details: http://www.bx.psu.edu/hg/galaxy/rev/193e5f4e2444 changeset: 3583:193e5f4e2444 user: Greg Von Kuster <greg@bx.psu.edu> date: Wed Mar 31 09:42:50 2010 -0400 description: De-couple the user controller from the model, adding a webapp param to some method signatures to allow for different webapps to use the controller. Clean up the methods in the controller, eliminating all that are no longer used. Fix the verification mehtod for resetting user names to use rules for setting user names. Add new mako templates for the login and reset password methods instead of the inline form building. Fix a bug where the user's private roles was not correctly updated when the user's email address was changed. Overhaul the test_user_info functional test script, cleaning up the mehtod code and to provide coverage for all of the above fixed bugs. diffstat: lib/galaxy/web/controllers/admin.py | 5 +- lib/galaxy/web/controllers/mobile.py | 3 +- lib/galaxy/web/controllers/user.py | 647 +++++++++++------------- lib/galaxy/web/framework/__init__.py | 2 +- lib/galaxy/webapps/__init__.py | 2 +- lib/galaxy/webapps/reports/controllers/root.py | 12 +- templates/user/index.mako | 6 +- templates/user/info.mako | 98 +- templates/user/login.mako | 30 + templates/user/register.mako | 127 ++-- templates/user/reset_password.mako | 21 + test/base/test_db_util.py | 13 + test/base/twilltestcase.py | 70 +- test/functional/test_admin_features.py | 8 +- test/functional/test_data_security.py | 8 +- test/functional/test_history_functions.py | 8 +- test/functional/test_library_features.py | 8 +- test/functional/test_library_security.py | 8 +- test/functional/test_metadata_editing.py | 2 +- test/functional/test_user_info.py | 227 +++++--- 20 files changed, 688 insertions(+), 617 deletions(-) diffs (2010 lines): diff -r feff604427ee -r 193e5f4e2444 lib/galaxy/web/controllers/admin.py --- a/lib/galaxy/web/controllers/admin.py Tue Mar 30 17:03:29 2010 -0400 +++ b/lib/galaxy/web/controllers/admin.py Wed Mar 31 09:42:50 2010 -0400 @@ -710,7 +710,7 @@ def create_new_user( self, trans, **kwargs ): return trans.response.send_redirect( web.url_for( controller='user', action='create', - admin_view='True' ) ) + admin_view=True ) ) email = '' password = '' confirm = '' @@ -956,7 +956,8 @@ return trans.response.send_redirect( web.url_for( controller='user', action='show_info', user_id=user.id, - admin_view=True, **kwd ) ) + admin_view=True, + **kwd ) ) @web.expose @web.require_admin def name_autocomplete_data( self, trans, q=None, limit=None, timestamp=None ): diff -r feff604427ee -r 193e5f4e2444 lib/galaxy/web/controllers/mobile.py --- a/lib/galaxy/web/controllers/mobile.py Tue Mar 30 17:03:29 2010 -0400 +++ b/lib/galaxy/web/controllers/mobile.py Wed Mar 31 09:42:50 2010 -0400 @@ -55,7 +55,6 @@ elif not user.check_password( password ): error = "Invalid password" else: - trans.handle_user_login( user ) + trans.handle_user_login( user, 'galaxy' ) trans.log_event( "User logged in" ) return error - diff -r feff604427ee -r 193e5f4e2444 lib/galaxy/web/controllers/user.py --- a/lib/galaxy/web/controllers/user.py Tue Mar 30 17:03:29 2010 -0400 +++ b/lib/galaxy/web/controllers/user.py Wed Mar 31 09:42:50 2010 -0400 @@ -6,9 +6,7 @@ from galaxy import util import logging, os, string, re from random import choice -from galaxy.web.controllers.forms import get_all_forms from galaxy.web.form_builder import * -from galaxy.web.controllers import admin log = logging.getLogger( __name__ ) @@ -26,182 +24,127 @@ VALID_USERNAME_RE = re.compile( "^[a-z0-9\-]+$" ) class User( BaseController ): - @web.expose - def index( self, trans, **kwd ): - return trans.fill_template( '/user/index.mako', user=trans.get_user() ) - + def index( self, trans, webapp='galaxy', **kwd ): + return trans.fill_template( '/user/index.mako', user=trans.get_user(), webapp=webapp ) @web.expose - def change_password(self, trans, old_pass='', new_pass='', conf_pass='', **kwd): - old_pass_err = new_pass_err = conf_pass_err = '' - user = trans.get_user() - if not user: - trans.response.send_redirect( web.url_for( action='login' ) ) - if trans.request.method == 'POST': - if not user.check_password( old_pass ): - old_pass_err = "Invalid password" - elif len( new_pass ) < 6: - new_pass_err = "Please use a password of at least 6 characters" - elif new_pass != conf_pass: - conf_pass_err = "New passwords do not match." - else: - user.set_password_cleartext( new_pass ) - trans.sa_session.add( user ) - trans.sa_session.flush() - trans.log_event( "User change password" ) - return trans.show_ok_message( "Password has been changed for " + user.email) - # Generate input form - return trans.show_form( - web.FormBuilder( web.url_for() , "Change Password", submit_text="Submit" ) - .add_password( "old_pass", "Old Password", value='', error=old_pass_err ) - .add_password( "new_pass", "New Password", value='', error=new_pass_err ) - .add_password( "conf_pass", "Confirm Password", value='', error=conf_pass_err ) ) - @web.expose - def change_email(self, trans, email='', conf_email='', password='', **kwd): - email_err = conf_email_err = pass_err = '' - user = trans.get_user() - if not user: - trans.response.send_redirect( web.url_for( action='login' ) ) - if trans.request.method == "POST": - if not user.check_password( password ): - pass_err = "Invalid password" - elif len( email ) == 0 or "@" not in email or "." not in email: - email_err = "Please enter a real email address" - elif len( email) > 255: - email_err = "Email address exceeds maximum allowable length" - elif trans.sa_session.query( trans.app.model.User ).filter_by( email=email ).first(): - email_err = "User with that email already exists" - elif email != conf_email: - conf_email_err = "Email addresses do not match." - else: - user.email = email - trans.sa_session.add( user ) - trans.sa_session.flush() - trans.log_event( "User change email" ) - return trans.show_ok_message( "Email has been changed to: " + user.email, refresh_frames=['masthead', 'history'] ) - return trans.show_form( - web.FormBuilder( web.url_for(), "Change Email", submit_text="Submit" ) - .add_text( "email", "Email", value=email, error=email_err ) - .add_text( "conf_email", "Confirm Email", value='', error=conf_email_err ) - .add_password( "password", "Password", value='', error=pass_err ) ) - @web.expose - def change_username(self, trans, username='', **kwd): - username_err = '' - user = trans.get_user() - if not user: - trans.response.send_redirect( web.url_for( action='login' ) ) - if trans.request.method == "POST": - if len( username ) < 4: - username_err = "Username must be at least 4 characters in length" - elif len( username ) > 255: - username_err = "USername must be at most 255 characters in length" - elif not( VALID_USERNAME_RE.match( username ) ): - username_err = "Username must contain only letters, numbers, '-', and '_'" - elif trans.sa_session.query( trans.app.model.User ).filter_by( username=username ).first(): - username_err = "This username is not available" - else: - user.username = username - trans.sa_session.add( user ) - trans.sa_session.flush() - trans.log_event( "User change username" ) - return trans.show_ok_message( "Username been set to: " + user.username ) - else: - username = user.username or '' - return trans.show_form( - web.FormBuilder( web.url_for(), "Change username", submit_text="Submit" ) - .add_text( "username", "Username", value=username, error=username_err, - help="""Your username is an optional identifier that - will be used to generate adresses for information - you share publicly. Usernames must be at least - four characters in length and contain only lowercase - letters, numbers, and the '-' character.""" ) ) - - @web.expose - def login( self, trans, email='', password='', referer='', use_panels='True' ): - email_error = password_error = None - + def login( self, trans, webapp='galaxy', **kwd ): + use_panels = kwd.get( 'use_panels', 'True' ) # Convert use_panels to Boolean. use_panels = use_panels in [ 'True', 'true', 't', 'T' ] - - # Attempt login - if trans.app.config.require_login: - refresh_frames = [ 'masthead', 'history', 'tools' ] - else: - refresh_frames = [ 'masthead', 'history' ] - if email or password: + msg = kwd.get( 'msg', '' ) + messagetype = kwd.get( 'messagetype', 'done' ) + if kwd.get( 'login_button', False ): + email = kwd.get( 'email', '' ) + password = kwd.get( 'password', '' ) + referer = kwd.get( 'referer', '' ) + if webapp == 'galaxy': + if trans.app.config.require_login: + refresh_frames = [ 'masthead', 'history', 'tools' ] + else: + refresh_frames = [ 'masthead', 'history' ] user = trans.sa_session.query( trans.app.model.User ).filter( trans.app.model.User.table.c.email==email ).first() if not user: - email_error = "No such user" + msg = "No such user" + messagetype = 'error' elif user.deleted: - email_error = "This account has been marked deleted, contact your Galaxy administrator to restore the account." + msg = "This account has been marked deleted, contact your Galaxy administrator to restore the account." + messagetype = 'error' elif user.external: - email_error = "This account was created for use with an external authentication method, contact your local Galaxy administrator to activate it." + msg = "This account was created for use with an external authentication method, contact your local Galaxy administrator to activate it." + messagetype = 'error' elif not user.check_password( password ): - password_error = "Invalid password" + msg = "Invalid password" + messagetype = 'error' else: - trans.handle_user_login( user ) + trans.handle_user_login( user, webapp ) trans.log_event( "User logged in" ) - msg = "You are now logged in as %s.<br>You can <a href='%s'>go back to the page you were visiting</a> or <a href='%s'>go to the Galaxy homepage</a>." % ( user.email, referer, url_for( '/' ) ) + msg = "You are now logged in as %s.<br>You can <a href='%s'>go back to the page you were visiting</a> or <a href='%s'>go to the home page</a>." % \ + ( user.email, referer, url_for( '/' ) ) if trans.app.config.require_login: - msg += ' <a href="%s">Click here</a> to continue to the front page.' % web.url_for( '/static/welcome.html' ) + msg += ' <a href="%s">Click here</a> to continue to the home page.' % web.url_for( '/static/welcome.html' ) return trans.show_ok_message( msg, refresh_frames=refresh_frames, use_panels=use_panels, active_view="user" ) - form = web.FormBuilder( web.url_for(), "Login", submit_text="Login" ) \ - .add_text( "email", "Email address", value=email, error=email_error ) \ - .add_password( "password", "Password", value='', error=password_error, - help="<a href='%s'>Forgot password? Reset here</a>" % web.url_for( action='reset_password' ) ) \ - .add_input( "hidden", "referer", "referer", value=trans.request.referer, use_label=False ) if trans.app.config.require_login: if trans.app.config.allow_user_creation: - return trans.show_form( form, header = require_login_creation_template % web.url_for( action = 'create' ), use_panels=use_panels, active_view="user" ) + return trans.fill_template( '/user/login.mako', + webapp=webapp, + header=require_login_creation_template % web.url_for( action='create' ), + use_panels=use_panels, + msg=msg, + messagetype=messagetype, + active_view="user" ) else: - return trans.show_form( form, header = require_login_nocreation_template, use_panels=use_panels, active_view="user" ) + return trans.fill_template( '/user/login.mako', + webapp=webapp, + header=require_login_nocreation_template, + use_panels=use_panels, + msg=msg, + messagetype=messagetype, + active_view="user" ) + return trans.fill_template( '/user/login.mako', + webapp=webapp, + use_panels=use_panels, + msg=msg, + messagetype=messagetype, + active_view="use" ) + @web.expose + def logout( self, trans, webapp='galaxy' ): + if webapp == 'galaxy': + if trans.app.config.require_login: + refresh_frames = [ 'masthead', 'history', 'tools' ] + else: + refresh_frames = [ 'masthead', 'history' ] else: - return trans.show_form( form, use_panels=use_panels, active_view="user" ) - - @web.expose - def logout( self, trans ): - if trans.app.config.require_login: - refresh_frames = [ 'masthead', 'history', 'tools' ] - else: - refresh_frames = [ 'masthead', 'history' ] + refresh_frames = [] # Since logging an event requires a session, we'll log prior to ending the session trans.log_event( "User logged out" ) trans.handle_user_logout() - msg = "You have been logged out.<br>You can <a href='%s'>go back to the page you were visiting</a> or <a href='%s'>go to the Galaxy homepage</a>." % ( trans.request.referer, url_for( '/' ) ) + msg = "You have been logged out.<br>You can <a href='%s'>go back to the page you were visiting</a> or <a href='%s'>go to the home page</a>." % \ + ( trans.request.referer, url_for( '/' ) ) if trans.app.config.require_login: msg += ' <a href="%s">Click here</a> to return to the login page.' % web.url_for( controller='user', action='login' ) return trans.show_ok_message( msg, refresh_frames=refresh_frames, use_panels=True, active_view="user" ) - @web.expose - def create( self, trans, **kwd ): + def create( self, trans, webapp='galaxy', **kwd ): params = util.Params( kwd ) + use_panels = kwd.get( 'use_panels', 'True' ) + # Convert use_panels to Boolean. + use_panels = use_panels in [ 'True', 'true', 't', 'T' ] email = util.restore_text( params.get( 'email', '' ) ) - username = util.restore_text( params.get( 'username', '' ) ) # Do not sanitize passwords, so take from kwd # instead of params ( which were sanitized ) password = kwd.get( 'password', '' ) confirm = kwd.get( 'confirm', '' ) - subscribe = CheckboxField.is_checked( params.get( 'subscribe', '' ) ) - admin_view = params.get( 'admin_view', 'False' ) + username = util.restore_text( params.get( 'username', '' ) ) + subscribe = params.get( 'subscribe', '' ) + subscribe_checked = CheckboxField.is_checked( subscribe ) + admin_view = util.string_as_bool( params.get( 'admin_view', False ) ) msg = util.restore_text( params.get( 'msg', '' ) ) messagetype = params.get( 'messagetype', 'done' ) - if trans.app.config.require_login: - refresh_frames = [ 'masthead', 'history', 'tools' ] - else: - refresh_frames = [ 'masthead', 'history' ] + if webapp == 'galaxy': + if trans.app.config.require_login: + refresh_frames = [ 'masthead', 'history', 'tools' ] + else: + refresh_frames = [ 'masthead', 'history' ] if not trans.app.config.allow_user_creation and not trans.user_is_admin(): return trans.show_error_message( 'User registration is disabled. Please contact your Galaxy administrator for an account.' ) # Create the user, save all the user info and login to Galaxy - if params.get('create_user_button', None) == "Submit": - # check email and password validity - error = self.__validate(trans, params, email, password, confirm) + if params.get( 'create_user_button', False ): + # Check email and password validity + error = self.__validate( trans, params, email, password, confirm, webapp ) if error: - kwd[ 'msg' ] = error - kwd[ 'messagetype' ] = 'error' - kwd[ 'create_user_button' ] = None return trans.response.send_redirect( web.url_for( controller='user', action='create', - **kwd ) ) + webapp=webapp,email=email, + password=password, + confirm=confirm, + username=username, + subscribe=subscribe, + subscribe_checked=subscribe_checked, + admin_view=admin_view, + use_panels=use_panels, + msg=error, + messagetype='error' ) ) # all the values are valid user = trans.app.model.User( email=email ) user.set_password_cleartext( password ) @@ -209,39 +152,55 @@ trans.sa_session.add( user ) trans.sa_session.flush() trans.app.security_agent.create_private_user_role( user ) - # We set default user permissions, before we log in and set the default history permissions - trans.app.security_agent.user_set_default_permissions( user, default_access_private = trans.app.config.new_user_dataset_access_role_default_private ) - # save user info - self.__save_user_info(trans, user, action='create', new_user=True, **kwd) - if subscribe: - mail = os.popen("%s -t" % trans.app.config.sendmail_path, 'w') - mail.write("To: %s\nFrom: %s\nSubject: Join Mailing List\n\nJoin Mailing list." % (trans.app.config.mailing_join_addr,email) ) - if mail.close(): - return trans.show_warn_message( "Now logged in as " + user.email+". However, subscribing to the mailing list has failed.", refresh_frames=refresh_frames ) - if admin_view == 'False': - # The handle_user_login() method has a call to the history_set_default_permissions() method - # (needed when logging in with a history), user needs to have default permissions set before logging in - trans.handle_user_login( user ) - trans.log_event( "User created a new account" ) - trans.log_event( "User logged in" ) - # subscribe user to email list - return trans.show_ok_message( "Now logged in as %s.<br><a href='%s'>Return to the Galaxy start page.</a>" % ( user.email, url_for( '/' ) ), refresh_frames=refresh_frames, use_panels=True ) + if webapp == 'galaxy': + # We set default user permissions, before we log in and set the default history permissions + trans.app.security_agent.user_set_default_permissions( user, + default_access_private=trans.app.config.new_user_dataset_access_role_default_private ) + # save user info + self.__save_user_info( trans, user, action='create', new_user=True, **kwd ) + if subscribe_checked: + mail = os.popen( "%s -t" % trans.app.config.sendmail_path, 'w' ) + mail.write( "To: %s\nFrom: %s\nSubject: Join Mailing List\n\nJoin Mailing list." % ( trans.app.config.mailing_join_addr,email ) ) + if mail.close(): + return trans.show_warn_message( "Now logged in as " + user.email+". However, subscribing to the mailing list has failed.", + refresh_frames=refresh_frames ) + if not admin_view: + # The handle_user_login() method has a call to the history_set_default_permissions() method + # (needed when logging in with a history), user needs to have default permissions set before logging in + trans.handle_user_login( user, webapp ) + trans.log_event( "User created a new account" ) + trans.log_event( "User logged in" ) + # subscribe user to email list + return trans.show_ok_message( "Now logged in as %s.<br><a href='%s'>Return to the home page.</a>" % \ + ( user.email, url_for( '/' ) ), refresh_frames=refresh_frames, use_panels=True ) + else: + trans.response.send_redirect( web.url_for( controller='admin', + action='users', + message='Created new user account (%s)' % user.email, + status='done' ) ) else: - trans.response.send_redirect( web.url_for( controller='admin', - action='users', - message='Created new user account (%s)' % user.email, - status='done' ) ) + return trans.show_ok_message( "Now logged in as %s.<br><a href='%s'>Return to the home page.</a>" % \ + ( user.email, url_for( '/' ) ), use_panels=False ) + if webapp == 'galaxy': + user_info_select, user_info_form, widgets = self.__user_info_ui( trans, **kwd ) else: - # - # Show the user registration form - # - user_info_select, user_info_form, login_info, widgets = self.__user_info_ui(trans, **kwd) - return trans.fill_template( '/user/register.mako', - user_info_select=user_info_select, - user_info_form=user_info_form, widgets=widgets, - login_info=login_info, admin_view=admin_view, - msg=msg, messagetype=messagetype) - + user_info_select = [] + user_info_form = [] + widgets = [] + return trans.fill_template( '/user/register.mako', + email=email, + password=password, + confirm=confirm, + username=username, + subscribe_checked=subscribe_checked, + admin_view=admin_view, + user_info_select=user_info_select, + user_info_form=user_info_form, + widgets=widgets, + webapp=webapp, + use_panels=use_panels, + msg=msg, + messagetype=messagetype ) def __save_user_info(self, trans, user, action, new_user=True, **kwd): ''' This method saves the user information for new users as well as editing user @@ -249,6 +208,10 @@ the one that user has selected. And for existing users, the user info form is retrieved from the db. ''' + # TODO: the user controller must be decoupled from the model, so this import causes problems. + # The get_all_forms method is used only if Galaxy is the webapp, so it needs to be re-worked + # so that it can be imported with no problems if the controller is not 'galaxy'. + from galaxy.web.controllers.forms import get_all_forms params = util.Params( kwd ) # get all the user information forms user_info_forms = get_all_forms( trans, filter=dict(deleted=False), @@ -325,53 +288,56 @@ trans.sa_session.add( user.values ) trans.sa_session.add( user ) trans.sa_session.flush() - def __validate_email(self, trans, params, email, user=None): + def __validate_email( self, trans, email, user=None ): error = None - if user: - if user.email == email: - return None - if len(email) == 0 or "@" not in email or "." not in email: - error = "Please enter a real email address" - elif len(email) > 255: + if user and user.email == email: + return None + if len( email ) == 0 or "@" not in email or "." not in email: + error = "Enter a real email address" + elif len( email ) > 255: error = "Email address exceeds maximum allowable length" - elif trans.sa_session.query( trans.app.model.User ).filter_by(email=email).all(): + elif trans.sa_session.query( trans.app.model.User ).filter_by( email=email ).first(): error = "User with that email already exists" return error - def __validate_username(self, trans, params, username, user=None): + def __validate_username( self, trans, username, user=None ): + # User names must be at least four characters in length and contain only lower-case + # letters, numbers, and the '-' character. + if user and user.username == username: + return None + if len( username ) < 4: + return "User name must be at least 4 characters in length" + if len( username ) > 255: + return "User name cannot be more than 255 characters in length" + if not( VALID_USERNAME_RE.match( username ) ): + return "User name must contain only letters, numbers and '-'" + if trans.sa_session.query( trans.app.model.User ).filter_by( username=username ).first(): + return "This user name is not available" + return None + def __validate_password( self, trans, password, confirm ): error = None - if user: - if user.username == username: - return None - if len( username ) < 3: - error = "Username must be at least 3 characters long" - elif len( username ) > 255: - error = "Username cannot be more than 255 characters" - elif trans.sa_session.query( trans.app.model.User ).filter_by( username=username ).all(): - error = "User with that username already exists" - return error - - def __validate_password(self, trans, params, password, confirm): - error = None - if len(password) < 6: - error = "Please use a password of at least 6 characters" + if len( password ) < 6: + error = "Use a password of at least 6 characters" elif password != confirm: error = "Passwords do not match" return error - - def __validate(self, trans, params, email, password, confirm): - error = self.__validate_email(trans, params, email) + def __validate( self, trans, params, email, password, confirm, webapp ): + error = self.__validate_email( trans, email ) if error: return error - error = self.__validate_password(trans, params, password, confirm) + error = self.__validate_password( trans, password, confirm ) if error: return error - if len(get_all_forms( trans, - filter=dict(deleted=False), - form_type=trans.app.model.FormDefinition.types.USER_INFO )): - if params.get('user_info_select', 'none') == 'none': - return 'Select the user type and the user information' + if webapp == 'galaxy': + # TODO: the user controller must be decoupled from the model, so this import causes problems. + # The get_all_forms method is used only if Galaxy is the webapp, so it needs to be re-worked + # so that it can be imported with no problems if the controller is not 'galaxy'. + from galaxy.web.controllers.forms import get_all_forms + if len( get_all_forms( trans, + filter=dict( deleted=False ), + form_type=trans.app.model.FormDefinition.types.USER_INFO ) ): + if params.get( 'user_info_select', 'none' ) == 'none': + return 'Select the user type and the user information' return None - def __user_info_ui(self, trans, user=None, **kwd): ''' This method creates the user type select box & user information form widgets @@ -381,6 +347,10 @@ show a selectbox containing all the forms, then the user can select the one that fits the user's description the most ''' + # TODO: the user controller must be decoupled from the model, so this import causes problems. + # The get_all_forms method is used only if Galaxy is the webapp, so it needs to be re-worked + # so that it can be imported with no problems if the controller is not 'galaxy'. + from galaxy.web.controllers.forms import get_all_forms params = util.Params( kwd ) # get all the user information forms user_info_forms = get_all_forms( trans, filter=dict(deleted=False), @@ -411,30 +381,11 @@ # when there is just one user information form the just render that form elif len(user_info_forms) == 1: selected_user_form_id = user_info_forms[0].id - # now, create the selected user form widgets starting with the basic - # login information - if user: - login_info = { 'Email': TextField( 'email', 40, user.email ), - 'Public Username': TextField( 'username', 40, user.username ), - 'Current Password': PasswordField( 'current', 40, '' ), - 'New Password': PasswordField( 'password', 40, '' ), - 'Confirm': PasswordField( 'confirm', 40, '' ) } - else: - login_info = { 'Email': TextField( 'email', 40, - util.restore_text( params.get('email', '') ) ), - 'Public Username': TextField( 'username', 40, - util.restore_text( params.get( 'username', '' ) ) ), - 'Password': PasswordField( 'password', 40, - params.get( 'password', '' ) ), - 'Confirm': PasswordField( 'confirm', 40, - params.get( 'confirm', '' ) ), - 'Subscribe To Mailing List': CheckboxField( 'subscribe', - util.restore_text( params.get('subscribe', '') ) ) } # user information try: user_info_form = trans.sa_session.query( trans.app.model.FormDefinition ).get(int(selected_user_form_id)) except: - return user_info_select, None, login_info, None + return user_info_select, None, None if user: if user.values: widgets = user_info_form.get_widgets(user=user, @@ -444,32 +395,39 @@ widgets = user_info_form.get_widgets(None, contents=[], **kwd) else: widgets = user_info_form.get_widgets(None, contents=[], **kwd) - return user_info_select, user_info_form, login_info, widgets - + return user_info_select, user_info_form, widgets @web.expose def show_info( self, trans, **kwd ): ''' This method displays the user information page which consists of login - information, public username, reset password & other user information + information, public user name, reset password & other user information obtained during registration ''' + # TODO: the user controller must be decoupled from the model, so this import causes problems. + # The get_all_forms method is used only if Galaxy is the webapp, so it needs to be re-worked + # so that it can be imported with no problems if the controller is not 'galaxy'. + from galaxy.web.controllers.forms import get_all_forms params = util.Params( kwd ) + user_id = params.get( 'user_id', None ) + if user_id: + user = trans.sa_session.query( trans.app.model.User ).get( int( user_id ) ) + else: + user = trans.user + if not user: + raise "In show_info, we don't have a valid user" + email = util.restore_text( params.get( 'email', user.email ) ) + # Do not sanitize passwords, so take from kwd + # instead of params ( which were sanitized ) + current = kwd.get( 'current', '' ) + password = kwd.get( 'password', '' ) + confirm = kwd.get( 'confirm', '' ) + username = util.restore_text( params.get( 'username', '' ) ) + if not username: + username = user.username + admin_view = util.string_as_bool( params.get( 'admin_view', False ) ) msg = util.restore_text( params.get( 'msg', '' ) ) messagetype = params.get( 'messagetype', 'done' ) - # check if this method is called from the admin perspective, - if params.get('admin_view', 'False') == 'True': - try: - user = trans.sa_session.query( trans.app.model.User ).get( int( params.get( 'user_id', None ) ) ) - except: - return trans.response.send_redirect( web.url_for( controller='admin', - action='users', - message='Invalid user', - status='error' ) ) - admin_view = True - else: - user = trans.user - admin_view = False - user_info_select, user_info_form, login_info, widgets = self.__user_info_ui(trans, user, **kwd) + user_info_select, user_info_form, widgets = self.__user_info_ui( trans, user, **kwd ) # user's addresses show_filter = util.restore_text( params.get( 'show_filter', 'Active' ) ) if show_filter == 'All': @@ -480,73 +438,75 @@ addresses = [address for address in user.addresses if not address.deleted] user_info_forms = get_all_forms( trans, filter=dict(deleted=False), form_type=trans.app.model.FormDefinition.types.USER_INFO ) - return trans.fill_template( '/user/info.mako', user=user, admin_view=admin_view, + return trans.fill_template( '/user/info.mako', + user=user, + email=email, + current=current, + password=password, + confirm=confirm, + username=username, user_info_select=user_info_select, - user_info_form=user_info_form, widgets=widgets, - login_info=login_info, user_info_forms=user_info_forms, - addresses=addresses, show_filter=show_filter, - msg=msg, messagetype=messagetype) + user_info_forms=user_info_forms, + user_info_form=user_info_form, + widgets=widgets, + addresses=addresses, + show_filter=show_filter, + admin_view=admin_view, + msg=msg, + messagetype=messagetype ) @web.expose def edit_info( self, trans, **kwd ): params = util.Params( kwd ) + user_id = params.get( 'user_id', None ) + admin_view = util.string_as_bool( params.get( 'admin_view', False ) ) msg = util.restore_text( params.get( 'msg', '' ) ) messagetype = params.get( 'messagetype', 'done' ) - if params.get('admin_view', 'False') == 'True': - try: - user = trans.sa_session.query( trans.app.model.User ).get( int( params.get( 'user_id', None ) ) ) - except: - return trans.response.send_redirect( web.url_for( controller='admin', - action='users', - message='Invalid user', - status='error' ) ) + if user_id: + user = trans.sa_session.query( trans.app.model.User ).get( int( user_id ) ) else: user = trans.user - # - # Editing login info (email & username) - # - if params.get('login_info_button', None) == 'Save': - email = util.restore_text( params.get('email', '') ).lower() - username = util.restore_text( params.get('username', '') ).lower() + # Editing login info ( email & username ) + if params.get( 'login_info_button', False ): + email = util.restore_text( params.get( 'email', '' ) ) + username = util.restore_text( params.get( 'username', '' ) ).lower() # validate the new values - error = self.__validate_email(trans, params, email, user) + error = self.__validate_email( trans, email, user ) + if not error: + error = self.__validate_username( trans, username, user ) if error: return trans.response.send_redirect( web.url_for( controller='user', action='show_info', msg=error, messagetype='error') ) - error = self.__validate_username( trans, params, username, user ) - if error: - return trans.response.send_redirect( web.url_for( controller='user', - action='show_info', - msg=error, - messagetype='error') ) - # the new email & username + # The user's private role name must match the user's login ( email ) + private_role = trans.app.security_agent.get_private_user_role( user ) + private_role.name = email + private_role.description = 'Private role for ' + email + # Now change the user info user.email = email user.username = username - trans.sa_session.add( user ) + trans.sa_session.add_all( ( user, private_role ) ) trans.sa_session.flush() msg = 'The login information has been updated with the changes' - if params.get('admin_view', 'False') == 'True': + if admin_view: return trans.response.send_redirect( web.url_for( controller='user', action='show_info', user_id=user.id, - admin_view=True, + admin_view=admin_view, msg=msg, messagetype='done' ) ) return trans.response.send_redirect( web.url_for( controller='user', action='show_info', msg=msg, messagetype='done') ) - # # Change password - # - elif params.get('change_password_button', None) == 'Save': + elif params.get( 'change_password_button', False ): # Do not sanitize passwords, so get from kwd and not params # ( which were sanitized ). password = kwd.get( 'password', '' ) confirm = kwd.get( 'confirm', '' ) - # when from the user perspective, validate the current password - if params.get('admin_view', 'False') == 'False': + # When from the user perspective, validate the current password + if not admin_view: # Do not sanitize passwords, so get from kwd and not params # ( which were sanitized ). current = kwd.get( 'current', '' ) @@ -556,13 +516,13 @@ msg='Invalid current password', messagetype='error') ) # validate the new values - error = self.__validate_password(trans, params, password, confirm) + error = self.__validate_password( trans, password, confirm ) if error: - if params.get('admin_view', 'False') == 'True': + if admin_view: return trans.response.send_redirect( web.url_for( controller='user', action='show_info', user_id=user.id, - admin_view=True, + admin_view=admin_view, msg=error, messagetype='error' ) ) return trans.response.send_redirect( web.url_for( controller='user', @@ -575,28 +535,26 @@ trans.sa_session.flush() trans.log_event( "User change password" ) msg = 'The password has been changed.' - if params.get('admin_view', 'False') == 'True': + if admin_view: return trans.response.send_redirect( web.url_for( controller='user', action='show_info', user_id=user.id, - admin_view=True, + admin_view=admin_view, msg=msg, messagetype='done' ) ) return trans.response.send_redirect( web.url_for( controller='user', action='show_info', msg=msg, messagetype='done') ) - # # Edit user information - # - elif params.get('edit_user_info_button', None) == 'Save': + elif params.get( 'edit_user_info_button', False ): self.__save_user_info(trans, user, "show_info", new_user=False, **kwd) msg = "The user information has been updated with the changes." - if params.get('admin_view', 'False') == 'True': + if admin_view: return trans.response.send_redirect( web.url_for( controller='user', action='show_info', user_id=user.id, - admin_view=True, + admin_view=admin_view, msg=msg, messagetype='done' ) ) return trans.response.send_redirect( web.url_for( controller='user', @@ -604,43 +562,48 @@ msg=msg, messagetype='done') ) else: - if params.get('admin_view', 'False') == 'True': + if admin_view: return trans.response.send_redirect( web.url_for( controller='user', action='show_info', user_id=user.id, - admin_view=True ) ) + admin_view=admin_view ) ) return trans.response.send_redirect( web.url_for( controller='user', action='show_info' ) ) - @web.expose - def reset_password( self, trans, email=None, **kwd ): - error = '' - reset_user = trans.sa_session.query( trans.app.model.User ).filter( trans.app.model.User.table.c.email==email ).first() - user = trans.get_user() - if reset_user: - if user and user.id != reset_user.id: - error = "You may only reset your own password" - else: - chars = string.letters + string.digits - new_pass = "" - for i in range(15): - new_pass = new_pass + choice(chars) - mail = os.popen("%s -t" % trans.app.config.sendmail_path, 'w') - mail.write("To: %s\nFrom: no-reply@nowhere.edu\nSubject: Galaxy Password Reset\n\nYour password has been reset to \"%s\" (no quotes)." % (email, new_pass) ) - if mail.close(): - return trans.show_error_message( 'Failed to reset password. If this problem persists, please submit a bug report.' ) - reset_user.set_password_cleartext( new_pass ) - trans.sa_session.add( reset_user ) - trans.sa_session.flush() - trans.log_event( "User reset password: %s" % email ) - return trans.show_ok_message( "Password has been reset and emailed to: %s. <a href='%s'>Click here</a> to return to the login form." % ( email, web.url_for( action='login' ) ) ) - elif email != None: - error = "The specified user does not exist" - elif email is None: - email = "" - return trans.show_form( - web.FormBuilder( web.url_for(), "Reset Password", submit_text="Submit" ) - .add_text( "email", "Email", value=email, error=error ) ) + def reset_password( self, trans, email=None, webapp='galaxy', **kwd ): + msg = util.restore_text( kwd.get( 'msg', '' ) ) + messagetype = 'done' + if kwd.get( 'reset_password_button', False ): + reset_user = trans.sa_session.query( trans.app.model.User ).filter( trans.app.model.User.table.c.email==email ).first() + user = trans.get_user() + if reset_user: + if user and user.id != reset_user.id: + msg = "You may only reset your own password" + messagetype = 'error' + else: + chars = string.letters + string.digits + new_pass = "" + for i in range(15): + new_pass = new_pass + choice(chars) + mail = os.popen("%s -t" % trans.app.config.sendmail_path, 'w') + mail.write("To: %s\nFrom: no-reply@nowhere.edu\nSubject: Galaxy Password Reset\n\nYour password has been reset to \"%s\" (no quotes)." % (email, new_pass) ) + if mail.close(): + msg = 'Failed to reset password. If this problem persists, please submit a bug report.' + messagetype = 'error' + reset_user.set_password_cleartext( new_pass ) + trans.sa_session.add( reset_user ) + trans.sa_session.flush() + trans.log_event( "User reset password: %s" % email ) + return trans.show_ok_message( "Password has been reset and emailed to: %s. <a href='%s'>Click here</a> to return to the login form." % ( email, web.url_for( action='login' ) ) ) + elif email != None: + msg = "The specified user does not exist" + messagetype = 'error' + elif email is None: + email = "" + return trans.fill_template( '/user/reset_password.mako', + webapp=webapp, + msg=msg, + messagetype=messagetype ) @web.expose def set_default_permissions( self, trans, **kwd ): """Sets the user's default permissions for the new histories""" @@ -687,7 +650,7 @@ params = util.Params( kwd ) msg = util.restore_text( params.get( 'msg', '' ) ) messagetype = params.get( 'messagetype', 'done' ) - admin_view = params.get( 'admin_view', 'False' ) + admin_view = util.string_as_bool( params.get( 'admin_view', False ) ) error = '' user = trans.sa_session.query( trans.app.model.User ).get( int( params.get( 'user_id', None ) ) ) if not trans.app.config.allow_user_creation and not trans.user_is_admin(): @@ -723,10 +686,10 @@ trans.sa_session.add( user_address ) trans.sa_session.flush() msg = 'Address <b>%s</b> has been added' % user_address.desc - if admin_view == 'True': + if admin_view: return trans.response.send_redirect( web.url_for( controller='user', action='show_info', - admin_view=True, + admin_view=admin_view, user_id=user.id, msg=msg, messagetype='done') ) @@ -758,26 +721,23 @@ widget=TextField( 'country', 40, '' ) ) ) widgets.append(dict(label='Phone', widget=TextField( 'phone', 40, '' ) ) ) - return trans.fill_template( 'user/new_address.mako', user=user, + return trans.fill_template( 'user/new_address.mako', + user=user, admin_view=admin_view, - widgets=widgets, msg=msg, messagetype=messagetype) + widgets=widgets, + msg=msg, + messagetype=messagetype) @web.expose def edit_address( self, trans, **kwd ): params = util.Params( kwd ) + user_id = params.get( 'user_id', None ) + address_id = params.get( 'address_id', None ) msg = util.restore_text( params.get( 'msg', '' ) ) messagetype = params.get( 'messagetype', 'done' ) - admin_view = params.get( 'admin_view', 'False' ) + admin_view = util.string_as_bool( params.get( 'admin_view', False ) ) error = '' - user = trans.sa_session.query( trans.app.model.User ).get( int( params.get( 'user_id', None ) ) ) - try: - user_address = trans.sa_session.query( trans.app.model.UserAddress ).get(int(params.get( 'address_id', None ))) - except: - return trans.response.send_redirect( web.url_for( controller='user', - action='show_info', - user_id=user.id, - admin_view=admin_view, - msg='Invalid address ID', - messagetype='error' ) ) + user = trans.sa_session.query( trans.app.model.User ).get( int( user_id ) ) + user_address = trans.sa_session.query( trans.app.model.UserAddress ).get( int( address_id ) ) if params.get( 'edit_address_button', None ) == 'Save changes': if not len( util.restore_text( params.get( 'short_desc', '' ) ) ): error = 'Enter a short description for this address' @@ -808,11 +768,11 @@ trans.sa_session.add( user_address ) trans.sa_session.flush() msg = 'Changes made to address <b>%s</b> are saved.' % user_address.desc - if admin_view == 'True': + if admin_view: return trans.response.send_redirect( web.url_for( controller='user', action='show_info', user_id=user.id, - admin_view=True, + admin_view=admin_view, msg=msg, messagetype='done' ) ) return trans.response.send_redirect( web.url_for( controller='user', @@ -843,11 +803,15 @@ widget=TextField( 'country', 40, user_address.country ) ) ) widgets.append(dict(label='Phone', widget=TextField( 'phone', 40, user_address.phone ) ) ) - return trans.fill_template( 'user/edit_address.mako', user=user, - address=user_address, admin_view=admin_view, - widgets=widgets, msg=msg, messagetype=messagetype) + return trans.fill_template( 'user/edit_address.mako', + user=user, + address=user_address, + admin_view=admin_view, + widgets=widgets, + msg=msg, + messagetype=messagetype) @web.expose - def delete_address( self, trans, address_id=None, user_id=None, admin_view='False'): + def delete_address( self, trans, address_id=None, user_id=None, admin_view=False ): try: user_address = trans.sa_session.query( trans.app.model.UserAddress ).get( int( address_id ) ) except: @@ -866,7 +830,7 @@ msg='Address <b>%s</b> deleted' % user_address.desc, messagetype='done') ) @web.expose - def undelete_address( self, trans, address_id=None, user_id=None, admin_view='False'): + def undelete_address( self, trans, address_id=None, user_id=None, admin_view=False ): try: user_address = trans.sa_session.query( trans.app.model.UserAddress ).get( int( address_id ) ) except: @@ -884,4 +848,3 @@ user_id=user_id, msg='Address <b>%s</b> undeleted' % user_address.desc, messagetype='done') ) - diff -r feff604427ee -r 193e5f4e2444 lib/galaxy/web/framework/__init__.py --- a/lib/galaxy/web/framework/__init__.py Tue Mar 30 17:03:29 2010 -0400 +++ b/lib/galaxy/web/framework/__init__.py Wed Mar 31 09:42:50 2010 -0400 @@ -411,7 +411,7 @@ Update the session cookie to match the current session. """ self.set_cookie( self.security.encode_session_key( self.galaxy_session.session_key ), name=name ) - def handle_user_login( self, user ): + def handle_user_login( self, user, webapp ): """ Login a new user (possibly newly created) - create a new session diff -r feff604427ee -r 193e5f4e2444 lib/galaxy/webapps/__init__.py --- a/lib/galaxy/webapps/__init__.py Tue Mar 30 17:03:29 2010 -0400 +++ b/lib/galaxy/webapps/__init__.py Wed Mar 31 09:42:50 2010 -0400 @@ -1,3 +1,3 @@ -"""Galaxy Reports root package -- this is a namespace package.""" +"""Galaxy webapps root package -- this is a namespace package.""" __import__( "pkg_resources" ).declare_namespace( __name__ ) \ No newline at end of file diff -r feff604427ee -r 193e5f4e2444 lib/galaxy/webapps/reports/controllers/root.py --- a/lib/galaxy/webapps/reports/controllers/root.py Tue Mar 30 17:03:29 2010 -0400 +++ b/lib/galaxy/webapps/reports/controllers/root.py Wed Mar 31 09:42:50 2010 -0400 @@ -14,9 +14,11 @@ brand = trans.app.config.get( "brand", "" ) if brand: brand ="<span class='brand'>/%s</span>" % brand - wiki_url = trans.app.config.get( "wiki_url", "http://g2.trac.bx.psu.edu/" ) + wiki_url = trans.app.config.get( "wiki_url", "http://bitbucket.org/galaxy/galaxy-central/wiki/Home" ) bugs_email = trans.app.config.get( "bugs_email", "mailto:galaxy-bugs@bx.psu.edu" ) - blog_url = trans.app.config.get( "blog_url", "http://g2.trac.bx.psu.edu/blog" ) - screencasts_url = trans.app.config.get( "screencasts_url", "http://g2.trac.bx.psu.edu/wiki/ScreenCasts" ) - return trans.fill_template( "masthead.mako", brand=brand, wiki_url=wiki_url, blog_url=blog_url,bugs_email=bugs_email, screencasts_url=screencasts_url ) - + screencasts_url = trans.app.config.get( "screencasts_url", "http://galaxycast.org" ) + return trans.fill_template( "masthead.mako", + brand=brand, + wiki_url=wiki_url, + bugs_email=bugs_email, + screencasts_url=screencasts_url ) diff -r feff604427ee -r 193e5f4e2444 templates/user/index.mako --- a/templates/user/index.mako Tue Mar 30 17:03:29 2010 -0400 +++ b/templates/user/index.mako Wed Mar 31 09:42:50 2010 -0400 @@ -7,8 +7,10 @@ %if user: <p>You are currently logged in as ${user.email}.</p> <ul> - <li><a href="${h.url_for( action='show_info' )}">${_('Manage your information')}</a></li> - <li><a href="${h.url_for( action='set_default_permissions' )}">${_('Change default permissions')}</a> for new histories</li> + %if webapp == 'galaxy': + <li><a href="${h.url_for( action='show_info' )}">${_('Manage your information')}</a></li> + <li><a href="${h.url_for( action='set_default_permissions' )}">${_('Change default permissions')}</a> for new histories</li> + %endif <li><a href="${h.url_for( action='logout' )}">${_('Logout')}</a></li> </ul> %else: diff -r feff604427ee -r 193e5f4e2444 templates/user/info.mako --- a/templates/user/info.mako Tue Mar 30 17:03:29 2010 -0400 +++ b/templates/user/info.mako Wed Mar 31 09:42:50 2010 -0400 @@ -1,7 +1,6 @@ <%inherit file="/base.mako"/> <%namespace file="/message.mako" import="render_msg" /> - %if msg: ${render_msg( msg, messagetype )} %endif @@ -45,15 +44,20 @@ <form name="login_info" id="login_info" action="${h.url_for( controller='user', action='edit_info', user_id=user.id, admin_view=admin_view )}" method="post" > <div class="toolFormTitle">Login Information</div> <div class="form-row"> - <label>Email</label> - ${login_info[ 'Email' ].get_html()} + <label>Email address:</label> + <input type="text" name="email" value="${email}" size="40"/> </div> <div class="form-row"> - <label>Public Username</label> - ${login_info[ 'Public Username' ].get_html()} + <label>Public user name:</label> + <input type="text" name="username" size="40" value="${username}"/> + <div class="toolParamHelp" style="clear: both;"> + Your user name is an optional identifier that will be used to generate addresses for information + you share publicly. User names must be at least four characters in length and contain only lower-case + letters, numbers, and the '-' character. + </div> </div> <div class="form-row"> - <input type="submit" name="login_info_button" value="Save"> + <input type="submit" name="login_info_button" value="Save"/> </div> </form> </div> @@ -63,54 +67,54 @@ <div class="toolFormTitle">Change Password</div> %if not admin_view: <div class="form-row"> - <label>Current Password</label> - ${login_info[ 'Current Password' ].get_html()} + <label>Current Password:</label> + <input type="password" name="current" value="${current}" size="40"/> </div> %endif <div class="form-row"> - <label>New Password</label> - ${login_info[ 'New Password' ].get_html()} + <label>New Password:</label> + <input type="password" name="password" value="${password}" size="40"/> </div> <div class="form-row"> - <label>Confirm</label> - ${login_info[ 'Confirm' ].get_html()} + <label>Confirm:</label> + <input type="password" name="confirm" value="${confirm}" size="40"/> </div> <div class="form-row"> - <input type="submit" name="change_password_button" value="Save"> + <input type="submit" name="change_password_button" value="Save"/> </div> </form> </div> %if user.values or user_info_forms: -<p></p> -<div class="toolForm"> - <form name="user_info" id="user_info" action="${h.url_for( controller='user', action='edit_info', user_id=user.id, admin_view=admin_view )}" method="post" > - <div class="toolFormTitle">User information</div> - %if user_info_select: + <p></p> + <div class="toolForm"> + <form name="user_info" id="user_info" action="${h.url_for( controller='user', action='edit_info', user_id=user.id, admin_view=admin_view )}" method="post" > + <div class="toolFormTitle">User information</div> + %if user_info_select: + <div class="form-row"> + <label>User type:</label> + ${user_info_select.get_html()} + </div> + %endif + + %for field in widgets: + <div class="form-row"> + <label>${field['label']}:</label> + ${field['widget'].get_html()} + <div class="toolParamHelp" style="clear: both;"> + ${field['helptext']} + </div> + <div style="clear: both"></div> + </div> + %endfor + %if not user_info_select: + <input type="hidden" name="user_info_select" value="${user_info_form.id}"/> + %endif + <div class="form-row"> - <label>User type</label> - ${user_info_select.get_html()} + <input type="submit" name="edit_user_info_button" value="Save"/> </div> - %endif - - %for field in widgets: - <div class="form-row"> - <label>${field['label']}</label> - ${field['widget'].get_html()} - <div class="toolParamHelp" style="clear: both;"> - ${field['helptext']} - </div> - <div style="clear: both"></div> - </div> - %endfor - %if not user_info_select: - <input type="hidden" name="user_info_select" value="${user_info_form.id}"/> - %endif - - <div class="form-row"> - <input type="submit" name="edit_user_info_button" value="Save"> - </div> - </form> -</div> + </form> + </div> %endif <p></p> <div class="toolForm"> @@ -139,7 +143,7 @@ <tr class="libraryRow libraryOrFolderRow" id="libraryRow"> <td> <div class="form-row"> - <label>${address.desc}</label> + <label>${address.desc}:</label> ${address.get_html()} </div> <div class="form-row"> @@ -167,10 +171,6 @@ <div class="form-row"> <input type="submit" value="Add a new address"> </div> - </div> - </form> - - - - -</div> \ No newline at end of file + </div> + </form> +</div> diff -r feff604427ee -r 193e5f4e2444 templates/user/login.mako --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/templates/user/login.mako Wed Mar 31 09:42:50 2010 -0400 @@ -0,0 +1,30 @@ +<%inherit file="/base.mako"/> +<%namespace file="/message.mako" import="render_msg" /> + +%if msg: + ${render_msg( msg, messagetype )} +%endif +<div class="toolForm"> + <div class="toolFormTitle">Login</div> + %if header: + ${header} + %endif + <form name="login" id="login" action="${h.url_for( controller='user', action='login' )}" method="post" > + <div class="form-row"> + <label>Email address:</label> + <input type="text" name="email" value="" size="40"/> + <input type="hidden" name="webapp" value="${webapp}" size="40"/> + <input type="hidden" name="referer" value="${trans.request.referer}" size="40"/> + </div> + <div class="form-row"> + <label>Password:</label> + <input type="password" name="password" value="" size="40"/> + <div class="toolParamHelp" style="clear: both;"> + <a href="${h.url_for( controller='user', action='reset_password', webapp=webapp, use_panels=use_panels )}">Forgot password? Reset here</a> + </div> + </div> + <div class="form-row"> + <input type="submit" name="login_button" value="Login"/> + </div> + </form> +</div> diff -r feff604427ee -r 193e5f4e2444 templates/user/register.mako --- a/templates/user/register.mako Tue Mar 30 17:03:29 2010 -0400 +++ b/templates/user/register.mako Wed Mar 31 09:42:50 2010 -0400 @@ -1,15 +1,6 @@ -<%inherit file="/base_panels.mako"/> +<%inherit file="/base.mako"/> <%namespace file="/message.mako" import="render_msg" /> -<%def name="init()"> -<% - self.has_left_panel=False - self.has_right_panel=False - self.active_view="user" - self.message_box_visible=False -%> -</%def> - <%def name="javascripts()"> ${parent.javascripts()} <script type="text/javascript"> @@ -36,64 +27,68 @@ }); }); </script> - </%def> -<%def name="center_panel()"> - %if msg: - ${render_msg( msg, messagetype )} - %endif - - <div class="toolForm" style="margin: 1em"> - <form name="registration" id="registration" action="${h.url_for( controller='user', action='create', admin_view=admin_view )}" method="post" > - <div class="toolFormTitle">Create account</div> +<% + from galaxy.web.form_builder import CheckboxField + subscribe_check_box = CheckboxField( 'subscribe' ) +%> +%if msg: + ${render_msg( msg, messagetype )} +%endif +<div class="toolForm"> + <form name="registration" id="registration" action="${h.url_for( controller='user', action='create', admin_view=admin_view )}" method="post" > + <div class="toolFormTitle">Create account</div> + <div class="form-row"> + <label>Email address:</label> + <input type="text" name="email" value="${email}" size="40"/> + <input type="hidden" name="webapp" value="${webapp}" size="40"/> + </div> + <div class="form-row"> + <label>Password:</label> + <input type="password" name="password" value="${password}" size="40"/> + </div> + <div class="form-row"> + <label>Confirm password:</label> + <input type="password" name="confirm" value="${confirm}" size="40"/> + </div> + <div class="form-row"> + <label>Public user name:</label> + <input type="text" name="username" size="40" value="${username}"/> + <div class="toolParamHelp" style="clear: both;"> + When you share or publish items, this name is shown as the author. + </div> + </div> + <div class="form-row"> + <label>Subscribe to mailing list:</label> + %if subscribe_checked: + <% subscribe_check_box.checked = True %> + %endif + ${subscribe_check_box.get_html()} + </div> + %if user_info_select: <div class="form-row"> - <label>Email</label> - ${login_info[ 'Email' ].get_html()} + <label>User type</label> + ${user_info_select.get_html()} </div> - <div class="form-row"> - <label>Password</label> - ${login_info[ 'Password' ].get_html()} - </div> - <div class="form-row"> - <label>Confirm Password</label> - ${login_info[ 'Confirm' ].get_html()} - </div> - <div class="form-row"> - <label>Public Username</label> - ${login_info[ 'Public Username' ].get_html()} - <div class="toolParamHelp" style="clear: both;"> - When you share or publish items, this name is shown as the author. + %endif + %if user_info_form: + %for field in widgets: + <div class="form-row"> + <label>${field['label']}</label> + ${field['widget'].get_html()} + <div class="toolParamHelp" style="clear: both;"> + ${field['helptext']} + </div> + <div style="clear: both"></div> </div> - </div> - <div class="form-row"> - <label>Subscribe To Mailing List</label> - ${login_info[ 'Subscribe To Mailing List' ].get_html()} - </div> - %if user_info_select: - <div class="form-row"> - <label>User type</label> - ${user_info_select.get_html()} - </div> - %endif - %if user_info_form: - %for field in widgets: - <div class="form-row"> - <label>${field['label']}</label> - ${field['widget'].get_html()} - <div class="toolParamHelp" style="clear: both;"> - ${field['helptext']} - </div> - <div style="clear: both"></div> - </div> - %endfor - %if not user_info_select: - <input type="hidden" name="user_info_select" value="${user_info_form.id}"/> - %endif - %endif - <div class="form-row"> - <input type="submit" name="create_user_button" value="Submit"> - </div> - </form> - </div> -</%def> \ No newline at end of file + %endfor + %if not user_info_select: + <input type="hidden" name="user_info_select" value="${user_info_form.id}"/> + %endif + %endif + <div class="form-row"> + <input type="submit" name="create_user_button" value="Submit"/> + </div> + </form> +</div> diff -r feff604427ee -r 193e5f4e2444 templates/user/reset_password.mako --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/templates/user/reset_password.mako Wed Mar 31 09:42:50 2010 -0400 @@ -0,0 +1,21 @@ +<%inherit file="/base.mako"/> +<%namespace file="/message.mako" import="render_msg" /> + +%if msg: + ${render_msg( msg, messagetype )} +%endif + +<div class="toolForm"> + <div class="toolFormTitle">Login</div> + <form name="reset_password" id="reset_password" action="${h.url_for( controller='user', action='reset_password' )}" method="post" > + <div class="form-row"> + <label>Email:</label> + <input type="text" name="email" value="" size="40"/> + <input type="hidden" name="webapp" value="${webapp}" size="40"/> + </div> + <div style="clear: both"></div> + <div class="form-row"> + <input type="submit" name="reset_password_button" value="Submit"/> + </div> + </form> +</div> diff -r feff604427ee -r 193e5f4e2444 test/base/test_db_util.py --- a/test/base/test_db_util.py Tue Mar 30 17:03:29 2010 -0400 +++ b/test/base/test_db_util.py Wed Mar 31 09:42:50 2010 -0400 @@ -4,6 +4,13 @@ from base.twilltestcase import * import sys +def delete_obj( obj ): + sa_session.delete( obj ) + sa_session.flush() +def delete_user_roles( user ): + for ura in user.roles: + sa_session.delete( ura ) + sa_session.flush() def flush( obj ): sa_session.add( obj ) sa_session.flush() @@ -106,9 +113,15 @@ return sa_session.query( galaxy.model.UserGroupAssociation ) \ .filter( galaxy.model.UserGroupAssociation.table.c.group_id == group.id ) \ .all() +def get_user_info_form_definition(): + return galaxy.model.FormDefinition.types.USER_INFO def get_user_role_associations_by_role( role ): return sa_session.query( galaxy.model.UserRoleAssociation ) \ .filter( galaxy.model.UserRoleAssociation.table.c.role_id == role.id ) \ .all() +def mark_form_deleted( form ): + form.current.deleted = True + sa_session.add( form ) + sa_session.flush() def refresh( obj ): sa_session.refresh( obj ) diff -r feff604427ee -r 193e5f4e2444 test/base/twilltestcase.py --- a/test/base/twilltestcase.py Tue Mar 30 17:03:29 2010 -0400 +++ b/test/base/twilltestcase.py Wed Mar 31 09:42:50 2010 -0400 @@ -280,7 +280,7 @@ num_deleted = len( id.split( ',' ) ) self.home() self.visit_page( "history/list?operation=delete&id=%s" % ( id ) ) - check_str = 'Deleted %d %s' % ( num_deleted, iff( num_deleted != 1, "histories","history") ) + check_str = 'Deleted %d %s' % ( num_deleted, iff( num_deleted != 1, "histories", "history" ) ) self.check_page_for_string( check_str ) self.home() def delete_current_history( self, check_str='' ): @@ -793,41 +793,41 @@ self.assertTrue( genome_build == dbkey ) # Functions associated with user accounts - def create( self, email='test@bx.psu.edu', password='testuser' ): - self.home() - # Create user, setting username to email. - self.visit_page( "user/create?email=%s&username=%s&password=%s&confirm=%s&create_user_button=Submit" % ( email, email, password, password ) ) - self.check_page_for_string( "now logged in as %s" %email ) - self.home() + def create( self, email='test@bx.psu.edu', password='testuser', username='admin-user', webapp='galaxy' ): + # HACK: don't use panels because late_javascripts() messes up the twill browser and it + # can't find form fields (and hence user can't be logged in). + self.visit_url( "%s/user/create?use_panels=False&webapp=%s" % ( self.url, webapp ) ) + tc.fv( '1', 'email', email ) + tc.fv( '1', 'password', password ) + tc.fv( '1', 'confirm', password ) + tc.fv( '1', 'username', username ) + tc.submit( 'create_user_button' ) + self.check_page_for_string( "now logged in as %s" % email ) # Make sure a new private role was created for the user - self.visit_page( "user/set_default_permissions" ) + self.visit_url( "%s/user/set_default_permissions" % self.url ) self.check_page_for_string( email ) self.home() def create_user_with_info( self, email, password, username, user_info_forms, user_info_form_id, user_info_values ): ''' This method registers a new user and also provides use info ''' - self.home() if user_info_forms == 'multiple': - self.visit_page( "user/create?user_info_select=%i&admin_view=False" % user_info_form_id ) + self.visit_url( "%s/user/create?user_info_select=%i&admin_view=False&use_panels=False" % ( self.url, user_info_form_id ) ) else: - self.visit_page( "user/create?admin_view=False" ) - print self.write_temp_file( self.last_page() ) + self.visit_url( "%s/user/create?admin_view=False&use_panels=False" % self.url ) + ##print self.write_temp_file( self.last_page() ) self.check_page_for_string( "Create account" ) - tc.fv( "2", "email", email ) - tc.fv( "2", "password", password ) - tc.fv( "2", "confirm", password ) - tc.fv( "2", "username", username ) + tc.fv( "1", "email", email ) + tc.fv( "1", "password", password ) + tc.fv( "1", "confirm", password ) + tc.fv( "1", "username", username ) if user_info_forms == 'multiple': self.check_page_for_string( "User type" ) for index, info_value in enumerate(user_info_values): - tc.fv( "2", "field_%i" % index, info_value ) + tc.fv( "1", "field_%i" % index, info_value ) tc.submit( "create_user_button" ) - self.check_page_for_string( "ogged in as %s" % email ) def create_user_with_info_as_admin( self, email, password, username, user_info_forms, user_info_form_id, user_info_values ): - ''' - This method registers a new user and also provides use info as an admin - ''' + # This method creates a new user with associated info self.home() if user_info_forms == 'multiple': self.visit_page( "admin/users?operation=create?user_info_select=%i&admin_view=False" % user_info_form_id ) @@ -844,16 +844,15 @@ tc.fv( "2", "field_%i" % index, info_value ) tc.submit( "create_user_button" ) self.check_page_for_string( "Created new user account (%s)" % email ) - def edit_login_info( self, new_email, new_username ): + def edit_login_info( self, new_email, new_username, check_str1='' ): self.home() - self.visit_page( "user/show_info" ) + self.visit_url( "%s/user/show_info" % self.url ) self.check_page_for_string( "Manage User Information" ) tc.fv( "1", "email", new_email ) tc.fv( "1", "username", new_username ) tc.submit( "login_info_button" ) - self.check_page_for_string( 'The login information has been updated with the changes' ) - self.check_page_for_string( new_email ) - self.check_page_for_string( new_username ) + if check_str1: + self.check_page_for_string( check_str1 ) def change_password( self, password, new_password ): self.home() self.visit_page( "user/show_info" ) @@ -907,13 +906,14 @@ self.visit_url( "%s/%s" % ( self.url, url ) ) self.check_page_for_string( 'Default history permissions have been changed.' ) self.home() - def login( self, email='test@bx.psu.edu', password='testuser' ): + def login( self, email='test@bx.psu.edu', password='testuser', username='admin-user', webapp='galaxy' ): # test@bx.psu.edu is configured as an admin user try: - self.create( email=email, password=password ) + self.create( email=email, password=password, username=username, webapp=webapp ) except: self.home() - # HACK: don't use panels because late_javascripts() messes up the twill browser and it can't find form fields (and hence user can't be logged in). + # HACK: don't use panels because late_javascripts() messes up the twill browser and it + # can't find form fields (and hence user can't be logged in). self.visit_url( "%s/user/login?use_panels=False" % self.url ) tc.fv( '1', 'email', email ) tc.fv( '1', 'password', password ) @@ -1161,12 +1161,14 @@ # Dataset Security stuff # Tests associated with users - def create_new_account_as_admin( self, email='test4@bx.psu.edu', password='testuser' ): + def create_new_account_as_admin( self, email='test4@bx.psu.edu', password='testuser', username='regular-user4' ): """Create a new account for another user""" - # TODO: fix this so that it uses the form rather than the following URL. - self.home() - self.visit_url( "%s/user/create?admin_view=True&email=%s&password=%s&confirm=%s&create_user_button=Submit&subscribe=False" \ - % ( self.url, email, password, password ) ) + self.visit_url( "%s/user/create?admin_view=True" % self.url ) + tc.fv( '1', 'email', email ) + tc.fv( '1', 'password', password ) + tc.fv( '1', 'confirm', password ) + tc.fv( '1', 'username', username ) + tc.submit( 'create_user_button' ) try: self.check_page_for_string( "Created new user account" ) previously_created = False diff -r feff604427ee -r 193e5f4e2444 test/functional/test_admin_features.py --- a/test/functional/test_admin_features.py Tue Mar 30 17:03:29 2010 -0400 +++ b/test/functional/test_admin_features.py Wed Mar 31 09:42:50 2010 -0400 @@ -5,17 +5,17 @@ def test_000_initiate_users( self ): """Ensuring all required user accounts exist""" self.logout() - self.login( email='test1@bx.psu.edu' ) + self.login( email='test1@bx.psu.edu', username='regular-user1' ) global regular_user1 regular_user1 = get_user( 'test1@bx.psu.edu' ) assert regular_user1 is not None, 'Problem retrieving user with email "test1@bx.psu.edu" from the database' self.logout() - self.login( email='test2@bx.psu.edu' ) + self.login( email='test2@bx.psu.edu', username='regular-user2' ) global regular_user2 regular_user2 = get_user( 'test2@bx.psu.edu' ) assert regular_user2 is not None, 'Problem retrieving user with email "test2@bx.psu.edu" from the database' self.logout() - self.login( email='test@bx.psu.edu' ) + self.login( email='test@bx.psu.edu', username='admin-user' ) global admin_user admin_user = get_user( 'test@bx.psu.edu' ) assert admin_user is not None, 'Problem retrieving user with email "test@bx.psu.edu" from the database' @@ -24,7 +24,7 @@ # Logged in as admin_user email = 'test3@bx.psu.edu' password = 'testuser' - previously_created = self.create_new_account_as_admin( email=email, password=password ) + previously_created = self.create_new_account_as_admin( email=email, password=password, username='regular-user3' ) # Get the user object for later tests global regular_user3 regular_user3 = get_user( email ) diff -r feff604427ee -r 193e5f4e2444 test/functional/test_data_security.py --- a/test/functional/test_data_security.py Tue Mar 30 17:03:29 2010 -0400 +++ b/test/functional/test_data_security.py Wed Mar 31 09:42:50 2010 -0400 @@ -5,28 +5,28 @@ def test_000_initiate_users( self ): """Ensuring all required user accounts exist""" self.logout() - self.login( email='test1@bx.psu.edu' ) + self.login( email='test1@bx.psu.edu', username='regular-user1' ) global regular_user1 regular_user1 = get_user( 'test1@bx.psu.edu' ) assert regular_user1 is not None, 'Problem retrieving user with email "test1@bx.psu.edu" from the database' global regular_user1_private_role regular_user1_private_role = get_private_role( regular_user1 ) self.logout() - self.login( email='test2@bx.psu.edu' ) + self.login( email='test2@bx.psu.edu', username='regular-user2' ) global regular_user2 regular_user2 = get_user( 'test2@bx.psu.edu' ) assert regular_user2 is not None, 'Problem retrieving user with email "test2@bx.psu.edu" from the database' global regular_user2_private_role regular_user2_private_role = get_private_role( regular_user2 ) self.logout() - self.login( email='test3@bx.psu.edu' ) + self.login( email='test3@bx.psu.edu', username='regular-user3' ) global regular_user3 regular_user3 = get_user( 'test3@bx.psu.edu' ) assert regular_user3 is not None, 'Problem retrieving user with email "test3@bx.psu.edu" from the database' global regular_user3_private_role regular_user3_private_role = get_private_role( regular_user3 ) self.logout() - self.login( email='test@bx.psu.edu' ) + self.login( email='test@bx.psu.edu', username='admin-user' ) global admin_user admin_user = get_user( 'test@bx.psu.edu' ) assert admin_user is not None, 'Problem retrieving user with email "test@bx.psu.edu" from the database' diff -r feff604427ee -r 193e5f4e2444 test/functional/test_history_functions.py --- a/test/functional/test_history_functions.py Tue Mar 30 17:03:29 2010 -0400 +++ b/test/functional/test_history_functions.py Wed Mar 31 09:42:50 2010 -0400 @@ -22,7 +22,7 @@ assert anonymous_history is not None, "Problem retrieving anonymous_history from database" # Upload a dataset to anonymous_history so it will be set as the current history after login self.upload_file( '1.bed', dbkey='hg18' ) - self.login( email='test1@bx.psu.edu' ) + self.login( email='test1@bx.psu.edu', username='regular-user1' ) global regular_user1 regular_user1 = sa_session.query( galaxy.model.User ) \ .filter( galaxy.model.User.table.c.email=='test1@bx.psu.edu' ) \ @@ -35,21 +35,21 @@ self.login( email=regular_user1.email ) self.check_history_for_string( name ) self.logout() - self.login( email='test2@bx.psu.edu' ) + self.login( email='test2@bx.psu.edu', username='regular-user2' ) global regular_user2 regular_user2 = sa_session.query( galaxy.model.User ) \ .filter( galaxy.model.User.table.c.email=='test2@bx.psu.edu' ) \ .first() assert regular_user2 is not None, 'Problem retrieving user with email "test2@bx.psu.edu" from the database' self.logout() - self.login( email='test3@bx.psu.edu' ) + self.login( email='test3@bx.psu.edu', username='regular-user3' ) global regular_user3 regular_user3 = sa_session.query( galaxy.model.User ) \ .filter( galaxy.model.User.table.c.email=='test3@bx.psu.edu' ) \ .first() assert regular_user3 is not None, 'Problem retrieving user with email "test3@bx.psu.edu" from the database' self.logout() - self.login( email='test@bx.psu.edu' ) + self.login( email='test@bx.psu.edu', username='admin-user' ) global admin_user admin_user = sa_session.query( galaxy.model.User ) \ .filter( galaxy.model.User.table.c.email=='test@bx.psu.edu' ) \ diff -r feff604427ee -r 193e5f4e2444 test/functional/test_library_features.py --- a/test/functional/test_library_features.py Tue Mar 30 17:03:29 2010 -0400 +++ b/test/functional/test_library_features.py Wed Mar 31 09:42:50 2010 -0400 @@ -5,28 +5,28 @@ def test_000_initiate_users( self ): """Ensuring all required user accounts exist""" self.logout() - self.login( email='test1@bx.psu.edu' ) + self.login( email='test1@bx.psu.edu', username='regular-user1' ) global regular_user1 regular_user1 = get_user( 'test1@bx.psu.edu' ) assert regular_user1 is not None, 'Problem retrieving user with email "test1@bx.psu.edu" from the database' global regular_user1_private_role regular_user1_private_role = get_private_role( regular_user1 ) self.logout() - self.login( email='test2@bx.psu.edu' ) + self.login( email='test2@bx.psu.edu', username='regular-user2' ) global regular_user2 regular_user2 = get_user( 'test2@bx.psu.edu' ) assert regular_user2 is not None, 'Problem retrieving user with email "test2@bx.psu.edu" from the database' global regular_user2_private_role regular_user2_private_role = get_private_role( regular_user2 ) self.logout() - self.login( email='test3@bx.psu.edu' ) + self.login( email='test3@bx.psu.edu', username='regular-user3' ) global regular_user3 regular_user3 = get_user( 'test3@bx.psu.edu' ) assert regular_user3 is not None, 'Problem retrieving user with email "test3@bx.psu.edu" from the database' global regular_user3_private_role regular_user3_private_role = get_private_role( regular_user3 ) self.logout() - self.login( email='test@bx.psu.edu' ) + self.login( email='test@bx.psu.edu', username='admin-user' ) global admin_user admin_user = get_user( 'test@bx.psu.edu' ) assert admin_user is not None, 'Problem retrieving user with email "test@bx.psu.edu" from the database' diff -r feff604427ee -r 193e5f4e2444 test/functional/test_library_security.py --- a/test/functional/test_library_security.py Tue Mar 30 17:03:29 2010 -0400 +++ b/test/functional/test_library_security.py Wed Mar 31 09:42:50 2010 -0400 @@ -5,28 +5,28 @@ def test_000_initiate_users( self ): """Ensuring all required user accounts exist""" self.logout() - self.login( email='test1@bx.psu.edu' ) + self.login( email='test1@bx.psu.edu', username='regular-user1' ) global regular_user1 regular_user1 = get_user( 'test1@bx.psu.edu' ) assert regular_user1 is not None, 'Problem retrieving user with email "test1@bx.psu.edu" from the database' global regular_user1_private_role regular_user1_private_role = get_private_role( regular_user1 ) self.logout() - self.login( email='test2@bx.psu.edu' ) + self.login( email='test2@bx.psu.edu', username='regular-user2' ) global regular_user2 regular_user2 = get_user( 'test2@bx.psu.edu' ) assert regular_user2 is not None, 'Problem retrieving user with email "test2@bx.psu.edu" from the database' global regular_user2_private_role regular_user2_private_role = get_private_role( regular_user2 ) self.logout() - self.login( email='test3@bx.psu.edu' ) + self.login( email='test3@bx.psu.edu', username='regular-user3' ) global regular_user3 regular_user3 = get_user( 'test3@bx.psu.edu' ) assert regular_user3 is not None, 'Problem retrieving user with email "test3@bx.psu.edu" from the database' global regular_user3_private_role regular_user3_private_role = get_private_role( regular_user3 ) self.logout() - self.login( email='test@bx.psu.edu' ) + self.login( email='test@bx.psu.edu', username='admin-user' ) global admin_user admin_user = get_user( 'test@bx.psu.edu' ) assert admin_user is not None, 'Problem retrieving user with email "test@bx.psu.edu" from the database' diff -r feff604427ee -r 193e5f4e2444 test/functional/test_metadata_editing.py --- a/test/functional/test_metadata_editing.py Tue Mar 30 17:03:29 2010 -0400 +++ b/test/functional/test_metadata_editing.py Wed Mar 31 09:42:50 2010 -0400 @@ -8,7 +8,7 @@ def test_00_metadata_edit( self ): """test_metadata_edit: Testing metadata editing""" self.logout() - self.login( email='test@bx.psu.edu' ) + self.login( email='test@bx.psu.edu', username='admin-user' ) admin_user = sa_session.query( galaxy.model.User ) \ .filter( galaxy.model.User.table.c.email=='test@bx.psu.edu' ) \ .one() diff -r feff604427ee -r 193e5f4e2444 test/functional/test_user_info.py --- a/test/functional/test_user_info.py Tue Mar 30 17:03:29 2010 -0400 +++ b/test/functional/test_user_info.py Wed Mar 31 09:42:50 2010 -0400 @@ -1,38 +1,55 @@ -import galaxy.model -from galaxy.model.orm import * -from galaxy.model.mapping import context as sa_session from base.twilltestcase import * +from base.test_db_util import * not_logged_in_as_admin_security_msg = 'You must be logged in as an administrator to access this feature.' logged_in_as_admin_security_msg = 'You must be an administrator to access this feature.' not_logged_in_security_msg = 'You must be logged in to create/submit sequencing requests' +global form_one_name form_one_name = "Student" +global form_two_name form_two_name = "Researcher" -def get_latest_form(form_name): - fdc_list = sa_session.query( galaxy.model.FormDefinitionCurrent ) \ - .filter( galaxy.model.FormDefinitionCurrent.table.c.deleted==False ) \ - .order_by( galaxy.model.FormDefinitionCurrent.table.c.create_time.desc() ) - for fdc in fdc_list: - sa_session.refresh( fdc ) - sa_session.refresh( fdc.latest_form ) - if form_name == fdc.latest_form.name: - return fdc.latest_form - return None - class TestUserInfo( TwillTestCase ): - def test_000_create_user_info_forms( self ): + def test_000_initiate_users( self ): + """Ensuring all required user accounts exist""" + self.logout() + self.login( email='test1@bx.psu.edu', username='regular-user1' ) + global regular_user1 + regular_user1 = get_user( 'test1@bx.psu.edu' ) + assert regular_user1 is not None, 'Problem retrieving user with email "test1@bx.psu.edu" from the database' + global regular_user1_private_role + regular_user1_private_role = get_private_role( regular_user1 ) + self.logout() + self.login( email='test2@bx.psu.edu', username='regular-user2' ) + global regular_user2 + regular_user2 = get_user( 'test2@bx.psu.edu' ) + assert regular_user2 is not None, 'Problem retrieving user with email "test2@bx.psu.edu" from the database' + global regular_user2_private_role + regular_user2_private_role = get_private_role( regular_user2 ) + self.logout() + self.login( email='test3@bx.psu.edu', username='regular-user3' ) + global regular_user3 + regular_user3 = get_user( 'test3@bx.psu.edu' ) + assert regular_user3 is not None, 'Problem retrieving user with email "test3@bx.psu.edu" from the database' + global regular_user3_private_role + regular_user3_private_role = get_private_role( regular_user3 ) + self.logout() + self.login( email='test@bx.psu.edu', username='admin-user' ) + global admin_user + admin_user = get_user( 'test@bx.psu.edu' ) + assert admin_user is not None, 'Problem retrieving user with email "test@bx.psu.edu" from the database' + global admin_user_private_role + admin_user_private_role = get_private_role( admin_user ) + def test_005_create_user_info_forms( self ): """Testing creating a new user info form and editing it""" - self.logout() - self.login( email='test@bx.psu.edu' ) - # create a the first form - global form_one_name + # Logged in as admin_user + # Create a the first form name = form_one_name desc = "This is Student user info form's description" - formtype = galaxy.model.FormDefinition.types.USER_INFO + formtype = get_user_info_form_definition() self.create_form( name=name, desc=desc, formtype=formtype, num_fields=0 ) # Get the form_definition object for later tests - form_one = get_latest_form(form_one_name) + form_one = get_form( form_one_name ) assert form_one is not None, 'Problem retrieving form named "%s" from the database' % name # edit form & add few more fields fields = [dict(name='Affiliation', @@ -48,17 +65,20 @@ desc='', type='CheckboxField', required='optional')] - form_one = get_latest_form(form_one_name) - self.form_add_field(form_one.current.id, form_one.name, form_one.desc, form_one.type, field_index=len(form_one.fields), fields=fields) - form_one_latest = get_latest_form(form_one_name) - assert len(form_one_latest.fields) == len(form_one.fields)+len(fields) + self.form_add_field( form_one.current.id, + form_one.name, + form_one.desc, + form_one.type, + field_index=len( form_one.fields ), + fields=fields) + form_one_latest = get_form( form_one_name ) + assert len( form_one_latest.fields ) == len( form_one.fields ) + len( fields ) # create the second form - global form_two_name name = form_two_name desc = "This is Researcher user info form's description" self.create_form( name=name, desc=desc, formtype=formtype, num_fields=0 ) # Get the form_definition object for later tests - form_two = get_latest_form(form_two_name) + form_two = get_form( form_two_name ) assert form_two is not None, 'Problem retrieving form named "%s" from the database' % name # edit form & add few more fields fields = [dict(name='Affiliation', @@ -74,94 +94,117 @@ desc='', type='CheckboxField', required='optional')] - form_two = get_latest_form(form_two_name) - self.form_add_field(form_two.current.id, form_two.name, form_two.desc, form_two.type, field_index=len(form_one.fields), fields=fields) - form_two_latest = get_latest_form(form_two_name) - assert len(form_two_latest.fields) == len(form_two.fields)+len(fields) - def test_005_user_reqistration_multiple_user_info_forms( self ): + self.form_add_field( form_two.current.id, + form_two.name, + form_two.desc, + form_two.type, + field_index=len( form_one.fields ), + fields=fields ) + form_two_latest = get_form( form_two_name ) + assert len( form_two_latest.fields ) == len( form_two.fields ) + len( fields ) + def test_010_user_reqistration_multiple_user_info_forms( self ): ''' Testing user registration with multiple user info forms ''' + # Logged in as admin_user self.logout() - # user a new user with 'Student' user info form - form_one = get_latest_form(form_one_name) + # Create a new user with 'Student' user info form + form_one = get_form(form_one_name) user_info_values=['Educational', 'Penn State', True] - self.create_user_with_info( 'test11@bx.psu.edu', 'testuser', 'test11', + self.create_user_with_info( 'test11@bx.psu.edu', + 'testuser', + 'test11', user_info_forms='multiple', user_info_form_id=form_one.id, user_info_values=user_info_values ) - self.home() - self.visit_page( "user/show_info" ) + global regular_user11 + regular_user11 = get_user( 'test11@bx.psu.edu' ) + assert regular_user11 is not None, 'Problem retrieving user with email "test11@bx.psu.edu" from the database' + global regular_user11_private_role + regular_user11_private_role = get_private_role( regular_user11 ) + self.logout() + self.login( email=regular_user11.email, username='regular-user11' ) + self.visit_url( "%s/user/show_info" % self.url ) self.check_page_for_string( "Manage User Information" ) self.check_page_for_string( user_info_values[0] ) self.check_page_for_string( user_info_values[1] ) self.check_page_for_string( '<input type="checkbox" name="field_2" value="true" checked>' ) - def test_010_user_reqistration_single_user_info_forms( self ): + def test_015_user_reqistration_single_user_info_forms( self ): ''' Testing user registration with a single user info form ''' - # lets delete the 'Researcher' user info form - self.login( 'test@bx.psu.edu' ) - form_two_latest = get_latest_form(form_two_name) - form_two_latest.current.deleted = True - sa_session.add( form_two_latest.current ) - sa_session.flush() - self.home() - self.visit_page('forms/manage?sort=create_time&f-deleted=True') - self.check_page_for_string(form_two_latest.name) + # Logged in as regular_user_11 self.logout() - # user a new user with 'Student' user info form - form_one = get_latest_form(form_one_name) + self.login( email=admin_user.email ) + # Delete the 'Researcher' user info form + form_two_latest = get_form( form_two_name ) + mark_form_deleted( form_two_latest ) + self.visit_url( '%s/forms/manage?sort=create_time&f-deleted=True' % self.url ) + self.check_page_for_string( form_two_latest.name ) + # Create a new user with 'Student' user info form + form_one = get_form( form_one_name ) user_info_values=['Educational', 'Penn State', True] self.create_user_with_info( 'test12@bx.psu.edu', 'testuser', 'test12', user_info_forms='single', user_info_form_id=form_one.id, user_info_values=user_info_values ) - self.home() - self.visit_page( "user/show_info" ) + global regular_user12 + regular_user12 = get_user( 'test12@bx.psu.edu' ) + assert regular_user12 is not None, 'Problem retrieving user with email "test12@bx.psu.edu" from the database' + global regular_user12_private_role + regular_user12_private_role = get_private_role( regular_user12 ) + self.logout() + self.login( email=regular_user12.email, username='regular-user12' ) + self.visit_url( "%s/user/show_info" % self.url ) self.check_page_for_string( "Manage User Information" ) self.check_page_for_string( user_info_values[0] ) self.check_page_for_string( user_info_values[1] ) self.check_page_for_string( '<input type="checkbox" name="field_2" value="true" checked>' ) - def test_015_edit_user_info( self ): + def test_020_edit_user_info( self ): """Testing editing user info as a regular user""" - self.logout() - self.login( 'test11@bx.psu.edu' ) - user = sa_session.query( galaxy.model.User ) \ - .filter( and_( galaxy.model.User.table.c.email=='test11@bx.psu.edu' ) ).first() - self.edit_login_info( new_email='test11_new@bx.psu.edu', new_username='test11_new' ) + # Logged in as regular_user_12 + # Test changing email and user name - first try an invalid user name + self.edit_login_info( new_email='test12_new@bx.psu.edu', + new_username='test12_new', + check_str1='User name must contain only letters, numbers and' ) + # Now try a valid user name + self.edit_login_info( new_email='test12_new@bx.psu.edu', + new_username='test12-new', + check_str1='The login information has been updated with the changes' ) + # Since we changed the user's account. make sure the user's private role was changed accordingly + if not get_private_role( regular_user12 ): + raise AssertionError, "The private role for %s was not correctly set when their account (email) was changed" % regular_user12.email + # Test changing password self.change_password( 'testuser', 'testuser#' ) self.logout() - self.login( email='test11_new@bx.psu.edu', password='testuser#' ) - self.edit_login_info( new_email='test11@bx.psu.edu', new_username='test11' ) - self.change_password( 'testuser#', 'testuser' ) + refresh( regular_user12 ) + # Test logging in with new email and password + self.login( email=regular_user12.email, password='testuser#' ) + # Test editing the user info self.edit_user_info( ['Research', 'PSU'] ) - def test_020_create_user_as_admin( self ): - ''' Testing creating users as an admin ''' + def test_999_reset_data_for_later_test_runs( self ): + # Logged in as regular_user_12 self.logout() - self.login( 'test@bx.psu.edu' ) - form_one = get_latest_form(form_one_name) - user_info_values=['Educational', 'Penn State', True] - self.create_user_with_info( 'test13@bx.psu.edu', 'testuser', 'test13', - user_info_forms='single', - user_info_form_id=form_one.id, - user_info_values=user_info_values ) - self.logout() - self.login( 'test@bx.psu.edu' ) - user = sa_session.query( galaxy.model.User ) \ - .filter( and_( galaxy.model.User.table.c.email=='test13@bx.psu.edu' ) ).first() - self.home() - page = "admin/users?id=%s&operation=information&f-deleted=False" % self.security.encode_id( user.id ) - self.visit_page( page ) - self.check_page_for_string( 'Manage User Information' ) - self.check_page_for_string( 'test13@bx.psu.edu' ) - self.check_page_for_string( user_info_values[0] ) - self.check_page_for_string( user_info_values[1] ) - self.check_page_for_string( '<input type="checkbox" name="field_2" value="true" checked>' ) - # lets delete the 'Student' user info form - self.login( 'test@bx.psu.edu' ) - form_one_latest = get_latest_form(form_one_name) - form_one_latest.current.deleted = True - sa_session.add( form_one_latest.current ) - sa_session.flush() - self.home() - self.visit_page('forms/manage?sort=create_time&f-deleted=True') - self.check_page_for_string(form_one_latest.name) - self.logout() - + self.login( email=admin_user.email ) + ############### + # Mark form_one as deleted ( form_two was marked deleted earlier ) + ############### + form_latest = get_form( form_one_name ) + mark_form_deleted( form_latest ) + ############### + # Manually delete the test_user11 + ############### + self.mark_user_deleted( user_id=self.security.encode_id( regular_user11.id ), email=regular_user11.email ) + refresh( regular_user11 ) + self.purge_user( self.security.encode_id( regular_user11.id ), regular_user11.email ) + refresh( regular_user11 ) + # We should now only the the user and his private role + delete_user_roles( regular_user11 ) + delete_obj( regular_user11 ) + ############### + # Manually delete the test_user12 + ############### + refresh( regular_user12 ) + self.mark_user_deleted( user_id=self.security.encode_id( regular_user12.id ), email=regular_user12.email ) + refresh( regular_user12 ) + self.purge_user( self.security.encode_id( regular_user12.id ), regular_user12.email ) + refresh( regular_user12 ) + # We should now only the the user and his private role + delete_user_roles( regular_user12 ) + delete_obj( regular_user12 )