##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
python3: fix usage of int/long
super-admin -
r4935:18be5f3a default
parent child Browse files
Show More

The requested changes are too big and content was truncated. Show full diff

Show file before | Show file after | Hide comments
@@ -1,458 +1,458 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2014-2020 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 JSON RPC utils
23 23 """
24 24
25 25 import collections
26 26 import logging
27 27
28 28 from rhodecode.api.exc import JSONRPCError
29 29 from rhodecode.lib.auth import (
30 30 HasPermissionAnyApi, HasRepoPermissionAnyApi, HasRepoGroupPermissionAnyApi)
31 31 from rhodecode.lib.utils import safe_unicode
32 32 from rhodecode.lib.vcs.exceptions import RepositoryError
33 33 from rhodecode.lib.view_utils import get_commit_from_ref_name
34 34 from rhodecode.lib.utils2 import str2bool
35 35
36 36 log = logging.getLogger(__name__)
37 37
38 38
39 39 class OAttr(object):
40 40 """
41 41 Special Option that defines other attribute, and can default to them
42 42
43 43 Example::
44 44
45 45 def test(apiuser, userid=Optional(OAttr('apiuser')):
46 46 user = Optional.extract(userid, evaluate_locals=local())
47 47 #if we pass in userid, we get it, else it will default to apiuser
48 48 #attribute
49 49 """
50 50
51 51 def __init__(self, attr_name):
52 52 self.attr_name = attr_name
53 53
54 54 def __repr__(self):
55 55 return '<OptionalAttr:%s>' % self.attr_name
56 56
57 57 def __call__(self):
58 58 return self
59 59
60 60
61 61 class Optional(object):
62 62 """
63 63 Defines an optional parameter::
64 64
65 65 param = param.getval() if isinstance(param, Optional) else param
66 66 param = param() if isinstance(param, Optional) else param
67 67
68 68 is equivalent of::
69 69
70 70 param = Optional.extract(param)
71 71
72 72 """
73 73
74 74 def __init__(self, type_):
75 75 self.type_ = type_
76 76
77 77 def __repr__(self):
78 78 return '<Optional:%s>' % self.type_.__repr__()
79 79
80 80 def __call__(self):
81 81 return self.getval()
82 82
83 83 def getval(self, evaluate_locals=None):
84 84 """
85 85 returns value from this Optional instance
86 86 """
87 87 if isinstance(self.type_, OAttr):
88 88 param_name = self.type_.attr_name
89 89 if evaluate_locals:
90 90 return evaluate_locals[param_name]
91 91 # use params name
92 92 return param_name
93 93 return self.type_
94 94
95 95 @classmethod
96 96 def extract(cls, val, evaluate_locals=None, binary=None):
97 97 """
98 98 Extracts value from Optional() instance
99 99
100 100 :param val:
101 101 :return: original value if it's not Optional instance else
102 102 value of instance
103 103 """
104 104 if isinstance(val, cls):
105 105 val = val.getval(evaluate_locals)
106 106
107 107 if binary:
108 108 val = str2bool(val)
109 109
110 110 return val
111 111
112 112
113 113 def parse_args(cli_args, key_prefix=''):
114 114 from rhodecode.lib.utils2 import (escape_split)
115 115 kwargs = collections.defaultdict(dict)
116 116 for el in escape_split(cli_args, ','):
117 117 kv = escape_split(el, '=', 1)
118 118 if len(kv) == 2:
119 119 k, v = kv
120 120 kwargs[key_prefix + k] = v
121 121 return kwargs
122 122
123 123
124 124 def get_origin(obj):
125 125 """
126 126 Get origin of permission from object.
127 127
128 128 :param obj:
129 129 """
130 130 origin = 'permission'
131 131
132 132 if getattr(obj, 'owner_row', '') and getattr(obj, 'admin_row', ''):
133 133 # admin and owner case, maybe we should use dual string ?
134 134 origin = 'owner'
135 135 elif getattr(obj, 'owner_row', ''):
136 136 origin = 'owner'
137 137 elif getattr(obj, 'admin_row', ''):
138 138 origin = 'super-admin'
139 139 return origin
140 140
141 141
142 142 def store_update(updates, attr, name):
143 143 """
144 144 Stores param in updates dict if it's not instance of Optional
145 145 allows easy updates of passed in params
146 146 """
147 147 if not isinstance(attr, Optional):
148 148 updates[name] = attr
149 149
150 150
151 151 def has_superadmin_permission(apiuser):
152 152 """
153 153 Return True if apiuser is admin or return False
154 154
155 155 :param apiuser:
156 156 """
157 157 if HasPermissionAnyApi('hg.admin')(user=apiuser):
158 158 return True
159 159 return False
160 160
161 161
162 162 def validate_repo_permissions(apiuser, repoid, repo, perms):
163 163 """
164 164 Raise JsonRPCError if apiuser is not authorized or return True
165 165
166 166 :param apiuser:
167 167 :param repoid:
168 168 :param repo:
169 169 :param perms:
170 170 """
171 171 if not HasRepoPermissionAnyApi(*perms)(
172 172 user=apiuser, repo_name=repo.repo_name):
173 173 raise JSONRPCError('repository `%s` does not exist' % repoid)
174 174
175 175 return True
176 176
177 177
178 178 def validate_repo_group_permissions(apiuser, repogroupid, repo_group, perms):
179 179 """
180 180 Raise JsonRPCError if apiuser is not authorized or return True
181 181
182 182 :param apiuser:
183 183 :param repogroupid: just the id of repository group
184 184 :param repo_group: instance of repo_group
185 185 :param perms:
186 186 """
187 187 if not HasRepoGroupPermissionAnyApi(*perms)(
188 188 user=apiuser, group_name=repo_group.group_name):
189 189 raise JSONRPCError(
190 190 'repository group `%s` does not exist' % repogroupid)
191 191
192 192 return True
193 193
194 194
195 195 def validate_set_owner_permissions(apiuser, owner):
196 196 if isinstance(owner, Optional):
197 197 owner = get_user_or_error(apiuser.user_id)
198 198 else:
199 199 if has_superadmin_permission(apiuser):
200 200 owner = get_user_or_error(owner)
201 201 else:
202 202 # forbid setting owner for non-admins
203 203 raise JSONRPCError(
204 204 'Only RhodeCode super-admin can specify `owner` param')
205 205 return owner
206 206
207 207
208 208 def get_user_or_error(userid):
209 209 """
210 210 Get user by id or name or return JsonRPCError if not found
211 211
212 212 :param userid:
213 213 """
214 214 from rhodecode.model.user import UserModel
215 215 user_model = UserModel()
216 216
217 if isinstance(userid, (int, long)):
217 if isinstance(userid, int):
218 218 try:
219 219 user = user_model.get_user(userid)
220 220 except ValueError:
221 221 user = None
222 222 else:
223 223 user = user_model.get_by_username(userid)
224 224
225 225 if user is None:
226 226 raise JSONRPCError(
227 227 'user `%s` does not exist' % (userid,))
228 228 return user
229 229
230 230
231 231 def get_repo_or_error(repoid):
232 232 """
233 233 Get repo by id or name or return JsonRPCError if not found
234 234
235 235 :param repoid:
236 236 """
237 237 from rhodecode.model.repo import RepoModel
238 238 repo_model = RepoModel()
239 239
240 if isinstance(repoid, (int, long)):
240 if isinstance(repoid, int):
241 241 try:
242 242 repo = repo_model.get_repo(repoid)
243 243 except ValueError:
244 244 repo = None
245 245 else:
246 246 repo = repo_model.get_by_repo_name(repoid)
247 247
248 248 if repo is None:
249 249 raise JSONRPCError(
250 250 'repository `%s` does not exist' % (repoid,))
251 251 return repo
252 252
253 253
254 254 def get_repo_group_or_error(repogroupid):
255 255 """
256 256 Get repo group by id or name or return JsonRPCError if not found
257 257
258 258 :param repogroupid:
259 259 """
260 260 from rhodecode.model.repo_group import RepoGroupModel
261 261 repo_group_model = RepoGroupModel()
262 262
263 if isinstance(repogroupid, (int, long)):
263 if isinstance(repogroupid, int):
264 264 try:
265 265 repo_group = repo_group_model._get_repo_group(repogroupid)
266 266 except ValueError:
267 267 repo_group = None
268 268 else:
269 269 repo_group = repo_group_model.get_by_group_name(repogroupid)
270 270
271 271 if repo_group is None:
272 272 raise JSONRPCError(
273 273 'repository group `%s` does not exist' % (repogroupid,))
274 274 return repo_group
275 275
276 276
277 277 def get_user_group_or_error(usergroupid):
278 278 """
279 279 Get user group by id or name or return JsonRPCError if not found
280 280
281 281 :param usergroupid:
282 282 """
283 283 from rhodecode.model.user_group import UserGroupModel
284 284 user_group_model = UserGroupModel()
285 285
286 if isinstance(usergroupid, (int, long)):
286 if isinstance(usergroupid, int):
287 287 try:
288 288 user_group = user_group_model.get_group(usergroupid)
289 289 except ValueError:
290 290 user_group = None
291 291 else:
292 292 user_group = user_group_model.get_by_name(usergroupid)
293 293
294 294 if user_group is None:
295 295 raise JSONRPCError(
296 296 'user group `%s` does not exist' % (usergroupid,))
297 297 return user_group
298 298
299 299
300 300 def get_perm_or_error(permid, prefix=None):
301 301 """
302 302 Get permission by id or name or return JsonRPCError if not found
303 303
304 304 :param permid:
305 305 """
306 306 from rhodecode.model.permission import PermissionModel
307 307
308 308 perm = PermissionModel.cls.get_by_key(permid)
309 309 if perm is None:
310 310 msg = 'permission `{}` does not exist.'.format(permid)
311 311 if prefix:
312 312 msg += ' Permission should start with prefix: `{}`'.format(prefix)
313 313 raise JSONRPCError(msg)
314 314
315 315 if prefix:
316 316 if not perm.permission_name.startswith(prefix):
317 317 raise JSONRPCError('permission `%s` is invalid, '
318 318 'should start with %s' % (permid, prefix))
319 319 return perm
320 320
321 321
322 322 def get_gist_or_error(gistid):
323 323 """
324 324 Get gist by id or gist_access_id or return JsonRPCError if not found
325 325
326 326 :param gistid:
327 327 """
328 328 from rhodecode.model.gist import GistModel
329 329
330 330 gist = GistModel.cls.get_by_access_id(gistid)
331 331 if gist is None:
332 332 raise JSONRPCError('gist `%s` does not exist' % (gistid,))
333 333 return gist
334 334
335 335
336 336 def get_pull_request_or_error(pullrequestid):
337 337 """
338 338 Get pull request by id or return JsonRPCError if not found
339 339
340 340 :param pullrequestid:
341 341 """
342 342 from rhodecode.model.pull_request import PullRequestModel
343 343
344 344 try:
345 345 pull_request = PullRequestModel().get(int(pullrequestid))
346 346 except ValueError:
347 347 raise JSONRPCError('pullrequestid must be an integer')
348 348 if not pull_request:
349 349 raise JSONRPCError('pull request `%s` does not exist' % (
350 350 pullrequestid,))
351 351 return pull_request
352 352
353 353
354 354 def build_commit_data(rhodecode_vcs_repo, commit, detail_level):
355 355 commit2 = commit
356 356 commit1 = commit.first_parent
357 357
358 358 parsed_diff = []
359 359 if detail_level == 'extended':
360 360 for f_path in commit.added_paths:
361 361 parsed_diff.append(_get_commit_dict(filename=f_path, op='A'))
362 362 for f_path in commit.changed_paths:
363 363 parsed_diff.append(_get_commit_dict(filename=f_path, op='M'))
364 364 for f_path in commit.removed_paths:
365 365 parsed_diff.append(_get_commit_dict(filename=f_path, op='D'))
366 366
367 367 elif detail_level == 'full':
368 368 from rhodecode.lib import diffs
369 369
370 370 _diff = rhodecode_vcs_repo.get_diff(commit1, commit2,)
371 371 diff_processor = diffs.DiffProcessor(_diff, format='newdiff', show_full_diff=True)
372 372
373 373 for dp in diff_processor.prepare():
374 374 del dp['stats']['ops']
375 375 _stats = dp['stats']
376 376 parsed_diff.append(_get_commit_dict(
377 377 filename=dp['filename'], op=dp['operation'],
378 378 new_revision=dp['new_revision'],
379 379 old_revision=dp['old_revision'],
380 380 raw_diff=dp['raw_diff'], stats=_stats))
381 381
382 382 return parsed_diff
383 383
384 384
385 385 def get_commit_or_error(ref, repo):
386 386 try:
387 387 ref_type, _, ref_hash = ref.split(':')
388 388 except ValueError:
389 389 raise JSONRPCError(
390 390 'Ref `{ref}` given in a wrong format. Please check the API'
391 391 ' documentation for more details'.format(ref=ref))
392 392 try:
393 393 # TODO: dan: refactor this to use repo.scm_instance().get_commit()
394 394 # once get_commit supports ref_types
395 395 return get_commit_from_ref_name(repo, ref_hash)
396 396 except RepositoryError:
397 397 raise JSONRPCError('Ref `{ref}` does not exist'.format(ref=ref))
398 398
399 399
400 400 def _get_ref_hash(repo, type_, name):
401 401 vcs_repo = repo.scm_instance()
402 402 if type_ in ['branch'] and vcs_repo.alias in ('hg', 'git'):
403 403 return vcs_repo.branches[name]
404 404 elif type_ in ['bookmark', 'book'] and vcs_repo.alias == 'hg':
405 405 return vcs_repo.bookmarks[name]
406 406 else:
407 407 raise ValueError()
408 408
409 409
410 410 def resolve_ref_or_error(ref, repo, allowed_ref_types=None):
411 411 allowed_ref_types = allowed_ref_types or ['bookmark', 'book', 'tag', 'branch']
412 412
413 413 def _parse_ref(type_, name, hash_=None):
414 414 return type_, name, hash_
415 415
416 416 try:
417 417 ref_type, ref_name, ref_hash = _parse_ref(*ref.split(':'))
418 418 except TypeError:
419 419 raise JSONRPCError(
420 420 'Ref `{ref}` given in a wrong format. Please check the API'
421 421 ' documentation for more details'.format(ref=ref))
422 422
423 423 if ref_type not in allowed_ref_types:
424 424 raise JSONRPCError(
425 425 'Ref `{ref}` type is not allowed. '
426 426 'Only:{allowed_refs} are possible.'.format(
427 427 ref=ref, allowed_refs=allowed_ref_types))
428 428
429 429 try:
430 430 ref_hash = ref_hash or _get_ref_hash(repo, ref_type, ref_name)
431 431 except (KeyError, ValueError):
432 432 raise JSONRPCError(
433 433 'The specified value:{type}:`{name}` does not exist, or is not allowed.'.format(
434 434 type=ref_type, name=ref_name))
435 435
436 436 return ':'.join([ref_type, ref_name, ref_hash])
437 437
438 438
439 439 def _get_commit_dict(
440 440 filename, op, new_revision=None, old_revision=None,
441 441 raw_diff=None, stats=None):
442 442 if stats is None:
443 443 stats = {
444 444 "added": None,
445 445 "binary": None,
446 446 "deleted": None
447 447 }
448 448 return {
449 449 "filename": safe_unicode(filename),
450 450 "op": op,
451 451
452 452 # extra details
453 453 "new_revision": new_revision,
454 454 "old_revision": old_revision,
455 455
456 456 "raw_diff": raw_diff,
457 457 "stats": stats
458 458 }
Show file before | Show file after | Hide comments
@@ -1,818 +1,818 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2020 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 Authentication modules
23 23 """
24 24 import socket
25 25 import string
26 26 import colander
27 27 import copy
28 28 import logging
29 29 import time
30 30 import traceback
31 31 import warnings
32 32 import functools
33 33
34 34 from pyramid.threadlocal import get_current_registry
35 35
36 36 from rhodecode.authentication.interface import IAuthnPluginRegistry
37 37 from rhodecode.authentication.schema import AuthnPluginSettingsSchemaBase
38 38 from rhodecode.lib import rc_cache
39 39 from rhodecode.lib.statsd_client import StatsdClient
40 40 from rhodecode.lib.auth import PasswordGenerator, _RhodeCodeCryptoBCrypt
41 41 from rhodecode.lib.utils2 import safe_int, safe_str
42 42 from rhodecode.lib.exceptions import (LdapConnectionError, LdapUsernameError, LdapPasswordError)
43 43 from rhodecode.model.db import User
44 44 from rhodecode.model.meta import Session
45 45 from rhodecode.model.settings import SettingsModel
46 46 from rhodecode.model.user import UserModel
47 47 from rhodecode.model.user_group import UserGroupModel
48 48
49 49
50 50 log = logging.getLogger(__name__)
51 51
52 52 # auth types that authenticate() function can receive
53 53 VCS_TYPE = 'vcs'
54 54 HTTP_TYPE = 'http'
55 55
56 56 external_auth_session_key = 'rhodecode.external_auth'
57 57
58 58
59 59 class hybrid_property(object):
60 60 """
61 61 a property decorator that works both for instance and class
62 62 """
63 63 def __init__(self, fget, fset=None, fdel=None, expr=None):
64 64 self.fget = fget
65 65 self.fset = fset
66 66 self.fdel = fdel
67 67 self.expr = expr or fget
68 68 functools.update_wrapper(self, fget)
69 69
70 70 def __get__(self, instance, owner):
71 71 if instance is None:
72 72 return self.expr(owner)
73 73 else:
74 74 return self.fget(instance)
75 75
76 76 def __set__(self, instance, value):
77 77 self.fset(instance, value)
78 78
79 79 def __delete__(self, instance):
80 80 self.fdel(instance)
81 81
82 82
83 83 class LazyFormencode(object):
84 84 def __init__(self, formencode_obj, *args, **kwargs):
85 85 self.formencode_obj = formencode_obj
86 86 self.args = args
87 87 self.kwargs = kwargs
88 88
89 89 def __call__(self, *args, **kwargs):
90 90 from inspect import isfunction
91 91 formencode_obj = self.formencode_obj
92 92 if isfunction(formencode_obj):
93 93 # case we wrap validators into functions
94 94 formencode_obj = self.formencode_obj(*args, **kwargs)
95 95 return formencode_obj(*self.args, **self.kwargs)
96 96
97 97
98 98 class RhodeCodeAuthPluginBase(object):
99 99 # UID is used to register plugin to the registry
100 100 uid = None
101 101
102 102 # cache the authentication request for N amount of seconds. Some kind
103 103 # of authentication methods are very heavy and it's very efficient to cache
104 104 # the result of a call. If it's set to None (default) cache is off
105 105 AUTH_CACHE_TTL = None
106 106 AUTH_CACHE = {}
107 107
108 108 auth_func_attrs = {
109 109 "username": "unique username",
110 110 "firstname": "first name",
111 111 "lastname": "last name",
112 112 "email": "email address",
113 113 "groups": '["list", "of", "groups"]',
114 114 "user_group_sync":
115 115 'True|False defines if returned user groups should be synced',
116 116 "extern_name": "name in external source of record",
117 117 "extern_type": "type of external source of record",
118 118 "admin": 'True|False defines if user should be RhodeCode super admin',
119 119 "active":
120 120 'True|False defines active state of user internally for RhodeCode',
121 121 "active_from_extern":
122 122 "True|False|None, active state from the external auth, "
123 123 "None means use definition from RhodeCode extern_type active value"
124 124
125 125 }
126 126 # set on authenticate() method and via set_auth_type func.
127 127 auth_type = None
128 128
129 129 # set on authenticate() method and via set_calling_scope_repo, this is a
130 130 # calling scope repository when doing authentication most likely on VCS
131 131 # operations
132 132 acl_repo_name = None
133 133
134 134 # List of setting names to store encrypted. Plugins may override this list
135 135 # to store settings encrypted.
136 136 _settings_encrypted = []
137 137
138 138 # Mapping of python to DB settings model types. Plugins may override or
139 139 # extend this mapping.
140 140 _settings_type_map = {
141 141 colander.String: 'unicode',
142 142 colander.Integer: 'int',
143 143 colander.Boolean: 'bool',
144 144 colander.List: 'list',
145 145 }
146 146
147 147 # list of keys in settings that are unsafe to be logged, should be passwords
148 148 # or other crucial credentials
149 149 _settings_unsafe_keys = []
150 150
151 151 def __init__(self, plugin_id):
152 152 self._plugin_id = plugin_id
153 153
154 154 def __str__(self):
155 155 return self.get_id()
156 156
157 157 def _get_setting_full_name(self, name):
158 158 """
159 159 Return the full setting name used for storing values in the database.
160 160 """
161 161 # TODO: johbo: Using the name here is problematic. It would be good to
162 162 # introduce either new models in the database to hold Plugin and
163 163 # PluginSetting or to use the plugin id here.
164 164 return 'auth_{}_{}'.format(self.name, name)
165 165
166 166 def _get_setting_type(self, name):
167 167 """
168 168 Return the type of a setting. This type is defined by the SettingsModel
169 169 and determines how the setting is stored in DB. Optionally the suffix
170 170 `.encrypted` is appended to instruct SettingsModel to store it
171 171 encrypted.
172 172 """
173 173 schema_node = self.get_settings_schema().get(name)
174 174 db_type = self._settings_type_map.get(
175 175 type(schema_node.typ), 'unicode')
176 176 if name in self._settings_encrypted:
177 177 db_type = '{}.encrypted'.format(db_type)
178 178 return db_type
179 179
180 180 @classmethod
181 181 def docs(cls):
182 182 """
183 183 Defines documentation url which helps with plugin setup
184 184 """
185 185 return ''
186 186
187 187 @classmethod
188 188 def icon(cls):
189 189 """
190 190 Defines ICON in SVG format for authentication method
191 191 """
192 192 return ''
193 193
194 194 def is_enabled(self):
195 195 """
196 196 Returns true if this plugin is enabled. An enabled plugin can be
197 197 configured in the admin interface but it is not consulted during
198 198 authentication.
199 199 """
200 200 auth_plugins = SettingsModel().get_auth_plugins()
201 201 return self.get_id() in auth_plugins
202 202
203 203 def is_active(self, plugin_cached_settings=None):
204 204 """
205 205 Returns true if the plugin is activated. An activated plugin is
206 206 consulted during authentication, assumed it is also enabled.
207 207 """
208 208 return self.get_setting_by_name(
209 209 'enabled', plugin_cached_settings=plugin_cached_settings)
210 210
211 211 def get_id(self):
212 212 """
213 213 Returns the plugin id.
214 214 """
215 215 return self._plugin_id
216 216
217 217 def get_display_name(self, load_from_settings=False):
218 218 """
219 219 Returns a translation string for displaying purposes.
220 220 if load_from_settings is set, plugin settings can override the display name
221 221 """
222 222 raise NotImplementedError('Not implemented in base class')
223 223
224 224 def get_settings_schema(self):
225 225 """
226 226 Returns a colander schema, representing the plugin settings.
227 227 """
228 228 return AuthnPluginSettingsSchemaBase()
229 229
230 230 def _propagate_settings(self, raw_settings):
231 231 settings = {}
232 232 for node in self.get_settings_schema():
233 233 settings[node.name] = self.get_setting_by_name(
234 234 node.name, plugin_cached_settings=raw_settings)
235 235 return settings
236 236
237 237 def get_settings(self, use_cache=True):
238 238 """
239 239 Returns the plugin settings as dictionary.
240 240 """
241 241
242 242 raw_settings = SettingsModel().get_all_settings(cache=use_cache)
243 243 settings = self._propagate_settings(raw_settings)
244 244
245 245 return settings
246 246
247 247 def get_setting_by_name(self, name, default=None, plugin_cached_settings=None):
248 248 """
249 249 Returns a plugin setting by name.
250 250 """
251 251 full_name = 'rhodecode_{}'.format(self._get_setting_full_name(name))
252 252 if plugin_cached_settings:
253 253 plugin_settings = plugin_cached_settings
254 254 else:
255 255 plugin_settings = SettingsModel().get_all_settings()
256 256
257 257 if full_name in plugin_settings:
258 258 return plugin_settings[full_name]
259 259 else:
260 260 return default
261 261
262 262 def create_or_update_setting(self, name, value):
263 263 """
264 264 Create or update a setting for this plugin in the persistent storage.
265 265 """
266 266 full_name = self._get_setting_full_name(name)
267 267 type_ = self._get_setting_type(name)
268 268 db_setting = SettingsModel().create_or_update_setting(
269 269 full_name, value, type_)
270 270 return db_setting.app_settings_value
271 271
272 272 def log_safe_settings(self, settings):
273 273 """
274 274 returns a log safe representation of settings, without any secrets
275 275 """
276 276 settings_copy = copy.deepcopy(settings)
277 277 for k in self._settings_unsafe_keys:
278 278 if k in settings_copy:
279 279 del settings_copy[k]
280 280 return settings_copy
281 281
282 282 @hybrid_property
283 283 def name(self):
284 284 """
285 285 Returns the name of this authentication plugin.
286 286
287 287 :returns: string
288 288 """
289 289 raise NotImplementedError("Not implemented in base class")
290 290
291 291 def get_url_slug(self):
292 292 """
293 293 Returns a slug which should be used when constructing URLs which refer
294 294 to this plugin. By default it returns the plugin name. If the name is
295 295 not suitable for using it in an URL the plugin should override this
296 296 method.
297 297 """
298 298 return self.name
299 299
300 300 @property
301 301 def is_headers_auth(self):
302 302 """
303 303 Returns True if this authentication plugin uses HTTP headers as
304 304 authentication method.
305 305 """
306 306 return False
307 307
308 308 @hybrid_property
309 309 def is_container_auth(self):
310 310 """
311 311 Deprecated method that indicates if this authentication plugin uses
312 312 HTTP headers as authentication method.
313 313 """
314 314 warnings.warn(
315 315 'Use is_headers_auth instead.', category=DeprecationWarning)
316 316 return self.is_headers_auth
317 317
318 318 @hybrid_property
319 319 def allows_creating_users(self):
320 320 """
321 321 Defines if Plugin allows users to be created on-the-fly when
322 322 authentication is called. Controls how external plugins should behave
323 323 in terms if they are allowed to create new users, or not. Base plugins
324 324 should not be allowed to, but External ones should be !
325 325
326 326 :return: bool
327 327 """
328 328 return False
329 329
330 330 def set_auth_type(self, auth_type):
331 331 self.auth_type = auth_type
332 332
333 333 def set_calling_scope_repo(self, acl_repo_name):
334 334 self.acl_repo_name = acl_repo_name
335 335
336 336 def allows_authentication_from(
337 337 self, user, allows_non_existing_user=True,
338 338 allowed_auth_plugins=None, allowed_auth_sources=None):
339 339 """
340 340 Checks if this authentication module should accept a request for
341 341 the current user.
342 342
343 343 :param user: user object fetched using plugin's get_user() method.
344 344 :param allows_non_existing_user: if True, don't allow the
345 345 user to be empty, meaning not existing in our database
346 346 :param allowed_auth_plugins: if provided, users extern_type will be
347 347 checked against a list of provided extern types, which are plugin
348 348 auth_names in the end
349 349 :param allowed_auth_sources: authentication type allowed,
350 350 `http` or `vcs` default is both.
351 351 defines if plugin will accept only http authentication vcs
352 352 authentication(git/hg) or both
353 353 :returns: boolean
354 354 """
355 355 if not user and not allows_non_existing_user:
356 356 log.debug('User is empty but plugin does not allow empty users,'
357 357 'not allowed to authenticate')
358 358 return False
359 359
360 360 expected_auth_plugins = allowed_auth_plugins or [self.name]
361 361 if user and (user.extern_type and
362 362 user.extern_type not in expected_auth_plugins):
363 363 log.debug(
364 364 'User `%s` is bound to `%s` auth type. Plugin allows only '
365 365 '%s, skipping', user, user.extern_type, expected_auth_plugins)
366 366
367 367 return False
368 368
369 369 # by default accept both
370 370 expected_auth_from = allowed_auth_sources or [HTTP_TYPE, VCS_TYPE]
371 371 if self.auth_type not in expected_auth_from:
372 372 log.debug('Current auth source is %s but plugin only allows %s',
373 373 self.auth_type, expected_auth_from)
374 374 return False
375 375
376 376 return True
377 377
378 378 def get_user(self, username=None, **kwargs):
379 379 """
380 380 Helper method for user fetching in plugins, by default it's using
381 381 simple fetch by username, but this method can be custimized in plugins
382 382 eg. headers auth plugin to fetch user by environ params
383 383
384 384 :param username: username if given to fetch from database
385 385 :param kwargs: extra arguments needed for user fetching.
386 386 """
387 387 user = None
388 388 log.debug(
389 389 'Trying to fetch user `%s` from RhodeCode database', username)
390 390 if username:
391 391 user = User.get_by_username(username)
392 392 if not user:
393 393 log.debug('User not found, fallback to fetch user in '
394 394 'case insensitive mode')
395 395 user = User.get_by_username(username, case_insensitive=True)
396 396 else:
397 397 log.debug('provided username:`%s` is empty skipping...', username)
398 398 if not user:
399 399 log.debug('User `%s` not found in database', username)
400 400 else:
401 401 log.debug('Got DB user:%s', user)
402 402 return user
403 403
404 404 def user_activation_state(self):
405 405 """
406 406 Defines user activation state when creating new users
407 407
408 408 :returns: boolean
409 409 """
410 410 raise NotImplementedError("Not implemented in base class")
411 411
412 412 def auth(self, userobj, username, passwd, settings, **kwargs):
413 413 """
414 414 Given a user object (which may be null), username, a plaintext
415 415 password, and a settings object (containing all the keys needed as
416 416 listed in settings()), authenticate this user's login attempt.
417 417
418 418 Return None on failure. On success, return a dictionary of the form:
419 419
420 420 see: RhodeCodeAuthPluginBase.auth_func_attrs
421 421 This is later validated for correctness
422 422 """
423 423 raise NotImplementedError("not implemented in base class")
424 424
425 425 def _authenticate(self, userobj, username, passwd, settings, **kwargs):
426 426 """
427 427 Wrapper to call self.auth() that validates call on it
428 428
429 429 :param userobj: userobj
430 430 :param username: username
431 431 :param passwd: plaintext password
432 432 :param settings: plugin settings
433 433 """
434 434 auth = self.auth(userobj, username, passwd, settings, **kwargs)
435 435 if auth:
436 436 auth['_plugin'] = self.name
437 437 auth['_ttl_cache'] = self.get_ttl_cache(settings)
438 438 # check if hash should be migrated ?
439 439 new_hash = auth.get('_hash_migrate')
440 440 if new_hash:
441 441 self._migrate_hash_to_bcrypt(username, passwd, new_hash)
442 442 if 'user_group_sync' not in auth:
443 443 auth['user_group_sync'] = False
444 444 return self._validate_auth_return(auth)
445 445 return auth
446 446
447 447 def _migrate_hash_to_bcrypt(self, username, password, new_hash):
448 448 new_hash_cypher = _RhodeCodeCryptoBCrypt()
449 449 # extra checks, so make sure new hash is correct.
450 450 password_encoded = safe_str(password)
451 451 if new_hash and new_hash_cypher.hash_check(
452 452 password_encoded, new_hash):
453 453 cur_user = User.get_by_username(username)
454 454 cur_user.password = new_hash
455 455 Session().add(cur_user)
456 456 Session().flush()
457 457 log.info('Migrated user %s hash to bcrypt', cur_user)
458 458
459 459 def _validate_auth_return(self, ret):
460 460 if not isinstance(ret, dict):
461 461 raise Exception('returned value from auth must be a dict')
462 462 for k in self.auth_func_attrs:
463 463 if k not in ret:
464 464 raise Exception('Missing %s attribute from returned data' % k)
465 465 return ret
466 466
467 467 def get_ttl_cache(self, settings=None):
468 468 plugin_settings = settings or self.get_settings()
469 469 # we set default to 30, we make a compromise here,
470 470 # performance > security, mostly due to LDAP/SVN, majority
471 471 # of users pick cache_ttl to be enabled
472 472 from rhodecode.authentication import plugin_default_auth_ttl
473 473 cache_ttl = plugin_default_auth_ttl
474 474
475 if isinstance(self.AUTH_CACHE_TTL, (int, long)):
475 if isinstance(self.AUTH_CACHE_TTL, int):
476 476 # plugin cache set inside is more important than the settings value
477 477 cache_ttl = self.AUTH_CACHE_TTL
478 478 elif plugin_settings.get('cache_ttl'):
479 479 cache_ttl = safe_int(plugin_settings.get('cache_ttl'), 0)
480 480
481 481 plugin_cache_active = bool(cache_ttl and cache_ttl > 0)
482 482 return plugin_cache_active, cache_ttl
483 483
484 484
485 485 class RhodeCodeExternalAuthPlugin(RhodeCodeAuthPluginBase):
486 486
487 487 @hybrid_property
488 488 def allows_creating_users(self):
489 489 return True
490 490
491 491 def use_fake_password(self):
492 492 """
493 493 Return a boolean that indicates whether or not we should set the user's
494 494 password to a random value when it is authenticated by this plugin.
495 495 If your plugin provides authentication, then you will generally
496 496 want this.
497 497
498 498 :returns: boolean
499 499 """
500 500 raise NotImplementedError("Not implemented in base class")
501 501
502 502 def _authenticate(self, userobj, username, passwd, settings, **kwargs):
503 503 # at this point _authenticate calls plugin's `auth()` function
504 504 auth = super(RhodeCodeExternalAuthPlugin, self)._authenticate(
505 505 userobj, username, passwd, settings, **kwargs)
506 506
507 507 if auth:
508 508 # maybe plugin will clean the username ?
509 509 # we should use the return value
510 510 username = auth['username']
511 511
512 512 # if external source tells us that user is not active, we should
513 513 # skip rest of the process. This can prevent from creating users in
514 514 # RhodeCode when using external authentication, but if it's
515 515 # inactive user we shouldn't create that user anyway
516 516 if auth['active_from_extern'] is False:
517 517 log.warning(
518 518 "User %s authenticated against %s, but is inactive",
519 519 username, self.__module__)
520 520 return None
521 521
522 522 cur_user = User.get_by_username(username, case_insensitive=True)
523 523 is_user_existing = cur_user is not None
524 524
525 525 if is_user_existing:
526 526 log.debug('Syncing user `%s` from '
527 527 '`%s` plugin', username, self.name)
528 528 else:
529 529 log.debug('Creating non existing user `%s` from '
530 530 '`%s` plugin', username, self.name)
531 531
532 532 if self.allows_creating_users:
533 533 log.debug('Plugin `%s` allows to '
534 534 'create new users', self.name)
535 535 else:
536 536 log.debug('Plugin `%s` does not allow to '
537 537 'create new users', self.name)
538 538
539 539 user_parameters = {
540 540 'username': username,
541 541 'email': auth["email"],
542 542 'firstname': auth["firstname"],
543 543 'lastname': auth["lastname"],
544 544 'active': auth["active"],
545 545 'admin': auth["admin"],
546 546 'extern_name': auth["extern_name"],
547 547 'extern_type': self.name,
548 548 'plugin': self,
549 549 'allow_to_create_user': self.allows_creating_users,
550 550 }
551 551
552 552 if not is_user_existing:
553 553 if self.use_fake_password():
554 554 # Randomize the PW because we don't need it, but don't want
555 555 # them blank either
556 556 passwd = PasswordGenerator().gen_password(length=16)
557 557 user_parameters['password'] = passwd
558 558 else:
559 559 # Since the password is required by create_or_update method of
560 560 # UserModel, we need to set it explicitly.
561 561 # The create_or_update method is smart and recognises the
562 562 # password hashes as well.
563 563 user_parameters['password'] = cur_user.password
564 564
565 565 # we either create or update users, we also pass the flag
566 566 # that controls if this method can actually do that.
567 567 # raises NotAllowedToCreateUserError if it cannot, and we try to.
568 568 user = UserModel().create_or_update(**user_parameters)
569 569 Session().flush()
570 570 # enforce user is just in given groups, all of them has to be ones
571 571 # created from plugins. We store this info in _group_data JSON
572 572 # field
573 573
574 574 if auth['user_group_sync']:
575 575 try:
576 576 groups = auth['groups'] or []
577 577 log.debug(
578 578 'Performing user_group sync based on set `%s` '
579 579 'returned by `%s` plugin', groups, self.name)
580 580 UserGroupModel().enforce_groups(user, groups, self.name)
581 581 except Exception:
582 582 # for any reason group syncing fails, we should
583 583 # proceed with login
584 584 log.error(traceback.format_exc())
585 585
586 586 Session().commit()
587 587 return auth
588 588
589 589
590 590 class AuthLdapBase(object):
591 591
592 592 @classmethod
593 593 def _build_servers(cls, ldap_server_type, ldap_server, port, use_resolver=True):
594 594
595 595 def host_resolver(host, port, full_resolve=True):
596 596 """
597 597 Main work for this function is to prevent ldap connection issues,
598 598 and detect them early using a "greenified" sockets
599 599 """
600 600 host = host.strip()
601 601 if not full_resolve:
602 602 return '{}:{}'.format(host, port)
603 603
604 604 log.debug('LDAP: Resolving IP for LDAP host `%s`', host)
605 605 try:
606 606 ip = socket.gethostbyname(host)
607 607 log.debug('LDAP: Got LDAP host `%s` ip %s', host, ip)
608 608 except Exception:
609 609 raise LdapConnectionError('Failed to resolve host: `{}`'.format(host))
610 610
611 611 log.debug('LDAP: Checking if IP %s is accessible', ip)
612 612 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
613 613 try:
614 614 s.connect((ip, int(port)))
615 615 s.shutdown(socket.SHUT_RD)
616 616 log.debug('LDAP: connection to %s successful', ip)
617 617 except Exception:
618 618 raise LdapConnectionError(
619 619 'Failed to connect to host: `{}:{}`'.format(host, port))
620 620
621 621 return '{}:{}'.format(host, port)
622 622
623 623 if len(ldap_server) == 1:
624 624 # in case of single server use resolver to detect potential
625 625 # connection issues
626 626 full_resolve = True
627 627 else:
628 628 full_resolve = False
629 629
630 630 return ', '.join(
631 631 ["{}://{}".format(
632 632 ldap_server_type,
633 633 host_resolver(host, port, full_resolve=use_resolver and full_resolve))
634 634 for host in ldap_server])
635 635
636 636 @classmethod
637 637 def _get_server_list(cls, servers):
638 638 return map(string.strip, servers.split(','))
639 639
640 640 @classmethod
641 641 def get_uid(cls, username, server_addresses):
642 642 uid = username
643 643 for server_addr in server_addresses:
644 644 uid = chop_at(username, "@%s" % server_addr)
645 645 return uid
646 646
647 647 @classmethod
648 648 def validate_username(cls, username):
649 649 if "," in username:
650 650 raise LdapUsernameError(
651 651 "invalid character `,` in username: `{}`".format(username))
652 652
653 653 @classmethod
654 654 def validate_password(cls, username, password):
655 655 if not password:
656 656 msg = "Authenticating user %s with blank password not allowed"
657 657 log.warning(msg, username)
658 658 raise LdapPasswordError(msg)
659 659
660 660
661 661 def loadplugin(plugin_id):
662 662 """
663 663 Loads and returns an instantiated authentication plugin.
664 664 Returns the RhodeCodeAuthPluginBase subclass on success,
665 665 or None on failure.
666 666 """
667 667 # TODO: Disusing pyramids thread locals to retrieve the registry.
668 668 authn_registry = get_authn_registry()
669 669 plugin = authn_registry.get_plugin(plugin_id)
670 670 if plugin is None:
671 671 log.error('Authentication plugin not found: "%s"', plugin_id)
672 672 return plugin
673 673
674 674
675 675 def get_authn_registry(registry=None):
676 676 registry = registry or get_current_registry()
677 677 authn_registry = registry.queryUtility(IAuthnPluginRegistry)
678 678 return authn_registry
679 679
680 680
681 681 def authenticate(username, password, environ=None, auth_type=None,
682 682 skip_missing=False, registry=None, acl_repo_name=None):
683 683 """
684 684 Authentication function used for access control,
685 685 It tries to authenticate based on enabled authentication modules.
686 686
687 687 :param username: username can be empty for headers auth
688 688 :param password: password can be empty for headers auth
689 689 :param environ: environ headers passed for headers auth
690 690 :param auth_type: type of authentication, either `HTTP_TYPE` or `VCS_TYPE`
691 691 :param skip_missing: ignores plugins that are in db but not in environment
692 692 :returns: None if auth failed, plugin_user dict if auth is correct
693 693 """
694 694 if not auth_type or auth_type not in [HTTP_TYPE, VCS_TYPE]:
695 695 raise ValueError('auth type must be on of http, vcs got "%s" instead'
696 696 % auth_type)
697 697 headers_only = environ and not (username and password)
698 698
699 699 authn_registry = get_authn_registry(registry)
700 700
701 701 plugins_to_check = authn_registry.get_plugins_for_authentication()
702 702 log.debug('Starting ordered authentication chain using %s plugins',
703 703 [x.name for x in plugins_to_check])
704 704 for plugin in plugins_to_check:
705 705 plugin.set_auth_type(auth_type)
706 706 plugin.set_calling_scope_repo(acl_repo_name)
707 707
708 708 if headers_only and not plugin.is_headers_auth:
709 709 log.debug('Auth type is for headers only and plugin `%s` is not '
710 710 'headers plugin, skipping...', plugin.get_id())
711 711 continue
712 712
713 713 log.debug('Trying authentication using ** %s **', plugin.get_id())
714 714
715 715 # load plugin settings from RhodeCode database
716 716 plugin_settings = plugin.get_settings()
717 717 plugin_sanitized_settings = plugin.log_safe_settings(plugin_settings)
718 718 log.debug('Plugin `%s` settings:%s', plugin.get_id(), plugin_sanitized_settings)
719 719
720 720 # use plugin's method of user extraction.
721 721 user = plugin.get_user(username, environ=environ,
722 722 settings=plugin_settings)
723 723 display_user = user.username if user else username
724 724 log.debug(
725 725 'Plugin %s extracted user is `%s`', plugin.get_id(), display_user)
726 726
727 727 if not plugin.allows_authentication_from(user):
728 728 log.debug('Plugin %s does not accept user `%s` for authentication',
729 729 plugin.get_id(), display_user)
730 730 continue
731 731 else:
732 732 log.debug('Plugin %s accepted user `%s` for authentication',
733 733 plugin.get_id(), display_user)
734 734
735 735 log.info('Authenticating user `%s` using %s plugin',
736 736 display_user, plugin.get_id())
737 737
738 738 plugin_cache_active, cache_ttl = plugin.get_ttl_cache(plugin_settings)
739 739
740 740 log.debug('AUTH_CACHE_TTL for plugin `%s` active: %s (TTL: %s)',
741 741 plugin.get_id(), plugin_cache_active, cache_ttl)
742 742
743 743 user_id = user.user_id if user else 'no-user'
744 744 # don't cache for empty users
745 745 plugin_cache_active = plugin_cache_active and user_id
746 746 cache_namespace_uid = 'cache_user_auth.{}'.format(user_id)
747 747 region = rc_cache.get_or_create_region('cache_perms', cache_namespace_uid)
748 748
749 749 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid,
750 750 expiration_time=cache_ttl,
751 751 condition=plugin_cache_active)
752 752 def compute_auth(
753 753 cache_name, plugin_name, username, password):
754 754
755 755 # _authenticate is a wrapper for .auth() method of plugin.
756 756 # it checks if .auth() sends proper data.
757 757 # For RhodeCodeExternalAuthPlugin it also maps users to
758 758 # Database and maps the attributes returned from .auth()
759 759 # to RhodeCode database. If this function returns data
760 760 # then auth is correct.
761 761 log.debug('Running plugin `%s` _authenticate method '
762 762 'using username and password', plugin.get_id())
763 763 return plugin._authenticate(
764 764 user, username, password, plugin_settings,
765 765 environ=environ or {})
766 766
767 767 start = time.time()
768 768 # for environ based auth, password can be empty, but then the validation is
769 769 # on the server that fills in the env data needed for authentication
770 770 plugin_user = compute_auth('auth', plugin.name, username, (password or ''))
771 771
772 772 auth_time = time.time() - start
773 773 log.debug('Authentication for plugin `%s` completed in %.4fs, '
774 774 'expiration time of fetched cache %.1fs.',
775 775 plugin.get_id(), auth_time, cache_ttl,
776 776 extra={"plugin": plugin.get_id(), "time": auth_time})
777 777
778 778 log.debug('PLUGIN USER DATA: %s', plugin_user)
779 779
780 780 statsd = StatsdClient.statsd
781 781
782 782 if plugin_user:
783 783 log.debug('Plugin returned proper authentication data')
784 784 if statsd:
785 785 elapsed_time_ms = round(1000.0 * auth_time) # use ms only
786 786 statsd.incr('rhodecode_login_success_total')
787 787 statsd.timing("rhodecode_login_timing.histogram", elapsed_time_ms,
788 788 tags=["plugin:{}".format(plugin.get_id())],
789 789 use_decimals=False
790 790 )
791 791 return plugin_user
792 792
793 793 # we failed to Auth because .auth() method didn't return proper user
794 794 log.debug("User `%s` failed to authenticate against %s",
795 795 display_user, plugin.get_id())
796 796 if statsd:
797 797 statsd.incr('rhodecode_login_fail_total')
798 798
799 799 # case when we failed to authenticate against all defined plugins
800 800 return None
801 801
802 802
803 803 def chop_at(s, sub, inclusive=False):
804 804 """Truncate string ``s`` at the first occurrence of ``sub``.
805 805
806 806 If ``inclusive`` is true, truncate just after ``sub`` rather than at it.
807 807
808 808 >>> chop_at("plutocratic brats", "rat")
809 809 'plutoc'
810 810 >>> chop_at("plutocratic brats", "rat", True)
811 811 'plutocrat'
812 812 """
813 813 pos = s.find(sub)
814 814 if pos == -1:
815 815 return s
816 816 if inclusive:
817 817 return s[:pos+len(sub)]
818 818 return s[:pos]
Show file before | Show file after | Hide comments
@@ -1,839 +1,839 b''
1 1 # -*- coding: utf-8 -*-
2 2 """Utilities for writing code that runs on Python 2 and 3"""
3 3
4 4 # Copyright (c) 2010-2015 Benjamin Peterson
5 5 #
6 6 # Permission is hereby granted, free of charge, to any person obtaining a copy
7 7 # of this software and associated documentation files (the "Software"), to deal
8 8 # in the Software without restriction, including without limitation the rights
9 9 # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 10 # copies of the Software, and to permit persons to whom the Software is
11 11 # furnished to do so, subject to the following conditions:
12 12 #
13 13 # The above copyright notice and this permission notice shall be included in all
14 14 # copies or substantial portions of the Software.
15 15 #
16 16 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 17 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 18 # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19 19 # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 20 # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 21 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22 22 # SOFTWARE.
23 23
24 24
25 25
26 26 import functools
27 27 import itertools
28 28 import operator
29 29 import sys
30 30 import types
31 31
32 32 __author__ = "Benjamin Peterson <benjamin@python.org>"
33 33 __version__ = "1.9.0"
34 34
35 35
36 36 # Useful for very coarse version differentiation.
37 37 PY2 = sys.version_info[0] == 2
38 38 PY3 = sys.version_info[0] == 3
39 39
40 40 if PY3:
41 41 string_types = str,
42 42 integer_types = int,
43 43 class_types = type,
44 44 text_type = str
45 45 binary_type = bytes
46 46
47 47 MAXSIZE = sys.maxsize
48 48 else:
49 49 string_types = str,
50 integer_types = (int, long)
50 integer_types = int
51 51 class_types = (type, types.ClassType)
52 52 text_type = unicode
53 53 binary_type = str
54 54
55 55 if sys.platform.startswith("java"):
56 56 # Jython always uses 32 bits.
57 57 MAXSIZE = int((1 << 31) - 1)
58 58 else:
59 59 # It's possible to have sizeof(long) != sizeof(Py_ssize_t).
60 60 class X(object):
61 61 def __len__(self):
62 62 return 1 << 31
63 63 try:
64 64 len(X())
65 65 except OverflowError:
66 66 # 32-bit
67 67 MAXSIZE = int((1 << 31) - 1)
68 68 else:
69 69 # 64-bit
70 70 MAXSIZE = int((1 << 63) - 1)
71 71 del X
72 72
73 73
74 74 def _add_doc(func, doc):
75 75 """Add documentation to a function."""
76 76 func.__doc__ = doc
77 77
78 78
79 79 def _import_module(name):
80 80 """Import module, returning the module after the last dot."""
81 81 __import__(name)
82 82 return sys.modules[name]
83 83
84 84
85 85 class _LazyDescr(object):
86 86
87 87 def __init__(self, name):
88 88 self.name = name
89 89
90 90 def __get__(self, obj, tp):
91 91 result = self._resolve()
92 92 setattr(obj, self.name, result) # Invokes __set__.
93 93 try:
94 94 # This is a bit ugly, but it avoids running this again by
95 95 # removing this descriptor.
96 96 delattr(obj.__class__, self.name)
97 97 except AttributeError:
98 98 pass
99 99 return result
100 100
101 101
102 102 class MovedModule(_LazyDescr):
103 103
104 104 def __init__(self, name, old, new=None):
105 105 super(MovedModule, self).__init__(name)
106 106 if PY3:
107 107 if new is None:
108 108 new = name
109 109 self.mod = new
110 110 else:
111 111 self.mod = old
112 112
113 113 def _resolve(self):
114 114 return _import_module(self.mod)
115 115
116 116 def __getattr__(self, attr):
117 117 _module = self._resolve()
118 118 value = getattr(_module, attr)
119 119 setattr(self, attr, value)
120 120 return value
121 121
122 122
123 123 class _LazyModule(types.ModuleType):
124 124
125 125 def __init__(self, name):
126 126 super(_LazyModule, self).__init__(name)
127 127 self.__doc__ = self.__class__.__doc__
128 128
129 129 def __dir__(self):
130 130 attrs = ["__doc__", "__name__"]
131 131 attrs += [attr.name for attr in self._moved_attributes]
132 132 return attrs
133 133
134 134 # Subclasses should override this
135 135 _moved_attributes = []
136 136
137 137
138 138 class MovedAttribute(_LazyDescr):
139 139
140 140 def __init__(self, name, old_mod, new_mod, old_attr=None, new_attr=None):
141 141 super(MovedAttribute, self).__init__(name)
142 142 if PY3:
143 143 if new_mod is None:
144 144 new_mod = name
145 145 self.mod = new_mod
146 146 if new_attr is None:
147 147 if old_attr is None:
148 148 new_attr = name
149 149 else:
150 150 new_attr = old_attr
151 151 self.attr = new_attr
152 152 else:
153 153 self.mod = old_mod
154 154 if old_attr is None:
155 155 old_attr = name
156 156 self.attr = old_attr
157 157
158 158 def _resolve(self):
159 159 module = _import_module(self.mod)
160 160 return getattr(module, self.attr)
161 161
162 162
163 163 class _SixMetaPathImporter(object):
164 164 """
165 165 A meta path importer to import six.moves and its submodules.
166 166
167 167 This class implements a PEP302 finder and loader. It should be compatible
168 168 with Python 2.5 and all existing versions of Python3
169 169 """
170 170 def __init__(self, six_module_name):
171 171 self.name = six_module_name
172 172 self.known_modules = {}
173 173
174 174 def _add_module(self, mod, *fullnames):
175 175 for fullname in fullnames:
176 176 self.known_modules[self.name + "." + fullname] = mod
177 177
178 178 def _get_module(self, fullname):
179 179 return self.known_modules[self.name + "." + fullname]
180 180
181 181 def find_module(self, fullname, path=None):
182 182 if fullname in self.known_modules:
183 183 return self
184 184 return None
185 185
186 186 def __get_module(self, fullname):
187 187 try:
188 188 return self.known_modules[fullname]
189 189 except KeyError:
190 190 raise ImportError("This loader does not know module " + fullname)
191 191
192 192 def load_module(self, fullname):
193 193 try:
194 194 # in case of a reload
195 195 return sys.modules[fullname]
196 196 except KeyError:
197 197 pass
198 198 mod = self.__get_module(fullname)
199 199 if isinstance(mod, MovedModule):
200 200 mod = mod._resolve()
201 201 else:
202 202 mod.__loader__ = self
203 203 sys.modules[fullname] = mod
204 204 return mod
205 205
206 206 def is_package(self, fullname):
207 207 """
208 208 Return true, if the named module is a package.
209 209
210 210 We need this method to get correct spec objects with
211 211 Python 3.4 (see PEP451)
212 212 """
213 213 return hasattr(self.__get_module(fullname), "__path__")
214 214
215 215 def get_code(self, fullname):
216 216 """Return None
217 217
218 218 Required, if is_package is implemented"""
219 219 self.__get_module(fullname) # eventually raises ImportError
220 220 return None
221 221 get_source = get_code # same as get_code
222 222
223 223 _importer = _SixMetaPathImporter(__name__)
224 224
225 225
226 226 class _MovedItems(_LazyModule):
227 227 """Lazy loading of moved objects"""
228 228 __path__ = [] # mark as package
229 229
230 230
231 231 _moved_attributes = [
232 232 MovedAttribute("cStringIO", "cStringIO", "io", "StringIO"),
233 233 MovedAttribute("filter", "itertools", "builtins", "ifilter", "filter"),
234 234 MovedAttribute("filterfalse", "itertools", "itertools", "ifilterfalse", "filterfalse"),
235 235 MovedAttribute("input", "__builtin__", "builtins", "raw_input", "input"),
236 236 MovedAttribute("intern", "__builtin__", "sys"),
237 237 MovedAttribute("map", "itertools", "builtins", "imap", "map"),
238 238 MovedAttribute("range", "__builtin__", "builtins", "xrange", "range"),
239 239 MovedAttribute("reload_module", "__builtin__", "imp", "reload"),
240 240 MovedAttribute("reduce", "__builtin__", "functools"),
241 241 MovedAttribute("shlex_quote", "pipes", "shlex", "quote"),
242 242 MovedAttribute("StringIO", "StringIO", "io"),
243 243 MovedAttribute("UserDict", "UserDict", "collections"),
244 244 MovedAttribute("UserList", "UserList", "collections"),
245 245 MovedAttribute("UserString", "UserString", "collections"),
246 246 MovedAttribute("xrange", "__builtin__", "builtins", "xrange", "range"),
247 247 MovedAttribute("zip", "itertools", "builtins", "izip", "zip"),
248 248 MovedAttribute("zip_longest", "itertools", "itertools", "izip_longest", "zip_longest"),
249 249
250 250 MovedModule("builtins", "__builtin__"),
251 251 MovedModule("configparser", "ConfigParser"),
252 252 MovedModule("copyreg", "copy_reg"),
253 253 MovedModule("dbm_gnu", "gdbm", "dbm.gnu"),
254 254 MovedModule("_dummy_thread", "dummy_thread", "_dummy_thread"),
255 255 MovedModule("http_cookiejar", "cookielib", "http.cookiejar"),
256 256 MovedModule("http_cookies", "Cookie", "http.cookies"),
257 257 MovedModule("html_entities", "htmlentitydefs", "html.entities"),
258 258 MovedModule("html_parser", "HTMLParser", "html.parser"),
259 259 MovedModule("http_client", "httplib", "http.client"),
260 260 MovedModule("email_mime_multipart", "email.MIMEMultipart", "email.mime.multipart"),
261 261 MovedModule("email_mime_nonmultipart", "email.MIMENonMultipart", "email.mime.nonmultipart"),
262 262 MovedModule("email_mime_text", "email.MIMEText", "email.mime.text"),
263 263 MovedModule("email_mime_base", "email.MIMEBase", "email.mime.base"),
264 264 MovedModule("BaseHTTPServer", "BaseHTTPServer", "http.server"),
265 265 MovedModule("CGIHTTPServer", "CGIHTTPServer", "http.server"),
266 266 MovedModule("SimpleHTTPServer", "SimpleHTTPServer", "http.server"),
267 267 MovedModule("cPickle", "cPickle", "pickle"),
268 268 MovedModule("queue", "Queue"),
269 269 MovedModule("reprlib", "repr"),
270 270 MovedModule("socketserver", "SocketServer"),
271 271 MovedModule("_thread", "thread", "_thread"),
272 272 MovedModule("tkinter", "Tkinter"),
273 273 MovedModule("tkinter_dialog", "Dialog", "tkinter.dialog"),
274 274 MovedModule("tkinter_filedialog", "FileDialog", "tkinter.filedialog"),
275 275 MovedModule("tkinter_scrolledtext", "ScrolledText", "tkinter.scrolledtext"),
276 276 MovedModule("tkinter_simpledialog", "SimpleDialog", "tkinter.simpledialog"),
277 277 MovedModule("tkinter_tix", "Tix", "tkinter.tix"),
278 278 MovedModule("tkinter_ttk", "ttk", "tkinter.ttk"),
279 279 MovedModule("tkinter_constants", "Tkconstants", "tkinter.constants"),
280 280 MovedModule("tkinter_dnd", "Tkdnd", "tkinter.dnd"),
281 281 MovedModule("tkinter_colorchooser", "tkColorChooser",
282 282 "tkinter.colorchooser"),
283 283 MovedModule("tkinter_commondialog", "tkCommonDialog",
284 284 "tkinter.commondialog"),
285 285 MovedModule("tkinter_tkfiledialog", "tkFileDialog", "tkinter.filedialog"),
286 286 MovedModule("tkinter_font", "tkFont", "tkinter.font"),
287 287 MovedModule("tkinter_messagebox", "tkMessageBox", "tkinter.messagebox"),
288 288 MovedModule("tkinter_tksimpledialog", "tkSimpleDialog",
289 289 "tkinter.simpledialog"),
290 290 MovedModule("urllib_parse", __name__ + ".moves.urllib_parse", "urllib.parse"),
291 291 MovedModule("urllib_error", __name__ + ".moves.urllib_error", "urllib.error"),
292 292 MovedModule("urllib", __name__ + ".moves.urllib", __name__ + ".moves.urllib"),
293 293 MovedModule("urllib_robotparser", "robotparser", "urllib.robotparser"),
294 294 MovedModule("xmlrpc_client", "xmlrpclib", "xmlrpc.client"),
295 295 MovedModule("xmlrpc_server", "SimpleXMLRPCServer", "xmlrpc.server"),
296 296 MovedModule("winreg", "_winreg"),
297 297 ]
298 298 for attr in _moved_attributes:
299 299 setattr(_MovedItems, attr.name, attr)
300 300 if isinstance(attr, MovedModule):
301 301 _importer._add_module(attr, "moves." + attr.name)
302 302 del attr
303 303
304 304 _MovedItems._moved_attributes = _moved_attributes
305 305
306 306 moves = _MovedItems(__name__ + ".moves")
307 307 _importer._add_module(moves, "moves")
308 308
309 309
310 310 class Module_six_moves_urllib_parse(_LazyModule):
311 311 """Lazy loading of moved objects in six.moves.urllib_parse"""
312 312
313 313
314 314 _urllib_parse_moved_attributes = [
315 315 MovedAttribute("ParseResult", "urlparse", "urllib.parse"),
316 316 MovedAttribute("SplitResult", "urlparse", "urllib.parse"),
317 317 MovedAttribute("parse_qs", "urlparse", "urllib.parse"),
318 318 MovedAttribute("parse_qsl", "urlparse", "urllib.parse"),
319 319 MovedAttribute("urldefrag", "urlparse", "urllib.parse"),
320 320 MovedAttribute("urljoin", "urlparse", "urllib.parse"),
321 321 MovedAttribute("urlparse", "urlparse", "urllib.parse"),
322 322 MovedAttribute("urlsplit", "urlparse", "urllib.parse"),
323 323 MovedAttribute("urlunparse", "urlparse", "urllib.parse"),
324 324 MovedAttribute("urlunsplit", "urlparse", "urllib.parse"),
325 325 MovedAttribute("quote", "urllib", "urllib.parse"),
326 326 MovedAttribute("quote_plus", "urllib", "urllib.parse"),
327 327 MovedAttribute("unquote", "urllib", "urllib.parse"),
328 328 MovedAttribute("unquote_plus", "urllib", "urllib.parse"),
329 329 MovedAttribute("urlencode", "urllib", "urllib.parse"),
330 330 MovedAttribute("splitquery", "urllib", "urllib.parse"),
331 331 MovedAttribute("splittag", "urllib", "urllib.parse"),
332 332 MovedAttribute("splituser", "urllib", "urllib.parse"),
333 333 MovedAttribute("uses_fragment", "urlparse", "urllib.parse"),
334 334 MovedAttribute("uses_netloc", "urlparse", "urllib.parse"),
335 335 MovedAttribute("uses_params", "urlparse", "urllib.parse"),
336 336 MovedAttribute("uses_query", "urlparse", "urllib.parse"),
337 337 MovedAttribute("uses_relative", "urlparse", "urllib.parse"),
338 338 ]
339 339 for attr in _urllib_parse_moved_attributes:
340 340 setattr(Module_six_moves_urllib_parse, attr.name, attr)
341 341 del attr
342 342
343 343 Module_six_moves_urllib_parse._moved_attributes = _urllib_parse_moved_attributes
344 344
345 345 _importer._add_module(Module_six_moves_urllib_parse(__name__ + ".moves.urllib_parse"),
346 346 "moves.urllib_parse", "moves.urllib.parse")
347 347
348 348
349 349 class Module_six_moves_urllib_error(_LazyModule):
350 350 """Lazy loading of moved objects in six.moves.urllib_error"""
351 351
352 352
353 353 _urllib_error_moved_attributes = [
354 354 MovedAttribute("URLError", "urllib2", "urllib.error"),
355 355 MovedAttribute("HTTPError", "urllib2", "urllib.error"),
356 356 MovedAttribute("ContentTooShortError", "urllib", "urllib.error"),
357 357 ]
358 358 for attr in _urllib_error_moved_attributes:
359 359 setattr(Module_six_moves_urllib_error, attr.name, attr)
360 360 del attr
361 361
362 362 Module_six_moves_urllib_error._moved_attributes = _urllib_error_moved_attributes
363 363
364 364 _importer._add_module(Module_six_moves_urllib_error(__name__ + ".moves.urllib.error"),
365 365 "moves.urllib_error", "moves.urllib.error")
366 366
367 367
368 368 class Module_six_moves_urllib_request(_LazyModule):
369 369 """Lazy loading of moved objects in six.moves.urllib_request"""
370 370
371 371
372 372 _urllib_request_moved_attributes = [
373 373 MovedAttribute("urlopen", "urllib2", "urllib.request"),
374 374 MovedAttribute("install_opener", "urllib2", "urllib.request"),
375 375 MovedAttribute("build_opener", "urllib2", "urllib.request"),
376 376 MovedAttribute("pathname2url", "urllib", "urllib.request"),
377 377 MovedAttribute("url2pathname", "urllib", "urllib.request"),
378 378 MovedAttribute("getproxies", "urllib", "urllib.request"),
379 379 MovedAttribute("Request", "urllib2", "urllib.request"),
380 380 MovedAttribute("OpenerDirector", "urllib2", "urllib.request"),
381 381 MovedAttribute("HTTPDefaultErrorHandler", "urllib2", "urllib.request"),
382 382 MovedAttribute("HTTPRedirectHandler", "urllib2", "urllib.request"),
383 383 MovedAttribute("HTTPCookieProcessor", "urllib2", "urllib.request"),
384 384 MovedAttribute("ProxyHandler", "urllib2", "urllib.request"),
385 385 MovedAttribute("BaseHandler", "urllib2", "urllib.request"),
386 386 MovedAttribute("HTTPPasswordMgr", "urllib2", "urllib.request"),
387 387 MovedAttribute("HTTPPasswordMgrWithDefaultRealm", "urllib2", "urllib.request"),
388 388 MovedAttribute("AbstractBasicAuthHandler", "urllib2", "urllib.request"),
389 389 MovedAttribute("HTTPBasicAuthHandler", "urllib2", "urllib.request"),
390 390 MovedAttribute("ProxyBasicAuthHandler", "urllib2", "urllib.request"),
391 391 MovedAttribute("AbstractDigestAuthHandler", "urllib2", "urllib.request"),
392 392 MovedAttribute("HTTPDigestAuthHandler", "urllib2", "urllib.request"),
393 393 MovedAttribute("ProxyDigestAuthHandler", "urllib2", "urllib.request"),
394 394 MovedAttribute("HTTPHandler", "urllib2", "urllib.request"),
395 395 MovedAttribute("HTTPSHandler", "urllib2", "urllib.request"),
396 396 MovedAttribute("FileHandler", "urllib2", "urllib.request"),
397 397 MovedAttribute("FTPHandler", "urllib2", "urllib.request"),
398 398 MovedAttribute("CacheFTPHandler", "urllib2", "urllib.request"),
399 399 MovedAttribute("UnknownHandler", "urllib2", "urllib.request"),
400 400 MovedAttribute("HTTPErrorProcessor", "urllib2", "urllib.request"),
401 401 MovedAttribute("urlretrieve", "urllib", "urllib.request"),
402 402 MovedAttribute("urlcleanup", "urllib", "urllib.request"),
403 403 MovedAttribute("URLopener", "urllib", "urllib.request"),
404 404 MovedAttribute("FancyURLopener", "urllib", "urllib.request"),
405 405 MovedAttribute("proxy_bypass", "urllib", "urllib.request"),
406 406 ]
407 407 for attr in _urllib_request_moved_attributes:
408 408 setattr(Module_six_moves_urllib_request, attr.name, attr)
409 409 del attr
410 410
411 411 Module_six_moves_urllib_request._moved_attributes = _urllib_request_moved_attributes
412 412
413 413 _importer._add_module(Module_six_moves_urllib_request(__name__ + ".moves.urllib.request"),
414 414 "moves.urllib_request", "moves.urllib.request")
415 415
416 416
417 417 class Module_six_moves_urllib_response(_LazyModule):
418 418 """Lazy loading of moved objects in six.moves.urllib_response"""
419 419
420 420
421 421 _urllib_response_moved_attributes = [
422 422 MovedAttribute("addbase", "urllib", "urllib.response"),
423 423 MovedAttribute("addclosehook", "urllib", "urllib.response"),
424 424 MovedAttribute("addinfo", "urllib", "urllib.response"),
425 425 MovedAttribute("addinfourl", "urllib", "urllib.response"),
426 426 ]
427 427 for attr in _urllib_response_moved_attributes:
428 428 setattr(Module_six_moves_urllib_response, attr.name, attr)
429 429 del attr
430 430
431 431 Module_six_moves_urllib_response._moved_attributes = _urllib_response_moved_attributes
432 432
433 433 _importer._add_module(Module_six_moves_urllib_response(__name__ + ".moves.urllib.response"),
434 434 "moves.urllib_response", "moves.urllib.response")
435 435
436 436
437 437 class Module_six_moves_urllib_robotparser(_LazyModule):
438 438 """Lazy loading of moved objects in six.moves.urllib_robotparser"""
439 439
440 440
441 441 _urllib_robotparser_moved_attributes = [
442 442 MovedAttribute("RobotFileParser", "robotparser", "urllib.robotparser"),
443 443 ]
444 444 for attr in _urllib_robotparser_moved_attributes:
445 445 setattr(Module_six_moves_urllib_robotparser, attr.name, attr)
446 446 del attr
447 447
448 448 Module_six_moves_urllib_robotparser._moved_attributes = _urllib_robotparser_moved_attributes
449 449
450 450 _importer._add_module(Module_six_moves_urllib_robotparser(__name__ + ".moves.urllib.robotparser"),
451 451 "moves.urllib_robotparser", "moves.urllib.robotparser")
452 452
453 453
454 454 class Module_six_moves_urllib(types.ModuleType):
455 455 """Create a six.moves.urllib namespace that resembles the Python 3 namespace"""
456 456 __path__ = [] # mark as package
457 457 parse = _importer._get_module("moves.urllib_parse")
458 458 error = _importer._get_module("moves.urllib_error")
459 459 request = _importer._get_module("moves.urllib_request")
460 460 response = _importer._get_module("moves.urllib_response")
461 461 robotparser = _importer._get_module("moves.urllib_robotparser")
462 462
463 463 def __dir__(self):
464 464 return ['parse', 'error', 'request', 'response', 'robotparser']
465 465
466 466 _importer._add_module(Module_six_moves_urllib(__name__ + ".moves.urllib"),
467 467 "moves.urllib")
468 468
469 469
470 470 def add_move(move):
471 471 """Add an item to six.moves."""
472 472 setattr(_MovedItems, move.name, move)
473 473
474 474
475 475 def remove_move(name):
476 476 """Remove item from six.moves."""
477 477 try:
478 478 delattr(_MovedItems, name)
479 479 except AttributeError:
480 480 try:
481 481 del moves.__dict__[name]
482 482 except KeyError:
483 483 raise AttributeError("no such move, %r" % (name,))
484 484
485 485
486 486 if PY3:
487 487 _meth_func = "__func__"
488 488 _meth_self = "__self__"
489 489
490 490 _func_closure = "__closure__"
491 491 _func_code = "__code__"
492 492 _func_defaults = "__defaults__"
493 493 _func_globals = "__globals__"
494 494 else:
495 495 _meth_func = "im_func"
496 496 _meth_self = "im_self"
497 497
498 498 _func_closure = "func_closure"
499 499 _func_code = "func_code"
500 500 _func_defaults = "func_defaults"
501 501 _func_globals = "func_globals"
502 502
503 503
504 504 try:
505 505 advance_iterator = next
506 506 except NameError:
507 507 def advance_iterator(it):
508 508 return it.next()
509 509 next = advance_iterator
510 510
511 511
512 512 try:
513 513 callable = callable
514 514 except NameError:
515 515 def callable(obj):
516 516 return any("__call__" in klass.__dict__ for klass in type(obj).__mro__)
517 517
518 518
519 519 if PY3:
520 520 def get_unbound_function(unbound):
521 521 return unbound
522 522
523 523 create_bound_method = types.MethodType
524 524
525 525 Iterator = object
526 526 else:
527 527 def get_unbound_function(unbound):
528 528 return unbound.im_func
529 529
530 530 def create_bound_method(func, obj):
531 531 return types.MethodType(func, obj, obj.__class__)
532 532
533 533 class Iterator(object):
534 534
535 535 def next(self):
536 536 return type(self).__next__(self)
537 537
538 538 callable = callable
539 539 _add_doc(get_unbound_function,
540 540 """Get the function out of a possibly unbound function""")
541 541
542 542
543 543 get_method_function = operator.attrgetter(_meth_func)
544 544 get_method_self = operator.attrgetter(_meth_self)
545 545 get_function_closure = operator.attrgetter(_func_closure)
546 546 get_function_code = operator.attrgetter(_func_code)
547 547 get_function_defaults = operator.attrgetter(_func_defaults)
548 548 get_function_globals = operator.attrgetter(_func_globals)
549 549
550 550
551 551 if PY3:
552 552 def iterkeys(d, **kw):
553 553 return iter(d.keys(**kw))
554 554
555 555 def itervalues(d, **kw):
556 556 return iter(d.values(**kw))
557 557
558 558 def iteritems(d, **kw):
559 559 return iter(d.items(**kw))
560 560
561 561 def iterlists(d, **kw):
562 562 return iter(d.lists(**kw))
563 563
564 564 viewkeys = operator.methodcaller("keys")
565 565
566 566 viewvalues = operator.methodcaller("values")
567 567
568 568 viewitems = operator.methodcaller("items")
569 569 else:
570 570 def iterkeys(d, **kw):
571 571 return iter(d.iterkeys(**kw))
572 572
573 573 def itervalues(d, **kw):
574 574 return iter(d.itervalues(**kw))
575 575
576 576 def iteritems(d, **kw):
577 577 return iter(d.iteritems(**kw))
578 578
579 579 def iterlists(d, **kw):
580 580 return iter(d.iterlists(**kw))
581 581
582 582 viewkeys = operator.methodcaller("viewkeys")
583 583
584 584 viewvalues = operator.methodcaller("viewvalues")
585 585
586 586 viewitems = operator.methodcaller("viewitems")
587 587
588 588 _add_doc(iterkeys, "Return an iterator over the keys of a dictionary.")
589 589 _add_doc(itervalues, "Return an iterator over the values of a dictionary.")
590 590 _add_doc(iteritems,
591 591 "Return an iterator over the (key, value) pairs of a dictionary.")
592 592 _add_doc(iterlists,
593 593 "Return an iterator over the (key, [values]) pairs of a dictionary.")
594 594
595 595
596 596 if PY3:
597 597 def b(s):
598 598 return s.encode("latin-1")
599 599 def u(s):
600 600 return s
601 601 unichr = chr
602 602 if sys.version_info[1] <= 1:
603 603 def int2byte(i):
604 604 return bytes((i,))
605 605 else:
606 606 # This is about 2x faster than the implementation above on 3.2+
607 607 int2byte = operator.methodcaller("to_bytes", 1, "big")
608 608 byte2int = operator.itemgetter(0)
609 609 indexbytes = operator.getitem
610 610 iterbytes = iter
611 611 import io
612 612 StringIO = io.StringIO
613 613 BytesIO = io.BytesIO
614 614 _assertCountEqual = "assertCountEqual"
615 615 _assertRaisesRegex = "assertRaisesRegex"
616 616 _assertRegex = "assertRegex"
617 617 else:
618 618 def b(s):
619 619 return s
620 620 # Workaround for standalone backslash
621 621 def u(s):
622 622 return unicode(s.replace(r'\\', r'\\\\'), "unicode_escape")
623 623 unichr = unichr
624 624 int2byte = chr
625 625 def byte2int(bs):
626 626 return ord(bs[0])
627 627 def indexbytes(buf, i):
628 628 return ord(buf[i])
629 629 iterbytes = functools.partial(itertools.imap, ord)
630 630 from io import StringIO
631 631 StringIO = BytesIO = StringIO.StringIO
632 632 _assertCountEqual = "assertItemsEqual"
633 633 _assertRaisesRegex = "assertRaisesRegexp"
634 634 _assertRegex = "assertRegexpMatches"
635 635 _add_doc(b, """Byte literal""")
636 636 _add_doc(u, """Text literal""")
637 637
638 638
639 639 def assertCountEqual(self, *args, **kwargs):
640 640 return getattr(self, _assertCountEqual)(*args, **kwargs)
641 641
642 642
643 643 def assertRaisesRegex(self, *args, **kwargs):
644 644 return getattr(self, _assertRaisesRegex)(*args, **kwargs)
645 645
646 646
647 647 def assertRegex(self, *args, **kwargs):
648 648 return getattr(self, _assertRegex)(*args, **kwargs)
649 649
650 650
651 651 if PY3:
652 652 exec_ = getattr(moves.builtins, "exec")
653 653
654 654
655 655 def reraise(tp, value, tb=None):
656 656 if value is None:
657 657 value = tp()
658 658 if value.__traceback__ is not tb:
659 659 raise value.with_traceback(tb)
660 660 raise value
661 661
662 662 else:
663 663 def exec_(_code_, _globs_=None, _locs_=None):
664 664 """Execute code in a namespace."""
665 665 if _globs_ is None:
666 666 frame = sys._getframe(1)
667 667 _globs_ = frame.f_globals
668 668 if _locs_ is None:
669 669 _locs_ = frame.f_locals
670 670 del frame
671 671 elif _locs_ is None:
672 672 _locs_ = _globs_
673 673 exec("""exec _code_ in _globs_, _locs_""")
674 674
675 675
676 676 exec_("""def reraise(tp, value, tb=None):
677 677 raise tp, value, tb
678 678 """)
679 679
680 680
681 681 if sys.version_info[:2] == (3, 2):
682 682 exec_("""def raise_from(value, from_value):
683 683 if from_value is None:
684 684 raise value
685 685 raise value from from_value
686 686 """)
687 687 elif sys.version_info[:2] > (3, 2):
688 688 exec_("""def raise_from(value, from_value):
689 689 raise value from from_value
690 690 """)
691 691 else:
692 692 def raise_from(value, from_value):
693 693 raise value
694 694
695 695
696 696 print_ = getattr(moves.builtins, "print", None)
697 697 if print_ is None:
698 698 def print_(*args, **kwargs):
699 699 """The new-style print function for Python 2.4 and 2.5."""
700 700 fp = kwargs.pop("file", sys.stdout)
701 701 if fp is None:
702 702 return
703 703 def write(data):
704 704 if not isinstance(data, str):
705 705 data = str(data)
706 706 # If the file has an encoding, encode unicode with it.
707 707 if (isinstance(fp, file) and
708 708 isinstance(data, unicode) and
709 709 fp.encoding is not None):
710 710 errors = getattr(fp, "errors", None)
711 711 if errors is None:
712 712 errors = "strict"
713 713 data = data.encode(fp.encoding, errors)
714 714 fp.write(data)
715 715 want_unicode = False
716 716 sep = kwargs.pop("sep", None)
717 717 if sep is not None:
718 718 if isinstance(sep, unicode):
719 719 want_unicode = True
720 720 elif not isinstance(sep, str):
721 721 raise TypeError("sep must be None or a string")
722 722 end = kwargs.pop("end", None)
723 723 if end is not None:
724 724 if isinstance(end, unicode):
725 725 want_unicode = True
726 726 elif not isinstance(end, str):
727 727 raise TypeError("end must be None or a string")
728 728 if kwargs:
729 729 raise TypeError("invalid keyword arguments to print()")
730 730 if not want_unicode:
731 731 for arg in args:
732 732 if isinstance(arg, unicode):
733 733 want_unicode = True
734 734 break
735 735 if want_unicode:
736 736 newline = unicode("\n")
737 737 space = unicode(" ")
738 738 else:
739 739 newline = "\n"
740 740 space = " "
741 741 if sep is None:
742 742 sep = space
743 743 if end is None:
744 744 end = newline
745 745 for i, arg in enumerate(args):
746 746 if i:
747 747 write(sep)
748 748 write(arg)
749 749 write(end)
750 750 if sys.version_info[:2] < (3, 3):
751 751 _print = print_
752 752 def print_(*args, **kwargs):
753 753 fp = kwargs.get("file", sys.stdout)
754 754 flush = kwargs.pop("flush", False)
755 755 _print(*args, **kwargs)
756 756 if flush and fp is not None:
757 757 fp.flush()
758 758
759 759 _add_doc(reraise, """Reraise an exception.""")
760 760
761 761 if sys.version_info[0:2] < (3, 4):
762 762 def wraps(wrapped, assigned=functools.WRAPPER_ASSIGNMENTS,
763 763 updated=functools.WRAPPER_UPDATES):
764 764 def wrapper(f):
765 765 f = functools.wraps(wrapped, assigned, updated)(f)
766 766 f.__wrapped__ = wrapped
767 767 return f
768 768 return wrapper
769 769 else:
770 770 wraps = functools.wraps
771 771
772 772 def with_metaclass(meta, *bases):
773 773 """Create a base class with a metaclass."""
774 774 # This requires a bit of explanation: the basic idea is to make a dummy
775 775 # metaclass for one level of class instantiation that replaces itself with
776 776 # the actual metaclass.
777 777 class metaclass(meta):
778 778 def __new__(cls, name, this_bases, d):
779 779 return meta(name, bases, d)
780 780 return type.__new__(metaclass, 'temporary_class', (), {})
781 781
782 782
783 783 def add_metaclass(metaclass):
784 784 """Class decorator for creating a class with a metaclass."""
785 785 def wrapper(cls):
786 786 orig_vars = cls.__dict__.copy()
787 787 slots = orig_vars.get('__slots__')
788 788 if slots is not None:
789 789 if isinstance(slots, str):
790 790 slots = [slots]
791 791 for slots_var in slots:
792 792 orig_vars.pop(slots_var)
793 793 orig_vars.pop('__dict__', None)
794 794 orig_vars.pop('__weakref__', None)
795 795 return metaclass(cls.__name__, cls.__bases__, orig_vars)
796 796 return wrapper
797 797
798 798
799 799 def python_2_unicode_compatible(klass):
800 800 """
801 801 A decorator that defines __unicode__ and __str__ methods under Python 2.
802 802 Under Python 3 it does nothing.
803 803
804 804 To support Python 2 and 3 with a single code base, define a __str__ method
805 805 returning text and apply this decorator to the class.
806 806 """
807 807 if PY2:
808 808 if '__str__' not in klass.__dict__:
809 809 raise ValueError("@python_2_unicode_compatible cannot be applied "
810 810 "to %s because it doesn't define __str__()." %
811 811 klass.__name__)
812 812 klass.__unicode__ = klass.__str__
813 813 klass.__str__ = lambda self: self.__unicode__().encode('utf-8')
814 814 return klass
815 815
816 816
817 817 # Complete the moves implementation.
818 818 # This code is at the end of this module to speed up module loading.
819 819 # Turn this module into a package.
820 820 __path__ = [] # required for PEP 302 and PEP 451
821 821 __package__ = __name__ # see PEP 366 @ReservedAssignment
822 822 if globals().get("__spec__") is not None:
823 823 __spec__.submodule_search_locations = [] # PEP 451 @UndefinedVariable
824 824 # Remove other six meta path importers, since they cause problems. This can
825 825 # happen if six is removed from sys.modules and then reloaded. (Setuptools does
826 826 # this for some reason.)
827 827 if sys.meta_path:
828 828 for i, importer in enumerate(sys.meta_path):
829 829 # Here's some real nastiness: Another "instance" of the six module might
830 830 # be floating around. Therefore, we can't use isinstance() to check for
831 831 # the six meta path importer, since the other six instance will have
832 832 # inserted an importer with different class.
833 833 if (type(importer).__name__ == "_SixMetaPathImporter" and
834 834 importer.name == __name__):
835 835 del sys.meta_path[i]
836 836 break
837 837 del i, importer
838 838 # Finally, add the importer to the meta path import hook.
839 839 sys.meta_path.append(_importer)
Show file before | Show file after | Hide comments
@@ -1,4585 +1,4585 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2020 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 Database Models for RhodeCode Enterprise
23 23 """
24 24
25 25 import re
26 26 import os
27 27 import time
28 28 import hashlib
29 29 import logging
30 30 import datetime
31 31 import warnings
32 32 import ipaddress
33 33 import functools
34 34 import traceback
35 35 import collections
36 36
37 37 from sqlalchemy import (
38 38 or_, and_, not_, func, TypeDecorator, event,
39 39 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
40 40 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
41 41 Text, Float, PickleType)
42 42 from sqlalchemy.sql.expression import true, false
43 43 from sqlalchemy.sql.functions import coalesce, count # pragma: no cover
44 44 from sqlalchemy.orm import (
45 45 relationship, joinedload, class_mapper, validates, aliased)
46 46 from sqlalchemy.ext.declarative import declared_attr
47 47 from sqlalchemy.ext.hybrid import hybrid_property
48 48 from sqlalchemy.exc import IntegrityError # pragma: no cover
49 49 from sqlalchemy.dialects.mysql import LONGTEXT
50 50 from beaker.cache import cache_region
51 51 from zope.cachedescriptors.property import Lazy as LazyProperty
52 52 from pyramid.threadlocal import get_current_request
53 53
54 54 from rhodecode.translation import _
55 55 from rhodecode.lib.vcs import get_vcs_instance
56 56 from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
57 57 from rhodecode.lib.utils2 import (
58 58 str2bool, safe_str, get_commit_safe, safe_unicode, md5_safe,
59 59 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
60 60 glob2re, StrictAttributeDict, cleaned_uri)
61 61 from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \
62 62 JsonRaw
63 63 from rhodecode.lib.ext_json import json
64 64 from rhodecode.lib.caching_query import FromCache
65 65 from rhodecode.lib.encrypt import AESCipher
66 66
67 67 from rhodecode.model.meta import Base, Session
68 68
69 69 URL_SEP = '/'
70 70 log = logging.getLogger(__name__)
71 71
72 72 # =============================================================================
73 73 # BASE CLASSES
74 74 # =============================================================================
75 75
76 76 # this is propagated from .ini file rhodecode.encrypted_values.secret or
77 77 # beaker.session.secret if first is not set.
78 78 # and initialized at environment.py
79 79 ENCRYPTION_KEY = None
80 80
81 81 # used to sort permissions by types, '#' used here is not allowed to be in
82 82 # usernames, and it's very early in sorted string.printable table.
83 83 PERMISSION_TYPE_SORT = {
84 84 'admin': '####',
85 85 'write': '###',
86 86 'read': '##',
87 87 'none': '#',
88 88 }
89 89
90 90
91 91 def display_user_sort(obj):
92 92 """
93 93 Sort function used to sort permissions in .permissions() function of
94 94 Repository, RepoGroup, UserGroup. Also it put the default user in front
95 95 of all other resources
96 96 """
97 97
98 98 if obj.username == User.DEFAULT_USER:
99 99 return '#####'
100 100 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
101 101 return prefix + obj.username
102 102
103 103
104 104 def display_user_group_sort(obj):
105 105 """
106 106 Sort function used to sort permissions in .permissions() function of
107 107 Repository, RepoGroup, UserGroup. Also it put the default user in front
108 108 of all other resources
109 109 """
110 110
111 111 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
112 112 return prefix + obj.users_group_name
113 113
114 114
115 115 def _hash_key(k):
116 116 return md5_safe(k)
117 117
118 118
119 119 def in_filter_generator(qry, items, limit=500):
120 120 """
121 121 Splits IN() into multiple with OR
122 122 e.g.::
123 123 cnt = Repository.query().filter(
124 124 or_(
125 125 *in_filter_generator(Repository.repo_id, range(100000))
126 126 )).count()
127 127 """
128 128 if not items:
129 129 # empty list will cause empty query which might cause security issues
130 130 # this can lead to hidden unpleasant results
131 131 items = [-1]
132 132
133 133 parts = []
134 134 for chunk in range(0, len(items), limit):
135 135 parts.append(
136 136 qry.in_(items[chunk: chunk + limit])
137 137 )
138 138
139 139 return parts
140 140
141 141
142 142 class EncryptedTextValue(TypeDecorator):
143 143 """
144 144 Special column for encrypted long text data, use like::
145 145
146 146 value = Column("encrypted_value", EncryptedValue(), nullable=False)
147 147
148 148 This column is intelligent so if value is in unencrypted form it return
149 149 unencrypted form, but on save it always encrypts
150 150 """
151 151 impl = Text
152 152
153 153 def process_bind_param(self, value, dialect):
154 154 if not value:
155 155 return value
156 156 if value.startswith('enc$aes$') or value.startswith('enc$aes_hmac$'):
157 157 # protect against double encrypting if someone manually starts
158 158 # doing
159 159 raise ValueError('value needs to be in unencrypted format, ie. '
160 160 'not starting with enc$aes')
161 161 return 'enc$aes_hmac$%s' % AESCipher(
162 162 ENCRYPTION_KEY, hmac=True).encrypt(value)
163 163
164 164 def process_result_value(self, value, dialect):
165 165 import rhodecode
166 166
167 167 if not value:
168 168 return value
169 169
170 170 parts = value.split('$', 3)
171 171 if not len(parts) == 3:
172 172 # probably not encrypted values
173 173 return value
174 174 else:
175 175 if parts[0] != 'enc':
176 176 # parts ok but without our header ?
177 177 return value
178 178 enc_strict_mode = str2bool(rhodecode.CONFIG.get(
179 179 'rhodecode.encrypted_values.strict') or True)
180 180 # at that stage we know it's our encryption
181 181 if parts[1] == 'aes':
182 182 decrypted_data = AESCipher(ENCRYPTION_KEY).decrypt(parts[2])
183 183 elif parts[1] == 'aes_hmac':
184 184 decrypted_data = AESCipher(
185 185 ENCRYPTION_KEY, hmac=True,
186 186 strict_verification=enc_strict_mode).decrypt(parts[2])
187 187 else:
188 188 raise ValueError(
189 189 'Encryption type part is wrong, must be `aes` '
190 190 'or `aes_hmac`, got `%s` instead' % (parts[1]))
191 191 return decrypted_data
192 192
193 193
194 194 class BaseModel(object):
195 195 """
196 196 Base Model for all classes
197 197 """
198 198
199 199 @classmethod
200 200 def _get_keys(cls):
201 201 """return column names for this model """
202 202 return class_mapper(cls).c.keys()
203 203
204 204 def get_dict(self):
205 205 """
206 206 return dict with keys and values corresponding
207 207 to this model data """
208 208
209 209 d = {}
210 210 for k in self._get_keys():
211 211 d[k] = getattr(self, k)
212 212
213 213 # also use __json__() if present to get additional fields
214 214 _json_attr = getattr(self, '__json__', None)
215 215 if _json_attr:
216 216 # update with attributes from __json__
217 217 if callable(_json_attr):
218 218 _json_attr = _json_attr()
219 219 for k, val in _json_attr.items():
220 220 d[k] = val
221 221 return d
222 222
223 223 def get_appstruct(self):
224 224 """return list with keys and values tuples corresponding
225 225 to this model data """
226 226
227 227 lst = []
228 228 for k in self._get_keys():
229 229 lst.append((k, getattr(self, k),))
230 230 return lst
231 231
232 232 def populate_obj(self, populate_dict):
233 233 """populate model with data from given populate_dict"""
234 234
235 235 for k in self._get_keys():
236 236 if k in populate_dict:
237 237 setattr(self, k, populate_dict[k])
238 238
239 239 @classmethod
240 240 def query(cls):
241 241 return Session().query(cls)
242 242
243 243 @classmethod
244 244 def get(cls, id_):
245 245 if id_:
246 246 return cls.query().get(id_)
247 247
248 248 @classmethod
249 249 def get_or_404(cls, id_):
250 250 from pyramid.httpexceptions import HTTPNotFound
251 251
252 252 try:
253 253 id_ = int(id_)
254 254 except (TypeError, ValueError):
255 255 raise HTTPNotFound()
256 256
257 257 res = cls.query().get(id_)
258 258 if not res:
259 259 raise HTTPNotFound()
260 260 return res
261 261
262 262 @classmethod
263 263 def getAll(cls):
264 264 # deprecated and left for backward compatibility
265 265 return cls.get_all()
266 266
267 267 @classmethod
268 268 def get_all(cls):
269 269 return cls.query().all()
270 270
271 271 @classmethod
272 272 def delete(cls, id_):
273 273 obj = cls.query().get(id_)
274 274 Session().delete(obj)
275 275
276 276 @classmethod
277 277 def identity_cache(cls, session, attr_name, value):
278 278 exist_in_session = []
279 279 for (item_cls, pkey), instance in session.identity_map.items():
280 280 if cls == item_cls and getattr(instance, attr_name) == value:
281 281 exist_in_session.append(instance)
282 282 if exist_in_session:
283 283 if len(exist_in_session) == 1:
284 284 return exist_in_session[0]
285 285 log.exception(
286 286 'multiple objects with attr %s and '
287 287 'value %s found with same name: %r',
288 288 attr_name, value, exist_in_session)
289 289
290 290 def __repr__(self):
291 291 if hasattr(self, '__unicode__'):
292 292 # python repr needs to return str
293 293 try:
294 294 return safe_str(self.__unicode__())
295 295 except UnicodeDecodeError:
296 296 pass
297 297 return '<DB:%s>' % (self.__class__.__name__)
298 298
299 299
300 300 class RhodeCodeSetting(Base, BaseModel):
301 301 __tablename__ = 'rhodecode_settings'
302 302 __table_args__ = (
303 303 UniqueConstraint('app_settings_name'),
304 304 {'extend_existing': True, 'mysql_engine': 'InnoDB',
305 305 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
306 306 )
307 307
308 308 SETTINGS_TYPES = {
309 309 'str': safe_str,
310 310 'int': safe_int,
311 311 'unicode': safe_unicode,
312 312 'bool': str2bool,
313 313 'list': functools.partial(aslist, sep=',')
314 314 }
315 315 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
316 316 GLOBAL_CONF_KEY = 'app_settings'
317 317
318 318 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
319 319 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
320 320 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
321 321 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
322 322
323 323 def __init__(self, key='', val='', type='unicode'):
324 324 self.app_settings_name = key
325 325 self.app_settings_type = type
326 326 self.app_settings_value = val
327 327
328 328 @validates('_app_settings_value')
329 329 def validate_settings_value(self, key, val):
330 330 assert type(val) == unicode
331 331 return val
332 332
333 333 @hybrid_property
334 334 def app_settings_value(self):
335 335 v = self._app_settings_value
336 336 _type = self.app_settings_type
337 337 if _type:
338 338 _type = self.app_settings_type.split('.')[0]
339 339 # decode the encrypted value
340 340 if 'encrypted' in self.app_settings_type:
341 341 cipher = EncryptedTextValue()
342 342 v = safe_unicode(cipher.process_result_value(v, None))
343 343
344 344 converter = self.SETTINGS_TYPES.get(_type) or \
345 345 self.SETTINGS_TYPES['unicode']
346 346 return converter(v)
347 347
348 348 @app_settings_value.setter
349 349 def app_settings_value(self, val):
350 350 """
351 351 Setter that will always make sure we use unicode in app_settings_value
352 352
353 353 :param val:
354 354 """
355 355 val = safe_unicode(val)
356 356 # encode the encrypted value
357 357 if 'encrypted' in self.app_settings_type:
358 358 cipher = EncryptedTextValue()
359 359 val = safe_unicode(cipher.process_bind_param(val, None))
360 360 self._app_settings_value = val
361 361
362 362 @hybrid_property
363 363 def app_settings_type(self):
364 364 return self._app_settings_type
365 365
366 366 @app_settings_type.setter
367 367 def app_settings_type(self, val):
368 368 if val.split('.')[0] not in self.SETTINGS_TYPES:
369 369 raise Exception('type must be one of %s got %s'
370 370 % (self.SETTINGS_TYPES.keys(), val))
371 371 self._app_settings_type = val
372 372
373 373 def __unicode__(self):
374 374 return u"<%s('%s:%s[%s]')>" % (
375 375 self.__class__.__name__,
376 376 self.app_settings_name, self.app_settings_value,
377 377 self.app_settings_type
378 378 )
379 379
380 380
381 381 class RhodeCodeUi(Base, BaseModel):
382 382 __tablename__ = 'rhodecode_ui'
383 383 __table_args__ = (
384 384 UniqueConstraint('ui_key'),
385 385 {'extend_existing': True, 'mysql_engine': 'InnoDB',
386 386 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
387 387 )
388 388
389 389 HOOK_REPO_SIZE = 'changegroup.repo_size'
390 390 # HG
391 391 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
392 392 HOOK_PULL = 'outgoing.pull_logger'
393 393 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
394 394 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
395 395 HOOK_PUSH = 'changegroup.push_logger'
396 396 HOOK_PUSH_KEY = 'pushkey.key_push'
397 397
398 398 # TODO: johbo: Unify way how hooks are configured for git and hg,
399 399 # git part is currently hardcoded.
400 400
401 401 # SVN PATTERNS
402 402 SVN_BRANCH_ID = 'vcs_svn_branch'
403 403 SVN_TAG_ID = 'vcs_svn_tag'
404 404
405 405 ui_id = Column(
406 406 "ui_id", Integer(), nullable=False, unique=True, default=None,
407 407 primary_key=True)
408 408 ui_section = Column(
409 409 "ui_section", String(255), nullable=True, unique=None, default=None)
410 410 ui_key = Column(
411 411 "ui_key", String(255), nullable=True, unique=None, default=None)
412 412 ui_value = Column(
413 413 "ui_value", String(255), nullable=True, unique=None, default=None)
414 414 ui_active = Column(
415 415 "ui_active", Boolean(), nullable=True, unique=None, default=True)
416 416
417 417 def __repr__(self):
418 418 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
419 419 self.ui_key, self.ui_value)
420 420
421 421
422 422 class RepoRhodeCodeSetting(Base, BaseModel):
423 423 __tablename__ = 'repo_rhodecode_settings'
424 424 __table_args__ = (
425 425 UniqueConstraint(
426 426 'app_settings_name', 'repository_id',
427 427 name='uq_repo_rhodecode_setting_name_repo_id'),
428 428 {'extend_existing': True, 'mysql_engine': 'InnoDB',
429 429 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
430 430 )
431 431
432 432 repository_id = Column(
433 433 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
434 434 nullable=False)
435 435 app_settings_id = Column(
436 436 "app_settings_id", Integer(), nullable=False, unique=True,
437 437 default=None, primary_key=True)
438 438 app_settings_name = Column(
439 439 "app_settings_name", String(255), nullable=True, unique=None,
440 440 default=None)
441 441 _app_settings_value = Column(
442 442 "app_settings_value", String(4096), nullable=True, unique=None,
443 443 default=None)
444 444 _app_settings_type = Column(
445 445 "app_settings_type", String(255), nullable=True, unique=None,
446 446 default=None)
447 447
448 448 repository = relationship('Repository')
449 449
450 450 def __init__(self, repository_id, key='', val='', type='unicode'):
451 451 self.repository_id = repository_id
452 452 self.app_settings_name = key
453 453 self.app_settings_type = type
454 454 self.app_settings_value = val
455 455
456 456 @validates('_app_settings_value')
457 457 def validate_settings_value(self, key, val):
458 458 assert type(val) == unicode
459 459 return val
460 460
461 461 @hybrid_property
462 462 def app_settings_value(self):
463 463 v = self._app_settings_value
464 464 type_ = self.app_settings_type
465 465 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
466 466 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
467 467 return converter(v)
468 468
469 469 @app_settings_value.setter
470 470 def app_settings_value(self, val):
471 471 """
472 472 Setter that will always make sure we use unicode in app_settings_value
473 473
474 474 :param val:
475 475 """
476 476 self._app_settings_value = safe_unicode(val)
477 477
478 478 @hybrid_property
479 479 def app_settings_type(self):
480 480 return self._app_settings_type
481 481
482 482 @app_settings_type.setter
483 483 def app_settings_type(self, val):
484 484 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
485 485 if val not in SETTINGS_TYPES:
486 486 raise Exception('type must be one of %s got %s'
487 487 % (SETTINGS_TYPES.keys(), val))
488 488 self._app_settings_type = val
489 489
490 490 def __unicode__(self):
491 491 return u"<%s('%s:%s:%s[%s]')>" % (
492 492 self.__class__.__name__, self.repository.repo_name,
493 493 self.app_settings_name, self.app_settings_value,
494 494 self.app_settings_type
495 495 )
496 496
497 497
498 498 class RepoRhodeCodeUi(Base, BaseModel):
499 499 __tablename__ = 'repo_rhodecode_ui'
500 500 __table_args__ = (
501 501 UniqueConstraint(
502 502 'repository_id', 'ui_section', 'ui_key',
503 503 name='uq_repo_rhodecode_ui_repository_id_section_key'),
504 504 {'extend_existing': True, 'mysql_engine': 'InnoDB',
505 505 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
506 506 )
507 507
508 508 repository_id = Column(
509 509 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
510 510 nullable=False)
511 511 ui_id = Column(
512 512 "ui_id", Integer(), nullable=False, unique=True, default=None,
513 513 primary_key=True)
514 514 ui_section = Column(
515 515 "ui_section", String(255), nullable=True, unique=None, default=None)
516 516 ui_key = Column(
517 517 "ui_key", String(255), nullable=True, unique=None, default=None)
518 518 ui_value = Column(
519 519 "ui_value", String(255), nullable=True, unique=None, default=None)
520 520 ui_active = Column(
521 521 "ui_active", Boolean(), nullable=True, unique=None, default=True)
522 522
523 523 repository = relationship('Repository')
524 524
525 525 def __repr__(self):
526 526 return '<%s[%s:%s]%s=>%s]>' % (
527 527 self.__class__.__name__, self.repository.repo_name,
528 528 self.ui_section, self.ui_key, self.ui_value)
529 529
530 530
531 531 class User(Base, BaseModel):
532 532 __tablename__ = 'users'
533 533 __table_args__ = (
534 534 UniqueConstraint('username'), UniqueConstraint('email'),
535 535 Index('u_username_idx', 'username'),
536 536 Index('u_email_idx', 'email'),
537 537 {'extend_existing': True, 'mysql_engine': 'InnoDB',
538 538 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
539 539 )
540 540 DEFAULT_USER = 'default'
541 541 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
542 542 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
543 543
544 544 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
545 545 username = Column("username", String(255), nullable=True, unique=None, default=None)
546 546 password = Column("password", String(255), nullable=True, unique=None, default=None)
547 547 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
548 548 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
549 549 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
550 550 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
551 551 _email = Column("email", String(255), nullable=True, unique=None, default=None)
552 552 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
553 553 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
554 554
555 555 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
556 556 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
557 557 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
558 558 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
559 559 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
560 560 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
561 561
562 562 user_log = relationship('UserLog')
563 563 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
564 564
565 565 repositories = relationship('Repository')
566 566 repository_groups = relationship('RepoGroup')
567 567 user_groups = relationship('UserGroup')
568 568
569 569 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
570 570 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
571 571
572 572 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
573 573 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
574 574 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all')
575 575
576 576 group_member = relationship('UserGroupMember', cascade='all')
577 577
578 578 notifications = relationship('UserNotification', cascade='all')
579 579 # notifications assigned to this user
580 580 user_created_notifications = relationship('Notification', cascade='all')
581 581 # comments created by this user
582 582 user_comments = relationship('ChangesetComment', cascade='all')
583 583 # user profile extra info
584 584 user_emails = relationship('UserEmailMap', cascade='all')
585 585 user_ip_map = relationship('UserIpMap', cascade='all')
586 586 user_auth_tokens = relationship('UserApiKeys', cascade='all')
587 587 user_ssh_keys = relationship('UserSshKeys', cascade='all')
588 588
589 589 # gists
590 590 user_gists = relationship('Gist', cascade='all')
591 591 # user pull requests
592 592 user_pull_requests = relationship('PullRequest', cascade='all')
593 593 # external identities
594 594 extenal_identities = relationship(
595 595 'ExternalIdentity',
596 596 primaryjoin="User.user_id==ExternalIdentity.local_user_id",
597 597 cascade='all')
598 598 # review rules
599 599 user_review_rules = relationship('RepoReviewRuleUser', cascade='all')
600 600
601 601 def __unicode__(self):
602 602 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
603 603 self.user_id, self.username)
604 604
605 605 @hybrid_property
606 606 def email(self):
607 607 return self._email
608 608
609 609 @email.setter
610 610 def email(self, val):
611 611 self._email = val.lower() if val else None
612 612
613 613 @hybrid_property
614 614 def first_name(self):
615 615 from rhodecode.lib import helpers as h
616 616 if self.name:
617 617 return h.escape(self.name)
618 618 return self.name
619 619
620 620 @hybrid_property
621 621 def last_name(self):
622 622 from rhodecode.lib import helpers as h
623 623 if self.lastname:
624 624 return h.escape(self.lastname)
625 625 return self.lastname
626 626
627 627 @hybrid_property
628 628 def api_key(self):
629 629 """
630 630 Fetch if exist an auth-token with role ALL connected to this user
631 631 """
632 632 user_auth_token = UserApiKeys.query()\
633 633 .filter(UserApiKeys.user_id == self.user_id)\
634 634 .filter(or_(UserApiKeys.expires == -1,
635 635 UserApiKeys.expires >= time.time()))\
636 636 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
637 637 if user_auth_token:
638 638 user_auth_token = user_auth_token.api_key
639 639
640 640 return user_auth_token
641 641
642 642 @api_key.setter
643 643 def api_key(self, val):
644 644 # don't allow to set API key this is deprecated for now
645 645 self._api_key = None
646 646
647 647 @property
648 648 def reviewer_pull_requests(self):
649 649 return PullRequestReviewers.query() \
650 650 .options(joinedload(PullRequestReviewers.pull_request)) \
651 651 .filter(PullRequestReviewers.user_id == self.user_id) \
652 652 .all()
653 653
654 654 @property
655 655 def firstname(self):
656 656 # alias for future
657 657 return self.name
658 658
659 659 @property
660 660 def emails(self):
661 661 other = UserEmailMap.query()\
662 662 .filter(UserEmailMap.user == self) \
663 663 .order_by(UserEmailMap.email_id.asc()) \
664 664 .all()
665 665 return [self.email] + [x.email for x in other]
666 666
667 667 @property
668 668 def auth_tokens(self):
669 669 auth_tokens = self.get_auth_tokens()
670 670 return [x.api_key for x in auth_tokens]
671 671
672 672 def get_auth_tokens(self):
673 673 return UserApiKeys.query()\
674 674 .filter(UserApiKeys.user == self)\
675 675 .order_by(UserApiKeys.user_api_key_id.asc())\
676 676 .all()
677 677
678 678 @LazyProperty
679 679 def feed_token(self):
680 680 return self.get_feed_token()
681 681
682 682 def get_feed_token(self, cache=True):
683 683 feed_tokens = UserApiKeys.query()\
684 684 .filter(UserApiKeys.user == self)\
685 685 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
686 686 if cache:
687 687 feed_tokens = feed_tokens.options(
688 688 FromCache("long_term", "get_user_feed_token_%s" % self.user_id))
689 689
690 690 feed_tokens = feed_tokens.all()
691 691 if feed_tokens:
692 692 return feed_tokens[0].api_key
693 693 return 'NO_FEED_TOKEN_AVAILABLE'
694 694
695 695 @classmethod
696 696 def get(cls, user_id, cache=False):
697 697 if not user_id:
698 698 return
699 699
700 700 user = cls.query()
701 701 if cache:
702 702 user = user.options(
703 703 FromCache("sql_cache_short", "get_users_%s" % user_id))
704 704 return user.get(user_id)
705 705
706 706 @classmethod
707 707 def extra_valid_auth_tokens(cls, user, role=None):
708 708 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
709 709 .filter(or_(UserApiKeys.expires == -1,
710 710 UserApiKeys.expires >= time.time()))
711 711 if role:
712 712 tokens = tokens.filter(or_(UserApiKeys.role == role,
713 713 UserApiKeys.role == UserApiKeys.ROLE_ALL))
714 714 return tokens.all()
715 715
716 716 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
717 717 from rhodecode.lib import auth
718 718
719 719 log.debug('Trying to authenticate user: %s via auth-token, '
720 720 'and roles: %s', self, roles)
721 721
722 722 if not auth_token:
723 723 return False
724 724
725 725 crypto_backend = auth.crypto_backend()
726 726
727 727 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
728 728 tokens_q = UserApiKeys.query()\
729 729 .filter(UserApiKeys.user_id == self.user_id)\
730 730 .filter(or_(UserApiKeys.expires == -1,
731 731 UserApiKeys.expires >= time.time()))
732 732
733 733 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
734 734
735 735 plain_tokens = []
736 736 hash_tokens = []
737 737
738 738 for token in tokens_q.all():
739 739 # verify scope first
740 740 if token.repo_id:
741 741 # token has a scope, we need to verify it
742 742 if scope_repo_id != token.repo_id:
743 743 log.debug(
744 744 'Scope mismatch: token has a set repo scope: %s, '
745 745 'and calling scope is:%s, skipping further checks',
746 746 token.repo, scope_repo_id)
747 747 # token has a scope, and it doesn't match, skip token
748 748 continue
749 749
750 750 if token.api_key.startswith(crypto_backend.ENC_PREF):
751 751 hash_tokens.append(token.api_key)
752 752 else:
753 753 plain_tokens.append(token.api_key)
754 754
755 755 is_plain_match = auth_token in plain_tokens
756 756 if is_plain_match:
757 757 return True
758 758
759 759 for hashed in hash_tokens:
760 760 # TODO(marcink): this is expensive to calculate, but most secure
761 761 match = crypto_backend.hash_check(auth_token, hashed)
762 762 if match:
763 763 return True
764 764
765 765 return False
766 766
767 767 @property
768 768 def ip_addresses(self):
769 769 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
770 770 return [x.ip_addr for x in ret]
771 771
772 772 @property
773 773 def username_and_name(self):
774 774 return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
775 775
776 776 @property
777 777 def username_or_name_or_email(self):
778 778 full_name = self.full_name if self.full_name is not ' ' else None
779 779 return self.username or full_name or self.email
780 780
781 781 @property
782 782 def full_name(self):
783 783 return '%s %s' % (self.first_name, self.last_name)
784 784
785 785 @property
786 786 def full_name_or_username(self):
787 787 return ('%s %s' % (self.first_name, self.last_name)
788 788 if (self.first_name and self.last_name) else self.username)
789 789
790 790 @property
791 791 def full_contact(self):
792 792 return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
793 793
794 794 @property
795 795 def short_contact(self):
796 796 return '%s %s' % (self.first_name, self.last_name)
797 797
798 798 @property
799 799 def is_admin(self):
800 800 return self.admin
801 801
802 802 def AuthUser(self, **kwargs):
803 803 """
804 804 Returns instance of AuthUser for this user
805 805 """
806 806 from rhodecode.lib.auth import AuthUser
807 807 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
808 808
809 809 @hybrid_property
810 810 def user_data(self):
811 811 if not self._user_data:
812 812 return {}
813 813
814 814 try:
815 815 return json.loads(self._user_data)
816 816 except TypeError:
817 817 return {}
818 818
819 819 @user_data.setter
820 820 def user_data(self, val):
821 821 if not isinstance(val, dict):
822 822 raise Exception('user_data must be dict, got %s' % type(val))
823 823 try:
824 824 self._user_data = json.dumps(val)
825 825 except Exception:
826 826 log.error(traceback.format_exc())
827 827
828 828 @classmethod
829 829 def get_by_username(cls, username, case_insensitive=False,
830 830 cache=False, identity_cache=False):
831 831 session = Session()
832 832
833 833 if case_insensitive:
834 834 q = cls.query().filter(
835 835 func.lower(cls.username) == func.lower(username))
836 836 else:
837 837 q = cls.query().filter(cls.username == username)
838 838
839 839 if cache:
840 840 if identity_cache:
841 841 val = cls.identity_cache(session, 'username', username)
842 842 if val:
843 843 return val
844 844 else:
845 845 cache_key = "get_user_by_name_%s" % _hash_key(username)
846 846 q = q.options(
847 847 FromCache("sql_cache_short", cache_key))
848 848
849 849 return q.scalar()
850 850
851 851 @classmethod
852 852 def get_by_auth_token(cls, auth_token, cache=False):
853 853 q = UserApiKeys.query()\
854 854 .filter(UserApiKeys.api_key == auth_token)\
855 855 .filter(or_(UserApiKeys.expires == -1,
856 856 UserApiKeys.expires >= time.time()))
857 857 if cache:
858 858 q = q.options(
859 859 FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
860 860
861 861 match = q.first()
862 862 if match:
863 863 return match.user
864 864
865 865 @classmethod
866 866 def get_by_email(cls, email, case_insensitive=False, cache=False):
867 867
868 868 if case_insensitive:
869 869 q = cls.query().filter(func.lower(cls.email) == func.lower(email))
870 870
871 871 else:
872 872 q = cls.query().filter(cls.email == email)
873 873
874 874 email_key = _hash_key(email)
875 875 if cache:
876 876 q = q.options(
877 877 FromCache("sql_cache_short", "get_email_key_%s" % email_key))
878 878
879 879 ret = q.scalar()
880 880 if ret is None:
881 881 q = UserEmailMap.query()
882 882 # try fetching in alternate email map
883 883 if case_insensitive:
884 884 q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
885 885 else:
886 886 q = q.filter(UserEmailMap.email == email)
887 887 q = q.options(joinedload(UserEmailMap.user))
888 888 if cache:
889 889 q = q.options(
890 890 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
891 891 ret = getattr(q.scalar(), 'user', None)
892 892
893 893 return ret
894 894
895 895 @classmethod
896 896 def get_from_cs_author(cls, author):
897 897 """
898 898 Tries to get User objects out of commit author string
899 899
900 900 :param author:
901 901 """
902 902 from rhodecode.lib.helpers import email, author_name
903 903 # Valid email in the attribute passed, see if they're in the system
904 904 _email = email(author)
905 905 if _email:
906 906 user = cls.get_by_email(_email, case_insensitive=True)
907 907 if user:
908 908 return user
909 909 # Maybe we can match by username?
910 910 _author = author_name(author)
911 911 user = cls.get_by_username(_author, case_insensitive=True)
912 912 if user:
913 913 return user
914 914
915 915 def update_userdata(self, **kwargs):
916 916 usr = self
917 917 old = usr.user_data
918 918 old.update(**kwargs)
919 919 usr.user_data = old
920 920 Session().add(usr)
921 921 log.debug('updated userdata with ', kwargs)
922 922
923 923 def update_lastlogin(self):
924 924 """Update user lastlogin"""
925 925 self.last_login = datetime.datetime.now()
926 926 Session().add(self)
927 927 log.debug('updated user %s lastlogin', self.username)
928 928
929 929 def update_lastactivity(self):
930 930 """Update user lastactivity"""
931 931 self.last_activity = datetime.datetime.now()
932 932 Session().add(self)
933 933 log.debug('updated user `%s` last activity', self.username)
934 934
935 935 def update_password(self, new_password):
936 936 from rhodecode.lib.auth import get_crypt_password
937 937
938 938 self.password = get_crypt_password(new_password)
939 939 Session().add(self)
940 940
941 941 @classmethod
942 942 def get_first_super_admin(cls):
943 943 user = User.query().filter(User.admin == true()).first()
944 944 if user is None:
945 945 raise Exception('FATAL: Missing administrative account!')
946 946 return user
947 947
948 948 @classmethod
949 949 def get_all_super_admins(cls):
950 950 """
951 951 Returns all admin accounts sorted by username
952 952 """
953 953 return User.query().filter(User.admin == true())\
954 954 .order_by(User.username.asc()).all()
955 955
956 956 @classmethod
957 957 def get_default_user(cls, cache=False, refresh=False):
958 958 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
959 959 if user is None:
960 960 raise Exception('FATAL: Missing default account!')
961 961 if refresh:
962 962 # The default user might be based on outdated state which
963 963 # has been loaded from the cache.
964 964 # A call to refresh() ensures that the
965 965 # latest state from the database is used.
966 966 Session().refresh(user)
967 967 return user
968 968
969 969 def _get_default_perms(self, user, suffix=''):
970 970 from rhodecode.model.permission import PermissionModel
971 971 return PermissionModel().get_default_perms(user.user_perms, suffix)
972 972
973 973 def get_default_perms(self, suffix=''):
974 974 return self._get_default_perms(self, suffix)
975 975
976 976 def get_api_data(self, include_secrets=False, details='full'):
977 977 """
978 978 Common function for generating user related data for API
979 979
980 980 :param include_secrets: By default secrets in the API data will be replaced
981 981 by a placeholder value to prevent exposing this data by accident. In case
982 982 this data shall be exposed, set this flag to ``True``.
983 983
984 984 :param details: details can be 'basic|full' basic gives only a subset of
985 985 the available user information that includes user_id, name and emails.
986 986 """
987 987 user = self
988 988 user_data = self.user_data
989 989 data = {
990 990 'user_id': user.user_id,
991 991 'username': user.username,
992 992 'firstname': user.name,
993 993 'lastname': user.lastname,
994 994 'email': user.email,
995 995 'emails': user.emails,
996 996 }
997 997 if details == 'basic':
998 998 return data
999 999
1000 1000 auth_token_length = 40
1001 1001 auth_token_replacement = '*' * auth_token_length
1002 1002
1003 1003 extras = {
1004 1004 'auth_tokens': [auth_token_replacement],
1005 1005 'active': user.active,
1006 1006 'admin': user.admin,
1007 1007 'extern_type': user.extern_type,
1008 1008 'extern_name': user.extern_name,
1009 1009 'last_login': user.last_login,
1010 1010 'last_activity': user.last_activity,
1011 1011 'ip_addresses': user.ip_addresses,
1012 1012 'language': user_data.get('language')
1013 1013 }
1014 1014 data.update(extras)
1015 1015
1016 1016 if include_secrets:
1017 1017 data['auth_tokens'] = user.auth_tokens
1018 1018 return data
1019 1019
1020 1020 def __json__(self):
1021 1021 data = {
1022 1022 'full_name': self.full_name,
1023 1023 'full_name_or_username': self.full_name_or_username,
1024 1024 'short_contact': self.short_contact,
1025 1025 'full_contact': self.full_contact,
1026 1026 }
1027 1027 data.update(self.get_api_data())
1028 1028 return data
1029 1029
1030 1030
1031 1031 class UserApiKeys(Base, BaseModel):
1032 1032 __tablename__ = 'user_api_keys'
1033 1033 __table_args__ = (
1034 1034 Index('uak_api_key_idx', 'api_key', unique=True),
1035 1035 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1036 1036 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1037 1037 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1038 1038 )
1039 1039 __mapper_args__ = {}
1040 1040
1041 1041 # ApiKey role
1042 1042 ROLE_ALL = 'token_role_all'
1043 1043 ROLE_HTTP = 'token_role_http'
1044 1044 ROLE_VCS = 'token_role_vcs'
1045 1045 ROLE_API = 'token_role_api'
1046 1046 ROLE_FEED = 'token_role_feed'
1047 1047 ROLE_PASSWORD_RESET = 'token_password_reset'
1048 1048
1049 1049 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
1050 1050
1051 1051 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1052 1052 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1053 1053 api_key = Column("api_key", String(255), nullable=False, unique=True)
1054 1054 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1055 1055 expires = Column('expires', Float(53), nullable=False)
1056 1056 role = Column('role', String(255), nullable=True)
1057 1057 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1058 1058
1059 1059 # scope columns
1060 1060 repo_id = Column(
1061 1061 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1062 1062 nullable=True, unique=None, default=None)
1063 1063 repo = relationship('Repository', lazy='joined')
1064 1064
1065 1065 repo_group_id = Column(
1066 1066 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1067 1067 nullable=True, unique=None, default=None)
1068 1068 repo_group = relationship('RepoGroup', lazy='joined')
1069 1069
1070 1070 user = relationship('User', lazy='joined')
1071 1071
1072 1072 def __unicode__(self):
1073 1073 return u"<%s('%s')>" % (self.__class__.__name__, self.role)
1074 1074
1075 1075 def __json__(self):
1076 1076 data = {
1077 1077 'auth_token': self.api_key,
1078 1078 'role': self.role,
1079 1079 'scope': self.scope_humanized,
1080 1080 'expired': self.expired
1081 1081 }
1082 1082 return data
1083 1083
1084 1084 def get_api_data(self, include_secrets=False):
1085 1085 data = self.__json__()
1086 1086 if include_secrets:
1087 1087 return data
1088 1088 else:
1089 1089 data['auth_token'] = self.token_obfuscated
1090 1090 return data
1091 1091
1092 1092 @hybrid_property
1093 1093 def description_safe(self):
1094 1094 from rhodecode.lib import helpers as h
1095 1095 return h.escape(self.description)
1096 1096
1097 1097 @property
1098 1098 def expired(self):
1099 1099 if self.expires == -1:
1100 1100 return False
1101 1101 return time.time() > self.expires
1102 1102
1103 1103 @classmethod
1104 1104 def _get_role_name(cls, role):
1105 1105 return {
1106 1106 cls.ROLE_ALL: _('all'),
1107 1107 cls.ROLE_HTTP: _('http/web interface'),
1108 1108 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1109 1109 cls.ROLE_API: _('api calls'),
1110 1110 cls.ROLE_FEED: _('feed access'),
1111 1111 }.get(role, role)
1112 1112
1113 1113 @property
1114 1114 def role_humanized(self):
1115 1115 return self._get_role_name(self.role)
1116 1116
1117 1117 def _get_scope(self):
1118 1118 if self.repo:
1119 1119 return repr(self.repo)
1120 1120 if self.repo_group:
1121 1121 return repr(self.repo_group) + ' (recursive)'
1122 1122 return 'global'
1123 1123
1124 1124 @property
1125 1125 def scope_humanized(self):
1126 1126 return self._get_scope()
1127 1127
1128 1128 @property
1129 1129 def token_obfuscated(self):
1130 1130 if self.api_key:
1131 1131 return self.api_key[:4] + "****"
1132 1132
1133 1133
1134 1134 class UserEmailMap(Base, BaseModel):
1135 1135 __tablename__ = 'user_email_map'
1136 1136 __table_args__ = (
1137 1137 Index('uem_email_idx', 'email'),
1138 1138 UniqueConstraint('email'),
1139 1139 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1140 1140 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1141 1141 )
1142 1142 __mapper_args__ = {}
1143 1143
1144 1144 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1145 1145 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1146 1146 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1147 1147 user = relationship('User', lazy='joined')
1148 1148
1149 1149 @validates('_email')
1150 1150 def validate_email(self, key, email):
1151 1151 # check if this email is not main one
1152 1152 main_email = Session().query(User).filter(User.email == email).scalar()
1153 1153 if main_email is not None:
1154 1154 raise AttributeError('email %s is present is user table' % email)
1155 1155 return email
1156 1156
1157 1157 @hybrid_property
1158 1158 def email(self):
1159 1159 return self._email
1160 1160
1161 1161 @email.setter
1162 1162 def email(self, val):
1163 1163 self._email = val.lower() if val else None
1164 1164
1165 1165
1166 1166 class UserIpMap(Base, BaseModel):
1167 1167 __tablename__ = 'user_ip_map'
1168 1168 __table_args__ = (
1169 1169 UniqueConstraint('user_id', 'ip_addr'),
1170 1170 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1171 1171 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1172 1172 )
1173 1173 __mapper_args__ = {}
1174 1174
1175 1175 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1176 1176 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1177 1177 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1178 1178 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1179 1179 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1180 1180 user = relationship('User', lazy='joined')
1181 1181
1182 1182 @hybrid_property
1183 1183 def description_safe(self):
1184 1184 from rhodecode.lib import helpers as h
1185 1185 return h.escape(self.description)
1186 1186
1187 1187 @classmethod
1188 1188 def _get_ip_range(cls, ip_addr):
1189 1189 net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)
1190 1190 return [str(net.network_address), str(net.broadcast_address)]
1191 1191
1192 1192 def __json__(self):
1193 1193 return {
1194 1194 'ip_addr': self.ip_addr,
1195 1195 'ip_range': self._get_ip_range(self.ip_addr),
1196 1196 }
1197 1197
1198 1198 def __unicode__(self):
1199 1199 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1200 1200 self.user_id, self.ip_addr)
1201 1201
1202 1202
1203 1203 class UserSshKeys(Base, BaseModel):
1204 1204 __tablename__ = 'user_ssh_keys'
1205 1205 __table_args__ = (
1206 1206 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1207 1207
1208 1208 UniqueConstraint('ssh_key_fingerprint'),
1209 1209
1210 1210 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1211 1211 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1212 1212 )
1213 1213 __mapper_args__ = {}
1214 1214
1215 1215 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1216 1216 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1217 1217 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1218 1218
1219 1219 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1220 1220
1221 1221 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1222 1222 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1223 1223 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1224 1224
1225 1225 user = relationship('User', lazy='joined')
1226 1226
1227 1227 def __json__(self):
1228 1228 data = {
1229 1229 'ssh_fingerprint': self.ssh_key_fingerprint,
1230 1230 'description': self.description,
1231 1231 'created_on': self.created_on
1232 1232 }
1233 1233 return data
1234 1234
1235 1235 def get_api_data(self):
1236 1236 data = self.__json__()
1237 1237 return data
1238 1238
1239 1239
1240 1240 class UserLog(Base, BaseModel):
1241 1241 __tablename__ = 'user_logs'
1242 1242 __table_args__ = (
1243 1243 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1244 1244 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1245 1245 )
1246 1246 VERSION_1 = 'v1'
1247 1247 VERSION_2 = 'v2'
1248 1248 VERSIONS = [VERSION_1, VERSION_2]
1249 1249
1250 1250 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1251 1251 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1252 1252 username = Column("username", String(255), nullable=True, unique=None, default=None)
1253 1253 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1254 1254 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1255 1255 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1256 1256 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1257 1257 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1258 1258
1259 1259 version = Column("version", String(255), nullable=True, default=VERSION_1)
1260 1260 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1261 1261 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1262 1262
1263 1263 def __unicode__(self):
1264 1264 return u"<%s('id:%s:%s')>" % (
1265 1265 self.__class__.__name__, self.repository_name, self.action)
1266 1266
1267 1267 def __json__(self):
1268 1268 return {
1269 1269 'user_id': self.user_id,
1270 1270 'username': self.username,
1271 1271 'repository_id': self.repository_id,
1272 1272 'repository_name': self.repository_name,
1273 1273 'user_ip': self.user_ip,
1274 1274 'action_date': self.action_date,
1275 1275 'action': self.action,
1276 1276 }
1277 1277
1278 1278 @hybrid_property
1279 1279 def entry_id(self):
1280 1280 return self.user_log_id
1281 1281
1282 1282 @property
1283 1283 def action_as_day(self):
1284 1284 return datetime.date(*self.action_date.timetuple()[:3])
1285 1285
1286 1286 user = relationship('User')
1287 1287 repository = relationship('Repository', cascade='')
1288 1288
1289 1289
1290 1290 class UserGroup(Base, BaseModel):
1291 1291 __tablename__ = 'users_groups'
1292 1292 __table_args__ = (
1293 1293 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1294 1294 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1295 1295 )
1296 1296
1297 1297 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1298 1298 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1299 1299 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1300 1300 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1301 1301 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1302 1302 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1303 1303 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1304 1304 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1305 1305
1306 1306 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
1307 1307 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
1308 1308 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1309 1309 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
1310 1310 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
1311 1311 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
1312 1312
1313 1313 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')
1314 1314 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")
1315 1315
1316 1316 @classmethod
1317 1317 def _load_group_data(cls, column):
1318 1318 if not column:
1319 1319 return {}
1320 1320
1321 1321 try:
1322 1322 return json.loads(column) or {}
1323 1323 except TypeError:
1324 1324 return {}
1325 1325
1326 1326 @hybrid_property
1327 1327 def description_safe(self):
1328 1328 from rhodecode.lib import helpers as h
1329 1329 return h.escape(self.user_group_description)
1330 1330
1331 1331 @hybrid_property
1332 1332 def group_data(self):
1333 1333 return self._load_group_data(self._group_data)
1334 1334
1335 1335 @group_data.expression
1336 1336 def group_data(self, **kwargs):
1337 1337 return self._group_data
1338 1338
1339 1339 @group_data.setter
1340 1340 def group_data(self, val):
1341 1341 try:
1342 1342 self._group_data = json.dumps(val)
1343 1343 except Exception:
1344 1344 log.error(traceback.format_exc())
1345 1345
1346 1346 @classmethod
1347 1347 def _load_sync(cls, group_data):
1348 1348 if group_data:
1349 1349 return group_data.get('extern_type')
1350 1350
1351 1351 @property
1352 1352 def sync(self):
1353 1353 return self._load_sync(self.group_data)
1354 1354
1355 1355 def __unicode__(self):
1356 1356 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
1357 1357 self.users_group_id,
1358 1358 self.users_group_name)
1359 1359
1360 1360 @classmethod
1361 1361 def get_by_group_name(cls, group_name, cache=False,
1362 1362 case_insensitive=False):
1363 1363 if case_insensitive:
1364 1364 q = cls.query().filter(func.lower(cls.users_group_name) ==
1365 1365 func.lower(group_name))
1366 1366
1367 1367 else:
1368 1368 q = cls.query().filter(cls.users_group_name == group_name)
1369 1369 if cache:
1370 1370 q = q.options(
1371 1371 FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
1372 1372 return q.scalar()
1373 1373
1374 1374 @classmethod
1375 1375 def get(cls, user_group_id, cache=False):
1376 1376 if not user_group_id:
1377 1377 return
1378 1378
1379 1379 user_group = cls.query()
1380 1380 if cache:
1381 1381 user_group = user_group.options(
1382 1382 FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
1383 1383 return user_group.get(user_group_id)
1384 1384
1385 1385 def permissions(self, with_admins=True, with_owner=True):
1386 1386 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1387 1387 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1388 1388 joinedload(UserUserGroupToPerm.user),
1389 1389 joinedload(UserUserGroupToPerm.permission),)
1390 1390
1391 1391 # get owners and admins and permissions. We do a trick of re-writing
1392 1392 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1393 1393 # has a global reference and changing one object propagates to all
1394 1394 # others. This means if admin is also an owner admin_row that change
1395 1395 # would propagate to both objects
1396 1396 perm_rows = []
1397 1397 for _usr in q.all():
1398 1398 usr = AttributeDict(_usr.user.get_dict())
1399 1399 usr.permission = _usr.permission.permission_name
1400 1400 perm_rows.append(usr)
1401 1401
1402 1402 # filter the perm rows by 'default' first and then sort them by
1403 1403 # admin,write,read,none permissions sorted again alphabetically in
1404 1404 # each group
1405 1405 perm_rows = sorted(perm_rows, key=display_user_sort)
1406 1406
1407 1407 _admin_perm = 'usergroup.admin'
1408 1408 owner_row = []
1409 1409 if with_owner:
1410 1410 usr = AttributeDict(self.user.get_dict())
1411 1411 usr.owner_row = True
1412 1412 usr.permission = _admin_perm
1413 1413 owner_row.append(usr)
1414 1414
1415 1415 super_admin_rows = []
1416 1416 if with_admins:
1417 1417 for usr in User.get_all_super_admins():
1418 1418 # if this admin is also owner, don't double the record
1419 1419 if usr.user_id == owner_row[0].user_id:
1420 1420 owner_row[0].admin_row = True
1421 1421 else:
1422 1422 usr = AttributeDict(usr.get_dict())
1423 1423 usr.admin_row = True
1424 1424 usr.permission = _admin_perm
1425 1425 super_admin_rows.append(usr)
1426 1426
1427 1427 return super_admin_rows + owner_row + perm_rows
1428 1428
1429 1429 def permission_user_groups(self):
1430 1430 q = UserGroupUserGroupToPerm.query().filter(UserGroupUserGroupToPerm.target_user_group == self)
1431 1431 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1432 1432 joinedload(UserGroupUserGroupToPerm.target_user_group),
1433 1433 joinedload(UserGroupUserGroupToPerm.permission),)
1434 1434
1435 1435 perm_rows = []
1436 1436 for _user_group in q.all():
1437 1437 usr = AttributeDict(_user_group.user_group.get_dict())
1438 1438 usr.permission = _user_group.permission.permission_name
1439 1439 perm_rows.append(usr)
1440 1440
1441 1441 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1442 1442 return perm_rows
1443 1443
1444 1444 def _get_default_perms(self, user_group, suffix=''):
1445 1445 from rhodecode.model.permission import PermissionModel
1446 1446 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1447 1447
1448 1448 def get_default_perms(self, suffix=''):
1449 1449 return self._get_default_perms(self, suffix)
1450 1450
1451 1451 def get_api_data(self, with_group_members=True, include_secrets=False):
1452 1452 """
1453 1453 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1454 1454 basically forwarded.
1455 1455
1456 1456 """
1457 1457 user_group = self
1458 1458 data = {
1459 1459 'users_group_id': user_group.users_group_id,
1460 1460 'group_name': user_group.users_group_name,
1461 1461 'group_description': user_group.user_group_description,
1462 1462 'active': user_group.users_group_active,
1463 1463 'owner': user_group.user.username,
1464 1464 'sync': user_group.sync,
1465 1465 'owner_email': user_group.user.email,
1466 1466 }
1467 1467
1468 1468 if with_group_members:
1469 1469 users = []
1470 1470 for user in user_group.members:
1471 1471 user = user.user
1472 1472 users.append(user.get_api_data(include_secrets=include_secrets))
1473 1473 data['users'] = users
1474 1474
1475 1475 return data
1476 1476
1477 1477
1478 1478 class UserGroupMember(Base, BaseModel):
1479 1479 __tablename__ = 'users_groups_members'
1480 1480 __table_args__ = (
1481 1481 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1482 1482 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1483 1483 )
1484 1484
1485 1485 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1486 1486 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1487 1487 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1488 1488
1489 1489 user = relationship('User', lazy='joined')
1490 1490 users_group = relationship('UserGroup')
1491 1491
1492 1492 def __init__(self, gr_id='', u_id=''):
1493 1493 self.users_group_id = gr_id
1494 1494 self.user_id = u_id
1495 1495
1496 1496
1497 1497 class RepositoryField(Base, BaseModel):
1498 1498 __tablename__ = 'repositories_fields'
1499 1499 __table_args__ = (
1500 1500 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1501 1501 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1502 1502 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1503 1503 )
1504 1504 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1505 1505
1506 1506 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1507 1507 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1508 1508 field_key = Column("field_key", String(250))
1509 1509 field_label = Column("field_label", String(1024), nullable=False)
1510 1510 field_value = Column("field_value", String(10000), nullable=False)
1511 1511 field_desc = Column("field_desc", String(1024), nullable=False)
1512 1512 field_type = Column("field_type", String(255), nullable=False, unique=None)
1513 1513 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1514 1514
1515 1515 repository = relationship('Repository')
1516 1516
1517 1517 @property
1518 1518 def field_key_prefixed(self):
1519 1519 return 'ex_%s' % self.field_key
1520 1520
1521 1521 @classmethod
1522 1522 def un_prefix_key(cls, key):
1523 1523 if key.startswith(cls.PREFIX):
1524 1524 return key[len(cls.PREFIX):]
1525 1525 return key
1526 1526
1527 1527 @classmethod
1528 1528 def get_by_key_name(cls, key, repo):
1529 1529 row = cls.query()\
1530 1530 .filter(cls.repository == repo)\
1531 1531 .filter(cls.field_key == key).scalar()
1532 1532 return row
1533 1533
1534 1534
1535 1535 class Repository(Base, BaseModel):
1536 1536 __tablename__ = 'repositories'
1537 1537 __table_args__ = (
1538 1538 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1539 1539 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1540 1540 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1541 1541 )
1542 1542 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1543 1543 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1544 1544 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1545 1545
1546 1546 STATE_CREATED = 'repo_state_created'
1547 1547 STATE_PENDING = 'repo_state_pending'
1548 1548 STATE_ERROR = 'repo_state_error'
1549 1549
1550 1550 LOCK_AUTOMATIC = 'lock_auto'
1551 1551 LOCK_API = 'lock_api'
1552 1552 LOCK_WEB = 'lock_web'
1553 1553 LOCK_PULL = 'lock_pull'
1554 1554
1555 1555 NAME_SEP = URL_SEP
1556 1556
1557 1557 repo_id = Column(
1558 1558 "repo_id", Integer(), nullable=False, unique=True, default=None,
1559 1559 primary_key=True)
1560 1560 _repo_name = Column(
1561 1561 "repo_name", Text(), nullable=False, default=None)
1562 1562 _repo_name_hash = Column(
1563 1563 "repo_name_hash", String(255), nullable=False, unique=True)
1564 1564 repo_state = Column("repo_state", String(255), nullable=True)
1565 1565
1566 1566 clone_uri = Column(
1567 1567 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1568 1568 default=None)
1569 1569 push_uri = Column(
1570 1570 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1571 1571 default=None)
1572 1572 repo_type = Column(
1573 1573 "repo_type", String(255), nullable=False, unique=False, default=None)
1574 1574 user_id = Column(
1575 1575 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1576 1576 unique=False, default=None)
1577 1577 private = Column(
1578 1578 "private", Boolean(), nullable=True, unique=None, default=None)
1579 1579 enable_statistics = Column(
1580 1580 "statistics", Boolean(), nullable=True, unique=None, default=True)
1581 1581 enable_downloads = Column(
1582 1582 "downloads", Boolean(), nullable=True, unique=None, default=True)
1583 1583 description = Column(
1584 1584 "description", String(10000), nullable=True, unique=None, default=None)
1585 1585 created_on = Column(
1586 1586 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1587 1587 default=datetime.datetime.now)
1588 1588 updated_on = Column(
1589 1589 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1590 1590 default=datetime.datetime.now)
1591 1591 _landing_revision = Column(
1592 1592 "landing_revision", String(255), nullable=False, unique=False,
1593 1593 default=None)
1594 1594 enable_locking = Column(
1595 1595 "enable_locking", Boolean(), nullable=False, unique=None,
1596 1596 default=False)
1597 1597 _locked = Column(
1598 1598 "locked", String(255), nullable=True, unique=False, default=None)
1599 1599 _changeset_cache = Column(
1600 1600 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1601 1601
1602 1602 fork_id = Column(
1603 1603 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1604 1604 nullable=True, unique=False, default=None)
1605 1605 group_id = Column(
1606 1606 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1607 1607 unique=False, default=None)
1608 1608
1609 1609 user = relationship('User', lazy='joined')
1610 1610 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1611 1611 group = relationship('RepoGroup', lazy='joined')
1612 1612 repo_to_perm = relationship(
1613 1613 'UserRepoToPerm', cascade='all',
1614 1614 order_by='UserRepoToPerm.repo_to_perm_id')
1615 1615 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1616 1616 stats = relationship('Statistics', cascade='all', uselist=False)
1617 1617
1618 1618 followers = relationship(
1619 1619 'UserFollowing',
1620 1620 primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
1621 1621 cascade='all')
1622 1622 extra_fields = relationship(
1623 1623 'RepositoryField', cascade="all, delete, delete-orphan")
1624 1624 logs = relationship('UserLog')
1625 1625 comments = relationship(
1626 1626 'ChangesetComment', cascade="all, delete, delete-orphan")
1627 1627 pull_requests_source = relationship(
1628 1628 'PullRequest',
1629 1629 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1630 1630 cascade="all, delete, delete-orphan")
1631 1631 pull_requests_target = relationship(
1632 1632 'PullRequest',
1633 1633 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1634 1634 cascade="all, delete, delete-orphan")
1635 1635 ui = relationship('RepoRhodeCodeUi', cascade="all")
1636 1636 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1637 1637 integrations = relationship('Integration',
1638 1638 cascade="all, delete, delete-orphan")
1639 1639
1640 1640 scoped_tokens = relationship('UserApiKeys', cascade="all")
1641 1641
1642 1642 def __unicode__(self):
1643 1643 return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
1644 1644 safe_unicode(self.repo_name))
1645 1645
1646 1646 @hybrid_property
1647 1647 def description_safe(self):
1648 1648 from rhodecode.lib import helpers as h
1649 1649 return h.escape(self.description)
1650 1650
1651 1651 @hybrid_property
1652 1652 def landing_rev(self):
1653 1653 # always should return [rev_type, rev]
1654 1654 if self._landing_revision:
1655 1655 _rev_info = self._landing_revision.split(':')
1656 1656 if len(_rev_info) < 2:
1657 1657 _rev_info.insert(0, 'rev')
1658 1658 return [_rev_info[0], _rev_info[1]]
1659 1659 return [None, None]
1660 1660
1661 1661 @landing_rev.setter
1662 1662 def landing_rev(self, val):
1663 1663 if ':' not in val:
1664 1664 raise ValueError('value must be delimited with `:` and consist '
1665 1665 'of <rev_type>:<rev>, got %s instead' % val)
1666 1666 self._landing_revision = val
1667 1667
1668 1668 @hybrid_property
1669 1669 def locked(self):
1670 1670 if self._locked:
1671 1671 user_id, timelocked, reason = self._locked.split(':')
1672 1672 lock_values = int(user_id), timelocked, reason
1673 1673 else:
1674 1674 lock_values = [None, None, None]
1675 1675 return lock_values
1676 1676
1677 1677 @locked.setter
1678 1678 def locked(self, val):
1679 1679 if val and isinstance(val, (list, tuple)):
1680 1680 self._locked = ':'.join(map(str, val))
1681 1681 else:
1682 1682 self._locked = None
1683 1683
1684 1684 @hybrid_property
1685 1685 def changeset_cache(self):
1686 1686 from rhodecode.lib.vcs.backends.base import EmptyCommit
1687 1687 dummy = EmptyCommit().__json__()
1688 1688 if not self._changeset_cache:
1689 1689 return dummy
1690 1690 try:
1691 1691 return json.loads(self._changeset_cache)
1692 1692 except TypeError:
1693 1693 return dummy
1694 1694 except Exception:
1695 1695 log.error(traceback.format_exc())
1696 1696 return dummy
1697 1697
1698 1698 @changeset_cache.setter
1699 1699 def changeset_cache(self, val):
1700 1700 try:
1701 1701 self._changeset_cache = json.dumps(val)
1702 1702 except Exception:
1703 1703 log.error(traceback.format_exc())
1704 1704
1705 1705 @hybrid_property
1706 1706 def repo_name(self):
1707 1707 return self._repo_name
1708 1708
1709 1709 @repo_name.setter
1710 1710 def repo_name(self, value):
1711 1711 self._repo_name = value
1712 1712 self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
1713 1713
1714 1714 @classmethod
1715 1715 def normalize_repo_name(cls, repo_name):
1716 1716 """
1717 1717 Normalizes os specific repo_name to the format internally stored inside
1718 1718 database using URL_SEP
1719 1719
1720 1720 :param cls:
1721 1721 :param repo_name:
1722 1722 """
1723 1723 return cls.NAME_SEP.join(repo_name.split(os.sep))
1724 1724
1725 1725 @classmethod
1726 1726 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1727 1727 session = Session()
1728 1728 q = session.query(cls).filter(cls.repo_name == repo_name)
1729 1729
1730 1730 if cache:
1731 1731 if identity_cache:
1732 1732 val = cls.identity_cache(session, 'repo_name', repo_name)
1733 1733 if val:
1734 1734 return val
1735 1735 else:
1736 1736 cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
1737 1737 q = q.options(
1738 1738 FromCache("sql_cache_short", cache_key))
1739 1739
1740 1740 return q.scalar()
1741 1741
1742 1742 @classmethod
1743 1743 def get_by_id_or_repo_name(cls, repoid):
1744 if isinstance(repoid, (int, long)):
1744 if isinstance(repoid, int):
1745 1745 try:
1746 1746 repo = cls.get(repoid)
1747 1747 except ValueError:
1748 1748 repo = None
1749 1749 else:
1750 1750 repo = cls.get_by_repo_name(repoid)
1751 1751 return repo
1752 1752
1753 1753 @classmethod
1754 1754 def get_by_full_path(cls, repo_full_path):
1755 1755 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1756 1756 repo_name = cls.normalize_repo_name(repo_name)
1757 1757 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1758 1758
1759 1759 @classmethod
1760 1760 def get_repo_forks(cls, repo_id):
1761 1761 return cls.query().filter(Repository.fork_id == repo_id)
1762 1762
1763 1763 @classmethod
1764 1764 def base_path(cls):
1765 1765 """
1766 1766 Returns base path when all repos are stored
1767 1767
1768 1768 :param cls:
1769 1769 """
1770 1770 q = Session().query(RhodeCodeUi)\
1771 1771 .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
1772 1772 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1773 1773 return q.one().ui_value
1774 1774
1775 1775 @classmethod
1776 1776 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1777 1777 case_insensitive=True):
1778 1778 q = Repository.query()
1779 1779
1780 1780 if not isinstance(user_id, Optional):
1781 1781 q = q.filter(Repository.user_id == user_id)
1782 1782
1783 1783 if not isinstance(group_id, Optional):
1784 1784 q = q.filter(Repository.group_id == group_id)
1785 1785
1786 1786 if case_insensitive:
1787 1787 q = q.order_by(func.lower(Repository.repo_name))
1788 1788 else:
1789 1789 q = q.order_by(Repository.repo_name)
1790 1790 return q.all()
1791 1791
1792 1792 @property
1793 1793 def forks(self):
1794 1794 """
1795 1795 Return forks of this repo
1796 1796 """
1797 1797 return Repository.get_repo_forks(self.repo_id)
1798 1798
1799 1799 @property
1800 1800 def parent(self):
1801 1801 """
1802 1802 Returns fork parent
1803 1803 """
1804 1804 return self.fork
1805 1805
1806 1806 @property
1807 1807 def just_name(self):
1808 1808 return self.repo_name.split(self.NAME_SEP)[-1]
1809 1809
1810 1810 @property
1811 1811 def groups_with_parents(self):
1812 1812 groups = []
1813 1813 if self.group is None:
1814 1814 return groups
1815 1815
1816 1816 cur_gr = self.group
1817 1817 groups.insert(0, cur_gr)
1818 1818 while 1:
1819 1819 gr = getattr(cur_gr, 'parent_group', None)
1820 1820 cur_gr = cur_gr.parent_group
1821 1821 if gr is None:
1822 1822 break
1823 1823 groups.insert(0, gr)
1824 1824
1825 1825 return groups
1826 1826
1827 1827 @property
1828 1828 def groups_and_repo(self):
1829 1829 return self.groups_with_parents, self
1830 1830
1831 1831 @LazyProperty
1832 1832 def repo_path(self):
1833 1833 """
1834 1834 Returns base full path for that repository means where it actually
1835 1835 exists on a filesystem
1836 1836 """
1837 1837 q = Session().query(RhodeCodeUi).filter(
1838 1838 RhodeCodeUi.ui_key == self.NAME_SEP)
1839 1839 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1840 1840 return q.one().ui_value
1841 1841
1842 1842 @property
1843 1843 def repo_full_path(self):
1844 1844 p = [self.repo_path]
1845 1845 # we need to split the name by / since this is how we store the
1846 1846 # names in the database, but that eventually needs to be converted
1847 1847 # into a valid system path
1848 1848 p += self.repo_name.split(self.NAME_SEP)
1849 1849 return os.path.join(*map(safe_unicode, p))
1850 1850
1851 1851 @property
1852 1852 def cache_keys(self):
1853 1853 """
1854 1854 Returns associated cache keys for that repo
1855 1855 """
1856 1856 return CacheKey.query()\
1857 1857 .filter(CacheKey.cache_args == self.repo_name)\
1858 1858 .order_by(CacheKey.cache_key)\
1859 1859 .all()
1860 1860
1861 1861 @property
1862 1862 def cached_diffs_relative_dir(self):
1863 1863 """
1864 1864 Return a relative to the repository store path of cached diffs
1865 1865 used for safe display for users, who shouldn't know the absolute store
1866 1866 path
1867 1867 """
1868 1868 return os.path.join(
1869 1869 os.path.dirname(self.repo_name),
1870 1870 self.cached_diffs_dir.split(os.path.sep)[-1])
1871 1871
1872 1872 @property
1873 1873 def cached_diffs_dir(self):
1874 1874 path = self.repo_full_path
1875 1875 return os.path.join(
1876 1876 os.path.dirname(path),
1877 1877 '.__shadow_diff_cache_repo_{}'.format(self.repo_id))
1878 1878
1879 1879 def cached_diffs(self):
1880 1880 diff_cache_dir = self.cached_diffs_dir
1881 1881 if os.path.isdir(diff_cache_dir):
1882 1882 return os.listdir(diff_cache_dir)
1883 1883 return []
1884 1884
1885 1885 def get_new_name(self, repo_name):
1886 1886 """
1887 1887 returns new full repository name based on assigned group and new new
1888 1888
1889 1889 :param group_name:
1890 1890 """
1891 1891 path_prefix = self.group.full_path_splitted if self.group else []
1892 1892 return self.NAME_SEP.join(path_prefix + [repo_name])
1893 1893
1894 1894 @property
1895 1895 def _config(self):
1896 1896 """
1897 1897 Returns db based config object.
1898 1898 """
1899 1899 from rhodecode.lib.utils import make_db_config
1900 1900 return make_db_config(clear_session=False, repo=self)
1901 1901
1902 1902 def permissions(self, with_admins=True, with_owner=True):
1903 1903 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
1904 1904 q = q.options(joinedload(UserRepoToPerm.repository),
1905 1905 joinedload(UserRepoToPerm.user),
1906 1906 joinedload(UserRepoToPerm.permission),)
1907 1907
1908 1908 # get owners and admins and permissions. We do a trick of re-writing
1909 1909 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1910 1910 # has a global reference and changing one object propagates to all
1911 1911 # others. This means if admin is also an owner admin_row that change
1912 1912 # would propagate to both objects
1913 1913 perm_rows = []
1914 1914 for _usr in q.all():
1915 1915 usr = AttributeDict(_usr.user.get_dict())
1916 1916 usr.permission = _usr.permission.permission_name
1917 1917 usr.permission_id = _usr.repo_to_perm_id
1918 1918 perm_rows.append(usr)
1919 1919
1920 1920 # filter the perm rows by 'default' first and then sort them by
1921 1921 # admin,write,read,none permissions sorted again alphabetically in
1922 1922 # each group
1923 1923 perm_rows = sorted(perm_rows, key=display_user_sort)
1924 1924
1925 1925 _admin_perm = 'repository.admin'
1926 1926 owner_row = []
1927 1927 if with_owner:
1928 1928 usr = AttributeDict(self.user.get_dict())
1929 1929 usr.owner_row = True
1930 1930 usr.permission = _admin_perm
1931 1931 usr.permission_id = None
1932 1932 owner_row.append(usr)
1933 1933
1934 1934 super_admin_rows = []
1935 1935 if with_admins:
1936 1936 for usr in User.get_all_super_admins():
1937 1937 # if this admin is also owner, don't double the record
1938 1938 if usr.user_id == owner_row[0].user_id:
1939 1939 owner_row[0].admin_row = True
1940 1940 else:
1941 1941 usr = AttributeDict(usr.get_dict())
1942 1942 usr.admin_row = True
1943 1943 usr.permission = _admin_perm
1944 1944 usr.permission_id = None
1945 1945 super_admin_rows.append(usr)
1946 1946
1947 1947 return super_admin_rows + owner_row + perm_rows
1948 1948
1949 1949 def permission_user_groups(self):
1950 1950 q = UserGroupRepoToPerm.query().filter(
1951 1951 UserGroupRepoToPerm.repository == self)
1952 1952 q = q.options(joinedload(UserGroupRepoToPerm.repository),
1953 1953 joinedload(UserGroupRepoToPerm.users_group),
1954 1954 joinedload(UserGroupRepoToPerm.permission),)
1955 1955
1956 1956 perm_rows = []
1957 1957 for _user_group in q.all():
1958 1958 usr = AttributeDict(_user_group.users_group.get_dict())
1959 1959 usr.permission = _user_group.permission.permission_name
1960 1960 perm_rows.append(usr)
1961 1961
1962 1962 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1963 1963 return perm_rows
1964 1964
1965 1965 def get_api_data(self, include_secrets=False):
1966 1966 """
1967 1967 Common function for generating repo api data
1968 1968
1969 1969 :param include_secrets: See :meth:`User.get_api_data`.
1970 1970
1971 1971 """
1972 1972 # TODO: mikhail: Here there is an anti-pattern, we probably need to
1973 1973 # move this methods on models level.
1974 1974 from rhodecode.model.settings import SettingsModel
1975 1975 from rhodecode.model.repo import RepoModel
1976 1976
1977 1977 repo = self
1978 1978 _user_id, _time, _reason = self.locked
1979 1979
1980 1980 data = {
1981 1981 'repo_id': repo.repo_id,
1982 1982 'repo_name': repo.repo_name,
1983 1983 'repo_type': repo.repo_type,
1984 1984 'clone_uri': repo.clone_uri or '',
1985 1985 'push_uri': repo.push_uri or '',
1986 1986 'url': RepoModel().get_url(self),
1987 1987 'private': repo.private,
1988 1988 'created_on': repo.created_on,
1989 1989 'description': repo.description_safe,
1990 1990 'landing_rev': repo.landing_rev,
1991 1991 'owner': repo.user.username,
1992 1992 'fork_of': repo.fork.repo_name if repo.fork else None,
1993 1993 'fork_of_id': repo.fork.repo_id if repo.fork else None,
1994 1994 'enable_statistics': repo.enable_statistics,
1995 1995 'enable_locking': repo.enable_locking,
1996 1996 'enable_downloads': repo.enable_downloads,
1997 1997 'last_changeset': repo.changeset_cache,
1998 1998 'locked_by': User.get(_user_id).get_api_data(
1999 1999 include_secrets=include_secrets) if _user_id else None,
2000 2000 'locked_date': time_to_datetime(_time) if _time else None,
2001 2001 'lock_reason': _reason if _reason else None,
2002 2002 }
2003 2003
2004 2004 # TODO: mikhail: should be per-repo settings here
2005 2005 rc_config = SettingsModel().get_all_settings()
2006 2006 repository_fields = str2bool(
2007 2007 rc_config.get('rhodecode_repository_fields'))
2008 2008 if repository_fields:
2009 2009 for f in self.extra_fields:
2010 2010 data[f.field_key_prefixed] = f.field_value
2011 2011
2012 2012 return data
2013 2013
2014 2014 @classmethod
2015 2015 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2016 2016 if not lock_time:
2017 2017 lock_time = time.time()
2018 2018 if not lock_reason:
2019 2019 lock_reason = cls.LOCK_AUTOMATIC
2020 2020 repo.locked = [user_id, lock_time, lock_reason]
2021 2021 Session().add(repo)
2022 2022 Session().commit()
2023 2023
2024 2024 @classmethod
2025 2025 def unlock(cls, repo):
2026 2026 repo.locked = None
2027 2027 Session().add(repo)
2028 2028 Session().commit()
2029 2029
2030 2030 @classmethod
2031 2031 def getlock(cls, repo):
2032 2032 return repo.locked
2033 2033
2034 2034 def is_user_lock(self, user_id):
2035 2035 if self.lock[0]:
2036 2036 lock_user_id = safe_int(self.lock[0])
2037 2037 user_id = safe_int(user_id)
2038 2038 # both are ints, and they are equal
2039 2039 return all([lock_user_id, user_id]) and lock_user_id == user_id
2040 2040
2041 2041 return False
2042 2042
2043 2043 def get_locking_state(self, action, user_id, only_when_enabled=True):
2044 2044 """
2045 2045 Checks locking on this repository, if locking is enabled and lock is
2046 2046 present returns a tuple of make_lock, locked, locked_by.
2047 2047 make_lock can have 3 states None (do nothing) True, make lock
2048 2048 False release lock, This value is later propagated to hooks, which
2049 2049 do the locking. Think about this as signals passed to hooks what to do.
2050 2050
2051 2051 """
2052 2052 # TODO: johbo: This is part of the business logic and should be moved
2053 2053 # into the RepositoryModel.
2054 2054
2055 2055 if action not in ('push', 'pull'):
2056 2056 raise ValueError("Invalid action value: %s" % repr(action))
2057 2057
2058 2058 # defines if locked error should be thrown to user
2059 2059 currently_locked = False
2060 2060 # defines if new lock should be made, tri-state
2061 2061 make_lock = None
2062 2062 repo = self
2063 2063 user = User.get(user_id)
2064 2064
2065 2065 lock_info = repo.locked
2066 2066
2067 2067 if repo and (repo.enable_locking or not only_when_enabled):
2068 2068 if action == 'push':
2069 2069 # check if it's already locked !, if it is compare users
2070 2070 locked_by_user_id = lock_info[0]
2071 2071 if user.user_id == locked_by_user_id:
2072 2072 log.debug(
2073 2073 'Got `push` action from user %s, now unlocking', user)
2074 2074 # unlock if we have push from user who locked
2075 2075 make_lock = False
2076 2076 else:
2077 2077 # we're not the same user who locked, ban with
2078 2078 # code defined in settings (default is 423 HTTP Locked) !
2079 2079 log.debug('Repo %s is currently locked by %s', repo, user)
2080 2080 currently_locked = True
2081 2081 elif action == 'pull':
2082 2082 # [0] user [1] date
2083 2083 if lock_info[0] and lock_info[1]:
2084 2084 log.debug('Repo %s is currently locked by %s', repo, user)
2085 2085 currently_locked = True
2086 2086 else:
2087 2087 log.debug('Setting lock on repo %s by %s', repo, user)
2088 2088 make_lock = True
2089 2089
2090 2090 else:
2091 2091 log.debug('Repository %s do not have locking enabled', repo)
2092 2092
2093 2093 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2094 2094 make_lock, currently_locked, lock_info)
2095 2095
2096 2096 from rhodecode.lib.auth import HasRepoPermissionAny
2097 2097 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2098 2098 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2099 2099 # if we don't have at least write permission we cannot make a lock
2100 2100 log.debug('lock state reset back to FALSE due to lack '
2101 2101 'of at least read permission')
2102 2102 make_lock = False
2103 2103
2104 2104 return make_lock, currently_locked, lock_info
2105 2105
2106 2106 @property
2107 2107 def last_db_change(self):
2108 2108 return self.updated_on
2109 2109
2110 2110 @property
2111 2111 def clone_uri_hidden(self):
2112 2112 clone_uri = self.clone_uri
2113 2113 if clone_uri:
2114 2114 import urlobject
2115 2115 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2116 2116 if url_obj.password:
2117 2117 clone_uri = url_obj.with_password('*****')
2118 2118 return clone_uri
2119 2119
2120 2120 @property
2121 2121 def push_uri_hidden(self):
2122 2122 push_uri = self.push_uri
2123 2123 if push_uri:
2124 2124 import urlobject
2125 2125 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2126 2126 if url_obj.password:
2127 2127 push_uri = url_obj.with_password('*****')
2128 2128 return push_uri
2129 2129
2130 2130 def clone_url(self, **override):
2131 2131 from rhodecode.model.settings import SettingsModel
2132 2132
2133 2133 uri_tmpl = None
2134 2134 if 'with_id' in override:
2135 2135 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2136 2136 del override['with_id']
2137 2137
2138 2138 if 'uri_tmpl' in override:
2139 2139 uri_tmpl = override['uri_tmpl']
2140 2140 del override['uri_tmpl']
2141 2141
2142 2142 ssh = False
2143 2143 if 'ssh' in override:
2144 2144 ssh = True
2145 2145 del override['ssh']
2146 2146
2147 2147 # we didn't override our tmpl from **overrides
2148 2148 if not uri_tmpl:
2149 2149 rc_config = SettingsModel().get_all_settings(cache=True)
2150 2150 if ssh:
2151 2151 uri_tmpl = rc_config.get(
2152 2152 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2153 2153 else:
2154 2154 uri_tmpl = rc_config.get(
2155 2155 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2156 2156
2157 2157 request = get_current_request()
2158 2158 return get_clone_url(request=request,
2159 2159 uri_tmpl=uri_tmpl,
2160 2160 repo_name=self.repo_name,
2161 2161 repo_id=self.repo_id, **override)
2162 2162
2163 2163 def set_state(self, state):
2164 2164 self.repo_state = state
2165 2165 Session().add(self)
2166 2166 #==========================================================================
2167 2167 # SCM PROPERTIES
2168 2168 #==========================================================================
2169 2169
2170 2170 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
2171 2171 return get_commit_safe(
2172 2172 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
2173 2173
2174 2174 def get_changeset(self, rev=None, pre_load=None):
2175 2175 warnings.warn("Use get_commit", DeprecationWarning)
2176 2176 commit_id = None
2177 2177 commit_idx = None
2178 2178 if isinstance(rev, str):
2179 2179 commit_id = rev
2180 2180 else:
2181 2181 commit_idx = rev
2182 2182 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2183 2183 pre_load=pre_load)
2184 2184
2185 2185 def get_landing_commit(self):
2186 2186 """
2187 2187 Returns landing commit, or if that doesn't exist returns the tip
2188 2188 """
2189 2189 _rev_type, _rev = self.landing_rev
2190 2190 commit = self.get_commit(_rev)
2191 2191 if isinstance(commit, EmptyCommit):
2192 2192 return self.get_commit()
2193 2193 return commit
2194 2194
2195 2195 def update_commit_cache(self, cs_cache=None, config=None):
2196 2196 """
2197 2197 Update cache of last changeset for repository, keys should be::
2198 2198
2199 2199 short_id
2200 2200 raw_id
2201 2201 revision
2202 2202 parents
2203 2203 message
2204 2204 date
2205 2205 author
2206 2206
2207 2207 :param cs_cache:
2208 2208 """
2209 2209 from rhodecode.lib.vcs.backends.base import BaseChangeset
2210 2210 if cs_cache is None:
2211 2211 # use no-cache version here
2212 2212 scm_repo = self.scm_instance(cache=False, config=config)
2213 2213 if scm_repo:
2214 2214 cs_cache = scm_repo.get_commit(
2215 2215 pre_load=["author", "date", "message", "parents"])
2216 2216 else:
2217 2217 cs_cache = EmptyCommit()
2218 2218
2219 2219 if isinstance(cs_cache, BaseChangeset):
2220 2220 cs_cache = cs_cache.__json__()
2221 2221
2222 2222 def is_outdated(new_cs_cache):
2223 2223 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2224 2224 new_cs_cache['revision'] != self.changeset_cache['revision']):
2225 2225 return True
2226 2226 return False
2227 2227
2228 2228 # check if we have maybe already latest cached revision
2229 2229 if is_outdated(cs_cache) or not self.changeset_cache:
2230 2230 _default = datetime.datetime.fromtimestamp(0)
2231 2231 last_change = cs_cache.get('date') or _default
2232 2232 log.debug('updated repo %s with new commit cache %s',
2233 2233 self.repo_name, cs_cache)
2234 2234 self.updated_on = last_change
2235 2235 self.changeset_cache = cs_cache
2236 2236 Session().add(self)
2237 2237 Session().commit()
2238 2238 else:
2239 2239 log.debug('Skipping update_commit_cache for repo:`%s` '
2240 2240 'commit already with latest changes', self.repo_name)
2241 2241
2242 2242 @property
2243 2243 def tip(self):
2244 2244 return self.get_commit('tip')
2245 2245
2246 2246 @property
2247 2247 def author(self):
2248 2248 return self.tip.author
2249 2249
2250 2250 @property
2251 2251 def last_change(self):
2252 2252 return self.scm_instance().last_change
2253 2253
2254 2254 def get_comments(self, revisions=None):
2255 2255 """
2256 2256 Returns comments for this repository grouped by revisions
2257 2257
2258 2258 :param revisions: filter query by revisions only
2259 2259 """
2260 2260 cmts = ChangesetComment.query()\
2261 2261 .filter(ChangesetComment.repo == self)
2262 2262 if revisions:
2263 2263 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2264 2264 grouped = collections.defaultdict(list)
2265 2265 for cmt in cmts.all():
2266 2266 grouped[cmt.revision].append(cmt)
2267 2267 return grouped
2268 2268
2269 2269 def statuses(self, revisions=None):
2270 2270 """
2271 2271 Returns statuses for this repository
2272 2272
2273 2273 :param revisions: list of revisions to get statuses for
2274 2274 """
2275 2275 statuses = ChangesetStatus.query()\
2276 2276 .filter(ChangesetStatus.repo == self)\
2277 2277 .filter(ChangesetStatus.version == 0)
2278 2278
2279 2279 if revisions:
2280 2280 # Try doing the filtering in chunks to avoid hitting limits
2281 2281 size = 500
2282 2282 status_results = []
2283 2283 for chunk in range(0, len(revisions), size):
2284 2284 status_results += statuses.filter(
2285 2285 ChangesetStatus.revision.in_(
2286 2286 revisions[chunk: chunk+size])
2287 2287 ).all()
2288 2288 else:
2289 2289 status_results = statuses.all()
2290 2290
2291 2291 grouped = {}
2292 2292
2293 2293 # maybe we have open new pullrequest without a status?
2294 2294 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2295 2295 status_lbl = ChangesetStatus.get_status_lbl(stat)
2296 2296 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2297 2297 for rev in pr.revisions:
2298 2298 pr_id = pr.pull_request_id
2299 2299 pr_repo = pr.target_repo.repo_name
2300 2300 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2301 2301
2302 2302 for stat in status_results:
2303 2303 pr_id = pr_repo = None
2304 2304 if stat.pull_request:
2305 2305 pr_id = stat.pull_request.pull_request_id
2306 2306 pr_repo = stat.pull_request.target_repo.repo_name
2307 2307 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2308 2308 pr_id, pr_repo]
2309 2309 return grouped
2310 2310
2311 2311 # ==========================================================================
2312 2312 # SCM CACHE INSTANCE
2313 2313 # ==========================================================================
2314 2314
2315 2315 def scm_instance(self, **kwargs):
2316 2316 import rhodecode
2317 2317
2318 2318 # Passing a config will not hit the cache currently only used
2319 2319 # for repo2dbmapper
2320 2320 config = kwargs.pop('config', None)
2321 2321 cache = kwargs.pop('cache', None)
2322 2322 full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
2323 2323 # if cache is NOT defined use default global, else we have a full
2324 2324 # control over cache behaviour
2325 2325 if cache is None and full_cache and not config:
2326 2326 return self._get_instance_cached()
2327 2327 return self._get_instance(cache=bool(cache), config=config)
2328 2328
2329 2329 def _get_instance_cached(self):
2330 2330 return self._get_instance()
2331 2331
2332 2332 def _get_instance(self, cache=True, config=None):
2333 2333 config = config or self._config
2334 2334 custom_wire = {
2335 2335 'cache': cache # controls the vcs.remote cache
2336 2336 }
2337 2337 repo = get_vcs_instance(
2338 2338 repo_path=safe_str(self.repo_full_path),
2339 2339 config=config,
2340 2340 with_wire=custom_wire,
2341 2341 create=False,
2342 2342 _vcs_alias=self.repo_type)
2343 2343
2344 2344 return repo
2345 2345
2346 2346 def __json__(self):
2347 2347 return {'landing_rev': self.landing_rev}
2348 2348
2349 2349 def get_dict(self):
2350 2350
2351 2351 # Since we transformed `repo_name` to a hybrid property, we need to
2352 2352 # keep compatibility with the code which uses `repo_name` field.
2353 2353
2354 2354 result = super(Repository, self).get_dict()
2355 2355 result['repo_name'] = result.pop('_repo_name', None)
2356 2356 return result
2357 2357
2358 2358
2359 2359 class RepoGroup(Base, BaseModel):
2360 2360 __tablename__ = 'groups'
2361 2361 __table_args__ = (
2362 2362 UniqueConstraint('group_name', 'group_parent_id'),
2363 2363 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2364 2364 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2365 2365 )
2366 2366 __mapper_args__ = {'order_by': 'group_name'}
2367 2367
2368 2368 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2369 2369
2370 2370 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2371 2371 group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2372 2372 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2373 2373 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2374 2374 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2375 2375 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2376 2376 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2377 2377 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2378 2378 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2379 2379
2380 2380 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
2381 2381 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
2382 2382 parent_group = relationship('RepoGroup', remote_side=group_id)
2383 2383 user = relationship('User')
2384 2384 integrations = relationship('Integration',
2385 2385 cascade="all, delete, delete-orphan")
2386 2386
2387 2387 def __init__(self, group_name='', parent_group=None):
2388 2388 self.group_name = group_name
2389 2389 self.parent_group = parent_group
2390 2390
2391 2391 def __unicode__(self):
2392 2392 return u"<%s('id:%s:%s')>" % (
2393 2393 self.__class__.__name__, self.group_id, self.group_name)
2394 2394
2395 2395 @hybrid_property
2396 2396 def description_safe(self):
2397 2397 from rhodecode.lib import helpers as h
2398 2398 return h.escape(self.group_description)
2399 2399
2400 2400 @classmethod
2401 2401 def _generate_choice(cls, repo_group):
2402 2402 from webhelpers2.html import literal as _literal
2403 2403 _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
2404 2404 return repo_group.group_id, _name(repo_group.full_path_splitted)
2405 2405
2406 2406 @classmethod
2407 2407 def groups_choices(cls, groups=None, show_empty_group=True):
2408 2408 if not groups:
2409 2409 groups = cls.query().all()
2410 2410
2411 2411 repo_groups = []
2412 2412 if show_empty_group:
2413 2413 repo_groups = [(-1, u'-- %s --' % _('No parent'))]
2414 2414
2415 2415 repo_groups.extend([cls._generate_choice(x) for x in groups])
2416 2416
2417 2417 repo_groups = sorted(
2418 2418 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2419 2419 return repo_groups
2420 2420
2421 2421 @classmethod
2422 2422 def url_sep(cls):
2423 2423 return URL_SEP
2424 2424
2425 2425 @classmethod
2426 2426 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2427 2427 if case_insensitive:
2428 2428 gr = cls.query().filter(func.lower(cls.group_name)
2429 2429 == func.lower(group_name))
2430 2430 else:
2431 2431 gr = cls.query().filter(cls.group_name == group_name)
2432 2432 if cache:
2433 2433 name_key = _hash_key(group_name)
2434 2434 gr = gr.options(
2435 2435 FromCache("sql_cache_short", "get_group_%s" % name_key))
2436 2436 return gr.scalar()
2437 2437
2438 2438 @classmethod
2439 2439 def get_user_personal_repo_group(cls, user_id):
2440 2440 user = User.get(user_id)
2441 2441 if user.username == User.DEFAULT_USER:
2442 2442 return None
2443 2443
2444 2444 return cls.query()\
2445 2445 .filter(cls.personal == true()) \
2446 2446 .filter(cls.user == user).scalar()
2447 2447
2448 2448 @classmethod
2449 2449 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2450 2450 case_insensitive=True):
2451 2451 q = RepoGroup.query()
2452 2452
2453 2453 if not isinstance(user_id, Optional):
2454 2454 q = q.filter(RepoGroup.user_id == user_id)
2455 2455
2456 2456 if not isinstance(group_id, Optional):
2457 2457 q = q.filter(RepoGroup.group_parent_id == group_id)
2458 2458
2459 2459 if case_insensitive:
2460 2460 q = q.order_by(func.lower(RepoGroup.group_name))
2461 2461 else:
2462 2462 q = q.order_by(RepoGroup.group_name)
2463 2463 return q.all()
2464 2464
2465 2465 @property
2466 2466 def parents(self):
2467 2467 parents_recursion_limit = 10
2468 2468 groups = []
2469 2469 if self.parent_group is None:
2470 2470 return groups
2471 2471 cur_gr = self.parent_group
2472 2472 groups.insert(0, cur_gr)
2473 2473 cnt = 0
2474 2474 while 1:
2475 2475 cnt += 1
2476 2476 gr = getattr(cur_gr, 'parent_group', None)
2477 2477 cur_gr = cur_gr.parent_group
2478 2478 if gr is None:
2479 2479 break
2480 2480 if cnt == parents_recursion_limit:
2481 2481 # this will prevent accidental infinit loops
2482 2482 log.error('more than %s parents found for group %s, stopping '
2483 2483 'recursive parent fetching', parents_recursion_limit, self)
2484 2484 break
2485 2485
2486 2486 groups.insert(0, gr)
2487 2487 return groups
2488 2488
2489 2489 @property
2490 2490 def last_db_change(self):
2491 2491 return self.updated_on
2492 2492
2493 2493 @property
2494 2494 def children(self):
2495 2495 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2496 2496
2497 2497 @property
2498 2498 def name(self):
2499 2499 return self.group_name.split(RepoGroup.url_sep())[-1]
2500 2500
2501 2501 @property
2502 2502 def full_path(self):
2503 2503 return self.group_name
2504 2504
2505 2505 @property
2506 2506 def full_path_splitted(self):
2507 2507 return self.group_name.split(RepoGroup.url_sep())
2508 2508
2509 2509 @property
2510 2510 def repositories(self):
2511 2511 return Repository.query()\
2512 2512 .filter(Repository.group == self)\
2513 2513 .order_by(Repository.repo_name)
2514 2514
2515 2515 @property
2516 2516 def repositories_recursive_count(self):
2517 2517 cnt = self.repositories.count()
2518 2518
2519 2519 def children_count(group):
2520 2520 cnt = 0
2521 2521 for child in group.children:
2522 2522 cnt += child.repositories.count()
2523 2523 cnt += children_count(child)
2524 2524 return cnt
2525 2525
2526 2526 return cnt + children_count(self)
2527 2527
2528 2528 def _recursive_objects(self, include_repos=True):
2529 2529 all_ = []
2530 2530
2531 2531 def _get_members(root_gr):
2532 2532 if include_repos:
2533 2533 for r in root_gr.repositories:
2534 2534 all_.append(r)
2535 2535 childs = root_gr.children.all()
2536 2536 if childs:
2537 2537 for gr in childs:
2538 2538 all_.append(gr)
2539 2539 _get_members(gr)
2540 2540
2541 2541 _get_members(self)
2542 2542 return [self] + all_
2543 2543
2544 2544 def recursive_groups_and_repos(self):
2545 2545 """
2546 2546 Recursive return all groups, with repositories in those groups
2547 2547 """
2548 2548 return self._recursive_objects()
2549 2549
2550 2550 def recursive_groups(self):
2551 2551 """
2552 2552 Returns all children groups for this group including children of children
2553 2553 """
2554 2554 return self._recursive_objects(include_repos=False)
2555 2555
2556 2556 def get_new_name(self, group_name):
2557 2557 """
2558 2558 returns new full group name based on parent and new name
2559 2559
2560 2560 :param group_name:
2561 2561 """
2562 2562 path_prefix = (self.parent_group.full_path_splitted if
2563 2563 self.parent_group else [])
2564 2564 return RepoGroup.url_sep().join(path_prefix + [group_name])
2565 2565
2566 2566 def permissions(self, with_admins=True, with_owner=True):
2567 2567 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
2568 2568 q = q.options(joinedload(UserRepoGroupToPerm.group),
2569 2569 joinedload(UserRepoGroupToPerm.user),
2570 2570 joinedload(UserRepoGroupToPerm.permission),)
2571 2571
2572 2572 # get owners and admins and permissions. We do a trick of re-writing
2573 2573 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2574 2574 # has a global reference and changing one object propagates to all
2575 2575 # others. This means if admin is also an owner admin_row that change
2576 2576 # would propagate to both objects
2577 2577 perm_rows = []
2578 2578 for _usr in q.all():
2579 2579 usr = AttributeDict(_usr.user.get_dict())
2580 2580 usr.permission = _usr.permission.permission_name
2581 2581 perm_rows.append(usr)
2582 2582
2583 2583 # filter the perm rows by 'default' first and then sort them by
2584 2584 # admin,write,read,none permissions sorted again alphabetically in
2585 2585 # each group
2586 2586 perm_rows = sorted(perm_rows, key=display_user_sort)
2587 2587
2588 2588 _admin_perm = 'group.admin'
2589 2589 owner_row = []
2590 2590 if with_owner:
2591 2591 usr = AttributeDict(self.user.get_dict())
2592 2592 usr.owner_row = True
2593 2593 usr.permission = _admin_perm
2594 2594 owner_row.append(usr)
2595 2595
2596 2596 super_admin_rows = []
2597 2597 if with_admins:
2598 2598 for usr in User.get_all_super_admins():
2599 2599 # if this admin is also owner, don't double the record
2600 2600 if usr.user_id == owner_row[0].user_id:
2601 2601 owner_row[0].admin_row = True
2602 2602 else:
2603 2603 usr = AttributeDict(usr.get_dict())
2604 2604 usr.admin_row = True
2605 2605 usr.permission = _admin_perm
2606 2606 super_admin_rows.append(usr)
2607 2607
2608 2608 return super_admin_rows + owner_row + perm_rows
2609 2609
2610 2610 def permission_user_groups(self):
2611 2611 q = UserGroupRepoGroupToPerm.query().filter(UserGroupRepoGroupToPerm.group == self)
2612 2612 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
2613 2613 joinedload(UserGroupRepoGroupToPerm.users_group),
2614 2614 joinedload(UserGroupRepoGroupToPerm.permission),)
2615 2615
2616 2616 perm_rows = []
2617 2617 for _user_group in q.all():
2618 2618 usr = AttributeDict(_user_group.users_group.get_dict())
2619 2619 usr.permission = _user_group.permission.permission_name
2620 2620 perm_rows.append(usr)
2621 2621
2622 2622 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2623 2623 return perm_rows
2624 2624
2625 2625 def get_api_data(self):
2626 2626 """
2627 2627 Common function for generating api data
2628 2628
2629 2629 """
2630 2630 group = self
2631 2631 data = {
2632 2632 'group_id': group.group_id,
2633 2633 'group_name': group.group_name,
2634 2634 'group_description': group.description_safe,
2635 2635 'parent_group': group.parent_group.group_name if group.parent_group else None,
2636 2636 'repositories': [x.repo_name for x in group.repositories],
2637 2637 'owner': group.user.username,
2638 2638 }
2639 2639 return data
2640 2640
2641 2641
2642 2642 class Permission(Base, BaseModel):
2643 2643 __tablename__ = 'permissions'
2644 2644 __table_args__ = (
2645 2645 Index('p_perm_name_idx', 'permission_name'),
2646 2646 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2647 2647 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2648 2648 )
2649 2649 PERMS = [
2650 2650 ('hg.admin', _('RhodeCode Super Administrator')),
2651 2651
2652 2652 ('repository.none', _('Repository no access')),
2653 2653 ('repository.read', _('Repository read access')),
2654 2654 ('repository.write', _('Repository write access')),
2655 2655 ('repository.admin', _('Repository admin access')),
2656 2656
2657 2657 ('group.none', _('Repository group no access')),
2658 2658 ('group.read', _('Repository group read access')),
2659 2659 ('group.write', _('Repository group write access')),
2660 2660 ('group.admin', _('Repository group admin access')),
2661 2661
2662 2662 ('usergroup.none', _('User group no access')),
2663 2663 ('usergroup.read', _('User group read access')),
2664 2664 ('usergroup.write', _('User group write access')),
2665 2665 ('usergroup.admin', _('User group admin access')),
2666 2666
2667 2667 ('branch.none', _('Branch no permissions')),
2668 2668 ('branch.merge', _('Branch access by web merge')),
2669 2669 ('branch.push', _('Branch access by push')),
2670 2670 ('branch.push_force', _('Branch access by push with force')),
2671 2671
2672 2672 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
2673 2673 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
2674 2674
2675 2675 ('hg.usergroup.create.false', _('User Group creation disabled')),
2676 2676 ('hg.usergroup.create.true', _('User Group creation enabled')),
2677 2677
2678 2678 ('hg.create.none', _('Repository creation disabled')),
2679 2679 ('hg.create.repository', _('Repository creation enabled')),
2680 2680 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
2681 2681 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
2682 2682
2683 2683 ('hg.fork.none', _('Repository forking disabled')),
2684 2684 ('hg.fork.repository', _('Repository forking enabled')),
2685 2685
2686 2686 ('hg.register.none', _('Registration disabled')),
2687 2687 ('hg.register.manual_activate', _('User Registration with manual account activation')),
2688 2688 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
2689 2689
2690 2690 ('hg.password_reset.enabled', _('Password reset enabled')),
2691 2691 ('hg.password_reset.hidden', _('Password reset hidden')),
2692 2692 ('hg.password_reset.disabled', _('Password reset disabled')),
2693 2693
2694 2694 ('hg.extern_activate.manual', _('Manual activation of external account')),
2695 2695 ('hg.extern_activate.auto', _('Automatic activation of external account')),
2696 2696
2697 2697 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
2698 2698 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
2699 2699 ]
2700 2700
2701 2701 # definition of system default permissions for DEFAULT user, created on
2702 2702 # system setup
2703 2703 DEFAULT_USER_PERMISSIONS = [
2704 2704 # object perms
2705 2705 'repository.read',
2706 2706 'group.read',
2707 2707 'usergroup.read',
2708 2708 # branch
2709 2709 'branch.push',
2710 2710 # global
2711 2711 'hg.create.repository',
2712 2712 'hg.repogroup.create.false',
2713 2713 'hg.usergroup.create.false',
2714 2714 'hg.create.write_on_repogroup.true',
2715 2715 'hg.fork.repository',
2716 2716 'hg.register.manual_activate',
2717 2717 'hg.password_reset.enabled',
2718 2718 'hg.extern_activate.auto',
2719 2719 'hg.inherit_default_perms.true',
2720 2720 ]
2721 2721
2722 2722 # defines which permissions are more important higher the more important
2723 2723 # Weight defines which permissions are more important.
2724 2724 # The higher number the more important.
2725 2725 PERM_WEIGHTS = {
2726 2726 'repository.none': 0,
2727 2727 'repository.read': 1,
2728 2728 'repository.write': 3,
2729 2729 'repository.admin': 4,
2730 2730
2731 2731 'group.none': 0,
2732 2732 'group.read': 1,
2733 2733 'group.write': 3,
2734 2734 'group.admin': 4,
2735 2735
2736 2736 'usergroup.none': 0,
2737 2737 'usergroup.read': 1,
2738 2738 'usergroup.write': 3,
2739 2739 'usergroup.admin': 4,
2740 2740
2741 2741 'branch.none': 0,
2742 2742 'branch.merge': 1,
2743 2743 'branch.push': 3,
2744 2744 'branch.push_force': 4,
2745 2745
2746 2746 'hg.repogroup.create.false': 0,
2747 2747 'hg.repogroup.create.true': 1,
2748 2748
2749 2749 'hg.usergroup.create.false': 0,
2750 2750 'hg.usergroup.create.true': 1,
2751 2751
2752 2752 'hg.fork.none': 0,
2753 2753 'hg.fork.repository': 1,
2754 2754 'hg.create.none': 0,
2755 2755 'hg.create.repository': 1
2756 2756 }
2757 2757
2758 2758 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2759 2759 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
2760 2760 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
2761 2761
2762 2762 def __unicode__(self):
2763 2763 return u"<%s('%s:%s')>" % (
2764 2764 self.__class__.__name__, self.permission_id, self.permission_name
2765 2765 )
2766 2766
2767 2767 @classmethod
2768 2768 def get_by_key(cls, key):
2769 2769 return cls.query().filter(cls.permission_name == key).scalar()
2770 2770
2771 2771 @classmethod
2772 2772 def get_default_repo_perms(cls, user_id, repo_id=None):
2773 2773 q = Session().query(UserRepoToPerm, Repository, Permission)\
2774 2774 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
2775 2775 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
2776 2776 .filter(UserRepoToPerm.user_id == user_id)
2777 2777 if repo_id:
2778 2778 q = q.filter(UserRepoToPerm.repository_id == repo_id)
2779 2779 return q.all()
2780 2780
2781 2781 @classmethod
2782 2782 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
2783 2783 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
2784 2784 .join(
2785 2785 Permission,
2786 2786 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
2787 2787 .join(
2788 2788 Repository,
2789 2789 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
2790 2790 .join(
2791 2791 UserGroup,
2792 2792 UserGroupRepoToPerm.users_group_id ==
2793 2793 UserGroup.users_group_id)\
2794 2794 .join(
2795 2795 UserGroupMember,
2796 2796 UserGroupRepoToPerm.users_group_id ==
2797 2797 UserGroupMember.users_group_id)\
2798 2798 .filter(
2799 2799 UserGroupMember.user_id == user_id,
2800 2800 UserGroup.users_group_active == true())
2801 2801 if repo_id:
2802 2802 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
2803 2803 return q.all()
2804 2804
2805 2805 @classmethod
2806 2806 def get_default_group_perms(cls, user_id, repo_group_id=None):
2807 2807 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
2808 2808 .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\
2809 2809 .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
2810 2810 .filter(UserRepoGroupToPerm.user_id == user_id)
2811 2811 if repo_group_id:
2812 2812 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
2813 2813 return q.all()
2814 2814
2815 2815 @classmethod
2816 2816 def get_default_group_perms_from_user_group(
2817 2817 cls, user_id, repo_group_id=None):
2818 2818 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
2819 2819 .join(
2820 2820 Permission,
2821 2821 UserGroupRepoGroupToPerm.permission_id ==
2822 2822 Permission.permission_id)\
2823 2823 .join(
2824 2824 RepoGroup,
2825 2825 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
2826 2826 .join(
2827 2827 UserGroup,
2828 2828 UserGroupRepoGroupToPerm.users_group_id ==
2829 2829 UserGroup.users_group_id)\
2830 2830 .join(
2831 2831 UserGroupMember,
2832 2832 UserGroupRepoGroupToPerm.users_group_id ==
2833 2833 UserGroupMember.users_group_id)\
2834 2834 .filter(
2835 2835 UserGroupMember.user_id == user_id,
2836 2836 UserGroup.users_group_active == true())
2837 2837 if repo_group_id:
2838 2838 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
2839 2839 return q.all()
2840 2840
2841 2841 @classmethod
2842 2842 def get_default_user_group_perms(cls, user_id, user_group_id=None):
2843 2843 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
2844 2844 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
2845 2845 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
2846 2846 .filter(UserUserGroupToPerm.user_id == user_id)
2847 2847 if user_group_id:
2848 2848 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
2849 2849 return q.all()
2850 2850
2851 2851 @classmethod
2852 2852 def get_default_user_group_perms_from_user_group(
2853 2853 cls, user_id, user_group_id=None):
2854 2854 TargetUserGroup = aliased(UserGroup, name='target_user_group')
2855 2855 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
2856 2856 .join(
2857 2857 Permission,
2858 2858 UserGroupUserGroupToPerm.permission_id ==
2859 2859 Permission.permission_id)\
2860 2860 .join(
2861 2861 TargetUserGroup,
2862 2862 UserGroupUserGroupToPerm.target_user_group_id ==
2863 2863 TargetUserGroup.users_group_id)\
2864 2864 .join(
2865 2865 UserGroup,
2866 2866 UserGroupUserGroupToPerm.user_group_id ==
2867 2867 UserGroup.users_group_id)\
2868 2868 .join(
2869 2869 UserGroupMember,
2870 2870 UserGroupUserGroupToPerm.user_group_id ==
2871 2871 UserGroupMember.users_group_id)\
2872 2872 .filter(
2873 2873 UserGroupMember.user_id == user_id,
2874 2874 UserGroup.users_group_active == true())
2875 2875 if user_group_id:
2876 2876 q = q.filter(
2877 2877 UserGroupUserGroupToPerm.user_group_id == user_group_id)
2878 2878
2879 2879 return q.all()
2880 2880
2881 2881
2882 2882 class UserRepoToPerm(Base, BaseModel):
2883 2883 __tablename__ = 'repo_to_perm'
2884 2884 __table_args__ = (
2885 2885 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
2886 2886 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2887 2887 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2888 2888 )
2889 2889 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2890 2890 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2891 2891 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2892 2892 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2893 2893
2894 2894 user = relationship('User')
2895 2895 repository = relationship('Repository')
2896 2896 permission = relationship('Permission')
2897 2897
2898 2898 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete, delete-orphan", lazy='joined')
2899 2899
2900 2900 @classmethod
2901 2901 def create(cls, user, repository, permission):
2902 2902 n = cls()
2903 2903 n.user = user
2904 2904 n.repository = repository
2905 2905 n.permission = permission
2906 2906 Session().add(n)
2907 2907 return n
2908 2908
2909 2909 def __unicode__(self):
2910 2910 return u'<%s => %s >' % (self.user, self.repository)
2911 2911
2912 2912
2913 2913 class UserUserGroupToPerm(Base, BaseModel):
2914 2914 __tablename__ = 'user_user_group_to_perm'
2915 2915 __table_args__ = (
2916 2916 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
2917 2917 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2918 2918 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2919 2919 )
2920 2920 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2921 2921 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2922 2922 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2923 2923 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2924 2924
2925 2925 user = relationship('User')
2926 2926 user_group = relationship('UserGroup')
2927 2927 permission = relationship('Permission')
2928 2928
2929 2929 @classmethod
2930 2930 def create(cls, user, user_group, permission):
2931 2931 n = cls()
2932 2932 n.user = user
2933 2933 n.user_group = user_group
2934 2934 n.permission = permission
2935 2935 Session().add(n)
2936 2936 return n
2937 2937
2938 2938 def __unicode__(self):
2939 2939 return u'<%s => %s >' % (self.user, self.user_group)
2940 2940
2941 2941
2942 2942 class UserToPerm(Base, BaseModel):
2943 2943 __tablename__ = 'user_to_perm'
2944 2944 __table_args__ = (
2945 2945 UniqueConstraint('user_id', 'permission_id'),
2946 2946 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2947 2947 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2948 2948 )
2949 2949 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2950 2950 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2951 2951 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2952 2952
2953 2953 user = relationship('User')
2954 2954 permission = relationship('Permission', lazy='joined')
2955 2955
2956 2956 def __unicode__(self):
2957 2957 return u'<%s => %s >' % (self.user, self.permission)
2958 2958
2959 2959
2960 2960 class UserGroupRepoToPerm(Base, BaseModel):
2961 2961 __tablename__ = 'users_group_repo_to_perm'
2962 2962 __table_args__ = (
2963 2963 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
2964 2964 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2965 2965 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2966 2966 )
2967 2967 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2968 2968 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2969 2969 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2970 2970 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2971 2971
2972 2972 users_group = relationship('UserGroup')
2973 2973 permission = relationship('Permission')
2974 2974 repository = relationship('Repository')
2975 2975
2976 2976 @classmethod
2977 2977 def create(cls, users_group, repository, permission):
2978 2978 n = cls()
2979 2979 n.users_group = users_group
2980 2980 n.repository = repository
2981 2981 n.permission = permission
2982 2982 Session().add(n)
2983 2983 return n
2984 2984
2985 2985 def __unicode__(self):
2986 2986 return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
2987 2987
2988 2988
2989 2989 class UserGroupUserGroupToPerm(Base, BaseModel):
2990 2990 __tablename__ = 'user_group_user_group_to_perm'
2991 2991 __table_args__ = (
2992 2992 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
2993 2993 CheckConstraint('target_user_group_id != user_group_id'),
2994 2994 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2995 2995 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2996 2996 )
2997 2997 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2998 2998 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2999 2999 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3000 3000 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3001 3001
3002 3002 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
3003 3003 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3004 3004 permission = relationship('Permission')
3005 3005
3006 3006 @classmethod
3007 3007 def create(cls, target_user_group, user_group, permission):
3008 3008 n = cls()
3009 3009 n.target_user_group = target_user_group
3010 3010 n.user_group = user_group
3011 3011 n.permission = permission
3012 3012 Session().add(n)
3013 3013 return n
3014 3014
3015 3015 def __unicode__(self):
3016 3016 return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
3017 3017
3018 3018
3019 3019 class UserGroupToPerm(Base, BaseModel):
3020 3020 __tablename__ = 'users_group_to_perm'
3021 3021 __table_args__ = (
3022 3022 UniqueConstraint('users_group_id', 'permission_id',),
3023 3023 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3024 3024 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3025 3025 )
3026 3026 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3027 3027 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3028 3028 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3029 3029
3030 3030 users_group = relationship('UserGroup')
3031 3031 permission = relationship('Permission')
3032 3032
3033 3033
3034 3034 class UserRepoGroupToPerm(Base, BaseModel):
3035 3035 __tablename__ = 'user_repo_group_to_perm'
3036 3036 __table_args__ = (
3037 3037 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3038 3038 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3039 3039 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3040 3040 )
3041 3041
3042 3042 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3043 3043 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3044 3044 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3045 3045 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3046 3046
3047 3047 user = relationship('User')
3048 3048 group = relationship('RepoGroup')
3049 3049 permission = relationship('Permission')
3050 3050
3051 3051 @classmethod
3052 3052 def create(cls, user, repository_group, permission):
3053 3053 n = cls()
3054 3054 n.user = user
3055 3055 n.group = repository_group
3056 3056 n.permission = permission
3057 3057 Session().add(n)
3058 3058 return n
3059 3059
3060 3060
3061 3061 class UserGroupRepoGroupToPerm(Base, BaseModel):
3062 3062 __tablename__ = 'users_group_repo_group_to_perm'
3063 3063 __table_args__ = (
3064 3064 UniqueConstraint('users_group_id', 'group_id'),
3065 3065 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3066 3066 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3067 3067 )
3068 3068
3069 3069 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3070 3070 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3071 3071 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3072 3072 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3073 3073
3074 3074 users_group = relationship('UserGroup')
3075 3075 permission = relationship('Permission')
3076 3076 group = relationship('RepoGroup')
3077 3077
3078 3078 @classmethod
3079 3079 def create(cls, user_group, repository_group, permission):
3080 3080 n = cls()
3081 3081 n.users_group = user_group
3082 3082 n.group = repository_group
3083 3083 n.permission = permission
3084 3084 Session().add(n)
3085 3085 return n
3086 3086
3087 3087 def __unicode__(self):
3088 3088 return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3089 3089
3090 3090
3091 3091 class Statistics(Base, BaseModel):
3092 3092 __tablename__ = 'statistics'
3093 3093 __table_args__ = (
3094 3094 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3095 3095 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3096 3096 )
3097 3097 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3098 3098 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3099 3099 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3100 3100 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
3101 3101 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
3102 3102 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
3103 3103
3104 3104 repository = relationship('Repository', single_parent=True)
3105 3105
3106 3106
3107 3107 class UserFollowing(Base, BaseModel):
3108 3108 __tablename__ = 'user_followings'
3109 3109 __table_args__ = (
3110 3110 UniqueConstraint('user_id', 'follows_repository_id'),
3111 3111 UniqueConstraint('user_id', 'follows_user_id'),
3112 3112 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3113 3113 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3114 3114 )
3115 3115
3116 3116 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3117 3117 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3118 3118 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3119 3119 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3120 3120 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3121 3121
3122 3122 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
3123 3123
3124 3124 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3125 3125 follows_repository = relationship('Repository', order_by='Repository.repo_name')
3126 3126
3127 3127 @classmethod
3128 3128 def get_repo_followers(cls, repo_id):
3129 3129 return cls.query().filter(cls.follows_repo_id == repo_id)
3130 3130
3131 3131
3132 3132 class CacheKey(Base, BaseModel):
3133 3133 __tablename__ = 'cache_invalidation'
3134 3134 __table_args__ = (
3135 3135 UniqueConstraint('cache_key'),
3136 3136 Index('key_idx', 'cache_key'),
3137 3137 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3138 3138 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3139 3139 )
3140 3140 CACHE_TYPE_ATOM = 'ATOM'
3141 3141 CACHE_TYPE_RSS = 'RSS'
3142 3142 CACHE_TYPE_README = 'README'
3143 3143
3144 3144 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3145 3145 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3146 3146 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3147 3147 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3148 3148
3149 3149 def __init__(self, cache_key, cache_args=''):
3150 3150 self.cache_key = cache_key
3151 3151 self.cache_args = cache_args
3152 3152 self.cache_active = False
3153 3153
3154 3154 def __unicode__(self):
3155 3155 return u"<%s('%s:%s[%s]')>" % (
3156 3156 self.__class__.__name__,
3157 3157 self.cache_id, self.cache_key, self.cache_active)
3158 3158
3159 3159 def _cache_key_partition(self):
3160 3160 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3161 3161 return prefix, repo_name, suffix
3162 3162
3163 3163 def get_prefix(self):
3164 3164 """
3165 3165 Try to extract prefix from existing cache key. The key could consist
3166 3166 of prefix, repo_name, suffix
3167 3167 """
3168 3168 # this returns prefix, repo_name, suffix
3169 3169 return self._cache_key_partition()[0]
3170 3170
3171 3171 def get_suffix(self):
3172 3172 """
3173 3173 get suffix that might have been used in _get_cache_key to
3174 3174 generate self.cache_key. Only used for informational purposes
3175 3175 in repo_edit.mako.
3176 3176 """
3177 3177 # prefix, repo_name, suffix
3178 3178 return self._cache_key_partition()[2]
3179 3179
3180 3180 @classmethod
3181 3181 def delete_all_cache(cls):
3182 3182 """
3183 3183 Delete all cache keys from database.
3184 3184 Should only be run when all instances are down and all entries
3185 3185 thus stale.
3186 3186 """
3187 3187 cls.query().delete()
3188 3188 Session().commit()
3189 3189
3190 3190 @classmethod
3191 3191 def get_cache_key(cls, repo_name, cache_type):
3192 3192 """
3193 3193
3194 3194 Generate a cache key for this process of RhodeCode instance.
3195 3195 Prefix most likely will be process id or maybe explicitly set
3196 3196 instance_id from .ini file.
3197 3197 """
3198 3198 import rhodecode
3199 3199 prefix = safe_unicode(rhodecode.CONFIG.get('instance_id') or '')
3200 3200
3201 3201 repo_as_unicode = safe_unicode(repo_name)
3202 3202 key = u'{}_{}'.format(repo_as_unicode, cache_type) \
3203 3203 if cache_type else repo_as_unicode
3204 3204
3205 3205 return u'{}{}'.format(prefix, key)
3206 3206
3207 3207 @classmethod
3208 3208 def set_invalidate(cls, repo_name, delete=False):
3209 3209 """
3210 3210 Mark all caches of a repo as invalid in the database.
3211 3211 """
3212 3212
3213 3213 try:
3214 3214 qry = Session().query(cls).filter(cls.cache_args == repo_name)
3215 3215 if delete:
3216 3216 log.debug('cache objects deleted for repo %s',
3217 3217 safe_str(repo_name))
3218 3218 qry.delete()
3219 3219 else:
3220 3220 log.debug('cache objects marked as invalid for repo %s',
3221 3221 safe_str(repo_name))
3222 3222 qry.update({"cache_active": False})
3223 3223
3224 3224 Session().commit()
3225 3225 except Exception:
3226 3226 log.exception(
3227 3227 'Cache key invalidation failed for repository %s',
3228 3228 safe_str(repo_name))
3229 3229 Session().rollback()
3230 3230
3231 3231 @classmethod
3232 3232 def get_active_cache(cls, cache_key):
3233 3233 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3234 3234 if inv_obj:
3235 3235 return inv_obj
3236 3236 return None
3237 3237
3238 3238
3239 3239 class ChangesetComment(Base, BaseModel):
3240 3240 __tablename__ = 'changeset_comments'
3241 3241 __table_args__ = (
3242 3242 Index('cc_revision_idx', 'revision'),
3243 3243 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3244 3244 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3245 3245 )
3246 3246
3247 3247 COMMENT_OUTDATED = u'comment_outdated'
3248 3248 COMMENT_TYPE_NOTE = u'note'
3249 3249 COMMENT_TYPE_TODO = u'todo'
3250 3250 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3251 3251
3252 3252 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3253 3253 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3254 3254 revision = Column('revision', String(40), nullable=True)
3255 3255 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3256 3256 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3257 3257 line_no = Column('line_no', Unicode(10), nullable=True)
3258 3258 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3259 3259 f_path = Column('f_path', Unicode(1000), nullable=True)
3260 3260 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3261 3261 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3262 3262 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3263 3263 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3264 3264 renderer = Column('renderer', Unicode(64), nullable=True)
3265 3265 display_state = Column('display_state', Unicode(128), nullable=True)
3266 3266
3267 3267 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3268 3268 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3269 3269 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, backref='resolved_by')
3270 3270 author = relationship('User', lazy='joined')
3271 3271 repo = relationship('Repository')
3272 3272 status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan", lazy='joined')
3273 3273 pull_request = relationship('PullRequest', lazy='joined')
3274 3274 pull_request_version = relationship('PullRequestVersion')
3275 3275
3276 3276 @classmethod
3277 3277 def get_users(cls, revision=None, pull_request_id=None):
3278 3278 """
3279 3279 Returns user associated with this ChangesetComment. ie those
3280 3280 who actually commented
3281 3281
3282 3282 :param cls:
3283 3283 :param revision:
3284 3284 """
3285 3285 q = Session().query(User)\
3286 3286 .join(ChangesetComment.author)
3287 3287 if revision:
3288 3288 q = q.filter(cls.revision == revision)
3289 3289 elif pull_request_id:
3290 3290 q = q.filter(cls.pull_request_id == pull_request_id)
3291 3291 return q.all()
3292 3292
3293 3293 @classmethod
3294 3294 def get_index_from_version(cls, pr_version, versions):
3295 3295 num_versions = [x.pull_request_version_id for x in versions]
3296 3296 try:
3297 3297 return num_versions.index(pr_version) +1
3298 3298 except (IndexError, ValueError):
3299 3299 return
3300 3300
3301 3301 @property
3302 3302 def outdated(self):
3303 3303 return self.display_state == self.COMMENT_OUTDATED
3304 3304
3305 3305 def outdated_at_version(self, version):
3306 3306 """
3307 3307 Checks if comment is outdated for given pull request version
3308 3308 """
3309 3309 return self.outdated and self.pull_request_version_id != version
3310 3310
3311 3311 def older_than_version(self, version):
3312 3312 """
3313 3313 Checks if comment is made from previous version than given
3314 3314 """
3315 3315 if version is None:
3316 3316 return self.pull_request_version_id is not None
3317 3317
3318 3318 return self.pull_request_version_id < version
3319 3319
3320 3320 @property
3321 3321 def resolved(self):
3322 3322 return self.resolved_by[0] if self.resolved_by else None
3323 3323
3324 3324 @property
3325 3325 def is_todo(self):
3326 3326 return self.comment_type == self.COMMENT_TYPE_TODO
3327 3327
3328 3328 @property
3329 3329 def is_inline(self):
3330 3330 return self.line_no and self.f_path
3331 3331
3332 3332 def get_index_version(self, versions):
3333 3333 return self.get_index_from_version(
3334 3334 self.pull_request_version_id, versions)
3335 3335
3336 3336 def __repr__(self):
3337 3337 if self.comment_id:
3338 3338 return '<DB:Comment #%s>' % self.comment_id
3339 3339 else:
3340 3340 return '<DB:Comment at %#x>' % id(self)
3341 3341
3342 3342 def get_api_data(self):
3343 3343 comment = self
3344 3344 data = {
3345 3345 'comment_id': comment.comment_id,
3346 3346 'comment_type': comment.comment_type,
3347 3347 'comment_text': comment.text,
3348 3348 'comment_status': comment.status_change,
3349 3349 'comment_f_path': comment.f_path,
3350 3350 'comment_lineno': comment.line_no,
3351 3351 'comment_author': comment.author,
3352 3352 'comment_created_on': comment.created_on
3353 3353 }
3354 3354 return data
3355 3355
3356 3356 def __json__(self):
3357 3357 data = dict()
3358 3358 data.update(self.get_api_data())
3359 3359 return data
3360 3360
3361 3361
3362 3362 class ChangesetStatus(Base, BaseModel):
3363 3363 __tablename__ = 'changeset_statuses'
3364 3364 __table_args__ = (
3365 3365 Index('cs_revision_idx', 'revision'),
3366 3366 Index('cs_version_idx', 'version'),
3367 3367 UniqueConstraint('repo_id', 'revision', 'version'),
3368 3368 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3369 3369 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3370 3370 )
3371 3371 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
3372 3372 STATUS_APPROVED = 'approved'
3373 3373 STATUS_REJECTED = 'rejected'
3374 3374 STATUS_UNDER_REVIEW = 'under_review'
3375 3375
3376 3376 STATUSES = [
3377 3377 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
3378 3378 (STATUS_APPROVED, _("Approved")),
3379 3379 (STATUS_REJECTED, _("Rejected")),
3380 3380 (STATUS_UNDER_REVIEW, _("Under Review")),
3381 3381 ]
3382 3382
3383 3383 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
3384 3384 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3385 3385 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
3386 3386 revision = Column('revision', String(40), nullable=False)
3387 3387 status = Column('status', String(128), nullable=False, default=DEFAULT)
3388 3388 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
3389 3389 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
3390 3390 version = Column('version', Integer(), nullable=False, default=0)
3391 3391 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3392 3392
3393 3393 author = relationship('User', lazy='joined')
3394 3394 repo = relationship('Repository')
3395 3395 comment = relationship('ChangesetComment', lazy='joined')
3396 3396 pull_request = relationship('PullRequest', lazy='joined')
3397 3397
3398 3398 def __unicode__(self):
3399 3399 return u"<%s('%s[v%s]:%s')>" % (
3400 3400 self.__class__.__name__,
3401 3401 self.status, self.version, self.author
3402 3402 )
3403 3403
3404 3404 @classmethod
3405 3405 def get_status_lbl(cls, value):
3406 3406 return dict(cls.STATUSES).get(value)
3407 3407
3408 3408 @property
3409 3409 def status_lbl(self):
3410 3410 return ChangesetStatus.get_status_lbl(self.status)
3411 3411
3412 3412 def get_api_data(self):
3413 3413 status = self
3414 3414 data = {
3415 3415 'status_id': status.changeset_status_id,
3416 3416 'status': status.status,
3417 3417 }
3418 3418 return data
3419 3419
3420 3420 def __json__(self):
3421 3421 data = dict()
3422 3422 data.update(self.get_api_data())
3423 3423 return data
3424 3424
3425 3425
3426 3426 class _PullRequestBase(BaseModel):
3427 3427 """
3428 3428 Common attributes of pull request and version entries.
3429 3429 """
3430 3430
3431 3431 # .status values
3432 3432 STATUS_NEW = u'new'
3433 3433 STATUS_OPEN = u'open'
3434 3434 STATUS_CLOSED = u'closed'
3435 3435
3436 3436 title = Column('title', Unicode(255), nullable=True)
3437 3437 description = Column(
3438 3438 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
3439 3439 nullable=True)
3440 3440 # new/open/closed status of pull request (not approve/reject/etc)
3441 3441 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
3442 3442 created_on = Column(
3443 3443 'created_on', DateTime(timezone=False), nullable=False,
3444 3444 default=datetime.datetime.now)
3445 3445 updated_on = Column(
3446 3446 'updated_on', DateTime(timezone=False), nullable=False,
3447 3447 default=datetime.datetime.now)
3448 3448
3449 3449 @declared_attr
3450 3450 def user_id(cls):
3451 3451 return Column(
3452 3452 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
3453 3453 unique=None)
3454 3454
3455 3455 # 500 revisions max
3456 3456 _revisions = Column(
3457 3457 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
3458 3458
3459 3459 @declared_attr
3460 3460 def source_repo_id(cls):
3461 3461 # TODO: dan: rename column to source_repo_id
3462 3462 return Column(
3463 3463 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3464 3464 nullable=False)
3465 3465
3466 3466 source_ref = Column('org_ref', Unicode(255), nullable=False)
3467 3467
3468 3468 @declared_attr
3469 3469 def target_repo_id(cls):
3470 3470 # TODO: dan: rename column to target_repo_id
3471 3471 return Column(
3472 3472 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3473 3473 nullable=False)
3474 3474
3475 3475 target_ref = Column('other_ref', Unicode(255), nullable=False)
3476 3476 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
3477 3477
3478 3478 # TODO: dan: rename column to last_merge_source_rev
3479 3479 _last_merge_source_rev = Column(
3480 3480 'last_merge_org_rev', String(40), nullable=True)
3481 3481 # TODO: dan: rename column to last_merge_target_rev
3482 3482 _last_merge_target_rev = Column(
3483 3483 'last_merge_other_rev', String(40), nullable=True)
3484 3484 _last_merge_status = Column('merge_status', Integer(), nullable=True)
3485 3485 merge_rev = Column('merge_rev', String(40), nullable=True)
3486 3486
3487 3487 reviewer_data = Column(
3488 3488 'reviewer_data_json', MutationObj.as_mutable(
3489 3489 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3490 3490
3491 3491 @property
3492 3492 def reviewer_data_json(self):
3493 3493 return json.dumps(self.reviewer_data)
3494 3494
3495 3495 @hybrid_property
3496 3496 def description_safe(self):
3497 3497 from rhodecode.lib import helpers as h
3498 3498 return h.escape(self.description)
3499 3499
3500 3500 @hybrid_property
3501 3501 def revisions(self):
3502 3502 return self._revisions.split(':') if self._revisions else []
3503 3503
3504 3504 @revisions.setter
3505 3505 def revisions(self, val):
3506 3506 self._revisions = ':'.join(val)
3507 3507
3508 3508 @hybrid_property
3509 3509 def last_merge_status(self):
3510 3510 return safe_int(self._last_merge_status)
3511 3511
3512 3512 @last_merge_status.setter
3513 3513 def last_merge_status(self, val):
3514 3514 self._last_merge_status = val
3515 3515
3516 3516 @declared_attr
3517 3517 def author(cls):
3518 3518 return relationship('User', lazy='joined')
3519 3519
3520 3520 @declared_attr
3521 3521 def source_repo(cls):
3522 3522 return relationship(
3523 3523 'Repository',
3524 3524 primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
3525 3525
3526 3526 @property
3527 3527 def source_ref_parts(self):
3528 3528 return self.unicode_to_reference(self.source_ref)
3529 3529
3530 3530 @declared_attr
3531 3531 def target_repo(cls):
3532 3532 return relationship(
3533 3533 'Repository',
3534 3534 primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
3535 3535
3536 3536 @property
3537 3537 def target_ref_parts(self):
3538 3538 return self.unicode_to_reference(self.target_ref)
3539 3539
3540 3540 @property
3541 3541 def shadow_merge_ref(self):
3542 3542 return self.unicode_to_reference(self._shadow_merge_ref)
3543 3543
3544 3544 @shadow_merge_ref.setter
3545 3545 def shadow_merge_ref(self, ref):
3546 3546 self._shadow_merge_ref = self.reference_to_unicode(ref)
3547 3547
3548 3548 def unicode_to_reference(self, raw):
3549 3549 """
3550 3550 Convert a unicode (or string) to a reference object.
3551 3551 If unicode evaluates to False it returns None.
3552 3552 """
3553 3553 if raw:
3554 3554 refs = raw.split(':')
3555 3555 return Reference(*refs)
3556 3556 else:
3557 3557 return None
3558 3558
3559 3559 def reference_to_unicode(self, ref):
3560 3560 """
3561 3561 Convert a reference object to unicode.
3562 3562 If reference is None it returns None.
3563 3563 """
3564 3564 if ref:
3565 3565 return u':'.join(ref)
3566 3566 else:
3567 3567 return None
3568 3568
3569 3569 def get_api_data(self, with_merge_state=True):
3570 3570 from rhodecode.model.pull_request import PullRequestModel
3571 3571
3572 3572 pull_request = self
3573 3573 if with_merge_state:
3574 3574 merge_status = PullRequestModel().merge_status(pull_request)
3575 3575 merge_state = {
3576 3576 'status': merge_status[0],
3577 3577 'message': safe_unicode(merge_status[1]),
3578 3578 }
3579 3579 else:
3580 3580 merge_state = {'status': 'not_available',
3581 3581 'message': 'not_available'}
3582 3582
3583 3583 merge_data = {
3584 3584 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
3585 3585 'reference': (
3586 3586 pull_request.shadow_merge_ref._asdict()
3587 3587 if pull_request.shadow_merge_ref else None),
3588 3588 }
3589 3589
3590 3590 data = {
3591 3591 'pull_request_id': pull_request.pull_request_id,
3592 3592 'url': PullRequestModel().get_url(pull_request),
3593 3593 'title': pull_request.title,
3594 3594 'description': pull_request.description,
3595 3595 'status': pull_request.status,
3596 3596 'created_on': pull_request.created_on,
3597 3597 'updated_on': pull_request.updated_on,
3598 3598 'commit_ids': pull_request.revisions,
3599 3599 'review_status': pull_request.calculated_review_status(),
3600 3600 'mergeable': merge_state,
3601 3601 'source': {
3602 3602 'clone_url': pull_request.source_repo.clone_url(),
3603 3603 'repository': pull_request.source_repo.repo_name,
3604 3604 'reference': {
3605 3605 'name': pull_request.source_ref_parts.name,
3606 3606 'type': pull_request.source_ref_parts.type,
3607 3607 'commit_id': pull_request.source_ref_parts.commit_id,
3608 3608 },
3609 3609 },
3610 3610 'target': {
3611 3611 'clone_url': pull_request.target_repo.clone_url(),
3612 3612 'repository': pull_request.target_repo.repo_name,
3613 3613 'reference': {
3614 3614 'name': pull_request.target_ref_parts.name,
3615 3615 'type': pull_request.target_ref_parts.type,
3616 3616 'commit_id': pull_request.target_ref_parts.commit_id,
3617 3617 },
3618 3618 },
3619 3619 'merge': merge_data,
3620 3620 'author': pull_request.author.get_api_data(include_secrets=False,
3621 3621 details='basic'),
3622 3622 'reviewers': [
3623 3623 {
3624 3624 'user': reviewer.get_api_data(include_secrets=False,
3625 3625 details='basic'),
3626 3626 'reasons': reasons,
3627 3627 'review_status': st[0][1].status if st else 'not_reviewed',
3628 3628 }
3629 3629 for obj, reviewer, reasons, mandatory, st in
3630 3630 pull_request.reviewers_statuses()
3631 3631 ]
3632 3632 }
3633 3633
3634 3634 return data
3635 3635
3636 3636
3637 3637 class PullRequest(Base, _PullRequestBase):
3638 3638 __tablename__ = 'pull_requests'
3639 3639 __table_args__ = (
3640 3640 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3641 3641 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3642 3642 )
3643 3643
3644 3644 pull_request_id = Column(
3645 3645 'pull_request_id', Integer(), nullable=False, primary_key=True)
3646 3646
3647 3647 def __repr__(self):
3648 3648 if self.pull_request_id:
3649 3649 return '<DB:PullRequest #%s>' % self.pull_request_id
3650 3650 else:
3651 3651 return '<DB:PullRequest at %#x>' % id(self)
3652 3652
3653 3653 reviewers = relationship('PullRequestReviewers',
3654 3654 cascade="all, delete, delete-orphan")
3655 3655 statuses = relationship('ChangesetStatus',
3656 3656 cascade="all, delete, delete-orphan")
3657 3657 comments = relationship('ChangesetComment',
3658 3658 cascade="all, delete, delete-orphan")
3659 3659 versions = relationship('PullRequestVersion',
3660 3660 cascade="all, delete, delete-orphan",
3661 3661 lazy='dynamic')
3662 3662
3663 3663 @classmethod
3664 3664 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
3665 3665 internal_methods=None):
3666 3666
3667 3667 class PullRequestDisplay(object):
3668 3668 """
3669 3669 Special object wrapper for showing PullRequest data via Versions
3670 3670 It mimics PR object as close as possible. This is read only object
3671 3671 just for display
3672 3672 """
3673 3673
3674 3674 def __init__(self, attrs, internal=None):
3675 3675 self.attrs = attrs
3676 3676 # internal have priority over the given ones via attrs
3677 3677 self.internal = internal or ['versions']
3678 3678
3679 3679 def __getattr__(self, item):
3680 3680 if item in self.internal:
3681 3681 return getattr(self, item)
3682 3682 try:
3683 3683 return self.attrs[item]
3684 3684 except KeyError:
3685 3685 raise AttributeError(
3686 3686 '%s object has no attribute %s' % (self, item))
3687 3687
3688 3688 def __repr__(self):
3689 3689 return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
3690 3690
3691 3691 def versions(self):
3692 3692 return pull_request_obj.versions.order_by(
3693 3693 PullRequestVersion.pull_request_version_id).all()
3694 3694
3695 3695 def is_closed(self):
3696 3696 return pull_request_obj.is_closed()
3697 3697
3698 3698 @property
3699 3699 def pull_request_version_id(self):
3700 3700 return getattr(pull_request_obj, 'pull_request_version_id', None)
3701 3701
3702 3702 attrs = StrictAttributeDict(pull_request_obj.get_api_data())
3703 3703
3704 3704 attrs.author = StrictAttributeDict(
3705 3705 pull_request_obj.author.get_api_data())
3706 3706 if pull_request_obj.target_repo:
3707 3707 attrs.target_repo = StrictAttributeDict(
3708 3708 pull_request_obj.target_repo.get_api_data())
3709 3709 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
3710 3710
3711 3711 if pull_request_obj.source_repo:
3712 3712 attrs.source_repo = StrictAttributeDict(
3713 3713 pull_request_obj.source_repo.get_api_data())
3714 3714 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
3715 3715
3716 3716 attrs.source_ref_parts = pull_request_obj.source_ref_parts
3717 3717 attrs.target_ref_parts = pull_request_obj.target_ref_parts
3718 3718 attrs.revisions = pull_request_obj.revisions
3719 3719
3720 3720 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
3721 3721 attrs.reviewer_data = org_pull_request_obj.reviewer_data
3722 3722 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
3723 3723
3724 3724 return PullRequestDisplay(attrs, internal=internal_methods)
3725 3725
3726 3726 def is_closed(self):
3727 3727 return self.status == self.STATUS_CLOSED
3728 3728
3729 3729 def __json__(self):
3730 3730 return {
3731 3731 'revisions': self.revisions,
3732 3732 }
3733 3733
3734 3734 def calculated_review_status(self):
3735 3735 from rhodecode.model.changeset_status import ChangesetStatusModel
3736 3736 return ChangesetStatusModel().calculated_review_status(self)
3737 3737
3738 3738 def reviewers_statuses(self):
3739 3739 from rhodecode.model.changeset_status import ChangesetStatusModel
3740 3740 return ChangesetStatusModel().reviewers_statuses(self)
3741 3741
3742 3742 @property
3743 3743 def workspace_id(self):
3744 3744 from rhodecode.model.pull_request import PullRequestModel
3745 3745 return PullRequestModel()._workspace_id(self)
3746 3746
3747 3747 def get_shadow_repo(self):
3748 3748 workspace_id = self.workspace_id
3749 3749 vcs_obj = self.target_repo.scm_instance()
3750 3750 shadow_repository_path = vcs_obj._get_shadow_repository_path(
3751 3751 workspace_id)
3752 3752 return vcs_obj.get_shadow_instance(shadow_repository_path)
3753 3753
3754 3754
3755 3755 class PullRequestVersion(Base, _PullRequestBase):
3756 3756 __tablename__ = 'pull_request_versions'
3757 3757 __table_args__ = (
3758 3758 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3759 3759 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3760 3760 )
3761 3761
3762 3762 pull_request_version_id = Column(
3763 3763 'pull_request_version_id', Integer(), nullable=False, primary_key=True)
3764 3764 pull_request_id = Column(
3765 3765 'pull_request_id', Integer(),
3766 3766 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3767 3767 pull_request = relationship('PullRequest')
3768 3768
3769 3769 def __repr__(self):
3770 3770 if self.pull_request_version_id:
3771 3771 return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
3772 3772 else:
3773 3773 return '<DB:PullRequestVersion at %#x>' % id(self)
3774 3774
3775 3775 @property
3776 3776 def reviewers(self):
3777 3777 return self.pull_request.reviewers
3778 3778
3779 3779 @property
3780 3780 def versions(self):
3781 3781 return self.pull_request.versions
3782 3782
3783 3783 def is_closed(self):
3784 3784 # calculate from original
3785 3785 return self.pull_request.status == self.STATUS_CLOSED
3786 3786
3787 3787 def calculated_review_status(self):
3788 3788 return self.pull_request.calculated_review_status()
3789 3789
3790 3790 def reviewers_statuses(self):
3791 3791 return self.pull_request.reviewers_statuses()
3792 3792
3793 3793
3794 3794 class PullRequestReviewers(Base, BaseModel):
3795 3795 __tablename__ = 'pull_request_reviewers'
3796 3796 __table_args__ = (
3797 3797 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3798 3798 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3799 3799 )
3800 3800
3801 3801 @hybrid_property
3802 3802 def reasons(self):
3803 3803 if not self._reasons:
3804 3804 return []
3805 3805 return self._reasons
3806 3806
3807 3807 @reasons.setter
3808 3808 def reasons(self, val):
3809 3809 val = val or []
3810 3810 if any(not isinstance(x, str) for x in val):
3811 3811 raise Exception('invalid reasons type, must be list of strings')
3812 3812 self._reasons = val
3813 3813
3814 3814 pull_requests_reviewers_id = Column(
3815 3815 'pull_requests_reviewers_id', Integer(), nullable=False,
3816 3816 primary_key=True)
3817 3817 pull_request_id = Column(
3818 3818 "pull_request_id", Integer(),
3819 3819 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3820 3820 user_id = Column(
3821 3821 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
3822 3822 _reasons = Column(
3823 3823 'reason', MutationList.as_mutable(
3824 3824 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
3825 3825
3826 3826 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
3827 3827 user = relationship('User')
3828 3828 pull_request = relationship('PullRequest')
3829 3829
3830 3830 rule_data = Column(
3831 3831 'rule_data_json',
3832 3832 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
3833 3833
3834 3834 def rule_user_group_data(self):
3835 3835 """
3836 3836 Returns the voting user group rule data for this reviewer
3837 3837 """
3838 3838
3839 3839 if self.rule_data and 'vote_rule' in self.rule_data:
3840 3840 user_group_data = {}
3841 3841 if 'rule_user_group_entry_id' in self.rule_data:
3842 3842 # means a group with voting rules !
3843 3843 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
3844 3844 user_group_data['name'] = self.rule_data['rule_name']
3845 3845 user_group_data['vote_rule'] = self.rule_data['vote_rule']
3846 3846
3847 3847 return user_group_data
3848 3848
3849 3849 def __unicode__(self):
3850 3850 return u"<%s('id:%s')>" % (self.__class__.__name__,
3851 3851 self.pull_requests_reviewers_id)
3852 3852
3853 3853
3854 3854 class Notification(Base, BaseModel):
3855 3855 __tablename__ = 'notifications'
3856 3856 __table_args__ = (
3857 3857 Index('notification_type_idx', 'type'),
3858 3858 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3859 3859 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3860 3860 )
3861 3861
3862 3862 TYPE_CHANGESET_COMMENT = u'cs_comment'
3863 3863 TYPE_MESSAGE = u'message'
3864 3864 TYPE_MENTION = u'mention'
3865 3865 TYPE_REGISTRATION = u'registration'
3866 3866 TYPE_PULL_REQUEST = u'pull_request'
3867 3867 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
3868 3868
3869 3869 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
3870 3870 subject = Column('subject', Unicode(512), nullable=True)
3871 3871 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
3872 3872 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
3873 3873 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3874 3874 type_ = Column('type', Unicode(255))
3875 3875
3876 3876 created_by_user = relationship('User')
3877 3877 notifications_to_users = relationship('UserNotification', lazy='joined',
3878 3878 cascade="all, delete, delete-orphan")
3879 3879
3880 3880 @property
3881 3881 def recipients(self):
3882 3882 return [x.user for x in UserNotification.query()\
3883 3883 .filter(UserNotification.notification == self)\
3884 3884 .order_by(UserNotification.user_id.asc()).all()]
3885 3885
3886 3886 @classmethod
3887 3887 def create(cls, created_by, subject, body, recipients, type_=None):
3888 3888 if type_ is None:
3889 3889 type_ = Notification.TYPE_MESSAGE
3890 3890
3891 3891 notification = cls()
3892 3892 notification.created_by_user = created_by
3893 3893 notification.subject = subject
3894 3894 notification.body = body
3895 3895 notification.type_ = type_
3896 3896 notification.created_on = datetime.datetime.now()
3897 3897
3898 3898 for u in recipients:
3899 3899 assoc = UserNotification()
3900 3900 assoc.notification = notification
3901 3901
3902 3902 # if created_by is inside recipients mark his notification
3903 3903 # as read
3904 3904 if u.user_id == created_by.user_id:
3905 3905 assoc.read = True
3906 3906
3907 3907 u.notifications.append(assoc)
3908 3908 Session().add(notification)
3909 3909
3910 3910 return notification
3911 3911
3912 3912
3913 3913 class UserNotification(Base, BaseModel):
3914 3914 __tablename__ = 'user_to_notification'
3915 3915 __table_args__ = (
3916 3916 UniqueConstraint('user_id', 'notification_id'),
3917 3917 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3918 3918 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3919 3919 )
3920 3920 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
3921 3921 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
3922 3922 read = Column('read', Boolean, default=False)
3923 3923 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
3924 3924
3925 3925 user = relationship('User', lazy="joined")
3926 3926 notification = relationship('Notification', lazy="joined",
3927 3927 order_by=lambda: Notification.created_on.desc(),)
3928 3928
3929 3929 def mark_as_read(self):
3930 3930 self.read = True
3931 3931 Session().add(self)
3932 3932
3933 3933
3934 3934 class Gist(Base, BaseModel):
3935 3935 __tablename__ = 'gists'
3936 3936 __table_args__ = (
3937 3937 Index('g_gist_access_id_idx', 'gist_access_id'),
3938 3938 Index('g_created_on_idx', 'created_on'),
3939 3939 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3940 3940 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3941 3941 )
3942 3942 GIST_PUBLIC = u'public'
3943 3943 GIST_PRIVATE = u'private'
3944 3944 DEFAULT_FILENAME = u'gistfile1.txt'
3945 3945
3946 3946 ACL_LEVEL_PUBLIC = u'acl_public'
3947 3947 ACL_LEVEL_PRIVATE = u'acl_private'
3948 3948
3949 3949 gist_id = Column('gist_id', Integer(), primary_key=True)
3950 3950 gist_access_id = Column('gist_access_id', Unicode(250))
3951 3951 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
3952 3952 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
3953 3953 gist_expires = Column('gist_expires', Float(53), nullable=False)
3954 3954 gist_type = Column('gist_type', Unicode(128), nullable=False)
3955 3955 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3956 3956 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3957 3957 acl_level = Column('acl_level', Unicode(128), nullable=True)
3958 3958
3959 3959 owner = relationship('User')
3960 3960
3961 3961 def __repr__(self):
3962 3962 return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
3963 3963
3964 3964 @hybrid_property
3965 3965 def description_safe(self):
3966 3966 from rhodecode.lib import helpers as h
3967 3967 return h.escape(self.gist_description)
3968 3968
3969 3969 @classmethod
3970 3970 def get_or_404(cls, id_):
3971 3971 from pyramid.httpexceptions import HTTPNotFound
3972 3972
3973 3973 res = cls.query().filter(cls.gist_access_id == id_).scalar()
3974 3974 if not res:
3975 3975 raise HTTPNotFound()
3976 3976 return res
3977 3977
3978 3978 @classmethod
3979 3979 def get_by_access_id(cls, gist_access_id):
3980 3980 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
3981 3981
3982 3982 def gist_url(self):
3983 3983 from rhodecode.model.gist import GistModel
3984 3984 return GistModel().get_url(self)
3985 3985
3986 3986 @classmethod
3987 3987 def base_path(cls):
3988 3988 """
3989 3989 Returns base path when all gists are stored
3990 3990
3991 3991 :param cls:
3992 3992 """
3993 3993 from rhodecode.model.gist import GIST_STORE_LOC
3994 3994 q = Session().query(RhodeCodeUi)\
3995 3995 .filter(RhodeCodeUi.ui_key == URL_SEP)
3996 3996 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
3997 3997 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
3998 3998
3999 3999 def get_api_data(self):
4000 4000 """
4001 4001 Common function for generating gist related data for API
4002 4002 """
4003 4003 gist = self
4004 4004 data = {
4005 4005 'gist_id': gist.gist_id,
4006 4006 'type': gist.gist_type,
4007 4007 'access_id': gist.gist_access_id,
4008 4008 'description': gist.gist_description,
4009 4009 'url': gist.gist_url(),
4010 4010 'expires': gist.gist_expires,
4011 4011 'created_on': gist.created_on,
4012 4012 'modified_at': gist.modified_at,
4013 4013 'content': None,
4014 4014 'acl_level': gist.acl_level,
4015 4015 }
4016 4016 return data
4017 4017
4018 4018 def __json__(self):
4019 4019 data = dict(
4020 4020 )
4021 4021 data.update(self.get_api_data())
4022 4022 return data
4023 4023 # SCM functions
4024 4024
4025 4025 def scm_instance(self, **kwargs):
4026 4026 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
4027 4027 return get_vcs_instance(
4028 4028 repo_path=safe_str(full_repo_path), create=False)
4029 4029
4030 4030
4031 4031 class ExternalIdentity(Base, BaseModel):
4032 4032 __tablename__ = 'external_identities'
4033 4033 __table_args__ = (
4034 4034 Index('local_user_id_idx', 'local_user_id'),
4035 4035 Index('external_id_idx', 'external_id'),
4036 4036 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4037 4037 'mysql_charset': 'utf8'})
4038 4038
4039 4039 external_id = Column('external_id', Unicode(255), default=u'',
4040 4040 primary_key=True)
4041 4041 external_username = Column('external_username', Unicode(1024), default=u'')
4042 4042 local_user_id = Column('local_user_id', Integer(),
4043 4043 ForeignKey('users.user_id'), primary_key=True)
4044 4044 provider_name = Column('provider_name', Unicode(255), default=u'',
4045 4045 primary_key=True)
4046 4046 access_token = Column('access_token', String(1024), default=u'')
4047 4047 alt_token = Column('alt_token', String(1024), default=u'')
4048 4048 token_secret = Column('token_secret', String(1024), default=u'')
4049 4049
4050 4050 @classmethod
4051 4051 def by_external_id_and_provider(cls, external_id, provider_name,
4052 4052 local_user_id=None):
4053 4053 """
4054 4054 Returns ExternalIdentity instance based on search params
4055 4055
4056 4056 :param external_id:
4057 4057 :param provider_name:
4058 4058 :return: ExternalIdentity
4059 4059 """
4060 4060 query = cls.query()
4061 4061 query = query.filter(cls.external_id == external_id)
4062 4062 query = query.filter(cls.provider_name == provider_name)
4063 4063 if local_user_id:
4064 4064 query = query.filter(cls.local_user_id == local_user_id)
4065 4065 return query.first()
4066 4066
4067 4067 @classmethod
4068 4068 def user_by_external_id_and_provider(cls, external_id, provider_name):
4069 4069 """
4070 4070 Returns User instance based on search params
4071 4071
4072 4072 :param external_id:
4073 4073 :param provider_name:
4074 4074 :return: User
4075 4075 """
4076 4076 query = User.query()
4077 4077 query = query.filter(cls.external_id == external_id)
4078 4078 query = query.filter(cls.provider_name == provider_name)
4079 4079 query = query.filter(User.user_id == cls.local_user_id)
4080 4080 return query.first()
4081 4081
4082 4082 @classmethod
4083 4083 def by_local_user_id(cls, local_user_id):
4084 4084 """
4085 4085 Returns all tokens for user
4086 4086
4087 4087 :param local_user_id:
4088 4088 :return: ExternalIdentity
4089 4089 """
4090 4090 query = cls.query()
4091 4091 query = query.filter(cls.local_user_id == local_user_id)
4092 4092 return query
4093 4093
4094 4094
4095 4095 class Integration(Base, BaseModel):
4096 4096 __tablename__ = 'integrations'
4097 4097 __table_args__ = (
4098 4098 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4099 4099 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
4100 4100 )
4101 4101
4102 4102 integration_id = Column('integration_id', Integer(), primary_key=True)
4103 4103 integration_type = Column('integration_type', String(255))
4104 4104 enabled = Column('enabled', Boolean(), nullable=False)
4105 4105 name = Column('name', String(255), nullable=False)
4106 4106 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
4107 4107 default=False)
4108 4108
4109 4109 settings = Column(
4110 4110 'settings_json', MutationObj.as_mutable(
4111 4111 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4112 4112 repo_id = Column(
4113 4113 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
4114 4114 nullable=True, unique=None, default=None)
4115 4115 repo = relationship('Repository', lazy='joined')
4116 4116
4117 4117 repo_group_id = Column(
4118 4118 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
4119 4119 nullable=True, unique=None, default=None)
4120 4120 repo_group = relationship('RepoGroup', lazy='joined')
4121 4121
4122 4122 @property
4123 4123 def scope(self):
4124 4124 if self.repo:
4125 4125 return repr(self.repo)
4126 4126 if self.repo_group:
4127 4127 if self.child_repos_only:
4128 4128 return repr(self.repo_group) + ' (child repos only)'
4129 4129 else:
4130 4130 return repr(self.repo_group) + ' (recursive)'
4131 4131 if self.child_repos_only:
4132 4132 return 'root_repos'
4133 4133 return 'global'
4134 4134
4135 4135 def __repr__(self):
4136 4136 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
4137 4137
4138 4138
4139 4139 class RepoReviewRuleUser(Base, BaseModel):
4140 4140 __tablename__ = 'repo_review_rules_users'
4141 4141 __table_args__ = (
4142 4142 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4143 4143 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4144 4144 )
4145 4145
4146 4146 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
4147 4147 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4148 4148 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
4149 4149 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4150 4150 user = relationship('User')
4151 4151
4152 4152 def rule_data(self):
4153 4153 return {
4154 4154 'mandatory': self.mandatory
4155 4155 }
4156 4156
4157 4157
4158 4158 class RepoReviewRuleUserGroup(Base, BaseModel):
4159 4159 __tablename__ = 'repo_review_rules_users_groups'
4160 4160 __table_args__ = (
4161 4161 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4162 4162 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4163 4163 )
4164 4164 VOTE_RULE_ALL = -1
4165 4165
4166 4166 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
4167 4167 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4168 4168 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
4169 4169 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4170 4170 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
4171 4171 users_group = relationship('UserGroup')
4172 4172
4173 4173 def rule_data(self):
4174 4174 return {
4175 4175 'mandatory': self.mandatory,
4176 4176 'vote_rule': self.vote_rule
4177 4177 }
4178 4178
4179 4179 @property
4180 4180 def vote_rule_label(self):
4181 4181 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
4182 4182 return 'all must vote'
4183 4183 else:
4184 4184 return 'min. vote {}'.format(self.vote_rule)
4185 4185
4186 4186
4187 4187 class RepoReviewRule(Base, BaseModel):
4188 4188 __tablename__ = 'repo_review_rules'
4189 4189 __table_args__ = (
4190 4190 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4191 4191 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4192 4192 )
4193 4193
4194 4194 repo_review_rule_id = Column(
4195 4195 'repo_review_rule_id', Integer(), primary_key=True)
4196 4196 repo_id = Column(
4197 4197 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
4198 4198 repo = relationship('Repository', backref='review_rules')
4199 4199
4200 4200 review_rule_name = Column('review_rule_name', String(255))
4201 4201 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4202 4202 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4203 4203 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4204 4204
4205 4205 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
4206 4206 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
4207 4207 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
4208 4208 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
4209 4209
4210 4210 rule_users = relationship('RepoReviewRuleUser')
4211 4211 rule_user_groups = relationship('RepoReviewRuleUserGroup')
4212 4212
4213 4213 def _validate_glob(self, value):
4214 4214 re.compile('^' + glob2re(value) + '$')
4215 4215
4216 4216 @hybrid_property
4217 4217 def source_branch_pattern(self):
4218 4218 return self._branch_pattern or '*'
4219 4219
4220 4220 @source_branch_pattern.setter
4221 4221 def source_branch_pattern(self, value):
4222 4222 self._validate_glob(value)
4223 4223 self._branch_pattern = value or '*'
4224 4224
4225 4225 @hybrid_property
4226 4226 def target_branch_pattern(self):
4227 4227 return self._target_branch_pattern or '*'
4228 4228
4229 4229 @target_branch_pattern.setter
4230 4230 def target_branch_pattern(self, value):
4231 4231 self._validate_glob(value)
4232 4232 self._target_branch_pattern = value or '*'
4233 4233
4234 4234 @hybrid_property
4235 4235 def file_pattern(self):
4236 4236 return self._file_pattern or '*'
4237 4237
4238 4238 @file_pattern.setter
4239 4239 def file_pattern(self, value):
4240 4240 self._validate_glob(value)
4241 4241 self._file_pattern = value or '*'
4242 4242
4243 4243 def matches(self, source_branch, target_branch, files_changed):
4244 4244 """
4245 4245 Check if this review rule matches a branch/files in a pull request
4246 4246
4247 4247 :param source_branch: source branch name for the commit
4248 4248 :param target_branch: target branch name for the commit
4249 4249 :param files_changed: list of file paths changed in the pull request
4250 4250 """
4251 4251
4252 4252 source_branch = source_branch or ''
4253 4253 target_branch = target_branch or ''
4254 4254 files_changed = files_changed or []
4255 4255
4256 4256 branch_matches = True
4257 4257 if source_branch or target_branch:
4258 4258 if self.source_branch_pattern == '*':
4259 4259 source_branch_match = True
4260 4260 else:
4261 4261 source_branch_regex = re.compile(
4262 4262 '^' + glob2re(self.source_branch_pattern) + '$')
4263 4263 source_branch_match = bool(source_branch_regex.search(source_branch))
4264 4264 if self.target_branch_pattern == '*':
4265 4265 target_branch_match = True
4266 4266 else:
4267 4267 target_branch_regex = re.compile(
4268 4268 '^' + glob2re(self.target_branch_pattern) + '$')
4269 4269 target_branch_match = bool(target_branch_regex.search(target_branch))
4270 4270
4271 4271 branch_matches = source_branch_match and target_branch_match
4272 4272
4273 4273 files_matches = True
4274 4274 if self.file_pattern != '*':
4275 4275 files_matches = False
4276 4276 file_regex = re.compile(glob2re(self.file_pattern))
4277 4277 for filename in files_changed:
4278 4278 if file_regex.search(filename):
4279 4279 files_matches = True
4280 4280 break
4281 4281
4282 4282 return branch_matches and files_matches
4283 4283
4284 4284 @property
4285 4285 def review_users(self):
4286 4286 """ Returns the users which this rule applies to """
4287 4287
4288 4288 users = collections.OrderedDict()
4289 4289
4290 4290 for rule_user in self.rule_users:
4291 4291 if rule_user.user.active:
4292 4292 if rule_user.user not in users:
4293 4293 users[rule_user.user.username] = {
4294 4294 'user': rule_user.user,
4295 4295 'source': 'user',
4296 4296 'source_data': {},
4297 4297 'data': rule_user.rule_data()
4298 4298 }
4299 4299
4300 4300 for rule_user_group in self.rule_user_groups:
4301 4301 source_data = {
4302 4302 'user_group_id': rule_user_group.users_group.users_group_id,
4303 4303 'name': rule_user_group.users_group.users_group_name,
4304 4304 'members': len(rule_user_group.users_group.members)
4305 4305 }
4306 4306 for member in rule_user_group.users_group.members:
4307 4307 if member.user.active:
4308 4308 key = member.user.username
4309 4309 if key in users:
4310 4310 # skip this member as we have him already
4311 4311 # this prevents from override the "first" matched
4312 4312 # users with duplicates in multiple groups
4313 4313 continue
4314 4314
4315 4315 users[key] = {
4316 4316 'user': member.user,
4317 4317 'source': 'user_group',
4318 4318 'source_data': source_data,
4319 4319 'data': rule_user_group.rule_data()
4320 4320 }
4321 4321
4322 4322 return users
4323 4323
4324 4324 def user_group_vote_rule(self):
4325 4325 rules = []
4326 4326 if self.rule_user_groups:
4327 4327 for user_group in self.rule_user_groups:
4328 4328 rules.append(user_group)
4329 4329 return rules
4330 4330
4331 4331 def __repr__(self):
4332 4332 return '<RepoReviewerRule(id=%r, repo=%r)>' % (
4333 4333 self.repo_review_rule_id, self.repo)
4334 4334
4335 4335
4336 4336 class ScheduleEntry(Base, BaseModel):
4337 4337 __tablename__ = 'schedule_entries'
4338 4338 __table_args__ = (
4339 4339 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
4340 4340 UniqueConstraint('task_uid', name='s_task_uid_idx'),
4341 4341 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4342 4342 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
4343 4343 )
4344 4344 schedule_types = ['crontab', 'timedelta', 'integer']
4345 4345 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
4346 4346
4347 4347 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
4348 4348 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
4349 4349 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
4350 4350
4351 4351 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
4352 4352 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
4353 4353
4354 4354 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
4355 4355 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
4356 4356
4357 4357 # task
4358 4358 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
4359 4359 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
4360 4360 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
4361 4361 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
4362 4362
4363 4363 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4364 4364 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
4365 4365
4366 4366 @hybrid_property
4367 4367 def schedule_type(self):
4368 4368 return self._schedule_type
4369 4369
4370 4370 @schedule_type.setter
4371 4371 def schedule_type(self, val):
4372 4372 if val not in self.schedule_types:
4373 4373 raise ValueError('Value must be on of `{}` and got `{}`'.format(
4374 4374 val, self.schedule_type))
4375 4375
4376 4376 self._schedule_type = val
4377 4377
4378 4378 @classmethod
4379 4379 def get_uid(cls, obj):
4380 4380 args = obj.task_args
4381 4381 kwargs = obj.task_kwargs
4382 4382 if isinstance(args, JsonRaw):
4383 4383 try:
4384 4384 args = json.loads(args)
4385 4385 except ValueError:
4386 4386 args = tuple()
4387 4387
4388 4388 if isinstance(kwargs, JsonRaw):
4389 4389 try:
4390 4390 kwargs = json.loads(kwargs)
4391 4391 except ValueError:
4392 4392 kwargs = dict()
4393 4393
4394 4394 dot_notation = obj.task_dot_notation
4395 4395 val = '.'.join(map(safe_str, [
4396 4396 sorted(dot_notation), args, sorted(kwargs.items())]))
4397 4397 return hashlib.sha1(val).hexdigest()
4398 4398
4399 4399 @classmethod
4400 4400 def get_by_schedule_name(cls, schedule_name):
4401 4401 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
4402 4402
4403 4403 @classmethod
4404 4404 def get_by_schedule_id(cls, schedule_id):
4405 4405 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
4406 4406
4407 4407 @property
4408 4408 def task(self):
4409 4409 return self.task_dot_notation
4410 4410
4411 4411 @property
4412 4412 def schedule(self):
4413 4413 from rhodecode.lib.celerylib.utils import raw_2_schedule
4414 4414 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
4415 4415 return schedule
4416 4416
4417 4417 @property
4418 4418 def args(self):
4419 4419 try:
4420 4420 return list(self.task_args or [])
4421 4421 except ValueError:
4422 4422 return list()
4423 4423
4424 4424 @property
4425 4425 def kwargs(self):
4426 4426 try:
4427 4427 return dict(self.task_kwargs or {})
4428 4428 except ValueError:
4429 4429 return dict()
4430 4430
4431 4431 def _as_raw(self, val):
4432 4432 if hasattr(val, 'de_coerce'):
4433 4433 val = val.de_coerce()
4434 4434 if val:
4435 4435 val = json.dumps(val)
4436 4436
4437 4437 return val
4438 4438
4439 4439 @property
4440 4440 def schedule_definition_raw(self):
4441 4441 return self._as_raw(self.schedule_definition)
4442 4442
4443 4443 @property
4444 4444 def args_raw(self):
4445 4445 return self._as_raw(self.task_args)
4446 4446
4447 4447 @property
4448 4448 def kwargs_raw(self):
4449 4449 return self._as_raw(self.task_kwargs)
4450 4450
4451 4451 def __repr__(self):
4452 4452 return '<DB:ScheduleEntry({}:{})>'.format(
4453 4453 self.schedule_entry_id, self.schedule_name)
4454 4454
4455 4455
4456 4456 @event.listens_for(ScheduleEntry, 'before_update')
4457 4457 def update_task_uid(mapper, connection, target):
4458 4458 target.task_uid = ScheduleEntry.get_uid(target)
4459 4459
4460 4460
4461 4461 @event.listens_for(ScheduleEntry, 'before_insert')
4462 4462 def set_task_uid(mapper, connection, target):
4463 4463 target.task_uid = ScheduleEntry.get_uid(target)
4464 4464
4465 4465
4466 4466 class _BaseBranchPerms(BaseModel):
4467 4467 @classmethod
4468 4468 def compute_hash(cls, value):
4469 4469 return md5_safe(value)
4470 4470
4471 4471 @hybrid_property
4472 4472 def branch_pattern(self):
4473 4473 return self._branch_pattern or '*'
4474 4474
4475 4475 @hybrid_property
4476 4476 def branch_hash(self):
4477 4477 return self._branch_hash
4478 4478
4479 4479 def _validate_glob(self, value):
4480 4480 re.compile('^' + glob2re(value) + '$')
4481 4481
4482 4482 @branch_pattern.setter
4483 4483 def branch_pattern(self, value):
4484 4484 self._validate_glob(value)
4485 4485 self._branch_pattern = value or '*'
4486 4486 # set the Hash when setting the branch pattern
4487 4487 self._branch_hash = self.compute_hash(self._branch_pattern)
4488 4488
4489 4489 def matches(self, branch):
4490 4490 """
4491 4491 Check if this the branch matches entry
4492 4492
4493 4493 :param branch: branch name for the commit
4494 4494 """
4495 4495
4496 4496 branch = branch or ''
4497 4497
4498 4498 branch_matches = True
4499 4499 if branch:
4500 4500 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
4501 4501 branch_matches = bool(branch_regex.search(branch))
4502 4502
4503 4503 return branch_matches
4504 4504
4505 4505
4506 4506 class UserToRepoBranchPermission(Base, _BaseBranchPerms):
4507 4507 __tablename__ = 'user_to_repo_branch_permissions'
4508 4508 __table_args__ = (
4509 4509 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4510 4510 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4511 4511 )
4512 4512
4513 4513 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
4514 4514
4515 4515 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
4516 4516 repo = relationship('Repository', backref='user_branch_perms')
4517 4517
4518 4518 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
4519 4519 permission = relationship('Permission')
4520 4520
4521 4521 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
4522 4522 user_repo_to_perm = relationship('UserRepoToPerm')
4523 4523
4524 4524 rule_order = Column('rule_order', Integer(), nullable=False)
4525 4525 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
4526 4526 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
4527 4527
4528 4528 def __unicode__(self):
4529 4529 return u'<UserBranchPermission(%s => %r)>' % (
4530 4530 self.user_repo_to_perm, self.branch_pattern)
4531 4531
4532 4532
4533 4533 class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
4534 4534 __tablename__ = 'user_group_to_repo_branch_permissions'
4535 4535 __table_args__ = (
4536 4536 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4537 4537 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4538 4538 )
4539 4539
4540 4540 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
4541 4541
4542 4542 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
4543 4543 repo = relationship('Repository', backref='user_group_branch_perms')
4544 4544
4545 4545 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
4546 4546 permission = relationship('Permission')
4547 4547
4548 4548 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
4549 4549 user_group_repo_to_perm = relationship('UserGroupRepoToPerm')
4550 4550
4551 4551 rule_order = Column('rule_order', Integer(), nullable=False)
4552 4552 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
4553 4553 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
4554 4554
4555 4555 def __unicode__(self):
4556 4556 return u'<UserBranchPermission(%s => %r)>' % (
4557 4557 self.user_group_repo_to_perm, self.branch_pattern)
4558 4558
4559 4559
4560 4560 class DbMigrateVersion(Base, BaseModel):
4561 4561 __tablename__ = 'db_migrate_version'
4562 4562 __table_args__ = (
4563 4563 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4564 4564 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
4565 4565 )
4566 4566 repository_id = Column('repository_id', String(250), primary_key=True)
4567 4567 repository_path = Column('repository_path', Text)
4568 4568 version = Column('version', Integer)
4569 4569
4570 4570
4571 4571 class DbSession(Base, BaseModel):
4572 4572 __tablename__ = 'db_session'
4573 4573 __table_args__ = (
4574 4574 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4575 4575 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
4576 4576 )
4577 4577
4578 4578 def __repr__(self):
4579 4579 return '<DB:DbSession({})>'.format(self.id)
4580 4580
4581 4581 id = Column('id', Integer())
4582 4582 namespace = Column('namespace', String(255), primary_key=True)
4583 4583 accessed = Column('accessed', DateTime, nullable=False)
4584 4584 created = Column('created', DateTime, nullable=False)
4585 4585 data = Column('data', PickleType, nullable=False)
Show file before | Show file after | Hide comments
@@ -1,4757 +1,4757 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2020 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 Database Models for RhodeCode Enterprise
23 23 """
24 24
25 25 import re
26 26 import os
27 27 import time
28 28 import hashlib
29 29 import logging
30 30 import datetime
31 31 import warnings
32 32 import ipaddress
33 33 import functools
34 34 import traceback
35 35 import collections
36 36
37 37 from sqlalchemy import (
38 38 or_, and_, not_, func, TypeDecorator, event,
39 39 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
40 40 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
41 41 Text, Float, PickleType)
42 42 from sqlalchemy.sql.expression import true, false
43 43 from sqlalchemy.sql.functions import coalesce, count # pragma: no cover
44 44 from sqlalchemy.orm import (
45 45 relationship, joinedload, class_mapper, validates, aliased)
46 46 from sqlalchemy.ext.declarative import declared_attr
47 47 from sqlalchemy.ext.hybrid import hybrid_property
48 48 from sqlalchemy.exc import IntegrityError # pragma: no cover
49 49 from sqlalchemy.dialects.mysql import LONGTEXT
50 50 from zope.cachedescriptors.property import Lazy as LazyProperty
51 51 from pyramid.threadlocal import get_current_request
52 52
53 53 from rhodecode.translation import _
54 54 from rhodecode.lib.vcs import get_vcs_instance
55 55 from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
56 56 from rhodecode.lib.utils2 import (
57 57 str2bool, safe_str, get_commit_safe, safe_unicode, sha1_safe,
58 58 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
59 59 glob2re, StrictAttributeDict, cleaned_uri)
60 60 from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \
61 61 JsonRaw
62 62 from rhodecode.lib.ext_json import json
63 63 from rhodecode.lib.caching_query import FromCache
64 64 from rhodecode.lib.encrypt import AESCipher
65 65
66 66 from rhodecode.model.meta import Base, Session
67 67
68 68 URL_SEP = '/'
69 69 log = logging.getLogger(__name__)
70 70
71 71 # =============================================================================
72 72 # BASE CLASSES
73 73 # =============================================================================
74 74
75 75 # this is propagated from .ini file rhodecode.encrypted_values.secret or
76 76 # beaker.session.secret if first is not set.
77 77 # and initialized at environment.py
78 78 ENCRYPTION_KEY = None
79 79
80 80 # used to sort permissions by types, '#' used here is not allowed to be in
81 81 # usernames, and it's very early in sorted string.printable table.
82 82 PERMISSION_TYPE_SORT = {
83 83 'admin': '####',
84 84 'write': '###',
85 85 'read': '##',
86 86 'none': '#',
87 87 }
88 88
89 89
90 90 def display_user_sort(obj):
91 91 """
92 92 Sort function used to sort permissions in .permissions() function of
93 93 Repository, RepoGroup, UserGroup. Also it put the default user in front
94 94 of all other resources
95 95 """
96 96
97 97 if obj.username == User.DEFAULT_USER:
98 98 return '#####'
99 99 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
100 100 return prefix + obj.username
101 101
102 102
103 103 def display_user_group_sort(obj):
104 104 """
105 105 Sort function used to sort permissions in .permissions() function of
106 106 Repository, RepoGroup, UserGroup. Also it put the default user in front
107 107 of all other resources
108 108 """
109 109
110 110 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
111 111 return prefix + obj.users_group_name
112 112
113 113
114 114 def _hash_key(k):
115 115 return sha1_safe(k)
116 116
117 117
118 118 def in_filter_generator(qry, items, limit=500):
119 119 """
120 120 Splits IN() into multiple with OR
121 121 e.g.::
122 122 cnt = Repository.query().filter(
123 123 or_(
124 124 *in_filter_generator(Repository.repo_id, range(100000))
125 125 )).count()
126 126 """
127 127 if not items:
128 128 # empty list will cause empty query which might cause security issues
129 129 # this can lead to hidden unpleasant results
130 130 items = [-1]
131 131
132 132 parts = []
133 133 for chunk in range(0, len(items), limit):
134 134 parts.append(
135 135 qry.in_(items[chunk: chunk + limit])
136 136 )
137 137
138 138 return parts
139 139
140 140
141 141 base_table_args = {
142 142 'extend_existing': True,
143 143 'mysql_engine': 'InnoDB',
144 144 'mysql_charset': 'utf8',
145 145 'sqlite_autoincrement': True
146 146 }
147 147
148 148
149 149 class EncryptedTextValue(TypeDecorator):
150 150 """
151 151 Special column for encrypted long text data, use like::
152 152
153 153 value = Column("encrypted_value", EncryptedValue(), nullable=False)
154 154
155 155 This column is intelligent so if value is in unencrypted form it return
156 156 unencrypted form, but on save it always encrypts
157 157 """
158 158 impl = Text
159 159
160 160 def process_bind_param(self, value, dialect):
161 161 if not value:
162 162 return value
163 163 if value.startswith('enc$aes$') or value.startswith('enc$aes_hmac$'):
164 164 # protect against double encrypting if someone manually starts
165 165 # doing
166 166 raise ValueError('value needs to be in unencrypted format, ie. '
167 167 'not starting with enc$aes')
168 168 return 'enc$aes_hmac$%s' % AESCipher(
169 169 ENCRYPTION_KEY, hmac=True).encrypt(value)
170 170
171 171 def process_result_value(self, value, dialect):
172 172 import rhodecode
173 173
174 174 if not value:
175 175 return value
176 176
177 177 parts = value.split('$', 3)
178 178 if not len(parts) == 3:
179 179 # probably not encrypted values
180 180 return value
181 181 else:
182 182 if parts[0] != 'enc':
183 183 # parts ok but without our header ?
184 184 return value
185 185 enc_strict_mode = str2bool(rhodecode.CONFIG.get(
186 186 'rhodecode.encrypted_values.strict') or True)
187 187 # at that stage we know it's our encryption
188 188 if parts[1] == 'aes':
189 189 decrypted_data = AESCipher(ENCRYPTION_KEY).decrypt(parts[2])
190 190 elif parts[1] == 'aes_hmac':
191 191 decrypted_data = AESCipher(
192 192 ENCRYPTION_KEY, hmac=True,
193 193 strict_verification=enc_strict_mode).decrypt(parts[2])
194 194 else:
195 195 raise ValueError(
196 196 'Encryption type part is wrong, must be `aes` '
197 197 'or `aes_hmac`, got `%s` instead' % (parts[1]))
198 198 return decrypted_data
199 199
200 200
201 201 class BaseModel(object):
202 202 """
203 203 Base Model for all classes
204 204 """
205 205
206 206 @classmethod
207 207 def _get_keys(cls):
208 208 """return column names for this model """
209 209 return class_mapper(cls).c.keys()
210 210
211 211 def get_dict(self):
212 212 """
213 213 return dict with keys and values corresponding
214 214 to this model data """
215 215
216 216 d = {}
217 217 for k in self._get_keys():
218 218 d[k] = getattr(self, k)
219 219
220 220 # also use __json__() if present to get additional fields
221 221 _json_attr = getattr(self, '__json__', None)
222 222 if _json_attr:
223 223 # update with attributes from __json__
224 224 if callable(_json_attr):
225 225 _json_attr = _json_attr()
226 226 for k, val in _json_attr.items():
227 227 d[k] = val
228 228 return d
229 229
230 230 def get_appstruct(self):
231 231 """return list with keys and values tuples corresponding
232 232 to this model data """
233 233
234 234 lst = []
235 235 for k in self._get_keys():
236 236 lst.append((k, getattr(self, k),))
237 237 return lst
238 238
239 239 def populate_obj(self, populate_dict):
240 240 """populate model with data from given populate_dict"""
241 241
242 242 for k in self._get_keys():
243 243 if k in populate_dict:
244 244 setattr(self, k, populate_dict[k])
245 245
246 246 @classmethod
247 247 def query(cls):
248 248 return Session().query(cls)
249 249
250 250 @classmethod
251 251 def get(cls, id_):
252 252 if id_:
253 253 return cls.query().get(id_)
254 254
255 255 @classmethod
256 256 def get_or_404(cls, id_):
257 257 from pyramid.httpexceptions import HTTPNotFound
258 258
259 259 try:
260 260 id_ = int(id_)
261 261 except (TypeError, ValueError):
262 262 raise HTTPNotFound()
263 263
264 264 res = cls.query().get(id_)
265 265 if not res:
266 266 raise HTTPNotFound()
267 267 return res
268 268
269 269 @classmethod
270 270 def getAll(cls):
271 271 # deprecated and left for backward compatibility
272 272 return cls.get_all()
273 273
274 274 @classmethod
275 275 def get_all(cls):
276 276 return cls.query().all()
277 277
278 278 @classmethod
279 279 def delete(cls, id_):
280 280 obj = cls.query().get(id_)
281 281 Session().delete(obj)
282 282
283 283 @classmethod
284 284 def identity_cache(cls, session, attr_name, value):
285 285 exist_in_session = []
286 286 for (item_cls, pkey), instance in session.identity_map.items():
287 287 if cls == item_cls and getattr(instance, attr_name) == value:
288 288 exist_in_session.append(instance)
289 289 if exist_in_session:
290 290 if len(exist_in_session) == 1:
291 291 return exist_in_session[0]
292 292 log.exception(
293 293 'multiple objects with attr %s and '
294 294 'value %s found with same name: %r',
295 295 attr_name, value, exist_in_session)
296 296
297 297 def __repr__(self):
298 298 if hasattr(self, '__unicode__'):
299 299 # python repr needs to return str
300 300 try:
301 301 return safe_str(self.__unicode__())
302 302 except UnicodeDecodeError:
303 303 pass
304 304 return '<DB:%s>' % (self.__class__.__name__)
305 305
306 306
307 307 class RhodeCodeSetting(Base, BaseModel):
308 308 __tablename__ = 'rhodecode_settings'
309 309 __table_args__ = (
310 310 UniqueConstraint('app_settings_name'),
311 311 base_table_args
312 312 )
313 313
314 314 SETTINGS_TYPES = {
315 315 'str': safe_str,
316 316 'int': safe_int,
317 317 'unicode': safe_unicode,
318 318 'bool': str2bool,
319 319 'list': functools.partial(aslist, sep=',')
320 320 }
321 321 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
322 322 GLOBAL_CONF_KEY = 'app_settings'
323 323
324 324 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
325 325 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
326 326 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
327 327 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
328 328
329 329 def __init__(self, key='', val='', type='unicode'):
330 330 self.app_settings_name = key
331 331 self.app_settings_type = type
332 332 self.app_settings_value = val
333 333
334 334 @validates('_app_settings_value')
335 335 def validate_settings_value(self, key, val):
336 336 assert type(val) == unicode
337 337 return val
338 338
339 339 @hybrid_property
340 340 def app_settings_value(self):
341 341 v = self._app_settings_value
342 342 _type = self.app_settings_type
343 343 if _type:
344 344 _type = self.app_settings_type.split('.')[0]
345 345 # decode the encrypted value
346 346 if 'encrypted' in self.app_settings_type:
347 347 cipher = EncryptedTextValue()
348 348 v = safe_unicode(cipher.process_result_value(v, None))
349 349
350 350 converter = self.SETTINGS_TYPES.get(_type) or \
351 351 self.SETTINGS_TYPES['unicode']
352 352 return converter(v)
353 353
354 354 @app_settings_value.setter
355 355 def app_settings_value(self, val):
356 356 """
357 357 Setter that will always make sure we use unicode in app_settings_value
358 358
359 359 :param val:
360 360 """
361 361 val = safe_unicode(val)
362 362 # encode the encrypted value
363 363 if 'encrypted' in self.app_settings_type:
364 364 cipher = EncryptedTextValue()
365 365 val = safe_unicode(cipher.process_bind_param(val, None))
366 366 self._app_settings_value = val
367 367
368 368 @hybrid_property
369 369 def app_settings_type(self):
370 370 return self._app_settings_type
371 371
372 372 @app_settings_type.setter
373 373 def app_settings_type(self, val):
374 374 if val.split('.')[0] not in self.SETTINGS_TYPES:
375 375 raise Exception('type must be one of %s got %s'
376 376 % (self.SETTINGS_TYPES.keys(), val))
377 377 self._app_settings_type = val
378 378
379 379 @classmethod
380 380 def get_by_prefix(cls, prefix):
381 381 return RhodeCodeSetting.query()\
382 382 .filter(RhodeCodeSetting.app_settings_name.startswith(prefix))\
383 383 .all()
384 384
385 385 def __unicode__(self):
386 386 return u"<%s('%s:%s[%s]')>" % (
387 387 self.__class__.__name__,
388 388 self.app_settings_name, self.app_settings_value,
389 389 self.app_settings_type
390 390 )
391 391
392 392
393 393 class RhodeCodeUi(Base, BaseModel):
394 394 __tablename__ = 'rhodecode_ui'
395 395 __table_args__ = (
396 396 UniqueConstraint('ui_key'),
397 397 base_table_args
398 398 )
399 399
400 400 HOOK_REPO_SIZE = 'changegroup.repo_size'
401 401 # HG
402 402 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
403 403 HOOK_PULL = 'outgoing.pull_logger'
404 404 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
405 405 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
406 406 HOOK_PUSH = 'changegroup.push_logger'
407 407 HOOK_PUSH_KEY = 'pushkey.key_push'
408 408
409 409 # TODO: johbo: Unify way how hooks are configured for git and hg,
410 410 # git part is currently hardcoded.
411 411
412 412 # SVN PATTERNS
413 413 SVN_BRANCH_ID = 'vcs_svn_branch'
414 414 SVN_TAG_ID = 'vcs_svn_tag'
415 415
416 416 ui_id = Column(
417 417 "ui_id", Integer(), nullable=False, unique=True, default=None,
418 418 primary_key=True)
419 419 ui_section = Column(
420 420 "ui_section", String(255), nullable=True, unique=None, default=None)
421 421 ui_key = Column(
422 422 "ui_key", String(255), nullable=True, unique=None, default=None)
423 423 ui_value = Column(
424 424 "ui_value", String(255), nullable=True, unique=None, default=None)
425 425 ui_active = Column(
426 426 "ui_active", Boolean(), nullable=True, unique=None, default=True)
427 427
428 428 def __repr__(self):
429 429 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
430 430 self.ui_key, self.ui_value)
431 431
432 432
433 433 class RepoRhodeCodeSetting(Base, BaseModel):
434 434 __tablename__ = 'repo_rhodecode_settings'
435 435 __table_args__ = (
436 436 UniqueConstraint(
437 437 'app_settings_name', 'repository_id',
438 438 name='uq_repo_rhodecode_setting_name_repo_id'),
439 439 base_table_args
440 440 )
441 441
442 442 repository_id = Column(
443 443 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
444 444 nullable=False)
445 445 app_settings_id = Column(
446 446 "app_settings_id", Integer(), nullable=False, unique=True,
447 447 default=None, primary_key=True)
448 448 app_settings_name = Column(
449 449 "app_settings_name", String(255), nullable=True, unique=None,
450 450 default=None)
451 451 _app_settings_value = Column(
452 452 "app_settings_value", String(4096), nullable=True, unique=None,
453 453 default=None)
454 454 _app_settings_type = Column(
455 455 "app_settings_type", String(255), nullable=True, unique=None,
456 456 default=None)
457 457
458 458 repository = relationship('Repository')
459 459
460 460 def __init__(self, repository_id, key='', val='', type='unicode'):
461 461 self.repository_id = repository_id
462 462 self.app_settings_name = key
463 463 self.app_settings_type = type
464 464 self.app_settings_value = val
465 465
466 466 @validates('_app_settings_value')
467 467 def validate_settings_value(self, key, val):
468 468 assert type(val) == unicode
469 469 return val
470 470
471 471 @hybrid_property
472 472 def app_settings_value(self):
473 473 v = self._app_settings_value
474 474 type_ = self.app_settings_type
475 475 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
476 476 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
477 477 return converter(v)
478 478
479 479 @app_settings_value.setter
480 480 def app_settings_value(self, val):
481 481 """
482 482 Setter that will always make sure we use unicode in app_settings_value
483 483
484 484 :param val:
485 485 """
486 486 self._app_settings_value = safe_unicode(val)
487 487
488 488 @hybrid_property
489 489 def app_settings_type(self):
490 490 return self._app_settings_type
491 491
492 492 @app_settings_type.setter
493 493 def app_settings_type(self, val):
494 494 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
495 495 if val not in SETTINGS_TYPES:
496 496 raise Exception('type must be one of %s got %s'
497 497 % (SETTINGS_TYPES.keys(), val))
498 498 self._app_settings_type = val
499 499
500 500 def __unicode__(self):
501 501 return u"<%s('%s:%s:%s[%s]')>" % (
502 502 self.__class__.__name__, self.repository.repo_name,
503 503 self.app_settings_name, self.app_settings_value,
504 504 self.app_settings_type
505 505 )
506 506
507 507
508 508 class RepoRhodeCodeUi(Base, BaseModel):
509 509 __tablename__ = 'repo_rhodecode_ui'
510 510 __table_args__ = (
511 511 UniqueConstraint(
512 512 'repository_id', 'ui_section', 'ui_key',
513 513 name='uq_repo_rhodecode_ui_repository_id_section_key'),
514 514 base_table_args
515 515 )
516 516
517 517 repository_id = Column(
518 518 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
519 519 nullable=False)
520 520 ui_id = Column(
521 521 "ui_id", Integer(), nullable=False, unique=True, default=None,
522 522 primary_key=True)
523 523 ui_section = Column(
524 524 "ui_section", String(255), nullable=True, unique=None, default=None)
525 525 ui_key = Column(
526 526 "ui_key", String(255), nullable=True, unique=None, default=None)
527 527 ui_value = Column(
528 528 "ui_value", String(255), nullable=True, unique=None, default=None)
529 529 ui_active = Column(
530 530 "ui_active", Boolean(), nullable=True, unique=None, default=True)
531 531
532 532 repository = relationship('Repository')
533 533
534 534 def __repr__(self):
535 535 return '<%s[%s:%s]%s=>%s]>' % (
536 536 self.__class__.__name__, self.repository.repo_name,
537 537 self.ui_section, self.ui_key, self.ui_value)
538 538
539 539
540 540 class User(Base, BaseModel):
541 541 __tablename__ = 'users'
542 542 __table_args__ = (
543 543 UniqueConstraint('username'), UniqueConstraint('email'),
544 544 Index('u_username_idx', 'username'),
545 545 Index('u_email_idx', 'email'),
546 546 base_table_args
547 547 )
548 548
549 549 DEFAULT_USER = 'default'
550 550 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
551 551 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
552 552
553 553 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
554 554 username = Column("username", String(255), nullable=True, unique=None, default=None)
555 555 password = Column("password", String(255), nullable=True, unique=None, default=None)
556 556 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
557 557 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
558 558 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
559 559 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
560 560 _email = Column("email", String(255), nullable=True, unique=None, default=None)
561 561 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
562 562 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
563 563
564 564 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
565 565 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
566 566 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
567 567 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
568 568 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
569 569 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
570 570
571 571 user_log = relationship('UserLog')
572 572 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
573 573
574 574 repositories = relationship('Repository')
575 575 repository_groups = relationship('RepoGroup')
576 576 user_groups = relationship('UserGroup')
577 577
578 578 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
579 579 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
580 580
581 581 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
582 582 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
583 583 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all')
584 584
585 585 group_member = relationship('UserGroupMember', cascade='all')
586 586
587 587 notifications = relationship('UserNotification', cascade='all')
588 588 # notifications assigned to this user
589 589 user_created_notifications = relationship('Notification', cascade='all')
590 590 # comments created by this user
591 591 user_comments = relationship('ChangesetComment', cascade='all')
592 592 # user profile extra info
593 593 user_emails = relationship('UserEmailMap', cascade='all')
594 594 user_ip_map = relationship('UserIpMap', cascade='all')
595 595 user_auth_tokens = relationship('UserApiKeys', cascade='all')
596 596 user_ssh_keys = relationship('UserSshKeys', cascade='all')
597 597
598 598 # gists
599 599 user_gists = relationship('Gist', cascade='all')
600 600 # user pull requests
601 601 user_pull_requests = relationship('PullRequest', cascade='all')
602 602 # external identities
603 603 extenal_identities = relationship(
604 604 'ExternalIdentity',
605 605 primaryjoin="User.user_id==ExternalIdentity.local_user_id",
606 606 cascade='all')
607 607 # review rules
608 608 user_review_rules = relationship('RepoReviewRuleUser', cascade='all')
609 609
610 610 def __unicode__(self):
611 611 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
612 612 self.user_id, self.username)
613 613
614 614 @hybrid_property
615 615 def email(self):
616 616 return self._email
617 617
618 618 @email.setter
619 619 def email(self, val):
620 620 self._email = val.lower() if val else None
621 621
622 622 @hybrid_property
623 623 def first_name(self):
624 624 from rhodecode.lib import helpers as h
625 625 if self.name:
626 626 return h.escape(self.name)
627 627 return self.name
628 628
629 629 @hybrid_property
630 630 def last_name(self):
631 631 from rhodecode.lib import helpers as h
632 632 if self.lastname:
633 633 return h.escape(self.lastname)
634 634 return self.lastname
635 635
636 636 @hybrid_property
637 637 def api_key(self):
638 638 """
639 639 Fetch if exist an auth-token with role ALL connected to this user
640 640 """
641 641 user_auth_token = UserApiKeys.query()\
642 642 .filter(UserApiKeys.user_id == self.user_id)\
643 643 .filter(or_(UserApiKeys.expires == -1,
644 644 UserApiKeys.expires >= time.time()))\
645 645 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
646 646 if user_auth_token:
647 647 user_auth_token = user_auth_token.api_key
648 648
649 649 return user_auth_token
650 650
651 651 @api_key.setter
652 652 def api_key(self, val):
653 653 # don't allow to set API key this is deprecated for now
654 654 self._api_key = None
655 655
656 656 @property
657 657 def reviewer_pull_requests(self):
658 658 return PullRequestReviewers.query() \
659 659 .options(joinedload(PullRequestReviewers.pull_request)) \
660 660 .filter(PullRequestReviewers.user_id == self.user_id) \
661 661 .all()
662 662
663 663 @property
664 664 def firstname(self):
665 665 # alias for future
666 666 return self.name
667 667
668 668 @property
669 669 def emails(self):
670 670 other = UserEmailMap.query()\
671 671 .filter(UserEmailMap.user == self) \
672 672 .order_by(UserEmailMap.email_id.asc()) \
673 673 .all()
674 674 return [self.email] + [x.email for x in other]
675 675
676 676 @property
677 677 def auth_tokens(self):
678 678 auth_tokens = self.get_auth_tokens()
679 679 return [x.api_key for x in auth_tokens]
680 680
681 681 def get_auth_tokens(self):
682 682 return UserApiKeys.query()\
683 683 .filter(UserApiKeys.user == self)\
684 684 .order_by(UserApiKeys.user_api_key_id.asc())\
685 685 .all()
686 686
687 687 @LazyProperty
688 688 def feed_token(self):
689 689 return self.get_feed_token()
690 690
691 691 def get_feed_token(self, cache=True):
692 692 feed_tokens = UserApiKeys.query()\
693 693 .filter(UserApiKeys.user == self)\
694 694 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
695 695 if cache:
696 696 feed_tokens = feed_tokens.options(
697 697 FromCache("sql_cache_short", "get_user_feed_token_%s" % self.user_id))
698 698
699 699 feed_tokens = feed_tokens.all()
700 700 if feed_tokens:
701 701 return feed_tokens[0].api_key
702 702 return 'NO_FEED_TOKEN_AVAILABLE'
703 703
704 704 @classmethod
705 705 def get(cls, user_id, cache=False):
706 706 if not user_id:
707 707 return
708 708
709 709 user = cls.query()
710 710 if cache:
711 711 user = user.options(
712 712 FromCache("sql_cache_short", "get_users_%s" % user_id))
713 713 return user.get(user_id)
714 714
715 715 @classmethod
716 716 def extra_valid_auth_tokens(cls, user, role=None):
717 717 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
718 718 .filter(or_(UserApiKeys.expires == -1,
719 719 UserApiKeys.expires >= time.time()))
720 720 if role:
721 721 tokens = tokens.filter(or_(UserApiKeys.role == role,
722 722 UserApiKeys.role == UserApiKeys.ROLE_ALL))
723 723 return tokens.all()
724 724
725 725 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
726 726 from rhodecode.lib import auth
727 727
728 728 log.debug('Trying to authenticate user: %s via auth-token, '
729 729 'and roles: %s', self, roles)
730 730
731 731 if not auth_token:
732 732 return False
733 733
734 734 crypto_backend = auth.crypto_backend()
735 735
736 736 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
737 737 tokens_q = UserApiKeys.query()\
738 738 .filter(UserApiKeys.user_id == self.user_id)\
739 739 .filter(or_(UserApiKeys.expires == -1,
740 740 UserApiKeys.expires >= time.time()))
741 741
742 742 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
743 743
744 744 plain_tokens = []
745 745 hash_tokens = []
746 746
747 747 user_tokens = tokens_q.all()
748 748 log.debug('Found %s user tokens to check for authentication', len(user_tokens))
749 749 for token in user_tokens:
750 750 log.debug('AUTH_TOKEN: checking if user token with id `%s` matches',
751 751 token.user_api_key_id)
752 752 # verify scope first, since it's way faster than hash calculation of
753 753 # encrypted tokens
754 754 if token.repo_id:
755 755 # token has a scope, we need to verify it
756 756 if scope_repo_id != token.repo_id:
757 757 log.debug(
758 758 'AUTH_TOKEN: scope mismatch, token has a set repo scope: %s, '
759 759 'and calling scope is:%s, skipping further checks',
760 760 token.repo, scope_repo_id)
761 761 # token has a scope, and it doesn't match, skip token
762 762 continue
763 763
764 764 if token.api_key.startswith(crypto_backend.ENC_PREF):
765 765 hash_tokens.append(token.api_key)
766 766 else:
767 767 plain_tokens.append(token.api_key)
768 768
769 769 is_plain_match = auth_token in plain_tokens
770 770 if is_plain_match:
771 771 return True
772 772
773 773 for hashed in hash_tokens:
774 774 # NOTE(marcink): this is expensive to calculate, but most secure
775 775 match = crypto_backend.hash_check(auth_token, hashed)
776 776 if match:
777 777 return True
778 778
779 779 return False
780 780
781 781 @property
782 782 def ip_addresses(self):
783 783 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
784 784 return [x.ip_addr for x in ret]
785 785
786 786 @property
787 787 def username_and_name(self):
788 788 return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
789 789
790 790 @property
791 791 def username_or_name_or_email(self):
792 792 full_name = self.full_name if self.full_name is not ' ' else None
793 793 return self.username or full_name or self.email
794 794
795 795 @property
796 796 def full_name(self):
797 797 return '%s %s' % (self.first_name, self.last_name)
798 798
799 799 @property
800 800 def full_name_or_username(self):
801 801 return ('%s %s' % (self.first_name, self.last_name)
802 802 if (self.first_name and self.last_name) else self.username)
803 803
804 804 @property
805 805 def full_contact(self):
806 806 return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
807 807
808 808 @property
809 809 def short_contact(self):
810 810 return '%s %s' % (self.first_name, self.last_name)
811 811
812 812 @property
813 813 def is_admin(self):
814 814 return self.admin
815 815
816 816 def AuthUser(self, **kwargs):
817 817 """
818 818 Returns instance of AuthUser for this user
819 819 """
820 820 from rhodecode.lib.auth import AuthUser
821 821 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
822 822
823 823 @hybrid_property
824 824 def user_data(self):
825 825 if not self._user_data:
826 826 return {}
827 827
828 828 try:
829 829 return json.loads(self._user_data)
830 830 except TypeError:
831 831 return {}
832 832
833 833 @user_data.setter
834 834 def user_data(self, val):
835 835 if not isinstance(val, dict):
836 836 raise Exception('user_data must be dict, got %s' % type(val))
837 837 try:
838 838 self._user_data = json.dumps(val)
839 839 except Exception:
840 840 log.error(traceback.format_exc())
841 841
842 842 @classmethod
843 843 def get_by_username(cls, username, case_insensitive=False,
844 844 cache=False, identity_cache=False):
845 845 session = Session()
846 846
847 847 if case_insensitive:
848 848 q = cls.query().filter(
849 849 func.lower(cls.username) == func.lower(username))
850 850 else:
851 851 q = cls.query().filter(cls.username == username)
852 852
853 853 if cache:
854 854 if identity_cache:
855 855 val = cls.identity_cache(session, 'username', username)
856 856 if val:
857 857 return val
858 858 else:
859 859 cache_key = "get_user_by_name_%s" % _hash_key(username)
860 860 q = q.options(
861 861 FromCache("sql_cache_short", cache_key))
862 862
863 863 return q.scalar()
864 864
865 865 @classmethod
866 866 def get_by_auth_token(cls, auth_token, cache=False):
867 867 q = UserApiKeys.query()\
868 868 .filter(UserApiKeys.api_key == auth_token)\
869 869 .filter(or_(UserApiKeys.expires == -1,
870 870 UserApiKeys.expires >= time.time()))
871 871 if cache:
872 872 q = q.options(
873 873 FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
874 874
875 875 match = q.first()
876 876 if match:
877 877 return match.user
878 878
879 879 @classmethod
880 880 def get_by_email(cls, email, case_insensitive=False, cache=False):
881 881
882 882 if case_insensitive:
883 883 q = cls.query().filter(func.lower(cls.email) == func.lower(email))
884 884
885 885 else:
886 886 q = cls.query().filter(cls.email == email)
887 887
888 888 email_key = _hash_key(email)
889 889 if cache:
890 890 q = q.options(
891 891 FromCache("sql_cache_short", "get_email_key_%s" % email_key))
892 892
893 893 ret = q.scalar()
894 894 if ret is None:
895 895 q = UserEmailMap.query()
896 896 # try fetching in alternate email map
897 897 if case_insensitive:
898 898 q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
899 899 else:
900 900 q = q.filter(UserEmailMap.email == email)
901 901 q = q.options(joinedload(UserEmailMap.user))
902 902 if cache:
903 903 q = q.options(
904 904 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
905 905 ret = getattr(q.scalar(), 'user', None)
906 906
907 907 return ret
908 908
909 909 @classmethod
910 910 def get_from_cs_author(cls, author):
911 911 """
912 912 Tries to get User objects out of commit author string
913 913
914 914 :param author:
915 915 """
916 916 from rhodecode.lib.helpers import email, author_name
917 917 # Valid email in the attribute passed, see if they're in the system
918 918 _email = email(author)
919 919 if _email:
920 920 user = cls.get_by_email(_email, case_insensitive=True)
921 921 if user:
922 922 return user
923 923 # Maybe we can match by username?
924 924 _author = author_name(author)
925 925 user = cls.get_by_username(_author, case_insensitive=True)
926 926 if user:
927 927 return user
928 928
929 929 def update_userdata(self, **kwargs):
930 930 usr = self
931 931 old = usr.user_data
932 932 old.update(**kwargs)
933 933 usr.user_data = old
934 934 Session().add(usr)
935 935 log.debug('updated userdata with ', kwargs)
936 936
937 937 def update_lastlogin(self):
938 938 """Update user lastlogin"""
939 939 self.last_login = datetime.datetime.now()
940 940 Session().add(self)
941 941 log.debug('updated user %s lastlogin', self.username)
942 942
943 943 def update_password(self, new_password):
944 944 from rhodecode.lib.auth import get_crypt_password
945 945
946 946 self.password = get_crypt_password(new_password)
947 947 Session().add(self)
948 948
949 949 @classmethod
950 950 def get_first_super_admin(cls):
951 951 user = User.query()\
952 952 .filter(User.admin == true()) \
953 953 .order_by(User.user_id.asc()) \
954 954 .first()
955 955
956 956 if user is None:
957 957 raise Exception('FATAL: Missing administrative account!')
958 958 return user
959 959
960 960 @classmethod
961 961 def get_all_super_admins(cls):
962 962 """
963 963 Returns all admin accounts sorted by username
964 964 """
965 965 return User.query().filter(User.admin == true())\
966 966 .order_by(User.username.asc()).all()
967 967
968 968 @classmethod
969 969 def get_default_user(cls, cache=False, refresh=False):
970 970 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
971 971 if user is None:
972 972 raise Exception('FATAL: Missing default account!')
973 973 if refresh:
974 974 # The default user might be based on outdated state which
975 975 # has been loaded from the cache.
976 976 # A call to refresh() ensures that the
977 977 # latest state from the database is used.
978 978 Session().refresh(user)
979 979 return user
980 980
981 981 def _get_default_perms(self, user, suffix=''):
982 982 from rhodecode.model.permission import PermissionModel
983 983 return PermissionModel().get_default_perms(user.user_perms, suffix)
984 984
985 985 def get_default_perms(self, suffix=''):
986 986 return self._get_default_perms(self, suffix)
987 987
988 988 def get_api_data(self, include_secrets=False, details='full'):
989 989 """
990 990 Common function for generating user related data for API
991 991
992 992 :param include_secrets: By default secrets in the API data will be replaced
993 993 by a placeholder value to prevent exposing this data by accident. In case
994 994 this data shall be exposed, set this flag to ``True``.
995 995
996 996 :param details: details can be 'basic|full' basic gives only a subset of
997 997 the available user information that includes user_id, name and emails.
998 998 """
999 999 user = self
1000 1000 user_data = self.user_data
1001 1001 data = {
1002 1002 'user_id': user.user_id,
1003 1003 'username': user.username,
1004 1004 'firstname': user.name,
1005 1005 'lastname': user.lastname,
1006 1006 'email': user.email,
1007 1007 'emails': user.emails,
1008 1008 }
1009 1009 if details == 'basic':
1010 1010 return data
1011 1011
1012 1012 auth_token_length = 40
1013 1013 auth_token_replacement = '*' * auth_token_length
1014 1014
1015 1015 extras = {
1016 1016 'auth_tokens': [auth_token_replacement],
1017 1017 'active': user.active,
1018 1018 'admin': user.admin,
1019 1019 'extern_type': user.extern_type,
1020 1020 'extern_name': user.extern_name,
1021 1021 'last_login': user.last_login,
1022 1022 'last_activity': user.last_activity,
1023 1023 'ip_addresses': user.ip_addresses,
1024 1024 'language': user_data.get('language')
1025 1025 }
1026 1026 data.update(extras)
1027 1027
1028 1028 if include_secrets:
1029 1029 data['auth_tokens'] = user.auth_tokens
1030 1030 return data
1031 1031
1032 1032 def __json__(self):
1033 1033 data = {
1034 1034 'full_name': self.full_name,
1035 1035 'full_name_or_username': self.full_name_or_username,
1036 1036 'short_contact': self.short_contact,
1037 1037 'full_contact': self.full_contact,
1038 1038 }
1039 1039 data.update(self.get_api_data())
1040 1040 return data
1041 1041
1042 1042
1043 1043 class UserApiKeys(Base, BaseModel):
1044 1044 __tablename__ = 'user_api_keys'
1045 1045 __table_args__ = (
1046 1046 Index('uak_api_key_idx', 'api_key', unique=True),
1047 1047 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1048 1048 base_table_args
1049 1049 )
1050 1050 __mapper_args__ = {}
1051 1051
1052 1052 # ApiKey role
1053 1053 ROLE_ALL = 'token_role_all'
1054 1054 ROLE_HTTP = 'token_role_http'
1055 1055 ROLE_VCS = 'token_role_vcs'
1056 1056 ROLE_API = 'token_role_api'
1057 1057 ROLE_FEED = 'token_role_feed'
1058 1058 ROLE_PASSWORD_RESET = 'token_password_reset'
1059 1059
1060 1060 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
1061 1061
1062 1062 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1063 1063 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1064 1064 api_key = Column("api_key", String(255), nullable=False, unique=True)
1065 1065 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1066 1066 expires = Column('expires', Float(53), nullable=False)
1067 1067 role = Column('role', String(255), nullable=True)
1068 1068 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1069 1069
1070 1070 # scope columns
1071 1071 repo_id = Column(
1072 1072 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1073 1073 nullable=True, unique=None, default=None)
1074 1074 repo = relationship('Repository', lazy='joined')
1075 1075
1076 1076 repo_group_id = Column(
1077 1077 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1078 1078 nullable=True, unique=None, default=None)
1079 1079 repo_group = relationship('RepoGroup', lazy='joined')
1080 1080
1081 1081 user = relationship('User', lazy='joined')
1082 1082
1083 1083 def __unicode__(self):
1084 1084 return u"<%s('%s')>" % (self.__class__.__name__, self.role)
1085 1085
1086 1086 def __json__(self):
1087 1087 data = {
1088 1088 'auth_token': self.api_key,
1089 1089 'role': self.role,
1090 1090 'scope': self.scope_humanized,
1091 1091 'expired': self.expired
1092 1092 }
1093 1093 return data
1094 1094
1095 1095 def get_api_data(self, include_secrets=False):
1096 1096 data = self.__json__()
1097 1097 if include_secrets:
1098 1098 return data
1099 1099 else:
1100 1100 data['auth_token'] = self.token_obfuscated
1101 1101 return data
1102 1102
1103 1103 @hybrid_property
1104 1104 def description_safe(self):
1105 1105 from rhodecode.lib import helpers as h
1106 1106 return h.escape(self.description)
1107 1107
1108 1108 @property
1109 1109 def expired(self):
1110 1110 if self.expires == -1:
1111 1111 return False
1112 1112 return time.time() > self.expires
1113 1113
1114 1114 @classmethod
1115 1115 def _get_role_name(cls, role):
1116 1116 return {
1117 1117 cls.ROLE_ALL: _('all'),
1118 1118 cls.ROLE_HTTP: _('http/web interface'),
1119 1119 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1120 1120 cls.ROLE_API: _('api calls'),
1121 1121 cls.ROLE_FEED: _('feed access'),
1122 1122 }.get(role, role)
1123 1123
1124 1124 @property
1125 1125 def role_humanized(self):
1126 1126 return self._get_role_name(self.role)
1127 1127
1128 1128 def _get_scope(self):
1129 1129 if self.repo:
1130 1130 return repr(self.repo)
1131 1131 if self.repo_group:
1132 1132 return repr(self.repo_group) + ' (recursive)'
1133 1133 return 'global'
1134 1134
1135 1135 @property
1136 1136 def scope_humanized(self):
1137 1137 return self._get_scope()
1138 1138
1139 1139 @property
1140 1140 def token_obfuscated(self):
1141 1141 if self.api_key:
1142 1142 return self.api_key[:4] + "****"
1143 1143
1144 1144
1145 1145 class UserEmailMap(Base, BaseModel):
1146 1146 __tablename__ = 'user_email_map'
1147 1147 __table_args__ = (
1148 1148 Index('uem_email_idx', 'email'),
1149 1149 UniqueConstraint('email'),
1150 1150 base_table_args
1151 1151 )
1152 1152 __mapper_args__ = {}
1153 1153
1154 1154 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1155 1155 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1156 1156 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1157 1157 user = relationship('User', lazy='joined')
1158 1158
1159 1159 @validates('_email')
1160 1160 def validate_email(self, key, email):
1161 1161 # check if this email is not main one
1162 1162 main_email = Session().query(User).filter(User.email == email).scalar()
1163 1163 if main_email is not None:
1164 1164 raise AttributeError('email %s is present is user table' % email)
1165 1165 return email
1166 1166
1167 1167 @hybrid_property
1168 1168 def email(self):
1169 1169 return self._email
1170 1170
1171 1171 @email.setter
1172 1172 def email(self, val):
1173 1173 self._email = val.lower() if val else None
1174 1174
1175 1175
1176 1176 class UserIpMap(Base, BaseModel):
1177 1177 __tablename__ = 'user_ip_map'
1178 1178 __table_args__ = (
1179 1179 UniqueConstraint('user_id', 'ip_addr'),
1180 1180 base_table_args
1181 1181 )
1182 1182 __mapper_args__ = {}
1183 1183
1184 1184 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1185 1185 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1186 1186 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1187 1187 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1188 1188 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1189 1189 user = relationship('User', lazy='joined')
1190 1190
1191 1191 @hybrid_property
1192 1192 def description_safe(self):
1193 1193 from rhodecode.lib import helpers as h
1194 1194 return h.escape(self.description)
1195 1195
1196 1196 @classmethod
1197 1197 def _get_ip_range(cls, ip_addr):
1198 1198 net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)
1199 1199 return [str(net.network_address), str(net.broadcast_address)]
1200 1200
1201 1201 def __json__(self):
1202 1202 return {
1203 1203 'ip_addr': self.ip_addr,
1204 1204 'ip_range': self._get_ip_range(self.ip_addr),
1205 1205 }
1206 1206
1207 1207 def __unicode__(self):
1208 1208 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1209 1209 self.user_id, self.ip_addr)
1210 1210
1211 1211
1212 1212 class UserSshKeys(Base, BaseModel):
1213 1213 __tablename__ = 'user_ssh_keys'
1214 1214 __table_args__ = (
1215 1215 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1216 1216
1217 1217 UniqueConstraint('ssh_key_fingerprint'),
1218 1218
1219 1219 base_table_args
1220 1220 )
1221 1221 __mapper_args__ = {}
1222 1222
1223 1223 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1224 1224 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1225 1225 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1226 1226
1227 1227 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1228 1228
1229 1229 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1230 1230 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1231 1231 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1232 1232
1233 1233 user = relationship('User', lazy='joined')
1234 1234
1235 1235 def __json__(self):
1236 1236 data = {
1237 1237 'ssh_fingerprint': self.ssh_key_fingerprint,
1238 1238 'description': self.description,
1239 1239 'created_on': self.created_on
1240 1240 }
1241 1241 return data
1242 1242
1243 1243 def get_api_data(self):
1244 1244 data = self.__json__()
1245 1245 return data
1246 1246
1247 1247
1248 1248 class UserLog(Base, BaseModel):
1249 1249 __tablename__ = 'user_logs'
1250 1250 __table_args__ = (
1251 1251 base_table_args,
1252 1252 )
1253 1253
1254 1254 VERSION_1 = 'v1'
1255 1255 VERSION_2 = 'v2'
1256 1256 VERSIONS = [VERSION_1, VERSION_2]
1257 1257
1258 1258 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1259 1259 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1260 1260 username = Column("username", String(255), nullable=True, unique=None, default=None)
1261 1261 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1262 1262 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1263 1263 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1264 1264 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1265 1265 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1266 1266
1267 1267 version = Column("version", String(255), nullable=True, default=VERSION_1)
1268 1268 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1269 1269 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1270 1270
1271 1271 def __unicode__(self):
1272 1272 return u"<%s('id:%s:%s')>" % (
1273 1273 self.__class__.__name__, self.repository_name, self.action)
1274 1274
1275 1275 def __json__(self):
1276 1276 return {
1277 1277 'user_id': self.user_id,
1278 1278 'username': self.username,
1279 1279 'repository_id': self.repository_id,
1280 1280 'repository_name': self.repository_name,
1281 1281 'user_ip': self.user_ip,
1282 1282 'action_date': self.action_date,
1283 1283 'action': self.action,
1284 1284 }
1285 1285
1286 1286 @hybrid_property
1287 1287 def entry_id(self):
1288 1288 return self.user_log_id
1289 1289
1290 1290 @property
1291 1291 def action_as_day(self):
1292 1292 return datetime.date(*self.action_date.timetuple()[:3])
1293 1293
1294 1294 user = relationship('User')
1295 1295 repository = relationship('Repository', cascade='')
1296 1296
1297 1297
1298 1298 class UserGroup(Base, BaseModel):
1299 1299 __tablename__ = 'users_groups'
1300 1300 __table_args__ = (
1301 1301 base_table_args,
1302 1302 )
1303 1303
1304 1304 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1305 1305 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1306 1306 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1307 1307 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1308 1308 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1309 1309 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1310 1310 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1311 1311 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1312 1312
1313 1313 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
1314 1314 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
1315 1315 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1316 1316 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
1317 1317 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
1318 1318 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
1319 1319
1320 1320 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')
1321 1321 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")
1322 1322
1323 1323 @classmethod
1324 1324 def _load_group_data(cls, column):
1325 1325 if not column:
1326 1326 return {}
1327 1327
1328 1328 try:
1329 1329 return json.loads(column) or {}
1330 1330 except TypeError:
1331 1331 return {}
1332 1332
1333 1333 @hybrid_property
1334 1334 def description_safe(self):
1335 1335 from rhodecode.lib import helpers as h
1336 1336 return h.escape(self.user_group_description)
1337 1337
1338 1338 @hybrid_property
1339 1339 def group_data(self):
1340 1340 return self._load_group_data(self._group_data)
1341 1341
1342 1342 @group_data.expression
1343 1343 def group_data(self, **kwargs):
1344 1344 return self._group_data
1345 1345
1346 1346 @group_data.setter
1347 1347 def group_data(self, val):
1348 1348 try:
1349 1349 self._group_data = json.dumps(val)
1350 1350 except Exception:
1351 1351 log.error(traceback.format_exc())
1352 1352
1353 1353 @classmethod
1354 1354 def _load_sync(cls, group_data):
1355 1355 if group_data:
1356 1356 return group_data.get('extern_type')
1357 1357
1358 1358 @property
1359 1359 def sync(self):
1360 1360 return self._load_sync(self.group_data)
1361 1361
1362 1362 def __unicode__(self):
1363 1363 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
1364 1364 self.users_group_id,
1365 1365 self.users_group_name)
1366 1366
1367 1367 @classmethod
1368 1368 def get_by_group_name(cls, group_name, cache=False,
1369 1369 case_insensitive=False):
1370 1370 if case_insensitive:
1371 1371 q = cls.query().filter(func.lower(cls.users_group_name) ==
1372 1372 func.lower(group_name))
1373 1373
1374 1374 else:
1375 1375 q = cls.query().filter(cls.users_group_name == group_name)
1376 1376 if cache:
1377 1377 q = q.options(
1378 1378 FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
1379 1379 return q.scalar()
1380 1380
1381 1381 @classmethod
1382 1382 def get(cls, user_group_id, cache=False):
1383 1383 if not user_group_id:
1384 1384 return
1385 1385
1386 1386 user_group = cls.query()
1387 1387 if cache:
1388 1388 user_group = user_group.options(
1389 1389 FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
1390 1390 return user_group.get(user_group_id)
1391 1391
1392 1392 def permissions(self, with_admins=True, with_owner=True):
1393 1393 """
1394 1394 Permissions for user groups
1395 1395 """
1396 1396 _admin_perm = 'usergroup.admin'
1397 1397
1398 1398 owner_row = []
1399 1399 if with_owner:
1400 1400 usr = AttributeDict(self.user.get_dict())
1401 1401 usr.owner_row = True
1402 1402 usr.permission = _admin_perm
1403 1403 owner_row.append(usr)
1404 1404
1405 1405 super_admin_ids = []
1406 1406 super_admin_rows = []
1407 1407 if with_admins:
1408 1408 for usr in User.get_all_super_admins():
1409 1409 super_admin_ids.append(usr.user_id)
1410 1410 # if this admin is also owner, don't double the record
1411 1411 if usr.user_id == owner_row[0].user_id:
1412 1412 owner_row[0].admin_row = True
1413 1413 else:
1414 1414 usr = AttributeDict(usr.get_dict())
1415 1415 usr.admin_row = True
1416 1416 usr.permission = _admin_perm
1417 1417 super_admin_rows.append(usr)
1418 1418
1419 1419 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1420 1420 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1421 1421 joinedload(UserUserGroupToPerm.user),
1422 1422 joinedload(UserUserGroupToPerm.permission),)
1423 1423
1424 1424 # get owners and admins and permissions. We do a trick of re-writing
1425 1425 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1426 1426 # has a global reference and changing one object propagates to all
1427 1427 # others. This means if admin is also an owner admin_row that change
1428 1428 # would propagate to both objects
1429 1429 perm_rows = []
1430 1430 for _usr in q.all():
1431 1431 usr = AttributeDict(_usr.user.get_dict())
1432 1432 # if this user is also owner/admin, mark as duplicate record
1433 1433 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1434 1434 usr.duplicate_perm = True
1435 1435 usr.permission = _usr.permission.permission_name
1436 1436 perm_rows.append(usr)
1437 1437
1438 1438 # filter the perm rows by 'default' first and then sort them by
1439 1439 # admin,write,read,none permissions sorted again alphabetically in
1440 1440 # each group
1441 1441 perm_rows = sorted(perm_rows, key=display_user_sort)
1442 1442
1443 1443 return super_admin_rows + owner_row + perm_rows
1444 1444
1445 1445 def permission_user_groups(self):
1446 1446 q = UserGroupUserGroupToPerm.query().filter(UserGroupUserGroupToPerm.target_user_group == self)
1447 1447 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1448 1448 joinedload(UserGroupUserGroupToPerm.target_user_group),
1449 1449 joinedload(UserGroupUserGroupToPerm.permission),)
1450 1450
1451 1451 perm_rows = []
1452 1452 for _user_group in q.all():
1453 1453 usr = AttributeDict(_user_group.user_group.get_dict())
1454 1454 usr.permission = _user_group.permission.permission_name
1455 1455 perm_rows.append(usr)
1456 1456
1457 1457 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1458 1458 return perm_rows
1459 1459
1460 1460 def _get_default_perms(self, user_group, suffix=''):
1461 1461 from rhodecode.model.permission import PermissionModel
1462 1462 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1463 1463
1464 1464 def get_default_perms(self, suffix=''):
1465 1465 return self._get_default_perms(self, suffix)
1466 1466
1467 1467 def get_api_data(self, with_group_members=True, include_secrets=False):
1468 1468 """
1469 1469 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1470 1470 basically forwarded.
1471 1471
1472 1472 """
1473 1473 user_group = self
1474 1474 data = {
1475 1475 'users_group_id': user_group.users_group_id,
1476 1476 'group_name': user_group.users_group_name,
1477 1477 'group_description': user_group.user_group_description,
1478 1478 'active': user_group.users_group_active,
1479 1479 'owner': user_group.user.username,
1480 1480 'sync': user_group.sync,
1481 1481 'owner_email': user_group.user.email,
1482 1482 }
1483 1483
1484 1484 if with_group_members:
1485 1485 users = []
1486 1486 for user in user_group.members:
1487 1487 user = user.user
1488 1488 users.append(user.get_api_data(include_secrets=include_secrets))
1489 1489 data['users'] = users
1490 1490
1491 1491 return data
1492 1492
1493 1493
1494 1494 class UserGroupMember(Base, BaseModel):
1495 1495 __tablename__ = 'users_groups_members'
1496 1496 __table_args__ = (
1497 1497 base_table_args,
1498 1498 )
1499 1499
1500 1500 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1501 1501 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1502 1502 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1503 1503
1504 1504 user = relationship('User', lazy='joined')
1505 1505 users_group = relationship('UserGroup')
1506 1506
1507 1507 def __init__(self, gr_id='', u_id=''):
1508 1508 self.users_group_id = gr_id
1509 1509 self.user_id = u_id
1510 1510
1511 1511
1512 1512 class RepositoryField(Base, BaseModel):
1513 1513 __tablename__ = 'repositories_fields'
1514 1514 __table_args__ = (
1515 1515 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1516 1516 base_table_args,
1517 1517 )
1518 1518
1519 1519 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1520 1520
1521 1521 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1522 1522 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1523 1523 field_key = Column("field_key", String(250))
1524 1524 field_label = Column("field_label", String(1024), nullable=False)
1525 1525 field_value = Column("field_value", String(10000), nullable=False)
1526 1526 field_desc = Column("field_desc", String(1024), nullable=False)
1527 1527 field_type = Column("field_type", String(255), nullable=False, unique=None)
1528 1528 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1529 1529
1530 1530 repository = relationship('Repository')
1531 1531
1532 1532 @property
1533 1533 def field_key_prefixed(self):
1534 1534 return 'ex_%s' % self.field_key
1535 1535
1536 1536 @classmethod
1537 1537 def un_prefix_key(cls, key):
1538 1538 if key.startswith(cls.PREFIX):
1539 1539 return key[len(cls.PREFIX):]
1540 1540 return key
1541 1541
1542 1542 @classmethod
1543 1543 def get_by_key_name(cls, key, repo):
1544 1544 row = cls.query()\
1545 1545 .filter(cls.repository == repo)\
1546 1546 .filter(cls.field_key == key).scalar()
1547 1547 return row
1548 1548
1549 1549
1550 1550 class Repository(Base, BaseModel):
1551 1551 __tablename__ = 'repositories'
1552 1552 __table_args__ = (
1553 1553 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1554 1554 base_table_args,
1555 1555 )
1556 1556 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1557 1557 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1558 1558 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1559 1559
1560 1560 STATE_CREATED = 'repo_state_created'
1561 1561 STATE_PENDING = 'repo_state_pending'
1562 1562 STATE_ERROR = 'repo_state_error'
1563 1563
1564 1564 LOCK_AUTOMATIC = 'lock_auto'
1565 1565 LOCK_API = 'lock_api'
1566 1566 LOCK_WEB = 'lock_web'
1567 1567 LOCK_PULL = 'lock_pull'
1568 1568
1569 1569 NAME_SEP = URL_SEP
1570 1570
1571 1571 repo_id = Column(
1572 1572 "repo_id", Integer(), nullable=False, unique=True, default=None,
1573 1573 primary_key=True)
1574 1574 _repo_name = Column(
1575 1575 "repo_name", Text(), nullable=False, default=None)
1576 1576 _repo_name_hash = Column(
1577 1577 "repo_name_hash", String(255), nullable=False, unique=True)
1578 1578 repo_state = Column("repo_state", String(255), nullable=True)
1579 1579
1580 1580 clone_uri = Column(
1581 1581 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1582 1582 default=None)
1583 1583 push_uri = Column(
1584 1584 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1585 1585 default=None)
1586 1586 repo_type = Column(
1587 1587 "repo_type", String(255), nullable=False, unique=False, default=None)
1588 1588 user_id = Column(
1589 1589 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1590 1590 unique=False, default=None)
1591 1591 private = Column(
1592 1592 "private", Boolean(), nullable=True, unique=None, default=None)
1593 1593 archived = Column(
1594 1594 "archived", Boolean(), nullable=True, unique=None, default=None)
1595 1595 enable_statistics = Column(
1596 1596 "statistics", Boolean(), nullable=True, unique=None, default=True)
1597 1597 enable_downloads = Column(
1598 1598 "downloads", Boolean(), nullable=True, unique=None, default=True)
1599 1599 description = Column(
1600 1600 "description", String(10000), nullable=True, unique=None, default=None)
1601 1601 created_on = Column(
1602 1602 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1603 1603 default=datetime.datetime.now)
1604 1604 updated_on = Column(
1605 1605 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1606 1606 default=datetime.datetime.now)
1607 1607 _landing_revision = Column(
1608 1608 "landing_revision", String(255), nullable=False, unique=False,
1609 1609 default=None)
1610 1610 enable_locking = Column(
1611 1611 "enable_locking", Boolean(), nullable=False, unique=None,
1612 1612 default=False)
1613 1613 _locked = Column(
1614 1614 "locked", String(255), nullable=True, unique=False, default=None)
1615 1615 _changeset_cache = Column(
1616 1616 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1617 1617
1618 1618 fork_id = Column(
1619 1619 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1620 1620 nullable=True, unique=False, default=None)
1621 1621 group_id = Column(
1622 1622 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1623 1623 unique=False, default=None)
1624 1624
1625 1625 user = relationship('User', lazy='joined')
1626 1626 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1627 1627 group = relationship('RepoGroup', lazy='joined')
1628 1628 repo_to_perm = relationship(
1629 1629 'UserRepoToPerm', cascade='all',
1630 1630 order_by='UserRepoToPerm.repo_to_perm_id')
1631 1631 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1632 1632 stats = relationship('Statistics', cascade='all', uselist=False)
1633 1633
1634 1634 followers = relationship(
1635 1635 'UserFollowing',
1636 1636 primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
1637 1637 cascade='all')
1638 1638 extra_fields = relationship(
1639 1639 'RepositoryField', cascade="all, delete, delete-orphan")
1640 1640 logs = relationship('UserLog')
1641 1641 comments = relationship(
1642 1642 'ChangesetComment', cascade="all, delete, delete-orphan")
1643 1643 pull_requests_source = relationship(
1644 1644 'PullRequest',
1645 1645 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1646 1646 cascade="all, delete, delete-orphan")
1647 1647 pull_requests_target = relationship(
1648 1648 'PullRequest',
1649 1649 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1650 1650 cascade="all, delete, delete-orphan")
1651 1651 ui = relationship('RepoRhodeCodeUi', cascade="all")
1652 1652 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1653 1653 integrations = relationship('Integration',
1654 1654 cascade="all, delete, delete-orphan")
1655 1655
1656 1656 scoped_tokens = relationship('UserApiKeys', cascade="all")
1657 1657
1658 1658 def __unicode__(self):
1659 1659 return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
1660 1660 safe_unicode(self.repo_name))
1661 1661
1662 1662 @hybrid_property
1663 1663 def description_safe(self):
1664 1664 from rhodecode.lib import helpers as h
1665 1665 return h.escape(self.description)
1666 1666
1667 1667 @hybrid_property
1668 1668 def landing_rev(self):
1669 1669 # always should return [rev_type, rev]
1670 1670 if self._landing_revision:
1671 1671 _rev_info = self._landing_revision.split(':')
1672 1672 if len(_rev_info) < 2:
1673 1673 _rev_info.insert(0, 'rev')
1674 1674 return [_rev_info[0], _rev_info[1]]
1675 1675 return [None, None]
1676 1676
1677 1677 @landing_rev.setter
1678 1678 def landing_rev(self, val):
1679 1679 if ':' not in val:
1680 1680 raise ValueError('value must be delimited with `:` and consist '
1681 1681 'of <rev_type>:<rev>, got %s instead' % val)
1682 1682 self._landing_revision = val
1683 1683
1684 1684 @hybrid_property
1685 1685 def locked(self):
1686 1686 if self._locked:
1687 1687 user_id, timelocked, reason = self._locked.split(':')
1688 1688 lock_values = int(user_id), timelocked, reason
1689 1689 else:
1690 1690 lock_values = [None, None, None]
1691 1691 return lock_values
1692 1692
1693 1693 @locked.setter
1694 1694 def locked(self, val):
1695 1695 if val and isinstance(val, (list, tuple)):
1696 1696 self._locked = ':'.join(map(str, val))
1697 1697 else:
1698 1698 self._locked = None
1699 1699
1700 1700 @hybrid_property
1701 1701 def changeset_cache(self):
1702 1702 from rhodecode.lib.vcs.backends.base import EmptyCommit
1703 1703 dummy = EmptyCommit().__json__()
1704 1704 if not self._changeset_cache:
1705 1705 return dummy
1706 1706 try:
1707 1707 return json.loads(self._changeset_cache)
1708 1708 except TypeError:
1709 1709 return dummy
1710 1710 except Exception:
1711 1711 log.error(traceback.format_exc())
1712 1712 return dummy
1713 1713
1714 1714 @changeset_cache.setter
1715 1715 def changeset_cache(self, val):
1716 1716 try:
1717 1717 self._changeset_cache = json.dumps(val)
1718 1718 except Exception:
1719 1719 log.error(traceback.format_exc())
1720 1720
1721 1721 @hybrid_property
1722 1722 def repo_name(self):
1723 1723 return self._repo_name
1724 1724
1725 1725 @repo_name.setter
1726 1726 def repo_name(self, value):
1727 1727 self._repo_name = value
1728 1728 self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
1729 1729
1730 1730 @classmethod
1731 1731 def normalize_repo_name(cls, repo_name):
1732 1732 """
1733 1733 Normalizes os specific repo_name to the format internally stored inside
1734 1734 database using URL_SEP
1735 1735
1736 1736 :param cls:
1737 1737 :param repo_name:
1738 1738 """
1739 1739 return cls.NAME_SEP.join(repo_name.split(os.sep))
1740 1740
1741 1741 @classmethod
1742 1742 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1743 1743 session = Session()
1744 1744 q = session.query(cls).filter(cls.repo_name == repo_name)
1745 1745
1746 1746 if cache:
1747 1747 if identity_cache:
1748 1748 val = cls.identity_cache(session, 'repo_name', repo_name)
1749 1749 if val:
1750 1750 return val
1751 1751 else:
1752 1752 cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
1753 1753 q = q.options(
1754 1754 FromCache("sql_cache_short", cache_key))
1755 1755
1756 1756 return q.scalar()
1757 1757
1758 1758 @classmethod
1759 1759 def get_by_id_or_repo_name(cls, repoid):
1760 if isinstance(repoid, (int, long)):
1760 if isinstance(repoid, int):
1761 1761 try:
1762 1762 repo = cls.get(repoid)
1763 1763 except ValueError:
1764 1764 repo = None
1765 1765 else:
1766 1766 repo = cls.get_by_repo_name(repoid)
1767 1767 return repo
1768 1768
1769 1769 @classmethod
1770 1770 def get_by_full_path(cls, repo_full_path):
1771 1771 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1772 1772 repo_name = cls.normalize_repo_name(repo_name)
1773 1773 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1774 1774
1775 1775 @classmethod
1776 1776 def get_repo_forks(cls, repo_id):
1777 1777 return cls.query().filter(Repository.fork_id == repo_id)
1778 1778
1779 1779 @classmethod
1780 1780 def base_path(cls):
1781 1781 """
1782 1782 Returns base path when all repos are stored
1783 1783
1784 1784 :param cls:
1785 1785 """
1786 1786 q = Session().query(RhodeCodeUi)\
1787 1787 .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
1788 1788 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1789 1789 return q.one().ui_value
1790 1790
1791 1791 @classmethod
1792 1792 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1793 1793 case_insensitive=True, archived=False):
1794 1794 q = Repository.query()
1795 1795
1796 1796 if not archived:
1797 1797 q = q.filter(Repository.archived.isnot(true()))
1798 1798
1799 1799 if not isinstance(user_id, Optional):
1800 1800 q = q.filter(Repository.user_id == user_id)
1801 1801
1802 1802 if not isinstance(group_id, Optional):
1803 1803 q = q.filter(Repository.group_id == group_id)
1804 1804
1805 1805 if case_insensitive:
1806 1806 q = q.order_by(func.lower(Repository.repo_name))
1807 1807 else:
1808 1808 q = q.order_by(Repository.repo_name)
1809 1809
1810 1810 return q.all()
1811 1811
1812 1812 @property
1813 1813 def forks(self):
1814 1814 """
1815 1815 Return forks of this repo
1816 1816 """
1817 1817 return Repository.get_repo_forks(self.repo_id)
1818 1818
1819 1819 @property
1820 1820 def parent(self):
1821 1821 """
1822 1822 Returns fork parent
1823 1823 """
1824 1824 return self.fork
1825 1825
1826 1826 @property
1827 1827 def just_name(self):
1828 1828 return self.repo_name.split(self.NAME_SEP)[-1]
1829 1829
1830 1830 @property
1831 1831 def groups_with_parents(self):
1832 1832 groups = []
1833 1833 if self.group is None:
1834 1834 return groups
1835 1835
1836 1836 cur_gr = self.group
1837 1837 groups.insert(0, cur_gr)
1838 1838 while 1:
1839 1839 gr = getattr(cur_gr, 'parent_group', None)
1840 1840 cur_gr = cur_gr.parent_group
1841 1841 if gr is None:
1842 1842 break
1843 1843 groups.insert(0, gr)
1844 1844
1845 1845 return groups
1846 1846
1847 1847 @property
1848 1848 def groups_and_repo(self):
1849 1849 return self.groups_with_parents, self
1850 1850
1851 1851 @LazyProperty
1852 1852 def repo_path(self):
1853 1853 """
1854 1854 Returns base full path for that repository means where it actually
1855 1855 exists on a filesystem
1856 1856 """
1857 1857 q = Session().query(RhodeCodeUi).filter(
1858 1858 RhodeCodeUi.ui_key == self.NAME_SEP)
1859 1859 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1860 1860 return q.one().ui_value
1861 1861
1862 1862 @property
1863 1863 def repo_full_path(self):
1864 1864 p = [self.repo_path]
1865 1865 # we need to split the name by / since this is how we store the
1866 1866 # names in the database, but that eventually needs to be converted
1867 1867 # into a valid system path
1868 1868 p += self.repo_name.split(self.NAME_SEP)
1869 1869 return os.path.join(*map(safe_unicode, p))
1870 1870
1871 1871 @property
1872 1872 def cache_keys(self):
1873 1873 """
1874 1874 Returns associated cache keys for that repo
1875 1875 """
1876 1876 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
1877 1877 repo_id=self.repo_id)
1878 1878 return CacheKey.query()\
1879 1879 .filter(CacheKey.cache_args == invalidation_namespace)\
1880 1880 .order_by(CacheKey.cache_key)\
1881 1881 .all()
1882 1882
1883 1883 @property
1884 1884 def cached_diffs_relative_dir(self):
1885 1885 """
1886 1886 Return a relative to the repository store path of cached diffs
1887 1887 used for safe display for users, who shouldn't know the absolute store
1888 1888 path
1889 1889 """
1890 1890 return os.path.join(
1891 1891 os.path.dirname(self.repo_name),
1892 1892 self.cached_diffs_dir.split(os.path.sep)[-1])
1893 1893
1894 1894 @property
1895 1895 def cached_diffs_dir(self):
1896 1896 path = self.repo_full_path
1897 1897 return os.path.join(
1898 1898 os.path.dirname(path),
1899 1899 '.__shadow_diff_cache_repo_{}'.format(self.repo_id))
1900 1900
1901 1901 def cached_diffs(self):
1902 1902 diff_cache_dir = self.cached_diffs_dir
1903 1903 if os.path.isdir(diff_cache_dir):
1904 1904 return os.listdir(diff_cache_dir)
1905 1905 return []
1906 1906
1907 1907 def shadow_repos(self):
1908 1908 shadow_repos_pattern = '.__shadow_repo_{}'.format(self.repo_id)
1909 1909 return [
1910 1910 x for x in os.listdir(os.path.dirname(self.repo_full_path))
1911 1911 if x.startswith(shadow_repos_pattern)]
1912 1912
1913 1913 def get_new_name(self, repo_name):
1914 1914 """
1915 1915 returns new full repository name based on assigned group and new new
1916 1916
1917 1917 :param group_name:
1918 1918 """
1919 1919 path_prefix = self.group.full_path_splitted if self.group else []
1920 1920 return self.NAME_SEP.join(path_prefix + [repo_name])
1921 1921
1922 1922 @property
1923 1923 def _config(self):
1924 1924 """
1925 1925 Returns db based config object.
1926 1926 """
1927 1927 from rhodecode.lib.utils import make_db_config
1928 1928 return make_db_config(clear_session=False, repo=self)
1929 1929
1930 1930 def permissions(self, with_admins=True, with_owner=True):
1931 1931 """
1932 1932 Permissions for repositories
1933 1933 """
1934 1934 _admin_perm = 'repository.admin'
1935 1935
1936 1936 owner_row = []
1937 1937 if with_owner:
1938 1938 usr = AttributeDict(self.user.get_dict())
1939 1939 usr.owner_row = True
1940 1940 usr.permission = _admin_perm
1941 1941 usr.permission_id = None
1942 1942 owner_row.append(usr)
1943 1943
1944 1944 super_admin_ids = []
1945 1945 super_admin_rows = []
1946 1946 if with_admins:
1947 1947 for usr in User.get_all_super_admins():
1948 1948 super_admin_ids.append(usr.user_id)
1949 1949 # if this admin is also owner, don't double the record
1950 1950 if usr.user_id == owner_row[0].user_id:
1951 1951 owner_row[0].admin_row = True
1952 1952 else:
1953 1953 usr = AttributeDict(usr.get_dict())
1954 1954 usr.admin_row = True
1955 1955 usr.permission = _admin_perm
1956 1956 usr.permission_id = None
1957 1957 super_admin_rows.append(usr)
1958 1958
1959 1959 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
1960 1960 q = q.options(joinedload(UserRepoToPerm.repository),
1961 1961 joinedload(UserRepoToPerm.user),
1962 1962 joinedload(UserRepoToPerm.permission),)
1963 1963
1964 1964 # get owners and admins and permissions. We do a trick of re-writing
1965 1965 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1966 1966 # has a global reference and changing one object propagates to all
1967 1967 # others. This means if admin is also an owner admin_row that change
1968 1968 # would propagate to both objects
1969 1969 perm_rows = []
1970 1970 for _usr in q.all():
1971 1971 usr = AttributeDict(_usr.user.get_dict())
1972 1972 # if this user is also owner/admin, mark as duplicate record
1973 1973 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1974 1974 usr.duplicate_perm = True
1975 1975 # also check if this permission is maybe used by branch_permissions
1976 1976 if _usr.branch_perm_entry:
1977 1977 usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]
1978 1978
1979 1979 usr.permission = _usr.permission.permission_name
1980 1980 usr.permission_id = _usr.repo_to_perm_id
1981 1981 perm_rows.append(usr)
1982 1982
1983 1983 # filter the perm rows by 'default' first and then sort them by
1984 1984 # admin,write,read,none permissions sorted again alphabetically in
1985 1985 # each group
1986 1986 perm_rows = sorted(perm_rows, key=display_user_sort)
1987 1987
1988 1988 return super_admin_rows + owner_row + perm_rows
1989 1989
1990 1990 def permission_user_groups(self):
1991 1991 q = UserGroupRepoToPerm.query().filter(
1992 1992 UserGroupRepoToPerm.repository == self)
1993 1993 q = q.options(joinedload(UserGroupRepoToPerm.repository),
1994 1994 joinedload(UserGroupRepoToPerm.users_group),
1995 1995 joinedload(UserGroupRepoToPerm.permission),)
1996 1996
1997 1997 perm_rows = []
1998 1998 for _user_group in q.all():
1999 1999 usr = AttributeDict(_user_group.users_group.get_dict())
2000 2000 usr.permission = _user_group.permission.permission_name
2001 2001 perm_rows.append(usr)
2002 2002
2003 2003 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2004 2004 return perm_rows
2005 2005
2006 2006 def get_api_data(self, include_secrets=False):
2007 2007 """
2008 2008 Common function for generating repo api data
2009 2009
2010 2010 :param include_secrets: See :meth:`User.get_api_data`.
2011 2011
2012 2012 """
2013 2013 # TODO: mikhail: Here there is an anti-pattern, we probably need to
2014 2014 # move this methods on models level.
2015 2015 from rhodecode.model.settings import SettingsModel
2016 2016 from rhodecode.model.repo import RepoModel
2017 2017
2018 2018 repo = self
2019 2019 _user_id, _time, _reason = self.locked
2020 2020
2021 2021 data = {
2022 2022 'repo_id': repo.repo_id,
2023 2023 'repo_name': repo.repo_name,
2024 2024 'repo_type': repo.repo_type,
2025 2025 'clone_uri': repo.clone_uri or '',
2026 2026 'push_uri': repo.push_uri or '',
2027 2027 'url': RepoModel().get_url(self),
2028 2028 'private': repo.private,
2029 2029 'created_on': repo.created_on,
2030 2030 'description': repo.description_safe,
2031 2031 'landing_rev': repo.landing_rev,
2032 2032 'owner': repo.user.username,
2033 2033 'fork_of': repo.fork.repo_name if repo.fork else None,
2034 2034 'fork_of_id': repo.fork.repo_id if repo.fork else None,
2035 2035 'enable_statistics': repo.enable_statistics,
2036 2036 'enable_locking': repo.enable_locking,
2037 2037 'enable_downloads': repo.enable_downloads,
2038 2038 'last_changeset': repo.changeset_cache,
2039 2039 'locked_by': User.get(_user_id).get_api_data(
2040 2040 include_secrets=include_secrets) if _user_id else None,
2041 2041 'locked_date': time_to_datetime(_time) if _time else None,
2042 2042 'lock_reason': _reason if _reason else None,
2043 2043 }
2044 2044
2045 2045 # TODO: mikhail: should be per-repo settings here
2046 2046 rc_config = SettingsModel().get_all_settings()
2047 2047 repository_fields = str2bool(
2048 2048 rc_config.get('rhodecode_repository_fields'))
2049 2049 if repository_fields:
2050 2050 for f in self.extra_fields:
2051 2051 data[f.field_key_prefixed] = f.field_value
2052 2052
2053 2053 return data
2054 2054
2055 2055 @classmethod
2056 2056 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2057 2057 if not lock_time:
2058 2058 lock_time = time.time()
2059 2059 if not lock_reason:
2060 2060 lock_reason = cls.LOCK_AUTOMATIC
2061 2061 repo.locked = [user_id, lock_time, lock_reason]
2062 2062 Session().add(repo)
2063 2063 Session().commit()
2064 2064
2065 2065 @classmethod
2066 2066 def unlock(cls, repo):
2067 2067 repo.locked = None
2068 2068 Session().add(repo)
2069 2069 Session().commit()
2070 2070
2071 2071 @classmethod
2072 2072 def getlock(cls, repo):
2073 2073 return repo.locked
2074 2074
2075 2075 def is_user_lock(self, user_id):
2076 2076 if self.lock[0]:
2077 2077 lock_user_id = safe_int(self.lock[0])
2078 2078 user_id = safe_int(user_id)
2079 2079 # both are ints, and they are equal
2080 2080 return all([lock_user_id, user_id]) and lock_user_id == user_id
2081 2081
2082 2082 return False
2083 2083
2084 2084 def get_locking_state(self, action, user_id, only_when_enabled=True):
2085 2085 """
2086 2086 Checks locking on this repository, if locking is enabled and lock is
2087 2087 present returns a tuple of make_lock, locked, locked_by.
2088 2088 make_lock can have 3 states None (do nothing) True, make lock
2089 2089 False release lock, This value is later propagated to hooks, which
2090 2090 do the locking. Think about this as signals passed to hooks what to do.
2091 2091
2092 2092 """
2093 2093 # TODO: johbo: This is part of the business logic and should be moved
2094 2094 # into the RepositoryModel.
2095 2095
2096 2096 if action not in ('push', 'pull'):
2097 2097 raise ValueError("Invalid action value: %s" % repr(action))
2098 2098
2099 2099 # defines if locked error should be thrown to user
2100 2100 currently_locked = False
2101 2101 # defines if new lock should be made, tri-state
2102 2102 make_lock = None
2103 2103 repo = self
2104 2104 user = User.get(user_id)
2105 2105
2106 2106 lock_info = repo.locked
2107 2107
2108 2108 if repo and (repo.enable_locking or not only_when_enabled):
2109 2109 if action == 'push':
2110 2110 # check if it's already locked !, if it is compare users
2111 2111 locked_by_user_id = lock_info[0]
2112 2112 if user.user_id == locked_by_user_id:
2113 2113 log.debug(
2114 2114 'Got `push` action from user %s, now unlocking', user)
2115 2115 # unlock if we have push from user who locked
2116 2116 make_lock = False
2117 2117 else:
2118 2118 # we're not the same user who locked, ban with
2119 2119 # code defined in settings (default is 423 HTTP Locked) !
2120 2120 log.debug('Repo %s is currently locked by %s', repo, user)
2121 2121 currently_locked = True
2122 2122 elif action == 'pull':
2123 2123 # [0] user [1] date
2124 2124 if lock_info[0] and lock_info[1]:
2125 2125 log.debug('Repo %s is currently locked by %s', repo, user)
2126 2126 currently_locked = True
2127 2127 else:
2128 2128 log.debug('Setting lock on repo %s by %s', repo, user)
2129 2129 make_lock = True
2130 2130
2131 2131 else:
2132 2132 log.debug('Repository %s do not have locking enabled', repo)
2133 2133
2134 2134 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2135 2135 make_lock, currently_locked, lock_info)
2136 2136
2137 2137 from rhodecode.lib.auth import HasRepoPermissionAny
2138 2138 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2139 2139 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2140 2140 # if we don't have at least write permission we cannot make a lock
2141 2141 log.debug('lock state reset back to FALSE due to lack '
2142 2142 'of at least read permission')
2143 2143 make_lock = False
2144 2144
2145 2145 return make_lock, currently_locked, lock_info
2146 2146
2147 2147 @property
2148 2148 def last_db_change(self):
2149 2149 return self.updated_on
2150 2150
2151 2151 @property
2152 2152 def clone_uri_hidden(self):
2153 2153 clone_uri = self.clone_uri
2154 2154 if clone_uri:
2155 2155 import urlobject
2156 2156 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2157 2157 if url_obj.password:
2158 2158 clone_uri = url_obj.with_password('*****')
2159 2159 return clone_uri
2160 2160
2161 2161 @property
2162 2162 def push_uri_hidden(self):
2163 2163 push_uri = self.push_uri
2164 2164 if push_uri:
2165 2165 import urlobject
2166 2166 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2167 2167 if url_obj.password:
2168 2168 push_uri = url_obj.with_password('*****')
2169 2169 return push_uri
2170 2170
2171 2171 def clone_url(self, **override):
2172 2172 from rhodecode.model.settings import SettingsModel
2173 2173
2174 2174 uri_tmpl = None
2175 2175 if 'with_id' in override:
2176 2176 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2177 2177 del override['with_id']
2178 2178
2179 2179 if 'uri_tmpl' in override:
2180 2180 uri_tmpl = override['uri_tmpl']
2181 2181 del override['uri_tmpl']
2182 2182
2183 2183 ssh = False
2184 2184 if 'ssh' in override:
2185 2185 ssh = True
2186 2186 del override['ssh']
2187 2187
2188 2188 # we didn't override our tmpl from **overrides
2189 2189 if not uri_tmpl:
2190 2190 rc_config = SettingsModel().get_all_settings(cache=True)
2191 2191 if ssh:
2192 2192 uri_tmpl = rc_config.get(
2193 2193 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2194 2194 else:
2195 2195 uri_tmpl = rc_config.get(
2196 2196 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2197 2197
2198 2198 request = get_current_request()
2199 2199 return get_clone_url(request=request,
2200 2200 uri_tmpl=uri_tmpl,
2201 2201 repo_name=self.repo_name,
2202 2202 repo_id=self.repo_id, **override)
2203 2203
2204 2204 def set_state(self, state):
2205 2205 self.repo_state = state
2206 2206 Session().add(self)
2207 2207 #==========================================================================
2208 2208 # SCM PROPERTIES
2209 2209 #==========================================================================
2210 2210
2211 2211 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
2212 2212 return get_commit_safe(
2213 2213 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
2214 2214
2215 2215 def get_changeset(self, rev=None, pre_load=None):
2216 2216 warnings.warn("Use get_commit", DeprecationWarning)
2217 2217 commit_id = None
2218 2218 commit_idx = None
2219 2219 if isinstance(rev, str):
2220 2220 commit_id = rev
2221 2221 else:
2222 2222 commit_idx = rev
2223 2223 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2224 2224 pre_load=pre_load)
2225 2225
2226 2226 def get_landing_commit(self):
2227 2227 """
2228 2228 Returns landing commit, or if that doesn't exist returns the tip
2229 2229 """
2230 2230 _rev_type, _rev = self.landing_rev
2231 2231 commit = self.get_commit(_rev)
2232 2232 if isinstance(commit, EmptyCommit):
2233 2233 return self.get_commit()
2234 2234 return commit
2235 2235
2236 2236 def update_commit_cache(self, cs_cache=None, config=None):
2237 2237 """
2238 2238 Update cache of last changeset for repository, keys should be::
2239 2239
2240 2240 short_id
2241 2241 raw_id
2242 2242 revision
2243 2243 parents
2244 2244 message
2245 2245 date
2246 2246 author
2247 2247
2248 2248 :param cs_cache:
2249 2249 """
2250 2250 from rhodecode.lib.vcs.backends.base import BaseChangeset
2251 2251 if cs_cache is None:
2252 2252 # use no-cache version here
2253 2253 scm_repo = self.scm_instance(cache=False, config=config)
2254 2254
2255 2255 empty = scm_repo.is_empty()
2256 2256 if not empty:
2257 2257 cs_cache = scm_repo.get_commit(
2258 2258 pre_load=["author", "date", "message", "parents"])
2259 2259 else:
2260 2260 cs_cache = EmptyCommit()
2261 2261
2262 2262 if isinstance(cs_cache, BaseChangeset):
2263 2263 cs_cache = cs_cache.__json__()
2264 2264
2265 2265 def is_outdated(new_cs_cache):
2266 2266 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2267 2267 new_cs_cache['revision'] != self.changeset_cache['revision']):
2268 2268 return True
2269 2269 return False
2270 2270
2271 2271 # check if we have maybe already latest cached revision
2272 2272 if is_outdated(cs_cache) or not self.changeset_cache:
2273 2273 _default = datetime.datetime.utcnow()
2274 2274 last_change = cs_cache.get('date') or _default
2275 2275 if self.updated_on and self.updated_on > last_change:
2276 2276 # we check if last update is newer than the new value
2277 2277 # if yes, we use the current timestamp instead. Imagine you get
2278 2278 # old commit pushed 1y ago, we'd set last update 1y to ago.
2279 2279 last_change = _default
2280 2280 log.debug('updated repo %s with new commit cache %s',
2281 2281 self.repo_name, cs_cache)
2282 2282 self.updated_on = last_change
2283 2283 self.changeset_cache = cs_cache
2284 2284 Session().add(self)
2285 2285 Session().commit()
2286 2286 else:
2287 2287 log.debug('Skipping update_commit_cache for repo:`%s` '
2288 2288 'commit already with latest changes', self.repo_name)
2289 2289
2290 2290 @property
2291 2291 def tip(self):
2292 2292 return self.get_commit('tip')
2293 2293
2294 2294 @property
2295 2295 def author(self):
2296 2296 return self.tip.author
2297 2297
2298 2298 @property
2299 2299 def last_change(self):
2300 2300 return self.scm_instance().last_change
2301 2301
2302 2302 def get_comments(self, revisions=None):
2303 2303 """
2304 2304 Returns comments for this repository grouped by revisions
2305 2305
2306 2306 :param revisions: filter query by revisions only
2307 2307 """
2308 2308 cmts = ChangesetComment.query()\
2309 2309 .filter(ChangesetComment.repo == self)
2310 2310 if revisions:
2311 2311 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2312 2312 grouped = collections.defaultdict(list)
2313 2313 for cmt in cmts.all():
2314 2314 grouped[cmt.revision].append(cmt)
2315 2315 return grouped
2316 2316
2317 2317 def statuses(self, revisions=None):
2318 2318 """
2319 2319 Returns statuses for this repository
2320 2320
2321 2321 :param revisions: list of revisions to get statuses for
2322 2322 """
2323 2323 statuses = ChangesetStatus.query()\
2324 2324 .filter(ChangesetStatus.repo == self)\
2325 2325 .filter(ChangesetStatus.version == 0)
2326 2326
2327 2327 if revisions:
2328 2328 # Try doing the filtering in chunks to avoid hitting limits
2329 2329 size = 500
2330 2330 status_results = []
2331 2331 for chunk in range(0, len(revisions), size):
2332 2332 status_results += statuses.filter(
2333 2333 ChangesetStatus.revision.in_(
2334 2334 revisions[chunk: chunk+size])
2335 2335 ).all()
2336 2336 else:
2337 2337 status_results = statuses.all()
2338 2338
2339 2339 grouped = {}
2340 2340
2341 2341 # maybe we have open new pullrequest without a status?
2342 2342 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2343 2343 status_lbl = ChangesetStatus.get_status_lbl(stat)
2344 2344 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2345 2345 for rev in pr.revisions:
2346 2346 pr_id = pr.pull_request_id
2347 2347 pr_repo = pr.target_repo.repo_name
2348 2348 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2349 2349
2350 2350 for stat in status_results:
2351 2351 pr_id = pr_repo = None
2352 2352 if stat.pull_request:
2353 2353 pr_id = stat.pull_request.pull_request_id
2354 2354 pr_repo = stat.pull_request.target_repo.repo_name
2355 2355 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2356 2356 pr_id, pr_repo]
2357 2357 return grouped
2358 2358
2359 2359 # ==========================================================================
2360 2360 # SCM CACHE INSTANCE
2361 2361 # ==========================================================================
2362 2362
2363 2363 def scm_instance(self, **kwargs):
2364 2364 import rhodecode
2365 2365
2366 2366 # Passing a config will not hit the cache currently only used
2367 2367 # for repo2dbmapper
2368 2368 config = kwargs.pop('config', None)
2369 2369 cache = kwargs.pop('cache', None)
2370 2370 full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
2371 2371 # if cache is NOT defined use default global, else we have a full
2372 2372 # control over cache behaviour
2373 2373 if cache is None and full_cache and not config:
2374 2374 return self._get_instance_cached()
2375 2375 return self._get_instance(cache=bool(cache), config=config)
2376 2376
2377 2377 def _get_instance_cached(self):
2378 2378 from rhodecode.lib import rc_cache
2379 2379
2380 2380 cache_namespace_uid = 'cache_repo_instance.{}'.format(self.repo_id)
2381 2381 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
2382 2382 repo_id=self.repo_id)
2383 2383 region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
2384 2384
2385 2385 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
2386 2386 def get_instance_cached(repo_id, context_id):
2387 2387 return self._get_instance()
2388 2388
2389 2389 # we must use thread scoped cache here,
2390 2390 # because each thread of gevent needs it's own not shared connection and cache
2391 2391 # we also alter `args` so the cache key is individual for every green thread.
2392 2392 inv_context_manager = rc_cache.InvalidationContext(
2393 2393 uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace,
2394 2394 thread_scoped=True)
2395 2395 with inv_context_manager as invalidation_context:
2396 2396 args = (self.repo_id, inv_context_manager.cache_key)
2397 2397 # re-compute and store cache if we get invalidate signal
2398 2398 if invalidation_context.should_invalidate():
2399 2399 instance = get_instance_cached.refresh(*args)
2400 2400 else:
2401 2401 instance = get_instance_cached(*args)
2402 2402
2403 2403 log.debug(
2404 2404 'Repo instance fetched in %.4fs', inv_context_manager.compute_time)
2405 2405 return instance
2406 2406
2407 2407 def _get_instance(self, cache=True, config=None):
2408 2408 config = config or self._config
2409 2409 custom_wire = {
2410 2410 'cache': cache # controls the vcs.remote cache
2411 2411 }
2412 2412 repo = get_vcs_instance(
2413 2413 repo_path=safe_str(self.repo_full_path),
2414 2414 config=config,
2415 2415 with_wire=custom_wire,
2416 2416 create=False,
2417 2417 _vcs_alias=self.repo_type)
2418 2418
2419 2419 return repo
2420 2420
2421 2421 def __json__(self):
2422 2422 return {'landing_rev': self.landing_rev}
2423 2423
2424 2424 def get_dict(self):
2425 2425
2426 2426 # Since we transformed `repo_name` to a hybrid property, we need to
2427 2427 # keep compatibility with the code which uses `repo_name` field.
2428 2428
2429 2429 result = super(Repository, self).get_dict()
2430 2430 result['repo_name'] = result.pop('_repo_name', None)
2431 2431 return result
2432 2432
2433 2433
2434 2434 class RepoGroup(Base, BaseModel):
2435 2435 __tablename__ = 'groups'
2436 2436 __table_args__ = (
2437 2437 UniqueConstraint('group_name', 'group_parent_id'),
2438 2438 base_table_args,
2439 2439 )
2440 2440 __mapper_args__ = {'order_by': 'group_name'}
2441 2441
2442 2442 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2443 2443
2444 2444 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2445 2445 group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2446 2446 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2447 2447 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2448 2448 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2449 2449 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2450 2450 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2451 2451 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2452 2452 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2453 2453
2454 2454 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
2455 2455 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
2456 2456 parent_group = relationship('RepoGroup', remote_side=group_id)
2457 2457 user = relationship('User')
2458 2458 integrations = relationship('Integration',
2459 2459 cascade="all, delete, delete-orphan")
2460 2460
2461 2461 def __init__(self, group_name='', parent_group=None):
2462 2462 self.group_name = group_name
2463 2463 self.parent_group = parent_group
2464 2464
2465 2465 def __unicode__(self):
2466 2466 return u"<%s('id:%s:%s')>" % (
2467 2467 self.__class__.__name__, self.group_id, self.group_name)
2468 2468
2469 2469 @hybrid_property
2470 2470 def description_safe(self):
2471 2471 from rhodecode.lib import helpers as h
2472 2472 return h.escape(self.group_description)
2473 2473
2474 2474 @classmethod
2475 2475 def _generate_choice(cls, repo_group):
2476 2476 from webhelpers2.html import literal as _literal
2477 2477 _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
2478 2478 return repo_group.group_id, _name(repo_group.full_path_splitted)
2479 2479
2480 2480 @classmethod
2481 2481 def groups_choices(cls, groups=None, show_empty_group=True):
2482 2482 if not groups:
2483 2483 groups = cls.query().all()
2484 2484
2485 2485 repo_groups = []
2486 2486 if show_empty_group:
2487 2487 repo_groups = [(-1, u'-- %s --' % _('No parent'))]
2488 2488
2489 2489 repo_groups.extend([cls._generate_choice(x) for x in groups])
2490 2490
2491 2491 repo_groups = sorted(
2492 2492 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2493 2493 return repo_groups
2494 2494
2495 2495 @classmethod
2496 2496 def url_sep(cls):
2497 2497 return URL_SEP
2498 2498
2499 2499 @classmethod
2500 2500 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2501 2501 if case_insensitive:
2502 2502 gr = cls.query().filter(func.lower(cls.group_name)
2503 2503 == func.lower(group_name))
2504 2504 else:
2505 2505 gr = cls.query().filter(cls.group_name == group_name)
2506 2506 if cache:
2507 2507 name_key = _hash_key(group_name)
2508 2508 gr = gr.options(
2509 2509 FromCache("sql_cache_short", "get_group_%s" % name_key))
2510 2510 return gr.scalar()
2511 2511
2512 2512 @classmethod
2513 2513 def get_user_personal_repo_group(cls, user_id):
2514 2514 user = User.get(user_id)
2515 2515 if user.username == User.DEFAULT_USER:
2516 2516 return None
2517 2517
2518 2518 return cls.query()\
2519 2519 .filter(cls.personal == true()) \
2520 2520 .filter(cls.user == user) \
2521 2521 .order_by(cls.group_id.asc()) \
2522 2522 .first()
2523 2523
2524 2524 @classmethod
2525 2525 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2526 2526 case_insensitive=True):
2527 2527 q = RepoGroup.query()
2528 2528
2529 2529 if not isinstance(user_id, Optional):
2530 2530 q = q.filter(RepoGroup.user_id == user_id)
2531 2531
2532 2532 if not isinstance(group_id, Optional):
2533 2533 q = q.filter(RepoGroup.group_parent_id == group_id)
2534 2534
2535 2535 if case_insensitive:
2536 2536 q = q.order_by(func.lower(RepoGroup.group_name))
2537 2537 else:
2538 2538 q = q.order_by(RepoGroup.group_name)
2539 2539 return q.all()
2540 2540
2541 2541 @property
2542 2542 def parents(self):
2543 2543 parents_recursion_limit = 10
2544 2544 groups = []
2545 2545 if self.parent_group is None:
2546 2546 return groups
2547 2547 cur_gr = self.parent_group
2548 2548 groups.insert(0, cur_gr)
2549 2549 cnt = 0
2550 2550 while 1:
2551 2551 cnt += 1
2552 2552 gr = getattr(cur_gr, 'parent_group', None)
2553 2553 cur_gr = cur_gr.parent_group
2554 2554 if gr is None:
2555 2555 break
2556 2556 if cnt == parents_recursion_limit:
2557 2557 # this will prevent accidental infinit loops
2558 2558 log.error('more than %s parents found for group %s, stopping '
2559 2559 'recursive parent fetching', parents_recursion_limit, self)
2560 2560 break
2561 2561
2562 2562 groups.insert(0, gr)
2563 2563 return groups
2564 2564
2565 2565 @property
2566 2566 def last_db_change(self):
2567 2567 return self.updated_on
2568 2568
2569 2569 @property
2570 2570 def children(self):
2571 2571 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2572 2572
2573 2573 @property
2574 2574 def name(self):
2575 2575 return self.group_name.split(RepoGroup.url_sep())[-1]
2576 2576
2577 2577 @property
2578 2578 def full_path(self):
2579 2579 return self.group_name
2580 2580
2581 2581 @property
2582 2582 def full_path_splitted(self):
2583 2583 return self.group_name.split(RepoGroup.url_sep())
2584 2584
2585 2585 @property
2586 2586 def repositories(self):
2587 2587 return Repository.query()\
2588 2588 .filter(Repository.group == self)\
2589 2589 .order_by(Repository.repo_name)
2590 2590
2591 2591 @property
2592 2592 def repositories_recursive_count(self):
2593 2593 cnt = self.repositories.count()
2594 2594
2595 2595 def children_count(group):
2596 2596 cnt = 0
2597 2597 for child in group.children:
2598 2598 cnt += child.repositories.count()
2599 2599 cnt += children_count(child)
2600 2600 return cnt
2601 2601
2602 2602 return cnt + children_count(self)
2603 2603
2604 2604 def _recursive_objects(self, include_repos=True):
2605 2605 all_ = []
2606 2606
2607 2607 def _get_members(root_gr):
2608 2608 if include_repos:
2609 2609 for r in root_gr.repositories:
2610 2610 all_.append(r)
2611 2611 childs = root_gr.children.all()
2612 2612 if childs:
2613 2613 for gr in childs:
2614 2614 all_.append(gr)
2615 2615 _get_members(gr)
2616 2616
2617 2617 _get_members(self)
2618 2618 return [self] + all_
2619 2619
2620 2620 def recursive_groups_and_repos(self):
2621 2621 """
2622 2622 Recursive return all groups, with repositories in those groups
2623 2623 """
2624 2624 return self._recursive_objects()
2625 2625
2626 2626 def recursive_groups(self):
2627 2627 """
2628 2628 Returns all children groups for this group including children of children
2629 2629 """
2630 2630 return self._recursive_objects(include_repos=False)
2631 2631
2632 2632 def get_new_name(self, group_name):
2633 2633 """
2634 2634 returns new full group name based on parent and new name
2635 2635
2636 2636 :param group_name:
2637 2637 """
2638 2638 path_prefix = (self.parent_group.full_path_splitted if
2639 2639 self.parent_group else [])
2640 2640 return RepoGroup.url_sep().join(path_prefix + [group_name])
2641 2641
2642 2642 def permissions(self, with_admins=True, with_owner=True):
2643 2643 """
2644 2644 Permissions for repository groups
2645 2645 """
2646 2646 _admin_perm = 'group.admin'
2647 2647
2648 2648 owner_row = []
2649 2649 if with_owner:
2650 2650 usr = AttributeDict(self.user.get_dict())
2651 2651 usr.owner_row = True
2652 2652 usr.permission = _admin_perm
2653 2653 owner_row.append(usr)
2654 2654
2655 2655 super_admin_ids = []
2656 2656 super_admin_rows = []
2657 2657 if with_admins:
2658 2658 for usr in User.get_all_super_admins():
2659 2659 super_admin_ids.append(usr.user_id)
2660 2660 # if this admin is also owner, don't double the record
2661 2661 if usr.user_id == owner_row[0].user_id:
2662 2662 owner_row[0].admin_row = True
2663 2663 else:
2664 2664 usr = AttributeDict(usr.get_dict())
2665 2665 usr.admin_row = True
2666 2666 usr.permission = _admin_perm
2667 2667 super_admin_rows.append(usr)
2668 2668
2669 2669 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
2670 2670 q = q.options(joinedload(UserRepoGroupToPerm.group),
2671 2671 joinedload(UserRepoGroupToPerm.user),
2672 2672 joinedload(UserRepoGroupToPerm.permission),)
2673 2673
2674 2674 # get owners and admins and permissions. We do a trick of re-writing
2675 2675 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2676 2676 # has a global reference and changing one object propagates to all
2677 2677 # others. This means if admin is also an owner admin_row that change
2678 2678 # would propagate to both objects
2679 2679 perm_rows = []
2680 2680 for _usr in q.all():
2681 2681 usr = AttributeDict(_usr.user.get_dict())
2682 2682 # if this user is also owner/admin, mark as duplicate record
2683 2683 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2684 2684 usr.duplicate_perm = True
2685 2685 usr.permission = _usr.permission.permission_name
2686 2686 perm_rows.append(usr)
2687 2687
2688 2688 # filter the perm rows by 'default' first and then sort them by
2689 2689 # admin,write,read,none permissions sorted again alphabetically in
2690 2690 # each group
2691 2691 perm_rows = sorted(perm_rows, key=display_user_sort)
2692 2692
2693 2693 return super_admin_rows + owner_row + perm_rows
2694 2694
2695 2695 def permission_user_groups(self):
2696 2696 q = UserGroupRepoGroupToPerm.query().filter(
2697 2697 UserGroupRepoGroupToPerm.group == self)
2698 2698 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
2699 2699 joinedload(UserGroupRepoGroupToPerm.users_group),
2700 2700 joinedload(UserGroupRepoGroupToPerm.permission),)
2701 2701
2702 2702 perm_rows = []
2703 2703 for _user_group in q.all():
2704 2704 usr = AttributeDict(_user_group.users_group.get_dict())
2705 2705 usr.permission = _user_group.permission.permission_name
2706 2706 perm_rows.append(usr)
2707 2707
2708 2708 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2709 2709 return perm_rows
2710 2710
2711 2711 def get_api_data(self):
2712 2712 """
2713 2713 Common function for generating api data
2714 2714
2715 2715 """
2716 2716 group = self
2717 2717 data = {
2718 2718 'group_id': group.group_id,
2719 2719 'group_name': group.group_name,
2720 2720 'group_description': group.description_safe,
2721 2721 'parent_group': group.parent_group.group_name if group.parent_group else None,
2722 2722 'repositories': [x.repo_name for x in group.repositories],
2723 2723 'owner': group.user.username,
2724 2724 }
2725 2725 return data
2726 2726
2727 2727
2728 2728 class Permission(Base, BaseModel):
2729 2729 __tablename__ = 'permissions'
2730 2730 __table_args__ = (
2731 2731 Index('p_perm_name_idx', 'permission_name'),
2732 2732 base_table_args,
2733 2733 )
2734 2734
2735 2735 PERMS = [
2736 2736 ('hg.admin', _('RhodeCode Super Administrator')),
2737 2737
2738 2738 ('repository.none', _('Repository no access')),
2739 2739 ('repository.read', _('Repository read access')),
2740 2740 ('repository.write', _('Repository write access')),
2741 2741 ('repository.admin', _('Repository admin access')),
2742 2742
2743 2743 ('group.none', _('Repository group no access')),
2744 2744 ('group.read', _('Repository group read access')),
2745 2745 ('group.write', _('Repository group write access')),
2746 2746 ('group.admin', _('Repository group admin access')),
2747 2747
2748 2748 ('usergroup.none', _('User group no access')),
2749 2749 ('usergroup.read', _('User group read access')),
2750 2750 ('usergroup.write', _('User group write access')),
2751 2751 ('usergroup.admin', _('User group admin access')),
2752 2752
2753 2753 ('branch.none', _('Branch no permissions')),
2754 2754 ('branch.merge', _('Branch access by web merge')),
2755 2755 ('branch.push', _('Branch access by push')),
2756 2756 ('branch.push_force', _('Branch access by push with force')),
2757 2757
2758 2758 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
2759 2759 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
2760 2760
2761 2761 ('hg.usergroup.create.false', _('User Group creation disabled')),
2762 2762 ('hg.usergroup.create.true', _('User Group creation enabled')),
2763 2763
2764 2764 ('hg.create.none', _('Repository creation disabled')),
2765 2765 ('hg.create.repository', _('Repository creation enabled')),
2766 2766 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
2767 2767 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
2768 2768
2769 2769 ('hg.fork.none', _('Repository forking disabled')),
2770 2770 ('hg.fork.repository', _('Repository forking enabled')),
2771 2771
2772 2772 ('hg.register.none', _('Registration disabled')),
2773 2773 ('hg.register.manual_activate', _('User Registration with manual account activation')),
2774 2774 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
2775 2775
2776 2776 ('hg.password_reset.enabled', _('Password reset enabled')),
2777 2777 ('hg.password_reset.hidden', _('Password reset hidden')),
2778 2778 ('hg.password_reset.disabled', _('Password reset disabled')),
2779 2779
2780 2780 ('hg.extern_activate.manual', _('Manual activation of external account')),
2781 2781 ('hg.extern_activate.auto', _('Automatic activation of external account')),
2782 2782
2783 2783 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
2784 2784 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
2785 2785 ]
2786 2786
2787 2787 # definition of system default permissions for DEFAULT user, created on
2788 2788 # system setup
2789 2789 DEFAULT_USER_PERMISSIONS = [
2790 2790 # object perms
2791 2791 'repository.read',
2792 2792 'group.read',
2793 2793 'usergroup.read',
2794 2794 # branch, for backward compat we need same value as before so forced pushed
2795 2795 'branch.push_force',
2796 2796 # global
2797 2797 'hg.create.repository',
2798 2798 'hg.repogroup.create.false',
2799 2799 'hg.usergroup.create.false',
2800 2800 'hg.create.write_on_repogroup.true',
2801 2801 'hg.fork.repository',
2802 2802 'hg.register.manual_activate',
2803 2803 'hg.password_reset.enabled',
2804 2804 'hg.extern_activate.auto',
2805 2805 'hg.inherit_default_perms.true',
2806 2806 ]
2807 2807
2808 2808 # defines which permissions are more important higher the more important
2809 2809 # Weight defines which permissions are more important.
2810 2810 # The higher number the more important.
2811 2811 PERM_WEIGHTS = {
2812 2812 'repository.none': 0,
2813 2813 'repository.read': 1,
2814 2814 'repository.write': 3,
2815 2815 'repository.admin': 4,
2816 2816
2817 2817 'group.none': 0,
2818 2818 'group.read': 1,
2819 2819 'group.write': 3,
2820 2820 'group.admin': 4,
2821 2821
2822 2822 'usergroup.none': 0,
2823 2823 'usergroup.read': 1,
2824 2824 'usergroup.write': 3,
2825 2825 'usergroup.admin': 4,
2826 2826
2827 2827 'branch.none': 0,
2828 2828 'branch.merge': 1,
2829 2829 'branch.push': 3,
2830 2830 'branch.push_force': 4,
2831 2831
2832 2832 'hg.repogroup.create.false': 0,
2833 2833 'hg.repogroup.create.true': 1,
2834 2834
2835 2835 'hg.usergroup.create.false': 0,
2836 2836 'hg.usergroup.create.true': 1,
2837 2837
2838 2838 'hg.fork.none': 0,
2839 2839 'hg.fork.repository': 1,
2840 2840 'hg.create.none': 0,
2841 2841 'hg.create.repository': 1
2842 2842 }
2843 2843
2844 2844 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2845 2845 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
2846 2846 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
2847 2847
2848 2848 def __unicode__(self):
2849 2849 return u"<%s('%s:%s')>" % (
2850 2850 self.__class__.__name__, self.permission_id, self.permission_name
2851 2851 )
2852 2852
2853 2853 @classmethod
2854 2854 def get_by_key(cls, key):
2855 2855 return cls.query().filter(cls.permission_name == key).scalar()
2856 2856
2857 2857 @classmethod
2858 2858 def get_default_repo_perms(cls, user_id, repo_id=None):
2859 2859 q = Session().query(UserRepoToPerm, Repository, Permission)\
2860 2860 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
2861 2861 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
2862 2862 .filter(UserRepoToPerm.user_id == user_id)
2863 2863 if repo_id:
2864 2864 q = q.filter(UserRepoToPerm.repository_id == repo_id)
2865 2865 return q.all()
2866 2866
2867 2867 @classmethod
2868 2868 def get_default_repo_branch_perms(cls, user_id, repo_id=None):
2869 2869 q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \
2870 2870 .join(
2871 2871 Permission,
2872 2872 UserToRepoBranchPermission.permission_id == Permission.permission_id) \
2873 2873 .join(
2874 2874 UserRepoToPerm,
2875 2875 UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \
2876 2876 .filter(UserRepoToPerm.user_id == user_id)
2877 2877
2878 2878 if repo_id:
2879 2879 q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)
2880 2880 return q.order_by(UserToRepoBranchPermission.rule_order).all()
2881 2881
2882 2882 @classmethod
2883 2883 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
2884 2884 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
2885 2885 .join(
2886 2886 Permission,
2887 2887 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
2888 2888 .join(
2889 2889 Repository,
2890 2890 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
2891 2891 .join(
2892 2892 UserGroup,
2893 2893 UserGroupRepoToPerm.users_group_id ==
2894 2894 UserGroup.users_group_id)\
2895 2895 .join(
2896 2896 UserGroupMember,
2897 2897 UserGroupRepoToPerm.users_group_id ==
2898 2898 UserGroupMember.users_group_id)\
2899 2899 .filter(
2900 2900 UserGroupMember.user_id == user_id,
2901 2901 UserGroup.users_group_active == true())
2902 2902 if repo_id:
2903 2903 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
2904 2904 return q.all()
2905 2905
2906 2906 @classmethod
2907 2907 def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):
2908 2908 q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \
2909 2909 .join(
2910 2910 Permission,
2911 2911 UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \
2912 2912 .join(
2913 2913 UserGroupRepoToPerm,
2914 2914 UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \
2915 2915 .join(
2916 2916 UserGroup,
2917 2917 UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \
2918 2918 .join(
2919 2919 UserGroupMember,
2920 2920 UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \
2921 2921 .filter(
2922 2922 UserGroupMember.user_id == user_id,
2923 2923 UserGroup.users_group_active == true())
2924 2924
2925 2925 if repo_id:
2926 2926 q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)
2927 2927 return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()
2928 2928
2929 2929 @classmethod
2930 2930 def get_default_group_perms(cls, user_id, repo_group_id=None):
2931 2931 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
2932 2932 .join(
2933 2933 Permission,
2934 2934 UserRepoGroupToPerm.permission_id == Permission.permission_id)\
2935 2935 .join(
2936 2936 RepoGroup,
2937 2937 UserRepoGroupToPerm.group_id == RepoGroup.group_id)\
2938 2938 .filter(UserRepoGroupToPerm.user_id == user_id)
2939 2939 if repo_group_id:
2940 2940 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
2941 2941 return q.all()
2942 2942
2943 2943 @classmethod
2944 2944 def get_default_group_perms_from_user_group(
2945 2945 cls, user_id, repo_group_id=None):
2946 2946 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
2947 2947 .join(
2948 2948 Permission,
2949 2949 UserGroupRepoGroupToPerm.permission_id ==
2950 2950 Permission.permission_id)\
2951 2951 .join(
2952 2952 RepoGroup,
2953 2953 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
2954 2954 .join(
2955 2955 UserGroup,
2956 2956 UserGroupRepoGroupToPerm.users_group_id ==
2957 2957 UserGroup.users_group_id)\
2958 2958 .join(
2959 2959 UserGroupMember,
2960 2960 UserGroupRepoGroupToPerm.users_group_id ==
2961 2961 UserGroupMember.users_group_id)\
2962 2962 .filter(
2963 2963 UserGroupMember.user_id == user_id,
2964 2964 UserGroup.users_group_active == true())
2965 2965 if repo_group_id:
2966 2966 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
2967 2967 return q.all()
2968 2968
2969 2969 @classmethod
2970 2970 def get_default_user_group_perms(cls, user_id, user_group_id=None):
2971 2971 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
2972 2972 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
2973 2973 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
2974 2974 .filter(UserUserGroupToPerm.user_id == user_id)
2975 2975 if user_group_id:
2976 2976 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
2977 2977 return q.all()
2978 2978
2979 2979 @classmethod
2980 2980 def get_default_user_group_perms_from_user_group(
2981 2981 cls, user_id, user_group_id=None):
2982 2982 TargetUserGroup = aliased(UserGroup, name='target_user_group')
2983 2983 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
2984 2984 .join(
2985 2985 Permission,
2986 2986 UserGroupUserGroupToPerm.permission_id ==
2987 2987 Permission.permission_id)\
2988 2988 .join(
2989 2989 TargetUserGroup,
2990 2990 UserGroupUserGroupToPerm.target_user_group_id ==
2991 2991 TargetUserGroup.users_group_id)\
2992 2992 .join(
2993 2993 UserGroup,
2994 2994 UserGroupUserGroupToPerm.user_group_id ==
2995 2995 UserGroup.users_group_id)\
2996 2996 .join(
2997 2997 UserGroupMember,
2998 2998 UserGroupUserGroupToPerm.user_group_id ==
2999 2999 UserGroupMember.users_group_id)\
3000 3000 .filter(
3001 3001 UserGroupMember.user_id == user_id,
3002 3002 UserGroup.users_group_active == true())
3003 3003 if user_group_id:
3004 3004 q = q.filter(
3005 3005 UserGroupUserGroupToPerm.user_group_id == user_group_id)
3006 3006
3007 3007 return q.all()
3008 3008
3009 3009
3010 3010 class UserRepoToPerm(Base, BaseModel):
3011 3011 __tablename__ = 'repo_to_perm'
3012 3012 __table_args__ = (
3013 3013 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
3014 3014 base_table_args
3015 3015 )
3016 3016
3017 3017 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3018 3018 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3019 3019 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3020 3020 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3021 3021
3022 3022 user = relationship('User')
3023 3023 repository = relationship('Repository')
3024 3024 permission = relationship('Permission')
3025 3025
3026 3026 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete, delete-orphan", lazy='joined')
3027 3027
3028 3028 @classmethod
3029 3029 def create(cls, user, repository, permission):
3030 3030 n = cls()
3031 3031 n.user = user
3032 3032 n.repository = repository
3033 3033 n.permission = permission
3034 3034 Session().add(n)
3035 3035 return n
3036 3036
3037 3037 def __unicode__(self):
3038 3038 return u'<%s => %s >' % (self.user, self.repository)
3039 3039
3040 3040
3041 3041 class UserUserGroupToPerm(Base, BaseModel):
3042 3042 __tablename__ = 'user_user_group_to_perm'
3043 3043 __table_args__ = (
3044 3044 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
3045 3045 base_table_args
3046 3046 )
3047 3047
3048 3048 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3049 3049 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3050 3050 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3051 3051 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3052 3052
3053 3053 user = relationship('User')
3054 3054 user_group = relationship('UserGroup')
3055 3055 permission = relationship('Permission')
3056 3056
3057 3057 @classmethod
3058 3058 def create(cls, user, user_group, permission):
3059 3059 n = cls()
3060 3060 n.user = user
3061 3061 n.user_group = user_group
3062 3062 n.permission = permission
3063 3063 Session().add(n)
3064 3064 return n
3065 3065
3066 3066 def __unicode__(self):
3067 3067 return u'<%s => %s >' % (self.user, self.user_group)
3068 3068
3069 3069
3070 3070 class UserToPerm(Base, BaseModel):
3071 3071 __tablename__ = 'user_to_perm'
3072 3072 __table_args__ = (
3073 3073 UniqueConstraint('user_id', 'permission_id'),
3074 3074 base_table_args
3075 3075 )
3076 3076
3077 3077 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3078 3078 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3079 3079 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3080 3080
3081 3081 user = relationship('User')
3082 3082 permission = relationship('Permission', lazy='joined')
3083 3083
3084 3084 def __unicode__(self):
3085 3085 return u'<%s => %s >' % (self.user, self.permission)
3086 3086
3087 3087
3088 3088 class UserGroupRepoToPerm(Base, BaseModel):
3089 3089 __tablename__ = 'users_group_repo_to_perm'
3090 3090 __table_args__ = (
3091 3091 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
3092 3092 base_table_args
3093 3093 )
3094 3094
3095 3095 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3096 3096 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3097 3097 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3098 3098 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3099 3099
3100 3100 users_group = relationship('UserGroup')
3101 3101 permission = relationship('Permission')
3102 3102 repository = relationship('Repository')
3103 3103 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission', cascade='all')
3104 3104
3105 3105 @classmethod
3106 3106 def create(cls, users_group, repository, permission):
3107 3107 n = cls()
3108 3108 n.users_group = users_group
3109 3109 n.repository = repository
3110 3110 n.permission = permission
3111 3111 Session().add(n)
3112 3112 return n
3113 3113
3114 3114 def __unicode__(self):
3115 3115 return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
3116 3116
3117 3117
3118 3118 class UserGroupUserGroupToPerm(Base, BaseModel):
3119 3119 __tablename__ = 'user_group_user_group_to_perm'
3120 3120 __table_args__ = (
3121 3121 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
3122 3122 CheckConstraint('target_user_group_id != user_group_id'),
3123 3123 base_table_args
3124 3124 )
3125 3125
3126 3126 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3127 3127 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3128 3128 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3129 3129 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3130 3130
3131 3131 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
3132 3132 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3133 3133 permission = relationship('Permission')
3134 3134
3135 3135 @classmethod
3136 3136 def create(cls, target_user_group, user_group, permission):
3137 3137 n = cls()
3138 3138 n.target_user_group = target_user_group
3139 3139 n.user_group = user_group
3140 3140 n.permission = permission
3141 3141 Session().add(n)
3142 3142 return n
3143 3143
3144 3144 def __unicode__(self):
3145 3145 return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
3146 3146
3147 3147
3148 3148 class UserGroupToPerm(Base, BaseModel):
3149 3149 __tablename__ = 'users_group_to_perm'
3150 3150 __table_args__ = (
3151 3151 UniqueConstraint('users_group_id', 'permission_id',),
3152 3152 base_table_args
3153 3153 )
3154 3154
3155 3155 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3156 3156 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3157 3157 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3158 3158
3159 3159 users_group = relationship('UserGroup')
3160 3160 permission = relationship('Permission')
3161 3161
3162 3162
3163 3163 class UserRepoGroupToPerm(Base, BaseModel):
3164 3164 __tablename__ = 'user_repo_group_to_perm'
3165 3165 __table_args__ = (
3166 3166 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3167 3167 base_table_args
3168 3168 )
3169 3169
3170 3170 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3171 3171 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3172 3172 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3173 3173 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3174 3174
3175 3175 user = relationship('User')
3176 3176 group = relationship('RepoGroup')
3177 3177 permission = relationship('Permission')
3178 3178
3179 3179 @classmethod
3180 3180 def create(cls, user, repository_group, permission):
3181 3181 n = cls()
3182 3182 n.user = user
3183 3183 n.group = repository_group
3184 3184 n.permission = permission
3185 3185 Session().add(n)
3186 3186 return n
3187 3187
3188 3188
3189 3189 class UserGroupRepoGroupToPerm(Base, BaseModel):
3190 3190 __tablename__ = 'users_group_repo_group_to_perm'
3191 3191 __table_args__ = (
3192 3192 UniqueConstraint('users_group_id', 'group_id'),
3193 3193 base_table_args
3194 3194 )
3195 3195
3196 3196 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3197 3197 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3198 3198 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3199 3199 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3200 3200
3201 3201 users_group = relationship('UserGroup')
3202 3202 permission = relationship('Permission')
3203 3203 group = relationship('RepoGroup')
3204 3204
3205 3205 @classmethod
3206 3206 def create(cls, user_group, repository_group, permission):
3207 3207 n = cls()
3208 3208 n.users_group = user_group
3209 3209 n.group = repository_group
3210 3210 n.permission = permission
3211 3211 Session().add(n)
3212 3212 return n
3213 3213
3214 3214 def __unicode__(self):
3215 3215 return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3216 3216
3217 3217
3218 3218 class Statistics(Base, BaseModel):
3219 3219 __tablename__ = 'statistics'
3220 3220 __table_args__ = (
3221 3221 base_table_args
3222 3222 )
3223 3223
3224 3224 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3225 3225 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3226 3226 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3227 3227 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
3228 3228 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
3229 3229 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
3230 3230
3231 3231 repository = relationship('Repository', single_parent=True)
3232 3232
3233 3233
3234 3234 class UserFollowing(Base, BaseModel):
3235 3235 __tablename__ = 'user_followings'
3236 3236 __table_args__ = (
3237 3237 UniqueConstraint('user_id', 'follows_repository_id'),
3238 3238 UniqueConstraint('user_id', 'follows_user_id'),
3239 3239 base_table_args
3240 3240 )
3241 3241
3242 3242 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3243 3243 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3244 3244 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3245 3245 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3246 3246 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3247 3247
3248 3248 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
3249 3249
3250 3250 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3251 3251 follows_repository = relationship('Repository', order_by='Repository.repo_name')
3252 3252
3253 3253 @classmethod
3254 3254 def get_repo_followers(cls, repo_id):
3255 3255 return cls.query().filter(cls.follows_repo_id == repo_id)
3256 3256
3257 3257
3258 3258 class CacheKey(Base, BaseModel):
3259 3259 __tablename__ = 'cache_invalidation'
3260 3260 __table_args__ = (
3261 3261 UniqueConstraint('cache_key'),
3262 3262 Index('key_idx', 'cache_key'),
3263 3263 base_table_args,
3264 3264 )
3265 3265
3266 3266 CACHE_TYPE_FEED = 'FEED'
3267 3267 CACHE_TYPE_README = 'README'
3268 3268 # namespaces used to register process/thread aware caches
3269 3269 REPO_INVALIDATION_NAMESPACE = 'repo_cache:{repo_id}'
3270 3270 SETTINGS_INVALIDATION_NAMESPACE = 'system_settings'
3271 3271
3272 3272 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3273 3273 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3274 3274 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3275 3275 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3276 3276
3277 3277 def __init__(self, cache_key, cache_args=''):
3278 3278 self.cache_key = cache_key
3279 3279 self.cache_args = cache_args
3280 3280 self.cache_active = False
3281 3281
3282 3282 def __unicode__(self):
3283 3283 return u"<%s('%s:%s[%s]')>" % (
3284 3284 self.__class__.__name__,
3285 3285 self.cache_id, self.cache_key, self.cache_active)
3286 3286
3287 3287 def _cache_key_partition(self):
3288 3288 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3289 3289 return prefix, repo_name, suffix
3290 3290
3291 3291 def get_prefix(self):
3292 3292 """
3293 3293 Try to extract prefix from existing cache key. The key could consist
3294 3294 of prefix, repo_name, suffix
3295 3295 """
3296 3296 # this returns prefix, repo_name, suffix
3297 3297 return self._cache_key_partition()[0]
3298 3298
3299 3299 def get_suffix(self):
3300 3300 """
3301 3301 get suffix that might have been used in _get_cache_key to
3302 3302 generate self.cache_key. Only used for informational purposes
3303 3303 in repo_edit.mako.
3304 3304 """
3305 3305 # prefix, repo_name, suffix
3306 3306 return self._cache_key_partition()[2]
3307 3307
3308 3308 @classmethod
3309 3309 def delete_all_cache(cls):
3310 3310 """
3311 3311 Delete all cache keys from database.
3312 3312 Should only be run when all instances are down and all entries
3313 3313 thus stale.
3314 3314 """
3315 3315 cls.query().delete()
3316 3316 Session().commit()
3317 3317
3318 3318 @classmethod
3319 3319 def set_invalidate(cls, cache_uid, delete=False):
3320 3320 """
3321 3321 Mark all caches of a repo as invalid in the database.
3322 3322 """
3323 3323
3324 3324 try:
3325 3325 qry = Session().query(cls).filter(cls.cache_args == cache_uid)
3326 3326 if delete:
3327 3327 qry.delete()
3328 3328 log.debug('cache objects deleted for cache args %s',
3329 3329 safe_str(cache_uid))
3330 3330 else:
3331 3331 qry.update({"cache_active": False})
3332 3332 log.debug('cache objects marked as invalid for cache args %s',
3333 3333 safe_str(cache_uid))
3334 3334
3335 3335 Session().commit()
3336 3336 except Exception:
3337 3337 log.exception(
3338 3338 'Cache key invalidation failed for cache args %s',
3339 3339 safe_str(cache_uid))
3340 3340 Session().rollback()
3341 3341
3342 3342 @classmethod
3343 3343 def get_active_cache(cls, cache_key):
3344 3344 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3345 3345 if inv_obj:
3346 3346 return inv_obj
3347 3347 return None
3348 3348
3349 3349
3350 3350 class ChangesetComment(Base, BaseModel):
3351 3351 __tablename__ = 'changeset_comments'
3352 3352 __table_args__ = (
3353 3353 Index('cc_revision_idx', 'revision'),
3354 3354 base_table_args,
3355 3355 )
3356 3356
3357 3357 COMMENT_OUTDATED = u'comment_outdated'
3358 3358 COMMENT_TYPE_NOTE = u'note'
3359 3359 COMMENT_TYPE_TODO = u'todo'
3360 3360 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3361 3361
3362 3362 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3363 3363 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3364 3364 revision = Column('revision', String(40), nullable=True)
3365 3365 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3366 3366 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3367 3367 line_no = Column('line_no', Unicode(10), nullable=True)
3368 3368 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3369 3369 f_path = Column('f_path', Unicode(1000), nullable=True)
3370 3370 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3371 3371 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3372 3372 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3373 3373 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3374 3374 renderer = Column('renderer', Unicode(64), nullable=True)
3375 3375 display_state = Column('display_state', Unicode(128), nullable=True)
3376 3376
3377 3377 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3378 3378 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3379 3379
3380 3380 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, back_populates='resolved_by')
3381 3381 resolved_by = relationship('ChangesetComment', back_populates='resolved_comment')
3382 3382
3383 3383 author = relationship('User', lazy='joined')
3384 3384 repo = relationship('Repository')
3385 3385 status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan", lazy='joined')
3386 3386 pull_request = relationship('PullRequest', lazy='joined')
3387 3387 pull_request_version = relationship('PullRequestVersion')
3388 3388
3389 3389 @classmethod
3390 3390 def get_users(cls, revision=None, pull_request_id=None):
3391 3391 """
3392 3392 Returns user associated with this ChangesetComment. ie those
3393 3393 who actually commented
3394 3394
3395 3395 :param cls:
3396 3396 :param revision:
3397 3397 """
3398 3398 q = Session().query(User)\
3399 3399 .join(ChangesetComment.author)
3400 3400 if revision:
3401 3401 q = q.filter(cls.revision == revision)
3402 3402 elif pull_request_id:
3403 3403 q = q.filter(cls.pull_request_id == pull_request_id)
3404 3404 return q.all()
3405 3405
3406 3406 @classmethod
3407 3407 def get_index_from_version(cls, pr_version, versions):
3408 3408 num_versions = [x.pull_request_version_id for x in versions]
3409 3409 try:
3410 3410 return num_versions.index(pr_version) +1
3411 3411 except (IndexError, ValueError):
3412 3412 return
3413 3413
3414 3414 @property
3415 3415 def outdated(self):
3416 3416 return self.display_state == self.COMMENT_OUTDATED
3417 3417
3418 3418 def outdated_at_version(self, version):
3419 3419 """
3420 3420 Checks if comment is outdated for given pull request version
3421 3421 """
3422 3422 return self.outdated and self.pull_request_version_id != version
3423 3423
3424 3424 def older_than_version(self, version):
3425 3425 """
3426 3426 Checks if comment is made from previous version than given
3427 3427 """
3428 3428 if version is None:
3429 3429 return self.pull_request_version_id is not None
3430 3430
3431 3431 return self.pull_request_version_id < version
3432 3432
3433 3433 @property
3434 3434 def resolved(self):
3435 3435 return self.resolved_by[0] if self.resolved_by else None
3436 3436
3437 3437 @property
3438 3438 def is_todo(self):
3439 3439 return self.comment_type == self.COMMENT_TYPE_TODO
3440 3440
3441 3441 @property
3442 3442 def is_inline(self):
3443 3443 return self.line_no and self.f_path
3444 3444
3445 3445 def get_index_version(self, versions):
3446 3446 return self.get_index_from_version(
3447 3447 self.pull_request_version_id, versions)
3448 3448
3449 3449 def __repr__(self):
3450 3450 if self.comment_id:
3451 3451 return '<DB:Comment #%s>' % self.comment_id
3452 3452 else:
3453 3453 return '<DB:Comment at %#x>' % id(self)
3454 3454
3455 3455 def get_api_data(self):
3456 3456 comment = self
3457 3457 data = {
3458 3458 'comment_id': comment.comment_id,
3459 3459 'comment_type': comment.comment_type,
3460 3460 'comment_text': comment.text,
3461 3461 'comment_status': comment.status_change,
3462 3462 'comment_f_path': comment.f_path,
3463 3463 'comment_lineno': comment.line_no,
3464 3464 'comment_author': comment.author,
3465 3465 'comment_created_on': comment.created_on
3466 3466 }
3467 3467 return data
3468 3468
3469 3469 def __json__(self):
3470 3470 data = dict()
3471 3471 data.update(self.get_api_data())
3472 3472 return data
3473 3473
3474 3474
3475 3475 class ChangesetStatus(Base, BaseModel):
3476 3476 __tablename__ = 'changeset_statuses'
3477 3477 __table_args__ = (
3478 3478 Index('cs_revision_idx', 'revision'),
3479 3479 Index('cs_version_idx', 'version'),
3480 3480 UniqueConstraint('repo_id', 'revision', 'version'),
3481 3481 base_table_args
3482 3482 )
3483 3483
3484 3484 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
3485 3485 STATUS_APPROVED = 'approved'
3486 3486 STATUS_REJECTED = 'rejected'
3487 3487 STATUS_UNDER_REVIEW = 'under_review'
3488 3488
3489 3489 STATUSES = [
3490 3490 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
3491 3491 (STATUS_APPROVED, _("Approved")),
3492 3492 (STATUS_REJECTED, _("Rejected")),
3493 3493 (STATUS_UNDER_REVIEW, _("Under Review")),
3494 3494 ]
3495 3495
3496 3496 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
3497 3497 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3498 3498 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
3499 3499 revision = Column('revision', String(40), nullable=False)
3500 3500 status = Column('status', String(128), nullable=False, default=DEFAULT)
3501 3501 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
3502 3502 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
3503 3503 version = Column('version', Integer(), nullable=False, default=0)
3504 3504 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3505 3505
3506 3506 author = relationship('User', lazy='joined')
3507 3507 repo = relationship('Repository')
3508 3508 comment = relationship('ChangesetComment', lazy='joined')
3509 3509 pull_request = relationship('PullRequest', lazy='joined')
3510 3510
3511 3511 def __unicode__(self):
3512 3512 return u"<%s('%s[v%s]:%s')>" % (
3513 3513 self.__class__.__name__,
3514 3514 self.status, self.version, self.author
3515 3515 )
3516 3516
3517 3517 @classmethod
3518 3518 def get_status_lbl(cls, value):
3519 3519 return dict(cls.STATUSES).get(value)
3520 3520
3521 3521 @property
3522 3522 def status_lbl(self):
3523 3523 return ChangesetStatus.get_status_lbl(self.status)
3524 3524
3525 3525 def get_api_data(self):
3526 3526 status = self
3527 3527 data = {
3528 3528 'status_id': status.changeset_status_id,
3529 3529 'status': status.status,
3530 3530 }
3531 3531 return data
3532 3532
3533 3533 def __json__(self):
3534 3534 data = dict()
3535 3535 data.update(self.get_api_data())
3536 3536 return data
3537 3537
3538 3538
3539 3539 class _PullRequestBase(BaseModel):
3540 3540 """
3541 3541 Common attributes of pull request and version entries.
3542 3542 """
3543 3543
3544 3544 # .status values
3545 3545 STATUS_NEW = u'new'
3546 3546 STATUS_OPEN = u'open'
3547 3547 STATUS_CLOSED = u'closed'
3548 3548
3549 3549 # available states
3550 3550 STATE_CREATING = u'creating'
3551 3551 STATE_UPDATING = u'updating'
3552 3552 STATE_MERGING = u'merging'
3553 3553 STATE_CREATED = u'created'
3554 3554
3555 3555 title = Column('title', Unicode(255), nullable=True)
3556 3556 description = Column(
3557 3557 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
3558 3558 nullable=True)
3559 3559 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
3560 3560
3561 3561 # new/open/closed status of pull request (not approve/reject/etc)
3562 3562 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
3563 3563 created_on = Column(
3564 3564 'created_on', DateTime(timezone=False), nullable=False,
3565 3565 default=datetime.datetime.now)
3566 3566 updated_on = Column(
3567 3567 'updated_on', DateTime(timezone=False), nullable=False,
3568 3568 default=datetime.datetime.now)
3569 3569
3570 3570 pull_request_state = Column("pull_request_state", String(255), nullable=True)
3571 3571
3572 3572 @declared_attr
3573 3573 def user_id(cls):
3574 3574 return Column(
3575 3575 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
3576 3576 unique=None)
3577 3577
3578 3578 # 500 revisions max
3579 3579 _revisions = Column(
3580 3580 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
3581 3581
3582 3582 @declared_attr
3583 3583 def source_repo_id(cls):
3584 3584 # TODO: dan: rename column to source_repo_id
3585 3585 return Column(
3586 3586 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3587 3587 nullable=False)
3588 3588
3589 3589 _source_ref = Column('org_ref', Unicode(255), nullable=False)
3590 3590
3591 3591 @hybrid_property
3592 3592 def source_ref(self):
3593 3593 return self._source_ref
3594 3594
3595 3595 @source_ref.setter
3596 3596 def source_ref(self, val):
3597 3597 parts = (val or '').split(':')
3598 3598 if len(parts) != 3:
3599 3599 raise ValueError(
3600 3600 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
3601 3601 self._source_ref = safe_unicode(val)
3602 3602
3603 3603 _target_ref = Column('other_ref', Unicode(255), nullable=False)
3604 3604
3605 3605 @hybrid_property
3606 3606 def target_ref(self):
3607 3607 return self._target_ref
3608 3608
3609 3609 @target_ref.setter
3610 3610 def target_ref(self, val):
3611 3611 parts = (val or '').split(':')
3612 3612 if len(parts) != 3:
3613 3613 raise ValueError(
3614 3614 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
3615 3615 self._target_ref = safe_unicode(val)
3616 3616
3617 3617 @declared_attr
3618 3618 def target_repo_id(cls):
3619 3619 # TODO: dan: rename column to target_repo_id
3620 3620 return Column(
3621 3621 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3622 3622 nullable=False)
3623 3623
3624 3624 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
3625 3625
3626 3626 # TODO: dan: rename column to last_merge_source_rev
3627 3627 _last_merge_source_rev = Column(
3628 3628 'last_merge_org_rev', String(40), nullable=True)
3629 3629 # TODO: dan: rename column to last_merge_target_rev
3630 3630 _last_merge_target_rev = Column(
3631 3631 'last_merge_other_rev', String(40), nullable=True)
3632 3632 _last_merge_status = Column('merge_status', Integer(), nullable=True)
3633 3633 merge_rev = Column('merge_rev', String(40), nullable=True)
3634 3634
3635 3635 reviewer_data = Column(
3636 3636 'reviewer_data_json', MutationObj.as_mutable(
3637 3637 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3638 3638
3639 3639 @property
3640 3640 def reviewer_data_json(self):
3641 3641 return json.dumps(self.reviewer_data)
3642 3642
3643 3643 @hybrid_property
3644 3644 def description_safe(self):
3645 3645 from rhodecode.lib import helpers as h
3646 3646 return h.escape(self.description)
3647 3647
3648 3648 @hybrid_property
3649 3649 def revisions(self):
3650 3650 return self._revisions.split(':') if self._revisions else []
3651 3651
3652 3652 @revisions.setter
3653 3653 def revisions(self, val):
3654 3654 self._revisions = ':'.join(val)
3655 3655
3656 3656 @hybrid_property
3657 3657 def last_merge_status(self):
3658 3658 return safe_int(self._last_merge_status)
3659 3659
3660 3660 @last_merge_status.setter
3661 3661 def last_merge_status(self, val):
3662 3662 self._last_merge_status = val
3663 3663
3664 3664 @declared_attr
3665 3665 def author(cls):
3666 3666 return relationship('User', lazy='joined')
3667 3667
3668 3668 @declared_attr
3669 3669 def source_repo(cls):
3670 3670 return relationship(
3671 3671 'Repository',
3672 3672 primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
3673 3673
3674 3674 @property
3675 3675 def source_ref_parts(self):
3676 3676 return self.unicode_to_reference(self.source_ref)
3677 3677
3678 3678 @declared_attr
3679 3679 def target_repo(cls):
3680 3680 return relationship(
3681 3681 'Repository',
3682 3682 primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
3683 3683
3684 3684 @property
3685 3685 def target_ref_parts(self):
3686 3686 return self.unicode_to_reference(self.target_ref)
3687 3687
3688 3688 @property
3689 3689 def shadow_merge_ref(self):
3690 3690 return self.unicode_to_reference(self._shadow_merge_ref)
3691 3691
3692 3692 @shadow_merge_ref.setter
3693 3693 def shadow_merge_ref(self, ref):
3694 3694 self._shadow_merge_ref = self.reference_to_unicode(ref)
3695 3695
3696 3696 @staticmethod
3697 3697 def unicode_to_reference(raw):
3698 3698 """
3699 3699 Convert a unicode (or string) to a reference object.
3700 3700 If unicode evaluates to False it returns None.
3701 3701 """
3702 3702 if raw:
3703 3703 refs = raw.split(':')
3704 3704 return Reference(*refs)
3705 3705 else:
3706 3706 return None
3707 3707
3708 3708 @staticmethod
3709 3709 def reference_to_unicode(ref):
3710 3710 """
3711 3711 Convert a reference object to unicode.
3712 3712 If reference is None it returns None.
3713 3713 """
3714 3714 if ref:
3715 3715 return u':'.join(ref)
3716 3716 else:
3717 3717 return None
3718 3718
3719 3719 def get_api_data(self, with_merge_state=True):
3720 3720 from rhodecode.model.pull_request import PullRequestModel
3721 3721
3722 3722 pull_request = self
3723 3723 if with_merge_state:
3724 3724 merge_status = PullRequestModel().merge_status(pull_request)
3725 3725 merge_state = {
3726 3726 'status': merge_status[0],
3727 3727 'message': safe_unicode(merge_status[1]),
3728 3728 }
3729 3729 else:
3730 3730 merge_state = {'status': 'not_available',
3731 3731 'message': 'not_available'}
3732 3732
3733 3733 merge_data = {
3734 3734 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
3735 3735 'reference': (
3736 3736 pull_request.shadow_merge_ref._asdict()
3737 3737 if pull_request.shadow_merge_ref else None),
3738 3738 }
3739 3739
3740 3740 data = {
3741 3741 'pull_request_id': pull_request.pull_request_id,
3742 3742 'url': PullRequestModel().get_url(pull_request),
3743 3743 'title': pull_request.title,
3744 3744 'description': pull_request.description,
3745 3745 'status': pull_request.status,
3746 3746 'created_on': pull_request.created_on,
3747 3747 'updated_on': pull_request.updated_on,
3748 3748 'commit_ids': pull_request.revisions,
3749 3749 'review_status': pull_request.calculated_review_status(),
3750 3750 'mergeable': merge_state,
3751 3751 'source': {
3752 3752 'clone_url': pull_request.source_repo.clone_url(),
3753 3753 'repository': pull_request.source_repo.repo_name,
3754 3754 'reference': {
3755 3755 'name': pull_request.source_ref_parts.name,
3756 3756 'type': pull_request.source_ref_parts.type,
3757 3757 'commit_id': pull_request.source_ref_parts.commit_id,
3758 3758 },
3759 3759 },
3760 3760 'target': {
3761 3761 'clone_url': pull_request.target_repo.clone_url(),
3762 3762 'repository': pull_request.target_repo.repo_name,
3763 3763 'reference': {
3764 3764 'name': pull_request.target_ref_parts.name,
3765 3765 'type': pull_request.target_ref_parts.type,
3766 3766 'commit_id': pull_request.target_ref_parts.commit_id,
3767 3767 },
3768 3768 },
3769 3769 'merge': merge_data,
3770 3770 'author': pull_request.author.get_api_data(include_secrets=False,
3771 3771 details='basic'),
3772 3772 'reviewers': [
3773 3773 {
3774 3774 'user': reviewer.get_api_data(include_secrets=False,
3775 3775 details='basic'),
3776 3776 'reasons': reasons,
3777 3777 'review_status': st[0][1].status if st else 'not_reviewed',
3778 3778 }
3779 3779 for obj, reviewer, reasons, mandatory, st in
3780 3780 pull_request.reviewers_statuses()
3781 3781 ]
3782 3782 }
3783 3783
3784 3784 return data
3785 3785
3786 3786
3787 3787 class PullRequest(Base, _PullRequestBase):
3788 3788 __tablename__ = 'pull_requests'
3789 3789 __table_args__ = (
3790 3790 base_table_args,
3791 3791 )
3792 3792
3793 3793 pull_request_id = Column(
3794 3794 'pull_request_id', Integer(), nullable=False, primary_key=True)
3795 3795
3796 3796 def __repr__(self):
3797 3797 if self.pull_request_id:
3798 3798 return '<DB:PullRequest #%s>' % self.pull_request_id
3799 3799 else:
3800 3800 return '<DB:PullRequest at %#x>' % id(self)
3801 3801
3802 3802 reviewers = relationship('PullRequestReviewers',
3803 3803 cascade="all, delete, delete-orphan")
3804 3804 statuses = relationship('ChangesetStatus',
3805 3805 cascade="all, delete, delete-orphan")
3806 3806 comments = relationship('ChangesetComment',
3807 3807 cascade="all, delete, delete-orphan")
3808 3808 versions = relationship('PullRequestVersion',
3809 3809 cascade="all, delete, delete-orphan",
3810 3810 lazy='dynamic')
3811 3811
3812 3812 @classmethod
3813 3813 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
3814 3814 internal_methods=None):
3815 3815
3816 3816 class PullRequestDisplay(object):
3817 3817 """
3818 3818 Special object wrapper for showing PullRequest data via Versions
3819 3819 It mimics PR object as close as possible. This is read only object
3820 3820 just for display
3821 3821 """
3822 3822
3823 3823 def __init__(self, attrs, internal=None):
3824 3824 self.attrs = attrs
3825 3825 # internal have priority over the given ones via attrs
3826 3826 self.internal = internal or ['versions']
3827 3827
3828 3828 def __getattr__(self, item):
3829 3829 if item in self.internal:
3830 3830 return getattr(self, item)
3831 3831 try:
3832 3832 return self.attrs[item]
3833 3833 except KeyError:
3834 3834 raise AttributeError(
3835 3835 '%s object has no attribute %s' % (self, item))
3836 3836
3837 3837 def __repr__(self):
3838 3838 return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
3839 3839
3840 3840 def versions(self):
3841 3841 return pull_request_obj.versions.order_by(
3842 3842 PullRequestVersion.pull_request_version_id).all()
3843 3843
3844 3844 def is_closed(self):
3845 3845 return pull_request_obj.is_closed()
3846 3846
3847 3847 @property
3848 3848 def pull_request_version_id(self):
3849 3849 return getattr(pull_request_obj, 'pull_request_version_id', None)
3850 3850
3851 3851 attrs = StrictAttributeDict(pull_request_obj.get_api_data())
3852 3852
3853 3853 attrs.author = StrictAttributeDict(
3854 3854 pull_request_obj.author.get_api_data())
3855 3855 if pull_request_obj.target_repo:
3856 3856 attrs.target_repo = StrictAttributeDict(
3857 3857 pull_request_obj.target_repo.get_api_data())
3858 3858 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
3859 3859
3860 3860 if pull_request_obj.source_repo:
3861 3861 attrs.source_repo = StrictAttributeDict(
3862 3862 pull_request_obj.source_repo.get_api_data())
3863 3863 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
3864 3864
3865 3865 attrs.source_ref_parts = pull_request_obj.source_ref_parts
3866 3866 attrs.target_ref_parts = pull_request_obj.target_ref_parts
3867 3867 attrs.revisions = pull_request_obj.revisions
3868 3868
3869 3869 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
3870 3870 attrs.reviewer_data = org_pull_request_obj.reviewer_data
3871 3871 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
3872 3872
3873 3873 return PullRequestDisplay(attrs, internal=internal_methods)
3874 3874
3875 3875 def is_closed(self):
3876 3876 return self.status == self.STATUS_CLOSED
3877 3877
3878 3878 def __json__(self):
3879 3879 return {
3880 3880 'revisions': self.revisions,
3881 3881 }
3882 3882
3883 3883 def calculated_review_status(self):
3884 3884 from rhodecode.model.changeset_status import ChangesetStatusModel
3885 3885 return ChangesetStatusModel().calculated_review_status(self)
3886 3886
3887 3887 def reviewers_statuses(self):
3888 3888 from rhodecode.model.changeset_status import ChangesetStatusModel
3889 3889 return ChangesetStatusModel().reviewers_statuses(self)
3890 3890
3891 3891 @property
3892 3892 def workspace_id(self):
3893 3893 from rhodecode.model.pull_request import PullRequestModel
3894 3894 return PullRequestModel()._workspace_id(self)
3895 3895
3896 3896 def get_shadow_repo(self):
3897 3897 workspace_id = self.workspace_id
3898 3898 vcs_obj = self.target_repo.scm_instance()
3899 3899 shadow_repository_path = vcs_obj._get_shadow_repository_path(
3900 3900 self.target_repo.repo_id, workspace_id)
3901 3901 if os.path.isdir(shadow_repository_path):
3902 3902 return vcs_obj.get_shadow_instance(shadow_repository_path)
3903 3903
3904 3904
3905 3905 class PullRequestVersion(Base, _PullRequestBase):
3906 3906 __tablename__ = 'pull_request_versions'
3907 3907 __table_args__ = (
3908 3908 base_table_args,
3909 3909 )
3910 3910
3911 3911 pull_request_version_id = Column(
3912 3912 'pull_request_version_id', Integer(), nullable=False, primary_key=True)
3913 3913 pull_request_id = Column(
3914 3914 'pull_request_id', Integer(),
3915 3915 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3916 3916 pull_request = relationship('PullRequest')
3917 3917
3918 3918 def __repr__(self):
3919 3919 if self.pull_request_version_id:
3920 3920 return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
3921 3921 else:
3922 3922 return '<DB:PullRequestVersion at %#x>' % id(self)
3923 3923
3924 3924 @property
3925 3925 def reviewers(self):
3926 3926 return self.pull_request.reviewers
3927 3927
3928 3928 @property
3929 3929 def versions(self):
3930 3930 return self.pull_request.versions
3931 3931
3932 3932 def is_closed(self):
3933 3933 # calculate from original
3934 3934 return self.pull_request.status == self.STATUS_CLOSED
3935 3935
3936 3936 def calculated_review_status(self):
3937 3937 return self.pull_request.calculated_review_status()
3938 3938
3939 3939 def reviewers_statuses(self):
3940 3940 return self.pull_request.reviewers_statuses()
3941 3941
3942 3942
3943 3943 class PullRequestReviewers(Base, BaseModel):
3944 3944 __tablename__ = 'pull_request_reviewers'
3945 3945 __table_args__ = (
3946 3946 base_table_args,
3947 3947 )
3948 3948
3949 3949 @hybrid_property
3950 3950 def reasons(self):
3951 3951 if not self._reasons:
3952 3952 return []
3953 3953 return self._reasons
3954 3954
3955 3955 @reasons.setter
3956 3956 def reasons(self, val):
3957 3957 val = val or []
3958 3958 if any(not isinstance(x, str) for x in val):
3959 3959 raise Exception('invalid reasons type, must be list of strings')
3960 3960 self._reasons = val
3961 3961
3962 3962 pull_requests_reviewers_id = Column(
3963 3963 'pull_requests_reviewers_id', Integer(), nullable=False,
3964 3964 primary_key=True)
3965 3965 pull_request_id = Column(
3966 3966 "pull_request_id", Integer(),
3967 3967 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3968 3968 user_id = Column(
3969 3969 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
3970 3970 _reasons = Column(
3971 3971 'reason', MutationList.as_mutable(
3972 3972 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
3973 3973
3974 3974 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
3975 3975 user = relationship('User')
3976 3976 pull_request = relationship('PullRequest')
3977 3977
3978 3978 rule_data = Column(
3979 3979 'rule_data_json',
3980 3980 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
3981 3981
3982 3982 def rule_user_group_data(self):
3983 3983 """
3984 3984 Returns the voting user group rule data for this reviewer
3985 3985 """
3986 3986
3987 3987 if self.rule_data and 'vote_rule' in self.rule_data:
3988 3988 user_group_data = {}
3989 3989 if 'rule_user_group_entry_id' in self.rule_data:
3990 3990 # means a group with voting rules !
3991 3991 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
3992 3992 user_group_data['name'] = self.rule_data['rule_name']
3993 3993 user_group_data['vote_rule'] = self.rule_data['vote_rule']
3994 3994
3995 3995 return user_group_data
3996 3996
3997 3997 def __unicode__(self):
3998 3998 return u"<%s('id:%s')>" % (self.__class__.__name__,
3999 3999 self.pull_requests_reviewers_id)
4000 4000
4001 4001
4002 4002 class Notification(Base, BaseModel):
4003 4003 __tablename__ = 'notifications'
4004 4004 __table_args__ = (
4005 4005 Index('notification_type_idx', 'type'),
4006 4006 base_table_args,
4007 4007 )
4008 4008
4009 4009 TYPE_CHANGESET_COMMENT = u'cs_comment'
4010 4010 TYPE_MESSAGE = u'message'
4011 4011 TYPE_MENTION = u'mention'
4012 4012 TYPE_REGISTRATION = u'registration'
4013 4013 TYPE_PULL_REQUEST = u'pull_request'
4014 4014 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
4015 4015
4016 4016 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
4017 4017 subject = Column('subject', Unicode(512), nullable=True)
4018 4018 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4019 4019 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
4020 4020 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4021 4021 type_ = Column('type', Unicode(255))
4022 4022
4023 4023 created_by_user = relationship('User')
4024 4024 notifications_to_users = relationship('UserNotification', lazy='joined',
4025 4025 cascade="all, delete, delete-orphan")
4026 4026
4027 4027 @property
4028 4028 def recipients(self):
4029 4029 return [x.user for x in UserNotification.query()\
4030 4030 .filter(UserNotification.notification == self)\
4031 4031 .order_by(UserNotification.user_id.asc()).all()]
4032 4032
4033 4033 @classmethod
4034 4034 def create(cls, created_by, subject, body, recipients, type_=None):
4035 4035 if type_ is None:
4036 4036 type_ = Notification.TYPE_MESSAGE
4037 4037
4038 4038 notification = cls()
4039 4039 notification.created_by_user = created_by
4040 4040 notification.subject = subject
4041 4041 notification.body = body
4042 4042 notification.type_ = type_
4043 4043 notification.created_on = datetime.datetime.now()
4044 4044
4045 4045 # For each recipient link the created notification to his account
4046 4046 for u in recipients:
4047 4047 assoc = UserNotification()
4048 4048 assoc.user_id = u.user_id
4049 4049 assoc.notification = notification
4050 4050
4051 4051 # if created_by is inside recipients mark his notification
4052 4052 # as read
4053 4053 if u.user_id == created_by.user_id:
4054 4054 assoc.read = True
4055 4055 Session().add(assoc)
4056 4056
4057 4057 Session().add(notification)
4058 4058
4059 4059 return notification
4060 4060
4061 4061
4062 4062 class UserNotification(Base, BaseModel):
4063 4063 __tablename__ = 'user_to_notification'
4064 4064 __table_args__ = (
4065 4065 UniqueConstraint('user_id', 'notification_id'),
4066 4066 base_table_args
4067 4067 )
4068 4068
4069 4069 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4070 4070 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
4071 4071 read = Column('read', Boolean, default=False)
4072 4072 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
4073 4073
4074 4074 user = relationship('User', lazy="joined")
4075 4075 notification = relationship('Notification', lazy="joined",
4076 4076 order_by=lambda: Notification.created_on.desc(),)
4077 4077
4078 4078 def mark_as_read(self):
4079 4079 self.read = True
4080 4080 Session().add(self)
4081 4081
4082 4082
4083 4083 class Gist(Base, BaseModel):
4084 4084 __tablename__ = 'gists'
4085 4085 __table_args__ = (
4086 4086 Index('g_gist_access_id_idx', 'gist_access_id'),
4087 4087 Index('g_created_on_idx', 'created_on'),
4088 4088 base_table_args
4089 4089 )
4090 4090
4091 4091 GIST_PUBLIC = u'public'
4092 4092 GIST_PRIVATE = u'private'
4093 4093 DEFAULT_FILENAME = u'gistfile1.txt'
4094 4094
4095 4095 ACL_LEVEL_PUBLIC = u'acl_public'
4096 4096 ACL_LEVEL_PRIVATE = u'acl_private'
4097 4097
4098 4098 gist_id = Column('gist_id', Integer(), primary_key=True)
4099 4099 gist_access_id = Column('gist_access_id', Unicode(250))
4100 4100 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
4101 4101 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
4102 4102 gist_expires = Column('gist_expires', Float(53), nullable=False)
4103 4103 gist_type = Column('gist_type', Unicode(128), nullable=False)
4104 4104 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4105 4105 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4106 4106 acl_level = Column('acl_level', Unicode(128), nullable=True)
4107 4107
4108 4108 owner = relationship('User')
4109 4109
4110 4110 def __repr__(self):
4111 4111 return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
4112 4112
4113 4113 @hybrid_property
4114 4114 def description_safe(self):
4115 4115 from rhodecode.lib import helpers as h
4116 4116 return h.escape(self.gist_description)
4117 4117
4118 4118 @classmethod
4119 4119 def get_or_404(cls, id_):
4120 4120 from pyramid.httpexceptions import HTTPNotFound
4121 4121
4122 4122 res = cls.query().filter(cls.gist_access_id == id_).scalar()
4123 4123 if not res:
4124 4124 raise HTTPNotFound()
4125 4125 return res
4126 4126
4127 4127 @classmethod
4128 4128 def get_by_access_id(cls, gist_access_id):
4129 4129 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
4130 4130
4131 4131 def gist_url(self):
4132 4132 from rhodecode.model.gist import GistModel
4133 4133 return GistModel().get_url(self)
4134 4134
4135 4135 @classmethod
4136 4136 def base_path(cls):
4137 4137 """
4138 4138 Returns base path when all gists are stored
4139 4139
4140 4140 :param cls:
4141 4141 """
4142 4142 from rhodecode.model.gist import GIST_STORE_LOC
4143 4143 q = Session().query(RhodeCodeUi)\
4144 4144 .filter(RhodeCodeUi.ui_key == URL_SEP)
4145 4145 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
4146 4146 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
4147 4147
4148 4148 def get_api_data(self):
4149 4149 """
4150 4150 Common function for generating gist related data for API
4151 4151 """
4152 4152 gist = self
4153 4153 data = {
4154 4154 'gist_id': gist.gist_id,
4155 4155 'type': gist.gist_type,
4156 4156 'access_id': gist.gist_access_id,
4157 4157 'description': gist.gist_description,
4158 4158 'url': gist.gist_url(),
4159 4159 'expires': gist.gist_expires,
4160 4160 'created_on': gist.created_on,
4161 4161 'modified_at': gist.modified_at,
4162 4162 'content': None,
4163 4163 'acl_level': gist.acl_level,
4164 4164 }
4165 4165 return data
4166 4166
4167 4167 def __json__(self):
4168 4168 data = dict(
4169 4169 )
4170 4170 data.update(self.get_api_data())
4171 4171 return data
4172 4172 # SCM functions
4173 4173
4174 4174 def scm_instance(self, **kwargs):
4175 4175 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
4176 4176 return get_vcs_instance(
4177 4177 repo_path=safe_str(full_repo_path), create=False)
4178 4178
4179 4179
4180 4180 class ExternalIdentity(Base, BaseModel):
4181 4181 __tablename__ = 'external_identities'
4182 4182 __table_args__ = (
4183 4183 Index('local_user_id_idx', 'local_user_id'),
4184 4184 Index('external_id_idx', 'external_id'),
4185 4185 base_table_args
4186 4186 )
4187 4187
4188 4188 external_id = Column('external_id', Unicode(255), default=u'', primary_key=True)
4189 4189 external_username = Column('external_username', Unicode(1024), default=u'')
4190 4190 local_user_id = Column('local_user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4191 4191 provider_name = Column('provider_name', Unicode(255), default=u'', primary_key=True)
4192 4192 access_token = Column('access_token', String(1024), default=u'')
4193 4193 alt_token = Column('alt_token', String(1024), default=u'')
4194 4194 token_secret = Column('token_secret', String(1024), default=u'')
4195 4195
4196 4196 @classmethod
4197 4197 def by_external_id_and_provider(cls, external_id, provider_name, local_user_id=None):
4198 4198 """
4199 4199 Returns ExternalIdentity instance based on search params
4200 4200
4201 4201 :param external_id:
4202 4202 :param provider_name:
4203 4203 :return: ExternalIdentity
4204 4204 """
4205 4205 query = cls.query()
4206 4206 query = query.filter(cls.external_id == external_id)
4207 4207 query = query.filter(cls.provider_name == provider_name)
4208 4208 if local_user_id:
4209 4209 query = query.filter(cls.local_user_id == local_user_id)
4210 4210 return query.first()
4211 4211
4212 4212 @classmethod
4213 4213 def user_by_external_id_and_provider(cls, external_id, provider_name):
4214 4214 """
4215 4215 Returns User instance based on search params
4216 4216
4217 4217 :param external_id:
4218 4218 :param provider_name:
4219 4219 :return: User
4220 4220 """
4221 4221 query = User.query()
4222 4222 query = query.filter(cls.external_id == external_id)
4223 4223 query = query.filter(cls.provider_name == provider_name)
4224 4224 query = query.filter(User.user_id == cls.local_user_id)
4225 4225 return query.first()
4226 4226
4227 4227 @classmethod
4228 4228 def by_local_user_id(cls, local_user_id):
4229 4229 """
4230 4230 Returns all tokens for user
4231 4231
4232 4232 :param local_user_id:
4233 4233 :return: ExternalIdentity
4234 4234 """
4235 4235 query = cls.query()
4236 4236 query = query.filter(cls.local_user_id == local_user_id)
4237 4237 return query
4238 4238
4239 4239 @classmethod
4240 4240 def load_provider_plugin(cls, plugin_id):
4241 4241 from rhodecode.authentication.base import loadplugin
4242 4242 _plugin_id = 'egg:rhodecode-enterprise-ee#{}'.format(plugin_id)
4243 4243 auth_plugin = loadplugin(_plugin_id)
4244 4244 return auth_plugin
4245 4245
4246 4246
4247 4247 class Integration(Base, BaseModel):
4248 4248 __tablename__ = 'integrations'
4249 4249 __table_args__ = (
4250 4250 base_table_args
4251 4251 )
4252 4252
4253 4253 integration_id = Column('integration_id', Integer(), primary_key=True)
4254 4254 integration_type = Column('integration_type', String(255))
4255 4255 enabled = Column('enabled', Boolean(), nullable=False)
4256 4256 name = Column('name', String(255), nullable=False)
4257 4257 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
4258 4258 default=False)
4259 4259
4260 4260 settings = Column(
4261 4261 'settings_json', MutationObj.as_mutable(
4262 4262 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4263 4263 repo_id = Column(
4264 4264 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
4265 4265 nullable=True, unique=None, default=None)
4266 4266 repo = relationship('Repository', lazy='joined')
4267 4267
4268 4268 repo_group_id = Column(
4269 4269 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
4270 4270 nullable=True, unique=None, default=None)
4271 4271 repo_group = relationship('RepoGroup', lazy='joined')
4272 4272
4273 4273 @property
4274 4274 def scope(self):
4275 4275 if self.repo:
4276 4276 return repr(self.repo)
4277 4277 if self.repo_group:
4278 4278 if self.child_repos_only:
4279 4279 return repr(self.repo_group) + ' (child repos only)'
4280 4280 else:
4281 4281 return repr(self.repo_group) + ' (recursive)'
4282 4282 if self.child_repos_only:
4283 4283 return 'root_repos'
4284 4284 return 'global'
4285 4285
4286 4286 def __repr__(self):
4287 4287 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
4288 4288
4289 4289
4290 4290 class RepoReviewRuleUser(Base, BaseModel):
4291 4291 __tablename__ = 'repo_review_rules_users'
4292 4292 __table_args__ = (
4293 4293 base_table_args
4294 4294 )
4295 4295
4296 4296 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
4297 4297 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4298 4298 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
4299 4299 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4300 4300 user = relationship('User')
4301 4301
4302 4302 def rule_data(self):
4303 4303 return {
4304 4304 'mandatory': self.mandatory
4305 4305 }
4306 4306
4307 4307
4308 4308 class RepoReviewRuleUserGroup(Base, BaseModel):
4309 4309 __tablename__ = 'repo_review_rules_users_groups'
4310 4310 __table_args__ = (
4311 4311 base_table_args
4312 4312 )
4313 4313
4314 4314 VOTE_RULE_ALL = -1
4315 4315
4316 4316 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
4317 4317 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4318 4318 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
4319 4319 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4320 4320 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
4321 4321 users_group = relationship('UserGroup')
4322 4322
4323 4323 def rule_data(self):
4324 4324 return {
4325 4325 'mandatory': self.mandatory,
4326 4326 'vote_rule': self.vote_rule
4327 4327 }
4328 4328
4329 4329 @property
4330 4330 def vote_rule_label(self):
4331 4331 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
4332 4332 return 'all must vote'
4333 4333 else:
4334 4334 return 'min. vote {}'.format(self.vote_rule)
4335 4335
4336 4336
4337 4337 class RepoReviewRule(Base, BaseModel):
4338 4338 __tablename__ = 'repo_review_rules'
4339 4339 __table_args__ = (
4340 4340 base_table_args
4341 4341 )
4342 4342
4343 4343 repo_review_rule_id = Column(
4344 4344 'repo_review_rule_id', Integer(), primary_key=True)
4345 4345 repo_id = Column(
4346 4346 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
4347 4347 repo = relationship('Repository', backref='review_rules')
4348 4348
4349 4349 review_rule_name = Column('review_rule_name', String(255))
4350 4350 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4351 4351 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4352 4352 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4353 4353
4354 4354 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
4355 4355 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
4356 4356 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
4357 4357 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
4358 4358
4359 4359 rule_users = relationship('RepoReviewRuleUser')
4360 4360 rule_user_groups = relationship('RepoReviewRuleUserGroup')
4361 4361
4362 4362 def _validate_pattern(self, value):
4363 4363 re.compile('^' + glob2re(value) + '$')
4364 4364
4365 4365 @hybrid_property
4366 4366 def source_branch_pattern(self):
4367 4367 return self._branch_pattern or '*'
4368 4368
4369 4369 @source_branch_pattern.setter
4370 4370 def source_branch_pattern(self, value):
4371 4371 self._validate_pattern(value)
4372 4372 self._branch_pattern = value or '*'
4373 4373
4374 4374 @hybrid_property
4375 4375 def target_branch_pattern(self):
4376 4376 return self._target_branch_pattern or '*'
4377 4377
4378 4378 @target_branch_pattern.setter
4379 4379 def target_branch_pattern(self, value):
4380 4380 self._validate_pattern(value)
4381 4381 self._target_branch_pattern = value or '*'
4382 4382
4383 4383 @hybrid_property
4384 4384 def file_pattern(self):
4385 4385 return self._file_pattern or '*'
4386 4386
4387 4387 @file_pattern.setter
4388 4388 def file_pattern(self, value):
4389 4389 self._validate_pattern(value)
4390 4390 self._file_pattern = value or '*'
4391 4391
4392 4392 def matches(self, source_branch, target_branch, files_changed):
4393 4393 """
4394 4394 Check if this review rule matches a branch/files in a pull request
4395 4395
4396 4396 :param source_branch: source branch name for the commit
4397 4397 :param target_branch: target branch name for the commit
4398 4398 :param files_changed: list of file paths changed in the pull request
4399 4399 """
4400 4400
4401 4401 source_branch = source_branch or ''
4402 4402 target_branch = target_branch or ''
4403 4403 files_changed = files_changed or []
4404 4404
4405 4405 branch_matches = True
4406 4406 if source_branch or target_branch:
4407 4407 if self.source_branch_pattern == '*':
4408 4408 source_branch_match = True
4409 4409 else:
4410 4410 if self.source_branch_pattern.startswith('re:'):
4411 4411 source_pattern = self.source_branch_pattern[3:]
4412 4412 else:
4413 4413 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
4414 4414 source_branch_regex = re.compile(source_pattern)
4415 4415 source_branch_match = bool(source_branch_regex.search(source_branch))
4416 4416 if self.target_branch_pattern == '*':
4417 4417 target_branch_match = True
4418 4418 else:
4419 4419 if self.target_branch_pattern.startswith('re:'):
4420 4420 target_pattern = self.target_branch_pattern[3:]
4421 4421 else:
4422 4422 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
4423 4423 target_branch_regex = re.compile(target_pattern)
4424 4424 target_branch_match = bool(target_branch_regex.search(target_branch))
4425 4425
4426 4426 branch_matches = source_branch_match and target_branch_match
4427 4427
4428 4428 files_matches = True
4429 4429 if self.file_pattern != '*':
4430 4430 files_matches = False
4431 4431 if self.file_pattern.startswith('re:'):
4432 4432 file_pattern = self.file_pattern[3:]
4433 4433 else:
4434 4434 file_pattern = glob2re(self.file_pattern)
4435 4435 file_regex = re.compile(file_pattern)
4436 4436 for filename in files_changed:
4437 4437 if file_regex.search(filename):
4438 4438 files_matches = True
4439 4439 break
4440 4440
4441 4441 return branch_matches and files_matches
4442 4442
4443 4443 @property
4444 4444 def review_users(self):
4445 4445 """ Returns the users which this rule applies to """
4446 4446
4447 4447 users = collections.OrderedDict()
4448 4448
4449 4449 for rule_user in self.rule_users:
4450 4450 if rule_user.user.active:
4451 4451 if rule_user.user not in users:
4452 4452 users[rule_user.user.username] = {
4453 4453 'user': rule_user.user,
4454 4454 'source': 'user',
4455 4455 'source_data': {},
4456 4456 'data': rule_user.rule_data()
4457 4457 }
4458 4458
4459 4459 for rule_user_group in self.rule_user_groups:
4460 4460 source_data = {
4461 4461 'user_group_id': rule_user_group.users_group.users_group_id,
4462 4462 'name': rule_user_group.users_group.users_group_name,
4463 4463 'members': len(rule_user_group.users_group.members)
4464 4464 }
4465 4465 for member in rule_user_group.users_group.members:
4466 4466 if member.user.active:
4467 4467 key = member.user.username
4468 4468 if key in users:
4469 4469 # skip this member as we have him already
4470 4470 # this prevents from override the "first" matched
4471 4471 # users with duplicates in multiple groups
4472 4472 continue
4473 4473
4474 4474 users[key] = {
4475 4475 'user': member.user,
4476 4476 'source': 'user_group',
4477 4477 'source_data': source_data,
4478 4478 'data': rule_user_group.rule_data()
4479 4479 }
4480 4480
4481 4481 return users
4482 4482
4483 4483 def user_group_vote_rule(self, user_id):
4484 4484
4485 4485 rules = []
4486 4486 if not self.rule_user_groups:
4487 4487 return rules
4488 4488
4489 4489 for user_group in self.rule_user_groups:
4490 4490 user_group_members = [x.user_id for x in user_group.users_group.members]
4491 4491 if user_id in user_group_members:
4492 4492 rules.append(user_group)
4493 4493 return rules
4494 4494
4495 4495 def __repr__(self):
4496 4496 return '<RepoReviewerRule(id=%r, repo=%r)>' % (
4497 4497 self.repo_review_rule_id, self.repo)
4498 4498
4499 4499
4500 4500 class ScheduleEntry(Base, BaseModel):
4501 4501 __tablename__ = 'schedule_entries'
4502 4502 __table_args__ = (
4503 4503 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
4504 4504 UniqueConstraint('task_uid', name='s_task_uid_idx'),
4505 4505 base_table_args,
4506 4506 )
4507 4507
4508 4508 schedule_types = ['crontab', 'timedelta', 'integer']
4509 4509 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
4510 4510
4511 4511 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
4512 4512 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
4513 4513 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
4514 4514
4515 4515 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
4516 4516 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
4517 4517
4518 4518 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
4519 4519 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
4520 4520
4521 4521 # task
4522 4522 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
4523 4523 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
4524 4524 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
4525 4525 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
4526 4526
4527 4527 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4528 4528 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
4529 4529
4530 4530 @hybrid_property
4531 4531 def schedule_type(self):
4532 4532 return self._schedule_type
4533 4533
4534 4534 @schedule_type.setter
4535 4535 def schedule_type(self, val):
4536 4536 if val not in self.schedule_types:
4537 4537 raise ValueError('Value must be on of `{}` and got `{}`'.format(
4538 4538 val, self.schedule_type))
4539 4539
4540 4540 self._schedule_type = val
4541 4541
4542 4542 @classmethod
4543 4543 def get_uid(cls, obj):
4544 4544 args = obj.task_args
4545 4545 kwargs = obj.task_kwargs
4546 4546 if isinstance(args, JsonRaw):
4547 4547 try:
4548 4548 args = json.loads(args)
4549 4549 except ValueError:
4550 4550 args = tuple()
4551 4551
4552 4552 if isinstance(kwargs, JsonRaw):
4553 4553 try:
4554 4554 kwargs = json.loads(kwargs)
4555 4555 except ValueError:
4556 4556 kwargs = dict()
4557 4557
4558 4558 dot_notation = obj.task_dot_notation
4559 4559 val = '.'.join(map(safe_str, [
4560 4560 sorted(dot_notation), args, sorted(kwargs.items())]))
4561 4561 return hashlib.sha1(val).hexdigest()
4562 4562
4563 4563 @classmethod
4564 4564 def get_by_schedule_name(cls, schedule_name):
4565 4565 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
4566 4566
4567 4567 @classmethod
4568 4568 def get_by_schedule_id(cls, schedule_id):
4569 4569 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
4570 4570
4571 4571 @property
4572 4572 def task(self):
4573 4573 return self.task_dot_notation
4574 4574
4575 4575 @property
4576 4576 def schedule(self):
4577 4577 from rhodecode.lib.celerylib.utils import raw_2_schedule
4578 4578 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
4579 4579 return schedule
4580 4580
4581 4581 @property
4582 4582 def args(self):
4583 4583 try:
4584 4584 return list(self.task_args or [])
4585 4585 except ValueError:
4586 4586 return list()
4587 4587
4588 4588 @property
4589 4589 def kwargs(self):
4590 4590 try:
4591 4591 return dict(self.task_kwargs or {})
4592 4592 except ValueError:
4593 4593 return dict()
4594 4594
4595 4595 def _as_raw(self, val):
4596 4596 if hasattr(val, 'de_coerce'):
4597 4597 val = val.de_coerce()
4598 4598 if val:
4599 4599 val = json.dumps(val)
4600 4600
4601 4601 return val
4602 4602
4603 4603 @property
4604 4604 def schedule_definition_raw(self):
4605 4605 return self._as_raw(self.schedule_definition)
4606 4606
4607 4607 @property
4608 4608 def args_raw(self):
4609 4609 return self._as_raw(self.task_args)
4610 4610
4611 4611 @property
4612 4612 def kwargs_raw(self):
4613 4613 return self._as_raw(self.task_kwargs)
4614 4614
4615 4615 def __repr__(self):
4616 4616 return '<DB:ScheduleEntry({}:{})>'.format(
4617 4617 self.schedule_entry_id, self.schedule_name)
4618 4618
4619 4619
4620 4620 @event.listens_for(ScheduleEntry, 'before_update')
4621 4621 def update_task_uid(mapper, connection, target):
4622 4622 target.task_uid = ScheduleEntry.get_uid(target)
4623 4623
4624 4624
4625 4625 @event.listens_for(ScheduleEntry, 'before_insert')
4626 4626 def set_task_uid(mapper, connection, target):
4627 4627 target.task_uid = ScheduleEntry.get_uid(target)
4628 4628
4629 4629
4630 4630 class _BaseBranchPerms(BaseModel):
4631 4631 @classmethod
4632 4632 def compute_hash(cls, value):
4633 4633 return sha1_safe(value)
4634 4634
4635 4635 @hybrid_property
4636 4636 def branch_pattern(self):
4637 4637 return self._branch_pattern or '*'
4638 4638
4639 4639 @hybrid_property
4640 4640 def branch_hash(self):
4641 4641 return self._branch_hash
4642 4642
4643 4643 def _validate_glob(self, value):
4644 4644 re.compile('^' + glob2re(value) + '$')
4645 4645
4646 4646 @branch_pattern.setter
4647 4647 def branch_pattern(self, value):
4648 4648 self._validate_glob(value)
4649 4649 self._branch_pattern = value or '*'
4650 4650 # set the Hash when setting the branch pattern
4651 4651 self._branch_hash = self.compute_hash(self._branch_pattern)
4652 4652
4653 4653 def matches(self, branch):
4654 4654 """
4655 4655 Check if this the branch matches entry
4656 4656
4657 4657 :param branch: branch name for the commit
4658 4658 """
4659 4659
4660 4660 branch = branch or ''
4661 4661
4662 4662 branch_matches = True
4663 4663 if branch:
4664 4664 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
4665 4665 branch_matches = bool(branch_regex.search(branch))
4666 4666
4667 4667 return branch_matches
4668 4668
4669 4669
4670 4670 class UserToRepoBranchPermission(Base, _BaseBranchPerms):
4671 4671 __tablename__ = 'user_to_repo_branch_permissions'
4672 4672 __table_args__ = (
4673 4673 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4674 4674 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4675 4675 )
4676 4676
4677 4677 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
4678 4678
4679 4679 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
4680 4680 repo = relationship('Repository', backref='user_branch_perms')
4681 4681
4682 4682 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
4683 4683 permission = relationship('Permission')
4684 4684
4685 4685 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
4686 4686 user_repo_to_perm = relationship('UserRepoToPerm')
4687 4687
4688 4688 rule_order = Column('rule_order', Integer(), nullable=False)
4689 4689 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
4690 4690 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
4691 4691
4692 4692 def __unicode__(self):
4693 4693 return u'<UserBranchPermission(%s => %r)>' % (
4694 4694 self.user_repo_to_perm, self.branch_pattern)
4695 4695
4696 4696
4697 4697 class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
4698 4698 __tablename__ = 'user_group_to_repo_branch_permissions'
4699 4699 __table_args__ = (
4700 4700 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4701 4701 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4702 4702 )
4703 4703
4704 4704 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
4705 4705
4706 4706 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
4707 4707 repo = relationship('Repository', backref='user_group_branch_perms')
4708 4708
4709 4709 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
4710 4710 permission = relationship('Permission')
4711 4711
4712 4712 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
4713 4713 user_group_repo_to_perm = relationship('UserGroupRepoToPerm')
4714 4714
4715 4715 rule_order = Column('rule_order', Integer(), nullable=False)
4716 4716 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
4717 4717 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
4718 4718
4719 4719 def __unicode__(self):
4720 4720 return u'<UserBranchPermission(%s => %r)>' % (
4721 4721 self.user_group_repo_to_perm, self.branch_pattern)
4722 4722
4723 4723
4724 4724 class DbMigrateVersion(Base, BaseModel):
4725 4725 __tablename__ = 'db_migrate_version'
4726 4726 __table_args__ = (
4727 4727 base_table_args,
4728 4728 )
4729 4729
4730 4730 repository_id = Column('repository_id', String(250), primary_key=True)
4731 4731 repository_path = Column('repository_path', Text)
4732 4732 version = Column('version', Integer)
4733 4733
4734 4734 @classmethod
4735 4735 def set_version(cls, version):
4736 4736 """
4737 4737 Helper for forcing a different version, usually for debugging purposes via ishell.
4738 4738 """
4739 4739 ver = DbMigrateVersion.query().first()
4740 4740 ver.version = version
4741 4741 Session().commit()
4742 4742
4743 4743
4744 4744 class DbSession(Base, BaseModel):
4745 4745 __tablename__ = 'db_session'
4746 4746 __table_args__ = (
4747 4747 base_table_args,
4748 4748 )
4749 4749
4750 4750 def __repr__(self):
4751 4751 return '<DB:DbSession({})>'.format(self.id)
4752 4752
4753 4753 id = Column('id', Integer())
4754 4754 namespace = Column('namespace', String(255), primary_key=True)
4755 4755 accessed = Column('accessed', DateTime, nullable=False)
4756 4756 created = Column('created', DateTime, nullable=False)
4757 4757 data = Column('data', PickleType, nullable=False)
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
General Comments 0
You need to be logged in to leave comments. Login now