def create_role(self, trans, **kwd): params = util.Params(kwd) message = util.restore_text(params.get('message', '')) status = params.get('status', 'done') name = util.restore_text(params.get('name', '')) description = util.restore_text(params.get('description', '')) in_users = util.listify(params.get('in_users', [])) out_users = util.listify(params.get('out_users', [])) in_groups = util.listify(params.get('in_groups', [])) out_groups = util.listify(params.get('out_groups', [])) create_group_for_role = params.get('create_group_for_role', '') create_group_for_role_checked = CheckboxField.is_checked(create_group_for_role) ok = True if params.get('create_role_button', False): if not name or not description: message = "Enter a valid name and a description." status = 'error' ok = False elif trans.sa_session.query(trans.app.model.Role).filter(trans.app.model.Role.table.c.name == name).first(): message = "Role names must be unique and a role with that name already exists, so choose another name." status = 'error' ok = False else: # Create the role role, num_in_groups = trans.app.security_agent.create_role( name, description, in_users, in_groups, create_group_for_role=create_group_for_role_checked) message = "Role '%s' has been created with %d associated users and %d associated groups. " \ % (role.name, len(in_users), num_in_groups) if create_group_for_role_checked: message += 'One of the groups associated with this role is the newly created group with the same name.' trans.response.send_redirect(web.url_for(controller='admin', action='roles', message=util.sanitize_text(message), status='done')) if ok: for user in trans.sa_session.query(trans.app.model.User) \ .filter(trans.app.model.User.table.c.deleted == false()) \ .order_by(trans.app.model.User.table.c.email): out_users.append((user.id, user.email)) for group in trans.sa_session.query(trans.app.model.Group) \ .filter(trans.app.model.Group.table.c.deleted == false()) \ .order_by(trans.app.model.Group.table.c.name): out_groups.append((group.id, group.name)) return trans.fill_template('/webapps/tool_shed/admin/dataset_security/role/role_create.mako', name=name, description=description, in_users=in_users, out_users=out_users, in_groups=in_groups, out_groups=out_groups, create_group_for_role_checked=create_group_for_role_checked, message=message, status=status)
def edit_review( self, trans, **kwd ): # The value of the received id is the encoded review id. message = escape( kwd.get( 'message', '' ) ) status = kwd.get( 'status', 'done' ) review_id = kwd.get( 'id', None ) review = review_util.get_review( trans.app, review_id ) components_dict = odict() for component in review_util.get_components( trans.app ): components_dict[ component.name ] = dict( component=component, component_review=None ) repository = review.repository repo = hg_util.get_repo_for_repository( trans.app, repository=repository, repo_path=None, create=False ) for component_review in review.component_reviews: if component_review and component_review.component: component_name = component_review.component.name if component_name in components_dict: component_review_dict = components_dict[ component_name ] component_review_dict[ 'component_review' ] = component_review components_dict[ component_name ] = component_review_dict # Handle a Save button click. save_button_clicked = False save_buttons = [ '%s%sreview_button' % ( comp_name, STRSEP ) for comp_name in components_dict.keys() ] save_buttons.append( 'revision_approved_button' ) for save_button in save_buttons: if save_button in kwd: save_button_clicked = True break if save_button_clicked: # Handle the revision_approved_select_field value. revision_approved = kwd.get( 'revision_approved', None ) revision_approved_setting_changed = False if revision_approved: revision_approved = str( revision_approved ) if review.approved != revision_approved: revision_approved_setting_changed = True review.approved = revision_approved trans.sa_session.add( review ) trans.sa_session.flush() saved_component_names = [] for component_name in components_dict.keys(): flushed = False # Retrieve the review information from the form. # The star rating form field is a radio button list, so it will not be received if it was not clicked in the form. # Due to this behavior, default the value to 0. rating = 0 for k, v in kwd.items(): if k.startswith( '%s%s' % ( component_name, STRSEP ) ): component_review_attr = k.replace( '%s%s' % ( component_name, STRSEP ), '' ) if component_review_attr == 'component_id': component_id = str( v ) elif component_review_attr == 'comment': comment = str( v ) elif component_review_attr == 'private': private = CheckboxField.is_checked( v ) elif component_review_attr == 'approved': approved = str( v ) elif component_review_attr == 'rating': rating = int( str( v ) ) component = review_util.get_component( trans.app, component_id ) component_review = \ review_util.get_component_review_by_repository_review_id_component_id( trans.app, review_id, component_id ) if component_review: # See if the existing component review should be updated. if component_review.comment != comment or \ component_review.private != private or \ component_review.approved != approved or \ component_review.rating != rating: component_review.comment = comment component_review.private = private component_review.approved = approved component_review.rating = rating trans.sa_session.add( component_review ) trans.sa_session.flush() flushed = True saved_component_names.append( component_name ) else: # See if a new component_review should be created. if comment or private or approved != trans.model.ComponentReview.approved_states.NO or rating: component_review = trans.model.ComponentReview( repository_review_id=review.id, component_id=component.id, comment=comment, approved=approved, rating=rating ) trans.sa_session.add( component_review ) trans.sa_session.flush() flushed = True saved_component_names.append( component_name ) if flushed: # Update the repository rating value to be the average of all component review ratings. average_rating = trans.sa_session.query( func.avg( trans.model.ComponentReview.table.c.rating ) ) \ .filter( and_( trans.model.ComponentReview.table.c.repository_review_id == review.id, trans.model.ComponentReview.table.c.deleted == false(), trans.model.ComponentReview.table.c.approved != trans.model.ComponentReview.approved_states.NA ) ) \ .scalar() if average_rating is not None: review.rating = int( average_rating ) trans.sa_session.add( review ) trans.sa_session.flush() # Update the information in components_dict. if component_name in components_dict: component_review_dict = components_dict[ component_name ] component_review_dict[ 'component_review' ] = component_review components_dict[ component_name ] = component_review_dict if revision_approved_setting_changed: message += 'Approved value <b>%s</b> saved for this revision.<br/>' % review.approved if saved_component_names: message += 'Reviews were saved for components: %s' % ', '.join( saved_component_names ) if not revision_approved_setting_changed and not saved_component_names: message += 'No changes were made to this review, so nothing was saved.' if review and review.approved: selected_value = review.approved else: selected_value = trans.model.ComponentReview.approved_states.NO revision_approved_select_field = grids_util.build_approved_select_field( trans, name='revision_approved', selected_value=selected_value, for_component=False ) rev, changeset_revision_label = hg_util.get_rev_label_from_changeset_revision( repo, review.changeset_revision ) return trans.fill_template( '/webapps/tool_shed/repository_review/edit_review.mako', repository=repository, review=review, changeset_revision_label=changeset_revision_label, revision_approved_select_field=revision_approved_select_field, components_dict=components_dict, message=message, status=status )
def create(self, trans, cntrller='user', redirect_url='', refresh_frames=None, **kwd): refresh_frames = refresh_frames or [] params = util.Params(kwd) # If the honeypot field is not empty we are dealing with a bot. honeypot_field = params.get('bear_field', '') if honeypot_field != '': return trans.show_error_message("You've been flagged as a possible bot. If you are not, please try registering again and fill the form out carefully. <a target=\"_top\" href=\"%s\">Go to the home page</a>.") % url_for('/') message = util.restore_text(params.get('message', '')) status = params.get('status', 'done') use_panels = util.string_as_bool(kwd.get('use_panels', True)) email = util.restore_text(params.get('email', '')) # Do not sanitize passwords, so take from kwd # instead of params ( which were sanitized ) password = kwd.get('password', '') confirm = kwd.get('confirm', '') username = util.restore_text(params.get('username', '')) subscribe = params.get('subscribe', '') subscribe_checked = CheckboxField.is_checked(subscribe) referer = trans.request.referer or '' redirect = kwd.get('redirect', referer).strip() is_admin = trans.user_is_admin success = False show_user_prepopulate_form = False if not trans.app.config.allow_user_creation and not trans.user_is_admin: message = 'User registration is disabled. Please contact your local Galaxy administrator for an account.' if trans.app.config.error_email_to is not None: message += f' Contact: {trans.app.config.error_email_to}' status = 'error' else: # check user is allowed to register message, status = trans.app.auth_manager.check_registration_allowed(email, username, password) if not message: # Create the user, save all the user info and login to Galaxy if params.get('create_user_button', False): # Check email and password validity message = self.__validate(trans, email, password, confirm, username) if not message: # All the values are valid message, status, user, success = self.__register(trans, subscribe_checked=subscribe_checked, **kwd) if success and not is_admin: # The handle_user_login() method has a call to the history_set_default_permissions() method # (needed when logging in with a history), user needs to have default permissions set before logging in trans.handle_user_login(user) trans.log_event("User created a new account") trans.log_event("User logged in") else: status = 'error' registration_warning_message = trans.app.config.registration_warning_message if success: if is_admin: redirect_url = web.url_for('/admin/users?status=success&message=Created new user account.') else: redirect_url = web.url_for('/') return trans.fill_template('/webapps/tool_shed/user/register.mako', cntrller=cntrller, email=email, username=username, subscribe_checked=subscribe_checked, show_user_prepopulate_form=show_user_prepopulate_form, use_panels=use_panels, redirect=redirect, redirect_url=redirect_url, refresh_frames=refresh_frames, registration_warning_message=registration_warning_message, message=message, status=status)
def create_role(self, trans, **kwd): params = util.Params(kwd) message = util.restore_text(params.get('message', '')) status = params.get('status', 'done') name = util.restore_text(params.get('name', '')) description = util.restore_text(params.get('description', '')) in_users = util.listify(params.get('in_users', [])) out_users = util.listify(params.get('out_users', [])) in_groups = util.listify(params.get('in_groups', [])) out_groups = util.listify(params.get('out_groups', [])) create_group_for_role = params.get('create_group_for_role', '') create_group_for_role_checked = CheckboxField.is_checked( create_group_for_role) ok = True if params.get('create_role_button', False): if not name or not description: message = "Enter a valid name and a description." status = 'error' ok = False elif trans.sa_session.query(trans.app.model.Role).filter( trans.app.model.Role.table.c.name == name).first(): message = "Role names must be unique and a role with that name already exists, so choose another name." status = 'error' ok = False else: # Create the role role, num_in_groups = trans.app.security_agent.create_role( name, description, in_users, in_groups, create_group_for_role=create_group_for_role_checked) message = "Role '%s' has been created with %d associated users and %d associated groups. " \ % (role.name, len(in_users), num_in_groups) if create_group_for_role_checked: message += 'One of the groups associated with this role is the newly created group with the same name.' trans.response.send_redirect( web.url_for(controller='admin', action='roles', message=util.sanitize_text(message), status='done')) if ok: for user in trans.sa_session.query(trans.app.model.User) \ .filter(trans.app.model.User.table.c.deleted == false()) \ .order_by(trans.app.model.User.table.c.email): out_users.append((user.id, user.email)) for group in trans.sa_session.query(trans.app.model.Group) \ .filter(trans.app.model.Group.table.c.deleted == false()) \ .order_by(trans.app.model.Group.table.c.name): out_groups.append((group.id, group.name)) return trans.fill_template( '/webapps/tool_shed/admin/dataset_security/role/role_create.mako', name=name, description=description, in_users=in_users, out_users=out_users, in_groups=in_groups, out_groups=out_groups, create_group_for_role_checked=create_group_for_role_checked, message=message, status=status)
def create_group(self, trans, **kwd): params = util.Params(kwd) message = util.restore_text(params.get('message', '')) status = params.get('status', 'done') name = util.restore_text(params.get('name', '')) in_users = util.listify(params.get('in_users', [])) out_users = util.listify(params.get('out_users', [])) in_roles = util.listify(params.get('in_roles', [])) out_roles = util.listify(params.get('out_roles', [])) create_role_for_group = params.get('create_role_for_group', '') create_role_for_group_checked = CheckboxField.is_checked( create_role_for_group) ok = True if params.get('create_group_button', False): if not name: message = "Enter a valid name." status = 'error' ok = False elif trans.sa_session.query(trans.app.model.Group).filter( trans.app.model.Group.table.c.name == name).first(): message = "Group names must be unique and a group with that name already exists, so choose another name." status = 'error' ok = False else: # Create the group group = trans.app.model.Group(name=name) trans.sa_session.add(group) trans.sa_session.flush() # Create the UserRoleAssociations for user in [ trans.sa_session.query(trans.app.model.User).get(x) for x in in_users ]: uga = trans.app.model.UserGroupAssociation(user, group) trans.sa_session.add(uga) # Create the GroupRoleAssociations for role in [ trans.sa_session.query(trans.app.model.Role).get(x) for x in in_roles ]: gra = trans.app.model.GroupRoleAssociation(group, role) trans.sa_session.add(gra) if create_role_for_group_checked: # Create the role role = trans.app.model.Role( name=name, description='Role for group %s' % name) trans.sa_session.add(role) # Associate the role with the group gra = trans.model.GroupRoleAssociation(group, role) trans.sa_session.add(gra) num_in_roles = len(in_roles) + 1 else: num_in_roles = len(in_roles) trans.sa_session.flush() message = "Group '%s' has been created with %d associated users and %d associated roles. " \ % (group.name, len(in_users), num_in_roles) if create_role_for_group_checked: message += 'One of the roles associated with this group is the newly created role with the same name.' trans.response.send_redirect( web.url_for(controller='admin', action='groups', message=util.sanitize_text(message), status='done')) if ok: for user in trans.sa_session.query(trans.app.model.User) \ .filter(trans.app.model.User.table.c.deleted == false()) \ .order_by(trans.app.model.User.table.c.email): out_users.append((user.id, user.email)) for role in trans.sa_session.query(trans.app.model.Role) \ .filter(trans.app.model.Role.table.c.deleted == false()) \ .order_by(trans.app.model.Role.table.c.name): out_roles.append((role.id, role.name)) return trans.fill_template( '/webapps/tool_shed/admin/dataset_security/group/group_create.mako', name=name, in_users=in_users, out_users=out_users, in_roles=in_roles, out_roles=out_roles, create_role_for_group_checked=create_role_for_group_checked, message=message, status=status)
def create_group(self, trans, **kwd): params = util.Params(kwd) message = util.restore_text(params.get('message', '')) status = params.get('status', 'done') name = util.restore_text(params.get('name', '')) in_users = util.listify(params.get('in_users', [])) out_users = util.listify(params.get('out_users', [])) in_roles = util.listify(params.get('in_roles', [])) out_roles = util.listify(params.get('out_roles', [])) create_role_for_group = params.get('create_role_for_group', '') create_role_for_group_checked = CheckboxField.is_checked(create_role_for_group) ok = True if params.get('create_group_button', False): if not name: message = "Enter a valid name." status = 'error' ok = False elif trans.sa_session.query(trans.app.model.Group).filter(trans.app.model.Group.table.c.name == name).first(): message = "Group names must be unique and a group with that name already exists, so choose another name." status = 'error' ok = False else: # Create the group group = trans.app.model.Group(name=name) trans.sa_session.add(group) trans.sa_session.flush() # Create the UserRoleAssociations for user in [trans.sa_session.query(trans.app.model.User).get(x) for x in in_users]: uga = trans.app.model.UserGroupAssociation(user, group) trans.sa_session.add(uga) # Create the GroupRoleAssociations for role in [trans.sa_session.query(trans.app.model.Role).get(x) for x in in_roles]: gra = trans.app.model.GroupRoleAssociation(group, role) trans.sa_session.add(gra) if create_role_for_group_checked: # Create the role role = trans.app.model.Role(name=name, description='Role for group %s' % name) trans.sa_session.add(role) # Associate the role with the group gra = trans.model.GroupRoleAssociation(group, role) trans.sa_session.add(gra) num_in_roles = len(in_roles) + 1 else: num_in_roles = len(in_roles) trans.sa_session.flush() message = "Group '%s' has been created with %d associated users and %d associated roles. " \ % (group.name, len(in_users), num_in_roles) if create_role_for_group_checked: message += 'One of the roles associated with this group is the newly created role with the same name.' trans.response.send_redirect(web.url_for(controller='admin', action='groups', message=util.sanitize_text(message), status='done')) if ok: for user in trans.sa_session.query(trans.app.model.User) \ .filter(trans.app.model.User.table.c.deleted == false()) \ .order_by(trans.app.model.User.table.c.email): out_users.append((user.id, user.email)) for role in trans.sa_session.query(trans.app.model.Role) \ .filter(trans.app.model.Role.table.c.deleted == false()) \ .order_by(trans.app.model.Role.table.c.name): out_roles.append((role.id, role.name)) return trans.fill_template('/webapps/tool_shed/admin/dataset_security/group/group_create.mako', name=name, in_users=in_users, out_users=out_users, in_roles=in_roles, out_roles=out_roles, create_role_for_group_checked=create_role_for_group_checked, message=message, status=status)