Warning
This document is for an in-development version of Galaxy. You can alternatively view this page in the latest release if it exists or view the top of the latest release's documentation.
galaxy.security package¶
Galaxy Security
-
class
galaxy.security.
RBACAgent
[source]¶ Bases:
object
Class that handles galaxy security
-
convert_permitted_action_strings
(permitted_action_strings)[source]¶ When getting permitted actions from an untrusted source like a form, ensure that they match our actual permitted actions.
-
history_set_default_permissions
(history, permissions=None, dataset=False, bypass_manage_permission=False)[source]¶
-
permitted_actions
= <galaxy.util.bunch.Bunch object>¶
-
-
galaxy.security.
get_permitted_actions
(filter=None)[source]¶ Utility method to return a subset of RBACAgent’s permitted actions
Submodules¶
galaxy.security.idencoding module¶
-
class
galaxy.security.idencoding.
IdEncodingHelper
(**config)[source]¶ Bases:
object
-
encode_all_ids
(rval, recursive=False)[source]¶ Encodes all integer values in the dict rval whose keys are ‘id’ or end with ‘_id’ excluding tool_id which are consumed and produced as is via the API.
-
galaxy.security.passwords module¶
-
galaxy.security.passwords.
check_password
(guess, hashed)[source]¶ Check a hashed password. Supports either PBKDF2 if the hash is prefixed with that string, or sha1 otherwise.
-
galaxy.security.passwords.
hash_password
(password)[source]¶ Hash a password, currently will use the PBKDF2 scheme.
-
galaxy.security.passwords.
pbkdf2_bin
(data, salt, iterations=100000, keylen=24, hashfunc='sha256')[source]¶ Returns a binary digest for the PBKDF2 hash algorithm of data with the given salt. It iterates iterations time and produces a key of keylen bytes. By default SHA-256 is used as hash function, a different hashlib hashfunc can be provided.
galaxy.security.validate_user_input module¶
Utilities for validating inputs related to user objects.
The validate_* methods in this file return simple messages that do not contain user inputs - so these methods do not need to be escaped.
-
galaxy.security.validate_user_input.
transform_publicname
(publicname)[source]¶ Transform publicname to respect the minimum and maximum string length, and the allowed characters. FILL_CHAR is used to extend or replace characters.
-
galaxy.security.validate_user_input.
validate_email
(trans, email, user=None, check_dup=True, allow_empty=False)[source]¶ Validates the email format, also checks whether the domain is blocklisted in the disposable domains configuration.
-
galaxy.security.validate_user_input.
validate_email_str
(email)[source]¶ Validates a string containing an email address.