/lib/galaxy/security/validate_user_input.py

https://bitbucket.org/cistrome/cistrome-harvard/ · Python · 68 lines · 53 code · 5 blank · 10 comment · 24 complexity · ccc9066923d76d6d92744b8f86a59f08 MD5 · raw file

  1. import re
  2. VALID_PUBLICNAME_RE = re.compile( "^[a-z0-9\-]+$" )
  3. VALID_PUBLICNAME_SUB = re.compile( "[^a-z0-9\-]" )
  4. # Basic regular expression to check email validity.
  5. VALID_EMAIL_RE = re.compile( "[^@]+@[^@]+\.[^@]+" )
  6. FILL_CHAR = '-'
  7. def validate_email( trans, email, user=None, check_dup=True ):
  8. """
  9. Validates the email format, also checks whether the domain is blacklisted in the disposable domains configuration.
  10. """
  11. message = ''
  12. if user and user.email == email:
  13. return message
  14. if not( VALID_EMAIL_RE.match( email ) ):
  15. message = "Please enter your real email address."
  16. elif len( email ) > 255:
  17. message = "Email address exceeds maximum allowable length."
  18. elif check_dup and trans.sa_session.query( trans.app.model.User ).filter_by( email=email ).first():
  19. message = "User with that email already exists."
  20. # If the blacklist is not empty filter out the disposable domains.
  21. elif trans.app.config.blacklist_content is not None:
  22. if email.split('@')[1] in trans.app.config.blacklist_content:
  23. message = "Please enter your permanent email address."
  24. return message
  25. def validate_publicname( trans, publicname, user=None ):
  26. # User names must be at least four characters in length and contain only lower-case
  27. # letters, numbers, and the '-' character.
  28. if publicname in [ 'None', None, '' ]:
  29. return ''
  30. if user and user.username == publicname:
  31. return ''
  32. if trans.webapp.name == 'tool_shed':
  33. if len( publicname ) < 3:
  34. return "Public name must be at least 3 characters in length"
  35. else:
  36. if len( publicname ) < 4:
  37. return "Public name must be at least 4 characters in length"
  38. if len( publicname ) > 255:
  39. return "Public name cannot be more than 255 characters in length"
  40. if not( VALID_PUBLICNAME_RE.match( publicname ) ):
  41. return "Public name must contain only lower-case letters, numbers and '-'"
  42. if trans.sa_session.query( trans.app.model.User ).filter_by( username=publicname ).first():
  43. return "Public name is taken; please choose another"
  44. return ''
  45. def transform_publicname( trans, publicname, user=None ):
  46. # User names must be at least four characters in length and contain only lower-case
  47. # letters, numbers, and the '-' character.
  48. #TODO: Enhance to allow generation of semi-random publicnnames e.g., when valid but taken
  49. if user and user.username == publicname:
  50. return publicname
  51. elif publicname not in [ 'None', None, '' ]:
  52. publicname = publicname.lower()
  53. publicname = re.sub( VALID_PUBLICNAME_SUB, FILL_CHAR, publicname )
  54. publicname = publicname.ljust( 4, FILL_CHAR )[:255]
  55. if not trans.sa_session.query( trans.app.model.User ).filter_by( username=publicname ).first():
  56. return publicname
  57. return ''
  58. def validate_password( trans, password, confirm ):
  59. if len( password ) < 6:
  60. return "Use a password of at least 6 characters"
  61. elif password != confirm:
  62. return "Passwords do not match"
  63. return ''