# HG changeset patch # User Daniel Dourvaris # Date 2016-08-26 08:19:55 # Node ID 7a6d3636822b6aba22f3dd03a0ef074280b5db52 # Parent 08b9b215c73b091a84105288cefeb98ac7d97bcd integrations: refactor/cleanup + features, fixes #4181 * added scopes on integrations, scopes are: - repo only - repogroup children only - root repos only - global (any repo) * integrations schemas now have separate section for the settings (eg. slack) and options (eg. scope/enabled) * added descriptions to integration types * added icons to integration types * added 'create new' integration page * added scope of integration to integrations list * added breadcrumbs for each repo/repogroup/global integrations pages * added sorting to integrations list * added pagination to integrations list * added icons to integrations list * added type filter to integrations list * added message to integrations list if none we found * added extra permissions check on integrations views * db migration from 56 => 57 - adds child_repos_only field * added tests for integrations triggered on events * added tests for integrations schemas * added tests for integrations views for repo/repogroup/admin diff --git a/rhodecode/__init__.py b/rhodecode/__init__.py --- a/rhodecode/__init__.py +++ b/rhodecode/__init__.py @@ -51,7 +51,7 @@ PYRAMID_SETTINGS = {} EXTENSIONS = {} __version__ = ('.'.join((str(each) for each in VERSION[:3]))) -__dbversion__ = 56 # defines current db version for migrations +__dbversion__ = 57 # defines current db version for migrations __platform__ = platform.system() __license__ = 'AGPLv3, and Commercial License' __author__ = 'RhodeCode GmbH' diff --git a/rhodecode/config/routing.py b/rhodecode/config/routing.py --- a/rhodecode/config/routing.py +++ b/rhodecode/config/routing.py @@ -42,6 +42,7 @@ STATIC_FILE_PREFIX = '/_static' URL_NAME_REQUIREMENTS = { # group name can have a slash in them, but they must not end with a slash 'group_name': r'.*?[^/]', + 'repo_group_name': r'.*?[^/]', # repo names can have a slash in them, but they must not end with a slash 'repo_name': r'.*?[^/]', # file path eats up everything at the end diff --git a/rhodecode/integrations/routes.py b/rhodecode/integrations/routes.py --- a/rhodecode/integrations/routes.py +++ b/rhodecode/integrations/routes.py @@ -31,6 +31,15 @@ log = logging.getLogger(__name__) def includeme(config): # global integrations + + config.add_route('global_integrations_new', + ADMIN_PREFIX + '/integrations/new') + config.add_view('rhodecode.integrations.views.GlobalIntegrationsView', + attr='new_integration', + renderer='rhodecode:templates/admin/integrations/new.html', + request_method='GET', + route_name='global_integrations_new') + config.add_route('global_integrations_home', ADMIN_PREFIX + '/integrations') config.add_route('global_integrations_list', @@ -48,15 +57,75 @@ def includeme(config): config.add_route('global_integrations_edit', ADMIN_PREFIX + '/integrations/{integration}/{integration_id}', custom_predicates=(valid_integration,)) + + for route_name in ['global_integrations_create', 'global_integrations_edit']: config.add_view('rhodecode.integrations.views.GlobalIntegrationsView', attr='settings_get', - renderer='rhodecode:templates/admin/integrations/edit.html', + renderer='rhodecode:templates/admin/integrations/form.html', request_method='GET', route_name=route_name) config.add_view('rhodecode.integrations.views.GlobalIntegrationsView', attr='settings_post', - renderer='rhodecode:templates/admin/integrations/edit.html', + renderer='rhodecode:templates/admin/integrations/form.html', + request_method='POST', + route_name=route_name) + + + # repo group integrations + config.add_route('repo_group_integrations_home', + add_route_requirements( + '{repo_group_name}/settings/integrations', + URL_NAME_REQUIREMENTS + ), + custom_predicates=(valid_repo_group,) + ) + config.add_route('repo_group_integrations_list', + add_route_requirements( + '{repo_group_name}/settings/integrations/{integration}', + URL_NAME_REQUIREMENTS + ), + custom_predicates=(valid_repo_group, valid_integration)) + for route_name in ['repo_group_integrations_home', 'repo_group_integrations_list']: + config.add_view('rhodecode.integrations.views.RepoGroupIntegrationsView', + attr='index', + renderer='rhodecode:templates/admin/integrations/list.html', + request_method='GET', + route_name=route_name) + + config.add_route('repo_group_integrations_new', + add_route_requirements( + '{repo_group_name}/settings/integrations/new', + URL_NAME_REQUIREMENTS + ), + custom_predicates=(valid_repo_group,)) + config.add_view('rhodecode.integrations.views.RepoGroupIntegrationsView', + attr='new_integration', + renderer='rhodecode:templates/admin/integrations/new.html', + request_method='GET', + route_name='repo_group_integrations_new') + + config.add_route('repo_group_integrations_create', + add_route_requirements( + '{repo_group_name}/settings/integrations/{integration}/new', + URL_NAME_REQUIREMENTS + ), + custom_predicates=(valid_repo_group, valid_integration)) + config.add_route('repo_group_integrations_edit', + add_route_requirements( + '{repo_group_name}/settings/integrations/{integration}/{integration_id}', + URL_NAME_REQUIREMENTS + ), + custom_predicates=(valid_repo_group, valid_integration)) + for route_name in ['repo_group_integrations_edit', 'repo_group_integrations_create']: + config.add_view('rhodecode.integrations.views.RepoGroupIntegrationsView', + attr='settings_get', + renderer='rhodecode:templates/admin/integrations/form.html', + request_method='GET', + route_name=route_name) + config.add_view('rhodecode.integrations.views.RepoGroupIntegrationsView', + attr='settings_post', + renderer='rhodecode:templates/admin/integrations/form.html', request_method='POST', route_name=route_name) @@ -78,8 +147,21 @@ def includeme(config): config.add_view('rhodecode.integrations.views.RepoIntegrationsView', attr='index', request_method='GET', + renderer='rhodecode:templates/admin/integrations/list.html', route_name=route_name) + config.add_route('repo_integrations_new', + add_route_requirements( + '{repo_name}/settings/integrations/new', + URL_NAME_REQUIREMENTS + ), + custom_predicates=(valid_repo,)) + config.add_view('rhodecode.integrations.views.RepoIntegrationsView', + attr='new_integration', + renderer='rhodecode:templates/admin/integrations/new.html', + request_method='GET', + route_name='repo_integrations_new') + config.add_route('repo_integrations_create', add_route_requirements( '{repo_name}/settings/integrations/{integration}/new', @@ -95,56 +177,12 @@ def includeme(config): for route_name in ['repo_integrations_edit', 'repo_integrations_create']: config.add_view('rhodecode.integrations.views.RepoIntegrationsView', attr='settings_get', - renderer='rhodecode:templates/admin/integrations/edit.html', + renderer='rhodecode:templates/admin/integrations/form.html', request_method='GET', route_name=route_name) config.add_view('rhodecode.integrations.views.RepoIntegrationsView', attr='settings_post', - renderer='rhodecode:templates/admin/integrations/edit.html', - request_method='POST', - route_name=route_name) - - - # repo group integrations - config.add_route('repo_group_integrations_home', - add_route_requirements( - '{repo_group_name}/settings/integrations', - URL_NAME_REQUIREMENTS - ), - custom_predicates=(valid_repo_group,)) - config.add_route('repo_group_integrations_list', - add_route_requirements( - '{repo_group_name}/settings/integrations/{integration}', - URL_NAME_REQUIREMENTS - ), - custom_predicates=(valid_repo_group, valid_integration)) - for route_name in ['repo_group_integrations_home', 'repo_group_integrations_list']: - config.add_view('rhodecode.integrations.views.RepoGroupIntegrationsView', - attr='index', - request_method='GET', - route_name=route_name) - - config.add_route('repo_group_integrations_create', - add_route_requirements( - '{repo_group_name}/settings/integrations/{integration}/new', - URL_NAME_REQUIREMENTS - ), - custom_predicates=(valid_repo_group, valid_integration)) - config.add_route('repo_group_integrations_edit', - add_route_requirements( - '{repo_group_name}/settings/integrations/{integration}/{integration_id}', - URL_NAME_REQUIREMENTS - ), - custom_predicates=(valid_repo_group, valid_integration)) - for route_name in ['repo_group_integrations_edit', 'repo_group_integrations_create']: - config.add_view('rhodecode.integrations.views.RepoGroupIntegrationsView', - attr='settings_get', - renderer='rhodecode:templates/admin/integrations/edit.html', - request_method='GET', - route_name=route_name) - config.add_view('rhodecode.integrations.views.RepoGroupIntegrationsView', - attr='settings_post', - renderer='rhodecode:templates/admin/integrations/edit.html', + renderer='rhodecode:templates/admin/integrations/form.html', request_method='POST', route_name=route_name) @@ -194,7 +232,7 @@ def valid_integration(info, request): return False if repo and repo.repo_id != integration.repo_id: return False - if repo_group and repo_group.repo_group_id != integration.repo_group_id: + if repo_group and repo_group.group_id != integration.repo_group_id: return False return True diff --git a/rhodecode/integrations/schema.py b/rhodecode/integrations/schema.py --- a/rhodecode/integrations/schema.py +++ b/rhodecode/integrations/schema.py @@ -20,26 +20,52 @@ import colander -from rhodecode.translation import lazy_ugettext +from rhodecode.translation import _ -class IntegrationSettingsSchemaBase(colander.MappingSchema): - """ - This base schema is intended for use in integrations. - It adds a few default settings (e.g., "enabled"), so that integration - authors don't have to maintain a bunch of boilerplate. - """ +class IntegrationOptionsSchemaBase(colander.MappingSchema): enabled = colander.SchemaNode( colander.Bool(), default=True, - description=lazy_ugettext('Enable or disable this integration.'), + description=_('Enable or disable this integration.'), missing=False, - title=lazy_ugettext('Enabled'), + title=_('Enabled'), ) name = colander.SchemaNode( colander.String(), - description=lazy_ugettext('Short name for this integration.'), + description=_('Short name for this integration.'), missing=colander.required, - title=lazy_ugettext('Integration name'), + title=_('Integration name'), ) + + +class RepoIntegrationOptionsSchema(IntegrationOptionsSchemaBase): + pass + + +class RepoGroupIntegrationOptionsSchema(IntegrationOptionsSchemaBase): + child_repos_only = colander.SchemaNode( + colander.Bool(), + default=True, + description=_( + 'Limit integrations to to work only on the direct children ' + 'repositories of this repository group (no subgroups)'), + missing=False, + title=_('Limit to childen repos only'), + ) + + +class GlobalIntegrationOptionsSchema(IntegrationOptionsSchemaBase): + child_repos_only = colander.SchemaNode( + colander.Bool(), + default=False, + description=_( + 'Limit integrations to to work only on root level repositories'), + missing=False, + title=_('Root repositories only'), + ) + + +class IntegrationSettingsSchemaBase(colander.MappingSchema): + pass diff --git a/rhodecode/integrations/types/base.py b/rhodecode/integrations/types/base.py --- a/rhodecode/integrations/types/base.py +++ b/rhodecode/integrations/types/base.py @@ -18,25 +18,84 @@ # RhodeCode Enterprise Edition, including its added features, Support services, # and proprietary license terms, please see https://rhodecode.com/licenses/ -from rhodecode.integrations.schema import IntegrationSettingsSchemaBase +import colander +from rhodecode.translation import _ class IntegrationTypeBase(object): """ Base class for IntegrationType plugins """ + description = '' + icon = ''' + + + + + + image/svg+xml + + + + + + + + + + +''' + def __init__(self, settings): """ :param settings: dict of settings to be used for the integration """ self.settings = settings - def settings_schema(self): """ A colander schema of settings for the integration type - - Subclasses can return their own schema but should always - inherit from IntegrationSettingsSchemaBase """ - return IntegrationSettingsSchemaBase() - + return colander.Schema() diff --git a/rhodecode/integrations/types/email.py b/rhodecode/integrations/types/email.py --- a/rhodecode/integrations/types/email.py +++ b/rhodecode/integrations/types/email.py @@ -26,11 +26,10 @@ import colander from mako.template import Template from rhodecode import events -from rhodecode.translation import _, lazy_ugettext +from rhodecode.translation import _ from rhodecode.lib.celerylib import run_task from rhodecode.lib.celerylib import tasks from rhodecode.integrations.types.base import IntegrationTypeBase -from rhodecode.integrations.schema import IntegrationSettingsSchemaBase log = logging.getLogger(__name__) @@ -147,18 +146,79 @@ repo_push_template_html = Template(''' ''') +email_icon = ''' + + + + + + image/svg+xml + + + + + + + + + + +''' -class EmailSettingsSchema(IntegrationSettingsSchemaBase): +class EmailSettingsSchema(colander.Schema): @colander.instantiate(validator=colander.Length(min=1)) class recipients(colander.SequenceSchema): - title = lazy_ugettext('Recipients') - description = lazy_ugettext('Email addresses to send push events to') + title = _('Recipients') + description = _('Email addresses to send push events to') widget = deform.widget.SequenceWidget(min_len=1) recipient = colander.SchemaNode( colander.String(), - title=lazy_ugettext('Email address'), - description=lazy_ugettext('Email address'), + title=_('Email address'), + description=_('Email address'), default='', validator=colander.Email(), widget=deform.widget.TextInputWidget( @@ -169,8 +229,9 @@ class EmailSettingsSchema(IntegrationSet class EmailIntegrationType(IntegrationTypeBase): key = 'email' - display_name = lazy_ugettext('Email') - SettingsSchema = EmailSettingsSchema + display_name = _('Email') + description = _('Send repo push summaries to a list of recipients via email') + icon = email_icon def settings_schema(self): schema = EmailSettingsSchema() diff --git a/rhodecode/integrations/types/hipchat.py b/rhodecode/integrations/types/hipchat.py --- a/rhodecode/integrations/types/hipchat.py +++ b/rhodecode/integrations/types/hipchat.py @@ -29,29 +29,28 @@ from celery.task import task from mako.template import Template from rhodecode import events -from rhodecode.translation import lazy_ugettext +from rhodecode.translation import _ from rhodecode.lib import helpers as h from rhodecode.lib.celerylib import run_task from rhodecode.lib.colander_utils import strip_whitespace from rhodecode.integrations.types.base import IntegrationTypeBase -from rhodecode.integrations.schema import IntegrationSettingsSchemaBase log = logging.getLogger(__name__) -class HipchatSettingsSchema(IntegrationSettingsSchemaBase): +class HipchatSettingsSchema(colander.Schema): color_choices = [ - ('yellow', lazy_ugettext('Yellow')), - ('red', lazy_ugettext('Red')), - ('green', lazy_ugettext('Green')), - ('purple', lazy_ugettext('Purple')), - ('gray', lazy_ugettext('Gray')), + ('yellow', _('Yellow')), + ('red', _('Red')), + ('green', _('Green')), + ('purple', _('Purple')), + ('gray', _('Gray')), ] server_url = colander.SchemaNode( colander.String(), - title=lazy_ugettext('Hipchat server URL'), - description=lazy_ugettext('Hipchat integration url.'), + title=_('Hipchat server URL'), + description=_('Hipchat integration url.'), default='', preparer=strip_whitespace, validator=colander.url, @@ -61,15 +60,15 @@ class HipchatSettingsSchema(IntegrationS ) notify = colander.SchemaNode( colander.Bool(), - title=lazy_ugettext('Notify'), - description=lazy_ugettext('Make a notification to the users in room.'), + title=_('Notify'), + description=_('Make a notification to the users in room.'), missing=False, default=False, ) color = colander.SchemaNode( colander.String(), - title=lazy_ugettext('Color'), - description=lazy_ugettext('Background color of message.'), + title=_('Color'), + description=_('Background color of message.'), missing='', validator=colander.OneOf([x[0] for x in color_choices]), widget=deform.widget.Select2Widget( @@ -98,10 +97,12 @@ in ${da ''') - class HipchatIntegrationType(IntegrationTypeBase): key = 'hipchat' - display_name = lazy_ugettext('Hipchat') + display_name = _('Hipchat') + description = _('Send events such as repo pushes and pull requests to ' + 'your hipchat channel.') + icon = '''''' valid_events = [ events.PullRequestCloseEvent, events.PullRequestMergeEvent, diff --git a/rhodecode/integrations/types/slack.py b/rhodecode/integrations/types/slack.py --- a/rhodecode/integrations/types/slack.py +++ b/rhodecode/integrations/types/slack.py @@ -29,21 +29,20 @@ from celery.task import task from mako.template import Template from rhodecode import events -from rhodecode.translation import lazy_ugettext +from rhodecode.translation import _ from rhodecode.lib import helpers as h from rhodecode.lib.celerylib import run_task from rhodecode.lib.colander_utils import strip_whitespace from rhodecode.integrations.types.base import IntegrationTypeBase -from rhodecode.integrations.schema import IntegrationSettingsSchemaBase log = logging.getLogger(__name__) -class SlackSettingsSchema(IntegrationSettingsSchemaBase): +class SlackSettingsSchema(colander.Schema): service = colander.SchemaNode( colander.String(), - title=lazy_ugettext('Slack service URL'), - description=h.literal(lazy_ugettext( + title=_('Slack service URL'), + description=h.literal(_( 'This can be setup at the ' '' 'slack app manager')), @@ -56,8 +55,8 @@ class SlackSettingsSchema(IntegrationSet ) username = colander.SchemaNode( colander.String(), - title=lazy_ugettext('Username'), - description=lazy_ugettext('Username to show notifications coming from.'), + title=_('Username'), + description=_('Username to show notifications coming from.'), missing='Rhodecode', preparer=strip_whitespace, widget=deform.widget.TextInputWidget( @@ -66,8 +65,8 @@ class SlackSettingsSchema(IntegrationSet ) channel = colander.SchemaNode( colander.String(), - title=lazy_ugettext('Channel'), - description=lazy_ugettext('Channel to send notifications to.'), + title=_('Channel'), + description=_('Channel to send notifications to.'), missing='', preparer=strip_whitespace, widget=deform.widget.TextInputWidget( @@ -76,8 +75,8 @@ class SlackSettingsSchema(IntegrationSet ) icon_emoji = colander.SchemaNode( colander.String(), - title=lazy_ugettext('Emoji'), - description=lazy_ugettext('Emoji to use eg. :studio_microphone:'), + title=_('Emoji'), + description=_('Emoji to use eg. :studio_microphone:'), missing='', preparer=strip_whitespace, widget=deform.widget.TextInputWidget( @@ -102,10 +101,14 @@ in <${data['repo']['url']}|${data['repo' ''') + + class SlackIntegrationType(IntegrationTypeBase): key = 'slack' - display_name = lazy_ugettext('Slack') - SettingsSchema = SlackSettingsSchema + display_name = _('Slack') + description = _('Send events such as repo pushes and pull requests to ' + 'your slack channel.') + icon = '''''' valid_events = [ events.PullRequestCloseEvent, events.PullRequestMergeEvent, diff --git a/rhodecode/integrations/types/webhook.py b/rhodecode/integrations/types/webhook.py --- a/rhodecode/integrations/types/webhook.py +++ b/rhodecode/integrations/types/webhook.py @@ -28,19 +28,19 @@ from celery.task import task from mako.template import Template from rhodecode import events -from rhodecode.translation import lazy_ugettext +from rhodecode.translation import _ from rhodecode.integrations.types.base import IntegrationTypeBase -from rhodecode.integrations.schema import IntegrationSettingsSchemaBase log = logging.getLogger(__name__) -class WebhookSettingsSchema(IntegrationSettingsSchemaBase): +class WebhookSettingsSchema(colander.Schema): url = colander.SchemaNode( colander.String(), - title=lazy_ugettext('Webhook URL'), - description=lazy_ugettext('URL of the webhook to receive POST event.'), - default='', + title=_('Webhook URL'), + description=_('URL of the webhook to receive POST event.'), + missing=colander.required, + required=True, validator=colander.url, widget=deform.widget.TextInputWidget( placeholder='https://www.example.com/webhook' @@ -48,18 +48,24 @@ class WebhookSettingsSchema(IntegrationS ) secret_token = colander.SchemaNode( colander.String(), - title=lazy_ugettext('Secret Token'), - description=lazy_ugettext('String used to validate received payloads.'), + title=_('Secret Token'), + description=_('String used to validate received payloads.'), default='', + missing='', widget=deform.widget.TextInputWidget( placeholder='secret_token' ), ) + + class WebhookIntegrationType(IntegrationTypeBase): key = 'webhook' - display_name = lazy_ugettext('Webhook') + display_name = _('Webhook') + description = _('Post json events to a webhook endpoint') + icon = '''''' + valid_events = [ events.PullRequestCloseEvent, events.PullRequestMergeEvent, diff --git a/rhodecode/integrations/views.py b/rhodecode/integrations/views.py --- a/rhodecode/integrations/views.py +++ b/rhodecode/integrations/views.py @@ -18,23 +18,29 @@ # RhodeCode Enterprise Edition, including its added features, Support services, # and proprietary license terms, please see https://rhodecode.com/licenses/ -import colander -import logging import pylons import deform +import logging +import colander +import peppercorn +import webhelpers.paginate -from pyramid.httpexceptions import HTTPFound, HTTPForbidden +from pyramid.httpexceptions import HTTPFound, HTTPForbidden, HTTPBadRequest from pyramid.renderers import render from pyramid.response import Response from rhodecode.lib import auth from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator +from rhodecode.lib.utils2 import safe_int +from rhodecode.lib.helpers import Page from rhodecode.model.db import Repository, RepoGroup, Session, Integration from rhodecode.model.scm import ScmModel from rhodecode.model.integration import IntegrationModel from rhodecode.admin.navigation import navigation_list from rhodecode.translation import _ from rhodecode.integrations import integration_type_registry +from rhodecode.model.validation_schema.schemas.integration_schema import ( + make_integration_schema) log = logging.getLogger(__name__) @@ -65,30 +71,45 @@ class IntegrationSettingsViewBase(object request = self.request - if 'repo_name' in request.matchdict: # we're in a repo context + if 'repo_name' in request.matchdict: # in repo settings context repo_name = request.matchdict['repo_name'] self.repo = Repository.get_by_repo_name(repo_name) - if 'repo_group_name' in request.matchdict: # we're in repo_group context + if 'repo_group_name' in request.matchdict: # in group settings context repo_group_name = request.matchdict['repo_group_name'] self.repo_group = RepoGroup.get_by_group_name(repo_group_name) - if 'integration' in request.matchdict: # we're in integration context + + if 'integration' in request.matchdict: # integration type context integration_type = request.matchdict['integration'] self.IntegrationType = integration_type_registry[integration_type] if 'integration_id' in request.matchdict: # single integration context integration_id = request.matchdict['integration_id'] self.integration = Integration.get(integration_id) - else: # list integrations context - integrations = IntegrationModel().get_integrations( - repo=self.repo, repo_group=self.repo_group) - for integration in integrations: - self.integrations.setdefault(integration.integration_type, [] - ).append(integration) + # extra perms check just in case + if not self._has_perms_for_integration(self.integration): + raise HTTPForbidden() self.settings = self.integration and self.integration.settings or {} + self.admin_view = not (self.repo or self.repo_group) + + def _has_perms_for_integration(self, integration): + perms = self.request.user.permissions + + if 'hg.admin' in perms['global']: + return True + + if integration.repo: + return perms['repositories'].get( + integration.repo.repo_name) == 'repository.admin' + + if integration.repo_group: + return perms['repositories_groups'].get( + integration.repo_group.group_name) == 'group.admin' + + return False def _template_c_context(self): # TODO: dan: this is a stopgap in order to inherit from current pylons @@ -102,6 +123,7 @@ class IntegrationSettingsViewBase(object c.repo_group = self.repo_group c.repo_name = self.repo and self.repo.repo_name or None c.repo_group_name = self.repo_group and self.repo_group.group_name or None + if self.repo: c.repo_info = self.repo c.rhodecode_db_repo = self.repo @@ -112,23 +134,25 @@ class IntegrationSettingsViewBase(object return c def _form_schema(self): - if self.integration: - settings = self.integration.settings - else: - settings = {} - return self.IntegrationType(settings=settings).settings_schema() + schema = make_integration_schema(IntegrationType=self.IntegrationType, + settings=self.settings) - def settings_get(self, defaults=None, errors=None, form=None): - """ - View that displays the plugin settings as a form. - """ - defaults = defaults or {} - errors = errors or {} + # returns a clone, important if mutating the schema later + return schema.bind( + permissions=self.request.user.permissions, + no_scope=not self.admin_view) + + + def _form_defaults(self): + defaults = {} if self.integration: - defaults = self.integration.settings or {} - defaults['name'] = self.integration.name - defaults['enabled'] = self.integration.enabled + defaults['settings'] = self.integration.settings or {} + defaults['options'] = { + 'name': self.integration.name, + 'enabled': self.integration.enabled, + 'scope': self.integration.scope, + } else: if self.repo: scope = _('{repo_name} repository').format( @@ -139,11 +163,44 @@ class IntegrationSettingsViewBase(object else: scope = _('Global') - defaults['name'] = '{} {} integration'.format(scope, - self.IntegrationType.display_name) - defaults['enabled'] = True + defaults['options'] = { + 'enabled': True, + 'name': _('{name} integration').format( + name=self.IntegrationType.display_name), + } + if self.repo: + defaults['options']['scope'] = self.repo + elif self.repo_group: + defaults['options']['scope'] = self.repo_group + + return defaults - schema = self._form_schema().bind(request=self.request) + def _delete_integration(self, integration): + Session().delete(self.integration) + Session().commit() + self.request.session.flash( + _('Integration {integration_name} deleted successfully.').format( + integration_name=self.integration.name), + queue='success') + + if self.repo: + redirect_to = self.request.route_url( + 'repo_integrations_home', repo_name=self.repo.repo_name) + elif self.repo_group: + redirect_to = self.request.route_url( + 'repo_group_integrations_home', + repo_group_name=self.repo_group.group_name) + else: + redirect_to = self.request.route_url('global_integrations_home') + raise HTTPFound(redirect_to) + + def settings_get(self, defaults=None, form=None): + """ + View that displays the integration settings as a form. + """ + + defaults = defaults or self._form_defaults() + schema = self._form_schema() if self.integration: buttons = ('submit', 'delete') @@ -152,23 +209,10 @@ class IntegrationSettingsViewBase(object form = form or deform.Form(schema, appstruct=defaults, buttons=buttons) - for node in schema: - setting = self.settings.get(node.name) - if setting is not None: - defaults.setdefault(node.name, setting) - else: - if node.default: - defaults.setdefault(node.name, node.default) - template_context = { 'form': form, - 'defaults': defaults, - 'errors': errors, - 'schema': schema, 'current_IntegrationType': self.IntegrationType, 'integration': self.integration, - 'settings': self.settings, - 'resource': self.context, 'c': self._template_c_context(), } @@ -177,79 +221,90 @@ class IntegrationSettingsViewBase(object @auth.CSRFRequired() def settings_post(self): """ - View that validates and stores the plugin settings. + View that validates and stores the integration settings. """ - if self.request.params.get('delete'): - Session().delete(self.integration) - Session().commit() - self.request.session.flash( - _('Integration {integration_name} deleted successfully.').format( - integration_name=self.integration.name), - queue='success') - if self.repo: - redirect_to = self.request.route_url( - 'repo_integrations_home', repo_name=self.repo.repo_name) - else: - redirect_to = self.request.route_url('global_integrations_home') - raise HTTPFound(redirect_to) + controls = self.request.POST.items() + pstruct = peppercorn.parse(controls) + + if self.integration and pstruct.get('delete'): + return self._delete_integration(self.integration) + + schema = self._form_schema() + + skip_settings_validation = False + if self.integration and 'enabled' not in pstruct.get('options', {}): + skip_settings_validation = True + schema['settings'].validator = None + for field in schema['settings'].children: + field.validator = None + field.missing = '' - schema = self._form_schema().bind(request=self.request) + if self.integration: + buttons = ('submit', 'delete') + else: + buttons = ('submit',) - form = deform.Form(schema, buttons=('submit', 'delete')) + form = deform.Form(schema, buttons=buttons) - params = {} - for node in schema.children: - if type(node.typ) in (colander.Set, colander.List): - val = self.request.params.getall(node.name) - else: - val = self.request.params.get(node.name) - if val: - params[node.name] = val + if not self.admin_view: + # scope is read only field in these cases, and has to be added + options = pstruct.setdefault('options', {}) + if 'scope' not in options: + if self.repo: + options['scope'] = 'repo:{}'.format(self.repo.repo_name) + elif self.repo_group: + options['scope'] = 'repogroup:{}'.format( + self.repo_group.group_name) - controls = self.request.POST.items() try: - valid_data = form.validate(controls) + valid_data = form.validate_pstruct(pstruct) except deform.ValidationFailure as e: self.request.session.flash( _('Errors exist when saving integration settings. ' 'Please check the form inputs.'), queue='error') - return self.settings_get(errors={}, defaults=params, form=e) + return self.settings_get(form=e) if not self.integration: self.integration = Integration() self.integration.integration_type = self.IntegrationType.key - if self.repo: - self.integration.repo = self.repo - elif self.repo_group: - self.integration.repo_group = self.repo_group Session().add(self.integration) - self.integration.enabled = valid_data.pop('enabled', False) - self.integration.name = valid_data.pop('name') - self.integration.settings = valid_data + scope = valid_data['options']['scope'] + IntegrationModel().update_integration(self.integration, + name=valid_data['options']['name'], + enabled=valid_data['options']['enabled'], + settings=valid_data['settings'], + scope=scope) + + self.integration.settings = valid_data['settings'] Session().commit() - # Display success message and redirect. self.request.session.flash( _('Integration {integration_name} updated successfully.').format( integration_name=self.IntegrationType.display_name), queue='success') - if self.repo: - redirect_to = self.request.route_url( - 'repo_integrations_edit', repo_name=self.repo.repo_name, + + # if integration scope changes, we must redirect to the right place + # keeping in mind if the original view was for /repo/ or /_admin/ + admin_view = not (self.repo or self.repo_group) + + if isinstance(self.integration.scope, Repository) and not admin_view: + redirect_to = self.request.route_path( + 'repo_integrations_edit', + repo_name=self.integration.scope.repo_name, integration=self.integration.integration_type, integration_id=self.integration.integration_id) - elif self.repo: - redirect_to = self.request.route_url( + elif isinstance(self.integration.scope, RepoGroup) and not admin_view: + redirect_to = self.request.route_path( 'repo_group_integrations_edit', - repo_group_name=self.repo_group.group_name, + repo_group_name=self.integration.scope.group_name, integration=self.integration.integration_type, integration_id=self.integration.integration_id) else: - redirect_to = self.request.route_url( + redirect_to = self.request.route_path( 'global_integrations_edit', integration=self.integration.integration_type, integration_id=self.integration.integration_id) @@ -257,31 +312,60 @@ class IntegrationSettingsViewBase(object return HTTPFound(redirect_to) def index(self): - current_integrations = self.integrations - if self.IntegrationType: - current_integrations = { - self.IntegrationType.key: self.integrations.get( - self.IntegrationType.key, []) - } + """ List integrations """ + if self.repo: + scope = self.repo + elif self.repo_group: + scope = self.repo_group + else: + scope = 'all' + + integrations = [] + + for integration in IntegrationModel().get_integrations( + scope=scope, IntegrationType=self.IntegrationType): + + # extra permissions check *just in case* + if not self._has_perms_for_integration(integration): + continue + integrations.append(integration) + + sort_arg = self.request.GET.get('sort', 'name:asc') + if ':' in sort_arg: + sort_field, sort_dir = sort_arg.split(':') + else: + sort_field = sort_arg, 'asc' + + assert sort_field in ('name', 'integration_type', 'enabled', 'scope') + + integrations.sort( + key=lambda x: getattr(x[1], sort_field), reverse=(sort_dir=='desc')) + + + page_url = webhelpers.paginate.PageURL( + self.request.path, self.request.GET) + page = safe_int(self.request.GET.get('page', 1), 1) + + integrations = Page(integrations, page=page, items_per_page=10, + url=page_url) template_context = { + 'sort_field': sort_field, + 'rev_sort_dir': sort_dir != 'desc' and 'desc' or 'asc', 'current_IntegrationType': self.IntegrationType, - 'current_integrations': current_integrations, + 'integrations_list': integrations, 'available_integrations': integration_type_registry, - 'c': self._template_c_context() + 'c': self._template_c_context(), + 'request': self.request, } + return template_context - if self.repo: - html = render('rhodecode:templates/admin/integrations/list.html', - template_context, - request=self.request) - else: - html = render('rhodecode:templates/admin/integrations/list.html', - template_context, - request=self.request) - - return Response(html) - + def new_integration(self): + template_context = { + 'available_integrations': integration_type_registry, + 'c': self._template_c_context(), + } + return template_context class GlobalIntegrationsView(IntegrationSettingsViewBase): def perm_check(self, user): @@ -293,7 +377,9 @@ class RepoIntegrationsView(IntegrationSe return auth.HasRepoPermissionAll('repository.admin' )(repo_name=self.repo.repo_name, user=user) + class RepoGroupIntegrationsView(IntegrationSettingsViewBase): def perm_check(self, user): return auth.HasRepoGroupPermissionAll('group.admin' )(group_name=self.repo_group.group_name, user=user) + diff --git a/rhodecode/lib/dbmigrate/schema/db_4_4_0_0.py b/rhodecode/lib/dbmigrate/schema/db_4_4_0_0.py --- a/rhodecode/lib/dbmigrate/schema/db_4_4_0_0.py +++ b/rhodecode/lib/dbmigrate/schema/db_4_4_0_0.py @@ -3481,7 +3481,6 @@ class Integration(Base, BaseModel): integration_type = Column('integration_type', String(255)) enabled = Column('enabled', Boolean(), nullable=False) name = Column('name', String(255), nullable=False) - settings = Column( 'settings_json', MutationObj.as_mutable( JsonType(dialect_map=dict(mysql=UnicodeText(16384))))) diff --git a/rhodecode/lib/dbmigrate/schema/db_4_4_0_1.py b/rhodecode/lib/dbmigrate/schema/db_4_4_0_1.py new file mode 100644 --- /dev/null +++ b/rhodecode/lib/dbmigrate/schema/db_4_4_0_1.py @@ -0,0 +1,3529 @@ +# -*- coding: utf-8 -*- + +# Copyright (C) 2010-2016 RhodeCode GmbH +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License, version 3 +# (only), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . +# +# This program is dual-licensed. If you wish to learn more about the +# RhodeCode Enterprise Edition, including its added features, Support services, +# and proprietary license terms, please see https://rhodecode.com/licenses/ + +""" +Database Models for RhodeCode Enterprise +""" + +import os +import sys +import time +import hashlib +import logging +import datetime +import warnings +import ipaddress +import functools +import traceback +import collections + + +from sqlalchemy import * +from sqlalchemy.exc import IntegrityError +from sqlalchemy.ext.declarative import declared_attr +from sqlalchemy.ext.hybrid import hybrid_property +from sqlalchemy.orm import ( + relationship, joinedload, class_mapper, validates, aliased) +from sqlalchemy.sql.expression import true +from beaker.cache import cache_region, region_invalidate +from webob.exc import HTTPNotFound +from zope.cachedescriptors.property import Lazy as LazyProperty + +from pylons import url +from pylons.i18n.translation import lazy_ugettext as _ + +from rhodecode.lib.vcs import get_backend, get_vcs_instance +from rhodecode.lib.vcs.utils.helpers import get_scm +from rhodecode.lib.vcs.exceptions import VCSError +from rhodecode.lib.vcs.backends.base import ( + EmptyCommit, Reference, MergeFailureReason) +from rhodecode.lib.utils2 import ( + str2bool, safe_str, get_commit_safe, safe_unicode, remove_prefix, md5_safe, + time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict) +from rhodecode.lib.jsonalchemy import MutationObj, JsonType, JSONDict +from rhodecode.lib.ext_json import json +from rhodecode.lib.caching_query import FromCache +from rhodecode.lib.encrypt import AESCipher + +from rhodecode.model.meta import Base, Session + +URL_SEP = '/' +log = logging.getLogger(__name__) + +# ============================================================================= +# BASE CLASSES +# ============================================================================= + +# this is propagated from .ini file rhodecode.encrypted_values.secret or +# beaker.session.secret if first is not set. +# and initialized at environment.py +ENCRYPTION_KEY = None + +# used to sort permissions by types, '#' used here is not allowed to be in +# usernames, and it's very early in sorted string.printable table. +PERMISSION_TYPE_SORT = { + 'admin': '####', + 'write': '###', + 'read': '##', + 'none': '#', +} + + +def display_sort(obj): + """ + Sort function used to sort permissions in .permissions() function of + Repository, RepoGroup, UserGroup. Also it put the default user in front + of all other resources + """ + + if obj.username == User.DEFAULT_USER: + return '#####' + prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '') + return prefix + obj.username + + +def _hash_key(k): + return md5_safe(k) + + +class EncryptedTextValue(TypeDecorator): + """ + Special column for encrypted long text data, use like:: + + value = Column("encrypted_value", EncryptedValue(), nullable=False) + + This column is intelligent so if value is in unencrypted form it return + unencrypted form, but on save it always encrypts + """ + impl = Text + + def process_bind_param(self, value, dialect): + if not value: + return value + if value.startswith('enc$aes$') or value.startswith('enc$aes_hmac$'): + # protect against double encrypting if someone manually starts + # doing + raise ValueError('value needs to be in unencrypted format, ie. ' + 'not starting with enc$aes') + return 'enc$aes_hmac$%s' % AESCipher( + ENCRYPTION_KEY, hmac=True).encrypt(value) + + def process_result_value(self, value, dialect): + import rhodecode + + if not value: + return value + + parts = value.split('$', 3) + if not len(parts) == 3: + # probably not encrypted values + return value + else: + if parts[0] != 'enc': + # parts ok but without our header ? + return value + enc_strict_mode = str2bool(rhodecode.CONFIG.get( + 'rhodecode.encrypted_values.strict') or True) + # at that stage we know it's our encryption + if parts[1] == 'aes': + decrypted_data = AESCipher(ENCRYPTION_KEY).decrypt(parts[2]) + elif parts[1] == 'aes_hmac': + decrypted_data = AESCipher( + ENCRYPTION_KEY, hmac=True, + strict_verification=enc_strict_mode).decrypt(parts[2]) + else: + raise ValueError( + 'Encryption type part is wrong, must be `aes` ' + 'or `aes_hmac`, got `%s` instead' % (parts[1])) + return decrypted_data + + +class BaseModel(object): + """ + Base Model for all classes + """ + + @classmethod + def _get_keys(cls): + """return column names for this model """ + return class_mapper(cls).c.keys() + + def get_dict(self): + """ + return dict with keys and values corresponding + to this model data """ + + d = {} + for k in self._get_keys(): + d[k] = getattr(self, k) + + # also use __json__() if present to get additional fields + _json_attr = getattr(self, '__json__', None) + if _json_attr: + # update with attributes from __json__ + if callable(_json_attr): + _json_attr = _json_attr() + for k, val in _json_attr.iteritems(): + d[k] = val + return d + + def get_appstruct(self): + """return list with keys and values tuples corresponding + to this model data """ + + l = [] + for k in self._get_keys(): + l.append((k, getattr(self, k),)) + return l + + def populate_obj(self, populate_dict): + """populate model with data from given populate_dict""" + + for k in self._get_keys(): + if k in populate_dict: + setattr(self, k, populate_dict[k]) + + @classmethod + def query(cls): + return Session().query(cls) + + @classmethod + def get(cls, id_): + if id_: + return cls.query().get(id_) + + @classmethod + def get_or_404(cls, id_): + try: + id_ = int(id_) + except (TypeError, ValueError): + raise HTTPNotFound + + res = cls.query().get(id_) + if not res: + raise HTTPNotFound + return res + + @classmethod + def getAll(cls): + # deprecated and left for backward compatibility + return cls.get_all() + + @classmethod + def get_all(cls): + return cls.query().all() + + @classmethod + def delete(cls, id_): + obj = cls.query().get(id_) + Session().delete(obj) + + @classmethod + def identity_cache(cls, session, attr_name, value): + exist_in_session = [] + for (item_cls, pkey), instance in session.identity_map.items(): + if cls == item_cls and getattr(instance, attr_name) == value: + exist_in_session.append(instance) + if exist_in_session: + if len(exist_in_session) == 1: + return exist_in_session[0] + log.exception( + 'multiple objects with attr %s and ' + 'value %s found with same name: %r', + attr_name, value, exist_in_session) + + def __repr__(self): + if hasattr(self, '__unicode__'): + # python repr needs to return str + try: + return safe_str(self.__unicode__()) + except UnicodeDecodeError: + pass + return '' % (self.__class__.__name__) + + +class RhodeCodeSetting(Base, BaseModel): + __tablename__ = 'rhodecode_settings' + __table_args__ = ( + UniqueConstraint('app_settings_name'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + + SETTINGS_TYPES = { + 'str': safe_str, + 'int': safe_int, + 'unicode': safe_unicode, + 'bool': str2bool, + 'list': functools.partial(aslist, sep=',') + } + DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions' + GLOBAL_CONF_KEY = 'app_settings' + + app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None) + _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None) + _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None) + + def __init__(self, key='', val='', type='unicode'): + self.app_settings_name = key + self.app_settings_type = type + self.app_settings_value = val + + @validates('_app_settings_value') + def validate_settings_value(self, key, val): + assert type(val) == unicode + return val + + @hybrid_property + def app_settings_value(self): + v = self._app_settings_value + _type = self.app_settings_type + if _type: + _type = self.app_settings_type.split('.')[0] + # decode the encrypted value + if 'encrypted' in self.app_settings_type: + cipher = EncryptedTextValue() + v = safe_unicode(cipher.process_result_value(v, None)) + + converter = self.SETTINGS_TYPES.get(_type) or \ + self.SETTINGS_TYPES['unicode'] + return converter(v) + + @app_settings_value.setter + def app_settings_value(self, val): + """ + Setter that will always make sure we use unicode in app_settings_value + + :param val: + """ + val = safe_unicode(val) + # encode the encrypted value + if 'encrypted' in self.app_settings_type: + cipher = EncryptedTextValue() + val = safe_unicode(cipher.process_bind_param(val, None)) + self._app_settings_value = val + + @hybrid_property + def app_settings_type(self): + return self._app_settings_type + + @app_settings_type.setter + def app_settings_type(self, val): + if val.split('.')[0] not in self.SETTINGS_TYPES: + raise Exception('type must be one of %s got %s' + % (self.SETTINGS_TYPES.keys(), val)) + self._app_settings_type = val + + def __unicode__(self): + return u"<%s('%s:%s[%s]')>" % ( + self.__class__.__name__, + self.app_settings_name, self.app_settings_value, + self.app_settings_type + ) + + +class RhodeCodeUi(Base, BaseModel): + __tablename__ = 'rhodecode_ui' + __table_args__ = ( + UniqueConstraint('ui_key'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + + HOOK_REPO_SIZE = 'changegroup.repo_size' + # HG + HOOK_PRE_PULL = 'preoutgoing.pre_pull' + HOOK_PULL = 'outgoing.pull_logger' + HOOK_PRE_PUSH = 'prechangegroup.pre_push' + HOOK_PUSH = 'changegroup.push_logger' + + # TODO: johbo: Unify way how hooks are configured for git and hg, + # git part is currently hardcoded. + + # SVN PATTERNS + SVN_BRANCH_ID = 'vcs_svn_branch' + SVN_TAG_ID = 'vcs_svn_tag' + + ui_id = Column( + "ui_id", Integer(), nullable=False, unique=True, default=None, + primary_key=True) + ui_section = Column( + "ui_section", String(255), nullable=True, unique=None, default=None) + ui_key = Column( + "ui_key", String(255), nullable=True, unique=None, default=None) + ui_value = Column( + "ui_value", String(255), nullable=True, unique=None, default=None) + ui_active = Column( + "ui_active", Boolean(), nullable=True, unique=None, default=True) + + def __repr__(self): + return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section, + self.ui_key, self.ui_value) + + +class RepoRhodeCodeSetting(Base, BaseModel): + __tablename__ = 'repo_rhodecode_settings' + __table_args__ = ( + UniqueConstraint( + 'app_settings_name', 'repository_id', + name='uq_repo_rhodecode_setting_name_repo_id'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + + repository_id = Column( + "repository_id", Integer(), ForeignKey('repositories.repo_id'), + nullable=False) + app_settings_id = Column( + "app_settings_id", Integer(), nullable=False, unique=True, + default=None, primary_key=True) + app_settings_name = Column( + "app_settings_name", String(255), nullable=True, unique=None, + default=None) + _app_settings_value = Column( + "app_settings_value", String(4096), nullable=True, unique=None, + default=None) + _app_settings_type = Column( + "app_settings_type", String(255), nullable=True, unique=None, + default=None) + + repository = relationship('Repository') + + def __init__(self, repository_id, key='', val='', type='unicode'): + self.repository_id = repository_id + self.app_settings_name = key + self.app_settings_type = type + self.app_settings_value = val + + @validates('_app_settings_value') + def validate_settings_value(self, key, val): + assert type(val) == unicode + return val + + @hybrid_property + def app_settings_value(self): + v = self._app_settings_value + type_ = self.app_settings_type + SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES + converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode'] + return converter(v) + + @app_settings_value.setter + def app_settings_value(self, val): + """ + Setter that will always make sure we use unicode in app_settings_value + + :param val: + """ + self._app_settings_value = safe_unicode(val) + + @hybrid_property + def app_settings_type(self): + return self._app_settings_type + + @app_settings_type.setter + def app_settings_type(self, val): + SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES + if val not in SETTINGS_TYPES: + raise Exception('type must be one of %s got %s' + % (SETTINGS_TYPES.keys(), val)) + self._app_settings_type = val + + def __unicode__(self): + return u"<%s('%s:%s:%s[%s]')>" % ( + self.__class__.__name__, self.repository.repo_name, + self.app_settings_name, self.app_settings_value, + self.app_settings_type + ) + + +class RepoRhodeCodeUi(Base, BaseModel): + __tablename__ = 'repo_rhodecode_ui' + __table_args__ = ( + UniqueConstraint( + 'repository_id', 'ui_section', 'ui_key', + name='uq_repo_rhodecode_ui_repository_id_section_key'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + + repository_id = Column( + "repository_id", Integer(), ForeignKey('repositories.repo_id'), + nullable=False) + ui_id = Column( + "ui_id", Integer(), nullable=False, unique=True, default=None, + primary_key=True) + ui_section = Column( + "ui_section", String(255), nullable=True, unique=None, default=None) + ui_key = Column( + "ui_key", String(255), nullable=True, unique=None, default=None) + ui_value = Column( + "ui_value", String(255), nullable=True, unique=None, default=None) + ui_active = Column( + "ui_active", Boolean(), nullable=True, unique=None, default=True) + + repository = relationship('Repository') + + def __repr__(self): + return '<%s[%s:%s]%s=>%s]>' % ( + self.__class__.__name__, self.repository.repo_name, + self.ui_section, self.ui_key, self.ui_value) + + +class User(Base, BaseModel): + __tablename__ = 'users' + __table_args__ = ( + UniqueConstraint('username'), UniqueConstraint('email'), + Index('u_username_idx', 'username'), + Index('u_email_idx', 'email'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + DEFAULT_USER = 'default' + DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org' + DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}' + + user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + username = Column("username", String(255), nullable=True, unique=None, default=None) + password = Column("password", String(255), nullable=True, unique=None, default=None) + active = Column("active", Boolean(), nullable=True, unique=None, default=True) + admin = Column("admin", Boolean(), nullable=True, unique=None, default=False) + name = Column("firstname", String(255), nullable=True, unique=None, default=None) + lastname = Column("lastname", String(255), nullable=True, unique=None, default=None) + _email = Column("email", String(255), nullable=True, unique=None, default=None) + last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None) + extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None) + extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None) + api_key = Column("api_key", String(255), nullable=True, unique=None, default=None) + inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True) + created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) + _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data + + user_log = relationship('UserLog') + user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all') + + repositories = relationship('Repository') + repository_groups = relationship('RepoGroup') + user_groups = relationship('UserGroup') + + user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all') + followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all') + + repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all') + repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all') + user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all') + + group_member = relationship('UserGroupMember', cascade='all') + + notifications = relationship('UserNotification', cascade='all') + # notifications assigned to this user + user_created_notifications = relationship('Notification', cascade='all') + # comments created by this user + user_comments = relationship('ChangesetComment', cascade='all') + # user profile extra info + user_emails = relationship('UserEmailMap', cascade='all') + user_ip_map = relationship('UserIpMap', cascade='all') + user_auth_tokens = relationship('UserApiKeys', cascade='all') + # gists + user_gists = relationship('Gist', cascade='all') + # user pull requests + user_pull_requests = relationship('PullRequest', cascade='all') + # external identities + extenal_identities = relationship( + 'ExternalIdentity', + primaryjoin="User.user_id==ExternalIdentity.local_user_id", + cascade='all') + + def __unicode__(self): + return u"<%s('id:%s:%s')>" % (self.__class__.__name__, + self.user_id, self.username) + + @hybrid_property + def email(self): + return self._email + + @email.setter + def email(self, val): + self._email = val.lower() if val else None + + @property + def firstname(self): + # alias for future + return self.name + + @property + def emails(self): + other = UserEmailMap.query().filter(UserEmailMap.user==self).all() + return [self.email] + [x.email for x in other] + + @property + def auth_tokens(self): + return [self.api_key] + [x.api_key for x in self.extra_auth_tokens] + + @property + def extra_auth_tokens(self): + return UserApiKeys.query().filter(UserApiKeys.user == self).all() + + @property + def feed_token(self): + feed_tokens = UserApiKeys.query()\ + .filter(UserApiKeys.user == self)\ + .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)\ + .all() + if feed_tokens: + return feed_tokens[0].api_key + else: + # use the main token so we don't end up with nothing... + return self.api_key + + @classmethod + def extra_valid_auth_tokens(cls, user, role=None): + tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\ + .filter(or_(UserApiKeys.expires == -1, + UserApiKeys.expires >= time.time())) + if role: + tokens = tokens.filter(or_(UserApiKeys.role == role, + UserApiKeys.role == UserApiKeys.ROLE_ALL)) + return tokens.all() + + @property + def ip_addresses(self): + ret = UserIpMap.query().filter(UserIpMap.user == self).all() + return [x.ip_addr for x in ret] + + @property + def username_and_name(self): + return '%s (%s %s)' % (self.username, self.firstname, self.lastname) + + @property + def username_or_name_or_email(self): + full_name = self.full_name if self.full_name is not ' ' else None + return self.username or full_name or self.email + + @property + def full_name(self): + return '%s %s' % (self.firstname, self.lastname) + + @property + def full_name_or_username(self): + return ('%s %s' % (self.firstname, self.lastname) + if (self.firstname and self.lastname) else self.username) + + @property + def full_contact(self): + return '%s %s <%s>' % (self.firstname, self.lastname, self.email) + + @property + def short_contact(self): + return '%s %s' % (self.firstname, self.lastname) + + @property + def is_admin(self): + return self.admin + + @property + def AuthUser(self): + """ + Returns instance of AuthUser for this user + """ + from rhodecode.lib.auth import AuthUser + return AuthUser(user_id=self.user_id, api_key=self.api_key, + username=self.username) + + @hybrid_property + def user_data(self): + if not self._user_data: + return {} + + try: + return json.loads(self._user_data) + except TypeError: + return {} + + @user_data.setter + def user_data(self, val): + if not isinstance(val, dict): + raise Exception('user_data must be dict, got %s' % type(val)) + try: + self._user_data = json.dumps(val) + except Exception: + log.error(traceback.format_exc()) + + @classmethod + def get_by_username(cls, username, case_insensitive=False, + cache=False, identity_cache=False): + session = Session() + + if case_insensitive: + q = cls.query().filter( + func.lower(cls.username) == func.lower(username)) + else: + q = cls.query().filter(cls.username == username) + + if cache: + if identity_cache: + val = cls.identity_cache(session, 'username', username) + if val: + return val + else: + q = q.options( + FromCache("sql_cache_short", + "get_user_by_name_%s" % _hash_key(username))) + + return q.scalar() + + @classmethod + def get_by_auth_token(cls, auth_token, cache=False, fallback=True): + q = cls.query().filter(cls.api_key == auth_token) + + if cache: + q = q.options(FromCache("sql_cache_short", + "get_auth_token_%s" % auth_token)) + res = q.scalar() + + if fallback and not res: + #fallback to additional keys + _res = UserApiKeys.query()\ + .filter(UserApiKeys.api_key == auth_token)\ + .filter(or_(UserApiKeys.expires == -1, + UserApiKeys.expires >= time.time()))\ + .first() + if _res: + res = _res.user + return res + + @classmethod + def get_by_email(cls, email, case_insensitive=False, cache=False): + + if case_insensitive: + q = cls.query().filter(func.lower(cls.email) == func.lower(email)) + + else: + q = cls.query().filter(cls.email == email) + + if cache: + q = q.options(FromCache("sql_cache_short", + "get_email_key_%s" % _hash_key(email))) + + ret = q.scalar() + if ret is None: + q = UserEmailMap.query() + # try fetching in alternate email map + if case_insensitive: + q = q.filter(func.lower(UserEmailMap.email) == func.lower(email)) + else: + q = q.filter(UserEmailMap.email == email) + q = q.options(joinedload(UserEmailMap.user)) + if cache: + q = q.options(FromCache("sql_cache_short", + "get_email_map_key_%s" % email)) + ret = getattr(q.scalar(), 'user', None) + + return ret + + @classmethod + def get_from_cs_author(cls, author): + """ + Tries to get User objects out of commit author string + + :param author: + """ + from rhodecode.lib.helpers import email, author_name + # Valid email in the attribute passed, see if they're in the system + _email = email(author) + if _email: + user = cls.get_by_email(_email, case_insensitive=True) + if user: + return user + # Maybe we can match by username? + _author = author_name(author) + user = cls.get_by_username(_author, case_insensitive=True) + if user: + return user + + def update_userdata(self, **kwargs): + usr = self + old = usr.user_data + old.update(**kwargs) + usr.user_data = old + Session().add(usr) + log.debug('updated userdata with ', kwargs) + + def update_lastlogin(self): + """Update user lastlogin""" + self.last_login = datetime.datetime.now() + Session().add(self) + log.debug('updated user %s lastlogin', self.username) + + def update_lastactivity(self): + """Update user lastactivity""" + usr = self + old = usr.user_data + old.update({'last_activity': time.time()}) + usr.user_data = old + Session().add(usr) + log.debug('updated user %s lastactivity', usr.username) + + def update_password(self, new_password, change_api_key=False): + from rhodecode.lib.auth import get_crypt_password,generate_auth_token + + self.password = get_crypt_password(new_password) + if change_api_key: + self.api_key = generate_auth_token(self.username) + Session().add(self) + + @classmethod + def get_first_super_admin(cls): + user = User.query().filter(User.admin == true()).first() + if user is None: + raise Exception('FATAL: Missing administrative account!') + return user + + @classmethod + def get_all_super_admins(cls): + """ + Returns all admin accounts sorted by username + """ + return User.query().filter(User.admin == true())\ + .order_by(User.username.asc()).all() + + @classmethod + def get_default_user(cls, cache=False): + user = User.get_by_username(User.DEFAULT_USER, cache=cache) + if user is None: + raise Exception('FATAL: Missing default account!') + return user + + def _get_default_perms(self, user, suffix=''): + from rhodecode.model.permission import PermissionModel + return PermissionModel().get_default_perms(user.user_perms, suffix) + + def get_default_perms(self, suffix=''): + return self._get_default_perms(self, suffix) + + def get_api_data(self, include_secrets=False, details='full'): + """ + Common function for generating user related data for API + + :param include_secrets: By default secrets in the API data will be replaced + by a placeholder value to prevent exposing this data by accident. In case + this data shall be exposed, set this flag to ``True``. + + :param details: details can be 'basic|full' basic gives only a subset of + the available user information that includes user_id, name and emails. + """ + user = self + user_data = self.user_data + data = { + 'user_id': user.user_id, + 'username': user.username, + 'firstname': user.name, + 'lastname': user.lastname, + 'email': user.email, + 'emails': user.emails, + } + if details == 'basic': + return data + + api_key_length = 40 + api_key_replacement = '*' * api_key_length + + extras = { + 'api_key': api_key_replacement, + 'api_keys': [api_key_replacement], + 'active': user.active, + 'admin': user.admin, + 'extern_type': user.extern_type, + 'extern_name': user.extern_name, + 'last_login': user.last_login, + 'ip_addresses': user.ip_addresses, + 'language': user_data.get('language') + } + data.update(extras) + + if include_secrets: + data['api_key'] = user.api_key + data['api_keys'] = user.auth_tokens + return data + + def __json__(self): + data = { + 'full_name': self.full_name, + 'full_name_or_username': self.full_name_or_username, + 'short_contact': self.short_contact, + 'full_contact': self.full_contact, + } + data.update(self.get_api_data()) + return data + + +class UserApiKeys(Base, BaseModel): + __tablename__ = 'user_api_keys' + __table_args__ = ( + Index('uak_api_key_idx', 'api_key'), + Index('uak_api_key_expires_idx', 'api_key', 'expires'), + UniqueConstraint('api_key'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + __mapper_args__ = {} + + # ApiKey role + ROLE_ALL = 'token_role_all' + ROLE_HTTP = 'token_role_http' + ROLE_VCS = 'token_role_vcs' + ROLE_API = 'token_role_api' + ROLE_FEED = 'token_role_feed' + ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED] + + user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) + api_key = Column("api_key", String(255), nullable=False, unique=True) + description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql')) + expires = Column('expires', Float(53), nullable=False) + role = Column('role', String(255), nullable=True) + created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) + + user = relationship('User', lazy='joined') + + @classmethod + def _get_role_name(cls, role): + return { + cls.ROLE_ALL: _('all'), + cls.ROLE_HTTP: _('http/web interface'), + cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'), + cls.ROLE_API: _('api calls'), + cls.ROLE_FEED: _('feed access'), + }.get(role, role) + + @property + def expired(self): + if self.expires == -1: + return False + return time.time() > self.expires + + @property + def role_humanized(self): + return self._get_role_name(self.role) + + +class UserEmailMap(Base, BaseModel): + __tablename__ = 'user_email_map' + __table_args__ = ( + Index('uem_email_idx', 'email'), + UniqueConstraint('email'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + __mapper_args__ = {} + + email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) + _email = Column("email", String(255), nullable=True, unique=False, default=None) + user = relationship('User', lazy='joined') + + @validates('_email') + def validate_email(self, key, email): + # check if this email is not main one + main_email = Session().query(User).filter(User.email == email).scalar() + if main_email is not None: + raise AttributeError('email %s is present is user table' % email) + return email + + @hybrid_property + def email(self): + return self._email + + @email.setter + def email(self, val): + self._email = val.lower() if val else None + + +class UserIpMap(Base, BaseModel): + __tablename__ = 'user_ip_map' + __table_args__ = ( + UniqueConstraint('user_id', 'ip_addr'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + __mapper_args__ = {} + + ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) + ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None) + active = Column("active", Boolean(), nullable=True, unique=None, default=True) + description = Column("description", String(10000), nullable=True, unique=None, default=None) + user = relationship('User', lazy='joined') + + @classmethod + def _get_ip_range(cls, ip_addr): + net = ipaddress.ip_network(ip_addr, strict=False) + return [str(net.network_address), str(net.broadcast_address)] + + def __json__(self): + return { + 'ip_addr': self.ip_addr, + 'ip_range': self._get_ip_range(self.ip_addr), + } + + def __unicode__(self): + return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__, + self.user_id, self.ip_addr) + +class UserLog(Base, BaseModel): + __tablename__ = 'user_logs' + __table_args__ = ( + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) + username = Column("username", String(255), nullable=True, unique=None, default=None) + repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True) + repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None) + user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None) + action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None) + action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None) + + def __unicode__(self): + return u"<%s('id:%s:%s')>" % (self.__class__.__name__, + self.repository_name, + self.action) + + @property + def action_as_day(self): + return datetime.date(*self.action_date.timetuple()[:3]) + + user = relationship('User') + repository = relationship('Repository', cascade='') + + +class UserGroup(Base, BaseModel): + __tablename__ = 'users_groups' + __table_args__ = ( + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + + users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None) + user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None) + users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None) + inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True) + user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None) + created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) + _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data + + members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined") + users_group_to_perm = relationship('UserGroupToPerm', cascade='all') + users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all') + users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all') + user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all') + user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all') + + user = relationship('User') + + @hybrid_property + def group_data(self): + if not self._group_data: + return {} + + try: + return json.loads(self._group_data) + except TypeError: + return {} + + @group_data.setter + def group_data(self, val): + try: + self._group_data = json.dumps(val) + except Exception: + log.error(traceback.format_exc()) + + def __unicode__(self): + return u"<%s('id:%s:%s')>" % (self.__class__.__name__, + self.users_group_id, + self.users_group_name) + + @classmethod + def get_by_group_name(cls, group_name, cache=False, + case_insensitive=False): + if case_insensitive: + q = cls.query().filter(func.lower(cls.users_group_name) == + func.lower(group_name)) + + else: + q = cls.query().filter(cls.users_group_name == group_name) + if cache: + q = q.options(FromCache( + "sql_cache_short", + "get_group_%s" % _hash_key(group_name))) + return q.scalar() + + @classmethod + def get(cls, user_group_id, cache=False): + user_group = cls.query() + if cache: + user_group = user_group.options(FromCache("sql_cache_short", + "get_users_group_%s" % user_group_id)) + return user_group.get(user_group_id) + + def permissions(self, with_admins=True, with_owner=True): + q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self) + q = q.options(joinedload(UserUserGroupToPerm.user_group), + joinedload(UserUserGroupToPerm.user), + joinedload(UserUserGroupToPerm.permission),) + + # get owners and admins and permissions. We do a trick of re-writing + # objects from sqlalchemy to named-tuples due to sqlalchemy session + # has a global reference and changing one object propagates to all + # others. This means if admin is also an owner admin_row that change + # would propagate to both objects + perm_rows = [] + for _usr in q.all(): + usr = AttributeDict(_usr.user.get_dict()) + usr.permission = _usr.permission.permission_name + perm_rows.append(usr) + + # filter the perm rows by 'default' first and then sort them by + # admin,write,read,none permissions sorted again alphabetically in + # each group + perm_rows = sorted(perm_rows, key=display_sort) + + _admin_perm = 'usergroup.admin' + owner_row = [] + if with_owner: + usr = AttributeDict(self.user.get_dict()) + usr.owner_row = True + usr.permission = _admin_perm + owner_row.append(usr) + + super_admin_rows = [] + if with_admins: + for usr in User.get_all_super_admins(): + # if this admin is also owner, don't double the record + if usr.user_id == owner_row[0].user_id: + owner_row[0].admin_row = True + else: + usr = AttributeDict(usr.get_dict()) + usr.admin_row = True + usr.permission = _admin_perm + super_admin_rows.append(usr) + + return super_admin_rows + owner_row + perm_rows + + def permission_user_groups(self): + q = UserGroupUserGroupToPerm.query().filter(UserGroupUserGroupToPerm.target_user_group == self) + q = q.options(joinedload(UserGroupUserGroupToPerm.user_group), + joinedload(UserGroupUserGroupToPerm.target_user_group), + joinedload(UserGroupUserGroupToPerm.permission),) + + perm_rows = [] + for _user_group in q.all(): + usr = AttributeDict(_user_group.user_group.get_dict()) + usr.permission = _user_group.permission.permission_name + perm_rows.append(usr) + + return perm_rows + + def _get_default_perms(self, user_group, suffix=''): + from rhodecode.model.permission import PermissionModel + return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix) + + def get_default_perms(self, suffix=''): + return self._get_default_perms(self, suffix) + + def get_api_data(self, with_group_members=True, include_secrets=False): + """ + :param include_secrets: See :meth:`User.get_api_data`, this parameter is + basically forwarded. + + """ + user_group = self + + data = { + 'users_group_id': user_group.users_group_id, + 'group_name': user_group.users_group_name, + 'group_description': user_group.user_group_description, + 'active': user_group.users_group_active, + 'owner': user_group.user.username, + } + if with_group_members: + users = [] + for user in user_group.members: + user = user.user + users.append(user.get_api_data(include_secrets=include_secrets)) + data['users'] = users + + return data + + +class UserGroupMember(Base, BaseModel): + __tablename__ = 'users_groups_members' + __table_args__ = ( + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + + users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) + user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) + + user = relationship('User', lazy='joined') + users_group = relationship('UserGroup') + + def __init__(self, gr_id='', u_id=''): + self.users_group_id = gr_id + self.user_id = u_id + + +class RepositoryField(Base, BaseModel): + __tablename__ = 'repositories_fields' + __table_args__ = ( + UniqueConstraint('repository_id', 'field_key'), # no-multi field + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields + + repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None) + field_key = Column("field_key", String(250)) + field_label = Column("field_label", String(1024), nullable=False) + field_value = Column("field_value", String(10000), nullable=False) + field_desc = Column("field_desc", String(1024), nullable=False) + field_type = Column("field_type", String(255), nullable=False, unique=None) + created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) + + repository = relationship('Repository') + + @property + def field_key_prefixed(self): + return 'ex_%s' % self.field_key + + @classmethod + def un_prefix_key(cls, key): + if key.startswith(cls.PREFIX): + return key[len(cls.PREFIX):] + return key + + @classmethod + def get_by_key_name(cls, key, repo): + row = cls.query()\ + .filter(cls.repository == repo)\ + .filter(cls.field_key == key).scalar() + return row + + +class Repository(Base, BaseModel): + __tablename__ = 'repositories' + __table_args__ = ( + Index('r_repo_name_idx', 'repo_name', mysql_length=255), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}' + DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}' + + STATE_CREATED = 'repo_state_created' + STATE_PENDING = 'repo_state_pending' + STATE_ERROR = 'repo_state_error' + + LOCK_AUTOMATIC = 'lock_auto' + LOCK_API = 'lock_api' + LOCK_WEB = 'lock_web' + LOCK_PULL = 'lock_pull' + + NAME_SEP = URL_SEP + + repo_id = Column( + "repo_id", Integer(), nullable=False, unique=True, default=None, + primary_key=True) + _repo_name = Column( + "repo_name", Text(), nullable=False, default=None) + _repo_name_hash = Column( + "repo_name_hash", String(255), nullable=False, unique=True) + repo_state = Column("repo_state", String(255), nullable=True) + + clone_uri = Column( + "clone_uri", EncryptedTextValue(), nullable=True, unique=False, + default=None) + repo_type = Column( + "repo_type", String(255), nullable=False, unique=False, default=None) + user_id = Column( + "user_id", Integer(), ForeignKey('users.user_id'), nullable=False, + unique=False, default=None) + private = Column( + "private", Boolean(), nullable=True, unique=None, default=None) + enable_statistics = Column( + "statistics", Boolean(), nullable=True, unique=None, default=True) + enable_downloads = Column( + "downloads", Boolean(), nullable=True, unique=None, default=True) + description = Column( + "description", String(10000), nullable=True, unique=None, default=None) + created_on = Column( + 'created_on', DateTime(timezone=False), nullable=True, unique=None, + default=datetime.datetime.now) + updated_on = Column( + 'updated_on', DateTime(timezone=False), nullable=True, unique=None, + default=datetime.datetime.now) + _landing_revision = Column( + "landing_revision", String(255), nullable=False, unique=False, + default=None) + enable_locking = Column( + "enable_locking", Boolean(), nullable=False, unique=None, + default=False) + _locked = Column( + "locked", String(255), nullable=True, unique=False, default=None) + _changeset_cache = Column( + "changeset_cache", LargeBinary(), nullable=True) # JSON data + + fork_id = Column( + "fork_id", Integer(), ForeignKey('repositories.repo_id'), + nullable=True, unique=False, default=None) + group_id = Column( + "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True, + unique=False, default=None) + + user = relationship('User', lazy='joined') + fork = relationship('Repository', remote_side=repo_id, lazy='joined') + group = relationship('RepoGroup', lazy='joined') + repo_to_perm = relationship( + 'UserRepoToPerm', cascade='all', + order_by='UserRepoToPerm.repo_to_perm_id') + users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all') + stats = relationship('Statistics', cascade='all', uselist=False) + + followers = relationship( + 'UserFollowing', + primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', + cascade='all') + extra_fields = relationship( + 'RepositoryField', cascade="all, delete, delete-orphan") + logs = relationship('UserLog') + comments = relationship( + 'ChangesetComment', cascade="all, delete, delete-orphan") + pull_requests_source = relationship( + 'PullRequest', + primaryjoin='PullRequest.source_repo_id==Repository.repo_id', + cascade="all, delete, delete-orphan") + pull_requests_target = relationship( + 'PullRequest', + primaryjoin='PullRequest.target_repo_id==Repository.repo_id', + cascade="all, delete, delete-orphan") + ui = relationship('RepoRhodeCodeUi', cascade="all") + settings = relationship('RepoRhodeCodeSetting', cascade="all") + integrations = relationship('Integration', + cascade="all, delete, delete-orphan") + + def __unicode__(self): + return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id, + safe_unicode(self.repo_name)) + + @hybrid_property + def landing_rev(self): + # always should return [rev_type, rev] + if self._landing_revision: + _rev_info = self._landing_revision.split(':') + if len(_rev_info) < 2: + _rev_info.insert(0, 'rev') + return [_rev_info[0], _rev_info[1]] + return [None, None] + + @landing_rev.setter + def landing_rev(self, val): + if ':' not in val: + raise ValueError('value must be delimited with `:` and consist ' + 'of :, got %s instead' % val) + self._landing_revision = val + + @hybrid_property + def locked(self): + if self._locked: + user_id, timelocked, reason = self._locked.split(':') + lock_values = int(user_id), timelocked, reason + else: + lock_values = [None, None, None] + return lock_values + + @locked.setter + def locked(self, val): + if val and isinstance(val, (list, tuple)): + self._locked = ':'.join(map(str, val)) + else: + self._locked = None + + @hybrid_property + def changeset_cache(self): + from rhodecode.lib.vcs.backends.base import EmptyCommit + dummy = EmptyCommit().__json__() + if not self._changeset_cache: + return dummy + try: + return json.loads(self._changeset_cache) + except TypeError: + return dummy + except Exception: + log.error(traceback.format_exc()) + return dummy + + @changeset_cache.setter + def changeset_cache(self, val): + try: + self._changeset_cache = json.dumps(val) + except Exception: + log.error(traceback.format_exc()) + + @hybrid_property + def repo_name(self): + return self._repo_name + + @repo_name.setter + def repo_name(self, value): + self._repo_name = value + self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest() + + @classmethod + def normalize_repo_name(cls, repo_name): + """ + Normalizes os specific repo_name to the format internally stored inside + database using URL_SEP + + :param cls: + :param repo_name: + """ + return cls.NAME_SEP.join(repo_name.split(os.sep)) + + @classmethod + def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False): + session = Session() + q = session.query(cls).filter(cls.repo_name == repo_name) + + if cache: + if identity_cache: + val = cls.identity_cache(session, 'repo_name', repo_name) + if val: + return val + else: + q = q.options( + FromCache("sql_cache_short", + "get_repo_by_name_%s" % _hash_key(repo_name))) + + return q.scalar() + + @classmethod + def get_by_full_path(cls, repo_full_path): + repo_name = repo_full_path.split(cls.base_path(), 1)[-1] + repo_name = cls.normalize_repo_name(repo_name) + return cls.get_by_repo_name(repo_name.strip(URL_SEP)) + + @classmethod + def get_repo_forks(cls, repo_id): + return cls.query().filter(Repository.fork_id == repo_id) + + @classmethod + def base_path(cls): + """ + Returns base path when all repos are stored + + :param cls: + """ + q = Session().query(RhodeCodeUi)\ + .filter(RhodeCodeUi.ui_key == cls.NAME_SEP) + q = q.options(FromCache("sql_cache_short", "repository_repo_path")) + return q.one().ui_value + + @classmethod + def is_valid(cls, repo_name): + """ + returns True if given repo name is a valid filesystem repository + + :param cls: + :param repo_name: + """ + from rhodecode.lib.utils import is_valid_repo + + return is_valid_repo(repo_name, cls.base_path()) + + @classmethod + def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None), + case_insensitive=True): + q = Repository.query() + + if not isinstance(user_id, Optional): + q = q.filter(Repository.user_id == user_id) + + if not isinstance(group_id, Optional): + q = q.filter(Repository.group_id == group_id) + + if case_insensitive: + q = q.order_by(func.lower(Repository.repo_name)) + else: + q = q.order_by(Repository.repo_name) + return q.all() + + @property + def forks(self): + """ + Return forks of this repo + """ + return Repository.get_repo_forks(self.repo_id) + + @property + def parent(self): + """ + Returns fork parent + """ + return self.fork + + @property + def just_name(self): + return self.repo_name.split(self.NAME_SEP)[-1] + + @property + def groups_with_parents(self): + groups = [] + if self.group is None: + return groups + + cur_gr = self.group + groups.insert(0, cur_gr) + while 1: + gr = getattr(cur_gr, 'parent_group', None) + cur_gr = cur_gr.parent_group + if gr is None: + break + groups.insert(0, gr) + + return groups + + @property + def groups_and_repo(self): + return self.groups_with_parents, self + + @LazyProperty + def repo_path(self): + """ + Returns base full path for that repository means where it actually + exists on a filesystem + """ + q = Session().query(RhodeCodeUi).filter( + RhodeCodeUi.ui_key == self.NAME_SEP) + q = q.options(FromCache("sql_cache_short", "repository_repo_path")) + return q.one().ui_value + + @property + def repo_full_path(self): + p = [self.repo_path] + # we need to split the name by / since this is how we store the + # names in the database, but that eventually needs to be converted + # into a valid system path + p += self.repo_name.split(self.NAME_SEP) + return os.path.join(*map(safe_unicode, p)) + + @property + def cache_keys(self): + """ + Returns associated cache keys for that repo + """ + return CacheKey.query()\ + .filter(CacheKey.cache_args == self.repo_name)\ + .order_by(CacheKey.cache_key)\ + .all() + + def get_new_name(self, repo_name): + """ + returns new full repository name based on assigned group and new new + + :param group_name: + """ + path_prefix = self.group.full_path_splitted if self.group else [] + return self.NAME_SEP.join(path_prefix + [repo_name]) + + @property + def _config(self): + """ + Returns db based config object. + """ + from rhodecode.lib.utils import make_db_config + return make_db_config(clear_session=False, repo=self) + + def permissions(self, with_admins=True, with_owner=True): + q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self) + q = q.options(joinedload(UserRepoToPerm.repository), + joinedload(UserRepoToPerm.user), + joinedload(UserRepoToPerm.permission),) + + # get owners and admins and permissions. We do a trick of re-writing + # objects from sqlalchemy to named-tuples due to sqlalchemy session + # has a global reference and changing one object propagates to all + # others. This means if admin is also an owner admin_row that change + # would propagate to both objects + perm_rows = [] + for _usr in q.all(): + usr = AttributeDict(_usr.user.get_dict()) + usr.permission = _usr.permission.permission_name + perm_rows.append(usr) + + # filter the perm rows by 'default' first and then sort them by + # admin,write,read,none permissions sorted again alphabetically in + # each group + perm_rows = sorted(perm_rows, key=display_sort) + + _admin_perm = 'repository.admin' + owner_row = [] + if with_owner: + usr = AttributeDict(self.user.get_dict()) + usr.owner_row = True + usr.permission = _admin_perm + owner_row.append(usr) + + super_admin_rows = [] + if with_admins: + for usr in User.get_all_super_admins(): + # if this admin is also owner, don't double the record + if usr.user_id == owner_row[0].user_id: + owner_row[0].admin_row = True + else: + usr = AttributeDict(usr.get_dict()) + usr.admin_row = True + usr.permission = _admin_perm + super_admin_rows.append(usr) + + return super_admin_rows + owner_row + perm_rows + + def permission_user_groups(self): + q = UserGroupRepoToPerm.query().filter( + UserGroupRepoToPerm.repository == self) + q = q.options(joinedload(UserGroupRepoToPerm.repository), + joinedload(UserGroupRepoToPerm.users_group), + joinedload(UserGroupRepoToPerm.permission),) + + perm_rows = [] + for _user_group in q.all(): + usr = AttributeDict(_user_group.users_group.get_dict()) + usr.permission = _user_group.permission.permission_name + perm_rows.append(usr) + + return perm_rows + + def get_api_data(self, include_secrets=False): + """ + Common function for generating repo api data + + :param include_secrets: See :meth:`User.get_api_data`. + + """ + # TODO: mikhail: Here there is an anti-pattern, we probably need to + # move this methods on models level. + from rhodecode.model.settings import SettingsModel + + repo = self + _user_id, _time, _reason = self.locked + + data = { + 'repo_id': repo.repo_id, + 'repo_name': repo.repo_name, + 'repo_type': repo.repo_type, + 'clone_uri': repo.clone_uri or '', + 'url': url('summary_home', repo_name=self.repo_name, qualified=True), + 'private': repo.private, + 'created_on': repo.created_on, + 'description': repo.description, + 'landing_rev': repo.landing_rev, + 'owner': repo.user.username, + 'fork_of': repo.fork.repo_name if repo.fork else None, + 'enable_statistics': repo.enable_statistics, + 'enable_locking': repo.enable_locking, + 'enable_downloads': repo.enable_downloads, + 'last_changeset': repo.changeset_cache, + 'locked_by': User.get(_user_id).get_api_data( + include_secrets=include_secrets) if _user_id else None, + 'locked_date': time_to_datetime(_time) if _time else None, + 'lock_reason': _reason if _reason else None, + } + + # TODO: mikhail: should be per-repo settings here + rc_config = SettingsModel().get_all_settings() + repository_fields = str2bool( + rc_config.get('rhodecode_repository_fields')) + if repository_fields: + for f in self.extra_fields: + data[f.field_key_prefixed] = f.field_value + + return data + + @classmethod + def lock(cls, repo, user_id, lock_time=None, lock_reason=None): + if not lock_time: + lock_time = time.time() + if not lock_reason: + lock_reason = cls.LOCK_AUTOMATIC + repo.locked = [user_id, lock_time, lock_reason] + Session().add(repo) + Session().commit() + + @classmethod + def unlock(cls, repo): + repo.locked = None + Session().add(repo) + Session().commit() + + @classmethod + def getlock(cls, repo): + return repo.locked + + def is_user_lock(self, user_id): + if self.lock[0]: + lock_user_id = safe_int(self.lock[0]) + user_id = safe_int(user_id) + # both are ints, and they are equal + return all([lock_user_id, user_id]) and lock_user_id == user_id + + return False + + def get_locking_state(self, action, user_id, only_when_enabled=True): + """ + Checks locking on this repository, if locking is enabled and lock is + present returns a tuple of make_lock, locked, locked_by. + make_lock can have 3 states None (do nothing) True, make lock + False release lock, This value is later propagated to hooks, which + do the locking. Think about this as signals passed to hooks what to do. + + """ + # TODO: johbo: This is part of the business logic and should be moved + # into the RepositoryModel. + + if action not in ('push', 'pull'): + raise ValueError("Invalid action value: %s" % repr(action)) + + # defines if locked error should be thrown to user + currently_locked = False + # defines if new lock should be made, tri-state + make_lock = None + repo = self + user = User.get(user_id) + + lock_info = repo.locked + + if repo and (repo.enable_locking or not only_when_enabled): + if action == 'push': + # check if it's already locked !, if it is compare users + locked_by_user_id = lock_info[0] + if user.user_id == locked_by_user_id: + log.debug( + 'Got `push` action from user %s, now unlocking', user) + # unlock if we have push from user who locked + make_lock = False + else: + # we're not the same user who locked, ban with + # code defined in settings (default is 423 HTTP Locked) ! + log.debug('Repo %s is currently locked by %s', repo, user) + currently_locked = True + elif action == 'pull': + # [0] user [1] date + if lock_info[0] and lock_info[1]: + log.debug('Repo %s is currently locked by %s', repo, user) + currently_locked = True + else: + log.debug('Setting lock on repo %s by %s', repo, user) + make_lock = True + + else: + log.debug('Repository %s do not have locking enabled', repo) + + log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s', + make_lock, currently_locked, lock_info) + + from rhodecode.lib.auth import HasRepoPermissionAny + perm_check = HasRepoPermissionAny('repository.write', 'repository.admin') + if make_lock and not perm_check(repo_name=repo.repo_name, user=user): + # if we don't have at least write permission we cannot make a lock + log.debug('lock state reset back to FALSE due to lack ' + 'of at least read permission') + make_lock = False + + return make_lock, currently_locked, lock_info + + @property + def last_db_change(self): + return self.updated_on + + @property + def clone_uri_hidden(self): + clone_uri = self.clone_uri + if clone_uri: + import urlobject + url_obj = urlobject.URLObject(clone_uri) + if url_obj.password: + clone_uri = url_obj.with_password('*****') + return clone_uri + + def clone_url(self, **override): + qualified_home_url = url('home', qualified=True) + + uri_tmpl = None + if 'with_id' in override: + uri_tmpl = self.DEFAULT_CLONE_URI_ID + del override['with_id'] + + if 'uri_tmpl' in override: + uri_tmpl = override['uri_tmpl'] + del override['uri_tmpl'] + + # we didn't override our tmpl from **overrides + if not uri_tmpl: + uri_tmpl = self.DEFAULT_CLONE_URI + try: + from pylons import tmpl_context as c + uri_tmpl = c.clone_uri_tmpl + except Exception: + # in any case if we call this outside of request context, + # ie, not having tmpl_context set up + pass + + return get_clone_url(uri_tmpl=uri_tmpl, + qualifed_home_url=qualified_home_url, + repo_name=self.repo_name, + repo_id=self.repo_id, **override) + + def set_state(self, state): + self.repo_state = state + Session().add(self) + #========================================================================== + # SCM PROPERTIES + #========================================================================== + + def get_commit(self, commit_id=None, commit_idx=None, pre_load=None): + return get_commit_safe( + self.scm_instance(), commit_id, commit_idx, pre_load=pre_load) + + def get_changeset(self, rev=None, pre_load=None): + warnings.warn("Use get_commit", DeprecationWarning) + commit_id = None + commit_idx = None + if isinstance(rev, basestring): + commit_id = rev + else: + commit_idx = rev + return self.get_commit(commit_id=commit_id, commit_idx=commit_idx, + pre_load=pre_load) + + def get_landing_commit(self): + """ + Returns landing commit, or if that doesn't exist returns the tip + """ + _rev_type, _rev = self.landing_rev + commit = self.get_commit(_rev) + if isinstance(commit, EmptyCommit): + return self.get_commit() + return commit + + def update_commit_cache(self, cs_cache=None, config=None): + """ + Update cache of last changeset for repository, keys should be:: + + short_id + raw_id + revision + parents + message + date + author + + :param cs_cache: + """ + from rhodecode.lib.vcs.backends.base import BaseChangeset + if cs_cache is None: + # use no-cache version here + scm_repo = self.scm_instance(cache=False, config=config) + if scm_repo: + cs_cache = scm_repo.get_commit( + pre_load=["author", "date", "message", "parents"]) + else: + cs_cache = EmptyCommit() + + if isinstance(cs_cache, BaseChangeset): + cs_cache = cs_cache.__json__() + + def is_outdated(new_cs_cache): + if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or + new_cs_cache['revision'] != self.changeset_cache['revision']): + return True + return False + + # check if we have maybe already latest cached revision + if is_outdated(cs_cache) or not self.changeset_cache: + _default = datetime.datetime.fromtimestamp(0) + last_change = cs_cache.get('date') or _default + log.debug('updated repo %s with new cs cache %s', + self.repo_name, cs_cache) + self.updated_on = last_change + self.changeset_cache = cs_cache + Session().add(self) + Session().commit() + else: + log.debug('Skipping update_commit_cache for repo:`%s` ' + 'commit already with latest changes', self.repo_name) + + @property + def tip(self): + return self.get_commit('tip') + + @property + def author(self): + return self.tip.author + + @property + def last_change(self): + return self.scm_instance().last_change + + def get_comments(self, revisions=None): + """ + Returns comments for this repository grouped by revisions + + :param revisions: filter query by revisions only + """ + cmts = ChangesetComment.query()\ + .filter(ChangesetComment.repo == self) + if revisions: + cmts = cmts.filter(ChangesetComment.revision.in_(revisions)) + grouped = collections.defaultdict(list) + for cmt in cmts.all(): + grouped[cmt.revision].append(cmt) + return grouped + + def statuses(self, revisions=None): + """ + Returns statuses for this repository + + :param revisions: list of revisions to get statuses for + """ + statuses = ChangesetStatus.query()\ + .filter(ChangesetStatus.repo == self)\ + .filter(ChangesetStatus.version == 0) + + if revisions: + # Try doing the filtering in chunks to avoid hitting limits + size = 500 + status_results = [] + for chunk in xrange(0, len(revisions), size): + status_results += statuses.filter( + ChangesetStatus.revision.in_( + revisions[chunk: chunk+size]) + ).all() + else: + status_results = statuses.all() + + grouped = {} + + # maybe we have open new pullrequest without a status? + stat = ChangesetStatus.STATUS_UNDER_REVIEW + status_lbl = ChangesetStatus.get_status_lbl(stat) + for pr in PullRequest.query().filter(PullRequest.source_repo == self).all(): + for rev in pr.revisions: + pr_id = pr.pull_request_id + pr_repo = pr.target_repo.repo_name + grouped[rev] = [stat, status_lbl, pr_id, pr_repo] + + for stat in status_results: + pr_id = pr_repo = None + if stat.pull_request: + pr_id = stat.pull_request.pull_request_id + pr_repo = stat.pull_request.target_repo.repo_name + grouped[stat.revision] = [str(stat.status), stat.status_lbl, + pr_id, pr_repo] + return grouped + + # ========================================================================== + # SCM CACHE INSTANCE + # ========================================================================== + + def scm_instance(self, **kwargs): + import rhodecode + + # Passing a config will not hit the cache currently only used + # for repo2dbmapper + config = kwargs.pop('config', None) + cache = kwargs.pop('cache', None) + full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache')) + # if cache is NOT defined use default global, else we have a full + # control over cache behaviour + if cache is None and full_cache and not config: + return self._get_instance_cached() + return self._get_instance(cache=bool(cache), config=config) + + def _get_instance_cached(self): + @cache_region('long_term') + def _get_repo(cache_key): + return self._get_instance() + + invalidator_context = CacheKey.repo_context_cache( + _get_repo, self.repo_name, None, thread_scoped=True) + + with invalidator_context as context: + context.invalidate() + repo = context.compute() + + return repo + + def _get_instance(self, cache=True, config=None): + config = config or self._config + custom_wire = { + 'cache': cache # controls the vcs.remote cache + } + + repo = get_vcs_instance( + repo_path=safe_str(self.repo_full_path), + config=config, + with_wire=custom_wire, + create=False) + + return repo + + def __json__(self): + return {'landing_rev': self.landing_rev} + + def get_dict(self): + + # Since we transformed `repo_name` to a hybrid property, we need to + # keep compatibility with the code which uses `repo_name` field. + + result = super(Repository, self).get_dict() + result['repo_name'] = result.pop('_repo_name', None) + return result + + +class RepoGroup(Base, BaseModel): + __tablename__ = 'groups' + __table_args__ = ( + UniqueConstraint('group_name', 'group_parent_id'), + CheckConstraint('group_id != group_parent_id'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + __mapper_args__ = {'order_by': 'group_name'} + + CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups + + group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + group_name = Column("group_name", String(255), nullable=False, unique=True, default=None) + group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None) + group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None) + enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False) + user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None) + created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) + + repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id') + users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all') + parent_group = relationship('RepoGroup', remote_side=group_id) + user = relationship('User') + + def __init__(self, group_name='', parent_group=None): + self.group_name = group_name + self.parent_group = parent_group + + def __unicode__(self): + return u"<%s('id:%s:%s')>" % (self.__class__.__name__, self.group_id, + self.group_name) + + @classmethod + def _generate_choice(cls, repo_group): + from webhelpers.html import literal as _literal + _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k)) + return repo_group.group_id, _name(repo_group.full_path_splitted) + + @classmethod + def groups_choices(cls, groups=None, show_empty_group=True): + if not groups: + groups = cls.query().all() + + repo_groups = [] + if show_empty_group: + repo_groups = [('-1', u'-- %s --' % _('No parent'))] + + repo_groups.extend([cls._generate_choice(x) for x in groups]) + + repo_groups = sorted( + repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0]) + return repo_groups + + @classmethod + def url_sep(cls): + return URL_SEP + + @classmethod + def get_by_group_name(cls, group_name, cache=False, case_insensitive=False): + if case_insensitive: + gr = cls.query().filter(func.lower(cls.group_name) + == func.lower(group_name)) + else: + gr = cls.query().filter(cls.group_name == group_name) + if cache: + gr = gr.options(FromCache( + "sql_cache_short", + "get_group_%s" % _hash_key(group_name))) + return gr.scalar() + + @classmethod + def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None), + case_insensitive=True): + q = RepoGroup.query() + + if not isinstance(user_id, Optional): + q = q.filter(RepoGroup.user_id == user_id) + + if not isinstance(group_id, Optional): + q = q.filter(RepoGroup.group_parent_id == group_id) + + if case_insensitive: + q = q.order_by(func.lower(RepoGroup.group_name)) + else: + q = q.order_by(RepoGroup.group_name) + return q.all() + + @property + def parents(self): + parents_recursion_limit = 10 + groups = [] + if self.parent_group is None: + return groups + cur_gr = self.parent_group + groups.insert(0, cur_gr) + cnt = 0 + while 1: + cnt += 1 + gr = getattr(cur_gr, 'parent_group', None) + cur_gr = cur_gr.parent_group + if gr is None: + break + if cnt == parents_recursion_limit: + # this will prevent accidental infinit loops + log.error(('more than %s parents found for group %s, stopping ' + 'recursive parent fetching' % (parents_recursion_limit, self))) + break + + groups.insert(0, gr) + return groups + + @property + def children(self): + return RepoGroup.query().filter(RepoGroup.parent_group == self) + + @property + def name(self): + return self.group_name.split(RepoGroup.url_sep())[-1] + + @property + def full_path(self): + return self.group_name + + @property + def full_path_splitted(self): + return self.group_name.split(RepoGroup.url_sep()) + + @property + def repositories(self): + return Repository.query()\ + .filter(Repository.group == self)\ + .order_by(Repository.repo_name) + + @property + def repositories_recursive_count(self): + cnt = self.repositories.count() + + def children_count(group): + cnt = 0 + for child in group.children: + cnt += child.repositories.count() + cnt += children_count(child) + return cnt + + return cnt + children_count(self) + + def _recursive_objects(self, include_repos=True): + all_ = [] + + def _get_members(root_gr): + if include_repos: + for r in root_gr.repositories: + all_.append(r) + childs = root_gr.children.all() + if childs: + for gr in childs: + all_.append(gr) + _get_members(gr) + + _get_members(self) + return [self] + all_ + + def recursive_groups_and_repos(self): + """ + Recursive return all groups, with repositories in those groups + """ + return self._recursive_objects() + + def recursive_groups(self): + """ + Returns all children groups for this group including children of children + """ + return self._recursive_objects(include_repos=False) + + def get_new_name(self, group_name): + """ + returns new full group name based on parent and new name + + :param group_name: + """ + path_prefix = (self.parent_group.full_path_splitted if + self.parent_group else []) + return RepoGroup.url_sep().join(path_prefix + [group_name]) + + def permissions(self, with_admins=True, with_owner=True): + q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self) + q = q.options(joinedload(UserRepoGroupToPerm.group), + joinedload(UserRepoGroupToPerm.user), + joinedload(UserRepoGroupToPerm.permission),) + + # get owners and admins and permissions. We do a trick of re-writing + # objects from sqlalchemy to named-tuples due to sqlalchemy session + # has a global reference and changing one object propagates to all + # others. This means if admin is also an owner admin_row that change + # would propagate to both objects + perm_rows = [] + for _usr in q.all(): + usr = AttributeDict(_usr.user.get_dict()) + usr.permission = _usr.permission.permission_name + perm_rows.append(usr) + + # filter the perm rows by 'default' first and then sort them by + # admin,write,read,none permissions sorted again alphabetically in + # each group + perm_rows = sorted(perm_rows, key=display_sort) + + _admin_perm = 'group.admin' + owner_row = [] + if with_owner: + usr = AttributeDict(self.user.get_dict()) + usr.owner_row = True + usr.permission = _admin_perm + owner_row.append(usr) + + super_admin_rows = [] + if with_admins: + for usr in User.get_all_super_admins(): + # if this admin is also owner, don't double the record + if usr.user_id == owner_row[0].user_id: + owner_row[0].admin_row = True + else: + usr = AttributeDict(usr.get_dict()) + usr.admin_row = True + usr.permission = _admin_perm + super_admin_rows.append(usr) + + return super_admin_rows + owner_row + perm_rows + + def permission_user_groups(self): + q = UserGroupRepoGroupToPerm.query().filter(UserGroupRepoGroupToPerm.group == self) + q = q.options(joinedload(UserGroupRepoGroupToPerm.group), + joinedload(UserGroupRepoGroupToPerm.users_group), + joinedload(UserGroupRepoGroupToPerm.permission),) + + perm_rows = [] + for _user_group in q.all(): + usr = AttributeDict(_user_group.users_group.get_dict()) + usr.permission = _user_group.permission.permission_name + perm_rows.append(usr) + + return perm_rows + + def get_api_data(self): + """ + Common function for generating api data + + """ + group = self + data = { + 'group_id': group.group_id, + 'group_name': group.group_name, + 'group_description': group.group_description, + 'parent_group': group.parent_group.group_name if group.parent_group else None, + 'repositories': [x.repo_name for x in group.repositories], + 'owner': group.user.username, + } + return data + + +class Permission(Base, BaseModel): + __tablename__ = 'permissions' + __table_args__ = ( + Index('p_perm_name_idx', 'permission_name'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + PERMS = [ + ('hg.admin', _('RhodeCode Super Administrator')), + + ('repository.none', _('Repository no access')), + ('repository.read', _('Repository read access')), + ('repository.write', _('Repository write access')), + ('repository.admin', _('Repository admin access')), + + ('group.none', _('Repository group no access')), + ('group.read', _('Repository group read access')), + ('group.write', _('Repository group write access')), + ('group.admin', _('Repository group admin access')), + + ('usergroup.none', _('User group no access')), + ('usergroup.read', _('User group read access')), + ('usergroup.write', _('User group write access')), + ('usergroup.admin', _('User group admin access')), + + ('hg.repogroup.create.false', _('Repository Group creation disabled')), + ('hg.repogroup.create.true', _('Repository Group creation enabled')), + + ('hg.usergroup.create.false', _('User Group creation disabled')), + ('hg.usergroup.create.true', _('User Group creation enabled')), + + ('hg.create.none', _('Repository creation disabled')), + ('hg.create.repository', _('Repository creation enabled')), + ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')), + ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')), + + ('hg.fork.none', _('Repository forking disabled')), + ('hg.fork.repository', _('Repository forking enabled')), + + ('hg.register.none', _('Registration disabled')), + ('hg.register.manual_activate', _('User Registration with manual account activation')), + ('hg.register.auto_activate', _('User Registration with automatic account activation')), + + ('hg.extern_activate.manual', _('Manual activation of external account')), + ('hg.extern_activate.auto', _('Automatic activation of external account')), + + ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')), + ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')), + ] + + # definition of system default permissions for DEFAULT user + DEFAULT_USER_PERMISSIONS = [ + 'repository.read', + 'group.read', + 'usergroup.read', + 'hg.create.repository', + 'hg.repogroup.create.false', + 'hg.usergroup.create.false', + 'hg.create.write_on_repogroup.true', + 'hg.fork.repository', + 'hg.register.manual_activate', + 'hg.extern_activate.auto', + 'hg.inherit_default_perms.true', + ] + + # defines which permissions are more important higher the more important + # Weight defines which permissions are more important. + # The higher number the more important. + PERM_WEIGHTS = { + 'repository.none': 0, + 'repository.read': 1, + 'repository.write': 3, + 'repository.admin': 4, + + 'group.none': 0, + 'group.read': 1, + 'group.write': 3, + 'group.admin': 4, + + 'usergroup.none': 0, + 'usergroup.read': 1, + 'usergroup.write': 3, + 'usergroup.admin': 4, + + 'hg.repogroup.create.false': 0, + 'hg.repogroup.create.true': 1, + + 'hg.usergroup.create.false': 0, + 'hg.usergroup.create.true': 1, + + 'hg.fork.none': 0, + 'hg.fork.repository': 1, + 'hg.create.none': 0, + 'hg.create.repository': 1 + } + + permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None) + permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None) + + def __unicode__(self): + return u"<%s('%s:%s')>" % ( + self.__class__.__name__, self.permission_id, self.permission_name + ) + + @classmethod + def get_by_key(cls, key): + return cls.query().filter(cls.permission_name == key).scalar() + + @classmethod + def get_default_repo_perms(cls, user_id, repo_id=None): + q = Session().query(UserRepoToPerm, Repository, Permission)\ + .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\ + .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\ + .filter(UserRepoToPerm.user_id == user_id) + if repo_id: + q = q.filter(UserRepoToPerm.repository_id == repo_id) + return q.all() + + @classmethod + def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None): + q = Session().query(UserGroupRepoToPerm, Repository, Permission)\ + .join( + Permission, + UserGroupRepoToPerm.permission_id == Permission.permission_id)\ + .join( + Repository, + UserGroupRepoToPerm.repository_id == Repository.repo_id)\ + .join( + UserGroup, + UserGroupRepoToPerm.users_group_id == + UserGroup.users_group_id)\ + .join( + UserGroupMember, + UserGroupRepoToPerm.users_group_id == + UserGroupMember.users_group_id)\ + .filter( + UserGroupMember.user_id == user_id, + UserGroup.users_group_active == true()) + if repo_id: + q = q.filter(UserGroupRepoToPerm.repository_id == repo_id) + return q.all() + + @classmethod + def get_default_group_perms(cls, user_id, repo_group_id=None): + q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\ + .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\ + .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\ + .filter(UserRepoGroupToPerm.user_id == user_id) + if repo_group_id: + q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id) + return q.all() + + @classmethod + def get_default_group_perms_from_user_group( + cls, user_id, repo_group_id=None): + q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\ + .join( + Permission, + UserGroupRepoGroupToPerm.permission_id == + Permission.permission_id)\ + .join( + RepoGroup, + UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\ + .join( + UserGroup, + UserGroupRepoGroupToPerm.users_group_id == + UserGroup.users_group_id)\ + .join( + UserGroupMember, + UserGroupRepoGroupToPerm.users_group_id == + UserGroupMember.users_group_id)\ + .filter( + UserGroupMember.user_id == user_id, + UserGroup.users_group_active == true()) + if repo_group_id: + q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id) + return q.all() + + @classmethod + def get_default_user_group_perms(cls, user_id, user_group_id=None): + q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\ + .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\ + .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\ + .filter(UserUserGroupToPerm.user_id == user_id) + if user_group_id: + q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id) + return q.all() + + @classmethod + def get_default_user_group_perms_from_user_group( + cls, user_id, user_group_id=None): + TargetUserGroup = aliased(UserGroup, name='target_user_group') + q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\ + .join( + Permission, + UserGroupUserGroupToPerm.permission_id == + Permission.permission_id)\ + .join( + TargetUserGroup, + UserGroupUserGroupToPerm.target_user_group_id == + TargetUserGroup.users_group_id)\ + .join( + UserGroup, + UserGroupUserGroupToPerm.user_group_id == + UserGroup.users_group_id)\ + .join( + UserGroupMember, + UserGroupUserGroupToPerm.user_group_id == + UserGroupMember.users_group_id)\ + .filter( + UserGroupMember.user_id == user_id, + UserGroup.users_group_active == true()) + if user_group_id: + q = q.filter( + UserGroupUserGroupToPerm.user_group_id == user_group_id) + + return q.all() + + +class UserRepoToPerm(Base, BaseModel): + __tablename__ = 'repo_to_perm' + __table_args__ = ( + UniqueConstraint('user_id', 'repository_id', 'permission_id'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) + permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) + repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None) + + user = relationship('User') + repository = relationship('Repository') + permission = relationship('Permission') + + @classmethod + def create(cls, user, repository, permission): + n = cls() + n.user = user + n.repository = repository + n.permission = permission + Session().add(n) + return n + + def __unicode__(self): + return u'<%s => %s >' % (self.user, self.repository) + + +class UserUserGroupToPerm(Base, BaseModel): + __tablename__ = 'user_user_group_to_perm' + __table_args__ = ( + UniqueConstraint('user_id', 'user_group_id', 'permission_id'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) + permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) + user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) + + user = relationship('User') + user_group = relationship('UserGroup') + permission = relationship('Permission') + + @classmethod + def create(cls, user, user_group, permission): + n = cls() + n.user = user + n.user_group = user_group + n.permission = permission + Session().add(n) + return n + + def __unicode__(self): + return u'<%s => %s >' % (self.user, self.user_group) + + +class UserToPerm(Base, BaseModel): + __tablename__ = 'user_to_perm' + __table_args__ = ( + UniqueConstraint('user_id', 'permission_id'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) + permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) + + user = relationship('User') + permission = relationship('Permission', lazy='joined') + + def __unicode__(self): + return u'<%s => %s >' % (self.user, self.permission) + + +class UserGroupRepoToPerm(Base, BaseModel): + __tablename__ = 'users_group_repo_to_perm' + __table_args__ = ( + UniqueConstraint('repository_id', 'users_group_id', 'permission_id'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) + permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) + repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None) + + users_group = relationship('UserGroup') + permission = relationship('Permission') + repository = relationship('Repository') + + @classmethod + def create(cls, users_group, repository, permission): + n = cls() + n.users_group = users_group + n.repository = repository + n.permission = permission + Session().add(n) + return n + + def __unicode__(self): + return u' %s >' % (self.users_group, self.repository) + + +class UserGroupUserGroupToPerm(Base, BaseModel): + __tablename__ = 'user_group_user_group_to_perm' + __table_args__ = ( + UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'), + CheckConstraint('target_user_group_id != user_group_id'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) + permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) + user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) + + target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id') + user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id') + permission = relationship('Permission') + + @classmethod + def create(cls, target_user_group, user_group, permission): + n = cls() + n.target_user_group = target_user_group + n.user_group = user_group + n.permission = permission + Session().add(n) + return n + + def __unicode__(self): + return u' %s >' % (self.target_user_group, self.user_group) + + +class UserGroupToPerm(Base, BaseModel): + __tablename__ = 'users_group_to_perm' + __table_args__ = ( + UniqueConstraint('users_group_id', 'permission_id',), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) + permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) + + users_group = relationship('UserGroup') + permission = relationship('Permission') + + +class UserRepoGroupToPerm(Base, BaseModel): + __tablename__ = 'user_repo_group_to_perm' + __table_args__ = ( + UniqueConstraint('user_id', 'group_id', 'permission_id'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + + group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) + group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None) + permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) + + user = relationship('User') + group = relationship('RepoGroup') + permission = relationship('Permission') + + @classmethod + def create(cls, user, repository_group, permission): + n = cls() + n.user = user + n.group = repository_group + n.permission = permission + Session().add(n) + return n + + +class UserGroupRepoGroupToPerm(Base, BaseModel): + __tablename__ = 'users_group_repo_group_to_perm' + __table_args__ = ( + UniqueConstraint('users_group_id', 'group_id'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + + users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) + group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None) + permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) + + users_group = relationship('UserGroup') + permission = relationship('Permission') + group = relationship('RepoGroup') + + @classmethod + def create(cls, user_group, repository_group, permission): + n = cls() + n.users_group = user_group + n.group = repository_group + n.permission = permission + Session().add(n) + return n + + def __unicode__(self): + return u' %s >' % (self.users_group, self.group) + + +class Statistics(Base, BaseModel): + __tablename__ = 'statistics' + __table_args__ = ( + UniqueConstraint('repository_id'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None) + stat_on_revision = Column("stat_on_revision", Integer(), nullable=False) + commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data + commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data + languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data + + repository = relationship('Repository', single_parent=True) + + +class UserFollowing(Base, BaseModel): + __tablename__ = 'user_followings' + __table_args__ = ( + UniqueConstraint('user_id', 'follows_repository_id'), + UniqueConstraint('user_id', 'follows_user_id'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + + user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) + follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None) + follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) + follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now) + + user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id') + + follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id') + follows_repository = relationship('Repository', order_by='Repository.repo_name') + + @classmethod + def get_repo_followers(cls, repo_id): + return cls.query().filter(cls.follows_repo_id == repo_id) + + +class CacheKey(Base, BaseModel): + __tablename__ = 'cache_invalidation' + __table_args__ = ( + UniqueConstraint('cache_key'), + Index('key_idx', 'cache_key'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + CACHE_TYPE_ATOM = 'ATOM' + CACHE_TYPE_RSS = 'RSS' + CACHE_TYPE_README = 'README' + + cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) + cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None) + cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None) + cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False) + + def __init__(self, cache_key, cache_args=''): + self.cache_key = cache_key + self.cache_args = cache_args + self.cache_active = False + + def __unicode__(self): + return u"<%s('%s:%s[%s]')>" % ( + self.__class__.__name__, + self.cache_id, self.cache_key, self.cache_active) + + def _cache_key_partition(self): + prefix, repo_name, suffix = self.cache_key.partition(self.cache_args) + return prefix, repo_name, suffix + + def get_prefix(self): + """ + Try to extract prefix from existing cache key. The key could consist + of prefix, repo_name, suffix + """ + # this returns prefix, repo_name, suffix + return self._cache_key_partition()[0] + + def get_suffix(self): + """ + get suffix that might have been used in _get_cache_key to + generate self.cache_key. Only used for informational purposes + in repo_edit.html. + """ + # prefix, repo_name, suffix + return self._cache_key_partition()[2] + + @classmethod + def delete_all_cache(cls): + """ + Delete all cache keys from database. + Should only be run when all instances are down and all entries + thus stale. + """ + cls.query().delete() + Session().commit() + + @classmethod + def get_cache_key(cls, repo_name, cache_type): + """ + + Generate a cache key for this process of RhodeCode instance. + Prefix most likely will be process id or maybe explicitly set + instance_id from .ini file. + """ + import rhodecode + prefix = safe_unicode(rhodecode.CONFIG.get('instance_id') or '') + + repo_as_unicode = safe_unicode(repo_name) + key = u'{}_{}'.format(repo_as_unicode, cache_type) \ + if cache_type else repo_as_unicode + + return u'{}{}'.format(prefix, key) + + @classmethod + def set_invalidate(cls, repo_name, delete=False): + """ + Mark all caches of a repo as invalid in the database. + """ + + try: + qry = Session().query(cls).filter(cls.cache_args == repo_name) + if delete: + log.debug('cache objects deleted for repo %s', + safe_str(repo_name)) + qry.delete() + else: + log.debug('cache objects marked as invalid for repo %s', + safe_str(repo_name)) + qry.update({"cache_active": False}) + + Session().commit() + except Exception: + log.exception( + 'Cache key invalidation failed for repository %s', + safe_str(repo_name)) + Session().rollback() + + @classmethod + def get_active_cache(cls, cache_key): + inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar() + if inv_obj: + return inv_obj + return None + + @classmethod + def repo_context_cache(cls, compute_func, repo_name, cache_type, + thread_scoped=False): + """ + @cache_region('long_term') + def _heavy_calculation(cache_key): + return 'result' + + cache_context = CacheKey.repo_context_cache( + _heavy_calculation, repo_name, cache_type) + + with cache_context as context: + context.invalidate() + computed = context.compute() + + assert computed == 'result' + """ + from rhodecode.lib import caches + return caches.InvalidationContext( + compute_func, repo_name, cache_type, thread_scoped=thread_scoped) + + +class ChangesetComment(Base, BaseModel): + __tablename__ = 'changeset_comments' + __table_args__ = ( + Index('cc_revision_idx', 'revision'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + + COMMENT_OUTDATED = u'comment_outdated' + + comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True) + repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False) + revision = Column('revision', String(40), nullable=True) + pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True) + pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True) + line_no = Column('line_no', Unicode(10), nullable=True) + hl_lines = Column('hl_lines', Unicode(512), nullable=True) + f_path = Column('f_path', Unicode(1000), nullable=True) + user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False) + text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False) + created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) + modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) + renderer = Column('renderer', Unicode(64), nullable=True) + display_state = Column('display_state', Unicode(128), nullable=True) + + author = relationship('User', lazy='joined') + repo = relationship('Repository') + status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan") + pull_request = relationship('PullRequest', lazy='joined') + pull_request_version = relationship('PullRequestVersion') + + @classmethod + def get_users(cls, revision=None, pull_request_id=None): + """ + Returns user associated with this ChangesetComment. ie those + who actually commented + + :param cls: + :param revision: + """ + q = Session().query(User)\ + .join(ChangesetComment.author) + if revision: + q = q.filter(cls.revision == revision) + elif pull_request_id: + q = q.filter(cls.pull_request_id == pull_request_id) + return q.all() + + def render(self, mentions=False): + from rhodecode.lib import helpers as h + return h.render(self.text, renderer=self.renderer, mentions=mentions) + + def __repr__(self): + if self.comment_id: + return '' % self.comment_id + else: + return '' % id(self) + + +class ChangesetStatus(Base, BaseModel): + __tablename__ = 'changeset_statuses' + __table_args__ = ( + Index('cs_revision_idx', 'revision'), + Index('cs_version_idx', 'version'), + UniqueConstraint('repo_id', 'revision', 'version'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed' + STATUS_APPROVED = 'approved' + STATUS_REJECTED = 'rejected' + STATUS_UNDER_REVIEW = 'under_review' + + STATUSES = [ + (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default + (STATUS_APPROVED, _("Approved")), + (STATUS_REJECTED, _("Rejected")), + (STATUS_UNDER_REVIEW, _("Under Review")), + ] + + changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True) + repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False) + user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None) + revision = Column('revision', String(40), nullable=False) + status = Column('status', String(128), nullable=False, default=DEFAULT) + changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id')) + modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now) + version = Column('version', Integer(), nullable=False, default=0) + pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True) + + author = relationship('User', lazy='joined') + repo = relationship('Repository') + comment = relationship('ChangesetComment', lazy='joined') + pull_request = relationship('PullRequest', lazy='joined') + + def __unicode__(self): + return u"<%s('%s[%s]:%s')>" % ( + self.__class__.__name__, + self.status, self.version, self.author + ) + + @classmethod + def get_status_lbl(cls, value): + return dict(cls.STATUSES).get(value) + + @property + def status_lbl(self): + return ChangesetStatus.get_status_lbl(self.status) + + +class _PullRequestBase(BaseModel): + """ + Common attributes of pull request and version entries. + """ + + # .status values + STATUS_NEW = u'new' + STATUS_OPEN = u'open' + STATUS_CLOSED = u'closed' + + title = Column('title', Unicode(255), nullable=True) + description = Column( + 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), + nullable=True) + # new/open/closed status of pull request (not approve/reject/etc) + status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW) + created_on = Column( + 'created_on', DateTime(timezone=False), nullable=False, + default=datetime.datetime.now) + updated_on = Column( + 'updated_on', DateTime(timezone=False), nullable=False, + default=datetime.datetime.now) + + @declared_attr + def user_id(cls): + return Column( + "user_id", Integer(), ForeignKey('users.user_id'), nullable=False, + unique=None) + + # 500 revisions max + _revisions = Column( + 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql')) + + @declared_attr + def source_repo_id(cls): + # TODO: dan: rename column to source_repo_id + return Column( + 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'), + nullable=False) + + source_ref = Column('org_ref', Unicode(255), nullable=False) + + @declared_attr + def target_repo_id(cls): + # TODO: dan: rename column to target_repo_id + return Column( + 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'), + nullable=False) + + target_ref = Column('other_ref', Unicode(255), nullable=False) + + # TODO: dan: rename column to last_merge_source_rev + _last_merge_source_rev = Column( + 'last_merge_org_rev', String(40), nullable=True) + # TODO: dan: rename column to last_merge_target_rev + _last_merge_target_rev = Column( + 'last_merge_other_rev', String(40), nullable=True) + _last_merge_status = Column('merge_status', Integer(), nullable=True) + merge_rev = Column('merge_rev', String(40), nullable=True) + + @hybrid_property + def revisions(self): + return self._revisions.split(':') if self._revisions else [] + + @revisions.setter + def revisions(self, val): + self._revisions = ':'.join(val) + + @declared_attr + def author(cls): + return relationship('User', lazy='joined') + + @declared_attr + def source_repo(cls): + return relationship( + 'Repository', + primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__) + + @property + def source_ref_parts(self): + refs = self.source_ref.split(':') + return Reference(refs[0], refs[1], refs[2]) + + @declared_attr + def target_repo(cls): + return relationship( + 'Repository', + primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__) + + @property + def target_ref_parts(self): + refs = self.target_ref.split(':') + return Reference(refs[0], refs[1], refs[2]) + + +class PullRequest(Base, _PullRequestBase): + __tablename__ = 'pull_requests' + __table_args__ = ( + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + + pull_request_id = Column( + 'pull_request_id', Integer(), nullable=False, primary_key=True) + + def __repr__(self): + if self.pull_request_id: + return '' % self.pull_request_id + else: + return '' % id(self) + + reviewers = relationship('PullRequestReviewers', + cascade="all, delete, delete-orphan") + statuses = relationship('ChangesetStatus') + comments = relationship('ChangesetComment', + cascade="all, delete, delete-orphan") + versions = relationship('PullRequestVersion', + cascade="all, delete, delete-orphan") + + def is_closed(self): + return self.status == self.STATUS_CLOSED + + def get_api_data(self): + from rhodecode.model.pull_request import PullRequestModel + pull_request = self + merge_status = PullRequestModel().merge_status(pull_request) + data = { + 'pull_request_id': pull_request.pull_request_id, + 'url': url('pullrequest_show', repo_name=self.target_repo.repo_name, + pull_request_id=self.pull_request_id, + qualified=True), + 'title': pull_request.title, + 'description': pull_request.description, + 'status': pull_request.status, + 'created_on': pull_request.created_on, + 'updated_on': pull_request.updated_on, + 'commit_ids': pull_request.revisions, + 'review_status': pull_request.calculated_review_status(), + 'mergeable': { + 'status': merge_status[0], + 'message': unicode(merge_status[1]), + }, + 'source': { + 'clone_url': pull_request.source_repo.clone_url(), + 'repository': pull_request.source_repo.repo_name, + 'reference': { + 'name': pull_request.source_ref_parts.name, + 'type': pull_request.source_ref_parts.type, + 'commit_id': pull_request.source_ref_parts.commit_id, + }, + }, + 'target': { + 'clone_url': pull_request.target_repo.clone_url(), + 'repository': pull_request.target_repo.repo_name, + 'reference': { + 'name': pull_request.target_ref_parts.name, + 'type': pull_request.target_ref_parts.type, + 'commit_id': pull_request.target_ref_parts.commit_id, + }, + }, + 'author': pull_request.author.get_api_data(include_secrets=False, + details='basic'), + 'reviewers': [ + { + 'user': reviewer.get_api_data(include_secrets=False, + details='basic'), + 'review_status': st[0][1].status if st else 'not_reviewed', + } + for reviewer, st in pull_request.reviewers_statuses() + ] + } + + return data + + def __json__(self): + return { + 'revisions': self.revisions, + } + + def calculated_review_status(self): + # TODO: anderson: 13.05.15 Used only on templates/my_account_pullrequests.html + # because it's tricky on how to use ChangesetStatusModel from there + warnings.warn("Use calculated_review_status from ChangesetStatusModel", DeprecationWarning) + from rhodecode.model.changeset_status import ChangesetStatusModel + return ChangesetStatusModel().calculated_review_status(self) + + def reviewers_statuses(self): + warnings.warn("Use reviewers_statuses from ChangesetStatusModel", DeprecationWarning) + from rhodecode.model.changeset_status import ChangesetStatusModel + return ChangesetStatusModel().reviewers_statuses(self) + + +class PullRequestVersion(Base, _PullRequestBase): + __tablename__ = 'pull_request_versions' + __table_args__ = ( + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + + pull_request_version_id = Column( + 'pull_request_version_id', Integer(), nullable=False, primary_key=True) + pull_request_id = Column( + 'pull_request_id', Integer(), + ForeignKey('pull_requests.pull_request_id'), nullable=False) + pull_request = relationship('PullRequest') + + def __repr__(self): + if self.pull_request_version_id: + return '' % self.pull_request_version_id + else: + return '' % id(self) + + +class PullRequestReviewers(Base, BaseModel): + __tablename__ = 'pull_request_reviewers' + __table_args__ = ( + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + + def __init__(self, user=None, pull_request=None): + self.user = user + self.pull_request = pull_request + + pull_requests_reviewers_id = Column( + 'pull_requests_reviewers_id', Integer(), nullable=False, + primary_key=True) + pull_request_id = Column( + "pull_request_id", Integer(), + ForeignKey('pull_requests.pull_request_id'), nullable=False) + user_id = Column( + "user_id", Integer(), ForeignKey('users.user_id'), nullable=True) + + user = relationship('User') + pull_request = relationship('PullRequest') + + +class Notification(Base, BaseModel): + __tablename__ = 'notifications' + __table_args__ = ( + Index('notification_type_idx', 'type'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + + TYPE_CHANGESET_COMMENT = u'cs_comment' + TYPE_MESSAGE = u'message' + TYPE_MENTION = u'mention' + TYPE_REGISTRATION = u'registration' + TYPE_PULL_REQUEST = u'pull_request' + TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment' + + notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True) + subject = Column('subject', Unicode(512), nullable=True) + body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True) + created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True) + created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) + type_ = Column('type', Unicode(255)) + + created_by_user = relationship('User') + notifications_to_users = relationship('UserNotification', lazy='joined', + cascade="all, delete, delete-orphan") + + @property + def recipients(self): + return [x.user for x in UserNotification.query()\ + .filter(UserNotification.notification == self)\ + .order_by(UserNotification.user_id.asc()).all()] + + @classmethod + def create(cls, created_by, subject, body, recipients, type_=None): + if type_ is None: + type_ = Notification.TYPE_MESSAGE + + notification = cls() + notification.created_by_user = created_by + notification.subject = subject + notification.body = body + notification.type_ = type_ + notification.created_on = datetime.datetime.now() + + for u in recipients: + assoc = UserNotification() + assoc.notification = notification + + # if created_by is inside recipients mark his notification + # as read + if u.user_id == created_by.user_id: + assoc.read = True + + u.notifications.append(assoc) + Session().add(notification) + + return notification + + @property + def description(self): + from rhodecode.model.notification import NotificationModel + return NotificationModel().make_description(self) + + +class UserNotification(Base, BaseModel): + __tablename__ = 'user_to_notification' + __table_args__ = ( + UniqueConstraint('user_id', 'notification_id'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True) + notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True) + read = Column('read', Boolean, default=False) + sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None) + + user = relationship('User', lazy="joined") + notification = relationship('Notification', lazy="joined", + order_by=lambda: Notification.created_on.desc(),) + + def mark_as_read(self): + self.read = True + Session().add(self) + + +class Gist(Base, BaseModel): + __tablename__ = 'gists' + __table_args__ = ( + Index('g_gist_access_id_idx', 'gist_access_id'), + Index('g_created_on_idx', 'created_on'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + GIST_PUBLIC = u'public' + GIST_PRIVATE = u'private' + DEFAULT_FILENAME = u'gistfile1.txt' + + ACL_LEVEL_PUBLIC = u'acl_public' + ACL_LEVEL_PRIVATE = u'acl_private' + + gist_id = Column('gist_id', Integer(), primary_key=True) + gist_access_id = Column('gist_access_id', Unicode(250)) + gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql')) + gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True) + gist_expires = Column('gist_expires', Float(53), nullable=False) + gist_type = Column('gist_type', Unicode(128), nullable=False) + created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) + modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) + acl_level = Column('acl_level', Unicode(128), nullable=True) + + owner = relationship('User') + + def __repr__(self): + return '' % (self.gist_type, self.gist_access_id) + + @classmethod + def get_or_404(cls, id_): + res = cls.query().filter(cls.gist_access_id == id_).scalar() + if not res: + raise HTTPNotFound + return res + + @classmethod + def get_by_access_id(cls, gist_access_id): + return cls.query().filter(cls.gist_access_id == gist_access_id).scalar() + + def gist_url(self): + import rhodecode + alias_url = rhodecode.CONFIG.get('gist_alias_url') + if alias_url: + return alias_url.replace('{gistid}', self.gist_access_id) + + return url('gist', gist_id=self.gist_access_id, qualified=True) + + @classmethod + def base_path(cls): + """ + Returns base path when all gists are stored + + :param cls: + """ + from rhodecode.model.gist import GIST_STORE_LOC + q = Session().query(RhodeCodeUi)\ + .filter(RhodeCodeUi.ui_key == URL_SEP) + q = q.options(FromCache("sql_cache_short", "repository_repo_path")) + return os.path.join(q.one().ui_value, GIST_STORE_LOC) + + def get_api_data(self): + """ + Common function for generating gist related data for API + """ + gist = self + data = { + 'gist_id': gist.gist_id, + 'type': gist.gist_type, + 'access_id': gist.gist_access_id, + 'description': gist.gist_description, + 'url': gist.gist_url(), + 'expires': gist.gist_expires, + 'created_on': gist.created_on, + 'modified_at': gist.modified_at, + 'content': None, + 'acl_level': gist.acl_level, + } + return data + + def __json__(self): + data = dict( + ) + data.update(self.get_api_data()) + return data + # SCM functions + + def scm_instance(self, **kwargs): + full_repo_path = os.path.join(self.base_path(), self.gist_access_id) + return get_vcs_instance( + repo_path=safe_str(full_repo_path), create=False) + + +class DbMigrateVersion(Base, BaseModel): + __tablename__ = 'db_migrate_version' + __table_args__ = ( + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}, + ) + repository_id = Column('repository_id', String(250), primary_key=True) + repository_path = Column('repository_path', Text) + version = Column('version', Integer) + + +class ExternalIdentity(Base, BaseModel): + __tablename__ = 'external_identities' + __table_args__ = ( + Index('local_user_id_idx', 'local_user_id'), + Index('external_id_idx', 'external_id'), + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8'}) + + external_id = Column('external_id', Unicode(255), default=u'', + primary_key=True) + external_username = Column('external_username', Unicode(1024), default=u'') + local_user_id = Column('local_user_id', Integer(), + ForeignKey('users.user_id'), primary_key=True) + provider_name = Column('provider_name', Unicode(255), default=u'', + primary_key=True) + access_token = Column('access_token', String(1024), default=u'') + alt_token = Column('alt_token', String(1024), default=u'') + token_secret = Column('token_secret', String(1024), default=u'') + + @classmethod + def by_external_id_and_provider(cls, external_id, provider_name, + local_user_id=None): + """ + Returns ExternalIdentity instance based on search params + + :param external_id: + :param provider_name: + :return: ExternalIdentity + """ + query = cls.query() + query = query.filter(cls.external_id == external_id) + query = query.filter(cls.provider_name == provider_name) + if local_user_id: + query = query.filter(cls.local_user_id == local_user_id) + return query.first() + + @classmethod + def user_by_external_id_and_provider(cls, external_id, provider_name): + """ + Returns User instance based on search params + + :param external_id: + :param provider_name: + :return: User + """ + query = User.query() + query = query.filter(cls.external_id == external_id) + query = query.filter(cls.provider_name == provider_name) + query = query.filter(User.user_id == cls.local_user_id) + return query.first() + + @classmethod + def by_local_user_id(cls, local_user_id): + """ + Returns all tokens for user + + :param local_user_id: + :return: ExternalIdentity + """ + query = cls.query() + query = query.filter(cls.local_user_id == local_user_id) + return query + + +class Integration(Base, BaseModel): + __tablename__ = 'integrations' + __table_args__ = ( + {'extend_existing': True, 'mysql_engine': 'InnoDB', + 'mysql_charset': 'utf8', 'sqlite_autoincrement': True} + ) + + integration_id = Column('integration_id', Integer(), primary_key=True) + integration_type = Column('integration_type', String(255)) + enabled = Column('enabled', Boolean(), nullable=False) + name = Column('name', String(255), nullable=False) + child_repos_only = Column('child_repos_only', Boolean(), nullable=True) + + settings = Column( + 'settings_json', MutationObj.as_mutable( + JsonType(dialect_map=dict(mysql=UnicodeText(16384))))) + repo_id = Column( + 'repo_id', Integer(), ForeignKey('repositories.repo_id'), + nullable=True, unique=None, default=None) + repo = relationship('Repository', lazy='joined') + + repo_group_id = Column( + 'repo_group_id', Integer(), ForeignKey('groups.group_id'), + nullable=True, unique=None, default=None) + repo_group = relationship('RepoGroup', lazy='joined') + + @hybrid_property + def scope(self): + if self.repo: + return self.repo + if self.repo_group: + return self.repo_group + if self.child_repos_only: + return 'root_repos' + return 'global' + + @scope.setter + def scope(self, value): + self.repo = None + self.repo_id = None + self.repo_group_id = None + self.repo_group = None + self.child_repos_only = None + if isinstance(value, Repository): + self.repo = value + elif isinstance(value, RepoGroup): + self.repo_group = value + elif value == 'root_repos': + self.child_repos_only = True + elif value == 'global': + pass + else: + raise Exception("invalid scope: %s, must be one of " + "['global', 'root_repos', . ]" % value) + + def __repr__(self): + return '' % (self.integration_type, self.scope) diff --git a/rhodecode/lib/dbmigrate/versions/057_version_4_4_0.py b/rhodecode/lib/dbmigrate/versions/057_version_4_4_0.py new file mode 100644 --- /dev/null +++ b/rhodecode/lib/dbmigrate/versions/057_version_4_4_0.py @@ -0,0 +1,35 @@ +import logging +import datetime + +from sqlalchemy import * +from sqlalchemy.exc import DatabaseError +from sqlalchemy.orm import relation, backref, class_mapper, joinedload +from sqlalchemy.orm.session import Session +from sqlalchemy.ext.declarative import declarative_base + +from rhodecode.lib.dbmigrate.migrate import * +from rhodecode.lib.dbmigrate.migrate.changeset import * +from rhodecode.lib.utils2 import str2bool + +from rhodecode.model.meta import Base +from rhodecode.model import meta +from rhodecode.lib.dbmigrate.versions import _reset_base, notify + +log = logging.getLogger(__name__) + + +def upgrade(migrate_engine): + """ + Upgrade operations go here. + Don't create your own engine; bind migrate_engine to your metadata + """ + _reset_base(migrate_engine) + from rhodecode.lib.dbmigrate.schema import db_4_4_0_1 + + tbl = db_4_4_0_1.Integration.__table__ + child_repos_only = db_4_4_0_1.Integration.child_repos_only + child_repos_only.create(table=tbl) + +def downgrade(migrate_engine): + meta = MetaData() + meta.bind = migrate_engine diff --git a/rhodecode/model/db.py b/rhodecode/model/db.py --- a/rhodecode/model/db.py +++ b/rhodecode/model/db.py @@ -2036,6 +2036,8 @@ class RepoGroup(Base, BaseModel): users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all') parent_group = relationship('RepoGroup', remote_side=group_id) user = relationship('User') + integrations = relationship('Integration', + cascade="all, delete, delete-orphan") def __init__(self, group_name='', parent_group=None): self.group_name = group_name @@ -3481,6 +3483,8 @@ class Integration(Base, BaseModel): integration_type = Column('integration_type', String(255)) enabled = Column('enabled', Boolean(), nullable=False) name = Column('name', String(255), nullable=False) + child_repos_only = Column('child_repos_only', Boolean(), nullable=False, + default=False) settings = Column( 'settings_json', MutationObj.as_mutable( @@ -3495,12 +3499,36 @@ class Integration(Base, BaseModel): nullable=True, unique=None, default=None) repo_group = relationship('RepoGroup', lazy='joined') - def __repr__(self): + @hybrid_property + def scope(self): if self.repo: - scope = 'repo=%r' % self.repo - elif self.repo_group: - scope = 'repo_group=%r' % self.repo_group + return self.repo + if self.repo_group: + return self.repo_group + if self.child_repos_only: + return 'root_repos' + return 'global' + + @scope.setter + def scope(self, value): + self.repo = None + self.repo_id = None + self.repo_group_id = None + self.repo_group = None + self.child_repos_only = False + if isinstance(value, Repository): + self.repo_id = value.repo_id + self.repo = value + elif isinstance(value, RepoGroup): + self.repo_group_id = value.group_id + self.repo_group = value + elif value == 'root_repos': + self.child_repos_only = True + elif value == 'global': + pass else: - scope = 'global' - - return '' % (self.integration_type, scope) + raise Exception("invalid scope: %s, must be one of " + "['global', 'root_repos', . ]" % value) + + def __repr__(self): + return '' % (self.integration_type, self.scope) diff --git a/rhodecode/model/integration.py b/rhodecode/model/integration.py --- a/rhodecode/model/integration.py +++ b/rhodecode/model/integration.py @@ -29,7 +29,7 @@ import traceback from pylons import tmpl_context as c from pylons.i18n.translation import _, ungettext -from sqlalchemy import or_ +from sqlalchemy import or_, and_ from sqlalchemy.sql.expression import false, true from mako import exceptions @@ -39,7 +39,7 @@ from rhodecode.lib import helpers as h from rhodecode.lib.caching_query import FromCache from rhodecode.lib.utils import PartialRenderer from rhodecode.model import BaseModel -from rhodecode.model.db import Integration, User +from rhodecode.model.db import Integration, User, Repository, RepoGroup from rhodecode.model.meta import Session from rhodecode.integrations import integration_type_registry from rhodecode.integrations.types.base import IntegrationTypeBase @@ -61,28 +61,34 @@ class IntegrationModel(BaseModel): raise Exception('integration must be int, long or Instance' ' of Integration got %s' % type(integration)) - def create(self, IntegrationType, enabled, name, settings, repo=None): + def create(self, IntegrationType, name, enabled, scope, settings): """ Create an IntegrationType integration """ integration = Integration() integration.integration_type = IntegrationType.key - integration.settings = {} - integration.repo = repo - integration.enabled = enabled - integration.name = name - self.sa.add(integration) + self.update_integration(integration, name, enabled, scope, settings) self.sa.commit() return integration + def update_integration(self, integration, name, enabled, scope, settings): + """ + :param scope: one of ['global', 'root_repos', . ] + """ + + integration = self.__get_integration(integration) + + integration.scope = scope + integration.name = name + integration.enabled = enabled + integration.settings = settings + + return integration + def delete(self, integration): - try: - integration = self.__get_integration(integration) - if integration: - self.sa.delete(integration) - return True - except Exception: - log.error(traceback.format_exc()) - raise + integration = self.__get_integration(integration) + if integration: + self.sa.delete(integration) + return True return False def get_integration_handler(self, integration): @@ -100,41 +106,108 @@ class IntegrationModel(BaseModel): if handler: handler.send_event(event) - def get_integrations(self, repo=None, repo_group=None): - if repo: - return self.sa.query(Integration).filter( - Integration.repo_id==repo.repo_id).all() - elif repo_group: - return self.sa.query(Integration).filter( - Integration.repo_group_id==repo_group.group_id).all() + def get_integrations(self, scope, IntegrationType=None): + """ + Return integrations for a scope, which must be one of: + + 'all' - every integration, global/repogroup/repo + 'global' - global integrations only + instance - integrations for this repo only + instance - integrations for this repogroup only + """ - # global integrations - return self.sa.query(Integration).filter( - Integration.repo_id==None).all() + if isinstance(scope, Repository): + query = self.sa.query(Integration).filter( + Integration.repo==scope) + elif isinstance(scope, RepoGroup): + query = self.sa.query(Integration).filter( + Integration.repo_group==scope) + elif scope == 'global': + # global integrations + query = self.sa.query(Integration).filter( + and_(Integration.repo_id==None, Integration.repo_group_id==None) + ) + elif scope == 'root_repos': + query = self.sa.query(Integration).filter( + and_(Integration.repo_id==None, + Integration.repo_group_id==None, + Integration.child_repos_only==True) + ) + elif scope == 'all': + query = self.sa.query(Integration) + else: + raise Exception( + "invalid `scope`, must be one of: " + "['global', 'all', , ]") + + if IntegrationType is not None: + query = query.filter( + Integration.integration_type==IntegrationType.key) + + result = [] + for integration in query.all(): + IntType = integration_type_registry.get(integration.integration_type) + result.append((IntType, integration)) + return result def get_for_event(self, event, cache=False): """ Get integrations that match an event """ - query = self.sa.query(Integration).filter(Integration.enabled==True) + query = self.sa.query( + Integration + ).filter( + Integration.enabled==True + ) + + global_integrations_filter = and_( + Integration.repo_id==None, + Integration.repo_group_id==None, + Integration.child_repos_only==False, + ) + + if isinstance(event, events.RepoEvent): + root_repos_integrations_filter = and_( + Integration.repo_id==None, + Integration.repo_group_id==None, + Integration.child_repos_only==True, + ) + + clauses = [ + global_integrations_filter, + ] - if isinstance(event, events.RepoEvent): # global + repo integrations - # + repo_group integrations - parent_groups = event.repo.groups_with_parents - query = query.filter( - or_(Integration.repo_id==None, - Integration.repo_id==event.repo.repo_id, - Integration.repo_group_id.in_( - [group.group_id for group in parent_groups] - ))) + # repo integrations + if event.repo.repo_id: # pre create events dont have a repo_id yet + clauses.append( + Integration.repo_id==event.repo.repo_id + ) + + if event.repo.group: + clauses.append( + Integration.repo_group_id == event.repo.group.group_id + ) + # repo group cascade to kids (maybe implement this sometime?) + # clauses.append(Integration.repo_group_id.in_( + # [group.group_id for group in + # event.repo.groups_with_parents] + # )) + + + if not event.repo.group: # root repo + clauses.append(root_repos_integrations_filter) + + query = query.filter(or_(*clauses)) + if cache: query = query.options(FromCache( "sql_cache_short", "get_enabled_repo_integrations_%i" % event.repo.repo_id)) else: # only global integrations - query = query.filter(Integration.repo_id==None) + query = query.filter(global_integrations_filter) if cache: query = query.options(FromCache( "sql_cache_short", "get_enabled_global_integrations")) - return query.all() + result = query.all() + return result \ No newline at end of file diff --git a/rhodecode/model/repo_group.py b/rhodecode/model/repo_group.py --- a/rhodecode/model/repo_group.py +++ b/rhodecode/model/repo_group.py @@ -469,6 +469,8 @@ class RepoGroupModel(BaseModel): def delete(self, repo_group, force_delete=False, fs_remove=True): repo_group = self._get_repo_group(repo_group) + if not repo_group: + return False try: self.sa.delete(repo_group) if fs_remove: @@ -478,6 +480,7 @@ class RepoGroupModel(BaseModel): # Trigger delete event. events.trigger(events.RepoGroupDeleteEvent(repo_group)) + return True except Exception: log.error('Error removing repo_group %s', repo_group) diff --git a/rhodecode/model/validation_schema/schemas/integration_schema.py b/rhodecode/model/validation_schema/schemas/integration_schema.py new file mode 100644 --- /dev/null +++ b/rhodecode/model/validation_schema/schemas/integration_schema.py @@ -0,0 +1,187 @@ +# -*- coding: utf-8 -*- + +# Copyright (C) 2016-2016 RhodeCode GmbH +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License, version 3 +# (only), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . +# +# This program is dual-licensed. If you wish to learn more about the +# RhodeCode Enterprise Edition, including its added features, Support services, +# and proprietary license terms, please see https://rhodecode.com/licenses/ + +import os + +import deform +import colander + +from rhodecode.translation import _ +from rhodecode.model.db import Repository, RepoGroup +from rhodecode.model.validation_schema import validators, preparers + + +def integration_scope_choices(permissions): + """ + Return list of (value, label) choices for integration scopes depending on + the permissions + """ + result = [('', _('Pick a scope:'))] + if 'hg.admin' in permissions['global']: + result.extend([ + ('global', _('Global (all repositories)')), + ('root_repos', _('Top level repositories only')), + ]) + + repo_choices = [ + ('repo:%s' % repo_name, '/' + repo_name) + for repo_name, repo_perm + in permissions['repositories'].items() + if repo_perm == 'repository.admin' + ] + repogroup_choices = [ + ('repogroup:%s' % repo_group_name, '/' + repo_group_name + ' (group)') + for repo_group_name, repo_group_perm + in permissions['repositories_groups'].items() + if repo_group_perm == 'group.admin' + ] + result.extend( + sorted(repogroup_choices + repo_choices, + key=lambda (choice, label): choice.split(':', 1)[1] + ) + ) + return result + + +@colander.deferred +def deferred_integration_scopes_validator(node, kw): + perms = kw.get('permissions') + def _scope_validator(_node, scope): + is_super_admin = 'hg.admin' in perms['global'] + + if scope in ('global', 'root_repos'): + if is_super_admin: + return True + msg = _('Only superadmins can create global integrations') + raise colander.Invalid(_node, msg) + elif isinstance(scope, Repository): + if (is_super_admin or perms['repositories'].get( + scope.repo_name) == 'repository.admin'): + return True + msg = _('Only repo admins can create integrations') + raise colander.Invalid(_node, msg) + elif isinstance(scope, RepoGroup): + if (is_super_admin or perms['repositories_groups'].get( + scope.group_name) == 'group.admin'): + return True + + msg = _('Only repogroup admins can create integrations') + raise colander.Invalid(_node, msg) + + msg = _('Invalid integration scope: %s' % scope) + raise colander.Invalid(node, msg) + + return _scope_validator + + +@colander.deferred +def deferred_integration_scopes_widget(node, kw): + if kw.get('no_scope'): + return deform.widget.TextInputWidget(readonly=True) + + choices = integration_scope_choices(kw.get('permissions')) + widget = deform.widget.Select2Widget(values=choices) + return widget + +class IntegrationScope(colander.SchemaType): + def serialize(self, node, appstruct): + if appstruct is colander.null: + return colander.null + + if isinstance(appstruct, Repository): + return 'repo:%s' % appstruct.repo_name + elif isinstance(appstruct, RepoGroup): + return 'repogroup:%s' % appstruct.group_name + elif appstruct in ('global', 'root_repos'): + return appstruct + raise colander.Invalid(node, '%r is not a valid scope' % appstruct) + + def deserialize(self, node, cstruct): + if cstruct is colander.null: + return colander.null + + if cstruct.startswith('repo:'): + repo = Repository.get_by_repo_name(cstruct.split(':')[1]) + if repo: + return repo + elif cstruct.startswith('repogroup:'): + repo_group = RepoGroup.get_by_group_name(cstruct.split(':')[1]) + if repo_group: + return repo_group + elif cstruct in ('global', 'root_repos'): + return cstruct + + raise colander.Invalid(node, '%r is not a valid scope' % cstruct) + +class IntegrationOptionsSchemaBase(colander.MappingSchema): + + name = colander.SchemaNode( + colander.String(), + description=_('Short name for this integration.'), + missing=colander.required, + title=_('Integration name'), + ) + + scope = colander.SchemaNode( + IntegrationScope(), + description=_( + 'Scope of the integration. Group scope means the integration ' + ' runs on all child repos of that group.'), + title=_('Integration scope'), + validator=deferred_integration_scopes_validator, + widget=deferred_integration_scopes_widget, + missing=colander.required, + ) + + enabled = colander.SchemaNode( + colander.Bool(), + default=True, + description=_('Enable or disable this integration.'), + missing=False, + title=_('Enabled'), + ) + + + +def make_integration_schema(IntegrationType, settings=None): + """ + Return a colander schema for an integration type + + :param IntegrationType: the integration type class + :param settings: existing integration settings dict (optional) + """ + + settings = settings or {} + settings_schema = IntegrationType(settings=settings).settings_schema() + + class IntegrationSchema(colander.Schema): + options = IntegrationOptionsSchemaBase() + + schema = IntegrationSchema() + schema['options'].title = _('General integration options') + + settings_schema.name = 'settings' + settings_schema.title = _('{integration_type} settings').format( + integration_type=IntegrationType.display_name) + schema.add(settings_schema) + + return schema + + diff --git a/rhodecode/public/css/deform.less b/rhodecode/public/css/deform.less --- a/rhodecode/public/css/deform.less +++ b/rhodecode/public/css/deform.less @@ -38,6 +38,17 @@ .form-control { width: 100%; + padding: 0.9em; + border: 1px solid #979797; + border-radius: 2px; + } + .form-control.select2-container { + padding: 0; /* padding already applied in .drop-menu a */ + } + + .form-control.readonly { + background: #eeeeee; + cursor: not-allowed; } .error-block { diff --git a/rhodecode/public/css/main.less b/rhodecode/public/css/main.less --- a/rhodecode/public/css/main.less +++ b/rhodecode/public/css/main.less @@ -1100,6 +1100,44 @@ table.issuetracker { } } +table.integrations { + .td-icon { + width: 20px; + .integration-icon { + height: 20px; + width: 20px; + } + } +} + +.integrations { + a.integration-box { + color: @text-color; + &:hover { + .panel { + background: #fbfbfb; + } + } + .integration-icon { + width: 30px; + height: 30px; + margin-right: 20px; + float: left; + } + + .panel-body { + padding: 10px; + } + .panel { + margin-bottom: 10px; + } + h2 { + display: inline-block; + margin: 0; + min-width: 140px; + } + } +} //Permissions Settings #add_perm { diff --git a/rhodecode/public/css/type.less b/rhodecode/public/css/type.less --- a/rhodecode/public/css/type.less +++ b/rhodecode/public/css/type.less @@ -261,7 +261,7 @@ mark, margin-bottom: 0; } - .links{ + .links { float: right; display: inline; margin: 0; @@ -270,7 +270,7 @@ mark, text-align: right; li:before { content: none; } - + li { float: right; } a { display: inline-block; margin-left: @textmargin/2; diff --git a/rhodecode/templates/admin/integrations/edit.html b/rhodecode/templates/admin/integrations/form.html rename from rhodecode/templates/admin/integrations/edit.html rename to rhodecode/templates/admin/integrations/form.html --- a/rhodecode/templates/admin/integrations/edit.html +++ b/rhodecode/templates/admin/integrations/form.html @@ -11,6 +11,19 @@ request.route_url(route_name='repo_integrations_list', repo_name=c.repo.repo_name, integration=current_IntegrationType.key))} + %elif c.repo_group: + ${h.link_to(_('Admin'),h.url('admin_home'))} + » + ${h.link_to(_('Repository Groups'),h.url('repo_groups'))} + » + ${h.link_to(c.repo_group.group_name,h.url('edit_repo_group', group_name=c.repo_group.group_name))} + » + ${h.link_to(_('Integrations'),request.route_url(route_name='repo_group_integrations_home', repo_group_name=c.repo_group.group_name))} + » + ${h.link_to(current_IntegrationType.display_name, + request.route_url(route_name='repo_group_integrations_list', + repo_group_name=c.repo_group.group_name, + integration=current_IntegrationType.key))} %else: ${h.link_to(_('Admin'),h.url('admin_home'))} » @@ -22,18 +35,31 @@ request.route_url(route_name='global_integrations_list', integration=current_IntegrationType.key))} %endif + %if integration: » ${integration.name} + %elif current_IntegrationType: + » + ${current_IntegrationType.display_name} %endif + +

%if integration: ${current_IntegrationType.display_name} - ${integration.name} %else: - ${_('Create New %(integration_type)s Integration') % {'integration_type': current_IntegrationType.display_name}} + ${_('Create New %(integration_type)s Integration') % { + 'integration_type': current_IntegrationType.display_name + }} %endif

diff --git a/rhodecode/templates/admin/integrations/list.html b/rhodecode/templates/admin/integrations/list.html --- a/rhodecode/templates/admin/integrations/list.html +++ b/rhodecode/templates/admin/integrations/list.html @@ -4,6 +4,12 @@ <%def name="breadcrumbs_links()"> %if c.repo: ${h.link_to('Settings',h.url('edit_repo', repo_name=c.repo.repo_name))} + %elif c.repo_group: + ${h.link_to(_('Admin'),h.url('admin_home'))} + » + ${h.link_to(_('Repository Groups'),h.url('repo_groups'))} + » + ${h.link_to(c.repo_group.group_name,h.url('edit_repo_group', group_name=c.repo_group.group_name))} %else: ${h.link_to(_('Admin'),h.url('admin_home'))} » @@ -15,6 +21,10 @@ ${h.link_to(_('Integrations'), request.route_url(route_name='repo_integrations_home', repo_name=c.repo.repo_name))} + %elif c.repo_group: + ${h.link_to(_('Integrations'), + request.route_url(route_name='repo_group_integrations_home', + repo_group_name=c.repo_group.group_name))} %else: ${h.link_to(_('Integrations'), request.route_url(route_name='global_integrations_home'))} @@ -26,54 +36,105 @@ ${_('Integrations')} %endif +
-

${_('Create New Integration')}

+

+ %if c.repo: + ${_('Current Integrations for Repository: {repo_name}').format(repo_name=c.repo.repo_name)} + %elif c.repo_group: + ${_('Current Integrations for repository group: {repo_group_name}').format(repo_group_name=c.repo_group.group_name)} + %else: + ${_('Current Integrations')} + %endif +

- %if not available_integrations: - ${_('No integrations available.')} - %else: - %for integration in available_integrations: - <% - if c.repo: - create_url = request.route_path('repo_integrations_create', + <% + if c.repo: + home_url = request.route_path('repo_integrations_home', + repo_name=c.repo.repo_name) + elif c.repo_group: + home_url = request.route_path('repo_group_integrations_home', + repo_group_name=c.repo_group.group_name) + else: + home_url = request.route_path('global_integrations_home') + %> + + ${_('All')} + + %for integration_key, IntegrationType in available_integrations.items(): + <% + if c.repo: + list_url = request.route_path('repo_integrations_list', repo_name=c.repo.repo_name, - integration=integration) - elif c.repo_group: - create_url = request.route_path('repo_group_integrations_create', + integration=integration_key) + elif c.repo_group: + list_url = request.route_path('repo_group_integrations_list', repo_group_name=c.repo_group.group_name, - integration=integration) - else: - create_url = request.route_path('global_integrations_create', - integration=integration) - %> - - ${integration} + integration=integration_key) + else: + list_url = request.route_path('global_integrations_list', + integration=integration_key) + %> + + ${IntegrationType.display_name} %endfor - %endif -
-
-
-
-

${_('Current Integrations')}

-
-
- + + <% + if c.repo: + create_url = h.route_path('repo_integrations_new', repo_name=c.repo.repo_name) + elif c.repo_group: + create_url = h.route_path('repo_group_integrations_new', repo_group_name=c.repo_group.group_name) + else: + create_url = h.route_path('global_integrations_new') + %> +

+ ${_(u'Create new integration')} +

+ +
- - - + + + + + %if not integrations_list: + + + + %endif + %for IntegrationType, integration in integrations_list: - + + + %endif - %endfor %endfor
${_('Enabled')}${_('Description')}${_('Type')}${_('Enabled')}${_('Name')}${_('Type')}${_('Scope')} ${_('Actions')}
+ <% integration_type = current_IntegrationType and current_IntegrationType.display_name or '' %> + %if c.repo: + ${_('No {type} integrations for repo {repo} exist yet.').format(type=integration_type, repo=c.repo.repo_name)} + %elif c.repo_group: + ${_('No {type} integrations for repogroup {repogroup} exist yet.').format(type=integration_type, repogroup=c.repo_group.group_name)} + %else: + ${_('No {type} integrations exist yet.').format(type=integration_type)} + %endif - %for integration_type, integrations in sorted(current_integrations.items()): - %for integration in sorted(integrations, key=lambda x: x.name): + %if current_IntegrationType: + <% + if c.repo: + create_url = h.route_path('repo_integrations_create', repo_name=c.repo.repo_name, integration=current_IntegrationType.key) + elif c.repo_group: + create_url = h.route_path('repo_group_integrations_create', repo_group_name=c.repo_group.group_name, integration=current_IntegrationType.key) + else: + create_url = h.route_path('global_integrations_create', integration=current_IntegrationType.key) + %> + %endif + + ${_(u'Create one')} +
%if integration.enabled: @@ -85,11 +146,39 @@ ${integration.name} + + %if integration.integration_type in available_integrations: +
+ ${available_integrations[integration.integration_type].icon|n} +
+ %else: + ? + %endif +
${integration.integration_type} + %if integration.repo: + + ${_('repo')}:${integration.repo.repo_name} + + %elif integration.repo_group: + + ${_('repogroup')}:${integration.repo_group.group_name} + + %else: + %if integration.scope == 'root_repos': + ${_('top level repos only')} + %elif integration.scope == 'global': + ${_('global')} + %else: + ${_('unknown scope')}: ${integration.scope} + %endif + - %if integration_type not in available_integrations: + %if not IntegrationType: ${_('unknown integration')} %else: <% @@ -122,11 +211,15 @@ %endif
+
+
+ ${integrations_list.pager('$link_previous ~2~ $link_next')} +
+