 = self.dataset_populator.new_dataset( history_id, content='for prov' ) + prov_response = self._get( "histories/%s/contents/%s/provenance" % ( history_id, new_dataset1[ "id" ] ) ) + self._assert_status_code_is( prov_response, 200 ) + self._assert_has_keys( prov_response.json(), "job_id", "id", "stdout", "stderr", "parameters", "tool_id" ) Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.
participants (1)
-
commits-noreply@bitbucket.org