rhodecode-enterprise-ce Commit - r5317:688c5949

fix(api.url): set default api.url and re-use defaults in ssh wrappers

super-admin -

r5317:688c5949 default

parent child

rhodecode/api/__init__.py

0 +1 -2

             # Copyright (C) 2011-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import itertools
             import logging
             import sys
             import fnmatch
             import decorator
-            import typing
             import venusian
             from collections import OrderedDict
             from pyramid.exceptions import ConfigurationError
             from pyramid.renderers import render
             from pyramid.response import Response
             from pyramid.httpexceptions import HTTPNotFound
             from rhodecode.api.exc import (
                 JSONRPCBaseError, JSONRPCError, JSONRPCForbidden, JSONRPCValidationError)
             from rhodecode.apps._base import TemplateArgs
             from rhodecode.lib.auth import AuthUser
             from rhodecode.lib.base import get_ip_addr, attach_context_attributes
             from rhodecode.lib.exc_tracking import store_exception
             from rhodecode.lib import ext_json
             from rhodecode.lib.utils2 import safe_str
             from rhodecode.lib.plugins.utils import get_plugin_settings
             from rhodecode.model.db import User, UserApiKeys
             log = logging.getLogger(__name__)
             DEFAULT_RENDERER = 'jsonrpc_renderer'
-            DEFAULT_URL = '/_admin/apiv2'
+            DEFAULT_URL = '/_admin/api'
             SERVICE_API_IDENTIFIER = 'service_'
             def find_methods(jsonrpc_methods, pattern):
                 matches = OrderedDict()
                 if not isinstance(pattern, (list, tuple)):
                     pattern = [pattern]
                 for single_pattern in pattern:
                     for method_name, method in filter(
                             lambda x: not x[0].startswith(SERVICE_API_IDENTIFIER), jsonrpc_methods.items()
                     ):
                         if fnmatch.fnmatch(method_name, single_pattern):
                             matches[method_name] = method
                 return matches
             class ExtJsonRenderer(object):
                 """
                 Custom renderer that makes use of our ext_json lib
                 """
                 def __init__(self):
                     self.serializer = ext_json.formatted_json
                 def __call__(self, info):
                     """ Returns a plain JSON-encoded string with content-type
                     ``application/json``. The content-type may be overridden by
                     setting ``request.response.content_type``."""
                     def _render(value, system):
                         request = system.get('request')
                         if request is not None:
                             response = request.response
                             ct = response.content_type
                             if ct == response.default_content_type:
                                 response.content_type = 'application/json'
                         return self.serializer(value)
                     return _render
             def jsonrpc_response(request, result):
                 rpc_id = getattr(request, 'rpc_id', None)
                 ret_value = ''
                 if rpc_id:
                     ret_value = {'id': rpc_id, 'result': result, 'error': None}
                     # fetch deprecation warnings, and store it inside results
                     deprecation = getattr(request, 'rpc_deprecation', None)
                     if deprecation:
                         ret_value['DEPRECATION_WARNING'] = deprecation
                 raw_body = render(DEFAULT_RENDERER, ret_value, request=request)
                 content_type = 'application/json'
                 content_type_header = 'Content-Type'
                 headers = {
                     content_type_header: content_type
                 }
                 return Response(
                     body=raw_body,
                     content_type=content_type,
                     headerlist=[(k, v) for k, v in headers.items()]
                 )
             def jsonrpc_error(request, message, retid=None, code: int | None = None, headers: dict | None = None):
                 """
                 Generate a Response object with a JSON-RPC error body
                 """
                 headers = headers or {}
                 content_type = 'application/json'
                 content_type_header = 'Content-Type'
                 if content_type_header not in headers:
                     headers[content_type_header] = content_type
                 err_dict = {'id': retid, 'result': None, 'error': message}
                 raw_body = render(DEFAULT_RENDERER, err_dict, request=request)
                 return Response(
                     body=raw_body,
                     status=code,
                     content_type=content_type,
                     headerlist=[(k, v) for k, v in headers.items()]
                 )
             def exception_view(exc, request):
                 rpc_id = getattr(request, 'rpc_id', None)
                 if isinstance(exc, JSONRPCError):
                     fault_message = safe_str(exc)
                     log.debug('json-rpc error rpc_id:%s "%s"', rpc_id, fault_message)
                 elif isinstance(exc, JSONRPCValidationError):
                     colander_exc = exc.colander_exception
                     # TODO(marcink): think maybe of nicer way to serialize errors ?
                     fault_message = colander_exc.asdict()
                     log.debug('json-rpc colander error rpc_id:%s "%s"', rpc_id, fault_message)
                 elif isinstance(exc, JSONRPCForbidden):
                     fault_message = 'Access was denied to this resource.'
                     log.warning('json-rpc forbidden call rpc_id:%s "%s"', rpc_id, fault_message)
                 elif isinstance(exc, HTTPNotFound):
                     method = request.rpc_method
                     log.debug('json-rpc method `%s` not found in list of '
                               'api calls: %s, rpc_id:%s',
                               method, list(request.registry.jsonrpc_methods.keys()), rpc_id)
                     similar = 'none'
                     try:
                         similar_paterns = [f'*{x}*' for x in method.split('_')]
                         similar_found = find_methods(
                             request.registry.jsonrpc_methods, similar_paterns)
                         similar = ', '.join(similar_found.keys()) or similar
                     except Exception:
                         # make the whole above block safe
                         pass
                     fault_message = f"No such method: {method}. Similar methods: {similar}"
                 else:
                     fault_message = 'undefined error'
                     exc_info = exc.exc_info()
                     store_exception(id(exc_info), exc_info, prefix='rhodecode-api')
                     statsd = request.registry.statsd
                     if statsd:
                         exc_type = f"{exc.__class__.__module__}.{exc.__class__.__name__}"
                         statsd.incr('rhodecode_exception_total',
                                     tags=["exc_source:api", f"type:{exc_type}"])
                 return jsonrpc_error(request, fault_message, rpc_id)
             def request_view(request):
                 """
                 Main request handling method. It handles all logic to call a specific
                 exposed method
                 """
                 # cython compatible inspect
                 from rhodecode.config.patches import inspect_getargspec
                 inspect = inspect_getargspec()
                 # check if we can find this session using api_key, get_by_auth_token
                 # search not expired tokens only
                 try:
                     if not request.rpc_method.startswith(SERVICE_API_IDENTIFIER):
                         api_user = User.get_by_auth_token(request.rpc_api_key)
                         if api_user is None:
                             return jsonrpc_error(
                                 request, retid=request.rpc_id, message='Invalid API KEY')
                         if not api_user.active:
                             return jsonrpc_error(
                                 request, retid=request.rpc_id,
                                 message='Request from this user not allowed')
                         # check if we are allowed to use this IP
                         auth_u = AuthUser(
                             api_user.user_id, request.rpc_api_key, ip_addr=request.rpc_ip_addr)
                         if not auth_u.ip_allowed:
                             return jsonrpc_error(
                                 request, retid=request.rpc_id,
                                 message='Request from IP:{} not allowed'.format(
                                     request.rpc_ip_addr))
                         else:
                             log.info('Access for IP:%s allowed', request.rpc_ip_addr)
                         # register our auth-user
                         request.rpc_user = auth_u
                         request.environ['rc_auth_user_id'] = str(auth_u.user_id)
                         # now check if token is valid for API
                         auth_token = request.rpc_api_key
                         token_match = api_user.authenticate_by_token(
                             auth_token, roles=[UserApiKeys.ROLE_API])
                         invalid_token = not token_match
                         log.debug('Checking if API KEY is valid with proper role')
                         if invalid_token:
                             return jsonrpc_error(
                                 request, retid=request.rpc_id,
                                 message='API KEY invalid or, has bad role for an API call')
                     else:
                         auth_u = 'service'
                         if request.rpc_api_key != request.registry.settings['app.service_api.token']:
                             raise Exception("Provided service secret is not recognized!")
                 except Exception:
                     log.exception('Error on API AUTH')
                     return jsonrpc_error(
                         request, retid=request.rpc_id, message='Invalid API KEY')
                 method = request.rpc_method
                 func = request.registry.jsonrpc_methods[method]
                 # now that we have a method, add request._req_params to
                 # self.kargs and dispatch control to WGIController
                 argspec = inspect.getargspec(func)
                 arglist = argspec[0]
                 defs = argspec[3] or []
                 defaults = [type(a) for a in defs]
                 default_empty = type(NotImplemented)
                 # kw arguments required by this method
                 func_kwargs = dict(itertools.zip_longest(
                     reversed(arglist), reversed(defaults), fillvalue=default_empty))
                 # This attribute will need to be first param of a method that uses
                 # api_key, which is translated to instance of user at that name
                 user_var = 'apiuser'
                 request_var = 'request'
                 for arg in [user_var, request_var]:
                     if arg not in arglist:
                         return jsonrpc_error(
                             request,
                             retid=request.rpc_id,
                             message='This method [%s] does not support '
                                     'required parameter `%s`' % (func.__name__, arg))
                 # get our arglist and check if we provided them as args
                 for arg, default in func_kwargs.items():
                     if arg in [user_var, request_var]:
                         # user_var and request_var are pre-hardcoded parameters and we
                         # don't need to do any translation
                         continue
                     # skip the required param check if it's default value is
                     # NotImplementedType (default_empty)
                     if default == default_empty and arg not in request.rpc_params:
                         return jsonrpc_error(
                             request,
                             retid=request.rpc_id,
                             message=('Missing non optional `%s` arg in JSON DATA' % arg)
                         )
                 # sanitize extra passed arguments
                 for k in list(request.rpc_params.keys()):
                     if k not in func_kwargs:
                         del request.rpc_params[k]
                 call_params = request.rpc_params
                 call_params.update({
                     'request': request,
                     'apiuser': auth_u
                 })
                 # register some common functions for usage
                 rpc_user = request.rpc_user.user_id if hasattr(request, 'rpc_user') else None
                 attach_context_attributes(TemplateArgs(), request, rpc_user)
                 statsd = request.registry.statsd
                 try:
                     ret_value = func(**call_params)
                     resp = jsonrpc_response(request, ret_value)
                     if statsd:
                         statsd.incr('rhodecode_api_call_success_total')
                     return resp
                 except JSONRPCBaseError:
                     raise
                 except Exception:
                     log.exception('Unhandled exception occurred on api call: %s', func)
                     exc_info = sys.exc_info()
                     exc_id, exc_type_name = store_exception(
                         id(exc_info), exc_info, prefix='rhodecode-api')
                     error_headers = {
                         'RhodeCode-Exception-Id': str(exc_id),
                         'RhodeCode-Exception-Type': str(exc_type_name)
                     }
                     err_resp = jsonrpc_error(
                         request, retid=request.rpc_id, message='Internal server error',
                         headers=error_headers)
                     if statsd:
                         statsd.incr('rhodecode_api_call_fail_total')
                     return err_resp
             def setup_request(request):
                 """
                 Parse a JSON-RPC request body. It's used inside the predicates method
                 to validate and bootstrap requests for usage in rpc calls.
                 We need to raise JSONRPCError here if we want to return some errors back to
                 user.
                 """
                 log.debug('Executing setup request: %r', request)
                 request.rpc_ip_addr = get_ip_addr(request.environ)
                 # TODO(marcink): deprecate GET at some point
                 if request.method not in ['POST', 'GET']:
                     log.debug('unsupported request method "%s"', request.method)
                     raise JSONRPCError(
                         'unsupported request method "%s". Please use POST' % request.method)
                 if 'CONTENT_LENGTH' not in request.environ:
                     log.debug("No Content-Length")
                     raise JSONRPCError("Empty body, No Content-Length in request")
                 else:
                     length = request.environ['CONTENT_LENGTH']
                     log.debug('Content-Length: %s', length)
                     if length == 0:
                         log.debug("Content-Length is 0")
                         raise JSONRPCError("Content-Length is 0")
                 raw_body = request.body
                 log.debug("Loading JSON body now")
                 try:
                     json_body = ext_json.json.loads(raw_body)
                 except ValueError as e:
                     # catch JSON errors Here
                     raise JSONRPCError(f"JSON parse error ERR:{e} RAW:{raw_body!r}")
                 request.rpc_id = json_body.get('id')
                 request.rpc_method = json_body.get('method')
                 # check required base parameters
                 try:
                     api_key = json_body.get('api_key')
                     if not api_key:
                         api_key = json_body.get('auth_token')
                     if not api_key:
                         raise KeyError('api_key or auth_token')
                     # TODO(marcink): support passing in token in request header
                     request.rpc_api_key = api_key
                     request.rpc_id = json_body['id']
                     request.rpc_method = json_body['method']
                     request.rpc_params = json_body['args'] \
                         if isinstance(json_body['args'], dict) else {}
                     log.debug('method: %s, params: %.10240r', request.rpc_method, request.rpc_params)
                 except KeyError as e:
                     raise JSONRPCError(f'Incorrect JSON data. Missing {e}')
                 log.debug('setup complete, now handling method:%s rpcid:%s',
                           request.rpc_method, request.rpc_id, )
             class RoutePredicate(object):
                 def __init__(self, val, config):
                     self.val = val
                 def text(self):
                     return f'jsonrpc route = {self.val}'
                 phash = text
                 def __call__(self, info, request):
                     if self.val:
                         # potentially setup and bootstrap our call
                         setup_request(request)
                         # Always return True so that even if it isn't a valid RPC it
                         # will fall through to the underlaying handlers like notfound_view
                         return True
             class NotFoundPredicate(object):
                 def __init__(self, val, config):
                     self.val = val
                     self.methods = config.registry.jsonrpc_methods
                 def text(self):
                     return f'jsonrpc method not found = {self.val}'
                 phash = text
                 def __call__(self, info, request):
                     return hasattr(request, 'rpc_method')
             class MethodPredicate(object):
                 def __init__(self, val, config):
                     self.method = val
                 def text(self):
                     return f'jsonrpc method = {self.method}'
                 phash = text
                 def __call__(self, context, request):
                     # we need to explicitly return False here, so pyramid doesn't try to
                     # execute our view directly. We need our main handler to execute things
                     return getattr(request, 'rpc_method') == self.method
             def add_jsonrpc_method(config, view, **kwargs):
                 # pop the method name
                 method = kwargs.pop('method', None)
                 if method is None:
                     raise ConfigurationError(
                         'Cannot register a JSON-RPC method without specifying the "method"')
                 # we define custom predicate, to enable to detect conflicting methods,
                 # those predicates are kind of "translation" from the decorator variables
                 # to internal predicates names
                 kwargs['jsonrpc_method'] = method
                 # register our view into global view store for validation
                 config.registry.jsonrpc_methods[method] = view
                 # we're using our main request_view handler, here, so each method
                 # has a unified handler for itself
                 config.add_view(request_view, route_name='apiv2', **kwargs)
             class jsonrpc_method(object):
                 """
                 decorator that works similar to @add_view_config decorator,
                 but tailored for our JSON RPC
                 """
                 venusian = venusian  # for testing injection
                 def __init__(self, method=None, **kwargs):
                     self.method = method
                     self.kwargs = kwargs
                 def __call__(self, wrapped):
                     kwargs = self.kwargs.copy()
                     kwargs['method'] = self.method or wrapped.__name__
                     depth = kwargs.pop('_depth', 0)
                     def callback(context, name, ob):
                         config = context.config.with_package(info.module)
                         config.add_jsonrpc_method(view=ob, **kwargs)
                     info = venusian.attach(wrapped, callback, category='pyramid',
                                            depth=depth + 1)
                     if info.scope == 'class':
                         # ensure that attr is set if decorating a class method
                         kwargs.setdefault('attr', wrapped.__name__)
                     kwargs['_info'] = info.codeinfo  # fbo action_method
                     return wrapped
             class jsonrpc_deprecated_method(object):
                 """
                 Marks method as deprecated, adds log.warning, and inject special key to
                 the request variable to mark method as deprecated.
                 Also injects special docstring that extract_docs will catch to mark
                 method as deprecated.
                 :param use_method: specify which method should be used instead of
                     the decorated one
                 Use like::
                     @jsonrpc_method()
                     @jsonrpc_deprecated_method(use_method='new_func', deprecated_at_version='3.0.0')
                     def old_func(request, apiuser, arg1, arg2):
                         ...
                 """
                 def __init__(self, use_method, deprecated_at_version):
                     self.use_method = use_method
                     self.deprecated_at_version = deprecated_at_version
                     self.deprecated_msg = ''
                 def __call__(self, func):
                     self.deprecated_msg = 'Please use method `{method}` instead.'.format(
                         method=self.use_method)
                     docstring = """\n
                     .. deprecated:: {version}
                        {deprecation_message}
                     {original_docstring}
                     """
                     func.__doc__ = docstring.format(
                         version=self.deprecated_at_version,
                         deprecation_message=self.deprecated_msg,
                         original_docstring=func.__doc__)
                     return decorator.decorator(self.__wrapper, func)
                 def __wrapper(self, func, *fargs, **fkwargs):
                     log.warning('DEPRECATED API CALL on function %s, please '
                                 'use `%s` instead', func, self.use_method)
                     # alter function docstring to mark as deprecated, this is picked up
                     # via fabric file that generates API DOC.
                     result = func(*fargs, **fkwargs)
                     request = fargs[0]
                     request.rpc_deprecation = 'DEPRECATED METHOD ' + self.deprecated_msg
                     return result
             def add_api_methods(config):
                 from rhodecode.api.views import (
                     deprecated_api, gist_api, pull_request_api, repo_api, repo_group_api,
                     server_api, search_api, testing_api, user_api, user_group_api)
                 config.scan('rhodecode.api.views')
             def includeme(config):
                 plugin_module = 'rhodecode.api'
                 plugin_settings = get_plugin_settings(
                     plugin_module, config.registry.settings)
                 if not hasattr(config.registry, 'jsonrpc_methods'):
                     config.registry.jsonrpc_methods = OrderedDict()
                 # match filter by given method only
                 config.add_view_predicate('jsonrpc_method', MethodPredicate)
                 config.add_view_predicate('jsonrpc_method_not_found', NotFoundPredicate)
                 config.add_renderer(DEFAULT_RENDERER, ExtJsonRenderer())
                 config.add_directive('add_jsonrpc_method', add_jsonrpc_method)
                 config.add_route_predicate(
                     'jsonrpc_call', RoutePredicate)
                 config.add_route(
                     'apiv2', plugin_settings.get('url', DEFAULT_URL), jsonrpc_call=True)
                 # register some exception handling view
                 config.add_view(exception_view, context=JSONRPCBaseError)
                 config.add_notfound_view(exception_view, jsonrpc_method_not_found=True)
                 add_api_methods(config)

rhodecode/config/middleware.py

0 +2 -2

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import sys
             import collections
             import tempfile
             import time
             import logging.config
             from paste.gzipper import make_gzip_middleware
             import pyramid.events
             from pyramid.wsgi import wsgiapp
-            from pyramid.authorization import ACLAuthorizationPolicy
             from pyramid.config import Configurator
             from pyramid.settings import asbool, aslist
             from pyramid.httpexceptions import (
                 HTTPException, HTTPError, HTTPInternalServerError, HTTPFound, HTTPNotFound)
             from pyramid.renderers import render_to_response
+            from rhodecode import api
             from rhodecode.model import meta
             from rhodecode.config import patches
             from rhodecode.config import utils as config_utils
             from rhodecode.config.settings_maker import SettingsMaker
             from rhodecode.config.environment import load_pyramid_environment
             import rhodecode.events
             from rhodecode.lib.middleware.vcs import VCSMiddleware
             from rhodecode.lib.request import Request
             from rhodecode.lib.vcs import VCSCommunicationError
             from rhodecode.lib.exceptions import VCSServerUnavailable
             from rhodecode.lib.middleware.appenlight import wrap_in_appenlight_if_enabled
             from rhodecode.lib.middleware.https_fixup import HttpsFixup
             from rhodecode.lib.plugins.utils import register_rhodecode_plugin
             from rhodecode.lib.utils2 import AttributeDict
             from rhodecode.lib.exc_tracking import store_exception, format_exc
             from rhodecode.subscribers import (
                 scan_repositories_if_enabled, write_js_routes_if_enabled,
                 write_metadata_if_needed, write_usage_data)
             from rhodecode.lib.statsd_client import StatsdClient
             log = logging.getLogger(__name__)
             def is_http_error(response):
                 # error which should have traceback
                 return response.status_code > 499
             def should_load_all():
                 """
                 Returns if all application components should be loaded. In some cases it's
                 desired to skip apps loading for faster shell script execution
                 """
                 ssh_cmd = os.environ.get('RC_CMD_SSH_WRAPPER')
                 if ssh_cmd:
                     return False
                 return True
             def make_pyramid_app(global_config, **settings):
                 """
                 Constructs the WSGI application based on Pyramid.
                 Specials:
                 * The application can also be integrated like a plugin via the call to
                   `includeme`. This is accompanied with the other utility functions which
                   are called. Changing this should be done with great care to not break
                   cases when these fragments are assembled from another place.
                 """
                 start_time = time.time()
                 log.info('Pyramid app config starting')
                 sanitize_settings_and_apply_defaults(global_config, settings)
                 # init and bootstrap StatsdClient
                 StatsdClient.setup(settings)
                 config = Configurator(settings=settings)
                 # Init our statsd at very start
                 config.registry.statsd = StatsdClient.statsd
                 # Apply compatibility patches
                 patches.inspect_getargspec()
                 load_pyramid_environment(global_config, settings)
                 # Static file view comes first
                 includeme_first(config)
                 includeme(config)
                 pyramid_app = config.make_wsgi_app()
                 pyramid_app = wrap_app_in_wsgi_middlewares(pyramid_app, config)
                 pyramid_app.config = config
                 celery_settings = get_celery_config(settings)
                 config.configure_celery(celery_settings)
                 # creating the app uses a connection - return it after we are done
                 meta.Session.remove()
                 total_time = time.time() - start_time
                 log.info('Pyramid app created and configured in %.2fs', total_time)
                 return pyramid_app
             def get_celery_config(settings):
                 """
                 Converts basic ini configuration into celery 4.X options
                 """
                 def key_converter(key_name):
                     pref = 'celery.'
                     if key_name.startswith(pref):
                         return key_name[len(pref):].replace('.', '_').lower()
                 def type_converter(parsed_key, value):
                     # cast to int
                     if value.isdigit():
                         return int(value)
                     # cast to bool
                     if value.lower() in ['true', 'false', 'True', 'False']:
                         return value.lower() == 'true'
                     return value
                 celery_config = {}
                 for k, v in settings.items():
                     pref = 'celery.'
                     if k.startswith(pref):
                         celery_config[key_converter(k)] = type_converter(key_converter(k), v)
                 # TODO:rethink if we want to support celerybeat based file config, probably NOT
                 # beat_config = {}
                 # for section in parser.sections():
                 #     if section.startswith('celerybeat:'):
                 #         name = section.split(':', 1)[1]
                 #         beat_config[name] = get_beat_config(parser, section)
                 # final compose of settings
                 celery_settings = {}
                 if celery_config:
                     celery_settings.update(celery_config)
                 # if beat_config:
                 #     celery_settings.update({'beat_schedule': beat_config})
                 return celery_settings
             def not_found_view(request):
                 """
                 This creates the view which should be registered as not-found-view to
                 pyramid.
                 """
                 if not getattr(request, 'vcs_call', None):
                     # handle like regular case with our error_handler
                     return error_handler(HTTPNotFound(), request)
                 # handle not found view as a vcs call
                 settings = request.registry.settings
                 ae_client = getattr(request, 'ae_client', None)
                 vcs_app = VCSMiddleware(
                     HTTPNotFound(), request.registry, settings,
                     appenlight_client=ae_client)
                 return wsgiapp(vcs_app)(None, request)
             def error_handler(exception, request):
                 import rhodecode
                 from rhodecode.lib import helpers
                 rhodecode_title = rhodecode.CONFIG.get('rhodecode_title') or 'RhodeCode'
                 base_response = HTTPInternalServerError()
                 # prefer original exception for the response since it may have headers set
                 if isinstance(exception, HTTPException):
                     base_response = exception
                 elif isinstance(exception, VCSCommunicationError):
                     base_response = VCSServerUnavailable()
                 if is_http_error(base_response):
                     traceback_info = format_exc(request.exc_info)
                     log.error(
                         'error occurred handling this request for path: %s, \n%s',
                         request.path, traceback_info)
                 error_explanation = base_response.explanation or str(base_response)
                 if base_response.status_code == 404:
                     error_explanation += " Optionally you don't have permission to access this page."
                 c = AttributeDict()
                 c.error_message = base_response.status
                 c.error_explanation = error_explanation
                 c.visual = AttributeDict()
                 c.visual.rhodecode_support_url = (
                     request.registry.settings.get('rhodecode_support_url') or
                     request.route_url('rhodecode_support')
                 )
                 c.redirect_time = 0
                 c.rhodecode_name = rhodecode_title
                 if not c.rhodecode_name:
                     c.rhodecode_name = 'Rhodecode'
                 c.causes = []
                 if is_http_error(base_response):
                     c.causes.append('Server is overloaded.')
                     c.causes.append('Server database connection is lost.')
                     c.causes.append('Server expected unhandled error.')
                 if hasattr(base_response, 'causes'):
                     c.causes = base_response.causes
                 c.messages = helpers.flash.pop_messages(request=request)
                 exc_info = sys.exc_info()
                 c.exception_id = id(exc_info)
                 c.show_exception_id = isinstance(base_response, VCSServerUnavailable) \
                                       or base_response.status_code > 499
                 c.exception_id_url = request.route_url(
                     'admin_settings_exception_tracker_show', exception_id=c.exception_id)
                 debug_mode = rhodecode.ConfigGet().get_bool('debug')
                 if c.show_exception_id:
                     store_exception(c.exception_id, exc_info)
                 c.exception_debug = debug_mode
                 c.exception_config_ini = rhodecode.CONFIG.get('__file__')
                 if debug_mode:
                     try:
                         from rich.traceback import install
                         install(show_locals=True)
                         log.debug('Installing rich tracebacks...')
                     except ImportError:
                         pass
                 response = render_to_response(
                     '/errors/error_document.mako', {'c': c, 'h': helpers}, request=request,
                     response=base_response)
                 response.headers["X-RC-Exception-Id"] = str(c.exception_id)
                 statsd = request.registry.statsd
                 if statsd and base_response.status_code > 499:
                     exc_type = f"{exception.__class__.__module__}.{exception.__class__.__name__}"
                     statsd.incr('rhodecode_exception_total',
                                 tags=["exc_source:web",
                                       f"http_code:{base_response.status_code}",
                                       f"type:{exc_type}"])
                 return response
             def includeme_first(config):
                 # redirect automatic browser favicon.ico requests to correct place
                 def favicon_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/images/favicon.ico'))
                 config.add_view(favicon_redirect, route_name='favicon')
                 config.add_route('favicon', '/favicon.ico')
                 def robots_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/robots.txt'))
                 config.add_view(robots_redirect, route_name='robots')
                 config.add_route('robots', '/robots.txt')
                 config.add_static_view(
                     '_static/deform', 'deform:static')
                 config.add_static_view(
                     '_static/rhodecode', path='rhodecode:public', cache_max_age=3600 * 24)
             ce_auth_resources = [
                 'rhodecode.authentication.plugins.auth_crowd',
                 'rhodecode.authentication.plugins.auth_headers',
                 'rhodecode.authentication.plugins.auth_jasig_cas',
                 'rhodecode.authentication.plugins.auth_ldap',
                 'rhodecode.authentication.plugins.auth_pam',
                 'rhodecode.authentication.plugins.auth_rhodecode',
                 'rhodecode.authentication.plugins.auth_token',
             ]
             def includeme(config, auth_resources=None):
                 from rhodecode.lib.celerylib.loader import configure_celery
                 log.debug('Initializing main includeme from %s', os.path.basename(__file__))
                 settings = config.registry.settings
                 config.set_request_factory(Request)
                 # plugin information
                 config.registry.rhodecode_plugins = collections.OrderedDict()
                 config.add_directive(
                     'register_rhodecode_plugin', register_rhodecode_plugin)
                 config.add_directive('configure_celery', configure_celery)
                 if settings.get('appenlight', False):
                     config.include('appenlight_client.ext.pyramid_tween')
                 load_all = should_load_all()
                 # Includes which are required. The application would fail without them.
                 config.include('pyramid_mako')
                 config.include('rhodecode.lib.rc_beaker')
                 config.include('rhodecode.lib.rc_cache')
                 config.include('rhodecode.lib.rc_cache.archive_cache')
                 config.include('rhodecode.apps._base.navigation')
                 config.include('rhodecode.apps._base.subscribers')
                 config.include('rhodecode.tweens')
                 config.include('rhodecode.authentication')
                 if load_all:
                     # load CE authentication plugins
                     if auth_resources:
                         ce_auth_resources.extend(auth_resources)
                     for resource in ce_auth_resources:
                         config.include(resource)
                     # Auto discover authentication plugins and include their configuration.
                     if asbool(settings.get('auth_plugin.import_legacy_plugins', 'true')):
                         from rhodecode.authentication import discover_legacy_plugins
                         discover_legacy_plugins(config)
                 # apps
                 if load_all:
                     log.debug('Starting config.include() calls')
                     config.include('rhodecode.api.includeme')
                     config.include('rhodecode.apps._base.includeme')
                     config.include('rhodecode.apps._base.navigation.includeme')
                     config.include('rhodecode.apps._base.subscribers.includeme')
                     config.include('rhodecode.apps.hovercards.includeme')
                     config.include('rhodecode.apps.ops.includeme')
                     config.include('rhodecode.apps.channelstream.includeme')
                     config.include('rhodecode.apps.file_store.includeme')
                     config.include('rhodecode.apps.admin.includeme')
                     config.include('rhodecode.apps.login.includeme')
                     config.include('rhodecode.apps.home.includeme')
                     config.include('rhodecode.apps.journal.includeme')
                     config.include('rhodecode.apps.repository.includeme')
                     config.include('rhodecode.apps.repo_group.includeme')
                     config.include('rhodecode.apps.user_group.includeme')
                     config.include('rhodecode.apps.search.includeme')
                     config.include('rhodecode.apps.user_profile.includeme')
                     config.include('rhodecode.apps.user_group_profile.includeme')
                     config.include('rhodecode.apps.my_account.includeme')
                     config.include('rhodecode.apps.gist.includeme')
                     config.include('rhodecode.apps.svn_support.includeme')
                     config.include('rhodecode.apps.ssh_support.includeme')
                     config.include('rhodecode.apps.debug_style')
                 if load_all:
                     config.include('rhodecode.integrations.includeme')
                     config.include('rhodecode.integrations.routes.includeme')
                 config.add_route('rhodecode_support', 'https://rhodecode.com/help/', static=True)
                 settings['default_locale_name'] = settings.get('lang', 'en')
                 config.add_translation_dirs('rhodecode:i18n/')
                 # Add subscribers.
                 if load_all:
                     log.debug('Adding subscribers...')
                     config.add_subscriber(scan_repositories_if_enabled,
                                           pyramid.events.ApplicationCreated)
                     config.add_subscriber(write_metadata_if_needed,
                                           pyramid.events.ApplicationCreated)
                     config.add_subscriber(write_usage_data,
                                           pyramid.events.ApplicationCreated)
                     config.add_subscriber(write_js_routes_if_enabled,
                                           pyramid.events.ApplicationCreated)
                 # Set the default renderer for HTML templates to mako.
                 config.add_mako_renderer('.html')
                 config.add_renderer(
                     name='json_ext',
                     factory='rhodecode.lib.ext_json_renderer.pyramid_ext_json')
                 config.add_renderer(
                     name='string_html',
                     factory='rhodecode.lib.string_renderer.html')
                 # include RhodeCode plugins
                 includes = aslist(settings.get('rhodecode.includes', []))
                 log.debug('processing rhodecode.includes data...')
                 for inc in includes:
                     config.include(inc)
                 # custom not found view, if our pyramid app doesn't know how to handle
                 # the request pass it to potential VCS handling ap
                 config.add_notfound_view(not_found_view)
                 if not settings.get('debugtoolbar.enabled', False):
                     # disabled debugtoolbar handle all exceptions via the error_handlers
                     config.add_view(error_handler, context=Exception)
                 # all errors including 403/404/50X
                 config.add_view(error_handler, context=HTTPError)
             def wrap_app_in_wsgi_middlewares(pyramid_app, config):
                 """
                 Apply outer WSGI middlewares around the application.
                 """
                 registry = config.registry
                 settings = registry.settings
                 # enable https redirects based on HTTP_X_URL_SCHEME set by proxy
                 pyramid_app = HttpsFixup(pyramid_app, settings)
                 pyramid_app, _ae_client = wrap_in_appenlight_if_enabled(
                     pyramid_app, settings)
                 registry.ae_client = _ae_client
                 if settings['gzip_responses']:
                     pyramid_app = make_gzip_middleware(
                         pyramid_app, settings, compress_level=1)
                 # this should be the outer most middleware in the wsgi stack since
                 # middleware like Routes make database calls
                 def pyramid_app_with_cleanup(environ, start_response):
                     start = time.time()
                     try:
                         return pyramid_app(environ, start_response)
                     finally:
                         # Dispose current database session and rollback uncommitted
                         # transactions.
                         meta.Session.remove()
                         # In a single threaded mode server, on non sqlite db we should have
                         # '0 Current Checked out connections' at the end of a request,
                         # if not, then something, somewhere is leaving a connection open
                         pool = meta.get_engine().pool
                         log.debug('sa pool status: %s', pool.status())
                         total = time.time() - start
                         log.debug('Request processing finalized: %.4fs', total)
                 return pyramid_app_with_cleanup
             def sanitize_settings_and_apply_defaults(global_config, settings):
                 """
                 Applies settings defaults and does all type conversion.
                 We would move all settings parsing and preparation into this place, so that
                 we have only one place left which deals with this part. The remaining parts
                 of the application would start to rely fully on well prepared settings.
                 This piece would later be split up per topic to avoid a big fat monster
                 function.
                 """
                 jn = os.path.join
                 global_settings_maker = SettingsMaker(global_config)
                 global_settings_maker.make_setting('debug', default=False, parser='bool')
                 debug_enabled = asbool(global_config.get('debug'))
                 settings_maker = SettingsMaker(settings)
                 settings_maker.make_setting(
                     'logging.autoconfigure',
                     default=False,
                     parser='bool')
                 logging_conf = jn(os.path.dirname(global_config.get('__file__')), 'logging.ini')
                 settings_maker.enable_logging(logging_conf, level='INFO' if debug_enabled else 'DEBUG')
                 # Default includes, possible to change as a user
                 pyramid_includes = settings_maker.make_setting('pyramid.includes', [], parser='list:newline')
                 log.debug(
                     "Using the following pyramid.includes: %s",
                     pyramid_includes)
                 settings_maker.make_setting('rhodecode.edition', 'Community Edition')
                 settings_maker.make_setting('rhodecode.edition_id', 'CE')
                 if 'mako.default_filters' not in settings:
                     # set custom default filters if we don't have it defined
                     settings['mako.imports'] = 'from rhodecode.lib.base import h_filter'
                     settings['mako.default_filters'] = 'h_filter'
                 if 'mako.directories' not in settings:
                     mako_directories = settings.setdefault('mako.directories', [
                         # Base templates of the original application
                         'rhodecode:templates',
                     ])
                     log.debug(
                         "Using the following Mako template directories: %s",
                         mako_directories)
                 # NOTE(marcink): fix redis requirement for schema of connection since 3.X
                 if 'beaker.session.type' in settings and settings['beaker.session.type'] == 'ext:redis':
                     raw_url = settings['beaker.session.url']
                     if not raw_url.startswith(('redis://', 'rediss://', 'unix://')):
                         settings['beaker.session.url'] = 'redis://' + raw_url
                 settings_maker.make_setting('__file__', global_config.get('__file__'))
                 # TODO: johbo: Re-think this, usually the call to config.include
                 # should allow to pass in a prefix.
-                settings_maker.make_setting('rhodecode.api.url', '/_admin/api')
+                settings_maker.make_setting('rhodecode.api.url', api.DEFAULT_URL)
                 # Sanitize generic settings.
                 settings_maker.make_setting('default_encoding', 'UTF-8', parser='list')
                 settings_maker.make_setting('is_test', False, parser='bool')
                 settings_maker.make_setting('gzip_responses', False, parser='bool')
                 # statsd
                 settings_maker.make_setting('statsd.enabled', False, parser='bool')
                 settings_maker.make_setting('statsd.statsd_host', 'statsd-exporter', parser='string')
                 settings_maker.make_setting('statsd.statsd_port', 9125, parser='int')
                 settings_maker.make_setting('statsd.statsd_prefix', '')
                 settings_maker.make_setting('statsd.statsd_ipv6', False, parser='bool')
                 settings_maker.make_setting('vcs.svn.compatible_version', '')
                 settings_maker.make_setting('vcs.hooks.protocol', 'http')
                 settings_maker.make_setting('vcs.hooks.host', '*')
                 settings_maker.make_setting('vcs.scm_app_implementation', 'http')
                 settings_maker.make_setting('vcs.server', '')
                 settings_maker.make_setting('vcs.server.protocol', 'http')
                 settings_maker.make_setting('vcs.server.enable', 'true', parser='bool')
                 settings_maker.make_setting('startup.import_repos', 'false', parser='bool')
                 settings_maker.make_setting('vcs.hooks.direct_calls', 'false', parser='bool')
                 settings_maker.make_setting('vcs.start_server', 'false', parser='bool')
                 settings_maker.make_setting('vcs.backends', 'hg, git, svn', parser='list')
                 settings_maker.make_setting('vcs.connection_timeout', 3600, parser='int')
                 settings_maker.make_setting('vcs.methods.cache', True, parser='bool')
                 # Support legacy values of vcs.scm_app_implementation. Legacy
                 # configurations may use 'rhodecode.lib.middleware.utils.scm_app_http', or
                 # disabled since 4.13 'vcsserver.scm_app' which is now mapped to 'http'.
                 scm_app_impl = settings['vcs.scm_app_implementation']
                 if scm_app_impl in ['rhodecode.lib.middleware.utils.scm_app_http', 'vcsserver.scm_app']:
                     settings['vcs.scm_app_implementation'] = 'http'
                 settings_maker.make_setting('appenlight', False, parser='bool')
                 temp_store = tempfile.gettempdir()
                 tmp_cache_dir = jn(temp_store, 'rc_cache')
                 # save default, cache dir, and use it for all backends later.
                 default_cache_dir = settings_maker.make_setting(
                     'cache_dir',
                     default=tmp_cache_dir, default_when_empty=True,
                     parser='dir:ensured')
                 # exception store cache
                 settings_maker.make_setting(
                     'exception_tracker.store_path',
                     default=jn(default_cache_dir, 'exc_store'), default_when_empty=True,
                     parser='dir:ensured'
                 )
                 settings_maker.make_setting(
                     'celerybeat-schedule.path',
                     default=jn(default_cache_dir, 'celerybeat_schedule', 'celerybeat-schedule.db'), default_when_empty=True,
                     parser='file:ensured'
                 )
                 settings_maker.make_setting('exception_tracker.send_email', False, parser='bool')
                 settings_maker.make_setting('exception_tracker.email_prefix', '[RHODECODE ERROR]', default_when_empty=True)
                 # sessions, ensure file since no-value is memory
                 settings_maker.make_setting('beaker.session.type', 'file')
                 settings_maker.make_setting('beaker.session.data_dir',  jn(default_cache_dir, 'session_data'))
                 # cache_general
                 settings_maker.make_setting('rc_cache.cache_general.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_general.expiration_time', 60 * 60 * 12, parser='int')
                 settings_maker.make_setting('rc_cache.cache_general.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_general.db'))
                 # cache_perms
                 settings_maker.make_setting('rc_cache.cache_perms.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_perms.expiration_time', 60 * 60, parser='int')
                 settings_maker.make_setting('rc_cache.cache_perms.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_perms_db'))
                 # cache_repo
                 settings_maker.make_setting('rc_cache.cache_repo.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_repo.expiration_time', 60 * 60 * 24 * 30, parser='int')
                 settings_maker.make_setting('rc_cache.cache_repo.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_repo_db'))
                 # cache_license
                 settings_maker.make_setting('rc_cache.cache_license.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_license.expiration_time', 60 * 5, parser='int')
                 settings_maker.make_setting('rc_cache.cache_license.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_license_db'))
                 # cache_repo_longterm memory, 96H
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.backend', 'dogpile.cache.rc.memory_lru')
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.expiration_time', 345600, parser='int')
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.max_size', 10000, parser='int')
                 # sql_cache_short
                 settings_maker.make_setting('rc_cache.sql_cache_short.backend', 'dogpile.cache.rc.memory_lru')
                 settings_maker.make_setting('rc_cache.sql_cache_short.expiration_time', 30, parser='int')
                 settings_maker.make_setting('rc_cache.sql_cache_short.max_size', 10000, parser='int')
                 # archive_cache
                 settings_maker.make_setting('archive_cache.store_dir', jn(default_cache_dir, 'archive_cache'), default_when_empty=True,)
                 settings_maker.make_setting('archive_cache.cache_size_gb', 10, parser='float')
                 settings_maker.make_setting('archive_cache.cache_shards', 10, parser='int')
                 settings_maker.env_expand()
                 # configure instance id
                 config_utils.set_instance_id(settings)
                 return settings

rhodecode/lib/utils.py

0 +7 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Utilities library for RhodeCode
             """
             import datetime
             import decorator
             import logging
             import os
             import re
             import sys
             import shutil
             import socket
             import tempfile
             import traceback
             import tarfile
             import warnings
             from functools import wraps
             from os.path import join as jn
             from configparser import NoOptionError
             import paste
             import pkg_resources
             from webhelpers2.text import collapse, strip_tags, convert_accented_entities, convert_misc_entities
             from mako import exceptions
             from rhodecode.lib.hash_utils import sha256_safe, md5, sha1
             from rhodecode.lib.type_utils import AttributeDict
             from rhodecode.lib.str_utils import safe_bytes, safe_str
             from rhodecode.lib.vcs.backends.base import Config
             from rhodecode.lib.vcs.exceptions import VCSError
             from rhodecode.lib.vcs.utils.helpers import get_scm, get_scm_backend
             from rhodecode.lib.ext_json import sjson as json
             from rhodecode.model import meta
             from rhodecode.model.db import (
                 Repository, User, RhodeCodeUi, UserLog, RepoGroup, UserGroup)
             from rhodecode.model.meta import Session
             from rhodecode.lib.pyramid_utils import get_config
             from rhodecode.lib.vcs import CurlSession
             from rhodecode.lib.vcs.exceptions import ImproperlyConfiguredError
             log = logging.getLogger(__name__)
             REMOVED_REPO_PAT = re.compile(r'rm__\d{8}_\d{6}_\d{6}__.*')
             # String which contains characters that are not allowed in slug names for
             # repositories or repository groups. It is properly escaped to use it in
             # regular expressions.
             SLUG_BAD_CHARS = re.escape(r'`?=[]\;\'"<>,/~!@#$%^&*()+{}|:')
             # Regex that matches forbidden characters in repo/group slugs.
             SLUG_BAD_CHAR_RE = re.compile(r'[{}\x00-\x08\x0b-\x0c\x0e-\x1f]'.format(SLUG_BAD_CHARS))
             # Regex that matches allowed characters in repo/group slugs.
             SLUG_GOOD_CHAR_RE = re.compile(r'[^{}]'.format(SLUG_BAD_CHARS))
             # Regex that matches whole repo/group slugs.
             SLUG_RE = re.compile(r'[^{}]+'.format(SLUG_BAD_CHARS))
             _license_cache = None
             def adopt_for_celery(func):
                 """
                 Decorator designed to adopt hooks (from rhodecode.lib.hooks_base)
                 for further usage as a celery tasks.
                 """
                 @wraps(func)
                 def wrapper(extras):
                     extras = AttributeDict(extras)
                     # HooksResponse implements to_json method which must be used there.
                     return func(extras).to_json()
                 return wrapper
             def repo_name_slug(value):
                 """
                 Return slug of name of repository
                 This function is called on each creation/modification
                 of repository to prevent bad names in repo
                 """
                 replacement_char = '-'
                 slug = strip_tags(value)
                 slug = convert_accented_entities(slug)
                 slug = convert_misc_entities(slug)
                 slug = SLUG_BAD_CHAR_RE.sub('', slug)
                 slug = re.sub(r'[\s]+', '-', slug)
                 slug = collapse(slug, replacement_char)
                 return slug
             #==============================================================================
             # PERM DECORATOR HELPERS FOR EXTRACTING NAMES FOR PERM CHECKS
             #==============================================================================
             def get_repo_slug(request):
                 _repo = ''
                 if hasattr(request, 'db_repo_name'):
                     # if our requests has set db reference use it for name, this
                     # translates the example.com/_<id> into proper repo names
                     _repo = request.db_repo_name
                 elif getattr(request, 'matchdict', None):
                     # pyramid
                     _repo = request.matchdict.get('repo_name')
                 if _repo:
                     _repo = _repo.rstrip('/')
                 return _repo
             def get_repo_group_slug(request):
                 _group = ''
                 if hasattr(request, 'db_repo_group'):
                     # if our requests has set db reference use it for name, this
                     # translates the example.com/_<id> into proper repo group names
                     _group = request.db_repo_group.group_name
                 elif getattr(request, 'matchdict', None):
                     # pyramid
                     _group = request.matchdict.get('repo_group_name')
                 if _group:
                     _group = _group.rstrip('/')
                 return _group
             def get_user_group_slug(request):
                 _user_group = ''
                 if hasattr(request, 'db_user_group'):
                     _user_group = request.db_user_group.users_group_name
                 elif getattr(request, 'matchdict', None):
                     # pyramid
                     _user_group = request.matchdict.get('user_group_id')
                     _user_group_name = request.matchdict.get('user_group_name')
                     try:
                         if _user_group:
                             _user_group = UserGroup.get(_user_group)
                         elif _user_group_name:
                             _user_group = UserGroup.get_by_group_name(_user_group_name)
                         if _user_group:
                             _user_group = _user_group.users_group_name
                     except Exception:
                         log.exception('Failed to get user group by id and name')
                         # catch all failures here
                         return None
                 return _user_group
             def get_filesystem_repos(path, recursive=False, skip_removed_repos=True):
                 """
                 Scans given path for repos and return (name,(type,path)) tuple
                 :param path: path to scan for repositories
                 :param recursive: recursive search and return names with subdirs in front
                 """
                 # remove ending slash for better results
                 path = path.rstrip(os.sep)
                 log.debug('now scanning in %s location recursive:%s...', path, recursive)
                 def _get_repos(p):
                     dirpaths = get_dirpaths(p)
                     if not _is_dir_writable(p):
                         log.warning('repo path without write access: %s', p)
                     for dirpath in dirpaths:
                         if os.path.isfile(os.path.join(p, dirpath)):
                             continue
                         cur_path = os.path.join(p, dirpath)
                         # skip removed repos
                         if skip_removed_repos and REMOVED_REPO_PAT.match(dirpath):
                             continue
                         #skip .<somethin> dirs
                         if dirpath.startswith('.'):
                             continue
                         try:
                             scm_info = get_scm(cur_path)
                             yield scm_info[1].split(path, 1)[-1].lstrip(os.sep), scm_info
                         except VCSError:
                             if not recursive:
                                 continue
                             #check if this dir containts other repos for recursive scan
                             rec_path = os.path.join(p, dirpath)
                             if os.path.isdir(rec_path):
                                 yield from _get_repos(rec_path)
                 return _get_repos(path)
             def get_dirpaths(p: str) -> list:
                 try:
                     # OS-independable way of checking if we have at least read-only
                     # access or not.
                     dirpaths = os.listdir(p)
                 except OSError:
                     log.warning('ignoring repo path without read access: %s', p)
                     return []
                 # os.listpath has a tweak: If a unicode is passed into it, then it tries to
                 # decode paths and suddenly returns unicode objects itself. The items it
                 # cannot decode are returned as strings and cause issues.
                 #
                 # Those paths are ignored here until a solid solution for path handling has
                 # been built.
                 expected_type = type(p)
                 def _has_correct_type(item):
                     if type(item) is not expected_type:
                         log.error(
                             "Ignoring path %s since it cannot be decoded into str.",
                             # Using "repr" to make sure that we see the byte value in case
                             # of support.
                             repr(item))
                         return False
                     return True
                 dirpaths = [item for item in dirpaths if _has_correct_type(item)]
                 return dirpaths
             def _is_dir_writable(path):
                 """
                 Probe if `path` is writable.
                 Due to trouble on Cygwin / Windows, this is actually probing if it is
                 possible to create a file inside of `path`, stat does not produce reliable
                 results in this case.
                 """
                 try:
                     with tempfile.TemporaryFile(dir=path):
                         pass
                 except OSError:
                     return False
                 return True
             def is_valid_repo(repo_name, base_path, expect_scm=None, explicit_scm=None, config=None):
                 """
                 Returns True if given path is a valid repository False otherwise.
                 If expect_scm param is given also, compare if given scm is the same
                 as expected from scm parameter. If explicit_scm is given don't try to
                 detect the scm, just use the given one to check if repo is valid
                 :param repo_name:
                 :param base_path:
                 :param expect_scm:
                 :param explicit_scm:
                 :param config:
                 :return True: if given path is a valid repository
                 """
                 full_path = os.path.join(safe_str(base_path), safe_str(repo_name))
                 log.debug('Checking if `%s` is a valid path for repository. '
                           'Explicit type: %s', repo_name, explicit_scm)
                 try:
                     if explicit_scm:
                         detected_scms = [get_scm_backend(explicit_scm)(
                             full_path, config=config).alias]
                     else:
                         detected_scms = get_scm(full_path)
                     if expect_scm:
                         return detected_scms[0] == expect_scm
                     log.debug('path: %s is an vcs object:%s', full_path, detected_scms)
                     return True
                 except VCSError:
                     log.debug('path: %s is not a valid repo !', full_path)
                     return False
             def is_valid_repo_group(repo_group_name, base_path, skip_path_check=False):
                 """
                 Returns True if a given path is a repository group, False otherwise
                 :param repo_group_name:
                 :param base_path:
                 """
                 full_path = os.path.join(safe_str(base_path), safe_str(repo_group_name))
                 log.debug('Checking if `%s` is a valid path for repository group',
                           repo_group_name)
                 # check if it's not a repo
                 if is_valid_repo(repo_group_name, base_path):
                     log.debug('Repo called %s exist, it is not a valid repo group', repo_group_name)
                     return False
                 try:
                     # we need to check bare git repos at higher level
                     # since we might match branches/hooks/info/objects or possible
                     # other things inside bare git repo
                     maybe_repo = os.path.dirname(full_path)
                     if maybe_repo == base_path:
                         # skip root level repo check; we know root location CANNOT BE a repo group
                         return False
                     scm_ = get_scm(maybe_repo)
                     log.debug('path: %s is a vcs object:%s, not valid repo group', full_path, scm_)
                     return False
                 except VCSError:
                     pass
                 # check if it's a valid path
                 if skip_path_check or os.path.isdir(full_path):
                     log.debug('path: %s is a valid repo group !', full_path)
                     return True
                 log.debug('path: %s is not a valid repo group !', full_path)
                 return False
             def ask_ok(prompt, retries=4, complaint='[y]es or [n]o please!'):
                 while True:
                     ok = input(prompt)
                     if ok.lower() in ('y', 'ye', 'yes'):
                         return True
                     if ok.lower() in ('n', 'no', 'nop', 'nope'):
                         return False
                     retries = retries - 1
                     if retries < 0:
                         raise OSError
                     print(complaint)
             # propagated from mercurial documentation
             ui_sections = [
                 'alias', 'auth',
                 'decode/encode', 'defaults',
                 'diff', 'email',
                 'extensions', 'format',
                 'merge-patterns', 'merge-tools',
                 'hooks', 'http_proxy',
                 'smtp', 'patch',
                 'paths', 'profiling',
                 'server', 'trusted',
                 'ui', 'web', ]
             def config_data_from_db(clear_session=True, repo=None):
                 """
                 Read the configuration data from the database and return configuration
                 tuples.
                 """
                 from rhodecode.model.settings import VcsSettingsModel
                 config = []
                 sa = meta.Session()
                 settings_model = VcsSettingsModel(repo=repo, sa=sa)
                 ui_settings = settings_model.get_ui_settings()
                 ui_data = []
                 for setting in ui_settings:
                     if setting.active:
                         ui_data.append((setting.section, setting.key, setting.value))
                         config.append((
                             safe_str(setting.section), safe_str(setting.key),
                             safe_str(setting.value)))
                     if setting.key == 'push_ssl':
                         # force set push_ssl requirement to False, rhodecode
                         # handles that
                         config.append((
                             safe_str(setting.section), safe_str(setting.key), False))
                 log.debug(
                     'settings ui from db@repo[%s]: %s',
                     repo,
                     ','.join(['[{}] {}={}'.format(*s) for s in ui_data]))
                 if clear_session:
                     meta.Session.remove()
                 # TODO: mikhail: probably it makes no sense to re-read hooks information.
                 # It's already there and activated/deactivated
                 skip_entries = []
                 enabled_hook_classes = get_enabled_hook_classes(ui_settings)
                 if 'pull' not in enabled_hook_classes:
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PRE_PULL))
                 if 'push' not in enabled_hook_classes:
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PRE_PUSH))
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PRETX_PUSH))
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PUSH_KEY))
                 config = [entry for entry in config if entry[:2] not in skip_entries]
                 return config
             def make_db_config(clear_session=True, repo=None):
                 """
                 Create a :class:`Config` instance based on the values in the database.
                 """
                 config = Config()
                 config_data = config_data_from_db(clear_session=clear_session, repo=repo)
                 for section, option, value in config_data:
                     config.set(section, option, value)
                 return config
             def get_enabled_hook_classes(ui_settings):
                 """
                 Return the enabled hook classes.
                 :param ui_settings: List of ui_settings as returned
                     by :meth:`VcsSettingsModel.get_ui_settings`
                 :return: a list with the enabled hook classes. The order is not guaranteed.
                 :rtype: list
                 """
                 enabled_hooks = []
                 active_hook_keys = [
                     key for section, key, value, active in ui_settings
                     if section == 'hooks' and active]
                 hook_names = {
                     RhodeCodeUi.HOOK_PUSH: 'push',
                     RhodeCodeUi.HOOK_PULL: 'pull',
                     RhodeCodeUi.HOOK_REPO_SIZE: 'repo_size'
                 }
                 for key in active_hook_keys:
                     hook = hook_names.get(key)
                     if hook:
                         enabled_hooks.append(hook)
                 return enabled_hooks
             def set_rhodecode_config(config):
                 """
                 Updates pyramid config with new settings from database
                 :param config:
                 """
                 from rhodecode.model.settings import SettingsModel
                 app_settings = SettingsModel().get_all_settings()
                 for k, v in list(app_settings.items()):
                     config[k] = v
             def get_rhodecode_realm():
                 """
                 Return the rhodecode realm from database.
                 """
                 from rhodecode.model.settings import SettingsModel
                 realm = SettingsModel().get_setting_by_name('realm')
                 return safe_str(realm.app_settings_value)
             def get_rhodecode_base_path():
                 """
                 Returns the base path. The base path is the filesystem path which points
                 to the repository store.
                 """
                 import rhodecode
                 return rhodecode.CONFIG['default_base_path']
             def map_groups(path):
                 """
                 Given a full path to a repository, create all nested groups that this
                 repo is inside. This function creates parent-child relationships between
                 groups and creates default perms for all new groups.
                 :param paths: full path to repository
                 """
                 from rhodecode.model.repo_group import RepoGroupModel
                 sa = meta.Session()
                 groups = path.split(Repository.NAME_SEP)
                 parent = None
                 group = None
                 # last element is repo in nested groups structure
                 groups = groups[:-1]
                 rgm = RepoGroupModel(sa)
                 owner = User.get_first_super_admin()
                 for lvl, group_name in enumerate(groups):
                     group_name = '/'.join(groups[:lvl] + [group_name])
                     group = RepoGroup.get_by_group_name(group_name)
                     desc = '%s group' % group_name
                     # skip folders that are now removed repos
                     if REMOVED_REPO_PAT.match(group_name):
                         break
                     if group is None:
                         log.debug('creating group level: %s group_name: %s',
                                    lvl, group_name)
                         group = RepoGroup(group_name, parent)
                         group.group_description = desc
                         group.user = owner
                         sa.add(group)
                         perm_obj = rgm._create_default_perms(group)
                         sa.add(perm_obj)
                         sa.flush()
                     parent = group
                 return group
             def repo2db_mapper(initial_repo_list, remove_obsolete=False, force_hooks_rebuild=False):
                 """
                 maps all repos given in initial_repo_list, non existing repositories
                 are created, if remove_obsolete is True it also checks for db entries
                 that are not in initial_repo_list and removes them.
                 :param initial_repo_list: list of repositories found by scanning methods
                 :param remove_obsolete: check for obsolete entries in database
                 """
                 from rhodecode.model.repo import RepoModel
                 from rhodecode.model.repo_group import RepoGroupModel
                 from rhodecode.model.settings import SettingsModel
                 sa = meta.Session()
                 repo_model = RepoModel()
                 user = User.get_first_super_admin()
                 added = []
                 # creation defaults
                 defs = SettingsModel().get_default_repo_settings(strip_prefix=True)
                 enable_statistics = defs.get('repo_enable_statistics')
                 enable_locking = defs.get('repo_enable_locking')
                 enable_downloads = defs.get('repo_enable_downloads')
                 private = defs.get('repo_private')
                 for name, repo in list(initial_repo_list.items()):
                     group = map_groups(name)
                     str_name = safe_str(name)
                     db_repo = repo_model.get_by_repo_name(str_name)
                     # found repo that is on filesystem not in RhodeCode database
                     if not db_repo:
                         log.info('repository `%s` not found in the database, creating now', name)
                         added.append(name)
                         desc = (repo.description
                                 if repo.description != 'unknown'
                                 else '%s repository' % name)
                         db_repo = repo_model._create_repo(
                             repo_name=name,
                             repo_type=repo.alias,
                             description=desc,
                             repo_group=getattr(group, 'group_id', None),
                             owner=user,
                             enable_locking=enable_locking,
                             enable_downloads=enable_downloads,
                             enable_statistics=enable_statistics,
                             private=private,
                             state=Repository.STATE_CREATED
                         )
                         sa.commit()
                         # we added that repo just now, and make sure we updated server info
                         if db_repo.repo_type == 'git':
                             git_repo = db_repo.scm_instance()
                             # update repository server-info
                             log.debug('Running update server info')
                             git_repo._update_server_info(force=True)
                         db_repo.update_commit_cache()
                     config = db_repo._config
                     config.set('extensions', 'largefiles', '')
                     repo = db_repo.scm_instance(config=config)
                     repo.install_hooks(force=force_hooks_rebuild)
                 removed = []
                 if remove_obsolete:
                     # remove from database those repositories that are not in the filesystem
                     for repo in sa.query(Repository).all():
                         if repo.repo_name not in list(initial_repo_list.keys()):
                             log.debug("Removing non-existing repository found in db `%s`",
                                       repo.repo_name)
                             try:
                                 RepoModel(sa).delete(repo, forks='detach', fs_remove=False)
                                 sa.commit()
                                 removed.append(repo.repo_name)
                             except Exception:
                                 # don't hold further removals on error
                                 log.error(traceback.format_exc())
                                 sa.rollback()
                     def splitter(full_repo_name):
                         _parts = full_repo_name.rsplit(RepoGroup.url_sep(), 1)
                         gr_name = None
                         if len(_parts) == 2:
                             gr_name = _parts[0]
                         return gr_name
                     initial_repo_group_list = [splitter(x) for x in
                                                list(initial_repo_list.keys()) if splitter(x)]
                     # remove from database those repository groups that are not in the
                     # filesystem due to parent child relationships we need to delete them
                     # in a specific order of most nested first
                     all_groups = [x.group_name for x in sa.query(RepoGroup).all()]
                     def nested_sort(gr):
                         return len(gr.split('/'))
                     for group_name in sorted(all_groups, key=nested_sort, reverse=True):
                         if group_name not in initial_repo_group_list:
                             repo_group = RepoGroup.get_by_group_name(group_name)
                             if (repo_group.children.all() or
                                 not RepoGroupModel().check_exist_filesystem(
                                     group_name=group_name, exc_on_failure=False)):
                                 continue
                             log.info(
                                 'Removing non-existing repository group found in db `%s`',
                                 group_name)
                             try:
                                 RepoGroupModel(sa).delete(group_name, fs_remove=False)
                                 sa.commit()
                                 removed.append(group_name)
                             except Exception:
                                 # don't hold further removals on error
                                 log.exception(
                                     'Unable to remove repository group `%s`',
                                     group_name)
                                 sa.rollback()
                                 raise
                 return added, removed
             def load_rcextensions(root_path):
                 import rhodecode
                 from rhodecode.config import conf
                 path = os.path.join(root_path)
                 sys.path.append(path)
                 try:
                     rcextensions = __import__('rcextensions')
                 except ImportError:
                     if os.path.isdir(os.path.join(path, 'rcextensions')):
                         log.warning('Unable to load rcextensions from %s', path)
                     rcextensions = None
                 if rcextensions:
                     log.info('Loaded rcextensions from %s...', rcextensions)
                     rhodecode.EXTENSIONS = rcextensions
                     # Additional mappings that are not present in the pygments lexers
                     conf.LANGUAGES_EXTENSIONS_MAP.update(
                         getattr(rhodecode.EXTENSIONS, 'EXTRA_MAPPINGS', {}))
             def get_custom_lexer(extension):
                 """
                 returns a custom lexer if it is defined in rcextensions module, or None
                 if there's no custom lexer defined
                 """
                 import rhodecode
                 from pygments import lexers
                 # custom override made by RhodeCode
                 if extension in ['mako']:
                     return lexers.get_lexer_by_name('html+mako')
                 # check if we didn't define this extension as other lexer
                 extensions = rhodecode.EXTENSIONS and getattr(rhodecode.EXTENSIONS, 'EXTRA_LEXERS', None)
                 if extensions and extension in rhodecode.EXTENSIONS.EXTRA_LEXERS:
                     _lexer_name = rhodecode.EXTENSIONS.EXTRA_LEXERS[extension]
                     return lexers.get_lexer_by_name(_lexer_name)
             #==============================================================================
             # TEST FUNCTIONS AND CREATORS
             #==============================================================================
             def create_test_index(repo_location, config):
                 """
                 Makes default test index.
                 """
                 try:
                     import rc_testdata
                 except ImportError:
                     raise ImportError('Failed to import rc_testdata, '
                                       'please make sure this package is installed from requirements_test.txt')
                 rc_testdata.extract_search_index(
                     'vcs_search_index', os.path.dirname(config['search.location']))
             def create_test_directory(test_path):
                 """
                 Create test directory if it doesn't exist.
                 """
                 if not os.path.isdir(test_path):
                     log.debug('Creating testdir %s', test_path)
                     os.makedirs(test_path)
             def create_test_database(test_path, config):
                 """
                 Makes a fresh database.
                 """
                 from rhodecode.lib.db_manage import DbManage
                 from rhodecode.lib.utils2 import get_encryption_key
                 # PART ONE create db
                 dbconf = config['sqlalchemy.db1.url']
                 enc_key = get_encryption_key(config)
                 log.debug('making test db %s', dbconf)
                 dbmanage = DbManage(log_sql=False, dbconf=dbconf, root=config['here'],
                                     tests=True, cli_args={'force_ask': True}, enc_key=enc_key)
                 dbmanage.create_tables(override=True)
                 dbmanage.set_db_version()
                 # for tests dynamically set new root paths based on generated content
                 dbmanage.create_settings(dbmanage.config_prompt(test_path))
                 dbmanage.create_default_user()
                 dbmanage.create_test_admin_and_users()
                 dbmanage.create_permissions()
                 dbmanage.populate_default_permissions()
                 Session().commit()
             def create_test_repositories(test_path, config):
                 """
                 Creates test repositories in the temporary directory. Repositories are
                 extracted from archives within the rc_testdata package.
                 """
                 import rc_testdata
                 from rhodecode.tests import HG_REPO, GIT_REPO, SVN_REPO
                 log.debug('making test vcs repositories')
                 idx_path = config['search.location']
                 data_path = config['cache_dir']
                 # clean index and data
                 if idx_path and os.path.exists(idx_path):
                     log.debug('remove %s', idx_path)
                     shutil.rmtree(idx_path)
                 if data_path and os.path.exists(data_path):
                     log.debug('remove %s', data_path)
                     shutil.rmtree(data_path)
                 rc_testdata.extract_hg_dump('vcs_test_hg', jn(test_path, HG_REPO))
                 rc_testdata.extract_git_dump('vcs_test_git', jn(test_path, GIT_REPO))
                 # Note: Subversion is in the process of being integrated with the system,
                 # until we have a properly packed version of the test svn repository, this
                 # tries to copy over the repo from a package "rc_testdata"
                 svn_repo_path = rc_testdata.get_svn_repo_archive()
                 with tarfile.open(svn_repo_path) as tar:
                     tar.extractall(jn(test_path, SVN_REPO))
             def password_changed(auth_user, session):
                 # Never report password change in case of default user or anonymous user.
                 if auth_user.username == User.DEFAULT_USER or auth_user.user_id is None:
                     return False
                 password_hash = md5(safe_bytes(auth_user.password)) if auth_user.password else None
                 rhodecode_user = session.get('rhodecode_user', {})
                 session_password_hash = rhodecode_user.get('password', '')
                 return password_hash != session_password_hash
             def read_opensource_licenses():
                 global _license_cache
                 if not _license_cache:
                     licenses = pkg_resources.resource_string(
                         'rhodecode', 'config/licenses.json')
                     _license_cache = json.loads(licenses)
                 return _license_cache
             def generate_platform_uuid():
                 """
                 Generates platform UUID based on it's name
                 """
                 import platform
                 try:
                     uuid_list = [platform.platform()]
                     return sha256_safe(':'.join(uuid_list))
                 except Exception as e:
                     log.error('Failed to generate host uuid: %s', e)
                     return 'UNDEFINED'
             def send_test_email(recipients, email_body='TEST EMAIL'):
                 """
                 Simple code for generating test emails.
                 Usage::
                     from rhodecode.lib import utils
                     utils.send_test_email()
                 """
                 from rhodecode.lib.celerylib import tasks, run_task
                 email_body = email_body_plaintext = email_body
                 subject = f'SUBJECT FROM: {socket.gethostname()}'
                 tasks.send_email(recipients, subject, email_body_plaintext, email_body)
             def call_service_api(ini_path, payload):
                 config = get_config(ini_path)
                 try:
                     host = config.get('app:main', 'app.service_api.host')
                 except NoOptionError:
                     raise ImproperlyConfiguredError(
                         "app.service_api.host is missing. "
                         "Please ensure that app.service_api.host and app.service_api.token are "
                         "defined inside of .ini configuration file."
                     )
-                api_url = config.get('app:main', 'rhodecode.api.url')
+                try:
+                    api_url = config.get('app:main', 'rhodecode.api.url')
+                except NoOptionError:
+                    from rhodecode import api
+                    log.debug('Cannot find rhodecode.api.url, setting API URL TO Default value')
+                    api_url = api.DEFAULT_URL
                 payload.update({
                     'id': 'service',
                     'auth_token': config.get('app:main', 'app.service_api.token')
                 })
                 response = CurlSession().post(f'{host}{api_url}', json.dumps(payload))
                 if response.status_code != 200:
                     raise Exception("Service API responded with error")
                 return json.loads(response.content)['result']

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages