refinery-platform · jkmarx · Feb 12, 2018 · Jan 24, 2018 · Jan 24, 2018 · Jan 24, 2018
diff --git a/refinery/analysis_manager/tests.py b/refinery/analysis_manager/tests.py
@@ -176,18 +176,6 @@ def test_fetch_objects_required_for_analyses_bad_user(self):
             )
             self.assertIn("Couldn't fetch User", context.exception.message)
 
-    def test_fetch_objects_required_for_analyses_bad_dataset(self):
-        self.dataset.delete()
-        with self.assertRaises(RuntimeError) as context:
-            fetch_objects_required_for_analysis(
-                {
-                    "study_uuid": self.study.uuid,
-                    "user_id": self.user.id,
-                    "workflow_uuid": self.workflow.uuid
-                }
-            )
-            self.assertIn("Couldn't fetch DataSet", context.exception.message)
-
 
 class AnalysisViewsTests(AnalysisManagerTestBase, ToolManagerTestBase):
     """

diff --git a/refinery/analysis_manager/views.py b/refinery/analysis_manager/views.py
@@ -4,11 +4,10 @@
 
 from django.contrib import messages
 from django.contrib.auth.decorators import login_required
-from django.core import serializers
 from django.core.urlresolvers import reverse
 from django.http import (HttpResponse, HttpResponseBadRequest,
                          HttpResponseForbidden, HttpResponseNotAllowed,
-                         HttpResponseServerError)
+                         HttpResponseServerError, JsonResponse)
 from django.shortcuts import render_to_response
 from django.template import RequestContext
 
@@ -75,8 +74,7 @@ def analysis_status(request, uuid):
         }
         logger.debug("Analysis status for '%s': %s",
                      analysis.name, json.dumps(ret_json))
-        return HttpResponse(json.dumps(ret_json, indent=4),
-                            content_type='application/javascript')
+        return JsonResponse(ret_json, content_type='application/javascript')
     return render_to_response(
         'analysis_manager/analysis_status.html',
         {'uuid': uuid, 'status': status, 'analysis': analysis},
@@ -133,10 +131,8 @@ def update_workflows(request):
             workflows += new_workflow_count
         # getting updated available workflows
         workflows = Workflow.objects.all()
-        json_serializer = serializers.get_serializer("json")()
-        return HttpResponse(
-            json_serializer.serialize(workflows, ensure_ascii=False),
-            content_type='application/javascript')
+
+        return JsonResponse(workflows, content_type='application/javascript')
     return HttpResponse(status=400)
 
 
@@ -145,11 +141,11 @@ def get_workflow_data_input_map(request, workflow_uuid):
     workflow_uuid
     """
     curr_workflow = Workflow.objects.filter(uuid=workflow_uuid)[0]
-    data = serializers.serialize('json', curr_workflow.data_inputs.all())
     if request.is_ajax():
-        return HttpResponse(data, content_type='application/javascript')
+        return JsonResponse(curr_workflow.data_inputs.all(),
+                            content_type='application/javascript')
     else:
-        return HttpResponse(data, content_type='application/json')
+        return JsonResponse(curr_workflow.data_inputs.all())
 
 
 def run(request):

diff --git a/refinery/annotation_server/views.py b/refinery/annotation_server/views.py
@@ -4,7 +4,7 @@
 
 from django.db import connection
 from django.db.models import Q
-from django.http import HttpResponse
+from django.http import HttpResponse, JsonResponse
 
 from .utils import GAP_REGIONS, MAPPABILITY_THEORETICAL, SUPPORTED_GENOMES
 
@@ -27,7 +27,7 @@ def search_genes(request, genome, search_string):
                  'cdsEnd', 'exonCount', 'exonStarts', 'exonEnds')
 
         data = ValuesQuerySetToDict(curr_vals)
-        return HttpResponse(data, 'application/json')
+        return JsonResponse(data)
     return HttpResponse(status=400)
 
 
@@ -64,7 +64,7 @@ def get_length(request, genome):
         current_table = globals()[genome + "_ChromInfo"]
         data = ValuesQuerySetToDict(
             current_table.objects.values('chrom', 'size'))
-        return HttpResponse(data, 'application/json')
+        return JsonResponse(data)
     return HttpResponse(status=400)
 
 
@@ -78,7 +78,7 @@ def get_chrom_length(request, genome, chrom):
         curr_vals = current_table.objects.filter(chrom__iexact=chrom).values(
             'chrom', 'size')
         data = ValuesQuerySetToDict(curr_vals)
-        return HttpResponse(data, 'application/json')
+        return JsonResponse(data)
     return HttpResponse(status=400)
 
     # TODO: return genome lengths according to chrom order i.e. 1,2,3 etc.
@@ -94,7 +94,7 @@ def get_cytoband(request, genome, chrom):
         curr_vals = current_table.objects.filter(chrom__iexact=chrom).values(
             'chrom', 'chromStart', 'chromEnd', 'name', 'gieStain')
         data = ValuesQuerySetToDict(curr_vals)
-        return HttpResponse(data, 'application/json')
+        return JsonResponse(data)
     return HttpResponse(status=400)
 
 
@@ -111,7 +111,7 @@ def get_genes(request, genome, chrom, start, end):
         ).values('name', 'chrom', 'strand', 'txStart', 'txEnd', 'cdsStart',
                  'cdsEnd', 'exonCount', 'exonStarts', 'exonEnds')
         data = ValuesQuerySetToDict(curr_vals)
-        return HttpResponse(data, 'application/json')
+        return JsonResponse(data)
     return HttpResponse(status=400)
 
 
@@ -127,7 +127,7 @@ def get_gc(request, genome, chrom, start, end):
             Q(position__range=(start, end)),
         ).values('chrom', 'position', 'value')
         data = ValuesQuerySetToDict(curr_vals)
-        return HttpResponse(data, 'application/json')
+        return JsonResponse(data)
     return HttpResponse(status=400)
 
 
@@ -145,7 +145,7 @@ def get_maptheo(request, genome, chrom, start, end):
             Q(chromStart__range=(start, end)) | Q(chromEnd__range=(start, end))
         ).values('chrom', 'chromStart', 'chromEnd')
         data = ValuesQuerySetToDict(curr_vals)
-        return HttpResponse(data, 'application/json')
+        return JsonResponse(data)
     return HttpResponse(status=400)
 
 
@@ -162,7 +162,7 @@ def get_mapemp(request, genome, chrom, start, end):
             Q(chromStart__range=(start, end)) | Q(chromEnd__range=(start, end))
         ).values('chrom', 'chromStart', 'chromEnd')
         data = ValuesQuerySetToDict(curr_vals)
-        return HttpResponse(data, 'application/json')
+        return JsonResponse(data)
     return HttpResponse(status=400)
 
 
@@ -178,7 +178,7 @@ def get_conservation(request, genome, chrom, start, end):
             Q(position__range=(start, end)),
         ).values('chrom', 'position', 'value')
         data = ValuesQuerySetToDict(curr_vals)
-        return HttpResponse(data, 'application/json')
+        return JsonResponse(data)
     return HttpResponse(status=400)
 
 
@@ -197,7 +197,7 @@ def get_gapregion(request, genome, chrom, start, end):
         ).values('bin', 'chromStart', 'chromEnd', 'ix', 'n', 'size', 'type',
                  'bridge')
         data = ValuesQuerySetToDict(curr_vals)
-        return HttpResponse(data, 'application/json')
+        return JsonResponse(data)
     return HttpResponse(status=400)
 
 

diff --git a/refinery/config/settings/base.py b/refinery/config/settings/base.py
@@ -178,14 +178,14 @@ def get_setting(name, settings=local_settings, default=None):
 
 # NOTE: the order of INSTALLED_APPS matters in some instances.
 INSTALLED_APPS = (
-    'registration',
+    'django.contrib.sites',
+    'registration',  # docs: should be immediately above 'django.contrib.auth'
+    'django.contrib.auth',
     'core',
     'data_set_manager',
     'guardian',
     'django.contrib.contenttypes',
-    'django.contrib.auth',
     'django.contrib.sessions',
-    'django.contrib.sites',
     'django.contrib.messages',
     'django.contrib.staticfiles',
     # Uncomment the next line to enable the admin:
@@ -615,3 +615,10 @@ def get_setting(name, settings=local_settings, default=None):
 
 # temporary feature toggle for using S3 as user data file storage backend
 REFINERY_S3_USER_DATA = get_setting('REFINERY_S3_USER_DATA', default=False)
+
+# ALLOWED_HOSTS required in 1.8.16 to prevent a DNS rebinding attack.
+ALLOWED_HOSTS = get_setting("ALLOWED_HOSTS")  # NOQA: F405
+
+MIGRATION_MODULES = {
+    'chunked_upload': 'dependency_migrations.chunked_upload'
+}
diff --git a/refinery/config/settings/dev.py b/refinery/config/settings/dev.py
@@ -7,6 +7,6 @@
 
 EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
 
-INSTALLED_APPS += (
+INSTALLED_APPS += (  # NOQA: F405
     'django_extensions',
 )
diff --git a/refinery/config/settings/prod.py b/refinery/config/settings/prod.py
@@ -5,7 +5,4 @@
 DEBUG = False
 TEMPLATE_DEBUG = DEBUG
 
-# Required when DEBUG = False
-ALLOWED_HOSTS = get_setting("ALLOWED_HOSTS")  # NOQA: F405
-
 EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"
diff --git a/refinery/core/management/commands/activate_user.py b/refinery/core/management/commands/activate_user.py
@@ -9,8 +9,11 @@
 class Command(BaseCommand):
     help = "Activate user account"
 
-    def handle(self, username, **options):
+    def add_arguments(self, parser):
+        parser.add_argument('username')
+
+    def handle(self, *args, **options):
         """Activate a user account.
         """
-
+        username = options['username']
         User.objects.filter(username__exact=username).update(is_active=True)
diff --git a/refinery/core/migrations/0001_initial.py b/refinery/core/migrations/0001_initial.py
@@ -15,6 +15,7 @@ class Migration(migrations.Migration):
         ('data_set_manager', '0001_initial'),
         ('auth', '0001_initial'),
         ('file_store', '0001_initial'),
+        ('registration', '0001_initial')
     ]
 
     operations = [

diff --git a/refinery/core/tests.py b/refinery/core/tests.py
@@ -651,13 +651,19 @@ def setUp(self):
         )
         self.analysis.set_owner(self.user)
 
-    def test_verify_dataset_deletion_if_no_analysis_run_upon_it(self):
+    @mock.patch('core.models.DataSet.get_investigation_links', return_value=[])
+    def test_verify_dataset_deletion_if_no_analysis_run_upon_it(
+            self, mock_get_links
+    ):
         self.assertIsNotNone(
-            DataSet.objects.get(name="dataset_without_analysis"))
+            DataSet.objects.get(name="dataset_without_analysis")
+        )
         self.dataset_without_analysis.delete()
-        self.assertRaises(DataSet.DoesNotExist,
-                          DataSet.objects.get,
-                          name="dataset_without_analysis")
+        self.assertRaises(
+            DataSet.DoesNotExist,
+            DataSet.objects.get,
+            name="dataset_without_analysis"
+        )
 
     def test_verify_dataset_deletion_if_analysis_run_upon_it(self):
         self.assertIsNotNone(
@@ -667,12 +673,14 @@ def test_verify_dataset_deletion_if_analysis_run_upon_it(self):
                           DataSet.objects.get,
                           name="dataset_with_analysis")
 
-    def test_isa_archive_deletion(self):
+    @mock.patch('core.models.DataSet.get_investigation_links', return_value=[])
+    def test_isa_archive_deletion(self, mock_get_links):
         self.assertIsNotNone(self.dataset_without_analysis.get_isa_archive())
         self.dataset_without_analysis.delete()
         self.assertIsNone(self.dataset_without_analysis.get_isa_archive())
 
-    def test_pre_isa_archive_deletion(self):
+    @mock.patch('core.models.DataSet.get_investigation_links', return_value=[])
+    def test_pre_isa_archive_deletion(self, mock_get_links):
         self.assertIsNotNone(
             self.dataset_without_analysis.get_pre_isa_archive())
         self.dataset_without_analysis.delete()

diff --git a/refinery/core/views.py b/refinery/core/views.py
@@ -14,7 +14,8 @@
 from django.core.urlresolvers import reverse
 from django.http import (HttpResponse, HttpResponseBadRequest,
                          HttpResponseForbidden, HttpResponseNotFound,
-                         HttpResponseRedirect, HttpResponseServerError)
+                         HttpResponseRedirect, HttpResponseServerError,
+                         JsonResponse)
 from django.shortcuts import get_object_or_404, redirect, render_to_response
 from django.template import RequestContext, loader
 from django.views.decorators.gzip import gzip_page
@@ -552,9 +553,7 @@ def solr_core_search(request):
             if annotations:
                 response['response']['annotations'] = annotation_data
 
-            response = json.dumps(response)
-
-    return HttpResponse(response, content_type='application/json')
+    return JsonResponse(response)
 
 
 def solr_select(request, core):
@@ -575,10 +574,10 @@ def solr_select(request, core):
             full_response.raise_for_status()
     except HTTPError as e:
         logger.error(e)
-        response = json.dumps({})
+        return JsonResponse({})
     else:
-        response = full_response.content
-    return HttpResponse(response, content_type='application/json')
+        return HttpResponse(full_response.content,
+                            content_type='application/json')
 
 
 def solr_igv(request):
@@ -634,8 +633,7 @@ def solr_igv(request):
         logger.debug("session_urls")
         logger.debug(json.dumps(session_urls, indent=4))
 
-        return HttpResponse(json.dumps(session_urls),
-                            content_type='application/json')
+        return JsonResponse(session_urls)
 
 
 def samples_solr(request, ds_uuid, study_uuid, assay_uuid):
@@ -705,10 +703,7 @@ def pubmed_abstract(request, id):
     except ExpatError:
         return HttpResponse('Service currently unavailable', status=503)
 
-    return HttpResponse(
-        json.dumps(response_dict),
-        content_type='application/json'
-    )
+    return JsonResponse(response_dict)
 
 
 def pubmed_search(request, term):
@@ -931,7 +926,7 @@ def delete(self, request, uuid):
 
 class CustomRegistrationView(RegistrationView):
 
-    def register(self, request, **cleaned_data):
+    def register(self, request):
         """
         Given a username, email address, password, first name, last name,
         and affiliation, register a new user account, which will initially
@@ -956,12 +951,12 @@ def register(self, request, **cleaned_data):
         class of this backend as the sender.
 
         """
-        username = cleaned_data['username']
-        email = cleaned_data['email']
-        password = cleaned_data['password1']
-        first_name = cleaned_data['first_name']
-        last_name = cleaned_data['last_name']
-        affiliation = cleaned_data['affiliation']
+        username = request.cleaned_data['username']
+        email = request.cleaned_data['email']
+        password = request.cleaned_data['password1']
+        first_name = request.cleaned_data['first_name']
+        last_name = request.cleaned_data['last_name']
+        affiliation = request.cleaned_data['affiliation']
 
         if Site._meta.installed:
             site = Site.objects.get_current()
@@ -979,7 +974,7 @@ class of this backend as the sender.
                                      request=request)
         return new_user
 
-    def get_success_url(self, request, user):
+    def get_success_url(self, user):
         """
         Return the name of the URL to redirect to after successful
         user registration.

diff --git a/refinery/data_set_manager/migrations/0006_auto_20180124_1042.py b/refinery/data_set_manager/migrations/0006_auto_20180124_1042.py
@@ -0,0 +1,19 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('data_set_manager', '0005_update_attribute_orders'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='contact',
+            name='email',
+            field=models.EmailField(max_length=254, null=True, blank=True),
+        ),
+    ]