Warning
This document is for an in-development version of Galaxy. You can alternatively view this page in the latest release if it exists or view the top of the latest release's documentation.
galaxy.security package¶
Galaxy Security
- class galaxy.security.RBACAgent[source]¶
Bases:
object
Class that handles galaxy security
- permitted_actions = <galaxy.util.bunch.Bunch object>¶
- galaxy.security.get_permitted_actions(filter=None)[source]¶
Utility method to return a subset of RBACAgent’s permitted actions
Submodules¶
galaxy.security.idencoding module¶
- class galaxy.security.idencoding.IdEncodingHelper(**config)[source]¶
Bases:
object
- encode_dict_ids(a_dict, kind=None, skip_startswith=None)[source]¶
Encode all ids in dictionary. Ids are identified by (a) an ‘id’ key or (b) a key that ends with ‘_id’
galaxy.security.passwords module¶
- galaxy.security.passwords.hash_password(password)[source]¶
Hash a password, currently will use the PBKDF2 scheme.
- galaxy.security.passwords.check_password(guess, hashed)[source]¶
Check a hashed password. Supports either PBKDF2 if the hash is prefixed with that string, or sha1 otherwise.
- galaxy.security.passwords.pbkdf2_bin(data, salt, iterations=100000, keylen=24, hashfunc='sha256')[source]¶
Returns a binary digest for the PBKDF2 hash algorithm of data with the given salt. It iterates iterations time and produces a key of keylen bytes. By default SHA-256 is used as hash function, a different hashlib hashfunc can be provided.
galaxy.security.validate_user_input module¶
Utilities for validating inputs related to user objects.
The validate_* methods in this file return simple messages that do not contain user inputs - so these methods do not need to be escaped.
- galaxy.security.validate_user_input.validate_email_str(email)[source]¶
Validates a string containing an email address.
- galaxy.security.validate_user_input.validate_publicname_str(publicname)[source]¶
Validates a string containing a public username.
- galaxy.security.validate_user_input.validate_email(trans, email, user=None, check_dup=True, allow_empty=False, validate_domain=False)[source]¶
Validates the email format, also checks whether the domain is blocklisted in the disposable domains configuration.
- galaxy.security.validate_user_input.validate_publicname(trans, publicname, user=None)[source]¶
Check that publicname respects the minimum and maximum string length, the allowed characters, and that the username is not taken already.