details: http://www.bx.psu.edu/hg/galaxy/rev/4dc854bf2529 changeset: 2654:4dc854bf2529 user: Greg Von Kuster <greg@bx.psu.edu> date: Fri Aug 28 21:08:07 2009 -0400 description: Fix unit tests and clean up code for retrieving current user and roles. 21 file(s) affected in this change: lib/galaxy/tools/actions/__init__.py lib/galaxy/tools/parameters/basic.py lib/galaxy/web/controllers/dataset.py lib/galaxy/web/controllers/library.py lib/galaxy/web/controllers/root.py lib/galaxy/web/framework/__init__.py lib/galaxy/webapps/reports/buildapp.py templates/dataset/edit_attributes.mako templates/library/browse_library.mako templates/library/common.mako templates/library/folder_info.mako templates/library/folder_permissions.mako templates/library/ldda_edit_info.mako templates/library/ldda_info.mako templates/library/library_dataset_info.mako templates/library/library_dataset_permissions.mako templates/library/library_info.mako templates/library/library_permissions.mako templates/mobile/history/detail.mako templates/mobile/manage_library.mako templates/root/history_common.mako diffs (483 lines): diff -r 6b924dd68e77 -r 4dc854bf2529 lib/galaxy/tools/actions/__init__.py --- a/lib/galaxy/tools/actions/__init__.py Fri Aug 28 18:09:43 2009 -0400 +++ b/lib/galaxy/tools/actions/__init__.py Fri Aug 28 21:08:07 2009 -0400 @@ -47,11 +47,7 @@ assoc.dataset = new_data assoc.flush() data = new_data - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() if data and not trans.app.security_agent.allow_action( user, roles, data.permitted_actions.DATASET_ACCESS, @@ -268,11 +264,7 @@ # parameters to the command as a special case. for name, value in tool.params_to_strings( incoming, trans.app ).iteritems(): job.add_parameter( name, value ) - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() for name, dataset in inp_data.iteritems(): if dataset: if not trans.app.security_agent.allow_action( user, diff -r 6b924dd68e77 -r 4dc854bf2529 lib/galaxy/tools/parameters/basic.py --- a/lib/galaxy/tools/parameters/basic.py Fri Aug 28 18:09:43 2009 -0400 +++ b/lib/galaxy/tools/parameters/basic.py Fri Aug 28 21:08:07 2009 -0400 @@ -1137,11 +1137,7 @@ field = form_builder.SelectField( self.name, self.multiple, None, self.refresh_on_change, refresh_on_change_values = self.refresh_on_change_values ) # CRUCIAL: the dataset_collector function needs to be local to DataToolParameter.get_html_field() def dataset_collector( hdas, parent_hid ): - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() for i, hda in enumerate( hdas ): if len( hda.name ) > 30: hda_name = '%s..%s' % ( hda.name[:17], hda.name[-11:] ) diff -r 6b924dd68e77 -r 4dc854bf2529 lib/galaxy/web/controllers/dataset.py --- a/lib/galaxy/web/controllers/dataset.py Fri Aug 28 18:09:43 2009 -0400 +++ b/lib/galaxy/web/controllers/dataset.py Fri Aug 28 21:08:07 2009 -0400 @@ -108,11 +108,7 @@ data = trans.app.model.HistoryDatasetAssociation.get( dataset_id ) if not data: raise paste.httpexceptions.HTTPRequestRangeNotSatisfiable( "Invalid reference dataset id: %s." % str( dataset_id ) ) - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() if trans.app.security_agent.allow_action( user, roles, data.permitted_actions.DATASET_ACCESS, @@ -150,11 +146,7 @@ if 'display_url' not in kwd or 'redirect_url' not in kwd: return trans.show_error_message( 'Invalid parameters specified for "display at" link, please contact a Galaxy administrator' ) redirect_url = kwd['redirect_url'] % urllib.quote_plus( kwd['display_url'] ) - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() if trans.app.security_agent.allow_action( None, None, data.permitted_actions.DATASET_ACCESS, dataset=data.dataset ): return trans.response.send_redirect( redirect_url ) # anon access already permitted by rbac if trans.app.security_agent.allow_action( user, diff -r 6b924dd68e77 -r 4dc854bf2529 lib/galaxy/web/controllers/library.py --- a/lib/galaxy/web/controllers/library.py Fri Aug 28 18:09:43 2009 -0400 +++ b/lib/galaxy/web/controllers/library.py Fri Aug 28 21:08:07 2009 -0400 @@ -62,11 +62,7 @@ params = util.Params( kwd ) msg = util.restore_text( params.get( 'msg', '' ) ) messagetype = params.get( 'messagetype', 'done' ) - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() all_libraries = trans.app.model.Library.filter( trans.app.model.Library.table.c.deleted==False ) \ .order_by( trans.app.model.Library.name ).all() authorized_libraries = [] @@ -279,11 +275,7 @@ msg=util.sanitize_text( msg ), messagetype='error' ) ) seen = [] - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() for id in ldda_ids: ldda = trans.app.model.LibraryDatasetDatasetAssociation.get( id ) if not ldda or not trans.app.security_agent.allow_action( user, @@ -384,11 +376,7 @@ id=library_id, msg=util.sanitize_text( msg ), messagetype='error' ) ) - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() if action == 'information': if params.get( 'edit_attributes_button', False ): if trans.app.security_agent.allow_action( user, @@ -464,11 +452,7 @@ last_used_build = replace_dataset.library_dataset_dataset_association.dbkey else: replace_dataset = None - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() # Let's not overwrite the imported datatypes module with the variable datatypes? # The built-in 'id' is overwritten in lots of places as well ldatatypes = [ dtype_name for dtype_name, dtype_value in trans.app.datatypes_registry.datatypes_by_extension.iteritems() if dtype_value.allow_datatype_change ] @@ -939,11 +923,7 @@ # Since permissions on all LibraryDatasetDatasetAssociations must be the same at this point, we only need # to check one of them to see if the current user can manage permissions on them. check_ldda = trans.app.model.LibraryDatasetDatasetAssociation.get( ldda_id_list[0] ) - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() if trans.app.security_agent.allow_action( user, roles, trans.app.security_agent.permitted_actions.LIBRARY_MANAGE, @@ -1010,11 +990,7 @@ id=library_id, msg=util.sanitize_text( msg ), messagetype='error' ) ) - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() if action == 'new': if params.new == 'submitted': new_folder = trans.app.model.LibraryFolder( name=util.restore_text( params.name ), diff -r 6b924dd68e77 -r 4dc854bf2529 lib/galaxy/web/controllers/root.py --- a/lib/galaxy/web/controllers/root.py Fri Aug 28 18:09:43 2009 -0400 +++ b/lib/galaxy/web/controllers/root.py Fri Aug 28 21:08:07 2009 -0400 @@ -152,11 +152,7 @@ except: return "Dataset id '%s' is invalid" %str( id ) if data: - user = trans.user - if user: - roles = user.all_roles - else: - roles = None + user, roles = trans.get_user_and_roles() if trans.app.security_agent.allow_action( user, roles, data.permitted_actions.DATASET_ACCESS, @@ -192,11 +188,7 @@ if data: child = data.get_child_by_designation( designation ) if child: - user = trans.user - if user: - roles = user.all_roles - else: - roles = None + user, roles = trans.get_user_and_roles() if trans.app.security_agent.allow_action( user, roles, child.permitted_actions.DATASET_ACCESS, @@ -216,11 +208,7 @@ if 'authz_method' in kwd: authz_method = kwd['authz_method'] if data: - user = trans.user - if user: - roles = user.all_roles - else: - roles = None + user, roles = trans.get_user_and_roles() if authz_method == 'rbac' and trans.app.security_agent.allow_action( user, roles, data.permitted_actions.DATASET_ACCESS, @@ -273,11 +261,7 @@ return trans.show_error_message( "Problem retrieving dataset." ) if id is not None and data.history.user is not None and data.history.user != trans.user: return trans.show_error_message( "This instance of a dataset (%s) in a history does not belong to you." % ( data.id ) ) - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() if trans.app.security_agent.allow_action( user, roles, data.permitted_actions.DATASET_ACCESS, diff -r 6b924dd68e77 -r 4dc854bf2529 lib/galaxy/web/framework/__init__.py --- a/lib/galaxy/web/framework/__init__.py Fri Aug 28 18:09:43 2009 -0400 +++ b/lib/galaxy/web/framework/__init__.py Fri Aug 28 21:08:07 2009 -0400 @@ -498,6 +498,14 @@ self.sa_session.flush( [ self.galaxy_session ] ) user = property( get_user, set_user ) + def get_user_and_roles( self ): + user = self.get_user() + if user: + roles = user.all_roles() + else: + roles = None + return user, roles + def user_is_admin( self ): admin_users = self.app.config.get( "admin_users", "" ).split( "," ) if self.user and admin_users and self.user.email in admin_users: diff -r 6b924dd68e77 -r 4dc854bf2529 lib/galaxy/webapps/reports/buildapp.py --- a/lib/galaxy/webapps/reports/buildapp.py Fri Aug 28 18:09:43 2009 -0400 +++ b/lib/galaxy/webapps/reports/buildapp.py Fri Aug 28 21:08:07 2009 -0400 @@ -11,7 +11,6 @@ from paste.util import import_string from paste import httpexceptions from paste.deploy.converters import asbool -import flup.middleware.session as flup_session import pkg_resources log = logging.getLogger( __name__ ) diff -r 6b924dd68e77 -r 4dc854bf2529 templates/dataset/edit_attributes.mako --- a/templates/dataset/edit_attributes.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/dataset/edit_attributes.mako Fri Aug 28 21:08:07 2009 -0400 @@ -6,13 +6,7 @@ <%def name="stylesheets()"> ${h.css( "base", "history", "autocomplete_tagging" )} </%def> -<% - user = trans.user - if user: - user_roles = user.all_roles() - else: - user_roles = None -%> +<% user, user_roles = trans.get_user_and_roles() %> <%def name="javascripts()"> ## <!--[if lt IE 7]> diff -r 6b924dd68e77 -r 4dc854bf2529 templates/library/browse_library.mako --- a/templates/library/browse_library.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/library/browse_library.mako Fri Aug 28 21:08:07 2009 -0400 @@ -4,11 +4,7 @@ from galaxy import util from time import strftime - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() %> <%def name="title()">Browse data library</%def> diff -r 6b924dd68e77 -r 4dc854bf2529 templates/library/common.mako --- a/templates/library/common.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/library/common.mako Fri Aug 28 21:08:07 2009 -0400 @@ -14,11 +14,7 @@ elif isinstance( library_item, trans.app.model.LibraryDatasetDatasetAssociation ): library_item_type = 'library_dataset_dataset_association' library_item_desc = 'library dataset' - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() %> %if widgets: <p/> diff -r 6b924dd68e77 -r 4dc854bf2529 templates/library/folder_info.mako --- a/templates/library/folder_info.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/library/folder_info.mako Fri Aug 28 21:08:07 2009 -0400 @@ -2,13 +2,7 @@ <%namespace file="/message.mako" import="render_msg" /> <%namespace file="/library/common.mako" import="render_template_info" /> -<% - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None -%> +<% user, roles = trans.get_user_and_roles() %> <br/><br/> <ul class="manage-table-actions"> diff -r 6b924dd68e77 -r 4dc854bf2529 templates/library/folder_permissions.mako --- a/templates/library/folder_permissions.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/library/folder_permissions.mako Fri Aug 28 21:08:07 2009 -0400 @@ -2,13 +2,7 @@ <%namespace file="/message.mako" import="render_msg" /> <%namespace file="/dataset/security_common.mako" import="render_permission_form" /> -<% - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None -%> +<% user, roles = trans.get_user_and_roles() %> <br/><br/> <ul class="manage-table-actions"> diff -r 6b924dd68e77 -r 4dc854bf2529 templates/library/ldda_edit_info.mako --- a/templates/library/ldda_edit_info.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/library/ldda_edit_info.mako Fri Aug 28 21:08:07 2009 -0400 @@ -3,13 +3,7 @@ <%namespace file="/library/common.mako" import="render_template_info" /> <% from galaxy import util %> -<% - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None -%> +<% user, roles = trans.get_user_and_roles() %> %if ldda == ldda.library_dataset.library_dataset_dataset_association: <b><i>This is the latest version of this library dataset</i></b> diff -r 6b924dd68e77 -r 4dc854bf2529 templates/library/ldda_info.mako --- a/templates/library/ldda_info.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/library/ldda_info.mako Fri Aug 28 21:08:07 2009 -0400 @@ -8,11 +8,7 @@ current_version = True else: current_version = False - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() %> %if current_version: diff -r 6b924dd68e77 -r 4dc854bf2529 templates/library/library_dataset_info.mako --- a/templates/library/library_dataset_info.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/library/library_dataset_info.mako Fri Aug 28 21:08:07 2009 -0400 @@ -2,13 +2,7 @@ <%namespace file="/message.mako" import="render_msg" /> <%namespace file="/library/common.mako" import="render_template_info" /> -<% - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None -%> +<% user, roles = trans.get_user_and_roles() %> %if library_dataset == library_dataset.library_dataset_dataset_association.library_dataset: <b><i>This is the latest version of this library dataset</i></b> diff -r 6b924dd68e77 -r 4dc854bf2529 templates/library/library_dataset_permissions.mako --- a/templates/library/library_dataset_permissions.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/library/library_dataset_permissions.mako Fri Aug 28 21:08:07 2009 -0400 @@ -2,13 +2,7 @@ <%namespace file="/message.mako" import="render_msg" /> <%namespace file="/dataset/security_common.mako" import="render_permission_form" />> -<% - user = trans.user - if user: - user_roles = user.all_roles() - else: - user_roles = None -%> +<% user, roles = trans.get_user_and_roles() %> %if library_dataset == library_dataset.library_dataset_dataset_association.library_dataset: <b><i>This is the latest version of this library dataset</i></b> diff -r 6b924dd68e77 -r 4dc854bf2529 templates/library/library_info.mako --- a/templates/library/library_info.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/library/library_info.mako Fri Aug 28 21:08:07 2009 -0400 @@ -2,13 +2,7 @@ <%namespace file="/message.mako" import="render_msg" /> <%namespace file="/library/common.mako" import="render_template_info" /> -<% - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None -%> +<% user, roles = trans.get_user_and_roles() %> <br/><br/> <ul class="manage-table-actions"> diff -r 6b924dd68e77 -r 4dc854bf2529 templates/library/library_permissions.mako --- a/templates/library/library_permissions.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/library/library_permissions.mako Fri Aug 28 21:08:07 2009 -0400 @@ -2,13 +2,7 @@ <%namespace file="/message.mako" import="render_msg" /> <%namespace file="/dataset/security_common.mako" import="render_permission_form" /> -<% - user = trans.user - if user: - user_roles = user.all_roles() - else: - user_roles = None -%> +<% user, roles = trans.get_user_and_roles() %> <br/><br/> <ul class="manage-table-actions"> diff -r 6b924dd68e77 -r 4dc854bf2529 templates/mobile/history/detail.mako --- a/templates/mobile/history/detail.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/mobile/history/detail.mako Fri Aug 28 21:08:07 2009 -0400 @@ -36,13 +36,7 @@ <div class="secondary"> ## Body for history items, extra info and actions, data "peek" - <% - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None - %> + <% user, roles = trans.get_user_and_roles() %> %if not trans.app.security_agent.allow_action( user, roles, data.permitted_actions.DATASET_ACCESS, dataset = data.dataset ): <div>You do not have permission to view this dataset.</div> %elif data_state == "queued": diff -r 6b924dd68e77 -r 4dc854bf2529 templates/mobile/manage_library.mako --- a/templates/mobile/manage_library.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/mobile/manage_library.mako Fri Aug 28 21:08:07 2009 -0400 @@ -3,13 +3,7 @@ <%namespace file="/dataset/security_common.mako" import="render_permission_form" /> <%namespace file="/library/common.mako" import="render_template_info" /> -<% - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None -%> +<% user, roles = trans.get_user_and_roles() %> %if msg: ${render_msg( msg, messagetype )} diff -r 6b924dd68e77 -r 4dc854bf2529 templates/root/history_common.mako --- a/templates/root/history_common.mako Fri Aug 28 18:09:43 2009 -0400 +++ b/templates/root/history_common.mako Fri Aug 28 21:08:07 2009 -0400 @@ -6,11 +6,7 @@ data_state = "queued" else: data_state = data.state - user = trans.user - if user: - roles = user.all_roles() - else: - roles = None + user, roles = trans.get_user_and_roles() %> %if not trans.app.security_agent.allow_action( user, roles, data.permitted_actions.DATASET_ACCESS, dataset = data.dataset ): <div class="historyItemWrapper historyItem historyItem-${data_state} historyItem-noPermission" id="historyItem-${data.id}">