##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
fix(2fa): fixed various typos
super-admin -
r5377:1ab522cf default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,67 +1,67 b''
1 import pytest
1 import pytest
2
2
3 from rhodecode.model.meta import Session
3 from rhodecode.model.meta import Session
4 from rhodecode.tests.fixture import Fixture
4 from rhodecode.tests.fixture import Fixture
5 from rhodecode.tests.routes import route_path
5 from rhodecode.tests.routes import route_path
6 from rhodecode.model.settings import SettingsModel
6 from rhodecode.model.settings import SettingsModel
7
7
8 fixture = Fixture()
8 fixture = Fixture()
9
9
10
10
11 @pytest.mark.usefixtures('app')
11 @pytest.mark.usefixtures('app')
12 class Test2FA(object):
12 class Test2FA(object):
13 @classmethod
13 @classmethod
14 def setup_class(cls):
14 def setup_class(cls):
15 cls.password = 'valid-one'
15 cls.password = 'valid-one'
16
16
17 @classmethod
17 @classmethod
18 def teardown_class(cls):
18 def teardown_class(cls):
19 SettingsModel().create_or_update_setting('auth_rhodecode_global_2fa', False)
19 SettingsModel().create_or_update_setting('auth_rhodecode_global_2fa', False)
20
20
21 def test_redirect_to_2fa_setup_if_enabled_for_user(self, user_util):
21 def test_redirect_to_2fa_setup_if_enabled_for_user(self, user_util):
22 user = user_util.create_user(password=self.password)
22 user = user_util.create_user(password=self.password)
23 user.has_enabled_2fa = True
23 user.has_enabled_2fa = True
24 self.app.post(
24 self.app.post(
25 route_path('login'),
25 route_path('login'),
26 {'username': user.username,
26 {'username': user.username,
27 'password': self.password})
27 'password': self.password})
28
28
29 response = self.app.get('/')
29 response = self.app.get('/')
30 assert response.status_code == 302
30 assert response.status_code == 302
31 assert response.location.endswith(route_path('setup_2fa'))
31 assert response.location.endswith(route_path('setup_2fa'))
32
32
33 def test_redirect_to_2fa_check_if_2fa_configured(self, user_util):
33 def test_redirect_to_2fa_check_if_2fa_configured(self, user_util):
34 user = user_util.create_user(password=self.password)
34 user = user_util.create_user(password=self.password)
35 user.has_enabled_2fa = True
35 user.has_enabled_2fa = True
36 user.init_secret_2fa()
36 user.init_secret_2fa()
37 Session().add(user)
37 Session().add(user)
38 Session().commit()
38 Session().commit()
39 self.app.post(
39 self.app.post(
40 route_path('login'),
40 route_path('login'),
41 {'username': user.username,
41 {'username': user.username,
42 'password': self.password})
42 'password': self.password})
43 response = self.app.get('/')
43 response = self.app.get('/')
44 assert response.status_code == 302
44 assert response.status_code == 302
45 assert response.location.endswith(route_path('check_2fa'))
45 assert response.location.endswith(route_path('check_2fa'))
46
46
47 def test_2fa_recovery_codes_works_only_once(self, user_util):
47 def test_2fa_recovery_codes_works_only_once(self, user_util):
48 user = user_util.create_user(password=self.password)
48 user = user_util.create_user(password=self.password)
49 user.has_enabled_2fa = True
49 user.has_enabled_2fa = True
50 user.init_secret_2fa()
50 user.init_secret_2fa()
51 recovery_cod_to_check = user.init_2fa_recovery_codes()[0]
51 recovery_code_to_check = user.init_2fa_recovery_codes()[0]
52 Session().add(user)
52 Session().add(user)
53 Session().commit()
53 Session().commit()
54 self.app.post(
54 self.app.post(
55 route_path('login'),
55 route_path('login'),
56 {'username': user.username,
56 {'username': user.username,
57 'password': self.password})
57 'password': self.password})
58 response = self.app.post(route_path('check_2fa'), {'totp': recovery_cod_to_check})
58 response = self.app.post(route_path('check_2fa'), {'totp': recovery_code_to_check})
59 assert response.status_code == 302
59 assert response.status_code == 302
60 response = self.app.post(route_path('check_2fa'), {'totp': recovery_cod_to_check})
60 response = self.app.post(route_path('check_2fa'), {'totp': recovery_code_to_check})
61 response.mustcontain('Code is invalid. Try again!')
61 response.mustcontain('Code is invalid. Try again!')
62
62
63 def test_2fa_state_when_forced_by_admin(self, user_util):
63 def test_2fa_state_when_forced_by_admin(self, user_util):
64 user = user_util.create_user(password=self.password)
64 user = user_util.create_user(password=self.password)
65 user.has_enabled_2fa = False
65 user.has_enabled_2fa = False
66 SettingsModel().create_or_update_setting('auth_rhodecode_global_2fa', True)
66 SettingsModel().create_or_update_setting('auth_rhodecode_global_2fa', True)
67 assert user.has_enabled_2fa
67 assert user.has_enabled_2fa
Show file before | Show file after | Hide comments
@@ -1,861 +1,861 b''
1 # Copyright (C) 2016-2023 RhodeCode GmbH
1 # Copyright (C) 2016-2023 RhodeCode GmbH
2 #
2 #
3 # This program is free software: you can redistribute it and/or modify
3 # This program is free software: you can redistribute it and/or modify
4 # it under the terms of the GNU Affero General Public License, version 3
4 # it under the terms of the GNU Affero General Public License, version 3
5 # (only), as published by the Free Software Foundation.
5 # (only), as published by the Free Software Foundation.
6 #
6 #
7 # This program is distributed in the hope that it will be useful,
7 # This program is distributed in the hope that it will be useful,
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 # GNU General Public License for more details.
10 # GNU General Public License for more details.
11 #
11 #
12 # You should have received a copy of the GNU Affero General Public License
12 # You should have received a copy of the GNU Affero General Public License
13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
14 #
14 #
15 # This program is dual-licensed. If you wish to learn more about the
15 # This program is dual-licensed. If you wish to learn more about the
16 # RhodeCode Enterprise Edition, including its added features, Support services,
16 # RhodeCode Enterprise Edition, including its added features, Support services,
17 # and proprietary license terms, please see https://rhodecode.com/licenses/
17 # and proprietary license terms, please see https://rhodecode.com/licenses/
18
18
19 import time
19 import time
20 import logging
20 import logging
21 import datetime
21 import datetime
22 import string
22 import string
23
23
24 import formencode
24 import formencode
25 import formencode.htmlfill
25 import formencode.htmlfill
26 import peppercorn
26 import peppercorn
27 from pyramid.httpexceptions import HTTPFound, HTTPNotFound
27 from pyramid.httpexceptions import HTTPFound, HTTPNotFound
28
28
29 from rhodecode.apps._base import BaseAppView, DataGridAppView
29 from rhodecode.apps._base import BaseAppView, DataGridAppView
30 from rhodecode import forms
30 from rhodecode import forms
31 from rhodecode.lib import helpers as h
31 from rhodecode.lib import helpers as h
32 from rhodecode.lib import audit_logger
32 from rhodecode.lib import audit_logger
33 from rhodecode.lib import ext_json
33 from rhodecode.lib import ext_json
34 from rhodecode.lib.auth import (
34 from rhodecode.lib.auth import (
35 LoginRequired, NotAnonymous, CSRFRequired,
35 LoginRequired, NotAnonymous, CSRFRequired,
36 HasRepoPermissionAny, HasRepoGroupPermissionAny, AuthUser)
36 HasRepoPermissionAny, HasRepoGroupPermissionAny, AuthUser)
37 from rhodecode.lib.channelstream import (
37 from rhodecode.lib.channelstream import (
38 channelstream_request, ChannelstreamException)
38 channelstream_request, ChannelstreamException)
39 from rhodecode.lib.hash_utils import md5_safe
39 from rhodecode.lib.hash_utils import md5_safe
40 from rhodecode.lib.utils2 import safe_int, md5, str2bool
40 from rhodecode.lib.utils2 import safe_int, md5, str2bool
41 from rhodecode.model.auth_token import AuthTokenModel
41 from rhodecode.model.auth_token import AuthTokenModel
42 from rhodecode.model.comment import CommentsModel
42 from rhodecode.model.comment import CommentsModel
43 from rhodecode.model.db import (
43 from rhodecode.model.db import (
44 IntegrityError, or_, in_filter_generator, select,
44 IntegrityError, or_, in_filter_generator, select,
45 Repository, UserEmailMap, UserApiKeys, UserFollowing,
45 Repository, UserEmailMap, UserApiKeys, UserFollowing,
46 PullRequest, UserBookmark, RepoGroup, ChangesetStatus)
46 PullRequest, UserBookmark, RepoGroup, ChangesetStatus)
47 from rhodecode.model.forms import TOTPForm
47 from rhodecode.model.forms import TOTPForm
48 from rhodecode.model.meta import Session
48 from rhodecode.model.meta import Session
49 from rhodecode.model.pull_request import PullRequestModel
49 from rhodecode.model.pull_request import PullRequestModel
50 from rhodecode.model.user import UserModel
50 from rhodecode.model.user import UserModel
51 from rhodecode.model.user_group import UserGroupModel
51 from rhodecode.model.user_group import UserGroupModel
52 from rhodecode.model.validation_schema.schemas import user_schema
52 from rhodecode.model.validation_schema.schemas import user_schema
53
53
54 log = logging.getLogger(__name__)
54 log = logging.getLogger(__name__)
55
55
56
56
57 class MyAccountView(BaseAppView, DataGridAppView):
57 class MyAccountView(BaseAppView, DataGridAppView):
58 ALLOW_SCOPED_TOKENS = False
58 ALLOW_SCOPED_TOKENS = False
59 """
59 """
60 This view has alternative version inside EE, if modified please take a look
60 This view has alternative version inside EE, if modified please take a look
61 in there as well.
61 in there as well.
62 """
62 """
63
63
64 def load_default_context(self):
64 def load_default_context(self):
65 c = self._get_local_tmpl_context()
65 c = self._get_local_tmpl_context()
66 c.user = c.auth_user.get_instance()
66 c.user = c.auth_user.get_instance()
67 c.allow_scoped_tokens = self.ALLOW_SCOPED_TOKENS
67 c.allow_scoped_tokens = self.ALLOW_SCOPED_TOKENS
68 return c
68 return c
69
69
70 @LoginRequired()
70 @LoginRequired()
71 @NotAnonymous()
71 @NotAnonymous()
72 def my_account_profile(self):
72 def my_account_profile(self):
73 c = self.load_default_context()
73 c = self.load_default_context()
74 c.active = 'profile'
74 c.active = 'profile'
75 c.extern_type = c.user.extern_type
75 c.extern_type = c.user.extern_type
76 return self._get_template_context(c)
76 return self._get_template_context(c)
77
77
78 @LoginRequired()
78 @LoginRequired()
79 @NotAnonymous()
79 @NotAnonymous()
80 def my_account_edit(self):
80 def my_account_edit(self):
81 c = self.load_default_context()
81 c = self.load_default_context()
82 c.active = 'profile_edit'
82 c.active = 'profile_edit'
83 c.extern_type = c.user.extern_type
83 c.extern_type = c.user.extern_type
84 c.extern_name = c.user.extern_name
84 c.extern_name = c.user.extern_name
85
85
86 schema = user_schema.UserProfileSchema().bind(
86 schema = user_schema.UserProfileSchema().bind(
87 username=c.user.username, user_emails=c.user.emails)
87 username=c.user.username, user_emails=c.user.emails)
88 appstruct = {
88 appstruct = {
89 'username': c.user.username,
89 'username': c.user.username,
90 'email': c.user.email,
90 'email': c.user.email,
91 'firstname': c.user.firstname,
91 'firstname': c.user.firstname,
92 'lastname': c.user.lastname,
92 'lastname': c.user.lastname,
93 'description': c.user.description,
93 'description': c.user.description,
94 }
94 }
95 c.form = forms.RcForm(
95 c.form = forms.RcForm(
96 schema, appstruct=appstruct,
96 schema, appstruct=appstruct,
97 action=h.route_path('my_account_update'),
97 action=h.route_path('my_account_update'),
98 buttons=(forms.buttons.save, forms.buttons.reset))
98 buttons=(forms.buttons.save, forms.buttons.reset))
99
99
100 return self._get_template_context(c)
100 return self._get_template_context(c)
101
101
102 @LoginRequired()
102 @LoginRequired()
103 @NotAnonymous()
103 @NotAnonymous()
104 @CSRFRequired()
104 @CSRFRequired()
105 def my_account_update(self):
105 def my_account_update(self):
106 _ = self.request.translate
106 _ = self.request.translate
107 c = self.load_default_context()
107 c = self.load_default_context()
108 c.active = 'profile_edit'
108 c.active = 'profile_edit'
109 c.perm_user = c.auth_user
109 c.perm_user = c.auth_user
110 c.extern_type = c.user.extern_type
110 c.extern_type = c.user.extern_type
111 c.extern_name = c.user.extern_name
111 c.extern_name = c.user.extern_name
112
112
113 schema = user_schema.UserProfileSchema().bind(
113 schema = user_schema.UserProfileSchema().bind(
114 username=c.user.username, user_emails=c.user.emails)
114 username=c.user.username, user_emails=c.user.emails)
115 form = forms.RcForm(
115 form = forms.RcForm(
116 schema, buttons=(forms.buttons.save, forms.buttons.reset))
116 schema, buttons=(forms.buttons.save, forms.buttons.reset))
117
117
118 controls = list(self.request.POST.items())
118 controls = list(self.request.POST.items())
119 try:
119 try:
120 valid_data = form.validate(controls)
120 valid_data = form.validate(controls)
121 skip_attrs = ['admin', 'active', 'extern_type', 'extern_name',
121 skip_attrs = ['admin', 'active', 'extern_type', 'extern_name',
122 'new_password', 'password_confirmation']
122 'new_password', 'password_confirmation']
123 if c.extern_type != "rhodecode":
123 if c.extern_type != "rhodecode":
124 # forbid updating username for external accounts
124 # forbid updating username for external accounts
125 skip_attrs.append('username')
125 skip_attrs.append('username')
126 old_email = c.user.email
126 old_email = c.user.email
127 UserModel().update_user(
127 UserModel().update_user(
128 self._rhodecode_user.user_id, skip_attrs=skip_attrs,
128 self._rhodecode_user.user_id, skip_attrs=skip_attrs,
129 **valid_data)
129 **valid_data)
130 if old_email != valid_data['email']:
130 if old_email != valid_data['email']:
131 old = UserEmailMap.query() \
131 old = UserEmailMap.query() \
132 .filter(UserEmailMap.user == c.user)\
132 .filter(UserEmailMap.user == c.user)\
133 .filter(UserEmailMap.email == valid_data['email'])\
133 .filter(UserEmailMap.email == valid_data['email'])\
134 .first()
134 .first()
135 old.email = old_email
135 old.email = old_email
136 h.flash(_('Your account was updated successfully'), category='success')
136 h.flash(_('Your account was updated successfully'), category='success')
137 Session().commit()
137 Session().commit()
138 except forms.ValidationFailure as e:
138 except forms.ValidationFailure as e:
139 c.form = e
139 c.form = e
140 return self._get_template_context(c)
140 return self._get_template_context(c)
141
141
142 except Exception:
142 except Exception:
143 log.exception("Exception updating user")
143 log.exception("Exception updating user")
144 h.flash(_('Error occurred during update of user'),
144 h.flash(_('Error occurred during update of user'),
145 category='error')
145 category='error')
146 raise HTTPFound(h.route_path('my_account_profile'))
146 raise HTTPFound(h.route_path('my_account_profile'))
147
147
148 @LoginRequired()
148 @LoginRequired()
149 @NotAnonymous()
149 @NotAnonymous()
150 def my_account_password(self):
150 def my_account_password(self):
151 c = self.load_default_context()
151 c = self.load_default_context()
152 c.active = 'password'
152 c.active = 'password'
153 c.extern_type = c.user.extern_type
153 c.extern_type = c.user.extern_type
154
154
155 schema = user_schema.ChangePasswordSchema().bind(
155 schema = user_schema.ChangePasswordSchema().bind(
156 username=c.user.username)
156 username=c.user.username)
157
157
158 form = forms.Form(
158 form = forms.Form(
159 schema,
159 schema,
160 action=h.route_path('my_account_password_update'),
160 action=h.route_path('my_account_password_update'),
161 buttons=(forms.buttons.save, forms.buttons.reset))
161 buttons=(forms.buttons.save, forms.buttons.reset))
162
162
163 c.form = form
163 c.form = form
164 return self._get_template_context(c)
164 return self._get_template_context(c)
165
165
166 @LoginRequired()
166 @LoginRequired()
167 @NotAnonymous()
167 @NotAnonymous()
168 @CSRFRequired()
168 @CSRFRequired()
169 def my_account_password_update(self):
169 def my_account_password_update(self):
170 _ = self.request.translate
170 _ = self.request.translate
171 c = self.load_default_context()
171 c = self.load_default_context()
172 c.active = 'password'
172 c.active = 'password'
173 c.extern_type = c.user.extern_type
173 c.extern_type = c.user.extern_type
174
174
175 schema = user_schema.ChangePasswordSchema().bind(
175 schema = user_schema.ChangePasswordSchema().bind(
176 username=c.user.username)
176 username=c.user.username)
177
177
178 form = forms.Form(
178 form = forms.Form(
179 schema, buttons=(forms.buttons.save, forms.buttons.reset))
179 schema, buttons=(forms.buttons.save, forms.buttons.reset))
180
180
181 if c.extern_type != 'rhodecode':
181 if c.extern_type != 'rhodecode':
182 raise HTTPFound(self.request.route_path('my_account_password'))
182 raise HTTPFound(self.request.route_path('my_account_password'))
183
183
184 controls = list(self.request.POST.items())
184 controls = list(self.request.POST.items())
185 try:
185 try:
186 valid_data = form.validate(controls)
186 valid_data = form.validate(controls)
187 UserModel().update_user(c.user.user_id, **valid_data)
187 UserModel().update_user(c.user.user_id, **valid_data)
188 c.user.update_userdata(force_password_change=False)
188 c.user.update_userdata(force_password_change=False)
189 Session().commit()
189 Session().commit()
190 except forms.ValidationFailure as e:
190 except forms.ValidationFailure as e:
191 c.form = e
191 c.form = e
192 return self._get_template_context(c)
192 return self._get_template_context(c)
193
193
194 except Exception:
194 except Exception:
195 log.exception("Exception updating password")
195 log.exception("Exception updating password")
196 h.flash(_('Error occurred during update of user password'),
196 h.flash(_('Error occurred during update of user password'),
197 category='error')
197 category='error')
198 else:
198 else:
199 instance = c.auth_user.get_instance()
199 instance = c.auth_user.get_instance()
200 self.session.setdefault('rhodecode_user', {}).update(
200 self.session.setdefault('rhodecode_user', {}).update(
201 {'password': md5_safe(instance.password)})
201 {'password': md5_safe(instance.password)})
202 self.session.save()
202 self.session.save()
203 h.flash(_("Successfully updated password"), category='success')
203 h.flash(_("Successfully updated password"), category='success')
204
204
205 raise HTTPFound(self.request.route_path('my_account_password'))
205 raise HTTPFound(self.request.route_path('my_account_password'))
206
206
207 @LoginRequired()
207 @LoginRequired()
208 @NotAnonymous()
208 @NotAnonymous()
209 def my_account_2fa(self):
209 def my_account_2fa(self):
210 _ = self.request.translate
210 _ = self.request.translate
211 c = self.load_default_context()
211 c = self.load_default_context()
212 c.active = '2fa'
212 c.active = '2fa'
213 user_instance = c.auth_user.get_instance()
213 user_instance = c.auth_user.get_instance()
214 locked_by_admin = user_instance.has_forced_2fa
214 locked_by_admin = user_instance.has_forced_2fa
215 c.state_of_2fa = user_instance.has_enabled_2fa
215 c.state_of_2fa = user_instance.has_enabled_2fa
216 c.user_seen_2fa_recovery_codes = user_instance.has_seen_2fa_codes
216 c.user_seen_2fa_recovery_codes = user_instance.has_seen_2fa_codes
217 c.locked_2fa = str2bool(locked_by_admin)
217 c.locked_2fa = str2bool(locked_by_admin)
218 return self._get_template_context(c)
218 return self._get_template_context(c)
219
219
220 @LoginRequired()
220 @LoginRequired()
221 @NotAnonymous()
221 @NotAnonymous()
222 @CSRFRequired()
222 @CSRFRequired()
223 def my_account_2fa_update(self):
223 def my_account_2fa_update(self):
224 _ = self.request.translate
224 _ = self.request.translate
225 c = self.load_default_context()
225 c = self.load_default_context()
226 c.active = '2fa'
226 c.active = '2fa'
227 user_instance = c.auth_user.get_instance()
227 user_instance = c.auth_user.get_instance()
228
228
229 state = self.request.POST.get('2fa_status') == '1'
229 state = str2bool(self.request.POST.get('2fa_status'))
230 user_instance.has_enabled_2fa = state
230 user_instance.has_enabled_2fa = state
231 user_instance.update_userdata(update_2fa=time.time())
231 user_instance.update_userdata(update_2fa=time.time())
232 Session().commit()
232 Session().commit()
233 if state:
233 if state:
234 h.flash(_("2FA has been successfully enabled"), category='success')
234 h.flash(_("2FA has been successfully enabled"), category='success')
235 else:
235 else:
236 h.flash(_("2FA has been successfully disabled"), category='success')
236 h.flash(_("2FA has been successfully disabled"), category='success')
237 raise HTTPFound(self.request.route_path('my_account_configure_2fa'))
237 raise HTTPFound(self.request.route_path('my_account_configure_2fa'))
238
238
239 @LoginRequired()
239 @LoginRequired()
240 @NotAnonymous()
240 @NotAnonymous()
241 @CSRFRequired()
241 @CSRFRequired()
242 def my_account_2fa_show_recovery_codes(self):
242 def my_account_2fa_show_recovery_codes(self):
243 c = self.load_default_context()
243 c = self.load_default_context()
244 user_instance = c.auth_user.get_instance()
244 user_instance = c.auth_user.get_instance()
245 user_instance.has_seen_2fa_codes = True
245 user_instance.has_seen_2fa_codes = True
246 Session().commit()
246 Session().commit()
247 return {'recovery_codes': user_instance.get_2fa_recovery_codes()}
247 return {'recovery_codes': user_instance.get_2fa_recovery_codes()}
248
248
249 @LoginRequired()
249 @LoginRequired()
250 @NotAnonymous()
250 @NotAnonymous()
251 @CSRFRequired()
251 @CSRFRequired()
252 def my_account_2fa_regenerate_recovery_codes(self):
252 def my_account_2fa_regenerate_recovery_codes(self):
253 _ = self.request.translate
253 _ = self.request.translate
254 c = self.load_default_context()
254 c = self.load_default_context()
255 user_instance = c.auth_user.get_instance()
255 user_instance = c.auth_user.get_instance()
256
256
257 totp_form = TOTPForm(_, user_instance, allow_recovery_code_use=True)()
257 totp_form = TOTPForm(_, user_instance, allow_recovery_code_use=True)()
258
258
259 post_items = dict(self.request.POST)
259 post_items = dict(self.request.POST)
260 # NOTE: inject secret, as it's a post configured saved item.
260 # NOTE: inject secret, as it's a post configured saved item.
261 post_items['secret_totp'] = user_instance.secret_2fa
261 post_items['secret_totp'] = user_instance.secret_2fa
262 try:
262 try:
263 totp_form.to_python(post_items)
263 totp_form.to_python(post_items)
264 user_instance.regenerate_2fa_recovery_codes()
264 user_instance.regenerate_2fa_recovery_codes()
265 Session().commit()
265 Session().commit()
266 except formencode.Invalid as errors:
266 except formencode.Invalid as errors:
267 h.flash(_("Failed to generate new recovery codes: {}").format(errors), category='error')
267 h.flash(_("Failed to generate new recovery codes: {}").format(errors), category='error')
268 raise HTTPFound(self.request.route_path('my_account_configure_2fa'))
268 raise HTTPFound(self.request.route_path('my_account_configure_2fa'))
269 except Exception as e:
269 except Exception as e:
270 h.flash(_("Failed to generate new recovery codes: {}").format(e), category='error')
270 h.flash(_("Failed to generate new recovery codes: {}").format(e), category='error')
271 raise HTTPFound(self.request.route_path('my_account_configure_2fa'))
271 raise HTTPFound(self.request.route_path('my_account_configure_2fa'))
272
272
273 raise HTTPFound(self.request.route_path('my_account_configure_2fa', _query={'show-recovery-codes': 1}))
273 raise HTTPFound(self.request.route_path('my_account_configure_2fa', _query={'show-recovery-codes': 1}))
274
274
275 @LoginRequired()
275 @LoginRequired()
276 @NotAnonymous()
276 @NotAnonymous()
277 def my_account_auth_tokens(self):
277 def my_account_auth_tokens(self):
278 _ = self.request.translate
278 _ = self.request.translate
279
279
280 c = self.load_default_context()
280 c = self.load_default_context()
281 c.active = 'auth_tokens'
281 c.active = 'auth_tokens'
282 c.lifetime_values = AuthTokenModel.get_lifetime_values(translator=_)
282 c.lifetime_values = AuthTokenModel.get_lifetime_values(translator=_)
283 c.role_values = [
283 c.role_values = [
284 (x, AuthTokenModel.cls._get_role_name(x))
284 (x, AuthTokenModel.cls._get_role_name(x))
285 for x in AuthTokenModel.cls.ROLES]
285 for x in AuthTokenModel.cls.ROLES]
286 c.role_options = [(c.role_values, _("Role"))]
286 c.role_options = [(c.role_values, _("Role"))]
287 c.user_auth_tokens = AuthTokenModel().get_auth_tokens(
287 c.user_auth_tokens = AuthTokenModel().get_auth_tokens(
288 c.user.user_id, show_expired=True)
288 c.user.user_id, show_expired=True)
289 c.role_vcs = AuthTokenModel.cls.ROLE_VCS
289 c.role_vcs = AuthTokenModel.cls.ROLE_VCS
290 return self._get_template_context(c)
290 return self._get_template_context(c)
291
291
292 @LoginRequired()
292 @LoginRequired()
293 @NotAnonymous()
293 @NotAnonymous()
294 @CSRFRequired()
294 @CSRFRequired()
295 def my_account_auth_tokens_view(self):
295 def my_account_auth_tokens_view(self):
296 _ = self.request.translate
296 _ = self.request.translate
297 c = self.load_default_context()
297 c = self.load_default_context()
298
298
299 auth_token_id = self.request.POST.get('auth_token_id')
299 auth_token_id = self.request.POST.get('auth_token_id')
300
300
301 if auth_token_id:
301 if auth_token_id:
302 token = UserApiKeys.get_or_404(auth_token_id)
302 token = UserApiKeys.get_or_404(auth_token_id)
303 if token.user.user_id != c.user.user_id:
303 if token.user.user_id != c.user.user_id:
304 raise HTTPNotFound()
304 raise HTTPNotFound()
305
305
306 return {
306 return {
307 'auth_token': token.api_key
307 'auth_token': token.api_key
308 }
308 }
309
309
310 def maybe_attach_token_scope(self, token):
310 def maybe_attach_token_scope(self, token):
311 # implemented in EE edition
311 # implemented in EE edition
312 pass
312 pass
313
313
314 @LoginRequired()
314 @LoginRequired()
315 @NotAnonymous()
315 @NotAnonymous()
316 @CSRFRequired()
316 @CSRFRequired()
317 def my_account_auth_tokens_add(self):
317 def my_account_auth_tokens_add(self):
318 _ = self.request.translate
318 _ = self.request.translate
319 c = self.load_default_context()
319 c = self.load_default_context()
320
320
321 lifetime = safe_int(self.request.POST.get('lifetime'), -1)
321 lifetime = safe_int(self.request.POST.get('lifetime'), -1)
322 description = self.request.POST.get('description')
322 description = self.request.POST.get('description')
323 role = self.request.POST.get('role')
323 role = self.request.POST.get('role')
324
324
325 token = UserModel().add_auth_token(
325 token = UserModel().add_auth_token(
326 user=c.user.user_id,
326 user=c.user.user_id,
327 lifetime_minutes=lifetime, role=role, description=description,
327 lifetime_minutes=lifetime, role=role, description=description,
328 scope_callback=self.maybe_attach_token_scope)
328 scope_callback=self.maybe_attach_token_scope)
329 token_data = token.get_api_data()
329 token_data = token.get_api_data()
330
330
331 audit_logger.store_web(
331 audit_logger.store_web(
332 'user.edit.token.add', action_data={
332 'user.edit.token.add', action_data={
333 'data': {'token': token_data, 'user': 'self'}},
333 'data': {'token': token_data, 'user': 'self'}},
334 user=self._rhodecode_user, )
334 user=self._rhodecode_user, )
335 Session().commit()
335 Session().commit()
336
336
337 h.flash(_("Auth token successfully created"), category='success')
337 h.flash(_("Auth token successfully created"), category='success')
338 return HTTPFound(h.route_path('my_account_auth_tokens'))
338 return HTTPFound(h.route_path('my_account_auth_tokens'))
339
339
340 @LoginRequired()
340 @LoginRequired()
341 @NotAnonymous()
341 @NotAnonymous()
342 @CSRFRequired()
342 @CSRFRequired()
343 def my_account_auth_tokens_delete(self):
343 def my_account_auth_tokens_delete(self):
344 _ = self.request.translate
344 _ = self.request.translate
345 c = self.load_default_context()
345 c = self.load_default_context()
346
346
347 del_auth_token = self.request.POST.get('del_auth_token')
347 del_auth_token = self.request.POST.get('del_auth_token')
348
348
349 if del_auth_token:
349 if del_auth_token:
350 token = UserApiKeys.get_or_404(del_auth_token)
350 token = UserApiKeys.get_or_404(del_auth_token)
351 token_data = token.get_api_data()
351 token_data = token.get_api_data()
352
352
353 AuthTokenModel().delete(del_auth_token, c.user.user_id)
353 AuthTokenModel().delete(del_auth_token, c.user.user_id)
354 audit_logger.store_web(
354 audit_logger.store_web(
355 'user.edit.token.delete', action_data={
355 'user.edit.token.delete', action_data={
356 'data': {'token': token_data, 'user': 'self'}},
356 'data': {'token': token_data, 'user': 'self'}},
357 user=self._rhodecode_user,)
357 user=self._rhodecode_user,)
358 Session().commit()
358 Session().commit()
359 h.flash(_("Auth token successfully deleted"), category='success')
359 h.flash(_("Auth token successfully deleted"), category='success')
360
360
361 return HTTPFound(h.route_path('my_account_auth_tokens'))
361 return HTTPFound(h.route_path('my_account_auth_tokens'))
362
362
363 @LoginRequired()
363 @LoginRequired()
364 @NotAnonymous()
364 @NotAnonymous()
365 def my_account_emails(self):
365 def my_account_emails(self):
366 _ = self.request.translate
366 _ = self.request.translate
367
367
368 c = self.load_default_context()
368 c = self.load_default_context()
369 c.active = 'emails'
369 c.active = 'emails'
370
370
371 c.user_email_map = UserEmailMap.query()\
371 c.user_email_map = UserEmailMap.query()\
372 .filter(UserEmailMap.user == c.user).all()
372 .filter(UserEmailMap.user == c.user).all()
373
373
374 schema = user_schema.AddEmailSchema().bind(
374 schema = user_schema.AddEmailSchema().bind(
375 username=c.user.username, user_emails=c.user.emails)
375 username=c.user.username, user_emails=c.user.emails)
376
376
377 form = forms.RcForm(schema,
377 form = forms.RcForm(schema,
378 action=h.route_path('my_account_emails_add'),
378 action=h.route_path('my_account_emails_add'),
379 buttons=(forms.buttons.save, forms.buttons.reset))
379 buttons=(forms.buttons.save, forms.buttons.reset))
380
380
381 c.form = form
381 c.form = form
382 return self._get_template_context(c)
382 return self._get_template_context(c)
383
383
384 @LoginRequired()
384 @LoginRequired()
385 @NotAnonymous()
385 @NotAnonymous()
386 @CSRFRequired()
386 @CSRFRequired()
387 def my_account_emails_add(self):
387 def my_account_emails_add(self):
388 _ = self.request.translate
388 _ = self.request.translate
389 c = self.load_default_context()
389 c = self.load_default_context()
390 c.active = 'emails'
390 c.active = 'emails'
391
391
392 schema = user_schema.AddEmailSchema().bind(
392 schema = user_schema.AddEmailSchema().bind(
393 username=c.user.username, user_emails=c.user.emails)
393 username=c.user.username, user_emails=c.user.emails)
394
394
395 form = forms.RcForm(
395 form = forms.RcForm(
396 schema, action=h.route_path('my_account_emails_add'),
396 schema, action=h.route_path('my_account_emails_add'),
397 buttons=(forms.buttons.save, forms.buttons.reset))
397 buttons=(forms.buttons.save, forms.buttons.reset))
398
398
399 controls = list(self.request.POST.items())
399 controls = list(self.request.POST.items())
400 try:
400 try:
401 valid_data = form.validate(controls)
401 valid_data = form.validate(controls)
402 UserModel().add_extra_email(c.user.user_id, valid_data['email'])
402 UserModel().add_extra_email(c.user.user_id, valid_data['email'])
403 audit_logger.store_web(
403 audit_logger.store_web(
404 'user.edit.email.add', action_data={
404 'user.edit.email.add', action_data={
405 'data': {'email': valid_data['email'], 'user': 'self'}},
405 'data': {'email': valid_data['email'], 'user': 'self'}},
406 user=self._rhodecode_user,)
406 user=self._rhodecode_user,)
407 Session().commit()
407 Session().commit()
408 except formencode.Invalid as error:
408 except formencode.Invalid as error:
409 h.flash(h.escape(error.error_dict['email']), category='error')
409 h.flash(h.escape(error.error_dict['email']), category='error')
410 except forms.ValidationFailure as e:
410 except forms.ValidationFailure as e:
411 c.user_email_map = UserEmailMap.query() \
411 c.user_email_map = UserEmailMap.query() \
412 .filter(UserEmailMap.user == c.user).all()
412 .filter(UserEmailMap.user == c.user).all()
413 c.form = e
413 c.form = e
414 return self._get_template_context(c)
414 return self._get_template_context(c)
415 except Exception:
415 except Exception:
416 log.exception("Exception adding email")
416 log.exception("Exception adding email")
417 h.flash(_('Error occurred during adding email'),
417 h.flash(_('Error occurred during adding email'),
418 category='error')
418 category='error')
419 else:
419 else:
420 h.flash(_("Successfully added email"), category='success')
420 h.flash(_("Successfully added email"), category='success')
421
421
422 raise HTTPFound(self.request.route_path('my_account_emails'))
422 raise HTTPFound(self.request.route_path('my_account_emails'))
423
423
424 @LoginRequired()
424 @LoginRequired()
425 @NotAnonymous()
425 @NotAnonymous()
426 @CSRFRequired()
426 @CSRFRequired()
427 def my_account_emails_delete(self):
427 def my_account_emails_delete(self):
428 _ = self.request.translate
428 _ = self.request.translate
429 c = self.load_default_context()
429 c = self.load_default_context()
430
430
431 del_email_id = self.request.POST.get('del_email_id')
431 del_email_id = self.request.POST.get('del_email_id')
432 if del_email_id:
432 if del_email_id:
433 email = UserEmailMap.get_or_404(del_email_id).email
433 email = UserEmailMap.get_or_404(del_email_id).email
434 UserModel().delete_extra_email(c.user.user_id, del_email_id)
434 UserModel().delete_extra_email(c.user.user_id, del_email_id)
435 audit_logger.store_web(
435 audit_logger.store_web(
436 'user.edit.email.delete', action_data={
436 'user.edit.email.delete', action_data={
437 'data': {'email': email, 'user': 'self'}},
437 'data': {'email': email, 'user': 'self'}},
438 user=self._rhodecode_user,)
438 user=self._rhodecode_user,)
439 Session().commit()
439 Session().commit()
440 h.flash(_("Email successfully deleted"),
440 h.flash(_("Email successfully deleted"),
441 category='success')
441 category='success')
442 return HTTPFound(h.route_path('my_account_emails'))
442 return HTTPFound(h.route_path('my_account_emails'))
443
443
444 @LoginRequired()
444 @LoginRequired()
445 @NotAnonymous()
445 @NotAnonymous()
446 @CSRFRequired()
446 @CSRFRequired()
447 def my_account_notifications_test_channelstream(self):
447 def my_account_notifications_test_channelstream(self):
448 message = 'Test message sent via Channelstream by user: {}, on {}'.format(
448 message = 'Test message sent via Channelstream by user: {}, on {}'.format(
449 self._rhodecode_user.username, datetime.datetime.now())
449 self._rhodecode_user.username, datetime.datetime.now())
450 payload = {
450 payload = {
451 # 'channel': 'broadcast',
451 # 'channel': 'broadcast',
452 'type': 'message',
452 'type': 'message',
453 'timestamp': datetime.datetime.utcnow(),
453 'timestamp': datetime.datetime.utcnow(),
454 'user': 'system',
454 'user': 'system',
455 'pm_users': [self._rhodecode_user.username],
455 'pm_users': [self._rhodecode_user.username],
456 'message': {
456 'message': {
457 'message': message,
457 'message': message,
458 'level': 'info',
458 'level': 'info',
459 'topic': '/notifications'
459 'topic': '/notifications'
460 }
460 }
461 }
461 }
462
462
463 registry = self.request.registry
463 registry = self.request.registry
464 rhodecode_plugins = getattr(registry, 'rhodecode_plugins', {})
464 rhodecode_plugins = getattr(registry, 'rhodecode_plugins', {})
465 channelstream_config = rhodecode_plugins.get('channelstream', {})
465 channelstream_config = rhodecode_plugins.get('channelstream', {})
466
466
467 try:
467 try:
468 channelstream_request(channelstream_config, [payload], '/message')
468 channelstream_request(channelstream_config, [payload], '/message')
469 except ChannelstreamException as e:
469 except ChannelstreamException as e:
470 log.exception('Failed to send channelstream data')
470 log.exception('Failed to send channelstream data')
471 return {"response": f'ERROR: {e.__class__.__name__}'}
471 return {"response": f'ERROR: {e.__class__.__name__}'}
472 return {"response": 'Channelstream data sent. '
472 return {"response": 'Channelstream data sent. '
473 'You should see a new live message now.'}
473 'You should see a new live message now.'}
474
474
475 def _load_my_repos_data(self, watched=False):
475 def _load_my_repos_data(self, watched=False):
476
476
477 allowed_ids = [-1] + self._rhodecode_user.repo_acl_ids_from_stack(AuthUser.repo_read_perms)
477 allowed_ids = [-1] + self._rhodecode_user.repo_acl_ids_from_stack(AuthUser.repo_read_perms)
478
478
479 if watched:
479 if watched:
480 # repos user watch
480 # repos user watch
481 repo_list = Session().query(
481 repo_list = Session().query(
482 Repository
482 Repository
483 ) \
483 ) \
484 .join(
484 .join(
485 (UserFollowing, UserFollowing.follows_repo_id == Repository.repo_id)
485 (UserFollowing, UserFollowing.follows_repo_id == Repository.repo_id)
486 ) \
486 ) \
487 .filter(
487 .filter(
488 UserFollowing.user_id == self._rhodecode_user.user_id
488 UserFollowing.user_id == self._rhodecode_user.user_id
489 ) \
489 ) \
490 .filter(or_(
490 .filter(or_(
491 # generate multiple IN to fix limitation problems
491 # generate multiple IN to fix limitation problems
492 *in_filter_generator(Repository.repo_id, allowed_ids))
492 *in_filter_generator(Repository.repo_id, allowed_ids))
493 ) \
493 ) \
494 .order_by(Repository.repo_name) \
494 .order_by(Repository.repo_name) \
495 .all()
495 .all()
496
496
497 else:
497 else:
498 # repos user is owner of
498 # repos user is owner of
499 repo_list = Session().query(
499 repo_list = Session().query(
500 Repository
500 Repository
501 ) \
501 ) \
502 .filter(
502 .filter(
503 Repository.user_id == self._rhodecode_user.user_id
503 Repository.user_id == self._rhodecode_user.user_id
504 ) \
504 ) \
505 .filter(or_(
505 .filter(or_(
506 # generate multiple IN to fix limitation problems
506 # generate multiple IN to fix limitation problems
507 *in_filter_generator(Repository.repo_id, allowed_ids))
507 *in_filter_generator(Repository.repo_id, allowed_ids))
508 ) \
508 ) \
509 .order_by(Repository.repo_name) \
509 .order_by(Repository.repo_name) \
510 .all()
510 .all()
511
511
512 _render = self.request.get_partial_renderer(
512 _render = self.request.get_partial_renderer(
513 'rhodecode:templates/data_table/_dt_elements.mako')
513 'rhodecode:templates/data_table/_dt_elements.mako')
514
514
515 def repo_lnk(name, rtype, rstate, private, archived, fork_of):
515 def repo_lnk(name, rtype, rstate, private, archived, fork_of):
516 return _render('repo_name', name, rtype, rstate, private, archived, fork_of,
516 return _render('repo_name', name, rtype, rstate, private, archived, fork_of,
517 short_name=False, admin=False)
517 short_name=False, admin=False)
518
518
519 repos_data = []
519 repos_data = []
520 for repo in repo_list:
520 for repo in repo_list:
521 row = {
521 row = {
522 "name": repo_lnk(repo.repo_name, repo.repo_type, repo.repo_state,
522 "name": repo_lnk(repo.repo_name, repo.repo_type, repo.repo_state,
523 repo.private, repo.archived, repo.fork),
523 repo.private, repo.archived, repo.fork),
524 "name_raw": repo.repo_name.lower(),
524 "name_raw": repo.repo_name.lower(),
525 }
525 }
526
526
527 repos_data.append(row)
527 repos_data.append(row)
528
528
529 # json used to render the grid
529 # json used to render the grid
530 return ext_json.str_json(repos_data)
530 return ext_json.str_json(repos_data)
531
531
532 @LoginRequired()
532 @LoginRequired()
533 @NotAnonymous()
533 @NotAnonymous()
534 def my_account_repos(self):
534 def my_account_repos(self):
535 c = self.load_default_context()
535 c = self.load_default_context()
536 c.active = 'repos'
536 c.active = 'repos'
537
537
538 # json used to render the grid
538 # json used to render the grid
539 c.data = self._load_my_repos_data()
539 c.data = self._load_my_repos_data()
540 return self._get_template_context(c)
540 return self._get_template_context(c)
541
541
542 @LoginRequired()
542 @LoginRequired()
543 @NotAnonymous()
543 @NotAnonymous()
544 def my_account_watched(self):
544 def my_account_watched(self):
545 c = self.load_default_context()
545 c = self.load_default_context()
546 c.active = 'watched'
546 c.active = 'watched'
547
547
548 # json used to render the grid
548 # json used to render the grid
549 c.data = self._load_my_repos_data(watched=True)
549 c.data = self._load_my_repos_data(watched=True)
550 return self._get_template_context(c)
550 return self._get_template_context(c)
551
551
552 @LoginRequired()
552 @LoginRequired()
553 @NotAnonymous()
553 @NotAnonymous()
554 def my_account_bookmarks(self):
554 def my_account_bookmarks(self):
555 c = self.load_default_context()
555 c = self.load_default_context()
556 c.active = 'bookmarks'
556 c.active = 'bookmarks'
557
557
558 user_bookmarks = \
558 user_bookmarks = \
559 select(UserBookmark, Repository, RepoGroup) \
559 select(UserBookmark, Repository, RepoGroup) \
560 .where(UserBookmark.user_id == self._rhodecode_user.user_id) \
560 .where(UserBookmark.user_id == self._rhodecode_user.user_id) \
561 .outerjoin(Repository, Repository.repo_id == UserBookmark.bookmark_repo_id) \
561 .outerjoin(Repository, Repository.repo_id == UserBookmark.bookmark_repo_id) \
562 .outerjoin(RepoGroup, RepoGroup.group_id == UserBookmark.bookmark_repo_group_id) \
562 .outerjoin(RepoGroup, RepoGroup.group_id == UserBookmark.bookmark_repo_group_id) \
563 .order_by(UserBookmark.position.asc())
563 .order_by(UserBookmark.position.asc())
564
564
565 c.user_bookmark_items = Session().execute(user_bookmarks).all()
565 c.user_bookmark_items = Session().execute(user_bookmarks).all()
566 return self._get_template_context(c)
566 return self._get_template_context(c)
567
567
568 def _process_bookmark_entry(self, entry, user_id):
568 def _process_bookmark_entry(self, entry, user_id):
569 position = safe_int(entry.get('position'))
569 position = safe_int(entry.get('position'))
570 cur_position = safe_int(entry.get('cur_position'))
570 cur_position = safe_int(entry.get('cur_position'))
571 if position is None:
571 if position is None:
572 return
572 return
573
573
574 # check if this is an existing entry
574 # check if this is an existing entry
575 is_new = False
575 is_new = False
576 db_entry = UserBookmark().get_by_position_for_user(cur_position, user_id)
576 db_entry = UserBookmark().get_by_position_for_user(cur_position, user_id)
577
577
578 if db_entry and str2bool(entry.get('remove')):
578 if db_entry and str2bool(entry.get('remove')):
579 log.debug('Marked bookmark %s for deletion', db_entry)
579 log.debug('Marked bookmark %s for deletion', db_entry)
580 Session().delete(db_entry)
580 Session().delete(db_entry)
581 return
581 return
582
582
583 if not db_entry:
583 if not db_entry:
584 # new
584 # new
585 db_entry = UserBookmark()
585 db_entry = UserBookmark()
586 is_new = True
586 is_new = True
587
587
588 should_save = False
588 should_save = False
589 default_redirect_url = ''
589 default_redirect_url = ''
590
590
591 # save repo
591 # save repo
592 if entry.get('bookmark_repo') and safe_int(entry.get('bookmark_repo')):
592 if entry.get('bookmark_repo') and safe_int(entry.get('bookmark_repo')):
593 repo = Repository.get(entry['bookmark_repo'])
593 repo = Repository.get(entry['bookmark_repo'])
594 perm_check = HasRepoPermissionAny(
594 perm_check = HasRepoPermissionAny(
595 'repository.read', 'repository.write', 'repository.admin')
595 'repository.read', 'repository.write', 'repository.admin')
596 if repo and perm_check(repo_name=repo.repo_name):
596 if repo and perm_check(repo_name=repo.repo_name):
597 db_entry.repository = repo
597 db_entry.repository = repo
598 should_save = True
598 should_save = True
599 default_redirect_url = '${repo_url}'
599 default_redirect_url = '${repo_url}'
600 # save repo group
600 # save repo group
601 elif entry.get('bookmark_repo_group') and safe_int(entry.get('bookmark_repo_group')):
601 elif entry.get('bookmark_repo_group') and safe_int(entry.get('bookmark_repo_group')):
602 repo_group = RepoGroup.get(entry['bookmark_repo_group'])
602 repo_group = RepoGroup.get(entry['bookmark_repo_group'])
603 perm_check = HasRepoGroupPermissionAny(
603 perm_check = HasRepoGroupPermissionAny(
604 'group.read', 'group.write', 'group.admin')
604 'group.read', 'group.write', 'group.admin')
605
605
606 if repo_group and perm_check(group_name=repo_group.group_name):
606 if repo_group and perm_check(group_name=repo_group.group_name):
607 db_entry.repository_group = repo_group
607 db_entry.repository_group = repo_group
608 should_save = True
608 should_save = True
609 default_redirect_url = '${repo_group_url}'
609 default_redirect_url = '${repo_group_url}'
610 # save generic info
610 # save generic info
611 elif entry.get('title') and entry.get('redirect_url'):
611 elif entry.get('title') and entry.get('redirect_url'):
612 should_save = True
612 should_save = True
613
613
614 if should_save:
614 if should_save:
615 # mark user and position
615 # mark user and position
616 db_entry.user_id = user_id
616 db_entry.user_id = user_id
617 db_entry.position = position
617 db_entry.position = position
618 db_entry.title = entry.get('title')
618 db_entry.title = entry.get('title')
619 db_entry.redirect_url = entry.get('redirect_url') or default_redirect_url
619 db_entry.redirect_url = entry.get('redirect_url') or default_redirect_url
620 log.debug('Saving bookmark %s, new:%s', db_entry, is_new)
620 log.debug('Saving bookmark %s, new:%s', db_entry, is_new)
621
621
622 Session().add(db_entry)
622 Session().add(db_entry)
623
623
624 @LoginRequired()
624 @LoginRequired()
625 @NotAnonymous()
625 @NotAnonymous()
626 @CSRFRequired()
626 @CSRFRequired()
627 def my_account_bookmarks_update(self):
627 def my_account_bookmarks_update(self):
628 _ = self.request.translate
628 _ = self.request.translate
629 c = self.load_default_context()
629 c = self.load_default_context()
630 c.active = 'bookmarks'
630 c.active = 'bookmarks'
631
631
632 controls = peppercorn.parse(self.request.POST.items())
632 controls = peppercorn.parse(self.request.POST.items())
633 user_id = c.user.user_id
633 user_id = c.user.user_id
634
634
635 # validate positions
635 # validate positions
636 positions = {}
636 positions = {}
637 for entry in controls.get('bookmarks', []):
637 for entry in controls.get('bookmarks', []):
638 position = safe_int(entry['position'])
638 position = safe_int(entry['position'])
639 if position is None:
639 if position is None:
640 continue
640 continue
641
641
642 if position in positions:
642 if position in positions:
643 h.flash(_("Position {} is defined twice. "
643 h.flash(_("Position {} is defined twice. "
644 "Please correct this error.").format(position), category='error')
644 "Please correct this error.").format(position), category='error')
645 return HTTPFound(h.route_path('my_account_bookmarks'))
645 return HTTPFound(h.route_path('my_account_bookmarks'))
646
646
647 entry['position'] = position
647 entry['position'] = position
648 entry['cur_position'] = safe_int(entry.get('cur_position'))
648 entry['cur_position'] = safe_int(entry.get('cur_position'))
649 positions[position] = entry
649 positions[position] = entry
650
650
651 try:
651 try:
652 for entry in positions.values():
652 for entry in positions.values():
653 self._process_bookmark_entry(entry, user_id)
653 self._process_bookmark_entry(entry, user_id)
654
654
655 Session().commit()
655 Session().commit()
656 h.flash(_("Update Bookmarks"), category='success')
656 h.flash(_("Update Bookmarks"), category='success')
657 except IntegrityError:
657 except IntegrityError:
658 h.flash(_("Failed to update bookmarks. "
658 h.flash(_("Failed to update bookmarks. "
659 "Make sure an unique position is used."), category='error')
659 "Make sure an unique position is used."), category='error')
660
660
661 return HTTPFound(h.route_path('my_account_bookmarks'))
661 return HTTPFound(h.route_path('my_account_bookmarks'))
662
662
663 @LoginRequired()
663 @LoginRequired()
664 @NotAnonymous()
664 @NotAnonymous()
665 def my_account_goto_bookmark(self):
665 def my_account_goto_bookmark(self):
666
666
667 bookmark_id = self.request.matchdict['bookmark_id']
667 bookmark_id = self.request.matchdict['bookmark_id']
668 user_bookmark = UserBookmark().query()\
668 user_bookmark = UserBookmark().query()\
669 .filter(UserBookmark.user_id == self.request.user.user_id) \
669 .filter(UserBookmark.user_id == self.request.user.user_id) \
670 .filter(UserBookmark.position == bookmark_id).scalar()
670 .filter(UserBookmark.position == bookmark_id).scalar()
671
671
672 redirect_url = h.route_path('my_account_bookmarks')
672 redirect_url = h.route_path('my_account_bookmarks')
673 if not user_bookmark:
673 if not user_bookmark:
674 raise HTTPFound(redirect_url)
674 raise HTTPFound(redirect_url)
675
675
676 # repository set
676 # repository set
677 if user_bookmark.repository:
677 if user_bookmark.repository:
678 repo_name = user_bookmark.repository.repo_name
678 repo_name = user_bookmark.repository.repo_name
679 base_redirect_url = h.route_path(
679 base_redirect_url = h.route_path(
680 'repo_summary', repo_name=repo_name)
680 'repo_summary', repo_name=repo_name)
681 if user_bookmark.redirect_url and \
681 if user_bookmark.redirect_url and \
682 '${repo_url}' in user_bookmark.redirect_url:
682 '${repo_url}' in user_bookmark.redirect_url:
683 redirect_url = string.Template(user_bookmark.redirect_url)\
683 redirect_url = string.Template(user_bookmark.redirect_url)\
684 .safe_substitute({'repo_url': base_redirect_url})
684 .safe_substitute({'repo_url': base_redirect_url})
685 else:
685 else:
686 redirect_url = base_redirect_url
686 redirect_url = base_redirect_url
687 # repository group set
687 # repository group set
688 elif user_bookmark.repository_group:
688 elif user_bookmark.repository_group:
689 repo_group_name = user_bookmark.repository_group.group_name
689 repo_group_name = user_bookmark.repository_group.group_name
690 base_redirect_url = h.route_path(
690 base_redirect_url = h.route_path(
691 'repo_group_home', repo_group_name=repo_group_name)
691 'repo_group_home', repo_group_name=repo_group_name)
692 if user_bookmark.redirect_url and \
692 if user_bookmark.redirect_url and \
693 '${repo_group_url}' in user_bookmark.redirect_url:
693 '${repo_group_url}' in user_bookmark.redirect_url:
694 redirect_url = string.Template(user_bookmark.redirect_url)\
694 redirect_url = string.Template(user_bookmark.redirect_url)\
695 .safe_substitute({'repo_group_url': base_redirect_url})
695 .safe_substitute({'repo_group_url': base_redirect_url})
696 else:
696 else:
697 redirect_url = base_redirect_url
697 redirect_url = base_redirect_url
698 # custom URL set
698 # custom URL set
699 elif user_bookmark.redirect_url:
699 elif user_bookmark.redirect_url:
700 server_url = h.route_url('home').rstrip('/')
700 server_url = h.route_url('home').rstrip('/')
701 redirect_url = string.Template(user_bookmark.redirect_url) \
701 redirect_url = string.Template(user_bookmark.redirect_url) \
702 .safe_substitute({'server_url': server_url})
702 .safe_substitute({'server_url': server_url})
703
703
704 log.debug('Redirecting bookmark %s to %s', user_bookmark, redirect_url)
704 log.debug('Redirecting bookmark %s to %s', user_bookmark, redirect_url)
705 raise HTTPFound(redirect_url)
705 raise HTTPFound(redirect_url)
706
706
707 @LoginRequired()
707 @LoginRequired()
708 @NotAnonymous()
708 @NotAnonymous()
709 def my_account_perms(self):
709 def my_account_perms(self):
710 c = self.load_default_context()
710 c = self.load_default_context()
711 c.active = 'perms'
711 c.active = 'perms'
712
712
713 c.perm_user = c.auth_user
713 c.perm_user = c.auth_user
714 return self._get_template_context(c)
714 return self._get_template_context(c)
715
715
716 @LoginRequired()
716 @LoginRequired()
717 @NotAnonymous()
717 @NotAnonymous()
718 def my_notifications(self):
718 def my_notifications(self):
719 c = self.load_default_context()
719 c = self.load_default_context()
720 c.active = 'notifications'
720 c.active = 'notifications'
721
721
722 return self._get_template_context(c)
722 return self._get_template_context(c)
723
723
724 @LoginRequired()
724 @LoginRequired()
725 @NotAnonymous()
725 @NotAnonymous()
726 @CSRFRequired()
726 @CSRFRequired()
727 def my_notifications_toggle_visibility(self):
727 def my_notifications_toggle_visibility(self):
728 user = self._rhodecode_db_user
728 user = self._rhodecode_db_user
729 new_status = not user.user_data.get('notification_status', True)
729 new_status = not user.user_data.get('notification_status', True)
730 user.update_userdata(notification_status=new_status)
730 user.update_userdata(notification_status=new_status)
731 Session().commit()
731 Session().commit()
732 return user.user_data['notification_status']
732 return user.user_data['notification_status']
733
733
734 def _get_pull_requests_list(self, statuses, filter_type=None):
734 def _get_pull_requests_list(self, statuses, filter_type=None):
735 draw, start, limit = self._extract_chunk(self.request)
735 draw, start, limit = self._extract_chunk(self.request)
736 search_q, order_by, order_dir = self._extract_ordering(self.request)
736 search_q, order_by, order_dir = self._extract_ordering(self.request)
737
737
738 _render = self.request.get_partial_renderer(
738 _render = self.request.get_partial_renderer(
739 'rhodecode:templates/data_table/_dt_elements.mako')
739 'rhodecode:templates/data_table/_dt_elements.mako')
740
740
741 if filter_type == 'awaiting_my_review':
741 if filter_type == 'awaiting_my_review':
742 pull_requests = PullRequestModel().get_im_participating_in_for_review(
742 pull_requests = PullRequestModel().get_im_participating_in_for_review(
743 user_id=self._rhodecode_user.user_id,
743 user_id=self._rhodecode_user.user_id,
744 statuses=statuses, query=search_q,
744 statuses=statuses, query=search_q,
745 offset=start, length=limit, order_by=order_by,
745 offset=start, length=limit, order_by=order_by,
746 order_dir=order_dir)
746 order_dir=order_dir)
747
747
748 pull_requests_total_count = PullRequestModel().count_im_participating_in_for_review(
748 pull_requests_total_count = PullRequestModel().count_im_participating_in_for_review(
749 user_id=self._rhodecode_user.user_id, statuses=statuses, query=search_q)
749 user_id=self._rhodecode_user.user_id, statuses=statuses, query=search_q)
750 else:
750 else:
751 pull_requests = PullRequestModel().get_im_participating_in(
751 pull_requests = PullRequestModel().get_im_participating_in(
752 user_id=self._rhodecode_user.user_id,
752 user_id=self._rhodecode_user.user_id,
753 statuses=statuses, query=search_q,
753 statuses=statuses, query=search_q,
754 offset=start, length=limit, order_by=order_by,
754 offset=start, length=limit, order_by=order_by,
755 order_dir=order_dir)
755 order_dir=order_dir)
756
756
757 pull_requests_total_count = PullRequestModel().count_im_participating_in(
757 pull_requests_total_count = PullRequestModel().count_im_participating_in(
758 user_id=self._rhodecode_user.user_id, statuses=statuses, query=search_q)
758 user_id=self._rhodecode_user.user_id, statuses=statuses, query=search_q)
759
759
760 data = []
760 data = []
761 comments_model = CommentsModel()
761 comments_model = CommentsModel()
762 for pr in pull_requests:
762 for pr in pull_requests:
763 repo_id = pr.target_repo_id
763 repo_id = pr.target_repo_id
764 comments_count = comments_model.get_all_comments(
764 comments_count = comments_model.get_all_comments(
765 repo_id, pull_request=pr, include_drafts=False, count_only=True)
765 repo_id, pull_request=pr, include_drafts=False, count_only=True)
766 owned = pr.user_id == self._rhodecode_user.user_id
766 owned = pr.user_id == self._rhodecode_user.user_id
767
767
768 review_statuses = pr.reviewers_statuses(user=self._rhodecode_db_user)
768 review_statuses = pr.reviewers_statuses(user=self._rhodecode_db_user)
769 my_review_status = ChangesetStatus.STATUS_NOT_REVIEWED
769 my_review_status = ChangesetStatus.STATUS_NOT_REVIEWED
770 if review_statuses and review_statuses[4]:
770 if review_statuses and review_statuses[4]:
771 _review_obj, _user, _reasons, _mandatory, statuses = review_statuses
771 _review_obj, _user, _reasons, _mandatory, statuses = review_statuses
772 my_review_status = statuses[0][1].status
772 my_review_status = statuses[0][1].status
773
773
774 data.append({
774 data.append({
775 'target_repo': _render('pullrequest_target_repo',
775 'target_repo': _render('pullrequest_target_repo',
776 pr.target_repo.repo_name),
776 pr.target_repo.repo_name),
777 'name': _render('pullrequest_name',
777 'name': _render('pullrequest_name',
778 pr.pull_request_id, pr.pull_request_state,
778 pr.pull_request_id, pr.pull_request_state,
779 pr.work_in_progress, pr.target_repo.repo_name,
779 pr.work_in_progress, pr.target_repo.repo_name,
780 short=True),
780 short=True),
781 'name_raw': pr.pull_request_id,
781 'name_raw': pr.pull_request_id,
782 'status': _render('pullrequest_status',
782 'status': _render('pullrequest_status',
783 pr.calculated_review_status()),
783 pr.calculated_review_status()),
784 'my_status': _render('pullrequest_status',
784 'my_status': _render('pullrequest_status',
785 my_review_status),
785 my_review_status),
786 'title': _render('pullrequest_title', pr.title, pr.description),
786 'title': _render('pullrequest_title', pr.title, pr.description),
787 'pr_flow': _render('pullrequest_commit_flow', pr),
787 'pr_flow': _render('pullrequest_commit_flow', pr),
788 'description': h.escape(pr.description),
788 'description': h.escape(pr.description),
789 'updated_on': _render('pullrequest_updated_on',
789 'updated_on': _render('pullrequest_updated_on',
790 h.datetime_to_time(pr.updated_on),
790 h.datetime_to_time(pr.updated_on),
791 pr.versions_count),
791 pr.versions_count),
792 'updated_on_raw': h.datetime_to_time(pr.updated_on),
792 'updated_on_raw': h.datetime_to_time(pr.updated_on),
793 'created_on': _render('pullrequest_updated_on',
793 'created_on': _render('pullrequest_updated_on',
794 h.datetime_to_time(pr.created_on)),
794 h.datetime_to_time(pr.created_on)),
795 'created_on_raw': h.datetime_to_time(pr.created_on),
795 'created_on_raw': h.datetime_to_time(pr.created_on),
796 'state': pr.pull_request_state,
796 'state': pr.pull_request_state,
797 'author': _render('pullrequest_author',
797 'author': _render('pullrequest_author',
798 pr.author.full_contact, ),
798 pr.author.full_contact, ),
799 'author_raw': pr.author.full_name,
799 'author_raw': pr.author.full_name,
800 'comments': _render('pullrequest_comments', comments_count),
800 'comments': _render('pullrequest_comments', comments_count),
801 'comments_raw': comments_count,
801 'comments_raw': comments_count,
802 'closed': pr.is_closed(),
802 'closed': pr.is_closed(),
803 'owned': owned
803 'owned': owned
804 })
804 })
805
805
806 # json used to render the grid
806 # json used to render the grid
807 data = ({
807 data = ({
808 'draw': draw,
808 'draw': draw,
809 'data': data,
809 'data': data,
810 'recordsTotal': pull_requests_total_count,
810 'recordsTotal': pull_requests_total_count,
811 'recordsFiltered': pull_requests_total_count,
811 'recordsFiltered': pull_requests_total_count,
812 })
812 })
813 return data
813 return data
814
814
815 @LoginRequired()
815 @LoginRequired()
816 @NotAnonymous()
816 @NotAnonymous()
817 def my_account_pullrequests(self):
817 def my_account_pullrequests(self):
818 c = self.load_default_context()
818 c = self.load_default_context()
819 c.active = 'pullrequests'
819 c.active = 'pullrequests'
820 req_get = self.request.GET
820 req_get = self.request.GET
821
821
822 c.closed = str2bool(req_get.get('closed'))
822 c.closed = str2bool(req_get.get('closed'))
823 c.awaiting_my_review = str2bool(req_get.get('awaiting_my_review'))
823 c.awaiting_my_review = str2bool(req_get.get('awaiting_my_review'))
824
824
825 c.selected_filter = 'all'
825 c.selected_filter = 'all'
826 if c.closed:
826 if c.closed:
827 c.selected_filter = 'all_closed'
827 c.selected_filter = 'all_closed'
828 if c.awaiting_my_review:
828 if c.awaiting_my_review:
829 c.selected_filter = 'awaiting_my_review'
829 c.selected_filter = 'awaiting_my_review'
830
830
831 return self._get_template_context(c)
831 return self._get_template_context(c)
832
832
833 @LoginRequired()
833 @LoginRequired()
834 @NotAnonymous()
834 @NotAnonymous()
835 def my_account_pullrequests_data(self):
835 def my_account_pullrequests_data(self):
836 self.load_default_context()
836 self.load_default_context()
837 req_get = self.request.GET
837 req_get = self.request.GET
838
838
839 awaiting_my_review = str2bool(req_get.get('awaiting_my_review'))
839 awaiting_my_review = str2bool(req_get.get('awaiting_my_review'))
840 closed = str2bool(req_get.get('closed'))
840 closed = str2bool(req_get.get('closed'))
841
841
842 statuses = [PullRequest.STATUS_NEW, PullRequest.STATUS_OPEN]
842 statuses = [PullRequest.STATUS_NEW, PullRequest.STATUS_OPEN]
843 if closed:
843 if closed:
844 statuses += [PullRequest.STATUS_CLOSED]
844 statuses += [PullRequest.STATUS_CLOSED]
845
845
846 filter_type = \
846 filter_type = \
847 'awaiting_my_review' if awaiting_my_review \
847 'awaiting_my_review' if awaiting_my_review \
848 else None
848 else None
849
849
850 data = self._get_pull_requests_list(statuses=statuses, filter_type=filter_type)
850 data = self._get_pull_requests_list(statuses=statuses, filter_type=filter_type)
851 return data
851 return data
852
852
853 @LoginRequired()
853 @LoginRequired()
854 @NotAnonymous()
854 @NotAnonymous()
855 def my_account_user_group_membership(self):
855 def my_account_user_group_membership(self):
856 c = self.load_default_context()
856 c = self.load_default_context()
857 c.active = 'user_group_membership'
857 c.active = 'user_group_membership'
858 groups = [UserGroupModel.get_user_groups_as_dict(group.users_group)
858 groups = [UserGroupModel.get_user_groups_as_dict(group.users_group)
859 for group in self._rhodecode_db_user.group_member]
859 for group in self._rhodecode_db_user.group_member]
860 c.user_groups = ext_json.str_json(groups)
860 c.user_groups = ext_json.str_json(groups)
861 return self._get_template_context(c)
861 return self._get_template_context(c)
Show file before | Show file after | Hide comments
@@ -1,6038 +1,6038 b''
1 # Copyright (C) 2010-2023 RhodeCode GmbH
1 # Copyright (C) 2010-2023 RhodeCode GmbH
2 #
2 #
3 # This program is free software: you can redistribute it and/or modify
3 # This program is free software: you can redistribute it and/or modify
4 # it under the terms of the GNU Affero General Public License, version 3
4 # it under the terms of the GNU Affero General Public License, version 3
5 # (only), as published by the Free Software Foundation.
5 # (only), as published by the Free Software Foundation.
6 #
6 #
7 # This program is distributed in the hope that it will be useful,
7 # This program is distributed in the hope that it will be useful,
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 # GNU General Public License for more details.
10 # GNU General Public License for more details.
11 #
11 #
12 # You should have received a copy of the GNU Affero General Public License
12 # You should have received a copy of the GNU Affero General Public License
13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
14 #
14 #
15 # This program is dual-licensed. If you wish to learn more about the
15 # This program is dual-licensed. If you wish to learn more about the
16 # RhodeCode Enterprise Edition, including its added features, Support services,
16 # RhodeCode Enterprise Edition, including its added features, Support services,
17 # and proprietary license terms, please see https://rhodecode.com/licenses/
17 # and proprietary license terms, please see https://rhodecode.com/licenses/
18
18
19 """
19 """
20 Database Models for RhodeCode Enterprise
20 Database Models for RhodeCode Enterprise
21 """
21 """
22
22
23 import re
23 import re
24 import os
24 import os
25 import time
25 import time
26 import string
26 import string
27 import logging
27 import logging
28 import datetime
28 import datetime
29 import uuid
29 import uuid
30 import warnings
30 import warnings
31 import ipaddress
31 import ipaddress
32 import functools
32 import functools
33 import traceback
33 import traceback
34 import collections
34 import collections
35
35
36 import pyotp
36 import pyotp
37 from sqlalchemy import (
37 from sqlalchemy import (
38 or_, and_, not_, func, cast, TypeDecorator, event, select,
38 or_, and_, not_, func, cast, TypeDecorator, event, select,
39 true, false, null, union_all,
39 true, false, null, union_all,
40 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
40 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
41 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
41 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
42 Text, Float, PickleType, BigInteger)
42 Text, Float, PickleType, BigInteger)
43 from sqlalchemy.sql.expression import case
43 from sqlalchemy.sql.expression import case
44 from sqlalchemy.sql.functions import coalesce, count # pragma: no cover
44 from sqlalchemy.sql.functions import coalesce, count # pragma: no cover
45 from sqlalchemy.orm import (
45 from sqlalchemy.orm import (
46 relationship, lazyload, joinedload, class_mapper, validates, aliased, load_only)
46 relationship, lazyload, joinedload, class_mapper, validates, aliased, load_only)
47 from sqlalchemy.ext.declarative import declared_attr
47 from sqlalchemy.ext.declarative import declared_attr
48 from sqlalchemy.ext.hybrid import hybrid_property
48 from sqlalchemy.ext.hybrid import hybrid_property
49 from sqlalchemy.exc import IntegrityError # pragma: no cover
49 from sqlalchemy.exc import IntegrityError # pragma: no cover
50 from sqlalchemy.dialects.mysql import LONGTEXT
50 from sqlalchemy.dialects.mysql import LONGTEXT
51 from zope.cachedescriptors.property import Lazy as LazyProperty
51 from zope.cachedescriptors.property import Lazy as LazyProperty
52 from pyramid.threadlocal import get_current_request
52 from pyramid.threadlocal import get_current_request
53 from webhelpers2.text import remove_formatting
53 from webhelpers2.text import remove_formatting
54
54
55 from rhodecode import ConfigGet
55 from rhodecode import ConfigGet
56 from rhodecode.lib.str_utils import safe_bytes
56 from rhodecode.lib.str_utils import safe_bytes
57 from rhodecode.translation import _
57 from rhodecode.translation import _
58 from rhodecode.lib.vcs import get_vcs_instance, VCSError
58 from rhodecode.lib.vcs import get_vcs_instance, VCSError
59 from rhodecode.lib.vcs.backends.base import (
59 from rhodecode.lib.vcs.backends.base import (
60 EmptyCommit, Reference, unicode_to_reference, reference_to_unicode)
60 EmptyCommit, Reference, unicode_to_reference, reference_to_unicode)
61 from rhodecode.lib.utils2 import (
61 from rhodecode.lib.utils2 import (
62 str2bool, safe_str, get_commit_safe, sha1_safe,
62 str2bool, safe_str, get_commit_safe, sha1_safe,
63 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
63 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
64 glob2re, StrictAttributeDict, cleaned_uri, datetime_to_time)
64 glob2re, StrictAttributeDict, cleaned_uri, datetime_to_time)
65 from rhodecode.lib.jsonalchemy import (
65 from rhodecode.lib.jsonalchemy import (
66 MutationObj, MutationList, JsonType, JsonRaw)
66 MutationObj, MutationList, JsonType, JsonRaw)
67 from rhodecode.lib.hash_utils import sha1
67 from rhodecode.lib.hash_utils import sha1
68 from rhodecode.lib import ext_json
68 from rhodecode.lib import ext_json
69 from rhodecode.lib import enc_utils
69 from rhodecode.lib import enc_utils
70 from rhodecode.lib.ext_json import json, str_json
70 from rhodecode.lib.ext_json import json, str_json
71 from rhodecode.lib.caching_query import FromCache
71 from rhodecode.lib.caching_query import FromCache
72 from rhodecode.lib.exceptions import (
72 from rhodecode.lib.exceptions import (
73 ArtifactMetadataDuplicate, ArtifactMetadataBadValueType)
73 ArtifactMetadataDuplicate, ArtifactMetadataBadValueType)
74 from rhodecode.model.meta import Base, Session
74 from rhodecode.model.meta import Base, Session
75
75
76 URL_SEP = '/'
76 URL_SEP = '/'
77 log = logging.getLogger(__name__)
77 log = logging.getLogger(__name__)
78
78
79 # =============================================================================
79 # =============================================================================
80 # BASE CLASSES
80 # BASE CLASSES
81 # =============================================================================
81 # =============================================================================
82
82
83 # this is propagated from .ini file rhodecode.encrypted_values.secret or
83 # this is propagated from .ini file rhodecode.encrypted_values.secret or
84 # beaker.session.secret if first is not set.
84 # beaker.session.secret if first is not set.
85 # and initialized at environment.py
85 # and initialized at environment.py
86 ENCRYPTION_KEY: bytes = b''
86 ENCRYPTION_KEY: bytes = b''
87
87
88 # used to sort permissions by types, '#' used here is not allowed to be in
88 # used to sort permissions by types, '#' used here is not allowed to be in
89 # usernames, and it's very early in sorted string.printable table.
89 # usernames, and it's very early in sorted string.printable table.
90 PERMISSION_TYPE_SORT = {
90 PERMISSION_TYPE_SORT = {
91 'admin': '####',
91 'admin': '####',
92 'write': '###',
92 'write': '###',
93 'read': '##',
93 'read': '##',
94 'none': '#',
94 'none': '#',
95 }
95 }
96
96
97
97
98 def display_user_sort(obj):
98 def display_user_sort(obj):
99 """
99 """
100 Sort function used to sort permissions in .permissions() function of
100 Sort function used to sort permissions in .permissions() function of
101 Repository, RepoGroup, UserGroup. Also it put the default user in front
101 Repository, RepoGroup, UserGroup. Also it put the default user in front
102 of all other resources
102 of all other resources
103 """
103 """
104
104
105 if obj.username == User.DEFAULT_USER:
105 if obj.username == User.DEFAULT_USER:
106 return '#####'
106 return '#####'
107 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
107 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
108 extra_sort_num = '1' # default
108 extra_sort_num = '1' # default
109
109
110 # NOTE(dan): inactive duplicates goes last
110 # NOTE(dan): inactive duplicates goes last
111 if getattr(obj, 'duplicate_perm', None):
111 if getattr(obj, 'duplicate_perm', None):
112 extra_sort_num = '9'
112 extra_sort_num = '9'
113 return prefix + extra_sort_num + obj.username
113 return prefix + extra_sort_num + obj.username
114
114
115
115
116 def display_user_group_sort(obj):
116 def display_user_group_sort(obj):
117 """
117 """
118 Sort function used to sort permissions in .permissions() function of
118 Sort function used to sort permissions in .permissions() function of
119 Repository, RepoGroup, UserGroup. Also it put the default user in front
119 Repository, RepoGroup, UserGroup. Also it put the default user in front
120 of all other resources
120 of all other resources
121 """
121 """
122
122
123 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
123 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
124 return prefix + obj.users_group_name
124 return prefix + obj.users_group_name
125
125
126
126
127 def _hash_key(k):
127 def _hash_key(k):
128 return sha1_safe(k)
128 return sha1_safe(k)
129
129
130
130
131 def in_filter_generator(qry, items, limit=500):
131 def in_filter_generator(qry, items, limit=500):
132 """
132 """
133 Splits IN() into multiple with OR
133 Splits IN() into multiple with OR
134 e.g.::
134 e.g.::
135 cnt = Repository.query().filter(
135 cnt = Repository.query().filter(
136 or_(
136 or_(
137 *in_filter_generator(Repository.repo_id, range(100000))
137 *in_filter_generator(Repository.repo_id, range(100000))
138 )).count()
138 )).count()
139 """
139 """
140 if not items:
140 if not items:
141 # empty list will cause empty query which might cause security issues
141 # empty list will cause empty query which might cause security issues
142 # this can lead to hidden unpleasant results
142 # this can lead to hidden unpleasant results
143 items = [-1]
143 items = [-1]
144
144
145 parts = []
145 parts = []
146 for chunk in range(0, len(items), limit):
146 for chunk in range(0, len(items), limit):
147 parts.append(
147 parts.append(
148 qry.in_(items[chunk: chunk + limit])
148 qry.in_(items[chunk: chunk + limit])
149 )
149 )
150
150
151 return parts
151 return parts
152
152
153
153
154 base_table_args = {
154 base_table_args = {
155 'extend_existing': True,
155 'extend_existing': True,
156 'mysql_engine': 'InnoDB',
156 'mysql_engine': 'InnoDB',
157 'mysql_charset': 'utf8',
157 'mysql_charset': 'utf8',
158 'sqlite_autoincrement': True
158 'sqlite_autoincrement': True
159 }
159 }
160
160
161
161
162 class EncryptedTextValue(TypeDecorator):
162 class EncryptedTextValue(TypeDecorator):
163 """
163 """
164 Special column for encrypted long text data, use like::
164 Special column for encrypted long text data, use like::
165
165
166 value = Column("encrypted_value", EncryptedValue(), nullable=False)
166 value = Column("encrypted_value", EncryptedValue(), nullable=False)
167
167
168 This column is intelligent so if value is in unencrypted form it return
168 This column is intelligent so if value is in unencrypted form it return
169 unencrypted form, but on save it always encrypts
169 unencrypted form, but on save it always encrypts
170 """
170 """
171 cache_ok = True
171 cache_ok = True
172 impl = Text
172 impl = Text
173
173
174 def process_bind_param(self, value, dialect):
174 def process_bind_param(self, value, dialect):
175 """
175 """
176 Setter for storing value
176 Setter for storing value
177 """
177 """
178 import rhodecode
178 import rhodecode
179 if not value:
179 if not value:
180 return value
180 return value
181
181
182 # protect against double encrypting if values is already encrypted
182 # protect against double encrypting if values is already encrypted
183 if value.startswith('enc$aes$') \
183 if value.startswith('enc$aes$') \
184 or value.startswith('enc$aes_hmac$') \
184 or value.startswith('enc$aes_hmac$') \
185 or value.startswith('enc2$'):
185 or value.startswith('enc2$'):
186 raise ValueError('value needs to be in unencrypted format, '
186 raise ValueError('value needs to be in unencrypted format, '
187 'ie. not starting with enc$ or enc2$')
187 'ie. not starting with enc$ or enc2$')
188
188
189 algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
189 algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
190 bytes_val = enc_utils.encrypt_value(value, enc_key=ENCRYPTION_KEY, algo=algo)
190 bytes_val = enc_utils.encrypt_value(value, enc_key=ENCRYPTION_KEY, algo=algo)
191 return safe_str(bytes_val)
191 return safe_str(bytes_val)
192
192
193 def process_result_value(self, value, dialect):
193 def process_result_value(self, value, dialect):
194 """
194 """
195 Getter for retrieving value
195 Getter for retrieving value
196 """
196 """
197
197
198 import rhodecode
198 import rhodecode
199 if not value:
199 if not value:
200 return value
200 return value
201
201
202 bytes_val = enc_utils.decrypt_value(value, enc_key=ENCRYPTION_KEY)
202 bytes_val = enc_utils.decrypt_value(value, enc_key=ENCRYPTION_KEY)
203
203
204 return safe_str(bytes_val)
204 return safe_str(bytes_val)
205
205
206
206
207 class BaseModel(object):
207 class BaseModel(object):
208 """
208 """
209 Base Model for all classes
209 Base Model for all classes
210 """
210 """
211
211
212 @classmethod
212 @classmethod
213 def _get_keys(cls):
213 def _get_keys(cls):
214 """return column names for this model """
214 """return column names for this model """
215 return class_mapper(cls).c.keys()
215 return class_mapper(cls).c.keys()
216
216
217 def get_dict(self):
217 def get_dict(self):
218 """
218 """
219 return dict with keys and values corresponding
219 return dict with keys and values corresponding
220 to this model data """
220 to this model data """
221
221
222 d = {}
222 d = {}
223 for k in self._get_keys():
223 for k in self._get_keys():
224 d[k] = getattr(self, k)
224 d[k] = getattr(self, k)
225
225
226 # also use __json__() if present to get additional fields
226 # also use __json__() if present to get additional fields
227 _json_attr = getattr(self, '__json__', None)
227 _json_attr = getattr(self, '__json__', None)
228 if _json_attr:
228 if _json_attr:
229 # update with attributes from __json__
229 # update with attributes from __json__
230 if callable(_json_attr):
230 if callable(_json_attr):
231 _json_attr = _json_attr()
231 _json_attr = _json_attr()
232 for k, val in _json_attr.items():
232 for k, val in _json_attr.items():
233 d[k] = val
233 d[k] = val
234 return d
234 return d
235
235
236 def get_appstruct(self):
236 def get_appstruct(self):
237 """return list with keys and values tuples corresponding
237 """return list with keys and values tuples corresponding
238 to this model data """
238 to this model data """
239
239
240 lst = []
240 lst = []
241 for k in self._get_keys():
241 for k in self._get_keys():
242 lst.append((k, getattr(self, k),))
242 lst.append((k, getattr(self, k),))
243 return lst
243 return lst
244
244
245 def populate_obj(self, populate_dict):
245 def populate_obj(self, populate_dict):
246 """populate model with data from given populate_dict"""
246 """populate model with data from given populate_dict"""
247
247
248 for k in self._get_keys():
248 for k in self._get_keys():
249 if k in populate_dict:
249 if k in populate_dict:
250 setattr(self, k, populate_dict[k])
250 setattr(self, k, populate_dict[k])
251
251
252 @classmethod
252 @classmethod
253 def query(cls):
253 def query(cls):
254 return Session().query(cls)
254 return Session().query(cls)
255
255
256 @classmethod
256 @classmethod
257 def select(cls, custom_cls=None):
257 def select(cls, custom_cls=None):
258 """
258 """
259 stmt = cls.select().where(cls.user_id==1)
259 stmt = cls.select().where(cls.user_id==1)
260 # optionally
260 # optionally
261 stmt = cls.select(User.user_id).where(cls.user_id==1)
261 stmt = cls.select(User.user_id).where(cls.user_id==1)
262 result = cls.execute(stmt) | cls.scalars(stmt)
262 result = cls.execute(stmt) | cls.scalars(stmt)
263 """
263 """
264
264
265 if custom_cls:
265 if custom_cls:
266 stmt = select(custom_cls)
266 stmt = select(custom_cls)
267 else:
267 else:
268 stmt = select(cls)
268 stmt = select(cls)
269 return stmt
269 return stmt
270
270
271 @classmethod
271 @classmethod
272 def execute(cls, stmt):
272 def execute(cls, stmt):
273 return Session().execute(stmt)
273 return Session().execute(stmt)
274
274
275 @classmethod
275 @classmethod
276 def scalars(cls, stmt):
276 def scalars(cls, stmt):
277 return Session().scalars(stmt)
277 return Session().scalars(stmt)
278
278
279 @classmethod
279 @classmethod
280 def get(cls, id_):
280 def get(cls, id_):
281 if id_:
281 if id_:
282 return cls.query().get(id_)
282 return cls.query().get(id_)
283
283
284 @classmethod
284 @classmethod
285 def get_or_404(cls, id_):
285 def get_or_404(cls, id_):
286 from pyramid.httpexceptions import HTTPNotFound
286 from pyramid.httpexceptions import HTTPNotFound
287
287
288 try:
288 try:
289 id_ = int(id_)
289 id_ = int(id_)
290 except (TypeError, ValueError):
290 except (TypeError, ValueError):
291 raise HTTPNotFound()
291 raise HTTPNotFound()
292
292
293 res = cls.query().get(id_)
293 res = cls.query().get(id_)
294 if not res:
294 if not res:
295 raise HTTPNotFound()
295 raise HTTPNotFound()
296 return res
296 return res
297
297
298 @classmethod
298 @classmethod
299 def getAll(cls):
299 def getAll(cls):
300 # deprecated and left for backward compatibility
300 # deprecated and left for backward compatibility
301 return cls.get_all()
301 return cls.get_all()
302
302
303 @classmethod
303 @classmethod
304 def get_all(cls):
304 def get_all(cls):
305 return cls.query().all()
305 return cls.query().all()
306
306
307 @classmethod
307 @classmethod
308 def delete(cls, id_):
308 def delete(cls, id_):
309 obj = cls.query().get(id_)
309 obj = cls.query().get(id_)
310 Session().delete(obj)
310 Session().delete(obj)
311
311
312 @classmethod
312 @classmethod
313 def identity_cache(cls, session, attr_name, value):
313 def identity_cache(cls, session, attr_name, value):
314 exist_in_session = []
314 exist_in_session = []
315 for (item_cls, pkey), instance in session.identity_map.items():
315 for (item_cls, pkey), instance in session.identity_map.items():
316 if cls == item_cls and getattr(instance, attr_name) == value:
316 if cls == item_cls and getattr(instance, attr_name) == value:
317 exist_in_session.append(instance)
317 exist_in_session.append(instance)
318 if exist_in_session:
318 if exist_in_session:
319 if len(exist_in_session) == 1:
319 if len(exist_in_session) == 1:
320 return exist_in_session[0]
320 return exist_in_session[0]
321 log.exception(
321 log.exception(
322 'multiple objects with attr %s and '
322 'multiple objects with attr %s and '
323 'value %s found with same name: %r',
323 'value %s found with same name: %r',
324 attr_name, value, exist_in_session)
324 attr_name, value, exist_in_session)
325
325
326 @property
326 @property
327 def cls_name(self):
327 def cls_name(self):
328 return self.__class__.__name__
328 return self.__class__.__name__
329
329
330 def __repr__(self):
330 def __repr__(self):
331 return f'<DB:{self.cls_name}>'
331 return f'<DB:{self.cls_name}>'
332
332
333
333
334 class RhodeCodeSetting(Base, BaseModel):
334 class RhodeCodeSetting(Base, BaseModel):
335 __tablename__ = 'rhodecode_settings'
335 __tablename__ = 'rhodecode_settings'
336 __table_args__ = (
336 __table_args__ = (
337 UniqueConstraint('app_settings_name'),
337 UniqueConstraint('app_settings_name'),
338 base_table_args
338 base_table_args
339 )
339 )
340
340
341 SETTINGS_TYPES = {
341 SETTINGS_TYPES = {
342 'str': safe_str,
342 'str': safe_str,
343 'int': safe_int,
343 'int': safe_int,
344 'unicode': safe_str,
344 'unicode': safe_str,
345 'bool': str2bool,
345 'bool': str2bool,
346 'list': functools.partial(aslist, sep=',')
346 'list': functools.partial(aslist, sep=',')
347 }
347 }
348 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
348 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
349 GLOBAL_CONF_KEY = 'app_settings'
349 GLOBAL_CONF_KEY = 'app_settings'
350
350
351 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
351 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
352 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
352 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
353 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
353 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
354 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
354 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
355
355
356 def __init__(self, key='', val='', type='unicode'):
356 def __init__(self, key='', val='', type='unicode'):
357 self.app_settings_name = key
357 self.app_settings_name = key
358 self.app_settings_type = type
358 self.app_settings_type = type
359 self.app_settings_value = val
359 self.app_settings_value = val
360
360
361 @validates('_app_settings_value')
361 @validates('_app_settings_value')
362 def validate_settings_value(self, key, val):
362 def validate_settings_value(self, key, val):
363 assert type(val) == str
363 assert type(val) == str
364 return val
364 return val
365
365
366 @hybrid_property
366 @hybrid_property
367 def app_settings_value(self):
367 def app_settings_value(self):
368 v = self._app_settings_value
368 v = self._app_settings_value
369 _type = self.app_settings_type
369 _type = self.app_settings_type
370 if _type:
370 if _type:
371 _type = self.app_settings_type.split('.')[0]
371 _type = self.app_settings_type.split('.')[0]
372 # decode the encrypted value
372 # decode the encrypted value
373 if 'encrypted' in self.app_settings_type:
373 if 'encrypted' in self.app_settings_type:
374 cipher = EncryptedTextValue()
374 cipher = EncryptedTextValue()
375 v = safe_str(cipher.process_result_value(v, None))
375 v = safe_str(cipher.process_result_value(v, None))
376
376
377 converter = self.SETTINGS_TYPES.get(_type) or \
377 converter = self.SETTINGS_TYPES.get(_type) or \
378 self.SETTINGS_TYPES['unicode']
378 self.SETTINGS_TYPES['unicode']
379 return converter(v)
379 return converter(v)
380
380
381 @app_settings_value.setter
381 @app_settings_value.setter
382 def app_settings_value(self, val):
382 def app_settings_value(self, val):
383 """
383 """
384 Setter that will always make sure we use unicode in app_settings_value
384 Setter that will always make sure we use unicode in app_settings_value
385
385
386 :param val:
386 :param val:
387 """
387 """
388 val = safe_str(val)
388 val = safe_str(val)
389 # encode the encrypted value
389 # encode the encrypted value
390 if 'encrypted' in self.app_settings_type:
390 if 'encrypted' in self.app_settings_type:
391 cipher = EncryptedTextValue()
391 cipher = EncryptedTextValue()
392 val = safe_str(cipher.process_bind_param(val, None))
392 val = safe_str(cipher.process_bind_param(val, None))
393 self._app_settings_value = val
393 self._app_settings_value = val
394
394
395 @hybrid_property
395 @hybrid_property
396 def app_settings_type(self):
396 def app_settings_type(self):
397 return self._app_settings_type
397 return self._app_settings_type
398
398
399 @app_settings_type.setter
399 @app_settings_type.setter
400 def app_settings_type(self, val):
400 def app_settings_type(self, val):
401 if val.split('.')[0] not in self.SETTINGS_TYPES:
401 if val.split('.')[0] not in self.SETTINGS_TYPES:
402 raise Exception('type must be one of %s got %s'
402 raise Exception('type must be one of %s got %s'
403 % (self.SETTINGS_TYPES.keys(), val))
403 % (self.SETTINGS_TYPES.keys(), val))
404 self._app_settings_type = val
404 self._app_settings_type = val
405
405
406 @classmethod
406 @classmethod
407 def get_by_prefix(cls, prefix):
407 def get_by_prefix(cls, prefix):
408 return RhodeCodeSetting.query()\
408 return RhodeCodeSetting.query()\
409 .filter(RhodeCodeSetting.app_settings_name.startswith(prefix))\
409 .filter(RhodeCodeSetting.app_settings_name.startswith(prefix))\
410 .all()
410 .all()
411
411
412 def __repr__(self):
412 def __repr__(self):
413 return "<%s('%s:%s[%s]')>" % (
413 return "<%s('%s:%s[%s]')>" % (
414 self.cls_name,
414 self.cls_name,
415 self.app_settings_name, self.app_settings_value,
415 self.app_settings_name, self.app_settings_value,
416 self.app_settings_type
416 self.app_settings_type
417 )
417 )
418
418
419
419
420 class RhodeCodeUi(Base, BaseModel):
420 class RhodeCodeUi(Base, BaseModel):
421 __tablename__ = 'rhodecode_ui'
421 __tablename__ = 'rhodecode_ui'
422 __table_args__ = (
422 __table_args__ = (
423 UniqueConstraint('ui_key'),
423 UniqueConstraint('ui_key'),
424 base_table_args
424 base_table_args
425 )
425 )
426 # Sync those values with vcsserver.config.hooks
426 # Sync those values with vcsserver.config.hooks
427
427
428 HOOK_REPO_SIZE = 'changegroup.repo_size'
428 HOOK_REPO_SIZE = 'changegroup.repo_size'
429 # HG
429 # HG
430 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
430 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
431 HOOK_PULL = 'outgoing.pull_logger'
431 HOOK_PULL = 'outgoing.pull_logger'
432 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
432 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
433 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
433 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
434 HOOK_PUSH = 'changegroup.push_logger'
434 HOOK_PUSH = 'changegroup.push_logger'
435 HOOK_PUSH_KEY = 'pushkey.key_push'
435 HOOK_PUSH_KEY = 'pushkey.key_push'
436
436
437 HOOKS_BUILTIN = [
437 HOOKS_BUILTIN = [
438 HOOK_PRE_PULL,
438 HOOK_PRE_PULL,
439 HOOK_PULL,
439 HOOK_PULL,
440 HOOK_PRE_PUSH,
440 HOOK_PRE_PUSH,
441 HOOK_PRETX_PUSH,
441 HOOK_PRETX_PUSH,
442 HOOK_PUSH,
442 HOOK_PUSH,
443 HOOK_PUSH_KEY,
443 HOOK_PUSH_KEY,
444 ]
444 ]
445
445
446 # TODO: johbo: Unify way how hooks are configured for git and hg,
446 # TODO: johbo: Unify way how hooks are configured for git and hg,
447 # git part is currently hardcoded.
447 # git part is currently hardcoded.
448
448
449 # SVN PATTERNS
449 # SVN PATTERNS
450 SVN_BRANCH_ID = 'vcs_svn_branch'
450 SVN_BRANCH_ID = 'vcs_svn_branch'
451 SVN_TAG_ID = 'vcs_svn_tag'
451 SVN_TAG_ID = 'vcs_svn_tag'
452
452
453 ui_id = Column(
453 ui_id = Column(
454 "ui_id", Integer(), nullable=False, unique=True, default=None,
454 "ui_id", Integer(), nullable=False, unique=True, default=None,
455 primary_key=True)
455 primary_key=True)
456 ui_section = Column(
456 ui_section = Column(
457 "ui_section", String(255), nullable=True, unique=None, default=None)
457 "ui_section", String(255), nullable=True, unique=None, default=None)
458 ui_key = Column(
458 ui_key = Column(
459 "ui_key", String(255), nullable=True, unique=None, default=None)
459 "ui_key", String(255), nullable=True, unique=None, default=None)
460 ui_value = Column(
460 ui_value = Column(
461 "ui_value", String(255), nullable=True, unique=None, default=None)
461 "ui_value", String(255), nullable=True, unique=None, default=None)
462 ui_active = Column(
462 ui_active = Column(
463 "ui_active", Boolean(), nullable=True, unique=None, default=True)
463 "ui_active", Boolean(), nullable=True, unique=None, default=True)
464
464
465 def __repr__(self):
465 def __repr__(self):
466 return '<%s[%s]%s=>%s]>' % (self.cls_name, self.ui_section,
466 return '<%s[%s]%s=>%s]>' % (self.cls_name, self.ui_section,
467 self.ui_key, self.ui_value)
467 self.ui_key, self.ui_value)
468
468
469
469
470 class RepoRhodeCodeSetting(Base, BaseModel):
470 class RepoRhodeCodeSetting(Base, BaseModel):
471 __tablename__ = 'repo_rhodecode_settings'
471 __tablename__ = 'repo_rhodecode_settings'
472 __table_args__ = (
472 __table_args__ = (
473 UniqueConstraint(
473 UniqueConstraint(
474 'app_settings_name', 'repository_id',
474 'app_settings_name', 'repository_id',
475 name='uq_repo_rhodecode_setting_name_repo_id'),
475 name='uq_repo_rhodecode_setting_name_repo_id'),
476 base_table_args
476 base_table_args
477 )
477 )
478
478
479 repository_id = Column(
479 repository_id = Column(
480 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
480 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
481 nullable=False)
481 nullable=False)
482 app_settings_id = Column(
482 app_settings_id = Column(
483 "app_settings_id", Integer(), nullable=False, unique=True,
483 "app_settings_id", Integer(), nullable=False, unique=True,
484 default=None, primary_key=True)
484 default=None, primary_key=True)
485 app_settings_name = Column(
485 app_settings_name = Column(
486 "app_settings_name", String(255), nullable=True, unique=None,
486 "app_settings_name", String(255), nullable=True, unique=None,
487 default=None)
487 default=None)
488 _app_settings_value = Column(
488 _app_settings_value = Column(
489 "app_settings_value", String(4096), nullable=True, unique=None,
489 "app_settings_value", String(4096), nullable=True, unique=None,
490 default=None)
490 default=None)
491 _app_settings_type = Column(
491 _app_settings_type = Column(
492 "app_settings_type", String(255), nullable=True, unique=None,
492 "app_settings_type", String(255), nullable=True, unique=None,
493 default=None)
493 default=None)
494
494
495 repository = relationship('Repository', viewonly=True)
495 repository = relationship('Repository', viewonly=True)
496
496
497 def __init__(self, repository_id, key='', val='', type='unicode'):
497 def __init__(self, repository_id, key='', val='', type='unicode'):
498 self.repository_id = repository_id
498 self.repository_id = repository_id
499 self.app_settings_name = key
499 self.app_settings_name = key
500 self.app_settings_type = type
500 self.app_settings_type = type
501 self.app_settings_value = val
501 self.app_settings_value = val
502
502
503 @validates('_app_settings_value')
503 @validates('_app_settings_value')
504 def validate_settings_value(self, key, val):
504 def validate_settings_value(self, key, val):
505 assert type(val) == str
505 assert type(val) == str
506 return val
506 return val
507
507
508 @hybrid_property
508 @hybrid_property
509 def app_settings_value(self):
509 def app_settings_value(self):
510 v = self._app_settings_value
510 v = self._app_settings_value
511 type_ = self.app_settings_type
511 type_ = self.app_settings_type
512 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
512 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
513 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
513 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
514 return converter(v)
514 return converter(v)
515
515
516 @app_settings_value.setter
516 @app_settings_value.setter
517 def app_settings_value(self, val):
517 def app_settings_value(self, val):
518 """
518 """
519 Setter that will always make sure we use unicode in app_settings_value
519 Setter that will always make sure we use unicode in app_settings_value
520
520
521 :param val:
521 :param val:
522 """
522 """
523 self._app_settings_value = safe_str(val)
523 self._app_settings_value = safe_str(val)
524
524
525 @hybrid_property
525 @hybrid_property
526 def app_settings_type(self):
526 def app_settings_type(self):
527 return self._app_settings_type
527 return self._app_settings_type
528
528
529 @app_settings_type.setter
529 @app_settings_type.setter
530 def app_settings_type(self, val):
530 def app_settings_type(self, val):
531 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
531 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
532 if val not in SETTINGS_TYPES:
532 if val not in SETTINGS_TYPES:
533 raise Exception('type must be one of %s got %s'
533 raise Exception('type must be one of %s got %s'
534 % (SETTINGS_TYPES.keys(), val))
534 % (SETTINGS_TYPES.keys(), val))
535 self._app_settings_type = val
535 self._app_settings_type = val
536
536
537 def __repr__(self):
537 def __repr__(self):
538 return "<%s('%s:%s:%s[%s]')>" % (
538 return "<%s('%s:%s:%s[%s]')>" % (
539 self.cls_name, self.repository.repo_name,
539 self.cls_name, self.repository.repo_name,
540 self.app_settings_name, self.app_settings_value,
540 self.app_settings_name, self.app_settings_value,
541 self.app_settings_type
541 self.app_settings_type
542 )
542 )
543
543
544
544
545 class RepoRhodeCodeUi(Base, BaseModel):
545 class RepoRhodeCodeUi(Base, BaseModel):
546 __tablename__ = 'repo_rhodecode_ui'
546 __tablename__ = 'repo_rhodecode_ui'
547 __table_args__ = (
547 __table_args__ = (
548 UniqueConstraint(
548 UniqueConstraint(
549 'repository_id', 'ui_section', 'ui_key',
549 'repository_id', 'ui_section', 'ui_key',
550 name='uq_repo_rhodecode_ui_repository_id_section_key'),
550 name='uq_repo_rhodecode_ui_repository_id_section_key'),
551 base_table_args
551 base_table_args
552 )
552 )
553
553
554 repository_id = Column(
554 repository_id = Column(
555 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
555 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
556 nullable=False)
556 nullable=False)
557 ui_id = Column(
557 ui_id = Column(
558 "ui_id", Integer(), nullable=False, unique=True, default=None,
558 "ui_id", Integer(), nullable=False, unique=True, default=None,
559 primary_key=True)
559 primary_key=True)
560 ui_section = Column(
560 ui_section = Column(
561 "ui_section", String(255), nullable=True, unique=None, default=None)
561 "ui_section", String(255), nullable=True, unique=None, default=None)
562 ui_key = Column(
562 ui_key = Column(
563 "ui_key", String(255), nullable=True, unique=None, default=None)
563 "ui_key", String(255), nullable=True, unique=None, default=None)
564 ui_value = Column(
564 ui_value = Column(
565 "ui_value", String(255), nullable=True, unique=None, default=None)
565 "ui_value", String(255), nullable=True, unique=None, default=None)
566 ui_active = Column(
566 ui_active = Column(
567 "ui_active", Boolean(), nullable=True, unique=None, default=True)
567 "ui_active", Boolean(), nullable=True, unique=None, default=True)
568
568
569 repository = relationship('Repository', viewonly=True)
569 repository = relationship('Repository', viewonly=True)
570
570
571 def __repr__(self):
571 def __repr__(self):
572 return '<%s[%s:%s]%s=>%s]>' % (
572 return '<%s[%s:%s]%s=>%s]>' % (
573 self.cls_name, self.repository.repo_name,
573 self.cls_name, self.repository.repo_name,
574 self.ui_section, self.ui_key, self.ui_value)
574 self.ui_section, self.ui_key, self.ui_value)
575
575
576
576
577 class User(Base, BaseModel):
577 class User(Base, BaseModel):
578 __tablename__ = 'users'
578 __tablename__ = 'users'
579 __table_args__ = (
579 __table_args__ = (
580 UniqueConstraint('username'), UniqueConstraint('email'),
580 UniqueConstraint('username'), UniqueConstraint('email'),
581 Index('u_username_idx', 'username'),
581 Index('u_username_idx', 'username'),
582 Index('u_email_idx', 'email'),
582 Index('u_email_idx', 'email'),
583 base_table_args
583 base_table_args
584 )
584 )
585
585
586 DEFAULT_USER = 'default'
586 DEFAULT_USER = 'default'
587 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
587 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
588 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
588 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
589 RECOVERY_CODES_COUNT = 10
589 RECOVERY_CODES_COUNT = 10
590
590
591 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
591 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
592 username = Column("username", String(255), nullable=True, unique=None, default=None)
592 username = Column("username", String(255), nullable=True, unique=None, default=None)
593 password = Column("password", String(255), nullable=True, unique=None, default=None)
593 password = Column("password", String(255), nullable=True, unique=None, default=None)
594 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
594 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
595 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
595 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
596 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
596 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
597 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
597 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
598 _email = Column("email", String(255), nullable=True, unique=None, default=None)
598 _email = Column("email", String(255), nullable=True, unique=None, default=None)
599 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
599 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
600 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
600 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
601 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
601 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
602
602
603 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
603 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
604 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
604 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
605 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
605 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
606 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
606 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
607 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
607 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
608 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
608 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
609
609
610 user_log = relationship('UserLog', back_populates='user')
610 user_log = relationship('UserLog', back_populates='user')
611 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all, delete-orphan')
611 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all, delete-orphan')
612
612
613 repositories = relationship('Repository', back_populates='user')
613 repositories = relationship('Repository', back_populates='user')
614 repository_groups = relationship('RepoGroup', back_populates='user')
614 repository_groups = relationship('RepoGroup', back_populates='user')
615 user_groups = relationship('UserGroup', back_populates='user')
615 user_groups = relationship('UserGroup', back_populates='user')
616
616
617 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all', back_populates='follows_user')
617 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all', back_populates='follows_user')
618 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all', back_populates='user')
618 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all', back_populates='user')
619
619
620 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all, delete-orphan')
620 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all, delete-orphan')
621 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan', back_populates='user')
621 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan', back_populates='user')
622 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan', back_populates='user')
622 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan', back_populates='user')
623
623
624 group_member = relationship('UserGroupMember', cascade='all', back_populates='user')
624 group_member = relationship('UserGroupMember', cascade='all', back_populates='user')
625
625
626 notifications = relationship('UserNotification', cascade='all', back_populates='user')
626 notifications = relationship('UserNotification', cascade='all', back_populates='user')
627 # notifications assigned to this user
627 # notifications assigned to this user
628 user_created_notifications = relationship('Notification', cascade='all', back_populates='created_by_user')
628 user_created_notifications = relationship('Notification', cascade='all', back_populates='created_by_user')
629 # comments created by this user
629 # comments created by this user
630 user_comments = relationship('ChangesetComment', cascade='all', back_populates='author')
630 user_comments = relationship('ChangesetComment', cascade='all', back_populates='author')
631 # user profile extra info
631 # user profile extra info
632 user_emails = relationship('UserEmailMap', cascade='all', back_populates='user')
632 user_emails = relationship('UserEmailMap', cascade='all', back_populates='user')
633 user_ip_map = relationship('UserIpMap', cascade='all', back_populates='user')
633 user_ip_map = relationship('UserIpMap', cascade='all', back_populates='user')
634 user_auth_tokens = relationship('UserApiKeys', cascade='all', back_populates='user')
634 user_auth_tokens = relationship('UserApiKeys', cascade='all', back_populates='user')
635 user_ssh_keys = relationship('UserSshKeys', cascade='all', back_populates='user')
635 user_ssh_keys = relationship('UserSshKeys', cascade='all', back_populates='user')
636
636
637 # gists
637 # gists
638 user_gists = relationship('Gist', cascade='all', back_populates='owner')
638 user_gists = relationship('Gist', cascade='all', back_populates='owner')
639 # user pull requests
639 # user pull requests
640 user_pull_requests = relationship('PullRequest', cascade='all', back_populates='author')
640 user_pull_requests = relationship('PullRequest', cascade='all', back_populates='author')
641
641
642 # external identities
642 # external identities
643 external_identities = relationship('ExternalIdentity', primaryjoin="User.user_id==ExternalIdentity.local_user_id", cascade='all')
643 external_identities = relationship('ExternalIdentity', primaryjoin="User.user_id==ExternalIdentity.local_user_id", cascade='all')
644 # review rules
644 # review rules
645 user_review_rules = relationship('RepoReviewRuleUser', cascade='all', back_populates='user')
645 user_review_rules = relationship('RepoReviewRuleUser', cascade='all', back_populates='user')
646
646
647 # artifacts owned
647 # artifacts owned
648 artifacts = relationship('FileStore', primaryjoin='FileStore.user_id==User.user_id', back_populates='upload_user')
648 artifacts = relationship('FileStore', primaryjoin='FileStore.user_id==User.user_id', back_populates='upload_user')
649
649
650 # no cascade, set NULL
650 # no cascade, set NULL
651 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_user_id==User.user_id', cascade='', back_populates='user')
651 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_user_id==User.user_id', cascade='', back_populates='user')
652
652
653 def __repr__(self):
653 def __repr__(self):
654 return f"<{self.cls_name}('id={self.user_id}, username={self.username}')>"
654 return f"<{self.cls_name}('id={self.user_id}, username={self.username}')>"
655
655
656 @hybrid_property
656 @hybrid_property
657 def email(self):
657 def email(self):
658 return self._email
658 return self._email
659
659
660 @email.setter
660 @email.setter
661 def email(self, val):
661 def email(self, val):
662 self._email = val.lower() if val else None
662 self._email = val.lower() if val else None
663
663
664 @hybrid_property
664 @hybrid_property
665 def first_name(self):
665 def first_name(self):
666 from rhodecode.lib import helpers as h
666 from rhodecode.lib import helpers as h
667 if self.name:
667 if self.name:
668 return h.escape(self.name)
668 return h.escape(self.name)
669 return self.name
669 return self.name
670
670
671 @hybrid_property
671 @hybrid_property
672 def last_name(self):
672 def last_name(self):
673 from rhodecode.lib import helpers as h
673 from rhodecode.lib import helpers as h
674 if self.lastname:
674 if self.lastname:
675 return h.escape(self.lastname)
675 return h.escape(self.lastname)
676 return self.lastname
676 return self.lastname
677
677
678 @hybrid_property
678 @hybrid_property
679 def api_key(self):
679 def api_key(self):
680 """
680 """
681 Fetch if exist an auth-token with role ALL connected to this user
681 Fetch if exist an auth-token with role ALL connected to this user
682 """
682 """
683 user_auth_token = UserApiKeys.query()\
683 user_auth_token = UserApiKeys.query()\
684 .filter(UserApiKeys.user_id == self.user_id)\
684 .filter(UserApiKeys.user_id == self.user_id)\
685 .filter(or_(UserApiKeys.expires == -1,
685 .filter(or_(UserApiKeys.expires == -1,
686 UserApiKeys.expires >= time.time()))\
686 UserApiKeys.expires >= time.time()))\
687 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
687 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
688 if user_auth_token:
688 if user_auth_token:
689 user_auth_token = user_auth_token.api_key
689 user_auth_token = user_auth_token.api_key
690
690
691 return user_auth_token
691 return user_auth_token
692
692
693 @api_key.setter
693 @api_key.setter
694 def api_key(self, val):
694 def api_key(self, val):
695 # don't allow to set API key this is deprecated for now
695 # don't allow to set API key this is deprecated for now
696 self._api_key = None
696 self._api_key = None
697
697
698 @property
698 @property
699 def reviewer_pull_requests(self):
699 def reviewer_pull_requests(self):
700 return PullRequestReviewers.query() \
700 return PullRequestReviewers.query() \
701 .options(joinedload(PullRequestReviewers.pull_request)) \
701 .options(joinedload(PullRequestReviewers.pull_request)) \
702 .filter(PullRequestReviewers.user_id == self.user_id) \
702 .filter(PullRequestReviewers.user_id == self.user_id) \
703 .all()
703 .all()
704
704
705 @property
705 @property
706 def firstname(self):
706 def firstname(self):
707 # alias for future
707 # alias for future
708 return self.name
708 return self.name
709
709
710 @property
710 @property
711 def emails(self):
711 def emails(self):
712 other = UserEmailMap.query()\
712 other = UserEmailMap.query()\
713 .filter(UserEmailMap.user == self) \
713 .filter(UserEmailMap.user == self) \
714 .order_by(UserEmailMap.email_id.asc()) \
714 .order_by(UserEmailMap.email_id.asc()) \
715 .all()
715 .all()
716 return [self.email] + [x.email for x in other]
716 return [self.email] + [x.email for x in other]
717
717
718 def emails_cached(self):
718 def emails_cached(self):
719 emails = []
719 emails = []
720 if self.user_id != self.get_default_user_id():
720 if self.user_id != self.get_default_user_id():
721 emails = UserEmailMap.query()\
721 emails = UserEmailMap.query()\
722 .filter(UserEmailMap.user == self) \
722 .filter(UserEmailMap.user == self) \
723 .order_by(UserEmailMap.email_id.asc())
723 .order_by(UserEmailMap.email_id.asc())
724
724
725 emails = emails.options(
725 emails = emails.options(
726 FromCache("sql_cache_short", f"get_user_{self.user_id}_emails")
726 FromCache("sql_cache_short", f"get_user_{self.user_id}_emails")
727 )
727 )
728
728
729 return [self.email] + [x.email for x in emails]
729 return [self.email] + [x.email for x in emails]
730
730
731 @property
731 @property
732 def auth_tokens(self):
732 def auth_tokens(self):
733 auth_tokens = self.get_auth_tokens()
733 auth_tokens = self.get_auth_tokens()
734 return [x.api_key for x in auth_tokens]
734 return [x.api_key for x in auth_tokens]
735
735
736 def get_auth_tokens(self):
736 def get_auth_tokens(self):
737 return UserApiKeys.query()\
737 return UserApiKeys.query()\
738 .filter(UserApiKeys.user == self)\
738 .filter(UserApiKeys.user == self)\
739 .order_by(UserApiKeys.user_api_key_id.asc())\
739 .order_by(UserApiKeys.user_api_key_id.asc())\
740 .all()
740 .all()
741
741
742 @LazyProperty
742 @LazyProperty
743 def feed_token(self):
743 def feed_token(self):
744 return self.get_feed_token()
744 return self.get_feed_token()
745
745
746 def get_feed_token(self, cache=True):
746 def get_feed_token(self, cache=True):
747 feed_tokens = UserApiKeys.query()\
747 feed_tokens = UserApiKeys.query()\
748 .filter(UserApiKeys.user == self)\
748 .filter(UserApiKeys.user == self)\
749 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
749 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
750 if cache:
750 if cache:
751 feed_tokens = feed_tokens.options(
751 feed_tokens = feed_tokens.options(
752 FromCache("sql_cache_short", f"get_user_feed_token_{self.user_id}"))
752 FromCache("sql_cache_short", f"get_user_feed_token_{self.user_id}"))
753
753
754 feed_tokens = feed_tokens.all()
754 feed_tokens = feed_tokens.all()
755 if feed_tokens:
755 if feed_tokens:
756 return feed_tokens[0].api_key
756 return feed_tokens[0].api_key
757 return 'NO_FEED_TOKEN_AVAILABLE'
757 return 'NO_FEED_TOKEN_AVAILABLE'
758
758
759 @LazyProperty
759 @LazyProperty
760 def artifact_token(self):
760 def artifact_token(self):
761 return self.get_artifact_token()
761 return self.get_artifact_token()
762
762
763 def get_artifact_token(self, cache=True):
763 def get_artifact_token(self, cache=True):
764 artifacts_tokens = UserApiKeys.query()\
764 artifacts_tokens = UserApiKeys.query()\
765 .filter(UserApiKeys.user == self) \
765 .filter(UserApiKeys.user == self) \
766 .filter(or_(UserApiKeys.expires == -1,
766 .filter(or_(UserApiKeys.expires == -1,
767 UserApiKeys.expires >= time.time())) \
767 UserApiKeys.expires >= time.time())) \
768 .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
768 .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
769
769
770 if cache:
770 if cache:
771 artifacts_tokens = artifacts_tokens.options(
771 artifacts_tokens = artifacts_tokens.options(
772 FromCache("sql_cache_short", f"get_user_artifact_token_{self.user_id}"))
772 FromCache("sql_cache_short", f"get_user_artifact_token_{self.user_id}"))
773
773
774 artifacts_tokens = artifacts_tokens.all()
774 artifacts_tokens = artifacts_tokens.all()
775 if artifacts_tokens:
775 if artifacts_tokens:
776 return artifacts_tokens[0].api_key
776 return artifacts_tokens[0].api_key
777 return 'NO_ARTIFACT_TOKEN_AVAILABLE'
777 return 'NO_ARTIFACT_TOKEN_AVAILABLE'
778
778
779 def get_or_create_artifact_token(self):
779 def get_or_create_artifact_token(self):
780 artifacts_tokens = UserApiKeys.query()\
780 artifacts_tokens = UserApiKeys.query()\
781 .filter(UserApiKeys.user == self) \
781 .filter(UserApiKeys.user == self) \
782 .filter(or_(UserApiKeys.expires == -1,
782 .filter(or_(UserApiKeys.expires == -1,
783 UserApiKeys.expires >= time.time())) \
783 UserApiKeys.expires >= time.time())) \
784 .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
784 .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
785
785
786 artifacts_tokens = artifacts_tokens.all()
786 artifacts_tokens = artifacts_tokens.all()
787 if artifacts_tokens:
787 if artifacts_tokens:
788 return artifacts_tokens[0].api_key
788 return artifacts_tokens[0].api_key
789 else:
789 else:
790 from rhodecode.model.auth_token import AuthTokenModel
790 from rhodecode.model.auth_token import AuthTokenModel
791 artifact_token = AuthTokenModel().create(
791 artifact_token = AuthTokenModel().create(
792 self, 'auto-generated-artifact-token',
792 self, 'auto-generated-artifact-token',
793 lifetime=-1, role=UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
793 lifetime=-1, role=UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
794 Session.commit()
794 Session.commit()
795 return artifact_token.api_key
795 return artifact_token.api_key
796
796
797 def is_totp_valid(self, received_code, secret):
797 def is_totp_valid(self, received_code, secret):
798 totp = pyotp.TOTP(secret)
798 totp = pyotp.TOTP(secret)
799 return totp.verify(received_code)
799 return totp.verify(received_code)
800
800
801 def is_2fa_recovery_code_valid(self, received_code, secret):
801 def is_2fa_recovery_code_valid(self, received_code, secret):
802 encrypted_recovery_codes = self.user_data.get('recovery_codes_2fa', [])
802 encrypted_recovery_codes = self.user_data.get('recovery_codes_2fa', [])
803 recovery_codes = self.get_2fa_recovery_codes()
803 recovery_codes = self.get_2fa_recovery_codes()
804 if received_code in recovery_codes:
804 if received_code in recovery_codes:
805 encrypted_recovery_codes.pop(recovery_codes.index(received_code))
805 encrypted_recovery_codes.pop(recovery_codes.index(received_code))
806 self.update_userdata(recovery_codes_2fa=encrypted_recovery_codes)
806 self.update_userdata(recovery_codes_2fa=encrypted_recovery_codes)
807 return True
807 return True
808 return False
808 return False
809
809
810 @hybrid_property
810 @hybrid_property
811 def has_forced_2fa(self):
811 def has_forced_2fa(self):
812 """
812 """
813 Checks if 2fa was forced for ALL users (including current one)
813 Checks if 2fa was forced for ALL users (including current one)
814 """
814 """
815 from rhodecode.model.settings import SettingsModel
815 from rhodecode.model.settings import SettingsModel
816 # So now we're supporting only auth_rhodecode_global_2f
816 # So now we're supporting only auth_rhodecode_global_2fa
817 if value := SettingsModel().get_setting_by_name('auth_rhodecode_global_2fa'):
817 if value := SettingsModel().get_setting_by_name('auth_rhodecode_global_2fa'):
818 return value.app_settings_value
818 return value.app_settings_value
819 return False
819 return False
820
820
821 @hybrid_property
821 @hybrid_property
822 def has_enabled_2fa(self):
822 def has_enabled_2fa(self):
823 """
823 """
824 Checks if user enabled 2fa
824 Checks if user enabled 2fa
825 """
825 """
826 if value := self.has_forced_2fa:
826 if value := self.has_forced_2fa:
827 return value
827 return value
828 return self.user_data.get('enabled_2fa', False)
828 return self.user_data.get('enabled_2fa', False)
829
829
830 @has_enabled_2fa.setter
830 @has_enabled_2fa.setter
831 def has_enabled_2fa(self, val):
831 def has_enabled_2fa(self, val):
832 val = str2bool(val)
832 val = str2bool(val)
833 self.update_userdata(enabled_2fa=val)
833 self.update_userdata(enabled_2fa=val)
834 if not val:
834 if not val:
835 # NOTE: setting to false we clear the user_data to not store any 2fa artifacts
835 # NOTE: setting to false we clear the user_data to not store any 2fa artifacts
836 self.update_userdata(secret_2fa=None, recovery_codes_2fa=[], check_2fa=False)
836 self.update_userdata(secret_2fa=None, recovery_codes_2fa=[], check_2fa=False)
837 Session().commit()
837 Session().commit()
838
838
839 @hybrid_property
839 @hybrid_property
840 def check_2fa_required(self):
840 def check_2fa_required(self):
841 """
841 """
842 Check if check 2fa flag is set for this user
842 Check if check 2fa flag is set for this user
843 """
843 """
844 value = self.user_data.get('check_2fa', False)
844 value = self.user_data.get('check_2fa', False)
845 return value
845 return value
846
846
847 @check_2fa_required.setter
847 @check_2fa_required.setter
848 def check_2fa_required(self, val):
848 def check_2fa_required(self, val):
849 val = str2bool(val)
849 val = str2bool(val)
850 self.update_userdata(check_2fa=val)
850 self.update_userdata(check_2fa=val)
851 Session().commit()
851 Session().commit()
852
852
853 @hybrid_property
853 @hybrid_property
854 def has_seen_2fa_codes(self):
854 def has_seen_2fa_codes(self):
855 """
855 """
856 get the flag about if user has seen 2fa recovery codes
856 get the flag about if user has seen 2fa recovery codes
857 """
857 """
858 value = self.user_data.get('recovery_codes_2fa_seen', False)
858 value = self.user_data.get('recovery_codes_2fa_seen', False)
859 return value
859 return value
860
860
861 @has_seen_2fa_codes.setter
861 @has_seen_2fa_codes.setter
862 def has_seen_2fa_codes(self, val):
862 def has_seen_2fa_codes(self, val):
863 val = str2bool(val)
863 val = str2bool(val)
864 self.update_userdata(recovery_codes_2fa_seen=val)
864 self.update_userdata(recovery_codes_2fa_seen=val)
865 Session().commit()
865 Session().commit()
866
866
867 @hybrid_property
867 @hybrid_property
868 def needs_2fa_configure(self):
868 def needs_2fa_configure(self):
869 """
869 """
870 Determines if setup2fa has completed for this user. Means he has all needed data for 2fa to work.
870 Determines if setup2fa has completed for this user. Means he has all needed data for 2fa to work.
871
871
872 Currently this is 2fa enabled and secret exists
872 Currently this is 2fa enabled and secret exists
873 """
873 """
874 if self.has_enabled_2fa:
874 if self.has_enabled_2fa:
875 return not self.user_data.get('secret_2fa')
875 return not self.user_data.get('secret_2fa')
876 return False
876 return False
877
877
878 def init_2fa_recovery_codes(self, persist=True, force=False):
878 def init_2fa_recovery_codes(self, persist=True, force=False):
879 """
879 """
880 Creates 2fa recovery codes
880 Creates 2fa recovery codes
881 """
881 """
882 recovery_codes = self.user_data.get('recovery_codes_2fa', [])
882 recovery_codes = self.user_data.get('recovery_codes_2fa', [])
883 encrypted_codes = []
883 encrypted_codes = []
884 if not recovery_codes or force:
884 if not recovery_codes or force:
885 for _ in range(self.RECOVERY_CODES_COUNT):
885 for _ in range(self.RECOVERY_CODES_COUNT):
886 recovery_code = pyotp.random_base32()
886 recovery_code = pyotp.random_base32()
887 recovery_codes.append(recovery_code)
887 recovery_codes.append(recovery_code)
888 encrypted_code = enc_utils.encrypt_value(safe_bytes(recovery_code), enc_key=ENCRYPTION_KEY)
888 encrypted_code = enc_utils.encrypt_value(safe_bytes(recovery_code), enc_key=ENCRYPTION_KEY)
889 encrypted_codes.append(safe_str(encrypted_code))
889 encrypted_codes.append(safe_str(encrypted_code))
890 if persist:
890 if persist:
891 self.update_userdata(recovery_codes_2fa=encrypted_codes, recovery_codes_2fa_seen=False)
891 self.update_userdata(recovery_codes_2fa=encrypted_codes, recovery_codes_2fa_seen=False)
892 return recovery_codes
892 return recovery_codes
893 # User should not check the same recovery codes more than once
893 # User should not check the same recovery codes more than once
894 return []
894 return []
895
895
896 def get_2fa_recovery_codes(self):
896 def get_2fa_recovery_codes(self):
897 encrypted_recovery_codes = self.user_data.get('recovery_codes_2fa', [])
897 encrypted_recovery_codes = self.user_data.get('recovery_codes_2fa', [])
898
898
899 recovery_codes = list(map(
899 recovery_codes = list(map(
900 lambda val: safe_str(
900 lambda val: safe_str(
901 enc_utils.decrypt_value(
901 enc_utils.decrypt_value(
902 val,
902 val,
903 enc_key=ENCRYPTION_KEY
903 enc_key=ENCRYPTION_KEY
904 )),
904 )),
905 encrypted_recovery_codes))
905 encrypted_recovery_codes))
906 return recovery_codes
906 return recovery_codes
907
907
908 def init_secret_2fa(self, persist=True, force=False):
908 def init_secret_2fa(self, persist=True, force=False):
909 secret_2fa = self.user_data.get('secret_2fa')
909 secret_2fa = self.user_data.get('secret_2fa')
910 if not secret_2fa or force:
910 if not secret_2fa or force:
911 secret = pyotp.random_base32()
911 secret = pyotp.random_base32()
912 if persist:
912 if persist:
913 self.update_userdata(secret_2fa=safe_str(enc_utils.encrypt_value(safe_bytes(secret), enc_key=ENCRYPTION_KEY)))
913 self.update_userdata(secret_2fa=safe_str(enc_utils.encrypt_value(safe_bytes(secret), enc_key=ENCRYPTION_KEY)))
914 return secret
914 return secret
915 return ''
915 return ''
916
916
917 @hybrid_property
917 @hybrid_property
918 def secret_2fa(self) -> str:
918 def secret_2fa(self) -> str:
919 """
919 """
920 get stored secret for 2fa
920 get stored secret for 2fa
921 """
921 """
922 secret_2fa = self.user_data.get('secret_2fa')
922 secret_2fa = self.user_data.get('secret_2fa')
923 if secret_2fa:
923 if secret_2fa:
924 return safe_str(
924 return safe_str(
925 enc_utils.decrypt_value(secret_2fa, enc_key=ENCRYPTION_KEY))
925 enc_utils.decrypt_value(secret_2fa, enc_key=ENCRYPTION_KEY))
926 return ''
926 return ''
927
927
928 @secret_2fa.setter
928 @secret_2fa.setter
929 def secret_2fa(self, value: str) -> None:
929 def secret_2fa(self, value: str) -> None:
930 encrypted_value = enc_utils.encrypt_value(safe_bytes(value), enc_key=ENCRYPTION_KEY)
930 encrypted_value = enc_utils.encrypt_value(safe_bytes(value), enc_key=ENCRYPTION_KEY)
931 self.update_userdata(secret_2fa=safe_str(encrypted_value))
931 self.update_userdata(secret_2fa=safe_str(encrypted_value))
932
932
933 def regenerate_2fa_recovery_codes(self):
933 def regenerate_2fa_recovery_codes(self):
934 """
934 """
935 Regenerates 2fa recovery codes upon request
935 Regenerates 2fa recovery codes upon request
936 """
936 """
937 new_recovery_codes = self.init_2fa_recovery_codes(force=True)
937 new_recovery_codes = self.init_2fa_recovery_codes(force=True)
938 Session().commit()
938 Session().commit()
939 return new_recovery_codes
939 return new_recovery_codes
940
940
941 @classmethod
941 @classmethod
942 def extra_valid_auth_tokens(cls, user, role=None):
942 def extra_valid_auth_tokens(cls, user, role=None):
943 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
943 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
944 .filter(or_(UserApiKeys.expires == -1,
944 .filter(or_(UserApiKeys.expires == -1,
945 UserApiKeys.expires >= time.time()))
945 UserApiKeys.expires >= time.time()))
946 if role:
946 if role:
947 tokens = tokens.filter(or_(UserApiKeys.role == role,
947 tokens = tokens.filter(or_(UserApiKeys.role == role,
948 UserApiKeys.role == UserApiKeys.ROLE_ALL))
948 UserApiKeys.role == UserApiKeys.ROLE_ALL))
949 return tokens.all()
949 return tokens.all()
950
950
951 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
951 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
952 from rhodecode.lib import auth
952 from rhodecode.lib import auth
953
953
954 log.debug('Trying to authenticate user: %s via auth-token, '
954 log.debug('Trying to authenticate user: %s via auth-token, '
955 'and roles: %s', self, roles)
955 'and roles: %s', self, roles)
956
956
957 if not auth_token:
957 if not auth_token:
958 return False
958 return False
959
959
960 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
960 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
961 tokens_q = UserApiKeys.query()\
961 tokens_q = UserApiKeys.query()\
962 .filter(UserApiKeys.user_id == self.user_id)\
962 .filter(UserApiKeys.user_id == self.user_id)\
963 .filter(or_(UserApiKeys.expires == -1,
963 .filter(or_(UserApiKeys.expires == -1,
964 UserApiKeys.expires >= time.time()))
964 UserApiKeys.expires >= time.time()))
965
965
966 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
966 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
967
967
968 crypto_backend = auth.crypto_backend()
968 crypto_backend = auth.crypto_backend()
969 enc_token_map = {}
969 enc_token_map = {}
970 plain_token_map = {}
970 plain_token_map = {}
971 for token in tokens_q:
971 for token in tokens_q:
972 if token.api_key.startswith(crypto_backend.ENC_PREF):
972 if token.api_key.startswith(crypto_backend.ENC_PREF):
973 enc_token_map[token.api_key] = token
973 enc_token_map[token.api_key] = token
974 else:
974 else:
975 plain_token_map[token.api_key] = token
975 plain_token_map[token.api_key] = token
976 log.debug(
976 log.debug(
977 'Found %s plain and %s encrypted tokens to check for authentication for this user',
977 'Found %s plain and %s encrypted tokens to check for authentication for this user',
978 len(plain_token_map), len(enc_token_map))
978 len(plain_token_map), len(enc_token_map))
979
979
980 # plain token match comes first
980 # plain token match comes first
981 match = plain_token_map.get(auth_token)
981 match = plain_token_map.get(auth_token)
982
982
983 # check encrypted tokens now
983 # check encrypted tokens now
984 if not match:
984 if not match:
985 for token_hash, token in enc_token_map.items():
985 for token_hash, token in enc_token_map.items():
986 # NOTE(marcink): this is expensive to calculate, but most secure
986 # NOTE(marcink): this is expensive to calculate, but most secure
987 if crypto_backend.hash_check(auth_token, token_hash):
987 if crypto_backend.hash_check(auth_token, token_hash):
988 match = token
988 match = token
989 break
989 break
990
990
991 if match:
991 if match:
992 log.debug('Found matching token %s', match)
992 log.debug('Found matching token %s', match)
993 if match.repo_id:
993 if match.repo_id:
994 log.debug('Found scope, checking for scope match of token %s', match)
994 log.debug('Found scope, checking for scope match of token %s', match)
995 if match.repo_id == scope_repo_id:
995 if match.repo_id == scope_repo_id:
996 return True
996 return True
997 else:
997 else:
998 log.debug(
998 log.debug(
999 'AUTH_TOKEN: scope mismatch, token has a set repo scope: %s, '
999 'AUTH_TOKEN: scope mismatch, token has a set repo scope: %s, '
1000 'and calling scope is:%s, skipping further checks',
1000 'and calling scope is:%s, skipping further checks',
1001 match.repo, scope_repo_id)
1001 match.repo, scope_repo_id)
1002 return False
1002 return False
1003 else:
1003 else:
1004 return True
1004 return True
1005
1005
1006 return False
1006 return False
1007
1007
1008 @property
1008 @property
1009 def ip_addresses(self):
1009 def ip_addresses(self):
1010 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
1010 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
1011 return [x.ip_addr for x in ret]
1011 return [x.ip_addr for x in ret]
1012
1012
1013 @property
1013 @property
1014 def username_and_name(self):
1014 def username_and_name(self):
1015 return f'{self.username} ({self.first_name} {self.last_name})'
1015 return f'{self.username} ({self.first_name} {self.last_name})'
1016
1016
1017 @property
1017 @property
1018 def username_or_name_or_email(self):
1018 def username_or_name_or_email(self):
1019 full_name = self.full_name if self.full_name != ' ' else None
1019 full_name = self.full_name if self.full_name != ' ' else None
1020 return self.username or full_name or self.email
1020 return self.username or full_name or self.email
1021
1021
1022 @property
1022 @property
1023 def full_name(self):
1023 def full_name(self):
1024 return f'{self.first_name} {self.last_name}'
1024 return f'{self.first_name} {self.last_name}'
1025
1025
1026 @property
1026 @property
1027 def full_name_or_username(self):
1027 def full_name_or_username(self):
1028 return (f'{self.first_name} {self.last_name}'
1028 return (f'{self.first_name} {self.last_name}'
1029 if (self.first_name and self.last_name) else self.username)
1029 if (self.first_name and self.last_name) else self.username)
1030
1030
1031 @property
1031 @property
1032 def full_contact(self):
1032 def full_contact(self):
1033 return f'{self.first_name} {self.last_name} <{self.email}>'
1033 return f'{self.first_name} {self.last_name} <{self.email}>'
1034
1034
1035 @property
1035 @property
1036 def short_contact(self):
1036 def short_contact(self):
1037 return f'{self.first_name} {self.last_name}'
1037 return f'{self.first_name} {self.last_name}'
1038
1038
1039 @property
1039 @property
1040 def is_admin(self):
1040 def is_admin(self):
1041 return self.admin
1041 return self.admin
1042
1042
1043 @property
1043 @property
1044 def language(self):
1044 def language(self):
1045 return self.user_data.get('language')
1045 return self.user_data.get('language')
1046
1046
1047 def AuthUser(self, **kwargs):
1047 def AuthUser(self, **kwargs):
1048 """
1048 """
1049 Returns instance of AuthUser for this user
1049 Returns instance of AuthUser for this user
1050 """
1050 """
1051 from rhodecode.lib.auth import AuthUser
1051 from rhodecode.lib.auth import AuthUser
1052 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
1052 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
1053
1053
1054 @hybrid_property
1054 @hybrid_property
1055 def user_data(self):
1055 def user_data(self):
1056 if not self._user_data:
1056 if not self._user_data:
1057 return {}
1057 return {}
1058
1058
1059 try:
1059 try:
1060 return json.loads(self._user_data) or {}
1060 return json.loads(self._user_data) or {}
1061 except TypeError:
1061 except TypeError:
1062 return {}
1062 return {}
1063
1063
1064 @user_data.setter
1064 @user_data.setter
1065 def user_data(self, val):
1065 def user_data(self, val):
1066 if not isinstance(val, dict):
1066 if not isinstance(val, dict):
1067 raise Exception(f'user_data must be dict, got {type(val)}')
1067 raise Exception(f'user_data must be dict, got {type(val)}')
1068 try:
1068 try:
1069 self._user_data = safe_bytes(json.dumps(val))
1069 self._user_data = safe_bytes(json.dumps(val))
1070 except Exception:
1070 except Exception:
1071 log.error(traceback.format_exc())
1071 log.error(traceback.format_exc())
1072
1072
1073 @classmethod
1073 @classmethod
1074 def get(cls, user_id, cache=False):
1074 def get(cls, user_id, cache=False):
1075 if not user_id:
1075 if not user_id:
1076 return
1076 return
1077
1077
1078 user = cls.query()
1078 user = cls.query()
1079 if cache:
1079 if cache:
1080 user = user.options(
1080 user = user.options(
1081 FromCache("sql_cache_short", f"get_users_{user_id}"))
1081 FromCache("sql_cache_short", f"get_users_{user_id}"))
1082 return user.get(user_id)
1082 return user.get(user_id)
1083
1083
1084 @classmethod
1084 @classmethod
1085 def get_by_username(cls, username, case_insensitive=False,
1085 def get_by_username(cls, username, case_insensitive=False,
1086 cache=False):
1086 cache=False):
1087
1087
1088 if case_insensitive:
1088 if case_insensitive:
1089 q = cls.select().where(
1089 q = cls.select().where(
1090 func.lower(cls.username) == func.lower(username))
1090 func.lower(cls.username) == func.lower(username))
1091 else:
1091 else:
1092 q = cls.select().where(cls.username == username)
1092 q = cls.select().where(cls.username == username)
1093
1093
1094 if cache:
1094 if cache:
1095 hash_key = _hash_key(username)
1095 hash_key = _hash_key(username)
1096 q = q.options(
1096 q = q.options(
1097 FromCache("sql_cache_short", f"get_user_by_name_{hash_key}"))
1097 FromCache("sql_cache_short", f"get_user_by_name_{hash_key}"))
1098
1098
1099 return cls.execute(q).scalar_one_or_none()
1099 return cls.execute(q).scalar_one_or_none()
1100
1100
1101 @classmethod
1101 @classmethod
1102 def get_by_username_or_primary_email(cls, user_identifier):
1102 def get_by_username_or_primary_email(cls, user_identifier):
1103 qs = union_all(cls.select().where(func.lower(cls.username) == func.lower(user_identifier)),
1103 qs = union_all(cls.select().where(func.lower(cls.username) == func.lower(user_identifier)),
1104 cls.select().where(func.lower(cls.email) == func.lower(user_identifier)))
1104 cls.select().where(func.lower(cls.email) == func.lower(user_identifier)))
1105 return cls.execute(cls.select(User).from_statement(qs)).scalar_one_or_none()
1105 return cls.execute(cls.select(User).from_statement(qs)).scalar_one_or_none()
1106
1106
1107 @classmethod
1107 @classmethod
1108 def get_by_auth_token(cls, auth_token, cache=False):
1108 def get_by_auth_token(cls, auth_token, cache=False):
1109
1109
1110 q = cls.select(User)\
1110 q = cls.select(User)\
1111 .join(UserApiKeys)\
1111 .join(UserApiKeys)\
1112 .where(UserApiKeys.api_key == auth_token)\
1112 .where(UserApiKeys.api_key == auth_token)\
1113 .where(or_(UserApiKeys.expires == -1,
1113 .where(or_(UserApiKeys.expires == -1,
1114 UserApiKeys.expires >= time.time()))
1114 UserApiKeys.expires >= time.time()))
1115
1115
1116 if cache:
1116 if cache:
1117 q = q.options(
1117 q = q.options(
1118 FromCache("sql_cache_short", f"get_auth_token_{auth_token}"))
1118 FromCache("sql_cache_short", f"get_auth_token_{auth_token}"))
1119
1119
1120 matched_user = cls.execute(q).scalar_one_or_none()
1120 matched_user = cls.execute(q).scalar_one_or_none()
1121
1121
1122 return matched_user
1122 return matched_user
1123
1123
1124 @classmethod
1124 @classmethod
1125 def get_by_email(cls, email, case_insensitive=False, cache=False):
1125 def get_by_email(cls, email, case_insensitive=False, cache=False):
1126
1126
1127 if case_insensitive:
1127 if case_insensitive:
1128 q = cls.select().where(func.lower(cls.email) == func.lower(email))
1128 q = cls.select().where(func.lower(cls.email) == func.lower(email))
1129 else:
1129 else:
1130 q = cls.select().where(cls.email == email)
1130 q = cls.select().where(cls.email == email)
1131
1131
1132 if cache:
1132 if cache:
1133 email_key = _hash_key(email)
1133 email_key = _hash_key(email)
1134 q = q.options(
1134 q = q.options(
1135 FromCache("sql_cache_short", f"get_email_key_{email_key}"))
1135 FromCache("sql_cache_short", f"get_email_key_{email_key}"))
1136
1136
1137 ret = cls.execute(q).scalar_one_or_none()
1137 ret = cls.execute(q).scalar_one_or_none()
1138
1138
1139 if ret is None:
1139 if ret is None:
1140 q = cls.select(UserEmailMap)
1140 q = cls.select(UserEmailMap)
1141 # try fetching in alternate email map
1141 # try fetching in alternate email map
1142 if case_insensitive:
1142 if case_insensitive:
1143 q = q.where(func.lower(UserEmailMap.email) == func.lower(email))
1143 q = q.where(func.lower(UserEmailMap.email) == func.lower(email))
1144 else:
1144 else:
1145 q = q.where(UserEmailMap.email == email)
1145 q = q.where(UserEmailMap.email == email)
1146 q = q.options(joinedload(UserEmailMap.user))
1146 q = q.options(joinedload(UserEmailMap.user))
1147 if cache:
1147 if cache:
1148 q = q.options(
1148 q = q.options(
1149 FromCache("sql_cache_short", f"get_email_map_key_{email_key}"))
1149 FromCache("sql_cache_short", f"get_email_map_key_{email_key}"))
1150
1150
1151 result = cls.execute(q).scalar_one_or_none()
1151 result = cls.execute(q).scalar_one_or_none()
1152 ret = getattr(result, 'user', None)
1152 ret = getattr(result, 'user', None)
1153
1153
1154 return ret
1154 return ret
1155
1155
1156 @classmethod
1156 @classmethod
1157 def get_from_cs_author(cls, author):
1157 def get_from_cs_author(cls, author):
1158 """
1158 """
1159 Tries to get User objects out of commit author string
1159 Tries to get User objects out of commit author string
1160
1160
1161 :param author:
1161 :param author:
1162 """
1162 """
1163 from rhodecode.lib.helpers import email, author_name
1163 from rhodecode.lib.helpers import email, author_name
1164 # Valid email in the attribute passed, see if they're in the system
1164 # Valid email in the attribute passed, see if they're in the system
1165 _email = email(author)
1165 _email = email(author)
1166 if _email:
1166 if _email:
1167 user = cls.get_by_email(_email, case_insensitive=True)
1167 user = cls.get_by_email(_email, case_insensitive=True)
1168 if user:
1168 if user:
1169 return user
1169 return user
1170 # Maybe we can match by username?
1170 # Maybe we can match by username?
1171 _author = author_name(author)
1171 _author = author_name(author)
1172 user = cls.get_by_username(_author, case_insensitive=True)
1172 user = cls.get_by_username(_author, case_insensitive=True)
1173 if user:
1173 if user:
1174 return user
1174 return user
1175
1175
1176 def update_userdata(self, **kwargs):
1176 def update_userdata(self, **kwargs):
1177 usr = self
1177 usr = self
1178 old = usr.user_data
1178 old = usr.user_data
1179 old.update(**kwargs)
1179 old.update(**kwargs)
1180 usr.user_data = old
1180 usr.user_data = old
1181 Session().add(usr)
1181 Session().add(usr)
1182 log.debug('updated userdata with %s', kwargs)
1182 log.debug('updated userdata with %s', kwargs)
1183
1183
1184 def update_lastlogin(self):
1184 def update_lastlogin(self):
1185 """Update user lastlogin"""
1185 """Update user lastlogin"""
1186 self.last_login = datetime.datetime.now()
1186 self.last_login = datetime.datetime.now()
1187 Session().add(self)
1187 Session().add(self)
1188 log.debug('updated user %s lastlogin', self.username)
1188 log.debug('updated user %s lastlogin', self.username)
1189
1189
1190 def update_password(self, new_password):
1190 def update_password(self, new_password):
1191 from rhodecode.lib.auth import get_crypt_password
1191 from rhodecode.lib.auth import get_crypt_password
1192
1192
1193 self.password = get_crypt_password(new_password)
1193 self.password = get_crypt_password(new_password)
1194 Session().add(self)
1194 Session().add(self)
1195
1195
1196 @classmethod
1196 @classmethod
1197 def get_first_super_admin(cls):
1197 def get_first_super_admin(cls):
1198 stmt = cls.select().where(User.admin == true()).order_by(User.user_id.asc())
1198 stmt = cls.select().where(User.admin == true()).order_by(User.user_id.asc())
1199 user = cls.scalars(stmt).first()
1199 user = cls.scalars(stmt).first()
1200
1200
1201 if user is None:
1201 if user is None:
1202 raise Exception('FATAL: Missing administrative account!')
1202 raise Exception('FATAL: Missing administrative account!')
1203 return user
1203 return user
1204
1204
1205 @classmethod
1205 @classmethod
1206 def get_all_super_admins(cls, only_active=False):
1206 def get_all_super_admins(cls, only_active=False):
1207 """
1207 """
1208 Returns all admin accounts sorted by username
1208 Returns all admin accounts sorted by username
1209 """
1209 """
1210 qry = User.query().filter(User.admin == true()).order_by(User.username.asc())
1210 qry = User.query().filter(User.admin == true()).order_by(User.username.asc())
1211 if only_active:
1211 if only_active:
1212 qry = qry.filter(User.active == true())
1212 qry = qry.filter(User.active == true())
1213 return qry.all()
1213 return qry.all()
1214
1214
1215 @classmethod
1215 @classmethod
1216 def get_all_user_ids(cls, only_active=True):
1216 def get_all_user_ids(cls, only_active=True):
1217 """
1217 """
1218 Returns all users IDs
1218 Returns all users IDs
1219 """
1219 """
1220 qry = Session().query(User.user_id)
1220 qry = Session().query(User.user_id)
1221
1221
1222 if only_active:
1222 if only_active:
1223 qry = qry.filter(User.active == true())
1223 qry = qry.filter(User.active == true())
1224 return [x.user_id for x in qry]
1224 return [x.user_id for x in qry]
1225
1225
1226 @classmethod
1226 @classmethod
1227 def get_default_user(cls, cache=False, refresh=False):
1227 def get_default_user(cls, cache=False, refresh=False):
1228 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
1228 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
1229 if user is None:
1229 if user is None:
1230 raise Exception('FATAL: Missing default account!')
1230 raise Exception('FATAL: Missing default account!')
1231 if refresh:
1231 if refresh:
1232 # The default user might be based on outdated state which
1232 # The default user might be based on outdated state which
1233 # has been loaded from the cache.
1233 # has been loaded from the cache.
1234 # A call to refresh() ensures that the
1234 # A call to refresh() ensures that the
1235 # latest state from the database is used.
1235 # latest state from the database is used.
1236 Session().refresh(user)
1236 Session().refresh(user)
1237
1237
1238 return user
1238 return user
1239
1239
1240 @classmethod
1240 @classmethod
1241 def get_default_user_id(cls):
1241 def get_default_user_id(cls):
1242 import rhodecode
1242 import rhodecode
1243 return rhodecode.CONFIG['default_user_id']
1243 return rhodecode.CONFIG['default_user_id']
1244
1244
1245 def _get_default_perms(self, user, suffix=''):
1245 def _get_default_perms(self, user, suffix=''):
1246 from rhodecode.model.permission import PermissionModel
1246 from rhodecode.model.permission import PermissionModel
1247 return PermissionModel().get_default_perms(user.user_perms, suffix)
1247 return PermissionModel().get_default_perms(user.user_perms, suffix)
1248
1248
1249 def get_default_perms(self, suffix=''):
1249 def get_default_perms(self, suffix=''):
1250 return self._get_default_perms(self, suffix)
1250 return self._get_default_perms(self, suffix)
1251
1251
1252 def get_api_data(self, include_secrets=False, details='full'):
1252 def get_api_data(self, include_secrets=False, details='full'):
1253 """
1253 """
1254 Common function for generating user related data for API
1254 Common function for generating user related data for API
1255
1255
1256 :param include_secrets: By default secrets in the API data will be replaced
1256 :param include_secrets: By default secrets in the API data will be replaced
1257 by a placeholder value to prevent exposing this data by accident. In case
1257 by a placeholder value to prevent exposing this data by accident. In case
1258 this data shall be exposed, set this flag to ``True``.
1258 this data shall be exposed, set this flag to ``True``.
1259
1259
1260 :param details: details can be 'basic|full' basic gives only a subset of
1260 :param details: details can be 'basic|full' basic gives only a subset of
1261 the available user information that includes user_id, name and emails.
1261 the available user information that includes user_id, name and emails.
1262 """
1262 """
1263 user = self
1263 user = self
1264 user_data = self.user_data
1264 user_data = self.user_data
1265 data = {
1265 data = {
1266 'user_id': user.user_id,
1266 'user_id': user.user_id,
1267 'username': user.username,
1267 'username': user.username,
1268 'firstname': user.name,
1268 'firstname': user.name,
1269 'lastname': user.lastname,
1269 'lastname': user.lastname,
1270 'description': user.description,
1270 'description': user.description,
1271 'email': user.email,
1271 'email': user.email,
1272 'emails': user.emails,
1272 'emails': user.emails,
1273 }
1273 }
1274 if details == 'basic':
1274 if details == 'basic':
1275 return data
1275 return data
1276
1276
1277 auth_token_length = 40
1277 auth_token_length = 40
1278 auth_token_replacement = '*' * auth_token_length
1278 auth_token_replacement = '*' * auth_token_length
1279
1279
1280 extras = {
1280 extras = {
1281 'auth_tokens': [auth_token_replacement],
1281 'auth_tokens': [auth_token_replacement],
1282 'active': user.active,
1282 'active': user.active,
1283 'admin': user.admin,
1283 'admin': user.admin,
1284 'extern_type': user.extern_type,
1284 'extern_type': user.extern_type,
1285 'extern_name': user.extern_name,
1285 'extern_name': user.extern_name,
1286 'last_login': user.last_login,
1286 'last_login': user.last_login,
1287 'last_activity': user.last_activity,
1287 'last_activity': user.last_activity,
1288 'ip_addresses': user.ip_addresses,
1288 'ip_addresses': user.ip_addresses,
1289 'language': user_data.get('language')
1289 'language': user_data.get('language')
1290 }
1290 }
1291 data.update(extras)
1291 data.update(extras)
1292
1292
1293 if include_secrets:
1293 if include_secrets:
1294 data['auth_tokens'] = user.auth_tokens
1294 data['auth_tokens'] = user.auth_tokens
1295 return data
1295 return data
1296
1296
1297 def __json__(self):
1297 def __json__(self):
1298 data = {
1298 data = {
1299 'full_name': self.full_name,
1299 'full_name': self.full_name,
1300 'full_name_or_username': self.full_name_or_username,
1300 'full_name_or_username': self.full_name_or_username,
1301 'short_contact': self.short_contact,
1301 'short_contact': self.short_contact,
1302 'full_contact': self.full_contact,
1302 'full_contact': self.full_contact,
1303 }
1303 }
1304 data.update(self.get_api_data())
1304 data.update(self.get_api_data())
1305 return data
1305 return data
1306
1306
1307
1307
1308 class UserApiKeys(Base, BaseModel):
1308 class UserApiKeys(Base, BaseModel):
1309 __tablename__ = 'user_api_keys'
1309 __tablename__ = 'user_api_keys'
1310 __table_args__ = (
1310 __table_args__ = (
1311 Index('uak_api_key_idx', 'api_key'),
1311 Index('uak_api_key_idx', 'api_key'),
1312 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1312 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1313 base_table_args
1313 base_table_args
1314 )
1314 )
1315
1315
1316 # ApiKey role
1316 # ApiKey role
1317 ROLE_ALL = 'token_role_all'
1317 ROLE_ALL = 'token_role_all'
1318 ROLE_VCS = 'token_role_vcs'
1318 ROLE_VCS = 'token_role_vcs'
1319 ROLE_API = 'token_role_api'
1319 ROLE_API = 'token_role_api'
1320 ROLE_HTTP = 'token_role_http'
1320 ROLE_HTTP = 'token_role_http'
1321 ROLE_FEED = 'token_role_feed'
1321 ROLE_FEED = 'token_role_feed'
1322 ROLE_ARTIFACT_DOWNLOAD = 'role_artifact_download'
1322 ROLE_ARTIFACT_DOWNLOAD = 'role_artifact_download'
1323 # The last one is ignored in the list as we only
1323 # The last one is ignored in the list as we only
1324 # use it for one action, and cannot be created by users
1324 # use it for one action, and cannot be created by users
1325 ROLE_PASSWORD_RESET = 'token_password_reset'
1325 ROLE_PASSWORD_RESET = 'token_password_reset'
1326
1326
1327 ROLES = [ROLE_ALL, ROLE_VCS, ROLE_API, ROLE_HTTP, ROLE_FEED, ROLE_ARTIFACT_DOWNLOAD]
1327 ROLES = [ROLE_ALL, ROLE_VCS, ROLE_API, ROLE_HTTP, ROLE_FEED, ROLE_ARTIFACT_DOWNLOAD]
1328
1328
1329 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1329 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1330 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1330 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1331 api_key = Column("api_key", String(255), nullable=False, unique=True)
1331 api_key = Column("api_key", String(255), nullable=False, unique=True)
1332 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1332 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1333 expires = Column('expires', Float(53), nullable=False)
1333 expires = Column('expires', Float(53), nullable=False)
1334 role = Column('role', String(255), nullable=True)
1334 role = Column('role', String(255), nullable=True)
1335 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1335 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1336
1336
1337 # scope columns
1337 # scope columns
1338 repo_id = Column(
1338 repo_id = Column(
1339 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1339 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1340 nullable=True, unique=None, default=None)
1340 nullable=True, unique=None, default=None)
1341 repo = relationship('Repository', lazy='joined', back_populates='scoped_tokens')
1341 repo = relationship('Repository', lazy='joined', back_populates='scoped_tokens')
1342
1342
1343 repo_group_id = Column(
1343 repo_group_id = Column(
1344 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1344 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1345 nullable=True, unique=None, default=None)
1345 nullable=True, unique=None, default=None)
1346 repo_group = relationship('RepoGroup', lazy='joined')
1346 repo_group = relationship('RepoGroup', lazy='joined')
1347
1347
1348 user = relationship('User', lazy='joined', back_populates='user_auth_tokens')
1348 user = relationship('User', lazy='joined', back_populates='user_auth_tokens')
1349
1349
1350 def __repr__(self):
1350 def __repr__(self):
1351 return f"<{self.cls_name}('{self.role}')>"
1351 return f"<{self.cls_name}('{self.role}')>"
1352
1352
1353 def __json__(self):
1353 def __json__(self):
1354 data = {
1354 data = {
1355 'auth_token': self.api_key,
1355 'auth_token': self.api_key,
1356 'role': self.role,
1356 'role': self.role,
1357 'scope': self.scope_humanized,
1357 'scope': self.scope_humanized,
1358 'expired': self.expired
1358 'expired': self.expired
1359 }
1359 }
1360 return data
1360 return data
1361
1361
1362 def get_api_data(self, include_secrets=False):
1362 def get_api_data(self, include_secrets=False):
1363 data = self.__json__()
1363 data = self.__json__()
1364 if include_secrets:
1364 if include_secrets:
1365 return data
1365 return data
1366 else:
1366 else:
1367 data['auth_token'] = self.token_obfuscated
1367 data['auth_token'] = self.token_obfuscated
1368 return data
1368 return data
1369
1369
1370 @hybrid_property
1370 @hybrid_property
1371 def description_safe(self):
1371 def description_safe(self):
1372 from rhodecode.lib import helpers as h
1372 from rhodecode.lib import helpers as h
1373 return h.escape(self.description)
1373 return h.escape(self.description)
1374
1374
1375 @property
1375 @property
1376 def expired(self):
1376 def expired(self):
1377 if self.expires == -1:
1377 if self.expires == -1:
1378 return False
1378 return False
1379 return time.time() > self.expires
1379 return time.time() > self.expires
1380
1380
1381 @classmethod
1381 @classmethod
1382 def _get_role_name(cls, role):
1382 def _get_role_name(cls, role):
1383 return {
1383 return {
1384 cls.ROLE_ALL: _('all'),
1384 cls.ROLE_ALL: _('all'),
1385 cls.ROLE_HTTP: _('http/web interface'),
1385 cls.ROLE_HTTP: _('http/web interface'),
1386 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1386 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1387 cls.ROLE_API: _('api calls'),
1387 cls.ROLE_API: _('api calls'),
1388 cls.ROLE_FEED: _('feed access'),
1388 cls.ROLE_FEED: _('feed access'),
1389 cls.ROLE_ARTIFACT_DOWNLOAD: _('artifacts downloads'),
1389 cls.ROLE_ARTIFACT_DOWNLOAD: _('artifacts downloads'),
1390 }.get(role, role)
1390 }.get(role, role)
1391
1391
1392 @classmethod
1392 @classmethod
1393 def _get_role_description(cls, role):
1393 def _get_role_description(cls, role):
1394 return {
1394 return {
1395 cls.ROLE_ALL: _('Token for all actions.'),
1395 cls.ROLE_ALL: _('Token for all actions.'),
1396 cls.ROLE_HTTP: _('Token to access RhodeCode pages via web interface without '
1396 cls.ROLE_HTTP: _('Token to access RhodeCode pages via web interface without '
1397 'login using `api_access_controllers_whitelist` functionality.'),
1397 'login using `api_access_controllers_whitelist` functionality.'),
1398 cls.ROLE_VCS: _('Token to interact over git/hg/svn protocols. '
1398 cls.ROLE_VCS: _('Token to interact over git/hg/svn protocols. '
1399 'Requires auth_token authentication plugin to be active. <br/>'
1399 'Requires auth_token authentication plugin to be active. <br/>'
1400 'Such Token should be used then instead of a password to '
1400 'Such Token should be used then instead of a password to '
1401 'interact with a repository, and additionally can be '
1401 'interact with a repository, and additionally can be '
1402 'limited to single repository using repo scope.'),
1402 'limited to single repository using repo scope.'),
1403 cls.ROLE_API: _('Token limited to api calls.'),
1403 cls.ROLE_API: _('Token limited to api calls.'),
1404 cls.ROLE_FEED: _('Token to read RSS/ATOM feed.'),
1404 cls.ROLE_FEED: _('Token to read RSS/ATOM feed.'),
1405 cls.ROLE_ARTIFACT_DOWNLOAD: _('Token for artifacts downloads.'),
1405 cls.ROLE_ARTIFACT_DOWNLOAD: _('Token for artifacts downloads.'),
1406 }.get(role, role)
1406 }.get(role, role)
1407
1407
1408 @property
1408 @property
1409 def role_humanized(self):
1409 def role_humanized(self):
1410 return self._get_role_name(self.role)
1410 return self._get_role_name(self.role)
1411
1411
1412 def _get_scope(self):
1412 def _get_scope(self):
1413 if self.repo:
1413 if self.repo:
1414 return 'Repository: {}'.format(self.repo.repo_name)
1414 return 'Repository: {}'.format(self.repo.repo_name)
1415 if self.repo_group:
1415 if self.repo_group:
1416 return 'RepositoryGroup: {} (recursive)'.format(self.repo_group.group_name)
1416 return 'RepositoryGroup: {} (recursive)'.format(self.repo_group.group_name)
1417 return 'Global'
1417 return 'Global'
1418
1418
1419 @property
1419 @property
1420 def scope_humanized(self):
1420 def scope_humanized(self):
1421 return self._get_scope()
1421 return self._get_scope()
1422
1422
1423 @property
1423 @property
1424 def token_obfuscated(self):
1424 def token_obfuscated(self):
1425 if self.api_key:
1425 if self.api_key:
1426 return self.api_key[:4] + "****"
1426 return self.api_key[:4] + "****"
1427
1427
1428
1428
1429 class UserEmailMap(Base, BaseModel):
1429 class UserEmailMap(Base, BaseModel):
1430 __tablename__ = 'user_email_map'
1430 __tablename__ = 'user_email_map'
1431 __table_args__ = (
1431 __table_args__ = (
1432 Index('uem_email_idx', 'email'),
1432 Index('uem_email_idx', 'email'),
1433 Index('uem_user_id_idx', 'user_id'),
1433 Index('uem_user_id_idx', 'user_id'),
1434 UniqueConstraint('email'),
1434 UniqueConstraint('email'),
1435 base_table_args
1435 base_table_args
1436 )
1436 )
1437
1437
1438 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1438 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1439 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1439 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1440 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1440 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1441 user = relationship('User', lazy='joined', back_populates='user_emails')
1441 user = relationship('User', lazy='joined', back_populates='user_emails')
1442
1442
1443 @validates('_email')
1443 @validates('_email')
1444 def validate_email(self, key, email):
1444 def validate_email(self, key, email):
1445 # check if this email is not main one
1445 # check if this email is not main one
1446 main_email = Session().query(User).filter(User.email == email).scalar()
1446 main_email = Session().query(User).filter(User.email == email).scalar()
1447 if main_email is not None:
1447 if main_email is not None:
1448 raise AttributeError('email %s is present is user table' % email)
1448 raise AttributeError('email %s is present is user table' % email)
1449 return email
1449 return email
1450
1450
1451 @hybrid_property
1451 @hybrid_property
1452 def email(self):
1452 def email(self):
1453 return self._email
1453 return self._email
1454
1454
1455 @email.setter
1455 @email.setter
1456 def email(self, val):
1456 def email(self, val):
1457 self._email = val.lower() if val else None
1457 self._email = val.lower() if val else None
1458
1458
1459
1459
1460 class UserIpMap(Base, BaseModel):
1460 class UserIpMap(Base, BaseModel):
1461 __tablename__ = 'user_ip_map'
1461 __tablename__ = 'user_ip_map'
1462 __table_args__ = (
1462 __table_args__ = (
1463 UniqueConstraint('user_id', 'ip_addr'),
1463 UniqueConstraint('user_id', 'ip_addr'),
1464 base_table_args
1464 base_table_args
1465 )
1465 )
1466
1466
1467 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1467 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1468 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1468 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1469 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1469 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1470 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1470 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1471 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1471 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1472 user = relationship('User', lazy='joined', back_populates='user_ip_map')
1472 user = relationship('User', lazy='joined', back_populates='user_ip_map')
1473
1473
1474 @hybrid_property
1474 @hybrid_property
1475 def description_safe(self):
1475 def description_safe(self):
1476 from rhodecode.lib import helpers as h
1476 from rhodecode.lib import helpers as h
1477 return h.escape(self.description)
1477 return h.escape(self.description)
1478
1478
1479 @classmethod
1479 @classmethod
1480 def _get_ip_range(cls, ip_addr):
1480 def _get_ip_range(cls, ip_addr):
1481 net = ipaddress.ip_network(safe_str(ip_addr), strict=False)
1481 net = ipaddress.ip_network(safe_str(ip_addr), strict=False)
1482 return [str(net.network_address), str(net.broadcast_address)]
1482 return [str(net.network_address), str(net.broadcast_address)]
1483
1483
1484 def __json__(self):
1484 def __json__(self):
1485 return {
1485 return {
1486 'ip_addr': self.ip_addr,
1486 'ip_addr': self.ip_addr,
1487 'ip_range': self._get_ip_range(self.ip_addr),
1487 'ip_range': self._get_ip_range(self.ip_addr),
1488 }
1488 }
1489
1489
1490 def __repr__(self):
1490 def __repr__(self):
1491 return f"<{self.cls_name}('user_id={self.user_id} => ip={self.ip_addr}')>"
1491 return f"<{self.cls_name}('user_id={self.user_id} => ip={self.ip_addr}')>"
1492
1492
1493
1493
1494 class UserSshKeys(Base, BaseModel):
1494 class UserSshKeys(Base, BaseModel):
1495 __tablename__ = 'user_ssh_keys'
1495 __tablename__ = 'user_ssh_keys'
1496 __table_args__ = (
1496 __table_args__ = (
1497 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1497 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1498
1498
1499 UniqueConstraint('ssh_key_fingerprint'),
1499 UniqueConstraint('ssh_key_fingerprint'),
1500
1500
1501 base_table_args
1501 base_table_args
1502 )
1502 )
1503
1503
1504 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1504 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1505 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1505 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1506 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1506 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1507
1507
1508 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1508 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1509
1509
1510 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1510 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1511 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1511 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1512 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1512 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1513
1513
1514 user = relationship('User', lazy='joined', back_populates='user_ssh_keys')
1514 user = relationship('User', lazy='joined', back_populates='user_ssh_keys')
1515
1515
1516 def __json__(self):
1516 def __json__(self):
1517 data = {
1517 data = {
1518 'ssh_fingerprint': self.ssh_key_fingerprint,
1518 'ssh_fingerprint': self.ssh_key_fingerprint,
1519 'description': self.description,
1519 'description': self.description,
1520 'created_on': self.created_on
1520 'created_on': self.created_on
1521 }
1521 }
1522 return data
1522 return data
1523
1523
1524 def get_api_data(self):
1524 def get_api_data(self):
1525 data = self.__json__()
1525 data = self.__json__()
1526 return data
1526 return data
1527
1527
1528
1528
1529 class UserLog(Base, BaseModel):
1529 class UserLog(Base, BaseModel):
1530 __tablename__ = 'user_logs'
1530 __tablename__ = 'user_logs'
1531 __table_args__ = (
1531 __table_args__ = (
1532 base_table_args,
1532 base_table_args,
1533 )
1533 )
1534
1534
1535 VERSION_1 = 'v1'
1535 VERSION_1 = 'v1'
1536 VERSION_2 = 'v2'
1536 VERSION_2 = 'v2'
1537 VERSIONS = [VERSION_1, VERSION_2]
1537 VERSIONS = [VERSION_1, VERSION_2]
1538
1538
1539 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1539 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1540 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1540 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1541 username = Column("username", String(255), nullable=True, unique=None, default=None)
1541 username = Column("username", String(255), nullable=True, unique=None, default=None)
1542 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1542 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1543 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1543 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1544 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1544 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1545 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1545 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1546 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1546 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1547
1547
1548 version = Column("version", String(255), nullable=True, default=VERSION_1)
1548 version = Column("version", String(255), nullable=True, default=VERSION_1)
1549 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1549 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1550 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1550 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1551 user = relationship('User', cascade='', back_populates='user_log')
1551 user = relationship('User', cascade='', back_populates='user_log')
1552 repository = relationship('Repository', cascade='', back_populates='logs')
1552 repository = relationship('Repository', cascade='', back_populates='logs')
1553
1553
1554 def __repr__(self):
1554 def __repr__(self):
1555 return f"<{self.cls_name}('id:{self.repository_name}:{self.action}')>"
1555 return f"<{self.cls_name}('id:{self.repository_name}:{self.action}')>"
1556
1556
1557 def __json__(self):
1557 def __json__(self):
1558 return {
1558 return {
1559 'user_id': self.user_id,
1559 'user_id': self.user_id,
1560 'username': self.username,
1560 'username': self.username,
1561 'repository_id': self.repository_id,
1561 'repository_id': self.repository_id,
1562 'repository_name': self.repository_name,
1562 'repository_name': self.repository_name,
1563 'user_ip': self.user_ip,
1563 'user_ip': self.user_ip,
1564 'action_date': self.action_date,
1564 'action_date': self.action_date,
1565 'action': self.action,
1565 'action': self.action,
1566 }
1566 }
1567
1567
1568 @hybrid_property
1568 @hybrid_property
1569 def entry_id(self):
1569 def entry_id(self):
1570 return self.user_log_id
1570 return self.user_log_id
1571
1571
1572 @property
1572 @property
1573 def action_as_day(self):
1573 def action_as_day(self):
1574 return datetime.date(*self.action_date.timetuple()[:3])
1574 return datetime.date(*self.action_date.timetuple()[:3])
1575
1575
1576
1576
1577 class UserGroup(Base, BaseModel):
1577 class UserGroup(Base, BaseModel):
1578 __tablename__ = 'users_groups'
1578 __tablename__ = 'users_groups'
1579 __table_args__ = (
1579 __table_args__ = (
1580 base_table_args,
1580 base_table_args,
1581 )
1581 )
1582
1582
1583 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1583 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1584 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1584 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1585 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1585 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1586 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1586 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1587 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1587 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1588 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1588 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1589 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1589 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1590 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1590 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1591
1591
1592 members = relationship('UserGroupMember', cascade="all, delete-orphan", lazy="joined", back_populates='users_group')
1592 members = relationship('UserGroupMember', cascade="all, delete-orphan", lazy="joined", back_populates='users_group')
1593 users_group_to_perm = relationship('UserGroupToPerm', cascade='all', back_populates='users_group')
1593 users_group_to_perm = relationship('UserGroupToPerm', cascade='all', back_populates='users_group')
1594 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all', back_populates='users_group')
1594 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all', back_populates='users_group')
1595 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all', back_populates='users_group')
1595 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all', back_populates='users_group')
1596 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all', back_populates='user_group')
1596 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all', back_populates='user_group')
1597
1597
1598 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all', back_populates='target_user_group')
1598 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all', back_populates='target_user_group')
1599
1599
1600 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all', back_populates='users_group')
1600 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all', back_populates='users_group')
1601 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id", back_populates='user_groups')
1601 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id", back_populates='user_groups')
1602
1602
1603 @classmethod
1603 @classmethod
1604 def _load_group_data(cls, column):
1604 def _load_group_data(cls, column):
1605 if not column:
1605 if not column:
1606 return {}
1606 return {}
1607
1607
1608 try:
1608 try:
1609 return json.loads(column) or {}
1609 return json.loads(column) or {}
1610 except TypeError:
1610 except TypeError:
1611 return {}
1611 return {}
1612
1612
1613 @hybrid_property
1613 @hybrid_property
1614 def description_safe(self):
1614 def description_safe(self):
1615 from rhodecode.lib import helpers as h
1615 from rhodecode.lib import helpers as h
1616 return h.escape(self.user_group_description)
1616 return h.escape(self.user_group_description)
1617
1617
1618 @hybrid_property
1618 @hybrid_property
1619 def group_data(self):
1619 def group_data(self):
1620 return self._load_group_data(self._group_data)
1620 return self._load_group_data(self._group_data)
1621
1621
1622 @group_data.expression
1622 @group_data.expression
1623 def group_data(self, **kwargs):
1623 def group_data(self, **kwargs):
1624 return self._group_data
1624 return self._group_data
1625
1625
1626 @group_data.setter
1626 @group_data.setter
1627 def group_data(self, val):
1627 def group_data(self, val):
1628 try:
1628 try:
1629 self._group_data = json.dumps(val)
1629 self._group_data = json.dumps(val)
1630 except Exception:
1630 except Exception:
1631 log.error(traceback.format_exc())
1631 log.error(traceback.format_exc())
1632
1632
1633 @classmethod
1633 @classmethod
1634 def _load_sync(cls, group_data):
1634 def _load_sync(cls, group_data):
1635 if group_data:
1635 if group_data:
1636 return group_data.get('extern_type')
1636 return group_data.get('extern_type')
1637
1637
1638 @property
1638 @property
1639 def sync(self):
1639 def sync(self):
1640 return self._load_sync(self.group_data)
1640 return self._load_sync(self.group_data)
1641
1641
1642 def __repr__(self):
1642 def __repr__(self):
1643 return f"<{self.cls_name}('id:{self.users_group_id}:{self.users_group_name}')>"
1643 return f"<{self.cls_name}('id:{self.users_group_id}:{self.users_group_name}')>"
1644
1644
1645 @classmethod
1645 @classmethod
1646 def get_by_group_name(cls, group_name, cache=False,
1646 def get_by_group_name(cls, group_name, cache=False,
1647 case_insensitive=False):
1647 case_insensitive=False):
1648 if case_insensitive:
1648 if case_insensitive:
1649 q = cls.query().filter(func.lower(cls.users_group_name) ==
1649 q = cls.query().filter(func.lower(cls.users_group_name) ==
1650 func.lower(group_name))
1650 func.lower(group_name))
1651
1651
1652 else:
1652 else:
1653 q = cls.query().filter(cls.users_group_name == group_name)
1653 q = cls.query().filter(cls.users_group_name == group_name)
1654 if cache:
1654 if cache:
1655 name_key = _hash_key(group_name)
1655 name_key = _hash_key(group_name)
1656 q = q.options(
1656 q = q.options(
1657 FromCache("sql_cache_short", f"get_group_{name_key}"))
1657 FromCache("sql_cache_short", f"get_group_{name_key}"))
1658 return q.scalar()
1658 return q.scalar()
1659
1659
1660 @classmethod
1660 @classmethod
1661 def get(cls, user_group_id, cache=False):
1661 def get(cls, user_group_id, cache=False):
1662 if not user_group_id:
1662 if not user_group_id:
1663 return
1663 return
1664
1664
1665 user_group = cls.query()
1665 user_group = cls.query()
1666 if cache:
1666 if cache:
1667 user_group = user_group.options(
1667 user_group = user_group.options(
1668 FromCache("sql_cache_short", f"get_users_group_{user_group_id}"))
1668 FromCache("sql_cache_short", f"get_users_group_{user_group_id}"))
1669 return user_group.get(user_group_id)
1669 return user_group.get(user_group_id)
1670
1670
1671 def permissions(self, with_admins=True, with_owner=True,
1671 def permissions(self, with_admins=True, with_owner=True,
1672 expand_from_user_groups=False):
1672 expand_from_user_groups=False):
1673 """
1673 """
1674 Permissions for user groups
1674 Permissions for user groups
1675 """
1675 """
1676 _admin_perm = 'usergroup.admin'
1676 _admin_perm = 'usergroup.admin'
1677
1677
1678 owner_row = []
1678 owner_row = []
1679 if with_owner:
1679 if with_owner:
1680 usr = AttributeDict(self.user.get_dict())
1680 usr = AttributeDict(self.user.get_dict())
1681 usr.owner_row = True
1681 usr.owner_row = True
1682 usr.permission = _admin_perm
1682 usr.permission = _admin_perm
1683 owner_row.append(usr)
1683 owner_row.append(usr)
1684
1684
1685 super_admin_ids = []
1685 super_admin_ids = []
1686 super_admin_rows = []
1686 super_admin_rows = []
1687 if with_admins:
1687 if with_admins:
1688 for usr in User.get_all_super_admins():
1688 for usr in User.get_all_super_admins():
1689 super_admin_ids.append(usr.user_id)
1689 super_admin_ids.append(usr.user_id)
1690 # if this admin is also owner, don't double the record
1690 # if this admin is also owner, don't double the record
1691 if usr.user_id == owner_row[0].user_id:
1691 if usr.user_id == owner_row[0].user_id:
1692 owner_row[0].admin_row = True
1692 owner_row[0].admin_row = True
1693 else:
1693 else:
1694 usr = AttributeDict(usr.get_dict())
1694 usr = AttributeDict(usr.get_dict())
1695 usr.admin_row = True
1695 usr.admin_row = True
1696 usr.permission = _admin_perm
1696 usr.permission = _admin_perm
1697 super_admin_rows.append(usr)
1697 super_admin_rows.append(usr)
1698
1698
1699 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1699 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1700 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1700 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1701 joinedload(UserUserGroupToPerm.user),
1701 joinedload(UserUserGroupToPerm.user),
1702 joinedload(UserUserGroupToPerm.permission),)
1702 joinedload(UserUserGroupToPerm.permission),)
1703
1703
1704 # get owners and admins and permissions. We do a trick of re-writing
1704 # get owners and admins and permissions. We do a trick of re-writing
1705 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1705 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1706 # has a global reference and changing one object propagates to all
1706 # has a global reference and changing one object propagates to all
1707 # others. This means if admin is also an owner admin_row that change
1707 # others. This means if admin is also an owner admin_row that change
1708 # would propagate to both objects
1708 # would propagate to both objects
1709 perm_rows = []
1709 perm_rows = []
1710 for _usr in q.all():
1710 for _usr in q.all():
1711 usr = AttributeDict(_usr.user.get_dict())
1711 usr = AttributeDict(_usr.user.get_dict())
1712 # if this user is also owner/admin, mark as duplicate record
1712 # if this user is also owner/admin, mark as duplicate record
1713 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1713 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1714 usr.duplicate_perm = True
1714 usr.duplicate_perm = True
1715 usr.permission = _usr.permission.permission_name
1715 usr.permission = _usr.permission.permission_name
1716 perm_rows.append(usr)
1716 perm_rows.append(usr)
1717
1717
1718 # filter the perm rows by 'default' first and then sort them by
1718 # filter the perm rows by 'default' first and then sort them by
1719 # admin,write,read,none permissions sorted again alphabetically in
1719 # admin,write,read,none permissions sorted again alphabetically in
1720 # each group
1720 # each group
1721 perm_rows = sorted(perm_rows, key=display_user_sort)
1721 perm_rows = sorted(perm_rows, key=display_user_sort)
1722
1722
1723 user_groups_rows = []
1723 user_groups_rows = []
1724 if expand_from_user_groups:
1724 if expand_from_user_groups:
1725 for ug in self.permission_user_groups(with_members=True):
1725 for ug in self.permission_user_groups(with_members=True):
1726 for user_data in ug.members:
1726 for user_data in ug.members:
1727 user_groups_rows.append(user_data)
1727 user_groups_rows.append(user_data)
1728
1728
1729 return super_admin_rows + owner_row + perm_rows + user_groups_rows
1729 return super_admin_rows + owner_row + perm_rows + user_groups_rows
1730
1730
1731 def permission_user_groups(self, with_members=False):
1731 def permission_user_groups(self, with_members=False):
1732 q = UserGroupUserGroupToPerm.query()\
1732 q = UserGroupUserGroupToPerm.query()\
1733 .filter(UserGroupUserGroupToPerm.target_user_group == self)
1733 .filter(UserGroupUserGroupToPerm.target_user_group == self)
1734 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1734 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1735 joinedload(UserGroupUserGroupToPerm.target_user_group),
1735 joinedload(UserGroupUserGroupToPerm.target_user_group),
1736 joinedload(UserGroupUserGroupToPerm.permission),)
1736 joinedload(UserGroupUserGroupToPerm.permission),)
1737
1737
1738 perm_rows = []
1738 perm_rows = []
1739 for _user_group in q.all():
1739 for _user_group in q.all():
1740 entry = AttributeDict(_user_group.user_group.get_dict())
1740 entry = AttributeDict(_user_group.user_group.get_dict())
1741 entry.permission = _user_group.permission.permission_name
1741 entry.permission = _user_group.permission.permission_name
1742 if with_members:
1742 if with_members:
1743 entry.members = [x.user.get_dict()
1743 entry.members = [x.user.get_dict()
1744 for x in _user_group.user_group.members]
1744 for x in _user_group.user_group.members]
1745 perm_rows.append(entry)
1745 perm_rows.append(entry)
1746
1746
1747 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1747 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1748 return perm_rows
1748 return perm_rows
1749
1749
1750 def _get_default_perms(self, user_group, suffix=''):
1750 def _get_default_perms(self, user_group, suffix=''):
1751 from rhodecode.model.permission import PermissionModel
1751 from rhodecode.model.permission import PermissionModel
1752 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1752 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1753
1753
1754 def get_default_perms(self, suffix=''):
1754 def get_default_perms(self, suffix=''):
1755 return self._get_default_perms(self, suffix)
1755 return self._get_default_perms(self, suffix)
1756
1756
1757 def get_api_data(self, with_group_members=True, include_secrets=False):
1757 def get_api_data(self, with_group_members=True, include_secrets=False):
1758 """
1758 """
1759 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1759 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1760 basically forwarded.
1760 basically forwarded.
1761
1761
1762 """
1762 """
1763 user_group = self
1763 user_group = self
1764 data = {
1764 data = {
1765 'users_group_id': user_group.users_group_id,
1765 'users_group_id': user_group.users_group_id,
1766 'group_name': user_group.users_group_name,
1766 'group_name': user_group.users_group_name,
1767 'group_description': user_group.user_group_description,
1767 'group_description': user_group.user_group_description,
1768 'active': user_group.users_group_active,
1768 'active': user_group.users_group_active,
1769 'owner': user_group.user.username,
1769 'owner': user_group.user.username,
1770 'sync': user_group.sync,
1770 'sync': user_group.sync,
1771 'owner_email': user_group.user.email,
1771 'owner_email': user_group.user.email,
1772 }
1772 }
1773
1773
1774 if with_group_members:
1774 if with_group_members:
1775 users = []
1775 users = []
1776 for user in user_group.members:
1776 for user in user_group.members:
1777 user = user.user
1777 user = user.user
1778 users.append(user.get_api_data(include_secrets=include_secrets))
1778 users.append(user.get_api_data(include_secrets=include_secrets))
1779 data['users'] = users
1779 data['users'] = users
1780
1780
1781 return data
1781 return data
1782
1782
1783
1783
1784 class UserGroupMember(Base, BaseModel):
1784 class UserGroupMember(Base, BaseModel):
1785 __tablename__ = 'users_groups_members'
1785 __tablename__ = 'users_groups_members'
1786 __table_args__ = (
1786 __table_args__ = (
1787 base_table_args,
1787 base_table_args,
1788 )
1788 )
1789
1789
1790 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1790 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1791 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1791 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1792 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1792 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1793
1793
1794 user = relationship('User', lazy='joined', back_populates='group_member')
1794 user = relationship('User', lazy='joined', back_populates='group_member')
1795 users_group = relationship('UserGroup', back_populates='members')
1795 users_group = relationship('UserGroup', back_populates='members')
1796
1796
1797 def __init__(self, gr_id='', u_id=''):
1797 def __init__(self, gr_id='', u_id=''):
1798 self.users_group_id = gr_id
1798 self.users_group_id = gr_id
1799 self.user_id = u_id
1799 self.user_id = u_id
1800
1800
1801
1801
1802 class RepositoryField(Base, BaseModel):
1802 class RepositoryField(Base, BaseModel):
1803 __tablename__ = 'repositories_fields'
1803 __tablename__ = 'repositories_fields'
1804 __table_args__ = (
1804 __table_args__ = (
1805 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1805 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1806 base_table_args,
1806 base_table_args,
1807 )
1807 )
1808
1808
1809 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1809 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1810
1810
1811 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1811 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1812 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1812 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1813 field_key = Column("field_key", String(250))
1813 field_key = Column("field_key", String(250))
1814 field_label = Column("field_label", String(1024), nullable=False)
1814 field_label = Column("field_label", String(1024), nullable=False)
1815 field_value = Column("field_value", String(10000), nullable=False)
1815 field_value = Column("field_value", String(10000), nullable=False)
1816 field_desc = Column("field_desc", String(1024), nullable=False)
1816 field_desc = Column("field_desc", String(1024), nullable=False)
1817 field_type = Column("field_type", String(255), nullable=False, unique=None)
1817 field_type = Column("field_type", String(255), nullable=False, unique=None)
1818 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1818 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1819
1819
1820 repository = relationship('Repository', back_populates='extra_fields')
1820 repository = relationship('Repository', back_populates='extra_fields')
1821
1821
1822 @property
1822 @property
1823 def field_key_prefixed(self):
1823 def field_key_prefixed(self):
1824 return 'ex_%s' % self.field_key
1824 return 'ex_%s' % self.field_key
1825
1825
1826 @classmethod
1826 @classmethod
1827 def un_prefix_key(cls, key):
1827 def un_prefix_key(cls, key):
1828 if key.startswith(cls.PREFIX):
1828 if key.startswith(cls.PREFIX):
1829 return key[len(cls.PREFIX):]
1829 return key[len(cls.PREFIX):]
1830 return key
1830 return key
1831
1831
1832 @classmethod
1832 @classmethod
1833 def get_by_key_name(cls, key, repo):
1833 def get_by_key_name(cls, key, repo):
1834 row = cls.query()\
1834 row = cls.query()\
1835 .filter(cls.repository == repo)\
1835 .filter(cls.repository == repo)\
1836 .filter(cls.field_key == key).scalar()
1836 .filter(cls.field_key == key).scalar()
1837 return row
1837 return row
1838
1838
1839
1839
1840 class Repository(Base, BaseModel):
1840 class Repository(Base, BaseModel):
1841 __tablename__ = 'repositories'
1841 __tablename__ = 'repositories'
1842 __table_args__ = (
1842 __table_args__ = (
1843 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1843 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1844 base_table_args,
1844 base_table_args,
1845 )
1845 )
1846 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1846 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1847 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1847 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1848 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1848 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1849
1849
1850 STATE_CREATED = 'repo_state_created'
1850 STATE_CREATED = 'repo_state_created'
1851 STATE_PENDING = 'repo_state_pending'
1851 STATE_PENDING = 'repo_state_pending'
1852 STATE_ERROR = 'repo_state_error'
1852 STATE_ERROR = 'repo_state_error'
1853
1853
1854 LOCK_AUTOMATIC = 'lock_auto'
1854 LOCK_AUTOMATIC = 'lock_auto'
1855 LOCK_API = 'lock_api'
1855 LOCK_API = 'lock_api'
1856 LOCK_WEB = 'lock_web'
1856 LOCK_WEB = 'lock_web'
1857 LOCK_PULL = 'lock_pull'
1857 LOCK_PULL = 'lock_pull'
1858
1858
1859 NAME_SEP = URL_SEP
1859 NAME_SEP = URL_SEP
1860
1860
1861 repo_id = Column(
1861 repo_id = Column(
1862 "repo_id", Integer(), nullable=False, unique=True, default=None,
1862 "repo_id", Integer(), nullable=False, unique=True, default=None,
1863 primary_key=True)
1863 primary_key=True)
1864 _repo_name = Column(
1864 _repo_name = Column(
1865 "repo_name", Text(), nullable=False, default=None)
1865 "repo_name", Text(), nullable=False, default=None)
1866 repo_name_hash = Column(
1866 repo_name_hash = Column(
1867 "repo_name_hash", String(255), nullable=False, unique=True)
1867 "repo_name_hash", String(255), nullable=False, unique=True)
1868 repo_state = Column("repo_state", String(255), nullable=True)
1868 repo_state = Column("repo_state", String(255), nullable=True)
1869
1869
1870 clone_uri = Column(
1870 clone_uri = Column(
1871 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1871 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1872 default=None)
1872 default=None)
1873 push_uri = Column(
1873 push_uri = Column(
1874 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1874 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1875 default=None)
1875 default=None)
1876 repo_type = Column(
1876 repo_type = Column(
1877 "repo_type", String(255), nullable=False, unique=False, default=None)
1877 "repo_type", String(255), nullable=False, unique=False, default=None)
1878 user_id = Column(
1878 user_id = Column(
1879 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1879 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1880 unique=False, default=None)
1880 unique=False, default=None)
1881 private = Column(
1881 private = Column(
1882 "private", Boolean(), nullable=True, unique=None, default=None)
1882 "private", Boolean(), nullable=True, unique=None, default=None)
1883 archived = Column(
1883 archived = Column(
1884 "archived", Boolean(), nullable=True, unique=None, default=None)
1884 "archived", Boolean(), nullable=True, unique=None, default=None)
1885 enable_statistics = Column(
1885 enable_statistics = Column(
1886 "statistics", Boolean(), nullable=True, unique=None, default=True)
1886 "statistics", Boolean(), nullable=True, unique=None, default=True)
1887 enable_downloads = Column(
1887 enable_downloads = Column(
1888 "downloads", Boolean(), nullable=True, unique=None, default=True)
1888 "downloads", Boolean(), nullable=True, unique=None, default=True)
1889 description = Column(
1889 description = Column(
1890 "description", String(10000), nullable=True, unique=None, default=None)
1890 "description", String(10000), nullable=True, unique=None, default=None)
1891 created_on = Column(
1891 created_on = Column(
1892 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1892 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1893 default=datetime.datetime.now)
1893 default=datetime.datetime.now)
1894 updated_on = Column(
1894 updated_on = Column(
1895 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1895 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1896 default=datetime.datetime.now)
1896 default=datetime.datetime.now)
1897 _landing_revision = Column(
1897 _landing_revision = Column(
1898 "landing_revision", String(255), nullable=False, unique=False,
1898 "landing_revision", String(255), nullable=False, unique=False,
1899 default=None)
1899 default=None)
1900 enable_locking = Column(
1900 enable_locking = Column(
1901 "enable_locking", Boolean(), nullable=False, unique=None,
1901 "enable_locking", Boolean(), nullable=False, unique=None,
1902 default=False)
1902 default=False)
1903 _locked = Column(
1903 _locked = Column(
1904 "locked", String(255), nullable=True, unique=False, default=None)
1904 "locked", String(255), nullable=True, unique=False, default=None)
1905 _changeset_cache = Column(
1905 _changeset_cache = Column(
1906 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1906 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1907
1907
1908 fork_id = Column(
1908 fork_id = Column(
1909 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1909 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1910 nullable=True, unique=False, default=None)
1910 nullable=True, unique=False, default=None)
1911 group_id = Column(
1911 group_id = Column(
1912 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1912 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1913 unique=False, default=None)
1913 unique=False, default=None)
1914
1914
1915 user = relationship('User', lazy='joined', back_populates='repositories')
1915 user = relationship('User', lazy='joined', back_populates='repositories')
1916 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1916 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1917 group = relationship('RepoGroup', lazy='joined')
1917 group = relationship('RepoGroup', lazy='joined')
1918 repo_to_perm = relationship('UserRepoToPerm', cascade='all', order_by='UserRepoToPerm.repo_to_perm_id')
1918 repo_to_perm = relationship('UserRepoToPerm', cascade='all', order_by='UserRepoToPerm.repo_to_perm_id')
1919 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all', back_populates='repository')
1919 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all', back_populates='repository')
1920 stats = relationship('Statistics', cascade='all', uselist=False)
1920 stats = relationship('Statistics', cascade='all', uselist=False)
1921
1921
1922 followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', cascade='all', back_populates='follows_repository')
1922 followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', cascade='all', back_populates='follows_repository')
1923 extra_fields = relationship('RepositoryField', cascade="all, delete-orphan", back_populates='repository')
1923 extra_fields = relationship('RepositoryField', cascade="all, delete-orphan", back_populates='repository')
1924
1924
1925 logs = relationship('UserLog', back_populates='repository')
1925 logs = relationship('UserLog', back_populates='repository')
1926
1926
1927 comments = relationship('ChangesetComment', cascade="all, delete-orphan", back_populates='repo')
1927 comments = relationship('ChangesetComment', cascade="all, delete-orphan", back_populates='repo')
1928
1928
1929 pull_requests_source = relationship(
1929 pull_requests_source = relationship(
1930 'PullRequest',
1930 'PullRequest',
1931 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1931 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1932 cascade="all, delete-orphan",
1932 cascade="all, delete-orphan",
1933 overlaps="source_repo"
1933 overlaps="source_repo"
1934 )
1934 )
1935 pull_requests_target = relationship(
1935 pull_requests_target = relationship(
1936 'PullRequest',
1936 'PullRequest',
1937 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1937 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1938 cascade="all, delete-orphan",
1938 cascade="all, delete-orphan",
1939 overlaps="target_repo"
1939 overlaps="target_repo"
1940 )
1940 )
1941
1941
1942 ui = relationship('RepoRhodeCodeUi', cascade="all")
1942 ui = relationship('RepoRhodeCodeUi', cascade="all")
1943 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1943 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1944 integrations = relationship('Integration', cascade="all, delete-orphan", back_populates='repo')
1944 integrations = relationship('Integration', cascade="all, delete-orphan", back_populates='repo')
1945
1945
1946 scoped_tokens = relationship('UserApiKeys', cascade="all", back_populates='repo')
1946 scoped_tokens = relationship('UserApiKeys', cascade="all", back_populates='repo')
1947
1947
1948 # no cascade, set NULL
1948 # no cascade, set NULL
1949 artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_id==Repository.repo_id', viewonly=True)
1949 artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_id==Repository.repo_id', viewonly=True)
1950
1950
1951 review_rules = relationship('RepoReviewRule')
1951 review_rules = relationship('RepoReviewRule')
1952 user_branch_perms = relationship('UserToRepoBranchPermission')
1952 user_branch_perms = relationship('UserToRepoBranchPermission')
1953 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission')
1953 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission')
1954
1954
1955 def __repr__(self):
1955 def __repr__(self):
1956 return "<%s('%s:%s')>" % (self.cls_name, self.repo_id, self.repo_name)
1956 return "<%s('%s:%s')>" % (self.cls_name, self.repo_id, self.repo_name)
1957
1957
1958 @hybrid_property
1958 @hybrid_property
1959 def description_safe(self):
1959 def description_safe(self):
1960 from rhodecode.lib import helpers as h
1960 from rhodecode.lib import helpers as h
1961 return h.escape(self.description)
1961 return h.escape(self.description)
1962
1962
1963 @hybrid_property
1963 @hybrid_property
1964 def landing_rev(self):
1964 def landing_rev(self):
1965 # always should return [rev_type, rev], e.g ['branch', 'master']
1965 # always should return [rev_type, rev], e.g ['branch', 'master']
1966 if self._landing_revision:
1966 if self._landing_revision:
1967 _rev_info = self._landing_revision.split(':')
1967 _rev_info = self._landing_revision.split(':')
1968 if len(_rev_info) < 2:
1968 if len(_rev_info) < 2:
1969 _rev_info.insert(0, 'rev')
1969 _rev_info.insert(0, 'rev')
1970 return [_rev_info[0], _rev_info[1]]
1970 return [_rev_info[0], _rev_info[1]]
1971 return [None, None]
1971 return [None, None]
1972
1972
1973 @property
1973 @property
1974 def landing_ref_type(self):
1974 def landing_ref_type(self):
1975 return self.landing_rev[0]
1975 return self.landing_rev[0]
1976
1976
1977 @property
1977 @property
1978 def landing_ref_name(self):
1978 def landing_ref_name(self):
1979 return self.landing_rev[1]
1979 return self.landing_rev[1]
1980
1980
1981 @landing_rev.setter
1981 @landing_rev.setter
1982 def landing_rev(self, val):
1982 def landing_rev(self, val):
1983 if ':' not in val:
1983 if ':' not in val:
1984 raise ValueError('value must be delimited with `:` and consist '
1984 raise ValueError('value must be delimited with `:` and consist '
1985 'of <rev_type>:<rev>, got %s instead' % val)
1985 'of <rev_type>:<rev>, got %s instead' % val)
1986 self._landing_revision = val
1986 self._landing_revision = val
1987
1987
1988 @hybrid_property
1988 @hybrid_property
1989 def locked(self):
1989 def locked(self):
1990 if self._locked:
1990 if self._locked:
1991 user_id, timelocked, reason = self._locked.split(':')
1991 user_id, timelocked, reason = self._locked.split(':')
1992 lock_values = int(user_id), timelocked, reason
1992 lock_values = int(user_id), timelocked, reason
1993 else:
1993 else:
1994 lock_values = [None, None, None]
1994 lock_values = [None, None, None]
1995 return lock_values
1995 return lock_values
1996
1996
1997 @locked.setter
1997 @locked.setter
1998 def locked(self, val):
1998 def locked(self, val):
1999 if val and isinstance(val, (list, tuple)):
1999 if val and isinstance(val, (list, tuple)):
2000 self._locked = ':'.join(map(str, val))
2000 self._locked = ':'.join(map(str, val))
2001 else:
2001 else:
2002 self._locked = None
2002 self._locked = None
2003
2003
2004 @classmethod
2004 @classmethod
2005 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
2005 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
2006 from rhodecode.lib.vcs.backends.base import EmptyCommit
2006 from rhodecode.lib.vcs.backends.base import EmptyCommit
2007 dummy = EmptyCommit().__json__()
2007 dummy = EmptyCommit().__json__()
2008 if not changeset_cache_raw:
2008 if not changeset_cache_raw:
2009 dummy['source_repo_id'] = repo_id
2009 dummy['source_repo_id'] = repo_id
2010 return json.loads(json.dumps(dummy))
2010 return json.loads(json.dumps(dummy))
2011
2011
2012 try:
2012 try:
2013 return json.loads(changeset_cache_raw)
2013 return json.loads(changeset_cache_raw)
2014 except TypeError:
2014 except TypeError:
2015 return dummy
2015 return dummy
2016 except Exception:
2016 except Exception:
2017 log.error(traceback.format_exc())
2017 log.error(traceback.format_exc())
2018 return dummy
2018 return dummy
2019
2019
2020 @hybrid_property
2020 @hybrid_property
2021 def changeset_cache(self):
2021 def changeset_cache(self):
2022 return self._load_changeset_cache(self.repo_id, self._changeset_cache)
2022 return self._load_changeset_cache(self.repo_id, self._changeset_cache)
2023
2023
2024 @changeset_cache.setter
2024 @changeset_cache.setter
2025 def changeset_cache(self, val):
2025 def changeset_cache(self, val):
2026 try:
2026 try:
2027 self._changeset_cache = json.dumps(val)
2027 self._changeset_cache = json.dumps(val)
2028 except Exception:
2028 except Exception:
2029 log.error(traceback.format_exc())
2029 log.error(traceback.format_exc())
2030
2030
2031 @hybrid_property
2031 @hybrid_property
2032 def repo_name(self):
2032 def repo_name(self):
2033 return self._repo_name
2033 return self._repo_name
2034
2034
2035 @repo_name.setter
2035 @repo_name.setter
2036 def repo_name(self, value):
2036 def repo_name(self, value):
2037 self._repo_name = value
2037 self._repo_name = value
2038 self.repo_name_hash = sha1(safe_bytes(value))
2038 self.repo_name_hash = sha1(safe_bytes(value))
2039
2039
2040 @classmethod
2040 @classmethod
2041 def normalize_repo_name(cls, repo_name):
2041 def normalize_repo_name(cls, repo_name):
2042 """
2042 """
2043 Normalizes os specific repo_name to the format internally stored inside
2043 Normalizes os specific repo_name to the format internally stored inside
2044 database using URL_SEP
2044 database using URL_SEP
2045
2045
2046 :param cls:
2046 :param cls:
2047 :param repo_name:
2047 :param repo_name:
2048 """
2048 """
2049 return cls.NAME_SEP.join(repo_name.split(os.sep))
2049 return cls.NAME_SEP.join(repo_name.split(os.sep))
2050
2050
2051 @classmethod
2051 @classmethod
2052 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
2052 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
2053 session = Session()
2053 session = Session()
2054 q = session.query(cls).filter(cls.repo_name == repo_name)
2054 q = session.query(cls).filter(cls.repo_name == repo_name)
2055
2055
2056 if cache:
2056 if cache:
2057 if identity_cache:
2057 if identity_cache:
2058 val = cls.identity_cache(session, 'repo_name', repo_name)
2058 val = cls.identity_cache(session, 'repo_name', repo_name)
2059 if val:
2059 if val:
2060 return val
2060 return val
2061 else:
2061 else:
2062 cache_key = f"get_repo_by_name_{_hash_key(repo_name)}"
2062 cache_key = f"get_repo_by_name_{_hash_key(repo_name)}"
2063 q = q.options(
2063 q = q.options(
2064 FromCache("sql_cache_short", cache_key))
2064 FromCache("sql_cache_short", cache_key))
2065
2065
2066 return q.scalar()
2066 return q.scalar()
2067
2067
2068 @classmethod
2068 @classmethod
2069 def get_by_id_or_repo_name(cls, repoid):
2069 def get_by_id_or_repo_name(cls, repoid):
2070 if isinstance(repoid, int):
2070 if isinstance(repoid, int):
2071 try:
2071 try:
2072 repo = cls.get(repoid)
2072 repo = cls.get(repoid)
2073 except ValueError:
2073 except ValueError:
2074 repo = None
2074 repo = None
2075 else:
2075 else:
2076 repo = cls.get_by_repo_name(repoid)
2076 repo = cls.get_by_repo_name(repoid)
2077 return repo
2077 return repo
2078
2078
2079 @classmethod
2079 @classmethod
2080 def get_by_full_path(cls, repo_full_path):
2080 def get_by_full_path(cls, repo_full_path):
2081 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
2081 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
2082 repo_name = cls.normalize_repo_name(repo_name)
2082 repo_name = cls.normalize_repo_name(repo_name)
2083 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
2083 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
2084
2084
2085 @classmethod
2085 @classmethod
2086 def get_repo_forks(cls, repo_id):
2086 def get_repo_forks(cls, repo_id):
2087 return cls.query().filter(Repository.fork_id == repo_id)
2087 return cls.query().filter(Repository.fork_id == repo_id)
2088
2088
2089 @classmethod
2089 @classmethod
2090 def base_path(cls):
2090 def base_path(cls):
2091 """
2091 """
2092 Returns base path when all repos are stored
2092 Returns base path when all repos are stored
2093
2093
2094 :param cls:
2094 :param cls:
2095 """
2095 """
2096 from rhodecode.lib.utils import get_rhodecode_repo_store_path
2096 from rhodecode.lib.utils import get_rhodecode_repo_store_path
2097 return get_rhodecode_repo_store_path()
2097 return get_rhodecode_repo_store_path()
2098
2098
2099 @classmethod
2099 @classmethod
2100 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
2100 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
2101 case_insensitive=True, archived=False):
2101 case_insensitive=True, archived=False):
2102 q = Repository.query()
2102 q = Repository.query()
2103
2103
2104 if not archived:
2104 if not archived:
2105 q = q.filter(Repository.archived.isnot(true()))
2105 q = q.filter(Repository.archived.isnot(true()))
2106
2106
2107 if not isinstance(user_id, Optional):
2107 if not isinstance(user_id, Optional):
2108 q = q.filter(Repository.user_id == user_id)
2108 q = q.filter(Repository.user_id == user_id)
2109
2109
2110 if not isinstance(group_id, Optional):
2110 if not isinstance(group_id, Optional):
2111 q = q.filter(Repository.group_id == group_id)
2111 q = q.filter(Repository.group_id == group_id)
2112
2112
2113 if case_insensitive:
2113 if case_insensitive:
2114 q = q.order_by(func.lower(Repository.repo_name))
2114 q = q.order_by(func.lower(Repository.repo_name))
2115 else:
2115 else:
2116 q = q.order_by(Repository.repo_name)
2116 q = q.order_by(Repository.repo_name)
2117
2117
2118 return q.all()
2118 return q.all()
2119
2119
2120 @property
2120 @property
2121 def repo_uid(self):
2121 def repo_uid(self):
2122 return '_{}'.format(self.repo_id)
2122 return '_{}'.format(self.repo_id)
2123
2123
2124 @property
2124 @property
2125 def forks(self):
2125 def forks(self):
2126 """
2126 """
2127 Return forks of this repo
2127 Return forks of this repo
2128 """
2128 """
2129 return Repository.get_repo_forks(self.repo_id)
2129 return Repository.get_repo_forks(self.repo_id)
2130
2130
2131 @property
2131 @property
2132 def parent(self):
2132 def parent(self):
2133 """
2133 """
2134 Returns fork parent
2134 Returns fork parent
2135 """
2135 """
2136 return self.fork
2136 return self.fork
2137
2137
2138 @property
2138 @property
2139 def just_name(self):
2139 def just_name(self):
2140 return self.repo_name.split(self.NAME_SEP)[-1]
2140 return self.repo_name.split(self.NAME_SEP)[-1]
2141
2141
2142 @property
2142 @property
2143 def groups_with_parents(self):
2143 def groups_with_parents(self):
2144 groups = []
2144 groups = []
2145 if self.group is None:
2145 if self.group is None:
2146 return groups
2146 return groups
2147
2147
2148 cur_gr = self.group
2148 cur_gr = self.group
2149 groups.insert(0, cur_gr)
2149 groups.insert(0, cur_gr)
2150 while 1:
2150 while 1:
2151 gr = getattr(cur_gr, 'parent_group', None)
2151 gr = getattr(cur_gr, 'parent_group', None)
2152 cur_gr = cur_gr.parent_group
2152 cur_gr = cur_gr.parent_group
2153 if gr is None:
2153 if gr is None:
2154 break
2154 break
2155 groups.insert(0, gr)
2155 groups.insert(0, gr)
2156
2156
2157 return groups
2157 return groups
2158
2158
2159 @property
2159 @property
2160 def groups_and_repo(self):
2160 def groups_and_repo(self):
2161 return self.groups_with_parents, self
2161 return self.groups_with_parents, self
2162
2162
2163 @property
2163 @property
2164 def repo_path(self):
2164 def repo_path(self):
2165 """
2165 """
2166 Returns base full path for that repository means where it actually
2166 Returns base full path for that repository means where it actually
2167 exists on a filesystem
2167 exists on a filesystem
2168 """
2168 """
2169 return self.base_path()
2169 return self.base_path()
2170
2170
2171 @property
2171 @property
2172 def repo_full_path(self):
2172 def repo_full_path(self):
2173 p = [self.repo_path]
2173 p = [self.repo_path]
2174 # we need to split the name by / since this is how we store the
2174 # we need to split the name by / since this is how we store the
2175 # names in the database, but that eventually needs to be converted
2175 # names in the database, but that eventually needs to be converted
2176 # into a valid system path
2176 # into a valid system path
2177 p += self.repo_name.split(self.NAME_SEP)
2177 p += self.repo_name.split(self.NAME_SEP)
2178 return os.path.join(*map(safe_str, p))
2178 return os.path.join(*map(safe_str, p))
2179
2179
2180 @property
2180 @property
2181 def cache_keys(self):
2181 def cache_keys(self):
2182 """
2182 """
2183 Returns associated cache keys for that repo
2183 Returns associated cache keys for that repo
2184 """
2184 """
2185 repo_namespace_key = CacheKey.REPO_INVALIDATION_NAMESPACE.format(repo_id=self.repo_id)
2185 repo_namespace_key = CacheKey.REPO_INVALIDATION_NAMESPACE.format(repo_id=self.repo_id)
2186 return CacheKey.query()\
2186 return CacheKey.query()\
2187 .filter(CacheKey.cache_key == repo_namespace_key)\
2187 .filter(CacheKey.cache_key == repo_namespace_key)\
2188 .order_by(CacheKey.cache_key)\
2188 .order_by(CacheKey.cache_key)\
2189 .all()
2189 .all()
2190
2190
2191 @property
2191 @property
2192 def cached_diffs_relative_dir(self):
2192 def cached_diffs_relative_dir(self):
2193 """
2193 """
2194 Return a relative to the repository store path of cached diffs
2194 Return a relative to the repository store path of cached diffs
2195 used for safe display for users, who shouldn't know the absolute store
2195 used for safe display for users, who shouldn't know the absolute store
2196 path
2196 path
2197 """
2197 """
2198 return os.path.join(
2198 return os.path.join(
2199 os.path.dirname(self.repo_name),
2199 os.path.dirname(self.repo_name),
2200 self.cached_diffs_dir.split(os.path.sep)[-1])
2200 self.cached_diffs_dir.split(os.path.sep)[-1])
2201
2201
2202 @property
2202 @property
2203 def cached_diffs_dir(self):
2203 def cached_diffs_dir(self):
2204 path = self.repo_full_path
2204 path = self.repo_full_path
2205 return os.path.join(
2205 return os.path.join(
2206 os.path.dirname(path),
2206 os.path.dirname(path),
2207 f'.__shadow_diff_cache_repo_{self.repo_id}')
2207 f'.__shadow_diff_cache_repo_{self.repo_id}')
2208
2208
2209 def cached_diffs(self):
2209 def cached_diffs(self):
2210 diff_cache_dir = self.cached_diffs_dir
2210 diff_cache_dir = self.cached_diffs_dir
2211 if os.path.isdir(diff_cache_dir):
2211 if os.path.isdir(diff_cache_dir):
2212 return os.listdir(diff_cache_dir)
2212 return os.listdir(diff_cache_dir)
2213 return []
2213 return []
2214
2214
2215 def shadow_repos(self):
2215 def shadow_repos(self):
2216 shadow_repos_pattern = f'.__shadow_repo_{self.repo_id}'
2216 shadow_repos_pattern = f'.__shadow_repo_{self.repo_id}'
2217 return [
2217 return [
2218 x for x in os.listdir(os.path.dirname(self.repo_full_path))
2218 x for x in os.listdir(os.path.dirname(self.repo_full_path))
2219 if x.startswith(shadow_repos_pattern)
2219 if x.startswith(shadow_repos_pattern)
2220 ]
2220 ]
2221
2221
2222 def get_new_name(self, repo_name):
2222 def get_new_name(self, repo_name):
2223 """
2223 """
2224 returns new full repository name based on assigned group and new new
2224 returns new full repository name based on assigned group and new new
2225
2225
2226 :param repo_name:
2226 :param repo_name:
2227 """
2227 """
2228 path_prefix = self.group.full_path_splitted if self.group else []
2228 path_prefix = self.group.full_path_splitted if self.group else []
2229 return self.NAME_SEP.join(path_prefix + [repo_name])
2229 return self.NAME_SEP.join(path_prefix + [repo_name])
2230
2230
2231 @property
2231 @property
2232 def _config(self):
2232 def _config(self):
2233 """
2233 """
2234 Returns db based config object.
2234 Returns db based config object.
2235 """
2235 """
2236 from rhodecode.lib.utils import make_db_config
2236 from rhodecode.lib.utils import make_db_config
2237 return make_db_config(clear_session=False, repo=self)
2237 return make_db_config(clear_session=False, repo=self)
2238
2238
2239 def permissions(self, with_admins=True, with_owner=True,
2239 def permissions(self, with_admins=True, with_owner=True,
2240 expand_from_user_groups=False):
2240 expand_from_user_groups=False):
2241 """
2241 """
2242 Permissions for repositories
2242 Permissions for repositories
2243 """
2243 """
2244 _admin_perm = 'repository.admin'
2244 _admin_perm = 'repository.admin'
2245
2245
2246 owner_row = []
2246 owner_row = []
2247 if with_owner:
2247 if with_owner:
2248 usr = AttributeDict(self.user.get_dict())
2248 usr = AttributeDict(self.user.get_dict())
2249 usr.owner_row = True
2249 usr.owner_row = True
2250 usr.permission = _admin_perm
2250 usr.permission = _admin_perm
2251 usr.permission_id = None
2251 usr.permission_id = None
2252 owner_row.append(usr)
2252 owner_row.append(usr)
2253
2253
2254 super_admin_ids = []
2254 super_admin_ids = []
2255 super_admin_rows = []
2255 super_admin_rows = []
2256 if with_admins:
2256 if with_admins:
2257 for usr in User.get_all_super_admins():
2257 for usr in User.get_all_super_admins():
2258 super_admin_ids.append(usr.user_id)
2258 super_admin_ids.append(usr.user_id)
2259 # if this admin is also owner, don't double the record
2259 # if this admin is also owner, don't double the record
2260 if usr.user_id == owner_row[0].user_id:
2260 if usr.user_id == owner_row[0].user_id:
2261 owner_row[0].admin_row = True
2261 owner_row[0].admin_row = True
2262 else:
2262 else:
2263 usr = AttributeDict(usr.get_dict())
2263 usr = AttributeDict(usr.get_dict())
2264 usr.admin_row = True
2264 usr.admin_row = True
2265 usr.permission = _admin_perm
2265 usr.permission = _admin_perm
2266 usr.permission_id = None
2266 usr.permission_id = None
2267 super_admin_rows.append(usr)
2267 super_admin_rows.append(usr)
2268
2268
2269 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
2269 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
2270 q = q.options(joinedload(UserRepoToPerm.repository),
2270 q = q.options(joinedload(UserRepoToPerm.repository),
2271 joinedload(UserRepoToPerm.user),
2271 joinedload(UserRepoToPerm.user),
2272 joinedload(UserRepoToPerm.permission),)
2272 joinedload(UserRepoToPerm.permission),)
2273
2273
2274 # get owners and admins and permissions. We do a trick of re-writing
2274 # get owners and admins and permissions. We do a trick of re-writing
2275 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2275 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2276 # has a global reference and changing one object propagates to all
2276 # has a global reference and changing one object propagates to all
2277 # others. This means if admin is also an owner admin_row that change
2277 # others. This means if admin is also an owner admin_row that change
2278 # would propagate to both objects
2278 # would propagate to both objects
2279 perm_rows = []
2279 perm_rows = []
2280 for _usr in q.all():
2280 for _usr in q.all():
2281 usr = AttributeDict(_usr.user.get_dict())
2281 usr = AttributeDict(_usr.user.get_dict())
2282 # if this user is also owner/admin, mark as duplicate record
2282 # if this user is also owner/admin, mark as duplicate record
2283 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2283 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2284 usr.duplicate_perm = True
2284 usr.duplicate_perm = True
2285 # also check if this permission is maybe used by branch_permissions
2285 # also check if this permission is maybe used by branch_permissions
2286 if _usr.branch_perm_entry:
2286 if _usr.branch_perm_entry:
2287 usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]
2287 usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]
2288
2288
2289 usr.permission = _usr.permission.permission_name
2289 usr.permission = _usr.permission.permission_name
2290 usr.permission_id = _usr.repo_to_perm_id
2290 usr.permission_id = _usr.repo_to_perm_id
2291 perm_rows.append(usr)
2291 perm_rows.append(usr)
2292
2292
2293 # filter the perm rows by 'default' first and then sort them by
2293 # filter the perm rows by 'default' first and then sort them by
2294 # admin,write,read,none permissions sorted again alphabetically in
2294 # admin,write,read,none permissions sorted again alphabetically in
2295 # each group
2295 # each group
2296 perm_rows = sorted(perm_rows, key=display_user_sort)
2296 perm_rows = sorted(perm_rows, key=display_user_sort)
2297
2297
2298 user_groups_rows = []
2298 user_groups_rows = []
2299 if expand_from_user_groups:
2299 if expand_from_user_groups:
2300 for ug in self.permission_user_groups(with_members=True):
2300 for ug in self.permission_user_groups(with_members=True):
2301 for user_data in ug.members:
2301 for user_data in ug.members:
2302 user_groups_rows.append(user_data)
2302 user_groups_rows.append(user_data)
2303
2303
2304 return super_admin_rows + owner_row + perm_rows + user_groups_rows
2304 return super_admin_rows + owner_row + perm_rows + user_groups_rows
2305
2305
2306 def permission_user_groups(self, with_members=True):
2306 def permission_user_groups(self, with_members=True):
2307 q = UserGroupRepoToPerm.query()\
2307 q = UserGroupRepoToPerm.query()\
2308 .filter(UserGroupRepoToPerm.repository == self)
2308 .filter(UserGroupRepoToPerm.repository == self)
2309 q = q.options(joinedload(UserGroupRepoToPerm.repository),
2309 q = q.options(joinedload(UserGroupRepoToPerm.repository),
2310 joinedload(UserGroupRepoToPerm.users_group),
2310 joinedload(UserGroupRepoToPerm.users_group),
2311 joinedload(UserGroupRepoToPerm.permission),)
2311 joinedload(UserGroupRepoToPerm.permission),)
2312
2312
2313 perm_rows = []
2313 perm_rows = []
2314 for _user_group in q.all():
2314 for _user_group in q.all():
2315 entry = AttributeDict(_user_group.users_group.get_dict())
2315 entry = AttributeDict(_user_group.users_group.get_dict())
2316 entry.permission = _user_group.permission.permission_name
2316 entry.permission = _user_group.permission.permission_name
2317 if with_members:
2317 if with_members:
2318 entry.members = [x.user.get_dict()
2318 entry.members = [x.user.get_dict()
2319 for x in _user_group.users_group.members]
2319 for x in _user_group.users_group.members]
2320 perm_rows.append(entry)
2320 perm_rows.append(entry)
2321
2321
2322 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2322 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2323 return perm_rows
2323 return perm_rows
2324
2324
2325 def get_api_data(self, include_secrets=False):
2325 def get_api_data(self, include_secrets=False):
2326 """
2326 """
2327 Common function for generating repo api data
2327 Common function for generating repo api data
2328
2328
2329 :param include_secrets: See :meth:`User.get_api_data`.
2329 :param include_secrets: See :meth:`User.get_api_data`.
2330
2330
2331 """
2331 """
2332 # TODO: mikhail: Here there is an anti-pattern, we probably need to
2332 # TODO: mikhail: Here there is an anti-pattern, we probably need to
2333 # move this methods on models level.
2333 # move this methods on models level.
2334 from rhodecode.model.settings import SettingsModel
2334 from rhodecode.model.settings import SettingsModel
2335 from rhodecode.model.repo import RepoModel
2335 from rhodecode.model.repo import RepoModel
2336
2336
2337 repo = self
2337 repo = self
2338 _user_id, _time, _reason = self.locked
2338 _user_id, _time, _reason = self.locked
2339
2339
2340 data = {
2340 data = {
2341 'repo_id': repo.repo_id,
2341 'repo_id': repo.repo_id,
2342 'repo_name': repo.repo_name,
2342 'repo_name': repo.repo_name,
2343 'repo_type': repo.repo_type,
2343 'repo_type': repo.repo_type,
2344 'clone_uri': repo.clone_uri or '',
2344 'clone_uri': repo.clone_uri or '',
2345 'push_uri': repo.push_uri or '',
2345 'push_uri': repo.push_uri or '',
2346 'url': RepoModel().get_url(self),
2346 'url': RepoModel().get_url(self),
2347 'private': repo.private,
2347 'private': repo.private,
2348 'created_on': repo.created_on,
2348 'created_on': repo.created_on,
2349 'description': repo.description_safe,
2349 'description': repo.description_safe,
2350 'landing_rev': repo.landing_rev,
2350 'landing_rev': repo.landing_rev,
2351 'owner': repo.user.username,
2351 'owner': repo.user.username,
2352 'fork_of': repo.fork.repo_name if repo.fork else None,
2352 'fork_of': repo.fork.repo_name if repo.fork else None,
2353 'fork_of_id': repo.fork.repo_id if repo.fork else None,
2353 'fork_of_id': repo.fork.repo_id if repo.fork else None,
2354 'enable_statistics': repo.enable_statistics,
2354 'enable_statistics': repo.enable_statistics,
2355 'enable_locking': repo.enable_locking,
2355 'enable_locking': repo.enable_locking,
2356 'enable_downloads': repo.enable_downloads,
2356 'enable_downloads': repo.enable_downloads,
2357 'last_changeset': repo.changeset_cache,
2357 'last_changeset': repo.changeset_cache,
2358 'locked_by': User.get(_user_id).get_api_data(
2358 'locked_by': User.get(_user_id).get_api_data(
2359 include_secrets=include_secrets) if _user_id else None,
2359 include_secrets=include_secrets) if _user_id else None,
2360 'locked_date': time_to_datetime(_time) if _time else None,
2360 'locked_date': time_to_datetime(_time) if _time else None,
2361 'lock_reason': _reason if _reason else None,
2361 'lock_reason': _reason if _reason else None,
2362 }
2362 }
2363
2363
2364 # TODO: mikhail: should be per-repo settings here
2364 # TODO: mikhail: should be per-repo settings here
2365 rc_config = SettingsModel().get_all_settings()
2365 rc_config = SettingsModel().get_all_settings()
2366 repository_fields = str2bool(
2366 repository_fields = str2bool(
2367 rc_config.get('rhodecode_repository_fields'))
2367 rc_config.get('rhodecode_repository_fields'))
2368 if repository_fields:
2368 if repository_fields:
2369 for f in self.extra_fields:
2369 for f in self.extra_fields:
2370 data[f.field_key_prefixed] = f.field_value
2370 data[f.field_key_prefixed] = f.field_value
2371
2371
2372 return data
2372 return data
2373
2373
2374 @classmethod
2374 @classmethod
2375 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2375 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2376 if not lock_time:
2376 if not lock_time:
2377 lock_time = time.time()
2377 lock_time = time.time()
2378 if not lock_reason:
2378 if not lock_reason:
2379 lock_reason = cls.LOCK_AUTOMATIC
2379 lock_reason = cls.LOCK_AUTOMATIC
2380 repo.locked = [user_id, lock_time, lock_reason]
2380 repo.locked = [user_id, lock_time, lock_reason]
2381 Session().add(repo)
2381 Session().add(repo)
2382 Session().commit()
2382 Session().commit()
2383
2383
2384 @classmethod
2384 @classmethod
2385 def unlock(cls, repo):
2385 def unlock(cls, repo):
2386 repo.locked = None
2386 repo.locked = None
2387 Session().add(repo)
2387 Session().add(repo)
2388 Session().commit()
2388 Session().commit()
2389
2389
2390 @classmethod
2390 @classmethod
2391 def getlock(cls, repo):
2391 def getlock(cls, repo):
2392 return repo.locked
2392 return repo.locked
2393
2393
2394 def get_locking_state(self, action, user_id, only_when_enabled=True):
2394 def get_locking_state(self, action, user_id, only_when_enabled=True):
2395 """
2395 """
2396 Checks locking on this repository, if locking is enabled and lock is
2396 Checks locking on this repository, if locking is enabled and lock is
2397 present returns a tuple of make_lock, locked, locked_by.
2397 present returns a tuple of make_lock, locked, locked_by.
2398 make_lock can have 3 states None (do nothing) True, make lock
2398 make_lock can have 3 states None (do nothing) True, make lock
2399 False release lock, This value is later propagated to hooks, which
2399 False release lock, This value is later propagated to hooks, which
2400 do the locking. Think about this as signals passed to hooks what to do.
2400 do the locking. Think about this as signals passed to hooks what to do.
2401
2401
2402 """
2402 """
2403 # TODO: johbo: This is part of the business logic and should be moved
2403 # TODO: johbo: This is part of the business logic and should be moved
2404 # into the RepositoryModel.
2404 # into the RepositoryModel.
2405
2405
2406 if action not in ('push', 'pull'):
2406 if action not in ('push', 'pull'):
2407 raise ValueError("Invalid action value: %s" % repr(action))
2407 raise ValueError("Invalid action value: %s" % repr(action))
2408
2408
2409 # defines if locked error should be thrown to user
2409 # defines if locked error should be thrown to user
2410 currently_locked = False
2410 currently_locked = False
2411 # defines if new lock should be made, tri-state
2411 # defines if new lock should be made, tri-state
2412 make_lock = None
2412 make_lock = None
2413 repo = self
2413 repo = self
2414 user = User.get(user_id)
2414 user = User.get(user_id)
2415
2415
2416 lock_info = repo.locked
2416 lock_info = repo.locked
2417
2417
2418 if repo and (repo.enable_locking or not only_when_enabled):
2418 if repo and (repo.enable_locking or not only_when_enabled):
2419 if action == 'push':
2419 if action == 'push':
2420 # check if it's already locked !, if it is compare users
2420 # check if it's already locked !, if it is compare users
2421 locked_by_user_id = lock_info[0]
2421 locked_by_user_id = lock_info[0]
2422 if user.user_id == locked_by_user_id:
2422 if user.user_id == locked_by_user_id:
2423 log.debug(
2423 log.debug(
2424 'Got `push` action from user %s, now unlocking', user)
2424 'Got `push` action from user %s, now unlocking', user)
2425 # unlock if we have push from user who locked
2425 # unlock if we have push from user who locked
2426 make_lock = False
2426 make_lock = False
2427 else:
2427 else:
2428 # we're not the same user who locked, ban with
2428 # we're not the same user who locked, ban with
2429 # code defined in settings (default is 423 HTTP Locked) !
2429 # code defined in settings (default is 423 HTTP Locked) !
2430 log.debug('Repo %s is currently locked by %s', repo, user)
2430 log.debug('Repo %s is currently locked by %s', repo, user)
2431 currently_locked = True
2431 currently_locked = True
2432 elif action == 'pull':
2432 elif action == 'pull':
2433 # [0] user [1] date
2433 # [0] user [1] date
2434 if lock_info[0] and lock_info[1]:
2434 if lock_info[0] and lock_info[1]:
2435 log.debug('Repo %s is currently locked by %s', repo, user)
2435 log.debug('Repo %s is currently locked by %s', repo, user)
2436 currently_locked = True
2436 currently_locked = True
2437 else:
2437 else:
2438 log.debug('Setting lock on repo %s by %s', repo, user)
2438 log.debug('Setting lock on repo %s by %s', repo, user)
2439 make_lock = True
2439 make_lock = True
2440
2440
2441 else:
2441 else:
2442 log.debug('Repository %s do not have locking enabled', repo)
2442 log.debug('Repository %s do not have locking enabled', repo)
2443
2443
2444 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2444 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2445 make_lock, currently_locked, lock_info)
2445 make_lock, currently_locked, lock_info)
2446
2446
2447 from rhodecode.lib.auth import HasRepoPermissionAny
2447 from rhodecode.lib.auth import HasRepoPermissionAny
2448 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2448 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2449 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2449 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2450 # if we don't have at least write permission we cannot make a lock
2450 # if we don't have at least write permission we cannot make a lock
2451 log.debug('lock state reset back to FALSE due to lack '
2451 log.debug('lock state reset back to FALSE due to lack '
2452 'of at least read permission')
2452 'of at least read permission')
2453 make_lock = False
2453 make_lock = False
2454
2454
2455 return make_lock, currently_locked, lock_info
2455 return make_lock, currently_locked, lock_info
2456
2456
2457 @property
2457 @property
2458 def last_commit_cache_update_diff(self):
2458 def last_commit_cache_update_diff(self):
2459 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
2459 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
2460
2460
2461 @classmethod
2461 @classmethod
2462 def _load_commit_change(cls, last_commit_cache):
2462 def _load_commit_change(cls, last_commit_cache):
2463 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2463 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2464 empty_date = datetime.datetime.fromtimestamp(0)
2464 empty_date = datetime.datetime.fromtimestamp(0)
2465 date_latest = last_commit_cache.get('date', empty_date)
2465 date_latest = last_commit_cache.get('date', empty_date)
2466 try:
2466 try:
2467 return parse_datetime(date_latest)
2467 return parse_datetime(date_latest)
2468 except Exception:
2468 except Exception:
2469 return empty_date
2469 return empty_date
2470
2470
2471 @property
2471 @property
2472 def last_commit_change(self):
2472 def last_commit_change(self):
2473 return self._load_commit_change(self.changeset_cache)
2473 return self._load_commit_change(self.changeset_cache)
2474
2474
2475 @property
2475 @property
2476 def last_db_change(self):
2476 def last_db_change(self):
2477 return self.updated_on
2477 return self.updated_on
2478
2478
2479 @property
2479 @property
2480 def clone_uri_hidden(self):
2480 def clone_uri_hidden(self):
2481 clone_uri = self.clone_uri
2481 clone_uri = self.clone_uri
2482 if clone_uri:
2482 if clone_uri:
2483 import urlobject
2483 import urlobject
2484 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2484 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2485 if url_obj.password:
2485 if url_obj.password:
2486 clone_uri = url_obj.with_password('*****')
2486 clone_uri = url_obj.with_password('*****')
2487 return clone_uri
2487 return clone_uri
2488
2488
2489 @property
2489 @property
2490 def push_uri_hidden(self):
2490 def push_uri_hidden(self):
2491 push_uri = self.push_uri
2491 push_uri = self.push_uri
2492 if push_uri:
2492 if push_uri:
2493 import urlobject
2493 import urlobject
2494 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2494 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2495 if url_obj.password:
2495 if url_obj.password:
2496 push_uri = url_obj.with_password('*****')
2496 push_uri = url_obj.with_password('*****')
2497 return push_uri
2497 return push_uri
2498
2498
2499 def clone_url(self, **override):
2499 def clone_url(self, **override):
2500 from rhodecode.model.settings import SettingsModel
2500 from rhodecode.model.settings import SettingsModel
2501
2501
2502 uri_tmpl = None
2502 uri_tmpl = None
2503 if 'with_id' in override:
2503 if 'with_id' in override:
2504 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2504 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2505 del override['with_id']
2505 del override['with_id']
2506
2506
2507 if 'uri_tmpl' in override:
2507 if 'uri_tmpl' in override:
2508 uri_tmpl = override['uri_tmpl']
2508 uri_tmpl = override['uri_tmpl']
2509 del override['uri_tmpl']
2509 del override['uri_tmpl']
2510
2510
2511 ssh = False
2511 ssh = False
2512 if 'ssh' in override:
2512 if 'ssh' in override:
2513 ssh = True
2513 ssh = True
2514 del override['ssh']
2514 del override['ssh']
2515
2515
2516 # we didn't override our tmpl from **overrides
2516 # we didn't override our tmpl from **overrides
2517 request = get_current_request()
2517 request = get_current_request()
2518 if not uri_tmpl:
2518 if not uri_tmpl:
2519 if hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):
2519 if hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):
2520 rc_config = request.call_context.rc_config
2520 rc_config = request.call_context.rc_config
2521 else:
2521 else:
2522 rc_config = SettingsModel().get_all_settings(cache=True)
2522 rc_config = SettingsModel().get_all_settings(cache=True)
2523
2523
2524 if ssh:
2524 if ssh:
2525 uri_tmpl = rc_config.get(
2525 uri_tmpl = rc_config.get(
2526 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2526 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2527
2527
2528 else:
2528 else:
2529 uri_tmpl = rc_config.get(
2529 uri_tmpl = rc_config.get(
2530 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2530 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2531
2531
2532 return get_clone_url(request=request,
2532 return get_clone_url(request=request,
2533 uri_tmpl=uri_tmpl,
2533 uri_tmpl=uri_tmpl,
2534 repo_name=self.repo_name,
2534 repo_name=self.repo_name,
2535 repo_id=self.repo_id,
2535 repo_id=self.repo_id,
2536 repo_type=self.repo_type,
2536 repo_type=self.repo_type,
2537 **override)
2537 **override)
2538
2538
2539 def set_state(self, state):
2539 def set_state(self, state):
2540 self.repo_state = state
2540 self.repo_state = state
2541 Session().add(self)
2541 Session().add(self)
2542 #==========================================================================
2542 #==========================================================================
2543 # SCM PROPERTIES
2543 # SCM PROPERTIES
2544 #==========================================================================
2544 #==========================================================================
2545
2545
2546 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None, maybe_unreachable=False, reference_obj=None):
2546 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None, maybe_unreachable=False, reference_obj=None):
2547 return get_commit_safe(
2547 return get_commit_safe(
2548 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load,
2548 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load,
2549 maybe_unreachable=maybe_unreachable, reference_obj=reference_obj)
2549 maybe_unreachable=maybe_unreachable, reference_obj=reference_obj)
2550
2550
2551 def get_changeset(self, rev=None, pre_load=None):
2551 def get_changeset(self, rev=None, pre_load=None):
2552 warnings.warn("Use get_commit", DeprecationWarning)
2552 warnings.warn("Use get_commit", DeprecationWarning)
2553 commit_id = None
2553 commit_id = None
2554 commit_idx = None
2554 commit_idx = None
2555 if isinstance(rev, str):
2555 if isinstance(rev, str):
2556 commit_id = rev
2556 commit_id = rev
2557 else:
2557 else:
2558 commit_idx = rev
2558 commit_idx = rev
2559 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2559 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2560 pre_load=pre_load)
2560 pre_load=pre_load)
2561
2561
2562 def get_landing_commit(self):
2562 def get_landing_commit(self):
2563 """
2563 """
2564 Returns landing commit, or if that doesn't exist returns the tip
2564 Returns landing commit, or if that doesn't exist returns the tip
2565 """
2565 """
2566 _rev_type, _rev = self.landing_rev
2566 _rev_type, _rev = self.landing_rev
2567 commit = self.get_commit(_rev)
2567 commit = self.get_commit(_rev)
2568 if isinstance(commit, EmptyCommit):
2568 if isinstance(commit, EmptyCommit):
2569 return self.get_commit()
2569 return self.get_commit()
2570 return commit
2570 return commit
2571
2571
2572 def flush_commit_cache(self):
2572 def flush_commit_cache(self):
2573 self.update_commit_cache(cs_cache={'raw_id':'0'})
2573 self.update_commit_cache(cs_cache={'raw_id':'0'})
2574 self.update_commit_cache()
2574 self.update_commit_cache()
2575
2575
2576 def update_commit_cache(self, cs_cache=None, config=None):
2576 def update_commit_cache(self, cs_cache=None, config=None):
2577 """
2577 """
2578 Update cache of last commit for repository
2578 Update cache of last commit for repository
2579 cache_keys should be::
2579 cache_keys should be::
2580
2580
2581 source_repo_id
2581 source_repo_id
2582 short_id
2582 short_id
2583 raw_id
2583 raw_id
2584 revision
2584 revision
2585 parents
2585 parents
2586 message
2586 message
2587 date
2587 date
2588 author
2588 author
2589 updated_on
2589 updated_on
2590
2590
2591 """
2591 """
2592 from rhodecode.lib.vcs.backends.base import BaseCommit
2592 from rhodecode.lib.vcs.backends.base import BaseCommit
2593 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2593 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2594 empty_date = datetime.datetime.fromtimestamp(0)
2594 empty_date = datetime.datetime.fromtimestamp(0)
2595 repo_commit_count = 0
2595 repo_commit_count = 0
2596
2596
2597 if cs_cache is None:
2597 if cs_cache is None:
2598 # use no-cache version here
2598 # use no-cache version here
2599 try:
2599 try:
2600 scm_repo = self.scm_instance(cache=False, config=config)
2600 scm_repo = self.scm_instance(cache=False, config=config)
2601 except VCSError:
2601 except VCSError:
2602 scm_repo = None
2602 scm_repo = None
2603 empty = scm_repo is None or scm_repo.is_empty()
2603 empty = scm_repo is None or scm_repo.is_empty()
2604
2604
2605 if not empty:
2605 if not empty:
2606 cs_cache = scm_repo.get_commit(
2606 cs_cache = scm_repo.get_commit(
2607 pre_load=["author", "date", "message", "parents", "branch"])
2607 pre_load=["author", "date", "message", "parents", "branch"])
2608 repo_commit_count = scm_repo.count()
2608 repo_commit_count = scm_repo.count()
2609 else:
2609 else:
2610 cs_cache = EmptyCommit()
2610 cs_cache = EmptyCommit()
2611
2611
2612 if isinstance(cs_cache, BaseCommit):
2612 if isinstance(cs_cache, BaseCommit):
2613 cs_cache = cs_cache.__json__()
2613 cs_cache = cs_cache.__json__()
2614
2614
2615 def is_outdated(new_cs_cache):
2615 def is_outdated(new_cs_cache):
2616 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2616 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2617 new_cs_cache['revision'] != self.changeset_cache['revision']):
2617 new_cs_cache['revision'] != self.changeset_cache['revision']):
2618 return True
2618 return True
2619 return False
2619 return False
2620
2620
2621 # check if we have maybe already latest cached revision
2621 # check if we have maybe already latest cached revision
2622 if is_outdated(cs_cache) or not self.changeset_cache:
2622 if is_outdated(cs_cache) or not self.changeset_cache:
2623 _current_datetime = datetime.datetime.utcnow()
2623 _current_datetime = datetime.datetime.utcnow()
2624 last_change = cs_cache.get('date') or _current_datetime
2624 last_change = cs_cache.get('date') or _current_datetime
2625 # we check if last update is newer than the new value
2625 # we check if last update is newer than the new value
2626 # if yes, we use the current timestamp instead. Imagine you get
2626 # if yes, we use the current timestamp instead. Imagine you get
2627 # old commit pushed 1y ago, we'd set last update 1y to ago.
2627 # old commit pushed 1y ago, we'd set last update 1y to ago.
2628 last_change_timestamp = datetime_to_time(last_change)
2628 last_change_timestamp = datetime_to_time(last_change)
2629 current_timestamp = datetime_to_time(last_change)
2629 current_timestamp = datetime_to_time(last_change)
2630 if last_change_timestamp > current_timestamp and not empty:
2630 if last_change_timestamp > current_timestamp and not empty:
2631 cs_cache['date'] = _current_datetime
2631 cs_cache['date'] = _current_datetime
2632
2632
2633 # also store size of repo
2633 # also store size of repo
2634 cs_cache['repo_commit_count'] = repo_commit_count
2634 cs_cache['repo_commit_count'] = repo_commit_count
2635
2635
2636 _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
2636 _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
2637 cs_cache['updated_on'] = time.time()
2637 cs_cache['updated_on'] = time.time()
2638 self.changeset_cache = cs_cache
2638 self.changeset_cache = cs_cache
2639 self.updated_on = last_change
2639 self.updated_on = last_change
2640 Session().add(self)
2640 Session().add(self)
2641 Session().commit()
2641 Session().commit()
2642
2642
2643 else:
2643 else:
2644 if empty:
2644 if empty:
2645 cs_cache = EmptyCommit().__json__()
2645 cs_cache = EmptyCommit().__json__()
2646 else:
2646 else:
2647 cs_cache = self.changeset_cache
2647 cs_cache = self.changeset_cache
2648
2648
2649 _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
2649 _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
2650
2650
2651 cs_cache['updated_on'] = time.time()
2651 cs_cache['updated_on'] = time.time()
2652 self.changeset_cache = cs_cache
2652 self.changeset_cache = cs_cache
2653 self.updated_on = _date_latest
2653 self.updated_on = _date_latest
2654 Session().add(self)
2654 Session().add(self)
2655 Session().commit()
2655 Session().commit()
2656
2656
2657 log.debug('updated repo `%s` with new commit cache %s, and last update_date: %s',
2657 log.debug('updated repo `%s` with new commit cache %s, and last update_date: %s',
2658 self.repo_name, cs_cache, _date_latest)
2658 self.repo_name, cs_cache, _date_latest)
2659
2659
2660 @property
2660 @property
2661 def tip(self):
2661 def tip(self):
2662 return self.get_commit('tip')
2662 return self.get_commit('tip')
2663
2663
2664 @property
2664 @property
2665 def author(self):
2665 def author(self):
2666 return self.tip.author
2666 return self.tip.author
2667
2667
2668 @property
2668 @property
2669 def last_change(self):
2669 def last_change(self):
2670 return self.scm_instance().last_change
2670 return self.scm_instance().last_change
2671
2671
2672 def get_comments(self, revisions=None):
2672 def get_comments(self, revisions=None):
2673 """
2673 """
2674 Returns comments for this repository grouped by revisions
2674 Returns comments for this repository grouped by revisions
2675
2675
2676 :param revisions: filter query by revisions only
2676 :param revisions: filter query by revisions only
2677 """
2677 """
2678 cmts = ChangesetComment.query()\
2678 cmts = ChangesetComment.query()\
2679 .filter(ChangesetComment.repo == self)
2679 .filter(ChangesetComment.repo == self)
2680 if revisions:
2680 if revisions:
2681 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2681 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2682 grouped = collections.defaultdict(list)
2682 grouped = collections.defaultdict(list)
2683 for cmt in cmts.all():
2683 for cmt in cmts.all():
2684 grouped[cmt.revision].append(cmt)
2684 grouped[cmt.revision].append(cmt)
2685 return grouped
2685 return grouped
2686
2686
2687 def statuses(self, revisions=None):
2687 def statuses(self, revisions=None):
2688 """
2688 """
2689 Returns statuses for this repository
2689 Returns statuses for this repository
2690
2690
2691 :param revisions: list of revisions to get statuses for
2691 :param revisions: list of revisions to get statuses for
2692 """
2692 """
2693 statuses = ChangesetStatus.query()\
2693 statuses = ChangesetStatus.query()\
2694 .filter(ChangesetStatus.repo == self)\
2694 .filter(ChangesetStatus.repo == self)\
2695 .filter(ChangesetStatus.version == 0)
2695 .filter(ChangesetStatus.version == 0)
2696
2696
2697 if revisions:
2697 if revisions:
2698 # Try doing the filtering in chunks to avoid hitting limits
2698 # Try doing the filtering in chunks to avoid hitting limits
2699 size = 500
2699 size = 500
2700 status_results = []
2700 status_results = []
2701 for chunk in range(0, len(revisions), size):
2701 for chunk in range(0, len(revisions), size):
2702 status_results += statuses.filter(
2702 status_results += statuses.filter(
2703 ChangesetStatus.revision.in_(
2703 ChangesetStatus.revision.in_(
2704 revisions[chunk: chunk+size])
2704 revisions[chunk: chunk+size])
2705 ).all()
2705 ).all()
2706 else:
2706 else:
2707 status_results = statuses.all()
2707 status_results = statuses.all()
2708
2708
2709 grouped = {}
2709 grouped = {}
2710
2710
2711 # maybe we have open new pullrequest without a status?
2711 # maybe we have open new pullrequest without a status?
2712 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2712 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2713 status_lbl = ChangesetStatus.get_status_lbl(stat)
2713 status_lbl = ChangesetStatus.get_status_lbl(stat)
2714 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2714 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2715 for rev in pr.revisions:
2715 for rev in pr.revisions:
2716 pr_id = pr.pull_request_id
2716 pr_id = pr.pull_request_id
2717 pr_repo = pr.target_repo.repo_name
2717 pr_repo = pr.target_repo.repo_name
2718 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2718 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2719
2719
2720 for stat in status_results:
2720 for stat in status_results:
2721 pr_id = pr_repo = None
2721 pr_id = pr_repo = None
2722 if stat.pull_request:
2722 if stat.pull_request:
2723 pr_id = stat.pull_request.pull_request_id
2723 pr_id = stat.pull_request.pull_request_id
2724 pr_repo = stat.pull_request.target_repo.repo_name
2724 pr_repo = stat.pull_request.target_repo.repo_name
2725 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2725 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2726 pr_id, pr_repo]
2726 pr_id, pr_repo]
2727 return grouped
2727 return grouped
2728
2728
2729 # ==========================================================================
2729 # ==========================================================================
2730 # SCM CACHE INSTANCE
2730 # SCM CACHE INSTANCE
2731 # ==========================================================================
2731 # ==========================================================================
2732
2732
2733 def scm_instance(self, **kwargs):
2733 def scm_instance(self, **kwargs):
2734 import rhodecode
2734 import rhodecode
2735
2735
2736 # Passing a config will not hit the cache currently only used
2736 # Passing a config will not hit the cache currently only used
2737 # for repo2dbmapper
2737 # for repo2dbmapper
2738 config = kwargs.pop('config', None)
2738 config = kwargs.pop('config', None)
2739 cache = kwargs.pop('cache', None)
2739 cache = kwargs.pop('cache', None)
2740 vcs_full_cache = kwargs.pop('vcs_full_cache', None)
2740 vcs_full_cache = kwargs.pop('vcs_full_cache', None)
2741 if vcs_full_cache is not None:
2741 if vcs_full_cache is not None:
2742 # allows override global config
2742 # allows override global config
2743 full_cache = vcs_full_cache
2743 full_cache = vcs_full_cache
2744 else:
2744 else:
2745 full_cache = rhodecode.ConfigGet().get_bool('vcs_full_cache')
2745 full_cache = rhodecode.ConfigGet().get_bool('vcs_full_cache')
2746 # if cache is NOT defined use default global, else we have a full
2746 # if cache is NOT defined use default global, else we have a full
2747 # control over cache behaviour
2747 # control over cache behaviour
2748 if cache is None and full_cache and not config:
2748 if cache is None and full_cache and not config:
2749 log.debug('Initializing pure cached instance for %s', self.repo_path)
2749 log.debug('Initializing pure cached instance for %s', self.repo_path)
2750 return self._get_instance_cached()
2750 return self._get_instance_cached()
2751
2751
2752 # cache here is sent to the "vcs server"
2752 # cache here is sent to the "vcs server"
2753 return self._get_instance(cache=bool(cache), config=config)
2753 return self._get_instance(cache=bool(cache), config=config)
2754
2754
2755 def _get_instance_cached(self):
2755 def _get_instance_cached(self):
2756 from rhodecode.lib import rc_cache
2756 from rhodecode.lib import rc_cache
2757
2757
2758 cache_namespace_uid = f'repo_instance.{self.repo_id}'
2758 cache_namespace_uid = f'repo_instance.{self.repo_id}'
2759 region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
2759 region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
2760
2760
2761 # we must use thread scoped cache here,
2761 # we must use thread scoped cache here,
2762 # because each thread of gevent needs it's own not shared connection and cache
2762 # because each thread of gevent needs it's own not shared connection and cache
2763 # we also alter `args` so the cache key is individual for every green thread.
2763 # we also alter `args` so the cache key is individual for every green thread.
2764 repo_namespace_key = CacheKey.REPO_INVALIDATION_NAMESPACE.format(repo_id=self.repo_id)
2764 repo_namespace_key = CacheKey.REPO_INVALIDATION_NAMESPACE.format(repo_id=self.repo_id)
2765 inv_context_manager = rc_cache.InvalidationContext(key=repo_namespace_key, thread_scoped=True)
2765 inv_context_manager = rc_cache.InvalidationContext(key=repo_namespace_key, thread_scoped=True)
2766
2766
2767 # our wrapped caching function that takes state_uid to save the previous state in
2767 # our wrapped caching function that takes state_uid to save the previous state in
2768 def cache_generator(_state_uid):
2768 def cache_generator(_state_uid):
2769
2769
2770 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
2770 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
2771 def get_instance_cached(_repo_id, _process_context_id):
2771 def get_instance_cached(_repo_id, _process_context_id):
2772 # we save in cached func the generation state so we can detect a change and invalidate caches
2772 # we save in cached func the generation state so we can detect a change and invalidate caches
2773 return _state_uid, self._get_instance(repo_state_uid=_state_uid)
2773 return _state_uid, self._get_instance(repo_state_uid=_state_uid)
2774
2774
2775 return get_instance_cached
2775 return get_instance_cached
2776
2776
2777 with inv_context_manager as invalidation_context:
2777 with inv_context_manager as invalidation_context:
2778 cache_state_uid = invalidation_context.state_uid
2778 cache_state_uid = invalidation_context.state_uid
2779 cache_func = cache_generator(cache_state_uid)
2779 cache_func = cache_generator(cache_state_uid)
2780
2780
2781 args = self.repo_id, inv_context_manager.proc_key
2781 args = self.repo_id, inv_context_manager.proc_key
2782
2782
2783 previous_state_uid, instance = cache_func(*args)
2783 previous_state_uid, instance = cache_func(*args)
2784
2784
2785 # now compare keys, the "cache" state vs expected state.
2785 # now compare keys, the "cache" state vs expected state.
2786 if previous_state_uid != cache_state_uid:
2786 if previous_state_uid != cache_state_uid:
2787 log.warning('Cached state uid %s is different than current state uid %s',
2787 log.warning('Cached state uid %s is different than current state uid %s',
2788 previous_state_uid, cache_state_uid)
2788 previous_state_uid, cache_state_uid)
2789 _, instance = cache_func.refresh(*args)
2789 _, instance = cache_func.refresh(*args)
2790
2790
2791 log.debug('Repo instance fetched in %.4fs', inv_context_manager.compute_time)
2791 log.debug('Repo instance fetched in %.4fs', inv_context_manager.compute_time)
2792 return instance
2792 return instance
2793
2793
2794 def _get_instance(self, cache=True, config=None, repo_state_uid=None):
2794 def _get_instance(self, cache=True, config=None, repo_state_uid=None):
2795 log.debug('Initializing %s instance `%s` with cache flag set to: %s',
2795 log.debug('Initializing %s instance `%s` with cache flag set to: %s',
2796 self.repo_type, self.repo_path, cache)
2796 self.repo_type, self.repo_path, cache)
2797 config = config or self._config
2797 config = config or self._config
2798 custom_wire = {
2798 custom_wire = {
2799 'cache': cache, # controls the vcs.remote cache
2799 'cache': cache, # controls the vcs.remote cache
2800 'repo_state_uid': repo_state_uid
2800 'repo_state_uid': repo_state_uid
2801 }
2801 }
2802
2802
2803 repo = get_vcs_instance(
2803 repo = get_vcs_instance(
2804 repo_path=safe_str(self.repo_full_path),
2804 repo_path=safe_str(self.repo_full_path),
2805 config=config,
2805 config=config,
2806 with_wire=custom_wire,
2806 with_wire=custom_wire,
2807 create=False,
2807 create=False,
2808 _vcs_alias=self.repo_type)
2808 _vcs_alias=self.repo_type)
2809 if repo is not None:
2809 if repo is not None:
2810 repo.count() # cache rebuild
2810 repo.count() # cache rebuild
2811
2811
2812 return repo
2812 return repo
2813
2813
2814 def get_shadow_repository_path(self, workspace_id):
2814 def get_shadow_repository_path(self, workspace_id):
2815 from rhodecode.lib.vcs.backends.base import BaseRepository
2815 from rhodecode.lib.vcs.backends.base import BaseRepository
2816 shadow_repo_path = BaseRepository._get_shadow_repository_path(
2816 shadow_repo_path = BaseRepository._get_shadow_repository_path(
2817 self.repo_full_path, self.repo_id, workspace_id)
2817 self.repo_full_path, self.repo_id, workspace_id)
2818 return shadow_repo_path
2818 return shadow_repo_path
2819
2819
2820 def __json__(self):
2820 def __json__(self):
2821 return {'landing_rev': self.landing_rev}
2821 return {'landing_rev': self.landing_rev}
2822
2822
2823 def get_dict(self):
2823 def get_dict(self):
2824
2824
2825 # Since we transformed `repo_name` to a hybrid property, we need to
2825 # Since we transformed `repo_name` to a hybrid property, we need to
2826 # keep compatibility with the code which uses `repo_name` field.
2826 # keep compatibility with the code which uses `repo_name` field.
2827
2827
2828 result = super(Repository, self).get_dict()
2828 result = super(Repository, self).get_dict()
2829 result['repo_name'] = result.pop('_repo_name', None)
2829 result['repo_name'] = result.pop('_repo_name', None)
2830 result.pop('_changeset_cache', '')
2830 result.pop('_changeset_cache', '')
2831 return result
2831 return result
2832
2832
2833
2833
2834 class RepoGroup(Base, BaseModel):
2834 class RepoGroup(Base, BaseModel):
2835 __tablename__ = 'groups'
2835 __tablename__ = 'groups'
2836 __table_args__ = (
2836 __table_args__ = (
2837 UniqueConstraint('group_name', 'group_parent_id'),
2837 UniqueConstraint('group_name', 'group_parent_id'),
2838 base_table_args,
2838 base_table_args,
2839 )
2839 )
2840
2840
2841 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2841 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2842
2842
2843 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2843 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2844 _group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2844 _group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2845 group_name_hash = Column("repo_group_name_hash", String(1024), nullable=False, unique=False)
2845 group_name_hash = Column("repo_group_name_hash", String(1024), nullable=False, unique=False)
2846 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2846 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2847 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2847 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2848 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2848 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2849 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2849 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2850 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2850 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2851 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2851 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2852 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2852 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2853 _changeset_cache = Column("changeset_cache", LargeBinary(), nullable=True) # JSON data
2853 _changeset_cache = Column("changeset_cache", LargeBinary(), nullable=True) # JSON data
2854
2854
2855 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id', back_populates='group')
2855 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id', back_populates='group')
2856 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all', back_populates='group')
2856 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all', back_populates='group')
2857 parent_group = relationship('RepoGroup', remote_side=group_id)
2857 parent_group = relationship('RepoGroup', remote_side=group_id)
2858 user = relationship('User', back_populates='repository_groups')
2858 user = relationship('User', back_populates='repository_groups')
2859 integrations = relationship('Integration', cascade="all, delete-orphan", back_populates='repo_group')
2859 integrations = relationship('Integration', cascade="all, delete-orphan", back_populates='repo_group')
2860
2860
2861 # no cascade, set NULL
2861 # no cascade, set NULL
2862 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_group_id==RepoGroup.group_id', viewonly=True)
2862 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_group_id==RepoGroup.group_id', viewonly=True)
2863
2863
2864 def __init__(self, group_name='', parent_group=None):
2864 def __init__(self, group_name='', parent_group=None):
2865 self.group_name = group_name
2865 self.group_name = group_name
2866 self.parent_group = parent_group
2866 self.parent_group = parent_group
2867
2867
2868 def __repr__(self):
2868 def __repr__(self):
2869 return f"<{self.cls_name}('id:{self.group_id}:{self.group_name}')>"
2869 return f"<{self.cls_name}('id:{self.group_id}:{self.group_name}')>"
2870
2870
2871 @hybrid_property
2871 @hybrid_property
2872 def group_name(self):
2872 def group_name(self):
2873 return self._group_name
2873 return self._group_name
2874
2874
2875 @group_name.setter
2875 @group_name.setter
2876 def group_name(self, value):
2876 def group_name(self, value):
2877 self._group_name = value
2877 self._group_name = value
2878 self.group_name_hash = self.hash_repo_group_name(value)
2878 self.group_name_hash = self.hash_repo_group_name(value)
2879
2879
2880 @classmethod
2880 @classmethod
2881 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
2881 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
2882 from rhodecode.lib.vcs.backends.base import EmptyCommit
2882 from rhodecode.lib.vcs.backends.base import EmptyCommit
2883 dummy = EmptyCommit().__json__()
2883 dummy = EmptyCommit().__json__()
2884 if not changeset_cache_raw:
2884 if not changeset_cache_raw:
2885 dummy['source_repo_id'] = repo_id
2885 dummy['source_repo_id'] = repo_id
2886 return json.loads(json.dumps(dummy))
2886 return json.loads(json.dumps(dummy))
2887
2887
2888 try:
2888 try:
2889 return json.loads(changeset_cache_raw)
2889 return json.loads(changeset_cache_raw)
2890 except TypeError:
2890 except TypeError:
2891 return dummy
2891 return dummy
2892 except Exception:
2892 except Exception:
2893 log.error(traceback.format_exc())
2893 log.error(traceback.format_exc())
2894 return dummy
2894 return dummy
2895
2895
2896 @hybrid_property
2896 @hybrid_property
2897 def changeset_cache(self):
2897 def changeset_cache(self):
2898 return self._load_changeset_cache('', self._changeset_cache)
2898 return self._load_changeset_cache('', self._changeset_cache)
2899
2899
2900 @changeset_cache.setter
2900 @changeset_cache.setter
2901 def changeset_cache(self, val):
2901 def changeset_cache(self, val):
2902 try:
2902 try:
2903 self._changeset_cache = json.dumps(val)
2903 self._changeset_cache = json.dumps(val)
2904 except Exception:
2904 except Exception:
2905 log.error(traceback.format_exc())
2905 log.error(traceback.format_exc())
2906
2906
2907 @validates('group_parent_id')
2907 @validates('group_parent_id')
2908 def validate_group_parent_id(self, key, val):
2908 def validate_group_parent_id(self, key, val):
2909 """
2909 """
2910 Check cycle references for a parent group to self
2910 Check cycle references for a parent group to self
2911 """
2911 """
2912 if self.group_id and val:
2912 if self.group_id and val:
2913 assert val != self.group_id
2913 assert val != self.group_id
2914
2914
2915 return val
2915 return val
2916
2916
2917 @hybrid_property
2917 @hybrid_property
2918 def description_safe(self):
2918 def description_safe(self):
2919 from rhodecode.lib import helpers as h
2919 from rhodecode.lib import helpers as h
2920 return h.escape(self.group_description)
2920 return h.escape(self.group_description)
2921
2921
2922 @classmethod
2922 @classmethod
2923 def hash_repo_group_name(cls, repo_group_name):
2923 def hash_repo_group_name(cls, repo_group_name):
2924 val = remove_formatting(repo_group_name)
2924 val = remove_formatting(repo_group_name)
2925 val = safe_str(val).lower()
2925 val = safe_str(val).lower()
2926 chars = []
2926 chars = []
2927 for c in val:
2927 for c in val:
2928 if c not in string.ascii_letters:
2928 if c not in string.ascii_letters:
2929 c = str(ord(c))
2929 c = str(ord(c))
2930 chars.append(c)
2930 chars.append(c)
2931
2931
2932 return ''.join(chars)
2932 return ''.join(chars)
2933
2933
2934 @classmethod
2934 @classmethod
2935 def _generate_choice(cls, repo_group):
2935 def _generate_choice(cls, repo_group):
2936 from webhelpers2.html import literal as _literal
2936 from webhelpers2.html import literal as _literal
2937
2937
2938 def _name(k):
2938 def _name(k):
2939 return _literal(cls.CHOICES_SEPARATOR.join(k))
2939 return _literal(cls.CHOICES_SEPARATOR.join(k))
2940
2940
2941 return repo_group.group_id, _name(repo_group.full_path_splitted)
2941 return repo_group.group_id, _name(repo_group.full_path_splitted)
2942
2942
2943 @classmethod
2943 @classmethod
2944 def groups_choices(cls, groups=None, show_empty_group=True):
2944 def groups_choices(cls, groups=None, show_empty_group=True):
2945 if not groups:
2945 if not groups:
2946 groups = cls.query().all()
2946 groups = cls.query().all()
2947
2947
2948 repo_groups = []
2948 repo_groups = []
2949 if show_empty_group:
2949 if show_empty_group:
2950 repo_groups = [(-1, '-- %s --' % _('No parent'))]
2950 repo_groups = [(-1, '-- %s --' % _('No parent'))]
2951
2951
2952 repo_groups.extend([cls._generate_choice(x) for x in groups])
2952 repo_groups.extend([cls._generate_choice(x) for x in groups])
2953
2953
2954 repo_groups = sorted(
2954 repo_groups = sorted(
2955 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2955 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2956 return repo_groups
2956 return repo_groups
2957
2957
2958 @classmethod
2958 @classmethod
2959 def url_sep(cls):
2959 def url_sep(cls):
2960 return URL_SEP
2960 return URL_SEP
2961
2961
2962 @classmethod
2962 @classmethod
2963 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2963 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2964 if case_insensitive:
2964 if case_insensitive:
2965 gr = cls.query().filter(func.lower(cls.group_name)
2965 gr = cls.query().filter(func.lower(cls.group_name)
2966 == func.lower(group_name))
2966 == func.lower(group_name))
2967 else:
2967 else:
2968 gr = cls.query().filter(cls.group_name == group_name)
2968 gr = cls.query().filter(cls.group_name == group_name)
2969 if cache:
2969 if cache:
2970 name_key = _hash_key(group_name)
2970 name_key = _hash_key(group_name)
2971 gr = gr.options(
2971 gr = gr.options(
2972 FromCache("sql_cache_short", f"get_group_{name_key}"))
2972 FromCache("sql_cache_short", f"get_group_{name_key}"))
2973 return gr.scalar()
2973 return gr.scalar()
2974
2974
2975 @classmethod
2975 @classmethod
2976 def get_user_personal_repo_group(cls, user_id):
2976 def get_user_personal_repo_group(cls, user_id):
2977 user = User.get(user_id)
2977 user = User.get(user_id)
2978 if user.username == User.DEFAULT_USER:
2978 if user.username == User.DEFAULT_USER:
2979 return None
2979 return None
2980
2980
2981 return cls.query()\
2981 return cls.query()\
2982 .filter(cls.personal == true()) \
2982 .filter(cls.personal == true()) \
2983 .filter(cls.user == user) \
2983 .filter(cls.user == user) \
2984 .order_by(cls.group_id.asc()) \
2984 .order_by(cls.group_id.asc()) \
2985 .first()
2985 .first()
2986
2986
2987 @classmethod
2987 @classmethod
2988 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2988 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2989 case_insensitive=True):
2989 case_insensitive=True):
2990 q = RepoGroup.query()
2990 q = RepoGroup.query()
2991
2991
2992 if not isinstance(user_id, Optional):
2992 if not isinstance(user_id, Optional):
2993 q = q.filter(RepoGroup.user_id == user_id)
2993 q = q.filter(RepoGroup.user_id == user_id)
2994
2994
2995 if not isinstance(group_id, Optional):
2995 if not isinstance(group_id, Optional):
2996 q = q.filter(RepoGroup.group_parent_id == group_id)
2996 q = q.filter(RepoGroup.group_parent_id == group_id)
2997
2997
2998 if case_insensitive:
2998 if case_insensitive:
2999 q = q.order_by(func.lower(RepoGroup.group_name))
2999 q = q.order_by(func.lower(RepoGroup.group_name))
3000 else:
3000 else:
3001 q = q.order_by(RepoGroup.group_name)
3001 q = q.order_by(RepoGroup.group_name)
3002 return q.all()
3002 return q.all()
3003
3003
3004 @property
3004 @property
3005 def parents(self, parents_recursion_limit=10):
3005 def parents(self, parents_recursion_limit=10):
3006 groups = []
3006 groups = []
3007 if self.parent_group is None:
3007 if self.parent_group is None:
3008 return groups
3008 return groups
3009 cur_gr = self.parent_group
3009 cur_gr = self.parent_group
3010 groups.insert(0, cur_gr)
3010 groups.insert(0, cur_gr)
3011 cnt = 0
3011 cnt = 0
3012 while 1:
3012 while 1:
3013 cnt += 1
3013 cnt += 1
3014 gr = getattr(cur_gr, 'parent_group', None)
3014 gr = getattr(cur_gr, 'parent_group', None)
3015 cur_gr = cur_gr.parent_group
3015 cur_gr = cur_gr.parent_group
3016 if gr is None:
3016 if gr is None:
3017 break
3017 break
3018 if cnt == parents_recursion_limit:
3018 if cnt == parents_recursion_limit:
3019 # this will prevent accidental infinit loops
3019 # this will prevent accidental infinit loops
3020 log.error('more than %s parents found for group %s, stopping '
3020 log.error('more than %s parents found for group %s, stopping '
3021 'recursive parent fetching', parents_recursion_limit, self)
3021 'recursive parent fetching', parents_recursion_limit, self)
3022 break
3022 break
3023
3023
3024 groups.insert(0, gr)
3024 groups.insert(0, gr)
3025 return groups
3025 return groups
3026
3026
3027 @property
3027 @property
3028 def last_commit_cache_update_diff(self):
3028 def last_commit_cache_update_diff(self):
3029 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
3029 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
3030
3030
3031 @classmethod
3031 @classmethod
3032 def _load_commit_change(cls, last_commit_cache):
3032 def _load_commit_change(cls, last_commit_cache):
3033 from rhodecode.lib.vcs.utils.helpers import parse_datetime
3033 from rhodecode.lib.vcs.utils.helpers import parse_datetime
3034 empty_date = datetime.datetime.fromtimestamp(0)
3034 empty_date = datetime.datetime.fromtimestamp(0)
3035 date_latest = last_commit_cache.get('date', empty_date)
3035 date_latest = last_commit_cache.get('date', empty_date)
3036 try:
3036 try:
3037 return parse_datetime(date_latest)
3037 return parse_datetime(date_latest)
3038 except Exception:
3038 except Exception:
3039 return empty_date
3039 return empty_date
3040
3040
3041 @property
3041 @property
3042 def last_commit_change(self):
3042 def last_commit_change(self):
3043 return self._load_commit_change(self.changeset_cache)
3043 return self._load_commit_change(self.changeset_cache)
3044
3044
3045 @property
3045 @property
3046 def last_db_change(self):
3046 def last_db_change(self):
3047 return self.updated_on
3047 return self.updated_on
3048
3048
3049 @property
3049 @property
3050 def children(self):
3050 def children(self):
3051 return RepoGroup.query().filter(RepoGroup.parent_group == self)
3051 return RepoGroup.query().filter(RepoGroup.parent_group == self)
3052
3052
3053 @property
3053 @property
3054 def name(self):
3054 def name(self):
3055 return self.group_name.split(RepoGroup.url_sep())[-1]
3055 return self.group_name.split(RepoGroup.url_sep())[-1]
3056
3056
3057 @property
3057 @property
3058 def full_path(self):
3058 def full_path(self):
3059 return self.group_name
3059 return self.group_name
3060
3060
3061 @property
3061 @property
3062 def full_path_splitted(self):
3062 def full_path_splitted(self):
3063 return self.group_name.split(RepoGroup.url_sep())
3063 return self.group_name.split(RepoGroup.url_sep())
3064
3064
3065 @property
3065 @property
3066 def repositories(self):
3066 def repositories(self):
3067 return Repository.query()\
3067 return Repository.query()\
3068 .filter(Repository.group == self)\
3068 .filter(Repository.group == self)\
3069 .order_by(Repository.repo_name)
3069 .order_by(Repository.repo_name)
3070
3070
3071 @property
3071 @property
3072 def repositories_recursive_count(self):
3072 def repositories_recursive_count(self):
3073 cnt = self.repositories.count()
3073 cnt = self.repositories.count()
3074
3074
3075 def children_count(group):
3075 def children_count(group):
3076 cnt = 0
3076 cnt = 0
3077 for child in group.children:
3077 for child in group.children:
3078 cnt += child.repositories.count()
3078 cnt += child.repositories.count()
3079 cnt += children_count(child)
3079 cnt += children_count(child)
3080 return cnt
3080 return cnt
3081
3081
3082 return cnt + children_count(self)
3082 return cnt + children_count(self)
3083
3083
3084 def _recursive_objects(self, include_repos=True, include_groups=True):
3084 def _recursive_objects(self, include_repos=True, include_groups=True):
3085 all_ = []
3085 all_ = []
3086
3086
3087 def _get_members(root_gr):
3087 def _get_members(root_gr):
3088 if include_repos:
3088 if include_repos:
3089 for r in root_gr.repositories:
3089 for r in root_gr.repositories:
3090 all_.append(r)
3090 all_.append(r)
3091 childs = root_gr.children.all()
3091 childs = root_gr.children.all()
3092 if childs:
3092 if childs:
3093 for gr in childs:
3093 for gr in childs:
3094 if include_groups:
3094 if include_groups:
3095 all_.append(gr)
3095 all_.append(gr)
3096 _get_members(gr)
3096 _get_members(gr)
3097
3097
3098 root_group = []
3098 root_group = []
3099 if include_groups:
3099 if include_groups:
3100 root_group = [self]
3100 root_group = [self]
3101
3101
3102 _get_members(self)
3102 _get_members(self)
3103 return root_group + all_
3103 return root_group + all_
3104
3104
3105 def recursive_groups_and_repos(self):
3105 def recursive_groups_and_repos(self):
3106 """
3106 """
3107 Recursive return all groups, with repositories in those groups
3107 Recursive return all groups, with repositories in those groups
3108 """
3108 """
3109 return self._recursive_objects()
3109 return self._recursive_objects()
3110
3110
3111 def recursive_groups(self):
3111 def recursive_groups(self):
3112 """
3112 """
3113 Returns all children groups for this group including children of children
3113 Returns all children groups for this group including children of children
3114 """
3114 """
3115 return self._recursive_objects(include_repos=False)
3115 return self._recursive_objects(include_repos=False)
3116
3116
3117 def recursive_repos(self):
3117 def recursive_repos(self):
3118 """
3118 """
3119 Returns all children repositories for this group
3119 Returns all children repositories for this group
3120 """
3120 """
3121 return self._recursive_objects(include_groups=False)
3121 return self._recursive_objects(include_groups=False)
3122
3122
3123 def get_new_name(self, group_name):
3123 def get_new_name(self, group_name):
3124 """
3124 """
3125 returns new full group name based on parent and new name
3125 returns new full group name based on parent and new name
3126
3126
3127 :param group_name:
3127 :param group_name:
3128 """
3128 """
3129 path_prefix = (self.parent_group.full_path_splitted if
3129 path_prefix = (self.parent_group.full_path_splitted if
3130 self.parent_group else [])
3130 self.parent_group else [])
3131 return RepoGroup.url_sep().join(path_prefix + [group_name])
3131 return RepoGroup.url_sep().join(path_prefix + [group_name])
3132
3132
3133 def update_commit_cache(self, config=None):
3133 def update_commit_cache(self, config=None):
3134 """
3134 """
3135 Update cache of last commit for newest repository inside this repository group.
3135 Update cache of last commit for newest repository inside this repository group.
3136 cache_keys should be::
3136 cache_keys should be::
3137
3137
3138 source_repo_id
3138 source_repo_id
3139 short_id
3139 short_id
3140 raw_id
3140 raw_id
3141 revision
3141 revision
3142 parents
3142 parents
3143 message
3143 message
3144 date
3144 date
3145 author
3145 author
3146
3146
3147 """
3147 """
3148 from rhodecode.lib.vcs.utils.helpers import parse_datetime
3148 from rhodecode.lib.vcs.utils.helpers import parse_datetime
3149 empty_date = datetime.datetime.fromtimestamp(0)
3149 empty_date = datetime.datetime.fromtimestamp(0)
3150
3150
3151 def repo_groups_and_repos(root_gr):
3151 def repo_groups_and_repos(root_gr):
3152 for _repo in root_gr.repositories:
3152 for _repo in root_gr.repositories:
3153 yield _repo
3153 yield _repo
3154 for child_group in root_gr.children.all():
3154 for child_group in root_gr.children.all():
3155 yield child_group
3155 yield child_group
3156
3156
3157 latest_repo_cs_cache = {}
3157 latest_repo_cs_cache = {}
3158 for obj in repo_groups_and_repos(self):
3158 for obj in repo_groups_and_repos(self):
3159 repo_cs_cache = obj.changeset_cache
3159 repo_cs_cache = obj.changeset_cache
3160 date_latest = latest_repo_cs_cache.get('date', empty_date)
3160 date_latest = latest_repo_cs_cache.get('date', empty_date)
3161 date_current = repo_cs_cache.get('date', empty_date)
3161 date_current = repo_cs_cache.get('date', empty_date)
3162 current_timestamp = datetime_to_time(parse_datetime(date_latest))
3162 current_timestamp = datetime_to_time(parse_datetime(date_latest))
3163 if current_timestamp < datetime_to_time(parse_datetime(date_current)):
3163 if current_timestamp < datetime_to_time(parse_datetime(date_current)):
3164 latest_repo_cs_cache = repo_cs_cache
3164 latest_repo_cs_cache = repo_cs_cache
3165 if hasattr(obj, 'repo_id'):
3165 if hasattr(obj, 'repo_id'):
3166 latest_repo_cs_cache['source_repo_id'] = obj.repo_id
3166 latest_repo_cs_cache['source_repo_id'] = obj.repo_id
3167 else:
3167 else:
3168 latest_repo_cs_cache['source_repo_id'] = repo_cs_cache.get('source_repo_id')
3168 latest_repo_cs_cache['source_repo_id'] = repo_cs_cache.get('source_repo_id')
3169
3169
3170 _date_latest = parse_datetime(latest_repo_cs_cache.get('date') or empty_date)
3170 _date_latest = parse_datetime(latest_repo_cs_cache.get('date') or empty_date)
3171
3171
3172 latest_repo_cs_cache['updated_on'] = time.time()
3172 latest_repo_cs_cache['updated_on'] = time.time()
3173 self.changeset_cache = latest_repo_cs_cache
3173 self.changeset_cache = latest_repo_cs_cache
3174 self.updated_on = _date_latest
3174 self.updated_on = _date_latest
3175 Session().add(self)
3175 Session().add(self)
3176 Session().commit()
3176 Session().commit()
3177
3177
3178 log.debug('updated repo group `%s` with new commit cache %s, and last update_date: %s',
3178 log.debug('updated repo group `%s` with new commit cache %s, and last update_date: %s',
3179 self.group_name, latest_repo_cs_cache, _date_latest)
3179 self.group_name, latest_repo_cs_cache, _date_latest)
3180
3180
3181 def permissions(self, with_admins=True, with_owner=True,
3181 def permissions(self, with_admins=True, with_owner=True,
3182 expand_from_user_groups=False):
3182 expand_from_user_groups=False):
3183 """
3183 """
3184 Permissions for repository groups
3184 Permissions for repository groups
3185 """
3185 """
3186 _admin_perm = 'group.admin'
3186 _admin_perm = 'group.admin'
3187
3187
3188 owner_row = []
3188 owner_row = []
3189 if with_owner:
3189 if with_owner:
3190 usr = AttributeDict(self.user.get_dict())
3190 usr = AttributeDict(self.user.get_dict())
3191 usr.owner_row = True
3191 usr.owner_row = True
3192 usr.permission = _admin_perm
3192 usr.permission = _admin_perm
3193 owner_row.append(usr)
3193 owner_row.append(usr)
3194
3194
3195 super_admin_ids = []
3195 super_admin_ids = []
3196 super_admin_rows = []
3196 super_admin_rows = []
3197 if with_admins:
3197 if with_admins:
3198 for usr in User.get_all_super_admins():
3198 for usr in User.get_all_super_admins():
3199 super_admin_ids.append(usr.user_id)
3199 super_admin_ids.append(usr.user_id)
3200 # if this admin is also owner, don't double the record
3200 # if this admin is also owner, don't double the record
3201 if usr.user_id == owner_row[0].user_id:
3201 if usr.user_id == owner_row[0].user_id:
3202 owner_row[0].admin_row = True
3202 owner_row[0].admin_row = True
3203 else:
3203 else:
3204 usr = AttributeDict(usr.get_dict())
3204 usr = AttributeDict(usr.get_dict())
3205 usr.admin_row = True
3205 usr.admin_row = True
3206 usr.permission = _admin_perm
3206 usr.permission = _admin_perm
3207 super_admin_rows.append(usr)
3207 super_admin_rows.append(usr)
3208
3208
3209 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
3209 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
3210 q = q.options(joinedload(UserRepoGroupToPerm.group),
3210 q = q.options(joinedload(UserRepoGroupToPerm.group),
3211 joinedload(UserRepoGroupToPerm.user),
3211 joinedload(UserRepoGroupToPerm.user),
3212 joinedload(UserRepoGroupToPerm.permission),)
3212 joinedload(UserRepoGroupToPerm.permission),)
3213
3213
3214 # get owners and admins and permissions. We do a trick of re-writing
3214 # get owners and admins and permissions. We do a trick of re-writing
3215 # objects from sqlalchemy to named-tuples due to sqlalchemy session
3215 # objects from sqlalchemy to named-tuples due to sqlalchemy session
3216 # has a global reference and changing one object propagates to all
3216 # has a global reference and changing one object propagates to all
3217 # others. This means if admin is also an owner admin_row that change
3217 # others. This means if admin is also an owner admin_row that change
3218 # would propagate to both objects
3218 # would propagate to both objects
3219 perm_rows = []
3219 perm_rows = []
3220 for _usr in q.all():
3220 for _usr in q.all():
3221 usr = AttributeDict(_usr.user.get_dict())
3221 usr = AttributeDict(_usr.user.get_dict())
3222 # if this user is also owner/admin, mark as duplicate record
3222 # if this user is also owner/admin, mark as duplicate record
3223 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
3223 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
3224 usr.duplicate_perm = True
3224 usr.duplicate_perm = True
3225 usr.permission = _usr.permission.permission_name
3225 usr.permission = _usr.permission.permission_name
3226 perm_rows.append(usr)
3226 perm_rows.append(usr)
3227
3227
3228 # filter the perm rows by 'default' first and then sort them by
3228 # filter the perm rows by 'default' first and then sort them by
3229 # admin,write,read,none permissions sorted again alphabetically in
3229 # admin,write,read,none permissions sorted again alphabetically in
3230 # each group
3230 # each group
3231 perm_rows = sorted(perm_rows, key=display_user_sort)
3231 perm_rows = sorted(perm_rows, key=display_user_sort)
3232
3232
3233 user_groups_rows = []
3233 user_groups_rows = []
3234 if expand_from_user_groups:
3234 if expand_from_user_groups:
3235 for ug in self.permission_user_groups(with_members=True):
3235 for ug in self.permission_user_groups(with_members=True):
3236 for user_data in ug.members:
3236 for user_data in ug.members:
3237 user_groups_rows.append(user_data)
3237 user_groups_rows.append(user_data)
3238
3238
3239 return super_admin_rows + owner_row + perm_rows + user_groups_rows
3239 return super_admin_rows + owner_row + perm_rows + user_groups_rows
3240
3240
3241 def permission_user_groups(self, with_members=False):
3241 def permission_user_groups(self, with_members=False):
3242 q = UserGroupRepoGroupToPerm.query()\
3242 q = UserGroupRepoGroupToPerm.query()\
3243 .filter(UserGroupRepoGroupToPerm.group == self)
3243 .filter(UserGroupRepoGroupToPerm.group == self)
3244 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
3244 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
3245 joinedload(UserGroupRepoGroupToPerm.users_group),
3245 joinedload(UserGroupRepoGroupToPerm.users_group),
3246 joinedload(UserGroupRepoGroupToPerm.permission),)
3246 joinedload(UserGroupRepoGroupToPerm.permission),)
3247
3247
3248 perm_rows = []
3248 perm_rows = []
3249 for _user_group in q.all():
3249 for _user_group in q.all():
3250 entry = AttributeDict(_user_group.users_group.get_dict())
3250 entry = AttributeDict(_user_group.users_group.get_dict())
3251 entry.permission = _user_group.permission.permission_name
3251 entry.permission = _user_group.permission.permission_name
3252 if with_members:
3252 if with_members:
3253 entry.members = [x.user.get_dict()
3253 entry.members = [x.user.get_dict()
3254 for x in _user_group.users_group.members]
3254 for x in _user_group.users_group.members]
3255 perm_rows.append(entry)
3255 perm_rows.append(entry)
3256
3256
3257 perm_rows = sorted(perm_rows, key=display_user_group_sort)
3257 perm_rows = sorted(perm_rows, key=display_user_group_sort)
3258 return perm_rows
3258 return perm_rows
3259
3259
3260 def get_api_data(self):
3260 def get_api_data(self):
3261 """
3261 """
3262 Common function for generating api data
3262 Common function for generating api data
3263
3263
3264 """
3264 """
3265 group = self
3265 group = self
3266 data = {
3266 data = {
3267 'group_id': group.group_id,
3267 'group_id': group.group_id,
3268 'group_name': group.group_name,
3268 'group_name': group.group_name,
3269 'group_description': group.description_safe,
3269 'group_description': group.description_safe,
3270 'parent_group': group.parent_group.group_name if group.parent_group else None,
3270 'parent_group': group.parent_group.group_name if group.parent_group else None,
3271 'repositories': [x.repo_name for x in group.repositories],
3271 'repositories': [x.repo_name for x in group.repositories],
3272 'owner': group.user.username,
3272 'owner': group.user.username,
3273 }
3273 }
3274 return data
3274 return data
3275
3275
3276 def get_dict(self):
3276 def get_dict(self):
3277 # Since we transformed `group_name` to a hybrid property, we need to
3277 # Since we transformed `group_name` to a hybrid property, we need to
3278 # keep compatibility with the code which uses `group_name` field.
3278 # keep compatibility with the code which uses `group_name` field.
3279 result = super(RepoGroup, self).get_dict()
3279 result = super(RepoGroup, self).get_dict()
3280 result['group_name'] = result.pop('_group_name', None)
3280 result['group_name'] = result.pop('_group_name', None)
3281 result.pop('_changeset_cache', '')
3281 result.pop('_changeset_cache', '')
3282 return result
3282 return result
3283
3283
3284
3284
3285 class Permission(Base, BaseModel):
3285 class Permission(Base, BaseModel):
3286 __tablename__ = 'permissions'
3286 __tablename__ = 'permissions'
3287 __table_args__ = (
3287 __table_args__ = (
3288 Index('p_perm_name_idx', 'permission_name'),
3288 Index('p_perm_name_idx', 'permission_name'),
3289 base_table_args,
3289 base_table_args,
3290 )
3290 )
3291
3291
3292 PERMS = [
3292 PERMS = [
3293 ('hg.admin', _('RhodeCode Super Administrator')),
3293 ('hg.admin', _('RhodeCode Super Administrator')),
3294
3294
3295 ('repository.none', _('Repository no access')),
3295 ('repository.none', _('Repository no access')),
3296 ('repository.read', _('Repository read access')),
3296 ('repository.read', _('Repository read access')),
3297 ('repository.write', _('Repository write access')),
3297 ('repository.write', _('Repository write access')),
3298 ('repository.admin', _('Repository admin access')),
3298 ('repository.admin', _('Repository admin access')),
3299
3299
3300 ('group.none', _('Repository group no access')),
3300 ('group.none', _('Repository group no access')),
3301 ('group.read', _('Repository group read access')),
3301 ('group.read', _('Repository group read access')),
3302 ('group.write', _('Repository group write access')),
3302 ('group.write', _('Repository group write access')),
3303 ('group.admin', _('Repository group admin access')),
3303 ('group.admin', _('Repository group admin access')),
3304
3304
3305 ('usergroup.none', _('User group no access')),
3305 ('usergroup.none', _('User group no access')),
3306 ('usergroup.read', _('User group read access')),
3306 ('usergroup.read', _('User group read access')),
3307 ('usergroup.write', _('User group write access')),
3307 ('usergroup.write', _('User group write access')),
3308 ('usergroup.admin', _('User group admin access')),
3308 ('usergroup.admin', _('User group admin access')),
3309
3309
3310 ('branch.none', _('Branch no permissions')),
3310 ('branch.none', _('Branch no permissions')),
3311 ('branch.merge', _('Branch access by web merge')),
3311 ('branch.merge', _('Branch access by web merge')),
3312 ('branch.push', _('Branch access by push')),
3312 ('branch.push', _('Branch access by push')),
3313 ('branch.push_force', _('Branch access by push with force')),
3313 ('branch.push_force', _('Branch access by push with force')),
3314
3314
3315 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
3315 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
3316 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
3316 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
3317
3317
3318 ('hg.usergroup.create.false', _('User Group creation disabled')),
3318 ('hg.usergroup.create.false', _('User Group creation disabled')),
3319 ('hg.usergroup.create.true', _('User Group creation enabled')),
3319 ('hg.usergroup.create.true', _('User Group creation enabled')),
3320
3320
3321 ('hg.create.none', _('Repository creation disabled')),
3321 ('hg.create.none', _('Repository creation disabled')),
3322 ('hg.create.repository', _('Repository creation enabled')),
3322 ('hg.create.repository', _('Repository creation enabled')),
3323 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
3323 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
3324 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
3324 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
3325
3325
3326 ('hg.fork.none', _('Repository forking disabled')),
3326 ('hg.fork.none', _('Repository forking disabled')),
3327 ('hg.fork.repository', _('Repository forking enabled')),
3327 ('hg.fork.repository', _('Repository forking enabled')),
3328
3328
3329 ('hg.register.none', _('Registration disabled')),
3329 ('hg.register.none', _('Registration disabled')),
3330 ('hg.register.manual_activate', _('User Registration with manual account activation')),
3330 ('hg.register.manual_activate', _('User Registration with manual account activation')),
3331 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
3331 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
3332
3332
3333 ('hg.password_reset.enabled', _('Password reset enabled')),
3333 ('hg.password_reset.enabled', _('Password reset enabled')),
3334 ('hg.password_reset.hidden', _('Password reset hidden')),
3334 ('hg.password_reset.hidden', _('Password reset hidden')),
3335 ('hg.password_reset.disabled', _('Password reset disabled')),
3335 ('hg.password_reset.disabled', _('Password reset disabled')),
3336
3336
3337 ('hg.extern_activate.manual', _('Manual activation of external account')),
3337 ('hg.extern_activate.manual', _('Manual activation of external account')),
3338 ('hg.extern_activate.auto', _('Automatic activation of external account')),
3338 ('hg.extern_activate.auto', _('Automatic activation of external account')),
3339
3339
3340 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
3340 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
3341 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
3341 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
3342 ]
3342 ]
3343
3343
3344 # definition of system default permissions for DEFAULT user, created on
3344 # definition of system default permissions for DEFAULT user, created on
3345 # system setup
3345 # system setup
3346 DEFAULT_USER_PERMISSIONS = [
3346 DEFAULT_USER_PERMISSIONS = [
3347 # object perms
3347 # object perms
3348 'repository.read',
3348 'repository.read',
3349 'group.read',
3349 'group.read',
3350 'usergroup.read',
3350 'usergroup.read',
3351 # branch, for backward compat we need same value as before so forced pushed
3351 # branch, for backward compat we need same value as before so forced pushed
3352 'branch.push_force',
3352 'branch.push_force',
3353 # global
3353 # global
3354 'hg.create.repository',
3354 'hg.create.repository',
3355 'hg.repogroup.create.false',
3355 'hg.repogroup.create.false',
3356 'hg.usergroup.create.false',
3356 'hg.usergroup.create.false',
3357 'hg.create.write_on_repogroup.true',
3357 'hg.create.write_on_repogroup.true',
3358 'hg.fork.repository',
3358 'hg.fork.repository',
3359 'hg.register.manual_activate',
3359 'hg.register.manual_activate',
3360 'hg.password_reset.enabled',
3360 'hg.password_reset.enabled',
3361 'hg.extern_activate.auto',
3361 'hg.extern_activate.auto',
3362 'hg.inherit_default_perms.true',
3362 'hg.inherit_default_perms.true',
3363 ]
3363 ]
3364
3364
3365 # defines which permissions are more important higher the more important
3365 # defines which permissions are more important higher the more important
3366 # Weight defines which permissions are more important.
3366 # Weight defines which permissions are more important.
3367 # The higher number the more important.
3367 # The higher number the more important.
3368 PERM_WEIGHTS = {
3368 PERM_WEIGHTS = {
3369 'repository.none': 0,
3369 'repository.none': 0,
3370 'repository.read': 1,
3370 'repository.read': 1,
3371 'repository.write': 3,
3371 'repository.write': 3,
3372 'repository.admin': 4,
3372 'repository.admin': 4,
3373
3373
3374 'group.none': 0,
3374 'group.none': 0,
3375 'group.read': 1,
3375 'group.read': 1,
3376 'group.write': 3,
3376 'group.write': 3,
3377 'group.admin': 4,
3377 'group.admin': 4,
3378
3378
3379 'usergroup.none': 0,
3379 'usergroup.none': 0,
3380 'usergroup.read': 1,
3380 'usergroup.read': 1,
3381 'usergroup.write': 3,
3381 'usergroup.write': 3,
3382 'usergroup.admin': 4,
3382 'usergroup.admin': 4,
3383
3383
3384 'branch.none': 0,
3384 'branch.none': 0,
3385 'branch.merge': 1,
3385 'branch.merge': 1,
3386 'branch.push': 3,
3386 'branch.push': 3,
3387 'branch.push_force': 4,
3387 'branch.push_force': 4,
3388
3388
3389 'hg.repogroup.create.false': 0,
3389 'hg.repogroup.create.false': 0,
3390 'hg.repogroup.create.true': 1,
3390 'hg.repogroup.create.true': 1,
3391
3391
3392 'hg.usergroup.create.false': 0,
3392 'hg.usergroup.create.false': 0,
3393 'hg.usergroup.create.true': 1,
3393 'hg.usergroup.create.true': 1,
3394
3394
3395 'hg.fork.none': 0,
3395 'hg.fork.none': 0,
3396 'hg.fork.repository': 1,
3396 'hg.fork.repository': 1,
3397 'hg.create.none': 0,
3397 'hg.create.none': 0,
3398 'hg.create.repository': 1
3398 'hg.create.repository': 1
3399 }
3399 }
3400
3400
3401 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3401 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3402 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
3402 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
3403 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
3403 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
3404
3404
3405 def __repr__(self):
3405 def __repr__(self):
3406 return "<%s('%s:%s')>" % (
3406 return "<%s('%s:%s')>" % (
3407 self.cls_name, self.permission_id, self.permission_name
3407 self.cls_name, self.permission_id, self.permission_name
3408 )
3408 )
3409
3409
3410 @classmethod
3410 @classmethod
3411 def get_by_key(cls, key):
3411 def get_by_key(cls, key):
3412 return cls.query().filter(cls.permission_name == key).scalar()
3412 return cls.query().filter(cls.permission_name == key).scalar()
3413
3413
3414 @classmethod
3414 @classmethod
3415 def get_default_repo_perms(cls, user_id, repo_id=None):
3415 def get_default_repo_perms(cls, user_id, repo_id=None):
3416 q = Session().query(UserRepoToPerm, Repository, Permission)\
3416 q = Session().query(UserRepoToPerm, Repository, Permission)\
3417 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
3417 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
3418 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
3418 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
3419 .filter(UserRepoToPerm.user_id == user_id)
3419 .filter(UserRepoToPerm.user_id == user_id)
3420 if repo_id:
3420 if repo_id:
3421 q = q.filter(UserRepoToPerm.repository_id == repo_id)
3421 q = q.filter(UserRepoToPerm.repository_id == repo_id)
3422 return q.all()
3422 return q.all()
3423
3423
3424 @classmethod
3424 @classmethod
3425 def get_default_repo_branch_perms(cls, user_id, repo_id=None):
3425 def get_default_repo_branch_perms(cls, user_id, repo_id=None):
3426 q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \
3426 q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \
3427 .join(
3427 .join(
3428 Permission,
3428 Permission,
3429 UserToRepoBranchPermission.permission_id == Permission.permission_id) \
3429 UserToRepoBranchPermission.permission_id == Permission.permission_id) \
3430 .join(
3430 .join(
3431 UserRepoToPerm,
3431 UserRepoToPerm,
3432 UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \
3432 UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \
3433 .filter(UserRepoToPerm.user_id == user_id)
3433 .filter(UserRepoToPerm.user_id == user_id)
3434
3434
3435 if repo_id:
3435 if repo_id:
3436 q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)
3436 q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)
3437 return q.order_by(UserToRepoBranchPermission.rule_order).all()
3437 return q.order_by(UserToRepoBranchPermission.rule_order).all()
3438
3438
3439 @classmethod
3439 @classmethod
3440 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
3440 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
3441 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
3441 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
3442 .join(
3442 .join(
3443 Permission,
3443 Permission,
3444 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
3444 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
3445 .join(
3445 .join(
3446 Repository,
3446 Repository,
3447 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
3447 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
3448 .join(
3448 .join(
3449 UserGroup,
3449 UserGroup,
3450 UserGroupRepoToPerm.users_group_id ==
3450 UserGroupRepoToPerm.users_group_id ==
3451 UserGroup.users_group_id)\
3451 UserGroup.users_group_id)\
3452 .join(
3452 .join(
3453 UserGroupMember,
3453 UserGroupMember,
3454 UserGroupRepoToPerm.users_group_id ==
3454 UserGroupRepoToPerm.users_group_id ==
3455 UserGroupMember.users_group_id)\
3455 UserGroupMember.users_group_id)\
3456 .filter(
3456 .filter(
3457 UserGroupMember.user_id == user_id,
3457 UserGroupMember.user_id == user_id,
3458 UserGroup.users_group_active == true())
3458 UserGroup.users_group_active == true())
3459 if repo_id:
3459 if repo_id:
3460 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
3460 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
3461 return q.all()
3461 return q.all()
3462
3462
3463 @classmethod
3463 @classmethod
3464 def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):
3464 def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):
3465 q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \
3465 q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \
3466 .join(
3466 .join(
3467 Permission,
3467 Permission,
3468 UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \
3468 UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \
3469 .join(
3469 .join(
3470 UserGroupRepoToPerm,
3470 UserGroupRepoToPerm,
3471 UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \
3471 UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \
3472 .join(
3472 .join(
3473 UserGroup,
3473 UserGroup,
3474 UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \
3474 UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \
3475 .join(
3475 .join(
3476 UserGroupMember,
3476 UserGroupMember,
3477 UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \
3477 UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \
3478 .filter(
3478 .filter(
3479 UserGroupMember.user_id == user_id,
3479 UserGroupMember.user_id == user_id,
3480 UserGroup.users_group_active == true())
3480 UserGroup.users_group_active == true())
3481
3481
3482 if repo_id:
3482 if repo_id:
3483 q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)
3483 q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)
3484 return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()
3484 return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()
3485
3485
3486 @classmethod
3486 @classmethod
3487 def get_default_group_perms(cls, user_id, repo_group_id=None):
3487 def get_default_group_perms(cls, user_id, repo_group_id=None):
3488 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
3488 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
3489 .join(
3489 .join(
3490 Permission,
3490 Permission,
3491 UserRepoGroupToPerm.permission_id == Permission.permission_id)\
3491 UserRepoGroupToPerm.permission_id == Permission.permission_id)\
3492 .join(
3492 .join(
3493 RepoGroup,
3493 RepoGroup,
3494 UserRepoGroupToPerm.group_id == RepoGroup.group_id)\
3494 UserRepoGroupToPerm.group_id == RepoGroup.group_id)\
3495 .filter(UserRepoGroupToPerm.user_id == user_id)
3495 .filter(UserRepoGroupToPerm.user_id == user_id)
3496 if repo_group_id:
3496 if repo_group_id:
3497 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
3497 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
3498 return q.all()
3498 return q.all()
3499
3499
3500 @classmethod
3500 @classmethod
3501 def get_default_group_perms_from_user_group(
3501 def get_default_group_perms_from_user_group(
3502 cls, user_id, repo_group_id=None):
3502 cls, user_id, repo_group_id=None):
3503 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
3503 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
3504 .join(
3504 .join(
3505 Permission,
3505 Permission,
3506 UserGroupRepoGroupToPerm.permission_id ==
3506 UserGroupRepoGroupToPerm.permission_id ==
3507 Permission.permission_id)\
3507 Permission.permission_id)\
3508 .join(
3508 .join(
3509 RepoGroup,
3509 RepoGroup,
3510 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
3510 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
3511 .join(
3511 .join(
3512 UserGroup,
3512 UserGroup,
3513 UserGroupRepoGroupToPerm.users_group_id ==
3513 UserGroupRepoGroupToPerm.users_group_id ==
3514 UserGroup.users_group_id)\
3514 UserGroup.users_group_id)\
3515 .join(
3515 .join(
3516 UserGroupMember,
3516 UserGroupMember,
3517 UserGroupRepoGroupToPerm.users_group_id ==
3517 UserGroupRepoGroupToPerm.users_group_id ==
3518 UserGroupMember.users_group_id)\
3518 UserGroupMember.users_group_id)\
3519 .filter(
3519 .filter(
3520 UserGroupMember.user_id == user_id,
3520 UserGroupMember.user_id == user_id,
3521 UserGroup.users_group_active == true())
3521 UserGroup.users_group_active == true())
3522 if repo_group_id:
3522 if repo_group_id:
3523 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
3523 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
3524 return q.all()
3524 return q.all()
3525
3525
3526 @classmethod
3526 @classmethod
3527 def get_default_user_group_perms(cls, user_id, user_group_id=None):
3527 def get_default_user_group_perms(cls, user_id, user_group_id=None):
3528 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
3528 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
3529 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
3529 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
3530 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
3530 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
3531 .filter(UserUserGroupToPerm.user_id == user_id)
3531 .filter(UserUserGroupToPerm.user_id == user_id)
3532 if user_group_id:
3532 if user_group_id:
3533 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
3533 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
3534 return q.all()
3534 return q.all()
3535
3535
3536 @classmethod
3536 @classmethod
3537 def get_default_user_group_perms_from_user_group(
3537 def get_default_user_group_perms_from_user_group(
3538 cls, user_id, user_group_id=None):
3538 cls, user_id, user_group_id=None):
3539 TargetUserGroup = aliased(UserGroup, name='target_user_group')
3539 TargetUserGroup = aliased(UserGroup, name='target_user_group')
3540 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
3540 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
3541 .join(
3541 .join(
3542 Permission,
3542 Permission,
3543 UserGroupUserGroupToPerm.permission_id ==
3543 UserGroupUserGroupToPerm.permission_id ==
3544 Permission.permission_id)\
3544 Permission.permission_id)\
3545 .join(
3545 .join(
3546 TargetUserGroup,
3546 TargetUserGroup,
3547 UserGroupUserGroupToPerm.target_user_group_id ==
3547 UserGroupUserGroupToPerm.target_user_group_id ==
3548 TargetUserGroup.users_group_id)\
3548 TargetUserGroup.users_group_id)\
3549 .join(
3549 .join(
3550 UserGroup,
3550 UserGroup,
3551 UserGroupUserGroupToPerm.user_group_id ==
3551 UserGroupUserGroupToPerm.user_group_id ==
3552 UserGroup.users_group_id)\
3552 UserGroup.users_group_id)\
3553 .join(
3553 .join(
3554 UserGroupMember,
3554 UserGroupMember,
3555 UserGroupUserGroupToPerm.user_group_id ==
3555 UserGroupUserGroupToPerm.user_group_id ==
3556 UserGroupMember.users_group_id)\
3556 UserGroupMember.users_group_id)\
3557 .filter(
3557 .filter(
3558 UserGroupMember.user_id == user_id,
3558 UserGroupMember.user_id == user_id,
3559 UserGroup.users_group_active == true())
3559 UserGroup.users_group_active == true())
3560 if user_group_id:
3560 if user_group_id:
3561 q = q.filter(
3561 q = q.filter(
3562 UserGroupUserGroupToPerm.user_group_id == user_group_id)
3562 UserGroupUserGroupToPerm.user_group_id == user_group_id)
3563
3563
3564 return q.all()
3564 return q.all()
3565
3565
3566
3566
3567 class UserRepoToPerm(Base, BaseModel):
3567 class UserRepoToPerm(Base, BaseModel):
3568 __tablename__ = 'repo_to_perm'
3568 __tablename__ = 'repo_to_perm'
3569 __table_args__ = (
3569 __table_args__ = (
3570 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
3570 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
3571 base_table_args
3571 base_table_args
3572 )
3572 )
3573
3573
3574 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3574 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3575 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3575 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3576 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3576 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3577 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3577 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3578
3578
3579 user = relationship('User', back_populates="repo_to_perm")
3579 user = relationship('User', back_populates="repo_to_perm")
3580 repository = relationship('Repository', back_populates="repo_to_perm")
3580 repository = relationship('Repository', back_populates="repo_to_perm")
3581 permission = relationship('Permission')
3581 permission = relationship('Permission')
3582
3582
3583 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete-orphan", lazy='joined', back_populates='user_repo_to_perm')
3583 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete-orphan", lazy='joined', back_populates='user_repo_to_perm')
3584
3584
3585 @classmethod
3585 @classmethod
3586 def create(cls, user, repository, permission):
3586 def create(cls, user, repository, permission):
3587 n = cls()
3587 n = cls()
3588 n.user = user
3588 n.user = user
3589 n.repository = repository
3589 n.repository = repository
3590 n.permission = permission
3590 n.permission = permission
3591 Session().add(n)
3591 Session().add(n)
3592 return n
3592 return n
3593
3593
3594 def __repr__(self):
3594 def __repr__(self):
3595 return f'<{self.user} => {self.repository} >'
3595 return f'<{self.user} => {self.repository} >'
3596
3596
3597
3597
3598 class UserUserGroupToPerm(Base, BaseModel):
3598 class UserUserGroupToPerm(Base, BaseModel):
3599 __tablename__ = 'user_user_group_to_perm'
3599 __tablename__ = 'user_user_group_to_perm'
3600 __table_args__ = (
3600 __table_args__ = (
3601 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
3601 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
3602 base_table_args
3602 base_table_args
3603 )
3603 )
3604
3604
3605 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3605 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3606 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3606 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3607 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3607 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3608 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3608 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3609
3609
3610 user = relationship('User', back_populates='user_group_to_perm')
3610 user = relationship('User', back_populates='user_group_to_perm')
3611 user_group = relationship('UserGroup', back_populates='user_user_group_to_perm')
3611 user_group = relationship('UserGroup', back_populates='user_user_group_to_perm')
3612 permission = relationship('Permission')
3612 permission = relationship('Permission')
3613
3613
3614 @classmethod
3614 @classmethod
3615 def create(cls, user, user_group, permission):
3615 def create(cls, user, user_group, permission):
3616 n = cls()
3616 n = cls()
3617 n.user = user
3617 n.user = user
3618 n.user_group = user_group
3618 n.user_group = user_group
3619 n.permission = permission
3619 n.permission = permission
3620 Session().add(n)
3620 Session().add(n)
3621 return n
3621 return n
3622
3622
3623 def __repr__(self):
3623 def __repr__(self):
3624 return f'<{self.user} => {self.user_group} >'
3624 return f'<{self.user} => {self.user_group} >'
3625
3625
3626
3626
3627 class UserToPerm(Base, BaseModel):
3627 class UserToPerm(Base, BaseModel):
3628 __tablename__ = 'user_to_perm'
3628 __tablename__ = 'user_to_perm'
3629 __table_args__ = (
3629 __table_args__ = (
3630 UniqueConstraint('user_id', 'permission_id'),
3630 UniqueConstraint('user_id', 'permission_id'),
3631 base_table_args
3631 base_table_args
3632 )
3632 )
3633
3633
3634 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3634 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3635 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3635 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3636 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3636 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3637
3637
3638 user = relationship('User', back_populates='user_perms')
3638 user = relationship('User', back_populates='user_perms')
3639 permission = relationship('Permission', lazy='joined')
3639 permission = relationship('Permission', lazy='joined')
3640
3640
3641 def __repr__(self):
3641 def __repr__(self):
3642 return f'<{self.user} => {self.permission} >'
3642 return f'<{self.user} => {self.permission} >'
3643
3643
3644
3644
3645 class UserGroupRepoToPerm(Base, BaseModel):
3645 class UserGroupRepoToPerm(Base, BaseModel):
3646 __tablename__ = 'users_group_repo_to_perm'
3646 __tablename__ = 'users_group_repo_to_perm'
3647 __table_args__ = (
3647 __table_args__ = (
3648 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
3648 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
3649 base_table_args
3649 base_table_args
3650 )
3650 )
3651
3651
3652 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3652 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3653 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3653 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3654 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3654 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3655 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3655 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3656
3656
3657 users_group = relationship('UserGroup', back_populates='users_group_repo_to_perm')
3657 users_group = relationship('UserGroup', back_populates='users_group_repo_to_perm')
3658 permission = relationship('Permission')
3658 permission = relationship('Permission')
3659 repository = relationship('Repository', back_populates='users_group_to_perm')
3659 repository = relationship('Repository', back_populates='users_group_to_perm')
3660 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission', cascade='all', back_populates='user_group_repo_to_perm')
3660 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission', cascade='all', back_populates='user_group_repo_to_perm')
3661
3661
3662 @classmethod
3662 @classmethod
3663 def create(cls, users_group, repository, permission):
3663 def create(cls, users_group, repository, permission):
3664 n = cls()
3664 n = cls()
3665 n.users_group = users_group
3665 n.users_group = users_group
3666 n.repository = repository
3666 n.repository = repository
3667 n.permission = permission
3667 n.permission = permission
3668 Session().add(n)
3668 Session().add(n)
3669 return n
3669 return n
3670
3670
3671 def __repr__(self):
3671 def __repr__(self):
3672 return f'<UserGroupRepoToPerm:{self.users_group} => {self.repository} >'
3672 return f'<UserGroupRepoToPerm:{self.users_group} => {self.repository} >'
3673
3673
3674
3674
3675 class UserGroupUserGroupToPerm(Base, BaseModel):
3675 class UserGroupUserGroupToPerm(Base, BaseModel):
3676 __tablename__ = 'user_group_user_group_to_perm'
3676 __tablename__ = 'user_group_user_group_to_perm'
3677 __table_args__ = (
3677 __table_args__ = (
3678 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
3678 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
3679 CheckConstraint('target_user_group_id != user_group_id'),
3679 CheckConstraint('target_user_group_id != user_group_id'),
3680 base_table_args
3680 base_table_args
3681 )
3681 )
3682
3682
3683 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3683 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3684 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3684 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3685 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3685 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3686 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3686 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3687
3687
3688 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id', back_populates='user_group_user_group_to_perm')
3688 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id', back_populates='user_group_user_group_to_perm')
3689 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3689 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3690 permission = relationship('Permission')
3690 permission = relationship('Permission')
3691
3691
3692 @classmethod
3692 @classmethod
3693 def create(cls, target_user_group, user_group, permission):
3693 def create(cls, target_user_group, user_group, permission):
3694 n = cls()
3694 n = cls()
3695 n.target_user_group = target_user_group
3695 n.target_user_group = target_user_group
3696 n.user_group = user_group
3696 n.user_group = user_group
3697 n.permission = permission
3697 n.permission = permission
3698 Session().add(n)
3698 Session().add(n)
3699 return n
3699 return n
3700
3700
3701 def __repr__(self):
3701 def __repr__(self):
3702 return f'<UserGroupUserGroup:{self.target_user_group} => {self.user_group} >'
3702 return f'<UserGroupUserGroup:{self.target_user_group} => {self.user_group} >'
3703
3703
3704
3704
3705 class UserGroupToPerm(Base, BaseModel):
3705 class UserGroupToPerm(Base, BaseModel):
3706 __tablename__ = 'users_group_to_perm'
3706 __tablename__ = 'users_group_to_perm'
3707 __table_args__ = (
3707 __table_args__ = (
3708 UniqueConstraint('users_group_id', 'permission_id',),
3708 UniqueConstraint('users_group_id', 'permission_id',),
3709 base_table_args
3709 base_table_args
3710 )
3710 )
3711
3711
3712 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3712 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3713 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3713 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3714 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3714 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3715
3715
3716 users_group = relationship('UserGroup', back_populates='users_group_to_perm')
3716 users_group = relationship('UserGroup', back_populates='users_group_to_perm')
3717 permission = relationship('Permission')
3717 permission = relationship('Permission')
3718
3718
3719
3719
3720 class UserRepoGroupToPerm(Base, BaseModel):
3720 class UserRepoGroupToPerm(Base, BaseModel):
3721 __tablename__ = 'user_repo_group_to_perm'
3721 __tablename__ = 'user_repo_group_to_perm'
3722 __table_args__ = (
3722 __table_args__ = (
3723 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3723 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3724 base_table_args
3724 base_table_args
3725 )
3725 )
3726
3726
3727 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3727 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3728 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3728 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3729 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3729 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3730 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3730 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3731
3731
3732 user = relationship('User', back_populates='repo_group_to_perm')
3732 user = relationship('User', back_populates='repo_group_to_perm')
3733 group = relationship('RepoGroup', back_populates='repo_group_to_perm')
3733 group = relationship('RepoGroup', back_populates='repo_group_to_perm')
3734 permission = relationship('Permission')
3734 permission = relationship('Permission')
3735
3735
3736 @classmethod
3736 @classmethod
3737 def create(cls, user, repository_group, permission):
3737 def create(cls, user, repository_group, permission):
3738 n = cls()
3738 n = cls()
3739 n.user = user
3739 n.user = user
3740 n.group = repository_group
3740 n.group = repository_group
3741 n.permission = permission
3741 n.permission = permission
3742 Session().add(n)
3742 Session().add(n)
3743 return n
3743 return n
3744
3744
3745
3745
3746 class UserGroupRepoGroupToPerm(Base, BaseModel):
3746 class UserGroupRepoGroupToPerm(Base, BaseModel):
3747 __tablename__ = 'users_group_repo_group_to_perm'
3747 __tablename__ = 'users_group_repo_group_to_perm'
3748 __table_args__ = (
3748 __table_args__ = (
3749 UniqueConstraint('users_group_id', 'group_id'),
3749 UniqueConstraint('users_group_id', 'group_id'),
3750 base_table_args
3750 base_table_args
3751 )
3751 )
3752
3752
3753 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3753 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3754 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3754 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3755 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3755 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3756 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3756 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3757
3757
3758 users_group = relationship('UserGroup', back_populates='users_group_repo_group_to_perm')
3758 users_group = relationship('UserGroup', back_populates='users_group_repo_group_to_perm')
3759 permission = relationship('Permission')
3759 permission = relationship('Permission')
3760 group = relationship('RepoGroup', back_populates='users_group_to_perm')
3760 group = relationship('RepoGroup', back_populates='users_group_to_perm')
3761
3761
3762 @classmethod
3762 @classmethod
3763 def create(cls, user_group, repository_group, permission):
3763 def create(cls, user_group, repository_group, permission):
3764 n = cls()
3764 n = cls()
3765 n.users_group = user_group
3765 n.users_group = user_group
3766 n.group = repository_group
3766 n.group = repository_group
3767 n.permission = permission
3767 n.permission = permission
3768 Session().add(n)
3768 Session().add(n)
3769 return n
3769 return n
3770
3770
3771 def __repr__(self):
3771 def __repr__(self):
3772 return '<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3772 return '<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3773
3773
3774
3774
3775 class Statistics(Base, BaseModel):
3775 class Statistics(Base, BaseModel):
3776 __tablename__ = 'statistics'
3776 __tablename__ = 'statistics'
3777 __table_args__ = (
3777 __table_args__ = (
3778 base_table_args
3778 base_table_args
3779 )
3779 )
3780
3780
3781 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3781 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3782 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3782 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3783 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3783 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3784 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False) #JSON data
3784 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False) #JSON data
3785 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False) #JSON data
3785 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False) #JSON data
3786 languages = Column("languages", LargeBinary(1000000), nullable=False) #JSON data
3786 languages = Column("languages", LargeBinary(1000000), nullable=False) #JSON data
3787
3787
3788 repository = relationship('Repository', single_parent=True, viewonly=True)
3788 repository = relationship('Repository', single_parent=True, viewonly=True)
3789
3789
3790
3790
3791 class UserFollowing(Base, BaseModel):
3791 class UserFollowing(Base, BaseModel):
3792 __tablename__ = 'user_followings'
3792 __tablename__ = 'user_followings'
3793 __table_args__ = (
3793 __table_args__ = (
3794 UniqueConstraint('user_id', 'follows_repository_id'),
3794 UniqueConstraint('user_id', 'follows_repository_id'),
3795 UniqueConstraint('user_id', 'follows_user_id'),
3795 UniqueConstraint('user_id', 'follows_user_id'),
3796 base_table_args
3796 base_table_args
3797 )
3797 )
3798
3798
3799 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3799 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3800 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3800 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3801 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3801 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3802 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3802 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3803 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3803 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3804
3804
3805 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id', back_populates='followings')
3805 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id', back_populates='followings')
3806
3806
3807 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3807 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3808 follows_repository = relationship('Repository', order_by='Repository.repo_name', back_populates='followers')
3808 follows_repository = relationship('Repository', order_by='Repository.repo_name', back_populates='followers')
3809
3809
3810 @classmethod
3810 @classmethod
3811 def get_repo_followers(cls, repo_id):
3811 def get_repo_followers(cls, repo_id):
3812 return cls.query().filter(cls.follows_repo_id == repo_id)
3812 return cls.query().filter(cls.follows_repo_id == repo_id)
3813
3813
3814
3814
3815 class CacheKey(Base, BaseModel):
3815 class CacheKey(Base, BaseModel):
3816 __tablename__ = 'cache_invalidation'
3816 __tablename__ = 'cache_invalidation'
3817 __table_args__ = (
3817 __table_args__ = (
3818 UniqueConstraint('cache_key'),
3818 UniqueConstraint('cache_key'),
3819 Index('key_idx', 'cache_key'),
3819 Index('key_idx', 'cache_key'),
3820 Index('cache_args_idx', 'cache_args'),
3820 Index('cache_args_idx', 'cache_args'),
3821 base_table_args,
3821 base_table_args,
3822 )
3822 )
3823
3823
3824 CACHE_TYPE_FEED = 'FEED'
3824 CACHE_TYPE_FEED = 'FEED'
3825
3825
3826 # namespaces used to register process/thread aware caches
3826 # namespaces used to register process/thread aware caches
3827 REPO_INVALIDATION_NAMESPACE = 'repo_cache.v1:{repo_id}'
3827 REPO_INVALIDATION_NAMESPACE = 'repo_cache.v1:{repo_id}'
3828
3828
3829 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3829 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3830 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3830 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3831 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3831 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3832 cache_state_uid = Column("cache_state_uid", String(255), nullable=True, unique=None, default=None)
3832 cache_state_uid = Column("cache_state_uid", String(255), nullable=True, unique=None, default=None)
3833 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3833 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3834
3834
3835 def __init__(self, cache_key, cache_args='', cache_state_uid=None, cache_active=False):
3835 def __init__(self, cache_key, cache_args='', cache_state_uid=None, cache_active=False):
3836 self.cache_key = cache_key
3836 self.cache_key = cache_key
3837 self.cache_args = cache_args
3837 self.cache_args = cache_args
3838 self.cache_active = cache_active
3838 self.cache_active = cache_active
3839 # first key should be same for all entries, since all workers should share it
3839 # first key should be same for all entries, since all workers should share it
3840 self.cache_state_uid = cache_state_uid or self.generate_new_state_uid()
3840 self.cache_state_uid = cache_state_uid or self.generate_new_state_uid()
3841
3841
3842 def __repr__(self):
3842 def __repr__(self):
3843 return "<%s('%s:%s[%s]')>" % (
3843 return "<%s('%s:%s[%s]')>" % (
3844 self.cls_name,
3844 self.cls_name,
3845 self.cache_id, self.cache_key, self.cache_active)
3845 self.cache_id, self.cache_key, self.cache_active)
3846
3846
3847 def _cache_key_partition(self):
3847 def _cache_key_partition(self):
3848 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3848 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3849 return prefix, repo_name, suffix
3849 return prefix, repo_name, suffix
3850
3850
3851 def get_prefix(self):
3851 def get_prefix(self):
3852 """
3852 """
3853 Try to extract prefix from existing cache key. The key could consist
3853 Try to extract prefix from existing cache key. The key could consist
3854 of prefix, repo_name, suffix
3854 of prefix, repo_name, suffix
3855 """
3855 """
3856 # this returns prefix, repo_name, suffix
3856 # this returns prefix, repo_name, suffix
3857 return self._cache_key_partition()[0]
3857 return self._cache_key_partition()[0]
3858
3858
3859 def get_suffix(self):
3859 def get_suffix(self):
3860 """
3860 """
3861 get suffix that might have been used in _get_cache_key to
3861 get suffix that might have been used in _get_cache_key to
3862 generate self.cache_key. Only used for informational purposes
3862 generate self.cache_key. Only used for informational purposes
3863 in repo_edit.mako.
3863 in repo_edit.mako.
3864 """
3864 """
3865 # prefix, repo_name, suffix
3865 # prefix, repo_name, suffix
3866 return self._cache_key_partition()[2]
3866 return self._cache_key_partition()[2]
3867
3867
3868 @classmethod
3868 @classmethod
3869 def generate_new_state_uid(cls, based_on=None):
3869 def generate_new_state_uid(cls, based_on=None):
3870 if based_on:
3870 if based_on:
3871 return str(uuid.uuid5(uuid.NAMESPACE_URL, safe_str(based_on)))
3871 return str(uuid.uuid5(uuid.NAMESPACE_URL, safe_str(based_on)))
3872 else:
3872 else:
3873 return str(uuid.uuid4())
3873 return str(uuid.uuid4())
3874
3874
3875 @classmethod
3875 @classmethod
3876 def delete_all_cache(cls):
3876 def delete_all_cache(cls):
3877 """
3877 """
3878 Delete all cache keys from database.
3878 Delete all cache keys from database.
3879 Should only be run when all instances are down and all entries
3879 Should only be run when all instances are down and all entries
3880 thus stale.
3880 thus stale.
3881 """
3881 """
3882 cls.query().delete()
3882 cls.query().delete()
3883 Session().commit()
3883 Session().commit()
3884
3884
3885 @classmethod
3885 @classmethod
3886 def set_invalidate(cls, cache_uid, delete=False):
3886 def set_invalidate(cls, cache_uid, delete=False):
3887 """
3887 """
3888 Mark all caches of a repo as invalid in the database.
3888 Mark all caches of a repo as invalid in the database.
3889 """
3889 """
3890 try:
3890 try:
3891 qry = Session().query(cls).filter(cls.cache_key == cache_uid)
3891 qry = Session().query(cls).filter(cls.cache_key == cache_uid)
3892 if delete:
3892 if delete:
3893 qry.delete()
3893 qry.delete()
3894 log.debug('cache objects deleted for cache args %s',
3894 log.debug('cache objects deleted for cache args %s',
3895 safe_str(cache_uid))
3895 safe_str(cache_uid))
3896 else:
3896 else:
3897 new_uid = cls.generate_new_state_uid()
3897 new_uid = cls.generate_new_state_uid()
3898 qry.update({"cache_state_uid": new_uid,
3898 qry.update({"cache_state_uid": new_uid,
3899 "cache_args": f"repo_state:{time.time()}"})
3899 "cache_args": f"repo_state:{time.time()}"})
3900 log.debug('cache object %s set new UID %s',
3900 log.debug('cache object %s set new UID %s',
3901 safe_str(cache_uid), new_uid)
3901 safe_str(cache_uid), new_uid)
3902
3902
3903 Session().commit()
3903 Session().commit()
3904 except Exception:
3904 except Exception:
3905 log.exception(
3905 log.exception(
3906 'Cache key invalidation failed for cache args %s',
3906 'Cache key invalidation failed for cache args %s',
3907 safe_str(cache_uid))
3907 safe_str(cache_uid))
3908 Session().rollback()
3908 Session().rollback()
3909
3909
3910 @classmethod
3910 @classmethod
3911 def get_active_cache(cls, cache_key):
3911 def get_active_cache(cls, cache_key):
3912 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3912 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3913 if inv_obj:
3913 if inv_obj:
3914 return inv_obj
3914 return inv_obj
3915 return None
3915 return None
3916
3916
3917 @classmethod
3917 @classmethod
3918 def get_namespace_map(cls, namespace):
3918 def get_namespace_map(cls, namespace):
3919 return {
3919 return {
3920 x.cache_key: x
3920 x.cache_key: x
3921 for x in cls.query().filter(cls.cache_args == namespace)}
3921 for x in cls.query().filter(cls.cache_args == namespace)}
3922
3922
3923
3923
3924 class ChangesetComment(Base, BaseModel):
3924 class ChangesetComment(Base, BaseModel):
3925 __tablename__ = 'changeset_comments'
3925 __tablename__ = 'changeset_comments'
3926 __table_args__ = (
3926 __table_args__ = (
3927 Index('cc_revision_idx', 'revision'),
3927 Index('cc_revision_idx', 'revision'),
3928 base_table_args,
3928 base_table_args,
3929 )
3929 )
3930
3930
3931 COMMENT_OUTDATED = 'comment_outdated'
3931 COMMENT_OUTDATED = 'comment_outdated'
3932 COMMENT_TYPE_NOTE = 'note'
3932 COMMENT_TYPE_NOTE = 'note'
3933 COMMENT_TYPE_TODO = 'todo'
3933 COMMENT_TYPE_TODO = 'todo'
3934 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3934 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3935
3935
3936 OP_IMMUTABLE = 'immutable'
3936 OP_IMMUTABLE = 'immutable'
3937 OP_CHANGEABLE = 'changeable'
3937 OP_CHANGEABLE = 'changeable'
3938
3938
3939 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3939 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3940 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3940 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3941 revision = Column('revision', String(40), nullable=True)
3941 revision = Column('revision', String(40), nullable=True)
3942 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3942 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3943 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3943 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3944 line_no = Column('line_no', Unicode(10), nullable=True)
3944 line_no = Column('line_no', Unicode(10), nullable=True)
3945 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3945 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3946 f_path = Column('f_path', Unicode(1000), nullable=True)
3946 f_path = Column('f_path', Unicode(1000), nullable=True)
3947 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3947 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3948 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3948 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3949 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3949 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3950 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3950 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3951 renderer = Column('renderer', Unicode(64), nullable=True)
3951 renderer = Column('renderer', Unicode(64), nullable=True)
3952 display_state = Column('display_state', Unicode(128), nullable=True)
3952 display_state = Column('display_state', Unicode(128), nullable=True)
3953 immutable_state = Column('immutable_state', Unicode(128), nullable=True, default=OP_CHANGEABLE)
3953 immutable_state = Column('immutable_state', Unicode(128), nullable=True, default=OP_CHANGEABLE)
3954 draft = Column('draft', Boolean(), nullable=True, default=False)
3954 draft = Column('draft', Boolean(), nullable=True, default=False)
3955
3955
3956 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3956 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3957 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3957 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3958
3958
3959 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, back_populates='resolved_by')
3959 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, back_populates='resolved_by')
3960 resolved_by = relationship('ChangesetComment', back_populates='resolved_comment')
3960 resolved_by = relationship('ChangesetComment', back_populates='resolved_comment')
3961
3961
3962 author = relationship('User', lazy='select', back_populates='user_comments')
3962 author = relationship('User', lazy='select', back_populates='user_comments')
3963 repo = relationship('Repository', back_populates='comments')
3963 repo = relationship('Repository', back_populates='comments')
3964 status_change = relationship('ChangesetStatus', cascade="all, delete-orphan", lazy='select', back_populates='comment')
3964 status_change = relationship('ChangesetStatus', cascade="all, delete-orphan", lazy='select', back_populates='comment')
3965 pull_request = relationship('PullRequest', lazy='select', back_populates='comments')
3965 pull_request = relationship('PullRequest', lazy='select', back_populates='comments')
3966 pull_request_version = relationship('PullRequestVersion', lazy='select')
3966 pull_request_version = relationship('PullRequestVersion', lazy='select')
3967 history = relationship('ChangesetCommentHistory', cascade='all, delete-orphan', lazy='select', order_by='ChangesetCommentHistory.version', back_populates="comment")
3967 history = relationship('ChangesetCommentHistory', cascade='all, delete-orphan', lazy='select', order_by='ChangesetCommentHistory.version', back_populates="comment")
3968
3968
3969 @classmethod
3969 @classmethod
3970 def get_users(cls, revision=None, pull_request_id=None):
3970 def get_users(cls, revision=None, pull_request_id=None):
3971 """
3971 """
3972 Returns user associated with this ChangesetComment. ie those
3972 Returns user associated with this ChangesetComment. ie those
3973 who actually commented
3973 who actually commented
3974
3974
3975 :param cls:
3975 :param cls:
3976 :param revision:
3976 :param revision:
3977 """
3977 """
3978 q = Session().query(User).join(ChangesetComment.author)
3978 q = Session().query(User).join(ChangesetComment.author)
3979 if revision:
3979 if revision:
3980 q = q.filter(cls.revision == revision)
3980 q = q.filter(cls.revision == revision)
3981 elif pull_request_id:
3981 elif pull_request_id:
3982 q = q.filter(cls.pull_request_id == pull_request_id)
3982 q = q.filter(cls.pull_request_id == pull_request_id)
3983 return q.all()
3983 return q.all()
3984
3984
3985 @classmethod
3985 @classmethod
3986 def get_index_from_version(cls, pr_version, versions=None, num_versions=None) -> int:
3986 def get_index_from_version(cls, pr_version, versions=None, num_versions=None) -> int:
3987 if pr_version is None:
3987 if pr_version is None:
3988 return 0
3988 return 0
3989
3989
3990 if versions is not None:
3990 if versions is not None:
3991 num_versions = [x.pull_request_version_id for x in versions]
3991 num_versions = [x.pull_request_version_id for x in versions]
3992
3992
3993 num_versions = num_versions or []
3993 num_versions = num_versions or []
3994 try:
3994 try:
3995 return num_versions.index(pr_version) + 1
3995 return num_versions.index(pr_version) + 1
3996 except (IndexError, ValueError):
3996 except (IndexError, ValueError):
3997 return 0
3997 return 0
3998
3998
3999 @property
3999 @property
4000 def outdated(self):
4000 def outdated(self):
4001 return self.display_state == self.COMMENT_OUTDATED
4001 return self.display_state == self.COMMENT_OUTDATED
4002
4002
4003 @property
4003 @property
4004 def outdated_js(self):
4004 def outdated_js(self):
4005 return str_json(self.display_state == self.COMMENT_OUTDATED)
4005 return str_json(self.display_state == self.COMMENT_OUTDATED)
4006
4006
4007 @property
4007 @property
4008 def immutable(self):
4008 def immutable(self):
4009 return self.immutable_state == self.OP_IMMUTABLE
4009 return self.immutable_state == self.OP_IMMUTABLE
4010
4010
4011 def outdated_at_version(self, version: int) -> bool:
4011 def outdated_at_version(self, version: int) -> bool:
4012 """
4012 """
4013 Checks if comment is outdated for given pull request version
4013 Checks if comment is outdated for given pull request version
4014 """
4014 """
4015
4015
4016 def version_check():
4016 def version_check():
4017 return self.pull_request_version_id and self.pull_request_version_id != version
4017 return self.pull_request_version_id and self.pull_request_version_id != version
4018
4018
4019 if self.is_inline:
4019 if self.is_inline:
4020 return self.outdated and version_check()
4020 return self.outdated and version_check()
4021 else:
4021 else:
4022 # general comments don't have .outdated set, also latest don't have a version
4022 # general comments don't have .outdated set, also latest don't have a version
4023 return version_check()
4023 return version_check()
4024
4024
4025 def outdated_at_version_js(self, version):
4025 def outdated_at_version_js(self, version):
4026 """
4026 """
4027 Checks if comment is outdated for given pull request version
4027 Checks if comment is outdated for given pull request version
4028 """
4028 """
4029 return str_json(self.outdated_at_version(version))
4029 return str_json(self.outdated_at_version(version))
4030
4030
4031 def older_than_version(self, version: int) -> bool:
4031 def older_than_version(self, version: int) -> bool:
4032 """
4032 """
4033 Checks if comment is made from a previous version than given.
4033 Checks if comment is made from a previous version than given.
4034 Assumes self.pull_request_version.pull_request_version_id is an integer if not None.
4034 Assumes self.pull_request_version.pull_request_version_id is an integer if not None.
4035 """
4035 """
4036
4036
4037 # If version is None, return False as the current version cannot be less than None
4037 # If version is None, return False as the current version cannot be less than None
4038 if version is None:
4038 if version is None:
4039 return False
4039 return False
4040
4040
4041 # Ensure that the version is an integer to prevent TypeError on comparison
4041 # Ensure that the version is an integer to prevent TypeError on comparison
4042 if not isinstance(version, int):
4042 if not isinstance(version, int):
4043 raise ValueError("The provided version must be an integer.")
4043 raise ValueError("The provided version must be an integer.")
4044
4044
4045 # Initialize current version to 0 or pull_request_version_id if it's available
4045 # Initialize current version to 0 or pull_request_version_id if it's available
4046 cur_ver = 0
4046 cur_ver = 0
4047 if self.pull_request_version and self.pull_request_version.pull_request_version_id is not None:
4047 if self.pull_request_version and self.pull_request_version.pull_request_version_id is not None:
4048 cur_ver = self.pull_request_version.pull_request_version_id
4048 cur_ver = self.pull_request_version.pull_request_version_id
4049
4049
4050 # Return True if the current version is less than the given version
4050 # Return True if the current version is less than the given version
4051 return cur_ver < version
4051 return cur_ver < version
4052
4052
4053 def older_than_version_js(self, version):
4053 def older_than_version_js(self, version):
4054 """
4054 """
4055 Checks if comment is made from previous version than given
4055 Checks if comment is made from previous version than given
4056 """
4056 """
4057 return str_json(self.older_than_version(version))
4057 return str_json(self.older_than_version(version))
4058
4058
4059 @property
4059 @property
4060 def commit_id(self):
4060 def commit_id(self):
4061 """New style naming to stop using .revision"""
4061 """New style naming to stop using .revision"""
4062 return self.revision
4062 return self.revision
4063
4063
4064 @property
4064 @property
4065 def resolved(self):
4065 def resolved(self):
4066 return self.resolved_by[0] if self.resolved_by else None
4066 return self.resolved_by[0] if self.resolved_by else None
4067
4067
4068 @property
4068 @property
4069 def is_todo(self):
4069 def is_todo(self):
4070 return self.comment_type == self.COMMENT_TYPE_TODO
4070 return self.comment_type == self.COMMENT_TYPE_TODO
4071
4071
4072 @property
4072 @property
4073 def is_inline(self):
4073 def is_inline(self):
4074 if self.line_no and self.f_path:
4074 if self.line_no and self.f_path:
4075 return True
4075 return True
4076 return False
4076 return False
4077
4077
4078 @property
4078 @property
4079 def last_version(self):
4079 def last_version(self):
4080 version = 0
4080 version = 0
4081 if self.history:
4081 if self.history:
4082 version = self.history[-1].version
4082 version = self.history[-1].version
4083 return version
4083 return version
4084
4084
4085 def get_index_version(self, versions):
4085 def get_index_version(self, versions):
4086 return self.get_index_from_version(
4086 return self.get_index_from_version(
4087 self.pull_request_version_id, versions)
4087 self.pull_request_version_id, versions)
4088
4088
4089 @property
4089 @property
4090 def review_status(self):
4090 def review_status(self):
4091 if self.status_change:
4091 if self.status_change:
4092 return self.status_change[0].status
4092 return self.status_change[0].status
4093
4093
4094 @property
4094 @property
4095 def review_status_lbl(self):
4095 def review_status_lbl(self):
4096 if self.status_change:
4096 if self.status_change:
4097 return self.status_change[0].status_lbl
4097 return self.status_change[0].status_lbl
4098
4098
4099 def __repr__(self):
4099 def __repr__(self):
4100 if self.comment_id:
4100 if self.comment_id:
4101 return f'<DB:Comment #{self.comment_id}>'
4101 return f'<DB:Comment #{self.comment_id}>'
4102 else:
4102 else:
4103 return f'<DB:Comment at {id(self)!r}>'
4103 return f'<DB:Comment at {id(self)!r}>'
4104
4104
4105 def get_api_data(self):
4105 def get_api_data(self):
4106 comment = self
4106 comment = self
4107
4107
4108 data = {
4108 data = {
4109 'comment_id': comment.comment_id,
4109 'comment_id': comment.comment_id,
4110 'comment_type': comment.comment_type,
4110 'comment_type': comment.comment_type,
4111 'comment_text': comment.text,
4111 'comment_text': comment.text,
4112 'comment_status': comment.status_change,
4112 'comment_status': comment.status_change,
4113 'comment_f_path': comment.f_path,
4113 'comment_f_path': comment.f_path,
4114 'comment_lineno': comment.line_no,
4114 'comment_lineno': comment.line_no,
4115 'comment_author': comment.author,
4115 'comment_author': comment.author,
4116 'comment_created_on': comment.created_on,
4116 'comment_created_on': comment.created_on,
4117 'comment_resolved_by': self.resolved,
4117 'comment_resolved_by': self.resolved,
4118 'comment_commit_id': comment.revision,
4118 'comment_commit_id': comment.revision,
4119 'comment_pull_request_id': comment.pull_request_id,
4119 'comment_pull_request_id': comment.pull_request_id,
4120 'comment_last_version': self.last_version
4120 'comment_last_version': self.last_version
4121 }
4121 }
4122 return data
4122 return data
4123
4123
4124 def __json__(self):
4124 def __json__(self):
4125 data = dict()
4125 data = dict()
4126 data.update(self.get_api_data())
4126 data.update(self.get_api_data())
4127 return data
4127 return data
4128
4128
4129
4129
4130 class ChangesetCommentHistory(Base, BaseModel):
4130 class ChangesetCommentHistory(Base, BaseModel):
4131 __tablename__ = 'changeset_comments_history'
4131 __tablename__ = 'changeset_comments_history'
4132 __table_args__ = (
4132 __table_args__ = (
4133 Index('cch_comment_id_idx', 'comment_id'),
4133 Index('cch_comment_id_idx', 'comment_id'),
4134 base_table_args,
4134 base_table_args,
4135 )
4135 )
4136
4136
4137 comment_history_id = Column('comment_history_id', Integer(), nullable=False, primary_key=True)
4137 comment_history_id = Column('comment_history_id', Integer(), nullable=False, primary_key=True)
4138 comment_id = Column('comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=False)
4138 comment_id = Column('comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=False)
4139 version = Column("version", Integer(), nullable=False, default=0)
4139 version = Column("version", Integer(), nullable=False, default=0)
4140 created_by_user_id = Column('created_by_user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
4140 created_by_user_id = Column('created_by_user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
4141 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
4141 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
4142 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4142 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4143 deleted = Column('deleted', Boolean(), default=False)
4143 deleted = Column('deleted', Boolean(), default=False)
4144
4144
4145 author = relationship('User', lazy='joined')
4145 author = relationship('User', lazy='joined')
4146 comment = relationship('ChangesetComment', cascade="all, delete", back_populates="history")
4146 comment = relationship('ChangesetComment', cascade="all, delete", back_populates="history")
4147
4147
4148 @classmethod
4148 @classmethod
4149 def get_version(cls, comment_id):
4149 def get_version(cls, comment_id):
4150 q = Session().query(ChangesetCommentHistory).filter(
4150 q = Session().query(ChangesetCommentHistory).filter(
4151 ChangesetCommentHistory.comment_id == comment_id).order_by(ChangesetCommentHistory.version.desc())
4151 ChangesetCommentHistory.comment_id == comment_id).order_by(ChangesetCommentHistory.version.desc())
4152 if q.count() == 0:
4152 if q.count() == 0:
4153 return 1
4153 return 1
4154 elif q.count() >= q[0].version:
4154 elif q.count() >= q[0].version:
4155 return q.count() + 1
4155 return q.count() + 1
4156 else:
4156 else:
4157 return q[0].version + 1
4157 return q[0].version + 1
4158
4158
4159
4159
4160 class ChangesetStatus(Base, BaseModel):
4160 class ChangesetStatus(Base, BaseModel):
4161 __tablename__ = 'changeset_statuses'
4161 __tablename__ = 'changeset_statuses'
4162 __table_args__ = (
4162 __table_args__ = (
4163 Index('cs_revision_idx', 'revision'),
4163 Index('cs_revision_idx', 'revision'),
4164 Index('cs_version_idx', 'version'),
4164 Index('cs_version_idx', 'version'),
4165 UniqueConstraint('repo_id', 'revision', 'version'),
4165 UniqueConstraint('repo_id', 'revision', 'version'),
4166 base_table_args
4166 base_table_args
4167 )
4167 )
4168
4168
4169 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
4169 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
4170 STATUS_APPROVED = 'approved'
4170 STATUS_APPROVED = 'approved'
4171 STATUS_REJECTED = 'rejected'
4171 STATUS_REJECTED = 'rejected'
4172 STATUS_UNDER_REVIEW = 'under_review'
4172 STATUS_UNDER_REVIEW = 'under_review'
4173
4173
4174 STATUSES = [
4174 STATUSES = [
4175 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
4175 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
4176 (STATUS_APPROVED, _("Approved")),
4176 (STATUS_APPROVED, _("Approved")),
4177 (STATUS_REJECTED, _("Rejected")),
4177 (STATUS_REJECTED, _("Rejected")),
4178 (STATUS_UNDER_REVIEW, _("Under Review")),
4178 (STATUS_UNDER_REVIEW, _("Under Review")),
4179 ]
4179 ]
4180
4180
4181 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
4181 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
4182 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
4182 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
4183 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
4183 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
4184 revision = Column('revision', String(40), nullable=False)
4184 revision = Column('revision', String(40), nullable=False)
4185 status = Column('status', String(128), nullable=False, default=DEFAULT)
4185 status = Column('status', String(128), nullable=False, default=DEFAULT)
4186 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
4186 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
4187 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
4187 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
4188 version = Column('version', Integer(), nullable=False, default=0)
4188 version = Column('version', Integer(), nullable=False, default=0)
4189 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
4189 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
4190
4190
4191 author = relationship('User', lazy='select')
4191 author = relationship('User', lazy='select')
4192 repo = relationship('Repository', lazy='select')
4192 repo = relationship('Repository', lazy='select')
4193 comment = relationship('ChangesetComment', lazy='select', back_populates='status_change')
4193 comment = relationship('ChangesetComment', lazy='select', back_populates='status_change')
4194 pull_request = relationship('PullRequest', lazy='select', back_populates='statuses')
4194 pull_request = relationship('PullRequest', lazy='select', back_populates='statuses')
4195
4195
4196 def __repr__(self):
4196 def __repr__(self):
4197 return f"<{self.cls_name}('{self.status}[v{self.version}]:{self.author}')>"
4197 return f"<{self.cls_name}('{self.status}[v{self.version}]:{self.author}')>"
4198
4198
4199 @classmethod
4199 @classmethod
4200 def get_status_lbl(cls, value):
4200 def get_status_lbl(cls, value):
4201 return dict(cls.STATUSES).get(value)
4201 return dict(cls.STATUSES).get(value)
4202
4202
4203 @property
4203 @property
4204 def status_lbl(self):
4204 def status_lbl(self):
4205 return ChangesetStatus.get_status_lbl(self.status)
4205 return ChangesetStatus.get_status_lbl(self.status)
4206
4206
4207 def get_api_data(self):
4207 def get_api_data(self):
4208 status = self
4208 status = self
4209 data = {
4209 data = {
4210 'status_id': status.changeset_status_id,
4210 'status_id': status.changeset_status_id,
4211 'status': status.status,
4211 'status': status.status,
4212 }
4212 }
4213 return data
4213 return data
4214
4214
4215 def __json__(self):
4215 def __json__(self):
4216 data = dict()
4216 data = dict()
4217 data.update(self.get_api_data())
4217 data.update(self.get_api_data())
4218 return data
4218 return data
4219
4219
4220
4220
4221 class _SetState(object):
4221 class _SetState(object):
4222 """
4222 """
4223 Context processor allowing changing state for sensitive operation such as
4223 Context processor allowing changing state for sensitive operation such as
4224 pull request update or merge
4224 pull request update or merge
4225 """
4225 """
4226
4226
4227 def __init__(self, pull_request, pr_state, back_state=None):
4227 def __init__(self, pull_request, pr_state, back_state=None):
4228 self._pr = pull_request
4228 self._pr = pull_request
4229 self._org_state = back_state or pull_request.pull_request_state
4229 self._org_state = back_state or pull_request.pull_request_state
4230 self._pr_state = pr_state
4230 self._pr_state = pr_state
4231 self._current_state = None
4231 self._current_state = None
4232
4232
4233 def __enter__(self):
4233 def __enter__(self):
4234 log.debug('StateLock: entering set state context of pr %s, setting state to: `%s`',
4234 log.debug('StateLock: entering set state context of pr %s, setting state to: `%s`',
4235 self._pr, self._pr_state)
4235 self._pr, self._pr_state)
4236 self.set_pr_state(self._pr_state)
4236 self.set_pr_state(self._pr_state)
4237 return self
4237 return self
4238
4238
4239 def __exit__(self, exc_type, exc_val, exc_tb):
4239 def __exit__(self, exc_type, exc_val, exc_tb):
4240 if exc_val is not None or exc_type is not None:
4240 if exc_val is not None or exc_type is not None:
4241 log.error(traceback.format_tb(exc_tb))
4241 log.error(traceback.format_tb(exc_tb))
4242 return None
4242 return None
4243
4243
4244 self.set_pr_state(self._org_state)
4244 self.set_pr_state(self._org_state)
4245 log.debug('StateLock: exiting set state context of pr %s, setting state to: `%s`',
4245 log.debug('StateLock: exiting set state context of pr %s, setting state to: `%s`',
4246 self._pr, self._org_state)
4246 self._pr, self._org_state)
4247
4247
4248 @property
4248 @property
4249 def state(self):
4249 def state(self):
4250 return self._current_state
4250 return self._current_state
4251
4251
4252 def set_pr_state(self, pr_state):
4252 def set_pr_state(self, pr_state):
4253 try:
4253 try:
4254 self._pr.pull_request_state = pr_state
4254 self._pr.pull_request_state = pr_state
4255 Session().add(self._pr)
4255 Session().add(self._pr)
4256 Session().commit()
4256 Session().commit()
4257 self._current_state = pr_state
4257 self._current_state = pr_state
4258 except Exception:
4258 except Exception:
4259 log.exception('Failed to set PullRequest %s state to %s', self._pr, pr_state)
4259 log.exception('Failed to set PullRequest %s state to %s', self._pr, pr_state)
4260 raise
4260 raise
4261
4261
4262
4262
4263 class _PullRequestBase(BaseModel):
4263 class _PullRequestBase(BaseModel):
4264 """
4264 """
4265 Common attributes of pull request and version entries.
4265 Common attributes of pull request and version entries.
4266 """
4266 """
4267
4267
4268 # .status values
4268 # .status values
4269 STATUS_NEW = 'new'
4269 STATUS_NEW = 'new'
4270 STATUS_OPEN = 'open'
4270 STATUS_OPEN = 'open'
4271 STATUS_CLOSED = 'closed'
4271 STATUS_CLOSED = 'closed'
4272
4272
4273 # available states
4273 # available states
4274 STATE_CREATING = 'creating'
4274 STATE_CREATING = 'creating'
4275 STATE_UPDATING = 'updating'
4275 STATE_UPDATING = 'updating'
4276 STATE_MERGING = 'merging'
4276 STATE_MERGING = 'merging'
4277 STATE_CREATED = 'created'
4277 STATE_CREATED = 'created'
4278
4278
4279 title = Column('title', Unicode(255), nullable=True)
4279 title = Column('title', Unicode(255), nullable=True)
4280 description = Column(
4280 description = Column(
4281 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
4281 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
4282 nullable=True)
4282 nullable=True)
4283 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
4283 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
4284
4284
4285 # new/open/closed status of pull request (not approve/reject/etc)
4285 # new/open/closed status of pull request (not approve/reject/etc)
4286 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
4286 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
4287 created_on = Column(
4287 created_on = Column(
4288 'created_on', DateTime(timezone=False), nullable=False,
4288 'created_on', DateTime(timezone=False), nullable=False,
4289 default=datetime.datetime.now)
4289 default=datetime.datetime.now)
4290 updated_on = Column(
4290 updated_on = Column(
4291 'updated_on', DateTime(timezone=False), nullable=False,
4291 'updated_on', DateTime(timezone=False), nullable=False,
4292 default=datetime.datetime.now)
4292 default=datetime.datetime.now)
4293
4293
4294 pull_request_state = Column("pull_request_state", String(255), nullable=True)
4294 pull_request_state = Column("pull_request_state", String(255), nullable=True)
4295
4295
4296 @declared_attr
4296 @declared_attr
4297 def user_id(cls):
4297 def user_id(cls):
4298 return Column(
4298 return Column(
4299 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
4299 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
4300 unique=None)
4300 unique=None)
4301
4301
4302 # 500 revisions max
4302 # 500 revisions max
4303 _revisions = Column(
4303 _revisions = Column(
4304 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
4304 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
4305
4305
4306 common_ancestor_id = Column('common_ancestor_id', Unicode(255), nullable=True)
4306 common_ancestor_id = Column('common_ancestor_id', Unicode(255), nullable=True)
4307
4307
4308 @declared_attr
4308 @declared_attr
4309 def source_repo_id(cls):
4309 def source_repo_id(cls):
4310 # TODO: dan: rename column to source_repo_id
4310 # TODO: dan: rename column to source_repo_id
4311 return Column(
4311 return Column(
4312 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
4312 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
4313 nullable=False)
4313 nullable=False)
4314
4314
4315 @declared_attr
4315 @declared_attr
4316 def pr_source(cls):
4316 def pr_source(cls):
4317 return relationship(
4317 return relationship(
4318 'Repository',
4318 'Repository',
4319 primaryjoin=f'{cls.__name__}.source_repo_id==Repository.repo_id',
4319 primaryjoin=f'{cls.__name__}.source_repo_id==Repository.repo_id',
4320 overlaps="pull_requests_source"
4320 overlaps="pull_requests_source"
4321 )
4321 )
4322
4322
4323 _source_ref = Column('org_ref', Unicode(255), nullable=False)
4323 _source_ref = Column('org_ref', Unicode(255), nullable=False)
4324
4324
4325 @hybrid_property
4325 @hybrid_property
4326 def source_ref(self):
4326 def source_ref(self):
4327 return self._source_ref
4327 return self._source_ref
4328
4328
4329 @source_ref.setter
4329 @source_ref.setter
4330 def source_ref(self, val):
4330 def source_ref(self, val):
4331 parts = (val or '').split(':')
4331 parts = (val or '').split(':')
4332 if len(parts) != 3:
4332 if len(parts) != 3:
4333 raise ValueError(
4333 raise ValueError(
4334 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
4334 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
4335 self._source_ref = safe_str(val)
4335 self._source_ref = safe_str(val)
4336
4336
4337 _target_ref = Column('other_ref', Unicode(255), nullable=False)
4337 _target_ref = Column('other_ref', Unicode(255), nullable=False)
4338
4338
4339 @hybrid_property
4339 @hybrid_property
4340 def target_ref(self):
4340 def target_ref(self):
4341 return self._target_ref
4341 return self._target_ref
4342
4342
4343 @target_ref.setter
4343 @target_ref.setter
4344 def target_ref(self, val):
4344 def target_ref(self, val):
4345 parts = (val or '').split(':')
4345 parts = (val or '').split(':')
4346 if len(parts) != 3:
4346 if len(parts) != 3:
4347 raise ValueError(
4347 raise ValueError(
4348 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
4348 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
4349 self._target_ref = safe_str(val)
4349 self._target_ref = safe_str(val)
4350
4350
4351 @declared_attr
4351 @declared_attr
4352 def target_repo_id(cls):
4352 def target_repo_id(cls):
4353 # TODO: dan: rename column to target_repo_id
4353 # TODO: dan: rename column to target_repo_id
4354 return Column(
4354 return Column(
4355 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
4355 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
4356 nullable=False)
4356 nullable=False)
4357
4357
4358 @declared_attr
4358 @declared_attr
4359 def pr_target(cls):
4359 def pr_target(cls):
4360 return relationship(
4360 return relationship(
4361 'Repository',
4361 'Repository',
4362 primaryjoin=f'{cls.__name__}.target_repo_id==Repository.repo_id',
4362 primaryjoin=f'{cls.__name__}.target_repo_id==Repository.repo_id',
4363 overlaps="pull_requests_target"
4363 overlaps="pull_requests_target"
4364 )
4364 )
4365
4365
4366 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
4366 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
4367
4367
4368 # TODO: dan: rename column to last_merge_source_rev
4368 # TODO: dan: rename column to last_merge_source_rev
4369 _last_merge_source_rev = Column(
4369 _last_merge_source_rev = Column(
4370 'last_merge_org_rev', String(40), nullable=True)
4370 'last_merge_org_rev', String(40), nullable=True)
4371 # TODO: dan: rename column to last_merge_target_rev
4371 # TODO: dan: rename column to last_merge_target_rev
4372 _last_merge_target_rev = Column(
4372 _last_merge_target_rev = Column(
4373 'last_merge_other_rev', String(40), nullable=True)
4373 'last_merge_other_rev', String(40), nullable=True)
4374 _last_merge_status = Column('merge_status', Integer(), nullable=True)
4374 _last_merge_status = Column('merge_status', Integer(), nullable=True)
4375 last_merge_metadata = Column(
4375 last_merge_metadata = Column(
4376 'last_merge_metadata', MutationObj.as_mutable(
4376 'last_merge_metadata', MutationObj.as_mutable(
4377 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4377 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4378
4378
4379 merge_rev = Column('merge_rev', String(40), nullable=True)
4379 merge_rev = Column('merge_rev', String(40), nullable=True)
4380
4380
4381 reviewer_data = Column(
4381 reviewer_data = Column(
4382 'reviewer_data_json', MutationObj.as_mutable(
4382 'reviewer_data_json', MutationObj.as_mutable(
4383 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4383 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4384
4384
4385 @property
4385 @property
4386 def reviewer_data_json(self):
4386 def reviewer_data_json(self):
4387 return str_json(self.reviewer_data)
4387 return str_json(self.reviewer_data)
4388
4388
4389 @property
4389 @property
4390 def last_merge_metadata_parsed(self):
4390 def last_merge_metadata_parsed(self):
4391 metadata = {}
4391 metadata = {}
4392 if not self.last_merge_metadata:
4392 if not self.last_merge_metadata:
4393 return metadata
4393 return metadata
4394
4394
4395 if hasattr(self.last_merge_metadata, 'de_coerce'):
4395 if hasattr(self.last_merge_metadata, 'de_coerce'):
4396 for k, v in self.last_merge_metadata.de_coerce().items():
4396 for k, v in self.last_merge_metadata.de_coerce().items():
4397 if k in ['target_ref', 'source_ref']:
4397 if k in ['target_ref', 'source_ref']:
4398 metadata[k] = Reference(v['type'], v['name'], v['commit_id'])
4398 metadata[k] = Reference(v['type'], v['name'], v['commit_id'])
4399 else:
4399 else:
4400 if hasattr(v, 'de_coerce'):
4400 if hasattr(v, 'de_coerce'):
4401 metadata[k] = v.de_coerce()
4401 metadata[k] = v.de_coerce()
4402 else:
4402 else:
4403 metadata[k] = v
4403 metadata[k] = v
4404 return metadata
4404 return metadata
4405
4405
4406 @property
4406 @property
4407 def work_in_progress(self):
4407 def work_in_progress(self):
4408 """checks if pull request is work in progress by checking the title"""
4408 """checks if pull request is work in progress by checking the title"""
4409 title = self.title.upper()
4409 title = self.title.upper()
4410 if re.match(r'^(\[WIP\]\s*|WIP:\s*|WIP\s+)', title):
4410 if re.match(r'^(\[WIP\]\s*|WIP:\s*|WIP\s+)', title):
4411 return True
4411 return True
4412 return False
4412 return False
4413
4413
4414 @property
4414 @property
4415 def title_safe(self):
4415 def title_safe(self):
4416 return self.title\
4416 return self.title\
4417 .replace('{', '{{')\
4417 .replace('{', '{{')\
4418 .replace('}', '}}')
4418 .replace('}', '}}')
4419
4419
4420 @hybrid_property
4420 @hybrid_property
4421 def description_safe(self):
4421 def description_safe(self):
4422 from rhodecode.lib import helpers as h
4422 from rhodecode.lib import helpers as h
4423 return h.escape(self.description)
4423 return h.escape(self.description)
4424
4424
4425 @hybrid_property
4425 @hybrid_property
4426 def revisions(self):
4426 def revisions(self):
4427 return self._revisions.split(':') if self._revisions else []
4427 return self._revisions.split(':') if self._revisions else []
4428
4428
4429 @revisions.setter
4429 @revisions.setter
4430 def revisions(self, val):
4430 def revisions(self, val):
4431 self._revisions = ':'.join(val)
4431 self._revisions = ':'.join(val)
4432
4432
4433 @hybrid_property
4433 @hybrid_property
4434 def last_merge_status(self):
4434 def last_merge_status(self):
4435 return safe_int(self._last_merge_status)
4435 return safe_int(self._last_merge_status)
4436
4436
4437 @last_merge_status.setter
4437 @last_merge_status.setter
4438 def last_merge_status(self, val):
4438 def last_merge_status(self, val):
4439 self._last_merge_status = val
4439 self._last_merge_status = val
4440
4440
4441 @declared_attr
4441 @declared_attr
4442 def author(cls):
4442 def author(cls):
4443 return relationship(
4443 return relationship(
4444 'User', lazy='joined',
4444 'User', lazy='joined',
4445 #TODO, problem that is somehow :?
4445 #TODO, problem that is somehow :?
4446 #back_populates='user_pull_requests'
4446 #back_populates='user_pull_requests'
4447 )
4447 )
4448
4448
4449 @declared_attr
4449 @declared_attr
4450 def source_repo(cls):
4450 def source_repo(cls):
4451 return relationship(
4451 return relationship(
4452 'Repository',
4452 'Repository',
4453 primaryjoin=f'{cls.__name__}.source_repo_id==Repository.repo_id',
4453 primaryjoin=f'{cls.__name__}.source_repo_id==Repository.repo_id',
4454 overlaps="pr_source"
4454 overlaps="pr_source"
4455 )
4455 )
4456
4456
4457 @property
4457 @property
4458 def source_ref_parts(self):
4458 def source_ref_parts(self):
4459 return self.unicode_to_reference(self.source_ref)
4459 return self.unicode_to_reference(self.source_ref)
4460
4460
4461 @declared_attr
4461 @declared_attr
4462 def target_repo(cls):
4462 def target_repo(cls):
4463 return relationship(
4463 return relationship(
4464 'Repository',
4464 'Repository',
4465 primaryjoin=f'{cls.__name__}.target_repo_id==Repository.repo_id',
4465 primaryjoin=f'{cls.__name__}.target_repo_id==Repository.repo_id',
4466 overlaps="pr_target"
4466 overlaps="pr_target"
4467 )
4467 )
4468
4468
4469 @property
4469 @property
4470 def target_ref_parts(self):
4470 def target_ref_parts(self):
4471 return self.unicode_to_reference(self.target_ref)
4471 return self.unicode_to_reference(self.target_ref)
4472
4472
4473 @property
4473 @property
4474 def shadow_merge_ref(self):
4474 def shadow_merge_ref(self):
4475 return self.unicode_to_reference(self._shadow_merge_ref)
4475 return self.unicode_to_reference(self._shadow_merge_ref)
4476
4476
4477 @shadow_merge_ref.setter
4477 @shadow_merge_ref.setter
4478 def shadow_merge_ref(self, ref):
4478 def shadow_merge_ref(self, ref):
4479 self._shadow_merge_ref = self.reference_to_unicode(ref)
4479 self._shadow_merge_ref = self.reference_to_unicode(ref)
4480
4480
4481 @staticmethod
4481 @staticmethod
4482 def unicode_to_reference(raw):
4482 def unicode_to_reference(raw):
4483 return unicode_to_reference(raw)
4483 return unicode_to_reference(raw)
4484
4484
4485 @staticmethod
4485 @staticmethod
4486 def reference_to_unicode(ref):
4486 def reference_to_unicode(ref):
4487 return reference_to_unicode(ref)
4487 return reference_to_unicode(ref)
4488
4488
4489 def get_api_data(self, with_merge_state=True):
4489 def get_api_data(self, with_merge_state=True):
4490 from rhodecode.model.pull_request import PullRequestModel
4490 from rhodecode.model.pull_request import PullRequestModel
4491
4491
4492 pull_request = self
4492 pull_request = self
4493 if with_merge_state:
4493 if with_merge_state:
4494 merge_response, merge_status, msg = \
4494 merge_response, merge_status, msg = \
4495 PullRequestModel().merge_status(pull_request)
4495 PullRequestModel().merge_status(pull_request)
4496 merge_state = {
4496 merge_state = {
4497 'status': merge_status,
4497 'status': merge_status,
4498 'message': safe_str(msg),
4498 'message': safe_str(msg),
4499 }
4499 }
4500 else:
4500 else:
4501 merge_state = {'status': 'not_available',
4501 merge_state = {'status': 'not_available',
4502 'message': 'not_available'}
4502 'message': 'not_available'}
4503
4503
4504 merge_data = {
4504 merge_data = {
4505 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
4505 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
4506 'reference': (
4506 'reference': (
4507 pull_request.shadow_merge_ref.asdict()
4507 pull_request.shadow_merge_ref.asdict()
4508 if pull_request.shadow_merge_ref else None),
4508 if pull_request.shadow_merge_ref else None),
4509 }
4509 }
4510
4510
4511 data = {
4511 data = {
4512 'pull_request_id': pull_request.pull_request_id,
4512 'pull_request_id': pull_request.pull_request_id,
4513 'url': PullRequestModel().get_url(pull_request),
4513 'url': PullRequestModel().get_url(pull_request),
4514 'title': pull_request.title,
4514 'title': pull_request.title,
4515 'description': pull_request.description,
4515 'description': pull_request.description,
4516 'status': pull_request.status,
4516 'status': pull_request.status,
4517 'state': pull_request.pull_request_state,
4517 'state': pull_request.pull_request_state,
4518 'created_on': pull_request.created_on,
4518 'created_on': pull_request.created_on,
4519 'updated_on': pull_request.updated_on,
4519 'updated_on': pull_request.updated_on,
4520 'commit_ids': pull_request.revisions,
4520 'commit_ids': pull_request.revisions,
4521 'review_status': pull_request.calculated_review_status(),
4521 'review_status': pull_request.calculated_review_status(),
4522 'mergeable': merge_state,
4522 'mergeable': merge_state,
4523 'source': {
4523 'source': {
4524 'clone_url': pull_request.source_repo.clone_url(),
4524 'clone_url': pull_request.source_repo.clone_url(),
4525 'repository': pull_request.source_repo.repo_name,
4525 'repository': pull_request.source_repo.repo_name,
4526 'reference': {
4526 'reference': {
4527 'name': pull_request.source_ref_parts.name,
4527 'name': pull_request.source_ref_parts.name,
4528 'type': pull_request.source_ref_parts.type,
4528 'type': pull_request.source_ref_parts.type,
4529 'commit_id': pull_request.source_ref_parts.commit_id,
4529 'commit_id': pull_request.source_ref_parts.commit_id,
4530 },
4530 },
4531 },
4531 },
4532 'target': {
4532 'target': {
4533 'clone_url': pull_request.target_repo.clone_url(),
4533 'clone_url': pull_request.target_repo.clone_url(),
4534 'repository': pull_request.target_repo.repo_name,
4534 'repository': pull_request.target_repo.repo_name,
4535 'reference': {
4535 'reference': {
4536 'name': pull_request.target_ref_parts.name,
4536 'name': pull_request.target_ref_parts.name,
4537 'type': pull_request.target_ref_parts.type,
4537 'type': pull_request.target_ref_parts.type,
4538 'commit_id': pull_request.target_ref_parts.commit_id,
4538 'commit_id': pull_request.target_ref_parts.commit_id,
4539 },
4539 },
4540 },
4540 },
4541 'merge': merge_data,
4541 'merge': merge_data,
4542 'author': pull_request.author.get_api_data(include_secrets=False,
4542 'author': pull_request.author.get_api_data(include_secrets=False,
4543 details='basic'),
4543 details='basic'),
4544 'reviewers': [
4544 'reviewers': [
4545 {
4545 {
4546 'user': reviewer.get_api_data(include_secrets=False,
4546 'user': reviewer.get_api_data(include_secrets=False,
4547 details='basic'),
4547 details='basic'),
4548 'reasons': reasons,
4548 'reasons': reasons,
4549 'review_status': st[0][1].status if st else 'not_reviewed',
4549 'review_status': st[0][1].status if st else 'not_reviewed',
4550 }
4550 }
4551 for obj, reviewer, reasons, mandatory, st in
4551 for obj, reviewer, reasons, mandatory, st in
4552 pull_request.reviewers_statuses()
4552 pull_request.reviewers_statuses()
4553 ]
4553 ]
4554 }
4554 }
4555
4555
4556 return data
4556 return data
4557
4557
4558 def set_state(self, pull_request_state, final_state=None):
4558 def set_state(self, pull_request_state, final_state=None):
4559 """
4559 """
4560 # goes from initial state to updating to initial state.
4560 # goes from initial state to updating to initial state.
4561 # initial state can be changed by specifying back_state=
4561 # initial state can be changed by specifying back_state=
4562 with pull_request_obj.set_state(PullRequest.STATE_UPDATING):
4562 with pull_request_obj.set_state(PullRequest.STATE_UPDATING):
4563 pull_request.merge()
4563 pull_request.merge()
4564
4564
4565 :param pull_request_state:
4565 :param pull_request_state:
4566 :param final_state:
4566 :param final_state:
4567
4567
4568 """
4568 """
4569
4569
4570 return _SetState(self, pull_request_state, back_state=final_state)
4570 return _SetState(self, pull_request_state, back_state=final_state)
4571
4571
4572
4572
4573 class PullRequest(Base, _PullRequestBase):
4573 class PullRequest(Base, _PullRequestBase):
4574 __tablename__ = 'pull_requests'
4574 __tablename__ = 'pull_requests'
4575 __table_args__ = (
4575 __table_args__ = (
4576 base_table_args,
4576 base_table_args,
4577 )
4577 )
4578 LATEST_VER = 'latest'
4578 LATEST_VER = 'latest'
4579
4579
4580 pull_request_id = Column(
4580 pull_request_id = Column(
4581 'pull_request_id', Integer(), nullable=False, primary_key=True)
4581 'pull_request_id', Integer(), nullable=False, primary_key=True)
4582
4582
4583 def __repr__(self):
4583 def __repr__(self):
4584 if self.pull_request_id:
4584 if self.pull_request_id:
4585 return f'<DB:PullRequest #{self.pull_request_id}>'
4585 return f'<DB:PullRequest #{self.pull_request_id}>'
4586 else:
4586 else:
4587 return f'<DB:PullRequest at {id(self)!r}>'
4587 return f'<DB:PullRequest at {id(self)!r}>'
4588
4588
4589 reviewers = relationship('PullRequestReviewers', cascade="all, delete-orphan", back_populates='pull_request')
4589 reviewers = relationship('PullRequestReviewers', cascade="all, delete-orphan", back_populates='pull_request')
4590 statuses = relationship('ChangesetStatus', cascade="all, delete-orphan", back_populates='pull_request')
4590 statuses = relationship('ChangesetStatus', cascade="all, delete-orphan", back_populates='pull_request')
4591 comments = relationship('ChangesetComment', cascade="all, delete-orphan", back_populates='pull_request')
4591 comments = relationship('ChangesetComment', cascade="all, delete-orphan", back_populates='pull_request')
4592 versions = relationship('PullRequestVersion', cascade="all, delete-orphan", lazy='dynamic', back_populates='pull_request')
4592 versions = relationship('PullRequestVersion', cascade="all, delete-orphan", lazy='dynamic', back_populates='pull_request')
4593
4593
4594 @classmethod
4594 @classmethod
4595 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
4595 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
4596 internal_methods=None):
4596 internal_methods=None):
4597
4597
4598 class PullRequestDisplay(object):
4598 class PullRequestDisplay(object):
4599 """
4599 """
4600 Special object wrapper for showing PullRequest data via Versions
4600 Special object wrapper for showing PullRequest data via Versions
4601 It mimics PR object as close as possible. This is read only object
4601 It mimics PR object as close as possible. This is read only object
4602 just for display
4602 just for display
4603 """
4603 """
4604
4604
4605 def __init__(self, attrs, internal=None):
4605 def __init__(self, attrs, internal=None):
4606 self.attrs = attrs
4606 self.attrs = attrs
4607 # internal have priority over the given ones via attrs
4607 # internal have priority over the given ones via attrs
4608 self.internal = internal or ['versions']
4608 self.internal = internal or ['versions']
4609
4609
4610 def __getattr__(self, item):
4610 def __getattr__(self, item):
4611 if item in self.internal:
4611 if item in self.internal:
4612 return getattr(self, item)
4612 return getattr(self, item)
4613 try:
4613 try:
4614 return self.attrs[item]
4614 return self.attrs[item]
4615 except KeyError:
4615 except KeyError:
4616 raise AttributeError(
4616 raise AttributeError(
4617 '%s object has no attribute %s' % (self, item))
4617 '%s object has no attribute %s' % (self, item))
4618
4618
4619 def __repr__(self):
4619 def __repr__(self):
4620 pr_id = self.attrs.get('pull_request_id')
4620 pr_id = self.attrs.get('pull_request_id')
4621 return f'<DB:PullRequestDisplay #{pr_id}>'
4621 return f'<DB:PullRequestDisplay #{pr_id}>'
4622
4622
4623 def versions(self):
4623 def versions(self):
4624 return pull_request_obj.versions.order_by(
4624 return pull_request_obj.versions.order_by(
4625 PullRequestVersion.pull_request_version_id).all()
4625 PullRequestVersion.pull_request_version_id).all()
4626
4626
4627 def is_closed(self):
4627 def is_closed(self):
4628 return pull_request_obj.is_closed()
4628 return pull_request_obj.is_closed()
4629
4629
4630 def is_state_changing(self):
4630 def is_state_changing(self):
4631 return pull_request_obj.is_state_changing()
4631 return pull_request_obj.is_state_changing()
4632
4632
4633 @property
4633 @property
4634 def pull_request_version_id(self):
4634 def pull_request_version_id(self):
4635 return getattr(pull_request_obj, 'pull_request_version_id', None)
4635 return getattr(pull_request_obj, 'pull_request_version_id', None)
4636
4636
4637 @property
4637 @property
4638 def pull_request_last_version(self):
4638 def pull_request_last_version(self):
4639 return pull_request_obj.pull_request_last_version
4639 return pull_request_obj.pull_request_last_version
4640
4640
4641 attrs = StrictAttributeDict(pull_request_obj.get_api_data(with_merge_state=False))
4641 attrs = StrictAttributeDict(pull_request_obj.get_api_data(with_merge_state=False))
4642
4642
4643 attrs.author = StrictAttributeDict(
4643 attrs.author = StrictAttributeDict(
4644 pull_request_obj.author.get_api_data())
4644 pull_request_obj.author.get_api_data())
4645 if pull_request_obj.target_repo:
4645 if pull_request_obj.target_repo:
4646 attrs.target_repo = StrictAttributeDict(
4646 attrs.target_repo = StrictAttributeDict(
4647 pull_request_obj.target_repo.get_api_data())
4647 pull_request_obj.target_repo.get_api_data())
4648 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
4648 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
4649
4649
4650 if pull_request_obj.source_repo:
4650 if pull_request_obj.source_repo:
4651 attrs.source_repo = StrictAttributeDict(
4651 attrs.source_repo = StrictAttributeDict(
4652 pull_request_obj.source_repo.get_api_data())
4652 pull_request_obj.source_repo.get_api_data())
4653 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
4653 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
4654
4654
4655 attrs.source_ref_parts = pull_request_obj.source_ref_parts
4655 attrs.source_ref_parts = pull_request_obj.source_ref_parts
4656 attrs.target_ref_parts = pull_request_obj.target_ref_parts
4656 attrs.target_ref_parts = pull_request_obj.target_ref_parts
4657 attrs.revisions = pull_request_obj.revisions
4657 attrs.revisions = pull_request_obj.revisions
4658 attrs.common_ancestor_id = pull_request_obj.common_ancestor_id
4658 attrs.common_ancestor_id = pull_request_obj.common_ancestor_id
4659 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
4659 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
4660 attrs.reviewer_data = org_pull_request_obj.reviewer_data
4660 attrs.reviewer_data = org_pull_request_obj.reviewer_data
4661 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
4661 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
4662
4662
4663 return PullRequestDisplay(attrs, internal=internal_methods)
4663 return PullRequestDisplay(attrs, internal=internal_methods)
4664
4664
4665 def is_closed(self):
4665 def is_closed(self):
4666 return self.status == self.STATUS_CLOSED
4666 return self.status == self.STATUS_CLOSED
4667
4667
4668 def is_state_changing(self):
4668 def is_state_changing(self):
4669 return self.pull_request_state != PullRequest.STATE_CREATED
4669 return self.pull_request_state != PullRequest.STATE_CREATED
4670
4670
4671 def __json__(self):
4671 def __json__(self):
4672 return {
4672 return {
4673 'revisions': self.revisions,
4673 'revisions': self.revisions,
4674 'versions': self.versions_count
4674 'versions': self.versions_count
4675 }
4675 }
4676
4676
4677 def calculated_review_status(self):
4677 def calculated_review_status(self):
4678 from rhodecode.model.changeset_status import ChangesetStatusModel
4678 from rhodecode.model.changeset_status import ChangesetStatusModel
4679 return ChangesetStatusModel().calculated_review_status(self)
4679 return ChangesetStatusModel().calculated_review_status(self)
4680
4680
4681 def reviewers_statuses(self, user=None):
4681 def reviewers_statuses(self, user=None):
4682 from rhodecode.model.changeset_status import ChangesetStatusModel
4682 from rhodecode.model.changeset_status import ChangesetStatusModel
4683 return ChangesetStatusModel().reviewers_statuses(self, user=user)
4683 return ChangesetStatusModel().reviewers_statuses(self, user=user)
4684
4684
4685 def get_pull_request_reviewers(self, role=None):
4685 def get_pull_request_reviewers(self, role=None):
4686 qry = PullRequestReviewers.query()\
4686 qry = PullRequestReviewers.query()\
4687 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)
4687 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)
4688 if role:
4688 if role:
4689 qry = qry.filter(PullRequestReviewers.role == role)
4689 qry = qry.filter(PullRequestReviewers.role == role)
4690
4690
4691 return qry.all()
4691 return qry.all()
4692
4692
4693 @property
4693 @property
4694 def reviewers_count(self):
4694 def reviewers_count(self):
4695 qry = PullRequestReviewers.query()\
4695 qry = PullRequestReviewers.query()\
4696 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4696 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4697 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_REVIEWER)
4697 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_REVIEWER)
4698 return qry.count()
4698 return qry.count()
4699
4699
4700 @property
4700 @property
4701 def observers_count(self):
4701 def observers_count(self):
4702 qry = PullRequestReviewers.query()\
4702 qry = PullRequestReviewers.query()\
4703 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4703 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4704 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_OBSERVER)
4704 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_OBSERVER)
4705 return qry.count()
4705 return qry.count()
4706
4706
4707 def observers(self):
4707 def observers(self):
4708 qry = PullRequestReviewers.query()\
4708 qry = PullRequestReviewers.query()\
4709 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4709 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4710 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_OBSERVER)\
4710 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_OBSERVER)\
4711 .all()
4711 .all()
4712
4712
4713 for entry in qry:
4713 for entry in qry:
4714 yield entry, entry.user
4714 yield entry, entry.user
4715
4715
4716 @property
4716 @property
4717 def workspace_id(self):
4717 def workspace_id(self):
4718 from rhodecode.model.pull_request import PullRequestModel
4718 from rhodecode.model.pull_request import PullRequestModel
4719 return PullRequestModel()._workspace_id(self)
4719 return PullRequestModel()._workspace_id(self)
4720
4720
4721 def get_shadow_repo(self):
4721 def get_shadow_repo(self):
4722 workspace_id = self.workspace_id
4722 workspace_id = self.workspace_id
4723 shadow_repository_path = self.target_repo.get_shadow_repository_path(workspace_id)
4723 shadow_repository_path = self.target_repo.get_shadow_repository_path(workspace_id)
4724 if os.path.isdir(shadow_repository_path):
4724 if os.path.isdir(shadow_repository_path):
4725 vcs_obj = self.target_repo.scm_instance()
4725 vcs_obj = self.target_repo.scm_instance()
4726 return vcs_obj.get_shadow_instance(shadow_repository_path)
4726 return vcs_obj.get_shadow_instance(shadow_repository_path)
4727
4727
4728 @property
4728 @property
4729 def versions_count(self):
4729 def versions_count(self):
4730 """
4730 """
4731 return number of versions this PR have, e.g a PR that once been
4731 return number of versions this PR have, e.g a PR that once been
4732 updated will have 2 versions
4732 updated will have 2 versions
4733 """
4733 """
4734 return self.versions.count() + 1
4734 return self.versions.count() + 1
4735
4735
4736 @property
4736 @property
4737 def pull_request_last_version(self):
4737 def pull_request_last_version(self):
4738 return self.versions_count
4738 return self.versions_count
4739
4739
4740
4740
4741 class PullRequestVersion(Base, _PullRequestBase):
4741 class PullRequestVersion(Base, _PullRequestBase):
4742 __tablename__ = 'pull_request_versions'
4742 __tablename__ = 'pull_request_versions'
4743 __table_args__ = (
4743 __table_args__ = (
4744 base_table_args,
4744 base_table_args,
4745 )
4745 )
4746
4746
4747 pull_request_version_id = Column('pull_request_version_id', Integer(), nullable=False, primary_key=True)
4747 pull_request_version_id = Column('pull_request_version_id', Integer(), nullable=False, primary_key=True)
4748 pull_request_id = Column('pull_request_id', Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=False)
4748 pull_request_id = Column('pull_request_id', Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=False)
4749 pull_request = relationship('PullRequest', back_populates='versions')
4749 pull_request = relationship('PullRequest', back_populates='versions')
4750
4750
4751 def __repr__(self):
4751 def __repr__(self):
4752 if self.pull_request_version_id:
4752 if self.pull_request_version_id:
4753 return f'<DB:PullRequestVersion #{self.pull_request_version_id}>'
4753 return f'<DB:PullRequestVersion #{self.pull_request_version_id}>'
4754 else:
4754 else:
4755 return f'<DB:PullRequestVersion at {id(self)!r}>'
4755 return f'<DB:PullRequestVersion at {id(self)!r}>'
4756
4756
4757 @property
4757 @property
4758 def reviewers(self):
4758 def reviewers(self):
4759 return self.pull_request.reviewers
4759 return self.pull_request.reviewers
4760
4760
4761 @property
4761 @property
4762 def versions(self):
4762 def versions(self):
4763 return self.pull_request.versions
4763 return self.pull_request.versions
4764
4764
4765 def is_closed(self):
4765 def is_closed(self):
4766 # calculate from original
4766 # calculate from original
4767 return self.pull_request.status == self.STATUS_CLOSED
4767 return self.pull_request.status == self.STATUS_CLOSED
4768
4768
4769 def is_state_changing(self):
4769 def is_state_changing(self):
4770 return self.pull_request.pull_request_state != PullRequest.STATE_CREATED
4770 return self.pull_request.pull_request_state != PullRequest.STATE_CREATED
4771
4771
4772 def calculated_review_status(self):
4772 def calculated_review_status(self):
4773 return self.pull_request.calculated_review_status()
4773 return self.pull_request.calculated_review_status()
4774
4774
4775 def reviewers_statuses(self):
4775 def reviewers_statuses(self):
4776 return self.pull_request.reviewers_statuses()
4776 return self.pull_request.reviewers_statuses()
4777
4777
4778 def observers(self):
4778 def observers(self):
4779 return self.pull_request.observers()
4779 return self.pull_request.observers()
4780
4780
4781
4781
4782 class PullRequestReviewers(Base, BaseModel):
4782 class PullRequestReviewers(Base, BaseModel):
4783 __tablename__ = 'pull_request_reviewers'
4783 __tablename__ = 'pull_request_reviewers'
4784 __table_args__ = (
4784 __table_args__ = (
4785 base_table_args,
4785 base_table_args,
4786 )
4786 )
4787 ROLE_REVIEWER = 'reviewer'
4787 ROLE_REVIEWER = 'reviewer'
4788 ROLE_OBSERVER = 'observer'
4788 ROLE_OBSERVER = 'observer'
4789 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
4789 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
4790
4790
4791 @hybrid_property
4791 @hybrid_property
4792 def reasons(self):
4792 def reasons(self):
4793 if not self._reasons:
4793 if not self._reasons:
4794 return []
4794 return []
4795 return self._reasons
4795 return self._reasons
4796
4796
4797 @reasons.setter
4797 @reasons.setter
4798 def reasons(self, val):
4798 def reasons(self, val):
4799 val = val or []
4799 val = val or []
4800 if any(not isinstance(x, str) for x in val):
4800 if any(not isinstance(x, str) for x in val):
4801 raise Exception('invalid reasons type, must be list of strings')
4801 raise Exception('invalid reasons type, must be list of strings')
4802 self._reasons = val
4802 self._reasons = val
4803
4803
4804 pull_requests_reviewers_id = Column(
4804 pull_requests_reviewers_id = Column(
4805 'pull_requests_reviewers_id', Integer(), nullable=False,
4805 'pull_requests_reviewers_id', Integer(), nullable=False,
4806 primary_key=True)
4806 primary_key=True)
4807 pull_request_id = Column(
4807 pull_request_id = Column(
4808 "pull_request_id", Integer(),
4808 "pull_request_id", Integer(),
4809 ForeignKey('pull_requests.pull_request_id'), nullable=False)
4809 ForeignKey('pull_requests.pull_request_id'), nullable=False)
4810 user_id = Column(
4810 user_id = Column(
4811 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
4811 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
4812 _reasons = Column(
4812 _reasons = Column(
4813 'reason', MutationList.as_mutable(
4813 'reason', MutationList.as_mutable(
4814 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
4814 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
4815
4815
4816 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4816 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4817 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
4817 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
4818
4818
4819 user = relationship('User')
4819 user = relationship('User')
4820 pull_request = relationship('PullRequest', back_populates='reviewers')
4820 pull_request = relationship('PullRequest', back_populates='reviewers')
4821
4821
4822 rule_data = Column(
4822 rule_data = Column(
4823 'rule_data_json',
4823 'rule_data_json',
4824 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
4824 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
4825
4825
4826 def rule_user_group_data(self):
4826 def rule_user_group_data(self):
4827 """
4827 """
4828 Returns the voting user group rule data for this reviewer
4828 Returns the voting user group rule data for this reviewer
4829 """
4829 """
4830
4830
4831 if self.rule_data and 'vote_rule' in self.rule_data:
4831 if self.rule_data and 'vote_rule' in self.rule_data:
4832 user_group_data = {}
4832 user_group_data = {}
4833 if 'rule_user_group_entry_id' in self.rule_data:
4833 if 'rule_user_group_entry_id' in self.rule_data:
4834 # means a group with voting rules !
4834 # means a group with voting rules !
4835 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
4835 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
4836 user_group_data['name'] = self.rule_data['rule_name']
4836 user_group_data['name'] = self.rule_data['rule_name']
4837 user_group_data['vote_rule'] = self.rule_data['vote_rule']
4837 user_group_data['vote_rule'] = self.rule_data['vote_rule']
4838
4838
4839 return user_group_data
4839 return user_group_data
4840
4840
4841 @classmethod
4841 @classmethod
4842 def get_pull_request_reviewers(cls, pull_request_id, role=None):
4842 def get_pull_request_reviewers(cls, pull_request_id, role=None):
4843 qry = PullRequestReviewers.query()\
4843 qry = PullRequestReviewers.query()\
4844 .filter(PullRequestReviewers.pull_request_id == pull_request_id)
4844 .filter(PullRequestReviewers.pull_request_id == pull_request_id)
4845 if role:
4845 if role:
4846 qry = qry.filter(PullRequestReviewers.role == role)
4846 qry = qry.filter(PullRequestReviewers.role == role)
4847
4847
4848 return qry.all()
4848 return qry.all()
4849
4849
4850 def __repr__(self):
4850 def __repr__(self):
4851 return f"<{self.cls_name}('id:{self.pull_requests_reviewers_id}')>"
4851 return f"<{self.cls_name}('id:{self.pull_requests_reviewers_id}')>"
4852
4852
4853
4853
4854 class Notification(Base, BaseModel):
4854 class Notification(Base, BaseModel):
4855 __tablename__ = 'notifications'
4855 __tablename__ = 'notifications'
4856 __table_args__ = (
4856 __table_args__ = (
4857 Index('notification_type_idx', 'type'),
4857 Index('notification_type_idx', 'type'),
4858 base_table_args,
4858 base_table_args,
4859 )
4859 )
4860
4860
4861 TYPE_CHANGESET_COMMENT = 'cs_comment'
4861 TYPE_CHANGESET_COMMENT = 'cs_comment'
4862 TYPE_MESSAGE = 'message'
4862 TYPE_MESSAGE = 'message'
4863 TYPE_MENTION = 'mention'
4863 TYPE_MENTION = 'mention'
4864 TYPE_REGISTRATION = 'registration'
4864 TYPE_REGISTRATION = 'registration'
4865 TYPE_PULL_REQUEST = 'pull_request'
4865 TYPE_PULL_REQUEST = 'pull_request'
4866 TYPE_PULL_REQUEST_COMMENT = 'pull_request_comment'
4866 TYPE_PULL_REQUEST_COMMENT = 'pull_request_comment'
4867 TYPE_PULL_REQUEST_UPDATE = 'pull_request_update'
4867 TYPE_PULL_REQUEST_UPDATE = 'pull_request_update'
4868
4868
4869 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
4869 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
4870 subject = Column('subject', Unicode(512), nullable=True)
4870 subject = Column('subject', Unicode(512), nullable=True)
4871 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4871 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4872 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
4872 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
4873 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4873 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4874 type_ = Column('type', Unicode(255))
4874 type_ = Column('type', Unicode(255))
4875
4875
4876 created_by_user = relationship('User', back_populates='user_created_notifications')
4876 created_by_user = relationship('User', back_populates='user_created_notifications')
4877 notifications_to_users = relationship('UserNotification', lazy='joined', cascade="all, delete-orphan", back_populates='notification')
4877 notifications_to_users = relationship('UserNotification', lazy='joined', cascade="all, delete-orphan", back_populates='notification')
4878
4878
4879 @property
4879 @property
4880 def recipients(self):
4880 def recipients(self):
4881 return [x.user for x in UserNotification.query()\
4881 return [x.user for x in UserNotification.query()\
4882 .filter(UserNotification.notification == self)\
4882 .filter(UserNotification.notification == self)\
4883 .order_by(UserNotification.user_id.asc()).all()]
4883 .order_by(UserNotification.user_id.asc()).all()]
4884
4884
4885 @classmethod
4885 @classmethod
4886 def create(cls, created_by, subject, body, recipients, type_=None):
4886 def create(cls, created_by, subject, body, recipients, type_=None):
4887 if type_ is None:
4887 if type_ is None:
4888 type_ = Notification.TYPE_MESSAGE
4888 type_ = Notification.TYPE_MESSAGE
4889
4889
4890 notification = cls()
4890 notification = cls()
4891 notification.created_by_user = created_by
4891 notification.created_by_user = created_by
4892 notification.subject = subject
4892 notification.subject = subject
4893 notification.body = body
4893 notification.body = body
4894 notification.type_ = type_
4894 notification.type_ = type_
4895 notification.created_on = datetime.datetime.now()
4895 notification.created_on = datetime.datetime.now()
4896
4896
4897 # For each recipient link the created notification to his account
4897 # For each recipient link the created notification to his account
4898 for u in recipients:
4898 for u in recipients:
4899 assoc = UserNotification()
4899 assoc = UserNotification()
4900 assoc.user_id = u.user_id
4900 assoc.user_id = u.user_id
4901 assoc.notification = notification
4901 assoc.notification = notification
4902
4902
4903 # if created_by is inside recipients mark his notification
4903 # if created_by is inside recipients mark his notification
4904 # as read
4904 # as read
4905 if u.user_id == created_by.user_id:
4905 if u.user_id == created_by.user_id:
4906 assoc.read = True
4906 assoc.read = True
4907 Session().add(assoc)
4907 Session().add(assoc)
4908
4908
4909 Session().add(notification)
4909 Session().add(notification)
4910
4910
4911 return notification
4911 return notification
4912
4912
4913
4913
4914 class UserNotification(Base, BaseModel):
4914 class UserNotification(Base, BaseModel):
4915 __tablename__ = 'user_to_notification'
4915 __tablename__ = 'user_to_notification'
4916 __table_args__ = (
4916 __table_args__ = (
4917 UniqueConstraint('user_id', 'notification_id'),
4917 UniqueConstraint('user_id', 'notification_id'),
4918 base_table_args
4918 base_table_args
4919 )
4919 )
4920
4920
4921 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4921 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4922 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
4922 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
4923 read = Column('read', Boolean, default=False)
4923 read = Column('read', Boolean, default=False)
4924 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
4924 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
4925
4925
4926 user = relationship('User', lazy="joined", back_populates='notifications')
4926 user = relationship('User', lazy="joined", back_populates='notifications')
4927 notification = relationship('Notification', lazy="joined", order_by=lambda: Notification.created_on.desc(), back_populates='notifications_to_users')
4927 notification = relationship('Notification', lazy="joined", order_by=lambda: Notification.created_on.desc(), back_populates='notifications_to_users')
4928
4928
4929 def mark_as_read(self):
4929 def mark_as_read(self):
4930 self.read = True
4930 self.read = True
4931 Session().add(self)
4931 Session().add(self)
4932
4932
4933
4933
4934 class UserNotice(Base, BaseModel):
4934 class UserNotice(Base, BaseModel):
4935 __tablename__ = 'user_notices'
4935 __tablename__ = 'user_notices'
4936 __table_args__ = (
4936 __table_args__ = (
4937 base_table_args
4937 base_table_args
4938 )
4938 )
4939
4939
4940 NOTIFICATION_TYPE_MESSAGE = 'message'
4940 NOTIFICATION_TYPE_MESSAGE = 'message'
4941 NOTIFICATION_TYPE_NOTICE = 'notice'
4941 NOTIFICATION_TYPE_NOTICE = 'notice'
4942
4942
4943 NOTIFICATION_LEVEL_INFO = 'info'
4943 NOTIFICATION_LEVEL_INFO = 'info'
4944 NOTIFICATION_LEVEL_WARNING = 'warning'
4944 NOTIFICATION_LEVEL_WARNING = 'warning'
4945 NOTIFICATION_LEVEL_ERROR = 'error'
4945 NOTIFICATION_LEVEL_ERROR = 'error'
4946
4946
4947 user_notice_id = Column('gist_id', Integer(), primary_key=True)
4947 user_notice_id = Column('gist_id', Integer(), primary_key=True)
4948
4948
4949 notice_subject = Column('notice_subject', Unicode(512), nullable=True)
4949 notice_subject = Column('notice_subject', Unicode(512), nullable=True)
4950 notice_body = Column('notice_body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4950 notice_body = Column('notice_body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4951
4951
4952 notice_read = Column('notice_read', Boolean, default=False)
4952 notice_read = Column('notice_read', Boolean, default=False)
4953
4953
4954 notification_level = Column('notification_level', String(1024), default=NOTIFICATION_LEVEL_INFO)
4954 notification_level = Column('notification_level', String(1024), default=NOTIFICATION_LEVEL_INFO)
4955 notification_type = Column('notification_type', String(1024), default=NOTIFICATION_TYPE_NOTICE)
4955 notification_type = Column('notification_type', String(1024), default=NOTIFICATION_TYPE_NOTICE)
4956
4956
4957 notice_created_by = Column('notice_created_by', Integer(), ForeignKey('users.user_id'), nullable=True)
4957 notice_created_by = Column('notice_created_by', Integer(), ForeignKey('users.user_id'), nullable=True)
4958 notice_created_on = Column('notice_created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4958 notice_created_on = Column('notice_created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4959
4959
4960 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'))
4960 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'))
4961 user = relationship('User', lazy="joined", primaryjoin='User.user_id==UserNotice.user_id')
4961 user = relationship('User', lazy="joined", primaryjoin='User.user_id==UserNotice.user_id')
4962
4962
4963 @classmethod
4963 @classmethod
4964 def create_for_user(cls, user, subject, body, notice_level=NOTIFICATION_LEVEL_INFO, allow_duplicate=False):
4964 def create_for_user(cls, user, subject, body, notice_level=NOTIFICATION_LEVEL_INFO, allow_duplicate=False):
4965
4965
4966 if notice_level not in [cls.NOTIFICATION_LEVEL_ERROR,
4966 if notice_level not in [cls.NOTIFICATION_LEVEL_ERROR,
4967 cls.NOTIFICATION_LEVEL_WARNING,
4967 cls.NOTIFICATION_LEVEL_WARNING,
4968 cls.NOTIFICATION_LEVEL_INFO]:
4968 cls.NOTIFICATION_LEVEL_INFO]:
4969 return
4969 return
4970
4970
4971 from rhodecode.model.user import UserModel
4971 from rhodecode.model.user import UserModel
4972 user = UserModel().get_user(user)
4972 user = UserModel().get_user(user)
4973
4973
4974 new_notice = UserNotice()
4974 new_notice = UserNotice()
4975 if not allow_duplicate:
4975 if not allow_duplicate:
4976 existing_msg = UserNotice().query() \
4976 existing_msg = UserNotice().query() \
4977 .filter(UserNotice.user == user) \
4977 .filter(UserNotice.user == user) \
4978 .filter(UserNotice.notice_body == body) \
4978 .filter(UserNotice.notice_body == body) \
4979 .filter(UserNotice.notice_read == false()) \
4979 .filter(UserNotice.notice_read == false()) \
4980 .scalar()
4980 .scalar()
4981 if existing_msg:
4981 if existing_msg:
4982 log.warning('Ignoring duplicate notice for user %s', user)
4982 log.warning('Ignoring duplicate notice for user %s', user)
4983 return
4983 return
4984
4984
4985 new_notice.user = user
4985 new_notice.user = user
4986 new_notice.notice_subject = subject
4986 new_notice.notice_subject = subject
4987 new_notice.notice_body = body
4987 new_notice.notice_body = body
4988 new_notice.notification_level = notice_level
4988 new_notice.notification_level = notice_level
4989 Session().add(new_notice)
4989 Session().add(new_notice)
4990 Session().commit()
4990 Session().commit()
4991
4991
4992
4992
4993 class Gist(Base, BaseModel):
4993 class Gist(Base, BaseModel):
4994 __tablename__ = 'gists'
4994 __tablename__ = 'gists'
4995 __table_args__ = (
4995 __table_args__ = (
4996 Index('g_gist_access_id_idx', 'gist_access_id'),
4996 Index('g_gist_access_id_idx', 'gist_access_id'),
4997 Index('g_created_on_idx', 'created_on'),
4997 Index('g_created_on_idx', 'created_on'),
4998 base_table_args
4998 base_table_args
4999 )
4999 )
5000
5000
5001 GIST_PUBLIC = 'public'
5001 GIST_PUBLIC = 'public'
5002 GIST_PRIVATE = 'private'
5002 GIST_PRIVATE = 'private'
5003 DEFAULT_FILENAME = 'gistfile1.txt'
5003 DEFAULT_FILENAME = 'gistfile1.txt'
5004
5004
5005 ACL_LEVEL_PUBLIC = 'acl_public'
5005 ACL_LEVEL_PUBLIC = 'acl_public'
5006 ACL_LEVEL_PRIVATE = 'acl_private'
5006 ACL_LEVEL_PRIVATE = 'acl_private'
5007
5007
5008 gist_id = Column('gist_id', Integer(), primary_key=True)
5008 gist_id = Column('gist_id', Integer(), primary_key=True)
5009 gist_access_id = Column('gist_access_id', Unicode(250))
5009 gist_access_id = Column('gist_access_id', Unicode(250))
5010 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
5010 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
5011 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
5011 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
5012 gist_expires = Column('gist_expires', Float(53), nullable=False)
5012 gist_expires = Column('gist_expires', Float(53), nullable=False)
5013 gist_type = Column('gist_type', Unicode(128), nullable=False)
5013 gist_type = Column('gist_type', Unicode(128), nullable=False)
5014 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5014 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5015 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5015 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5016 acl_level = Column('acl_level', Unicode(128), nullable=True)
5016 acl_level = Column('acl_level', Unicode(128), nullable=True)
5017
5017
5018 owner = relationship('User', back_populates='user_gists')
5018 owner = relationship('User', back_populates='user_gists')
5019
5019
5020 def __repr__(self):
5020 def __repr__(self):
5021 return f'<Gist:[{self.gist_type}]{self.gist_access_id}>'
5021 return f'<Gist:[{self.gist_type}]{self.gist_access_id}>'
5022
5022
5023 @hybrid_property
5023 @hybrid_property
5024 def description_safe(self):
5024 def description_safe(self):
5025 from rhodecode.lib import helpers as h
5025 from rhodecode.lib import helpers as h
5026 return h.escape(self.gist_description)
5026 return h.escape(self.gist_description)
5027
5027
5028 @classmethod
5028 @classmethod
5029 def get_or_404(cls, id_):
5029 def get_or_404(cls, id_):
5030 from pyramid.httpexceptions import HTTPNotFound
5030 from pyramid.httpexceptions import HTTPNotFound
5031
5031
5032 res = cls.query().filter(cls.gist_access_id == id_).scalar()
5032 res = cls.query().filter(cls.gist_access_id == id_).scalar()
5033 if not res:
5033 if not res:
5034 log.debug('WARN: No DB entry with id %s', id_)
5034 log.debug('WARN: No DB entry with id %s', id_)
5035 raise HTTPNotFound()
5035 raise HTTPNotFound()
5036 return res
5036 return res
5037
5037
5038 @classmethod
5038 @classmethod
5039 def get_by_access_id(cls, gist_access_id):
5039 def get_by_access_id(cls, gist_access_id):
5040 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
5040 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
5041
5041
5042 def gist_url(self):
5042 def gist_url(self):
5043 from rhodecode.model.gist import GistModel
5043 from rhodecode.model.gist import GistModel
5044 return GistModel().get_url(self)
5044 return GistModel().get_url(self)
5045
5045
5046 @classmethod
5046 @classmethod
5047 def base_path(cls):
5047 def base_path(cls):
5048 """
5048 """
5049 Returns base path when all gists are stored
5049 Returns base path when all gists are stored
5050
5050
5051 :param cls:
5051 :param cls:
5052 """
5052 """
5053 from rhodecode.model.gist import GIST_STORE_LOC
5053 from rhodecode.model.gist import GIST_STORE_LOC
5054 from rhodecode.lib.utils import get_rhodecode_repo_store_path
5054 from rhodecode.lib.utils import get_rhodecode_repo_store_path
5055 repo_store_path = get_rhodecode_repo_store_path()
5055 repo_store_path = get_rhodecode_repo_store_path()
5056 return os.path.join(repo_store_path, GIST_STORE_LOC)
5056 return os.path.join(repo_store_path, GIST_STORE_LOC)
5057
5057
5058 def get_api_data(self):
5058 def get_api_data(self):
5059 """
5059 """
5060 Common function for generating gist related data for API
5060 Common function for generating gist related data for API
5061 """
5061 """
5062 gist = self
5062 gist = self
5063 data = {
5063 data = {
5064 'gist_id': gist.gist_id,
5064 'gist_id': gist.gist_id,
5065 'type': gist.gist_type,
5065 'type': gist.gist_type,
5066 'access_id': gist.gist_access_id,
5066 'access_id': gist.gist_access_id,
5067 'description': gist.gist_description,
5067 'description': gist.gist_description,
5068 'url': gist.gist_url(),
5068 'url': gist.gist_url(),
5069 'expires': gist.gist_expires,
5069 'expires': gist.gist_expires,
5070 'created_on': gist.created_on,
5070 'created_on': gist.created_on,
5071 'modified_at': gist.modified_at,
5071 'modified_at': gist.modified_at,
5072 'content': None,
5072 'content': None,
5073 'acl_level': gist.acl_level,
5073 'acl_level': gist.acl_level,
5074 }
5074 }
5075 return data
5075 return data
5076
5076
5077 def __json__(self):
5077 def __json__(self):
5078 data = dict()
5078 data = dict()
5079 data.update(self.get_api_data())
5079 data.update(self.get_api_data())
5080 return data
5080 return data
5081 # SCM functions
5081 # SCM functions
5082
5082
5083 def scm_instance(self, **kwargs):
5083 def scm_instance(self, **kwargs):
5084 """
5084 """
5085 Get an instance of VCS Repository
5085 Get an instance of VCS Repository
5086
5086
5087 :param kwargs:
5087 :param kwargs:
5088 """
5088 """
5089 from rhodecode.model.gist import GistModel
5089 from rhodecode.model.gist import GistModel
5090 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
5090 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
5091 return get_vcs_instance(
5091 return get_vcs_instance(
5092 repo_path=safe_str(full_repo_path), create=False,
5092 repo_path=safe_str(full_repo_path), create=False,
5093 _vcs_alias=GistModel.vcs_backend)
5093 _vcs_alias=GistModel.vcs_backend)
5094
5094
5095
5095
5096 class ExternalIdentity(Base, BaseModel):
5096 class ExternalIdentity(Base, BaseModel):
5097 __tablename__ = 'external_identities'
5097 __tablename__ = 'external_identities'
5098 __table_args__ = (
5098 __table_args__ = (
5099 Index('local_user_id_idx', 'local_user_id'),
5099 Index('local_user_id_idx', 'local_user_id'),
5100 Index('external_id_idx', 'external_id'),
5100 Index('external_id_idx', 'external_id'),
5101 base_table_args
5101 base_table_args
5102 )
5102 )
5103
5103
5104 external_id = Column('external_id', Unicode(255), default='', primary_key=True)
5104 external_id = Column('external_id', Unicode(255), default='', primary_key=True)
5105 external_username = Column('external_username', Unicode(1024), default='')
5105 external_username = Column('external_username', Unicode(1024), default='')
5106 local_user_id = Column('local_user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
5106 local_user_id = Column('local_user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
5107 provider_name = Column('provider_name', Unicode(255), default='', primary_key=True)
5107 provider_name = Column('provider_name', Unicode(255), default='', primary_key=True)
5108 access_token = Column('access_token', String(1024), default='')
5108 access_token = Column('access_token', String(1024), default='')
5109 alt_token = Column('alt_token', String(1024), default='')
5109 alt_token = Column('alt_token', String(1024), default='')
5110 token_secret = Column('token_secret', String(1024), default='')
5110 token_secret = Column('token_secret', String(1024), default='')
5111
5111
5112 @classmethod
5112 @classmethod
5113 def by_external_id_and_provider(cls, external_id, provider_name, local_user_id=None):
5113 def by_external_id_and_provider(cls, external_id, provider_name, local_user_id=None):
5114 """
5114 """
5115 Returns ExternalIdentity instance based on search params
5115 Returns ExternalIdentity instance based on search params
5116
5116
5117 :param external_id:
5117 :param external_id:
5118 :param provider_name:
5118 :param provider_name:
5119 :return: ExternalIdentity
5119 :return: ExternalIdentity
5120 """
5120 """
5121 query = cls.query()
5121 query = cls.query()
5122 query = query.filter(cls.external_id == external_id)
5122 query = query.filter(cls.external_id == external_id)
5123 query = query.filter(cls.provider_name == provider_name)
5123 query = query.filter(cls.provider_name == provider_name)
5124 if local_user_id:
5124 if local_user_id:
5125 query = query.filter(cls.local_user_id == local_user_id)
5125 query = query.filter(cls.local_user_id == local_user_id)
5126 return query.first()
5126 return query.first()
5127
5127
5128 @classmethod
5128 @classmethod
5129 def user_by_external_id_and_provider(cls, external_id, provider_name):
5129 def user_by_external_id_and_provider(cls, external_id, provider_name):
5130 """
5130 """
5131 Returns User instance based on search params
5131 Returns User instance based on search params
5132
5132
5133 :param external_id:
5133 :param external_id:
5134 :param provider_name:
5134 :param provider_name:
5135 :return: User
5135 :return: User
5136 """
5136 """
5137 query = User.query()
5137 query = User.query()
5138 query = query.filter(cls.external_id == external_id)
5138 query = query.filter(cls.external_id == external_id)
5139 query = query.filter(cls.provider_name == provider_name)
5139 query = query.filter(cls.provider_name == provider_name)
5140 query = query.filter(User.user_id == cls.local_user_id)
5140 query = query.filter(User.user_id == cls.local_user_id)
5141 return query.first()
5141 return query.first()
5142
5142
5143 @classmethod
5143 @classmethod
5144 def by_local_user_id(cls, local_user_id):
5144 def by_local_user_id(cls, local_user_id):
5145 """
5145 """
5146 Returns all tokens for user
5146 Returns all tokens for user
5147
5147
5148 :param local_user_id:
5148 :param local_user_id:
5149 :return: ExternalIdentity
5149 :return: ExternalIdentity
5150 """
5150 """
5151 query = cls.query()
5151 query = cls.query()
5152 query = query.filter(cls.local_user_id == local_user_id)
5152 query = query.filter(cls.local_user_id == local_user_id)
5153 return query
5153 return query
5154
5154
5155 @classmethod
5155 @classmethod
5156 def load_provider_plugin(cls, plugin_id):
5156 def load_provider_plugin(cls, plugin_id):
5157 from rhodecode.authentication.base import loadplugin
5157 from rhodecode.authentication.base import loadplugin
5158 _plugin_id = 'egg:rhodecode-enterprise-ee#{}'.format(plugin_id)
5158 _plugin_id = 'egg:rhodecode-enterprise-ee#{}'.format(plugin_id)
5159 auth_plugin = loadplugin(_plugin_id)
5159 auth_plugin = loadplugin(_plugin_id)
5160 return auth_plugin
5160 return auth_plugin
5161
5161
5162
5162
5163 class Integration(Base, BaseModel):
5163 class Integration(Base, BaseModel):
5164 __tablename__ = 'integrations'
5164 __tablename__ = 'integrations'
5165 __table_args__ = (
5165 __table_args__ = (
5166 base_table_args
5166 base_table_args
5167 )
5167 )
5168
5168
5169 integration_id = Column('integration_id', Integer(), primary_key=True)
5169 integration_id = Column('integration_id', Integer(), primary_key=True)
5170 integration_type = Column('integration_type', String(255))
5170 integration_type = Column('integration_type', String(255))
5171 enabled = Column('enabled', Boolean(), nullable=False)
5171 enabled = Column('enabled', Boolean(), nullable=False)
5172 name = Column('name', String(255), nullable=False)
5172 name = Column('name', String(255), nullable=False)
5173 child_repos_only = Column('child_repos_only', Boolean(), nullable=False, default=False)
5173 child_repos_only = Column('child_repos_only', Boolean(), nullable=False, default=False)
5174
5174
5175 settings = Column(
5175 settings = Column(
5176 'settings_json', MutationObj.as_mutable(
5176 'settings_json', MutationObj.as_mutable(
5177 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
5177 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
5178 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
5178 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
5179 repo = relationship('Repository', lazy='joined', back_populates='integrations')
5179 repo = relationship('Repository', lazy='joined', back_populates='integrations')
5180
5180
5181 repo_group_id = Column('repo_group_id', Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
5181 repo_group_id = Column('repo_group_id', Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
5182 repo_group = relationship('RepoGroup', lazy='joined', back_populates='integrations')
5182 repo_group = relationship('RepoGroup', lazy='joined', back_populates='integrations')
5183
5183
5184 @property
5184 @property
5185 def scope(self):
5185 def scope(self):
5186 if self.repo:
5186 if self.repo:
5187 return repr(self.repo)
5187 return repr(self.repo)
5188 if self.repo_group:
5188 if self.repo_group:
5189 if self.child_repos_only:
5189 if self.child_repos_only:
5190 return repr(self.repo_group) + ' (child repos only)'
5190 return repr(self.repo_group) + ' (child repos only)'
5191 else:
5191 else:
5192 return repr(self.repo_group) + ' (recursive)'
5192 return repr(self.repo_group) + ' (recursive)'
5193 if self.child_repos_only:
5193 if self.child_repos_only:
5194 return 'root_repos'
5194 return 'root_repos'
5195 return 'global'
5195 return 'global'
5196
5196
5197 def __repr__(self):
5197 def __repr__(self):
5198 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
5198 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
5199
5199
5200
5200
5201 class RepoReviewRuleUser(Base, BaseModel):
5201 class RepoReviewRuleUser(Base, BaseModel):
5202 __tablename__ = 'repo_review_rules_users'
5202 __tablename__ = 'repo_review_rules_users'
5203 __table_args__ = (
5203 __table_args__ = (
5204 base_table_args
5204 base_table_args
5205 )
5205 )
5206 ROLE_REVIEWER = 'reviewer'
5206 ROLE_REVIEWER = 'reviewer'
5207 ROLE_OBSERVER = 'observer'
5207 ROLE_OBSERVER = 'observer'
5208 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
5208 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
5209
5209
5210 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
5210 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
5211 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
5211 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
5212 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
5212 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
5213 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
5213 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
5214 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
5214 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
5215 user = relationship('User', back_populates='user_review_rules')
5215 user = relationship('User', back_populates='user_review_rules')
5216
5216
5217 def rule_data(self):
5217 def rule_data(self):
5218 return {
5218 return {
5219 'mandatory': self.mandatory,
5219 'mandatory': self.mandatory,
5220 'role': self.role,
5220 'role': self.role,
5221 }
5221 }
5222
5222
5223
5223
5224 class RepoReviewRuleUserGroup(Base, BaseModel):
5224 class RepoReviewRuleUserGroup(Base, BaseModel):
5225 __tablename__ = 'repo_review_rules_users_groups'
5225 __tablename__ = 'repo_review_rules_users_groups'
5226 __table_args__ = (
5226 __table_args__ = (
5227 base_table_args
5227 base_table_args
5228 )
5228 )
5229
5229
5230 VOTE_RULE_ALL = -1
5230 VOTE_RULE_ALL = -1
5231 ROLE_REVIEWER = 'reviewer'
5231 ROLE_REVIEWER = 'reviewer'
5232 ROLE_OBSERVER = 'observer'
5232 ROLE_OBSERVER = 'observer'
5233 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
5233 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
5234
5234
5235 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
5235 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
5236 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
5236 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
5237 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False)
5237 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False)
5238 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
5238 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
5239 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
5239 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
5240 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
5240 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
5241 users_group = relationship('UserGroup')
5241 users_group = relationship('UserGroup')
5242
5242
5243 def rule_data(self):
5243 def rule_data(self):
5244 return {
5244 return {
5245 'mandatory': self.mandatory,
5245 'mandatory': self.mandatory,
5246 'role': self.role,
5246 'role': self.role,
5247 'vote_rule': self.vote_rule
5247 'vote_rule': self.vote_rule
5248 }
5248 }
5249
5249
5250 @property
5250 @property
5251 def vote_rule_label(self):
5251 def vote_rule_label(self):
5252 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
5252 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
5253 return 'all must vote'
5253 return 'all must vote'
5254 else:
5254 else:
5255 return 'min. vote {}'.format(self.vote_rule)
5255 return 'min. vote {}'.format(self.vote_rule)
5256
5256
5257
5257
5258 class RepoReviewRule(Base, BaseModel):
5258 class RepoReviewRule(Base, BaseModel):
5259 __tablename__ = 'repo_review_rules'
5259 __tablename__ = 'repo_review_rules'
5260 __table_args__ = (
5260 __table_args__ = (
5261 base_table_args
5261 base_table_args
5262 )
5262 )
5263
5263
5264 repo_review_rule_id = Column(
5264 repo_review_rule_id = Column(
5265 'repo_review_rule_id', Integer(), primary_key=True)
5265 'repo_review_rule_id', Integer(), primary_key=True)
5266 repo_id = Column(
5266 repo_id = Column(
5267 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
5267 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
5268 repo = relationship('Repository', back_populates='review_rules')
5268 repo = relationship('Repository', back_populates='review_rules')
5269
5269
5270 review_rule_name = Column('review_rule_name', String(255))
5270 review_rule_name = Column('review_rule_name', String(255))
5271 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5271 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5272 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5272 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5273 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5273 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5274
5274
5275 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
5275 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
5276
5276
5277 # Legacy fields, just for backward compat
5277 # Legacy fields, just for backward compat
5278 _forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
5278 _forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
5279 _forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
5279 _forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
5280
5280
5281 pr_author = Column("pr_author", UnicodeText().with_variant(UnicodeText(255), 'mysql'), nullable=True)
5281 pr_author = Column("pr_author", UnicodeText().with_variant(UnicodeText(255), 'mysql'), nullable=True)
5282 commit_author = Column("commit_author", UnicodeText().with_variant(UnicodeText(255), 'mysql'), nullable=True)
5282 commit_author = Column("commit_author", UnicodeText().with_variant(UnicodeText(255), 'mysql'), nullable=True)
5283
5283
5284 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
5284 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
5285
5285
5286 rule_users = relationship('RepoReviewRuleUser')
5286 rule_users = relationship('RepoReviewRuleUser')
5287 rule_user_groups = relationship('RepoReviewRuleUserGroup')
5287 rule_user_groups = relationship('RepoReviewRuleUserGroup')
5288
5288
5289 def _validate_pattern(self, value):
5289 def _validate_pattern(self, value):
5290 re.compile('^' + glob2re(value) + '$')
5290 re.compile('^' + glob2re(value) + '$')
5291
5291
5292 @hybrid_property
5292 @hybrid_property
5293 def source_branch_pattern(self):
5293 def source_branch_pattern(self):
5294 return self._branch_pattern or '*'
5294 return self._branch_pattern or '*'
5295
5295
5296 @source_branch_pattern.setter
5296 @source_branch_pattern.setter
5297 def source_branch_pattern(self, value):
5297 def source_branch_pattern(self, value):
5298 self._validate_pattern(value)
5298 self._validate_pattern(value)
5299 self._branch_pattern = value or '*'
5299 self._branch_pattern = value or '*'
5300
5300
5301 @hybrid_property
5301 @hybrid_property
5302 def target_branch_pattern(self):
5302 def target_branch_pattern(self):
5303 return self._target_branch_pattern or '*'
5303 return self._target_branch_pattern or '*'
5304
5304
5305 @target_branch_pattern.setter
5305 @target_branch_pattern.setter
5306 def target_branch_pattern(self, value):
5306 def target_branch_pattern(self, value):
5307 self._validate_pattern(value)
5307 self._validate_pattern(value)
5308 self._target_branch_pattern = value or '*'
5308 self._target_branch_pattern = value or '*'
5309
5309
5310 @hybrid_property
5310 @hybrid_property
5311 def file_pattern(self):
5311 def file_pattern(self):
5312 return self._file_pattern or '*'
5312 return self._file_pattern or '*'
5313
5313
5314 @file_pattern.setter
5314 @file_pattern.setter
5315 def file_pattern(self, value):
5315 def file_pattern(self, value):
5316 self._validate_pattern(value)
5316 self._validate_pattern(value)
5317 self._file_pattern = value or '*'
5317 self._file_pattern = value or '*'
5318
5318
5319 @hybrid_property
5319 @hybrid_property
5320 def forbid_pr_author_to_review(self):
5320 def forbid_pr_author_to_review(self):
5321 return self.pr_author == 'forbid_pr_author'
5321 return self.pr_author == 'forbid_pr_author'
5322
5322
5323 @hybrid_property
5323 @hybrid_property
5324 def include_pr_author_to_review(self):
5324 def include_pr_author_to_review(self):
5325 return self.pr_author == 'include_pr_author'
5325 return self.pr_author == 'include_pr_author'
5326
5326
5327 @hybrid_property
5327 @hybrid_property
5328 def forbid_commit_author_to_review(self):
5328 def forbid_commit_author_to_review(self):
5329 return self.commit_author == 'forbid_commit_author'
5329 return self.commit_author == 'forbid_commit_author'
5330
5330
5331 @hybrid_property
5331 @hybrid_property
5332 def include_commit_author_to_review(self):
5332 def include_commit_author_to_review(self):
5333 return self.commit_author == 'include_commit_author'
5333 return self.commit_author == 'include_commit_author'
5334
5334
5335 def matches(self, source_branch, target_branch, files_changed):
5335 def matches(self, source_branch, target_branch, files_changed):
5336 """
5336 """
5337 Check if this review rule matches a branch/files in a pull request
5337 Check if this review rule matches a branch/files in a pull request
5338
5338
5339 :param source_branch: source branch name for the commit
5339 :param source_branch: source branch name for the commit
5340 :param target_branch: target branch name for the commit
5340 :param target_branch: target branch name for the commit
5341 :param files_changed: list of file paths changed in the pull request
5341 :param files_changed: list of file paths changed in the pull request
5342 """
5342 """
5343
5343
5344 source_branch = source_branch or ''
5344 source_branch = source_branch or ''
5345 target_branch = target_branch or ''
5345 target_branch = target_branch or ''
5346 files_changed = files_changed or []
5346 files_changed = files_changed or []
5347
5347
5348 branch_matches = True
5348 branch_matches = True
5349 if source_branch or target_branch:
5349 if source_branch or target_branch:
5350 if self.source_branch_pattern == '*':
5350 if self.source_branch_pattern == '*':
5351 source_branch_match = True
5351 source_branch_match = True
5352 else:
5352 else:
5353 if self.source_branch_pattern.startswith('re:'):
5353 if self.source_branch_pattern.startswith('re:'):
5354 source_pattern = self.source_branch_pattern[3:]
5354 source_pattern = self.source_branch_pattern[3:]
5355 else:
5355 else:
5356 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
5356 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
5357 source_branch_regex = re.compile(source_pattern)
5357 source_branch_regex = re.compile(source_pattern)
5358 source_branch_match = bool(source_branch_regex.search(source_branch))
5358 source_branch_match = bool(source_branch_regex.search(source_branch))
5359 if self.target_branch_pattern == '*':
5359 if self.target_branch_pattern == '*':
5360 target_branch_match = True
5360 target_branch_match = True
5361 else:
5361 else:
5362 if self.target_branch_pattern.startswith('re:'):
5362 if self.target_branch_pattern.startswith('re:'):
5363 target_pattern = self.target_branch_pattern[3:]
5363 target_pattern = self.target_branch_pattern[3:]
5364 else:
5364 else:
5365 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
5365 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
5366 target_branch_regex = re.compile(target_pattern)
5366 target_branch_regex = re.compile(target_pattern)
5367 target_branch_match = bool(target_branch_regex.search(target_branch))
5367 target_branch_match = bool(target_branch_regex.search(target_branch))
5368
5368
5369 branch_matches = source_branch_match and target_branch_match
5369 branch_matches = source_branch_match and target_branch_match
5370
5370
5371 files_matches = True
5371 files_matches = True
5372 if self.file_pattern != '*':
5372 if self.file_pattern != '*':
5373 files_matches = False
5373 files_matches = False
5374 if self.file_pattern.startswith('re:'):
5374 if self.file_pattern.startswith('re:'):
5375 file_pattern = self.file_pattern[3:]
5375 file_pattern = self.file_pattern[3:]
5376 else:
5376 else:
5377 file_pattern = glob2re(self.file_pattern)
5377 file_pattern = glob2re(self.file_pattern)
5378 file_regex = re.compile(file_pattern)
5378 file_regex = re.compile(file_pattern)
5379 for file_data in files_changed:
5379 for file_data in files_changed:
5380 filename = file_data.get('filename')
5380 filename = file_data.get('filename')
5381
5381
5382 if file_regex.search(filename):
5382 if file_regex.search(filename):
5383 files_matches = True
5383 files_matches = True
5384 break
5384 break
5385
5385
5386 return branch_matches and files_matches
5386 return branch_matches and files_matches
5387
5387
5388 @property
5388 @property
5389 def review_users(self):
5389 def review_users(self):
5390 """ Returns the users which this rule applies to """
5390 """ Returns the users which this rule applies to """
5391
5391
5392 users = collections.OrderedDict()
5392 users = collections.OrderedDict()
5393
5393
5394 for rule_user in self.rule_users:
5394 for rule_user in self.rule_users:
5395 if rule_user.user.active:
5395 if rule_user.user.active:
5396 if rule_user.user not in users:
5396 if rule_user.user not in users:
5397 users[rule_user.user.username] = {
5397 users[rule_user.user.username] = {
5398 'user': rule_user.user,
5398 'user': rule_user.user,
5399 'source': 'user',
5399 'source': 'user',
5400 'source_data': {},
5400 'source_data': {},
5401 'data': rule_user.rule_data()
5401 'data': rule_user.rule_data()
5402 }
5402 }
5403
5403
5404 for rule_user_group in self.rule_user_groups:
5404 for rule_user_group in self.rule_user_groups:
5405 source_data = {
5405 source_data = {
5406 'user_group_id': rule_user_group.users_group.users_group_id,
5406 'user_group_id': rule_user_group.users_group.users_group_id,
5407 'name': rule_user_group.users_group.users_group_name,
5407 'name': rule_user_group.users_group.users_group_name,
5408 'members': len(rule_user_group.users_group.members)
5408 'members': len(rule_user_group.users_group.members)
5409 }
5409 }
5410 for member in rule_user_group.users_group.members:
5410 for member in rule_user_group.users_group.members:
5411 if member.user.active:
5411 if member.user.active:
5412 key = member.user.username
5412 key = member.user.username
5413 if key in users:
5413 if key in users:
5414 # skip this member as we have him already
5414 # skip this member as we have him already
5415 # this prevents from override the "first" matched
5415 # this prevents from override the "first" matched
5416 # users with duplicates in multiple groups
5416 # users with duplicates in multiple groups
5417 continue
5417 continue
5418
5418
5419 users[key] = {
5419 users[key] = {
5420 'user': member.user,
5420 'user': member.user,
5421 'source': 'user_group',
5421 'source': 'user_group',
5422 'source_data': source_data,
5422 'source_data': source_data,
5423 'data': rule_user_group.rule_data()
5423 'data': rule_user_group.rule_data()
5424 }
5424 }
5425
5425
5426 return users
5426 return users
5427
5427
5428 def user_group_vote_rule(self, user_id):
5428 def user_group_vote_rule(self, user_id):
5429
5429
5430 rules = []
5430 rules = []
5431 if not self.rule_user_groups:
5431 if not self.rule_user_groups:
5432 return rules
5432 return rules
5433
5433
5434 for user_group in self.rule_user_groups:
5434 for user_group in self.rule_user_groups:
5435 user_group_members = [x.user_id for x in user_group.users_group.members]
5435 user_group_members = [x.user_id for x in user_group.users_group.members]
5436 if user_id in user_group_members:
5436 if user_id in user_group_members:
5437 rules.append(user_group)
5437 rules.append(user_group)
5438 return rules
5438 return rules
5439
5439
5440 def __repr__(self):
5440 def __repr__(self):
5441 return f'<RepoReviewerRule(id={self.repo_review_rule_id}, repo={self.repo!r})>'
5441 return f'<RepoReviewerRule(id={self.repo_review_rule_id}, repo={self.repo!r})>'
5442
5442
5443
5443
5444 class ScheduleEntry(Base, BaseModel):
5444 class ScheduleEntry(Base, BaseModel):
5445 __tablename__ = 'schedule_entries'
5445 __tablename__ = 'schedule_entries'
5446 __table_args__ = (
5446 __table_args__ = (
5447 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
5447 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
5448 UniqueConstraint('task_uid', name='s_task_uid_idx'),
5448 UniqueConstraint('task_uid', name='s_task_uid_idx'),
5449 base_table_args,
5449 base_table_args,
5450 )
5450 )
5451 SCHEDULE_TYPE_INTEGER = "integer"
5451 SCHEDULE_TYPE_INTEGER = "integer"
5452 SCHEDULE_TYPE_CRONTAB = "crontab"
5452 SCHEDULE_TYPE_CRONTAB = "crontab"
5453
5453
5454 schedule_types = [SCHEDULE_TYPE_CRONTAB, SCHEDULE_TYPE_INTEGER]
5454 schedule_types = [SCHEDULE_TYPE_CRONTAB, SCHEDULE_TYPE_INTEGER]
5455 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
5455 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
5456
5456
5457 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
5457 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
5458 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
5458 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
5459 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
5459 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
5460
5460
5461 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
5461 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
5462 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
5462 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
5463
5463
5464 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
5464 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
5465 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
5465 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
5466
5466
5467 # task
5467 # task
5468 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
5468 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
5469 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
5469 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
5470 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
5470 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
5471 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
5471 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
5472
5472
5473 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5473 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5474 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
5474 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
5475
5475
5476 @hybrid_property
5476 @hybrid_property
5477 def schedule_type(self):
5477 def schedule_type(self):
5478 return self._schedule_type
5478 return self._schedule_type
5479
5479
5480 @schedule_type.setter
5480 @schedule_type.setter
5481 def schedule_type(self, val):
5481 def schedule_type(self, val):
5482 if val not in self.schedule_types:
5482 if val not in self.schedule_types:
5483 raise ValueError('Value must be on of `{}` and got `{}`'.format(
5483 raise ValueError('Value must be on of `{}` and got `{}`'.format(
5484 val, self.schedule_type))
5484 val, self.schedule_type))
5485
5485
5486 self._schedule_type = val
5486 self._schedule_type = val
5487
5487
5488 @classmethod
5488 @classmethod
5489 def get_uid(cls, obj):
5489 def get_uid(cls, obj):
5490 args = obj.task_args
5490 args = obj.task_args
5491 kwargs = obj.task_kwargs
5491 kwargs = obj.task_kwargs
5492 if isinstance(args, JsonRaw):
5492 if isinstance(args, JsonRaw):
5493 try:
5493 try:
5494 args = json.loads(args)
5494 args = json.loads(args)
5495 except ValueError:
5495 except ValueError:
5496 args = tuple()
5496 args = tuple()
5497
5497
5498 if isinstance(kwargs, JsonRaw):
5498 if isinstance(kwargs, JsonRaw):
5499 try:
5499 try:
5500 kwargs = json.loads(kwargs)
5500 kwargs = json.loads(kwargs)
5501 except ValueError:
5501 except ValueError:
5502 kwargs = dict()
5502 kwargs = dict()
5503
5503
5504 dot_notation = obj.task_dot_notation
5504 dot_notation = obj.task_dot_notation
5505 val = '.'.join(map(safe_str, [
5505 val = '.'.join(map(safe_str, [
5506 sorted(dot_notation), args, sorted(kwargs.items())]))
5506 sorted(dot_notation), args, sorted(kwargs.items())]))
5507 return sha1(safe_bytes(val))
5507 return sha1(safe_bytes(val))
5508
5508
5509 @classmethod
5509 @classmethod
5510 def get_by_schedule_name(cls, schedule_name):
5510 def get_by_schedule_name(cls, schedule_name):
5511 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
5511 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
5512
5512
5513 @classmethod
5513 @classmethod
5514 def get_by_schedule_id(cls, schedule_id):
5514 def get_by_schedule_id(cls, schedule_id):
5515 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
5515 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
5516
5516
5517 @property
5517 @property
5518 def task(self):
5518 def task(self):
5519 return self.task_dot_notation
5519 return self.task_dot_notation
5520
5520
5521 @property
5521 @property
5522 def schedule(self):
5522 def schedule(self):
5523 from rhodecode.lib.celerylib.utils import raw_2_schedule
5523 from rhodecode.lib.celerylib.utils import raw_2_schedule
5524 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
5524 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
5525 return schedule
5525 return schedule
5526
5526
5527 @property
5527 @property
5528 def args(self):
5528 def args(self):
5529 try:
5529 try:
5530 return list(self.task_args or [])
5530 return list(self.task_args or [])
5531 except ValueError:
5531 except ValueError:
5532 return list()
5532 return list()
5533
5533
5534 @property
5534 @property
5535 def kwargs(self):
5535 def kwargs(self):
5536 try:
5536 try:
5537 return dict(self.task_kwargs or {})
5537 return dict(self.task_kwargs or {})
5538 except ValueError:
5538 except ValueError:
5539 return dict()
5539 return dict()
5540
5540
5541 def _as_raw(self, val, indent=False):
5541 def _as_raw(self, val, indent=False):
5542 if hasattr(val, 'de_coerce'):
5542 if hasattr(val, 'de_coerce'):
5543 val = val.de_coerce()
5543 val = val.de_coerce()
5544 if val:
5544 if val:
5545 if indent:
5545 if indent:
5546 val = ext_json.formatted_str_json(val)
5546 val = ext_json.formatted_str_json(val)
5547 else:
5547 else:
5548 val = ext_json.str_json(val)
5548 val = ext_json.str_json(val)
5549
5549
5550 return val
5550 return val
5551
5551
5552 @property
5552 @property
5553 def schedule_definition_raw(self):
5553 def schedule_definition_raw(self):
5554 return self._as_raw(self.schedule_definition)
5554 return self._as_raw(self.schedule_definition)
5555
5555
5556 def args_raw(self, indent=False):
5556 def args_raw(self, indent=False):
5557 return self._as_raw(self.task_args, indent)
5557 return self._as_raw(self.task_args, indent)
5558
5558
5559 def kwargs_raw(self, indent=False):
5559 def kwargs_raw(self, indent=False):
5560 return self._as_raw(self.task_kwargs, indent)
5560 return self._as_raw(self.task_kwargs, indent)
5561
5561
5562 def __repr__(self):
5562 def __repr__(self):
5563 return f'<DB:ScheduleEntry({self.schedule_entry_id}:{self.schedule_name})>'
5563 return f'<DB:ScheduleEntry({self.schedule_entry_id}:{self.schedule_name})>'
5564
5564
5565
5565
5566 @event.listens_for(ScheduleEntry, 'before_update')
5566 @event.listens_for(ScheduleEntry, 'before_update')
5567 def update_task_uid(mapper, connection, target):
5567 def update_task_uid(mapper, connection, target):
5568 target.task_uid = ScheduleEntry.get_uid(target)
5568 target.task_uid = ScheduleEntry.get_uid(target)
5569
5569
5570
5570
5571 @event.listens_for(ScheduleEntry, 'before_insert')
5571 @event.listens_for(ScheduleEntry, 'before_insert')
5572 def set_task_uid(mapper, connection, target):
5572 def set_task_uid(mapper, connection, target):
5573 target.task_uid = ScheduleEntry.get_uid(target)
5573 target.task_uid = ScheduleEntry.get_uid(target)
5574
5574
5575
5575
5576 class _BaseBranchPerms(BaseModel):
5576 class _BaseBranchPerms(BaseModel):
5577 @classmethod
5577 @classmethod
5578 def compute_hash(cls, value):
5578 def compute_hash(cls, value):
5579 return sha1_safe(value)
5579 return sha1_safe(value)
5580
5580
5581 @hybrid_property
5581 @hybrid_property
5582 def branch_pattern(self):
5582 def branch_pattern(self):
5583 return self._branch_pattern or '*'
5583 return self._branch_pattern or '*'
5584
5584
5585 @hybrid_property
5585 @hybrid_property
5586 def branch_hash(self):
5586 def branch_hash(self):
5587 return self._branch_hash
5587 return self._branch_hash
5588
5588
5589 def _validate_glob(self, value):
5589 def _validate_glob(self, value):
5590 re.compile('^' + glob2re(value) + '$')
5590 re.compile('^' + glob2re(value) + '$')
5591
5591
5592 @branch_pattern.setter
5592 @branch_pattern.setter
5593 def branch_pattern(self, value):
5593 def branch_pattern(self, value):
5594 self._validate_glob(value)
5594 self._validate_glob(value)
5595 self._branch_pattern = value or '*'
5595 self._branch_pattern = value or '*'
5596 # set the Hash when setting the branch pattern
5596 # set the Hash when setting the branch pattern
5597 self._branch_hash = self.compute_hash(self._branch_pattern)
5597 self._branch_hash = self.compute_hash(self._branch_pattern)
5598
5598
5599 def matches(self, branch):
5599 def matches(self, branch):
5600 """
5600 """
5601 Check if this the branch matches entry
5601 Check if this the branch matches entry
5602
5602
5603 :param branch: branch name for the commit
5603 :param branch: branch name for the commit
5604 """
5604 """
5605
5605
5606 branch = branch or ''
5606 branch = branch or ''
5607
5607
5608 branch_matches = True
5608 branch_matches = True
5609 if branch:
5609 if branch:
5610 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
5610 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
5611 branch_matches = bool(branch_regex.search(branch))
5611 branch_matches = bool(branch_regex.search(branch))
5612
5612
5613 return branch_matches
5613 return branch_matches
5614
5614
5615
5615
5616 class UserToRepoBranchPermission(Base, _BaseBranchPerms):
5616 class UserToRepoBranchPermission(Base, _BaseBranchPerms):
5617 __tablename__ = 'user_to_repo_branch_permissions'
5617 __tablename__ = 'user_to_repo_branch_permissions'
5618 __table_args__ = (
5618 __table_args__ = (
5619 base_table_args
5619 base_table_args
5620 )
5620 )
5621
5621
5622 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5622 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5623
5623
5624 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5624 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5625 repo = relationship('Repository', back_populates='user_branch_perms')
5625 repo = relationship('Repository', back_populates='user_branch_perms')
5626
5626
5627 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5627 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5628 permission = relationship('Permission')
5628 permission = relationship('Permission')
5629
5629
5630 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
5630 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
5631 user_repo_to_perm = relationship('UserRepoToPerm', back_populates='branch_perm_entry')
5631 user_repo_to_perm = relationship('UserRepoToPerm', back_populates='branch_perm_entry')
5632
5632
5633 rule_order = Column('rule_order', Integer(), nullable=False)
5633 rule_order = Column('rule_order', Integer(), nullable=False)
5634 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default='*') # glob
5634 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default='*') # glob
5635 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5635 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5636
5636
5637 def __repr__(self):
5637 def __repr__(self):
5638 return f'<UserBranchPermission({self.user_repo_to_perm} => {self.branch_pattern!r})>'
5638 return f'<UserBranchPermission({self.user_repo_to_perm} => {self.branch_pattern!r})>'
5639
5639
5640
5640
5641 class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
5641 class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
5642 __tablename__ = 'user_group_to_repo_branch_permissions'
5642 __tablename__ = 'user_group_to_repo_branch_permissions'
5643 __table_args__ = (
5643 __table_args__ = (
5644 base_table_args
5644 base_table_args
5645 )
5645 )
5646
5646
5647 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5647 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5648
5648
5649 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5649 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5650 repo = relationship('Repository', back_populates='user_group_branch_perms')
5650 repo = relationship('Repository', back_populates='user_group_branch_perms')
5651
5651
5652 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5652 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5653 permission = relationship('Permission')
5653 permission = relationship('Permission')
5654
5654
5655 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
5655 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
5656 user_group_repo_to_perm = relationship('UserGroupRepoToPerm', back_populates='user_group_branch_perms')
5656 user_group_repo_to_perm = relationship('UserGroupRepoToPerm', back_populates='user_group_branch_perms')
5657
5657
5658 rule_order = Column('rule_order', Integer(), nullable=False)
5658 rule_order = Column('rule_order', Integer(), nullable=False)
5659 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default='*') # glob
5659 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default='*') # glob
5660 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5660 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5661
5661
5662 def __repr__(self):
5662 def __repr__(self):
5663 return f'<UserBranchPermission({self.user_group_repo_to_perm} => {self.branch_pattern!r})>'
5663 return f'<UserBranchPermission({self.user_group_repo_to_perm} => {self.branch_pattern!r})>'
5664
5664
5665
5665
5666 class UserBookmark(Base, BaseModel):
5666 class UserBookmark(Base, BaseModel):
5667 __tablename__ = 'user_bookmarks'
5667 __tablename__ = 'user_bookmarks'
5668 __table_args__ = (
5668 __table_args__ = (
5669 UniqueConstraint('user_id', 'bookmark_repo_id'),
5669 UniqueConstraint('user_id', 'bookmark_repo_id'),
5670 UniqueConstraint('user_id', 'bookmark_repo_group_id'),
5670 UniqueConstraint('user_id', 'bookmark_repo_group_id'),
5671 UniqueConstraint('user_id', 'bookmark_position'),
5671 UniqueConstraint('user_id', 'bookmark_position'),
5672 base_table_args
5672 base_table_args
5673 )
5673 )
5674
5674
5675 user_bookmark_id = Column("user_bookmark_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
5675 user_bookmark_id = Column("user_bookmark_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
5676 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
5676 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
5677 position = Column("bookmark_position", Integer(), nullable=False)
5677 position = Column("bookmark_position", Integer(), nullable=False)
5678 title = Column("bookmark_title", String(255), nullable=True, unique=None, default=None)
5678 title = Column("bookmark_title", String(255), nullable=True, unique=None, default=None)
5679 redirect_url = Column("bookmark_redirect_url", String(10240), nullable=True, unique=None, default=None)
5679 redirect_url = Column("bookmark_redirect_url", String(10240), nullable=True, unique=None, default=None)
5680 created_on = Column("created_on", DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5680 created_on = Column("created_on", DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5681
5681
5682 bookmark_repo_id = Column("bookmark_repo_id", Integer(), ForeignKey("repositories.repo_id"), nullable=True, unique=None, default=None)
5682 bookmark_repo_id = Column("bookmark_repo_id", Integer(), ForeignKey("repositories.repo_id"), nullable=True, unique=None, default=None)
5683 bookmark_repo_group_id = Column("bookmark_repo_group_id", Integer(), ForeignKey("groups.group_id"), nullable=True, unique=None, default=None)
5683 bookmark_repo_group_id = Column("bookmark_repo_group_id", Integer(), ForeignKey("groups.group_id"), nullable=True, unique=None, default=None)
5684
5684
5685 user = relationship("User")
5685 user = relationship("User")
5686
5686
5687 repository = relationship("Repository")
5687 repository = relationship("Repository")
5688 repository_group = relationship("RepoGroup")
5688 repository_group = relationship("RepoGroup")
5689
5689
5690 @classmethod
5690 @classmethod
5691 def get_by_position_for_user(cls, position, user_id):
5691 def get_by_position_for_user(cls, position, user_id):
5692 return cls.query() \
5692 return cls.query() \
5693 .filter(UserBookmark.user_id == user_id) \
5693 .filter(UserBookmark.user_id == user_id) \
5694 .filter(UserBookmark.position == position).scalar()
5694 .filter(UserBookmark.position == position).scalar()
5695
5695
5696 @classmethod
5696 @classmethod
5697 def get_bookmarks_for_user(cls, user_id, cache=True):
5697 def get_bookmarks_for_user(cls, user_id, cache=True):
5698 bookmarks = select(
5698 bookmarks = select(
5699 UserBookmark.title,
5699 UserBookmark.title,
5700 UserBookmark.position,
5700 UserBookmark.position,
5701 ) \
5701 ) \
5702 .add_columns(Repository.repo_id, Repository.repo_type, Repository.repo_name) \
5702 .add_columns(Repository.repo_id, Repository.repo_type, Repository.repo_name) \
5703 .add_columns(RepoGroup.group_id, RepoGroup.group_name) \
5703 .add_columns(RepoGroup.group_id, RepoGroup.group_name) \
5704 .where(UserBookmark.user_id == user_id) \
5704 .where(UserBookmark.user_id == user_id) \
5705 .outerjoin(Repository, Repository.repo_id == UserBookmark.bookmark_repo_id) \
5705 .outerjoin(Repository, Repository.repo_id == UserBookmark.bookmark_repo_id) \
5706 .outerjoin(RepoGroup, RepoGroup.group_id == UserBookmark.bookmark_repo_group_id) \
5706 .outerjoin(RepoGroup, RepoGroup.group_id == UserBookmark.bookmark_repo_group_id) \
5707 .order_by(UserBookmark.position.asc())
5707 .order_by(UserBookmark.position.asc())
5708
5708
5709 if cache:
5709 if cache:
5710 bookmarks = bookmarks.options(
5710 bookmarks = bookmarks.options(
5711 FromCache("sql_cache_short", f"get_user_{user_id}_bookmarks")
5711 FromCache("sql_cache_short", f"get_user_{user_id}_bookmarks")
5712 )
5712 )
5713
5713
5714 return Session().execute(bookmarks).all()
5714 return Session().execute(bookmarks).all()
5715
5715
5716 def __repr__(self):
5716 def __repr__(self):
5717 return f'<UserBookmark({self.position} @ {self.redirect_url!r})>'
5717 return f'<UserBookmark({self.position} @ {self.redirect_url!r})>'
5718
5718
5719
5719
5720 class FileStore(Base, BaseModel):
5720 class FileStore(Base, BaseModel):
5721 __tablename__ = 'file_store'
5721 __tablename__ = 'file_store'
5722 __table_args__ = (
5722 __table_args__ = (
5723 base_table_args
5723 base_table_args
5724 )
5724 )
5725
5725
5726 file_store_id = Column('file_store_id', Integer(), primary_key=True)
5726 file_store_id = Column('file_store_id', Integer(), primary_key=True)
5727 file_uid = Column('file_uid', String(1024), nullable=False)
5727 file_uid = Column('file_uid', String(1024), nullable=False)
5728 file_display_name = Column('file_display_name', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), nullable=True)
5728 file_display_name = Column('file_display_name', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), nullable=True)
5729 file_description = Column('file_description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=True)
5729 file_description = Column('file_description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=True)
5730 file_org_name = Column('file_org_name', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=False)
5730 file_org_name = Column('file_org_name', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=False)
5731
5731
5732 # sha256 hash
5732 # sha256 hash
5733 file_hash = Column('file_hash', String(512), nullable=False)
5733 file_hash = Column('file_hash', String(512), nullable=False)
5734 file_size = Column('file_size', BigInteger(), nullable=False)
5734 file_size = Column('file_size', BigInteger(), nullable=False)
5735
5735
5736 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5736 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5737 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True)
5737 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True)
5738 accessed_count = Column('accessed_count', Integer(), default=0)
5738 accessed_count = Column('accessed_count', Integer(), default=0)
5739
5739
5740 enabled = Column('enabled', Boolean(), nullable=False, default=True)
5740 enabled = Column('enabled', Boolean(), nullable=False, default=True)
5741
5741
5742 # if repo/repo_group reference is set, check for permissions
5742 # if repo/repo_group reference is set, check for permissions
5743 check_acl = Column('check_acl', Boolean(), nullable=False, default=True)
5743 check_acl = Column('check_acl', Boolean(), nullable=False, default=True)
5744
5744
5745 # hidden defines an attachment that should be hidden from showing in artifact listing
5745 # hidden defines an attachment that should be hidden from showing in artifact listing
5746 hidden = Column('hidden', Boolean(), nullable=False, default=False)
5746 hidden = Column('hidden', Boolean(), nullable=False, default=False)
5747
5747
5748 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
5748 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
5749 upload_user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.user_id', back_populates='artifacts')
5749 upload_user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.user_id', back_populates='artifacts')
5750
5750
5751 file_metadata = relationship('FileStoreMetadata', lazy='joined')
5751 file_metadata = relationship('FileStoreMetadata', lazy='joined')
5752
5752
5753 # scope limited to user, which requester have access to
5753 # scope limited to user, which requester have access to
5754 scope_user_id = Column(
5754 scope_user_id = Column(
5755 'scope_user_id', Integer(), ForeignKey('users.user_id'),
5755 'scope_user_id', Integer(), ForeignKey('users.user_id'),
5756 nullable=True, unique=None, default=None)
5756 nullable=True, unique=None, default=None)
5757 user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.scope_user_id', back_populates='scope_artifacts')
5757 user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.scope_user_id', back_populates='scope_artifacts')
5758
5758
5759 # scope limited to user group, which requester have access to
5759 # scope limited to user group, which requester have access to
5760 scope_user_group_id = Column(
5760 scope_user_group_id = Column(
5761 'scope_user_group_id', Integer(), ForeignKey('users_groups.users_group_id'),
5761 'scope_user_group_id', Integer(), ForeignKey('users_groups.users_group_id'),
5762 nullable=True, unique=None, default=None)
5762 nullable=True, unique=None, default=None)
5763 user_group = relationship('UserGroup', lazy='joined')
5763 user_group = relationship('UserGroup', lazy='joined')
5764
5764
5765 # scope limited to repo, which requester have access to
5765 # scope limited to repo, which requester have access to
5766 scope_repo_id = Column(
5766 scope_repo_id = Column(
5767 'scope_repo_id', Integer(), ForeignKey('repositories.repo_id'),
5767 'scope_repo_id', Integer(), ForeignKey('repositories.repo_id'),
5768 nullable=True, unique=None, default=None)
5768 nullable=True, unique=None, default=None)
5769 repo = relationship('Repository', lazy='joined')
5769 repo = relationship('Repository', lazy='joined')
5770
5770
5771 # scope limited to repo group, which requester have access to
5771 # scope limited to repo group, which requester have access to
5772 scope_repo_group_id = Column(
5772 scope_repo_group_id = Column(
5773 'scope_repo_group_id', Integer(), ForeignKey('groups.group_id'),
5773 'scope_repo_group_id', Integer(), ForeignKey('groups.group_id'),
5774 nullable=True, unique=None, default=None)
5774 nullable=True, unique=None, default=None)
5775 repo_group = relationship('RepoGroup', lazy='joined')
5775 repo_group = relationship('RepoGroup', lazy='joined')
5776
5776
5777 @classmethod
5777 @classmethod
5778 def get_scope(cls, scope_type, scope_id):
5778 def get_scope(cls, scope_type, scope_id):
5779 if scope_type == 'repo':
5779 if scope_type == 'repo':
5780 return f'repo:{scope_id}'
5780 return f'repo:{scope_id}'
5781 elif scope_type == 'repo-group':
5781 elif scope_type == 'repo-group':
5782 return f'repo-group:{scope_id}'
5782 return f'repo-group:{scope_id}'
5783 elif scope_type == 'user':
5783 elif scope_type == 'user':
5784 return f'user:{scope_id}'
5784 return f'user:{scope_id}'
5785 elif scope_type == 'user-group':
5785 elif scope_type == 'user-group':
5786 return f'user-group:{scope_id}'
5786 return f'user-group:{scope_id}'
5787 else:
5787 else:
5788 return scope_type
5788 return scope_type
5789
5789
5790 @classmethod
5790 @classmethod
5791 def get_by_store_uid(cls, file_store_uid, safe=False):
5791 def get_by_store_uid(cls, file_store_uid, safe=False):
5792 if safe:
5792 if safe:
5793 return FileStore.query().filter(FileStore.file_uid == file_store_uid).first()
5793 return FileStore.query().filter(FileStore.file_uid == file_store_uid).first()
5794 else:
5794 else:
5795 return FileStore.query().filter(FileStore.file_uid == file_store_uid).scalar()
5795 return FileStore.query().filter(FileStore.file_uid == file_store_uid).scalar()
5796
5796
5797 @classmethod
5797 @classmethod
5798 def create(cls, file_uid, filename, file_hash, file_size, file_display_name='',
5798 def create(cls, file_uid, filename, file_hash, file_size, file_display_name='',
5799 file_description='', enabled=True, hidden=False, check_acl=True,
5799 file_description='', enabled=True, hidden=False, check_acl=True,
5800 user_id=None, scope_user_id=None, scope_repo_id=None, scope_repo_group_id=None):
5800 user_id=None, scope_user_id=None, scope_repo_id=None, scope_repo_group_id=None):
5801
5801
5802 store_entry = FileStore()
5802 store_entry = FileStore()
5803 store_entry.file_uid = file_uid
5803 store_entry.file_uid = file_uid
5804 store_entry.file_display_name = file_display_name
5804 store_entry.file_display_name = file_display_name
5805 store_entry.file_org_name = filename
5805 store_entry.file_org_name = filename
5806 store_entry.file_size = file_size
5806 store_entry.file_size = file_size
5807 store_entry.file_hash = file_hash
5807 store_entry.file_hash = file_hash
5808 store_entry.file_description = file_description
5808 store_entry.file_description = file_description
5809
5809
5810 store_entry.check_acl = check_acl
5810 store_entry.check_acl = check_acl
5811 store_entry.enabled = enabled
5811 store_entry.enabled = enabled
5812 store_entry.hidden = hidden
5812 store_entry.hidden = hidden
5813
5813
5814 store_entry.user_id = user_id
5814 store_entry.user_id = user_id
5815 store_entry.scope_user_id = scope_user_id
5815 store_entry.scope_user_id = scope_user_id
5816 store_entry.scope_repo_id = scope_repo_id
5816 store_entry.scope_repo_id = scope_repo_id
5817 store_entry.scope_repo_group_id = scope_repo_group_id
5817 store_entry.scope_repo_group_id = scope_repo_group_id
5818
5818
5819 return store_entry
5819 return store_entry
5820
5820
5821 @classmethod
5821 @classmethod
5822 def store_metadata(cls, file_store_id, args, commit=True):
5822 def store_metadata(cls, file_store_id, args, commit=True):
5823 file_store = FileStore.get(file_store_id)
5823 file_store = FileStore.get(file_store_id)
5824 if file_store is None:
5824 if file_store is None:
5825 return
5825 return
5826
5826
5827 for section, key, value, value_type in args:
5827 for section, key, value, value_type in args:
5828 has_key = FileStoreMetadata().query() \
5828 has_key = FileStoreMetadata().query() \
5829 .filter(FileStoreMetadata.file_store_id == file_store.file_store_id) \
5829 .filter(FileStoreMetadata.file_store_id == file_store.file_store_id) \
5830 .filter(FileStoreMetadata.file_store_meta_section == section) \
5830 .filter(FileStoreMetadata.file_store_meta_section == section) \
5831 .filter(FileStoreMetadata.file_store_meta_key == key) \
5831 .filter(FileStoreMetadata.file_store_meta_key == key) \
5832 .scalar()
5832 .scalar()
5833 if has_key:
5833 if has_key:
5834 msg = 'key `{}` already defined under section `{}` for this file.'\
5834 msg = 'key `{}` already defined under section `{}` for this file.'\
5835 .format(key, section)
5835 .format(key, section)
5836 raise ArtifactMetadataDuplicate(msg, err_section=section, err_key=key)
5836 raise ArtifactMetadataDuplicate(msg, err_section=section, err_key=key)
5837
5837
5838 # NOTE(marcink): raises ArtifactMetadataBadValueType
5838 # NOTE(marcink): raises ArtifactMetadataBadValueType
5839 FileStoreMetadata.valid_value_type(value_type)
5839 FileStoreMetadata.valid_value_type(value_type)
5840
5840
5841 meta_entry = FileStoreMetadata()
5841 meta_entry = FileStoreMetadata()
5842 meta_entry.file_store = file_store
5842 meta_entry.file_store = file_store
5843 meta_entry.file_store_meta_section = section
5843 meta_entry.file_store_meta_section = section
5844 meta_entry.file_store_meta_key = key
5844 meta_entry.file_store_meta_key = key
5845 meta_entry.file_store_meta_value_type = value_type
5845 meta_entry.file_store_meta_value_type = value_type
5846 meta_entry.file_store_meta_value = value
5846 meta_entry.file_store_meta_value = value
5847
5847
5848 Session().add(meta_entry)
5848 Session().add(meta_entry)
5849
5849
5850 try:
5850 try:
5851 if commit:
5851 if commit:
5852 Session().commit()
5852 Session().commit()
5853 except IntegrityError:
5853 except IntegrityError:
5854 Session().rollback()
5854 Session().rollback()
5855 raise ArtifactMetadataDuplicate('Duplicate section/key found for this file.')
5855 raise ArtifactMetadataDuplicate('Duplicate section/key found for this file.')
5856
5856
5857 @classmethod
5857 @classmethod
5858 def bump_access_counter(cls, file_uid, commit=True):
5858 def bump_access_counter(cls, file_uid, commit=True):
5859 FileStore().query()\
5859 FileStore().query()\
5860 .filter(FileStore.file_uid == file_uid)\
5860 .filter(FileStore.file_uid == file_uid)\
5861 .update({FileStore.accessed_count: (FileStore.accessed_count + 1),
5861 .update({FileStore.accessed_count: (FileStore.accessed_count + 1),
5862 FileStore.accessed_on: datetime.datetime.now()})
5862 FileStore.accessed_on: datetime.datetime.now()})
5863 if commit:
5863 if commit:
5864 Session().commit()
5864 Session().commit()
5865
5865
5866 def __json__(self):
5866 def __json__(self):
5867 data = {
5867 data = {
5868 'filename': self.file_display_name,
5868 'filename': self.file_display_name,
5869 'filename_org': self.file_org_name,
5869 'filename_org': self.file_org_name,
5870 'file_uid': self.file_uid,
5870 'file_uid': self.file_uid,
5871 'description': self.file_description,
5871 'description': self.file_description,
5872 'hidden': self.hidden,
5872 'hidden': self.hidden,
5873 'size': self.file_size,
5873 'size': self.file_size,
5874 'created_on': self.created_on,
5874 'created_on': self.created_on,
5875 'uploaded_by': self.upload_user.get_api_data(details='basic'),
5875 'uploaded_by': self.upload_user.get_api_data(details='basic'),
5876 'downloaded_times': self.accessed_count,
5876 'downloaded_times': self.accessed_count,
5877 'sha256': self.file_hash,
5877 'sha256': self.file_hash,
5878 'metadata': self.file_metadata,
5878 'metadata': self.file_metadata,
5879 }
5879 }
5880
5880
5881 return data
5881 return data
5882
5882
5883 def __repr__(self):
5883 def __repr__(self):
5884 return f'<FileStore({self.file_store_id})>'
5884 return f'<FileStore({self.file_store_id})>'
5885
5885
5886
5886
5887 class FileStoreMetadata(Base, BaseModel):
5887 class FileStoreMetadata(Base, BaseModel):
5888 __tablename__ = 'file_store_metadata'
5888 __tablename__ = 'file_store_metadata'
5889 __table_args__ = (
5889 __table_args__ = (
5890 UniqueConstraint('file_store_id', 'file_store_meta_section_hash', 'file_store_meta_key_hash'),
5890 UniqueConstraint('file_store_id', 'file_store_meta_section_hash', 'file_store_meta_key_hash'),
5891 Index('file_store_meta_section_idx', 'file_store_meta_section', mysql_length=255),
5891 Index('file_store_meta_section_idx', 'file_store_meta_section', mysql_length=255),
5892 Index('file_store_meta_key_idx', 'file_store_meta_key', mysql_length=255),
5892 Index('file_store_meta_key_idx', 'file_store_meta_key', mysql_length=255),
5893 base_table_args
5893 base_table_args
5894 )
5894 )
5895 SETTINGS_TYPES = {
5895 SETTINGS_TYPES = {
5896 'str': safe_str,
5896 'str': safe_str,
5897 'int': safe_int,
5897 'int': safe_int,
5898 'unicode': safe_str,
5898 'unicode': safe_str,
5899 'bool': str2bool,
5899 'bool': str2bool,
5900 'list': functools.partial(aslist, sep=',')
5900 'list': functools.partial(aslist, sep=',')
5901 }
5901 }
5902
5902
5903 file_store_meta_id = Column(
5903 file_store_meta_id = Column(
5904 "file_store_meta_id", Integer(), nullable=False, unique=True, default=None,
5904 "file_store_meta_id", Integer(), nullable=False, unique=True, default=None,
5905 primary_key=True)
5905 primary_key=True)
5906 _file_store_meta_section = Column(
5906 _file_store_meta_section = Column(
5907 "file_store_meta_section", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5907 "file_store_meta_section", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5908 nullable=True, unique=None, default=None)
5908 nullable=True, unique=None, default=None)
5909 _file_store_meta_section_hash = Column(
5909 _file_store_meta_section_hash = Column(
5910 "file_store_meta_section_hash", String(255),
5910 "file_store_meta_section_hash", String(255),
5911 nullable=True, unique=None, default=None)
5911 nullable=True, unique=None, default=None)
5912 _file_store_meta_key = Column(
5912 _file_store_meta_key = Column(
5913 "file_store_meta_key", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5913 "file_store_meta_key", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5914 nullable=True, unique=None, default=None)
5914 nullable=True, unique=None, default=None)
5915 _file_store_meta_key_hash = Column(
5915 _file_store_meta_key_hash = Column(
5916 "file_store_meta_key_hash", String(255), nullable=True, unique=None, default=None)
5916 "file_store_meta_key_hash", String(255), nullable=True, unique=None, default=None)
5917 _file_store_meta_value = Column(
5917 _file_store_meta_value = Column(
5918 "file_store_meta_value", UnicodeText().with_variant(UnicodeText(20480), 'mysql'),
5918 "file_store_meta_value", UnicodeText().with_variant(UnicodeText(20480), 'mysql'),
5919 nullable=True, unique=None, default=None)
5919 nullable=True, unique=None, default=None)
5920 _file_store_meta_value_type = Column(
5920 _file_store_meta_value_type = Column(
5921 "file_store_meta_value_type", String(255), nullable=True, unique=None,
5921 "file_store_meta_value_type", String(255), nullable=True, unique=None,
5922 default='unicode')
5922 default='unicode')
5923
5923
5924 file_store_id = Column(
5924 file_store_id = Column(
5925 'file_store_id', Integer(), ForeignKey('file_store.file_store_id'),
5925 'file_store_id', Integer(), ForeignKey('file_store.file_store_id'),
5926 nullable=True, unique=None, default=None)
5926 nullable=True, unique=None, default=None)
5927
5927
5928 file_store = relationship('FileStore', lazy='joined', viewonly=True)
5928 file_store = relationship('FileStore', lazy='joined', viewonly=True)
5929
5929
5930 @classmethod
5930 @classmethod
5931 def valid_value_type(cls, value):
5931 def valid_value_type(cls, value):
5932 if value.split('.')[0] not in cls.SETTINGS_TYPES:
5932 if value.split('.')[0] not in cls.SETTINGS_TYPES:
5933 raise ArtifactMetadataBadValueType(
5933 raise ArtifactMetadataBadValueType(
5934 'value_type must be one of %s got %s' % (cls.SETTINGS_TYPES.keys(), value))
5934 'value_type must be one of %s got %s' % (cls.SETTINGS_TYPES.keys(), value))
5935
5935
5936 @hybrid_property
5936 @hybrid_property
5937 def file_store_meta_section(self):
5937 def file_store_meta_section(self):
5938 return self._file_store_meta_section
5938 return self._file_store_meta_section
5939
5939
5940 @file_store_meta_section.setter
5940 @file_store_meta_section.setter
5941 def file_store_meta_section(self, value):
5941 def file_store_meta_section(self, value):
5942 self._file_store_meta_section = value
5942 self._file_store_meta_section = value
5943 self._file_store_meta_section_hash = _hash_key(value)
5943 self._file_store_meta_section_hash = _hash_key(value)
5944
5944
5945 @hybrid_property
5945 @hybrid_property
5946 def file_store_meta_key(self):
5946 def file_store_meta_key(self):
5947 return self._file_store_meta_key
5947 return self._file_store_meta_key
5948
5948
5949 @file_store_meta_key.setter
5949 @file_store_meta_key.setter
5950 def file_store_meta_key(self, value):
5950 def file_store_meta_key(self, value):
5951 self._file_store_meta_key = value
5951 self._file_store_meta_key = value
5952 self._file_store_meta_key_hash = _hash_key(value)
5952 self._file_store_meta_key_hash = _hash_key(value)
5953
5953
5954 @hybrid_property
5954 @hybrid_property
5955 def file_store_meta_value(self):
5955 def file_store_meta_value(self):
5956 val = self._file_store_meta_value
5956 val = self._file_store_meta_value
5957
5957
5958 if self._file_store_meta_value_type:
5958 if self._file_store_meta_value_type:
5959 # e.g unicode.encrypted == unicode
5959 # e.g unicode.encrypted == unicode
5960 _type = self._file_store_meta_value_type.split('.')[0]
5960 _type = self._file_store_meta_value_type.split('.')[0]
5961 # decode the encrypted value if it's encrypted field type
5961 # decode the encrypted value if it's encrypted field type
5962 if '.encrypted' in self._file_store_meta_value_type:
5962 if '.encrypted' in self._file_store_meta_value_type:
5963 cipher = EncryptedTextValue()
5963 cipher = EncryptedTextValue()
5964 val = safe_str(cipher.process_result_value(val, None))
5964 val = safe_str(cipher.process_result_value(val, None))
5965 # do final type conversion
5965 # do final type conversion
5966 converter = self.SETTINGS_TYPES.get(_type) or self.SETTINGS_TYPES['unicode']
5966 converter = self.SETTINGS_TYPES.get(_type) or self.SETTINGS_TYPES['unicode']
5967 val = converter(val)
5967 val = converter(val)
5968
5968
5969 return val
5969 return val
5970
5970
5971 @file_store_meta_value.setter
5971 @file_store_meta_value.setter
5972 def file_store_meta_value(self, val):
5972 def file_store_meta_value(self, val):
5973 val = safe_str(val)
5973 val = safe_str(val)
5974 # encode the encrypted value
5974 # encode the encrypted value
5975 if '.encrypted' in self.file_store_meta_value_type:
5975 if '.encrypted' in self.file_store_meta_value_type:
5976 cipher = EncryptedTextValue()
5976 cipher = EncryptedTextValue()
5977 val = safe_str(cipher.process_bind_param(val, None))
5977 val = safe_str(cipher.process_bind_param(val, None))
5978 self._file_store_meta_value = val
5978 self._file_store_meta_value = val
5979
5979
5980 @hybrid_property
5980 @hybrid_property
5981 def file_store_meta_value_type(self):
5981 def file_store_meta_value_type(self):
5982 return self._file_store_meta_value_type
5982 return self._file_store_meta_value_type
5983
5983
5984 @file_store_meta_value_type.setter
5984 @file_store_meta_value_type.setter
5985 def file_store_meta_value_type(self, val):
5985 def file_store_meta_value_type(self, val):
5986 # e.g unicode.encrypted
5986 # e.g unicode.encrypted
5987 self.valid_value_type(val)
5987 self.valid_value_type(val)
5988 self._file_store_meta_value_type = val
5988 self._file_store_meta_value_type = val
5989
5989
5990 def __json__(self):
5990 def __json__(self):
5991 data = {
5991 data = {
5992 'artifact': self.file_store.file_uid,
5992 'artifact': self.file_store.file_uid,
5993 'section': self.file_store_meta_section,
5993 'section': self.file_store_meta_section,
5994 'key': self.file_store_meta_key,
5994 'key': self.file_store_meta_key,
5995 'value': self.file_store_meta_value,
5995 'value': self.file_store_meta_value,
5996 }
5996 }
5997
5997
5998 return data
5998 return data
5999
5999
6000 def __repr__(self):
6000 def __repr__(self):
6001 return '<%s[%s]%s=>%s]>' % (self.cls_name, self.file_store_meta_section,
6001 return '<%s[%s]%s=>%s]>' % (self.cls_name, self.file_store_meta_section,
6002 self.file_store_meta_key, self.file_store_meta_value)
6002 self.file_store_meta_key, self.file_store_meta_value)
6003
6003
6004
6004
6005 class DbMigrateVersion(Base, BaseModel):
6005 class DbMigrateVersion(Base, BaseModel):
6006 __tablename__ = 'db_migrate_version'
6006 __tablename__ = 'db_migrate_version'
6007 __table_args__ = (
6007 __table_args__ = (
6008 base_table_args,
6008 base_table_args,
6009 )
6009 )
6010
6010
6011 repository_id = Column('repository_id', String(250), primary_key=True)
6011 repository_id = Column('repository_id', String(250), primary_key=True)
6012 repository_path = Column('repository_path', Text)
6012 repository_path = Column('repository_path', Text)
6013 version = Column('version', Integer)
6013 version = Column('version', Integer)
6014
6014
6015 @classmethod
6015 @classmethod
6016 def set_version(cls, version):
6016 def set_version(cls, version):
6017 """
6017 """
6018 Helper for forcing a different version, usually for debugging purposes via ishell.
6018 Helper for forcing a different version, usually for debugging purposes via ishell.
6019 """
6019 """
6020 ver = DbMigrateVersion.query().first()
6020 ver = DbMigrateVersion.query().first()
6021 ver.version = version
6021 ver.version = version
6022 Session().commit()
6022 Session().commit()
6023
6023
6024
6024
6025 class DbSession(Base, BaseModel):
6025 class DbSession(Base, BaseModel):
6026 __tablename__ = 'db_session'
6026 __tablename__ = 'db_session'
6027 __table_args__ = (
6027 __table_args__ = (
6028 base_table_args,
6028 base_table_args,
6029 )
6029 )
6030
6030
6031 def __repr__(self):
6031 def __repr__(self):
6032 return f'<DB:DbSession({self.id})>'
6032 return f'<DB:DbSession({self.id})>'
6033
6033
6034 id = Column('id', Integer())
6034 id = Column('id', Integer())
6035 namespace = Column('namespace', String(255), primary_key=True)
6035 namespace = Column('namespace', String(255), primary_key=True)
6036 accessed = Column('accessed', DateTime, nullable=False)
6036 accessed = Column('accessed', DateTime, nullable=False)
6037 created = Column('created', DateTime, nullable=False)
6037 created = Column('created', DateTime, nullable=False)
6038 data = Column('data', PickleType, nullable=False)
6038 data = Column('data', PickleType, nullable=False)
General Comments 0
You need to be logged in to leave comments. Login now