From 62ed9b47908fa8339009834178b1f7e1b9255ef7 Mon Sep 17 00:00:00 2001 From: mvdbeek Date: Tue, 1 Dec 2020 13:12:43 +0100 Subject: [PATCH] Use added managers in old GalaxyWebTransaction --- lib/galaxy/managers/session.py | 7 +++++-- lib/galaxy/webapps/base/webapp.py | 24 ++++++++++-------------- 2 files changed, 15 insertions(+), 16 deletions(-) diff --git a/lib/galaxy/managers/session.py b/lib/galaxy/managers/session.py index cd95201348c0..c1431aaa7598 100644 --- a/lib/galaxy/managers/session.py +++ b/lib/galaxy/managers/session.py @@ -2,7 +2,10 @@ and_, true, ) -from sqlalchemy.orm import joinedload +from sqlalchemy.orm import ( + joinedload, + Session, +) from galaxy import model @@ -10,7 +13,7 @@ class GalaxySessionManager: """Manages GalaxySession.""" - def __init__(self, sa_session): + def __init__(self, sa_session: Session): self.session = sa_session def get_session_from_session_key(self, session_key: str): diff --git a/lib/galaxy/webapps/base/webapp.py b/lib/galaxy/webapps/base/webapp.py index 0626f5cf8d51..e893ac9b078d 100644 --- a/lib/galaxy/webapps/base/webapp.py +++ b/lib/galaxy/webapps/base/webapp.py @@ -23,7 +23,9 @@ from sqlalchemy.orm.exc import NoResultFound from galaxy import util -from galaxy.exceptions import ConfigurationError, MessageException +from galaxy.exceptions import AuthenticationFailed, ConfigurationError, MessageException +from galaxy.managers.session import GalaxySessionManager +from galaxy.managers.users import UserManager from galaxy.managers import context from galaxy.util import ( asbool, @@ -185,6 +187,8 @@ def __init__(self, environ, app, webapp, session_cookie=None): self.app = app self.webapp = webapp self.security = webapp.security + self.user_manager = UserManager(app) + self.session_manager = GalaxySessionManager(app.model.session) base.DefaultWebTransaction.__init__(self, environ) self.setup_i18n() self.expunge_all() @@ -408,15 +412,10 @@ def _authenticate_api(self, session_cookie): elif api_key_supplied: # Sessionless API transaction, we just need to associate a user. try: - provided_key = self.sa_session.query(self.app.model.APIKeys).filter(self.app.model.APIKeys.table.c.key == api_key).one() - except NoResultFound: - return 'Provided API key is not valid.' - if provided_key.user.deleted: - return 'User account is deactivated, please contact an administrator.' - newest_key = provided_key.user.api_keys[0] - if newest_key.key != provided_key.key: - return 'Provided API key has expired.' - self.set_user(provided_key.user) + user = self.user_manager.by_api_key(api_key) + except AuthenticationFailed as e: + return str(e) + self.set_user(user) elif secure_id: # API authentication via active session # Associate user using existing session @@ -463,10 +462,7 @@ def _ensure_valid_session(self, session_cookie, create=True): try: session_key = self.security.decode_guid(secure_id) if session_key: - # Retrieve the galaxy_session id via the unique session_key - galaxy_session = self.sa_session.query(self.app.model.GalaxySession) \ - .filter(and_(self.app.model.GalaxySession.table.c.session_key == session_key, - self.app.model.GalaxySession.table.c.is_valid == true())).options(joinedload("user")).first() + galaxy_session = self.session_manager.get_session_from_session_key(session_key=session_key) except Exception: # We'll end up creating a new galaxy_session session_key = None