Commits

Martin Cech committed d46493c

history API: allow anon users import public datasets into their (only) history, add exception for unknown datatype
library API: don't show folders without single accesible item to anonyms

Comments (0)

Files changed (5)

lib/galaxy/exceptions/__init__.py

     status_code = 400
     err_code = error_codes.MALFORMED_ID
 
+class UnknownContentsType( MessageException ):
+    status_code = 400
+    err_code = error_codes.UNKNOWN_CONTENTS_TYPE
+
 class RequestParameterMissingException( MessageException ):
     status_code = 400
     err_code = error_codes.USER_REQUEST_MISSING_PARAMETER

lib/galaxy/exceptions/error_codes.json

     "message": "The id of the resource is malformed."
     },
    {
+    "name": "UNKNOWN_CONTENTS_TYPE",
+    "code": 400010,
+    "message": "The request contains unknown type of contents."
+    },
+   {
     "name": "USER_NO_API_KEY",
     "code": 403001,
     "message": "API authentication required for this request"

lib/galaxy/webapps/galaxy/api/folder_contents.py

             
         # Return the reversed path so it starts with the library node.
         full_path = build_path( folder )[::-1]
-        
 
         folder_contents = []
         time_updated = ''
         time_created = ''
-        # Go through every item in the folder and include its meta-data.
+        # Go through every accessible item in the folder and include its meta-data.
         for content_item in self._load_folder_contents( trans, folder ):
-            return_item = {}
-            encoded_id = trans.security.encode_id( content_item.id )
-            time_updated = content_item.update_time.strftime( "%Y-%m-%d %I:%M %p" )
-            time_created = content_item.create_time.strftime( "%Y-%m-%d %I:%M %p" )
-            
-            # For folder return also hierarchy values
-            if content_item.api_type == 'folder':
-                encoded_id = 'F' + encoded_id
-                return_item.update ( dict ( item_count = content_item.item_count ) )
+            if trans.app.security_agent.can_access_library_item( current_user_roles, content_item, trans.user ):
+                return_item = {}
+                encoded_id = trans.security.encode_id( content_item.id )
+                time_updated = content_item.update_time.strftime( "%Y-%m-%d %I:%M %p" )
+                time_created = content_item.create_time.strftime( "%Y-%m-%d %I:%M %p" )
 
-            if content_item.api_type == 'file':
-                library_dataset_dict = content_item.to_dict()
-                library_dataset_dict['data_type']
-                library_dataset_dict['file_size']
-                library_dataset_dict['date_uploaded']
-                return_item.update ( dict ( data_type = library_dataset_dict['data_type'],
-                                            file_size = library_dataset_dict['file_size'],
-                                            date_uploaded = library_dataset_dict['date_uploaded'] ) )
+                # For folder return also hierarchy values
+                if content_item.api_type == 'folder':
+                    encoded_id = 'F' + encoded_id
+                    return_item.update ( dict ( item_count = content_item.item_count ) )
 
-            # For every item return also the default meta-data
-            return_item.update( dict( id = encoded_id,
-                               type = content_item.api_type,
-                               name = content_item.name,
-                               time_updated = time_updated,
-                               time_created = time_created
-                                ) )
-            folder_contents.append( return_item )
+                if content_item.api_type == 'file':
+                    library_dataset_dict = content_item.to_dict()
+                    library_dataset_dict['data_type']
+                    library_dataset_dict['file_size']
+                    library_dataset_dict['date_uploaded']
+                    return_item.update ( dict ( data_type = library_dataset_dict['data_type'],
+                                                file_size = library_dataset_dict['file_size'],
+                                                date_uploaded = library_dataset_dict['date_uploaded'] ) )
+
+                # For every item return also the default meta-data
+                return_item.update( dict( id = encoded_id,
+                                   type = content_item.api_type,
+                                   name = content_item.name,
+                                   time_updated = time_updated,
+                                   time_created = time_created
+                                    ) )
+                folder_contents.append( return_item )
 
         return { 'metadata' : { 'full_path' : full_path, 'can_add_library_item': can_add_library_item }, 'folder_contents' : folder_contents }
 

lib/galaxy/webapps/galaxy/api/history_contents.py

         hda_dict[ 'display_apps' ] = self.get_display_apps( trans, hda )
         return hda_dict
 
-    #TODO: allow anon users to copy hdas, ldas
-    @expose_api
+    @expose_api_anonymous
     def create( self, trans, history_id, payload, **kwd ):
         """
         create( self, trans, history_id, payload, **kwd )
         return validated_payload
 
     def __handle_unknown_contents_type( self, trans, contents_type ):
-        # TODO: raise a message exception instead of setting status and returning dict.
-        trans.response.status = 400
-        return { 'error': 'Unknown contents type %s' % type }
-
+        raise exceptions.UnknownContentsType('Unknown contents type: %s' % type)
 
 class HDAManager( object ):
 

lib/galaxy/webapps/galaxy/api/lda_datasets.py

 import urllib
 import urllib2
 import zipfile
-from paste.httpexceptions import HTTPBadRequest
-from galaxy import util, web
-from galaxy.exceptions import ItemAccessibilityException, MessageException, ItemDeletionException, ObjectNotFound
+from galaxy import exceptions
+from galaxy.web import _future_expose_api as expose_api
+from galaxy.web import _future_expose_api_anonymous as expose_api_anonymous
+# from paste.httpexceptions import HTTPBadRequest
+from galaxy import util
+from galaxy import web
+# from galaxy.exceptions import ItemAccessibilityException, MessageException, ItemDeletionException, ObjectNotFound
 from galaxy.security import Action
 from galaxy.util.streamball import StreamBall
 from galaxy.web.base.controller import BaseAPIController, UsesVisualizationMixin
 
 class LibraryDatasetsController( BaseAPIController, UsesVisualizationMixin ):
 
-    @web.expose_api
+    @expose_api_anonymous
     def show( self, trans, id, **kwd ):
         """
         show( self, trans, id, **kwd )
         try:
             dataset = self.get_library_dataset( trans, id = id, check_ownership=False, check_accessible=True )
         except Exception, e:
-            trans.response.status = 500
-            return str( e )
-        try:
-            rval = dataset.to_dict()
-        except Exception, e:
-            rval = "Error in dataset API at listing contents: " + str( e )
-            log.error( rval + ": %s" % str(e), exc_info=True )
-            trans.response.status = 500
-            return "Error in dataset API at listing contents: " + str( e )
+            raise exceptions.ObjectNotFound( 'Requested dataset was not found.' )
+            # trans.response.status = 500
+            # return str( e )
+        # try:
+        rval = dataset.to_dict()
+        # except Exception, e:
+        #     rval = "Error in dataset API at listing contents: " + str( e )
+        #     log.error( rval + ": %s" % str(e), exc_info=True )
+        #     trans.response.status = 500
+        #     return "Error in dataset API at listing contents: " + str( e )
 
         rval['id'] = trans.security.encode_id(rval['id']);
         rval['ldda_id'] = trans.security.encode_id(rval['ldda_id']);
-        rval['folder_id'] = 'f' + trans.security.encode_id(rval['folder_id'])
+        rval['folder_id'] = 'F' + trans.security.encode_id(rval['folder_id'])
         return rval
 
     @web.expose