/lib/galaxy/security/validate_user_input.py

 1import re
 2
 3VALID_PUBLICNAME_RE = re.compile( "^[a-z0-9\-]+$" )
 4VALID_PUBLICNAME_SUB = re.compile( "[^a-z0-9\-]" )
 5#  Basic regular expression to check email validity.
 6VALID_EMAIL_RE = re.compile( "[^@]+@[^@]+\.[^@]+" )
 7FILL_CHAR = '-'
 8
 9def validate_email( trans, email, user=None, check_dup=True ):
10    """
11    Validates the email format, also checks whether the domain is blacklisted in the disposable domains configuration.
12    """
13    message = ''
14    if user and user.email == email:
15        return message
16    if not( VALID_EMAIL_RE.match( email ) ):
17        message = "Please enter your real email address."
18    elif len( email ) > 255:
19        message = "Email address exceeds maximum allowable length."
20    elif check_dup and trans.sa_session.query( trans.app.model.User ).filter_by( email=email ).first():
21        message = "User with that email already exists."
22    #  If the blacklist is not empty filter out the disposable domains.
23    elif trans.app.config.blacklist_content is not None:
24        if email.split('@')[1] in trans.app.config.blacklist_content:
25            message = "Please enter your permanent email address."
26    return message
27
28def validate_publicname( trans, publicname, user=None ):
29    # User names must be at least four characters in length and contain only lower-case
30    # letters, numbers, and the '-' character.
31    if publicname in [ 'None', None, '' ]:
32        return ''
33    if user and user.username == publicname:
34        return ''
35    if trans.webapp.name == 'tool_shed':
36        if len( publicname ) < 3:
37            return "Public name must be at least 3 characters in length"
38    else:
39        if len( publicname ) < 4:
40            return "Public name must be at least 4 characters in length"
41    if len( publicname ) > 255:
42        return "Public name cannot be more than 255 characters in length"
43    if not( VALID_PUBLICNAME_RE.match( publicname ) ):
44        return "Public name must contain only lower-case letters, numbers and '-'"
45    if trans.sa_session.query( trans.app.model.User ).filter_by( username=publicname ).first():
46        return "Public name is taken; please choose another"
47    return ''
48
49def transform_publicname( trans, publicname, user=None ):
50    # User names must be at least four characters in length and contain only lower-case
51    # letters, numbers, and the '-' character.
52    #TODO: Enhance to allow generation of semi-random publicnnames e.g., when valid but taken
53    if user and user.username == publicname:
54        return publicname
55    elif publicname not in [ 'None', None, '' ]:
56        publicname = publicname.lower()
57        publicname = re.sub( VALID_PUBLICNAME_SUB, FILL_CHAR, publicname )
58        publicname = publicname.ljust( 4, FILL_CHAR )[:255]
59        if not trans.sa_session.query( trans.app.model.User ).filter_by( username=publicname ).first():
60            return publicname
61    return ''
62
63def validate_password( trans, password, confirm ):
64    if len( password ) < 6:
65        return "Use a password of at least 6 characters"
66    elif password != confirm:
67        return "Passwords do not match"
68    return ''