Skip to content

Commit

Permalink
Slight safeguarding of user selection, respond with a more contextual…
Browse files Browse the repository at this point in the history 
…ized message
  • Loading branch information
@dannon
dannon committed May 21, 2018
1 parent c3d01f0 commit fb199c5
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions lib/galaxy/webapps/galaxy/controllers/admin.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1565,14 +1565,17 @@ def _recalculate_user(self, trans, user_id):
message = 'Usage has changed by %s to %s.' % (nice_size(new - current), nice_size(new))
return (message, 'done')

def _new_user_apikey(self, trans, uid):
def _new_user_apikey(self, trans, user_id):
user = trans.sa_session.query(trans.model.User).get(trans.security.decode_id(user_id))
if not user:
return ('User not found for id (%s)' % sanitize_text(str(user_id)), 'error')
new_key = trans.app.model.APIKeys(
user_id=trans.security.decode_id(uid),
user_id=trans.security.decode_id(user_id),
key=trans.app.security.get_new_guid()
)
trans.sa_session.add(new_key)
trans.sa_session.flush()
return ("New key '%s' generated for requested user." % new_key.key, "done")
return ("New key '%s' generated for requested user '%s'." % (new_key.key, user.email), "done")

@web.expose_api
@web.require_admin
Expand Down

0 comments on commit fb199c5

Please sign in to comment.