##// END OF EJS Templates
branch-rules forbid removal of permissions assigned.
marcink -
r2977:239b4827 default
parent child Browse files
Show More
@@ -1,4690 +1,4694 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2018 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 Database Models for RhodeCode Enterprise
23 23 """
24 24
25 25 import re
26 26 import os
27 27 import time
28 28 import hashlib
29 29 import logging
30 30 import datetime
31 31 import warnings
32 32 import ipaddress
33 33 import functools
34 34 import traceback
35 35 import collections
36 36
37 37 from sqlalchemy import (
38 38 or_, and_, not_, func, TypeDecorator, event,
39 39 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
40 40 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
41 41 Text, Float, PickleType)
42 42 from sqlalchemy.sql.expression import true, false
43 43 from sqlalchemy.sql.functions import coalesce, count # noqa
44 44 from sqlalchemy.orm import (
45 45 relationship, joinedload, class_mapper, validates, aliased)
46 46 from sqlalchemy.ext.declarative import declared_attr
47 47 from sqlalchemy.ext.hybrid import hybrid_property
48 48 from sqlalchemy.exc import IntegrityError # noqa
49 49 from sqlalchemy.dialects.mysql import LONGTEXT
50 50 from zope.cachedescriptors.property import Lazy as LazyProperty
51 51
52 52 from pyramid.threadlocal import get_current_request
53 53
54 54 from rhodecode.translation import _
55 55 from rhodecode.lib.vcs import get_vcs_instance
56 56 from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
57 57 from rhodecode.lib.utils2 import (
58 58 str2bool, safe_str, get_commit_safe, safe_unicode, sha1_safe,
59 59 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
60 60 glob2re, StrictAttributeDict, cleaned_uri)
61 61 from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \
62 62 JsonRaw
63 63 from rhodecode.lib.ext_json import json
64 64 from rhodecode.lib.caching_query import FromCache
65 65 from rhodecode.lib.encrypt import AESCipher
66 66
67 67 from rhodecode.model.meta import Base, Session
68 68
69 69 URL_SEP = '/'
70 70 log = logging.getLogger(__name__)
71 71
72 72 # =============================================================================
73 73 # BASE CLASSES
74 74 # =============================================================================
75 75
76 76 # this is propagated from .ini file rhodecode.encrypted_values.secret or
77 77 # beaker.session.secret if first is not set.
78 78 # and initialized at environment.py
79 79 ENCRYPTION_KEY = None
80 80
81 81 # used to sort permissions by types, '#' used here is not allowed to be in
82 82 # usernames, and it's very early in sorted string.printable table.
83 83 PERMISSION_TYPE_SORT = {
84 84 'admin': '####',
85 85 'write': '###',
86 86 'read': '##',
87 87 'none': '#',
88 88 }
89 89
90 90
91 91 def display_user_sort(obj):
92 92 """
93 93 Sort function used to sort permissions in .permissions() function of
94 94 Repository, RepoGroup, UserGroup. Also it put the default user in front
95 95 of all other resources
96 96 """
97 97
98 98 if obj.username == User.DEFAULT_USER:
99 99 return '#####'
100 100 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
101 101 return prefix + obj.username
102 102
103 103
104 104 def display_user_group_sort(obj):
105 105 """
106 106 Sort function used to sort permissions in .permissions() function of
107 107 Repository, RepoGroup, UserGroup. Also it put the default user in front
108 108 of all other resources
109 109 """
110 110
111 111 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
112 112 return prefix + obj.users_group_name
113 113
114 114
115 115 def _hash_key(k):
116 116 return sha1_safe(k)
117 117
118 118
119 119 def in_filter_generator(qry, items, limit=500):
120 120 """
121 121 Splits IN() into multiple with OR
122 122 e.g.::
123 123 cnt = Repository.query().filter(
124 124 or_(
125 125 *in_filter_generator(Repository.repo_id, range(100000))
126 126 )).count()
127 127 """
128 128 if not items:
129 129 # empty list will cause empty query which might cause security issues
130 130 # this can lead to hidden unpleasant results
131 131 items = [-1]
132 132
133 133 parts = []
134 134 for chunk in xrange(0, len(items), limit):
135 135 parts.append(
136 136 qry.in_(items[chunk: chunk + limit])
137 137 )
138 138
139 139 return parts
140 140
141 141
142 142 base_table_args = {
143 143 'extend_existing': True,
144 144 'mysql_engine': 'InnoDB',
145 145 'mysql_charset': 'utf8',
146 146 'sqlite_autoincrement': True
147 147 }
148 148
149 149
150 150 class EncryptedTextValue(TypeDecorator):
151 151 """
152 152 Special column for encrypted long text data, use like::
153 153
154 154 value = Column("encrypted_value", EncryptedValue(), nullable=False)
155 155
156 156 This column is intelligent so if value is in unencrypted form it return
157 157 unencrypted form, but on save it always encrypts
158 158 """
159 159 impl = Text
160 160
161 161 def process_bind_param(self, value, dialect):
162 162 if not value:
163 163 return value
164 164 if value.startswith('enc$aes$') or value.startswith('enc$aes_hmac$'):
165 165 # protect against double encrypting if someone manually starts
166 166 # doing
167 167 raise ValueError('value needs to be in unencrypted format, ie. '
168 168 'not starting with enc$aes')
169 169 return 'enc$aes_hmac$%s' % AESCipher(
170 170 ENCRYPTION_KEY, hmac=True).encrypt(value)
171 171
172 172 def process_result_value(self, value, dialect):
173 173 import rhodecode
174 174
175 175 if not value:
176 176 return value
177 177
178 178 parts = value.split('$', 3)
179 179 if not len(parts) == 3:
180 180 # probably not encrypted values
181 181 return value
182 182 else:
183 183 if parts[0] != 'enc':
184 184 # parts ok but without our header ?
185 185 return value
186 186 enc_strict_mode = str2bool(rhodecode.CONFIG.get(
187 187 'rhodecode.encrypted_values.strict') or True)
188 188 # at that stage we know it's our encryption
189 189 if parts[1] == 'aes':
190 190 decrypted_data = AESCipher(ENCRYPTION_KEY).decrypt(parts[2])
191 191 elif parts[1] == 'aes_hmac':
192 192 decrypted_data = AESCipher(
193 193 ENCRYPTION_KEY, hmac=True,
194 194 strict_verification=enc_strict_mode).decrypt(parts[2])
195 195 else:
196 196 raise ValueError(
197 197 'Encryption type part is wrong, must be `aes` '
198 198 'or `aes_hmac`, got `%s` instead' % (parts[1]))
199 199 return decrypted_data
200 200
201 201
202 202 class BaseModel(object):
203 203 """
204 204 Base Model for all classes
205 205 """
206 206
207 207 @classmethod
208 208 def _get_keys(cls):
209 209 """return column names for this model """
210 210 return class_mapper(cls).c.keys()
211 211
212 212 def get_dict(self):
213 213 """
214 214 return dict with keys and values corresponding
215 215 to this model data """
216 216
217 217 d = {}
218 218 for k in self._get_keys():
219 219 d[k] = getattr(self, k)
220 220
221 221 # also use __json__() if present to get additional fields
222 222 _json_attr = getattr(self, '__json__', None)
223 223 if _json_attr:
224 224 # update with attributes from __json__
225 225 if callable(_json_attr):
226 226 _json_attr = _json_attr()
227 227 for k, val in _json_attr.iteritems():
228 228 d[k] = val
229 229 return d
230 230
231 231 def get_appstruct(self):
232 232 """return list with keys and values tuples corresponding
233 233 to this model data """
234 234
235 235 lst = []
236 236 for k in self._get_keys():
237 237 lst.append((k, getattr(self, k),))
238 238 return lst
239 239
240 240 def populate_obj(self, populate_dict):
241 241 """populate model with data from given populate_dict"""
242 242
243 243 for k in self._get_keys():
244 244 if k in populate_dict:
245 245 setattr(self, k, populate_dict[k])
246 246
247 247 @classmethod
248 248 def query(cls):
249 249 return Session().query(cls)
250 250
251 251 @classmethod
252 252 def get(cls, id_):
253 253 if id_:
254 254 return cls.query().get(id_)
255 255
256 256 @classmethod
257 257 def get_or_404(cls, id_):
258 258 from pyramid.httpexceptions import HTTPNotFound
259 259
260 260 try:
261 261 id_ = int(id_)
262 262 except (TypeError, ValueError):
263 263 raise HTTPNotFound()
264 264
265 265 res = cls.query().get(id_)
266 266 if not res:
267 267 raise HTTPNotFound()
268 268 return res
269 269
270 270 @classmethod
271 271 def getAll(cls):
272 272 # deprecated and left for backward compatibility
273 273 return cls.get_all()
274 274
275 275 @classmethod
276 276 def get_all(cls):
277 277 return cls.query().all()
278 278
279 279 @classmethod
280 280 def delete(cls, id_):
281 281 obj = cls.query().get(id_)
282 282 Session().delete(obj)
283 283
284 284 @classmethod
285 285 def identity_cache(cls, session, attr_name, value):
286 286 exist_in_session = []
287 287 for (item_cls, pkey), instance in session.identity_map.items():
288 288 if cls == item_cls and getattr(instance, attr_name) == value:
289 289 exist_in_session.append(instance)
290 290 if exist_in_session:
291 291 if len(exist_in_session) == 1:
292 292 return exist_in_session[0]
293 293 log.exception(
294 294 'multiple objects with attr %s and '
295 295 'value %s found with same name: %r',
296 296 attr_name, value, exist_in_session)
297 297
298 298 def __repr__(self):
299 299 if hasattr(self, '__unicode__'):
300 300 # python repr needs to return str
301 301 try:
302 302 return safe_str(self.__unicode__())
303 303 except UnicodeDecodeError:
304 304 pass
305 305 return '<DB:%s>' % (self.__class__.__name__)
306 306
307 307
308 308 class RhodeCodeSetting(Base, BaseModel):
309 309 __tablename__ = 'rhodecode_settings'
310 310 __table_args__ = (
311 311 UniqueConstraint('app_settings_name'),
312 312 base_table_args
313 313 )
314 314
315 315 SETTINGS_TYPES = {
316 316 'str': safe_str,
317 317 'int': safe_int,
318 318 'unicode': safe_unicode,
319 319 'bool': str2bool,
320 320 'list': functools.partial(aslist, sep=',')
321 321 }
322 322 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
323 323 GLOBAL_CONF_KEY = 'app_settings'
324 324
325 325 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
326 326 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
327 327 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
328 328 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
329 329
330 330 def __init__(self, key='', val='', type='unicode'):
331 331 self.app_settings_name = key
332 332 self.app_settings_type = type
333 333 self.app_settings_value = val
334 334
335 335 @validates('_app_settings_value')
336 336 def validate_settings_value(self, key, val):
337 337 assert type(val) == unicode
338 338 return val
339 339
340 340 @hybrid_property
341 341 def app_settings_value(self):
342 342 v = self._app_settings_value
343 343 _type = self.app_settings_type
344 344 if _type:
345 345 _type = self.app_settings_type.split('.')[0]
346 346 # decode the encrypted value
347 347 if 'encrypted' in self.app_settings_type:
348 348 cipher = EncryptedTextValue()
349 349 v = safe_unicode(cipher.process_result_value(v, None))
350 350
351 351 converter = self.SETTINGS_TYPES.get(_type) or \
352 352 self.SETTINGS_TYPES['unicode']
353 353 return converter(v)
354 354
355 355 @app_settings_value.setter
356 356 def app_settings_value(self, val):
357 357 """
358 358 Setter that will always make sure we use unicode in app_settings_value
359 359
360 360 :param val:
361 361 """
362 362 val = safe_unicode(val)
363 363 # encode the encrypted value
364 364 if 'encrypted' in self.app_settings_type:
365 365 cipher = EncryptedTextValue()
366 366 val = safe_unicode(cipher.process_bind_param(val, None))
367 367 self._app_settings_value = val
368 368
369 369 @hybrid_property
370 370 def app_settings_type(self):
371 371 return self._app_settings_type
372 372
373 373 @app_settings_type.setter
374 374 def app_settings_type(self, val):
375 375 if val.split('.')[0] not in self.SETTINGS_TYPES:
376 376 raise Exception('type must be one of %s got %s'
377 377 % (self.SETTINGS_TYPES.keys(), val))
378 378 self._app_settings_type = val
379 379
380 380 def __unicode__(self):
381 381 return u"<%s('%s:%s[%s]')>" % (
382 382 self.__class__.__name__,
383 383 self.app_settings_name, self.app_settings_value,
384 384 self.app_settings_type
385 385 )
386 386
387 387
388 388 class RhodeCodeUi(Base, BaseModel):
389 389 __tablename__ = 'rhodecode_ui'
390 390 __table_args__ = (
391 391 UniqueConstraint('ui_key'),
392 392 base_table_args
393 393 )
394 394
395 395 HOOK_REPO_SIZE = 'changegroup.repo_size'
396 396 # HG
397 397 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
398 398 HOOK_PULL = 'outgoing.pull_logger'
399 399 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
400 400 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
401 401 HOOK_PUSH = 'changegroup.push_logger'
402 402 HOOK_PUSH_KEY = 'pushkey.key_push'
403 403
404 404 # TODO: johbo: Unify way how hooks are configured for git and hg,
405 405 # git part is currently hardcoded.
406 406
407 407 # SVN PATTERNS
408 408 SVN_BRANCH_ID = 'vcs_svn_branch'
409 409 SVN_TAG_ID = 'vcs_svn_tag'
410 410
411 411 ui_id = Column(
412 412 "ui_id", Integer(), nullable=False, unique=True, default=None,
413 413 primary_key=True)
414 414 ui_section = Column(
415 415 "ui_section", String(255), nullable=True, unique=None, default=None)
416 416 ui_key = Column(
417 417 "ui_key", String(255), nullable=True, unique=None, default=None)
418 418 ui_value = Column(
419 419 "ui_value", String(255), nullable=True, unique=None, default=None)
420 420 ui_active = Column(
421 421 "ui_active", Boolean(), nullable=True, unique=None, default=True)
422 422
423 423 def __repr__(self):
424 424 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
425 425 self.ui_key, self.ui_value)
426 426
427 427
428 428 class RepoRhodeCodeSetting(Base, BaseModel):
429 429 __tablename__ = 'repo_rhodecode_settings'
430 430 __table_args__ = (
431 431 UniqueConstraint(
432 432 'app_settings_name', 'repository_id',
433 433 name='uq_repo_rhodecode_setting_name_repo_id'),
434 434 base_table_args
435 435 )
436 436
437 437 repository_id = Column(
438 438 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
439 439 nullable=False)
440 440 app_settings_id = Column(
441 441 "app_settings_id", Integer(), nullable=False, unique=True,
442 442 default=None, primary_key=True)
443 443 app_settings_name = Column(
444 444 "app_settings_name", String(255), nullable=True, unique=None,
445 445 default=None)
446 446 _app_settings_value = Column(
447 447 "app_settings_value", String(4096), nullable=True, unique=None,
448 448 default=None)
449 449 _app_settings_type = Column(
450 450 "app_settings_type", String(255), nullable=True, unique=None,
451 451 default=None)
452 452
453 453 repository = relationship('Repository')
454 454
455 455 def __init__(self, repository_id, key='', val='', type='unicode'):
456 456 self.repository_id = repository_id
457 457 self.app_settings_name = key
458 458 self.app_settings_type = type
459 459 self.app_settings_value = val
460 460
461 461 @validates('_app_settings_value')
462 462 def validate_settings_value(self, key, val):
463 463 assert type(val) == unicode
464 464 return val
465 465
466 466 @hybrid_property
467 467 def app_settings_value(self):
468 468 v = self._app_settings_value
469 469 type_ = self.app_settings_type
470 470 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
471 471 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
472 472 return converter(v)
473 473
474 474 @app_settings_value.setter
475 475 def app_settings_value(self, val):
476 476 """
477 477 Setter that will always make sure we use unicode in app_settings_value
478 478
479 479 :param val:
480 480 """
481 481 self._app_settings_value = safe_unicode(val)
482 482
483 483 @hybrid_property
484 484 def app_settings_type(self):
485 485 return self._app_settings_type
486 486
487 487 @app_settings_type.setter
488 488 def app_settings_type(self, val):
489 489 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
490 490 if val not in SETTINGS_TYPES:
491 491 raise Exception('type must be one of %s got %s'
492 492 % (SETTINGS_TYPES.keys(), val))
493 493 self._app_settings_type = val
494 494
495 495 def __unicode__(self):
496 496 return u"<%s('%s:%s:%s[%s]')>" % (
497 497 self.__class__.__name__, self.repository.repo_name,
498 498 self.app_settings_name, self.app_settings_value,
499 499 self.app_settings_type
500 500 )
501 501
502 502
503 503 class RepoRhodeCodeUi(Base, BaseModel):
504 504 __tablename__ = 'repo_rhodecode_ui'
505 505 __table_args__ = (
506 506 UniqueConstraint(
507 507 'repository_id', 'ui_section', 'ui_key',
508 508 name='uq_repo_rhodecode_ui_repository_id_section_key'),
509 509 base_table_args
510 510 )
511 511
512 512 repository_id = Column(
513 513 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
514 514 nullable=False)
515 515 ui_id = Column(
516 516 "ui_id", Integer(), nullable=False, unique=True, default=None,
517 517 primary_key=True)
518 518 ui_section = Column(
519 519 "ui_section", String(255), nullable=True, unique=None, default=None)
520 520 ui_key = Column(
521 521 "ui_key", String(255), nullable=True, unique=None, default=None)
522 522 ui_value = Column(
523 523 "ui_value", String(255), nullable=True, unique=None, default=None)
524 524 ui_active = Column(
525 525 "ui_active", Boolean(), nullable=True, unique=None, default=True)
526 526
527 527 repository = relationship('Repository')
528 528
529 529 def __repr__(self):
530 530 return '<%s[%s:%s]%s=>%s]>' % (
531 531 self.__class__.__name__, self.repository.repo_name,
532 532 self.ui_section, self.ui_key, self.ui_value)
533 533
534 534
535 535 class User(Base, BaseModel):
536 536 __tablename__ = 'users'
537 537 __table_args__ = (
538 538 UniqueConstraint('username'), UniqueConstraint('email'),
539 539 Index('u_username_idx', 'username'),
540 540 Index('u_email_idx', 'email'),
541 541 base_table_args
542 542 )
543 543
544 544 DEFAULT_USER = 'default'
545 545 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
546 546 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
547 547
548 548 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
549 549 username = Column("username", String(255), nullable=True, unique=None, default=None)
550 550 password = Column("password", String(255), nullable=True, unique=None, default=None)
551 551 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
552 552 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
553 553 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
554 554 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
555 555 _email = Column("email", String(255), nullable=True, unique=None, default=None)
556 556 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
557 557 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
558 558
559 559 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
560 560 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
561 561 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
562 562 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
563 563 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
564 564 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
565 565
566 566 user_log = relationship('UserLog')
567 567 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
568 568
569 569 repositories = relationship('Repository')
570 570 repository_groups = relationship('RepoGroup')
571 571 user_groups = relationship('UserGroup')
572 572
573 573 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
574 574 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
575 575
576 576 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
577 577 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
578 578 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all')
579 579
580 580 group_member = relationship('UserGroupMember', cascade='all')
581 581
582 582 notifications = relationship('UserNotification', cascade='all')
583 583 # notifications assigned to this user
584 584 user_created_notifications = relationship('Notification', cascade='all')
585 585 # comments created by this user
586 586 user_comments = relationship('ChangesetComment', cascade='all')
587 587 # user profile extra info
588 588 user_emails = relationship('UserEmailMap', cascade='all')
589 589 user_ip_map = relationship('UserIpMap', cascade='all')
590 590 user_auth_tokens = relationship('UserApiKeys', cascade='all')
591 591 user_ssh_keys = relationship('UserSshKeys', cascade='all')
592 592
593 593 # gists
594 594 user_gists = relationship('Gist', cascade='all')
595 595 # user pull requests
596 596 user_pull_requests = relationship('PullRequest', cascade='all')
597 597 # external identities
598 598 extenal_identities = relationship(
599 599 'ExternalIdentity',
600 600 primaryjoin="User.user_id==ExternalIdentity.local_user_id",
601 601 cascade='all')
602 602 # review rules
603 603 user_review_rules = relationship('RepoReviewRuleUser', cascade='all')
604 604
605 605 def __unicode__(self):
606 606 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
607 607 self.user_id, self.username)
608 608
609 609 @hybrid_property
610 610 def email(self):
611 611 return self._email
612 612
613 613 @email.setter
614 614 def email(self, val):
615 615 self._email = val.lower() if val else None
616 616
617 617 @hybrid_property
618 618 def first_name(self):
619 619 from rhodecode.lib import helpers as h
620 620 if self.name:
621 621 return h.escape(self.name)
622 622 return self.name
623 623
624 624 @hybrid_property
625 625 def last_name(self):
626 626 from rhodecode.lib import helpers as h
627 627 if self.lastname:
628 628 return h.escape(self.lastname)
629 629 return self.lastname
630 630
631 631 @hybrid_property
632 632 def api_key(self):
633 633 """
634 634 Fetch if exist an auth-token with role ALL connected to this user
635 635 """
636 636 user_auth_token = UserApiKeys.query()\
637 637 .filter(UserApiKeys.user_id == self.user_id)\
638 638 .filter(or_(UserApiKeys.expires == -1,
639 639 UserApiKeys.expires >= time.time()))\
640 640 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
641 641 if user_auth_token:
642 642 user_auth_token = user_auth_token.api_key
643 643
644 644 return user_auth_token
645 645
646 646 @api_key.setter
647 647 def api_key(self, val):
648 648 # don't allow to set API key this is deprecated for now
649 649 self._api_key = None
650 650
651 651 @property
652 652 def reviewer_pull_requests(self):
653 653 return PullRequestReviewers.query() \
654 654 .options(joinedload(PullRequestReviewers.pull_request)) \
655 655 .filter(PullRequestReviewers.user_id == self.user_id) \
656 656 .all()
657 657
658 658 @property
659 659 def firstname(self):
660 660 # alias for future
661 661 return self.name
662 662
663 663 @property
664 664 def emails(self):
665 665 other = UserEmailMap.query()\
666 666 .filter(UserEmailMap.user == self) \
667 667 .order_by(UserEmailMap.email_id.asc()) \
668 668 .all()
669 669 return [self.email] + [x.email for x in other]
670 670
671 671 @property
672 672 def auth_tokens(self):
673 673 auth_tokens = self.get_auth_tokens()
674 674 return [x.api_key for x in auth_tokens]
675 675
676 676 def get_auth_tokens(self):
677 677 return UserApiKeys.query()\
678 678 .filter(UserApiKeys.user == self)\
679 679 .order_by(UserApiKeys.user_api_key_id.asc())\
680 680 .all()
681 681
682 682 @LazyProperty
683 683 def feed_token(self):
684 684 return self.get_feed_token()
685 685
686 686 def get_feed_token(self, cache=True):
687 687 feed_tokens = UserApiKeys.query()\
688 688 .filter(UserApiKeys.user == self)\
689 689 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
690 690 if cache:
691 691 feed_tokens = feed_tokens.options(
692 692 FromCache("sql_cache_short", "get_user_feed_token_%s" % self.user_id))
693 693
694 694 feed_tokens = feed_tokens.all()
695 695 if feed_tokens:
696 696 return feed_tokens[0].api_key
697 697 return 'NO_FEED_TOKEN_AVAILABLE'
698 698
699 699 @classmethod
700 700 def get(cls, user_id, cache=False):
701 701 if not user_id:
702 702 return
703 703
704 704 user = cls.query()
705 705 if cache:
706 706 user = user.options(
707 707 FromCache("sql_cache_short", "get_users_%s" % user_id))
708 708 return user.get(user_id)
709 709
710 710 @classmethod
711 711 def extra_valid_auth_tokens(cls, user, role=None):
712 712 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
713 713 .filter(or_(UserApiKeys.expires == -1,
714 714 UserApiKeys.expires >= time.time()))
715 715 if role:
716 716 tokens = tokens.filter(or_(UserApiKeys.role == role,
717 717 UserApiKeys.role == UserApiKeys.ROLE_ALL))
718 718 return tokens.all()
719 719
720 720 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
721 721 from rhodecode.lib import auth
722 722
723 723 log.debug('Trying to authenticate user: %s via auth-token, '
724 724 'and roles: %s', self, roles)
725 725
726 726 if not auth_token:
727 727 return False
728 728
729 729 crypto_backend = auth.crypto_backend()
730 730
731 731 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
732 732 tokens_q = UserApiKeys.query()\
733 733 .filter(UserApiKeys.user_id == self.user_id)\
734 734 .filter(or_(UserApiKeys.expires == -1,
735 735 UserApiKeys.expires >= time.time()))
736 736
737 737 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
738 738
739 739 plain_tokens = []
740 740 hash_tokens = []
741 741
742 742 for token in tokens_q.all():
743 743 # verify scope first
744 744 if token.repo_id:
745 745 # token has a scope, we need to verify it
746 746 if scope_repo_id != token.repo_id:
747 747 log.debug(
748 748 'Scope mismatch: token has a set repo scope: %s, '
749 749 'and calling scope is:%s, skipping further checks',
750 750 token.repo, scope_repo_id)
751 751 # token has a scope, and it doesn't match, skip token
752 752 continue
753 753
754 754 if token.api_key.startswith(crypto_backend.ENC_PREF):
755 755 hash_tokens.append(token.api_key)
756 756 else:
757 757 plain_tokens.append(token.api_key)
758 758
759 759 is_plain_match = auth_token in plain_tokens
760 760 if is_plain_match:
761 761 return True
762 762
763 763 for hashed in hash_tokens:
764 764 # TODO(marcink): this is expensive to calculate, but most secure
765 765 match = crypto_backend.hash_check(auth_token, hashed)
766 766 if match:
767 767 return True
768 768
769 769 return False
770 770
771 771 @property
772 772 def ip_addresses(self):
773 773 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
774 774 return [x.ip_addr for x in ret]
775 775
776 776 @property
777 777 def username_and_name(self):
778 778 return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
779 779
780 780 @property
781 781 def username_or_name_or_email(self):
782 782 full_name = self.full_name if self.full_name is not ' ' else None
783 783 return self.username or full_name or self.email
784 784
785 785 @property
786 786 def full_name(self):
787 787 return '%s %s' % (self.first_name, self.last_name)
788 788
789 789 @property
790 790 def full_name_or_username(self):
791 791 return ('%s %s' % (self.first_name, self.last_name)
792 792 if (self.first_name and self.last_name) else self.username)
793 793
794 794 @property
795 795 def full_contact(self):
796 796 return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
797 797
798 798 @property
799 799 def short_contact(self):
800 800 return '%s %s' % (self.first_name, self.last_name)
801 801
802 802 @property
803 803 def is_admin(self):
804 804 return self.admin
805 805
806 806 def AuthUser(self, **kwargs):
807 807 """
808 808 Returns instance of AuthUser for this user
809 809 """
810 810 from rhodecode.lib.auth import AuthUser
811 811 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
812 812
813 813 @hybrid_property
814 814 def user_data(self):
815 815 if not self._user_data:
816 816 return {}
817 817
818 818 try:
819 819 return json.loads(self._user_data)
820 820 except TypeError:
821 821 return {}
822 822
823 823 @user_data.setter
824 824 def user_data(self, val):
825 825 if not isinstance(val, dict):
826 826 raise Exception('user_data must be dict, got %s' % type(val))
827 827 try:
828 828 self._user_data = json.dumps(val)
829 829 except Exception:
830 830 log.error(traceback.format_exc())
831 831
832 832 @classmethod
833 833 def get_by_username(cls, username, case_insensitive=False,
834 834 cache=False, identity_cache=False):
835 835 session = Session()
836 836
837 837 if case_insensitive:
838 838 q = cls.query().filter(
839 839 func.lower(cls.username) == func.lower(username))
840 840 else:
841 841 q = cls.query().filter(cls.username == username)
842 842
843 843 if cache:
844 844 if identity_cache:
845 845 val = cls.identity_cache(session, 'username', username)
846 846 if val:
847 847 return val
848 848 else:
849 849 cache_key = "get_user_by_name_%s" % _hash_key(username)
850 850 q = q.options(
851 851 FromCache("sql_cache_short", cache_key))
852 852
853 853 return q.scalar()
854 854
855 855 @classmethod
856 856 def get_by_auth_token(cls, auth_token, cache=False):
857 857 q = UserApiKeys.query()\
858 858 .filter(UserApiKeys.api_key == auth_token)\
859 859 .filter(or_(UserApiKeys.expires == -1,
860 860 UserApiKeys.expires >= time.time()))
861 861 if cache:
862 862 q = q.options(
863 863 FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
864 864
865 865 match = q.first()
866 866 if match:
867 867 return match.user
868 868
869 869 @classmethod
870 870 def get_by_email(cls, email, case_insensitive=False, cache=False):
871 871
872 872 if case_insensitive:
873 873 q = cls.query().filter(func.lower(cls.email) == func.lower(email))
874 874
875 875 else:
876 876 q = cls.query().filter(cls.email == email)
877 877
878 878 email_key = _hash_key(email)
879 879 if cache:
880 880 q = q.options(
881 881 FromCache("sql_cache_short", "get_email_key_%s" % email_key))
882 882
883 883 ret = q.scalar()
884 884 if ret is None:
885 885 q = UserEmailMap.query()
886 886 # try fetching in alternate email map
887 887 if case_insensitive:
888 888 q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
889 889 else:
890 890 q = q.filter(UserEmailMap.email == email)
891 891 q = q.options(joinedload(UserEmailMap.user))
892 892 if cache:
893 893 q = q.options(
894 894 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
895 895 ret = getattr(q.scalar(), 'user', None)
896 896
897 897 return ret
898 898
899 899 @classmethod
900 900 def get_from_cs_author(cls, author):
901 901 """
902 902 Tries to get User objects out of commit author string
903 903
904 904 :param author:
905 905 """
906 906 from rhodecode.lib.helpers import email, author_name
907 907 # Valid email in the attribute passed, see if they're in the system
908 908 _email = email(author)
909 909 if _email:
910 910 user = cls.get_by_email(_email, case_insensitive=True)
911 911 if user:
912 912 return user
913 913 # Maybe we can match by username?
914 914 _author = author_name(author)
915 915 user = cls.get_by_username(_author, case_insensitive=True)
916 916 if user:
917 917 return user
918 918
919 919 def update_userdata(self, **kwargs):
920 920 usr = self
921 921 old = usr.user_data
922 922 old.update(**kwargs)
923 923 usr.user_data = old
924 924 Session().add(usr)
925 925 log.debug('updated userdata with ', kwargs)
926 926
927 927 def update_lastlogin(self):
928 928 """Update user lastlogin"""
929 929 self.last_login = datetime.datetime.now()
930 930 Session().add(self)
931 931 log.debug('updated user %s lastlogin', self.username)
932 932
933 933 def update_password(self, new_password):
934 934 from rhodecode.lib.auth import get_crypt_password
935 935
936 936 self.password = get_crypt_password(new_password)
937 937 Session().add(self)
938 938
939 939 @classmethod
940 940 def get_first_super_admin(cls):
941 941 user = User.query().filter(User.admin == true()).first()
942 942 if user is None:
943 943 raise Exception('FATAL: Missing administrative account!')
944 944 return user
945 945
946 946 @classmethod
947 947 def get_all_super_admins(cls):
948 948 """
949 949 Returns all admin accounts sorted by username
950 950 """
951 951 return User.query().filter(User.admin == true())\
952 952 .order_by(User.username.asc()).all()
953 953
954 954 @classmethod
955 955 def get_default_user(cls, cache=False, refresh=False):
956 956 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
957 957 if user is None:
958 958 raise Exception('FATAL: Missing default account!')
959 959 if refresh:
960 960 # The default user might be based on outdated state which
961 961 # has been loaded from the cache.
962 962 # A call to refresh() ensures that the
963 963 # latest state from the database is used.
964 964 Session().refresh(user)
965 965 return user
966 966
967 967 def _get_default_perms(self, user, suffix=''):
968 968 from rhodecode.model.permission import PermissionModel
969 969 return PermissionModel().get_default_perms(user.user_perms, suffix)
970 970
971 971 def get_default_perms(self, suffix=''):
972 972 return self._get_default_perms(self, suffix)
973 973
974 974 def get_api_data(self, include_secrets=False, details='full'):
975 975 """
976 976 Common function for generating user related data for API
977 977
978 978 :param include_secrets: By default secrets in the API data will be replaced
979 979 by a placeholder value to prevent exposing this data by accident. In case
980 980 this data shall be exposed, set this flag to ``True``.
981 981
982 982 :param details: details can be 'basic|full' basic gives only a subset of
983 983 the available user information that includes user_id, name and emails.
984 984 """
985 985 user = self
986 986 user_data = self.user_data
987 987 data = {
988 988 'user_id': user.user_id,
989 989 'username': user.username,
990 990 'firstname': user.name,
991 991 'lastname': user.lastname,
992 992 'email': user.email,
993 993 'emails': user.emails,
994 994 }
995 995 if details == 'basic':
996 996 return data
997 997
998 998 auth_token_length = 40
999 999 auth_token_replacement = '*' * auth_token_length
1000 1000
1001 1001 extras = {
1002 1002 'auth_tokens': [auth_token_replacement],
1003 1003 'active': user.active,
1004 1004 'admin': user.admin,
1005 1005 'extern_type': user.extern_type,
1006 1006 'extern_name': user.extern_name,
1007 1007 'last_login': user.last_login,
1008 1008 'last_activity': user.last_activity,
1009 1009 'ip_addresses': user.ip_addresses,
1010 1010 'language': user_data.get('language')
1011 1011 }
1012 1012 data.update(extras)
1013 1013
1014 1014 if include_secrets:
1015 1015 data['auth_tokens'] = user.auth_tokens
1016 1016 return data
1017 1017
1018 1018 def __json__(self):
1019 1019 data = {
1020 1020 'full_name': self.full_name,
1021 1021 'full_name_or_username': self.full_name_or_username,
1022 1022 'short_contact': self.short_contact,
1023 1023 'full_contact': self.full_contact,
1024 1024 }
1025 1025 data.update(self.get_api_data())
1026 1026 return data
1027 1027
1028 1028
1029 1029 class UserApiKeys(Base, BaseModel):
1030 1030 __tablename__ = 'user_api_keys'
1031 1031 __table_args__ = (
1032 1032 Index('uak_api_key_idx', 'api_key', unique=True),
1033 1033 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1034 1034 base_table_args
1035 1035 )
1036 1036 __mapper_args__ = {}
1037 1037
1038 1038 # ApiKey role
1039 1039 ROLE_ALL = 'token_role_all'
1040 1040 ROLE_HTTP = 'token_role_http'
1041 1041 ROLE_VCS = 'token_role_vcs'
1042 1042 ROLE_API = 'token_role_api'
1043 1043 ROLE_FEED = 'token_role_feed'
1044 1044 ROLE_PASSWORD_RESET = 'token_password_reset'
1045 1045
1046 1046 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
1047 1047
1048 1048 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1049 1049 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1050 1050 api_key = Column("api_key", String(255), nullable=False, unique=True)
1051 1051 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1052 1052 expires = Column('expires', Float(53), nullable=False)
1053 1053 role = Column('role', String(255), nullable=True)
1054 1054 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1055 1055
1056 1056 # scope columns
1057 1057 repo_id = Column(
1058 1058 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1059 1059 nullable=True, unique=None, default=None)
1060 1060 repo = relationship('Repository', lazy='joined')
1061 1061
1062 1062 repo_group_id = Column(
1063 1063 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1064 1064 nullable=True, unique=None, default=None)
1065 1065 repo_group = relationship('RepoGroup', lazy='joined')
1066 1066
1067 1067 user = relationship('User', lazy='joined')
1068 1068
1069 1069 def __unicode__(self):
1070 1070 return u"<%s('%s')>" % (self.__class__.__name__, self.role)
1071 1071
1072 1072 def __json__(self):
1073 1073 data = {
1074 1074 'auth_token': self.api_key,
1075 1075 'role': self.role,
1076 1076 'scope': self.scope_humanized,
1077 1077 'expired': self.expired
1078 1078 }
1079 1079 return data
1080 1080
1081 1081 def get_api_data(self, include_secrets=False):
1082 1082 data = self.__json__()
1083 1083 if include_secrets:
1084 1084 return data
1085 1085 else:
1086 1086 data['auth_token'] = self.token_obfuscated
1087 1087 return data
1088 1088
1089 1089 @hybrid_property
1090 1090 def description_safe(self):
1091 1091 from rhodecode.lib import helpers as h
1092 1092 return h.escape(self.description)
1093 1093
1094 1094 @property
1095 1095 def expired(self):
1096 1096 if self.expires == -1:
1097 1097 return False
1098 1098 return time.time() > self.expires
1099 1099
1100 1100 @classmethod
1101 1101 def _get_role_name(cls, role):
1102 1102 return {
1103 1103 cls.ROLE_ALL: _('all'),
1104 1104 cls.ROLE_HTTP: _('http/web interface'),
1105 1105 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1106 1106 cls.ROLE_API: _('api calls'),
1107 1107 cls.ROLE_FEED: _('feed access'),
1108 1108 }.get(role, role)
1109 1109
1110 1110 @property
1111 1111 def role_humanized(self):
1112 1112 return self._get_role_name(self.role)
1113 1113
1114 1114 def _get_scope(self):
1115 1115 if self.repo:
1116 1116 return repr(self.repo)
1117 1117 if self.repo_group:
1118 1118 return repr(self.repo_group) + ' (recursive)'
1119 1119 return 'global'
1120 1120
1121 1121 @property
1122 1122 def scope_humanized(self):
1123 1123 return self._get_scope()
1124 1124
1125 1125 @property
1126 1126 def token_obfuscated(self):
1127 1127 if self.api_key:
1128 1128 return self.api_key[:4] + "****"
1129 1129
1130 1130
1131 1131 class UserEmailMap(Base, BaseModel):
1132 1132 __tablename__ = 'user_email_map'
1133 1133 __table_args__ = (
1134 1134 Index('uem_email_idx', 'email'),
1135 1135 UniqueConstraint('email'),
1136 1136 base_table_args
1137 1137 )
1138 1138 __mapper_args__ = {}
1139 1139
1140 1140 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1141 1141 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1142 1142 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1143 1143 user = relationship('User', lazy='joined')
1144 1144
1145 1145 @validates('_email')
1146 1146 def validate_email(self, key, email):
1147 1147 # check if this email is not main one
1148 1148 main_email = Session().query(User).filter(User.email == email).scalar()
1149 1149 if main_email is not None:
1150 1150 raise AttributeError('email %s is present is user table' % email)
1151 1151 return email
1152 1152
1153 1153 @hybrid_property
1154 1154 def email(self):
1155 1155 return self._email
1156 1156
1157 1157 @email.setter
1158 1158 def email(self, val):
1159 1159 self._email = val.lower() if val else None
1160 1160
1161 1161
1162 1162 class UserIpMap(Base, BaseModel):
1163 1163 __tablename__ = 'user_ip_map'
1164 1164 __table_args__ = (
1165 1165 UniqueConstraint('user_id', 'ip_addr'),
1166 1166 base_table_args
1167 1167 )
1168 1168 __mapper_args__ = {}
1169 1169
1170 1170 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1171 1171 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1172 1172 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1173 1173 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1174 1174 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1175 1175 user = relationship('User', lazy='joined')
1176 1176
1177 1177 @hybrid_property
1178 1178 def description_safe(self):
1179 1179 from rhodecode.lib import helpers as h
1180 1180 return h.escape(self.description)
1181 1181
1182 1182 @classmethod
1183 1183 def _get_ip_range(cls, ip_addr):
1184 1184 net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)
1185 1185 return [str(net.network_address), str(net.broadcast_address)]
1186 1186
1187 1187 def __json__(self):
1188 1188 return {
1189 1189 'ip_addr': self.ip_addr,
1190 1190 'ip_range': self._get_ip_range(self.ip_addr),
1191 1191 }
1192 1192
1193 1193 def __unicode__(self):
1194 1194 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1195 1195 self.user_id, self.ip_addr)
1196 1196
1197 1197
1198 1198 class UserSshKeys(Base, BaseModel):
1199 1199 __tablename__ = 'user_ssh_keys'
1200 1200 __table_args__ = (
1201 1201 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1202 1202
1203 1203 UniqueConstraint('ssh_key_fingerprint'),
1204 1204
1205 1205 base_table_args
1206 1206 )
1207 1207 __mapper_args__ = {}
1208 1208
1209 1209 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1210 1210 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1211 1211 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1212 1212
1213 1213 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1214 1214
1215 1215 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1216 1216 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1217 1217 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1218 1218
1219 1219 user = relationship('User', lazy='joined')
1220 1220
1221 1221 def __json__(self):
1222 1222 data = {
1223 1223 'ssh_fingerprint': self.ssh_key_fingerprint,
1224 1224 'description': self.description,
1225 1225 'created_on': self.created_on
1226 1226 }
1227 1227 return data
1228 1228
1229 1229 def get_api_data(self):
1230 1230 data = self.__json__()
1231 1231 return data
1232 1232
1233 1233
1234 1234 class UserLog(Base, BaseModel):
1235 1235 __tablename__ = 'user_logs'
1236 1236 __table_args__ = (
1237 1237 base_table_args,
1238 1238 )
1239 1239
1240 1240 VERSION_1 = 'v1'
1241 1241 VERSION_2 = 'v2'
1242 1242 VERSIONS = [VERSION_1, VERSION_2]
1243 1243
1244 1244 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1245 1245 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1246 1246 username = Column("username", String(255), nullable=True, unique=None, default=None)
1247 1247 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1248 1248 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1249 1249 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1250 1250 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1251 1251 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1252 1252
1253 1253 version = Column("version", String(255), nullable=True, default=VERSION_1)
1254 1254 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1255 1255 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1256 1256
1257 1257 def __unicode__(self):
1258 1258 return u"<%s('id:%s:%s')>" % (
1259 1259 self.__class__.__name__, self.repository_name, self.action)
1260 1260
1261 1261 def __json__(self):
1262 1262 return {
1263 1263 'user_id': self.user_id,
1264 1264 'username': self.username,
1265 1265 'repository_id': self.repository_id,
1266 1266 'repository_name': self.repository_name,
1267 1267 'user_ip': self.user_ip,
1268 1268 'action_date': self.action_date,
1269 1269 'action': self.action,
1270 1270 }
1271 1271
1272 1272 @hybrid_property
1273 1273 def entry_id(self):
1274 1274 return self.user_log_id
1275 1275
1276 1276 @property
1277 1277 def action_as_day(self):
1278 1278 return datetime.date(*self.action_date.timetuple()[:3])
1279 1279
1280 1280 user = relationship('User')
1281 1281 repository = relationship('Repository', cascade='')
1282 1282
1283 1283
1284 1284 class UserGroup(Base, BaseModel):
1285 1285 __tablename__ = 'users_groups'
1286 1286 __table_args__ = (
1287 1287 base_table_args,
1288 1288 )
1289 1289
1290 1290 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1291 1291 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1292 1292 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1293 1293 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1294 1294 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1295 1295 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1296 1296 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1297 1297 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1298 1298
1299 1299 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
1300 1300 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
1301 1301 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1302 1302 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
1303 1303 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
1304 1304 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
1305 1305
1306 1306 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')
1307 1307 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")
1308 1308
1309 1309 @classmethod
1310 1310 def _load_group_data(cls, column):
1311 1311 if not column:
1312 1312 return {}
1313 1313
1314 1314 try:
1315 1315 return json.loads(column) or {}
1316 1316 except TypeError:
1317 1317 return {}
1318 1318
1319 1319 @hybrid_property
1320 1320 def description_safe(self):
1321 1321 from rhodecode.lib import helpers as h
1322 1322 return h.escape(self.user_group_description)
1323 1323
1324 1324 @hybrid_property
1325 1325 def group_data(self):
1326 1326 return self._load_group_data(self._group_data)
1327 1327
1328 1328 @group_data.expression
1329 1329 def group_data(self, **kwargs):
1330 1330 return self._group_data
1331 1331
1332 1332 @group_data.setter
1333 1333 def group_data(self, val):
1334 1334 try:
1335 1335 self._group_data = json.dumps(val)
1336 1336 except Exception:
1337 1337 log.error(traceback.format_exc())
1338 1338
1339 1339 @classmethod
1340 1340 def _load_sync(cls, group_data):
1341 1341 if group_data:
1342 1342 return group_data.get('extern_type')
1343 1343
1344 1344 @property
1345 1345 def sync(self):
1346 1346 return self._load_sync(self.group_data)
1347 1347
1348 1348 def __unicode__(self):
1349 1349 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
1350 1350 self.users_group_id,
1351 1351 self.users_group_name)
1352 1352
1353 1353 @classmethod
1354 1354 def get_by_group_name(cls, group_name, cache=False,
1355 1355 case_insensitive=False):
1356 1356 if case_insensitive:
1357 1357 q = cls.query().filter(func.lower(cls.users_group_name) ==
1358 1358 func.lower(group_name))
1359 1359
1360 1360 else:
1361 1361 q = cls.query().filter(cls.users_group_name == group_name)
1362 1362 if cache:
1363 1363 q = q.options(
1364 1364 FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
1365 1365 return q.scalar()
1366 1366
1367 1367 @classmethod
1368 1368 def get(cls, user_group_id, cache=False):
1369 1369 if not user_group_id:
1370 1370 return
1371 1371
1372 1372 user_group = cls.query()
1373 1373 if cache:
1374 1374 user_group = user_group.options(
1375 1375 FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
1376 1376 return user_group.get(user_group_id)
1377 1377
1378 1378 def permissions(self, with_admins=True, with_owner=True):
1379 1379 """
1380 1380 Permissions for user groups
1381 1381 """
1382 1382 _admin_perm = 'usergroup.admin'
1383 1383
1384 1384 owner_row = []
1385 1385 if with_owner:
1386 1386 usr = AttributeDict(self.user.get_dict())
1387 1387 usr.owner_row = True
1388 1388 usr.permission = _admin_perm
1389 1389 owner_row.append(usr)
1390 1390
1391 1391 super_admin_ids = []
1392 1392 super_admin_rows = []
1393 1393 if with_admins:
1394 1394 for usr in User.get_all_super_admins():
1395 1395 super_admin_ids.append(usr.user_id)
1396 1396 # if this admin is also owner, don't double the record
1397 1397 if usr.user_id == owner_row[0].user_id:
1398 1398 owner_row[0].admin_row = True
1399 1399 else:
1400 1400 usr = AttributeDict(usr.get_dict())
1401 1401 usr.admin_row = True
1402 1402 usr.permission = _admin_perm
1403 1403 super_admin_rows.append(usr)
1404 1404
1405 1405 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1406 1406 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1407 1407 joinedload(UserUserGroupToPerm.user),
1408 1408 joinedload(UserUserGroupToPerm.permission),)
1409 1409
1410 1410 # get owners and admins and permissions. We do a trick of re-writing
1411 1411 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1412 1412 # has a global reference and changing one object propagates to all
1413 1413 # others. This means if admin is also an owner admin_row that change
1414 1414 # would propagate to both objects
1415 1415 perm_rows = []
1416 1416 for _usr in q.all():
1417 1417 usr = AttributeDict(_usr.user.get_dict())
1418 1418 # if this user is also owner/admin, mark as duplicate record
1419 1419 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1420 1420 usr.duplicate_perm = True
1421 1421 usr.permission = _usr.permission.permission_name
1422 1422 perm_rows.append(usr)
1423 1423
1424 1424 # filter the perm rows by 'default' first and then sort them by
1425 1425 # admin,write,read,none permissions sorted again alphabetically in
1426 1426 # each group
1427 1427 perm_rows = sorted(perm_rows, key=display_user_sort)
1428 1428
1429 1429 return super_admin_rows + owner_row + perm_rows
1430 1430
1431 1431 def permission_user_groups(self):
1432 1432 q = UserGroupUserGroupToPerm.query().filter(UserGroupUserGroupToPerm.target_user_group == self)
1433 1433 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1434 1434 joinedload(UserGroupUserGroupToPerm.target_user_group),
1435 1435 joinedload(UserGroupUserGroupToPerm.permission),)
1436 1436
1437 1437 perm_rows = []
1438 1438 for _user_group in q.all():
1439 1439 usr = AttributeDict(_user_group.user_group.get_dict())
1440 1440 usr.permission = _user_group.permission.permission_name
1441 1441 perm_rows.append(usr)
1442 1442
1443 1443 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1444 1444 return perm_rows
1445 1445
1446 1446 def _get_default_perms(self, user_group, suffix=''):
1447 1447 from rhodecode.model.permission import PermissionModel
1448 1448 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1449 1449
1450 1450 def get_default_perms(self, suffix=''):
1451 1451 return self._get_default_perms(self, suffix)
1452 1452
1453 1453 def get_api_data(self, with_group_members=True, include_secrets=False):
1454 1454 """
1455 1455 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1456 1456 basically forwarded.
1457 1457
1458 1458 """
1459 1459 user_group = self
1460 1460 data = {
1461 1461 'users_group_id': user_group.users_group_id,
1462 1462 'group_name': user_group.users_group_name,
1463 1463 'group_description': user_group.user_group_description,
1464 1464 'active': user_group.users_group_active,
1465 1465 'owner': user_group.user.username,
1466 1466 'sync': user_group.sync,
1467 1467 'owner_email': user_group.user.email,
1468 1468 }
1469 1469
1470 1470 if with_group_members:
1471 1471 users = []
1472 1472 for user in user_group.members:
1473 1473 user = user.user
1474 1474 users.append(user.get_api_data(include_secrets=include_secrets))
1475 1475 data['users'] = users
1476 1476
1477 1477 return data
1478 1478
1479 1479
1480 1480 class UserGroupMember(Base, BaseModel):
1481 1481 __tablename__ = 'users_groups_members'
1482 1482 __table_args__ = (
1483 1483 base_table_args,
1484 1484 )
1485 1485
1486 1486 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1487 1487 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1488 1488 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1489 1489
1490 1490 user = relationship('User', lazy='joined')
1491 1491 users_group = relationship('UserGroup')
1492 1492
1493 1493 def __init__(self, gr_id='', u_id=''):
1494 1494 self.users_group_id = gr_id
1495 1495 self.user_id = u_id
1496 1496
1497 1497
1498 1498 class RepositoryField(Base, BaseModel):
1499 1499 __tablename__ = 'repositories_fields'
1500 1500 __table_args__ = (
1501 1501 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1502 1502 base_table_args,
1503 1503 )
1504 1504
1505 1505 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1506 1506
1507 1507 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1508 1508 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1509 1509 field_key = Column("field_key", String(250))
1510 1510 field_label = Column("field_label", String(1024), nullable=False)
1511 1511 field_value = Column("field_value", String(10000), nullable=False)
1512 1512 field_desc = Column("field_desc", String(1024), nullable=False)
1513 1513 field_type = Column("field_type", String(255), nullable=False, unique=None)
1514 1514 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1515 1515
1516 1516 repository = relationship('Repository')
1517 1517
1518 1518 @property
1519 1519 def field_key_prefixed(self):
1520 1520 return 'ex_%s' % self.field_key
1521 1521
1522 1522 @classmethod
1523 1523 def un_prefix_key(cls, key):
1524 1524 if key.startswith(cls.PREFIX):
1525 1525 return key[len(cls.PREFIX):]
1526 1526 return key
1527 1527
1528 1528 @classmethod
1529 1529 def get_by_key_name(cls, key, repo):
1530 1530 row = cls.query()\
1531 1531 .filter(cls.repository == repo)\
1532 1532 .filter(cls.field_key == key).scalar()
1533 1533 return row
1534 1534
1535 1535
1536 1536 class Repository(Base, BaseModel):
1537 1537 __tablename__ = 'repositories'
1538 1538 __table_args__ = (
1539 1539 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1540 1540 base_table_args,
1541 1541 )
1542 1542 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1543 1543 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1544 1544 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1545 1545
1546 1546 STATE_CREATED = 'repo_state_created'
1547 1547 STATE_PENDING = 'repo_state_pending'
1548 1548 STATE_ERROR = 'repo_state_error'
1549 1549
1550 1550 LOCK_AUTOMATIC = 'lock_auto'
1551 1551 LOCK_API = 'lock_api'
1552 1552 LOCK_WEB = 'lock_web'
1553 1553 LOCK_PULL = 'lock_pull'
1554 1554
1555 1555 NAME_SEP = URL_SEP
1556 1556
1557 1557 repo_id = Column(
1558 1558 "repo_id", Integer(), nullable=False, unique=True, default=None,
1559 1559 primary_key=True)
1560 1560 _repo_name = Column(
1561 1561 "repo_name", Text(), nullable=False, default=None)
1562 1562 _repo_name_hash = Column(
1563 1563 "repo_name_hash", String(255), nullable=False, unique=True)
1564 1564 repo_state = Column("repo_state", String(255), nullable=True)
1565 1565
1566 1566 clone_uri = Column(
1567 1567 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1568 1568 default=None)
1569 1569 push_uri = Column(
1570 1570 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1571 1571 default=None)
1572 1572 repo_type = Column(
1573 1573 "repo_type", String(255), nullable=False, unique=False, default=None)
1574 1574 user_id = Column(
1575 1575 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1576 1576 unique=False, default=None)
1577 1577 private = Column(
1578 1578 "private", Boolean(), nullable=True, unique=None, default=None)
1579 1579 enable_statistics = Column(
1580 1580 "statistics", Boolean(), nullable=True, unique=None, default=True)
1581 1581 enable_downloads = Column(
1582 1582 "downloads", Boolean(), nullable=True, unique=None, default=True)
1583 1583 description = Column(
1584 1584 "description", String(10000), nullable=True, unique=None, default=None)
1585 1585 created_on = Column(
1586 1586 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1587 1587 default=datetime.datetime.now)
1588 1588 updated_on = Column(
1589 1589 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1590 1590 default=datetime.datetime.now)
1591 1591 _landing_revision = Column(
1592 1592 "landing_revision", String(255), nullable=False, unique=False,
1593 1593 default=None)
1594 1594 enable_locking = Column(
1595 1595 "enable_locking", Boolean(), nullable=False, unique=None,
1596 1596 default=False)
1597 1597 _locked = Column(
1598 1598 "locked", String(255), nullable=True, unique=False, default=None)
1599 1599 _changeset_cache = Column(
1600 1600 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1601 1601
1602 1602 fork_id = Column(
1603 1603 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1604 1604 nullable=True, unique=False, default=None)
1605 1605 group_id = Column(
1606 1606 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1607 1607 unique=False, default=None)
1608 1608
1609 1609 user = relationship('User', lazy='joined')
1610 1610 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1611 1611 group = relationship('RepoGroup', lazy='joined')
1612 1612 repo_to_perm = relationship(
1613 1613 'UserRepoToPerm', cascade='all',
1614 1614 order_by='UserRepoToPerm.repo_to_perm_id')
1615 1615 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1616 1616 stats = relationship('Statistics', cascade='all', uselist=False)
1617 1617
1618 1618 followers = relationship(
1619 1619 'UserFollowing',
1620 1620 primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
1621 1621 cascade='all')
1622 1622 extra_fields = relationship(
1623 1623 'RepositoryField', cascade="all, delete, delete-orphan")
1624 1624 logs = relationship('UserLog')
1625 1625 comments = relationship(
1626 1626 'ChangesetComment', cascade="all, delete, delete-orphan")
1627 1627 pull_requests_source = relationship(
1628 1628 'PullRequest',
1629 1629 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1630 1630 cascade="all, delete, delete-orphan")
1631 1631 pull_requests_target = relationship(
1632 1632 'PullRequest',
1633 1633 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1634 1634 cascade="all, delete, delete-orphan")
1635 1635 ui = relationship('RepoRhodeCodeUi', cascade="all")
1636 1636 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1637 1637 integrations = relationship('Integration',
1638 1638 cascade="all, delete, delete-orphan")
1639 1639
1640 1640 scoped_tokens = relationship('UserApiKeys', cascade="all")
1641 1641
1642 1642 def __unicode__(self):
1643 1643 return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
1644 1644 safe_unicode(self.repo_name))
1645 1645
1646 1646 @hybrid_property
1647 1647 def description_safe(self):
1648 1648 from rhodecode.lib import helpers as h
1649 1649 return h.escape(self.description)
1650 1650
1651 1651 @hybrid_property
1652 1652 def landing_rev(self):
1653 1653 # always should return [rev_type, rev]
1654 1654 if self._landing_revision:
1655 1655 _rev_info = self._landing_revision.split(':')
1656 1656 if len(_rev_info) < 2:
1657 1657 _rev_info.insert(0, 'rev')
1658 1658 return [_rev_info[0], _rev_info[1]]
1659 1659 return [None, None]
1660 1660
1661 1661 @landing_rev.setter
1662 1662 def landing_rev(self, val):
1663 1663 if ':' not in val:
1664 1664 raise ValueError('value must be delimited with `:` and consist '
1665 1665 'of <rev_type>:<rev>, got %s instead' % val)
1666 1666 self._landing_revision = val
1667 1667
1668 1668 @hybrid_property
1669 1669 def locked(self):
1670 1670 if self._locked:
1671 1671 user_id, timelocked, reason = self._locked.split(':')
1672 1672 lock_values = int(user_id), timelocked, reason
1673 1673 else:
1674 1674 lock_values = [None, None, None]
1675 1675 return lock_values
1676 1676
1677 1677 @locked.setter
1678 1678 def locked(self, val):
1679 1679 if val and isinstance(val, (list, tuple)):
1680 1680 self._locked = ':'.join(map(str, val))
1681 1681 else:
1682 1682 self._locked = None
1683 1683
1684 1684 @hybrid_property
1685 1685 def changeset_cache(self):
1686 1686 from rhodecode.lib.vcs.backends.base import EmptyCommit
1687 1687 dummy = EmptyCommit().__json__()
1688 1688 if not self._changeset_cache:
1689 1689 return dummy
1690 1690 try:
1691 1691 return json.loads(self._changeset_cache)
1692 1692 except TypeError:
1693 1693 return dummy
1694 1694 except Exception:
1695 1695 log.error(traceback.format_exc())
1696 1696 return dummy
1697 1697
1698 1698 @changeset_cache.setter
1699 1699 def changeset_cache(self, val):
1700 1700 try:
1701 1701 self._changeset_cache = json.dumps(val)
1702 1702 except Exception:
1703 1703 log.error(traceback.format_exc())
1704 1704
1705 1705 @hybrid_property
1706 1706 def repo_name(self):
1707 1707 return self._repo_name
1708 1708
1709 1709 @repo_name.setter
1710 1710 def repo_name(self, value):
1711 1711 self._repo_name = value
1712 1712 self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
1713 1713
1714 1714 @classmethod
1715 1715 def normalize_repo_name(cls, repo_name):
1716 1716 """
1717 1717 Normalizes os specific repo_name to the format internally stored inside
1718 1718 database using URL_SEP
1719 1719
1720 1720 :param cls:
1721 1721 :param repo_name:
1722 1722 """
1723 1723 return cls.NAME_SEP.join(repo_name.split(os.sep))
1724 1724
1725 1725 @classmethod
1726 1726 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1727 1727 session = Session()
1728 1728 q = session.query(cls).filter(cls.repo_name == repo_name)
1729 1729
1730 1730 if cache:
1731 1731 if identity_cache:
1732 1732 val = cls.identity_cache(session, 'repo_name', repo_name)
1733 1733 if val:
1734 1734 return val
1735 1735 else:
1736 1736 cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
1737 1737 q = q.options(
1738 1738 FromCache("sql_cache_short", cache_key))
1739 1739
1740 1740 return q.scalar()
1741 1741
1742 1742 @classmethod
1743 1743 def get_by_id_or_repo_name(cls, repoid):
1744 1744 if isinstance(repoid, (int, long)):
1745 1745 try:
1746 1746 repo = cls.get(repoid)
1747 1747 except ValueError:
1748 1748 repo = None
1749 1749 else:
1750 1750 repo = cls.get_by_repo_name(repoid)
1751 1751 return repo
1752 1752
1753 1753 @classmethod
1754 1754 def get_by_full_path(cls, repo_full_path):
1755 1755 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1756 1756 repo_name = cls.normalize_repo_name(repo_name)
1757 1757 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1758 1758
1759 1759 @classmethod
1760 1760 def get_repo_forks(cls, repo_id):
1761 1761 return cls.query().filter(Repository.fork_id == repo_id)
1762 1762
1763 1763 @classmethod
1764 1764 def base_path(cls):
1765 1765 """
1766 1766 Returns base path when all repos are stored
1767 1767
1768 1768 :param cls:
1769 1769 """
1770 1770 q = Session().query(RhodeCodeUi)\
1771 1771 .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
1772 1772 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1773 1773 return q.one().ui_value
1774 1774
1775 1775 @classmethod
1776 1776 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1777 1777 case_insensitive=True):
1778 1778 q = Repository.query()
1779 1779
1780 1780 if not isinstance(user_id, Optional):
1781 1781 q = q.filter(Repository.user_id == user_id)
1782 1782
1783 1783 if not isinstance(group_id, Optional):
1784 1784 q = q.filter(Repository.group_id == group_id)
1785 1785
1786 1786 if case_insensitive:
1787 1787 q = q.order_by(func.lower(Repository.repo_name))
1788 1788 else:
1789 1789 q = q.order_by(Repository.repo_name)
1790 1790 return q.all()
1791 1791
1792 1792 @property
1793 1793 def forks(self):
1794 1794 """
1795 1795 Return forks of this repo
1796 1796 """
1797 1797 return Repository.get_repo_forks(self.repo_id)
1798 1798
1799 1799 @property
1800 1800 def parent(self):
1801 1801 """
1802 1802 Returns fork parent
1803 1803 """
1804 1804 return self.fork
1805 1805
1806 1806 @property
1807 1807 def just_name(self):
1808 1808 return self.repo_name.split(self.NAME_SEP)[-1]
1809 1809
1810 1810 @property
1811 1811 def groups_with_parents(self):
1812 1812 groups = []
1813 1813 if self.group is None:
1814 1814 return groups
1815 1815
1816 1816 cur_gr = self.group
1817 1817 groups.insert(0, cur_gr)
1818 1818 while 1:
1819 1819 gr = getattr(cur_gr, 'parent_group', None)
1820 1820 cur_gr = cur_gr.parent_group
1821 1821 if gr is None:
1822 1822 break
1823 1823 groups.insert(0, gr)
1824 1824
1825 1825 return groups
1826 1826
1827 1827 @property
1828 1828 def groups_and_repo(self):
1829 1829 return self.groups_with_parents, self
1830 1830
1831 1831 @LazyProperty
1832 1832 def repo_path(self):
1833 1833 """
1834 1834 Returns base full path for that repository means where it actually
1835 1835 exists on a filesystem
1836 1836 """
1837 1837 q = Session().query(RhodeCodeUi).filter(
1838 1838 RhodeCodeUi.ui_key == self.NAME_SEP)
1839 1839 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1840 1840 return q.one().ui_value
1841 1841
1842 1842 @property
1843 1843 def repo_full_path(self):
1844 1844 p = [self.repo_path]
1845 1845 # we need to split the name by / since this is how we store the
1846 1846 # names in the database, but that eventually needs to be converted
1847 1847 # into a valid system path
1848 1848 p += self.repo_name.split(self.NAME_SEP)
1849 1849 return os.path.join(*map(safe_unicode, p))
1850 1850
1851 1851 @property
1852 1852 def cache_keys(self):
1853 1853 """
1854 1854 Returns associated cache keys for that repo
1855 1855 """
1856 1856 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
1857 1857 repo_id=self.repo_id)
1858 1858 return CacheKey.query()\
1859 1859 .filter(CacheKey.cache_args == invalidation_namespace)\
1860 1860 .order_by(CacheKey.cache_key)\
1861 1861 .all()
1862 1862
1863 1863 @property
1864 1864 def cached_diffs_relative_dir(self):
1865 1865 """
1866 1866 Return a relative to the repository store path of cached diffs
1867 1867 used for safe display for users, who shouldn't know the absolute store
1868 1868 path
1869 1869 """
1870 1870 return os.path.join(
1871 1871 os.path.dirname(self.repo_name),
1872 1872 self.cached_diffs_dir.split(os.path.sep)[-1])
1873 1873
1874 1874 @property
1875 1875 def cached_diffs_dir(self):
1876 1876 path = self.repo_full_path
1877 1877 return os.path.join(
1878 1878 os.path.dirname(path),
1879 1879 '.__shadow_diff_cache_repo_{}'.format(self.repo_id))
1880 1880
1881 1881 def cached_diffs(self):
1882 1882 diff_cache_dir = self.cached_diffs_dir
1883 1883 if os.path.isdir(diff_cache_dir):
1884 1884 return os.listdir(diff_cache_dir)
1885 1885 return []
1886 1886
1887 1887 def shadow_repos(self):
1888 1888 shadow_repos_pattern = '.__shadow_repo_{}'.format(self.repo_id)
1889 1889 return [
1890 1890 x for x in os.listdir(os.path.dirname(self.repo_full_path))
1891 1891 if x.startswith(shadow_repos_pattern)]
1892 1892
1893 1893 def get_new_name(self, repo_name):
1894 1894 """
1895 1895 returns new full repository name based on assigned group and new new
1896 1896
1897 1897 :param group_name:
1898 1898 """
1899 1899 path_prefix = self.group.full_path_splitted if self.group else []
1900 1900 return self.NAME_SEP.join(path_prefix + [repo_name])
1901 1901
1902 1902 @property
1903 1903 def _config(self):
1904 1904 """
1905 1905 Returns db based config object.
1906 1906 """
1907 1907 from rhodecode.lib.utils import make_db_config
1908 1908 return make_db_config(clear_session=False, repo=self)
1909 1909
1910 1910 def permissions(self, with_admins=True, with_owner=True):
1911 1911 """
1912 1912 Permissions for repositories
1913 1913 """
1914 1914 _admin_perm = 'repository.admin'
1915 1915
1916 1916 owner_row = []
1917 1917 if with_owner:
1918 1918 usr = AttributeDict(self.user.get_dict())
1919 1919 usr.owner_row = True
1920 1920 usr.permission = _admin_perm
1921 1921 usr.permission_id = None
1922 1922 owner_row.append(usr)
1923 1923
1924 1924 super_admin_ids = []
1925 1925 super_admin_rows = []
1926 1926 if with_admins:
1927 1927 for usr in User.get_all_super_admins():
1928 1928 super_admin_ids.append(usr.user_id)
1929 1929 # if this admin is also owner, don't double the record
1930 1930 if usr.user_id == owner_row[0].user_id:
1931 1931 owner_row[0].admin_row = True
1932 1932 else:
1933 1933 usr = AttributeDict(usr.get_dict())
1934 1934 usr.admin_row = True
1935 1935 usr.permission = _admin_perm
1936 1936 usr.permission_id = None
1937 1937 super_admin_rows.append(usr)
1938 1938
1939 1939 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
1940 1940 q = q.options(joinedload(UserRepoToPerm.repository),
1941 1941 joinedload(UserRepoToPerm.user),
1942 1942 joinedload(UserRepoToPerm.permission),)
1943 1943
1944 1944 # get owners and admins and permissions. We do a trick of re-writing
1945 1945 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1946 1946 # has a global reference and changing one object propagates to all
1947 1947 # others. This means if admin is also an owner admin_row that change
1948 1948 # would propagate to both objects
1949 1949 perm_rows = []
1950 1950 for _usr in q.all():
1951 1951 usr = AttributeDict(_usr.user.get_dict())
1952 1952 # if this user is also owner/admin, mark as duplicate record
1953 1953 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1954 1954 usr.duplicate_perm = True
1955 # also check if this permission is maybe used by branch_permissions
1956 if _usr.branch_perm_entry:
1957 usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]
1958
1955 1959 usr.permission = _usr.permission.permission_name
1956 1960 usr.permission_id = _usr.repo_to_perm_id
1957 1961 perm_rows.append(usr)
1958 1962
1959 1963 # filter the perm rows by 'default' first and then sort them by
1960 1964 # admin,write,read,none permissions sorted again alphabetically in
1961 1965 # each group
1962 1966 perm_rows = sorted(perm_rows, key=display_user_sort)
1963 1967
1964 1968 return super_admin_rows + owner_row + perm_rows
1965 1969
1966 1970 def permission_user_groups(self):
1967 1971 q = UserGroupRepoToPerm.query().filter(
1968 1972 UserGroupRepoToPerm.repository == self)
1969 1973 q = q.options(joinedload(UserGroupRepoToPerm.repository),
1970 1974 joinedload(UserGroupRepoToPerm.users_group),
1971 1975 joinedload(UserGroupRepoToPerm.permission),)
1972 1976
1973 1977 perm_rows = []
1974 1978 for _user_group in q.all():
1975 1979 usr = AttributeDict(_user_group.users_group.get_dict())
1976 1980 usr.permission = _user_group.permission.permission_name
1977 1981 perm_rows.append(usr)
1978 1982
1979 1983 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1980 1984 return perm_rows
1981 1985
1982 1986 def get_api_data(self, include_secrets=False):
1983 1987 """
1984 1988 Common function for generating repo api data
1985 1989
1986 1990 :param include_secrets: See :meth:`User.get_api_data`.
1987 1991
1988 1992 """
1989 1993 # TODO: mikhail: Here there is an anti-pattern, we probably need to
1990 1994 # move this methods on models level.
1991 1995 from rhodecode.model.settings import SettingsModel
1992 1996 from rhodecode.model.repo import RepoModel
1993 1997
1994 1998 repo = self
1995 1999 _user_id, _time, _reason = self.locked
1996 2000
1997 2001 data = {
1998 2002 'repo_id': repo.repo_id,
1999 2003 'repo_name': repo.repo_name,
2000 2004 'repo_type': repo.repo_type,
2001 2005 'clone_uri': repo.clone_uri or '',
2002 2006 'push_uri': repo.push_uri or '',
2003 2007 'url': RepoModel().get_url(self),
2004 2008 'private': repo.private,
2005 2009 'created_on': repo.created_on,
2006 2010 'description': repo.description_safe,
2007 2011 'landing_rev': repo.landing_rev,
2008 2012 'owner': repo.user.username,
2009 2013 'fork_of': repo.fork.repo_name if repo.fork else None,
2010 2014 'fork_of_id': repo.fork.repo_id if repo.fork else None,
2011 2015 'enable_statistics': repo.enable_statistics,
2012 2016 'enable_locking': repo.enable_locking,
2013 2017 'enable_downloads': repo.enable_downloads,
2014 2018 'last_changeset': repo.changeset_cache,
2015 2019 'locked_by': User.get(_user_id).get_api_data(
2016 2020 include_secrets=include_secrets) if _user_id else None,
2017 2021 'locked_date': time_to_datetime(_time) if _time else None,
2018 2022 'lock_reason': _reason if _reason else None,
2019 2023 }
2020 2024
2021 2025 # TODO: mikhail: should be per-repo settings here
2022 2026 rc_config = SettingsModel().get_all_settings()
2023 2027 repository_fields = str2bool(
2024 2028 rc_config.get('rhodecode_repository_fields'))
2025 2029 if repository_fields:
2026 2030 for f in self.extra_fields:
2027 2031 data[f.field_key_prefixed] = f.field_value
2028 2032
2029 2033 return data
2030 2034
2031 2035 @classmethod
2032 2036 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2033 2037 if not lock_time:
2034 2038 lock_time = time.time()
2035 2039 if not lock_reason:
2036 2040 lock_reason = cls.LOCK_AUTOMATIC
2037 2041 repo.locked = [user_id, lock_time, lock_reason]
2038 2042 Session().add(repo)
2039 2043 Session().commit()
2040 2044
2041 2045 @classmethod
2042 2046 def unlock(cls, repo):
2043 2047 repo.locked = None
2044 2048 Session().add(repo)
2045 2049 Session().commit()
2046 2050
2047 2051 @classmethod
2048 2052 def getlock(cls, repo):
2049 2053 return repo.locked
2050 2054
2051 2055 def is_user_lock(self, user_id):
2052 2056 if self.lock[0]:
2053 2057 lock_user_id = safe_int(self.lock[0])
2054 2058 user_id = safe_int(user_id)
2055 2059 # both are ints, and they are equal
2056 2060 return all([lock_user_id, user_id]) and lock_user_id == user_id
2057 2061
2058 2062 return False
2059 2063
2060 2064 def get_locking_state(self, action, user_id, only_when_enabled=True):
2061 2065 """
2062 2066 Checks locking on this repository, if locking is enabled and lock is
2063 2067 present returns a tuple of make_lock, locked, locked_by.
2064 2068 make_lock can have 3 states None (do nothing) True, make lock
2065 2069 False release lock, This value is later propagated to hooks, which
2066 2070 do the locking. Think about this as signals passed to hooks what to do.
2067 2071
2068 2072 """
2069 2073 # TODO: johbo: This is part of the business logic and should be moved
2070 2074 # into the RepositoryModel.
2071 2075
2072 2076 if action not in ('push', 'pull'):
2073 2077 raise ValueError("Invalid action value: %s" % repr(action))
2074 2078
2075 2079 # defines if locked error should be thrown to user
2076 2080 currently_locked = False
2077 2081 # defines if new lock should be made, tri-state
2078 2082 make_lock = None
2079 2083 repo = self
2080 2084 user = User.get(user_id)
2081 2085
2082 2086 lock_info = repo.locked
2083 2087
2084 2088 if repo and (repo.enable_locking or not only_when_enabled):
2085 2089 if action == 'push':
2086 2090 # check if it's already locked !, if it is compare users
2087 2091 locked_by_user_id = lock_info[0]
2088 2092 if user.user_id == locked_by_user_id:
2089 2093 log.debug(
2090 2094 'Got `push` action from user %s, now unlocking', user)
2091 2095 # unlock if we have push from user who locked
2092 2096 make_lock = False
2093 2097 else:
2094 2098 # we're not the same user who locked, ban with
2095 2099 # code defined in settings (default is 423 HTTP Locked) !
2096 2100 log.debug('Repo %s is currently locked by %s', repo, user)
2097 2101 currently_locked = True
2098 2102 elif action == 'pull':
2099 2103 # [0] user [1] date
2100 2104 if lock_info[0] and lock_info[1]:
2101 2105 log.debug('Repo %s is currently locked by %s', repo, user)
2102 2106 currently_locked = True
2103 2107 else:
2104 2108 log.debug('Setting lock on repo %s by %s', repo, user)
2105 2109 make_lock = True
2106 2110
2107 2111 else:
2108 2112 log.debug('Repository %s do not have locking enabled', repo)
2109 2113
2110 2114 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2111 2115 make_lock, currently_locked, lock_info)
2112 2116
2113 2117 from rhodecode.lib.auth import HasRepoPermissionAny
2114 2118 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2115 2119 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2116 2120 # if we don't have at least write permission we cannot make a lock
2117 2121 log.debug('lock state reset back to FALSE due to lack '
2118 2122 'of at least read permission')
2119 2123 make_lock = False
2120 2124
2121 2125 return make_lock, currently_locked, lock_info
2122 2126
2123 2127 @property
2124 2128 def last_db_change(self):
2125 2129 return self.updated_on
2126 2130
2127 2131 @property
2128 2132 def clone_uri_hidden(self):
2129 2133 clone_uri = self.clone_uri
2130 2134 if clone_uri:
2131 2135 import urlobject
2132 2136 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2133 2137 if url_obj.password:
2134 2138 clone_uri = url_obj.with_password('*****')
2135 2139 return clone_uri
2136 2140
2137 2141 @property
2138 2142 def push_uri_hidden(self):
2139 2143 push_uri = self.push_uri
2140 2144 if push_uri:
2141 2145 import urlobject
2142 2146 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2143 2147 if url_obj.password:
2144 2148 push_uri = url_obj.with_password('*****')
2145 2149 return push_uri
2146 2150
2147 2151 def clone_url(self, **override):
2148 2152 from rhodecode.model.settings import SettingsModel
2149 2153
2150 2154 uri_tmpl = None
2151 2155 if 'with_id' in override:
2152 2156 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2153 2157 del override['with_id']
2154 2158
2155 2159 if 'uri_tmpl' in override:
2156 2160 uri_tmpl = override['uri_tmpl']
2157 2161 del override['uri_tmpl']
2158 2162
2159 2163 ssh = False
2160 2164 if 'ssh' in override:
2161 2165 ssh = True
2162 2166 del override['ssh']
2163 2167
2164 2168 # we didn't override our tmpl from **overrides
2165 2169 if not uri_tmpl:
2166 2170 rc_config = SettingsModel().get_all_settings(cache=True)
2167 2171 if ssh:
2168 2172 uri_tmpl = rc_config.get(
2169 2173 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2170 2174 else:
2171 2175 uri_tmpl = rc_config.get(
2172 2176 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2173 2177
2174 2178 request = get_current_request()
2175 2179 return get_clone_url(request=request,
2176 2180 uri_tmpl=uri_tmpl,
2177 2181 repo_name=self.repo_name,
2178 2182 repo_id=self.repo_id, **override)
2179 2183
2180 2184 def set_state(self, state):
2181 2185 self.repo_state = state
2182 2186 Session().add(self)
2183 2187 #==========================================================================
2184 2188 # SCM PROPERTIES
2185 2189 #==========================================================================
2186 2190
2187 2191 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
2188 2192 return get_commit_safe(
2189 2193 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
2190 2194
2191 2195 def get_changeset(self, rev=None, pre_load=None):
2192 2196 warnings.warn("Use get_commit", DeprecationWarning)
2193 2197 commit_id = None
2194 2198 commit_idx = None
2195 2199 if isinstance(rev, basestring):
2196 2200 commit_id = rev
2197 2201 else:
2198 2202 commit_idx = rev
2199 2203 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2200 2204 pre_load=pre_load)
2201 2205
2202 2206 def get_landing_commit(self):
2203 2207 """
2204 2208 Returns landing commit, or if that doesn't exist returns the tip
2205 2209 """
2206 2210 _rev_type, _rev = self.landing_rev
2207 2211 commit = self.get_commit(_rev)
2208 2212 if isinstance(commit, EmptyCommit):
2209 2213 return self.get_commit()
2210 2214 return commit
2211 2215
2212 2216 def update_commit_cache(self, cs_cache=None, config=None):
2213 2217 """
2214 2218 Update cache of last changeset for repository, keys should be::
2215 2219
2216 2220 short_id
2217 2221 raw_id
2218 2222 revision
2219 2223 parents
2220 2224 message
2221 2225 date
2222 2226 author
2223 2227
2224 2228 :param cs_cache:
2225 2229 """
2226 2230 from rhodecode.lib.vcs.backends.base import BaseChangeset
2227 2231 if cs_cache is None:
2228 2232 # use no-cache version here
2229 2233 scm_repo = self.scm_instance(cache=False, config=config)
2230 2234
2231 2235 empty = scm_repo.is_empty()
2232 2236 if not empty:
2233 2237 cs_cache = scm_repo.get_commit(
2234 2238 pre_load=["author", "date", "message", "parents"])
2235 2239 else:
2236 2240 cs_cache = EmptyCommit()
2237 2241
2238 2242 if isinstance(cs_cache, BaseChangeset):
2239 2243 cs_cache = cs_cache.__json__()
2240 2244
2241 2245 def is_outdated(new_cs_cache):
2242 2246 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2243 2247 new_cs_cache['revision'] != self.changeset_cache['revision']):
2244 2248 return True
2245 2249 return False
2246 2250
2247 2251 # check if we have maybe already latest cached revision
2248 2252 if is_outdated(cs_cache) or not self.changeset_cache:
2249 2253 _default = datetime.datetime.utcnow()
2250 2254 last_change = cs_cache.get('date') or _default
2251 2255 if self.updated_on and self.updated_on > last_change:
2252 2256 # we check if last update is newer than the new value
2253 2257 # if yes, we use the current timestamp instead. Imagine you get
2254 2258 # old commit pushed 1y ago, we'd set last update 1y to ago.
2255 2259 last_change = _default
2256 2260 log.debug('updated repo %s with new cs cache %s',
2257 2261 self.repo_name, cs_cache)
2258 2262 self.updated_on = last_change
2259 2263 self.changeset_cache = cs_cache
2260 2264 Session().add(self)
2261 2265 Session().commit()
2262 2266 else:
2263 2267 log.debug('Skipping update_commit_cache for repo:`%s` '
2264 2268 'commit already with latest changes', self.repo_name)
2265 2269
2266 2270 @property
2267 2271 def tip(self):
2268 2272 return self.get_commit('tip')
2269 2273
2270 2274 @property
2271 2275 def author(self):
2272 2276 return self.tip.author
2273 2277
2274 2278 @property
2275 2279 def last_change(self):
2276 2280 return self.scm_instance().last_change
2277 2281
2278 2282 def get_comments(self, revisions=None):
2279 2283 """
2280 2284 Returns comments for this repository grouped by revisions
2281 2285
2282 2286 :param revisions: filter query by revisions only
2283 2287 """
2284 2288 cmts = ChangesetComment.query()\
2285 2289 .filter(ChangesetComment.repo == self)
2286 2290 if revisions:
2287 2291 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2288 2292 grouped = collections.defaultdict(list)
2289 2293 for cmt in cmts.all():
2290 2294 grouped[cmt.revision].append(cmt)
2291 2295 return grouped
2292 2296
2293 2297 def statuses(self, revisions=None):
2294 2298 """
2295 2299 Returns statuses for this repository
2296 2300
2297 2301 :param revisions: list of revisions to get statuses for
2298 2302 """
2299 2303 statuses = ChangesetStatus.query()\
2300 2304 .filter(ChangesetStatus.repo == self)\
2301 2305 .filter(ChangesetStatus.version == 0)
2302 2306
2303 2307 if revisions:
2304 2308 # Try doing the filtering in chunks to avoid hitting limits
2305 2309 size = 500
2306 2310 status_results = []
2307 2311 for chunk in xrange(0, len(revisions), size):
2308 2312 status_results += statuses.filter(
2309 2313 ChangesetStatus.revision.in_(
2310 2314 revisions[chunk: chunk+size])
2311 2315 ).all()
2312 2316 else:
2313 2317 status_results = statuses.all()
2314 2318
2315 2319 grouped = {}
2316 2320
2317 2321 # maybe we have open new pullrequest without a status?
2318 2322 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2319 2323 status_lbl = ChangesetStatus.get_status_lbl(stat)
2320 2324 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2321 2325 for rev in pr.revisions:
2322 2326 pr_id = pr.pull_request_id
2323 2327 pr_repo = pr.target_repo.repo_name
2324 2328 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2325 2329
2326 2330 for stat in status_results:
2327 2331 pr_id = pr_repo = None
2328 2332 if stat.pull_request:
2329 2333 pr_id = stat.pull_request.pull_request_id
2330 2334 pr_repo = stat.pull_request.target_repo.repo_name
2331 2335 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2332 2336 pr_id, pr_repo]
2333 2337 return grouped
2334 2338
2335 2339 # ==========================================================================
2336 2340 # SCM CACHE INSTANCE
2337 2341 # ==========================================================================
2338 2342
2339 2343 def scm_instance(self, **kwargs):
2340 2344 import rhodecode
2341 2345
2342 2346 # Passing a config will not hit the cache currently only used
2343 2347 # for repo2dbmapper
2344 2348 config = kwargs.pop('config', None)
2345 2349 cache = kwargs.pop('cache', None)
2346 2350 full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
2347 2351 # if cache is NOT defined use default global, else we have a full
2348 2352 # control over cache behaviour
2349 2353 if cache is None and full_cache and not config:
2350 2354 return self._get_instance_cached()
2351 2355 return self._get_instance(cache=bool(cache), config=config)
2352 2356
2353 2357 def _get_instance_cached(self):
2354 2358 from rhodecode.lib import rc_cache
2355 2359
2356 2360 cache_namespace_uid = 'cache_repo_instance.{}'.format(self.repo_id)
2357 2361 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
2358 2362 repo_id=self.repo_id)
2359 2363 region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
2360 2364
2361 2365 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
2362 2366 def get_instance_cached(repo_id, context_id):
2363 2367 return self._get_instance()
2364 2368
2365 2369 # we must use thread scoped cache here,
2366 2370 # because each thread of gevent needs it's own not shared connection and cache
2367 2371 # we also alter `args` so the cache key is individual for every green thread.
2368 2372 inv_context_manager = rc_cache.InvalidationContext(
2369 2373 uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace,
2370 2374 thread_scoped=True)
2371 2375 with inv_context_manager as invalidation_context:
2372 2376 args = (self.repo_id, inv_context_manager.cache_key)
2373 2377 # re-compute and store cache if we get invalidate signal
2374 2378 if invalidation_context.should_invalidate():
2375 2379 instance = get_instance_cached.refresh(*args)
2376 2380 else:
2377 2381 instance = get_instance_cached(*args)
2378 2382
2379 2383 log.debug(
2380 2384 'Repo instance fetched in %.3fs', inv_context_manager.compute_time)
2381 2385 return instance
2382 2386
2383 2387 def _get_instance(self, cache=True, config=None):
2384 2388 config = config or self._config
2385 2389 custom_wire = {
2386 2390 'cache': cache # controls the vcs.remote cache
2387 2391 }
2388 2392 repo = get_vcs_instance(
2389 2393 repo_path=safe_str(self.repo_full_path),
2390 2394 config=config,
2391 2395 with_wire=custom_wire,
2392 2396 create=False,
2393 2397 _vcs_alias=self.repo_type)
2394 2398
2395 2399 return repo
2396 2400
2397 2401 def __json__(self):
2398 2402 return {'landing_rev': self.landing_rev}
2399 2403
2400 2404 def get_dict(self):
2401 2405
2402 2406 # Since we transformed `repo_name` to a hybrid property, we need to
2403 2407 # keep compatibility with the code which uses `repo_name` field.
2404 2408
2405 2409 result = super(Repository, self).get_dict()
2406 2410 result['repo_name'] = result.pop('_repo_name', None)
2407 2411 return result
2408 2412
2409 2413
2410 2414 class RepoGroup(Base, BaseModel):
2411 2415 __tablename__ = 'groups'
2412 2416 __table_args__ = (
2413 2417 UniqueConstraint('group_name', 'group_parent_id'),
2414 2418 CheckConstraint('group_id != group_parent_id'),
2415 2419 base_table_args,
2416 2420 )
2417 2421 __mapper_args__ = {'order_by': 'group_name'}
2418 2422
2419 2423 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2420 2424
2421 2425 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2422 2426 group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2423 2427 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2424 2428 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2425 2429 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2426 2430 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2427 2431 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2428 2432 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2429 2433 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2430 2434
2431 2435 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
2432 2436 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
2433 2437 parent_group = relationship('RepoGroup', remote_side=group_id)
2434 2438 user = relationship('User')
2435 2439 integrations = relationship('Integration',
2436 2440 cascade="all, delete, delete-orphan")
2437 2441
2438 2442 def __init__(self, group_name='', parent_group=None):
2439 2443 self.group_name = group_name
2440 2444 self.parent_group = parent_group
2441 2445
2442 2446 def __unicode__(self):
2443 2447 return u"<%s('id:%s:%s')>" % (
2444 2448 self.__class__.__name__, self.group_id, self.group_name)
2445 2449
2446 2450 @hybrid_property
2447 2451 def description_safe(self):
2448 2452 from rhodecode.lib import helpers as h
2449 2453 return h.escape(self.group_description)
2450 2454
2451 2455 @classmethod
2452 2456 def _generate_choice(cls, repo_group):
2453 2457 from webhelpers.html import literal as _literal
2454 2458 _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
2455 2459 return repo_group.group_id, _name(repo_group.full_path_splitted)
2456 2460
2457 2461 @classmethod
2458 2462 def groups_choices(cls, groups=None, show_empty_group=True):
2459 2463 if not groups:
2460 2464 groups = cls.query().all()
2461 2465
2462 2466 repo_groups = []
2463 2467 if show_empty_group:
2464 2468 repo_groups = [(-1, u'-- %s --' % _('No parent'))]
2465 2469
2466 2470 repo_groups.extend([cls._generate_choice(x) for x in groups])
2467 2471
2468 2472 repo_groups = sorted(
2469 2473 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2470 2474 return repo_groups
2471 2475
2472 2476 @classmethod
2473 2477 def url_sep(cls):
2474 2478 return URL_SEP
2475 2479
2476 2480 @classmethod
2477 2481 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2478 2482 if case_insensitive:
2479 2483 gr = cls.query().filter(func.lower(cls.group_name)
2480 2484 == func.lower(group_name))
2481 2485 else:
2482 2486 gr = cls.query().filter(cls.group_name == group_name)
2483 2487 if cache:
2484 2488 name_key = _hash_key(group_name)
2485 2489 gr = gr.options(
2486 2490 FromCache("sql_cache_short", "get_group_%s" % name_key))
2487 2491 return gr.scalar()
2488 2492
2489 2493 @classmethod
2490 2494 def get_user_personal_repo_group(cls, user_id):
2491 2495 user = User.get(user_id)
2492 2496 if user.username == User.DEFAULT_USER:
2493 2497 return None
2494 2498
2495 2499 return cls.query()\
2496 2500 .filter(cls.personal == true()) \
2497 2501 .filter(cls.user == user).scalar()
2498 2502
2499 2503 @classmethod
2500 2504 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2501 2505 case_insensitive=True):
2502 2506 q = RepoGroup.query()
2503 2507
2504 2508 if not isinstance(user_id, Optional):
2505 2509 q = q.filter(RepoGroup.user_id == user_id)
2506 2510
2507 2511 if not isinstance(group_id, Optional):
2508 2512 q = q.filter(RepoGroup.group_parent_id == group_id)
2509 2513
2510 2514 if case_insensitive:
2511 2515 q = q.order_by(func.lower(RepoGroup.group_name))
2512 2516 else:
2513 2517 q = q.order_by(RepoGroup.group_name)
2514 2518 return q.all()
2515 2519
2516 2520 @property
2517 2521 def parents(self):
2518 2522 parents_recursion_limit = 10
2519 2523 groups = []
2520 2524 if self.parent_group is None:
2521 2525 return groups
2522 2526 cur_gr = self.parent_group
2523 2527 groups.insert(0, cur_gr)
2524 2528 cnt = 0
2525 2529 while 1:
2526 2530 cnt += 1
2527 2531 gr = getattr(cur_gr, 'parent_group', None)
2528 2532 cur_gr = cur_gr.parent_group
2529 2533 if gr is None:
2530 2534 break
2531 2535 if cnt == parents_recursion_limit:
2532 2536 # this will prevent accidental infinit loops
2533 2537 log.error(('more than %s parents found for group %s, stopping '
2534 2538 'recursive parent fetching' % (parents_recursion_limit, self)))
2535 2539 break
2536 2540
2537 2541 groups.insert(0, gr)
2538 2542 return groups
2539 2543
2540 2544 @property
2541 2545 def last_db_change(self):
2542 2546 return self.updated_on
2543 2547
2544 2548 @property
2545 2549 def children(self):
2546 2550 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2547 2551
2548 2552 @property
2549 2553 def name(self):
2550 2554 return self.group_name.split(RepoGroup.url_sep())[-1]
2551 2555
2552 2556 @property
2553 2557 def full_path(self):
2554 2558 return self.group_name
2555 2559
2556 2560 @property
2557 2561 def full_path_splitted(self):
2558 2562 return self.group_name.split(RepoGroup.url_sep())
2559 2563
2560 2564 @property
2561 2565 def repositories(self):
2562 2566 return Repository.query()\
2563 2567 .filter(Repository.group == self)\
2564 2568 .order_by(Repository.repo_name)
2565 2569
2566 2570 @property
2567 2571 def repositories_recursive_count(self):
2568 2572 cnt = self.repositories.count()
2569 2573
2570 2574 def children_count(group):
2571 2575 cnt = 0
2572 2576 for child in group.children:
2573 2577 cnt += child.repositories.count()
2574 2578 cnt += children_count(child)
2575 2579 return cnt
2576 2580
2577 2581 return cnt + children_count(self)
2578 2582
2579 2583 def _recursive_objects(self, include_repos=True):
2580 2584 all_ = []
2581 2585
2582 2586 def _get_members(root_gr):
2583 2587 if include_repos:
2584 2588 for r in root_gr.repositories:
2585 2589 all_.append(r)
2586 2590 childs = root_gr.children.all()
2587 2591 if childs:
2588 2592 for gr in childs:
2589 2593 all_.append(gr)
2590 2594 _get_members(gr)
2591 2595
2592 2596 _get_members(self)
2593 2597 return [self] + all_
2594 2598
2595 2599 def recursive_groups_and_repos(self):
2596 2600 """
2597 2601 Recursive return all groups, with repositories in those groups
2598 2602 """
2599 2603 return self._recursive_objects()
2600 2604
2601 2605 def recursive_groups(self):
2602 2606 """
2603 2607 Returns all children groups for this group including children of children
2604 2608 """
2605 2609 return self._recursive_objects(include_repos=False)
2606 2610
2607 2611 def get_new_name(self, group_name):
2608 2612 """
2609 2613 returns new full group name based on parent and new name
2610 2614
2611 2615 :param group_name:
2612 2616 """
2613 2617 path_prefix = (self.parent_group.full_path_splitted if
2614 2618 self.parent_group else [])
2615 2619 return RepoGroup.url_sep().join(path_prefix + [group_name])
2616 2620
2617 2621 def permissions(self, with_admins=True, with_owner=True):
2618 2622 """
2619 2623 Permissions for repository groups
2620 2624 """
2621 2625 _admin_perm = 'group.admin'
2622 2626
2623 2627 owner_row = []
2624 2628 if with_owner:
2625 2629 usr = AttributeDict(self.user.get_dict())
2626 2630 usr.owner_row = True
2627 2631 usr.permission = _admin_perm
2628 2632 owner_row.append(usr)
2629 2633
2630 2634 super_admin_ids = []
2631 2635 super_admin_rows = []
2632 2636 if with_admins:
2633 2637 for usr in User.get_all_super_admins():
2634 2638 super_admin_ids.append(usr.user_id)
2635 2639 # if this admin is also owner, don't double the record
2636 2640 if usr.user_id == owner_row[0].user_id:
2637 2641 owner_row[0].admin_row = True
2638 2642 else:
2639 2643 usr = AttributeDict(usr.get_dict())
2640 2644 usr.admin_row = True
2641 2645 usr.permission = _admin_perm
2642 2646 super_admin_rows.append(usr)
2643 2647
2644 2648 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
2645 2649 q = q.options(joinedload(UserRepoGroupToPerm.group),
2646 2650 joinedload(UserRepoGroupToPerm.user),
2647 2651 joinedload(UserRepoGroupToPerm.permission),)
2648 2652
2649 2653 # get owners and admins and permissions. We do a trick of re-writing
2650 2654 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2651 2655 # has a global reference and changing one object propagates to all
2652 2656 # others. This means if admin is also an owner admin_row that change
2653 2657 # would propagate to both objects
2654 2658 perm_rows = []
2655 2659 for _usr in q.all():
2656 2660 usr = AttributeDict(_usr.user.get_dict())
2657 2661 # if this user is also owner/admin, mark as duplicate record
2658 2662 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2659 2663 usr.duplicate_perm = True
2660 2664 usr.permission = _usr.permission.permission_name
2661 2665 perm_rows.append(usr)
2662 2666
2663 2667 # filter the perm rows by 'default' first and then sort them by
2664 2668 # admin,write,read,none permissions sorted again alphabetically in
2665 2669 # each group
2666 2670 perm_rows = sorted(perm_rows, key=display_user_sort)
2667 2671
2668 2672 return super_admin_rows + owner_row + perm_rows
2669 2673
2670 2674 def permission_user_groups(self):
2671 2675 q = UserGroupRepoGroupToPerm.query().filter(
2672 2676 UserGroupRepoGroupToPerm.group == self)
2673 2677 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
2674 2678 joinedload(UserGroupRepoGroupToPerm.users_group),
2675 2679 joinedload(UserGroupRepoGroupToPerm.permission),)
2676 2680
2677 2681 perm_rows = []
2678 2682 for _user_group in q.all():
2679 2683 usr = AttributeDict(_user_group.users_group.get_dict())
2680 2684 usr.permission = _user_group.permission.permission_name
2681 2685 perm_rows.append(usr)
2682 2686
2683 2687 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2684 2688 return perm_rows
2685 2689
2686 2690 def get_api_data(self):
2687 2691 """
2688 2692 Common function for generating api data
2689 2693
2690 2694 """
2691 2695 group = self
2692 2696 data = {
2693 2697 'group_id': group.group_id,
2694 2698 'group_name': group.group_name,
2695 2699 'group_description': group.description_safe,
2696 2700 'parent_group': group.parent_group.group_name if group.parent_group else None,
2697 2701 'repositories': [x.repo_name for x in group.repositories],
2698 2702 'owner': group.user.username,
2699 2703 }
2700 2704 return data
2701 2705
2702 2706
2703 2707 class Permission(Base, BaseModel):
2704 2708 __tablename__ = 'permissions'
2705 2709 __table_args__ = (
2706 2710 Index('p_perm_name_idx', 'permission_name'),
2707 2711 base_table_args,
2708 2712 )
2709 2713
2710 2714 PERMS = [
2711 2715 ('hg.admin', _('RhodeCode Super Administrator')),
2712 2716
2713 2717 ('repository.none', _('Repository no access')),
2714 2718 ('repository.read', _('Repository read access')),
2715 2719 ('repository.write', _('Repository write access')),
2716 2720 ('repository.admin', _('Repository admin access')),
2717 2721
2718 2722 ('group.none', _('Repository group no access')),
2719 2723 ('group.read', _('Repository group read access')),
2720 2724 ('group.write', _('Repository group write access')),
2721 2725 ('group.admin', _('Repository group admin access')),
2722 2726
2723 2727 ('usergroup.none', _('User group no access')),
2724 2728 ('usergroup.read', _('User group read access')),
2725 2729 ('usergroup.write', _('User group write access')),
2726 2730 ('usergroup.admin', _('User group admin access')),
2727 2731
2728 2732 ('branch.none', _('Branch no permissions')),
2729 2733 ('branch.merge', _('Branch access by web merge')),
2730 2734 ('branch.push', _('Branch access by push')),
2731 2735 ('branch.push_force', _('Branch access by push with force')),
2732 2736
2733 2737 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
2734 2738 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
2735 2739
2736 2740 ('hg.usergroup.create.false', _('User Group creation disabled')),
2737 2741 ('hg.usergroup.create.true', _('User Group creation enabled')),
2738 2742
2739 2743 ('hg.create.none', _('Repository creation disabled')),
2740 2744 ('hg.create.repository', _('Repository creation enabled')),
2741 2745 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
2742 2746 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
2743 2747
2744 2748 ('hg.fork.none', _('Repository forking disabled')),
2745 2749 ('hg.fork.repository', _('Repository forking enabled')),
2746 2750
2747 2751 ('hg.register.none', _('Registration disabled')),
2748 2752 ('hg.register.manual_activate', _('User Registration with manual account activation')),
2749 2753 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
2750 2754
2751 2755 ('hg.password_reset.enabled', _('Password reset enabled')),
2752 2756 ('hg.password_reset.hidden', _('Password reset hidden')),
2753 2757 ('hg.password_reset.disabled', _('Password reset disabled')),
2754 2758
2755 2759 ('hg.extern_activate.manual', _('Manual activation of external account')),
2756 2760 ('hg.extern_activate.auto', _('Automatic activation of external account')),
2757 2761
2758 2762 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
2759 2763 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
2760 2764 ]
2761 2765
2762 2766 # definition of system default permissions for DEFAULT user, created on
2763 2767 # system setup
2764 2768 DEFAULT_USER_PERMISSIONS = [
2765 2769 # object perms
2766 2770 'repository.read',
2767 2771 'group.read',
2768 2772 'usergroup.read',
2769 2773 # branch, for backward compat we need same value as before so forced pushed
2770 2774 'branch.push_force',
2771 2775 # global
2772 2776 'hg.create.repository',
2773 2777 'hg.repogroup.create.false',
2774 2778 'hg.usergroup.create.false',
2775 2779 'hg.create.write_on_repogroup.true',
2776 2780 'hg.fork.repository',
2777 2781 'hg.register.manual_activate',
2778 2782 'hg.password_reset.enabled',
2779 2783 'hg.extern_activate.auto',
2780 2784 'hg.inherit_default_perms.true',
2781 2785 ]
2782 2786
2783 2787 # defines which permissions are more important higher the more important
2784 2788 # Weight defines which permissions are more important.
2785 2789 # The higher number the more important.
2786 2790 PERM_WEIGHTS = {
2787 2791 'repository.none': 0,
2788 2792 'repository.read': 1,
2789 2793 'repository.write': 3,
2790 2794 'repository.admin': 4,
2791 2795
2792 2796 'group.none': 0,
2793 2797 'group.read': 1,
2794 2798 'group.write': 3,
2795 2799 'group.admin': 4,
2796 2800
2797 2801 'usergroup.none': 0,
2798 2802 'usergroup.read': 1,
2799 2803 'usergroup.write': 3,
2800 2804 'usergroup.admin': 4,
2801 2805
2802 2806 'branch.none': 0,
2803 2807 'branch.merge': 1,
2804 2808 'branch.push': 3,
2805 2809 'branch.push_force': 4,
2806 2810
2807 2811 'hg.repogroup.create.false': 0,
2808 2812 'hg.repogroup.create.true': 1,
2809 2813
2810 2814 'hg.usergroup.create.false': 0,
2811 2815 'hg.usergroup.create.true': 1,
2812 2816
2813 2817 'hg.fork.none': 0,
2814 2818 'hg.fork.repository': 1,
2815 2819 'hg.create.none': 0,
2816 2820 'hg.create.repository': 1
2817 2821 }
2818 2822
2819 2823 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2820 2824 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
2821 2825 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
2822 2826
2823 2827 def __unicode__(self):
2824 2828 return u"<%s('%s:%s')>" % (
2825 2829 self.__class__.__name__, self.permission_id, self.permission_name
2826 2830 )
2827 2831
2828 2832 @classmethod
2829 2833 def get_by_key(cls, key):
2830 2834 return cls.query().filter(cls.permission_name == key).scalar()
2831 2835
2832 2836 @classmethod
2833 2837 def get_default_repo_perms(cls, user_id, repo_id=None):
2834 2838 q = Session().query(UserRepoToPerm, Repository, Permission)\
2835 2839 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
2836 2840 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
2837 2841 .filter(UserRepoToPerm.user_id == user_id)
2838 2842 if repo_id:
2839 2843 q = q.filter(UserRepoToPerm.repository_id == repo_id)
2840 2844 return q.all()
2841 2845
2842 2846 @classmethod
2843 2847 def get_default_repo_branch_perms(cls, user_id, repo_id=None):
2844 2848 q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \
2845 2849 .join(
2846 2850 Permission,
2847 2851 UserToRepoBranchPermission.permission_id == Permission.permission_id) \
2848 2852 .join(
2849 2853 UserRepoToPerm,
2850 2854 UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \
2851 2855 .filter(UserRepoToPerm.user_id == user_id)
2852 2856
2853 2857 if repo_id:
2854 2858 q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)
2855 2859 return q.order_by(UserToRepoBranchPermission.rule_order).all()
2856 2860
2857 2861 @classmethod
2858 2862 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
2859 2863 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
2860 2864 .join(
2861 2865 Permission,
2862 2866 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
2863 2867 .join(
2864 2868 Repository,
2865 2869 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
2866 2870 .join(
2867 2871 UserGroup,
2868 2872 UserGroupRepoToPerm.users_group_id ==
2869 2873 UserGroup.users_group_id)\
2870 2874 .join(
2871 2875 UserGroupMember,
2872 2876 UserGroupRepoToPerm.users_group_id ==
2873 2877 UserGroupMember.users_group_id)\
2874 2878 .filter(
2875 2879 UserGroupMember.user_id == user_id,
2876 2880 UserGroup.users_group_active == true())
2877 2881 if repo_id:
2878 2882 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
2879 2883 return q.all()
2880 2884
2881 2885 @classmethod
2882 2886 def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):
2883 2887 q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \
2884 2888 .join(
2885 2889 Permission,
2886 2890 UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \
2887 2891 .join(
2888 2892 UserGroupRepoToPerm,
2889 2893 UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \
2890 2894 .join(
2891 2895 UserGroup,
2892 2896 UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \
2893 2897 .join(
2894 2898 UserGroupMember,
2895 2899 UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \
2896 2900 .filter(
2897 2901 UserGroupMember.user_id == user_id,
2898 2902 UserGroup.users_group_active == true())
2899 2903
2900 2904 if repo_id:
2901 2905 q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)
2902 2906 return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()
2903 2907
2904 2908 @classmethod
2905 2909 def get_default_group_perms(cls, user_id, repo_group_id=None):
2906 2910 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
2907 2911 .join(
2908 2912 Permission,
2909 2913 UserRepoGroupToPerm.permission_id == Permission.permission_id)\
2910 2914 .join(
2911 2915 RepoGroup,
2912 2916 UserRepoGroupToPerm.group_id == RepoGroup.group_id)\
2913 2917 .filter(UserRepoGroupToPerm.user_id == user_id)
2914 2918 if repo_group_id:
2915 2919 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
2916 2920 return q.all()
2917 2921
2918 2922 @classmethod
2919 2923 def get_default_group_perms_from_user_group(
2920 2924 cls, user_id, repo_group_id=None):
2921 2925 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
2922 2926 .join(
2923 2927 Permission,
2924 2928 UserGroupRepoGroupToPerm.permission_id ==
2925 2929 Permission.permission_id)\
2926 2930 .join(
2927 2931 RepoGroup,
2928 2932 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
2929 2933 .join(
2930 2934 UserGroup,
2931 2935 UserGroupRepoGroupToPerm.users_group_id ==
2932 2936 UserGroup.users_group_id)\
2933 2937 .join(
2934 2938 UserGroupMember,
2935 2939 UserGroupRepoGroupToPerm.users_group_id ==
2936 2940 UserGroupMember.users_group_id)\
2937 2941 .filter(
2938 2942 UserGroupMember.user_id == user_id,
2939 2943 UserGroup.users_group_active == true())
2940 2944 if repo_group_id:
2941 2945 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
2942 2946 return q.all()
2943 2947
2944 2948 @classmethod
2945 2949 def get_default_user_group_perms(cls, user_id, user_group_id=None):
2946 2950 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
2947 2951 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
2948 2952 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
2949 2953 .filter(UserUserGroupToPerm.user_id == user_id)
2950 2954 if user_group_id:
2951 2955 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
2952 2956 return q.all()
2953 2957
2954 2958 @classmethod
2955 2959 def get_default_user_group_perms_from_user_group(
2956 2960 cls, user_id, user_group_id=None):
2957 2961 TargetUserGroup = aliased(UserGroup, name='target_user_group')
2958 2962 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
2959 2963 .join(
2960 2964 Permission,
2961 2965 UserGroupUserGroupToPerm.permission_id ==
2962 2966 Permission.permission_id)\
2963 2967 .join(
2964 2968 TargetUserGroup,
2965 2969 UserGroupUserGroupToPerm.target_user_group_id ==
2966 2970 TargetUserGroup.users_group_id)\
2967 2971 .join(
2968 2972 UserGroup,
2969 2973 UserGroupUserGroupToPerm.user_group_id ==
2970 2974 UserGroup.users_group_id)\
2971 2975 .join(
2972 2976 UserGroupMember,
2973 2977 UserGroupUserGroupToPerm.user_group_id ==
2974 2978 UserGroupMember.users_group_id)\
2975 2979 .filter(
2976 2980 UserGroupMember.user_id == user_id,
2977 2981 UserGroup.users_group_active == true())
2978 2982 if user_group_id:
2979 2983 q = q.filter(
2980 2984 UserGroupUserGroupToPerm.user_group_id == user_group_id)
2981 2985
2982 2986 return q.all()
2983 2987
2984 2988
2985 2989 class UserRepoToPerm(Base, BaseModel):
2986 2990 __tablename__ = 'repo_to_perm'
2987 2991 __table_args__ = (
2988 2992 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
2989 2993 base_table_args
2990 2994 )
2991 2995
2992 2996 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2993 2997 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2994 2998 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2995 2999 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2996 3000
2997 3001 user = relationship('User')
2998 3002 repository = relationship('Repository')
2999 3003 permission = relationship('Permission')
3000 3004
3001 3005 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete, delete-orphan", lazy='joined')
3002 3006
3003 3007 @classmethod
3004 3008 def create(cls, user, repository, permission):
3005 3009 n = cls()
3006 3010 n.user = user
3007 3011 n.repository = repository
3008 3012 n.permission = permission
3009 3013 Session().add(n)
3010 3014 return n
3011 3015
3012 3016 def __unicode__(self):
3013 3017 return u'<%s => %s >' % (self.user, self.repository)
3014 3018
3015 3019
3016 3020 class UserUserGroupToPerm(Base, BaseModel):
3017 3021 __tablename__ = 'user_user_group_to_perm'
3018 3022 __table_args__ = (
3019 3023 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
3020 3024 base_table_args
3021 3025 )
3022 3026
3023 3027 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3024 3028 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3025 3029 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3026 3030 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3027 3031
3028 3032 user = relationship('User')
3029 3033 user_group = relationship('UserGroup')
3030 3034 permission = relationship('Permission')
3031 3035
3032 3036 @classmethod
3033 3037 def create(cls, user, user_group, permission):
3034 3038 n = cls()
3035 3039 n.user = user
3036 3040 n.user_group = user_group
3037 3041 n.permission = permission
3038 3042 Session().add(n)
3039 3043 return n
3040 3044
3041 3045 def __unicode__(self):
3042 3046 return u'<%s => %s >' % (self.user, self.user_group)
3043 3047
3044 3048
3045 3049 class UserToPerm(Base, BaseModel):
3046 3050 __tablename__ = 'user_to_perm'
3047 3051 __table_args__ = (
3048 3052 UniqueConstraint('user_id', 'permission_id'),
3049 3053 base_table_args
3050 3054 )
3051 3055
3052 3056 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3053 3057 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3054 3058 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3055 3059
3056 3060 user = relationship('User')
3057 3061 permission = relationship('Permission', lazy='joined')
3058 3062
3059 3063 def __unicode__(self):
3060 3064 return u'<%s => %s >' % (self.user, self.permission)
3061 3065
3062 3066
3063 3067 class UserGroupRepoToPerm(Base, BaseModel):
3064 3068 __tablename__ = 'users_group_repo_to_perm'
3065 3069 __table_args__ = (
3066 3070 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
3067 3071 base_table_args
3068 3072 )
3069 3073
3070 3074 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3071 3075 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3072 3076 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3073 3077 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3074 3078
3075 3079 users_group = relationship('UserGroup')
3076 3080 permission = relationship('Permission')
3077 3081 repository = relationship('Repository')
3078 3082
3079 3083 @classmethod
3080 3084 def create(cls, users_group, repository, permission):
3081 3085 n = cls()
3082 3086 n.users_group = users_group
3083 3087 n.repository = repository
3084 3088 n.permission = permission
3085 3089 Session().add(n)
3086 3090 return n
3087 3091
3088 3092 def __unicode__(self):
3089 3093 return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
3090 3094
3091 3095
3092 3096 class UserGroupUserGroupToPerm(Base, BaseModel):
3093 3097 __tablename__ = 'user_group_user_group_to_perm'
3094 3098 __table_args__ = (
3095 3099 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
3096 3100 CheckConstraint('target_user_group_id != user_group_id'),
3097 3101 base_table_args
3098 3102 )
3099 3103
3100 3104 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3101 3105 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3102 3106 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3103 3107 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3104 3108
3105 3109 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
3106 3110 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3107 3111 permission = relationship('Permission')
3108 3112
3109 3113 @classmethod
3110 3114 def create(cls, target_user_group, user_group, permission):
3111 3115 n = cls()
3112 3116 n.target_user_group = target_user_group
3113 3117 n.user_group = user_group
3114 3118 n.permission = permission
3115 3119 Session().add(n)
3116 3120 return n
3117 3121
3118 3122 def __unicode__(self):
3119 3123 return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
3120 3124
3121 3125
3122 3126 class UserGroupToPerm(Base, BaseModel):
3123 3127 __tablename__ = 'users_group_to_perm'
3124 3128 __table_args__ = (
3125 3129 UniqueConstraint('users_group_id', 'permission_id',),
3126 3130 base_table_args
3127 3131 )
3128 3132
3129 3133 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3130 3134 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3131 3135 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3132 3136
3133 3137 users_group = relationship('UserGroup')
3134 3138 permission = relationship('Permission')
3135 3139
3136 3140
3137 3141 class UserRepoGroupToPerm(Base, BaseModel):
3138 3142 __tablename__ = 'user_repo_group_to_perm'
3139 3143 __table_args__ = (
3140 3144 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3141 3145 base_table_args
3142 3146 )
3143 3147
3144 3148 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3145 3149 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3146 3150 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3147 3151 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3148 3152
3149 3153 user = relationship('User')
3150 3154 group = relationship('RepoGroup')
3151 3155 permission = relationship('Permission')
3152 3156
3153 3157 @classmethod
3154 3158 def create(cls, user, repository_group, permission):
3155 3159 n = cls()
3156 3160 n.user = user
3157 3161 n.group = repository_group
3158 3162 n.permission = permission
3159 3163 Session().add(n)
3160 3164 return n
3161 3165
3162 3166
3163 3167 class UserGroupRepoGroupToPerm(Base, BaseModel):
3164 3168 __tablename__ = 'users_group_repo_group_to_perm'
3165 3169 __table_args__ = (
3166 3170 UniqueConstraint('users_group_id', 'group_id'),
3167 3171 base_table_args
3168 3172 )
3169 3173
3170 3174 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3171 3175 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3172 3176 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3173 3177 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3174 3178
3175 3179 users_group = relationship('UserGroup')
3176 3180 permission = relationship('Permission')
3177 3181 group = relationship('RepoGroup')
3178 3182
3179 3183 @classmethod
3180 3184 def create(cls, user_group, repository_group, permission):
3181 3185 n = cls()
3182 3186 n.users_group = user_group
3183 3187 n.group = repository_group
3184 3188 n.permission = permission
3185 3189 Session().add(n)
3186 3190 return n
3187 3191
3188 3192 def __unicode__(self):
3189 3193 return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3190 3194
3191 3195
3192 3196 class Statistics(Base, BaseModel):
3193 3197 __tablename__ = 'statistics'
3194 3198 __table_args__ = (
3195 3199 base_table_args
3196 3200 )
3197 3201
3198 3202 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3199 3203 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3200 3204 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3201 3205 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
3202 3206 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
3203 3207 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
3204 3208
3205 3209 repository = relationship('Repository', single_parent=True)
3206 3210
3207 3211
3208 3212 class UserFollowing(Base, BaseModel):
3209 3213 __tablename__ = 'user_followings'
3210 3214 __table_args__ = (
3211 3215 UniqueConstraint('user_id', 'follows_repository_id'),
3212 3216 UniqueConstraint('user_id', 'follows_user_id'),
3213 3217 base_table_args
3214 3218 )
3215 3219
3216 3220 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3217 3221 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3218 3222 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3219 3223 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3220 3224 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3221 3225
3222 3226 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
3223 3227
3224 3228 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3225 3229 follows_repository = relationship('Repository', order_by='Repository.repo_name')
3226 3230
3227 3231 @classmethod
3228 3232 def get_repo_followers(cls, repo_id):
3229 3233 return cls.query().filter(cls.follows_repo_id == repo_id)
3230 3234
3231 3235
3232 3236 class CacheKey(Base, BaseModel):
3233 3237 __tablename__ = 'cache_invalidation'
3234 3238 __table_args__ = (
3235 3239 UniqueConstraint('cache_key'),
3236 3240 Index('key_idx', 'cache_key'),
3237 3241 base_table_args,
3238 3242 )
3239 3243
3240 3244 CACHE_TYPE_FEED = 'FEED'
3241 3245 CACHE_TYPE_README = 'README'
3242 3246 # namespaces used to register process/thread aware caches
3243 3247 REPO_INVALIDATION_NAMESPACE = 'repo_cache:{repo_id}'
3244 3248 SETTINGS_INVALIDATION_NAMESPACE = 'system_settings'
3245 3249
3246 3250 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3247 3251 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3248 3252 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3249 3253 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3250 3254
3251 3255 def __init__(self, cache_key, cache_args=''):
3252 3256 self.cache_key = cache_key
3253 3257 self.cache_args = cache_args
3254 3258 self.cache_active = False
3255 3259
3256 3260 def __unicode__(self):
3257 3261 return u"<%s('%s:%s[%s]')>" % (
3258 3262 self.__class__.__name__,
3259 3263 self.cache_id, self.cache_key, self.cache_active)
3260 3264
3261 3265 def _cache_key_partition(self):
3262 3266 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3263 3267 return prefix, repo_name, suffix
3264 3268
3265 3269 def get_prefix(self):
3266 3270 """
3267 3271 Try to extract prefix from existing cache key. The key could consist
3268 3272 of prefix, repo_name, suffix
3269 3273 """
3270 3274 # this returns prefix, repo_name, suffix
3271 3275 return self._cache_key_partition()[0]
3272 3276
3273 3277 def get_suffix(self):
3274 3278 """
3275 3279 get suffix that might have been used in _get_cache_key to
3276 3280 generate self.cache_key. Only used for informational purposes
3277 3281 in repo_edit.mako.
3278 3282 """
3279 3283 # prefix, repo_name, suffix
3280 3284 return self._cache_key_partition()[2]
3281 3285
3282 3286 @classmethod
3283 3287 def delete_all_cache(cls):
3284 3288 """
3285 3289 Delete all cache keys from database.
3286 3290 Should only be run when all instances are down and all entries
3287 3291 thus stale.
3288 3292 """
3289 3293 cls.query().delete()
3290 3294 Session().commit()
3291 3295
3292 3296 @classmethod
3293 3297 def set_invalidate(cls, cache_uid, delete=False):
3294 3298 """
3295 3299 Mark all caches of a repo as invalid in the database.
3296 3300 """
3297 3301
3298 3302 try:
3299 3303 qry = Session().query(cls).filter(cls.cache_args == cache_uid)
3300 3304 if delete:
3301 3305 qry.delete()
3302 3306 log.debug('cache objects deleted for cache args %s',
3303 3307 safe_str(cache_uid))
3304 3308 else:
3305 3309 qry.update({"cache_active": False})
3306 3310 log.debug('cache objects marked as invalid for cache args %s',
3307 3311 safe_str(cache_uid))
3308 3312
3309 3313 Session().commit()
3310 3314 except Exception:
3311 3315 log.exception(
3312 3316 'Cache key invalidation failed for cache args %s',
3313 3317 safe_str(cache_uid))
3314 3318 Session().rollback()
3315 3319
3316 3320 @classmethod
3317 3321 def get_active_cache(cls, cache_key):
3318 3322 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3319 3323 if inv_obj:
3320 3324 return inv_obj
3321 3325 return None
3322 3326
3323 3327
3324 3328 class ChangesetComment(Base, BaseModel):
3325 3329 __tablename__ = 'changeset_comments'
3326 3330 __table_args__ = (
3327 3331 Index('cc_revision_idx', 'revision'),
3328 3332 base_table_args,
3329 3333 )
3330 3334
3331 3335 COMMENT_OUTDATED = u'comment_outdated'
3332 3336 COMMENT_TYPE_NOTE = u'note'
3333 3337 COMMENT_TYPE_TODO = u'todo'
3334 3338 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3335 3339
3336 3340 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3337 3341 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3338 3342 revision = Column('revision', String(40), nullable=True)
3339 3343 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3340 3344 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3341 3345 line_no = Column('line_no', Unicode(10), nullable=True)
3342 3346 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3343 3347 f_path = Column('f_path', Unicode(1000), nullable=True)
3344 3348 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3345 3349 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3346 3350 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3347 3351 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3348 3352 renderer = Column('renderer', Unicode(64), nullable=True)
3349 3353 display_state = Column('display_state', Unicode(128), nullable=True)
3350 3354
3351 3355 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3352 3356 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3353 3357 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, backref='resolved_by')
3354 3358 author = relationship('User', lazy='joined')
3355 3359 repo = relationship('Repository')
3356 3360 status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan", lazy='joined')
3357 3361 pull_request = relationship('PullRequest', lazy='joined')
3358 3362 pull_request_version = relationship('PullRequestVersion')
3359 3363
3360 3364 @classmethod
3361 3365 def get_users(cls, revision=None, pull_request_id=None):
3362 3366 """
3363 3367 Returns user associated with this ChangesetComment. ie those
3364 3368 who actually commented
3365 3369
3366 3370 :param cls:
3367 3371 :param revision:
3368 3372 """
3369 3373 q = Session().query(User)\
3370 3374 .join(ChangesetComment.author)
3371 3375 if revision:
3372 3376 q = q.filter(cls.revision == revision)
3373 3377 elif pull_request_id:
3374 3378 q = q.filter(cls.pull_request_id == pull_request_id)
3375 3379 return q.all()
3376 3380
3377 3381 @classmethod
3378 3382 def get_index_from_version(cls, pr_version, versions):
3379 3383 num_versions = [x.pull_request_version_id for x in versions]
3380 3384 try:
3381 3385 return num_versions.index(pr_version) +1
3382 3386 except (IndexError, ValueError):
3383 3387 return
3384 3388
3385 3389 @property
3386 3390 def outdated(self):
3387 3391 return self.display_state == self.COMMENT_OUTDATED
3388 3392
3389 3393 def outdated_at_version(self, version):
3390 3394 """
3391 3395 Checks if comment is outdated for given pull request version
3392 3396 """
3393 3397 return self.outdated and self.pull_request_version_id != version
3394 3398
3395 3399 def older_than_version(self, version):
3396 3400 """
3397 3401 Checks if comment is made from previous version than given
3398 3402 """
3399 3403 if version is None:
3400 3404 return self.pull_request_version_id is not None
3401 3405
3402 3406 return self.pull_request_version_id < version
3403 3407
3404 3408 @property
3405 3409 def resolved(self):
3406 3410 return self.resolved_by[0] if self.resolved_by else None
3407 3411
3408 3412 @property
3409 3413 def is_todo(self):
3410 3414 return self.comment_type == self.COMMENT_TYPE_TODO
3411 3415
3412 3416 @property
3413 3417 def is_inline(self):
3414 3418 return self.line_no and self.f_path
3415 3419
3416 3420 def get_index_version(self, versions):
3417 3421 return self.get_index_from_version(
3418 3422 self.pull_request_version_id, versions)
3419 3423
3420 3424 def __repr__(self):
3421 3425 if self.comment_id:
3422 3426 return '<DB:Comment #%s>' % self.comment_id
3423 3427 else:
3424 3428 return '<DB:Comment at %#x>' % id(self)
3425 3429
3426 3430 def get_api_data(self):
3427 3431 comment = self
3428 3432 data = {
3429 3433 'comment_id': comment.comment_id,
3430 3434 'comment_type': comment.comment_type,
3431 3435 'comment_text': comment.text,
3432 3436 'comment_status': comment.status_change,
3433 3437 'comment_f_path': comment.f_path,
3434 3438 'comment_lineno': comment.line_no,
3435 3439 'comment_author': comment.author,
3436 3440 'comment_created_on': comment.created_on
3437 3441 }
3438 3442 return data
3439 3443
3440 3444 def __json__(self):
3441 3445 data = dict()
3442 3446 data.update(self.get_api_data())
3443 3447 return data
3444 3448
3445 3449
3446 3450 class ChangesetStatus(Base, BaseModel):
3447 3451 __tablename__ = 'changeset_statuses'
3448 3452 __table_args__ = (
3449 3453 Index('cs_revision_idx', 'revision'),
3450 3454 Index('cs_version_idx', 'version'),
3451 3455 UniqueConstraint('repo_id', 'revision', 'version'),
3452 3456 base_table_args
3453 3457 )
3454 3458
3455 3459 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
3456 3460 STATUS_APPROVED = 'approved'
3457 3461 STATUS_REJECTED = 'rejected'
3458 3462 STATUS_UNDER_REVIEW = 'under_review'
3459 3463
3460 3464 STATUSES = [
3461 3465 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
3462 3466 (STATUS_APPROVED, _("Approved")),
3463 3467 (STATUS_REJECTED, _("Rejected")),
3464 3468 (STATUS_UNDER_REVIEW, _("Under Review")),
3465 3469 ]
3466 3470
3467 3471 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
3468 3472 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3469 3473 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
3470 3474 revision = Column('revision', String(40), nullable=False)
3471 3475 status = Column('status', String(128), nullable=False, default=DEFAULT)
3472 3476 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
3473 3477 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
3474 3478 version = Column('version', Integer(), nullable=False, default=0)
3475 3479 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3476 3480
3477 3481 author = relationship('User', lazy='joined')
3478 3482 repo = relationship('Repository')
3479 3483 comment = relationship('ChangesetComment', lazy='joined')
3480 3484 pull_request = relationship('PullRequest', lazy='joined')
3481 3485
3482 3486 def __unicode__(self):
3483 3487 return u"<%s('%s[v%s]:%s')>" % (
3484 3488 self.__class__.__name__,
3485 3489 self.status, self.version, self.author
3486 3490 )
3487 3491
3488 3492 @classmethod
3489 3493 def get_status_lbl(cls, value):
3490 3494 return dict(cls.STATUSES).get(value)
3491 3495
3492 3496 @property
3493 3497 def status_lbl(self):
3494 3498 return ChangesetStatus.get_status_lbl(self.status)
3495 3499
3496 3500 def get_api_data(self):
3497 3501 status = self
3498 3502 data = {
3499 3503 'status_id': status.changeset_status_id,
3500 3504 'status': status.status,
3501 3505 }
3502 3506 return data
3503 3507
3504 3508 def __json__(self):
3505 3509 data = dict()
3506 3510 data.update(self.get_api_data())
3507 3511 return data
3508 3512
3509 3513
3510 3514 class _PullRequestBase(BaseModel):
3511 3515 """
3512 3516 Common attributes of pull request and version entries.
3513 3517 """
3514 3518
3515 3519 # .status values
3516 3520 STATUS_NEW = u'new'
3517 3521 STATUS_OPEN = u'open'
3518 3522 STATUS_CLOSED = u'closed'
3519 3523
3520 3524 title = Column('title', Unicode(255), nullable=True)
3521 3525 description = Column(
3522 3526 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
3523 3527 nullable=True)
3524 3528 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
3525 3529
3526 3530 # new/open/closed status of pull request (not approve/reject/etc)
3527 3531 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
3528 3532 created_on = Column(
3529 3533 'created_on', DateTime(timezone=False), nullable=False,
3530 3534 default=datetime.datetime.now)
3531 3535 updated_on = Column(
3532 3536 'updated_on', DateTime(timezone=False), nullable=False,
3533 3537 default=datetime.datetime.now)
3534 3538
3535 3539 @declared_attr
3536 3540 def user_id(cls):
3537 3541 return Column(
3538 3542 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
3539 3543 unique=None)
3540 3544
3541 3545 # 500 revisions max
3542 3546 _revisions = Column(
3543 3547 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
3544 3548
3545 3549 @declared_attr
3546 3550 def source_repo_id(cls):
3547 3551 # TODO: dan: rename column to source_repo_id
3548 3552 return Column(
3549 3553 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3550 3554 nullable=False)
3551 3555
3552 3556 source_ref = Column('org_ref', Unicode(255), nullable=False)
3553 3557
3554 3558 @declared_attr
3555 3559 def target_repo_id(cls):
3556 3560 # TODO: dan: rename column to target_repo_id
3557 3561 return Column(
3558 3562 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3559 3563 nullable=False)
3560 3564
3561 3565 target_ref = Column('other_ref', Unicode(255), nullable=False)
3562 3566 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
3563 3567
3564 3568 # TODO: dan: rename column to last_merge_source_rev
3565 3569 _last_merge_source_rev = Column(
3566 3570 'last_merge_org_rev', String(40), nullable=True)
3567 3571 # TODO: dan: rename column to last_merge_target_rev
3568 3572 _last_merge_target_rev = Column(
3569 3573 'last_merge_other_rev', String(40), nullable=True)
3570 3574 _last_merge_status = Column('merge_status', Integer(), nullable=True)
3571 3575 merge_rev = Column('merge_rev', String(40), nullable=True)
3572 3576
3573 3577 reviewer_data = Column(
3574 3578 'reviewer_data_json', MutationObj.as_mutable(
3575 3579 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3576 3580
3577 3581 @property
3578 3582 def reviewer_data_json(self):
3579 3583 return json.dumps(self.reviewer_data)
3580 3584
3581 3585 @hybrid_property
3582 3586 def description_safe(self):
3583 3587 from rhodecode.lib import helpers as h
3584 3588 return h.escape(self.description)
3585 3589
3586 3590 @hybrid_property
3587 3591 def revisions(self):
3588 3592 return self._revisions.split(':') if self._revisions else []
3589 3593
3590 3594 @revisions.setter
3591 3595 def revisions(self, val):
3592 3596 self._revisions = ':'.join(val)
3593 3597
3594 3598 @hybrid_property
3595 3599 def last_merge_status(self):
3596 3600 return safe_int(self._last_merge_status)
3597 3601
3598 3602 @last_merge_status.setter
3599 3603 def last_merge_status(self, val):
3600 3604 self._last_merge_status = val
3601 3605
3602 3606 @declared_attr
3603 3607 def author(cls):
3604 3608 return relationship('User', lazy='joined')
3605 3609
3606 3610 @declared_attr
3607 3611 def source_repo(cls):
3608 3612 return relationship(
3609 3613 'Repository',
3610 3614 primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
3611 3615
3612 3616 @property
3613 3617 def source_ref_parts(self):
3614 3618 return self.unicode_to_reference(self.source_ref)
3615 3619
3616 3620 @declared_attr
3617 3621 def target_repo(cls):
3618 3622 return relationship(
3619 3623 'Repository',
3620 3624 primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
3621 3625
3622 3626 @property
3623 3627 def target_ref_parts(self):
3624 3628 return self.unicode_to_reference(self.target_ref)
3625 3629
3626 3630 @property
3627 3631 def shadow_merge_ref(self):
3628 3632 return self.unicode_to_reference(self._shadow_merge_ref)
3629 3633
3630 3634 @shadow_merge_ref.setter
3631 3635 def shadow_merge_ref(self, ref):
3632 3636 self._shadow_merge_ref = self.reference_to_unicode(ref)
3633 3637
3634 3638 def unicode_to_reference(self, raw):
3635 3639 """
3636 3640 Convert a unicode (or string) to a reference object.
3637 3641 If unicode evaluates to False it returns None.
3638 3642 """
3639 3643 if raw:
3640 3644 refs = raw.split(':')
3641 3645 return Reference(*refs)
3642 3646 else:
3643 3647 return None
3644 3648
3645 3649 def reference_to_unicode(self, ref):
3646 3650 """
3647 3651 Convert a reference object to unicode.
3648 3652 If reference is None it returns None.
3649 3653 """
3650 3654 if ref:
3651 3655 return u':'.join(ref)
3652 3656 else:
3653 3657 return None
3654 3658
3655 3659 def get_api_data(self, with_merge_state=True):
3656 3660 from rhodecode.model.pull_request import PullRequestModel
3657 3661
3658 3662 pull_request = self
3659 3663 if with_merge_state:
3660 3664 merge_status = PullRequestModel().merge_status(pull_request)
3661 3665 merge_state = {
3662 3666 'status': merge_status[0],
3663 3667 'message': safe_unicode(merge_status[1]),
3664 3668 }
3665 3669 else:
3666 3670 merge_state = {'status': 'not_available',
3667 3671 'message': 'not_available'}
3668 3672
3669 3673 merge_data = {
3670 3674 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
3671 3675 'reference': (
3672 3676 pull_request.shadow_merge_ref._asdict()
3673 3677 if pull_request.shadow_merge_ref else None),
3674 3678 }
3675 3679
3676 3680 data = {
3677 3681 'pull_request_id': pull_request.pull_request_id,
3678 3682 'url': PullRequestModel().get_url(pull_request),
3679 3683 'title': pull_request.title,
3680 3684 'description': pull_request.description,
3681 3685 'status': pull_request.status,
3682 3686 'created_on': pull_request.created_on,
3683 3687 'updated_on': pull_request.updated_on,
3684 3688 'commit_ids': pull_request.revisions,
3685 3689 'review_status': pull_request.calculated_review_status(),
3686 3690 'mergeable': merge_state,
3687 3691 'source': {
3688 3692 'clone_url': pull_request.source_repo.clone_url(),
3689 3693 'repository': pull_request.source_repo.repo_name,
3690 3694 'reference': {
3691 3695 'name': pull_request.source_ref_parts.name,
3692 3696 'type': pull_request.source_ref_parts.type,
3693 3697 'commit_id': pull_request.source_ref_parts.commit_id,
3694 3698 },
3695 3699 },
3696 3700 'target': {
3697 3701 'clone_url': pull_request.target_repo.clone_url(),
3698 3702 'repository': pull_request.target_repo.repo_name,
3699 3703 'reference': {
3700 3704 'name': pull_request.target_ref_parts.name,
3701 3705 'type': pull_request.target_ref_parts.type,
3702 3706 'commit_id': pull_request.target_ref_parts.commit_id,
3703 3707 },
3704 3708 },
3705 3709 'merge': merge_data,
3706 3710 'author': pull_request.author.get_api_data(include_secrets=False,
3707 3711 details='basic'),
3708 3712 'reviewers': [
3709 3713 {
3710 3714 'user': reviewer.get_api_data(include_secrets=False,
3711 3715 details='basic'),
3712 3716 'reasons': reasons,
3713 3717 'review_status': st[0][1].status if st else 'not_reviewed',
3714 3718 }
3715 3719 for obj, reviewer, reasons, mandatory, st in
3716 3720 pull_request.reviewers_statuses()
3717 3721 ]
3718 3722 }
3719 3723
3720 3724 return data
3721 3725
3722 3726
3723 3727 class PullRequest(Base, _PullRequestBase):
3724 3728 __tablename__ = 'pull_requests'
3725 3729 __table_args__ = (
3726 3730 base_table_args,
3727 3731 )
3728 3732
3729 3733 pull_request_id = Column(
3730 3734 'pull_request_id', Integer(), nullable=False, primary_key=True)
3731 3735
3732 3736 def __repr__(self):
3733 3737 if self.pull_request_id:
3734 3738 return '<DB:PullRequest #%s>' % self.pull_request_id
3735 3739 else:
3736 3740 return '<DB:PullRequest at %#x>' % id(self)
3737 3741
3738 3742 reviewers = relationship('PullRequestReviewers',
3739 3743 cascade="all, delete, delete-orphan")
3740 3744 statuses = relationship('ChangesetStatus',
3741 3745 cascade="all, delete, delete-orphan")
3742 3746 comments = relationship('ChangesetComment',
3743 3747 cascade="all, delete, delete-orphan")
3744 3748 versions = relationship('PullRequestVersion',
3745 3749 cascade="all, delete, delete-orphan",
3746 3750 lazy='dynamic')
3747 3751
3748 3752 @classmethod
3749 3753 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
3750 3754 internal_methods=None):
3751 3755
3752 3756 class PullRequestDisplay(object):
3753 3757 """
3754 3758 Special object wrapper for showing PullRequest data via Versions
3755 3759 It mimics PR object as close as possible. This is read only object
3756 3760 just for display
3757 3761 """
3758 3762
3759 3763 def __init__(self, attrs, internal=None):
3760 3764 self.attrs = attrs
3761 3765 # internal have priority over the given ones via attrs
3762 3766 self.internal = internal or ['versions']
3763 3767
3764 3768 def __getattr__(self, item):
3765 3769 if item in self.internal:
3766 3770 return getattr(self, item)
3767 3771 try:
3768 3772 return self.attrs[item]
3769 3773 except KeyError:
3770 3774 raise AttributeError(
3771 3775 '%s object has no attribute %s' % (self, item))
3772 3776
3773 3777 def __repr__(self):
3774 3778 return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
3775 3779
3776 3780 def versions(self):
3777 3781 return pull_request_obj.versions.order_by(
3778 3782 PullRequestVersion.pull_request_version_id).all()
3779 3783
3780 3784 def is_closed(self):
3781 3785 return pull_request_obj.is_closed()
3782 3786
3783 3787 @property
3784 3788 def pull_request_version_id(self):
3785 3789 return getattr(pull_request_obj, 'pull_request_version_id', None)
3786 3790
3787 3791 attrs = StrictAttributeDict(pull_request_obj.get_api_data())
3788 3792
3789 3793 attrs.author = StrictAttributeDict(
3790 3794 pull_request_obj.author.get_api_data())
3791 3795 if pull_request_obj.target_repo:
3792 3796 attrs.target_repo = StrictAttributeDict(
3793 3797 pull_request_obj.target_repo.get_api_data())
3794 3798 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
3795 3799
3796 3800 if pull_request_obj.source_repo:
3797 3801 attrs.source_repo = StrictAttributeDict(
3798 3802 pull_request_obj.source_repo.get_api_data())
3799 3803 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
3800 3804
3801 3805 attrs.source_ref_parts = pull_request_obj.source_ref_parts
3802 3806 attrs.target_ref_parts = pull_request_obj.target_ref_parts
3803 3807 attrs.revisions = pull_request_obj.revisions
3804 3808
3805 3809 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
3806 3810 attrs.reviewer_data = org_pull_request_obj.reviewer_data
3807 3811 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
3808 3812
3809 3813 return PullRequestDisplay(attrs, internal=internal_methods)
3810 3814
3811 3815 def is_closed(self):
3812 3816 return self.status == self.STATUS_CLOSED
3813 3817
3814 3818 def __json__(self):
3815 3819 return {
3816 3820 'revisions': self.revisions,
3817 3821 }
3818 3822
3819 3823 def calculated_review_status(self):
3820 3824 from rhodecode.model.changeset_status import ChangesetStatusModel
3821 3825 return ChangesetStatusModel().calculated_review_status(self)
3822 3826
3823 3827 def reviewers_statuses(self):
3824 3828 from rhodecode.model.changeset_status import ChangesetStatusModel
3825 3829 return ChangesetStatusModel().reviewers_statuses(self)
3826 3830
3827 3831 @property
3828 3832 def workspace_id(self):
3829 3833 from rhodecode.model.pull_request import PullRequestModel
3830 3834 return PullRequestModel()._workspace_id(self)
3831 3835
3832 3836 def get_shadow_repo(self):
3833 3837 workspace_id = self.workspace_id
3834 3838 vcs_obj = self.target_repo.scm_instance()
3835 3839 shadow_repository_path = vcs_obj._get_shadow_repository_path(
3836 3840 self.target_repo.repo_id, workspace_id)
3837 3841 if os.path.isdir(shadow_repository_path):
3838 3842 return vcs_obj._get_shadow_instance(shadow_repository_path)
3839 3843
3840 3844
3841 3845 class PullRequestVersion(Base, _PullRequestBase):
3842 3846 __tablename__ = 'pull_request_versions'
3843 3847 __table_args__ = (
3844 3848 base_table_args,
3845 3849 )
3846 3850
3847 3851 pull_request_version_id = Column(
3848 3852 'pull_request_version_id', Integer(), nullable=False, primary_key=True)
3849 3853 pull_request_id = Column(
3850 3854 'pull_request_id', Integer(),
3851 3855 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3852 3856 pull_request = relationship('PullRequest')
3853 3857
3854 3858 def __repr__(self):
3855 3859 if self.pull_request_version_id:
3856 3860 return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
3857 3861 else:
3858 3862 return '<DB:PullRequestVersion at %#x>' % id(self)
3859 3863
3860 3864 @property
3861 3865 def reviewers(self):
3862 3866 return self.pull_request.reviewers
3863 3867
3864 3868 @property
3865 3869 def versions(self):
3866 3870 return self.pull_request.versions
3867 3871
3868 3872 def is_closed(self):
3869 3873 # calculate from original
3870 3874 return self.pull_request.status == self.STATUS_CLOSED
3871 3875
3872 3876 def calculated_review_status(self):
3873 3877 return self.pull_request.calculated_review_status()
3874 3878
3875 3879 def reviewers_statuses(self):
3876 3880 return self.pull_request.reviewers_statuses()
3877 3881
3878 3882
3879 3883 class PullRequestReviewers(Base, BaseModel):
3880 3884 __tablename__ = 'pull_request_reviewers'
3881 3885 __table_args__ = (
3882 3886 base_table_args,
3883 3887 )
3884 3888
3885 3889 @hybrid_property
3886 3890 def reasons(self):
3887 3891 if not self._reasons:
3888 3892 return []
3889 3893 return self._reasons
3890 3894
3891 3895 @reasons.setter
3892 3896 def reasons(self, val):
3893 3897 val = val or []
3894 3898 if any(not isinstance(x, basestring) for x in val):
3895 3899 raise Exception('invalid reasons type, must be list of strings')
3896 3900 self._reasons = val
3897 3901
3898 3902 pull_requests_reviewers_id = Column(
3899 3903 'pull_requests_reviewers_id', Integer(), nullable=False,
3900 3904 primary_key=True)
3901 3905 pull_request_id = Column(
3902 3906 "pull_request_id", Integer(),
3903 3907 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3904 3908 user_id = Column(
3905 3909 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
3906 3910 _reasons = Column(
3907 3911 'reason', MutationList.as_mutable(
3908 3912 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
3909 3913
3910 3914 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
3911 3915 user = relationship('User')
3912 3916 pull_request = relationship('PullRequest')
3913 3917
3914 3918 rule_data = Column(
3915 3919 'rule_data_json',
3916 3920 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
3917 3921
3918 3922 def rule_user_group_data(self):
3919 3923 """
3920 3924 Returns the voting user group rule data for this reviewer
3921 3925 """
3922 3926
3923 3927 if self.rule_data and 'vote_rule' in self.rule_data:
3924 3928 user_group_data = {}
3925 3929 if 'rule_user_group_entry_id' in self.rule_data:
3926 3930 # means a group with voting rules !
3927 3931 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
3928 3932 user_group_data['name'] = self.rule_data['rule_name']
3929 3933 user_group_data['vote_rule'] = self.rule_data['vote_rule']
3930 3934
3931 3935 return user_group_data
3932 3936
3933 3937 def __unicode__(self):
3934 3938 return u"<%s('id:%s')>" % (self.__class__.__name__,
3935 3939 self.pull_requests_reviewers_id)
3936 3940
3937 3941
3938 3942 class Notification(Base, BaseModel):
3939 3943 __tablename__ = 'notifications'
3940 3944 __table_args__ = (
3941 3945 Index('notification_type_idx', 'type'),
3942 3946 base_table_args,
3943 3947 )
3944 3948
3945 3949 TYPE_CHANGESET_COMMENT = u'cs_comment'
3946 3950 TYPE_MESSAGE = u'message'
3947 3951 TYPE_MENTION = u'mention'
3948 3952 TYPE_REGISTRATION = u'registration'
3949 3953 TYPE_PULL_REQUEST = u'pull_request'
3950 3954 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
3951 3955
3952 3956 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
3953 3957 subject = Column('subject', Unicode(512), nullable=True)
3954 3958 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
3955 3959 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
3956 3960 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3957 3961 type_ = Column('type', Unicode(255))
3958 3962
3959 3963 created_by_user = relationship('User')
3960 3964 notifications_to_users = relationship('UserNotification', lazy='joined',
3961 3965 cascade="all, delete, delete-orphan")
3962 3966
3963 3967 @property
3964 3968 def recipients(self):
3965 3969 return [x.user for x in UserNotification.query()\
3966 3970 .filter(UserNotification.notification == self)\
3967 3971 .order_by(UserNotification.user_id.asc()).all()]
3968 3972
3969 3973 @classmethod
3970 3974 def create(cls, created_by, subject, body, recipients, type_=None):
3971 3975 if type_ is None:
3972 3976 type_ = Notification.TYPE_MESSAGE
3973 3977
3974 3978 notification = cls()
3975 3979 notification.created_by_user = created_by
3976 3980 notification.subject = subject
3977 3981 notification.body = body
3978 3982 notification.type_ = type_
3979 3983 notification.created_on = datetime.datetime.now()
3980 3984
3981 3985 # For each recipient link the created notification to his account
3982 3986 for u in recipients:
3983 3987 assoc = UserNotification()
3984 3988 assoc.user_id = u.user_id
3985 3989 assoc.notification = notification
3986 3990
3987 3991 # if created_by is inside recipients mark his notification
3988 3992 # as read
3989 3993 if u.user_id == created_by.user_id:
3990 3994 assoc.read = True
3991 3995 Session().add(assoc)
3992 3996
3993 3997 Session().add(notification)
3994 3998
3995 3999 return notification
3996 4000
3997 4001
3998 4002 class UserNotification(Base, BaseModel):
3999 4003 __tablename__ = 'user_to_notification'
4000 4004 __table_args__ = (
4001 4005 UniqueConstraint('user_id', 'notification_id'),
4002 4006 base_table_args
4003 4007 )
4004 4008
4005 4009 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4006 4010 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
4007 4011 read = Column('read', Boolean, default=False)
4008 4012 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
4009 4013
4010 4014 user = relationship('User', lazy="joined")
4011 4015 notification = relationship('Notification', lazy="joined",
4012 4016 order_by=lambda: Notification.created_on.desc(),)
4013 4017
4014 4018 def mark_as_read(self):
4015 4019 self.read = True
4016 4020 Session().add(self)
4017 4021
4018 4022
4019 4023 class Gist(Base, BaseModel):
4020 4024 __tablename__ = 'gists'
4021 4025 __table_args__ = (
4022 4026 Index('g_gist_access_id_idx', 'gist_access_id'),
4023 4027 Index('g_created_on_idx', 'created_on'),
4024 4028 base_table_args
4025 4029 )
4026 4030
4027 4031 GIST_PUBLIC = u'public'
4028 4032 GIST_PRIVATE = u'private'
4029 4033 DEFAULT_FILENAME = u'gistfile1.txt'
4030 4034
4031 4035 ACL_LEVEL_PUBLIC = u'acl_public'
4032 4036 ACL_LEVEL_PRIVATE = u'acl_private'
4033 4037
4034 4038 gist_id = Column('gist_id', Integer(), primary_key=True)
4035 4039 gist_access_id = Column('gist_access_id', Unicode(250))
4036 4040 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
4037 4041 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
4038 4042 gist_expires = Column('gist_expires', Float(53), nullable=False)
4039 4043 gist_type = Column('gist_type', Unicode(128), nullable=False)
4040 4044 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4041 4045 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4042 4046 acl_level = Column('acl_level', Unicode(128), nullable=True)
4043 4047
4044 4048 owner = relationship('User')
4045 4049
4046 4050 def __repr__(self):
4047 4051 return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
4048 4052
4049 4053 @hybrid_property
4050 4054 def description_safe(self):
4051 4055 from rhodecode.lib import helpers as h
4052 4056 return h.escape(self.gist_description)
4053 4057
4054 4058 @classmethod
4055 4059 def get_or_404(cls, id_):
4056 4060 from pyramid.httpexceptions import HTTPNotFound
4057 4061
4058 4062 res = cls.query().filter(cls.gist_access_id == id_).scalar()
4059 4063 if not res:
4060 4064 raise HTTPNotFound()
4061 4065 return res
4062 4066
4063 4067 @classmethod
4064 4068 def get_by_access_id(cls, gist_access_id):
4065 4069 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
4066 4070
4067 4071 def gist_url(self):
4068 4072 from rhodecode.model.gist import GistModel
4069 4073 return GistModel().get_url(self)
4070 4074
4071 4075 @classmethod
4072 4076 def base_path(cls):
4073 4077 """
4074 4078 Returns base path when all gists are stored
4075 4079
4076 4080 :param cls:
4077 4081 """
4078 4082 from rhodecode.model.gist import GIST_STORE_LOC
4079 4083 q = Session().query(RhodeCodeUi)\
4080 4084 .filter(RhodeCodeUi.ui_key == URL_SEP)
4081 4085 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
4082 4086 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
4083 4087
4084 4088 def get_api_data(self):
4085 4089 """
4086 4090 Common function for generating gist related data for API
4087 4091 """
4088 4092 gist = self
4089 4093 data = {
4090 4094 'gist_id': gist.gist_id,
4091 4095 'type': gist.gist_type,
4092 4096 'access_id': gist.gist_access_id,
4093 4097 'description': gist.gist_description,
4094 4098 'url': gist.gist_url(),
4095 4099 'expires': gist.gist_expires,
4096 4100 'created_on': gist.created_on,
4097 4101 'modified_at': gist.modified_at,
4098 4102 'content': None,
4099 4103 'acl_level': gist.acl_level,
4100 4104 }
4101 4105 return data
4102 4106
4103 4107 def __json__(self):
4104 4108 data = dict(
4105 4109 )
4106 4110 data.update(self.get_api_data())
4107 4111 return data
4108 4112 # SCM functions
4109 4113
4110 4114 def scm_instance(self, **kwargs):
4111 4115 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
4112 4116 return get_vcs_instance(
4113 4117 repo_path=safe_str(full_repo_path), create=False)
4114 4118
4115 4119
4116 4120 class ExternalIdentity(Base, BaseModel):
4117 4121 __tablename__ = 'external_identities'
4118 4122 __table_args__ = (
4119 4123 Index('local_user_id_idx', 'local_user_id'),
4120 4124 Index('external_id_idx', 'external_id'),
4121 4125 base_table_args
4122 4126 )
4123 4127
4124 4128 external_id = Column('external_id', Unicode(255), default=u'',
4125 4129 primary_key=True)
4126 4130 external_username = Column('external_username', Unicode(1024), default=u'')
4127 4131 local_user_id = Column('local_user_id', Integer(),
4128 4132 ForeignKey('users.user_id'), primary_key=True)
4129 4133 provider_name = Column('provider_name', Unicode(255), default=u'',
4130 4134 primary_key=True)
4131 4135 access_token = Column('access_token', String(1024), default=u'')
4132 4136 alt_token = Column('alt_token', String(1024), default=u'')
4133 4137 token_secret = Column('token_secret', String(1024), default=u'')
4134 4138
4135 4139 @classmethod
4136 4140 def by_external_id_and_provider(cls, external_id, provider_name,
4137 4141 local_user_id=None):
4138 4142 """
4139 4143 Returns ExternalIdentity instance based on search params
4140 4144
4141 4145 :param external_id:
4142 4146 :param provider_name:
4143 4147 :return: ExternalIdentity
4144 4148 """
4145 4149 query = cls.query()
4146 4150 query = query.filter(cls.external_id == external_id)
4147 4151 query = query.filter(cls.provider_name == provider_name)
4148 4152 if local_user_id:
4149 4153 query = query.filter(cls.local_user_id == local_user_id)
4150 4154 return query.first()
4151 4155
4152 4156 @classmethod
4153 4157 def user_by_external_id_and_provider(cls, external_id, provider_name):
4154 4158 """
4155 4159 Returns User instance based on search params
4156 4160
4157 4161 :param external_id:
4158 4162 :param provider_name:
4159 4163 :return: User
4160 4164 """
4161 4165 query = User.query()
4162 4166 query = query.filter(cls.external_id == external_id)
4163 4167 query = query.filter(cls.provider_name == provider_name)
4164 4168 query = query.filter(User.user_id == cls.local_user_id)
4165 4169 return query.first()
4166 4170
4167 4171 @classmethod
4168 4172 def by_local_user_id(cls, local_user_id):
4169 4173 """
4170 4174 Returns all tokens for user
4171 4175
4172 4176 :param local_user_id:
4173 4177 :return: ExternalIdentity
4174 4178 """
4175 4179 query = cls.query()
4176 4180 query = query.filter(cls.local_user_id == local_user_id)
4177 4181 return query
4178 4182
4179 4183
4180 4184 class Integration(Base, BaseModel):
4181 4185 __tablename__ = 'integrations'
4182 4186 __table_args__ = (
4183 4187 base_table_args
4184 4188 )
4185 4189
4186 4190 integration_id = Column('integration_id', Integer(), primary_key=True)
4187 4191 integration_type = Column('integration_type', String(255))
4188 4192 enabled = Column('enabled', Boolean(), nullable=False)
4189 4193 name = Column('name', String(255), nullable=False)
4190 4194 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
4191 4195 default=False)
4192 4196
4193 4197 settings = Column(
4194 4198 'settings_json', MutationObj.as_mutable(
4195 4199 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4196 4200 repo_id = Column(
4197 4201 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
4198 4202 nullable=True, unique=None, default=None)
4199 4203 repo = relationship('Repository', lazy='joined')
4200 4204
4201 4205 repo_group_id = Column(
4202 4206 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
4203 4207 nullable=True, unique=None, default=None)
4204 4208 repo_group = relationship('RepoGroup', lazy='joined')
4205 4209
4206 4210 @property
4207 4211 def scope(self):
4208 4212 if self.repo:
4209 4213 return repr(self.repo)
4210 4214 if self.repo_group:
4211 4215 if self.child_repos_only:
4212 4216 return repr(self.repo_group) + ' (child repos only)'
4213 4217 else:
4214 4218 return repr(self.repo_group) + ' (recursive)'
4215 4219 if self.child_repos_only:
4216 4220 return 'root_repos'
4217 4221 return 'global'
4218 4222
4219 4223 def __repr__(self):
4220 4224 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
4221 4225
4222 4226
4223 4227 class RepoReviewRuleUser(Base, BaseModel):
4224 4228 __tablename__ = 'repo_review_rules_users'
4225 4229 __table_args__ = (
4226 4230 base_table_args
4227 4231 )
4228 4232
4229 4233 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
4230 4234 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4231 4235 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
4232 4236 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4233 4237 user = relationship('User')
4234 4238
4235 4239 def rule_data(self):
4236 4240 return {
4237 4241 'mandatory': self.mandatory
4238 4242 }
4239 4243
4240 4244
4241 4245 class RepoReviewRuleUserGroup(Base, BaseModel):
4242 4246 __tablename__ = 'repo_review_rules_users_groups'
4243 4247 __table_args__ = (
4244 4248 base_table_args
4245 4249 )
4246 4250
4247 4251 VOTE_RULE_ALL = -1
4248 4252
4249 4253 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
4250 4254 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4251 4255 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
4252 4256 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4253 4257 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
4254 4258 users_group = relationship('UserGroup')
4255 4259
4256 4260 def rule_data(self):
4257 4261 return {
4258 4262 'mandatory': self.mandatory,
4259 4263 'vote_rule': self.vote_rule
4260 4264 }
4261 4265
4262 4266 @property
4263 4267 def vote_rule_label(self):
4264 4268 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
4265 4269 return 'all must vote'
4266 4270 else:
4267 4271 return 'min. vote {}'.format(self.vote_rule)
4268 4272
4269 4273
4270 4274 class RepoReviewRule(Base, BaseModel):
4271 4275 __tablename__ = 'repo_review_rules'
4272 4276 __table_args__ = (
4273 4277 base_table_args
4274 4278 )
4275 4279
4276 4280 repo_review_rule_id = Column(
4277 4281 'repo_review_rule_id', Integer(), primary_key=True)
4278 4282 repo_id = Column(
4279 4283 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
4280 4284 repo = relationship('Repository', backref='review_rules')
4281 4285
4282 4286 review_rule_name = Column('review_rule_name', String(255))
4283 4287 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4284 4288 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4285 4289 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4286 4290
4287 4291 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
4288 4292 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
4289 4293 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
4290 4294 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
4291 4295
4292 4296 rule_users = relationship('RepoReviewRuleUser')
4293 4297 rule_user_groups = relationship('RepoReviewRuleUserGroup')
4294 4298
4295 4299 def _validate_pattern(self, value):
4296 4300 re.compile('^' + glob2re(value) + '$')
4297 4301
4298 4302 @hybrid_property
4299 4303 def source_branch_pattern(self):
4300 4304 return self._branch_pattern or '*'
4301 4305
4302 4306 @source_branch_pattern.setter
4303 4307 def source_branch_pattern(self, value):
4304 4308 self._validate_pattern(value)
4305 4309 self._branch_pattern = value or '*'
4306 4310
4307 4311 @hybrid_property
4308 4312 def target_branch_pattern(self):
4309 4313 return self._target_branch_pattern or '*'
4310 4314
4311 4315 @target_branch_pattern.setter
4312 4316 def target_branch_pattern(self, value):
4313 4317 self._validate_pattern(value)
4314 4318 self._target_branch_pattern = value or '*'
4315 4319
4316 4320 @hybrid_property
4317 4321 def file_pattern(self):
4318 4322 return self._file_pattern or '*'
4319 4323
4320 4324 @file_pattern.setter
4321 4325 def file_pattern(self, value):
4322 4326 self._validate_pattern(value)
4323 4327 self._file_pattern = value or '*'
4324 4328
4325 4329 def matches(self, source_branch, target_branch, files_changed):
4326 4330 """
4327 4331 Check if this review rule matches a branch/files in a pull request
4328 4332
4329 4333 :param source_branch: source branch name for the commit
4330 4334 :param target_branch: target branch name for the commit
4331 4335 :param files_changed: list of file paths changed in the pull request
4332 4336 """
4333 4337
4334 4338 source_branch = source_branch or ''
4335 4339 target_branch = target_branch or ''
4336 4340 files_changed = files_changed or []
4337 4341
4338 4342 branch_matches = True
4339 4343 if source_branch or target_branch:
4340 4344 if self.source_branch_pattern == '*':
4341 4345 source_branch_match = True
4342 4346 else:
4343 4347 if self.source_branch_pattern.startswith('re:'):
4344 4348 source_pattern = self.source_branch_pattern[3:]
4345 4349 else:
4346 4350 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
4347 4351 source_branch_regex = re.compile(source_pattern)
4348 4352 source_branch_match = bool(source_branch_regex.search(source_branch))
4349 4353 if self.target_branch_pattern == '*':
4350 4354 target_branch_match = True
4351 4355 else:
4352 4356 if self.target_branch_pattern.startswith('re:'):
4353 4357 target_pattern = self.target_branch_pattern[3:]
4354 4358 else:
4355 4359 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
4356 4360 target_branch_regex = re.compile(target_pattern)
4357 4361 target_branch_match = bool(target_branch_regex.search(target_branch))
4358 4362
4359 4363 branch_matches = source_branch_match and target_branch_match
4360 4364
4361 4365 files_matches = True
4362 4366 if self.file_pattern != '*':
4363 4367 files_matches = False
4364 4368 if self.file_pattern.startswith('re:'):
4365 4369 file_pattern = self.file_pattern[3:]
4366 4370 else:
4367 4371 file_pattern = glob2re(self.file_pattern)
4368 4372 file_regex = re.compile(file_pattern)
4369 4373 for filename in files_changed:
4370 4374 if file_regex.search(filename):
4371 4375 files_matches = True
4372 4376 break
4373 4377
4374 4378 return branch_matches and files_matches
4375 4379
4376 4380 @property
4377 4381 def review_users(self):
4378 4382 """ Returns the users which this rule applies to """
4379 4383
4380 4384 users = collections.OrderedDict()
4381 4385
4382 4386 for rule_user in self.rule_users:
4383 4387 if rule_user.user.active:
4384 4388 if rule_user.user not in users:
4385 4389 users[rule_user.user.username] = {
4386 4390 'user': rule_user.user,
4387 4391 'source': 'user',
4388 4392 'source_data': {},
4389 4393 'data': rule_user.rule_data()
4390 4394 }
4391 4395
4392 4396 for rule_user_group in self.rule_user_groups:
4393 4397 source_data = {
4394 4398 'user_group_id': rule_user_group.users_group.users_group_id,
4395 4399 'name': rule_user_group.users_group.users_group_name,
4396 4400 'members': len(rule_user_group.users_group.members)
4397 4401 }
4398 4402 for member in rule_user_group.users_group.members:
4399 4403 if member.user.active:
4400 4404 key = member.user.username
4401 4405 if key in users:
4402 4406 # skip this member as we have him already
4403 4407 # this prevents from override the "first" matched
4404 4408 # users with duplicates in multiple groups
4405 4409 continue
4406 4410
4407 4411 users[key] = {
4408 4412 'user': member.user,
4409 4413 'source': 'user_group',
4410 4414 'source_data': source_data,
4411 4415 'data': rule_user_group.rule_data()
4412 4416 }
4413 4417
4414 4418 return users
4415 4419
4416 4420 def user_group_vote_rule(self, user_id):
4417 4421
4418 4422 rules = []
4419 4423 if not self.rule_user_groups:
4420 4424 return rules
4421 4425
4422 4426 for user_group in self.rule_user_groups:
4423 4427 user_group_members = [x.user_id for x in user_group.users_group.members]
4424 4428 if user_id in user_group_members:
4425 4429 rules.append(user_group)
4426 4430 return rules
4427 4431
4428 4432 def __repr__(self):
4429 4433 return '<RepoReviewerRule(id=%r, repo=%r)>' % (
4430 4434 self.repo_review_rule_id, self.repo)
4431 4435
4432 4436
4433 4437 class ScheduleEntry(Base, BaseModel):
4434 4438 __tablename__ = 'schedule_entries'
4435 4439 __table_args__ = (
4436 4440 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
4437 4441 UniqueConstraint('task_uid', name='s_task_uid_idx'),
4438 4442 base_table_args,
4439 4443 )
4440 4444
4441 4445 schedule_types = ['crontab', 'timedelta', 'integer']
4442 4446 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
4443 4447
4444 4448 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
4445 4449 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
4446 4450 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
4447 4451
4448 4452 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
4449 4453 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
4450 4454
4451 4455 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
4452 4456 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
4453 4457
4454 4458 # task
4455 4459 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
4456 4460 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
4457 4461 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
4458 4462 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
4459 4463
4460 4464 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4461 4465 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
4462 4466
4463 4467 @hybrid_property
4464 4468 def schedule_type(self):
4465 4469 return self._schedule_type
4466 4470
4467 4471 @schedule_type.setter
4468 4472 def schedule_type(self, val):
4469 4473 if val not in self.schedule_types:
4470 4474 raise ValueError('Value must be on of `{}` and got `{}`'.format(
4471 4475 val, self.schedule_type))
4472 4476
4473 4477 self._schedule_type = val
4474 4478
4475 4479 @classmethod
4476 4480 def get_uid(cls, obj):
4477 4481 args = obj.task_args
4478 4482 kwargs = obj.task_kwargs
4479 4483 if isinstance(args, JsonRaw):
4480 4484 try:
4481 4485 args = json.loads(args)
4482 4486 except ValueError:
4483 4487 args = tuple()
4484 4488
4485 4489 if isinstance(kwargs, JsonRaw):
4486 4490 try:
4487 4491 kwargs = json.loads(kwargs)
4488 4492 except ValueError:
4489 4493 kwargs = dict()
4490 4494
4491 4495 dot_notation = obj.task_dot_notation
4492 4496 val = '.'.join(map(safe_str, [
4493 4497 sorted(dot_notation), args, sorted(kwargs.items())]))
4494 4498 return hashlib.sha1(val).hexdigest()
4495 4499
4496 4500 @classmethod
4497 4501 def get_by_schedule_name(cls, schedule_name):
4498 4502 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
4499 4503
4500 4504 @classmethod
4501 4505 def get_by_schedule_id(cls, schedule_id):
4502 4506 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
4503 4507
4504 4508 @property
4505 4509 def task(self):
4506 4510 return self.task_dot_notation
4507 4511
4508 4512 @property
4509 4513 def schedule(self):
4510 4514 from rhodecode.lib.celerylib.utils import raw_2_schedule
4511 4515 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
4512 4516 return schedule
4513 4517
4514 4518 @property
4515 4519 def args(self):
4516 4520 try:
4517 4521 return list(self.task_args or [])
4518 4522 except ValueError:
4519 4523 return list()
4520 4524
4521 4525 @property
4522 4526 def kwargs(self):
4523 4527 try:
4524 4528 return dict(self.task_kwargs or {})
4525 4529 except ValueError:
4526 4530 return dict()
4527 4531
4528 4532 def _as_raw(self, val):
4529 4533 if hasattr(val, 'de_coerce'):
4530 4534 val = val.de_coerce()
4531 4535 if val:
4532 4536 val = json.dumps(val)
4533 4537
4534 4538 return val
4535 4539
4536 4540 @property
4537 4541 def schedule_definition_raw(self):
4538 4542 return self._as_raw(self.schedule_definition)
4539 4543
4540 4544 @property
4541 4545 def args_raw(self):
4542 4546 return self._as_raw(self.task_args)
4543 4547
4544 4548 @property
4545 4549 def kwargs_raw(self):
4546 4550 return self._as_raw(self.task_kwargs)
4547 4551
4548 4552 def __repr__(self):
4549 4553 return '<DB:ScheduleEntry({}:{})>'.format(
4550 4554 self.schedule_entry_id, self.schedule_name)
4551 4555
4552 4556
4553 4557 @event.listens_for(ScheduleEntry, 'before_update')
4554 4558 def update_task_uid(mapper, connection, target):
4555 4559 target.task_uid = ScheduleEntry.get_uid(target)
4556 4560
4557 4561
4558 4562 @event.listens_for(ScheduleEntry, 'before_insert')
4559 4563 def set_task_uid(mapper, connection, target):
4560 4564 target.task_uid = ScheduleEntry.get_uid(target)
4561 4565
4562 4566
4563 4567 class _BaseBranchPerms(BaseModel):
4564 4568 @classmethod
4565 4569 def compute_hash(cls, value):
4566 4570 return sha1_safe(value)
4567 4571
4568 4572 @hybrid_property
4569 4573 def branch_pattern(self):
4570 4574 return self._branch_pattern or '*'
4571 4575
4572 4576 @hybrid_property
4573 4577 def branch_hash(self):
4574 4578 return self._branch_hash
4575 4579
4576 4580 def _validate_glob(self, value):
4577 4581 re.compile('^' + glob2re(value) + '$')
4578 4582
4579 4583 @branch_pattern.setter
4580 4584 def branch_pattern(self, value):
4581 4585 self._validate_glob(value)
4582 4586 self._branch_pattern = value or '*'
4583 4587 # set the Hash when setting the branch pattern
4584 4588 self._branch_hash = self.compute_hash(self._branch_pattern)
4585 4589
4586 4590 def matches(self, branch):
4587 4591 """
4588 4592 Check if this the branch matches entry
4589 4593
4590 4594 :param branch: branch name for the commit
4591 4595 """
4592 4596
4593 4597 branch = branch or ''
4594 4598
4595 4599 branch_matches = True
4596 4600 if branch:
4597 4601 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
4598 4602 branch_matches = bool(branch_regex.search(branch))
4599 4603
4600 4604 return branch_matches
4601 4605
4602 4606
4603 4607 class UserToRepoBranchPermission(Base, _BaseBranchPerms):
4604 4608 __tablename__ = 'user_to_repo_branch_permissions'
4605 4609 __table_args__ = (
4606 4610 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4607 4611 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4608 4612 )
4609 4613
4610 4614 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
4611 4615
4612 4616 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
4613 4617 repo = relationship('Repository', backref='user_branch_perms')
4614 4618
4615 4619 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
4616 4620 permission = relationship('Permission')
4617 4621
4618 4622 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
4619 4623 user_repo_to_perm = relationship('UserRepoToPerm')
4620 4624
4621 4625 rule_order = Column('rule_order', Integer(), nullable=False)
4622 4626 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
4623 4627 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
4624 4628
4625 4629 def __unicode__(self):
4626 4630 return u'<UserBranchPermission(%s => %r)>' % (
4627 4631 self.user_repo_to_perm, self.branch_pattern)
4628 4632
4629 4633
4630 4634 class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
4631 4635 __tablename__ = 'user_group_to_repo_branch_permissions'
4632 4636 __table_args__ = (
4633 4637 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4634 4638 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4635 4639 )
4636 4640
4637 4641 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
4638 4642
4639 4643 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
4640 4644 repo = relationship('Repository', backref='user_group_branch_perms')
4641 4645
4642 4646 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
4643 4647 permission = relationship('Permission')
4644 4648
4645 4649 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
4646 4650 user_group_repo_to_perm = relationship('UserGroupRepoToPerm')
4647 4651
4648 4652 rule_order = Column('rule_order', Integer(), nullable=False)
4649 4653 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
4650 4654 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
4651 4655
4652 4656 def __unicode__(self):
4653 4657 return u'<UserBranchPermission(%s => %r)>' % (
4654 4658 self.user_group_repo_to_perm, self.branch_pattern)
4655 4659
4656 4660
4657 4661 class DbMigrateVersion(Base, BaseModel):
4658 4662 __tablename__ = 'db_migrate_version'
4659 4663 __table_args__ = (
4660 4664 base_table_args,
4661 4665 )
4662 4666
4663 4667 repository_id = Column('repository_id', String(250), primary_key=True)
4664 4668 repository_path = Column('repository_path', Text)
4665 4669 version = Column('version', Integer)
4666 4670
4667 4671 @classmethod
4668 4672 def set_version(cls, version):
4669 4673 """
4670 4674 Helper for forcing a different version, usually for debugging purposes via ishell.
4671 4675 """
4672 4676 ver = DbMigrateVersion.query().first()
4673 4677 ver.version = version
4674 4678 Session().commit()
4675 4679
4676 4680
4677 4681 class DbSession(Base, BaseModel):
4678 4682 __tablename__ = 'db_session'
4679 4683 __table_args__ = (
4680 4684 base_table_args,
4681 4685 )
4682 4686
4683 4687 def __repr__(self):
4684 4688 return '<DB:DbSession({})>'.format(self.id)
4685 4689
4686 4690 id = Column('id', Integer())
4687 4691 namespace = Column('namespace', String(255), primary_key=True)
4688 4692 accessed = Column('accessed', DateTime, nullable=False)
4689 4693 created = Column('created', DateTime, nullable=False)
4690 4694 data = Column('data', PickleType, nullable=False)
@@ -1,164 +1,172 b''
1 1 <%namespace name="base" file="/base/base.mako"/>
2 2
3 3 <div class="panel panel-default">
4 4 <div class="panel-heading">
5 5 <h3 class="panel-title">${_('Repository Permissions')}</h3>
6 6 </div>
7 7 <div class="panel-body">
8 8 ${h.secure_form(h.route_path('edit_repo_perms', repo_name=c.repo_name), request=request)}
9 9 <table id="permissions_manage" class="rctable permissions">
10 10 <tr>
11 11 <th class="td-radio">${_('None')}</th>
12 12 <th class="td-radio">${_('Read')}</th>
13 13 <th class="td-radio">${_('Write')}</th>
14 14 <th class="td-radio">${_('Admin')}</th>
15 15 <th class="td-owner">${_('User/User Group')}</th>
16 16 <th></th>
17 17 <th></th>
18 18 </tr>
19 19 ## USERS
20 20 %for _user in c.rhodecode_db_repo.permissions():
21 21 %if getattr(_user, 'admin_row', None) or getattr(_user, 'owner_row', None):
22 22 <tr class="perm_admin_row">
23 23 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.none', disabled="disabled")}</td>
24 24 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.read', disabled="disabled")}</td>
25 25 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.write', disabled="disabled")}</td>
26 26 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.admin', 'repository.admin', disabled="disabled")}</td>
27 27 <td class="td-user">
28 28 ${base.gravatar(_user.email, 16)}
29 29 ${h.link_to_user(_user.username)}
30 30 %if getattr(_user, 'admin_row', None):
31 31 (${_('super admin')})
32 32 %endif
33 33 %if getattr(_user, 'owner_row', None):
34 34 (${_('owner')})
35 35 %endif
36 36 </td>
37 37 <td></td>
38 38 <td>
39 39 % if c.rhodecode_user.is_admin:
40 40 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
41 41 % endif
42 42 </td>
43 43 </tr>
44 44 %elif _user.username == h.DEFAULT_USER and c.rhodecode_db_repo.private:
45 45 <tr>
46 46 <td colspan="4">
47 47 <span class="private_repo_msg">
48 48 <strong title="${h.tooltip(_user.permission)}">${_('private repository')}</strong>
49 49 </span>
50 50 </td>
51 51 <td class="private_repo_msg">
52 52 ${base.gravatar(h.DEFAULT_USER_EMAIL, 16)}
53 53 ${h.DEFAULT_USER} - ${_('only users/user groups explicitly added here will have access')}</td>
54 54 <td></td>
55 55 <td>
56 56 % if c.rhodecode_user.is_admin:
57 57 ${h.link_to('show permissions', h.route_path('admin_permissions_overview', _anchor='repositories-permissions'))}
58 58 % endif
59 59 </td>
60 60 </tr>
61 61 %else:
62 62 <tr>
63 63 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.none', checked=_user.permission=='repository.none')}</td>
64 64 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.read', checked=_user.permission=='repository.read')}</td>
65 65 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.write', checked=_user.permission=='repository.write')}</td>
66 66 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.admin', checked=_user.permission=='repository.admin')}</td>
67 67 <td class="td-user">
68 68 ${base.gravatar(_user.email, 16)}
69 69 <span class="user">
70 70 % if _user.username == h.DEFAULT_USER:
71 71 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
72 72 % else:
73 73 ${h.link_to_user(_user.username)}
74 74 %if getattr(_user, 'duplicate_perm', None):
75 75 (${_('inactive duplicate')})
76 76 %endif
77 %if getattr(_user, 'branch_rules', None):
78 <% used_by_n_rules = len(_user.branch_rules) %>
79 % if used_by_n_rules == 1:
80 (${_('used by {} branch rule').format(used_by_n_rules)})
81 % else:
82 (${_('used by {} branch rules').format(used_by_n_rules)})
83 % endif
84 %endif
77 85 % endif
78 86 </span>
79 87 </td>
80 88 <td class="td-action">
81 %if _user.username != h.DEFAULT_USER:
89 %if _user.username != h.DEFAULT_USER and getattr(_user, 'branch_rules', None) is None:
82 90 <span class="btn btn-link btn-danger revoke_perm"
83 91 member="${_user.user_id}" member_type="user">
84 92 ${_('Revoke')}
85 93 </span>
86 94 %endif
87 95 </td>
88 96 <td>
89 97 % if c.rhodecode_user.is_admin:
90 98 % if _user.username == h.DEFAULT_USER:
91 99 ${h.link_to('show permissions', h.route_path('admin_permissions_overview', _anchor='repositories-permissions'))}
92 100 % else:
93 101 ${h.link_to('show permissions', h.route_path('edit_user_perms_summary', user_id=_user.user_id, _anchor='repositories-permissions'))}
94 102 % endif
95 103 % endif
96 104 </td>
97 105 </tr>
98 106 %endif
99 107 %endfor
100 108
101 109 ## USER GROUPS
102 110 %for _user_group in c.rhodecode_db_repo.permission_user_groups():
103 111 <tr>
104 112 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.none', checked=_user_group.permission=='repository.none')}</td>
105 113 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.read', checked=_user_group.permission=='repository.read')}</td>
106 114 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.write', checked=_user_group.permission=='repository.write')}</td>
107 115 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.admin', checked=_user_group.permission=='repository.admin')}</td>
108 116 <td class="td-componentname">
109 117 <i class="icon-user-group"></i>
110 118 %if h.HasPermissionAny('hg.admin')():
111 119 <a href="${h.route_path('edit_user_group',user_group_id=_user_group.users_group_id)}">
112 120 ${_user_group.users_group_name}
113 121 </a>
114 122 %else:
115 123 ${h.link_to_group(_user_group.users_group_name)}
116 124 %endif
117 125 </td>
118 126 <td class="td-action">
119 127 <span class="btn btn-link btn-danger revoke_perm"
120 128 member="${_user_group.users_group_id}" member_type="user_group">
121 129 ${_('Revoke')}
122 130 </span>
123 131 </td>
124 132 <td>
125 133 % if c.rhodecode_user.is_admin:
126 134 ${h.link_to('show permissions', h.route_path('edit_user_group_perms_summary', user_group_id=_user_group.users_group_id, _anchor='repositories-permissions'))}
127 135 % endif
128 136 </td>
129 137 </tr>
130 138 %endfor
131 139 <tr class="new_members" id="add_perm_input"></tr>
132 140
133 141 <tr>
134 142 <td></td>
135 143 <td></td>
136 144 <td></td>
137 145 <td></td>
138 146 <td></td>
139 147 <td>
140 148 <span id="add_perm" class="link">
141 149 ${_('Add user/user group')}
142 150 </span>
143 151 </td>
144 152 <td></td>
145 153 </tr>
146 154
147 155 </table>
148 156
149 157 <div class="buttons">
150 158 ${h.submit('save',_('Save'),class_="btn btn-primary")}
151 159 ${h.reset('reset',_('Reset'),class_="btn btn-danger")}
152 160 </div>
153 161 ${h.end_form()}
154 162 </div>
155 163 </div>
156 164
157 165 <script type="text/javascript">
158 166 $('#add_perm').on('click', function(e){
159 167 addNewPermInput($(this), 'repository');
160 168 });
161 169 $('.revoke_perm').on('click', function(e){
162 170 markRevokePermInput($(this), 'repository');
163 171 });
164 172 </script>
General Comments 0
You need to be logged in to leave comments. Login now