Warning
This document is for an in-development version of Galaxy. You can alternatively view this page in the latest release if it exists or view the top of the latest release's documentation.
galaxy.security package¶
Galaxy Security
-
class
galaxy.security.
RBACAgent
[source]¶ Bases:
object
Class that handles galaxy security
-
permitted_actions
= <galaxy.util.bunch.Bunch object>¶
-
-
galaxy.security.
get_permitted_actions
(filter=None)[source]¶ Utility method to return a subset of RBACAgent’s permitted actions
Submodules¶
galaxy.security.idencoding module¶
-
class
galaxy.security.idencoding.
IdEncodingHelper
(**config)[source]¶ Bases:
object
-
encode_dict_ids
(a_dict, kind=None, skip_startswith=None)[source]¶ Encode all ids in dictionary. Ids are identified by (a) an ‘id’ key or (b) a key that ends with ‘_id’
-
galaxy.security.passwords module¶
-
galaxy.security.passwords.
hash_password
(password)[source]¶ Hash a password, currently will use the PBKDF2 scheme.
-
galaxy.security.passwords.
check_password
(guess, hashed)[source]¶ Check a hashed password. Supports either PBKDF2 if the hash is prefixed with that string, or sha1 otherwise.
-
galaxy.security.passwords.
pbkdf2_bin
(data, salt, iterations=100000, keylen=24, hashfunc='sha256')[source]¶ Returns a binary digest for the PBKDF2 hash algorithm of data with the given salt. It iterates iterations time and produces a key of keylen bytes. By default SHA-256 is used as hash function, a different hashlib hashfunc can be provided.
galaxy.security.validate_user_input module¶
Utilities for validating inputs related to user objects.
The validate_* methods in this file return simple messages that do not contain user inputs - so these methods do not need to be escaped.
-
galaxy.security.validate_user_input.
validate_email
(trans, email, user=None, check_dup=True, allow_empty=False)[source]¶ Validates the email format, also checks whether the domain is blacklisted in the disposable domains configuration.
-
galaxy.security.validate_user_input.
validate_publicname
(trans, publicname, user=None)[source]¶ Check that publicname respects the minimum and maximum string length, the allowed characters, and that the username is not taken already.