Loading lib/galaxy/managers/jobs.py +11 −17 Original line number Diff line number Diff line Loading @@ -4,10 +4,7 @@ from datetime import ( date, datetime, ) from typing import ( Dict, Optional, ) from typing import Dict import sqlalchemy from boltons.iterutils import remap Loading @@ -34,6 +31,7 @@ from galaxy.exceptions import ( ItemAccessibilityException, ObjectNotFound, RequestParameterInvalidException, RequestParameterMissingException, ) from galaxy.job_metrics import ( RawMetric, Loading Loading @@ -109,9 +107,7 @@ class JobManager: self.app = app self.dataset_manager = DatasetManager(app) def index_query( self, trans: ProvidesUserContext, payload: JobIndexQueryPayload ) -> Optional[sqlalchemy.engine.Result]: def index_query(self, trans: ProvidesUserContext, payload: JobIndexQueryPayload) -> sqlalchemy.engine.Result: """The caller is responsible for security checks on the resulting job if history_id, invocation_id, or implicit_collection_jobs_id is set. Otherwise this will only return the user's jobs or all jobs if the requesting Loading @@ -127,13 +123,6 @@ class JobManager: search = payload.search order_by = payload.order_by if trans.user is None: # If the user is anonymous we can only return jobs for the current session history if trans.galaxy_session and trans.galaxy_session.current_history_id: history_id = trans.galaxy_session.current_history_id else: return None def build_and_apply_filters(stmt, objects, filter_func): if objects is not None: if isinstance(objects, (str, date, datetime)): Loading Loading @@ -220,9 +209,14 @@ class JobManager: if user_details: stmt = stmt.outerjoin(Job.user) else: if history_id is None and invocation_id is None and implicit_collection_jobs_id is None and trans.user: if history_id is None and invocation_id is None and implicit_collection_jobs_id is None: # If we're not filtering on history, invocation or collection we filter the jobs owned by the current user if trans.user: stmt = stmt.where(Job.user_id == trans.user.id) # caller better check security elif trans.galaxy_session: stmt = stmt.where(Job.session_id == trans.galaxy_session.id) else: raise RequestParameterMissingException("A session is required to list jobs for anonymous users") stmt = build_and_apply_filters(stmt, payload.states, lambda s: model.Job.state == s) stmt = build_and_apply_filters(stmt, payload.tool_ids, lambda t: model.Job.tool_id == t) Loading lib/galaxy/webapps/galaxy/services/jobs.py +0 −2 Original line number Diff line number Diff line Loading @@ -82,8 +82,6 @@ class JobsService(ServiceBase): ) jobs = self.job_manager.index_query(trans, payload) out: List[Dict[str, Any]] = [] if jobs is None: return out for job in jobs.yield_per(model.YIELD_PER_ROWS): # TODO: optimize if this crucial if check_security_of_jobs and not security_check(trans, job.history, check_accessible=True): Loading Loading
lib/galaxy/managers/jobs.py +11 −17 Original line number Diff line number Diff line Loading @@ -4,10 +4,7 @@ from datetime import ( date, datetime, ) from typing import ( Dict, Optional, ) from typing import Dict import sqlalchemy from boltons.iterutils import remap Loading @@ -34,6 +31,7 @@ from galaxy.exceptions import ( ItemAccessibilityException, ObjectNotFound, RequestParameterInvalidException, RequestParameterMissingException, ) from galaxy.job_metrics import ( RawMetric, Loading Loading @@ -109,9 +107,7 @@ class JobManager: self.app = app self.dataset_manager = DatasetManager(app) def index_query( self, trans: ProvidesUserContext, payload: JobIndexQueryPayload ) -> Optional[sqlalchemy.engine.Result]: def index_query(self, trans: ProvidesUserContext, payload: JobIndexQueryPayload) -> sqlalchemy.engine.Result: """The caller is responsible for security checks on the resulting job if history_id, invocation_id, or implicit_collection_jobs_id is set. Otherwise this will only return the user's jobs or all jobs if the requesting Loading @@ -127,13 +123,6 @@ class JobManager: search = payload.search order_by = payload.order_by if trans.user is None: # If the user is anonymous we can only return jobs for the current session history if trans.galaxy_session and trans.galaxy_session.current_history_id: history_id = trans.galaxy_session.current_history_id else: return None def build_and_apply_filters(stmt, objects, filter_func): if objects is not None: if isinstance(objects, (str, date, datetime)): Loading Loading @@ -220,9 +209,14 @@ class JobManager: if user_details: stmt = stmt.outerjoin(Job.user) else: if history_id is None and invocation_id is None and implicit_collection_jobs_id is None and trans.user: if history_id is None and invocation_id is None and implicit_collection_jobs_id is None: # If we're not filtering on history, invocation or collection we filter the jobs owned by the current user if trans.user: stmt = stmt.where(Job.user_id == trans.user.id) # caller better check security elif trans.galaxy_session: stmt = stmt.where(Job.session_id == trans.galaxy_session.id) else: raise RequestParameterMissingException("A session is required to list jobs for anonymous users") stmt = build_and_apply_filters(stmt, payload.states, lambda s: model.Job.state == s) stmt = build_and_apply_filters(stmt, payload.tool_ids, lambda t: model.Job.tool_id == t) Loading
lib/galaxy/webapps/galaxy/services/jobs.py +0 −2 Original line number Diff line number Diff line Loading @@ -82,8 +82,6 @@ class JobsService(ServiceBase): ) jobs = self.job_manager.index_query(trans, payload) out: List[Dict[str, Any]] = [] if jobs is None: return out for job in jobs.yield_per(model.YIELD_PER_ROWS): # TODO: optimize if this crucial if check_security_of_jobs and not security_check(trans, job.history, check_accessible=True): Loading
