rhodecode-enterprise-ce Commit - r5536:2c8dbdc5

updated with a latest changes.

ilin.s -

r5536:2c8dbdc5 default

parent child

rhodecode/model/license.py

0 created 644 +17 0

@@ -0,0 +1,17 b''
	1
	2	def apply_license(args, *kwargs):
	3	pass
	4
	5	try:
	6	from rc_license.models import apply_license
	7	except ImportError:
	8	pass
	9
	10
	11	def apply_license_from_file(args, *kwargs):
	12	pass
	13
	14	try:
	15	from rc_license.models import apply_license_from_file
	16	except ImportError:
	17	pass

requirements.txt

0 +16 -16

             # deps, generated via pipdeptree --exclude setuptools,wheel,pipdeptree,pip -f | tr '[:upper:]' '[:lower:]'
             alembic==1.13.1
               mako==1.2.4
                 markupsafe==2.1.2
               sqlalchemy==1.4.52
                 greenlet==3.0.3
               typing_extensions==4.12.2
             async-timeout==4.0.3
             babel==2.12.1
             beaker==1.12.1
             celery==5.3.6
               billiard==4.2.0
               click==8.1.3
               click-didyoumean==0.3.0
                 click==8.1.3
               click-plugins==1.1.1
                 click==8.1.3
               click-repl==0.2.0
                 click==8.1.3
                 prompt_toolkit==3.0.47
                   wcwidth==0.2.13
                 six==1.16.0
               kombu==5.3.5
                 amqp==5.2.0
                   vine==5.1.0
                 vine==5.1.0
               python-dateutil==2.8.2
                 six==1.16.0
               tzdata==2024.1
               vine==5.1.0
             channelstream==0.7.1
               gevent==24.2.1
                 greenlet==3.0.3
                 zope.event==5.0.0
-                zope.interface==6.4.post2
+                zope.interface==7.0.3
               itsdangerous==1.1.0
               marshmallow==2.18.0
               pyramid==2.0.2
                 hupper==1.12
                 plaster==1.1.2
                 plaster-pastedeploy==1.0.1
                   pastedeploy==3.1.0
                   plaster==1.1.2
                 translationstring==1.4
                 venusian==3.0.0
                 webob==1.8.7
                 zope.deprecation==5.0.0
-                zope.interface==6.4.post2
+                zope.interface==7.0.3
               pyramid-jinja2==2.10
                 jinja2==3.1.2
                   markupsafe==2.1.2
                 markupsafe==2.1.2
                 pyramid==2.0.2
                   hupper==1.12
                   plaster==1.1.2
                   plaster-pastedeploy==1.0.1
                     pastedeploy==3.1.0
                     plaster==1.1.2
                   translationstring==1.4
                   venusian==3.0.0
                   webob==1.8.7
                   zope.deprecation==5.0.0
-                  zope.interface==6.4.post2
+                  zope.interface==7.0.3
                 zope.deprecation==5.0.0
               python-dateutil==2.8.2
                 six==1.16.0
               requests==2.28.2
                 certifi==2022.12.7
                 charset-normalizer==3.1.0
                 idna==3.4
                 urllib3==1.26.14
               ws4py==0.5.1
             deform==2.0.15
               chameleon==3.10.2
               colander==2.0
                 iso8601==1.1.0
                 translationstring==1.4
               iso8601==1.1.0
               peppercorn==0.6
               translationstring==1.4
               zope.deprecation==5.0.0
             docutils==0.19
             dogpile.cache==1.3.3
               decorator==5.1.1
               stevedore==5.1.0
                 pbr==5.11.1
             formencode==2.1.0
               six==1.16.0
-            fsspec==2024.6.0
+            fsspec==2024.9.0
             gunicorn==23.0.0
               packaging==24.1
             gevent==24.2.1
               greenlet==3.0.3
               zope.event==5.0.0
-              zope.interface==6.4.post2
+              zope.interface==7.0.3
             ipython==8.26.0
               decorator==5.1.1
               jedi==0.19.1
                 parso==0.8.4
               matplotlib-inline==0.1.7
                 traitlets==5.14.3
               pexpect==4.9.0
                 ptyprocess==0.7.0
               prompt_toolkit==3.0.47
                 wcwidth==0.2.13
               pygments==2.18.0
               stack-data==0.6.3
                 asttokens==2.4.1
                   six==1.16.0
                 executing==2.0.1
                 pure_eval==0.2.3
               traitlets==5.14.3
               typing_extensions==4.12.2
             markdown==3.4.3
             msgpack==1.0.8
             mysqlclient==2.1.1
             nbconvert==7.7.3
               beautifulsoup4==4.12.3
                 soupsieve==2.5
               bleach==6.1.0
                 six==1.16.0
                 webencodings==0.5.1
               defusedxml==0.7.1
               jinja2==3.1.2
                 markupsafe==2.1.2
               jupyter_core==5.3.1
                 platformdirs==3.10.0
                 traitlets==5.14.3
               jupyterlab-pygments==0.2.2
               markupsafe==2.1.2
               mistune==2.0.5
               nbclient==0.8.0
                 jupyter_client==8.3.0
                   jupyter_core==5.3.1
                     platformdirs==3.10.0
                     traitlets==5.14.3
                   python-dateutil==2.8.2
                     six==1.16.0
                   pyzmq==25.0.0
                   tornado==6.2
                   traitlets==5.14.3
                 jupyter_core==5.3.1
                   platformdirs==3.10.0
                   traitlets==5.14.3
                 nbformat==5.9.2
                   fastjsonschema==2.18.0
                   jsonschema==4.18.6
                     attrs==22.2.0
                     pyrsistent==0.19.3
                   jupyter_core==5.3.1
                     platformdirs==3.10.0
                     traitlets==5.14.3
                   traitlets==5.14.3
                 traitlets==5.14.3
               nbformat==5.9.2
                 fastjsonschema==2.18.0
                 jsonschema==4.18.6
                   attrs==22.2.0
                   pyrsistent==0.19.3
                 jupyter_core==5.3.1
                   platformdirs==3.10.0
                   traitlets==5.14.3
                 traitlets==5.14.3
               pandocfilters==1.5.0
               pygments==2.18.0
               tinycss2==1.2.1
                 webencodings==0.5.1
               traitlets==5.14.3
-            orjson==3.10.6
+            orjson==3.10.7
             paste==3.10.1
             premailer==3.10.0
               cachetools==5.3.3
               cssselect==1.2.0
               cssutils==2.6.0
               lxml==5.3.0
               requests==2.28.2
                 certifi==2022.12.7
                 charset-normalizer==3.1.0
                 idna==3.4
                 urllib3==1.26.14
             psutil==5.9.8
             psycopg2==2.9.9
             py-bcrypt==0.4
             pycmarkgfm==1.2.0
               cffi==1.16.0
                 pycparser==2.21
             pycryptodome==3.17
             pycurl==7.45.3
             pymysql==1.0.3
             pyotp==2.8.0
             pyparsing==3.1.1
             pyramid-mailer==0.15.1
               pyramid==2.0.2
                 hupper==1.12
                 plaster==1.1.2
                 plaster-pastedeploy==1.0.1
                   pastedeploy==3.1.0
                   plaster==1.1.2
                 translationstring==1.4
                 venusian==3.0.0
                 webob==1.8.7
                 zope.deprecation==5.0.0
-                zope.interface==6.4.post2
+                zope.interface==7.0.3
               repoze.sendmail==4.4.1
-                transaction==3.1.0
+                transaction==5.0.0
-                  zope.interface==6.4.post2
+                  zope.interface==7.0.3
-                zope.interface==6.4.post2
+                zope.interface==7.0.3
-              transaction==3.1.0
+              transaction==5.0.0
-                zope.interface==6.4.post2
+                zope.interface==7.0.3
             pyramid-mako==1.1.0
               mako==1.2.4
                 markupsafe==2.1.2
               pyramid==2.0.2
                 hupper==1.12
                 plaster==1.1.2
                 plaster-pastedeploy==1.0.1
                   pastedeploy==3.1.0
                   plaster==1.1.2
                 translationstring==1.4
                 venusian==3.0.0
                 webob==1.8.7
                 zope.deprecation==5.0.0
-                zope.interface==6.4.post2
+                zope.interface==7.0.3
             python-ldap==3.4.3
               pyasn1==0.4.8
               pyasn1-modules==0.2.8
                 pyasn1==0.4.8
             python-memcached==1.59
               six==1.16.0
             python-pam==2.0.2
             python3-saml==1.16.0
               isodate==0.6.1
                 six==1.16.0
               lxml==5.3.0
               xmlsec==1.3.14
                 lxml==5.3.0
             pyyaml==6.0.1
-            redis==5.0.4
+            redis==5.1.0
               async-timeout==4.0.3
             regex==2022.10.31
             routes==2.5.1
               repoze.lru==0.7
               six==1.16.0
-            s3fs==2024.6.0
+            s3fs==2024.9.0
               aiobotocore==2.13.0
                 aiohttp==3.9.5
                   aiosignal==1.3.1
                     frozenlist==1.4.1
                   attrs==22.2.0
                   frozenlist==1.4.1
                   multidict==6.0.5
                   yarl==1.9.4
                     idna==3.4
                     multidict==6.0.5
                 aioitertools==0.11.0
                 botocore==1.34.106
                   jmespath==1.0.1
                   python-dateutil==2.8.2
                     six==1.16.0
                   urllib3==1.26.14
                 wrapt==1.16.0
               aiohttp==3.9.5
                 aiosignal==1.3.1
                   frozenlist==1.4.1
                 attrs==22.2.0
                 frozenlist==1.4.1
                 multidict==6.0.5
                 yarl==1.9.4
                   idna==3.4
                   multidict==6.0.5
-              fsspec==2024.6.0
+              fsspec==2024.9.0
             simplejson==3.19.2
             sshpubkeys==3.3.1
               cryptography==40.0.2
                 cffi==1.16.0
                   pycparser==2.21
               ecdsa==0.18.0
                 six==1.16.0
             sqlalchemy==1.4.52
               greenlet==3.0.3
               typing_extensions==4.12.2
             supervisor==4.2.5
             tzlocal==4.3
               pytz-deprecation-shim==0.1.0.post0
                 tzdata==2024.1
             tempita==0.5.2
             unidecode==1.3.6
             urlobject==2.4.3
             waitress==3.0.0
             webhelpers2==2.1
               markupsafe==2.1.2
               six==1.16.0
             whoosh==2.7.4
             zope.cachedescriptors==5.0.0
             qrcode==7.4.2
             ## uncomment to add the debug libraries
             #-r requirements_debug.txt

rhodecode/apps/admin/__init__.py

0 +1 -1

             # Copyright (C) 2016-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             from rhodecode.apps._base import ADMIN_PREFIX
             from rhodecode.apps._base.navigation import includeme as nav_includeme
             from rhodecode.apps.admin.views.main_views import AdminMainView
             def admin_routes(config):
                 """
                 Admin prefixed routes
                 """
                 from rhodecode.apps.admin.views.audit_logs import AdminAuditLogsView
                 from rhodecode.apps.admin.views.artifacts import AdminArtifactsView
                 from rhodecode.apps.admin.views.automation import AdminAutomationView
                 from rhodecode.apps.admin.views.scheduler import AdminSchedulerView
                 from rhodecode.apps.admin.views.defaults import AdminDefaultSettingsView
                 from rhodecode.apps.admin.views.exception_tracker import ExceptionsTrackerView
                 from rhodecode.apps.admin.views.open_source_licenses import OpenSourceLicensesAdminSettingsView
                 from rhodecode.apps.admin.views.permissions import AdminPermissionsView
                 from rhodecode.apps.admin.views.process_management import AdminProcessManagementView
                 from rhodecode.apps.admin.views.repo_groups import AdminRepoGroupsView
                 from rhodecode.apps.admin.views.repositories import AdminReposView
                 from rhodecode.apps.admin.views.sessions import AdminSessionSettingsView
                 from rhodecode.apps.admin.views.settings import AdminSettingsView
                 from rhodecode.apps.admin.views.svn_config import AdminSvnConfigView
                 from rhodecode.apps.admin.views.system_info import AdminSystemInfoSettingsView
                 from rhodecode.apps.admin.views.user_groups import AdminUserGroupsView
                 from rhodecode.apps.admin.views.users import AdminUsersView, UsersView
                 from rhodecode.apps.admin.views.security import AdminSecurityView
                 # Security EE feature
                 config.add_route(
                     'admin_security',
                     pattern='/security')
                 config.add_view(
                     AdminSecurityView,
                     attr='security',
                     route_name='admin_security', request_method='GET',
                     renderer='rhodecode:templates/admin/security/security.mako')
                 config.add_route(
                     name='admin_security_update',
                     pattern='/security/update')
                 config.add_view(
                     AdminSecurityView,
                     attr='security_update',
                     route_name='admin_security_update', request_method='POST',
                     renderer='rhodecode:templates/admin/security/security.mako')
                 config.add_route(
                     name='admin_security_modify_allowed_vcs_client_versions',
-                    pattern='/security/modify/allowed_vcs_client_versions')
+                    pattern=ADMIN_PREFIX + '/security/modify/allowed_vcs_client_versions')
                 config.add_view(
                     AdminSecurityView,
                     attr='vcs_whitelisted_client_versions_edit',
                     route_name='admin_security_modify_allowed_vcs_client_versions', request_method=('GET', 'POST'),
                     renderer='rhodecode:templates/admin/security/edit_allowed_vcs_client_versions.mako')
                 config.add_route(
                     name='admin_audit_logs',
                     pattern='/audit_logs')
                 config.add_view(
                     AdminAuditLogsView,
                     attr='admin_audit_logs',
                     route_name='admin_audit_logs', request_method='GET',
                     renderer='rhodecode:templates/admin/admin_audit_logs.mako')
                 config.add_route(
                     name='admin_audit_log_entry',
                     pattern='/audit_logs/{audit_log_id}')
                 config.add_view(
                     AdminAuditLogsView,
                     attr='admin_audit_log_entry',
                     route_name='admin_audit_log_entry', request_method='GET',
                     renderer='rhodecode:templates/admin/admin_audit_log_entry.mako')
                 # Artifacts EE feature
                 config.add_route(
                     'admin_artifacts',
                     pattern=ADMIN_PREFIX + '/artifacts')
                 config.add_route(
                     'admin_artifacts_show_all',
                     pattern=ADMIN_PREFIX + '/artifacts')
                 config.add_view(
                     AdminArtifactsView,
                     attr='artifacts',
                     route_name='admin_artifacts', request_method='GET',
                     renderer='rhodecode:templates/admin/artifacts/artifacts.mako')
                 config.add_view(
                     AdminArtifactsView,
                     attr='artifacts',
                     route_name='admin_artifacts_show_all', request_method='GET',
                     renderer='rhodecode:templates/admin/artifacts/artifacts.mako')
                 # EE views
                 config.add_route(
                     name='admin_artifacts_show_info',
                     pattern=ADMIN_PREFIX + '/artifacts/{uid}')
                 config.add_route(
                     name='admin_artifacts_delete',
                     pattern=ADMIN_PREFIX + '/artifacts/{uid}/delete')
                 config.add_route(
                     name='admin_artifacts_update',
                     pattern=ADMIN_PREFIX + '/artifacts/{uid}/update')
                 # Automation EE feature
                 config.add_route(
                     'admin_automation',
                     pattern=ADMIN_PREFIX + '/automation')
                 config.add_view(
                     AdminAutomationView,
                     attr='automation',
                     route_name='admin_automation', request_method='GET',
                     renderer='rhodecode:templates/admin/automation/automation.mako')
                 # Scheduler EE feature
                 config.add_route(
                     'admin_scheduler',
                     pattern=ADMIN_PREFIX + '/scheduler')
                 config.add_view(
                     AdminSchedulerView,
                     attr='scheduler',
                     route_name='admin_scheduler', request_method='GET',
                     renderer='rhodecode:templates/admin/scheduler/scheduler.mako')
                 config.add_route(
                     name='admin_settings_open_source',
                     pattern='/settings/open_source')
                 config.add_view(
                     OpenSourceLicensesAdminSettingsView,
                     attr='open_source_licenses',
                     route_name='admin_settings_open_source', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_vcs_svn_generate_cfg',
                     pattern='/settings/vcs/svn_generate_cfg')
                 config.add_view(
                     AdminSvnConfigView,
                     attr='vcs_svn_generate_config',
                     route_name='admin_settings_vcs_svn_generate_cfg',
                     request_method='POST', renderer='json')
                 config.add_route(
                     name='admin_settings_system',
                     pattern='/settings/system')
                 config.add_view(
                     AdminSystemInfoSettingsView,
                     attr='settings_system_info',
                     route_name='admin_settings_system', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_system_update',
                     pattern='/settings/system/updates')
                 config.add_view(
                     AdminSystemInfoSettingsView,
                     attr='settings_system_info_check_update',
                     route_name='admin_settings_system_update', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings_system_update.mako')
                 config.add_route(
                     name='admin_settings_exception_tracker',
                     pattern='/settings/exceptions')
                 config.add_view(
                     ExceptionsTrackerView,
                     attr='browse_exceptions',
                     route_name='admin_settings_exception_tracker', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_exception_tracker_delete_all',
                     pattern='/settings/exceptions_delete_all')
                 config.add_view(
                     ExceptionsTrackerView,
                     attr='exception_delete_all',
                     route_name='admin_settings_exception_tracker_delete_all', request_method='POST',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_exception_tracker_show',
                     pattern='/settings/exceptions/{exception_id}')
                 config.add_view(
                     ExceptionsTrackerView,
                     attr='exception_show',
                     route_name='admin_settings_exception_tracker_show', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_exception_tracker_delete',
                     pattern='/settings/exceptions/{exception_id}/delete')
                 config.add_view(
                     ExceptionsTrackerView,
                     attr='exception_delete',
                     route_name='admin_settings_exception_tracker_delete', request_method='POST',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_sessions',
                     pattern='/settings/sessions')
                 config.add_view(
                     AdminSessionSettingsView,
                     attr='settings_sessions',
                     route_name='admin_settings_sessions', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_sessions_cleanup',
                     pattern='/settings/sessions/cleanup')
                 config.add_view(
                     AdminSessionSettingsView,
                     attr='settings_sessions_cleanup',
                     route_name='admin_settings_sessions_cleanup', request_method='POST')
                 config.add_route(
                     name='admin_settings_process_management',
                     pattern='/settings/process_management')
                 config.add_view(
                     AdminProcessManagementView,
                     attr='process_management',
                     route_name='admin_settings_process_management', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_process_management_data',
                     pattern='/settings/process_management/data')
                 config.add_view(
                     AdminProcessManagementView,
                     attr='process_management_data',
                     route_name='admin_settings_process_management_data', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings_process_management_data.mako')
                 config.add_route(
                     name='admin_settings_process_management_signal',
                     pattern='/settings/process_management/signal')
                 config.add_view(
                     AdminProcessManagementView,
                     attr='process_management_signal',
                     route_name='admin_settings_process_management_signal',
                     request_method='POST', renderer='json_ext')
                 config.add_route(
                     name='admin_settings_process_management_master_signal',
                     pattern='/settings/process_management/master_signal')
                 config.add_view(
                     AdminProcessManagementView,
                     attr='process_management_master_signal',
                     route_name='admin_settings_process_management_master_signal',
                     request_method='POST', renderer='json_ext')
                 # default settings
                 config.add_route(
                     name='admin_defaults_repositories',
                     pattern='/defaults/repositories')
                 config.add_view(
                     AdminDefaultSettingsView,
                     attr='defaults_repository_show',
                     route_name='admin_defaults_repositories', request_method='GET',
                     renderer='rhodecode:templates/admin/defaults/defaults.mako')
                 config.add_route(
                     name='admin_defaults_repositories_update',
                     pattern='/defaults/repositories/update')
                 config.add_view(
                     AdminDefaultSettingsView,
                     attr='defaults_repository_update',
                     route_name='admin_defaults_repositories_update', request_method='POST',
                     renderer='rhodecode:templates/admin/defaults/defaults.mako')
                 # admin settings
                 config.add_route(
                     name='admin_settings',
                     pattern='/settings')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_global',
                     route_name='admin_settings', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_update',
                     pattern='/settings/update')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_global_update',
                     route_name='admin_settings_update', request_method='POST',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_global',
                     pattern='/settings/global')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_global',
                     route_name='admin_settings_global', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_global_update',
                     pattern='/settings/global/update')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_global_update',
                     route_name='admin_settings_global_update', request_method='POST',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_vcs',
                     pattern='/settings/vcs')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_vcs',
                     route_name='admin_settings_vcs', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_vcs_update',
                     pattern='/settings/vcs/update')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_vcs_update',
                     route_name='admin_settings_vcs_update', request_method='POST',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_vcs_svn_pattern_delete',
                     pattern='/settings/vcs/svn_pattern_delete')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_vcs_delete_svn_pattern',
                     route_name='admin_settings_vcs_svn_pattern_delete', request_method='POST',
                     renderer='json_ext', xhr=True)
                 config.add_route(
                     name='admin_settings_mapping',
                     pattern='/settings/mapping')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_mapping',
                     route_name='admin_settings_mapping', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_mapping_update',
                     pattern='/settings/mapping/update')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_mapping_update',
                     route_name='admin_settings_mapping_update', request_method='POST',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_visual',
                     pattern='/settings/visual')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_visual',
                     route_name='admin_settings_visual', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_visual_update',
                     pattern='/settings/visual/update')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_visual_update',
                     route_name='admin_settings_visual_update', request_method='POST',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_issuetracker',
                     pattern='/settings/issue-tracker')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_issuetracker',
                     route_name='admin_settings_issuetracker', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_issuetracker_update',
                     pattern='/settings/issue-tracker/update')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_issuetracker_update',
                     route_name='admin_settings_issuetracker_update', request_method='POST',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_issuetracker_test',
                     pattern='/settings/issue-tracker/test')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_issuetracker_test',
                     route_name='admin_settings_issuetracker_test', request_method='POST',
                     renderer='string', xhr=True)
                 config.add_route(
                     name='admin_settings_issuetracker_delete',
                     pattern='/settings/issue-tracker/delete')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_issuetracker_delete',
                     route_name='admin_settings_issuetracker_delete', request_method='POST',
                     renderer='json_ext', xhr=True)
                 config.add_route(
                     name='admin_settings_email',
                     pattern='/settings/email')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_email',
                     route_name='admin_settings_email', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_email_update',
                     pattern='/settings/email/update')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_email_update',
                     route_name='admin_settings_email_update', request_method='POST',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_hooks',
                     pattern='/settings/hooks')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_hooks',
                     route_name='admin_settings_hooks', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_hooks_update',
                     pattern='/settings/hooks/update')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_hooks_update',
                     route_name='admin_settings_hooks_update', request_method='POST',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_hooks_delete',
                     pattern='/settings/hooks/delete')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_hooks_update',
                     route_name='admin_settings_hooks_delete', request_method='POST',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_search',
                     pattern='/settings/search')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_search',
                     route_name='admin_settings_search', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_labs',
                     pattern='/settings/labs')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_labs',
                     route_name='admin_settings_labs', request_method='GET',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 config.add_route(
                     name='admin_settings_labs_update',
                     pattern='/settings/labs/update')
                 config.add_view(
                     AdminSettingsView,
                     attr='settings_labs_update',
                     route_name='admin_settings_labs_update', request_method='POST',
                     renderer='rhodecode:templates/admin/settings/settings.mako')
                 # global permissions
                 config.add_route(
                     name='admin_permissions_application',
                     pattern='/permissions/application')
                 config.add_view(
                     AdminPermissionsView,
                     attr='permissions_application',
                     route_name='admin_permissions_application', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 config.add_route(
                     name='admin_permissions_application_update',
                     pattern='/permissions/application/update')
                 config.add_view(
                     AdminPermissionsView,
                     attr='permissions_application_update',
                     route_name='admin_permissions_application_update', request_method='POST',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 config.add_route(
                     name='admin_permissions_global',
                     pattern='/permissions/global')
                 config.add_view(
                     AdminPermissionsView,
                     attr='permissions_global',
                     route_name='admin_permissions_global', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 config.add_route(
                     name='admin_permissions_global_update',
                     pattern='/permissions/global/update')
                 config.add_view(
                     AdminPermissionsView,
                     attr='permissions_global_update',
                     route_name='admin_permissions_global_update', request_method='POST',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 config.add_route(
                     name='admin_permissions_object',
                     pattern='/permissions/object')
                 config.add_view(
                     AdminPermissionsView,
                     attr='permissions_objects',
                     route_name='admin_permissions_object', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 config.add_route(
                     name='admin_permissions_object_update',
                     pattern='/permissions/object/update')
                 config.add_view(
                     AdminPermissionsView,
                     attr='permissions_objects_update',
                     route_name='admin_permissions_object_update', request_method='POST',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 # Branch perms EE feature
                 config.add_route(
                     name='admin_permissions_branch',
                     pattern='/permissions/branch')
                 config.add_view(
                     AdminPermissionsView,
                     attr='permissions_branch',
                     route_name='admin_permissions_branch', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 config.add_route(
                     name='admin_permissions_ips',
                     pattern='/permissions/ips')
                 config.add_view(
                     AdminPermissionsView,
                     attr='permissions_ips',
                     route_name='admin_permissions_ips', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 config.add_route(
                     name='admin_permissions_overview',
                     pattern='/permissions/overview')
                 config.add_view(
                     AdminPermissionsView,
                     attr='permissions_overview',
                     route_name='admin_permissions_overview', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 config.add_route(
                     name='admin_permissions_auth_token_access',
                     pattern='/permissions/auth_token_access')
                 config.add_view(
                     AdminPermissionsView,
                     attr='auth_token_access',
                     route_name='admin_permissions_auth_token_access', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 config.add_route(
                     name='admin_permissions_ssh_keys',
                     pattern='/permissions/ssh_keys')
                 config.add_view(
                     AdminPermissionsView,
                     attr='ssh_keys',
                     route_name='admin_permissions_ssh_keys', request_method='GET',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 config.add_route(
                     name='admin_permissions_ssh_keys_data',
                     pattern='/permissions/ssh_keys/data')
                 config.add_view(
                     AdminPermissionsView,
                     attr='ssh_keys_data',
                     route_name='admin_permissions_ssh_keys_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 config.add_route(
                     name='admin_permissions_ssh_keys_update',
                     pattern='/permissions/ssh_keys/update')
                 config.add_view(
                     AdminPermissionsView,
                     attr='ssh_keys_update',
                     route_name='admin_permissions_ssh_keys_update', request_method='POST',
                     renderer='rhodecode:templates/admin/permissions/permissions.mako')
                 # users admin
                 config.add_route(
                     name='users',
                     pattern='/users')
                 config.add_view(
                     AdminUsersView,
                     attr='users_list',
                     route_name='users', request_method='GET',
                     renderer='rhodecode:templates/admin/users/users.mako')
                 config.add_route(
                     name='users_data',
                     pattern='/users_data')
                 config.add_view(
                     AdminUsersView,
                     attr='users_list_data',
                     # renderer defined below
                     route_name='users_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 config.add_route(
                     name='users_create',
                     pattern='/users/create')
                 config.add_view(
                     AdminUsersView,
                     attr='users_create',
                     route_name='users_create', request_method='POST',
                     renderer='rhodecode:templates/admin/users/user_add.mako')
                 config.add_route(
                     name='users_new',
                     pattern='/users/new')
                 config.add_view(
                     AdminUsersView,
                     attr='users_new',
                     route_name='users_new', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_add.mako')
                 # user management
                 config.add_route(
                     name='user_edit',
                     pattern=r'/users/{user_id:\d+}/edit',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_edit',
                     route_name='user_edit', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='user_edit_advanced',
                     pattern=r'/users/{user_id:\d+}/edit/advanced',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_edit_advanced',
                     route_name='user_edit_advanced', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='user_edit_global_perms',
                     pattern=r'/users/{user_id:\d+}/edit/global_permissions',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_edit_global_perms',
                     route_name='user_edit_global_perms', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='user_edit_global_perms_update',
                     pattern=r'/users/{user_id:\d+}/edit/global_permissions/update',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_edit_global_perms_update',
                     route_name='user_edit_global_perms_update', request_method='POST',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='user_update',
                     pattern=r'/users/{user_id:\d+}/update',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_update',
                     route_name='user_update', request_method='POST',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='user_delete',
                     pattern=r'/users/{user_id:\d+}/delete',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_delete',
                     route_name='user_delete', request_method='POST',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='user_enable_force_password_reset',
                     pattern=r'/users/{user_id:\d+}/password_reset_enable',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_enable_force_password_reset',
                     route_name='user_enable_force_password_reset', request_method='POST',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='user_disable_force_password_reset',
                     pattern=r'/users/{user_id:\d+}/password_reset_disable',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_disable_force_password_reset',
                     route_name='user_disable_force_password_reset', request_method='POST',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='user_create_personal_repo_group',
                     pattern=r'/users/{user_id:\d+}/create_repo_group',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_create_personal_repo_group',
                     route_name='user_create_personal_repo_group', request_method='POST',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 # user notice
                 config.add_route(
                     name='user_notice_dismiss',
                     pattern=r'/users/{user_id:\d+}/notice_dismiss',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_notice_dismiss',
                     route_name='user_notice_dismiss', request_method='POST',
                     renderer='json_ext', xhr=True)
                 # user auth tokens
                 config.add_route(
                     name='edit_user_auth_tokens',
                     pattern=r'/users/{user_id:\d+}/edit/auth_tokens',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='auth_tokens',
                     route_name='edit_user_auth_tokens', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='edit_user_auth_tokens_view',
                     pattern=r'/users/{user_id:\d+}/edit/auth_tokens/view',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='auth_tokens_view',
                     route_name='edit_user_auth_tokens_view', request_method='POST',
                     renderer='json_ext', xhr=True)
                 config.add_route(
                     name='edit_user_auth_tokens_add',
                     pattern=r'/users/{user_id:\d+}/edit/auth_tokens/new',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='auth_tokens_add',
                     route_name='edit_user_auth_tokens_add', request_method='POST')
                 config.add_route(
                     name='edit_user_auth_tokens_delete',
                     pattern=r'/users/{user_id:\d+}/edit/auth_tokens/delete',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='auth_tokens_delete',
                     route_name='edit_user_auth_tokens_delete', request_method='POST')
                 # user ssh keys
                 config.add_route(
                     name='edit_user_ssh_keys',
                     pattern=r'/users/{user_id:\d+}/edit/ssh_keys',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='ssh_keys',
                     route_name='edit_user_ssh_keys', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='edit_user_ssh_keys_generate_keypair',
                     pattern=r'/users/{user_id:\d+}/edit/ssh_keys/generate',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='ssh_keys_generate_keypair',
                     route_name='edit_user_ssh_keys_generate_keypair', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='edit_user_ssh_keys_add',
                     pattern=r'/users/{user_id:\d+}/edit/ssh_keys/new',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='ssh_keys_add',
                     route_name='edit_user_ssh_keys_add', request_method='POST')
                 config.add_route(
                     name='edit_user_ssh_keys_delete',
                     pattern=r'/users/{user_id:\d+}/edit/ssh_keys/delete',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='ssh_keys_delete',
                     route_name='edit_user_ssh_keys_delete', request_method='POST')
                 # user emails
                 config.add_route(
                     name='edit_user_emails',
                     pattern=r'/users/{user_id:\d+}/edit/emails',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='emails',
                     route_name='edit_user_emails', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='edit_user_emails_add',
                     pattern=r'/users/{user_id:\d+}/edit/emails/new',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='emails_add',
                     route_name='edit_user_emails_add', request_method='POST')
                 config.add_route(
                     name='edit_user_emails_delete',
                     pattern=r'/users/{user_id:\d+}/edit/emails/delete',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='emails_delete',
                     route_name='edit_user_emails_delete', request_method='POST')
                 # user IPs
                 config.add_route(
                     name='edit_user_ips',
                     pattern=r'/users/{user_id:\d+}/edit/ips',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='ips',
                     route_name='edit_user_ips', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='edit_user_ips_add',
                     pattern=r'/users/{user_id:\d+}/edit/ips/new',
                     user_route_with_default=True)  # enabled for default user too
                 config.add_view(
                     UsersView,
                     attr='ips_add',
                     route_name='edit_user_ips_add', request_method='POST')
                 config.add_route(
                     name='edit_user_ips_delete',
                     pattern=r'/users/{user_id:\d+}/edit/ips/delete',
                     user_route_with_default=True)  # enabled for default user too
                 config.add_view(
                     UsersView,
                     attr='ips_delete',
                     route_name='edit_user_ips_delete', request_method='POST')
                 # user perms
                 config.add_route(
                     name='edit_user_perms_summary',
                     pattern=r'/users/{user_id:\d+}/edit/permissions_summary',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_perms_summary',
                     route_name='edit_user_perms_summary', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='edit_user_perms_summary_json',
                     pattern=r'/users/{user_id:\d+}/edit/permissions_summary/json',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_perms_summary_json',
                     route_name='edit_user_perms_summary_json', request_method='GET',
                     renderer='json_ext')
                 # user user groups management
                 config.add_route(
                     name='edit_user_groups_management',
                     pattern=r'/users/{user_id:\d+}/edit/groups_management',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='groups_management',
                     route_name='edit_user_groups_management', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='edit_user_groups_management_updates',
                     pattern=r'/users/{user_id:\d+}/edit/edit_user_groups_management/updates',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='groups_management_updates',
                     route_name='edit_user_groups_management_updates', request_method='POST')
                 # user audit logs
                 config.add_route(
                     name='edit_user_audit_logs',
                     pattern=r'/users/{user_id:\d+}/edit/audit', user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_audit_logs',
                     route_name='edit_user_audit_logs', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='edit_user_audit_logs_download',
                     pattern=r'/users/{user_id:\d+}/edit/audit/download', user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_audit_logs_download',
                     route_name='edit_user_audit_logs_download', request_method='GET',
                     renderer='string')
                 # user caches
                 config.add_route(
                     name='edit_user_caches',
                     pattern=r'/users/{user_id:\d+}/edit/caches',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_caches',
                     route_name='edit_user_caches', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 config.add_route(
                     name='edit_user_caches_update',
                     pattern=r'/users/{user_id:\d+}/edit/caches/update',
                     user_route=True)
                 config.add_view(
                     UsersView,
                     attr='user_caches_update',
                     route_name='edit_user_caches_update', request_method='POST')
                 # user-groups admin
                 config.add_route(
                     name='user_groups',
                     pattern='/user_groups')
                 config.add_view(
                     AdminUserGroupsView,
                     attr='user_groups_list',
                     route_name='user_groups', request_method='GET',
                     renderer='rhodecode:templates/admin/user_groups/user_groups.mako')
                 config.add_route(
                     name='user_groups_data',
                     pattern='/user_groups_data')
                 config.add_view(
                     AdminUserGroupsView,
                     attr='user_groups_list_data',
                     route_name='user_groups_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 config.add_route(
                     name='user_groups_new',
                     pattern='/user_groups/new')
                 config.add_view(
                     AdminUserGroupsView,
                     attr='user_groups_new',
                     route_name='user_groups_new', request_method='GET',
                     renderer='rhodecode:templates/admin/user_groups/user_group_add.mako')
                 config.add_route(
                     name='user_groups_create',
                     pattern='/user_groups/create')
                 config.add_view(
                     AdminUserGroupsView,
                     attr='user_groups_create',
                     route_name='user_groups_create', request_method='POST',
                     renderer='rhodecode:templates/admin/user_groups/user_group_add.mako')
                 # repos admin
                 config.add_route(
                     name='repos',
                     pattern='/repos')
                 config.add_view(
                     AdminReposView,
                     attr='repository_list',
                     route_name='repos', request_method='GET',
                     renderer='rhodecode:templates/admin/repos/repos.mako')
                 config.add_route(
                     name='repos_data',
                     pattern='/repos_data')
                 config.add_view(
                     AdminReposView,
                     attr='repository_list_data',
                     route_name='repos_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 config.add_route(
                     name='repo_new',
                     pattern='/repos/new')
                 config.add_view(
                     AdminReposView,
                     attr='repository_new',
                     route_name='repo_new', request_method='GET',
                     renderer='rhodecode:templates/admin/repos/repo_add.mako')
                 config.add_route(
                     name='repo_create',
                     pattern='/repos/create')
                 config.add_view(
                     AdminReposView,
                     attr='repository_create',
                     route_name='repo_create', request_method='POST',
                     renderer='rhodecode:templates/admin/repos/repos.mako')
                 # repo groups admin
                 config.add_route(
                     name='repo_groups',
                     pattern='/repo_groups')
                 config.add_view(
                     AdminRepoGroupsView,
                     attr='repo_group_list',
                     route_name='repo_groups', request_method='GET',
                     renderer='rhodecode:templates/admin/repo_groups/repo_groups.mako')
                 config.add_route(
                     name='repo_groups_data',
                     pattern='/repo_groups_data')
                 config.add_view(
                     AdminRepoGroupsView,
                     attr='repo_group_list_data',
                     route_name='repo_groups_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 config.add_route(
                     name='repo_group_new',
                     pattern='/repo_group/new')
                 config.add_view(
                     AdminRepoGroupsView,
                     attr='repo_group_new',
                     route_name='repo_group_new', request_method='GET',
                     renderer='rhodecode:templates/admin/repo_groups/repo_group_add.mako')
                 config.add_route(
                     name='repo_group_create',
                     pattern='/repo_group/create')
                 config.add_view(
                     AdminRepoGroupsView,
                     attr='repo_group_create',
                     route_name='repo_group_create', request_method='POST',
                     renderer='rhodecode:templates/admin/repo_groups/repo_group_add.mako')
             def includeme(config):
                 # Create admin navigation registry and add it to the pyramid registry.
                 nav_includeme(config)
                 # main admin routes
                 config.add_route(
                     name='admin_home', pattern=ADMIN_PREFIX)
                 config.add_view(
                     AdminMainView,
                     attr='admin_main',
                     route_name='admin_home', request_method='GET',
                     renderer='rhodecode:templates/admin/main.mako')
                 # pr global redirect
                 config.add_route(
                     name='pull_requests_global_0',  # backward compat
                     pattern=ADMIN_PREFIX + r'/pull_requests/{pull_request_id:\d+}')
                 config.add_view(
                     AdminMainView,
                     attr='pull_requests',
                     route_name='pull_requests_global_0', request_method='GET')
                 config.add_route(
                     name='pull_requests_global_1',  # backward compat
                     pattern=ADMIN_PREFIX + r'/pull-requests/{pull_request_id:\d+}')
                 config.add_view(
                     AdminMainView,
                     attr='pull_requests',
                     route_name='pull_requests_global_1', request_method='GET')
                 config.add_route(
                     name='pull_requests_global',
                     pattern=ADMIN_PREFIX + r'/pull-request/{pull_request_id:\d+}')
                 config.add_view(
                     AdminMainView,
                     attr='pull_requests',
                     route_name='pull_requests_global', request_method='GET')
                 config.include(admin_routes, route_prefix=ADMIN_PREFIX)

rhodecode/apps/admin/views/security.py

0 +4 -30

             # Copyright (C) 2010-2024 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
-            import formencode
-            from rhodecode import BACKENDS
             from rhodecode.apps._base import BaseAppView
-            from rhodecode.model.meta import Session
-            from rhodecode.model.settings import SettingsModel
-            from rhodecode.model.forms import WhitelistedVcsClientsForm
             from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator
             log = logging.getLogger(__name__)
             class AdminSecurityView(BaseAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     return c
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def security(self):
                     c = self.load_default_context()
                     c.active = 'security'
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
-                def vcs_whitelisted_client_versions_edit(self):
+                def admin_security_modify_allowed_vcs_client_versions(self):
-                    _ = self.request.translate
                     c = self.load_default_context()
-                    render_ctx = {}
+                    c.active = 'security'
-                    settings = SettingsModel()
+                    return self._get_template_context(c)
-                    form = WhitelistedVcsClientsForm(_, )()
-                    if self.request.method == 'POST':
-                        try:
-                            result = form.to_python(self.request.POST)
-                            for k, v in result.items():
-                                if v:
-                                    setting = settings.create_or_update_setting(name=f'{k}_allowed_clients', val=v)
-                                    Session().add(setting)
-                            Session().commit()
-                        except formencode.Invalid as errors:
-                            render_ctx.update({
-                                'errors': errors.error_dict
-                            })
-                    for key in BACKENDS.keys():
-                        verbose_name = f"initial_{key}"
-                        if existing := settings.get_setting_by_name(name=f'{key}_allowed_clients'):
-                            render_ctx[verbose_name] = existing.app_settings_value
-                        else:
-                            render_ctx[verbose_name] = '*'
-                    return self._get_template_context(c, **render_ctx)

rhodecode/apps/admin/views/settings.py

0 +1 -2

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             import collections
             import datetime
             import formencode
             import formencode.htmlfill
             import rhodecode
             from pyramid.httpexceptions import HTTPFound, HTTPNotFound
             from pyramid.renderers import render
             from pyramid.response import Response
             from rhodecode.apps._base import BaseAppView
             from rhodecode.apps._base.navigation import navigation_list
             from rhodecode.apps.svn_support import config_keys
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import (
                 LoginRequired, HasPermissionAllDecorator, CSRFRequired)
             from rhodecode.lib.celerylib import tasks, run_task
             from rhodecode.lib.str_utils import safe_str
             from rhodecode.lib.utils import repo2db_mapper, get_rhodecode_repo_store_path
             from rhodecode.lib.utils2 import str2bool, AttributeDict
             from rhodecode.lib.index import searcher_from_config
             from rhodecode.model.db import RhodeCodeUi, Repository
             from rhodecode.model.forms import (ApplicationSettingsForm,
                 ApplicationUiSettingsForm, ApplicationVisualisationForm,
                 LabsSettingsForm, IssueTrackerPatternsForm)
             from rhodecode.model.permission import PermissionModel
             from rhodecode.model.repo_group import RepoGroupModel
             from rhodecode.model.scm import ScmModel
             from rhodecode.model.notification import EmailNotificationModel
             from rhodecode.model.meta import Session
             from rhodecode.model.settings import (
                 IssueTrackerSettingsModel, VcsSettingsModel, SettingNotFound,
                 SettingsModel)
             log = logging.getLogger(__name__)
             class AdminSettingsView(BaseAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     c.labs_active = str2bool(
                         rhodecode.CONFIG.get('labs_settings_active', 'true'))
                     c.navlist = navigation_list(self.request)
                     return c
                 @classmethod
                 def _get_ui_settings(cls):
                     ret = RhodeCodeUi.query().all()
                     if not ret:
                         raise Exception('Could not get application ui settings !')
                     settings = {}
                     for each in ret:
                         k = each.ui_key
                         v = each.ui_value
                         if k == '/':
                             k = 'root_path'
-                        if k in ['push_ssl', 'publish', 'enabled']:
+                        if k in ['publish', 'enabled']:
                             v = str2bool(v)
                         if k.find('.') != -1:
                             k = k.replace('.', '_')
                         if each.ui_section in ['hooks', 'extensions']:
                             v = each.ui_active
                         settings[each.ui_section + '_' + k] = v
                     return settings
                 @classmethod
                 def _form_defaults(cls):
                     defaults = SettingsModel().get_all_settings()
                     defaults.update(cls._get_ui_settings())
                     defaults.update({
                         'new_svn_branch': '',
                         'new_svn_tag': '',
                     })
                     return defaults
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_vcs(self):
                     c = self.load_default_context()
                     c.active = 'vcs'
                     model = VcsSettingsModel()
                     c.svn_branch_patterns = model.get_global_svn_branch_patterns()
                     c.svn_tag_patterns = model.get_global_svn_tag_patterns()
                     c.svn_generate_config = rhodecode.ConfigGet().get_bool(config_keys.generate_config)
                     c.svn_config_path = rhodecode.ConfigGet().get_str(config_keys.config_file_path)
                     defaults = self._form_defaults()
                     model.create_largeobjects_dirs_if_needed(defaults['paths_root_path'])
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_vcs_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'vcs'
                     model = VcsSettingsModel()
                     c.svn_branch_patterns = model.get_global_svn_branch_patterns()
                     c.svn_tag_patterns = model.get_global_svn_tag_patterns()
                     c.svn_generate_config = rhodecode.ConfigGet().get_bool(config_keys.generate_config)
                     c.svn_config_path = rhodecode.ConfigGet().get_str(config_keys.config_file_path)
                     application_form = ApplicationUiSettingsForm(self.request.translate)()
                     try:
                         form_result = application_form.to_python(dict(self.request.POST))
                     except formencode.Invalid as errors:
                         h.flash(
                             _("Some form inputs contain invalid data."),
                             category='error')
                         data = render('rhodecode:templates/admin/settings/settings.mako',
                                       self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=errors.value,
                             errors=errors.unpack_errors() or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     try:
-                        model.update_global_ssl_setting(form_result['web_push_ssl'])
                         model.update_global_hook_settings(form_result)
                         model.create_or_update_global_svn_settings(form_result)
                         model.create_or_update_global_hg_settings(form_result)
                         model.create_or_update_global_git_settings(form_result)
                         model.create_or_update_global_pr_settings(form_result)
                     except Exception:
                         log.exception("Exception while updating settings")
                         h.flash(_('Error occurred during updating '
                                   'application settings'), category='error')
                     else:
                         Session().commit()
                         h.flash(_('Updated VCS settings'), category='success')
                         raise HTTPFound(h.route_path('admin_settings_vcs'))
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_vcs_delete_svn_pattern(self):
                     delete_pattern_id = self.request.POST.get('delete_svn_pattern')
                     model = VcsSettingsModel()
                     try:
                         model.delete_global_svn_pattern(delete_pattern_id)
                     except SettingNotFound:
                         log.exception(
                             'Failed to delete svn_pattern with id %s', delete_pattern_id)
                         raise HTTPNotFound()
                     Session().commit()
                     return True
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_mapping(self):
                     c = self.load_default_context()
                     c.active = 'mapping'
                     c.storage_path = get_rhodecode_repo_store_path()
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_mapping_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'mapping'
                     rm_obsolete = self.request.POST.get('destroy', False)
                     invalidate_cache = self.request.POST.get('invalidate', False)
                     log.debug('rescanning repo location with destroy obsolete=%s', rm_obsolete)
                     if invalidate_cache:
                         log.debug('invalidating all repositories cache')
                         for repo in Repository.get_all():
                             ScmModel().mark_for_invalidation(repo.repo_name, delete=True)
                     filesystem_repos = ScmModel().repo_scan()
                     added, removed = repo2db_mapper(filesystem_repos, rm_obsolete, force_hooks_rebuild=True)
                     PermissionModel().trigger_permission_flush()
                     def _repr(rm_repo):
                         return ', '.join(map(safe_str, rm_repo)) or '-'
                     h.flash(_('Repositories successfully '
                               'rescanned added: %s ; removed: %s') %
                             (_repr(added), _repr(removed)),
                             category='success')
                     raise HTTPFound(h.route_path('admin_settings_mapping'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_global(self):
                     c = self.load_default_context()
                     c.active = 'global'
                     c.personal_repo_group_default_pattern = RepoGroupModel()\
                         .get_personal_group_name_pattern()
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_global_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'global'
                     c.personal_repo_group_default_pattern = RepoGroupModel()\
                         .get_personal_group_name_pattern()
                     application_form = ApplicationSettingsForm(self.request.translate)()
                     try:
                         form_result = application_form.to_python(dict(self.request.POST))
                     except formencode.Invalid as errors:
                         h.flash(
                             _("Some form inputs contain invalid data."),
                             category='error')
                         data = render('rhodecode:templates/admin/settings/settings.mako',
                                       self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=errors.value,
                             errors=errors.unpack_errors() or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     settings = [
                         ('title', 'rhodecode_title', 'unicode'),
                         ('realm', 'rhodecode_realm', 'unicode'),
                         ('pre_code', 'rhodecode_pre_code', 'unicode'),
                         ('post_code', 'rhodecode_post_code', 'unicode'),
                         ('captcha_public_key', 'rhodecode_captcha_public_key', 'unicode'),
                         ('captcha_private_key', 'rhodecode_captcha_private_key', 'unicode'),
                         ('create_personal_repo_group', 'rhodecode_create_personal_repo_group', 'bool'),
                         ('personal_repo_group_pattern', 'rhodecode_personal_repo_group_pattern', 'unicode'),
                     ]
                     try:
                         for setting, form_key, type_ in settings:
                             sett = SettingsModel().create_or_update_setting(
                                 setting, form_result[form_key], type_)
                             Session().add(sett)
                         Session().commit()
                         SettingsModel().invalidate_settings_cache()
                         h.flash(_('Updated application settings'), category='success')
                     except Exception:
                         log.exception("Exception while updating application settings")
                         h.flash(
                             _('Error occurred during updating application settings'),
                             category='error')
                     raise HTTPFound(h.route_path('admin_settings_global'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_visual(self):
                     c = self.load_default_context()
                     c.active = 'visual'
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_visual_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'visual'
                     application_form = ApplicationVisualisationForm(self.request.translate)()
                     try:
                         form_result = application_form.to_python(dict(self.request.POST))
                     except formencode.Invalid as errors:
                         h.flash(
                             _("Some form inputs contain invalid data."),
                             category='error')
                         data = render('rhodecode:templates/admin/settings/settings.mako',
                                       self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=errors.value,
                             errors=errors.unpack_errors() or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     try:
                         settings = [
                             ('show_public_icon', 'rhodecode_show_public_icon', 'bool'),
                             ('show_private_icon', 'rhodecode_show_private_icon', 'bool'),
                             ('stylify_metatags', 'rhodecode_stylify_metatags', 'bool'),
                             ('repository_fields', 'rhodecode_repository_fields', 'bool'),
                             ('dashboard_items', 'rhodecode_dashboard_items', 'int'),
                             ('admin_grid_items', 'rhodecode_admin_grid_items', 'int'),
                             ('show_version', 'rhodecode_show_version', 'bool'),
                             ('use_gravatar', 'rhodecode_use_gravatar', 'bool'),
                             ('markup_renderer', 'rhodecode_markup_renderer', 'unicode'),
                             ('gravatar_url', 'rhodecode_gravatar_url', 'unicode'),
                             ('clone_uri_tmpl', 'rhodecode_clone_uri_tmpl', 'unicode'),
                             ('clone_uri_id_tmpl', 'rhodecode_clone_uri_id_tmpl', 'unicode'),
                             ('clone_uri_ssh_tmpl', 'rhodecode_clone_uri_ssh_tmpl', 'unicode'),
                             ('support_url', 'rhodecode_support_url', 'unicode'),
                             ('show_revision_number', 'rhodecode_show_revision_number', 'bool'),
                             ('show_sha_length', 'rhodecode_show_sha_length', 'int'),
                         ]
                         for setting, form_key, type_ in settings:
                             sett = SettingsModel().create_or_update_setting(
                                 setting, form_result[form_key], type_)
                             Session().add(sett)
                         Session().commit()
                         SettingsModel().invalidate_settings_cache()
                         h.flash(_('Updated visualisation settings'), category='success')
                     except Exception:
                         log.exception("Exception updating visualization settings")
                         h.flash(_('Error occurred during updating '
                                   'visualisation settings'),
                                 category='error')
                     raise HTTPFound(h.route_path('admin_settings_visual'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_issuetracker(self):
                     c = self.load_default_context()
                     c.active = 'issuetracker'
                     defaults = c.rc_config
                     entry_key = 'rhodecode_issuetracker_pat_'
                     c.issuetracker_entries = {}
                     for k, v in defaults.items():
                         if k.startswith(entry_key):
                             uid = k[len(entry_key):]
                             c.issuetracker_entries[uid] = None
                     for uid in c.issuetracker_entries:
                         c.issuetracker_entries[uid] = AttributeDict({
                             'pat': defaults.get('rhodecode_issuetracker_pat_' + uid),
                             'url': defaults.get('rhodecode_issuetracker_url_' + uid),
                             'pref': defaults.get('rhodecode_issuetracker_pref_' + uid),
                             'desc': defaults.get('rhodecode_issuetracker_desc_' + uid),
                         })
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_issuetracker_test(self):
                     error_container = []
                     urlified_commit = h.urlify_commit_message(
                         self.request.POST.get('test_text', ''),
                         'repo_group/test_repo1', error_container=error_container)
                     if error_container:
                         def converter(inp):
                             return h.html_escape(inp)
                         return 'ERRORS: ' + '\n'.join(map(converter, error_container))
                     return urlified_commit
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_issuetracker_update(self):
                     _ = self.request.translate
                     self.load_default_context()
                     settings_model = IssueTrackerSettingsModel()
                     try:
                         form = IssueTrackerPatternsForm(self.request.translate)()
                         data = form.to_python(self.request.POST)
                     except formencode.Invalid as errors:
                         log.exception('Failed to add new pattern')
                         error = errors
                         h.flash(_(f'Invalid issue tracker pattern: {error}'),
                                 category='error')
                         raise HTTPFound(h.route_path('admin_settings_issuetracker'))
                     if data:
                         for uid in data.get('delete_patterns', []):
                             settings_model.delete_entries(uid)
                         for pattern in data.get('patterns', []):
                             for setting, value, type_ in pattern:
                                 sett = settings_model.create_or_update_setting(
                                     setting, value, type_)
                                 Session().add(sett)
                             Session().commit()
                         SettingsModel().invalidate_settings_cache()
                         h.flash(_('Updated issue tracker entries'), category='success')
                     raise HTTPFound(h.route_path('admin_settings_issuetracker'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_issuetracker_delete(self):
                     _ = self.request.translate
                     self.load_default_context()
                     uid = self.request.POST.get('uid')
                     try:
                         IssueTrackerSettingsModel().delete_entries(uid)
                     except Exception:
                         log.exception('Failed to delete issue tracker setting %s', uid)
                         raise HTTPNotFound()
                     SettingsModel().invalidate_settings_cache()
                     h.flash(_('Removed issue tracker entry.'), category='success')
                     return {'deleted': uid}
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_email(self):
                     c = self.load_default_context()
                     c.active = 'email'
                     c.rhodecode_ini = rhodecode.CONFIG
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_email_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'email'
                     test_email = self.request.POST.get('test_email')
                     if not test_email:
                         h.flash(_('Please enter email address'), category='error')
                         raise HTTPFound(h.route_path('admin_settings_email'))
                     email_kwargs = {
                         'date': datetime.datetime.now(),
                         'user': self._rhodecode_db_user
                     }
                     (subject, email_body, email_body_plaintext) = EmailNotificationModel().render_email(
                         EmailNotificationModel.TYPE_EMAIL_TEST, **email_kwargs)
                     recipients = [test_email] if test_email else None
                     run_task(tasks.send_email, recipients, subject,
                              email_body_plaintext, email_body)
                     h.flash(_('Send email task created'), category='success')
                     raise HTTPFound(h.route_path('admin_settings_email'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_hooks(self):
                     c = self.load_default_context()
                     c.active = 'hooks'
                     model = SettingsModel()
                     c.hooks = model.get_builtin_hooks()
                     c.custom_hooks = model.get_custom_hooks()
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_hooks_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'hooks'
                     if c.visual.allow_custom_hooks_settings:
                         ui_key = self.request.POST.get('new_hook_ui_key')
                         ui_value = self.request.POST.get('new_hook_ui_value')
                         hook_id = self.request.POST.get('hook_id')
                         new_hook = False
                         model = SettingsModel()
                         try:
                             if ui_value and ui_key:
                                 model.create_or_update_hook(ui_key, ui_value)
                                 h.flash(_('Added new hook'), category='success')
                                 new_hook = True
                             elif hook_id:
                                 RhodeCodeUi.delete(hook_id)
                                 Session().commit()
                             # check for edits
                             update = False
                             _d = self.request.POST.dict_of_lists()
                             for k, v in zip(_d.get('hook_ui_key', []),
                                             _d.get('hook_ui_value_new', [])):
                                 model.create_or_update_hook(k, v)
                                 update = True
                             if update and not new_hook:
                                 h.flash(_('Updated hooks'), category='success')
                             Session().commit()
                         except Exception:
                             log.exception("Exception during hook creation")
                             h.flash(_('Error occurred during hook creation'),
                                     category='error')
                     raise HTTPFound(h.route_path('admin_settings_hooks'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_search(self):
                     c = self.load_default_context()
                     c.active = 'search'
                     c.searcher = searcher_from_config(self.request.registry.settings)
                     c.statistics = c.searcher.statistics(self.request.translate)
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_labs(self):
                     c = self.load_default_context()
                     if not c.labs_active:
                         raise HTTPFound(h.route_path('admin_settings'))
                     c.active = 'labs'
                     c.lab_settings = _LAB_SETTINGS
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_labs_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'labs'
                     application_form = LabsSettingsForm(self.request.translate)()
                     try:
                         form_result = application_form.to_python(dict(self.request.POST))
                     except formencode.Invalid as errors:
                         h.flash(
                             _("Some form inputs contain invalid data."),
                             category='error')
                         data = render('rhodecode:templates/admin/settings/settings.mako',
                                       self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=errors.value,
                             errors=errors.unpack_errors() or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     try:
                         session = Session()
                         for setting in _LAB_SETTINGS:
                             setting_name = setting.key[len('rhodecode_'):]
                             sett = SettingsModel().create_or_update_setting(
                                 setting_name, form_result[setting.key], setting.type)
                             session.add(sett)
                     except Exception:
                         log.exception('Exception while updating lab settings')
                         h.flash(_('Error occurred during updating labs settings'),
                                 category='error')
                     else:
                         Session().commit()
                         SettingsModel().invalidate_settings_cache()
                         h.flash(_('Updated Labs settings'), category='success')
                         raise HTTPFound(h.route_path('admin_settings_labs'))
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
             # :param key: name of the setting including the 'rhodecode_' prefix
             # :param type: the RhodeCodeSetting type to use.
             # :param group: the i18ned group in which we should dispaly this setting
             # :param label: the i18ned label we should display for this setting
             # :param help: the i18ned help we should dispaly for this setting
             LabSetting = collections.namedtuple(
                 'LabSetting', ('key', 'type', 'group', 'label', 'help'))
             # This list has to be kept in sync with the form
             # rhodecode.model.forms.LabsSettingsForm.
             _LAB_SETTINGS = [
             ]

rhodecode/config/config_maker.py

0 +7 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import tempfile
             import logging
             from pyramid.settings import asbool
             from rhodecode.config.settings_maker import SettingsMaker
             from rhodecode.config import utils as config_utils
             log = logging.getLogger(__name__)
             def sanitize_settings_and_apply_defaults(global_config, settings):
                 """
                 Applies settings defaults and does all type conversion.
                 We would move all settings parsing and preparation into this place, so that
                 we have only one place left which deals with this part. The remaining parts
                 of the application would start to rely fully on well-prepared settings.
                 This piece would later be split up per topic to avoid a big fat monster
                 function.
                 """
                 jn = os.path.join
                 global_settings_maker = SettingsMaker(global_config)
                 global_settings_maker.make_setting('debug', default=False, parser='bool')
                 debug_enabled = asbool(global_config.get('debug'))
                 settings_maker = SettingsMaker(settings)
                 settings_maker.make_setting(
                     'logging.autoconfigure',
                     default=False,
                     parser='bool')
-                logging_conf = jn(os.path.dirname(global_config.get('__file__')), 'logging.ini')
+                ini_loc = os.path.dirname(global_config.get('__file__'))
+                logging_conf = jn(ini_loc, 'logging.ini')
                 settings_maker.enable_logging(logging_conf, level='INFO' if debug_enabled else 'DEBUG')
                 # Default includes, possible to change as a user
                 pyramid_includes = settings_maker.make_setting('pyramid.includes', [], parser='list:newline')
                 log.debug(
                     "Using the following pyramid.includes: %s",
                     pyramid_includes)
                 settings_maker.make_setting('rhodecode.edition', 'Community Edition')
                 settings_maker.make_setting('rhodecode.edition_id', 'CE')
                 if 'mako.default_filters' not in settings:
                     # set custom default filters if we don't have it defined
                     settings['mako.imports'] = 'from rhodecode.lib.base import h_filter'
                     settings['mako.default_filters'] = 'h_filter'
                 if 'mako.directories' not in settings:
                     mako_directories = settings.setdefault('mako.directories', [
                         # Base templates of the original application
                         'rhodecode:templates',
                     ])
                     log.debug(
                         "Using the following Mako template directories: %s",
                         mako_directories)
                 # NOTE(marcink): fix redis requirement for schema of connection since 3.X
                 if 'beaker.session.type' in settings and settings['beaker.session.type'] == 'ext:redis':
                     raw_url = settings['beaker.session.url']
                     if not raw_url.startswith(('redis://', 'rediss://', 'unix://')):
                         settings['beaker.session.url'] = 'redis://' + raw_url
                 settings_maker.make_setting('__file__', global_config.get('__file__'))
                 # TODO: johbo: Re-think this, usually the call to config.include
                 # should allow to pass in a prefix.
                 settings_maker.make_setting('rhodecode.api.url', '/_admin/api')
                 # Sanitize generic settings.
                 settings_maker.make_setting('default_encoding', 'UTF-8', parser='list')
                 settings_maker.make_setting('gzip_responses', False, parser='bool')
                 settings_maker.make_setting('startup.import_repos', 'false', parser='bool')
+                # License settings.
+                settings_maker.make_setting('license.hide_license_info', False, parser='bool')
+                settings_maker.make_setting('license.import_path', jn(ini_loc, 'rhodecode_enterprise.license'))
+                settings_maker.make_setting('license.import_path_mode', 'if-missing')
                 # statsd
                 settings_maker.make_setting('statsd.enabled', False, parser='bool')
                 settings_maker.make_setting('statsd.statsd_host', 'statsd-exporter', parser='string')
                 settings_maker.make_setting('statsd.statsd_port', 9125, parser='int')
                 settings_maker.make_setting('statsd.statsd_prefix', '')
                 settings_maker.make_setting('statsd.statsd_ipv6', False, parser='bool')
                 settings_maker.make_setting('vcs.svn.compatible_version', '')
                 settings_maker.make_setting('vcs.svn.redis_conn', 'redis://redis:6379/0')
                 settings_maker.make_setting('vcs.svn.proxy.enabled', True, parser='bool')
                 settings_maker.make_setting('vcs.svn.proxy.host', 'http://svn:8090', parser='string')
                 settings_maker.make_setting('vcs.hooks.protocol.v2', 'celery')
                 settings_maker.make_setting('vcs.hooks.host', '*')
                 settings_maker.make_setting('vcs.scm_app_implementation', 'http')
                 settings_maker.make_setting('vcs.server', '')
                 settings_maker.make_setting('vcs.server.protocol', 'http')
                 settings_maker.make_setting('vcs.server.enable', 'true', parser='bool')
                 settings_maker.make_setting('vcs.hooks.direct_calls', 'false', parser='bool')
                 settings_maker.make_setting('vcs.start_server', 'false', parser='bool')
                 settings_maker.make_setting('vcs.backends', 'hg, git, svn', parser='list')
                 settings_maker.make_setting('vcs.connection_timeout', 3600, parser='int')
                 settings_maker.make_setting('vcs.git.lfs.storage_location', '/var/opt/rhodecode_repo_store/.cache/git_lfs_store')
                 settings_maker.make_setting('vcs.hg.largefiles.storage_location',
                                             '/var/opt/rhodecode_repo_store/.cache/hg_largefiles_store')
                 settings_maker.make_setting('vcs.methods.cache', True, parser='bool')
                 # repo_store path
                 settings_maker.make_setting('repo_store.path', '/var/opt/rhodecode_repo_store')
                 # Support legacy values of vcs.scm_app_implementation. Legacy
                 # configurations may use 'rhodecode.lib.middleware.utils.scm_app_http', or
                 # disabled since 4.13 'vcsserver.scm_app' which is now mapped to 'http'.
                 scm_app_impl = settings['vcs.scm_app_implementation']
                 if scm_app_impl in ['rhodecode.lib.middleware.utils.scm_app_http', 'vcsserver.scm_app']:
                     settings['vcs.scm_app_implementation'] = 'http'
                 settings_maker.make_setting('appenlight', False, parser='bool')
                 temp_store = tempfile.gettempdir()
                 tmp_cache_dir = jn(temp_store, 'rc_cache')
                 # save default, cache dir, and use it for all backends later.
                 default_cache_dir = settings_maker.make_setting(
                     'cache_dir',
                     default=tmp_cache_dir, default_when_empty=True,
                     parser='dir:ensured')
                 # exception store cache
                 settings_maker.make_setting(
                     'exception_tracker.store_path',
                     default=jn(default_cache_dir, 'exc_store'), default_when_empty=True,
                     parser='dir:ensured'
                 )
                 settings_maker.make_setting(
                     'celerybeat-schedule.path',
                     default=jn(default_cache_dir, 'celerybeat_schedule', 'celerybeat-schedule.db'), default_when_empty=True,
                     parser='file:ensured'
                 )
                 # celery
                 broker_url = settings_maker.make_setting('celery.broker_url', 'redis://redis:6379/8')
                 settings_maker.make_setting('celery.result_backend', broker_url)
                 settings_maker.make_setting('exception_tracker.send_email', False, parser='bool')
                 settings_maker.make_setting('exception_tracker.email_prefix', '[RHODECODE ERROR]', default_when_empty=True)
                 # sessions, ensure file since no-value is memory
                 settings_maker.make_setting('beaker.session.type', 'file')
                 settings_maker.make_setting('beaker.session.data_dir',  jn(default_cache_dir, 'session_data'))
                 # cache_general
                 settings_maker.make_setting('rc_cache.cache_general.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_general.expiration_time', 60 * 60 * 12, parser='int')
                 settings_maker.make_setting('rc_cache.cache_general.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_general.db'))
                 # cache_perms
                 settings_maker.make_setting('rc_cache.cache_perms.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_perms.expiration_time', 60 * 60, parser='int')
                 settings_maker.make_setting('rc_cache.cache_perms.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_perms_db'))
                 # cache_repo
                 settings_maker.make_setting('rc_cache.cache_repo.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_repo.expiration_time', 60 * 60 * 24 * 30, parser='int')
                 settings_maker.make_setting('rc_cache.cache_repo.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_repo_db'))
                 # cache_license
                 settings_maker.make_setting('rc_cache.cache_license.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_license.expiration_time', 60 * 5, parser='int')
                 settings_maker.make_setting('rc_cache.cache_license.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_license_db'))
                 # cache_repo_longterm memory, 96H
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.backend', 'dogpile.cache.rc.memory_lru')
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.expiration_time', 345600, parser='int')
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.max_size', 10000, parser='int')
                 # sql_cache_short
                 settings_maker.make_setting('rc_cache.sql_cache_short.backend', 'dogpile.cache.rc.memory_lru')
                 settings_maker.make_setting('rc_cache.sql_cache_short.expiration_time', 30, parser='int')
                 settings_maker.make_setting('rc_cache.sql_cache_short.max_size', 10000, parser='int')
                 # archive_cache
                 settings_maker.make_setting('archive_cache.locking.url', 'redis://redis:6379/1')
                 settings_maker.make_setting('archive_cache.backend.type', 'filesystem')
                 settings_maker.make_setting('archive_cache.filesystem.store_dir', jn(default_cache_dir, 'archive_cache'), default_when_empty=True,)
                 settings_maker.make_setting('archive_cache.filesystem.cache_shards', 8, parser='int')
                 settings_maker.make_setting('archive_cache.filesystem.cache_size_gb', 10, parser='float')
                 settings_maker.make_setting('archive_cache.filesystem.eviction_policy', 'least-recently-stored')
                 settings_maker.make_setting('archive_cache.filesystem.retry', False, parser='bool')
                 settings_maker.make_setting('archive_cache.filesystem.retry_backoff', 1, parser='int')
                 settings_maker.make_setting('archive_cache.filesystem.retry_attempts', 10, parser='int')
                 settings_maker.make_setting('archive_cache.objectstore.url', 'http://s3-minio:9000', default_when_empty=True,)
                 settings_maker.make_setting('archive_cache.objectstore.key', '')
                 settings_maker.make_setting('archive_cache.objectstore.secret', '')
                 settings_maker.make_setting('archive_cache.objectstore.region', 'eu-central-1')
                 settings_maker.make_setting('archive_cache.objectstore.bucket', 'rhodecode-archive-cache', default_when_empty=True,)
                 settings_maker.make_setting('archive_cache.objectstore.bucket_shards', 8, parser='int')
                 settings_maker.make_setting('archive_cache.objectstore.cache_size_gb', 10, parser='float')
                 settings_maker.make_setting('archive_cache.objectstore.eviction_policy', 'least-recently-stored')
                 settings_maker.make_setting('archive_cache.objectstore.retry', False, parser='bool')
                 settings_maker.make_setting('archive_cache.objectstore.retry_backoff', 1, parser='int')
                 settings_maker.make_setting('archive_cache.objectstore.retry_attempts', 10, parser='int')
                 settings_maker.env_expand()
                 # configure instance id
                 config_utils.set_instance_id(settings)
                 return settings

rhodecode/config/middleware.py

0 +3 -2

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import sys
             import collections
             import time
             import logging.config
             from paste.gzipper import make_gzip_middleware
             import pyramid.events
             from pyramid.wsgi import wsgiapp
             from pyramid.config import Configurator
             from pyramid.settings import asbool, aslist
             from pyramid.httpexceptions import (
                 HTTPException, HTTPError, HTTPInternalServerError, HTTPFound, HTTPNotFound)
             from pyramid.renderers import render_to_response
             from rhodecode.model import meta
             from rhodecode.config import patches
             from rhodecode.config.environment import load_pyramid_environment, propagate_rhodecode_config
             import rhodecode.events
             from rhodecode.config.config_maker import sanitize_settings_and_apply_defaults
             from rhodecode.lib.middleware.vcs import VCSMiddleware
             from rhodecode.lib.request import Request
             from rhodecode.lib.vcs import VCSCommunicationError
             from rhodecode.lib.exceptions import VCSServerUnavailable
             from rhodecode.lib.middleware.appenlight import wrap_in_appenlight_if_enabled
             from rhodecode.lib.middleware.https_fixup import HttpsFixup
             from rhodecode.lib.plugins.utils import register_rhodecode_plugin
             from rhodecode.lib.utils2 import AttributeDict
             from rhodecode.lib.exc_tracking import store_exception, format_exc
             from rhodecode.subscribers import (
                 scan_repositories_if_enabled, write_js_routes_if_enabled,
-                write_metadata_if_needed, write_usage_data)
+                write_metadata_if_needed, write_usage_data, import_license_if_present)
             from rhodecode.lib.statsd_client import StatsdClient
             log = logging.getLogger(__name__)
             def is_http_error(response):
                 # error which should have traceback
                 return response.status_code > 499
             def should_load_all():
                 """
                 Returns if all application components should be loaded. In some cases it's
                 desired to skip apps loading for faster shell script execution
                 """
                 ssh_cmd = os.environ.get('RC_CMD_SSH_WRAPPER')
                 if ssh_cmd:
                     return False
                 return True
             def make_pyramid_app(global_config, **settings):
                 """
                 Constructs the WSGI application based on Pyramid.
                 Specials:
                 * The application can also be integrated like a plugin via the call to
                   `includeme`. This is accompanied with the other utility functions which
                   are called. Changing this should be done with great care to not break
                   cases when these fragments are assembled from another place.
                 """
                 start_time = time.time()
                 log.info('Pyramid app config starting')
                 sanitize_settings_and_apply_defaults(global_config, settings)
                 # init and bootstrap StatsdClient
                 StatsdClient.setup(settings)
                 config = Configurator(settings=settings)
                 # Init our statsd at very start
                 config.registry.statsd = StatsdClient.statsd
                 # Apply compatibility patches
                 patches.inspect_getargspec()
                 patches.repoze_sendmail_lf_fix()
                 load_pyramid_environment(global_config, settings)
                 # Static file view comes first
                 includeme_first(config)
                 includeme(config)
                 pyramid_app = config.make_wsgi_app()
                 pyramid_app = wrap_app_in_wsgi_middlewares(pyramid_app, config)
                 pyramid_app.config = config
                 celery_settings = get_celery_config(settings)
                 config.configure_celery(celery_settings)
                 # final config set...
                 propagate_rhodecode_config(global_config, settings, config.registry.settings)
                 # creating the app uses a connection - return it after we are done
                 meta.Session.remove()
                 total_time = time.time() - start_time
                 log.info('Pyramid app created and configured in %.2fs', total_time)
                 return pyramid_app
             def get_celery_config(settings):
                 """
                 Converts basic ini configuration into celery 4.X options
                 """
                 def key_converter(key_name):
                     pref = 'celery.'
                     if key_name.startswith(pref):
                         return key_name[len(pref):].replace('.', '_').lower()
                 def type_converter(parsed_key, value):
                     # cast to int
                     if value.isdigit():
                         return int(value)
                     # cast to bool
                     if value.lower() in ['true', 'false', 'True', 'False']:
                         return value.lower() == 'true'
                     return value
                 celery_config = {}
                 for k, v in settings.items():
                     pref = 'celery.'
                     if k.startswith(pref):
                         celery_config[key_converter(k)] = type_converter(key_converter(k), v)
                 # TODO:rethink if we want to support celerybeat based file config, probably NOT
                 # beat_config = {}
                 # for section in parser.sections():
                 #     if section.startswith('celerybeat:'):
                 #         name = section.split(':', 1)[1]
                 #         beat_config[name] = get_beat_config(parser, section)
                 # final compose of settings
                 celery_settings = {}
                 if celery_config:
                     celery_settings.update(celery_config)
                 # if beat_config:
                 #     celery_settings.update({'beat_schedule': beat_config})
                 return celery_settings
             def not_found_view(request):
                 """
                 This creates the view which should be registered as not-found-view to
                 pyramid.
                 """
                 if not getattr(request, 'vcs_call', None):
                     # handle like regular case with our error_handler
                     return error_handler(HTTPNotFound(), request)
                 # handle not found view as a vcs call
                 settings = request.registry.settings
                 ae_client = getattr(request, 'ae_client', None)
                 vcs_app = VCSMiddleware(
                     HTTPNotFound(), request.registry, settings,
                     appenlight_client=ae_client)
                 return wsgiapp(vcs_app)(None, request)
             def error_handler(exception, request):
                 import rhodecode
                 from rhodecode.lib import helpers
                 rhodecode_title = rhodecode.CONFIG.get('rhodecode_title') or 'RhodeCode'
                 base_response = HTTPInternalServerError()
                 # prefer original exception for the response since it may have headers set
                 if isinstance(exception, HTTPException):
                     base_response = exception
                 elif isinstance(exception, VCSCommunicationError):
                     base_response = VCSServerUnavailable()
                 if is_http_error(base_response):
                     traceback_info = format_exc(request.exc_info)
                     log.error(
                         'error occurred handling this request for path: %s, \n%s',
                         request.path, traceback_info)
                 error_explanation = base_response.explanation or str(base_response)
                 if base_response.status_code == 404:
                     error_explanation += " Optionally you don't have permission to access this page."
                 c = AttributeDict()
                 c.error_message = base_response.status
                 c.error_explanation = error_explanation
                 c.visual = AttributeDict()
                 c.visual.rhodecode_support_url = (
                     request.registry.settings.get('rhodecode_support_url') or
                     request.route_url('rhodecode_support')
                 )
                 c.redirect_time = 0
                 c.rhodecode_name = rhodecode_title
                 if not c.rhodecode_name:
                     c.rhodecode_name = 'Rhodecode'
                 c.causes = []
                 if is_http_error(base_response):
                     c.causes.append('Server is overloaded.')
                     c.causes.append('Server database connection is lost.')
                     c.causes.append('Server expected unhandled error.')
                 if hasattr(base_response, 'causes'):
                     c.causes = base_response.causes
                 c.messages = helpers.flash.pop_messages(request=request)
                 exc_info = sys.exc_info()
                 c.exception_id = id(exc_info)
                 c.show_exception_id = isinstance(base_response, VCSServerUnavailable) \
                                       or base_response.status_code > 499
                 c.exception_id_url = request.route_url(
                     'admin_settings_exception_tracker_show', exception_id=c.exception_id)
                 debug_mode = rhodecode.ConfigGet().get_bool('debug')
                 if c.show_exception_id:
                     store_exception(c.exception_id, exc_info)
                 c.exception_debug = debug_mode
                 c.exception_config_ini = rhodecode.CONFIG.get('__file__')
                 if debug_mode:
                     try:
                         from rich.traceback import install
                         install(show_locals=True)
                         log.debug('Installing rich tracebacks...')
                     except ImportError:
                         pass
                 response = render_to_response(
                     '/errors/error_document.mako', {'c': c, 'h': helpers}, request=request,
                     response=base_response)
                 response.headers["X-RC-Exception-Id"] = str(c.exception_id)
                 statsd = request.registry.statsd
                 if statsd and base_response.status_code > 499:
                     exc_type = f"{exception.__class__.__module__}.{exception.__class__.__name__}"
                     statsd.incr('rhodecode_exception_total',
                                 tags=["exc_source:web",
                                       f"http_code:{base_response.status_code}",
                                       f"type:{exc_type}"])
                 return response
             def includeme_first(config):
                 # redirect automatic browser favicon.ico requests to correct place
                 def favicon_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/images/favicon.ico'))
                 config.add_view(favicon_redirect, route_name='favicon')
                 config.add_route('favicon', '/favicon.ico')
                 def robots_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/robots.txt'))
                 config.add_view(robots_redirect, route_name='robots')
                 config.add_route('robots', '/robots.txt')
                 config.add_static_view(
                     '_static/deform', 'deform:static')
                 config.add_static_view(
                     '_static/rhodecode', path='rhodecode:public', cache_max_age=3600 * 24)
             ce_auth_resources = [
                 'rhodecode.authentication.plugins.auth_crowd',
                 'rhodecode.authentication.plugins.auth_headers',
                 'rhodecode.authentication.plugins.auth_jasig_cas',
                 'rhodecode.authentication.plugins.auth_ldap',
                 'rhodecode.authentication.plugins.auth_pam',
                 'rhodecode.authentication.plugins.auth_rhodecode',
                 'rhodecode.authentication.plugins.auth_token',
             ]
             def includeme(config, auth_resources=None):
                 from rhodecode.lib.celerylib.loader import configure_celery
                 log.debug('Initializing main includeme from %s', os.path.basename(__file__))
                 settings = config.registry.settings
                 config.set_request_factory(Request)
                 # plugin information
                 config.registry.rhodecode_plugins = collections.OrderedDict()
                 config.add_directive(
                     'register_rhodecode_plugin', register_rhodecode_plugin)
                 config.add_directive('configure_celery', configure_celery)
                 if settings.get('appenlight', False):
                     config.include('appenlight_client.ext.pyramid_tween')
                 load_all = should_load_all()
                 # Includes which are required. The application would fail without them.
                 config.include('pyramid_mako')
                 config.include('rhodecode.lib.rc_beaker')
                 config.include('rhodecode.lib.rc_cache')
                 config.include('rhodecode.lib.archive_cache')
                 config.include('rhodecode.apps._base.navigation')
                 config.include('rhodecode.apps._base.subscribers')
                 config.include('rhodecode.tweens')
                 config.include('rhodecode.authentication')
                 if load_all:
                     # load CE authentication plugins
                     if auth_resources:
                         ce_auth_resources.extend(auth_resources)
                     for resource in ce_auth_resources:
                         config.include(resource)
                     # Auto discover authentication plugins and include their configuration.
                     if asbool(settings.get('auth_plugin.import_legacy_plugins', 'true')):
                         from rhodecode.authentication import discover_legacy_plugins
                         discover_legacy_plugins(config)
                 # apps
                 if load_all:
                     log.debug('Starting config.include() calls')
                     config.include('rhodecode.api.includeme')
                     config.include('rhodecode.apps._base.includeme')
                     config.include('rhodecode.apps._base.navigation.includeme')
                     config.include('rhodecode.apps._base.subscribers.includeme')
                     config.include('rhodecode.apps.hovercards.includeme')
                     config.include('rhodecode.apps.ops.includeme')
                     config.include('rhodecode.apps.channelstream.includeme')
                     config.include('rhodecode.apps.file_store.includeme')
                     config.include('rhodecode.apps.admin.includeme')
                     config.include('rhodecode.apps.login.includeme')
                     config.include('rhodecode.apps.home.includeme')
                     config.include('rhodecode.apps.journal.includeme')
                     config.include('rhodecode.apps.repository.includeme')
                     config.include('rhodecode.apps.repo_group.includeme')
                     config.include('rhodecode.apps.user_group.includeme')
                     config.include('rhodecode.apps.search.includeme')
                     config.include('rhodecode.apps.user_profile.includeme')
                     config.include('rhodecode.apps.user_group_profile.includeme')
                     config.include('rhodecode.apps.my_account.includeme')
                     config.include('rhodecode.apps.gist.includeme')
                     config.include('rhodecode.apps.svn_support.includeme')
                     config.include('rhodecode.apps.ssh_support.includeme')
                     config.include('rhodecode.apps.debug_style')
                 if load_all:
                     config.include('rhodecode.integrations.includeme')
                     config.include('rhodecode.integrations.routes.includeme')
                 config.add_route('rhodecode_support', 'https://rhodecode.com/help/', static=True)
                 settings['default_locale_name'] = settings.get('lang', 'en')
                 config.add_translation_dirs('rhodecode:i18n/')
                 # Add subscribers.
                 if load_all:
                     log.debug('Adding subscribers...')
                     config.add_subscriber(scan_repositories_if_enabled,
                                           pyramid.events.ApplicationCreated)
                     config.add_subscriber(write_metadata_if_needed,
                                           pyramid.events.ApplicationCreated)
                     config.add_subscriber(write_usage_data,
                                           pyramid.events.ApplicationCreated)
                     config.add_subscriber(write_js_routes_if_enabled,
                                           pyramid.events.ApplicationCreated)
+                    config.add_subscriber(import_license_if_present,
+                                          pyramid.events.ApplicationCreated)
                 # Set the default renderer for HTML templates to mako.
                 config.add_mako_renderer('.html')
                 config.add_renderer(
                     name='json_ext',
                     factory='rhodecode.lib.ext_json_renderer.pyramid_ext_json')
                 config.add_renderer(
                     name='string_html',
                     factory='rhodecode.lib.string_renderer.html')
                 # include RhodeCode plugins
                 includes = aslist(settings.get('rhodecode.includes', []))
                 log.debug('processing rhodecode.includes data...')
                 for inc in includes:
                     config.include(inc)
                 # custom not found view, if our pyramid app doesn't know how to handle
                 # the request pass it to potential VCS handling ap
                 config.add_notfound_view(not_found_view)
                 if not settings.get('debugtoolbar.enabled', False):
                     # disabled debugtoolbar handle all exceptions via the error_handlers
                     config.add_view(error_handler, context=Exception)
                 # all errors including 403/404/50X
                 config.add_view(error_handler, context=HTTPError)
             def wrap_app_in_wsgi_middlewares(pyramid_app, config):
                 """
                 Apply outer WSGI middlewares around the application.
                 """
                 registry = config.registry
                 settings = registry.settings
                 # enable https redirects based on HTTP_X_URL_SCHEME set by proxy
                 pyramid_app = HttpsFixup(pyramid_app, settings)
                 pyramid_app, _ae_client = wrap_in_appenlight_if_enabled(
                     pyramid_app, settings)
                 registry.ae_client = _ae_client
                 if settings['gzip_responses']:
                     pyramid_app = make_gzip_middleware(
                         pyramid_app, settings, compress_level=1)
                 # this should be the outer most middleware in the wsgi stack since
                 # middleware like Routes make database calls
                 def pyramid_app_with_cleanup(environ, start_response):
                     start = time.time()
                     try:
                         return pyramid_app(environ, start_response)
                     finally:
                         # Dispose current database session and rollback uncommitted
                         # transactions.
                         meta.Session.remove()
                         # In a single threaded mode server, on non sqlite db we should have
                         # '0 Current Checked out connections' at the end of a request,
                         # if not, then something, somewhere is leaving a connection open
                         pool = meta.get_engine().pool
                         log.debug('sa pool status: %s', pool.status())
                         total = time.time() - start
                         log.debug('Request processing finalized: %.4fs', total)
                 return pyramid_app_with_cleanup

rhodecode/lib/db_manage.py

0 0 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Database creation, and setup module for RhodeCode Enterprise. Used for creation
             of database as well as for migration operations
             """
             import os
             import sys
             import time
             import uuid
             import logging
             import getpass
             from os.path import dirname as dn, join as jn
             from sqlalchemy.engine import create_engine
             from rhodecode import __dbversion__
             from rhodecode.model import init_model
             from rhodecode.model.user import UserModel
             from rhodecode.model.db import (
                 User, Permission, RhodeCodeUi, RhodeCodeSetting, UserToPerm,
                 DbMigrateVersion, RepoGroup, UserRepoGroupToPerm, CacheKey, Repository)
             from rhodecode.model.meta import Session, Base
             from rhodecode.model.permission import PermissionModel
             from rhodecode.model.repo import RepoModel
             from rhodecode.model.repo_group import RepoGroupModel
             from rhodecode.model.settings import SettingsModel
             log = logging.getLogger(__name__)
             def notify(msg):
                 """
                 Notification for migrations messages
                 """
                 ml = len(msg) + (4 * 2)
                 print((('\n%s\n*** %s ***\n%s' % ('*' * ml, msg, '*' * ml)).upper()))
             class DbManage(object):
                 def __init__(self, log_sql, dbconf, root, tests=False,
                              SESSION=None, cli_args=None, enc_key=b''):
                     self.dbname = dbconf.split('/')[-1]
                     self.tests = tests
                     self.root = root
                     self.dburi = dbconf
                     self.log_sql = log_sql
                     self.cli_args = cli_args or {}
                     self.sa = None
                     self.engine = None
                     self.enc_key = enc_key
                     # sets .sa .engine
                     self.init_db(SESSION=SESSION)
                     self.ask_ok = self.get_ask_ok_func(self.cli_args.get('force_ask'))
                 def db_exists(self):
                     if not self.sa:
                         self.init_db()
                     try:
                         self.sa.query(RhodeCodeUi)\
                             .filter(RhodeCodeUi.ui_key == '/')\
                             .scalar()
                         return True
                     except Exception:
                         return False
                     finally:
                         self.sa.rollback()
                 def get_ask_ok_func(self, param):
                     if param not in [None]:
                         # return a function lambda that has a default set to param
                         return lambda *args, **kwargs: param
                     else:
                         from rhodecode.lib.utils import ask_ok
                         return ask_ok
                 def init_db(self, SESSION=None):
                     if SESSION:
                         self.sa = SESSION
                         self.engine = SESSION.bind
                     else:
                         # init new sessions
                         engine = create_engine(self.dburi, echo=self.log_sql)
                         init_model(engine, encryption_key=self.enc_key)
                         self.sa = Session()
                         self.engine = engine
                 def create_tables(self, override=False):
                     """
                     Create a auth database
                     """
                     log.info("Existing database with the same name is going to be destroyed.")
                     log.info("Setup command will run DROP ALL command on that database.")
                     engine = self.engine
                     if self.tests:
                         destroy = True
                     else:
                         destroy = self.ask_ok('Are you sure that you want to destroy the old database? [y/n]')
                     if not destroy:
                         log.info('db tables bootstrap: Nothing done.')
                         sys.exit(0)
                     if destroy:
                         Base.metadata.drop_all(bind=engine)
                     checkfirst = not override
                     Base.metadata.create_all(bind=engine, checkfirst=checkfirst)
                     log.info('Created tables for %s', self.dbname)
                 def set_db_version(self):
                     ver = DbMigrateVersion()
                     ver.version = __dbversion__
                     ver.repository_id = 'rhodecode_db_migrations'
                     ver.repository_path = 'versions'
                     self.sa.add(ver)
                     log.info('db version set to: %s', __dbversion__)
                 def run_post_migration_tasks(self):
                     """
                     Run various tasks before actually doing migrations
                     """
                     # delete cache keys on each upgrade
                     total = CacheKey.query().count()
                     log.info("Deleting (%s) cache keys now...", total)
                     CacheKey.delete_all_cache()
                 def upgrade(self, version=None):
                     """
                     Upgrades given database schema to given revision following
                     all needed steps, to perform the upgrade
                     """
                     from rhodecode.lib.dbmigrate.migrate.versioning import api
                     from rhodecode.lib.dbmigrate.migrate.exceptions import DatabaseNotControlledError
                     if 'sqlite' in self.dburi:
                         print(
                            '********************** WARNING **********************\n'
                            'Make sure your version of sqlite is at least 3.7.X.  \n'
                            'Earlier versions are known to fail on some migrations\n'
                            '*****************************************************\n')
                     upgrade = self.ask_ok(
                         'You are about to perform a database upgrade. Make '
                         'sure you have backed up your database. '
                         'Continue ? [y/n]')
                     if not upgrade:
                         log.info('No upgrade performed')
                         sys.exit(0)
                     repository_path = jn(dn(dn(dn(os.path.realpath(__file__)))),
                                          'rhodecode/lib/dbmigrate')
                     db_uri = self.dburi
                     if version:
                         DbMigrateVersion.set_version(version)
                     try:
                         curr_version = api.db_version(db_uri, repository_path)
                         msg = (f'Found current database db_uri under version '
                                f'control with version {curr_version}')
                     except (RuntimeError, DatabaseNotControlledError):
                         curr_version = 1
                         msg = f'Current database is not under version control. ' \
                               f'Setting as version {curr_version}'
                         api.version_control(db_uri, repository_path, curr_version)
                     notify(msg)
                     if curr_version == __dbversion__:
                         log.info('This database is already at the newest version')
                         sys.exit(0)
                     upgrade_steps = list(range(curr_version + 1, __dbversion__ + 1))
                     notify(f'attempting to upgrade database from '
                            f'version {curr_version} to version {__dbversion__}')
                     # CALL THE PROPER ORDER OF STEPS TO PERFORM FULL UPGRADE
                     final_step = 'latest'
                     for step in upgrade_steps:
                         notify(f'performing upgrade step {step}')
                         time.sleep(0.5)
                         api.upgrade(db_uri, repository_path, step)
                         self.sa.rollback()
                         notify(f'schema upgrade for step {step} completed')
                         final_step = step
                     self.run_post_migration_tasks()
                     notify(f'upgrade to version {final_step} successful')
                 def fix_repo_paths(self):
                     """
                     Fixes an old RhodeCode version path into new one without a '*'
                     """
                     paths = self.sa.query(RhodeCodeUi)\
                             .filter(RhodeCodeUi.ui_key == '/')\
                             .scalar()
                     paths.ui_value = paths.ui_value.replace('*', '')
                     try:
                         self.sa.add(paths)
                         self.sa.commit()
                     except Exception:
                         self.sa.rollback()
                         raise
                 def fix_default_user(self):
                     """
                     Fixes an old default user with some 'nicer' default values,
                     used mostly for anonymous access
                     """
                     def_user = self.sa.query(User)\
                         .filter(User.username == User.DEFAULT_USER)\
                         .one()
                     def_user.name = 'Anonymous'
                     def_user.lastname = 'User'
                     def_user.email = User.DEFAULT_USER_EMAIL
                     try:
                         self.sa.add(def_user)
                         self.sa.commit()
                     except Exception:
                         self.sa.rollback()
                         raise
                 def fix_settings(self):
                     """
                     Fixes rhodecode settings and adds ga_code key for google analytics
                     """
                     hgsettings3 = RhodeCodeSetting('ga_code', '')
                     try:
                         self.sa.add(hgsettings3)
                         self.sa.commit()
                     except Exception:
                         self.sa.rollback()
                         raise
                 def create_admin_and_prompt(self):
                     # defaults
                     defaults = self.cli_args
                     username = defaults.get('username')
                     password = defaults.get('password')
                     email = defaults.get('email')
                     if username is None:
                         username = input('Specify admin username:')
                     if password is None:
                         password = self._get_admin_password()
                         if not password:
                             # second try
                             password = self._get_admin_password()
                             if not password:
                                 sys.exit()
                     if email is None:
                         email = input('Specify admin email:')
                     api_key = self.cli_args.get('api_key')
                     self.create_user(username, password, email, True,
                                      strict_creation_check=False,
                                      api_key=api_key)
                 def _get_admin_password(self):
                     password = getpass.getpass('Specify admin password '
                                                '(min 6 chars):')
                     confirm = getpass.getpass('Confirm password:')
                     if password != confirm:
                         log.error('passwords mismatch')
                         return False
                     if len(password) < 6:
                         log.error('password is too short - use at least 6 characters')
                         return False
                     return password
                 def create_test_admin_and_users(self):
                     log.info('creating admin and regular test users')
                     from rhodecode.tests import TEST_USER_ADMIN_LOGIN, \
                         TEST_USER_ADMIN_PASS, TEST_USER_ADMIN_EMAIL, \
                         TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS, \
                         TEST_USER_REGULAR_EMAIL, TEST_USER_REGULAR2_LOGIN, \
                         TEST_USER_REGULAR2_PASS, TEST_USER_REGULAR2_EMAIL
                     self.create_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS,
                                      TEST_USER_ADMIN_EMAIL, True, api_key=True)
                     self.create_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,
                                      TEST_USER_REGULAR_EMAIL, False, api_key=True)
                     self.create_user(TEST_USER_REGULAR2_LOGIN, TEST_USER_REGULAR2_PASS,
                                      TEST_USER_REGULAR2_EMAIL, False, api_key=True)
                 def create_ui_settings(self, repo_store_path):
                     """
                     Creates ui settings, fills out hooks
                     and disables dotencode
                     """
                     settings_model = SettingsModel(sa=self.sa)
                     from rhodecode.lib.vcs.backends.hg import largefiles_store
                     from rhodecode.lib.vcs.backends.git import lfs_store
                     # Build HOOKS
                     hooks = [
                         (RhodeCodeUi.HOOK_REPO_SIZE, 'python:vcsserver.hooks.repo_size'),
                         # HG
                         (RhodeCodeUi.HOOK_PRE_PULL, 'python:vcsserver.hooks.pre_pull'),
                         (RhodeCodeUi.HOOK_PULL, 'python:vcsserver.hooks.log_pull_action'),
                         (RhodeCodeUi.HOOK_PRE_PUSH, 'python:vcsserver.hooks.pre_push'),
                         (RhodeCodeUi.HOOK_PRETX_PUSH, 'python:vcsserver.hooks.pre_push'),
                         (RhodeCodeUi.HOOK_PUSH, 'python:vcsserver.hooks.log_push_action'),
                         (RhodeCodeUi.HOOK_PUSH_KEY, 'python:vcsserver.hooks.key_push'),
                     ]
                     for key, value in hooks:
                         hook_obj = settings_model.get_ui_by_key(key)
                         hooks2 = hook_obj if hook_obj else RhodeCodeUi()
                         hooks2.ui_section = 'hooks'
                         hooks2.ui_key = key
                         hooks2.ui_value = value
                         self.sa.add(hooks2)
                     # enable largefiles
                     largefiles = RhodeCodeUi()
                     largefiles.ui_section = 'extensions'
                     largefiles.ui_key = 'largefiles'
                     largefiles.ui_value = ''
                     self.sa.add(largefiles)
                     # set default largefiles cache dir, defaults to
                     # /repo_store_location/.cache/largefiles
                     largefiles = RhodeCodeUi()
                     largefiles.ui_section = 'largefiles'
                     largefiles.ui_key = 'usercache'
                     largefiles.ui_value = largefiles_store(repo_store_path)
                     self.sa.add(largefiles)
                     # set default lfs cache dir, defaults to
                     # /repo_store_location/.cache/lfs_store
                     lfsstore = RhodeCodeUi()
                     lfsstore.ui_section = 'vcs_git_lfs'
                     lfsstore.ui_key = 'store_location'
                     lfsstore.ui_value = lfs_store(repo_store_path)
                     self.sa.add(lfsstore)
                     # enable hgevolve disabled by default
                     hgevolve = RhodeCodeUi()
                     hgevolve.ui_section = 'extensions'
                     hgevolve.ui_key = 'evolve'
                     hgevolve.ui_value = ''
                     hgevolve.ui_active = False
                     self.sa.add(hgevolve)
                     hgevolve = RhodeCodeUi()
                     hgevolve.ui_section = 'experimental'
                     hgevolve.ui_key = 'evolution'
                     hgevolve.ui_value = ''
                     hgevolve.ui_active = False
                     self.sa.add(hgevolve)
                     hgevolve = RhodeCodeUi()
                     hgevolve.ui_section = 'experimental'
                     hgevolve.ui_key = 'evolution.exchange'
                     hgevolve.ui_value = ''
                     hgevolve.ui_active = False
                     self.sa.add(hgevolve)
                     hgevolve = RhodeCodeUi()
                     hgevolve.ui_section = 'extensions'
                     hgevolve.ui_key = 'topic'
                     hgevolve.ui_value = ''
                     hgevolve.ui_active = False
                     self.sa.add(hgevolve)
                     # enable hggit disabled by default
                     hggit = RhodeCodeUi()
                     hggit.ui_section = 'extensions'
                     hggit.ui_key = 'hggit'
                     hggit.ui_value = ''
                     hggit.ui_active = False
                     self.sa.add(hggit)
                     # set svn branch defaults
                     branches = ["/branches/*", "/trunk"]
                     tags = ["/tags/*"]
                     for branch in branches:
                         settings_model.create_ui_section_value(
                             RhodeCodeUi.SVN_BRANCH_ID, branch)
                     for tag in tags:
                         settings_model.create_ui_section_value(RhodeCodeUi.SVN_TAG_ID, tag)
                 def create_auth_plugin_options(self, skip_existing=False):
                     """
                     Create default auth plugin settings, and make it active
                     :param skip_existing:
                     """
                     defaults = [
                         ('auth_plugins',
                          'egg:rhodecode-enterprise-ce#token,egg:rhodecode-enterprise-ce#rhodecode',
                          'list'),
                         ('auth_authtoken_enabled',
                          'True',
                          'bool'),
                         ('auth_rhodecode_enabled',
                          'True',
                          'bool'),
                     ]
                     for k, v, t in defaults:
                         if (skip_existing and
                                 SettingsModel().get_setting_by_name(k) is not None):
                             log.debug('Skipping option %s', k)
                             continue
                         setting = RhodeCodeSetting(k, v, t)
                         self.sa.add(setting)
                 def create_default_options(self, skip_existing=False):
                     """Creates default settings"""
                     for k, v, t in [
                         ('default_repo_enable_locking',  False, 'bool'),
                         ('default_repo_enable_downloads', False, 'bool'),
                         ('default_repo_enable_statistics', False, 'bool'),
                         ('default_repo_private', False, 'bool'),
                         ('default_repo_type', 'hg', 'unicode')]:
                         if (skip_existing and
                                 SettingsModel().get_setting_by_name(k) is not None):
                             log.debug('Skipping option %s', k)
                             continue
                         setting = RhodeCodeSetting(k, v, t)
                         self.sa.add(setting)
                 def fixup_groups(self):
                     def_usr = User.get_default_user()
                     for g in RepoGroup.query().all():
                         g.group_name = g.get_new_name(g.name)
                         self.sa.add(g)
                         # get default perm
                         default = UserRepoGroupToPerm.query()\
                             .filter(UserRepoGroupToPerm.group == g)\
                             .filter(UserRepoGroupToPerm.user == def_usr)\
                             .scalar()
                         if default is None:
                             log.debug('missing default permission for group %s adding', g)
                             perm_obj = RepoGroupModel()._create_default_perms(g)
                             self.sa.add(perm_obj)
                 def reset_permissions(self, username):
                     """
                     Resets permissions to default state, useful when old systems had
                     bad permissions, we must clean them up
                     :param username:
                     """
                     default_user = User.get_by_username(username)
                     if not default_user:
                         return
                     u2p = UserToPerm.query()\
                         .filter(UserToPerm.user == default_user).all()
                     fixed = False
                     if len(u2p) != len(Permission.DEFAULT_USER_PERMISSIONS):
                         for p in u2p:
                             Session().delete(p)
                         fixed = True
                         self.populate_default_permissions()
                     return fixed
                 def config_prompt(self, test_repo_path='', retries=3):
                     defaults = self.cli_args
                     _path = defaults.get('repos_location')
                     if retries == 3:
                         log.info('Setting up repositories config')
                     if _path is not None:
                         path = _path
                     elif not self.tests and not test_repo_path:
                         path = input(
                              'Enter a valid absolute path to store repositories. '
                              'All repositories in that path will be added automatically:'
                         )
                     else:
                         path = test_repo_path
                     path_ok = True
                     # check proper dir
                     if not os.path.isdir(path):
                         path_ok = False
                         log.error('Given path %s is not a valid directory', path)
                     elif not os.path.isabs(path):
                         path_ok = False
                         log.error('Given path %s is not an absolute path', path)
                     # check if path is at least readable.
                     if not os.access(path, os.R_OK):
                         path_ok = False
                         log.error('Given path %s is not readable', path)
                     # check write access, warn user about non writeable paths
                     elif not os.access(path, os.W_OK) and path_ok:
                         log.warning('No write permission to given path %s', path)
                         q = (f'Given path {path} is not writeable, do you want to '
                              f'continue with read only mode ? [y/n]')
                         if not self.ask_ok(q):
                             log.error('Canceled by user')
                             sys.exit(-1)
                     if retries == 0:
                         sys.exit('max retries reached')
                     if not path_ok:
                         retries -= 1
                         return self.config_prompt(test_repo_path, retries)
                     real_path = os.path.normpath(os.path.realpath(path))
                     if real_path != os.path.normpath(path):
                         q = (f'Path looks like a symlink, RhodeCode Enterprise will store '
                              f'given path as {real_path} ? [y/n]')
                         if not self.ask_ok(q):
                             log.error('Canceled by user')
                             sys.exit(-1)
                     return real_path
                 def create_settings(self, path):
                     self.create_ui_settings(path)
                     ui_config = [
-                        ('web', 'push_ssl', 'False'),
                         ('web', 'allow_archive', 'gz zip bz2'),
                         ('web', 'allow_push', '*'),
                         ('web', 'baseurl', '/'),
                         ('paths', '/', path),
                         ('phases', 'publish', 'True')
                     ]
                     for section, key, value in ui_config:
                         ui_conf = RhodeCodeUi()
                         setattr(ui_conf, 'ui_section', section)
                         setattr(ui_conf, 'ui_key', key)
                         setattr(ui_conf, 'ui_value', value)
                         self.sa.add(ui_conf)
                     # rhodecode app settings
                     settings = [
                         ('realm', 'RhodeCode', 'unicode'),
                         ('title', '', 'unicode'),
                         ('pre_code', '', 'unicode'),
                         ('post_code', '', 'unicode'),
                         # Visual
                         ('show_public_icon', True, 'bool'),
                         ('show_private_icon', True, 'bool'),
                         ('stylify_metatags', True, 'bool'),
                         ('dashboard_items', 100, 'int'),
                         ('admin_grid_items', 25, 'int'),
                         ('markup_renderer', 'markdown', 'unicode'),
                         ('repository_fields', True, 'bool'),
                         ('show_version', True, 'bool'),
                         ('show_revision_number', True, 'bool'),
                         ('show_sha_length', 12, 'int'),
                         ('use_gravatar', False, 'bool'),
                         ('gravatar_url', User.DEFAULT_GRAVATAR_URL, 'unicode'),
                         ('clone_uri_tmpl', Repository.DEFAULT_CLONE_URI, 'unicode'),
                         ('clone_uri_id_tmpl', Repository.DEFAULT_CLONE_URI_ID, 'unicode'),
                         ('clone_uri_ssh_tmpl', Repository.DEFAULT_CLONE_URI_SSH, 'unicode'),
                         ('support_url', '', 'unicode'),
                         ('update_url', RhodeCodeSetting.DEFAULT_UPDATE_URL, 'unicode'),
                         # VCS Settings
                         ('pr_merge_enabled', True, 'bool'),
                         ('use_outdated_comments', True, 'bool'),
                         ('diff_cache', True, 'bool'),
                     ]
                     for key, val, type_ in settings:
                         sett = RhodeCodeSetting(key, val, type_)
                         self.sa.add(sett)
                     self.create_auth_plugin_options()
                     self.create_default_options()
                     log.info('created ui config')
                 def create_user(self, username, password, email='', admin=False,
                                 strict_creation_check=True, api_key=None):
                     log.info('creating user `%s`', username)
                     user = UserModel().create_or_update(
                         username, password, email, firstname='RhodeCode', lastname='Admin',
                         active=True, admin=admin, extern_type="rhodecode",
                         strict_creation_check=strict_creation_check)
                     if api_key:
                         log.info('setting a new default auth token for user `%s`', username)
                         UserModel().add_auth_token(
                             user=user, lifetime_minutes=-1,
                             role=UserModel.auth_token_role.ROLE_ALL,
                             description='BUILTIN TOKEN')
                 def create_default_user(self):
                     log.info('creating default user')
                     # create default user for handling default permissions.
                     user = UserModel().create_or_update(username=User.DEFAULT_USER,
                                                         password=str(uuid.uuid1())[:20],
                                                         email=User.DEFAULT_USER_EMAIL,
                                                         firstname='Anonymous',
                                                         lastname='User',
                                                         strict_creation_check=False)
                     # based on configuration options activate/de-activate this user which
                     # controls anonymous access
                     if self.cli_args.get('public_access') is False:
                         log.info('Public access disabled')
                         user.active = False
                         Session().add(user)
                         Session().commit()
                 def create_permissions(self):
                     """
                     Creates all permissions defined in the system
                     """
                     # module.(access|create|change|delete)_[name]
                     # module.(none|read|write|admin)
                     log.info('creating permissions')
                     PermissionModel(self.sa).create_permissions()
                 def populate_default_permissions(self):
                     """
                     Populate default permissions. It will create only the default
                     permissions that are missing, and not alter already defined ones
                     """
                     log.info('creating default user permissions')
                     PermissionModel(self.sa).create_default_user_permissions(user=User.DEFAULT_USER)

rhodecode/lib/middleware/simplevcs.py

0 0 -21

             # Copyright (C) 2014-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             SimpleVCS middleware for handling protocol request (push/clone etc.)
             It's implemented with basic auth function
             """
             import os
             import re
             import logging
             import importlib
             from functools import wraps
             import time
             from paste.httpheaders import REMOTE_USER, AUTH_TYPE
             from pyramid.httpexceptions import (
                 HTTPNotFound, HTTPForbidden, HTTPNotAcceptable, HTTPInternalServerError)
             from zope.cachedescriptors.property import Lazy as LazyProperty
             import rhodecode
             from rhodecode.authentication.base import authenticate, VCS_TYPE, loadplugin
             from rhodecode.lib import rc_cache
             from rhodecode.lib.svn_txn_utils import store_txn_id_data
             from rhodecode.lib.auth import AuthUser, HasPermissionAnyMiddleware
             from rhodecode.lib.base import (
                 BasicAuth, get_ip_addr, get_user_agent, vcs_operation_context)
             from rhodecode.lib.exceptions import (UserCreationError, NotAllowedToCreateUserError)
             from rhodecode.lib.hook_daemon.base import prepare_callback_daemon
             from rhodecode.lib.middleware import appenlight
             from rhodecode.lib.middleware.utils import scm_app_http
             from rhodecode.lib.str_utils import safe_bytes, safe_int
             from rhodecode.lib.utils import is_valid_repo, SLUG_RE
             from rhodecode.lib.utils2 import safe_str, fix_PATH, str2bool
             from rhodecode.lib.vcs.conf import settings as vcs_settings
             from rhodecode.lib.vcs.backends import base
             from rhodecode.model import meta
             from rhodecode.model.db import User, Repository, PullRequest
             from rhodecode.model.scm import ScmModel
             from rhodecode.model.pull_request import PullRequestModel
             from rhodecode.model.settings import SettingsModel, VcsSettingsModel
             log = logging.getLogger(__name__)
             def initialize_generator(factory):
                 """
                 Initializes the returned generator by draining its first element.
                 This can be used to give a generator an initializer, which is the code
                 up to the first yield statement. This decorator enforces that the first
                 produced element has the value ``"__init__"`` to make its special
                 purpose very explicit in the using code.
                 """
                 @wraps(factory)
                 def wrapper(*args, **kwargs):
                     gen = factory(*args, **kwargs)
                     try:
                         init = next(gen)
                     except StopIteration:
                         raise ValueError('Generator must yield at least one element.')
                     if init != "__init__":
                         raise ValueError('First yielded element must be "__init__".')
                     return gen
                 return wrapper
             class SimpleVCS(object):
                 """Common functionality for SCM HTTP handlers."""
                 SCM = 'unknown'
                 acl_repo_name = None
                 url_repo_name = None
                 vcs_repo_name = None
                 rc_extras = {}
                 # We have to handle requests to shadow repositories different than requests
                 # to normal repositories. Therefore we have to distinguish them. To do this
                 # we use this regex which will match only on URLs pointing to shadow
                 # repositories.
                 shadow_repo_re = re.compile(
                     '(?P<groups>(?:{slug_pat}/)*)'   # repo groups
                     '(?P<target>{slug_pat})/'        # target repo
                     'pull-request/(?P<pr_id>\\d+)/'  # pull request
                     'repository$'                    # shadow repo
                     .format(slug_pat=SLUG_RE.pattern))
                 def __init__(self, config, registry):
                     self.registry = registry
                     self.config = config
                     # re-populated by specialized middleware
                     self.repo_vcs_config = base.Config()
                     rc_settings = SettingsModel().get_all_settings(cache=True, from_request=False)
                     realm = rc_settings.get('rhodecode_realm') or 'RhodeCode AUTH'
                     # authenticate this VCS request using authfunc
                     auth_ret_code_detection = \
                         str2bool(self.config.get('auth_ret_code_detection', False))
                     self.authenticate = BasicAuth(
                         '', authenticate, registry, config.get('auth_ret_code'),
                         auth_ret_code_detection, rc_realm=realm)
                     self.ip_addr = '0.0.0.0'
                 @LazyProperty
                 def global_vcs_config(self):
                     try:
                         return VcsSettingsModel().get_ui_settings_as_config_obj()
                     except Exception:
                         return base.Config()
                 @property
                 def base_path(self):
                     settings_path = self.config.get('repo_store.path')
                     if not settings_path:
                         raise ValueError('FATAL: repo_store.path is empty')
                     return settings_path
                 def set_repo_names(self, environ):
                     """
                     This will populate the attributes acl_repo_name, url_repo_name,
                     vcs_repo_name and is_shadow_repo. In case of requests to normal (non
                     shadow) repositories all names are equal. In case of requests to a
                     shadow repository the acl-name points to the target repo of the pull
                     request and the vcs-name points to the shadow repo file system path.
                     The url-name is always the URL used by the vcs client program.
                     Example in case of a shadow repo:
                         acl_repo_name = RepoGroup/MyRepo
                         url_repo_name = RepoGroup/MyRepo/pull-request/3/repository
                         vcs_repo_name = /repo/base/path/RepoGroup/.__shadow_MyRepo_pr-3'
                     """
                     # First we set the repo name from URL for all attributes. This is the
                     # default if handling normal (non shadow) repo requests.
                     self.url_repo_name = self._get_repository_name(environ)
                     self.acl_repo_name = self.vcs_repo_name = self.url_repo_name
                     self.is_shadow_repo = False
                     # Check if this is a request to a shadow repository.
                     match = self.shadow_repo_re.match(self.url_repo_name)
                     if match:
                         match_dict = match.groupdict()
                         # Build acl repo name from regex match.
                         acl_repo_name = safe_str('{groups}{target}'.format(
                             groups=match_dict['groups'] or '',
                             target=match_dict['target']))
                         # Retrieve pull request instance by ID from regex match.
                         pull_request = PullRequest.get(match_dict['pr_id'])
                         # Only proceed if we got a pull request and if acl repo name from
                         # URL equals the target repo name of the pull request.
                         if pull_request and (acl_repo_name == pull_request.target_repo.repo_name):
                             # Get file system path to shadow repository.
                             workspace_id = PullRequestModel()._workspace_id(pull_request)
                             vcs_repo_name = pull_request.target_repo.get_shadow_repository_path(workspace_id)
                             # Store names for later usage.
                             self.vcs_repo_name = vcs_repo_name
                             self.acl_repo_name = acl_repo_name
                             self.is_shadow_repo = True
                     log.debug('Setting all VCS repository names: %s', {
                         'acl_repo_name': self.acl_repo_name,
                         'url_repo_name': self.url_repo_name,
                         'vcs_repo_name': self.vcs_repo_name,
                     })
                 @property
                 def scm_app(self):
                     custom_implementation = self.config['vcs.scm_app_implementation']
                     if custom_implementation == 'http':
                         log.debug('Using HTTP implementation of scm app.')
                         scm_app_impl = scm_app_http
                     else:
                         log.debug('Using custom implementation of scm_app: "{}"'.format(
                             custom_implementation))
                         scm_app_impl = importlib.import_module(custom_implementation)
                     return scm_app_impl
                 def _get_by_id(self, repo_name):
                     """
                     Gets a special pattern _<ID> from clone url and tries to replace it
                     with a repository_name for support of _<ID> non changeable urls
                     """
                     data = repo_name.split('/')
                     if len(data) >= 2:
                         from rhodecode.model.repo import RepoModel
                         by_id_match = RepoModel().get_repo_by_id(repo_name)
                         if by_id_match:
                             data[1] = by_id_match.repo_name
                     # Because PEP-3333-WSGI uses bytes-tunneled-in-latin-1 as PATH_INFO
                     # and we use this data
                     maybe_new_path = '/'.join(data)
                     return safe_bytes(maybe_new_path).decode('latin1')
                 def _invalidate_cache(self, repo_name):
                     """
                     Set's cache for this repository for invalidation on next access
                     :param repo_name: full repo name, also a cache key
                     """
                     ScmModel().mark_for_invalidation(repo_name)
                 def is_valid_and_existing_repo(self, repo_name, base_path, scm_type):
                     db_repo = Repository.get_by_repo_name(repo_name)
                     if not db_repo:
                         log.debug('Repository `%s` not found inside the database.',
                                   repo_name)
                         return False
                     if db_repo.repo_type != scm_type:
                         log.warning(
                             'Repository `%s` have incorrect scm_type, expected %s got %s',
                             repo_name, db_repo.repo_type, scm_type)
                         return False
                     config = db_repo._config
                     config.set('extensions', 'largefiles', '')
                     return is_valid_repo(
                         repo_name, base_path,
                         explicit_scm=scm_type, expect_scm=scm_type, config=config)
                 def valid_and_active_user(self, user):
                     """
                     Checks if that user is not empty, and if it's actually object it checks
                     if he's active.
                     :param user: user object or None
                     :return: boolean
                     """
                     if user is None:
                         return False
                     elif user.active:
                         return True
                     return False
                 @property
                 def is_shadow_repo_dir(self):
                     return os.path.isdir(self.vcs_repo_name)
                 def _check_permission(self, action, user, auth_user, repo_name, ip_addr=None,
                                       plugin_id='', plugin_cache_active=False, cache_ttl=0):
                     """
                     Checks permissions using action (push/pull) user and repository
                     name. If plugin_cache and ttl is set it will use the plugin which
                     authenticated the user to store the cached permissions result for N
                     amount of seconds as in cache_ttl
                     :param action: push or pull action
                     :param user: user instance
                     :param repo_name: repository name
                     """
                     log.debug('AUTH_CACHE_TTL for permissions `%s` active: %s (TTL: %s)',
                               plugin_id, plugin_cache_active, cache_ttl)
                     user_id = user.user_id
                     cache_namespace_uid = f'cache_user_auth.{rc_cache.PERMISSIONS_CACHE_VER}.{user_id}'
                     region = rc_cache.get_or_create_region('cache_perms', cache_namespace_uid)
                     @region.conditional_cache_on_arguments(namespace=cache_namespace_uid,
                                                            expiration_time=cache_ttl,
                                                            condition=plugin_cache_active)
                     def compute_perm_vcs(
                             cache_name, plugin_id, action, user_id, repo_name, ip_addr):
                         log.debug('auth: calculating permission access now...')
                         # check IP
                         inherit = user.inherit_default_permissions
                         ip_allowed = AuthUser.check_ip_allowed(
                             user_id, ip_addr, inherit_from_default=inherit)
                         if ip_allowed:
                             log.info('Access for IP:%s allowed', ip_addr)
                         else:
                             return False
                         if action == 'push':
                             perms = ('repository.write', 'repository.admin')
                             if not HasPermissionAnyMiddleware(*perms)(auth_user, repo_name):
                                 return False
                         else:
                             # any other action need at least read permission
                             perms = (
                                 'repository.read', 'repository.write', 'repository.admin')
                             if not HasPermissionAnyMiddleware(*perms)(auth_user, repo_name):
                                 return False
                         return True
                     start = time.time()
                     log.debug('Running plugin `%s` permissions check', plugin_id)
                     # for environ based auth, password can be empty, but then the validation is
                     # on the server that fills in the env data needed for authentication
                     perm_result = compute_perm_vcs(
                         'vcs_permissions', plugin_id, action, user.user_id, repo_name, ip_addr)
                     auth_time = time.time() - start
                     log.debug('Permissions for plugin `%s` completed in %.4fs, '
                               'expiration time of fetched cache %.1fs.',
                               plugin_id, auth_time, cache_ttl)
                     return perm_result
                 def _get_http_scheme(self, environ):
                     try:
                         return environ['wsgi.url_scheme']
                     except Exception:
                         log.exception('Failed to read http scheme')
                         return 'http'
-                def _check_ssl(self, environ, start_response):
-                    """
-                    Checks the SSL check flag and returns False if SSL is not present
-                    and required True otherwise
-                    """
-                    org_proto = environ['wsgi._org_proto']
-                    # check if we have SSL required  ! if not it's a bad request !
-                    require_ssl = str2bool(self.repo_vcs_config.get('web', 'push_ssl'))
-                    if require_ssl and org_proto == 'http':
-                        log.debug(
-                            'Bad request: detected protocol is `%s` and '
-                            'SSL/HTTPS is required.', org_proto)
-                        return False
-                    return True
                 def _get_default_cache_ttl(self):
                     # take AUTH_CACHE_TTL from the `rhodecode` auth plugin
                     plugin = loadplugin('egg:rhodecode-enterprise-ce#rhodecode')
                     plugin_settings = plugin.get_settings()
                     plugin_cache_active, cache_ttl = plugin.get_ttl_cache(
                         plugin_settings) or (False, 0)
                     return plugin_cache_active, cache_ttl
                 def __call__(self, environ, start_response):
                     try:
                         return self._handle_request(environ, start_response)
                     except Exception:
                         log.exception("Exception while handling request")
                         appenlight.track_exception(environ)
                         return HTTPInternalServerError()(environ, start_response)
                     finally:
                         meta.Session.remove()
                 def _handle_request(self, environ, start_response):
-                    if not self._check_ssl(environ, start_response):
-                        reason = ('SSL required, while RhodeCode was unable '
-                                  'to detect this as SSL request')
-                        log.debug('User not allowed to proceed, %s', reason)
-                        return HTTPNotAcceptable(reason)(environ, start_response)
                     if not self.url_repo_name:
                         log.warning('Repository name is empty: %s', self.url_repo_name)
                         # failed to get repo name, we fail now
                         return HTTPNotFound()(environ, start_response)
                     log.debug('Extracted repo name is %s', self.url_repo_name)
                     ip_addr = get_ip_addr(environ)
                     user_agent = get_user_agent(environ)
                     username = None
                     # skip passing error to error controller
                     environ['pylons.status_code_redirect'] = True
                     # ======================================================================
                     # GET ACTION PULL or PUSH
                     # ======================================================================
                     action = self._get_action(environ)
                     # ======================================================================
                     # Check if this is a request to a shadow repository of a pull request.
                     # In this case only pull action is allowed.
                     # ======================================================================
                     if self.is_shadow_repo and action != 'pull':
                         reason = 'Only pull action is allowed for shadow repositories.'
                         log.debug('User not allowed to proceed, %s', reason)
                         return HTTPNotAcceptable(reason)(environ, start_response)
                     # Check if the shadow repo actually exists, in case someone refers
                     # to it, and it has been deleted because of successful merge.
                     if self.is_shadow_repo and not self.is_shadow_repo_dir:
                         log.debug(
                             'Shadow repo detected, and shadow repo dir `%s` is missing',
                             self.is_shadow_repo_dir)
                         return HTTPNotFound()(environ, start_response)
                     # ======================================================================
                     # CHECK ANONYMOUS PERMISSION
                     # ======================================================================
                     detect_force_push = False
                     check_branch_perms = False
                     if action in ['pull', 'push']:
                         user_obj = anonymous_user = User.get_default_user()
                         auth_user = user_obj.AuthUser()
                         username = anonymous_user.username
                         if anonymous_user.active:
                             plugin_cache_active, cache_ttl = self._get_default_cache_ttl()
                             # ONLY check permissions if the user is activated
                             anonymous_perm = self._check_permission(
                                 action, anonymous_user, auth_user, self.acl_repo_name, ip_addr,
                                 plugin_id='anonymous_access',
                                 plugin_cache_active=plugin_cache_active,
                                 cache_ttl=cache_ttl,
                             )
                         else:
                             anonymous_perm = False
                         if not anonymous_user.active or not anonymous_perm:
                             if not anonymous_user.active:
                                 log.debug('Anonymous access is disabled, running '
                                           'authentication')
                             if not anonymous_perm:
                                 log.debug('Not enough credentials to access repo: `%s` '
                                           'repository as anonymous user', self.acl_repo_name)
                             username = None
                             # ==============================================================
                             # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE
                             # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS
                             # ==============================================================
                             # try to auth based on environ, container auth methods
                             log.debug('Running PRE-AUTH for container|headers based authentication')
                             # headers auth, by just reading special headers and bypass the auth with user/passwd
                             pre_auth = authenticate(
                                 '', '', environ, VCS_TYPE, registry=self.registry,
                                 acl_repo_name=self.acl_repo_name)
                             if pre_auth and pre_auth.get('username'):
                                 username = pre_auth['username']
                             log.debug('PRE-AUTH got `%s` as username', username)
                             if pre_auth:
                                 log.debug('PRE-AUTH successful from %s',
                                           pre_auth.get('auth_data', {}).get('_plugin'))
                             # If not authenticated by the container, running basic auth
                             # before inject the calling repo_name for special scope checks
                             self.authenticate.acl_repo_name = self.acl_repo_name
                             plugin_cache_active, cache_ttl = False, 0
                             plugin = None
                             # regular auth chain
                             if not username:
                                 self.authenticate.realm = self.authenticate.get_rc_realm()
                                 try:
                                     auth_result = self.authenticate(environ)
                                 except (UserCreationError, NotAllowedToCreateUserError) as e:
                                     log.error(e)
                                     reason = safe_str(e)
                                     return HTTPNotAcceptable(reason)(environ, start_response)
                                 if isinstance(auth_result, dict):
                                     AUTH_TYPE.update(environ, 'basic')
                                     REMOTE_USER.update(environ, auth_result['username'])
                                     username = auth_result['username']
                                     plugin = auth_result.get('auth_data', {}).get('_plugin')
                                     log.info(
                                         'MAIN-AUTH successful for user `%s` from %s plugin',
                                         username, plugin)
                                     plugin_cache_active, cache_ttl = auth_result.get(
                                         'auth_data', {}).get('_ttl_cache') or (False, 0)
                                 else:
                                     return auth_result.wsgi_application(environ, start_response)
                             # ==============================================================
                             # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME
                             # ==============================================================
                             user = User.get_by_username(username)
                             if not self.valid_and_active_user(user):
                                 return HTTPForbidden()(environ, start_response)
                             username = user.username
                             user_id = user.user_id
                             # check user attributes for password change flag
                             user_obj = user
                             auth_user = user_obj.AuthUser()
                             if user_obj and user_obj.username != User.DEFAULT_USER and \
                                     user_obj.user_data.get('force_password_change'):
                                 reason = 'password change required'
                                 log.debug('User not allowed to authenticate, %s', reason)
                                 return HTTPNotAcceptable(reason)(environ, start_response)
                             # check permissions for this repository
                             perm = self._check_permission(
                                 action, user, auth_user, self.acl_repo_name, ip_addr,
                                 plugin, plugin_cache_active, cache_ttl)
                             if not perm:
                                 return HTTPForbidden()(environ, start_response)
                             environ['rc_auth_user_id'] = str(user_id)
                         if action == 'push':
                             perms = auth_user.get_branch_permissions(self.acl_repo_name)
                             if perms:
                                 check_branch_perms = True
                                 detect_force_push = True
                     # extras are injected into UI object and later available
                     # in hooks executed by RhodeCode
                     check_locking = _should_check_locking(environ.get('QUERY_STRING'))
                     extras = vcs_operation_context(
                         environ, repo_name=self.acl_repo_name, username=username,
                         action=action, scm=self.SCM, check_locking=check_locking,
                         is_shadow_repo=self.is_shadow_repo, check_branch_perms=check_branch_perms,
                         detect_force_push=detect_force_push
                     )
                     # ======================================================================
                     # REQUEST HANDLING
                     # ======================================================================
                     repo_path = os.path.join(
                         safe_str(self.base_path), safe_str(self.vcs_repo_name))
                     log.debug('Repository path is %s', repo_path)
                     fix_PATH()
                     log.info(
                         '%s action on %s repo "%s" by "%s" from %s %s',
                         action, self.SCM, safe_str(self.url_repo_name),
                         safe_str(username), ip_addr, user_agent)
                     return self._generate_vcs_response(
                         environ, start_response, repo_path, extras, action)
                 def _get_txn_id(self, environ):
                     for k in ['RAW_URI', 'HTTP_DESTINATION']:
                         url = environ.get(k)
                         if not url:
                             continue
                         # regex to search for svn-txn-id
                         pattern = r'/!svn/txr/([^/]+)/'
                         # Search for the pattern in the URL
                         match = re.search(pattern, url)
                         # Check if a match is found and extract the captured group
                         if match:
                             txn_id = match.group(1)
                             return txn_id
                 @initialize_generator
                 def _generate_vcs_response(
                         self, environ, start_response, repo_path, extras, action):
                     """
                     Returns a generator for the response content.
                     This method is implemented as a generator, so that it can trigger
                     the cache validation after all content sent back to the client. It
                     also handles the locking exceptions which will be triggered when
                     the first chunk is produced by the underlying WSGI application.
                     """
                     svn_txn_id = ''
                     if action == 'push':
                         svn_txn_id = self._get_txn_id(environ)
                     callback_daemon, extras = self._prepare_callback_daemon(
                         extras, environ, action, txn_id=svn_txn_id)
                     if svn_txn_id:
                         port = safe_int(extras['hooks_uri'].split(':')[-1])
                         txn_id_data = extras.copy()
                         txn_id_data.update({'port': port})
                         txn_id_data.update({'req_method': environ['REQUEST_METHOD']})
                         full_repo_path = repo_path
                         store_txn_id_data(full_repo_path, svn_txn_id, txn_id_data)
                     log.debug('HOOKS extras is %s', extras)
                     http_scheme = self._get_http_scheme(environ)
                     config = self._create_config(extras, self.acl_repo_name, scheme=http_scheme)
                     app = self._create_wsgi_app(repo_path, self.url_repo_name, config)
                     with callback_daemon:
                         app.rc_extras = extras
                         try:
                             response = app(environ, start_response)
                         finally:
                             # This statement works together with the decorator
                             # "initialize_generator" above. The decorator ensures that
                             # we hit the first yield statement before the generator is
                             # returned back to the WSGI server. This is needed to
                             # ensure that the call to "app" above triggers the
                             # needed callback to "start_response" before the
                             # generator is actually used.
                             yield "__init__"
                         # iter content
                         for chunk in response:
                             yield chunk
                         try:
                             # invalidate cache on push
                             if action == 'push':
                                 self._invalidate_cache(self.url_repo_name)
                         finally:
                             meta.Session.remove()
                 def _get_repository_name(self, environ):
                     """Get repository name out of the environmnent
                     :param environ: WSGI environment
                     """
                     raise NotImplementedError()
                 def _get_action(self, environ):
                     """Map request commands into a pull or push command.
                     :param environ: WSGI environment
                     """
                     raise NotImplementedError()
                 def _create_wsgi_app(self, repo_path, repo_name, config):
                     """Return the WSGI app that will finally handle the request."""
                     raise NotImplementedError()
                 def _create_config(self, extras, repo_name, scheme='http'):
                     """Create a safe config representation."""
                     raise NotImplementedError()
                 def _should_use_callback_daemon(self, extras, environ, action):
                     if extras.get('is_shadow_repo'):
                         # we don't want to execute hooks, and callback daemon for shadow repos
                         return False
                     return True
                 def _prepare_callback_daemon(self, extras, environ, action, txn_id=None):
                     protocol = vcs_settings.HOOKS_PROTOCOL
                     if not self._should_use_callback_daemon(extras, environ, action):
                         # disable callback daemon for actions that don't require it
                         protocol = 'local'
                     return prepare_callback_daemon(
                         extras, protocol=protocol,
                         host=vcs_settings.HOOKS_HOST, txn_id=txn_id)
             def _should_check_locking(query_string):
                 # this is kind of hacky, but due to how mercurial handles client-server
                 # server see all operation on commit; bookmarks, phases and
                 # obsolescence marker in different transaction, we don't want to check
                 # locking on those
                 return query_string not in ['cmd=listkeys']

rhodecode/lib/middleware/vcs.py

0 +11 -7

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import gzip
             import shutil
             import logging
             import tempfile
             import urllib.parse
             from webob.exc import HTTPNotFound
             import rhodecode
             from rhodecode.apps._base import ADMIN_PREFIX
             from rhodecode.lib.middleware.utils import get_path_info
             from rhodecode.lib.middleware.appenlight import wrap_in_appenlight_if_enabled
             from rhodecode.lib.middleware.simplegit import SimpleGit, GIT_PROTO_PAT
             from rhodecode.lib.middleware.simplehg import SimpleHg
             from rhodecode.lib.middleware.simplesvn import SimpleSvn
             from rhodecode.lib.str_utils import safe_str
             from rhodecode.model.settings import VcsSettingsModel
             log = logging.getLogger(__name__)
             VCS_TYPE_KEY = '_rc_vcs_type'
             VCS_TYPE_SKIP = '_rc_vcs_skip'
             def is_git(environ):
                 """
                 Returns True if requests should be handled by GIT wsgi middleware
                 """
                 path_info = get_path_info(environ)
                 is_git_path = GIT_PROTO_PAT.match(path_info)
                 log.debug(
                     'request path: `%s` detected as GIT PROTOCOL %s', path_info,
                     is_git_path is not None)
                 return is_git_path
             def is_hg(environ):
                 """
                 Returns True if requests target is mercurial server - header
                 ``HTTP_ACCEPT`` of such request would start with ``application/mercurial``.
                 """
                 is_hg_path = False
                 http_accept = environ.get('HTTP_ACCEPT')
                 if http_accept and http_accept.startswith('application/mercurial'):
                     query = urllib.parse.parse_qs(environ['QUERY_STRING'])
                     if 'cmd' in query:
                         is_hg_path = True
                 path_info = get_path_info(environ)
                 log.debug(
                     'request path: `%s` detected as HG PROTOCOL %s', path_info,
                     is_hg_path)
                 return is_hg_path
             def is_svn(environ):
                 """
                 Returns True if requests target is Subversion server
                 """
                 http_dav = environ.get('HTTP_DAV', '')
                 magic_path_segment = rhodecode.CONFIG.get(
                     'rhodecode_subversion_magic_path', '/!svn')
                 path_info = get_path_info(environ)
                 req_method = environ['REQUEST_METHOD']
                 is_svn_path = (
                     'subversion' in http_dav or
                     magic_path_segment in path_info
                     or req_method in ['PROPFIND', 'PROPPATCH', 'HEAD']
                 )
                 log.debug(
                     'request path: `%s` detected as SVN PROTOCOL %s', path_info,
                     is_svn_path)
                 return is_svn_path
             class GunzipMiddleware(object):
                 """
                 WSGI middleware that unzips gzip-encoded requests before
                 passing on to the underlying application.
                 """
                 def __init__(self, application):
                     self.app = application
                 def __call__(self, environ, start_response):
                     accepts_encoding_header = safe_str(environ.get('HTTP_CONTENT_ENCODING', ''))
                     if 'gzip' in accepts_encoding_header:
                         log.debug('gzip detected, now running gunzip wrapper')
                         wsgi_input = environ['wsgi.input']
                         if not hasattr(environ['wsgi.input'], 'seek'):
                             # The gzip implementation in the standard library of Python 2.x
                             # requires the '.seek()' and '.tell()' methods to be available
                             # on the input stream.  Read the data into a temporary file to
                             # work around this limitation.
                             wsgi_input = tempfile.SpooledTemporaryFile(64 * 1024 * 1024)
                             shutil.copyfileobj(environ['wsgi.input'], wsgi_input)
                             wsgi_input.seek(0)
                         environ['wsgi.input'] = gzip.GzipFile(fileobj=wsgi_input, mode='r')
                         # since we "Ungzipped" the content we say now it's no longer gzip
                         # content encoding
                         del environ['HTTP_CONTENT_ENCODING']
                         # content length has changes ? or i'm not sure
                         if 'CONTENT_LENGTH' in environ:
                             del environ['CONTENT_LENGTH']
                     else:
                         log.debug('content not gzipped, gzipMiddleware passing '
                                   'request further')
                     return self.app(environ, start_response)
             def is_vcs_call(environ):
                 if VCS_TYPE_KEY in environ:
                     raw_type = environ[VCS_TYPE_KEY]
                     return raw_type and raw_type != VCS_TYPE_SKIP
                 return False
             def detect_vcs_request(environ, backends):
                 checks = {
                     'hg': (is_hg, SimpleHg),
                     'git': (is_git, SimpleGit),
                     'svn': (is_svn, SimpleSvn),
                 }
                 handler = None
                 # List of path views first chunk we don't do any checks
                 white_list = [
                     # favicon often requested by browsers
                     'favicon.ico',
+                    # static files no detection
+                    '_static++',
+                    # debug-toolbar
+                    '_debug_toolbar++',
                     # e.g /_file_store/download
                     '_file_store++',
                     # login
-                    "_admin/login",
+                    f"{ADMIN_PREFIX}/login",
+                    f"{ADMIN_PREFIX}/logout",
                     # 2fa
                     f"{ADMIN_PREFIX}/check_2fa",
                     f"{ADMIN_PREFIX}/setup_2fa",
                     # _admin/api is safe too
                     f'{ADMIN_PREFIX}/api',
                     # _admin/gist is safe too
                     f'{ADMIN_PREFIX}/gists++',
                     # _admin/my_account is safe too
                     f'{ADMIN_PREFIX}/my_account++',
-                    # static files no detection
-                    '_static++',
-                    # debug-toolbar
-                    '_debug_toolbar++',
                     # skip ops ping, status
                     f'{ADMIN_PREFIX}/ops/ping',
                     f'{ADMIN_PREFIX}/ops/status',
                     # full channelstream connect should be VCS skipped
                     f'{ADMIN_PREFIX}/channelstream/connect',
                     '++/repo_creating_check'
                 ]
                 path_info = get_path_info(environ)
                 path_url = path_info.lstrip('/')
                 req_method = environ.get('REQUEST_METHOD')
                 for item in white_list:
+                    item = item.lstrip('/')
                     if item.endswith('++') and path_url.startswith(item[:-2]):
                         log.debug('path `%s` in whitelist (match:%s), skipping...', path_url, item)
                         return handler
                     if item.startswith('++') and path_url.endswith(item[2:]):
                         log.debug('path `%s` in whitelist (match:%s), skipping...', path_url, item)
                         return handler
                     if item == path_url:
                         log.debug('path `%s` in whitelist (match:%s), skipping...', path_url, item)
                         return handler
                 if VCS_TYPE_KEY in environ:
                     raw_type = environ[VCS_TYPE_KEY]
                     if raw_type == VCS_TYPE_SKIP:
                         log.debug('got `skip` marker for vcs detection, skipping...')
                         return handler
                     _check, handler = checks.get(raw_type) or [None, None]
                     if handler:
                         log.debug('got handler:%s from environ', handler)
                 if not handler:
                     log.debug('request start: checking if request for `%s:%s` is of VCS type in order: %s',
                               req_method, path_url, backends)
                     for vcs_type in backends:
                         vcs_check, _handler = checks[vcs_type]
                         if vcs_check(environ):
                             log.debug('vcs handler found %s', _handler)
                             handler = _handler
                             break
                 return handler
             class VCSMiddleware(object):
                 def __init__(self, app, registry, config, appenlight_client):
                     self.application = app
                     self.registry = registry
                     self.config = config
                     self.appenlight_client = appenlight_client
                     self.use_gzip = True
                     # order in which we check the middlewares, based on vcs.backends config
                     self.check_middlewares = config['vcs.backends']
                 def vcs_config(self, repo_name=None):
                     """
                     returns serialized VcsSettings
                     """
                     try:
                         return VcsSettingsModel(
                             repo=repo_name).get_ui_settings_as_config_obj()
                     except Exception:
                         pass
                 def wrap_in_gzip_if_enabled(self, app, config):
                     if self.use_gzip:
                         app = GunzipMiddleware(app)
                     return app
                 def _get_handler_app(self, environ):
                     app = None
                     log.debug('VCSMiddleware: detecting vcs type.')
                     handler = detect_vcs_request(environ, self.check_middlewares)
                     if handler:
                         app = handler(self.config, self.registry)
                     return app
                 def __call__(self, environ, start_response):
                     # check if we handle one of interesting protocols, optionally extract
                     # specific vcsSettings and allow changes of how things are wrapped
                     vcs_handler = self._get_handler_app(environ)
                     if vcs_handler:
                         # translate the _REPO_ID into real repo NAME for usage
                         # in middleware
                         path_info = get_path_info(environ)
                         environ['PATH_INFO'] = vcs_handler._get_by_id(path_info)
                         # Set acl, url and vcs repo names.
                         vcs_handler.set_repo_names(environ)
                         # register repo config back to the handler
                         vcs_conf = self.vcs_config(vcs_handler.acl_repo_name)
                         # maybe damaged/non existent settings. We still want to
                         # pass that point to validate on is_valid_and_existing_repo
                         # and return proper HTTP Code back to client
                         if vcs_conf:
                             vcs_handler.repo_vcs_config = vcs_conf
                         # check for type, presence in database and on filesystem
                         if not vcs_handler.is_valid_and_existing_repo(
                                 vcs_handler.acl_repo_name,
                                 vcs_handler.base_path,
                                 vcs_handler.SCM):
                             return HTTPNotFound()(environ, start_response)
                         environ['REPO_NAME'] = vcs_handler.url_repo_name
                         # Wrap handler in middlewares if they are enabled.
                         vcs_handler = self.wrap_in_gzip_if_enabled(
                             vcs_handler, self.config)
                         vcs_handler, _ = wrap_in_appenlight_if_enabled(
                             vcs_handler, self.config, self.appenlight_client)
                         return vcs_handler(environ, start_response)
                     return self.application(environ, start_response)

rhodecode/lib/rc_commands/setup_rc.py

0 +4 -5

             # Copyright (C) 2016-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             import click
             import pyramid.paster
             from rhodecode.lib.pyramid_utils import bootstrap
             from rhodecode.lib.config_utils import get_app_config
             from rhodecode.lib.db_manage import DbManage
             from rhodecode.lib.utils2 import get_encryption_key
             from rhodecode.model.db import Session
             log = logging.getLogger(__name__)
             @click.command()
             @click.argument('ini_path', type=click.Path(exists=True))
             @click.option(
                 '--force-yes/--force-no', default=None,
                 help="Force yes/no to every question")
             @click.option(
                 '--user',
                 default=None,
                 help='Initial super-admin username')
             @click.option(
                 '--email',
                 default=None,
                 help='Initial super-admin email address.')
             @click.option(
                 '--password',
                 default=None,
                 help='Initial super-admin password. Minimum 6 chars.')
             @click.option(
                 '--api-key',
                 help='Initial API key for the admin user')
             @click.option(
                 '--repos',
                 default=None,
                 help='Absolute path to storage location. This is storage for all '
                      'existing and future repositories, and repository groups.')
             @click.option(
                 '--public-access/--no-public-access',
                 default=None,
                 help='Enable public access on this installation. '
                      'Default is public access enabled.')
             @click.option(
                 '--skip-existing-db',
                 default=False,
                 is_flag=True,
                 help='Do not destroy and re-initialize the database if it already exist.')
             @click.option(
                 '--apply-license-key',
                 default=False,
                 is_flag=True,
                 help='Get the license key from a license file or ENV and apply during DB creation.')
             def main(ini_path, force_yes, user, email, password, api_key, repos,
                      public_access, skip_existing_db, apply_license_key):
                 return command(ini_path, force_yes, user, email, password, api_key,
                                repos, public_access, skip_existing_db, apply_license_key)
             def command(ini_path, force_yes, user, email, password, api_key, repos,
                         public_access, skip_existing_db, apply_license_key):
                 # mapping of old parameters to new CLI from click
                 options = dict(
                     username=user,
                     email=email,
                     password=password,
                     api_key=api_key,
                     repos_location=repos,
                     force_ask=force_yes,
                     public_access=public_access
                 )
                 pyramid.paster.setup_logging(ini_path)
                 config = get_app_config(ini_path)
                 db_uri = config['sqlalchemy.db1.url']
                 enc_key = get_encryption_key(config)
                 dbmanage = DbManage(log_sql=True, dbconf=db_uri, root='.',
                                     tests=False, cli_args=options, enc_key=enc_key)
                 if skip_existing_db and dbmanage.db_exists():
                     return
                 dbmanage.create_tables(override=True)
                 dbmanage.set_db_version()
                 opts = dbmanage.config_prompt(None)
                 dbmanage.create_settings(opts)
                 dbmanage.create_default_user()
                 dbmanage.create_admin_and_prompt()
                 dbmanage.create_permissions()
                 dbmanage.populate_default_permissions()
                 if apply_license_key:
-                    try:
+                    from rhodecode.model.license import apply_license_from_file
-                        from rc_license.models import apply_trial_license_if_missing
+                    license_file_path = config.get('license.import_path')
-                        apply_trial_license_if_missing(force=True)
+                    if license_file_path:
-                    except ImportError:
+                        apply_license_from_file(license_file_path, force=True)
-                        pass
                 Session().commit()
                 with bootstrap(ini_path, env={'RC_CMD_SETUP_RC': '1'}) as env:
                     msg = 'Successfully initialized database, schema and default data.'
                     print()
                     print('*' * len(msg))
                     print(msg.upper())
                     print('*' * len(msg))

rhodecode/lib/utils.py

0 +1 -2

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Utilities library for RhodeCode
             """
             import datetime
             import decorator
             import logging
             import os
             import re
             import sys
             import shutil
             import socket
             import tempfile
             import traceback
             import tarfile
             from functools import wraps
             from os.path import join as jn
             import paste
             import pkg_resources
             from webhelpers2.text import collapse, strip_tags, convert_accented_entities, convert_misc_entities
             from mako import exceptions
             from rhodecode import ConfigGet
             from rhodecode.lib.hash_utils import sha256_safe, md5, sha1
             from rhodecode.lib.type_utils import AttributeDict
             from rhodecode.lib.str_utils import safe_bytes, safe_str
             from rhodecode.lib.vcs.backends.base import Config
             from rhodecode.lib.vcs.exceptions import VCSError
             from rhodecode.lib.vcs.utils.helpers import get_scm, get_scm_backend
             from rhodecode.lib.ext_json import sjson as json
             from rhodecode.model import meta
             from rhodecode.model.db import (
                 Repository, User, RhodeCodeUi, UserLog, RepoGroup, UserGroup)
             from rhodecode.model.meta import Session
             log = logging.getLogger(__name__)
             REMOVED_REPO_PAT = re.compile(r'rm__\d{8}_\d{6}_\d{6}__.*')
             # String which contains characters that are not allowed in slug names for
             # repositories or repository groups. It is properly escaped to use it in
             # regular expressions.
             SLUG_BAD_CHARS = re.escape(r'`?=[]\;\'"<>,/~!@#$%^&*()+{}|:')
             # Regex that matches forbidden characters in repo/group slugs.
             SLUG_BAD_CHAR_RE = re.compile(r'[{}\x00-\x08\x0b-\x0c\x0e-\x1f]'.format(SLUG_BAD_CHARS))
             # Regex that matches allowed characters in repo/group slugs.
             SLUG_GOOD_CHAR_RE = re.compile(r'[^{}]'.format(SLUG_BAD_CHARS))
             # Regex that matches whole repo/group slugs.
             SLUG_RE = re.compile(r'[^{}]+'.format(SLUG_BAD_CHARS))
             _license_cache = None
             def adopt_for_celery(func):
                 """
                 Decorator designed to adopt hooks (from rhodecode.lib.hooks_base)
                 for further usage as a celery tasks.
                 """
                 @wraps(func)
                 def wrapper(extras):
                     extras = AttributeDict(extras)
                     try:
                         # HooksResponse implements to_json method which must be used there.
                         return func(extras).to_json()
                     except Exception as e:
                         return {'status': 128, 'exception': type(e).__name__, 'exception_args': e.args}
                 return wrapper
             def repo_name_slug(value):
                 """
                 Return slug of name of repository
                 This function is called on each creation/modification
                 of repository to prevent bad names in repo
                 """
                 replacement_char = '-'
                 slug = strip_tags(value)
                 slug = convert_accented_entities(slug)
                 slug = convert_misc_entities(slug)
                 slug = SLUG_BAD_CHAR_RE.sub('', slug)
                 slug = re.sub(r'[\s]+', '-', slug)
                 slug = collapse(slug, replacement_char)
                 return slug
             #==============================================================================
             # PERM DECORATOR HELPERS FOR EXTRACTING NAMES FOR PERM CHECKS
             #==============================================================================
             def get_repo_slug(request):
                 _repo = ''
                 if hasattr(request, 'db_repo_name'):
                     # if our requests has set db reference use it for name, this
                     # translates the example.com/_<id> into proper repo names
                     _repo = request.db_repo_name
                 elif getattr(request, 'matchdict', None):
                     # pyramid
                     _repo = request.matchdict.get('repo_name')
                 if _repo:
                     _repo = _repo.rstrip('/')
                 return _repo
             def get_repo_group_slug(request):
                 _group = ''
                 if hasattr(request, 'db_repo_group'):
                     # if our requests has set db reference use it for name, this
                     # translates the example.com/_<id> into proper repo group names
                     _group = request.db_repo_group.group_name
                 elif getattr(request, 'matchdict', None):
                     # pyramid
                     _group = request.matchdict.get('repo_group_name')
                 if _group:
                     _group = _group.rstrip('/')
                 return _group
             def get_user_group_slug(request):
                 _user_group = ''
                 if hasattr(request, 'db_user_group'):
                     _user_group = request.db_user_group.users_group_name
                 elif getattr(request, 'matchdict', None):
                     # pyramid
                     _user_group = request.matchdict.get('user_group_id')
                     _user_group_name = request.matchdict.get('user_group_name')
                     try:
                         if _user_group:
                             _user_group = UserGroup.get(_user_group)
                         elif _user_group_name:
                             _user_group = UserGroup.get_by_group_name(_user_group_name)
                         if _user_group:
                             _user_group = _user_group.users_group_name
                     except Exception:
                         log.exception('Failed to get user group by id and name')
                         # catch all failures here
                         return None
                 return _user_group
             def get_filesystem_repos(path, recursive=False, skip_removed_repos=True):
                 """
                 Scans given path for repos and return (name,(type,path)) tuple
                 :param path: path to scan for repositories
                 :param recursive: recursive search and return names with subdirs in front
                 """
                 # remove ending slash for better results
                 path = path.rstrip(os.sep)
                 log.debug('now scanning in %s location recursive:%s...', path, recursive)
                 def _get_repos(p):
                     dirpaths = get_dirpaths(p)
                     if not _is_dir_writable(p):
                         log.warning('repo path without write access: %s', p)
                     for dirpath in dirpaths:
                         if os.path.isfile(os.path.join(p, dirpath)):
                             continue
                         cur_path = os.path.join(p, dirpath)
                         # skip removed repos
                         if skip_removed_repos and REMOVED_REPO_PAT.match(dirpath):
                             continue
                         #skip .<somethin> dirs
                         if dirpath.startswith('.'):
                             continue
                         try:
                             scm_info = get_scm(cur_path)
                             yield scm_info[1].split(path, 1)[-1].lstrip(os.sep), scm_info
                         except VCSError:
                             if not recursive:
                                 continue
                             #check if this dir containts other repos for recursive scan
                             rec_path = os.path.join(p, dirpath)
                             if os.path.isdir(rec_path):
                                 yield from _get_repos(rec_path)
                 return _get_repos(path)
             def get_dirpaths(p: str) -> list:
                 try:
                     # OS-independable way of checking if we have at least read-only
                     # access or not.
                     dirpaths = os.listdir(p)
                 except OSError:
                     log.warning('ignoring repo path without read access: %s', p)
                     return []
                 # os.listpath has a tweak: If a unicode is passed into it, then it tries to
                 # decode paths and suddenly returns unicode objects itself. The items it
                 # cannot decode are returned as strings and cause issues.
                 #
                 # Those paths are ignored here until a solid solution for path handling has
                 # been built.
                 expected_type = type(p)
                 def _has_correct_type(item):
                     if type(item) is not expected_type:
                         log.error(
                             "Ignoring path %s since it cannot be decoded into str.",
                             # Using "repr" to make sure that we see the byte value in case
                             # of support.
                             repr(item))
                         return False
                     return True
                 dirpaths = [item for item in dirpaths if _has_correct_type(item)]
                 return dirpaths
             def _is_dir_writable(path):
                 """
                 Probe if `path` is writable.
                 Due to trouble on Cygwin / Windows, this is actually probing if it is
                 possible to create a file inside of `path`, stat does not produce reliable
                 results in this case.
                 """
                 try:
                     with tempfile.TemporaryFile(dir=path):
                         pass
                 except OSError:
                     return False
                 return True
             def is_valid_repo(repo_name, base_path, expect_scm=None, explicit_scm=None, config=None):
                 """
                 Returns True if given path is a valid repository False otherwise.
                 If expect_scm param is given also, compare if given scm is the same
                 as expected from scm parameter. If explicit_scm is given don't try to
                 detect the scm, just use the given one to check if repo is valid
                 :param repo_name:
                 :param base_path:
                 :param expect_scm:
                 :param explicit_scm:
                 :param config:
                 :return True: if given path is a valid repository
                 """
                 full_path = os.path.join(safe_str(base_path), safe_str(repo_name))
                 log.debug('Checking if `%s` is a valid path for repository. '
                           'Explicit type: %s', repo_name, explicit_scm)
                 try:
                     if explicit_scm:
                         detected_scms = [get_scm_backend(explicit_scm)(
                             full_path, config=config).alias]
                     else:
                         detected_scms = get_scm(full_path)
                     if expect_scm:
                         return detected_scms[0] == expect_scm
                     log.debug('path: %s is an vcs object:%s', full_path, detected_scms)
                     return True
                 except VCSError:
                     log.debug('path: %s is not a valid repo !', full_path)
                     return False
             def is_valid_repo_group(repo_group_name, base_path, skip_path_check=False):
                 """
                 Returns True if a given path is a repository group, False otherwise
                 :param repo_group_name:
                 :param base_path:
                 """
                 full_path = os.path.join(safe_str(base_path), safe_str(repo_group_name))
                 log.debug('Checking if `%s` is a valid path for repository group',
                           repo_group_name)
                 # check if it's not a repo
                 if is_valid_repo(repo_group_name, base_path):
                     log.debug('Repo called %s exist, it is not a valid repo group', repo_group_name)
                     return False
                 try:
                     # we need to check bare git repos at higher level
                     # since we might match branches/hooks/info/objects or possible
                     # other things inside bare git repo
                     maybe_repo = os.path.dirname(full_path)
                     if maybe_repo == base_path:
                         # skip root level repo check; we know root location CANNOT BE a repo group
                         return False
                     scm_ = get_scm(maybe_repo)
                     log.debug('path: %s is a vcs object:%s, not valid repo group', full_path, scm_)
                     return False
                 except VCSError:
                     pass
                 # check if it's a valid path
                 if skip_path_check or os.path.isdir(full_path):
                     log.debug('path: %s is a valid repo group !', full_path)
                     return True
                 log.debug('path: %s is not a valid repo group !', full_path)
                 return False
             def ask_ok(prompt, retries=4, complaint='[y]es or [n]o please!'):
                 while True:
                     ok = input(prompt)
                     if ok.lower() in ('y', 'ye', 'yes'):
                         return True
                     if ok.lower() in ('n', 'no', 'nop', 'nope'):
                         return False
                     retries = retries - 1
                     if retries < 0:
                         raise OSError
                     print(complaint)
             # propagated from mercurial documentation
             ui_sections = [
                 'alias', 'auth',
                 'decode/encode', 'defaults',
                 'diff', 'email',
                 'extensions', 'format',
                 'merge-patterns', 'merge-tools',
                 'hooks', 'http_proxy',
                 'smtp', 'patch',
                 'paths', 'profiling',
                 'server', 'trusted',
                 'ui', 'web', ]
             def prepare_config_data(clear_session=True, repo=None):
                 """
                 Read the configuration data from the database, *.ini files and return configuration
                 tuples.
                 """
                 from rhodecode.model.settings import VcsSettingsModel
                 config = []
                 sa = meta.Session()
                 settings_model = VcsSettingsModel(repo=repo, sa=sa)
                 ui_settings = settings_model.get_ui_settings()
                 ui_data = []
                 for setting in ui_settings:
                     # Todo: remove this section once transition to *.ini files will be completed
                     if setting.section in ('largefiles', 'vcs_git_lfs'):
                         if setting.key != 'enabled':
                             continue
                     if setting.active:
                         ui_data.append((setting.section, setting.key, setting.value))
                         config.append((
                             safe_str(setting.section), safe_str(setting.key),
                             safe_str(setting.value)))
                     if setting.key == 'push_ssl':
-                        # force set push_ssl requirement to False, rhodecode
+                        # force set push_ssl requirement to False this is deprecated, and we must force it to False
-                        # handles that
                         config.append((
                             safe_str(setting.section), safe_str(setting.key), False))
                 config_getter = ConfigGet()
                 config.append(('vcs_git_lfs', 'store_location', config_getter.get_str('vcs.git.lfs.storage_location')))
                 config.append(('largefiles', 'usercache', config_getter.get_str('vcs.hg.largefiles.storage_location')))
                 log.debug(
                     'settings ui from db@repo[%s]: %s',
                     repo,
                     ','.join(['[{}] {}={}'.format(*s) for s in ui_data]))
                 if clear_session:
                     meta.Session.remove()
                 # TODO: mikhail: probably it makes no sense to re-read hooks information.
                 # It's already there and activated/deactivated
                 skip_entries = []
                 enabled_hook_classes = get_enabled_hook_classes(ui_settings)
                 if 'pull' not in enabled_hook_classes:
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PRE_PULL))
                 if 'push' not in enabled_hook_classes:
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PRE_PUSH))
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PRETX_PUSH))
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PUSH_KEY))
                 config = [entry for entry in config if entry[:2] not in skip_entries]
                 return config
             def make_db_config(clear_session=True, repo=None):
                 """
                 Create a :class:`Config` instance based on the values in the database.
                 """
                 config = Config()
                 config_data = prepare_config_data(clear_session=clear_session, repo=repo)
                 for section, option, value in config_data:
                     config.set(section, option, value)
                 return config
             def get_enabled_hook_classes(ui_settings):
                 """
                 Return the enabled hook classes.
                 :param ui_settings: List of ui_settings as returned
                     by :meth:`VcsSettingsModel.get_ui_settings`
                 :return: a list with the enabled hook classes. The order is not guaranteed.
                 :rtype: list
                 """
                 enabled_hooks = []
                 active_hook_keys = [
                     key for section, key, value, active in ui_settings
                     if section == 'hooks' and active]
                 hook_names = {
                     RhodeCodeUi.HOOK_PUSH: 'push',
                     RhodeCodeUi.HOOK_PULL: 'pull',
                     RhodeCodeUi.HOOK_REPO_SIZE: 'repo_size'
                 }
                 for key in active_hook_keys:
                     hook = hook_names.get(key)
                     if hook:
                         enabled_hooks.append(hook)
                 return enabled_hooks
             def set_rhodecode_config(config):
                 """
                 Updates pyramid config with new settings from database
                 :param config:
                 """
                 from rhodecode.model.settings import SettingsModel
                 app_settings = SettingsModel().get_all_settings()
                 for k, v in list(app_settings.items()):
                     config[k] = v
             def get_rhodecode_realm():
                 """
                 Return the rhodecode realm from database.
                 """
                 from rhodecode.model.settings import SettingsModel
                 realm = SettingsModel().get_setting_by_name('realm')
                 return safe_str(realm.app_settings_value)
             def get_rhodecode_repo_store_path():
                 """
                 Returns the base path. The base path is the filesystem path which points
                 to the repository store.
                 """
                 import rhodecode
                 return rhodecode.CONFIG['repo_store.path']
             def map_groups(path):
                 """
                 Given a full path to a repository, create all nested groups that this
                 repo is inside. This function creates parent-child relationships between
                 groups and creates default perms for all new groups.
                 :param paths: full path to repository
                 """
                 from rhodecode.model.repo_group import RepoGroupModel
                 sa = meta.Session()
                 groups = path.split(Repository.NAME_SEP)
                 parent = None
                 group = None
                 # last element is repo in nested groups structure
                 groups = groups[:-1]
                 rgm = RepoGroupModel(sa)
                 owner = User.get_first_super_admin()
                 for lvl, group_name in enumerate(groups):
                     group_name = '/'.join(groups[:lvl] + [group_name])
                     group = RepoGroup.get_by_group_name(group_name)
                     desc = '%s group' % group_name
                     # skip folders that are now removed repos
                     if REMOVED_REPO_PAT.match(group_name):
                         break
                     if group is None:
                         log.debug('creating group level: %s group_name: %s',
                                    lvl, group_name)
                         group = RepoGroup(group_name, parent)
                         group.group_description = desc
                         group.user = owner
                         sa.add(group)
                         perm_obj = rgm._create_default_perms(group)
                         sa.add(perm_obj)
                         sa.flush()
                     parent = group
                 return group
             def repo2db_mapper(initial_repo_list, remove_obsolete=False, force_hooks_rebuild=False):
                 """
                 maps all repos given in initial_repo_list, non existing repositories
                 are created, if remove_obsolete is True it also checks for db entries
                 that are not in initial_repo_list and removes them.
                 :param initial_repo_list: list of repositories found by scanning methods
                 :param remove_obsolete: check for obsolete entries in database
                 """
                 from rhodecode.model.repo import RepoModel
                 from rhodecode.model.repo_group import RepoGroupModel
                 from rhodecode.model.settings import SettingsModel
                 sa = meta.Session()
                 repo_model = RepoModel()
                 user = User.get_first_super_admin()
                 added = []
                 # creation defaults
                 defs = SettingsModel().get_default_repo_settings(strip_prefix=True)
                 enable_statistics = defs.get('repo_enable_statistics')
                 enable_locking = defs.get('repo_enable_locking')
                 enable_downloads = defs.get('repo_enable_downloads')
                 private = defs.get('repo_private')
                 for name, repo in list(initial_repo_list.items()):
                     group = map_groups(name)
                     str_name = safe_str(name)
                     db_repo = repo_model.get_by_repo_name(str_name)
                     # found repo that is on filesystem not in RhodeCode database
                     if not db_repo:
                         log.info('repository `%s` not found in the database, creating now', name)
                         added.append(name)
                         desc = (repo.description
                                 if repo.description != 'unknown'
                                 else '%s repository' % name)
                         db_repo = repo_model._create_repo(
                             repo_name=name,
                             repo_type=repo.alias,
                             description=desc,
                             repo_group=getattr(group, 'group_id', None),
                             owner=user,
                             enable_locking=enable_locking,
                             enable_downloads=enable_downloads,
                             enable_statistics=enable_statistics,
                             private=private,
                             state=Repository.STATE_CREATED
                         )
                         sa.commit()
                         # we added that repo just now, and make sure we updated server info
                         if db_repo.repo_type == 'git':
                             git_repo = db_repo.scm_instance()
                             # update repository server-info
                             log.debug('Running update server info')
                             git_repo._update_server_info(force=True)
                         db_repo.update_commit_cache(recursive=False)
                     config = db_repo._config
                     config.set('extensions', 'largefiles', '')
                     repo = db_repo.scm_instance(config=config)
                     repo.install_hooks(force=force_hooks_rebuild)
                 removed = []
                 if remove_obsolete:
                     # remove from database those repositories that are not in the filesystem
                     for repo in sa.query(Repository).all():
                         if repo.repo_name not in list(initial_repo_list.keys()):
                             log.debug("Removing non-existing repository found in db `%s`",
                                       repo.repo_name)
                             try:
                                 RepoModel(sa).delete(repo, forks='detach', fs_remove=False)
                                 sa.commit()
                                 removed.append(repo.repo_name)
                             except Exception:
                                 # don't hold further removals on error
                                 log.error(traceback.format_exc())
                                 sa.rollback()
                     def splitter(full_repo_name):
                         _parts = full_repo_name.rsplit(RepoGroup.url_sep(), 1)
                         gr_name = None
                         if len(_parts) == 2:
                             gr_name = _parts[0]
                         return gr_name
                     initial_repo_group_list = [splitter(x) for x in
                                                list(initial_repo_list.keys()) if splitter(x)]
                     # remove from database those repository groups that are not in the
                     # filesystem due to parent child relationships we need to delete them
                     # in a specific order of most nested first
                     all_groups = [x.group_name for x in sa.query(RepoGroup).all()]
                     def nested_sort(gr):
                         return len(gr.split('/'))
                     for group_name in sorted(all_groups, key=nested_sort, reverse=True):
                         if group_name not in initial_repo_group_list:
                             repo_group = RepoGroup.get_by_group_name(group_name)
                             if (repo_group.children.all() or
                                 not RepoGroupModel().check_exist_filesystem(
                                     group_name=group_name, exc_on_failure=False)):
                                 continue
                             log.info(
                                 'Removing non-existing repository group found in db `%s`',
                                 group_name)
                             try:
                                 RepoGroupModel(sa).delete(group_name, fs_remove=False)
                                 sa.commit()
                                 removed.append(group_name)
                             except Exception:
                                 # don't hold further removals on error
                                 log.exception(
                                     'Unable to remove repository group `%s`',
                                     group_name)
                                 sa.rollback()
                                 raise
                 return added, removed
             def load_rcextensions(root_path):
                 import rhodecode
                 from rhodecode.config import conf
                 path = os.path.join(root_path)
                 sys.path.append(path)
                 try:
                     rcextensions = __import__('rcextensions')
                 except ImportError:
                     if os.path.isdir(os.path.join(path, 'rcextensions')):
                         log.warning('Unable to load rcextensions from %s', path)
                     rcextensions = None
                 if rcextensions:
                     log.info('Loaded rcextensions from %s...', rcextensions)
                     rhodecode.EXTENSIONS = rcextensions
                     # Additional mappings that are not present in the pygments lexers
                     conf.LANGUAGES_EXTENSIONS_MAP.update(
                         getattr(rhodecode.EXTENSIONS, 'EXTRA_MAPPINGS', {}))
             def get_custom_lexer(extension):
                 """
                 returns a custom lexer if it is defined in rcextensions module, or None
                 if there's no custom lexer defined
                 """
                 import rhodecode
                 from pygments import lexers
                 # custom override made by RhodeCode
                 if extension in ['mako']:
                     return lexers.get_lexer_by_name('html+mako')
                 # check if we didn't define this extension as other lexer
                 extensions = rhodecode.EXTENSIONS and getattr(rhodecode.EXTENSIONS, 'EXTRA_LEXERS', None)
                 if extensions and extension in rhodecode.EXTENSIONS.EXTRA_LEXERS:
                     _lexer_name = rhodecode.EXTENSIONS.EXTRA_LEXERS[extension]
                     return lexers.get_lexer_by_name(_lexer_name)
             #==============================================================================
             # TEST FUNCTIONS AND CREATORS
             #==============================================================================
             def create_test_index(repo_location, config):
                 """
                 Makes default test index.
                 """
                 try:
                     import rc_testdata
                 except ImportError:
                     raise ImportError('Failed to import rc_testdata, '
                                       'please make sure this package is installed from requirements_test.txt')
                 rc_testdata.extract_search_index(
                     'vcs_search_index', os.path.dirname(config['search.location']))
             def create_test_directory(test_path):
                 """
                 Create test directory if it doesn't exist.
                 """
                 if not os.path.isdir(test_path):
                     log.debug('Creating testdir %s', test_path)
                     os.makedirs(test_path)
             def create_test_database(test_path, config):
                 """
                 Makes a fresh database.
                 """
                 from rhodecode.lib.db_manage import DbManage
                 from rhodecode.lib.utils2 import get_encryption_key
                 # PART ONE create db
                 dbconf = config['sqlalchemy.db1.url']
                 enc_key = get_encryption_key(config)
                 log.debug('making test db %s', dbconf)
                 dbmanage = DbManage(log_sql=False, dbconf=dbconf, root=config['here'],
                                     tests=True, cli_args={'force_ask': True}, enc_key=enc_key)
                 dbmanage.create_tables(override=True)
                 dbmanage.set_db_version()
                 # for tests dynamically set new root paths based on generated content
                 dbmanage.create_settings(dbmanage.config_prompt(test_path))
                 dbmanage.create_default_user()
                 dbmanage.create_test_admin_and_users()
                 dbmanage.create_permissions()
                 dbmanage.populate_default_permissions()
                 Session().commit()
             def create_test_repositories(test_path, config):
                 """
                 Creates test repositories in the temporary directory. Repositories are
                 extracted from archives within the rc_testdata package.
                 """
                 import rc_testdata
                 from rhodecode.tests import HG_REPO, GIT_REPO, SVN_REPO
                 log.debug('making test vcs repositories')
                 idx_path = config['search.location']
                 data_path = config['cache_dir']
                 # clean index and data
                 if idx_path and os.path.exists(idx_path):
                     log.debug('remove %s', idx_path)
                     shutil.rmtree(idx_path)
                 if data_path and os.path.exists(data_path):
                     log.debug('remove %s', data_path)
                     shutil.rmtree(data_path)
                 rc_testdata.extract_hg_dump('vcs_test_hg', jn(test_path, HG_REPO))
                 rc_testdata.extract_git_dump('vcs_test_git', jn(test_path, GIT_REPO))
                 # Note: Subversion is in the process of being integrated with the system,
                 # until we have a properly packed version of the test svn repository, this
                 # tries to copy over the repo from a package "rc_testdata"
                 svn_repo_path = rc_testdata.get_svn_repo_archive()
                 with tarfile.open(svn_repo_path) as tar:
                     tar.extractall(jn(test_path, SVN_REPO))
             def password_changed(auth_user, session):
                 # Never report password change in case of default user or anonymous user.
                 if auth_user.username == User.DEFAULT_USER or auth_user.user_id is None:
                     return False
                 password_hash = md5(safe_bytes(auth_user.password)) if auth_user.password else None
                 rhodecode_user = session.get('rhodecode_user', {})
                 session_password_hash = rhodecode_user.get('password', '')
                 return password_hash != session_password_hash
             def read_opensource_licenses():
                 global _license_cache
                 if not _license_cache:
                     licenses = pkg_resources.resource_string(
                         'rhodecode', 'config/licenses.json')
                     _license_cache = json.loads(licenses)
                 return _license_cache
             def generate_platform_uuid():
                 """
                 Generates platform UUID based on it's name
                 """
                 import platform
                 try:
                     uuid_list = [platform.platform()]
                     return sha256_safe(':'.join(uuid_list))
                 except Exception as e:
                     log.error('Failed to generate host uuid: %s', e)
                     return 'UNDEFINED'
             def send_test_email(recipients, email_body='TEST EMAIL'):
                 """
                 Simple code for generating test emails.
                 Usage::
                     from rhodecode.lib import utils
                     utils.send_test_email()
                 """
                 from rhodecode.lib.celerylib import tasks, run_task
                 email_body = email_body_plaintext = email_body
                 subject = f'SUBJECT FROM: {socket.gethostname()}'
                 tasks.send_email(recipients, subject, email_body_plaintext, email_body)

rhodecode/model/forms.py

0 0 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             this is forms validation classes
             http://formencode.org/module-formencode.validators.html
             for list off all availible validators
             we can create our own validators
             The table below outlines the options which can be used in a schema in addition to the validators themselves
             pre_validators          []     These validators will be applied before the schema
             chained_validators      []     These validators will be applied after the schema
             allow_extra_fields      False     If True, then it is not an error when keys that aren't associated with a validator are present
             filter_extra_fields     False     If True, then keys that aren't associated with a validator are removed
             if_key_missing          NoDefault If this is given, then any keys that aren't available but are expected will be replaced with this value (and then validated). This does not override a present .if_missing attribute on validators. NoDefault is a special FormEncode class to mean that no default values has been specified and therefore missing keys shouldn't take a default value.
             ignore_key_missing      False     If True, then missing keys will be missing in the result, if the validator doesn't have .if_missing on it already
             <name> = formencode.validators.<name of validator>
             <name> must equal form name
             list=[1,2,3,4,5]
             for SELECT use formencode.All(OneOf(list), Int())
             """
             import deform
             import logging
             import formencode
             from pkg_resources import resource_filename
             from formencode import All, Pipe
             from pyramid.threadlocal import get_current_request
             from rhodecode import BACKENDS
             from rhodecode.lib import helpers
             from rhodecode.model import validators as v
             log = logging.getLogger(__name__)
             deform_templates = resource_filename('deform', 'templates')
             rhodecode_templates = resource_filename('rhodecode', 'templates/forms')
             search_path = (rhodecode_templates, deform_templates)
             class RhodecodeFormZPTRendererFactory(deform.ZPTRendererFactory):
                 """ Subclass of ZPTRendererFactory to add rhodecode context variables """
                 def __call__(self, template_name, **kw):
                     kw['h'] = helpers
                     kw['request'] = get_current_request()
                     return self.load(template_name)(**kw)
             form_renderer = RhodecodeFormZPTRendererFactory(search_path)
             deform.Form.set_default_renderer(form_renderer)
             def LoginForm(localizer):
                 _ = localizer
                 class _LoginForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     username = v.UnicodeString(
                         strip=True,
                         min=1,
                         not_empty=True,
                         messages={
                             'empty': _('Please enter a login'),
                             'tooShort': _('Enter a value %(min)i characters long or more')
                         }
                     )
                     password = v.UnicodeString(
                         strip=False,
                         min=3,
                         max=72,
                         not_empty=True,
                         messages={
                             'empty': _('Please enter a password'),
                             'tooShort': _('Enter %(min)i characters or more')}
                     )
                     remember = v.StringBoolean(if_missing=False)
                     chained_validators = [v.ValidAuth(localizer)]
                 return _LoginForm
             def TOTPForm(localizer, user, allow_recovery_code_use=False):
                 _ = localizer
                 class _TOTPForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     totp = v.Regex(r'^(?:\d{6}|[A-Z0-9]{32})$')
                     secret_totp = v.String()
                     def to_python(self, value, state=None):
                         validation_checks = [user.is_totp_valid]
                         if allow_recovery_code_use:
                             validation_checks.append(user.is_2fa_recovery_code_valid)
                         form_data = super().to_python(value, state)
                         received_code = form_data['totp']
                         secret = form_data.get('secret_totp')
                         if not any(map(lambda func: func(received_code, secret), validation_checks)):
                             error_msg = _('Code is invalid. Try again!')
                             raise formencode.Invalid(error_msg, v, state, error_dict={'totp': error_msg})
                         return form_data
                 return _TOTPForm
             def WhitelistedVcsClientsForm(localizer):
                 _ = localizer
                 class _WhitelistedVcsClientsForm(formencode.Schema):
                     regexp = r'^(?:\s*[<>=~^!]*\s*\d{1,2}\.\d{1,2}(?:\.\d{1,2})?\s*|\*)\s*(?:,\s*[<>=~^!]*\s*\d{1,2}\.\d{1,2}(?:\.\d{1,2})?\s*|\s*\*\s*)*$'
                     allow_extra_fields = True
                     filter_extra_fields = True
                     git = v.Regex(regexp)
                     hg = v.Regex(regexp)
                     svn = v.Regex(regexp)
                 return _WhitelistedVcsClientsForm
             def UserForm(localizer, edit=False, available_languages=None, old_data=None):
                 old_data = old_data or {}
                 available_languages = available_languages or []
                 _ = localizer
                 class _UserForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     username = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                    v.ValidUsername(localizer, edit, old_data))
                     if edit:
                         new_password = All(
                             v.ValidPassword(localizer),
                             v.UnicodeString(strip=False, min=6, max=72, not_empty=False)
                         )
                         password_confirmation = All(
                             v.ValidPassword(localizer),
                             v.UnicodeString(strip=False, min=6, max=72, not_empty=False),
                         )
                         admin = v.StringBoolean(if_missing=False)
                     else:
                         password = All(
                             v.ValidPassword(localizer),
                             v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
                         )
                         password_confirmation = All(
                             v.ValidPassword(localizer),
                             v.UnicodeString(strip=False, min=6, max=72, not_empty=False)
                         )
                     password_change = v.StringBoolean(if_missing=False)
                     create_repo_group = v.StringBoolean(if_missing=False)
                     active = v.StringBoolean(if_missing=False)
                     firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     email = All(v.UniqSystemEmail(localizer, old_data), v.Email(not_empty=True))
                     description = v.UnicodeString(strip=True, min=1, max=250, not_empty=False,
                                                   if_missing='')
                     extern_name = v.UnicodeString(strip=True)
                     extern_type = v.UnicodeString(strip=True)
                     language = v.OneOf(available_languages, hideList=False,
                                        testValueList=True, if_missing=None)
                     chained_validators = [v.ValidPasswordsMatch(localizer)]
                 return _UserForm
             def UserGroupForm(localizer, edit=False, old_data=None, allow_disabled=False):
                 old_data = old_data or {}
                 _ = localizer
                 class _UserGroupForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     users_group_name = All(
                         v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.ValidUserGroup(localizer, edit, old_data)
                     )
                     user_group_description = v.UnicodeString(strip=True, min=1,
                                                              not_empty=False)
                     users_group_active = v.StringBoolean(if_missing=False)
                     if edit:
                         # this is user group owner
                         user = All(
                             v.UnicodeString(not_empty=True),
                             v.ValidRepoUser(localizer, allow_disabled))
                 return _UserGroupForm
             def RepoGroupForm(localizer, edit=False, old_data=None, available_groups=None,
                               can_create_in_root=False, allow_disabled=False):
                 _ = localizer
                 old_data = old_data or {}
                 available_groups = available_groups or []
                 class _RepoGroupForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     group_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                      v.SlugifyName(localizer),)
                     group_description = v.UnicodeString(strip=True, min=1,
                                                         not_empty=False)
                     group_copy_permissions = v.StringBoolean(if_missing=False)
                     group_parent_id = v.OneOf(available_groups, hideList=False,
                                               testValueList=True, not_empty=True)
                     enable_locking = v.StringBoolean(if_missing=False)
                     chained_validators = [
                         v.ValidRepoGroup(localizer, edit, old_data, can_create_in_root)]
                     if edit:
                         # this is repo group owner
                         user = All(
                             v.UnicodeString(not_empty=True),
                             v.ValidRepoUser(localizer, allow_disabled))
                 return _RepoGroupForm
             def RegisterForm(localizer, edit=False, old_data=None):
                 _ = localizer
                 old_data = old_data or {}
                 class _RegisterForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     username = All(
                         v.ValidUsername(localizer, edit, old_data),
                         v.UnicodeString(strip=True, min=1, not_empty=True)
                     )
                     password = All(
                         v.ValidPassword(localizer),
                         v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
                     )
                     password_confirmation = All(
                         v.ValidPassword(localizer),
                         v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
                     )
                     active = v.StringBoolean(if_missing=False)
                     firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     email = All(v.UniqSystemEmail(localizer, old_data), v.Email(not_empty=True))
                     chained_validators = [v.ValidPasswordsMatch(localizer)]
                 return _RegisterForm
             def PasswordResetForm(localizer):
                 _ = localizer
                 class _PasswordResetForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     email = All(v.ValidSystemEmail(localizer), v.Email(not_empty=True))
                 return _PasswordResetForm
             def RepoForm(localizer, edit=False, old_data=None, repo_groups=None, allow_disabled=False):
                 _ = localizer
                 old_data = old_data or {}
                 repo_groups = repo_groups or []
                 supported_backends = BACKENDS.keys()
                 class _RepoForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                     v.SlugifyName(localizer), v.CannotHaveGitSuffix(localizer))
                     repo_group = All(v.CanWriteGroup(localizer, old_data),
                                      v.OneOf(repo_groups, hideList=True))
                     repo_type = v.OneOf(supported_backends, required=False,
                                         if_missing=old_data.get('repo_type'))
                     repo_description = v.UnicodeString(strip=True, min=1, not_empty=False)
                     repo_private = v.StringBoolean(if_missing=False)
                     repo_copy_permissions = v.StringBoolean(if_missing=False)
                     clone_uri = All(v.UnicodeString(strip=True, min=1, not_empty=False))
                     repo_enable_statistics = v.StringBoolean(if_missing=False)
                     repo_enable_downloads = v.StringBoolean(if_missing=False)
                     repo_enable_locking = v.StringBoolean(if_missing=False)
                     if edit:
                         # this is repo owner
                         user = All(
                             v.UnicodeString(not_empty=True),
                             v.ValidRepoUser(localizer, allow_disabled))
                         clone_uri_change = v.UnicodeString(
                             not_empty=False, if_missing=v.Missing)
                     chained_validators = [v.ValidCloneUri(localizer),
                                           v.ValidRepoName(localizer, edit, old_data)]
                 return _RepoForm
             def RepoPermsForm(localizer):
                 _ = localizer
                 class _RepoPermsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     chained_validators = [v.ValidPerms(localizer, type_='repo')]
                 return _RepoPermsForm
             def RepoGroupPermsForm(localizer, valid_recursive_choices):
                 _ = localizer
                 class _RepoGroupPermsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     recursive = v.OneOf(valid_recursive_choices)
                     chained_validators = [v.ValidPerms(localizer, type_='repo_group')]
                 return _RepoGroupPermsForm
             def UserGroupPermsForm(localizer):
                 _ = localizer
                 class _UserPermsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     chained_validators = [v.ValidPerms(localizer, type_='user_group')]
                 return _UserPermsForm
             def RepoFieldForm(localizer):
                 _ = localizer
                 class _RepoFieldForm(formencode.Schema):
                     filter_extra_fields = True
                     allow_extra_fields = True
                     new_field_key = All(v.FieldKey(localizer),
                                         v.UnicodeString(strip=True, min=3, not_empty=True))
                     new_field_value = v.UnicodeString(not_empty=False, if_missing='')
                     new_field_type = v.OneOf(['str', 'unicode', 'list', 'tuple'],
                                              if_missing='str')
                     new_field_label = v.UnicodeString(not_empty=False)
                     new_field_desc = v.UnicodeString(not_empty=False)
                 return _RepoFieldForm
             def RepoForkForm(localizer, edit=False, old_data=None,
                              supported_backends=BACKENDS.keys(), repo_groups=None):
                 _ = localizer
                 old_data = old_data or {}
                 repo_groups = repo_groups or []
                 class _RepoForkForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                     v.SlugifyName(localizer))
                     repo_group = All(v.CanWriteGroup(localizer, ),
                                      v.OneOf(repo_groups, hideList=True))
                     repo_type = All(v.ValidForkType(localizer, old_data), v.OneOf(supported_backends))
                     description = v.UnicodeString(strip=True, min=1, not_empty=True)
                     private = v.StringBoolean(if_missing=False)
                     copy_permissions = v.StringBoolean(if_missing=False)
                     fork_parent_id = v.UnicodeString()
                     chained_validators = [v.ValidForkName(localizer, edit, old_data)]
                 return _RepoForkForm
             def ApplicationSettingsForm(localizer):
                 _ = localizer
                 class _ApplicationSettingsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     rhodecode_title = v.UnicodeString(strip=True, max=40, not_empty=False)
                     rhodecode_realm = v.UnicodeString(strip=True, min=1, not_empty=True)
                     rhodecode_pre_code = v.UnicodeString(strip=True, min=1, not_empty=False)
                     rhodecode_post_code = v.UnicodeString(strip=True, min=1, not_empty=False)
                     rhodecode_captcha_public_key = v.UnicodeString(strip=True, min=1, not_empty=False)
                     rhodecode_captcha_private_key = v.UnicodeString(strip=True, min=1, not_empty=False)
                     rhodecode_create_personal_repo_group = v.StringBoolean(if_missing=False)
                     rhodecode_personal_repo_group_pattern = v.UnicodeString(strip=True, min=1, not_empty=False)
                 return _ApplicationSettingsForm
             def ApplicationVisualisationForm(localizer):
                 from rhodecode.model.db import Repository
                 _ = localizer
                 class _ApplicationVisualisationForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     rhodecode_show_public_icon = v.StringBoolean(if_missing=False)
                     rhodecode_show_private_icon = v.StringBoolean(if_missing=False)
                     rhodecode_stylify_metatags = v.StringBoolean(if_missing=False)
                     rhodecode_repository_fields = v.StringBoolean(if_missing=False)
                     rhodecode_lightweight_journal = v.StringBoolean(if_missing=False)
                     rhodecode_dashboard_items = v.Int(min=5, not_empty=True)
                     rhodecode_admin_grid_items = v.Int(min=5, not_empty=True)
                     rhodecode_show_version = v.StringBoolean(if_missing=False)
                     rhodecode_use_gravatar = v.StringBoolean(if_missing=False)
                     rhodecode_markup_renderer = v.OneOf(['markdown', 'rst'])
                     rhodecode_gravatar_url = v.UnicodeString(min=3)
                     rhodecode_clone_uri_tmpl = v.UnicodeString(not_empty=False, if_empty=Repository.DEFAULT_CLONE_URI)
                     rhodecode_clone_uri_id_tmpl = v.UnicodeString(not_empty=False, if_empty=Repository.DEFAULT_CLONE_URI_ID)
                     rhodecode_clone_uri_ssh_tmpl = v.UnicodeString(not_empty=False, if_empty=Repository.DEFAULT_CLONE_URI_SSH)
                     rhodecode_support_url = v.UnicodeString()
                     rhodecode_show_revision_number = v.StringBoolean(if_missing=False)
                     rhodecode_show_sha_length = v.Int(min=4, not_empty=True)
                 return _ApplicationVisualisationForm
             class _BaseVcsSettingsForm(formencode.Schema):
                 allow_extra_fields = True
                 filter_extra_fields = False
                 hooks_changegroup_repo_size = v.StringBoolean(if_missing=False)
                 hooks_changegroup_push_logger = v.StringBoolean(if_missing=False)
                 hooks_outgoing_pull_logger = v.StringBoolean(if_missing=False)
                 # PR/Code-review
                 rhodecode_pr_merge_enabled = v.StringBoolean(if_missing=False)
                 rhodecode_use_outdated_comments = v.StringBoolean(if_missing=False)
                 # hg
                 extensions_largefiles = v.StringBoolean(if_missing=False)
                 extensions_evolve = v.StringBoolean(if_missing=False)
                 phases_publish = v.StringBoolean(if_missing=False)
                 rhodecode_hg_use_rebase_for_merging = v.StringBoolean(if_missing=False)
                 rhodecode_hg_close_branch_before_merging = v.StringBoolean(if_missing=False)
                 # git
                 vcs_git_lfs_enabled = v.StringBoolean(if_missing=False)
                 rhodecode_git_use_rebase_for_merging = v.StringBoolean(if_missing=False)
                 rhodecode_git_close_branch_before_merging = v.StringBoolean(if_missing=False)
                 # cache
                 rhodecode_diff_cache = v.StringBoolean(if_missing=False)
             def ApplicationUiSettingsForm(localizer):
                 _ = localizer
                 class _ApplicationUiSettingsForm(_BaseVcsSettingsForm):
-                    web_push_ssl = v.StringBoolean(if_missing=False)
                     extensions_hggit = v.StringBoolean(if_missing=False)
                     new_svn_branch = v.ValidSvnPattern(localizer, section='vcs_svn_branch')
                     new_svn_tag = v.ValidSvnPattern(localizer, section='vcs_svn_tag')
                 return _ApplicationUiSettingsForm
             def RepoVcsSettingsForm(localizer, repo_name):
                 _ = localizer
                 class _RepoVcsSettingsForm(_BaseVcsSettingsForm):
                     inherit_global_settings = v.StringBoolean(if_missing=False)
                     new_svn_branch = v.ValidSvnPattern(localizer,
                         section='vcs_svn_branch', repo_name=repo_name)
                     new_svn_tag = v.ValidSvnPattern(localizer,
                         section='vcs_svn_tag', repo_name=repo_name)
                 return _RepoVcsSettingsForm
             def LabsSettingsForm(localizer):
                 _ = localizer
                 class _LabSettingsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                 return _LabSettingsForm
             def ApplicationPermissionsForm(
                     localizer, register_choices, password_reset_choices,
                     extern_activate_choices):
                 _ = localizer
                 class _DefaultPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     anonymous = v.StringBoolean(if_missing=False)
                     default_register = v.OneOf(register_choices)
                     default_register_message = v.UnicodeString()
                     default_password_reset = v.OneOf(password_reset_choices)
                     default_extern_activate = v.OneOf(extern_activate_choices)
                 return _DefaultPermissionsForm
             def ObjectPermissionsForm(localizer, repo_perms_choices, group_perms_choices,
                                       user_group_perms_choices):
                 _ = localizer
                 class _ObjectPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     overwrite_default_repo = v.StringBoolean(if_missing=False)
                     overwrite_default_group = v.StringBoolean(if_missing=False)
                     overwrite_default_user_group = v.StringBoolean(if_missing=False)
                     default_repo_perm = v.OneOf(repo_perms_choices)
                     default_group_perm = v.OneOf(group_perms_choices)
                     default_user_group_perm = v.OneOf(user_group_perms_choices)
                 return _ObjectPermissionsForm
             def BranchPermissionsForm(localizer, branch_perms_choices):
                 _ = localizer
                 class _BranchPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     overwrite_default_branch = v.StringBoolean(if_missing=False)
                     default_branch_perm = v.OneOf(branch_perms_choices)
                 return _BranchPermissionsForm
             def UserPermissionsForm(localizer, create_choices, create_on_write_choices,
                                     repo_group_create_choices, user_group_create_choices,
                                     fork_choices, inherit_default_permissions_choices):
                 _ = localizer
                 class _DefaultPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     anonymous = v.StringBoolean(if_missing=False)
                     default_repo_create = v.OneOf(create_choices)
                     default_repo_create_on_write = v.OneOf(create_on_write_choices)
                     default_user_group_create = v.OneOf(user_group_create_choices)
                     default_repo_group_create = v.OneOf(repo_group_create_choices)
                     default_fork_create = v.OneOf(fork_choices)
                     default_inherit_default_permissions = v.OneOf(inherit_default_permissions_choices)
                 return _DefaultPermissionsForm
             def UserIndividualPermissionsForm(localizer):
                 _ = localizer
                 class _DefaultPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     inherit_default_permissions = v.StringBoolean(if_missing=False)
                 return _DefaultPermissionsForm
             def DefaultsForm(localizer, edit=False, old_data=None, supported_backends=BACKENDS.keys()):
                 _ = localizer
                 old_data = old_data or {}
                 class _DefaultsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     default_repo_type = v.OneOf(supported_backends)
                     default_repo_private = v.StringBoolean(if_missing=False)
                     default_repo_enable_statistics = v.StringBoolean(if_missing=False)
                     default_repo_enable_downloads = v.StringBoolean(if_missing=False)
                     default_repo_enable_locking = v.StringBoolean(if_missing=False)
                 return _DefaultsForm
             def AuthSettingsForm(localizer):
                 _ = localizer
                 class _AuthSettingsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     auth_plugins = All(v.ValidAuthPlugins(localizer),
                                        v.UniqueListFromString(localizer)(not_empty=True))
                 return _AuthSettingsForm
             def UserExtraEmailForm(localizer):
                 _ = localizer
                 class _UserExtraEmailForm(formencode.Schema):
                     email = All(v.UniqSystemEmail(localizer), v.Email(not_empty=True))
                 return _UserExtraEmailForm
             def UserExtraIpForm(localizer):
                 _ = localizer
                 class _UserExtraIpForm(formencode.Schema):
                     ip = v.ValidIp(localizer)(not_empty=True)
                 return _UserExtraIpForm
             def PullRequestForm(localizer, repo_id):
                 _ = localizer
                 class ReviewerForm(formencode.Schema):
                     user_id = v.Int(not_empty=True)
                     reasons = All()
                     rules = All(v.UniqueList(localizer, convert=int)())
                     mandatory = v.StringBoolean()
                     role = v.String(if_missing='reviewer')
                 class ObserverForm(formencode.Schema):
                     user_id = v.Int(not_empty=True)
                     reasons = All()
                     rules = All(v.UniqueList(localizer, convert=int)())
                     mandatory = v.StringBoolean()
                     role = v.String(if_missing='observer')
                 class _PullRequestForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     common_ancestor = v.UnicodeString(strip=True, required=True)
                     source_repo = v.UnicodeString(strip=True, required=True)
                     source_ref = v.UnicodeString(strip=True, required=True)
                     target_repo = v.UnicodeString(strip=True, required=True)
                     target_ref = v.UnicodeString(strip=True, required=True)
                     revisions = All(#v.NotReviewedRevisions(localizer, repo_id)(),
                                     v.UniqueList(localizer)(not_empty=True))
                     review_members = formencode.ForEach(ReviewerForm())
                     observer_members = formencode.ForEach(ObserverForm())
                     pullrequest_title = v.UnicodeString(strip=True, required=True, min=1, max=255)
                     pullrequest_desc = v.UnicodeString(strip=True, required=False)
                     description_renderer = v.UnicodeString(strip=True, required=False)
                 return _PullRequestForm
             def IssueTrackerPatternsForm(localizer):
                 _ = localizer
                 class _IssueTrackerPatternsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     chained_validators = [v.ValidPattern(localizer)]
                 return _IssueTrackerPatternsForm

rhodecode/model/settings.py

0 0 -5

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import re
             import logging
             import time
             import functools
             from collections import namedtuple
             from pyramid.threadlocal import get_current_request
             from rhodecode.lib import rc_cache
             from rhodecode.lib.hash_utils import sha1_safe
             from rhodecode.lib.html_filters import sanitize_html
             from rhodecode.lib.utils2 import (
                 Optional, AttributeDict, safe_str, remove_prefix, str2bool)
             from rhodecode.lib.vcs.backends import base
             from rhodecode.lib.statsd_client import StatsdClient
             from rhodecode.model import BaseModel
             from rhodecode.model.db import (
                 RepoRhodeCodeUi, RepoRhodeCodeSetting, RhodeCodeUi, RhodeCodeSetting)
             from rhodecode.model.meta import Session
             log = logging.getLogger(__name__)
             UiSetting = namedtuple(
                 'UiSetting', ['section', 'key', 'value', 'active'])
             SOCIAL_PLUGINS_LIST = ['github', 'bitbucket', 'twitter', 'google']
             class SettingNotFound(Exception):
                 def __init__(self, setting_id):
                     msg = f'Setting `{setting_id}` is not found'
                     super().__init__(msg)
             class SettingsModel(BaseModel):
                 BUILTIN_HOOKS = (
                     RhodeCodeUi.HOOK_REPO_SIZE, RhodeCodeUi.HOOK_PUSH,
                     RhodeCodeUi.HOOK_PRE_PUSH, RhodeCodeUi.HOOK_PRETX_PUSH,
                     RhodeCodeUi.HOOK_PULL, RhodeCodeUi.HOOK_PRE_PULL,
                     RhodeCodeUi.HOOK_PUSH_KEY,)
                 HOOKS_SECTION = 'hooks'
                 def __init__(self, sa=None, repo=None):
                     self.repo = repo
                     self.UiDbModel = RepoRhodeCodeUi if repo else RhodeCodeUi
                     self.SettingsDbModel = (
                         RepoRhodeCodeSetting if repo else RhodeCodeSetting)
                     super().__init__(sa)
                 def get_keyname(self, key_name, prefix='rhodecode_'):
                     return f'{prefix}{key_name}'
                 def get_ui_by_key(self, key):
                     q = self.UiDbModel.query()
                     q = q.filter(self.UiDbModel.ui_key == key)
                     q = self._filter_by_repo(RepoRhodeCodeUi, q)
                     return q.scalar()
                 def get_ui_by_section(self, section):
                     q = self.UiDbModel.query()
                     q = q.filter(self.UiDbModel.ui_section == section)
                     q = self._filter_by_repo(RepoRhodeCodeUi, q)
                     return q.all()
                 def get_ui_by_section_and_key(self, section, key):
                     q = self.UiDbModel.query()
                     q = q.filter(self.UiDbModel.ui_section == section)
                     q = q.filter(self.UiDbModel.ui_key == key)
                     q = self._filter_by_repo(RepoRhodeCodeUi, q)
                     return q.scalar()
                 def get_ui(self, section=None, key=None):
                     q = self.UiDbModel.query()
                     q = self._filter_by_repo(RepoRhodeCodeUi, q)
                     if section:
                         q = q.filter(self.UiDbModel.ui_section == section)
                     if key:
                         q = q.filter(self.UiDbModel.ui_key == key)
                     # TODO: mikhail: add caching
                     result = [
                         UiSetting(
                             section=safe_str(r.ui_section), key=safe_str(r.ui_key),
                             value=safe_str(r.ui_value), active=r.ui_active
                         )
                         for r in q.all()
                     ]
                     return result
                 def get_builtin_hooks(self):
                     q = self.UiDbModel.query()
                     q = q.filter(self.UiDbModel.ui_key.in_(self.BUILTIN_HOOKS))
                     return self._get_hooks(q)
                 def get_custom_hooks(self):
                     q = self.UiDbModel.query()
                     q = q.filter(~self.UiDbModel.ui_key.in_(self.BUILTIN_HOOKS))
                     return self._get_hooks(q)
                 def create_ui_section_value(self, section, val, key=None, active=True):
                     new_ui = self.UiDbModel()
                     new_ui.ui_section = section
                     new_ui.ui_value = val
                     new_ui.ui_active = active
                     repository_id = ''
                     if self.repo:
                         repo = self._get_repo(self.repo)
                         repository_id = repo.repo_id
                         new_ui.repository_id = repository_id
                     if not key:
                         # keys are unique so they need appended info
                         if self.repo:
                             key = sha1_safe(f'{section}{val}{repository_id}')
                         else:
                             key = sha1_safe(f'{section}{val}')
                     new_ui.ui_key = key
                     Session().add(new_ui)
                     return new_ui
                 def create_or_update_hook(self, key, value):
                     ui = (
                         self.get_ui_by_section_and_key(self.HOOKS_SECTION, key) or
                         self.UiDbModel())
                     ui.ui_section = self.HOOKS_SECTION
                     ui.ui_active = True
                     ui.ui_key = key
                     ui.ui_value = value
                     if self.repo:
                         repo = self._get_repo(self.repo)
                         repository_id = repo.repo_id
                         ui.repository_id = repository_id
                     Session().add(ui)
                     return ui
                 def delete_ui(self, id_):
                     ui = self.UiDbModel.get(id_)
                     if not ui:
                         raise SettingNotFound(id_)
                     Session().delete(ui)
                 def get_setting_by_name(self, name):
                     q = self._get_settings_query()
                     q = q.filter(self.SettingsDbModel.app_settings_name == name)
                     return q.scalar()
                 def create_or_update_setting(
                         self, name, val: Optional | str = Optional(''), type_: Optional | str = Optional('unicode')):
                     """
                     Creates or updates RhodeCode setting. If updates are triggered, it will
                     only update parameters that are explicitly set Optional instance will
                     be skipped
                     :param name:
                     :param val:
                     :param type_:
                     :return:
                     """
                     res = self.get_setting_by_name(name)
                     repo = self._get_repo(self.repo) if self.repo else None
                     if not res:
                         val = Optional.extract(val)
                         type_ = Optional.extract(type_)
                         args = (
                             (repo.repo_id, name, val, type_)
                             if repo else (name, val, type_))
                         res = self.SettingsDbModel(*args)
                     else:
                         if self.repo:
                             res.repository_id = repo.repo_id
                         res.app_settings_name = name
                         if not isinstance(type_, Optional):
                             # update if set
                             res.app_settings_type = type_
                         if not isinstance(val, Optional):
                             # update if set
                             res.app_settings_value = val
                     Session().add(res)
                     return res
                 def get_cache_region(self):
                     repo = self._get_repo(self.repo) if self.repo else None
                     cache_key = f"repo.v1.{repo.repo_id}" if repo else "repo.v1.ALL"
                     cache_namespace_uid = f'cache_settings.{cache_key}'
                     region = rc_cache.get_or_create_region('cache_general', cache_namespace_uid)
                     return region, cache_namespace_uid
                 def invalidate_settings_cache(self, hard=False):
                     region, namespace_key = self.get_cache_region()
                     log.debug('Invalidation cache [%s] region %s for cache_key: %s',
                               'invalidate_settings_cache', region, namespace_key)
                     # we use hard cleanup if invalidation is sent
                     rc_cache.clear_cache_namespace(region, namespace_key, method=rc_cache.CLEAR_DELETE)
                 def get_cache_call_method(self, cache=True):
                     region, cache_key = self.get_cache_region()
                     @region.conditional_cache_on_arguments(condition=cache)
                     def _get_all_settings(name, key):
                         q = self._get_settings_query()
                         if not q:
                             raise Exception('Could not get application settings !')
                         settings = {
                             self.get_keyname(res.app_settings_name): res.app_settings_value
                             for res in q
                         }
                         return settings
                     return _get_all_settings
                 def get_all_settings(self, cache=False, from_request=True):
                     # defines if we use GLOBAL, or PER_REPO
                     repo = self._get_repo(self.repo) if self.repo else None
                     # initially try the request context; this is the fastest
                     # we only fetch global config, NOT for repo-specific
                     if from_request and not repo:
                         request = get_current_request()
                         if request and hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):
                             rc_config = request.call_context.rc_config
                             if rc_config:
                                 return rc_config
                     _region, cache_key = self.get_cache_region()
                     _get_all_settings = self.get_cache_call_method(cache=cache)
                     start = time.time()
                     result = _get_all_settings('rhodecode_settings', cache_key)
                     compute_time = time.time() - start
                     log.debug('cached method:%s took %.4fs', _get_all_settings.__name__, compute_time)
                     statsd = StatsdClient.statsd
                     if statsd:
                         elapsed_time_ms = round(1000.0 * compute_time)  # use ms only
                         statsd.timing("rhodecode_settings_timing.histogram", elapsed_time_ms,
                                       use_decimals=False)
                     log.debug('Fetching app settings for key: %s took: %.4fs: cache: %s', cache_key, compute_time, cache)
                     return result
                 def get_auth_settings(self):
                     q = self._get_settings_query()
                     q = q.filter(
                         self.SettingsDbModel.app_settings_name.startswith('auth_'))
                     rows = q.all()
                     auth_settings = {
                         row.app_settings_name: row.app_settings_value for row in rows}
                     return auth_settings
                 def get_auth_plugins(self):
                     auth_plugins = self.get_setting_by_name("auth_plugins")
                     return auth_plugins.app_settings_value
                 def get_default_repo_settings(self, strip_prefix=False):
                     q = self._get_settings_query()
                     q = q.filter(
                         self.SettingsDbModel.app_settings_name.startswith('default_'))
                     rows = q.all()
                     result = {}
                     for row in rows:
                         key = row.app_settings_name
                         if strip_prefix:
                             key = remove_prefix(key, prefix='default_')
                         result.update({key: row.app_settings_value})
                     return result
                 def get_repo(self):
                     repo = self._get_repo(self.repo)
                     if not repo:
                         raise Exception(
                             f'Repository `{self.repo}` cannot be found inside the database')
                     return repo
                 def _filter_by_repo(self, model, query):
                     if self.repo:
                         repo = self.get_repo()
                         query = query.filter(model.repository_id == repo.repo_id)
                     return query
                 def _get_hooks(self, query):
                     query = query.filter(self.UiDbModel.ui_section == self.HOOKS_SECTION)
                     query = self._filter_by_repo(RepoRhodeCodeUi, query)
                     return query.all()
                 def _get_settings_query(self):
                     q = self.SettingsDbModel.query()
                     return self._filter_by_repo(RepoRhodeCodeSetting, q)
                 def list_enabled_social_plugins(self, settings):
                     enabled = []
                     for plug in SOCIAL_PLUGINS_LIST:
                         if str2bool(settings.get(f'rhodecode_auth_{plug}_enabled')):
                             enabled.append(plug)
                     return enabled
             def assert_repo_settings(func):
                 @functools.wraps(func)
                 def _wrapper(self, *args, **kwargs):
                     if not self.repo_settings:
                         raise Exception('Repository is not specified')
                     return func(self, *args, **kwargs)
                 return _wrapper
             class IssueTrackerSettingsModel(object):
                 INHERIT_SETTINGS = 'inherit_issue_tracker_settings'
                 SETTINGS_PREFIX = 'issuetracker_'
                 def __init__(self, sa=None, repo=None):
                     self.global_settings = SettingsModel(sa=sa)
                     self.repo_settings = SettingsModel(sa=sa, repo=repo) if repo else None
                 @property
                 def inherit_global_settings(self):
                     if not self.repo_settings:
                         return True
                     setting = self.repo_settings.get_setting_by_name(self.INHERIT_SETTINGS)
                     return setting.app_settings_value if setting else True
                 @inherit_global_settings.setter
                 def inherit_global_settings(self, value):
                     if self.repo_settings:
                         settings = self.repo_settings.create_or_update_setting(
                             self.INHERIT_SETTINGS, value, type_='bool')
                         Session().add(settings)
                 def _get_keyname(self, key, uid, prefix='rhodecode_'):
                     return f'{prefix}{self.SETTINGS_PREFIX}{key}_{uid}'
                 def _make_dict_for_settings(self, qs):
                     prefix_match = self._get_keyname('pat', '',)
                     issuetracker_entries = {}
                     # create keys
                     for k, v in qs.items():
                         if k.startswith(prefix_match):
                             uid = k[len(prefix_match):]
                             issuetracker_entries[uid] = None
                     def url_cleaner(input_str):
                         input_str = input_str.replace('"', '').replace("'", '')
                         input_str = sanitize_html(input_str, strip=True)
                         return input_str
                     # populate
                     for uid in issuetracker_entries:
                         url_data = qs.get(self._get_keyname('url', uid))
                         pat = qs.get(self._get_keyname('pat', uid))
                         try:
                             pat_compiled = re.compile(r'%s' % pat)
                         except re.error:
                             pat_compiled = None
                         issuetracker_entries[uid] = AttributeDict({
                             'pat': pat,
                             'pat_compiled': pat_compiled,
                             'url': url_cleaner(
                                 qs.get(self._get_keyname('url', uid)) or ''),
                             'pref': sanitize_html(
                                 qs.get(self._get_keyname('pref', uid)) or ''),
                             'desc': qs.get(
                                 self._get_keyname('desc', uid)),
                         })
                     return issuetracker_entries
                 def get_global_settings(self, cache=False):
                     """
                     Returns list of global issue tracker settings
                     """
                     defaults = self.global_settings.get_all_settings(cache=cache)
                     settings = self._make_dict_for_settings(defaults)
                     return settings
                 def get_repo_settings(self, cache=False):
                     """
                     Returns list of issue tracker settings per repository
                     """
                     if not self.repo_settings:
                         raise Exception('Repository is not specified')
                     all_settings = self.repo_settings.get_all_settings(cache=cache)
                     settings = self._make_dict_for_settings(all_settings)
                     return settings
                 def get_settings(self, cache=False):
                     if self.inherit_global_settings:
                         return self.get_global_settings(cache=cache)
                     else:
                         return self.get_repo_settings(cache=cache)
                 def delete_entries(self, uid):
                     if self.repo_settings:
                         all_patterns = self.get_repo_settings()
                         settings_model = self.repo_settings
                     else:
                         all_patterns = self.get_global_settings()
                         settings_model = self.global_settings
                     entries = all_patterns.get(uid, [])
                     for del_key in entries:
                         setting_name = self._get_keyname(del_key, uid, prefix='')
                         entry = settings_model.get_setting_by_name(setting_name)
                         if entry:
                             Session().delete(entry)
                     Session().commit()
                 def create_or_update_setting(
                         self, name, val=Optional(''), type_=Optional('unicode')):
                     if self.repo_settings:
                         setting = self.repo_settings.create_or_update_setting(
                             name, val, type_)
                     else:
                         setting = self.global_settings.create_or_update_setting(
                             name, val, type_)
                     return setting
             class VcsSettingsModel(object):
                 INHERIT_SETTINGS = 'inherit_vcs_settings'
                 GENERAL_SETTINGS = (
                     'use_outdated_comments',
                     'pr_merge_enabled',
                     'hg_use_rebase_for_merging',
                     'hg_close_branch_before_merging',
                     'git_use_rebase_for_merging',
                     'git_close_branch_before_merging',
                     'diff_cache',
                 )
                 HOOKS_SETTINGS = (
                     ('hooks', 'changegroup.repo_size'),
                     ('hooks', 'changegroup.push_logger'),
                     ('hooks', 'outgoing.pull_logger'),
                 )
                 HG_SETTINGS = (
                     ('extensions', 'largefiles'),
                     ('phases', 'publish'),
                     ('extensions', 'evolve'),
                     ('extensions', 'topic'),
                     ('experimental', 'evolution'),
                     ('experimental', 'evolution.exchange'),
                 )
                 GIT_SETTINGS = (
                     ('vcs_git_lfs', 'enabled'),
                 )
                 GLOBAL_HG_SETTINGS = (
                     ('extensions', 'largefiles'),
                     ('phases', 'publish'),
                     ('extensions', 'evolve'),
                     ('extensions', 'topic'),
                     ('experimental', 'evolution'),
                     ('experimental', 'evolution.exchange'),
                 )
                 GLOBAL_GIT_SETTINGS = (
                     ('vcs_git_lfs', 'enabled'),
                 )
                 SVN_BRANCH_SECTION = 'vcs_svn_branch'
                 SVN_TAG_SECTION = 'vcs_svn_tag'
-                SSL_SETTING = ('web', 'push_ssl')
                 PATH_SETTING = ('paths', '/')
                 def __init__(self, sa=None, repo=None):
                     self.global_settings = SettingsModel(sa=sa)
                     self.repo_settings = SettingsModel(sa=sa, repo=repo) if repo else None
                     self._ui_settings = (
                         self.HG_SETTINGS + self.GIT_SETTINGS + self.HOOKS_SETTINGS)
                     self._svn_sections = (self.SVN_BRANCH_SECTION, self.SVN_TAG_SECTION)
                 @property
                 @assert_repo_settings
                 def inherit_global_settings(self):
                     setting = self.repo_settings.get_setting_by_name(self.INHERIT_SETTINGS)
                     return setting.app_settings_value if setting else True
                 @inherit_global_settings.setter
                 @assert_repo_settings
                 def inherit_global_settings(self, value):
                     self.repo_settings.create_or_update_setting(
                         self.INHERIT_SETTINGS, value, type_='bool')
                 def get_keyname(self, key_name, prefix='rhodecode_'):
                     return f'{prefix}{key_name}'
                 def get_global_svn_branch_patterns(self):
                     return self.global_settings.get_ui_by_section(self.SVN_BRANCH_SECTION)
                 @assert_repo_settings
                 def get_repo_svn_branch_patterns(self):
                     return self.repo_settings.get_ui_by_section(self.SVN_BRANCH_SECTION)
                 def get_global_svn_tag_patterns(self):
                     return self.global_settings.get_ui_by_section(self.SVN_TAG_SECTION)
                 @assert_repo_settings
                 def get_repo_svn_tag_patterns(self):
                     return self.repo_settings.get_ui_by_section(self.SVN_TAG_SECTION)
                 def get_global_settings(self):
                     return self._collect_all_settings(global_=True)
                 @assert_repo_settings
                 def get_repo_settings(self):
                     return self._collect_all_settings(global_=False)
                 @assert_repo_settings
                 def get_repo_settings_inherited(self):
                     global_settings = self.get_global_settings()
                     global_settings.update(self.get_repo_settings())
                     return global_settings
                 @assert_repo_settings
                 def create_or_update_repo_settings(
                         self, data, inherit_global_settings=False):
                     from rhodecode.model.scm import ScmModel
                     self.inherit_global_settings = inherit_global_settings
                     repo = self.repo_settings.get_repo()
                     if not inherit_global_settings:
                         if repo.repo_type == 'svn':
                             self.create_repo_svn_settings(data)
                         else:
                             self.create_or_update_repo_hook_settings(data)
                             self.create_or_update_repo_pr_settings(data)
                         if repo.repo_type == 'hg':
                             self.create_or_update_repo_hg_settings(data)
                         if repo.repo_type == 'git':
                             self.create_or_update_repo_git_settings(data)
                     ScmModel().mark_for_invalidation(repo.repo_name, delete=True)
                 @assert_repo_settings
                 def create_or_update_repo_hook_settings(self, data):
                     for section, key in self.HOOKS_SETTINGS:
                         data_key = self._get_form_ui_key(section, key)
                         if data_key not in data:
                             raise ValueError(
                                 f'The given data does not contain {data_key} key')
                         active = data.get(data_key)
                         repo_setting = self.repo_settings.get_ui_by_section_and_key(
                             section, key)
                         if not repo_setting:
                             global_setting = self.global_settings.\
                                 get_ui_by_section_and_key(section, key)
                             self.repo_settings.create_ui_section_value(
                                 section, global_setting.ui_value, key=key, active=active)
                         else:
                             repo_setting.ui_active = active
                             Session().add(repo_setting)
                 def update_global_hook_settings(self, data):
                     for section, key in self.HOOKS_SETTINGS:
                         data_key = self._get_form_ui_key(section, key)
                         if data_key not in data:
                             raise ValueError(
                                 f'The given data does not contain {data_key} key')
                         active = data.get(data_key)
                         repo_setting = self.global_settings.get_ui_by_section_and_key(
                             section, key)
                         repo_setting.ui_active = active
                         Session().add(repo_setting)
                 @assert_repo_settings
                 def create_or_update_repo_pr_settings(self, data):
                     return self._create_or_update_general_settings(
                         self.repo_settings, data)
                 def create_or_update_global_pr_settings(self, data):
                     return self._create_or_update_general_settings(
                         self.global_settings, data)
                 @assert_repo_settings
                 def create_repo_svn_settings(self, data):
                     return self._create_svn_settings(self.repo_settings, data)
                 def _set_evolution(self, settings, is_enabled):
                     if is_enabled:
                         # if evolve is active set evolution=all
                         self._create_or_update_ui(
                             settings, *('experimental', 'evolution'), value='all',
                             active=True)
                         self._create_or_update_ui(
                             settings, *('experimental', 'evolution.exchange'), value='yes',
                             active=True)
                         # if evolve is active set topics server support
                         self._create_or_update_ui(
                             settings, *('extensions', 'topic'), value='',
                             active=True)
                     else:
                         self._create_or_update_ui(
                             settings, *('experimental', 'evolution'), value='',
                             active=False)
                         self._create_or_update_ui(
                             settings, *('experimental', 'evolution.exchange'), value='no',
                             active=False)
                         self._create_or_update_ui(
                             settings, *('extensions', 'topic'), value='',
                             active=False)
                 @assert_repo_settings
                 def create_or_update_repo_hg_settings(self, data):
                     largefiles, phases, evolve = \
                         self.HG_SETTINGS[:3]
                     largefiles_key, phases_key, evolve_key = \
                         self._get_settings_keys(self.HG_SETTINGS[:3], data)
                     self._create_or_update_ui(
                         self.repo_settings, *largefiles, value='',
                         active=data[largefiles_key])
                     self._create_or_update_ui(
                         self.repo_settings, *evolve, value='',
                         active=data[evolve_key])
                     self._set_evolution(self.repo_settings, is_enabled=data[evolve_key])
                     self._create_or_update_ui(
                         self.repo_settings, *phases, value=safe_str(data[phases_key]))
                 def create_or_update_global_hg_settings(self, data):
                     opts_len = 3
                     largefiles, phases, evolve \
                         = self.GLOBAL_HG_SETTINGS[:opts_len]
                     largefiles_key, phases_key, evolve_key \
                         = self._get_settings_keys(self.GLOBAL_HG_SETTINGS[:opts_len], data)
                     self._create_or_update_ui(
                         self.global_settings, *largefiles, value='',
                         active=data[largefiles_key])
                     self._create_or_update_ui(
                         self.global_settings, *phases, value=safe_str(data[phases_key]))
                     self._create_or_update_ui(
                         self.global_settings, *evolve, value='',
                         active=data[evolve_key])
                     self._set_evolution(self.global_settings, is_enabled=data[evolve_key])
                 def create_or_update_repo_git_settings(self, data):
                     # NOTE(marcink): # comma makes unpack work properly
                     lfs_enabled, \
                         = self.GIT_SETTINGS
                     lfs_enabled_key, \
                         = self._get_settings_keys(self.GIT_SETTINGS, data)
                     self._create_or_update_ui(
                         self.repo_settings, *lfs_enabled, value=data[lfs_enabled_key],
                         active=data[lfs_enabled_key])
                 def create_or_update_global_git_settings(self, data):
                     lfs_enabled = self.GLOBAL_GIT_SETTINGS[0]
                     lfs_enabled_key = self._get_settings_keys(self.GLOBAL_GIT_SETTINGS, data)[0]
                     self._create_or_update_ui(
                         self.global_settings, *lfs_enabled, value=data[lfs_enabled_key],
                         active=data[lfs_enabled_key])
                 def create_or_update_global_svn_settings(self, data):
                     # branch/tags patterns
                     self._create_svn_settings(self.global_settings, data)
-                def update_global_ssl_setting(self, value):
-                    self._create_or_update_ui(
-                        self.global_settings, *self.SSL_SETTING, value=value)
                 @assert_repo_settings
                 def delete_repo_svn_pattern(self, id_):
                     ui = self.repo_settings.UiDbModel.get(id_)
                     if ui and ui.repository.repo_name == self.repo_settings.repo:
                         # only delete if it's the same repo as initialized settings
                         self.repo_settings.delete_ui(id_)
                     else:
                         # raise error as if we wouldn't find this option
                         self.repo_settings.delete_ui(-1)
                 def delete_global_svn_pattern(self, id_):
                     self.global_settings.delete_ui(id_)
                 @assert_repo_settings
                 def get_repo_ui_settings(self, section=None, key=None):
                     global_uis = self.global_settings.get_ui(section, key)
                     repo_uis = self.repo_settings.get_ui(section, key)
                     filtered_repo_uis = self._filter_ui_settings(repo_uis)
                     filtered_repo_uis_keys = [
                         (s.section, s.key) for s in filtered_repo_uis]
                     def _is_global_ui_filtered(ui):
                         return (
                             (ui.section, ui.key) in filtered_repo_uis_keys
                             or ui.section in self._svn_sections)
                     filtered_global_uis = [
                         ui for ui in global_uis if not _is_global_ui_filtered(ui)]
                     return filtered_global_uis + filtered_repo_uis
                 def get_global_ui_settings(self, section=None, key=None):
                     return self.global_settings.get_ui(section, key)
                 def get_ui_settings_as_config_obj(self, section=None, key=None):
                     config = base.Config()
                     ui_settings = self.get_ui_settings(section=section, key=key)
                     for entry in ui_settings:
                         config.set(entry.section, entry.key, entry.value)
                     return config
                 def get_ui_settings(self, section=None, key=None):
                     if not self.repo_settings or self.inherit_global_settings:
                         return self.get_global_ui_settings(section, key)
                     else:
                         return self.get_repo_ui_settings(section, key)
                 def get_svn_patterns(self, section=None):
                     if not self.repo_settings:
                         return self.get_global_ui_settings(section)
                     else:
                         return self.get_repo_ui_settings(section)
                 @assert_repo_settings
                 def get_repo_general_settings(self):
                     global_settings = self.global_settings.get_all_settings()
                     repo_settings = self.repo_settings.get_all_settings()
                     filtered_repo_settings = self._filter_general_settings(repo_settings)
                     global_settings.update(filtered_repo_settings)
                     return global_settings
                 def get_global_general_settings(self):
                     return self.global_settings.get_all_settings()
                 def get_general_settings(self):
                     if not self.repo_settings or self.inherit_global_settings:
                         return self.get_global_general_settings()
                     else:
                         return self.get_repo_general_settings()
                 def _filter_ui_settings(self, settings):
                     filtered_settings = [
                         s for s in settings if self._should_keep_setting(s)]
                     return filtered_settings
                 def _should_keep_setting(self, setting):
                     keep = (
                         (setting.section, setting.key) in self._ui_settings or
                         setting.section in self._svn_sections)
                     return keep
                 def _filter_general_settings(self, settings):
                     keys = [self.get_keyname(key) for key in self.GENERAL_SETTINGS]
                     return {
                         k: settings[k]
                         for k in settings if k in keys}
                 def _collect_all_settings(self, global_=False):
                     settings = self.global_settings if global_ else self.repo_settings
                     result = {}
                     for section, key in self._ui_settings:
                         ui = settings.get_ui_by_section_and_key(section, key)
                         result_key = self._get_form_ui_key(section, key)
                         if ui:
                             if section in ('hooks', 'extensions'):
                                 result[result_key] = ui.ui_active
                             elif result_key in ['vcs_git_lfs_enabled']:
                                 result[result_key] = ui.ui_active
                             else:
                                 result[result_key] = ui.ui_value
                     for name in self.GENERAL_SETTINGS:
                         setting = settings.get_setting_by_name(name)
                         if setting:
                             result_key = self.get_keyname(name)
                             result[result_key] = setting.app_settings_value
                     return result
                 def _get_form_ui_key(self, section, key):
                     return '{section}_{key}'.format(
                         section=section, key=key.replace('.', '_'))
                 def _create_or_update_ui(
                         self, settings, section, key, value=None, active=None):
                     ui = settings.get_ui_by_section_and_key(section, key)
                     if not ui:
                         active = True if active is None else active
                         settings.create_ui_section_value(
                             section, value, key=key, active=active)
                     else:
                         if active is not None:
                             ui.ui_active = active
                         if value is not None:
                             ui.ui_value = value
                         Session().add(ui)
                 def _create_svn_settings(self, settings, data):
                     svn_settings = {
                         'new_svn_branch': self.SVN_BRANCH_SECTION,
                         'new_svn_tag': self.SVN_TAG_SECTION
                     }
                     for key in svn_settings:
                         if data.get(key):
                             settings.create_ui_section_value(svn_settings[key], data[key])
                 def _create_or_update_general_settings(self, settings, data):
                     for name in self.GENERAL_SETTINGS:
                         data_key = self.get_keyname(name)
                         if data_key not in data:
                             raise ValueError(
                                 f'The given data does not contain {data_key} key')
                         setting = settings.create_or_update_setting(
                             name, data[data_key], 'bool')
                         Session().add(setting)
                 def _get_settings_keys(self, settings, data):
                     data_keys = [self._get_form_ui_key(*s) for s in settings]
                     for data_key in data_keys:
                         if data_key not in data:
                             raise ValueError(
                                 f'The given data does not contain {data_key} key')
                     return data_keys
                 def create_largeobjects_dirs_if_needed(self, repo_store_path):
                     """
                     This is subscribed to the `pyramid.events.ApplicationCreated` event. It
                     does a repository scan if enabled in the settings.
                     """
                     from rhodecode.lib.vcs.backends.hg import largefiles_store
                     from rhodecode.lib.vcs.backends.git import lfs_store
                     paths = [
                         largefiles_store(repo_store_path),
                         lfs_store(repo_store_path)]
                     for path in paths:
                         if os.path.isdir(path):
                             continue
                         if os.path.isfile(path):
                             continue
                         # not a file nor dir, we try to create it
                         try:
                             os.makedirs(path)
                         except Exception:
                             log.warning('Failed to create largefiles dir:%s', path)

rhodecode/subscribers.py

0 +19 -4

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import io
             import shlex
             import math
             import re
             import os
             import datetime
             import logging
             import queue
             import subprocess
             from dateutil.parser import parse
             from pyramid.interfaces import IRoutesMapper
             from pyramid.settings import asbool
             from pyramid.path import AssetResolver
             from threading import Thread
             from rhodecode.config.jsroutes import generate_jsroutes_content
             from rhodecode.lib.base import get_auth_user
             from rhodecode.lib.celerylib.loader import set_celery_conf
             import rhodecode
             log = logging.getLogger(__name__)
             def add_renderer_globals(event):
                 from rhodecode.lib import helpers
                 # TODO: When executed in pyramid view context the request is not available
                 # in the event. Find a better solution to get the request.
                 from pyramid.threadlocal import get_current_request
                 request = event['request'] or get_current_request()
                 # Add Pyramid translation as '_' to context
                 event['_'] = request.translate
                 event['_ungettext'] = request.plularize
                 event['h'] = helpers
             def set_user_lang(event):
                 request = event.request
                 cur_user = getattr(request, 'user', None)
                 if cur_user:
                     user_lang = cur_user.get_instance().user_data.get('language')
                     if user_lang:
                         log.debug('lang: setting current user:%s language to: %s', cur_user, user_lang)
                         event.request._LOCALE_ = user_lang
             def update_celery_conf(event):
                 log.debug('Setting celery config from new request')
                 set_celery_conf(request=event.request, registry=event.request.registry)
             def add_request_user_context(event):
                 """
                 Adds auth user into request context
                 """
                 request = event.request
                 # access req_id as soon as possible
                 req_id = request.req_id
                 if hasattr(request, 'vcs_call'):
                     # skip vcs calls
                     return
                 if hasattr(request, 'rpc_method'):
                     # skip api calls
                     return
                 auth_user, auth_token = get_auth_user(request)
                 request.user = auth_user
                 request.user_auth_token = auth_token
                 request.environ['rc_auth_user'] = auth_user
                 request.environ['rc_auth_user_id'] = str(auth_user.user_id)
                 request.environ['rc_req_id'] = req_id
             def reset_log_bucket(event):
                 """
                 reset the log bucket on new request
                 """
                 request = event.request
                 request.req_id_records_init()
             def scan_repositories_if_enabled(event):
                 """
                 This is subscribed to the `pyramid.events.ApplicationCreated` event. It
                 does a repository scan if enabled in the settings.
                 """
                 settings = event.app.registry.settings
                 vcs_server_enabled = settings['vcs.server.enable']
                 import_on_startup = settings['startup.import_repos']
                 if vcs_server_enabled and import_on_startup:
                     from rhodecode.model.scm import ScmModel
                     from rhodecode.lib.utils import repo2db_mapper
                     scm = ScmModel()
                     repositories = scm.repo_scan(scm.repos_path)
                     repo2db_mapper(repositories, remove_obsolete=False)
             def write_metadata_if_needed(event):
                 """
                 Writes upgrade metadata
                 """
                 import rhodecode
                 from rhodecode.lib import system_info
                 from rhodecode.lib import ext_json
                 fname = '.rcmetadata.json'
                 ini_loc = os.path.dirname(rhodecode.CONFIG.get('__file__'))
                 metadata_destination = os.path.join(ini_loc, fname)
                 def get_update_age():
                     now = datetime.datetime.utcnow()
                     with open(metadata_destination, 'rb') as f:
                         data = ext_json.json.loads(f.read())
                         if 'created_on' in data:
                             update_date = parse(data['created_on'])
                             diff = now - update_date
                             return diff.total_seconds() / 60.0
                     return 0
                 def write():
                     configuration = system_info.SysInfo(
                         system_info.rhodecode_config)()['value']
                     license_token = configuration['config']['license_token']
                     setup = dict(
                         workers=configuration['config']['server:main'].get(
                             'workers', '?'),
                         worker_type=configuration['config']['server:main'].get(
                             'worker_class', 'sync'),
                     )
                     dbinfo = system_info.SysInfo(system_info.database_info)()['value']
                     del dbinfo['url']
                     metadata = dict(
                         desc='upgrade metadata info',
                         license_token=license_token,
                         created_on=datetime.datetime.utcnow().isoformat(),
                         usage=system_info.SysInfo(system_info.usage_info)()['value'],
                         platform=system_info.SysInfo(system_info.platform_type)()['value'],
                         database=dbinfo,
                         cpu=system_info.SysInfo(system_info.cpu)()['value'],
                         memory=system_info.SysInfo(system_info.memory)()['value'],
                         setup=setup
                     )
                     with open(metadata_destination, 'wb') as f:
                         f.write(ext_json.json.dumps(metadata))
                 settings = event.app.registry.settings
                 if settings.get('metadata.skip'):
                     return
                 # only write this every 24h, workers restart caused unwanted delays
                 try:
                     age_in_min = get_update_age()
                 except Exception:
                     age_in_min = 0
                 if age_in_min > 60 * 60 * 24:
                     return
                 try:
                     write()
                 except Exception:
                     pass
             def write_usage_data(event):
                 import rhodecode
                 from rhodecode.lib import system_info
                 from rhodecode.lib import ext_json
                 settings = event.app.registry.settings
                 instance_tag = settings.get('metadata.write_usage_tag')
                 if not settings.get('metadata.write_usage'):
                     return
                 def get_update_age(dest_file):
-                    now = datetime.datetime.utcnow()
+                    now = datetime.datetime.now(datetime.UTC)
                     with open(dest_file, 'rb') as f:
                         data = ext_json.json.loads(f.read())
                         if 'created_on' in data:
                             update_date = parse(data['created_on'])
                             diff = now - update_date
                             return math.ceil(diff.total_seconds() / 60.0)
                     return 0
-                utc_date = datetime.datetime.utcnow()
+                utc_date = datetime.datetime.now(datetime.UTC)
                 hour_quarter = int(math.ceil((utc_date.hour + utc_date.minute/60.0) / 6.))
-                fname = '.rc_usage_{date.year}{date.month:02d}{date.day:02d}_{hour}.json'.format(
+                fname = f'.rc_usage_{utc_date.year}{utc_date.month:02d}{utc_date.day:02d}_{hour_quarter}.json'
-                    date=utc_date, hour=hour_quarter)
                 ini_loc = os.path.dirname(rhodecode.CONFIG.get('__file__'))
                 usage_dir = os.path.join(ini_loc, '.rcusage')
                 if not os.path.isdir(usage_dir):
                     os.makedirs(usage_dir)
                 usage_metadata_destination = os.path.join(usage_dir, fname)
                 try:
                     age_in_min = get_update_age(usage_metadata_destination)
                 except Exception:
                     age_in_min = 0
                 # write every 6th hour
                 if age_in_min and age_in_min < 60 * 6:
                     log.debug('Usage file created %s minutes ago, skipping (threshold: %s minutes)...',
                               age_in_min, 60 * 6)
                     return
                 def write(dest_file):
                     configuration = system_info.SysInfo(system_info.rhodecode_config)()['value']
                     license_token = configuration['config']['license_token']
                     metadata = dict(
                         desc='Usage data',
                         instance_tag=instance_tag,
                         license_token=license_token,
                         created_on=datetime.datetime.utcnow().isoformat(),
                         usage=system_info.SysInfo(system_info.usage_info)()['value'],
                     )
                     with open(dest_file, 'wb') as f:
                         f.write(ext_json.formatted_json(metadata))
                 try:
                     log.debug('Writing usage file at: %s', usage_metadata_destination)
                     write(usage_metadata_destination)
                 except Exception:
                     pass
             def write_js_routes_if_enabled(event):
                 registry = event.app.registry
                 mapper = registry.queryUtility(IRoutesMapper)
                 _argument_prog = re.compile(r'\{(.*?)\}|:\((.*)\)')
                 def _extract_route_information(route):
                     """
                     Convert a route into tuple(name, path, args), eg:
                         ('show_user', '/profile/%(username)s', ['username'])
                     """
                     route_path = route.pattern
                     pattern = route.pattern
                     def replace(matchobj):
                         if matchobj.group(1):
                             return "%%(%s)s" % matchobj.group(1).split(':')[0]
                         else:
                             return "%%(%s)s" % matchobj.group(2)
                     route_path = _argument_prog.sub(replace, route_path)
                     if not route_path.startswith('/'):
                         route_path = f'/{route_path}'
                     return (
                         route.name,
                         route_path,
                         [(arg[0].split(':')[0] if arg[0] != '' else arg[1])
                          for arg in _argument_prog.findall(pattern)]
                     )
                 def get_routes():
                     # pyramid routes
                     for route in mapper.get_routes():
                         if not route.name.startswith('__'):
                             yield _extract_route_information(route)
                 if asbool(registry.settings.get('generate_js_files', 'false')):
                     static_path = AssetResolver().resolve('rhodecode:public').abspath()
                     jsroutes = get_routes()
                     jsroutes_file_content = generate_jsroutes_content(jsroutes)
                     jsroutes_file_path = os.path.join(
                         static_path, 'js', 'rhodecode', 'routes.js')
                     try:
                         with open(jsroutes_file_path, 'w', encoding='utf-8') as f:
                             f.write(jsroutes_file_content)
                         log.debug('generated JS files in %s', jsroutes_file_path)
                     except Exception:
                         log.exception('Failed to write routes.js into %s', jsroutes_file_path)
+            def import_license_if_present(event):
+                """
+                This is subscribed to the `pyramid.events.ApplicationCreated` event. It
+                does a import license key based on a presence of the file.
+                """
+                settings = event.app.registry.settings
+                license_file_path = settings.get('license.import_path')
+                force = settings.get('license.import_path_mode') == 'force'
+                if license_file_path:
+                    from rhodecode.model.meta import Session
+                    from rhodecode.model.license import apply_license_from_file
+                    apply_license_from_file(license_file_path, force=force)
+                    Session().commit()
             class Subscriber(object):
                 """
                 Base class for subscribers to the pyramid event system.
                 """
                 def __call__(self, event):
                     self.run(event)
                 def run(self, event):
                     raise NotImplementedError('Subclass has to implement this.')
             class AsyncSubscriber(Subscriber):
                 """
                 Subscriber that handles the execution of events in a separate task to not
                 block the execution of the code which triggers the event. It puts the
                 received events into a queue from which the worker process takes them in
                 order.
                 """
                 def __init__(self):
                     self._stop = False
                     self._eventq = queue.Queue()
                     self._worker = self.create_worker()
                     self._worker.start()
                 def __call__(self, event):
                     self._eventq.put(event)
                 def create_worker(self):
                     worker = Thread(target=self.do_work)
                     worker.daemon = True
                     return worker
                 def stop_worker(self):
                     self._stop = False
                     self._eventq.put(None)
                     self._worker.join()
                 def do_work(self):
                     while not self._stop:
                         event = self._eventq.get()
                         if event is not None:
                             self.run(event)
             class AsyncSubprocessSubscriber(AsyncSubscriber):
                 """
                 Subscriber that uses the subprocess module to execute a command if an
                 event is received. Events are handled asynchronously::
                     subscriber = AsyncSubprocessSubscriber('ls -la', timeout=10)
                     subscriber(dummyEvent) # running __call__(event)
                 """
                 def __init__(self, cmd, timeout=None):
                     if not isinstance(cmd, (list, tuple)):
                         cmd = shlex.split(cmd)
                     super().__init__()
                     self._cmd = cmd
                     self._timeout = timeout
                 def run(self, event):
                     cmd = self._cmd
                     timeout = self._timeout
                     log.debug('Executing command %s.', cmd)
                     try:
                         output = subprocess.check_output(
                             cmd, timeout=timeout, stderr=subprocess.STDOUT)
                         log.debug('Command finished %s', cmd)
                         if output:
                             log.debug('Command output: %s', output)
                     except subprocess.TimeoutExpired as e:
                         log.exception('Timeout while executing command.')
                         if e.output:
                             log.error('Command output: %s', e.output)
                     except subprocess.CalledProcessError as e:
                         log.exception('Error while executing command.')
                         if e.output:
                             log.error('Command output: %s', e.output)
                     except Exception:
                         log.exception(
                             'Exception while executing command %s.', cmd)

rhodecode/templates/admin/security/security.mako

0 +1 -30

             <%inherit file="/base/base.mako"/>
             <%def name="title()">
                 ${_('Security Admin')}
                 %if c.rhodecode_name:
                     &middot; ${h.branding(c.rhodecode_name)}
                 %endif
             </%def>
             <%def name="breadcrumbs_links()"></%def>
             <%def name="menu_bar_nav()">
                 ${self.menu_items(active='admin')}
             </%def>
             <%def name="menu_bar_subnav()">
                 ${self.admin_menu(active='security')}
             </%def>
             <%def name="main()">
             <div class="box">
                 <div class="panel panel-default">
                     <div class="panel-heading">
                         <h3 class="panel-title">${_('Security Audit')}</h3>
                     </div>
                     <div class="panel-body">
                         <h4>${_('This feature is available in RhodeCode EE edition only. Contact {sales_email} to obtain a trial license.').format(sales_email='<a href="mailto:sales@rhodecode.com">sales@rhodecode.com</a>')|n}</h4>
                         <p>
                             ${_('You can scan your repositories for exposed secrets, passwords, etc')}
                         </p>
                     </div>
                 </div>
                 <div class="panel panel-default">
                     <div class="panel-heading">
                         <h3 class="panel-title">${_('Allowed client versions')}</h3>
                     </div>
                     <div class="panel-body">
-                        %if c.rhodecode_edition_id != 'EE':
                         <h4>${_('This feature is available in RhodeCode EE edition only. Contact {sales_email} to obtain a trial license.').format(sales_email='<a href="mailto:sales@rhodecode.com">sales@rhodecode.com</a>')|n}</h4>
                         <p>
                             ${_('Some outdated client versions may have security vulnerabilities. This section have rules for whitelisting versions of clients for Git, Mercurial and SVN.')}
                         </p>
-                        %else:
-                            <div class="inner form" id="container">
-                            </div>
-                        %endif
                 </div>
             </div>
-            <script>
-                $(document).ready(function() {
-                    $.ajax({
-                        url: pyroutes.url('admin_security_modify_allowed_vcs_client_versions'),
-                        type: 'GET',
-                        success: function(response) {
-                            $('#container').html(response);
-                        },
-                    });
-                $(document).on('submit', '#allowed_clients_form', function(event) {
-                            event.preventDefault();
-                            var formData = $(this).serialize();
-                            $.ajax({
-                                url: pyroutes.url('admin_security_modify_allowed_vcs_client_versions'),
-                                type: 'POST',
-                                data: formData,
-                                success: function(response) {
-                                $('#container').html(response);
-                            },
-                            });
-                        });
-                    });
-            </script>
             </%def>

rhodecode/templates/base/vcs_settings.mako

0 +1 -16

             ## snippet for displaying vcs settings
             ## usage:
             ##    <%namespace name="vcss" file="/base/vcssettings.mako"/>
             ##    ${vcss.vcs_settings_fields()}
             <%def name="vcs_settings_fields(suffix='', svn_branch_patterns=None, svn_tag_patterns=None, repo_type=None, display_globals=False, **kwargs)">
                 % if display_globals:
-                    <div class="panel panel-default">
-                        <div class="panel-heading" id="general">
-                            <h3 class="panel-title">${_('General')}<a class="permalink" href="#general"> ¶</a></h3>
-                        </div>
-                        <div class="panel-body">
-                            <div class="field">
-                                <div class="checkbox">
-                                    ${h.checkbox('web_push_ssl' + suffix, 'True')}
-                                    <label for="web_push_ssl${suffix}">${_('Require SSL for vcs operations')}</label>
-                                </div>
-                                <div class="label">
-                                    <span class="help-block">${_('Activate to set RhodeCode to require SSL for pushing or pulling. If SSL certificate is missing it will return a HTTP Error 406: Not Acceptable.')}</span>
-                                </div>
-                             </div>
-                        </div>
-                    </div>
                 % endif
                 % if display_globals or repo_type in ['git', 'hg']:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-hooks-options">
                             <h3 class="panel-title">${_('Internal Hooks')}<a class="permalink" href="#vcs-hooks-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             <div class="field">
                                 <div class="checkbox">
                                     ${h.checkbox('hooks_changegroup_repo_size' + suffix, 'True', **kwargs)}
                                     <label for="hooks_changegroup_repo_size${suffix}">${_('Show repository size after push')}</label>
                                 </div>
                                 <div class="label">
                                     <span class="help-block">${_('Trigger a hook that calculates repository size after each push.')}</span>
                                 </div>
                                 <div class="checkbox">
                                     ${h.checkbox('hooks_changegroup_push_logger' + suffix, 'True', **kwargs)}
                                     <label for="hooks_changegroup_push_logger${suffix}">${_('Execute pre/post push hooks')}</label>
                                 </div>
                                 <div class="label">
                                     <span class="help-block">${_('Execute Built in pre/post push hooks. This also executes rcextensions hooks.')}</span>
                                 </div>
                                 <div class="checkbox">
                                     ${h.checkbox('hooks_outgoing_pull_logger' + suffix, 'True', **kwargs)}
                                     <label for="hooks_outgoing_pull_logger${suffix}">${_('Execute pre/post pull hooks')}</label>
                                 </div>
                                 <div class="label">
                                     <span class="help-block">${_('Execute Built in pre/post pull hooks. This also executes rcextensions hooks.')}</span>
                                 </div>
                             </div>
                         </div>
                     </div>
                 % endif
                 % if display_globals or repo_type in ['hg']:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-hg-options">
                             <h3 class="panel-title">${_('Mercurial Settings')}<a class="permalink" href="#vcs-hg-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             <div class="checkbox">
                                 ${h.checkbox('extensions_largefiles' + suffix, 'True', **kwargs)}
                                 <label for="extensions_largefiles${suffix}">${_('Enable largefiles extension')}</label>
                             </div>
                             <div class="label">
                                 % if display_globals:
                                     <span class="help-block">${_('Enable Largefiles extensions for all repositories.')}</span>
                                 % else:
                                     <span class="help-block">${_('Enable Largefiles extensions for this repository.')}</span>
                                 % endif
                             </div>
                             <div class="checkbox">
                                 ${h.checkbox('phases_publish' + suffix, 'True', **kwargs)}
                                 <label for="phases_publish${suffix}">${_('Set repositories as publishing') if display_globals else _('Set repository as publishing')}</label>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('When this is enabled all commits in the repository are seen as public commits by clients.')}</span>
                             </div>
                             <div class="checkbox">
                                 ${h.checkbox('extensions_evolve' + suffix, 'True', **kwargs)}
                                 <label for="extensions_evolve${suffix}">${_('Enable Evolve and Topic extension')}</label>
                             </div>
                             <div class="label">
                                 % if display_globals:
                                     <span class="help-block">${_('Enable Evolve and Topic extensions for all repositories.')}</span>
                                 % else:
                                     <span class="help-block">${_('Enable Evolve and Topic extensions for this repository.')}</span>
                                 % endif
                             </div>
                         </div>
                     </div>
                 % endif
                 % if display_globals or repo_type in ['git']:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-git-options">
                             <h3 class="panel-title">${_('Git Settings')}<a class="permalink" href="#vcs-git-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             <div class="checkbox">
                                 ${h.checkbox('vcs_git_lfs_enabled' + suffix, 'True', **kwargs)}
                                 <label for="vcs_git_lfs_enabled${suffix}">${_('Enable lfs extension')}</label>
                             </div>
                             <div class="label">
                                 % if display_globals:
                                     <span class="help-block">${_('Enable lfs extensions for all repositories.')}</span>
                                 % else:
                                     <span class="help-block">${_('Enable lfs extensions for this repository.')}</span>
                                 % endif
                             </div>
                         </div>
                     </div>
                 % endif
                 % if display_globals or repo_type in ['svn']:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-svn-options">
                             <h3 class="panel-title">${_('Subversion Settings')}<a class="permalink" href="#vcs-svn-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             % if display_globals:
                             <div class="field">
                                 <div class="content" >
                                     <label>${_('mod_dav config')}</label><br/>
                                     <code>path: ${c.svn_config_path}</code>
                                 </div>
                                 <br/>
                                 <div>
                                 % if c.svn_generate_config:
                                     <span class="buttons">
                                         <button class="btn btn-primary" id="vcs_svn_generate_cfg">${_('Re-generate Apache Config')}</button>
                                     </span>
                                 % endif
                                 </div>
                             </div>
                             % endif
                             <div class="field">
                                 <div class="content" >
                                     <label>${_('Repository patterns')}</label><br/>
                                 </div>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('Patterns for identifying SVN branches and tags. For recursive search, use "*". Eg.: "/branches/*"')}</span>
                             </div>
                             <div class="field branch_patterns">
                                 <div class="input" >
                                     <label>${_('Branches')}:</label><br/>
                                 </div>
                                 % if svn_branch_patterns:
                                     % for branch in svn_branch_patterns:
                                     <div class="input adjacent"   id="${'id%s' % branch.ui_id}">
                                         ${h.hidden('branch_ui_key' + suffix, branch.ui_key)}
                                         ${h.text('branch_value_%d' % branch.ui_id + suffix, branch.ui_value, size=59, readonly="readonly", class_='disabled')}
                                         % if kwargs.get('disabled') != 'disabled':
                                             <span class="btn btn-x" onclick="ajaxDeletePattern(${branch.ui_id},'${'id%s' % branch.ui_id}')">
                                                 ${_('Delete')}
                                             </span>
                                         % endif
                                     </div>
                                     % endfor
                                 %endif
                             </div>
                             % if kwargs.get('disabled') != 'disabled':
                                 <div class="field branch_patterns">
                                     <div class="input" >
                                         ${h.text('new_svn_branch',size=59,placeholder='New branch pattern')}
                                     </div>
                                 </div>
                             % endif
                             <div class="field tag_patterns">
                                 <div class="input" >
                                     <label>${_('Tags')}:</label><br/>
                                 </div>
                                 % if svn_tag_patterns:
                                     % for tag in svn_tag_patterns:
                                     <div class="input"  id="${'id%s' % tag.ui_id + suffix}">
                                         ${h.hidden('tag_ui_key' + suffix, tag.ui_key)}
                                         ${h.text('tag_ui_value_new_%d' % tag.ui_id + suffix, tag.ui_value, size=59, readonly="readonly", class_='disabled tag_input')}
                                         % if kwargs.get('disabled') != 'disabled':
                                             <span class="btn btn-x" onclick="ajaxDeletePattern(${tag.ui_id},'${'id%s' % tag.ui_id}')">
                                                 ${_('Delete')}
                                             </span>
                                         %endif
                                     </div>
                                     % endfor
                                 % endif
                             </div>
                             % if kwargs.get('disabled') != 'disabled':
                                 <div class="field tag_patterns">
                                     <div class="input" >
                                         ${h.text('new_svn_tag' + suffix, size=59, placeholder='New tag pattern')}
                                     </div>
                                 </div>
                             %endif
                         </div>
                     </div>
                 % else:
                     ${h.hidden('new_svn_branch' + suffix, '')}
                     ${h.hidden('new_svn_tag' + suffix, '')}
                 % endif
                 % if display_globals or repo_type in ['hg', 'git']:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-pull-requests-options">
                             <h3 class="panel-title">${_('Pull Request Settings')}<a class="permalink" href="#vcs-pull-requests-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             <div class="checkbox">
                                 ${h.checkbox('rhodecode_pr_merge_enabled' + suffix, 'True', **kwargs)}
                                 <label for="rhodecode_pr_merge_enabled${suffix}">${_('Enable server-side merge for pull requests')}</label>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('Note: when this feature is enabled, it only runs hooks defined in the rcextension package. Custom hooks added on the Admin -> Settings -> Hooks page will not be run when pull requests are automatically merged from the web interface.')}</span>
                             </div>
                             <div class="checkbox">
                                 ${h.checkbox('rhodecode_use_outdated_comments' + suffix, 'True', **kwargs)}
                                 <label for="rhodecode_use_outdated_comments${suffix}">${_('Invalidate and relocate inline comments during update')}</label>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('During the update of a pull request, the position of inline comments will be updated and outdated inline comments will be hidden.')}</span>
                             </div>
                         </div>
                     </div>
                 % endif
                 % if display_globals or repo_type in ['hg', 'git', 'svn']:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-pull-requests-options">
                             <h3 class="panel-title">${_('Diff cache')}<a class="permalink" href="#vcs-pull-requests-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             <div class="checkbox">
                                 ${h.checkbox('rhodecode_diff_cache' + suffix, 'True', **kwargs)}
                                 <label for="rhodecode_diff_cache${suffix}">${_('Enable caching diffs for pull requests cache and commits')}</label>
                             </div>
                         </div>
                     </div>
                 % endif
                 % if display_globals or repo_type in ['hg',]:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-pull-requests-options">
                             <h3 class="panel-title">${_('Mercurial Pull Request Settings')}<a class="permalink" href="#vcs-hg-pull-requests-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             ## Specific HG settings
                             <div class="checkbox">
                                 ${h.checkbox('rhodecode_hg_use_rebase_for_merging' + suffix, 'True', **kwargs)}
                                 <label for="rhodecode_hg_use_rebase_for_merging${suffix}">${_('Use rebase as merge strategy')}</label>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('Use rebase instead of creating a merge commit when merging via web interface.')}</span>
                             </div>
                             <div class="checkbox">
                                 ${h.checkbox('rhodecode_hg_close_branch_before_merging' + suffix, 'True', **kwargs)}
                                 <label for="rhodecode_hg_close_branch_before_merging{suffix}">${_('Close branch before merging it')}</label>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('Close branch before merging it into destination branch. No effect when rebase strategy is use.')}</span>
                             </div>
                         </div>
                     </div>
                 % endif
             % if display_globals or repo_type in ['git']:
                 <div class="panel panel-default">
                     <div class="panel-heading" id="vcs-pull-requests-options">
                         <h3 class="panel-title">${_('Git Pull Request Settings')}<a class="permalink" href="#vcs-git-pull-requests-options"> ¶</a></h3>
                     </div>
                     <div class="panel-body">
             ##                <div class="checkbox">
             ##                    ${h.checkbox('rhodecode_git_use_rebase_for_merging' + suffix, 'True', **kwargs)}
             ##                    <label for="rhodecode_git_use_rebase_for_merging${suffix}">${_('Use rebase as merge strategy')}</label>
             ##                </div>
             ##                <div class="label">
             ##                  <span class="help-block">${_('Use rebase instead of creating a merge commit when merging via web interface.')}</span>
             ##               </div>
                         <div class="checkbox">
                             ${h.checkbox('rhodecode_git_close_branch_before_merging' + suffix, 'True', **kwargs)}
                             <label for="rhodecode_git_close_branch_before_merging{suffix}">${_('Delete branch after merging it')}</label>
                         </div>
                         <div class="label">
                             <span class="help-block">${_('Delete branch after merging it into destination branch.')}</span>
                         </div>
                     </div>
                 </div>
             % endif
             <script type="text/javascript">
             $(document).ready(function() {
                 /* On click handler for the `Generate Apache Config` button. It sends a
                 POST request to trigger the (re)generation of the mod_dav_svn config. */
                 $('#vcs_svn_generate_cfg').on('click', function(event) {
                     event.preventDefault();
                     var url = "${h.route_path('admin_settings_vcs_svn_generate_cfg')}";
                     var jqxhr = $.post(url, {'csrf_token': CSRF_TOKEN});
                     jqxhr.done(function(data) {
                         $.Topic('/notifications').publish(data);
                     });
                 });
             });
             </script>
             </%def>

rhodecode/tests/lib/middleware/test_simplehg.py

0 0 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import urllib.parse
             import mock
             import pytest
             import simplejson as json
             from rhodecode.lib.vcs.backends.base import Config
             from rhodecode.tests.lib.middleware import mock_scm_app
             import rhodecode.lib.middleware.simplehg as simplehg
             def get_environ(url):
                 """Construct a minimum WSGI environ based on the URL."""
                 parsed_url = urllib.parse.urlparse(url)
                 environ = {
                     'PATH_INFO': parsed_url.path,
                     'QUERY_STRING': parsed_url.query,
                 }
                 return environ
             @pytest.mark.parametrize(
                 'url, expected_action',
                 [
                     ('/foo/bar?cmd=unbundle&key=tip', 'push'),
                     ('/foo/bar?cmd=pushkey&key=tip', 'push'),
                     ('/foo/bar?cmd=listkeys&key=tip', 'pull'),
                     ('/foo/bar?cmd=changegroup&key=tip', 'pull'),
                     ('/foo/bar?cmd=hello', 'pull'),
                     ('/foo/bar?cmd=batch', 'push'),
                     ('/foo/bar?cmd=putlfile', 'push'),
                     # Edge case: unknown argument: assume push
                     ('/foo/bar?cmd=unknown&key=tip', 'push'),
                     ('/foo/bar?cmd=&key=tip', 'push'),
                     # Edge case: not cmd argument
                     ('/foo/bar?key=tip', 'push'),
                 ])
             def test_get_action(url, expected_action, request_stub):
                 app = simplehg.SimpleHg(config={'auth_ret_code': '', 'base_path': ''},
                                         registry=request_stub.registry)
                 assert expected_action == app._get_action(get_environ(url))
             @pytest.mark.parametrize(
                 'environ, expected_xargs, expected_batch',
                 [
                     ({},
                      [''], ['push']),
                     ({'HTTP_X_HGARG_1': ''},
                      [''], ['push']),
                     ({'HTTP_X_HGARG_1': 'cmds=listkeys+namespace%3Dphases'},
                      ['listkeys namespace=phases'], ['pull']),
                     ({'HTTP_X_HGARG_1': 'cmds=pushkey+namespace%3Dbookmarks%2Ckey%3Dbm%2Cold%3D%2Cnew%3Dcb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b'},
                      ['pushkey namespace=bookmarks,key=bm,old=,new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b'], ['push']),
                     ({'HTTP_X_HGARG_1': 'namespace=phases'},
                      ['namespace=phases'], ['push']),
                 ])
             def test_xarg_and_batch_commands(environ, expected_xargs, expected_batch):
                 app = simplehg.SimpleHg
                 result = app._get_xarg_headers(environ)
                 result_batch = app._get_batch_cmd(environ)
                 assert expected_xargs == result
                 assert expected_batch == result_batch
             @pytest.mark.parametrize(
                 'url, expected_repo_name',
                 [
                     ('/foo?cmd=unbundle&key=tip', 'foo'),
                     ('/foo/bar?cmd=pushkey&key=tip', 'foo/bar'),
                     ('/foo/bar/baz?cmd=listkeys&key=tip', 'foo/bar/baz'),
                     # Repos with trailing slashes.
                     ('/foo/?cmd=unbundle&key=tip', 'foo'),
                     ('/foo/bar/?cmd=pushkey&key=tip', 'foo/bar'),
                     ('/foo/bar/baz/?cmd=listkeys&key=tip', 'foo/bar/baz'),
                 ])
             def test_get_repository_name(url, expected_repo_name, request_stub):
                 app = simplehg.SimpleHg(config={'auth_ret_code': '', 'base_path': ''},
                                         registry=request_stub.registry)
                 assert expected_repo_name == app._get_repository_name(get_environ(url))
             def test_get_config(user_util, baseapp, request_stub):
                 repo = user_util.create_repo(repo_type='git')
                 app = simplehg.SimpleHg(config={'auth_ret_code': '', 'base_path': ''},
                                         registry=request_stub.registry)
                 extras = [('foo', 'FOO', 'bar', 'BAR')]
                 hg_config = app._create_config(extras, repo_name=repo.repo_name)
                 config = simplehg.utils.make_db_config(repo=repo.repo_name)
                 config.set('rhodecode', 'RC_SCM_DATA', json.dumps(extras))
                 hg_config_org = config
                 expected_config = [
                     ('vcs_svn_tag', 'ff89f8c714d135d865f44b90e5413b88de19a55f', '/tags/*'),
-                    ('web', 'push_ssl', 'False'),
                     ('web', 'allow_push', '*'),
                     ('web', 'allow_archive', 'gz zip bz2'),
                     ('web', 'baseurl', '/'),
                     ('vcs_git_lfs', 'store_location', hg_config_org.get('vcs_git_lfs', 'store_location')),
                     ('vcs_svn_branch', '9aac1a38c3b8a0cdc4ae0f960a5f83332bc4fa5e', '/branches/*'),
                     ('vcs_svn_branch', 'c7e6a611c87da06529fd0dd733308481d67c71a8', '/trunk'),
                     ('largefiles', 'usercache', hg_config_org.get('largefiles', 'usercache')),
                     ('hooks', 'preoutgoing.pre_pull', 'python:vcsserver.hooks.pre_pull'),
                     ('hooks', 'prechangegroup.pre_push', 'python:vcsserver.hooks.pre_push'),
                     ('hooks', 'outgoing.pull_logger', 'python:vcsserver.hooks.log_pull_action'),
                     ('hooks', 'pretxnchangegroup.pre_push', 'python:vcsserver.hooks.pre_push'),
                     ('hooks', 'changegroup.push_logger', 'python:vcsserver.hooks.log_push_action'),
                     ('hooks', 'changegroup.repo_size', 'python:vcsserver.hooks.repo_size'),
                     ('phases', 'publish', 'True'),
                     ('extensions', 'largefiles', ''),
                     ('paths', '/', hg_config_org.get('paths', '/')),
                     ('rhodecode', 'RC_SCM_DATA', '[["foo","FOO","bar","BAR"]]')
                 ]
                 for entry in expected_config:
                     assert entry in hg_config
             def test_create_wsgi_app_uses_scm_app_from_simplevcs(request_stub):
                 config = {
                     'auth_ret_code': '',
                     'base_path': '',
                     'vcs.scm_app_implementation':
                         'rhodecode.tests.lib.middleware.mock_scm_app',
                 }
                 app = simplehg.SimpleHg(config=config, registry=request_stub.registry)
                 wsgi_app = app._create_wsgi_app('/tmp/test', 'test_repo', {})
                 assert wsgi_app is mock_scm_app.mock_hg_wsgi

rhodecode/tests/lib/middleware/test_simplevcs.py

0 0 -3

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import mock
             import pytest
             from rhodecode.lib.str_utils import base64_to_str
             from rhodecode.lib.utils2 import AttributeDict
             from rhodecode.tests.utils import CustomTestApp
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.lib.middleware import simplevcs
             from rhodecode.lib.middleware.https_fixup import HttpsFixup
             from rhodecode.lib.middleware.utils import scm_app_http
             from rhodecode.model.db import User, _hash_key
             from rhodecode.model.meta import Session, cache as db_cache
             from rhodecode.tests import (
                 HG_REPO, TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS)
             from rhodecode.tests.lib.middleware import mock_scm_app
             class StubVCSController(simplevcs.SimpleVCS):
                 SCM = 'hg'
                 stub_response_body = tuple()
                 def __init__(self, *args, **kwargs):
                     super(StubVCSController, self).__init__(*args, **kwargs)
                     self._action = 'pull'
                     self._is_shadow_repo_dir = True
                     self._name = HG_REPO
                     self.set_repo_names(None)
                 @property
                 def is_shadow_repo_dir(self):
                     return self._is_shadow_repo_dir
                 def _get_repository_name(self, environ):
                     return self._name
                 def _get_action(self, environ):
                     return self._action
                 def _create_wsgi_app(self, repo_path, repo_name, config):
                     def fake_app(environ, start_response):
                         headers = [
                             ('Http-Accept', 'application/mercurial')
                         ]
                         start_response('200 OK', headers)
                         return self.stub_response_body
                     return fake_app
                 def _create_config(self, extras, repo_name, scheme='http'):
                     return None
             @pytest.fixture()
             def vcscontroller(baseapp, config_stub, request_stub):
                 from rhodecode.config.middleware import ce_auth_resources
                 config_stub.testing_securitypolicy()
                 config_stub.include('rhodecode.authentication')
                 for resource in ce_auth_resources:
                     config_stub.include(resource)
                 controller = StubVCSController(
                     baseapp.config.get_settings(), request_stub.registry)
                 app = HttpsFixup(controller, baseapp.config.get_settings())
                 app = CustomTestApp(app)
                 _remove_default_user_from_query_cache()
                 # Sanity checks that things are set up correctly
                 app.get('/' + HG_REPO, status=200)
                 app.controller = controller
                 return app
             def _remove_default_user_from_query_cache():
                 user = User.get_default_user(cache=True)
                 query = Session().query(User).filter(User.username == user.username)
                 query = query.options(
                     FromCache("sql_cache_short", f"get_user_{_hash_key(user.username)}"))
                 db_cache.invalidate(
                     query, {},
                     FromCache("sql_cache_short", f"get_user_{_hash_key(user.username)}"))
                 Session().expire(user)
             def test_handles_exceptions_during_permissions_checks(
                     vcscontroller, disable_anonymous_user, enable_auth_plugins, test_user_factory):
                 test_password = 'qweqwe'
                 test_user = test_user_factory(password=test_password, extern_type='headers', extern_name='headers')
                 test_username = test_user.username
                 enable_auth_plugins.enable([
                     'egg:rhodecode-enterprise-ce#headers',
                     'egg:rhodecode-enterprise-ce#token',
                     'egg:rhodecode-enterprise-ce#rhodecode'],
                     override={
                         'egg:rhodecode-enterprise-ce#headers': {'auth_headers_header': 'REMOTE_USER'}
                     })
                 user_and_pass = f'{test_username}:{test_password}'
                 auth_password = base64_to_str(user_and_pass)
                 extra_environ = {
                     'AUTH_TYPE': 'Basic',
                     'HTTP_AUTHORIZATION': f'Basic {auth_password}',
                     'REMOTE_USER': test_username,
                 }
                 # Verify that things are hooked up correctly, we pass user with headers bound auth, and headers filled in
                 vcscontroller.get('/', status=200, extra_environ=extra_environ)
                 # Simulate trouble during permission checks
                 with mock.patch('rhodecode.model.db.User.get_by_username',
                                 side_effect=Exception('permission_error_test')) as get_user:
                     # Verify that a correct 500 is returned and check that the expected
                     # code path was hit.
                     vcscontroller.get('/', status=500, extra_environ=extra_environ)
                     assert get_user.called
             class StubFailVCSController(simplevcs.SimpleVCS):
                 def _handle_request(self, environ, start_response):
                     raise Exception("BOOM")
             @pytest.fixture(scope='module')
             def fail_controller(baseapp):
                 controller = StubFailVCSController(
                     baseapp.config.get_settings(), baseapp.config)
                 controller = HttpsFixup(controller, baseapp.config.get_settings())
                 controller = CustomTestApp(controller)
                 return controller
             def test_handles_exceptions_as_internal_server_error(fail_controller):
                 fail_controller.get('/', status=500)
             def test_provides_traceback_for_appenlight(fail_controller):
                 response = fail_controller.get(
                     '/', status=500, extra_environ={'appenlight.client': 'fake'})
                 assert 'appenlight.__traceback' in response.request.environ
             def test_provides_utils_scm_app_as_scm_app_by_default(baseapp, request_stub):
                 controller = StubVCSController(baseapp.config.get_settings(), request_stub.registry)
                 assert controller.scm_app is scm_app_http
             def test_allows_to_override_scm_app_via_config(baseapp, request_stub):
                 config = baseapp.config.get_settings().copy()
                 config['vcs.scm_app_implementation'] = (
                     'rhodecode.tests.lib.middleware.mock_scm_app')
                 controller = StubVCSController(config, request_stub.registry)
                 assert controller.scm_app is mock_scm_app
             @pytest.mark.parametrize('query_string, expected', [
                 ('cmd=stub_command', True),
                 ('cmd=listkeys', False),
             ])
             def test_should_check_locking(query_string, expected):
                 result = simplevcs._should_check_locking(query_string)
                 assert result == expected
             class TestShadowRepoRegularExpression(object):
                 pr_segment = 'pull-request'
                 shadow_segment = 'repository'
                 @pytest.mark.parametrize('url, expected', [
                     # repo with/without groups
                     ('My-Repo/{pr_segment}/1/{shadow_segment}', True),
                     ('Group/My-Repo/{pr_segment}/2/{shadow_segment}', True),
                     ('Group/Sub-Group/My-Repo/{pr_segment}/3/{shadow_segment}', True),
                     ('Group/Sub-Group1/Sub-Group2/My-Repo/{pr_segment}/3/{shadow_segment}', True),
                     # pull request ID
                     ('MyRepo/{pr_segment}/1/{shadow_segment}', True),
                     ('MyRepo/{pr_segment}/1234567890/{shadow_segment}', True),
                     ('MyRepo/{pr_segment}/-1/{shadow_segment}', False),
                     ('MyRepo/{pr_segment}/invalid/{shadow_segment}', False),
                     # unicode
                     (u'Sp€çîál-Repö/{pr_segment}/1/{shadow_segment}', True),
                     (u'Sp€çîál-Gröüp/Sp€çîál-Repö/{pr_segment}/1/{shadow_segment}', True),
                     # trailing/leading slash
                     ('/My-Repo/{pr_segment}/1/{shadow_segment}', False),
                     ('My-Repo/{pr_segment}/1/{shadow_segment}/', False),
                     ('/My-Repo/{pr_segment}/1/{shadow_segment}/', False),
                     # misc
                     ('My-Repo/{pr_segment}/1/{shadow_segment}/extra', False),
                     ('My-Repo/{pr_segment}/1/{shadow_segment}extra', False),
                 ])
                 def test_shadow_repo_regular_expression(self, url, expected):
                     from rhodecode.lib.middleware.simplevcs import SimpleVCS
                     url = url.format(
                         pr_segment=self.pr_segment,
                         shadow_segment=self.shadow_segment)
                     match_obj = SimpleVCS.shadow_repo_re.match(url)
                     assert (match_obj is not None) == expected
             @pytest.mark.backends('git', 'hg')
             class TestShadowRepoExposure(object):
                 def test_pull_on_shadow_repo_propagates_to_wsgi_app(
                         self, baseapp, request_stub):
                     """
                     Check that a pull action to a shadow repo is propagated to the
                     underlying wsgi app.
                     """
                     controller = StubVCSController(
                         baseapp.config.get_settings(), request_stub.registry)
-                    controller._check_ssl = mock.Mock()
                     controller.is_shadow_repo = True
                     controller._action = 'pull'
                     controller._is_shadow_repo_dir = True
                     controller.stub_response_body = (b'dummy body value',)
                     controller._get_default_cache_ttl = mock.Mock(
                         return_value=(False, 0))
                     environ_stub = {
                         'HTTP_HOST': 'test.example.com',
                         'HTTP_ACCEPT': 'application/mercurial',
                         'REQUEST_METHOD': 'GET',
                         'wsgi.url_scheme': 'http',
                     }
                     response = controller(environ_stub, mock.Mock())
                     response_body = b''.join(response)
                     # Assert that we got the response from the wsgi app.
                     assert response_body == b''.join(controller.stub_response_body)
                 def test_pull_on_shadow_repo_that_is_missing(self, baseapp, request_stub):
                     """
                     Check that a pull action to a shadow repo is propagated to the
                     underlying wsgi app.
                     """
                     controller = StubVCSController(
                         baseapp.config.get_settings(), request_stub.registry)
-                    controller._check_ssl = mock.Mock()
                     controller.is_shadow_repo = True
                     controller._action = 'pull'
                     controller._is_shadow_repo_dir = False
                     controller.stub_response_body = (b'dummy body value',)
                     environ_stub = {
                         'HTTP_HOST': 'test.example.com',
                         'HTTP_ACCEPT': 'application/mercurial',
                         'REQUEST_METHOD': 'GET',
                         'wsgi.url_scheme': 'http',
                     }
                     response = controller(environ_stub, mock.Mock())
                     response_body = b''.join(response)
                     # Assert that we got the response from the wsgi app.
                     assert b'404 Not Found' in response_body
                 def test_push_on_shadow_repo_raises(self, baseapp, request_stub):
                     """
                     Check that a push action to a shadow repo is aborted.
                     """
                     controller = StubVCSController(
                         baseapp.config.get_settings(), request_stub.registry)
-                    controller._check_ssl = mock.Mock()
                     controller.is_shadow_repo = True
                     controller._action = 'push'
                     controller.stub_response_body = (b'dummy body value',)
                     environ_stub = {
                         'HTTP_HOST': 'test.example.com',
                         'HTTP_ACCEPT': 'application/mercurial',
                         'REQUEST_METHOD': 'GET',
                         'wsgi.url_scheme': 'http',
                     }
                     response = controller(environ_stub, mock.Mock())
                     response_body = b''.join(response)
                     assert response_body != controller.stub_response_body
                     # Assert that a 406 error is returned.
                     assert b'406 Not Acceptable' in response_body
                 def test_set_repo_names_no_shadow(self, baseapp, request_stub):
                     """
                     Check that the set_repo_names method sets all names to the one returned
                     by the _get_repository_name method on a request to a non shadow repo.
                     """
                     environ_stub = {}
                     controller = StubVCSController(
                         baseapp.config.get_settings(), request_stub.registry)
                     controller._name = 'RepoGroup/MyRepo'
                     controller.set_repo_names(environ_stub)
                     assert not controller.is_shadow_repo
                     assert (controller.url_repo_name ==
                             controller.acl_repo_name ==
                             controller.vcs_repo_name ==
                             controller._get_repository_name(environ_stub))
                 def test_set_repo_names_with_shadow(
                         self, baseapp, pr_util, config_stub, request_stub):
                     """
                     Check that the set_repo_names method sets correct names on a request
                     to a shadow repo.
                     """
                     from rhodecode.model.pull_request import PullRequestModel
                     pull_request = pr_util.create_pull_request()
                     shadow_url = '{target}/{pr_segment}/{pr_id}/{shadow_segment}'.format(
                         target=pull_request.target_repo.repo_name,
                         pr_id=pull_request.pull_request_id,
                         pr_segment=TestShadowRepoRegularExpression.pr_segment,
                         shadow_segment=TestShadowRepoRegularExpression.shadow_segment)
                     controller = StubVCSController(
                         baseapp.config.get_settings(), request_stub.registry)
                     controller._name = shadow_url
                     controller.set_repo_names({})
                     # Get file system path to shadow repo for assertions.
                     workspace_id = PullRequestModel()._workspace_id(pull_request)
                     vcs_repo_name = pull_request.target_repo.get_shadow_repository_path(workspace_id)
                     assert controller.vcs_repo_name == vcs_repo_name
                     assert controller.url_repo_name == shadow_url
                     assert controller.acl_repo_name == pull_request.target_repo.repo_name
                     assert controller.is_shadow_repo
                 def test_set_repo_names_with_shadow_but_missing_pr(
                         self, baseapp, pr_util, config_stub, request_stub):
                     """
                     Checks that the set_repo_names method enforces matching target repos
                     and pull request IDs.
                     """
                     pull_request = pr_util.create_pull_request()
                     shadow_url = '{target}/{pr_segment}/{pr_id}/{shadow_segment}'.format(
                         target=pull_request.target_repo.repo_name,
                         pr_id=999999999,
                         pr_segment=TestShadowRepoRegularExpression.pr_segment,
                         shadow_segment=TestShadowRepoRegularExpression.shadow_segment)
                     controller = StubVCSController(
                         baseapp.config.get_settings(), request_stub.registry)
                     controller._name = shadow_url
                     controller.set_repo_names({})
                     assert not controller.is_shadow_repo
                     assert (controller.url_repo_name ==
                             controller.acl_repo_name ==
                             controller.vcs_repo_name)
             @pytest.mark.usefixtures('baseapp')
             class TestGenerateVcsResponse(object):
                 def test_ensures_that_start_response_is_called_early_enough(self):
                     self.call_controller_with_response_body(iter(['a', 'b']))
                     assert self.start_response.called
                 def test_invalidates_cache_after_body_is_consumed(self):
                     result = self.call_controller_with_response_body(iter(['a', 'b']))
                     assert not self.was_cache_invalidated()
                     # Consume the result
                     list(result)
                     assert self.was_cache_invalidated()
                 def test_raises_unknown_exceptions(self):
                     result = self.call_controller_with_response_body(
                         self.raise_result_iter(vcs_kind='unknown'))
                     with pytest.raises(Exception):
                         list(result)
                 def call_controller_with_response_body(self, response_body):
                     settings = {
                         'base_path': 'fake_base_path',
                         'vcs.hooks.protocol.v2': 'celery',
                         'vcs.hooks.direct_calls': False,
                     }
                     registry = AttributeDict()
                     controller = StubVCSController(settings, registry)
                     controller._invalidate_cache = mock.Mock()
                     controller.stub_response_body = response_body
                     self.start_response = mock.Mock()
                     result = controller._generate_vcs_response(
                         environ={}, start_response=self.start_response,
                         repo_path='fake_repo_path',
                         extras={}, action='push')
                     self.controller = controller
                     return result
                 def raise_result_iter(self, vcs_kind='repo_locked'):
                     """
                     Simulates an exception due to a vcs raised exception if kind vcs_kind
                     """
                     raise self.vcs_exception(vcs_kind=vcs_kind)
                     yield "never_reached"
                 def vcs_exception(self, vcs_kind='repo_locked'):
                     locked_exception = Exception('TEST_MESSAGE')
                     locked_exception._vcs_kind = vcs_kind
                     return locked_exception
                 def was_cache_invalidated(self):
                     return self.controller._invalidate_cache.called
             class TestInitializeGenerator(object):
                 def test_drains_first_element(self):
                     gen = self.factory(['__init__', 1, 2])
                     result = list(gen)
                     assert result == [1, 2]
                 @pytest.mark.parametrize('values', [
                     [],
                     [1, 2],
                 ])
                 def test_raises_value_error(self, values):
                     with pytest.raises(ValueError):
                         self.factory(values)
                 @simplevcs.initialize_generator
                 def factory(self, iterable):
                     for elem in iterable:
                         yield elem

rhodecode/tests/models/settings/test_vcs_settings.py

0 0 -11

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import mock
             import pytest
             from rhodecode.lib.utils2 import str2bool
             from rhodecode.model.meta import Session
             from rhodecode.model.settings import VcsSettingsModel, UiSetting
             HOOKS_FORM_DATA = {
                 'hooks_changegroup_repo_size': True,
                 'hooks_changegroup_push_logger': True,
                 'hooks_outgoing_pull_logger': True
             }
             SVN_FORM_DATA = {
                 'new_svn_branch': 'test-branch',
                 'new_svn_tag': 'test-tag'
             }
             GENERAL_FORM_DATA = {
                 'rhodecode_pr_merge_enabled': True,
                 'rhodecode_use_outdated_comments': True,
                 'rhodecode_hg_use_rebase_for_merging': True,
                 'rhodecode_hg_close_branch_before_merging': True,
                 'rhodecode_git_use_rebase_for_merging': True,
                 'rhodecode_git_close_branch_before_merging': True,
                 'rhodecode_diff_cache': True,
             }
             class TestInheritGlobalSettingsProperty(object):
                 def test_get_raises_exception_when_repository_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.inherit_global_settings
                     assert str(exc_info.value) == 'Repository is not specified'
                 def test_true_is_returned_when_value_is_not_found(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     assert model.inherit_global_settings is True
                 def test_value_is_returned(self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     settings_util.create_repo_rhodecode_setting(
                         repo_stub, VcsSettingsModel.INHERIT_SETTINGS, False, 'bool')
                     assert model.inherit_global_settings is False
                 def test_value_is_set(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model.inherit_global_settings = False
                     setting = model.repo_settings.get_setting_by_name(
                         VcsSettingsModel.INHERIT_SETTINGS)
                     try:
                         assert setting.app_settings_type == 'bool'
                         assert setting.app_settings_value is False
                     finally:
                         Session().delete(setting)
                         Session().commit()
                 def test_set_raises_exception_when_repository_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.inherit_global_settings = False
                     assert str(exc_info.value) == 'Repository is not specified'
             class TestVcsSettingsModel(object):
                 def test_global_svn_branch_patterns(self):
                     model = VcsSettingsModel()
                     expected_result = {'test': 'test'}
                     with mock.patch.object(model, 'global_settings') as settings_mock:
                         get_settings = settings_mock.get_ui_by_section
                         get_settings.return_value = expected_result
                         settings_mock.return_value = expected_result
                         result = model.get_global_svn_branch_patterns()
                     get_settings.assert_called_once_with(model.SVN_BRANCH_SECTION)
                     assert expected_result == result
                 def test_repo_svn_branch_patterns(self):
                     model = VcsSettingsModel()
                     expected_result = {'test': 'test'}
                     with mock.patch.object(model, 'repo_settings') as settings_mock:
                         get_settings = settings_mock.get_ui_by_section
                         get_settings.return_value = expected_result
                         settings_mock.return_value = expected_result
                         result = model.get_repo_svn_branch_patterns()
                     get_settings.assert_called_once_with(model.SVN_BRANCH_SECTION)
                     assert expected_result == result
                 def test_repo_svn_branch_patterns_raises_exception_when_repo_is_not_set(
                         self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.get_repo_svn_branch_patterns()
                     assert str(exc_info.value) == 'Repository is not specified'
                 def test_global_svn_tag_patterns(self):
                     model = VcsSettingsModel()
                     expected_result = {'test': 'test'}
                     with mock.patch.object(model, 'global_settings') as settings_mock:
                         get_settings = settings_mock.get_ui_by_section
                         get_settings.return_value = expected_result
                         settings_mock.return_value = expected_result
                         result = model.get_global_svn_tag_patterns()
                     get_settings.assert_called_once_with(model.SVN_TAG_SECTION)
                     assert expected_result == result
                 def test_repo_svn_tag_patterns(self):
                     model = VcsSettingsModel()
                     expected_result = {'test': 'test'}
                     with mock.patch.object(model, 'repo_settings') as settings_mock:
                         get_settings = settings_mock.get_ui_by_section
                         get_settings.return_value = expected_result
                         settings_mock.return_value = expected_result
                         result = model.get_repo_svn_tag_patterns()
                     get_settings.assert_called_once_with(model.SVN_TAG_SECTION)
                     assert expected_result == result
                 def test_repo_svn_tag_patterns_raises_exception_when_repo_is_not_set(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.get_repo_svn_tag_patterns()
                     assert str(exc_info.value) == 'Repository is not specified'
                 def test_get_global_settings(self):
                     expected_result = {'test': 'test'}
                     model = VcsSettingsModel()
                     with mock.patch.object(model, '_collect_all_settings') as collect_mock:
                         collect_mock.return_value = expected_result
                         result = model.get_global_settings()
                     collect_mock.assert_called_once_with(global_=True)
                     assert result == expected_result
                 def test_get_repo_settings(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     expected_result = {'test': 'test'}
                     with mock.patch.object(model, '_collect_all_settings') as collect_mock:
                         collect_mock.return_value = expected_result
                         result = model.get_repo_settings()
                     collect_mock.assert_called_once_with(global_=False)
                     assert result == expected_result
                 @pytest.mark.parametrize('settings, global_', [
                     ('global_settings', True),
                     ('repo_settings', False)
                 ])
                 def test_collect_all_settings(self, settings, global_):
                     model = VcsSettingsModel()
                     result_mock = self._mock_result()
                     settings_patch = mock.patch.object(model, settings)
                     with settings_patch as settings_mock:
                         settings_mock.get_ui_by_section_and_key.return_value = result_mock
                         settings_mock.get_setting_by_name.return_value = result_mock
                         result = model._collect_all_settings(global_=global_)
                     ui_settings = model.HG_SETTINGS + model.GIT_SETTINGS + model.HOOKS_SETTINGS
                     self._assert_get_settings_calls(
                         settings_mock, ui_settings, model.GENERAL_SETTINGS)
                     self._assert_collect_all_settings_result(
                         ui_settings, model.GENERAL_SETTINGS, result)
                 @pytest.mark.parametrize('settings, global_', [
                     ('global_settings', True),
                     ('repo_settings', False)
                 ])
                 def test_collect_all_settings_without_empty_value(self, settings, global_):
                     model = VcsSettingsModel()
                     settings_patch = mock.patch.object(model, settings)
                     with settings_patch as settings_mock:
                         settings_mock.get_ui_by_section_and_key.return_value = None
                         settings_mock.get_setting_by_name.return_value = None
                         result = model._collect_all_settings(global_=global_)
                     assert result == {}
                 def _mock_result(self):
                     result_mock = mock.Mock()
                     result_mock.ui_value = 'ui_value'
                     result_mock.ui_active = True
                     result_mock.app_settings_value = 'setting_value'
                     return result_mock
                 def _assert_get_settings_calls(
                         self, settings_mock, ui_settings, general_settings):
                     assert (
                         settings_mock.get_ui_by_section_and_key.call_count ==
                         len(ui_settings))
                     assert (
                         settings_mock.get_setting_by_name.call_count ==
                         len(general_settings))
                     for section, key in ui_settings:
                         expected_call = mock.call(section, key)
                         assert (
                             expected_call in
                             settings_mock.get_ui_by_section_and_key.call_args_list)
                     for name in general_settings:
                         expected_call = mock.call(name)
                         assert (
                             expected_call in
                             settings_mock.get_setting_by_name.call_args_list)
                 def _assert_collect_all_settings_result(
                         self, ui_settings, general_settings, result):
                     expected_result = {}
                     for section, key in ui_settings:
                         key = '{}_{}'.format(section, key.replace('.', '_'))
                         if section in ('extensions', 'hooks'):
                             value = True
                         elif key in ['vcs_git_lfs_enabled']:
                             value = True
                         else:
                             value = 'ui_value'
                         expected_result[key] = value
                     for name in general_settings:
                         key = 'rhodecode_' + name
                         expected_result[key] = 'setting_value'
                     assert expected_result == result
             class TestCreateOrUpdateRepoHookSettings(object):
                 def test_create_when_no_repo_object_found(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     self._create_settings(model, HOOKS_FORM_DATA)
                     cleanup = []
                     try:
                         for section, key in model.HOOKS_SETTINGS:
                             ui = model.repo_settings.get_ui_by_section_and_key(
                                 section, key)
                             assert ui.ui_active is True
                             cleanup.append(ui)
                     finally:
                         for ui in cleanup:
                             Session().delete(ui)
                         Session().commit()
                 def test_create_raises_exception_when_data_incomplete(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     deleted_key = 'hooks_changegroup_repo_size'
                     data = HOOKS_FORM_DATA.copy()
                     data.pop(deleted_key)
                     with pytest.raises(ValueError) as exc_info:
                         model.create_or_update_repo_hook_settings(data)
                         Session().commit()
                     msg = 'The given data does not contain {} key'.format(deleted_key)
                     assert str(exc_info.value) == msg
                 def test_update_when_repo_object_found(self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     for section, key in model.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, None, key=key, active=False)
                     model.create_or_update_repo_hook_settings(HOOKS_FORM_DATA)
                     Session().commit()
                     for section, key in model.HOOKS_SETTINGS:
                         ui = model.repo_settings.get_ui_by_section_and_key(section, key)
                         assert ui.ui_active is True
                 def _create_settings(self, model, data):
                     global_patch = mock.patch.object(model, 'global_settings')
                     global_setting = mock.Mock()
                     global_setting.ui_value = 'Test value'
                     with global_patch as global_mock:
                         global_mock.get_ui_by_section_and_key.return_value = global_setting
                         model.create_or_update_repo_hook_settings(HOOKS_FORM_DATA)
                         Session().commit()
             class TestUpdateGlobalHookSettings(object):
                 def test_update_raises_exception_when_data_incomplete(self):
                     model = VcsSettingsModel()
                     deleted_key = 'hooks_changegroup_repo_size'
                     data = HOOKS_FORM_DATA.copy()
                     data.pop(deleted_key)
                     with pytest.raises(ValueError) as exc_info:
                         model.update_global_hook_settings(data)
                         Session().commit()
                     msg = 'The given data does not contain {} key'.format(deleted_key)
                     assert str(exc_info.value) == msg
                 def test_update_global_hook_settings(self, settings_util):
                     model = VcsSettingsModel()
                     setting_mock = mock.MagicMock()
                     setting_mock.ui_active = False
                     get_settings_patcher = mock.patch.object(
                         model.global_settings, 'get_ui_by_section_and_key',
                         return_value=setting_mock)
                     session_patcher = mock.patch('rhodecode.model.settings.Session')
                     with get_settings_patcher as get_settings_mock, session_patcher:
                         model.update_global_hook_settings(HOOKS_FORM_DATA)
                         Session().commit()
                     assert setting_mock.ui_active is True
                     assert get_settings_mock.call_count == 3
             class TestCreateOrUpdateRepoGeneralSettings(object):
                 def test_calls_create_or_update_general_settings(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     create_patch = mock.patch.object(
                         model, '_create_or_update_general_settings')
                     with create_patch as create_mock:
                         model.create_or_update_repo_pr_settings(GENERAL_FORM_DATA)
                         Session().commit()
                     create_mock.assert_called_once_with(
                         model.repo_settings, GENERAL_FORM_DATA)
                 def test_raises_exception_when_repository_is_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.create_or_update_repo_pr_settings(GENERAL_FORM_DATA)
                     assert str(exc_info.value) == 'Repository is not specified'
             class TestCreateOrUpdatGlobalGeneralSettings(object):
                 def test_calls_create_or_update_general_settings(self):
                     model = VcsSettingsModel()
                     create_patch = mock.patch.object(
                         model, '_create_or_update_general_settings')
                     with create_patch as create_mock:
                         model.create_or_update_global_pr_settings(GENERAL_FORM_DATA)
                     create_mock.assert_called_once_with(
                         model.global_settings, GENERAL_FORM_DATA)
             class TestCreateOrUpdateGeneralSettings(object):
                 def test_create_when_no_repo_settings_found(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model._create_or_update_general_settings(
                         model.repo_settings, GENERAL_FORM_DATA)
                     cleanup = []
                     try:
                         for name in model.GENERAL_SETTINGS:
                             setting = model.repo_settings.get_setting_by_name(name)
                             assert setting.app_settings_value is True
                             cleanup.append(setting)
                     finally:
                         for setting in cleanup:
                             Session().delete(setting)
                         Session().commit()
                 def test_create_raises_exception_when_data_incomplete(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     deleted_key = 'rhodecode_pr_merge_enabled'
                     data = GENERAL_FORM_DATA.copy()
                     data.pop(deleted_key)
                     with pytest.raises(ValueError) as exc_info:
                         model._create_or_update_general_settings(model.repo_settings, data)
                     Session().commit()
                     msg = 'The given data does not contain {} key'.format(deleted_key)
                     assert str(exc_info.value) == msg
                 def test_update_when_repo_setting_found(self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     for name in model.GENERAL_SETTINGS:
                         settings_util.create_repo_rhodecode_setting(
                             repo_stub, name, False, 'bool')
                     model._create_or_update_general_settings(
                         model.repo_settings, GENERAL_FORM_DATA)
                     Session().commit()
                     for name in model.GENERAL_SETTINGS:
                         setting = model.repo_settings.get_setting_by_name(name)
                         assert setting.app_settings_value is True
             class TestCreateRepoSvnSettings(object):
                 def test_calls_create_svn_settings(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     with mock.patch.object(model, '_create_svn_settings') as create_mock:
                         model.create_repo_svn_settings(SVN_FORM_DATA)
                         Session().commit()
                     create_mock.assert_called_once_with(model.repo_settings, SVN_FORM_DATA)
                 def test_raises_exception_when_repository_is_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.create_repo_svn_settings(SVN_FORM_DATA)
                         Session().commit()
                     assert str(exc_info.value) == 'Repository is not specified'
             class TestCreateSvnSettings(object):
                 def test_create(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model._create_svn_settings(model.repo_settings, SVN_FORM_DATA)
                     Session().commit()
                     branch_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_BRANCH_SECTION)
                     tag_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_TAG_SECTION)
                     try:
                         assert len(branch_ui) == 1
                         assert len(tag_ui) == 1
                     finally:
                         Session().delete(branch_ui[0])
                         Session().delete(tag_ui[0])
                         Session().commit()
                 def test_create_tag(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     data = SVN_FORM_DATA.copy()
                     data.pop('new_svn_branch')
                     model._create_svn_settings(model.repo_settings, data)
                     Session().commit()
                     branch_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_BRANCH_SECTION)
                     tag_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_TAG_SECTION)
                     try:
                         assert len(branch_ui) == 0
                         assert len(tag_ui) == 1
                     finally:
                         Session().delete(tag_ui[0])
                         Session().commit()
                 def test_create_nothing_when_no_svn_settings_specified(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model._create_svn_settings(model.repo_settings, {})
                     Session().commit()
                     branch_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_BRANCH_SECTION)
                     tag_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_TAG_SECTION)
                     assert len(branch_ui) == 0
                     assert len(tag_ui) == 0
                 def test_create_nothing_when_empty_settings_specified(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     data = {
                         'new_svn_branch': '',
                         'new_svn_tag': ''
                     }
                     model._create_svn_settings(model.repo_settings, data)
                     Session().commit()
                     branch_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_BRANCH_SECTION)
                     tag_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_TAG_SECTION)
                     assert len(branch_ui) == 0
                     assert len(tag_ui) == 0
             class TestCreateOrUpdateUi(object):
                 def test_create(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model._create_or_update_ui(
                         model.repo_settings, 'test-section', 'test-key', active=False,
                         value='False')
                     Session().commit()
                     created_ui = model.repo_settings.get_ui_by_section_and_key(
                         'test-section', 'test-key')
                     try:
                         assert created_ui.ui_active is False
                         assert str2bool(created_ui.ui_value) is False
                     finally:
                         Session().delete(created_ui)
                         Session().commit()
                 def test_update(self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     # care about only 3 first settings
                     largefiles, phases, evolve = model.HG_SETTINGS[:3]
                     section = 'test-section'
                     key = 'test-key'
                     settings_util.create_repo_rhodecode_ui(
                         repo_stub, section, 'True', key=key, active=True)
                     model._create_or_update_ui(
                         model.repo_settings, section, key, active=False, value='False')
                     Session().commit()
                     created_ui = model.repo_settings.get_ui_by_section_and_key(
                         section, key)
                     assert created_ui.ui_active is False
                     assert str2bool(created_ui.ui_value) is False
             class TestCreateOrUpdateRepoHgSettings(object):
                 FORM_DATA = {
                     'extensions_largefiles': False,
                     'extensions_evolve': False,
                     'phases_publish': False
                 }
                 def test_creates_repo_hg_settings_when_data_is_correct(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     with mock.patch.object(model, '_create_or_update_ui') as create_mock:
                         model.create_or_update_repo_hg_settings(self.FORM_DATA)
                     expected_calls = [
                         mock.call(model.repo_settings, 'extensions', 'largefiles', active=False, value=''),
                         mock.call(model.repo_settings, 'extensions', 'evolve', active=False, value=''),
                         mock.call(model.repo_settings, 'experimental', 'evolution', active=False, value=''),
                         mock.call(model.repo_settings, 'experimental', 'evolution.exchange', active=False, value='no'),
                         mock.call(model.repo_settings, 'extensions', 'topic', active=False, value=''),
                         mock.call(model.repo_settings, 'phases', 'publish', value='False'),
                     ]
                     assert expected_calls == create_mock.call_args_list
                 @pytest.mark.parametrize('field_to_remove', FORM_DATA.keys())
                 def test_key_is_not_found(self, repo_stub, field_to_remove):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     data = self.FORM_DATA.copy()
                     data.pop(field_to_remove)
                     with pytest.raises(ValueError) as exc_info:
                         model.create_or_update_repo_hg_settings(data)
                         Session().commit()
                     expected_message = 'The given data does not contain {} key'.format(
                         field_to_remove)
                     assert str(exc_info.value) == expected_message
                 def test_create_raises_exception_when_repository_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.create_or_update_repo_hg_settings(self.FORM_DATA)
                         Session().commit()
                     assert str(exc_info.value) == 'Repository is not specified'
-            class TestUpdateGlobalSslSetting(object):
-                def test_updates_global_hg_settings(self):
-                    model = VcsSettingsModel()
-                    with mock.patch.object(model, '_create_or_update_ui') as create_mock:
-                        model.update_global_ssl_setting('False')
-                        Session().commit()
-                    create_mock.assert_called_once_with(
-                        model.global_settings, 'web', 'push_ssl', value='False')
             class TestCreateOrUpdateGlobalHgSettings(object):
                 FORM_DATA = {
                     'extensions_largefiles': False,
                     'phases_publish': False,
                     'extensions_evolve': False
                 }
                 def test_creates_repo_hg_settings_when_data_is_correct(self):
                     model = VcsSettingsModel()
                     with mock.patch.object(model, '_create_or_update_ui') as create_mock:
                         model.create_or_update_global_hg_settings(self.FORM_DATA)
                         Session().commit()
                     expected_calls = [
                         mock.call(model.global_settings, 'extensions', 'largefiles', active=False, value=''),
                         mock.call(model.global_settings, 'phases', 'publish', value='False'),
                         mock.call(model.global_settings, 'extensions', 'evolve', active=False, value=''),
                         mock.call(model.global_settings, 'experimental', 'evolution', active=False, value=''),
                         mock.call(model.global_settings, 'experimental', 'evolution.exchange', active=False, value='no'),
                         mock.call(model.global_settings, 'extensions', 'topic', active=False, value=''),
                     ]
                     assert expected_calls == create_mock.call_args_list
                 @pytest.mark.parametrize('field_to_remove', FORM_DATA.keys())
                 def test_key_is_not_found(self, repo_stub, field_to_remove):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     data = self.FORM_DATA.copy()
                     data.pop(field_to_remove)
                     with pytest.raises(Exception) as exc_info:
                         model.create_or_update_global_hg_settings(data)
                         Session().commit()
                     expected_message = 'The given data does not contain {} key'.format(
                         field_to_remove)
                     assert str(exc_info.value) == expected_message
             class TestCreateOrUpdateGlobalGitSettings(object):
                 FORM_DATA = {
                     'vcs_git_lfs_enabled': False,
                 }
                 def test_creates_repo_hg_settings_when_data_is_correct(self):
                     model = VcsSettingsModel()
                     with mock.patch.object(model, '_create_or_update_ui') as create_mock:
                         model.create_or_update_global_git_settings(self.FORM_DATA)
                         Session().commit()
                     expected_calls = [
                         mock.call(model.global_settings, 'vcs_git_lfs', 'enabled', active=False, value=False),
                     ]
                     assert expected_calls == create_mock.call_args_list
             class TestDeleteRepoSvnPattern(object):
                 def test_success_when_repo_is_set(self, backend_svn, settings_util):
                     repo = backend_svn.create_repo()
                     repo_name = repo.repo_name
                     model = VcsSettingsModel(repo=repo_name)
                     entry = settings_util.create_repo_rhodecode_ui(
                         repo, VcsSettingsModel.SVN_BRANCH_SECTION, 'svn-branch')
                     Session().commit()
                     model.delete_repo_svn_pattern(entry.ui_id)
                 def test_fail_when_delete_id_from_other_repo(self, backend_svn):
                     repo_name = backend_svn.repo_name
                     model = VcsSettingsModel(repo=repo_name)
                     delete_ui_patch = mock.patch.object(model.repo_settings, 'delete_ui')
                     with delete_ui_patch as delete_ui_mock:
                         model.delete_repo_svn_pattern(123)
                         Session().commit()
                     delete_ui_mock.assert_called_once_with(-1)
                 def test_raises_exception_when_repository_is_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.delete_repo_svn_pattern(123)
                     assert str(exc_info.value) == 'Repository is not specified'
             class TestDeleteGlobalSvnPattern(object):
                 def test_delete_global_svn_pattern_calls_delete_ui(self):
                     model = VcsSettingsModel()
                     delete_ui_patch = mock.patch.object(model.global_settings, 'delete_ui')
                     with delete_ui_patch as delete_ui_mock:
                         model.delete_global_svn_pattern(123)
                     delete_ui_mock.assert_called_once_with(123)
             class TestFilterUiSettings(object):
                 def test_settings_are_filtered(self):
                     model = VcsSettingsModel()
                     repo_settings = [
                         UiSetting('extensions', 'largefiles', '', True),
                         UiSetting('phases', 'publish', 'True', True),
                         UiSetting('hooks', 'changegroup.repo_size', 'hook', True),
                         UiSetting('hooks', 'changegroup.push_logger', 'hook', True),
                         UiSetting('hooks', 'outgoing.pull_logger', 'hook', True),
                         UiSetting(
                             'vcs_svn_branch', '84223c972204fa545ca1b22dac7bef5b68d7442d',
                             'test_branch', True),
                         UiSetting(
                             'vcs_svn_tag', '84229c972204fa545ca1b22dac7bef5b68d7442d',
                             'test_tag', True),
                     ]
                     non_repo_settings = [
                         UiSetting('largefiles', 'usercache', '/example/largefiles-store', True),
                         UiSetting('test', 'outgoing.pull_logger', 'hook', True),
                         UiSetting('hooks', 'test2', 'hook', True),
                         UiSetting(
                             'vcs_svn_repo', '84229c972204fa545ca1b22dac7bef5b68d7442d',
                             'test_tag', True),
                     ]
                     settings = repo_settings + non_repo_settings
                     filtered_settings = model._filter_ui_settings(settings)
                     assert sorted(filtered_settings) == sorted(repo_settings)
             class TestFilterGeneralSettings(object):
                 def test_settings_are_filtered(self):
                     model = VcsSettingsModel()
                     settings = {
                         'rhodecode_abcde': 'value1',
                         'rhodecode_vwxyz': 'value2',
                     }
                     general_settings = {
                         'rhodecode_{}'.format(key): 'value'
                         for key in VcsSettingsModel.GENERAL_SETTINGS
                     }
                     settings.update(general_settings)
                     filtered_settings = model._filter_general_settings(general_settings)
                     assert sorted(filtered_settings) == sorted(general_settings)
             class TestGetRepoUiSettings(object):
                 def test_global_uis_are_returned_when_no_repo_uis_found(
                         self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_repo_ui_settings()
                     svn_sections = (
                         VcsSettingsModel.SVN_TAG_SECTION,
                         VcsSettingsModel.SVN_BRANCH_SECTION)
                     expected_result = [
                         s for s in model.global_settings.get_ui()
                         if s.section not in svn_sections]
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_uis_are_overriding_global_uis(
                         self, repo_stub, settings_util):
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, 'repo', key=key, active=False)
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_repo_ui_settings()
                     for setting in result:
                         locator = (setting.section, setting.key)
                         if locator in VcsSettingsModel.HOOKS_SETTINGS:
                             assert setting.value == 'repo'
                             assert setting.active is False
                 def test_global_svn_patterns_are_not_in_list(
                         self, repo_stub, settings_util):
                     svn_sections = (
                         VcsSettingsModel.SVN_TAG_SECTION,
                         VcsSettingsModel.SVN_BRANCH_SECTION)
                     for section in svn_sections:
                         settings_util.create_rhodecode_ui(
                             section, 'repo', key='deadbeef' + section, active=False)
                         Session().commit()
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_repo_ui_settings()
                     for setting in result:
                         assert setting.section not in svn_sections
                 def test_repo_uis_filtered_by_section_are_returned(
                         self, repo_stub, settings_util):
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, 'repo', key=key, active=False)
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     section, key = VcsSettingsModel.HOOKS_SETTINGS[0]
                     result = model.get_repo_ui_settings(section=section)
                     for setting in result:
                         assert setting.section == section
                 def test_repo_uis_filtered_by_key_are_returned(
                         self, repo_stub, settings_util):
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, 'repo', key=key, active=False)
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     section, key = VcsSettingsModel.HOOKS_SETTINGS[0]
                     result = model.get_repo_ui_settings(key=key)
                     for setting in result:
                         assert setting.key == key
                 def test_raises_exception_when_repository_is_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.get_repo_ui_settings()
                     assert str(exc_info.value) == 'Repository is not specified'
             class TestGetRepoGeneralSettings(object):
                 def test_global_settings_are_returned_when_no_repo_settings_found(
                         self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_repo_general_settings()
                     expected_result = model.global_settings.get_all_settings()
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_uis_are_overriding_global_uis(
                         self, repo_stub, settings_util):
                     for key in VcsSettingsModel.GENERAL_SETTINGS:
                         settings_util.create_repo_rhodecode_setting(
                             repo_stub, key, 'abcde', type_='unicode')
                         Session().commit()
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_repo_ui_settings()
                     for key in result:
                         if key in VcsSettingsModel.GENERAL_SETTINGS:
                             assert result[key] == 'abcde'
                 def test_raises_exception_when_repository_is_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.get_repo_general_settings()
                     assert str(exc_info.value) == 'Repository is not specified'
             class TestGetGlobalGeneralSettings(object):
                 def test_global_settings_are_returned(self, repo_stub):
                     model = VcsSettingsModel()
                     result = model.get_global_general_settings()
                     expected_result = model.global_settings.get_all_settings()
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_uis_are_not_overriding_global_uis(
                         self, repo_stub, settings_util):
                     for key in VcsSettingsModel.GENERAL_SETTINGS:
                         settings_util.create_repo_rhodecode_setting(
                             repo_stub, key, 'abcde', type_='unicode')
                         Session().commit()
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_global_general_settings()
                     expected_result = model.global_settings.get_all_settings()
                     assert sorted(result) == sorted(expected_result)
             class TestGetGlobalUiSettings(object):
                 def test_global_uis_are_returned(self, repo_stub):
                     model = VcsSettingsModel()
                     result = model.get_global_ui_settings()
                     expected_result = model.global_settings.get_ui()
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_uis_are_not_overriding_global_uis(
                         self, repo_stub, settings_util):
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, 'repo', key=key, active=False)
                         Session().commit()
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_global_ui_settings()
                     expected_result = model.global_settings.get_ui()
                     assert sorted(result) == sorted(expected_result)
                 def test_ui_settings_filtered_by_section(
                         self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     section, key = VcsSettingsModel.HOOKS_SETTINGS[0]
                     result = model.get_global_ui_settings(section=section)
                     expected_result = model.global_settings.get_ui(section=section)
                     assert sorted(result) == sorted(expected_result)
                 def test_ui_settings_filtered_by_key(
                         self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     section, key = VcsSettingsModel.HOOKS_SETTINGS[0]
                     result = model.get_global_ui_settings(key=key)
                     expected_result = model.global_settings.get_ui(key=key)
                     assert sorted(result) == sorted(expected_result)
             class TestGetGeneralSettings(object):
                 def test_global_settings_are_returned_when_inherited_is_true(
                         self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model.inherit_global_settings = True
                     for key in VcsSettingsModel.GENERAL_SETTINGS:
                         settings_util.create_repo_rhodecode_setting(
                             repo_stub, key, 'abcde', type_='unicode')
                         Session().commit()
                     result = model.get_general_settings()
                     expected_result = model.get_global_general_settings()
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_settings_are_returned_when_inherited_is_false(
                         self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model.inherit_global_settings = False
                     for key in VcsSettingsModel.GENERAL_SETTINGS:
                         settings_util.create_repo_rhodecode_setting(
                             repo_stub, key, 'abcde', type_='unicode')
                         Session().commit()
                     result = model.get_general_settings()
                     expected_result = model.get_repo_general_settings()
                     assert sorted(result) == sorted(expected_result)
                 def test_global_settings_are_returned_when_no_repository_specified(self):
                     model = VcsSettingsModel()
                     result = model.get_general_settings()
                     expected_result = model.get_global_general_settings()
                     assert sorted(result) == sorted(expected_result)
             class TestGetUiSettings(object):
                 def test_global_settings_are_returned_when_inherited_is_true(
                         self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model.inherit_global_settings = True
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, 'repo', key=key, active=True)
                         Session().commit()
                     result = model.get_ui_settings()
                     expected_result = model.get_global_ui_settings()
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_settings_are_returned_when_inherited_is_false(
                         self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model.inherit_global_settings = False
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, 'repo', key=key, active=True)
                         Session().commit()
                     result = model.get_ui_settings()
                     expected_result = model.get_repo_ui_settings()
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_settings_filtered_by_section_and_key(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model.inherit_global_settings = False
                     args = ('section', 'key')
                     with mock.patch.object(model, 'get_repo_ui_settings') as settings_mock:
                         model.get_ui_settings(*args)
                     Session().commit()
                     settings_mock.assert_called_once_with(*args)
                 def test_global_settings_filtered_by_section_and_key(self):
                     model = VcsSettingsModel()
                     args = ('section', 'key')
                     with mock.patch.object(model, 'get_global_ui_settings') as (
                             settings_mock):
                         model.get_ui_settings(*args)
                     settings_mock.assert_called_once_with(*args)
                 def test_global_settings_are_returned_when_no_repository_specified(self):
                     model = VcsSettingsModel()
                     result = model.get_ui_settings()
                     expected_result = model.get_global_ui_settings()
                     assert sorted(result) == sorted(expected_result)
             class TestGetSvnPatterns(object):
                 def test_repo_settings_filtered_by_section_and_key(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     args = ('section', )
                     with mock.patch.object(model, 'get_repo_ui_settings') as settings_mock:
                         model.get_svn_patterns(*args)
                     Session().commit()
                     settings_mock.assert_called_once_with(*args)
                 def test_global_settings_filtered_by_section_and_key(self):
                     model = VcsSettingsModel()
                     args = ('section', )
                     with mock.patch.object(model, 'get_global_ui_settings') as (
                             settings_mock):
                         model.get_svn_patterns(*args)
                     settings_mock.assert_called_once_with(*args)
             class TestCreateOrUpdateRepoSettings(object):
                 FORM_DATA = {
                     'inherit_global_settings': False,
                     'hooks_changegroup_repo_size': False,
                     'hooks_changegroup_push_logger': False,
                     'hooks_outgoing_pull_logger': False,
                     'extensions_largefiles': False,
                     'extensions_evolve': False,
                     'vcs_git_lfs_enabled': False,
                     'phases_publish': 'False',
                     'rhodecode_pr_merge_enabled': False,
                     'rhodecode_use_outdated_comments': False,
                     'new_svn_branch': '',
                     'new_svn_tag': ''
                 }
                 def test_get_raises_exception_when_repository_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.create_or_update_repo_settings(data=self.FORM_DATA)
                         Session().commit()
                     assert str(exc_info.value) == 'Repository is not specified'
                 def test_only_svn_settings_are_updated_when_type_is_svn(self, backend_svn):
                     repo = backend_svn.create_repo()
                     model = VcsSettingsModel(repo=repo)
                     with self._patch_model(model) as mocks:
                         model.create_or_update_repo_settings(
                             data=self.FORM_DATA, inherit_global_settings=False)
                         Session().commit()
                     mocks['create_repo_svn_settings'].assert_called_once_with(
                         self.FORM_DATA)
                     non_called_methods = (
                         'create_or_update_repo_hook_settings',
                         'create_or_update_repo_pr_settings',
                         'create_or_update_repo_hg_settings')
                     for method in non_called_methods:
                         assert mocks[method].call_count == 0
                 def test_non_svn_settings_are_updated_when_type_is_hg(self, backend_hg):
                     repo = backend_hg.create_repo()
                     model = VcsSettingsModel(repo=repo)
                     with self._patch_model(model) as mocks:
                         model.create_or_update_repo_settings(
                             data=self.FORM_DATA, inherit_global_settings=False)
                         Session().commit()
                     assert mocks['create_repo_svn_settings'].call_count == 0
                     called_methods = (
                         'create_or_update_repo_hook_settings',
                         'create_or_update_repo_pr_settings',
                         'create_or_update_repo_hg_settings')
                     for method in called_methods:
                         mocks[method].assert_called_once_with(self.FORM_DATA)
                 def test_non_svn_and_hg_settings_are_updated_when_type_is_git(
                         self, backend_git):
                     repo = backend_git.create_repo()
                     model = VcsSettingsModel(repo=repo)
                     with self._patch_model(model) as mocks:
                         model.create_or_update_repo_settings(
                             data=self.FORM_DATA, inherit_global_settings=False)
                     assert mocks['create_repo_svn_settings'].call_count == 0
                     called_methods = (
                         'create_or_update_repo_hook_settings',
                         'create_or_update_repo_pr_settings')
                     non_called_methods = (
                         'create_repo_svn_settings',
                         'create_or_update_repo_hg_settings'
                     )
                     for method in called_methods:
                         mocks[method].assert_called_once_with(self.FORM_DATA)
                     for method in non_called_methods:
                         assert mocks[method].call_count == 0
                 def test_no_methods_are_called_when_settings_are_inherited(
                         self, backend):
                     repo = backend.create_repo()
                     model = VcsSettingsModel(repo=repo)
                     with self._patch_model(model) as mocks:
                         model.create_or_update_repo_settings(
                             data=self.FORM_DATA, inherit_global_settings=True)
                     for method_name in mocks:
                         assert mocks[method_name].call_count == 0
                 def test_cache_is_marked_for_invalidation(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub)
                     invalidation_patcher = mock.patch(
                         'rhodecode.model.scm.ScmModel.mark_for_invalidation')
                     with invalidation_patcher as invalidation_mock:
                         model.create_or_update_repo_settings(
                             data=self.FORM_DATA, inherit_global_settings=True)
                     Session().commit()
                     invalidation_mock.assert_called_once_with(
                         repo_stub.repo_name, delete=True)
                 def test_inherit_flag_is_saved(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub)
                     model.inherit_global_settings = True
                     with self._patch_model(model):
                         model.create_or_update_repo_settings(
                             data=self.FORM_DATA, inherit_global_settings=False)
                         Session().commit()
                     assert model.inherit_global_settings is False
                 def _patch_model(self, model):
                     return mock.patch.multiple(
                         model,
                         create_repo_svn_settings=mock.DEFAULT,
                         create_or_update_repo_hook_settings=mock.DEFAULT,
                         create_or_update_repo_pr_settings=mock.DEFAULT,
                         create_or_update_repo_hg_settings=mock.DEFAULT)

rhodecode/templates/admin/security/edit_allowed_vcs_client_versions.mako

0 removed 0 -62

NO CONTENT: file was removed

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages