diff --git a/lib/galaxy/files/__init__.py b/lib/galaxy/files/__init__.py index eb3542982883..b13b2e1db8c8 100644 --- a/lib/galaxy/files/__init__.py +++ b/lib/galaxy/files/__init__.py @@ -476,4 +476,4 @@ def file_sources(self): @property def anonymous(self) -> bool: - return bool(self._kwd.get("username")) + return not bool(self._kwd.get("username")) diff --git a/lib/galaxy/managers/jobs.py b/lib/galaxy/managers/jobs.py index cd91861a7408..c21da2883615 100644 --- a/lib/galaxy/managers/jobs.py +++ b/lib/galaxy/managers/jobs.py @@ -8,7 +8,6 @@ cast, Dict, List, - Optional, ) import sqlalchemy @@ -33,6 +32,7 @@ ItemAccessibilityException, ObjectNotFound, RequestParameterInvalidException, + RequestParameterMissingException, ) from galaxy.job_metrics import ( RawMetric, @@ -108,9 +108,7 @@ def __init__(self, app: StructuredApp): self.app = app self.dataset_manager = DatasetManager(app) - def index_query( - self, trans: ProvidesUserContext, payload: JobIndexQueryPayload - ) -> Optional[sqlalchemy.engine.ScalarResult]: + def index_query(self, trans: ProvidesUserContext, payload: JobIndexQueryPayload) -> sqlalchemy.engine.ScalarResult: """The caller is responsible for security checks on the resulting job if history_id, invocation_id, or implicit_collection_jobs_id is set. Otherwise this will only return the user's jobs or all jobs if the requesting @@ -126,13 +124,6 @@ def index_query( search = payload.search order_by = payload.order_by - if trans.user is None: - # If the user is anonymous we can only return jobs for the current session history - if trans.galaxy_session and trans.galaxy_session.current_history_id: - history_id = trans.galaxy_session.current_history_id - else: - return None - def build_and_apply_filters(stmt, objects, filter_func): if objects is not None: if isinstance(objects, (str, date, datetime)): @@ -219,9 +210,14 @@ def add_search_criteria(stmt): if user_details: stmt = stmt.outerjoin(Job.user) else: - if history_id is None and invocation_id is None and implicit_collection_jobs_id is None and trans.user: - stmt = stmt.where(Job.user_id == trans.user.id) - # caller better check security + if history_id is None and invocation_id is None and implicit_collection_jobs_id is None: + # If we're not filtering on history, invocation or collection we filter the jobs owned by the current user + if trans.user: + stmt = stmt.where(Job.user_id == trans.user.id) + elif trans.galaxy_session: + stmt = stmt.where(Job.session_id == trans.galaxy_session.id) + else: + raise RequestParameterMissingException("A session is required to list jobs for anonymous users") stmt = build_and_apply_filters(stmt, payload.states, lambda s: model.Job.state == s) stmt = build_and_apply_filters(stmt, payload.tool_ids, lambda t: model.Job.tool_id == t) diff --git a/lib/galaxy/webapps/galaxy/services/jobs.py b/lib/galaxy/webapps/galaxy/services/jobs.py index 727497d12af8..9ecfb718b963 100644 --- a/lib/galaxy/webapps/galaxy/services/jobs.py +++ b/lib/galaxy/webapps/galaxy/services/jobs.py @@ -82,8 +82,6 @@ def index( ) jobs = self.job_manager.index_query(trans, payload) out: List[Dict[str, Any]] = [] - if jobs is None: - return out for job in jobs.yield_per(model.YIELD_PER_ROWS): # TODO: optimize if this crucial if check_security_of_jobs and not security_check(trans, job.history, check_accessible=True):