Warning

This document is for an old release of Galaxy. You can alternatively view this page in the latest release if it exists or view the top of the latest release's documentation.

tool_shed.webapp.security package

Tool Shed Security

class tool_shed.webapp.security.Action(action, description, model)[source]

Bases: object

__init__(action, description, model)[source]
class tool_shed.webapp.security.RBACAgent[source]

Bases: object

Handle Galaxy Tool Shed security

permitted_actions = <galaxy.util.bunch.Bunch object>
associate_components(**kwd)[source]
associate_user_role(user, role)[source]
convert_permitted_action_strings(permitted_action_strings)[source]

When getting permitted actions from an untrusted source like a form, ensure that they match our actual permitted actions.

create_user_role(user, app)[source]
create_private_user_role(user)[source]
get_action(name, default=None)[source]

Get a permitted action by its dict key or action name

get_actions()[source]

Get all permitted actions as a list of Action objects

get_item_actions(action, item)[source]
get_private_user_role(user)[source]
class tool_shed.webapp.security.CommunityRBACAgent(model, permitted_actions=None)[source]

Bases: RBACAgent

__init__(model, permitted_actions=None)[source]
property sa_session

Returns a SQLAlchemy scoped session

allow_action(roles, action, item)[source]

Method for checking a permission for the current user ( based on roles ) to perform a specific action on an item

associate_components(**kwd)[source]
associate_group_role(group, role)[source]
associate_user_group(user, group)[source]
associate_user_role(user, role)[source]
associate_repository_category(repository, category)[source]
create_private_user_role(user)[source]
create_user_role(user, app)[source]
get_item_actions(action, item)[source]
get_private_user_role(user, auto_create=False)[source]
set_entity_group_associations(groups=None, users=None, roles=None, delete_existing_assocs=True)[source]
set_entity_role_associations(roles=None, users=None, groups=None, repositories=None, delete_existing_assocs=True)[source]
set_entity_user_associations(users=None, roles=None, groups=None, delete_existing_assocs=True)[source]
usernames_that_can_push(repository) List[str][source]
can_push(app, user, repository)[source]
user_can_administer_repository(user, repository)[source]

Return True if the received user can administer the received repository.

user_can_import_repository_archive(user, archive_owner)[source]
tool_shed.webapp.security.get_permitted_actions(filter=None)[source]

Utility method to return a subset of RBACAgent’s permitted actions

tool_shed.webapp.security.get_iuc_group(session)[source]