Skip to content

Minor code hardening and template cleanups #1633

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
davmlaw wants to merge 1 commit into from
Closed

Minor code hardening and template cleanups #1633

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 3 additions & 21 deletions library/django_utils/django_secret_key.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,31 +1,13 @@
import os
import random
from base64 import urlsafe_b64encode as b64encode

random.seed()


def generate_key(max_length, seed_length):
"""
Generate a Base64-encoded 'random' key by hashing the data.
data is a tuple of seeding values. Pass arbitrary encoder and
digester for specific hashing and formatting of keys

From: https://gist.github.com/airtonix/6204802

"""
PATTERN = "%%0%dX"
JUNK_LEN = 1024
junk = (PATTERN % (JUNK_LEN * 2)) % random.getrandbits(JUNK_LEN * seed_length)
key = str(junk).encode()
return b64encode(key)[:max_length]
from django.core.management.utils import get_random_secret_key


def get_or_create_django_secret_key(key_dir):
key_filename = os.path.join(key_dir, "django_secret_key.txt")
if not os.path.exists(key_filename):
secret_key = generate_key(50, 128)
with open(key_filename, "wb") as f:
secret_key = get_random_secret_key()
with open(key_filename, "w", encoding="utf-8") as f:
f.write(secret_key)
else:
with open(key_filename, encoding="utf-8") as f:
Expand Down
10 changes: 4 additions & 6 deletions library/utils/html_utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
import re
import uuid
from html import escape
from typing import Optional

from bs4 import BeautifulSoup
from django.utils.safestring import SafeString
from django.utils.html import format_html


def html_id_safe(text: str) -> str:
Expand Down Expand Up @@ -86,10 +85,9 @@ def __init__(self, icon: str, tooltip: Optional[str] = None):
self.tooltip = tooltip

def __str__(self):
title = ""
if tooltip := self.tooltip:
title = f'title="{escape(tooltip)}"'
return SafeString(f'<i class="{escape(self.icon)}" {title}></i>')
if self.tooltip:
return format_html('<i class="{}" title="{}"></i>', self.icon, self.tooltip)
return format_html('<i class="{}"></i>', self.icon)

def as_json(self) -> dict:
return {
Expand Down
5 changes: 3 additions & 2 deletions oidc_auth/backend.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -166,8 +166,9 @@ def create_or_update(self, user: User, claims):
added_groups = groups.difference(django_groups)

for removed_group in removed_groups:
group = Group.objects.get(name=removed_group)
user.groups.remove(group)
# Group may have been deleted out-of-band between logins - skip if gone
if group := Group.objects.filter(name=removed_group).first():
user.groups.remove(group)

for added_group in added_groups:
# note that we trust the OIDC connector as it can already make admins
Expand Down
3 changes: 2 additions & 1 deletion ontology/views_rest.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,8 @@ class SearchMondoText(APIView):
)
def get(self, request, **kwargs) -> Response:

search_term = request.GET.get('search_term') or ''
# Cap the length of free text forwarded to the external Monarch search API
search_term = (request.GET.get('search_term') or '')[:200]
gene_symbol = request.GET.get('gene_symbol')

selected = [term.strip() for term in (request.GET.get('selected') or '').split(",") if term.strip()]
Expand Down
4 changes: 2 additions & 2 deletions variantopedia/templates/variantopedia/variant_details.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -410,14 +410,14 @@
error: function() {
console.log("Error retrieving allele");
// Can't retrieve, just show basics
let variantString = "{{ variant|safe }}";
let variantString = "{{ variant|escapejs }}";
let linkData = {variant_string: variantString, variant_coordinate: variantString};
populateVariantAllele({link_data: linkData});
}
});
}

handlePubMedLinks("{{ variant_annotation.pubmed|default_if_none:''|safe }}");
handlePubMedLinks("{{ variant_annotation.pubmed|default_if_none:''|escapejs }}");
let dbSNP = $("#dbsnp_rs_id").text();
if (dbSNP && dbSNP !== '-') {
formatField($("#dbsnp_rs_id"), formatDBSNP);
Expand Down
Loading