##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
branch permissions: added logic to define in UI branch permissions....
marcink -
r2975:2d612d18 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,45 b''
1 # -*- coding: utf-8 -*-
2
3 # Copyright (C) 2011-2018 RhodeCode GmbH
4 #
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
8 #
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
13 #
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
21 import logging
22
23 from pyramid.view import view_config
24
25 from rhodecode.apps._base import RepoAppView
26 from rhodecode.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
27
28 log = logging.getLogger(__name__)
29
30
31 class RepoSettingsBranchPermissionsView(RepoAppView):
32
33 def load_default_context(self):
34 c = self._get_local_tmpl_context()
35 return c
36
37 @LoginRequired()
38 @HasRepoPermissionAnyDecorator('repository.admin')
39 @view_config(
40 route_name='edit_repo_perms_branch', request_method='GET',
41 renderer='rhodecode:templates/admin/repos/repo_edit.mako')
42 def branch_permissions(self):
43 c = self.load_default_context()
44 c.active = 'permissions_branch'
45 return self._get_template_context(c)
Show file before | Show file after | Hide comments
This diff has been collapsed as it changes many lines, (4587 lines changed) Show them Hide them
@@ -0,0 +1,4587 b''
1 # -*- coding: utf-8 -*-
2
3 # Copyright (C) 2010-2018 RhodeCode GmbH
4 #
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
8 #
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
13 #
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
21 """
22 Database Models for RhodeCode Enterprise
23 """
24
25 import re
26 import os
27 import time
28 import hashlib
29 import logging
30 import datetime
31 import warnings
32 import ipaddress
33 import functools
34 import traceback
35 import collections
36
37 from sqlalchemy import (
38 or_, and_, not_, func, TypeDecorator, event,
39 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
40 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
41 Text, Float, PickleType)
42 from sqlalchemy.sql.expression import true, false
43 from sqlalchemy.sql.functions import coalesce, count # noqa
44 from sqlalchemy.orm import (
45 relationship, joinedload, class_mapper, validates, aliased)
46 from sqlalchemy.ext.declarative import declared_attr
47 from sqlalchemy.ext.hybrid import hybrid_property
48 from sqlalchemy.exc import IntegrityError # noqa
49 from sqlalchemy.dialects.mysql import LONGTEXT
50 from beaker.cache import cache_region
51 from zope.cachedescriptors.property import Lazy as LazyProperty
52
53 from pyramid.threadlocal import get_current_request
54
55 from rhodecode.translation import _
56 from rhodecode.lib.vcs import get_vcs_instance
57 from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
58 from rhodecode.lib.utils2 import (
59 str2bool, safe_str, get_commit_safe, safe_unicode, md5_safe,
60 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
61 glob2re, StrictAttributeDict, cleaned_uri)
62 from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \
63 JsonRaw
64 from rhodecode.lib.ext_json import json
65 from rhodecode.lib.caching_query import FromCache
66 from rhodecode.lib.encrypt import AESCipher
67
68 from rhodecode.model.meta import Base, Session
69
70 URL_SEP = '/'
71 log = logging.getLogger(__name__)
72
73 # =============================================================================
74 # BASE CLASSES
75 # =============================================================================
76
77 # this is propagated from .ini file rhodecode.encrypted_values.secret or
78 # beaker.session.secret if first is not set.
79 # and initialized at environment.py
80 ENCRYPTION_KEY = None
81
82 # used to sort permissions by types, '#' used here is not allowed to be in
83 # usernames, and it's very early in sorted string.printable table.
84 PERMISSION_TYPE_SORT = {
85 'admin': '####',
86 'write': '###',
87 'read': '##',
88 'none': '#',
89 }
90
91
92 def display_user_sort(obj):
93 """
94 Sort function used to sort permissions in .permissions() function of
95 Repository, RepoGroup, UserGroup. Also it put the default user in front
96 of all other resources
97 """
98
99 if obj.username == User.DEFAULT_USER:
100 return '#####'
101 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
102 return prefix + obj.username
103
104
105 def display_user_group_sort(obj):
106 """
107 Sort function used to sort permissions in .permissions() function of
108 Repository, RepoGroup, UserGroup. Also it put the default user in front
109 of all other resources
110 """
111
112 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
113 return prefix + obj.users_group_name
114
115
116 def _hash_key(k):
117 return md5_safe(k)
118
119
120 def in_filter_generator(qry, items, limit=500):
121 """
122 Splits IN() into multiple with OR
123 e.g.::
124 cnt = Repository.query().filter(
125 or_(
126 *in_filter_generator(Repository.repo_id, range(100000))
127 )).count()
128 """
129 if not items:
130 # empty list will cause empty query which might cause security issues
131 # this can lead to hidden unpleasant results
132 items = [-1]
133
134 parts = []
135 for chunk in xrange(0, len(items), limit):
136 parts.append(
137 qry.in_(items[chunk: chunk + limit])
138 )
139
140 return parts
141
142
143 class EncryptedTextValue(TypeDecorator):
144 """
145 Special column for encrypted long text data, use like::
146
147 value = Column("encrypted_value", EncryptedValue(), nullable=False)
148
149 This column is intelligent so if value is in unencrypted form it return
150 unencrypted form, but on save it always encrypts
151 """
152 impl = Text
153
154 def process_bind_param(self, value, dialect):
155 if not value:
156 return value
157 if value.startswith('enc$aes$') or value.startswith('enc$aes_hmac$'):
158 # protect against double encrypting if someone manually starts
159 # doing
160 raise ValueError('value needs to be in unencrypted format, ie. '
161 'not starting with enc$aes')
162 return 'enc$aes_hmac$%s' % AESCipher(
163 ENCRYPTION_KEY, hmac=True).encrypt(value)
164
165 def process_result_value(self, value, dialect):
166 import rhodecode
167
168 if not value:
169 return value
170
171 parts = value.split('$', 3)
172 if not len(parts) == 3:
173 # probably not encrypted values
174 return value
175 else:
176 if parts[0] != 'enc':
177 # parts ok but without our header ?
178 return value
179 enc_strict_mode = str2bool(rhodecode.CONFIG.get(
180 'rhodecode.encrypted_values.strict') or True)
181 # at that stage we know it's our encryption
182 if parts[1] == 'aes':
183 decrypted_data = AESCipher(ENCRYPTION_KEY).decrypt(parts[2])
184 elif parts[1] == 'aes_hmac':
185 decrypted_data = AESCipher(
186 ENCRYPTION_KEY, hmac=True,
187 strict_verification=enc_strict_mode).decrypt(parts[2])
188 else:
189 raise ValueError(
190 'Encryption type part is wrong, must be `aes` '
191 'or `aes_hmac`, got `%s` instead' % (parts[1]))
192 return decrypted_data
193
194
195 class BaseModel(object):
196 """
197 Base Model for all classes
198 """
199
200 @classmethod
201 def _get_keys(cls):
202 """return column names for this model """
203 return class_mapper(cls).c.keys()
204
205 def get_dict(self):
206 """
207 return dict with keys and values corresponding
208 to this model data """
209
210 d = {}
211 for k in self._get_keys():
212 d[k] = getattr(self, k)
213
214 # also use __json__() if present to get additional fields
215 _json_attr = getattr(self, '__json__', None)
216 if _json_attr:
217 # update with attributes from __json__
218 if callable(_json_attr):
219 _json_attr = _json_attr()
220 for k, val in _json_attr.iteritems():
221 d[k] = val
222 return d
223
224 def get_appstruct(self):
225 """return list with keys and values tuples corresponding
226 to this model data """
227
228 lst = []
229 for k in self._get_keys():
230 lst.append((k, getattr(self, k),))
231 return lst
232
233 def populate_obj(self, populate_dict):
234 """populate model with data from given populate_dict"""
235
236 for k in self._get_keys():
237 if k in populate_dict:
238 setattr(self, k, populate_dict[k])
239
240 @classmethod
241 def query(cls):
242 return Session().query(cls)
243
244 @classmethod
245 def get(cls, id_):
246 if id_:
247 return cls.query().get(id_)
248
249 @classmethod
250 def get_or_404(cls, id_):
251 from pyramid.httpexceptions import HTTPNotFound
252
253 try:
254 id_ = int(id_)
255 except (TypeError, ValueError):
256 raise HTTPNotFound()
257
258 res = cls.query().get(id_)
259 if not res:
260 raise HTTPNotFound()
261 return res
262
263 @classmethod
264 def getAll(cls):
265 # deprecated and left for backward compatibility
266 return cls.get_all()
267
268 @classmethod
269 def get_all(cls):
270 return cls.query().all()
271
272 @classmethod
273 def delete(cls, id_):
274 obj = cls.query().get(id_)
275 Session().delete(obj)
276
277 @classmethod
278 def identity_cache(cls, session, attr_name, value):
279 exist_in_session = []
280 for (item_cls, pkey), instance in session.identity_map.items():
281 if cls == item_cls and getattr(instance, attr_name) == value:
282 exist_in_session.append(instance)
283 if exist_in_session:
284 if len(exist_in_session) == 1:
285 return exist_in_session[0]
286 log.exception(
287 'multiple objects with attr %s and '
288 'value %s found with same name: %r',
289 attr_name, value, exist_in_session)
290
291 def __repr__(self):
292 if hasattr(self, '__unicode__'):
293 # python repr needs to return str
294 try:
295 return safe_str(self.__unicode__())
296 except UnicodeDecodeError:
297 pass
298 return '<DB:%s>' % (self.__class__.__name__)
299
300
301 class RhodeCodeSetting(Base, BaseModel):
302 __tablename__ = 'rhodecode_settings'
303 __table_args__ = (
304 UniqueConstraint('app_settings_name'),
305 {'extend_existing': True, 'mysql_engine': 'InnoDB',
306 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
307 )
308
309 SETTINGS_TYPES = {
310 'str': safe_str,
311 'int': safe_int,
312 'unicode': safe_unicode,
313 'bool': str2bool,
314 'list': functools.partial(aslist, sep=',')
315 }
316 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
317 GLOBAL_CONF_KEY = 'app_settings'
318
319 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
320 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
321 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
322 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
323
324 def __init__(self, key='', val='', type='unicode'):
325 self.app_settings_name = key
326 self.app_settings_type = type
327 self.app_settings_value = val
328
329 @validates('_app_settings_value')
330 def validate_settings_value(self, key, val):
331 assert type(val) == unicode
332 return val
333
334 @hybrid_property
335 def app_settings_value(self):
336 v = self._app_settings_value
337 _type = self.app_settings_type
338 if _type:
339 _type = self.app_settings_type.split('.')[0]
340 # decode the encrypted value
341 if 'encrypted' in self.app_settings_type:
342 cipher = EncryptedTextValue()
343 v = safe_unicode(cipher.process_result_value(v, None))
344
345 converter = self.SETTINGS_TYPES.get(_type) or \
346 self.SETTINGS_TYPES['unicode']
347 return converter(v)
348
349 @app_settings_value.setter
350 def app_settings_value(self, val):
351 """
352 Setter that will always make sure we use unicode in app_settings_value
353
354 :param val:
355 """
356 val = safe_unicode(val)
357 # encode the encrypted value
358 if 'encrypted' in self.app_settings_type:
359 cipher = EncryptedTextValue()
360 val = safe_unicode(cipher.process_bind_param(val, None))
361 self._app_settings_value = val
362
363 @hybrid_property
364 def app_settings_type(self):
365 return self._app_settings_type
366
367 @app_settings_type.setter
368 def app_settings_type(self, val):
369 if val.split('.')[0] not in self.SETTINGS_TYPES:
370 raise Exception('type must be one of %s got %s'
371 % (self.SETTINGS_TYPES.keys(), val))
372 self._app_settings_type = val
373
374 def __unicode__(self):
375 return u"<%s('%s:%s[%s]')>" % (
376 self.__class__.__name__,
377 self.app_settings_name, self.app_settings_value,
378 self.app_settings_type
379 )
380
381
382 class RhodeCodeUi(Base, BaseModel):
383 __tablename__ = 'rhodecode_ui'
384 __table_args__ = (
385 UniqueConstraint('ui_key'),
386 {'extend_existing': True, 'mysql_engine': 'InnoDB',
387 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
388 )
389
390 HOOK_REPO_SIZE = 'changegroup.repo_size'
391 # HG
392 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
393 HOOK_PULL = 'outgoing.pull_logger'
394 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
395 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
396 HOOK_PUSH = 'changegroup.push_logger'
397 HOOK_PUSH_KEY = 'pushkey.key_push'
398
399 # TODO: johbo: Unify way how hooks are configured for git and hg,
400 # git part is currently hardcoded.
401
402 # SVN PATTERNS
403 SVN_BRANCH_ID = 'vcs_svn_branch'
404 SVN_TAG_ID = 'vcs_svn_tag'
405
406 ui_id = Column(
407 "ui_id", Integer(), nullable=False, unique=True, default=None,
408 primary_key=True)
409 ui_section = Column(
410 "ui_section", String(255), nullable=True, unique=None, default=None)
411 ui_key = Column(
412 "ui_key", String(255), nullable=True, unique=None, default=None)
413 ui_value = Column(
414 "ui_value", String(255), nullable=True, unique=None, default=None)
415 ui_active = Column(
416 "ui_active", Boolean(), nullable=True, unique=None, default=True)
417
418 def __repr__(self):
419 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
420 self.ui_key, self.ui_value)
421
422
423 class RepoRhodeCodeSetting(Base, BaseModel):
424 __tablename__ = 'repo_rhodecode_settings'
425 __table_args__ = (
426 UniqueConstraint(
427 'app_settings_name', 'repository_id',
428 name='uq_repo_rhodecode_setting_name_repo_id'),
429 {'extend_existing': True, 'mysql_engine': 'InnoDB',
430 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
431 )
432
433 repository_id = Column(
434 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
435 nullable=False)
436 app_settings_id = Column(
437 "app_settings_id", Integer(), nullable=False, unique=True,
438 default=None, primary_key=True)
439 app_settings_name = Column(
440 "app_settings_name", String(255), nullable=True, unique=None,
441 default=None)
442 _app_settings_value = Column(
443 "app_settings_value", String(4096), nullable=True, unique=None,
444 default=None)
445 _app_settings_type = Column(
446 "app_settings_type", String(255), nullable=True, unique=None,
447 default=None)
448
449 repository = relationship('Repository')
450
451 def __init__(self, repository_id, key='', val='', type='unicode'):
452 self.repository_id = repository_id
453 self.app_settings_name = key
454 self.app_settings_type = type
455 self.app_settings_value = val
456
457 @validates('_app_settings_value')
458 def validate_settings_value(self, key, val):
459 assert type(val) == unicode
460 return val
461
462 @hybrid_property
463 def app_settings_value(self):
464 v = self._app_settings_value
465 type_ = self.app_settings_type
466 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
467 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
468 return converter(v)
469
470 @app_settings_value.setter
471 def app_settings_value(self, val):
472 """
473 Setter that will always make sure we use unicode in app_settings_value
474
475 :param val:
476 """
477 self._app_settings_value = safe_unicode(val)
478
479 @hybrid_property
480 def app_settings_type(self):
481 return self._app_settings_type
482
483 @app_settings_type.setter
484 def app_settings_type(self, val):
485 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
486 if val not in SETTINGS_TYPES:
487 raise Exception('type must be one of %s got %s'
488 % (SETTINGS_TYPES.keys(), val))
489 self._app_settings_type = val
490
491 def __unicode__(self):
492 return u"<%s('%s:%s:%s[%s]')>" % (
493 self.__class__.__name__, self.repository.repo_name,
494 self.app_settings_name, self.app_settings_value,
495 self.app_settings_type
496 )
497
498
499 class RepoRhodeCodeUi(Base, BaseModel):
500 __tablename__ = 'repo_rhodecode_ui'
501 __table_args__ = (
502 UniqueConstraint(
503 'repository_id', 'ui_section', 'ui_key',
504 name='uq_repo_rhodecode_ui_repository_id_section_key'),
505 {'extend_existing': True, 'mysql_engine': 'InnoDB',
506 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
507 )
508
509 repository_id = Column(
510 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
511 nullable=False)
512 ui_id = Column(
513 "ui_id", Integer(), nullable=False, unique=True, default=None,
514 primary_key=True)
515 ui_section = Column(
516 "ui_section", String(255), nullable=True, unique=None, default=None)
517 ui_key = Column(
518 "ui_key", String(255), nullable=True, unique=None, default=None)
519 ui_value = Column(
520 "ui_value", String(255), nullable=True, unique=None, default=None)
521 ui_active = Column(
522 "ui_active", Boolean(), nullable=True, unique=None, default=True)
523
524 repository = relationship('Repository')
525
526 def __repr__(self):
527 return '<%s[%s:%s]%s=>%s]>' % (
528 self.__class__.__name__, self.repository.repo_name,
529 self.ui_section, self.ui_key, self.ui_value)
530
531
532 class User(Base, BaseModel):
533 __tablename__ = 'users'
534 __table_args__ = (
535 UniqueConstraint('username'), UniqueConstraint('email'),
536 Index('u_username_idx', 'username'),
537 Index('u_email_idx', 'email'),
538 {'extend_existing': True, 'mysql_engine': 'InnoDB',
539 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
540 )
541 DEFAULT_USER = 'default'
542 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
543 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
544
545 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
546 username = Column("username", String(255), nullable=True, unique=None, default=None)
547 password = Column("password", String(255), nullable=True, unique=None, default=None)
548 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
549 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
550 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
551 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
552 _email = Column("email", String(255), nullable=True, unique=None, default=None)
553 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
554 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
555
556 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
557 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
558 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
559 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
560 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
561 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
562
563 user_log = relationship('UserLog')
564 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
565
566 repositories = relationship('Repository')
567 repository_groups = relationship('RepoGroup')
568 user_groups = relationship('UserGroup')
569
570 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
571 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
572
573 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
574 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
575 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all')
576
577 group_member = relationship('UserGroupMember', cascade='all')
578
579 notifications = relationship('UserNotification', cascade='all')
580 # notifications assigned to this user
581 user_created_notifications = relationship('Notification', cascade='all')
582 # comments created by this user
583 user_comments = relationship('ChangesetComment', cascade='all')
584 # user profile extra info
585 user_emails = relationship('UserEmailMap', cascade='all')
586 user_ip_map = relationship('UserIpMap', cascade='all')
587 user_auth_tokens = relationship('UserApiKeys', cascade='all')
588 user_ssh_keys = relationship('UserSshKeys', cascade='all')
589
590 # gists
591 user_gists = relationship('Gist', cascade='all')
592 # user pull requests
593 user_pull_requests = relationship('PullRequest', cascade='all')
594 # external identities
595 extenal_identities = relationship(
596 'ExternalIdentity',
597 primaryjoin="User.user_id==ExternalIdentity.local_user_id",
598 cascade='all')
599 # review rules
600 user_review_rules = relationship('RepoReviewRuleUser', cascade='all')
601
602 def __unicode__(self):
603 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
604 self.user_id, self.username)
605
606 @hybrid_property
607 def email(self):
608 return self._email
609
610 @email.setter
611 def email(self, val):
612 self._email = val.lower() if val else None
613
614 @hybrid_property
615 def first_name(self):
616 from rhodecode.lib import helpers as h
617 if self.name:
618 return h.escape(self.name)
619 return self.name
620
621 @hybrid_property
622 def last_name(self):
623 from rhodecode.lib import helpers as h
624 if self.lastname:
625 return h.escape(self.lastname)
626 return self.lastname
627
628 @hybrid_property
629 def api_key(self):
630 """
631 Fetch if exist an auth-token with role ALL connected to this user
632 """
633 user_auth_token = UserApiKeys.query()\
634 .filter(UserApiKeys.user_id == self.user_id)\
635 .filter(or_(UserApiKeys.expires == -1,
636 UserApiKeys.expires >= time.time()))\
637 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
638 if user_auth_token:
639 user_auth_token = user_auth_token.api_key
640
641 return user_auth_token
642
643 @api_key.setter
644 def api_key(self, val):
645 # don't allow to set API key this is deprecated for now
646 self._api_key = None
647
648 @property
649 def reviewer_pull_requests(self):
650 return PullRequestReviewers.query() \
651 .options(joinedload(PullRequestReviewers.pull_request)) \
652 .filter(PullRequestReviewers.user_id == self.user_id) \
653 .all()
654
655 @property
656 def firstname(self):
657 # alias for future
658 return self.name
659
660 @property
661 def emails(self):
662 other = UserEmailMap.query()\
663 .filter(UserEmailMap.user == self) \
664 .order_by(UserEmailMap.email_id.asc()) \
665 .all()
666 return [self.email] + [x.email for x in other]
667
668 @property
669 def auth_tokens(self):
670 auth_tokens = self.get_auth_tokens()
671 return [x.api_key for x in auth_tokens]
672
673 def get_auth_tokens(self):
674 return UserApiKeys.query()\
675 .filter(UserApiKeys.user == self)\
676 .order_by(UserApiKeys.user_api_key_id.asc())\
677 .all()
678
679 @LazyProperty
680 def feed_token(self):
681 return self.get_feed_token()
682
683 def get_feed_token(self, cache=True):
684 feed_tokens = UserApiKeys.query()\
685 .filter(UserApiKeys.user == self)\
686 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
687 if cache:
688 feed_tokens = feed_tokens.options(
689 FromCache("long_term", "get_user_feed_token_%s" % self.user_id))
690
691 feed_tokens = feed_tokens.all()
692 if feed_tokens:
693 return feed_tokens[0].api_key
694 return 'NO_FEED_TOKEN_AVAILABLE'
695
696 @classmethod
697 def get(cls, user_id, cache=False):
698 if not user_id:
699 return
700
701 user = cls.query()
702 if cache:
703 user = user.options(
704 FromCache("sql_cache_short", "get_users_%s" % user_id))
705 return user.get(user_id)
706
707 @classmethod
708 def extra_valid_auth_tokens(cls, user, role=None):
709 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
710 .filter(or_(UserApiKeys.expires == -1,
711 UserApiKeys.expires >= time.time()))
712 if role:
713 tokens = tokens.filter(or_(UserApiKeys.role == role,
714 UserApiKeys.role == UserApiKeys.ROLE_ALL))
715 return tokens.all()
716
717 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
718 from rhodecode.lib import auth
719
720 log.debug('Trying to authenticate user: %s via auth-token, '
721 'and roles: %s', self, roles)
722
723 if not auth_token:
724 return False
725
726 crypto_backend = auth.crypto_backend()
727
728 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
729 tokens_q = UserApiKeys.query()\
730 .filter(UserApiKeys.user_id == self.user_id)\
731 .filter(or_(UserApiKeys.expires == -1,
732 UserApiKeys.expires >= time.time()))
733
734 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
735
736 plain_tokens = []
737 hash_tokens = []
738
739 for token in tokens_q.all():
740 # verify scope first
741 if token.repo_id:
742 # token has a scope, we need to verify it
743 if scope_repo_id != token.repo_id:
744 log.debug(
745 'Scope mismatch: token has a set repo scope: %s, '
746 'and calling scope is:%s, skipping further checks',
747 token.repo, scope_repo_id)
748 # token has a scope, and it doesn't match, skip token
749 continue
750
751 if token.api_key.startswith(crypto_backend.ENC_PREF):
752 hash_tokens.append(token.api_key)
753 else:
754 plain_tokens.append(token.api_key)
755
756 is_plain_match = auth_token in plain_tokens
757 if is_plain_match:
758 return True
759
760 for hashed in hash_tokens:
761 # TODO(marcink): this is expensive to calculate, but most secure
762 match = crypto_backend.hash_check(auth_token, hashed)
763 if match:
764 return True
765
766 return False
767
768 @property
769 def ip_addresses(self):
770 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
771 return [x.ip_addr for x in ret]
772
773 @property
774 def username_and_name(self):
775 return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
776
777 @property
778 def username_or_name_or_email(self):
779 full_name = self.full_name if self.full_name is not ' ' else None
780 return self.username or full_name or self.email
781
782 @property
783 def full_name(self):
784 return '%s %s' % (self.first_name, self.last_name)
785
786 @property
787 def full_name_or_username(self):
788 return ('%s %s' % (self.first_name, self.last_name)
789 if (self.first_name and self.last_name) else self.username)
790
791 @property
792 def full_contact(self):
793 return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
794
795 @property
796 def short_contact(self):
797 return '%s %s' % (self.first_name, self.last_name)
798
799 @property
800 def is_admin(self):
801 return self.admin
802
803 def AuthUser(self, **kwargs):
804 """
805 Returns instance of AuthUser for this user
806 """
807 from rhodecode.lib.auth import AuthUser
808 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
809
810 @hybrid_property
811 def user_data(self):
812 if not self._user_data:
813 return {}
814
815 try:
816 return json.loads(self._user_data)
817 except TypeError:
818 return {}
819
820 @user_data.setter
821 def user_data(self, val):
822 if not isinstance(val, dict):
823 raise Exception('user_data must be dict, got %s' % type(val))
824 try:
825 self._user_data = json.dumps(val)
826 except Exception:
827 log.error(traceback.format_exc())
828
829 @classmethod
830 def get_by_username(cls, username, case_insensitive=False,
831 cache=False, identity_cache=False):
832 session = Session()
833
834 if case_insensitive:
835 q = cls.query().filter(
836 func.lower(cls.username) == func.lower(username))
837 else:
838 q = cls.query().filter(cls.username == username)
839
840 if cache:
841 if identity_cache:
842 val = cls.identity_cache(session, 'username', username)
843 if val:
844 return val
845 else:
846 cache_key = "get_user_by_name_%s" % _hash_key(username)
847 q = q.options(
848 FromCache("sql_cache_short", cache_key))
849
850 return q.scalar()
851
852 @classmethod
853 def get_by_auth_token(cls, auth_token, cache=False):
854 q = UserApiKeys.query()\
855 .filter(UserApiKeys.api_key == auth_token)\
856 .filter(or_(UserApiKeys.expires == -1,
857 UserApiKeys.expires >= time.time()))
858 if cache:
859 q = q.options(
860 FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
861
862 match = q.first()
863 if match:
864 return match.user
865
866 @classmethod
867 def get_by_email(cls, email, case_insensitive=False, cache=False):
868
869 if case_insensitive:
870 q = cls.query().filter(func.lower(cls.email) == func.lower(email))
871
872 else:
873 q = cls.query().filter(cls.email == email)
874
875 email_key = _hash_key(email)
876 if cache:
877 q = q.options(
878 FromCache("sql_cache_short", "get_email_key_%s" % email_key))
879
880 ret = q.scalar()
881 if ret is None:
882 q = UserEmailMap.query()
883 # try fetching in alternate email map
884 if case_insensitive:
885 q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
886 else:
887 q = q.filter(UserEmailMap.email == email)
888 q = q.options(joinedload(UserEmailMap.user))
889 if cache:
890 q = q.options(
891 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
892 ret = getattr(q.scalar(), 'user', None)
893
894 return ret
895
896 @classmethod
897 def get_from_cs_author(cls, author):
898 """
899 Tries to get User objects out of commit author string
900
901 :param author:
902 """
903 from rhodecode.lib.helpers import email, author_name
904 # Valid email in the attribute passed, see if they're in the system
905 _email = email(author)
906 if _email:
907 user = cls.get_by_email(_email, case_insensitive=True)
908 if user:
909 return user
910 # Maybe we can match by username?
911 _author = author_name(author)
912 user = cls.get_by_username(_author, case_insensitive=True)
913 if user:
914 return user
915
916 def update_userdata(self, **kwargs):
917 usr = self
918 old = usr.user_data
919 old.update(**kwargs)
920 usr.user_data = old
921 Session().add(usr)
922 log.debug('updated userdata with ', kwargs)
923
924 def update_lastlogin(self):
925 """Update user lastlogin"""
926 self.last_login = datetime.datetime.now()
927 Session().add(self)
928 log.debug('updated user %s lastlogin', self.username)
929
930 def update_lastactivity(self):
931 """Update user lastactivity"""
932 self.last_activity = datetime.datetime.now()
933 Session().add(self)
934 log.debug('updated user `%s` last activity', self.username)
935
936 def update_password(self, new_password):
937 from rhodecode.lib.auth import get_crypt_password
938
939 self.password = get_crypt_password(new_password)
940 Session().add(self)
941
942 @classmethod
943 def get_first_super_admin(cls):
944 user = User.query().filter(User.admin == true()).first()
945 if user is None:
946 raise Exception('FATAL: Missing administrative account!')
947 return user
948
949 @classmethod
950 def get_all_super_admins(cls):
951 """
952 Returns all admin accounts sorted by username
953 """
954 return User.query().filter(User.admin == true())\
955 .order_by(User.username.asc()).all()
956
957 @classmethod
958 def get_default_user(cls, cache=False, refresh=False):
959 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
960 if user is None:
961 raise Exception('FATAL: Missing default account!')
962 if refresh:
963 # The default user might be based on outdated state which
964 # has been loaded from the cache.
965 # A call to refresh() ensures that the
966 # latest state from the database is used.
967 Session().refresh(user)
968 return user
969
970 def _get_default_perms(self, user, suffix=''):
971 from rhodecode.model.permission import PermissionModel
972 return PermissionModel().get_default_perms(user.user_perms, suffix)
973
974 def get_default_perms(self, suffix=''):
975 return self._get_default_perms(self, suffix)
976
977 def get_api_data(self, include_secrets=False, details='full'):
978 """
979 Common function for generating user related data for API
980
981 :param include_secrets: By default secrets in the API data will be replaced
982 by a placeholder value to prevent exposing this data by accident. In case
983 this data shall be exposed, set this flag to ``True``.
984
985 :param details: details can be 'basic|full' basic gives only a subset of
986 the available user information that includes user_id, name and emails.
987 """
988 user = self
989 user_data = self.user_data
990 data = {
991 'user_id': user.user_id,
992 'username': user.username,
993 'firstname': user.name,
994 'lastname': user.lastname,
995 'email': user.email,
996 'emails': user.emails,
997 }
998 if details == 'basic':
999 return data
1000
1001 auth_token_length = 40
1002 auth_token_replacement = '*' * auth_token_length
1003
1004 extras = {
1005 'auth_tokens': [auth_token_replacement],
1006 'active': user.active,
1007 'admin': user.admin,
1008 'extern_type': user.extern_type,
1009 'extern_name': user.extern_name,
1010 'last_login': user.last_login,
1011 'last_activity': user.last_activity,
1012 'ip_addresses': user.ip_addresses,
1013 'language': user_data.get('language')
1014 }
1015 data.update(extras)
1016
1017 if include_secrets:
1018 data['auth_tokens'] = user.auth_tokens
1019 return data
1020
1021 def __json__(self):
1022 data = {
1023 'full_name': self.full_name,
1024 'full_name_or_username': self.full_name_or_username,
1025 'short_contact': self.short_contact,
1026 'full_contact': self.full_contact,
1027 }
1028 data.update(self.get_api_data())
1029 return data
1030
1031
1032 class UserApiKeys(Base, BaseModel):
1033 __tablename__ = 'user_api_keys'
1034 __table_args__ = (
1035 Index('uak_api_key_idx', 'api_key', unique=True),
1036 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1037 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1038 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1039 )
1040 __mapper_args__ = {}
1041
1042 # ApiKey role
1043 ROLE_ALL = 'token_role_all'
1044 ROLE_HTTP = 'token_role_http'
1045 ROLE_VCS = 'token_role_vcs'
1046 ROLE_API = 'token_role_api'
1047 ROLE_FEED = 'token_role_feed'
1048 ROLE_PASSWORD_RESET = 'token_password_reset'
1049
1050 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
1051
1052 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1053 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1054 api_key = Column("api_key", String(255), nullable=False, unique=True)
1055 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1056 expires = Column('expires', Float(53), nullable=False)
1057 role = Column('role', String(255), nullable=True)
1058 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1059
1060 # scope columns
1061 repo_id = Column(
1062 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1063 nullable=True, unique=None, default=None)
1064 repo = relationship('Repository', lazy='joined')
1065
1066 repo_group_id = Column(
1067 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1068 nullable=True, unique=None, default=None)
1069 repo_group = relationship('RepoGroup', lazy='joined')
1070
1071 user = relationship('User', lazy='joined')
1072
1073 def __unicode__(self):
1074 return u"<%s('%s')>" % (self.__class__.__name__, self.role)
1075
1076 def __json__(self):
1077 data = {
1078 'auth_token': self.api_key,
1079 'role': self.role,
1080 'scope': self.scope_humanized,
1081 'expired': self.expired
1082 }
1083 return data
1084
1085 def get_api_data(self, include_secrets=False):
1086 data = self.__json__()
1087 if include_secrets:
1088 return data
1089 else:
1090 data['auth_token'] = self.token_obfuscated
1091 return data
1092
1093 @hybrid_property
1094 def description_safe(self):
1095 from rhodecode.lib import helpers as h
1096 return h.escape(self.description)
1097
1098 @property
1099 def expired(self):
1100 if self.expires == -1:
1101 return False
1102 return time.time() > self.expires
1103
1104 @classmethod
1105 def _get_role_name(cls, role):
1106 return {
1107 cls.ROLE_ALL: _('all'),
1108 cls.ROLE_HTTP: _('http/web interface'),
1109 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1110 cls.ROLE_API: _('api calls'),
1111 cls.ROLE_FEED: _('feed access'),
1112 }.get(role, role)
1113
1114 @property
1115 def role_humanized(self):
1116 return self._get_role_name(self.role)
1117
1118 def _get_scope(self):
1119 if self.repo:
1120 return repr(self.repo)
1121 if self.repo_group:
1122 return repr(self.repo_group) + ' (recursive)'
1123 return 'global'
1124
1125 @property
1126 def scope_humanized(self):
1127 return self._get_scope()
1128
1129 @property
1130 def token_obfuscated(self):
1131 if self.api_key:
1132 return self.api_key[:4] + "****"
1133
1134
1135 class UserEmailMap(Base, BaseModel):
1136 __tablename__ = 'user_email_map'
1137 __table_args__ = (
1138 Index('uem_email_idx', 'email'),
1139 UniqueConstraint('email'),
1140 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1141 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1142 )
1143 __mapper_args__ = {}
1144
1145 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1146 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1147 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1148 user = relationship('User', lazy='joined')
1149
1150 @validates('_email')
1151 def validate_email(self, key, email):
1152 # check if this email is not main one
1153 main_email = Session().query(User).filter(User.email == email).scalar()
1154 if main_email is not None:
1155 raise AttributeError('email %s is present is user table' % email)
1156 return email
1157
1158 @hybrid_property
1159 def email(self):
1160 return self._email
1161
1162 @email.setter
1163 def email(self, val):
1164 self._email = val.lower() if val else None
1165
1166
1167 class UserIpMap(Base, BaseModel):
1168 __tablename__ = 'user_ip_map'
1169 __table_args__ = (
1170 UniqueConstraint('user_id', 'ip_addr'),
1171 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1172 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1173 )
1174 __mapper_args__ = {}
1175
1176 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1177 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1178 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1179 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1180 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1181 user = relationship('User', lazy='joined')
1182
1183 @hybrid_property
1184 def description_safe(self):
1185 from rhodecode.lib import helpers as h
1186 return h.escape(self.description)
1187
1188 @classmethod
1189 def _get_ip_range(cls, ip_addr):
1190 net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)
1191 return [str(net.network_address), str(net.broadcast_address)]
1192
1193 def __json__(self):
1194 return {
1195 'ip_addr': self.ip_addr,
1196 'ip_range': self._get_ip_range(self.ip_addr),
1197 }
1198
1199 def __unicode__(self):
1200 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1201 self.user_id, self.ip_addr)
1202
1203
1204 class UserSshKeys(Base, BaseModel):
1205 __tablename__ = 'user_ssh_keys'
1206 __table_args__ = (
1207 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1208
1209 UniqueConstraint('ssh_key_fingerprint'),
1210
1211 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1212 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1213 )
1214 __mapper_args__ = {}
1215
1216 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1217 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1218 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1219
1220 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1221
1222 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1223 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1224 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1225
1226 user = relationship('User', lazy='joined')
1227
1228 def __json__(self):
1229 data = {
1230 'ssh_fingerprint': self.ssh_key_fingerprint,
1231 'description': self.description,
1232 'created_on': self.created_on
1233 }
1234 return data
1235
1236 def get_api_data(self):
1237 data = self.__json__()
1238 return data
1239
1240
1241 class UserLog(Base, BaseModel):
1242 __tablename__ = 'user_logs'
1243 __table_args__ = (
1244 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1245 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1246 )
1247 VERSION_1 = 'v1'
1248 VERSION_2 = 'v2'
1249 VERSIONS = [VERSION_1, VERSION_2]
1250
1251 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1252 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1253 username = Column("username", String(255), nullable=True, unique=None, default=None)
1254 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1255 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1256 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1257 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1258 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1259
1260 version = Column("version", String(255), nullable=True, default=VERSION_1)
1261 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1262 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1263
1264 def __unicode__(self):
1265 return u"<%s('id:%s:%s')>" % (
1266 self.__class__.__name__, self.repository_name, self.action)
1267
1268 def __json__(self):
1269 return {
1270 'user_id': self.user_id,
1271 'username': self.username,
1272 'repository_id': self.repository_id,
1273 'repository_name': self.repository_name,
1274 'user_ip': self.user_ip,
1275 'action_date': self.action_date,
1276 'action': self.action,
1277 }
1278
1279 @hybrid_property
1280 def entry_id(self):
1281 return self.user_log_id
1282
1283 @property
1284 def action_as_day(self):
1285 return datetime.date(*self.action_date.timetuple()[:3])
1286
1287 user = relationship('User')
1288 repository = relationship('Repository', cascade='')
1289
1290
1291 class UserGroup(Base, BaseModel):
1292 __tablename__ = 'users_groups'
1293 __table_args__ = (
1294 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1295 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1296 )
1297
1298 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1299 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1300 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1301 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1302 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1303 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1304 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1305 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1306
1307 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
1308 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
1309 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1310 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
1311 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
1312 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
1313
1314 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')
1315 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")
1316
1317 @classmethod
1318 def _load_group_data(cls, column):
1319 if not column:
1320 return {}
1321
1322 try:
1323 return json.loads(column) or {}
1324 except TypeError:
1325 return {}
1326
1327 @hybrid_property
1328 def description_safe(self):
1329 from rhodecode.lib import helpers as h
1330 return h.escape(self.user_group_description)
1331
1332 @hybrid_property
1333 def group_data(self):
1334 return self._load_group_data(self._group_data)
1335
1336 @group_data.expression
1337 def group_data(self, **kwargs):
1338 return self._group_data
1339
1340 @group_data.setter
1341 def group_data(self, val):
1342 try:
1343 self._group_data = json.dumps(val)
1344 except Exception:
1345 log.error(traceback.format_exc())
1346
1347 @classmethod
1348 def _load_sync(cls, group_data):
1349 if group_data:
1350 return group_data.get('extern_type')
1351
1352 @property
1353 def sync(self):
1354 return self._load_sync(self.group_data)
1355
1356 def __unicode__(self):
1357 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
1358 self.users_group_id,
1359 self.users_group_name)
1360
1361 @classmethod
1362 def get_by_group_name(cls, group_name, cache=False,
1363 case_insensitive=False):
1364 if case_insensitive:
1365 q = cls.query().filter(func.lower(cls.users_group_name) ==
1366 func.lower(group_name))
1367
1368 else:
1369 q = cls.query().filter(cls.users_group_name == group_name)
1370 if cache:
1371 q = q.options(
1372 FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
1373 return q.scalar()
1374
1375 @classmethod
1376 def get(cls, user_group_id, cache=False):
1377 if not user_group_id:
1378 return
1379
1380 user_group = cls.query()
1381 if cache:
1382 user_group = user_group.options(
1383 FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
1384 return user_group.get(user_group_id)
1385
1386 def permissions(self, with_admins=True, with_owner=True):
1387 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1388 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1389 joinedload(UserUserGroupToPerm.user),
1390 joinedload(UserUserGroupToPerm.permission),)
1391
1392 # get owners and admins and permissions. We do a trick of re-writing
1393 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1394 # has a global reference and changing one object propagates to all
1395 # others. This means if admin is also an owner admin_row that change
1396 # would propagate to both objects
1397 perm_rows = []
1398 for _usr in q.all():
1399 usr = AttributeDict(_usr.user.get_dict())
1400 usr.permission = _usr.permission.permission_name
1401 perm_rows.append(usr)
1402
1403 # filter the perm rows by 'default' first and then sort them by
1404 # admin,write,read,none permissions sorted again alphabetically in
1405 # each group
1406 perm_rows = sorted(perm_rows, key=display_user_sort)
1407
1408 _admin_perm = 'usergroup.admin'
1409 owner_row = []
1410 if with_owner:
1411 usr = AttributeDict(self.user.get_dict())
1412 usr.owner_row = True
1413 usr.permission = _admin_perm
1414 owner_row.append(usr)
1415
1416 super_admin_rows = []
1417 if with_admins:
1418 for usr in User.get_all_super_admins():
1419 # if this admin is also owner, don't double the record
1420 if usr.user_id == owner_row[0].user_id:
1421 owner_row[0].admin_row = True
1422 else:
1423 usr = AttributeDict(usr.get_dict())
1424 usr.admin_row = True
1425 usr.permission = _admin_perm
1426 super_admin_rows.append(usr)
1427
1428 return super_admin_rows + owner_row + perm_rows
1429
1430 def permission_user_groups(self):
1431 q = UserGroupUserGroupToPerm.query().filter(UserGroupUserGroupToPerm.target_user_group == self)
1432 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1433 joinedload(UserGroupUserGroupToPerm.target_user_group),
1434 joinedload(UserGroupUserGroupToPerm.permission),)
1435
1436 perm_rows = []
1437 for _user_group in q.all():
1438 usr = AttributeDict(_user_group.user_group.get_dict())
1439 usr.permission = _user_group.permission.permission_name
1440 perm_rows.append(usr)
1441
1442 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1443 return perm_rows
1444
1445 def _get_default_perms(self, user_group, suffix=''):
1446 from rhodecode.model.permission import PermissionModel
1447 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1448
1449 def get_default_perms(self, suffix=''):
1450 return self._get_default_perms(self, suffix)
1451
1452 def get_api_data(self, with_group_members=True, include_secrets=False):
1453 """
1454 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1455 basically forwarded.
1456
1457 """
1458 user_group = self
1459 data = {
1460 'users_group_id': user_group.users_group_id,
1461 'group_name': user_group.users_group_name,
1462 'group_description': user_group.user_group_description,
1463 'active': user_group.users_group_active,
1464 'owner': user_group.user.username,
1465 'sync': user_group.sync,
1466 'owner_email': user_group.user.email,
1467 }
1468
1469 if with_group_members:
1470 users = []
1471 for user in user_group.members:
1472 user = user.user
1473 users.append(user.get_api_data(include_secrets=include_secrets))
1474 data['users'] = users
1475
1476 return data
1477
1478
1479 class UserGroupMember(Base, BaseModel):
1480 __tablename__ = 'users_groups_members'
1481 __table_args__ = (
1482 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1483 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1484 )
1485
1486 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1487 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1488 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1489
1490 user = relationship('User', lazy='joined')
1491 users_group = relationship('UserGroup')
1492
1493 def __init__(self, gr_id='', u_id=''):
1494 self.users_group_id = gr_id
1495 self.user_id = u_id
1496
1497
1498 class RepositoryField(Base, BaseModel):
1499 __tablename__ = 'repositories_fields'
1500 __table_args__ = (
1501 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1502 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1503 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1504 )
1505 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1506
1507 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1508 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1509 field_key = Column("field_key", String(250))
1510 field_label = Column("field_label", String(1024), nullable=False)
1511 field_value = Column("field_value", String(10000), nullable=False)
1512 field_desc = Column("field_desc", String(1024), nullable=False)
1513 field_type = Column("field_type", String(255), nullable=False, unique=None)
1514 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1515
1516 repository = relationship('Repository')
1517
1518 @property
1519 def field_key_prefixed(self):
1520 return 'ex_%s' % self.field_key
1521
1522 @classmethod
1523 def un_prefix_key(cls, key):
1524 if key.startswith(cls.PREFIX):
1525 return key[len(cls.PREFIX):]
1526 return key
1527
1528 @classmethod
1529 def get_by_key_name(cls, key, repo):
1530 row = cls.query()\
1531 .filter(cls.repository == repo)\
1532 .filter(cls.field_key == key).scalar()
1533 return row
1534
1535
1536 class Repository(Base, BaseModel):
1537 __tablename__ = 'repositories'
1538 __table_args__ = (
1539 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1540 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1541 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1542 )
1543 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1544 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1545 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1546
1547 STATE_CREATED = 'repo_state_created'
1548 STATE_PENDING = 'repo_state_pending'
1549 STATE_ERROR = 'repo_state_error'
1550
1551 LOCK_AUTOMATIC = 'lock_auto'
1552 LOCK_API = 'lock_api'
1553 LOCK_WEB = 'lock_web'
1554 LOCK_PULL = 'lock_pull'
1555
1556 NAME_SEP = URL_SEP
1557
1558 repo_id = Column(
1559 "repo_id", Integer(), nullable=False, unique=True, default=None,
1560 primary_key=True)
1561 _repo_name = Column(
1562 "repo_name", Text(), nullable=False, default=None)
1563 _repo_name_hash = Column(
1564 "repo_name_hash", String(255), nullable=False, unique=True)
1565 repo_state = Column("repo_state", String(255), nullable=True)
1566
1567 clone_uri = Column(
1568 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1569 default=None)
1570 push_uri = Column(
1571 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1572 default=None)
1573 repo_type = Column(
1574 "repo_type", String(255), nullable=False, unique=False, default=None)
1575 user_id = Column(
1576 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1577 unique=False, default=None)
1578 private = Column(
1579 "private", Boolean(), nullable=True, unique=None, default=None)
1580 enable_statistics = Column(
1581 "statistics", Boolean(), nullable=True, unique=None, default=True)
1582 enable_downloads = Column(
1583 "downloads", Boolean(), nullable=True, unique=None, default=True)
1584 description = Column(
1585 "description", String(10000), nullable=True, unique=None, default=None)
1586 created_on = Column(
1587 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1588 default=datetime.datetime.now)
1589 updated_on = Column(
1590 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1591 default=datetime.datetime.now)
1592 _landing_revision = Column(
1593 "landing_revision", String(255), nullable=False, unique=False,
1594 default=None)
1595 enable_locking = Column(
1596 "enable_locking", Boolean(), nullable=False, unique=None,
1597 default=False)
1598 _locked = Column(
1599 "locked", String(255), nullable=True, unique=False, default=None)
1600 _changeset_cache = Column(
1601 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1602
1603 fork_id = Column(
1604 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1605 nullable=True, unique=False, default=None)
1606 group_id = Column(
1607 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1608 unique=False, default=None)
1609
1610 user = relationship('User', lazy='joined')
1611 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1612 group = relationship('RepoGroup', lazy='joined')
1613 repo_to_perm = relationship(
1614 'UserRepoToPerm', cascade='all',
1615 order_by='UserRepoToPerm.repo_to_perm_id')
1616 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1617 stats = relationship('Statistics', cascade='all', uselist=False)
1618
1619 followers = relationship(
1620 'UserFollowing',
1621 primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
1622 cascade='all')
1623 extra_fields = relationship(
1624 'RepositoryField', cascade="all, delete, delete-orphan")
1625 logs = relationship('UserLog')
1626 comments = relationship(
1627 'ChangesetComment', cascade="all, delete, delete-orphan")
1628 pull_requests_source = relationship(
1629 'PullRequest',
1630 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1631 cascade="all, delete, delete-orphan")
1632 pull_requests_target = relationship(
1633 'PullRequest',
1634 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1635 cascade="all, delete, delete-orphan")
1636 ui = relationship('RepoRhodeCodeUi', cascade="all")
1637 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1638 integrations = relationship('Integration',
1639 cascade="all, delete, delete-orphan")
1640
1641 scoped_tokens = relationship('UserApiKeys', cascade="all")
1642
1643 def __unicode__(self):
1644 return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
1645 safe_unicode(self.repo_name))
1646
1647 @hybrid_property
1648 def description_safe(self):
1649 from rhodecode.lib import helpers as h
1650 return h.escape(self.description)
1651
1652 @hybrid_property
1653 def landing_rev(self):
1654 # always should return [rev_type, rev]
1655 if self._landing_revision:
1656 _rev_info = self._landing_revision.split(':')
1657 if len(_rev_info) < 2:
1658 _rev_info.insert(0, 'rev')
1659 return [_rev_info[0], _rev_info[1]]
1660 return [None, None]
1661
1662 @landing_rev.setter
1663 def landing_rev(self, val):
1664 if ':' not in val:
1665 raise ValueError('value must be delimited with `:` and consist '
1666 'of <rev_type>:<rev>, got %s instead' % val)
1667 self._landing_revision = val
1668
1669 @hybrid_property
1670 def locked(self):
1671 if self._locked:
1672 user_id, timelocked, reason = self._locked.split(':')
1673 lock_values = int(user_id), timelocked, reason
1674 else:
1675 lock_values = [None, None, None]
1676 return lock_values
1677
1678 @locked.setter
1679 def locked(self, val):
1680 if val and isinstance(val, (list, tuple)):
1681 self._locked = ':'.join(map(str, val))
1682 else:
1683 self._locked = None
1684
1685 @hybrid_property
1686 def changeset_cache(self):
1687 from rhodecode.lib.vcs.backends.base import EmptyCommit
1688 dummy = EmptyCommit().__json__()
1689 if not self._changeset_cache:
1690 return dummy
1691 try:
1692 return json.loads(self._changeset_cache)
1693 except TypeError:
1694 return dummy
1695 except Exception:
1696 log.error(traceback.format_exc())
1697 return dummy
1698
1699 @changeset_cache.setter
1700 def changeset_cache(self, val):
1701 try:
1702 self._changeset_cache = json.dumps(val)
1703 except Exception:
1704 log.error(traceback.format_exc())
1705
1706 @hybrid_property
1707 def repo_name(self):
1708 return self._repo_name
1709
1710 @repo_name.setter
1711 def repo_name(self, value):
1712 self._repo_name = value
1713 self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
1714
1715 @classmethod
1716 def normalize_repo_name(cls, repo_name):
1717 """
1718 Normalizes os specific repo_name to the format internally stored inside
1719 database using URL_SEP
1720
1721 :param cls:
1722 :param repo_name:
1723 """
1724 return cls.NAME_SEP.join(repo_name.split(os.sep))
1725
1726 @classmethod
1727 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1728 session = Session()
1729 q = session.query(cls).filter(cls.repo_name == repo_name)
1730
1731 if cache:
1732 if identity_cache:
1733 val = cls.identity_cache(session, 'repo_name', repo_name)
1734 if val:
1735 return val
1736 else:
1737 cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
1738 q = q.options(
1739 FromCache("sql_cache_short", cache_key))
1740
1741 return q.scalar()
1742
1743 @classmethod
1744 def get_by_id_or_repo_name(cls, repoid):
1745 if isinstance(repoid, (int, long)):
1746 try:
1747 repo = cls.get(repoid)
1748 except ValueError:
1749 repo = None
1750 else:
1751 repo = cls.get_by_repo_name(repoid)
1752 return repo
1753
1754 @classmethod
1755 def get_by_full_path(cls, repo_full_path):
1756 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1757 repo_name = cls.normalize_repo_name(repo_name)
1758 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1759
1760 @classmethod
1761 def get_repo_forks(cls, repo_id):
1762 return cls.query().filter(Repository.fork_id == repo_id)
1763
1764 @classmethod
1765 def base_path(cls):
1766 """
1767 Returns base path when all repos are stored
1768
1769 :param cls:
1770 """
1771 q = Session().query(RhodeCodeUi)\
1772 .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
1773 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1774 return q.one().ui_value
1775
1776 @classmethod
1777 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1778 case_insensitive=True):
1779 q = Repository.query()
1780
1781 if not isinstance(user_id, Optional):
1782 q = q.filter(Repository.user_id == user_id)
1783
1784 if not isinstance(group_id, Optional):
1785 q = q.filter(Repository.group_id == group_id)
1786
1787 if case_insensitive:
1788 q = q.order_by(func.lower(Repository.repo_name))
1789 else:
1790 q = q.order_by(Repository.repo_name)
1791 return q.all()
1792
1793 @property
1794 def forks(self):
1795 """
1796 Return forks of this repo
1797 """
1798 return Repository.get_repo_forks(self.repo_id)
1799
1800 @property
1801 def parent(self):
1802 """
1803 Returns fork parent
1804 """
1805 return self.fork
1806
1807 @property
1808 def just_name(self):
1809 return self.repo_name.split(self.NAME_SEP)[-1]
1810
1811 @property
1812 def groups_with_parents(self):
1813 groups = []
1814 if self.group is None:
1815 return groups
1816
1817 cur_gr = self.group
1818 groups.insert(0, cur_gr)
1819 while 1:
1820 gr = getattr(cur_gr, 'parent_group', None)
1821 cur_gr = cur_gr.parent_group
1822 if gr is None:
1823 break
1824 groups.insert(0, gr)
1825
1826 return groups
1827
1828 @property
1829 def groups_and_repo(self):
1830 return self.groups_with_parents, self
1831
1832 @LazyProperty
1833 def repo_path(self):
1834 """
1835 Returns base full path for that repository means where it actually
1836 exists on a filesystem
1837 """
1838 q = Session().query(RhodeCodeUi).filter(
1839 RhodeCodeUi.ui_key == self.NAME_SEP)
1840 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1841 return q.one().ui_value
1842
1843 @property
1844 def repo_full_path(self):
1845 p = [self.repo_path]
1846 # we need to split the name by / since this is how we store the
1847 # names in the database, but that eventually needs to be converted
1848 # into a valid system path
1849 p += self.repo_name.split(self.NAME_SEP)
1850 return os.path.join(*map(safe_unicode, p))
1851
1852 @property
1853 def cache_keys(self):
1854 """
1855 Returns associated cache keys for that repo
1856 """
1857 return CacheKey.query()\
1858 .filter(CacheKey.cache_args == self.repo_name)\
1859 .order_by(CacheKey.cache_key)\
1860 .all()
1861
1862 @property
1863 def cached_diffs_relative_dir(self):
1864 """
1865 Return a relative to the repository store path of cached diffs
1866 used for safe display for users, who shouldn't know the absolute store
1867 path
1868 """
1869 return os.path.join(
1870 os.path.dirname(self.repo_name),
1871 self.cached_diffs_dir.split(os.path.sep)[-1])
1872
1873 @property
1874 def cached_diffs_dir(self):
1875 path = self.repo_full_path
1876 return os.path.join(
1877 os.path.dirname(path),
1878 '.__shadow_diff_cache_repo_{}'.format(self.repo_id))
1879
1880 def cached_diffs(self):
1881 diff_cache_dir = self.cached_diffs_dir
1882 if os.path.isdir(diff_cache_dir):
1883 return os.listdir(diff_cache_dir)
1884 return []
1885
1886 def get_new_name(self, repo_name):
1887 """
1888 returns new full repository name based on assigned group and new new
1889
1890 :param group_name:
1891 """
1892 path_prefix = self.group.full_path_splitted if self.group else []
1893 return self.NAME_SEP.join(path_prefix + [repo_name])
1894
1895 @property
1896 def _config(self):
1897 """
1898 Returns db based config object.
1899 """
1900 from rhodecode.lib.utils import make_db_config
1901 return make_db_config(clear_session=False, repo=self)
1902
1903 def permissions(self, with_admins=True, with_owner=True):
1904 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
1905 q = q.options(joinedload(UserRepoToPerm.repository),
1906 joinedload(UserRepoToPerm.user),
1907 joinedload(UserRepoToPerm.permission),)
1908
1909 # get owners and admins and permissions. We do a trick of re-writing
1910 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1911 # has a global reference and changing one object propagates to all
1912 # others. This means if admin is also an owner admin_row that change
1913 # would propagate to both objects
1914 perm_rows = []
1915 for _usr in q.all():
1916 usr = AttributeDict(_usr.user.get_dict())
1917 usr.permission = _usr.permission.permission_name
1918 usr.permission_id = _usr.repo_to_perm_id
1919 perm_rows.append(usr)
1920
1921 # filter the perm rows by 'default' first and then sort them by
1922 # admin,write,read,none permissions sorted again alphabetically in
1923 # each group
1924 perm_rows = sorted(perm_rows, key=display_user_sort)
1925
1926 _admin_perm = 'repository.admin'
1927 owner_row = []
1928 if with_owner:
1929 usr = AttributeDict(self.user.get_dict())
1930 usr.owner_row = True
1931 usr.permission = _admin_perm
1932 usr.permission_id = None
1933 owner_row.append(usr)
1934
1935 super_admin_rows = []
1936 if with_admins:
1937 for usr in User.get_all_super_admins():
1938 # if this admin is also owner, don't double the record
1939 if usr.user_id == owner_row[0].user_id:
1940 owner_row[0].admin_row = True
1941 else:
1942 usr = AttributeDict(usr.get_dict())
1943 usr.admin_row = True
1944 usr.permission = _admin_perm
1945 usr.permission_id = None
1946 super_admin_rows.append(usr)
1947
1948 return super_admin_rows + owner_row + perm_rows
1949
1950 def permission_user_groups(self):
1951 q = UserGroupRepoToPerm.query().filter(
1952 UserGroupRepoToPerm.repository == self)
1953 q = q.options(joinedload(UserGroupRepoToPerm.repository),
1954 joinedload(UserGroupRepoToPerm.users_group),
1955 joinedload(UserGroupRepoToPerm.permission),)
1956
1957 perm_rows = []
1958 for _user_group in q.all():
1959 usr = AttributeDict(_user_group.users_group.get_dict())
1960 usr.permission = _user_group.permission.permission_name
1961 perm_rows.append(usr)
1962
1963 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1964 return perm_rows
1965
1966 def get_api_data(self, include_secrets=False):
1967 """
1968 Common function for generating repo api data
1969
1970 :param include_secrets: See :meth:`User.get_api_data`.
1971
1972 """
1973 # TODO: mikhail: Here there is an anti-pattern, we probably need to
1974 # move this methods on models level.
1975 from rhodecode.model.settings import SettingsModel
1976 from rhodecode.model.repo import RepoModel
1977
1978 repo = self
1979 _user_id, _time, _reason = self.locked
1980
1981 data = {
1982 'repo_id': repo.repo_id,
1983 'repo_name': repo.repo_name,
1984 'repo_type': repo.repo_type,
1985 'clone_uri': repo.clone_uri or '',
1986 'push_uri': repo.push_uri or '',
1987 'url': RepoModel().get_url(self),
1988 'private': repo.private,
1989 'created_on': repo.created_on,
1990 'description': repo.description_safe,
1991 'landing_rev': repo.landing_rev,
1992 'owner': repo.user.username,
1993 'fork_of': repo.fork.repo_name if repo.fork else None,
1994 'fork_of_id': repo.fork.repo_id if repo.fork else None,
1995 'enable_statistics': repo.enable_statistics,
1996 'enable_locking': repo.enable_locking,
1997 'enable_downloads': repo.enable_downloads,
1998 'last_changeset': repo.changeset_cache,
1999 'locked_by': User.get(_user_id).get_api_data(
2000 include_secrets=include_secrets) if _user_id else None,
2001 'locked_date': time_to_datetime(_time) if _time else None,
2002 'lock_reason': _reason if _reason else None,
2003 }
2004
2005 # TODO: mikhail: should be per-repo settings here
2006 rc_config = SettingsModel().get_all_settings()
2007 repository_fields = str2bool(
2008 rc_config.get('rhodecode_repository_fields'))
2009 if repository_fields:
2010 for f in self.extra_fields:
2011 data[f.field_key_prefixed] = f.field_value
2012
2013 return data
2014
2015 @classmethod
2016 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2017 if not lock_time:
2018 lock_time = time.time()
2019 if not lock_reason:
2020 lock_reason = cls.LOCK_AUTOMATIC
2021 repo.locked = [user_id, lock_time, lock_reason]
2022 Session().add(repo)
2023 Session().commit()
2024
2025 @classmethod
2026 def unlock(cls, repo):
2027 repo.locked = None
2028 Session().add(repo)
2029 Session().commit()
2030
2031 @classmethod
2032 def getlock(cls, repo):
2033 return repo.locked
2034
2035 def is_user_lock(self, user_id):
2036 if self.lock[0]:
2037 lock_user_id = safe_int(self.lock[0])
2038 user_id = safe_int(user_id)
2039 # both are ints, and they are equal
2040 return all([lock_user_id, user_id]) and lock_user_id == user_id
2041
2042 return False
2043
2044 def get_locking_state(self, action, user_id, only_when_enabled=True):
2045 """
2046 Checks locking on this repository, if locking is enabled and lock is
2047 present returns a tuple of make_lock, locked, locked_by.
2048 make_lock can have 3 states None (do nothing) True, make lock
2049 False release lock, This value is later propagated to hooks, which
2050 do the locking. Think about this as signals passed to hooks what to do.
2051
2052 """
2053 # TODO: johbo: This is part of the business logic and should be moved
2054 # into the RepositoryModel.
2055
2056 if action not in ('push', 'pull'):
2057 raise ValueError("Invalid action value: %s" % repr(action))
2058
2059 # defines if locked error should be thrown to user
2060 currently_locked = False
2061 # defines if new lock should be made, tri-state
2062 make_lock = None
2063 repo = self
2064 user = User.get(user_id)
2065
2066 lock_info = repo.locked
2067
2068 if repo and (repo.enable_locking or not only_when_enabled):
2069 if action == 'push':
2070 # check if it's already locked !, if it is compare users
2071 locked_by_user_id = lock_info[0]
2072 if user.user_id == locked_by_user_id:
2073 log.debug(
2074 'Got `push` action from user %s, now unlocking', user)
2075 # unlock if we have push from user who locked
2076 make_lock = False
2077 else:
2078 # we're not the same user who locked, ban with
2079 # code defined in settings (default is 423 HTTP Locked) !
2080 log.debug('Repo %s is currently locked by %s', repo, user)
2081 currently_locked = True
2082 elif action == 'pull':
2083 # [0] user [1] date
2084 if lock_info[0] and lock_info[1]:
2085 log.debug('Repo %s is currently locked by %s', repo, user)
2086 currently_locked = True
2087 else:
2088 log.debug('Setting lock on repo %s by %s', repo, user)
2089 make_lock = True
2090
2091 else:
2092 log.debug('Repository %s do not have locking enabled', repo)
2093
2094 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2095 make_lock, currently_locked, lock_info)
2096
2097 from rhodecode.lib.auth import HasRepoPermissionAny
2098 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2099 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2100 # if we don't have at least write permission we cannot make a lock
2101 log.debug('lock state reset back to FALSE due to lack '
2102 'of at least read permission')
2103 make_lock = False
2104
2105 return make_lock, currently_locked, lock_info
2106
2107 @property
2108 def last_db_change(self):
2109 return self.updated_on
2110
2111 @property
2112 def clone_uri_hidden(self):
2113 clone_uri = self.clone_uri
2114 if clone_uri:
2115 import urlobject
2116 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2117 if url_obj.password:
2118 clone_uri = url_obj.with_password('*****')
2119 return clone_uri
2120
2121 @property
2122 def push_uri_hidden(self):
2123 push_uri = self.push_uri
2124 if push_uri:
2125 import urlobject
2126 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2127 if url_obj.password:
2128 push_uri = url_obj.with_password('*****')
2129 return push_uri
2130
2131 def clone_url(self, **override):
2132 from rhodecode.model.settings import SettingsModel
2133
2134 uri_tmpl = None
2135 if 'with_id' in override:
2136 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2137 del override['with_id']
2138
2139 if 'uri_tmpl' in override:
2140 uri_tmpl = override['uri_tmpl']
2141 del override['uri_tmpl']
2142
2143 ssh = False
2144 if 'ssh' in override:
2145 ssh = True
2146 del override['ssh']
2147
2148 # we didn't override our tmpl from **overrides
2149 if not uri_tmpl:
2150 rc_config = SettingsModel().get_all_settings(cache=True)
2151 if ssh:
2152 uri_tmpl = rc_config.get(
2153 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2154 else:
2155 uri_tmpl = rc_config.get(
2156 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2157
2158 request = get_current_request()
2159 return get_clone_url(request=request,
2160 uri_tmpl=uri_tmpl,
2161 repo_name=self.repo_name,
2162 repo_id=self.repo_id, **override)
2163
2164 def set_state(self, state):
2165 self.repo_state = state
2166 Session().add(self)
2167 #==========================================================================
2168 # SCM PROPERTIES
2169 #==========================================================================
2170
2171 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
2172 return get_commit_safe(
2173 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
2174
2175 def get_changeset(self, rev=None, pre_load=None):
2176 warnings.warn("Use get_commit", DeprecationWarning)
2177 commit_id = None
2178 commit_idx = None
2179 if isinstance(rev, basestring):
2180 commit_id = rev
2181 else:
2182 commit_idx = rev
2183 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2184 pre_load=pre_load)
2185
2186 def get_landing_commit(self):
2187 """
2188 Returns landing commit, or if that doesn't exist returns the tip
2189 """
2190 _rev_type, _rev = self.landing_rev
2191 commit = self.get_commit(_rev)
2192 if isinstance(commit, EmptyCommit):
2193 return self.get_commit()
2194 return commit
2195
2196 def update_commit_cache(self, cs_cache=None, config=None):
2197 """
2198 Update cache of last changeset for repository, keys should be::
2199
2200 short_id
2201 raw_id
2202 revision
2203 parents
2204 message
2205 date
2206 author
2207
2208 :param cs_cache:
2209 """
2210 from rhodecode.lib.vcs.backends.base import BaseChangeset
2211 if cs_cache is None:
2212 # use no-cache version here
2213 scm_repo = self.scm_instance(cache=False, config=config)
2214 if scm_repo:
2215 cs_cache = scm_repo.get_commit(
2216 pre_load=["author", "date", "message", "parents"])
2217 else:
2218 cs_cache = EmptyCommit()
2219
2220 if isinstance(cs_cache, BaseChangeset):
2221 cs_cache = cs_cache.__json__()
2222
2223 def is_outdated(new_cs_cache):
2224 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2225 new_cs_cache['revision'] != self.changeset_cache['revision']):
2226 return True
2227 return False
2228
2229 # check if we have maybe already latest cached revision
2230 if is_outdated(cs_cache) or not self.changeset_cache:
2231 _default = datetime.datetime.fromtimestamp(0)
2232 last_change = cs_cache.get('date') or _default
2233 log.debug('updated repo %s with new cs cache %s',
2234 self.repo_name, cs_cache)
2235 self.updated_on = last_change
2236 self.changeset_cache = cs_cache
2237 Session().add(self)
2238 Session().commit()
2239 else:
2240 log.debug('Skipping update_commit_cache for repo:`%s` '
2241 'commit already with latest changes', self.repo_name)
2242
2243 @property
2244 def tip(self):
2245 return self.get_commit('tip')
2246
2247 @property
2248 def author(self):
2249 return self.tip.author
2250
2251 @property
2252 def last_change(self):
2253 return self.scm_instance().last_change
2254
2255 def get_comments(self, revisions=None):
2256 """
2257 Returns comments for this repository grouped by revisions
2258
2259 :param revisions: filter query by revisions only
2260 """
2261 cmts = ChangesetComment.query()\
2262 .filter(ChangesetComment.repo == self)
2263 if revisions:
2264 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2265 grouped = collections.defaultdict(list)
2266 for cmt in cmts.all():
2267 grouped[cmt.revision].append(cmt)
2268 return grouped
2269
2270 def statuses(self, revisions=None):
2271 """
2272 Returns statuses for this repository
2273
2274 :param revisions: list of revisions to get statuses for
2275 """
2276 statuses = ChangesetStatus.query()\
2277 .filter(ChangesetStatus.repo == self)\
2278 .filter(ChangesetStatus.version == 0)
2279
2280 if revisions:
2281 # Try doing the filtering in chunks to avoid hitting limits
2282 size = 500
2283 status_results = []
2284 for chunk in xrange(0, len(revisions), size):
2285 status_results += statuses.filter(
2286 ChangesetStatus.revision.in_(
2287 revisions[chunk: chunk+size])
2288 ).all()
2289 else:
2290 status_results = statuses.all()
2291
2292 grouped = {}
2293
2294 # maybe we have open new pullrequest without a status?
2295 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2296 status_lbl = ChangesetStatus.get_status_lbl(stat)
2297 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2298 for rev in pr.revisions:
2299 pr_id = pr.pull_request_id
2300 pr_repo = pr.target_repo.repo_name
2301 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2302
2303 for stat in status_results:
2304 pr_id = pr_repo = None
2305 if stat.pull_request:
2306 pr_id = stat.pull_request.pull_request_id
2307 pr_repo = stat.pull_request.target_repo.repo_name
2308 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2309 pr_id, pr_repo]
2310 return grouped
2311
2312 # ==========================================================================
2313 # SCM CACHE INSTANCE
2314 # ==========================================================================
2315
2316 def scm_instance(self, **kwargs):
2317 import rhodecode
2318
2319 # Passing a config will not hit the cache currently only used
2320 # for repo2dbmapper
2321 config = kwargs.pop('config', None)
2322 cache = kwargs.pop('cache', None)
2323 full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
2324 # if cache is NOT defined use default global, else we have a full
2325 # control over cache behaviour
2326 if cache is None and full_cache and not config:
2327 return self._get_instance_cached()
2328 return self._get_instance(cache=bool(cache), config=config)
2329
2330 def _get_instance_cached(self):
2331 return self._get_instance()
2332
2333 def _get_instance(self, cache=True, config=None):
2334 config = config or self._config
2335 custom_wire = {
2336 'cache': cache # controls the vcs.remote cache
2337 }
2338 repo = get_vcs_instance(
2339 repo_path=safe_str(self.repo_full_path),
2340 config=config,
2341 with_wire=custom_wire,
2342 create=False,
2343 _vcs_alias=self.repo_type)
2344
2345 return repo
2346
2347 def __json__(self):
2348 return {'landing_rev': self.landing_rev}
2349
2350 def get_dict(self):
2351
2352 # Since we transformed `repo_name` to a hybrid property, we need to
2353 # keep compatibility with the code which uses `repo_name` field.
2354
2355 result = super(Repository, self).get_dict()
2356 result['repo_name'] = result.pop('_repo_name', None)
2357 return result
2358
2359
2360 class RepoGroup(Base, BaseModel):
2361 __tablename__ = 'groups'
2362 __table_args__ = (
2363 UniqueConstraint('group_name', 'group_parent_id'),
2364 CheckConstraint('group_id != group_parent_id'),
2365 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2366 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2367 )
2368 __mapper_args__ = {'order_by': 'group_name'}
2369
2370 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2371
2372 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2373 group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2374 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2375 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2376 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2377 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2378 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2379 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2380 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2381
2382 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
2383 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
2384 parent_group = relationship('RepoGroup', remote_side=group_id)
2385 user = relationship('User')
2386 integrations = relationship('Integration',
2387 cascade="all, delete, delete-orphan")
2388
2389 def __init__(self, group_name='', parent_group=None):
2390 self.group_name = group_name
2391 self.parent_group = parent_group
2392
2393 def __unicode__(self):
2394 return u"<%s('id:%s:%s')>" % (
2395 self.__class__.__name__, self.group_id, self.group_name)
2396
2397 @hybrid_property
2398 def description_safe(self):
2399 from rhodecode.lib import helpers as h
2400 return h.escape(self.group_description)
2401
2402 @classmethod
2403 def _generate_choice(cls, repo_group):
2404 from webhelpers.html import literal as _literal
2405 _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
2406 return repo_group.group_id, _name(repo_group.full_path_splitted)
2407
2408 @classmethod
2409 def groups_choices(cls, groups=None, show_empty_group=True):
2410 if not groups:
2411 groups = cls.query().all()
2412
2413 repo_groups = []
2414 if show_empty_group:
2415 repo_groups = [(-1, u'-- %s --' % _('No parent'))]
2416
2417 repo_groups.extend([cls._generate_choice(x) for x in groups])
2418
2419 repo_groups = sorted(
2420 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2421 return repo_groups
2422
2423 @classmethod
2424 def url_sep(cls):
2425 return URL_SEP
2426
2427 @classmethod
2428 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2429 if case_insensitive:
2430 gr = cls.query().filter(func.lower(cls.group_name)
2431 == func.lower(group_name))
2432 else:
2433 gr = cls.query().filter(cls.group_name == group_name)
2434 if cache:
2435 name_key = _hash_key(group_name)
2436 gr = gr.options(
2437 FromCache("sql_cache_short", "get_group_%s" % name_key))
2438 return gr.scalar()
2439
2440 @classmethod
2441 def get_user_personal_repo_group(cls, user_id):
2442 user = User.get(user_id)
2443 if user.username == User.DEFAULT_USER:
2444 return None
2445
2446 return cls.query()\
2447 .filter(cls.personal == true()) \
2448 .filter(cls.user == user).scalar()
2449
2450 @classmethod
2451 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2452 case_insensitive=True):
2453 q = RepoGroup.query()
2454
2455 if not isinstance(user_id, Optional):
2456 q = q.filter(RepoGroup.user_id == user_id)
2457
2458 if not isinstance(group_id, Optional):
2459 q = q.filter(RepoGroup.group_parent_id == group_id)
2460
2461 if case_insensitive:
2462 q = q.order_by(func.lower(RepoGroup.group_name))
2463 else:
2464 q = q.order_by(RepoGroup.group_name)
2465 return q.all()
2466
2467 @property
2468 def parents(self):
2469 parents_recursion_limit = 10
2470 groups = []
2471 if self.parent_group is None:
2472 return groups
2473 cur_gr = self.parent_group
2474 groups.insert(0, cur_gr)
2475 cnt = 0
2476 while 1:
2477 cnt += 1
2478 gr = getattr(cur_gr, 'parent_group', None)
2479 cur_gr = cur_gr.parent_group
2480 if gr is None:
2481 break
2482 if cnt == parents_recursion_limit:
2483 # this will prevent accidental infinit loops
2484 log.error(('more than %s parents found for group %s, stopping '
2485 'recursive parent fetching' % (parents_recursion_limit, self)))
2486 break
2487
2488 groups.insert(0, gr)
2489 return groups
2490
2491 @property
2492 def last_db_change(self):
2493 return self.updated_on
2494
2495 @property
2496 def children(self):
2497 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2498
2499 @property
2500 def name(self):
2501 return self.group_name.split(RepoGroup.url_sep())[-1]
2502
2503 @property
2504 def full_path(self):
2505 return self.group_name
2506
2507 @property
2508 def full_path_splitted(self):
2509 return self.group_name.split(RepoGroup.url_sep())
2510
2511 @property
2512 def repositories(self):
2513 return Repository.query()\
2514 .filter(Repository.group == self)\
2515 .order_by(Repository.repo_name)
2516
2517 @property
2518 def repositories_recursive_count(self):
2519 cnt = self.repositories.count()
2520
2521 def children_count(group):
2522 cnt = 0
2523 for child in group.children:
2524 cnt += child.repositories.count()
2525 cnt += children_count(child)
2526 return cnt
2527
2528 return cnt + children_count(self)
2529
2530 def _recursive_objects(self, include_repos=True):
2531 all_ = []
2532
2533 def _get_members(root_gr):
2534 if include_repos:
2535 for r in root_gr.repositories:
2536 all_.append(r)
2537 childs = root_gr.children.all()
2538 if childs:
2539 for gr in childs:
2540 all_.append(gr)
2541 _get_members(gr)
2542
2543 _get_members(self)
2544 return [self] + all_
2545
2546 def recursive_groups_and_repos(self):
2547 """
2548 Recursive return all groups, with repositories in those groups
2549 """
2550 return self._recursive_objects()
2551
2552 def recursive_groups(self):
2553 """
2554 Returns all children groups for this group including children of children
2555 """
2556 return self._recursive_objects(include_repos=False)
2557
2558 def get_new_name(self, group_name):
2559 """
2560 returns new full group name based on parent and new name
2561
2562 :param group_name:
2563 """
2564 path_prefix = (self.parent_group.full_path_splitted if
2565 self.parent_group else [])
2566 return RepoGroup.url_sep().join(path_prefix + [group_name])
2567
2568 def permissions(self, with_admins=True, with_owner=True):
2569 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
2570 q = q.options(joinedload(UserRepoGroupToPerm.group),
2571 joinedload(UserRepoGroupToPerm.user),
2572 joinedload(UserRepoGroupToPerm.permission),)
2573
2574 # get owners and admins and permissions. We do a trick of re-writing
2575 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2576 # has a global reference and changing one object propagates to all
2577 # others. This means if admin is also an owner admin_row that change
2578 # would propagate to both objects
2579 perm_rows = []
2580 for _usr in q.all():
2581 usr = AttributeDict(_usr.user.get_dict())
2582 usr.permission = _usr.permission.permission_name
2583 perm_rows.append(usr)
2584
2585 # filter the perm rows by 'default' first and then sort them by
2586 # admin,write,read,none permissions sorted again alphabetically in
2587 # each group
2588 perm_rows = sorted(perm_rows, key=display_user_sort)
2589
2590 _admin_perm = 'group.admin'
2591 owner_row = []
2592 if with_owner:
2593 usr = AttributeDict(self.user.get_dict())
2594 usr.owner_row = True
2595 usr.permission = _admin_perm
2596 owner_row.append(usr)
2597
2598 super_admin_rows = []
2599 if with_admins:
2600 for usr in User.get_all_super_admins():
2601 # if this admin is also owner, don't double the record
2602 if usr.user_id == owner_row[0].user_id:
2603 owner_row[0].admin_row = True
2604 else:
2605 usr = AttributeDict(usr.get_dict())
2606 usr.admin_row = True
2607 usr.permission = _admin_perm
2608 super_admin_rows.append(usr)
2609
2610 return super_admin_rows + owner_row + perm_rows
2611
2612 def permission_user_groups(self):
2613 q = UserGroupRepoGroupToPerm.query().filter(UserGroupRepoGroupToPerm.group == self)
2614 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
2615 joinedload(UserGroupRepoGroupToPerm.users_group),
2616 joinedload(UserGroupRepoGroupToPerm.permission),)
2617
2618 perm_rows = []
2619 for _user_group in q.all():
2620 usr = AttributeDict(_user_group.users_group.get_dict())
2621 usr.permission = _user_group.permission.permission_name
2622 perm_rows.append(usr)
2623
2624 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2625 return perm_rows
2626
2627 def get_api_data(self):
2628 """
2629 Common function for generating api data
2630
2631 """
2632 group = self
2633 data = {
2634 'group_id': group.group_id,
2635 'group_name': group.group_name,
2636 'group_description': group.description_safe,
2637 'parent_group': group.parent_group.group_name if group.parent_group else None,
2638 'repositories': [x.repo_name for x in group.repositories],
2639 'owner': group.user.username,
2640 }
2641 return data
2642
2643
2644 class Permission(Base, BaseModel):
2645 __tablename__ = 'permissions'
2646 __table_args__ = (
2647 Index('p_perm_name_idx', 'permission_name'),
2648 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2649 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2650 )
2651 PERMS = [
2652 ('hg.admin', _('RhodeCode Super Administrator')),
2653
2654 ('repository.none', _('Repository no access')),
2655 ('repository.read', _('Repository read access')),
2656 ('repository.write', _('Repository write access')),
2657 ('repository.admin', _('Repository admin access')),
2658
2659 ('group.none', _('Repository group no access')),
2660 ('group.read', _('Repository group read access')),
2661 ('group.write', _('Repository group write access')),
2662 ('group.admin', _('Repository group admin access')),
2663
2664 ('usergroup.none', _('User group no access')),
2665 ('usergroup.read', _('User group read access')),
2666 ('usergroup.write', _('User group write access')),
2667 ('usergroup.admin', _('User group admin access')),
2668
2669 ('branch.none', _('Branch no permissions')),
2670 ('branch.merge', _('Branch access by web merge')),
2671 ('branch.push', _('Branch access by push')),
2672 ('branch.push_force', _('Branch access by push with force')),
2673
2674 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
2675 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
2676
2677 ('hg.usergroup.create.false', _('User Group creation disabled')),
2678 ('hg.usergroup.create.true', _('User Group creation enabled')),
2679
2680 ('hg.create.none', _('Repository creation disabled')),
2681 ('hg.create.repository', _('Repository creation enabled')),
2682 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
2683 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
2684
2685 ('hg.fork.none', _('Repository forking disabled')),
2686 ('hg.fork.repository', _('Repository forking enabled')),
2687
2688 ('hg.register.none', _('Registration disabled')),
2689 ('hg.register.manual_activate', _('User Registration with manual account activation')),
2690 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
2691
2692 ('hg.password_reset.enabled', _('Password reset enabled')),
2693 ('hg.password_reset.hidden', _('Password reset hidden')),
2694 ('hg.password_reset.disabled', _('Password reset disabled')),
2695
2696 ('hg.extern_activate.manual', _('Manual activation of external account')),
2697 ('hg.extern_activate.auto', _('Automatic activation of external account')),
2698
2699 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
2700 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
2701 ]
2702
2703 # definition of system default permissions for DEFAULT user, created on
2704 # system setup
2705 DEFAULT_USER_PERMISSIONS = [
2706 # object perms
2707 'repository.read',
2708 'group.read',
2709 'usergroup.read',
2710 # branch
2711 'branch.push',
2712 # global
2713 'hg.create.repository',
2714 'hg.repogroup.create.false',
2715 'hg.usergroup.create.false',
2716 'hg.create.write_on_repogroup.true',
2717 'hg.fork.repository',
2718 'hg.register.manual_activate',
2719 'hg.password_reset.enabled',
2720 'hg.extern_activate.auto',
2721 'hg.inherit_default_perms.true',
2722 ]
2723
2724 # defines which permissions are more important higher the more important
2725 # Weight defines which permissions are more important.
2726 # The higher number the more important.
2727 PERM_WEIGHTS = {
2728 'repository.none': 0,
2729 'repository.read': 1,
2730 'repository.write': 3,
2731 'repository.admin': 4,
2732
2733 'group.none': 0,
2734 'group.read': 1,
2735 'group.write': 3,
2736 'group.admin': 4,
2737
2738 'usergroup.none': 0,
2739 'usergroup.read': 1,
2740 'usergroup.write': 3,
2741 'usergroup.admin': 4,
2742
2743 'branch.none': 0,
2744 'branch.merge': 1,
2745 'branch.push': 3,
2746 'branch.push_force': 4,
2747
2748 'hg.repogroup.create.false': 0,
2749 'hg.repogroup.create.true': 1,
2750
2751 'hg.usergroup.create.false': 0,
2752 'hg.usergroup.create.true': 1,
2753
2754 'hg.fork.none': 0,
2755 'hg.fork.repository': 1,
2756 'hg.create.none': 0,
2757 'hg.create.repository': 1
2758 }
2759
2760 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2761 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
2762 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
2763
2764 def __unicode__(self):
2765 return u"<%s('%s:%s')>" % (
2766 self.__class__.__name__, self.permission_id, self.permission_name
2767 )
2768
2769 @classmethod
2770 def get_by_key(cls, key):
2771 return cls.query().filter(cls.permission_name == key).scalar()
2772
2773 @classmethod
2774 def get_default_repo_perms(cls, user_id, repo_id=None):
2775 q = Session().query(UserRepoToPerm, Repository, Permission)\
2776 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
2777 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
2778 .filter(UserRepoToPerm.user_id == user_id)
2779 if repo_id:
2780 q = q.filter(UserRepoToPerm.repository_id == repo_id)
2781 return q.all()
2782
2783 @classmethod
2784 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
2785 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
2786 .join(
2787 Permission,
2788 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
2789 .join(
2790 Repository,
2791 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
2792 .join(
2793 UserGroup,
2794 UserGroupRepoToPerm.users_group_id ==
2795 UserGroup.users_group_id)\
2796 .join(
2797 UserGroupMember,
2798 UserGroupRepoToPerm.users_group_id ==
2799 UserGroupMember.users_group_id)\
2800 .filter(
2801 UserGroupMember.user_id == user_id,
2802 UserGroup.users_group_active == true())
2803 if repo_id:
2804 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
2805 return q.all()
2806
2807 @classmethod
2808 def get_default_group_perms(cls, user_id, repo_group_id=None):
2809 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
2810 .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\
2811 .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
2812 .filter(UserRepoGroupToPerm.user_id == user_id)
2813 if repo_group_id:
2814 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
2815 return q.all()
2816
2817 @classmethod
2818 def get_default_group_perms_from_user_group(
2819 cls, user_id, repo_group_id=None):
2820 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
2821 .join(
2822 Permission,
2823 UserGroupRepoGroupToPerm.permission_id ==
2824 Permission.permission_id)\
2825 .join(
2826 RepoGroup,
2827 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
2828 .join(
2829 UserGroup,
2830 UserGroupRepoGroupToPerm.users_group_id ==
2831 UserGroup.users_group_id)\
2832 .join(
2833 UserGroupMember,
2834 UserGroupRepoGroupToPerm.users_group_id ==
2835 UserGroupMember.users_group_id)\
2836 .filter(
2837 UserGroupMember.user_id == user_id,
2838 UserGroup.users_group_active == true())
2839 if repo_group_id:
2840 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
2841 return q.all()
2842
2843 @classmethod
2844 def get_default_user_group_perms(cls, user_id, user_group_id=None):
2845 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
2846 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
2847 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
2848 .filter(UserUserGroupToPerm.user_id == user_id)
2849 if user_group_id:
2850 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
2851 return q.all()
2852
2853 @classmethod
2854 def get_default_user_group_perms_from_user_group(
2855 cls, user_id, user_group_id=None):
2856 TargetUserGroup = aliased(UserGroup, name='target_user_group')
2857 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
2858 .join(
2859 Permission,
2860 UserGroupUserGroupToPerm.permission_id ==
2861 Permission.permission_id)\
2862 .join(
2863 TargetUserGroup,
2864 UserGroupUserGroupToPerm.target_user_group_id ==
2865 TargetUserGroup.users_group_id)\
2866 .join(
2867 UserGroup,
2868 UserGroupUserGroupToPerm.user_group_id ==
2869 UserGroup.users_group_id)\
2870 .join(
2871 UserGroupMember,
2872 UserGroupUserGroupToPerm.user_group_id ==
2873 UserGroupMember.users_group_id)\
2874 .filter(
2875 UserGroupMember.user_id == user_id,
2876 UserGroup.users_group_active == true())
2877 if user_group_id:
2878 q = q.filter(
2879 UserGroupUserGroupToPerm.user_group_id == user_group_id)
2880
2881 return q.all()
2882
2883
2884 class UserRepoToPerm(Base, BaseModel):
2885 __tablename__ = 'repo_to_perm'
2886 __table_args__ = (
2887 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
2888 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2889 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2890 )
2891 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2892 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2893 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2894 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2895
2896 user = relationship('User')
2897 repository = relationship('Repository')
2898 permission = relationship('Permission')
2899
2900 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete, delete-orphan", lazy='joined')
2901
2902 @classmethod
2903 def create(cls, user, repository, permission):
2904 n = cls()
2905 n.user = user
2906 n.repository = repository
2907 n.permission = permission
2908 Session().add(n)
2909 return n
2910
2911 def __unicode__(self):
2912 return u'<%s => %s >' % (self.user, self.repository)
2913
2914
2915 class UserUserGroupToPerm(Base, BaseModel):
2916 __tablename__ = 'user_user_group_to_perm'
2917 __table_args__ = (
2918 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
2919 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2920 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2921 )
2922 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2923 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2924 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2925 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2926
2927 user = relationship('User')
2928 user_group = relationship('UserGroup')
2929 permission = relationship('Permission')
2930
2931 @classmethod
2932 def create(cls, user, user_group, permission):
2933 n = cls()
2934 n.user = user
2935 n.user_group = user_group
2936 n.permission = permission
2937 Session().add(n)
2938 return n
2939
2940 def __unicode__(self):
2941 return u'<%s => %s >' % (self.user, self.user_group)
2942
2943
2944 class UserToPerm(Base, BaseModel):
2945 __tablename__ = 'user_to_perm'
2946 __table_args__ = (
2947 UniqueConstraint('user_id', 'permission_id'),
2948 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2949 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2950 )
2951 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2952 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2953 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2954
2955 user = relationship('User')
2956 permission = relationship('Permission', lazy='joined')
2957
2958 def __unicode__(self):
2959 return u'<%s => %s >' % (self.user, self.permission)
2960
2961
2962 class UserGroupRepoToPerm(Base, BaseModel):
2963 __tablename__ = 'users_group_repo_to_perm'
2964 __table_args__ = (
2965 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
2966 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2967 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2968 )
2969 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2970 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2971 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2972 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2973
2974 users_group = relationship('UserGroup')
2975 permission = relationship('Permission')
2976 repository = relationship('Repository')
2977
2978 @classmethod
2979 def create(cls, users_group, repository, permission):
2980 n = cls()
2981 n.users_group = users_group
2982 n.repository = repository
2983 n.permission = permission
2984 Session().add(n)
2985 return n
2986
2987 def __unicode__(self):
2988 return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
2989
2990
2991 class UserGroupUserGroupToPerm(Base, BaseModel):
2992 __tablename__ = 'user_group_user_group_to_perm'
2993 __table_args__ = (
2994 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
2995 CheckConstraint('target_user_group_id != user_group_id'),
2996 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2997 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2998 )
2999 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3000 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3001 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3002 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3003
3004 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
3005 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3006 permission = relationship('Permission')
3007
3008 @classmethod
3009 def create(cls, target_user_group, user_group, permission):
3010 n = cls()
3011 n.target_user_group = target_user_group
3012 n.user_group = user_group
3013 n.permission = permission
3014 Session().add(n)
3015 return n
3016
3017 def __unicode__(self):
3018 return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
3019
3020
3021 class UserGroupToPerm(Base, BaseModel):
3022 __tablename__ = 'users_group_to_perm'
3023 __table_args__ = (
3024 UniqueConstraint('users_group_id', 'permission_id',),
3025 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3026 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3027 )
3028 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3029 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3030 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3031
3032 users_group = relationship('UserGroup')
3033 permission = relationship('Permission')
3034
3035
3036 class UserRepoGroupToPerm(Base, BaseModel):
3037 __tablename__ = 'user_repo_group_to_perm'
3038 __table_args__ = (
3039 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3040 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3041 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3042 )
3043
3044 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3045 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3046 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3047 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3048
3049 user = relationship('User')
3050 group = relationship('RepoGroup')
3051 permission = relationship('Permission')
3052
3053 @classmethod
3054 def create(cls, user, repository_group, permission):
3055 n = cls()
3056 n.user = user
3057 n.group = repository_group
3058 n.permission = permission
3059 Session().add(n)
3060 return n
3061
3062
3063 class UserGroupRepoGroupToPerm(Base, BaseModel):
3064 __tablename__ = 'users_group_repo_group_to_perm'
3065 __table_args__ = (
3066 UniqueConstraint('users_group_id', 'group_id'),
3067 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3068 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3069 )
3070
3071 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3072 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3073 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3074 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3075
3076 users_group = relationship('UserGroup')
3077 permission = relationship('Permission')
3078 group = relationship('RepoGroup')
3079
3080 @classmethod
3081 def create(cls, user_group, repository_group, permission):
3082 n = cls()
3083 n.users_group = user_group
3084 n.group = repository_group
3085 n.permission = permission
3086 Session().add(n)
3087 return n
3088
3089 def __unicode__(self):
3090 return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3091
3092
3093 class Statistics(Base, BaseModel):
3094 __tablename__ = 'statistics'
3095 __table_args__ = (
3096 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3097 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3098 )
3099 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3100 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3101 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3102 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
3103 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
3104 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
3105
3106 repository = relationship('Repository', single_parent=True)
3107
3108
3109 class UserFollowing(Base, BaseModel):
3110 __tablename__ = 'user_followings'
3111 __table_args__ = (
3112 UniqueConstraint('user_id', 'follows_repository_id'),
3113 UniqueConstraint('user_id', 'follows_user_id'),
3114 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3115 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3116 )
3117
3118 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3119 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3120 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3121 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3122 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3123
3124 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
3125
3126 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3127 follows_repository = relationship('Repository', order_by='Repository.repo_name')
3128
3129 @classmethod
3130 def get_repo_followers(cls, repo_id):
3131 return cls.query().filter(cls.follows_repo_id == repo_id)
3132
3133
3134 class CacheKey(Base, BaseModel):
3135 __tablename__ = 'cache_invalidation'
3136 __table_args__ = (
3137 UniqueConstraint('cache_key'),
3138 Index('key_idx', 'cache_key'),
3139 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3140 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3141 )
3142 CACHE_TYPE_ATOM = 'ATOM'
3143 CACHE_TYPE_RSS = 'RSS'
3144 CACHE_TYPE_README = 'README'
3145
3146 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3147 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3148 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3149 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3150
3151 def __init__(self, cache_key, cache_args=''):
3152 self.cache_key = cache_key
3153 self.cache_args = cache_args
3154 self.cache_active = False
3155
3156 def __unicode__(self):
3157 return u"<%s('%s:%s[%s]')>" % (
3158 self.__class__.__name__,
3159 self.cache_id, self.cache_key, self.cache_active)
3160
3161 def _cache_key_partition(self):
3162 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3163 return prefix, repo_name, suffix
3164
3165 def get_prefix(self):
3166 """
3167 Try to extract prefix from existing cache key. The key could consist
3168 of prefix, repo_name, suffix
3169 """
3170 # this returns prefix, repo_name, suffix
3171 return self._cache_key_partition()[0]
3172
3173 def get_suffix(self):
3174 """
3175 get suffix that might have been used in _get_cache_key to
3176 generate self.cache_key. Only used for informational purposes
3177 in repo_edit.mako.
3178 """
3179 # prefix, repo_name, suffix
3180 return self._cache_key_partition()[2]
3181
3182 @classmethod
3183 def delete_all_cache(cls):
3184 """
3185 Delete all cache keys from database.
3186 Should only be run when all instances are down and all entries
3187 thus stale.
3188 """
3189 cls.query().delete()
3190 Session().commit()
3191
3192 @classmethod
3193 def get_cache_key(cls, repo_name, cache_type):
3194 """
3195
3196 Generate a cache key for this process of RhodeCode instance.
3197 Prefix most likely will be process id or maybe explicitly set
3198 instance_id from .ini file.
3199 """
3200 import rhodecode
3201 prefix = safe_unicode(rhodecode.CONFIG.get('instance_id') or '')
3202
3203 repo_as_unicode = safe_unicode(repo_name)
3204 key = u'{}_{}'.format(repo_as_unicode, cache_type) \
3205 if cache_type else repo_as_unicode
3206
3207 return u'{}{}'.format(prefix, key)
3208
3209 @classmethod
3210 def set_invalidate(cls, repo_name, delete=False):
3211 """
3212 Mark all caches of a repo as invalid in the database.
3213 """
3214
3215 try:
3216 qry = Session().query(cls).filter(cls.cache_args == repo_name)
3217 if delete:
3218 log.debug('cache objects deleted for repo %s',
3219 safe_str(repo_name))
3220 qry.delete()
3221 else:
3222 log.debug('cache objects marked as invalid for repo %s',
3223 safe_str(repo_name))
3224 qry.update({"cache_active": False})
3225
3226 Session().commit()
3227 except Exception:
3228 log.exception(
3229 'Cache key invalidation failed for repository %s',
3230 safe_str(repo_name))
3231 Session().rollback()
3232
3233 @classmethod
3234 def get_active_cache(cls, cache_key):
3235 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3236 if inv_obj:
3237 return inv_obj
3238 return None
3239
3240
3241 class ChangesetComment(Base, BaseModel):
3242 __tablename__ = 'changeset_comments'
3243 __table_args__ = (
3244 Index('cc_revision_idx', 'revision'),
3245 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3246 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3247 )
3248
3249 COMMENT_OUTDATED = u'comment_outdated'
3250 COMMENT_TYPE_NOTE = u'note'
3251 COMMENT_TYPE_TODO = u'todo'
3252 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3253
3254 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3255 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3256 revision = Column('revision', String(40), nullable=True)
3257 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3258 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3259 line_no = Column('line_no', Unicode(10), nullable=True)
3260 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3261 f_path = Column('f_path', Unicode(1000), nullable=True)
3262 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3263 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3264 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3265 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3266 renderer = Column('renderer', Unicode(64), nullable=True)
3267 display_state = Column('display_state', Unicode(128), nullable=True)
3268
3269 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3270 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3271 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, backref='resolved_by')
3272 author = relationship('User', lazy='joined')
3273 repo = relationship('Repository')
3274 status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan", lazy='joined')
3275 pull_request = relationship('PullRequest', lazy='joined')
3276 pull_request_version = relationship('PullRequestVersion')
3277
3278 @classmethod
3279 def get_users(cls, revision=None, pull_request_id=None):
3280 """
3281 Returns user associated with this ChangesetComment. ie those
3282 who actually commented
3283
3284 :param cls:
3285 :param revision:
3286 """
3287 q = Session().query(User)\
3288 .join(ChangesetComment.author)
3289 if revision:
3290 q = q.filter(cls.revision == revision)
3291 elif pull_request_id:
3292 q = q.filter(cls.pull_request_id == pull_request_id)
3293 return q.all()
3294
3295 @classmethod
3296 def get_index_from_version(cls, pr_version, versions):
3297 num_versions = [x.pull_request_version_id for x in versions]
3298 try:
3299 return num_versions.index(pr_version) +1
3300 except (IndexError, ValueError):
3301 return
3302
3303 @property
3304 def outdated(self):
3305 return self.display_state == self.COMMENT_OUTDATED
3306
3307 def outdated_at_version(self, version):
3308 """
3309 Checks if comment is outdated for given pull request version
3310 """
3311 return self.outdated and self.pull_request_version_id != version
3312
3313 def older_than_version(self, version):
3314 """
3315 Checks if comment is made from previous version than given
3316 """
3317 if version is None:
3318 return self.pull_request_version_id is not None
3319
3320 return self.pull_request_version_id < version
3321
3322 @property
3323 def resolved(self):
3324 return self.resolved_by[0] if self.resolved_by else None
3325
3326 @property
3327 def is_todo(self):
3328 return self.comment_type == self.COMMENT_TYPE_TODO
3329
3330 @property
3331 def is_inline(self):
3332 return self.line_no and self.f_path
3333
3334 def get_index_version(self, versions):
3335 return self.get_index_from_version(
3336 self.pull_request_version_id, versions)
3337
3338 def __repr__(self):
3339 if self.comment_id:
3340 return '<DB:Comment #%s>' % self.comment_id
3341 else:
3342 return '<DB:Comment at %#x>' % id(self)
3343
3344 def get_api_data(self):
3345 comment = self
3346 data = {
3347 'comment_id': comment.comment_id,
3348 'comment_type': comment.comment_type,
3349 'comment_text': comment.text,
3350 'comment_status': comment.status_change,
3351 'comment_f_path': comment.f_path,
3352 'comment_lineno': comment.line_no,
3353 'comment_author': comment.author,
3354 'comment_created_on': comment.created_on
3355 }
3356 return data
3357
3358 def __json__(self):
3359 data = dict()
3360 data.update(self.get_api_data())
3361 return data
3362
3363
3364 class ChangesetStatus(Base, BaseModel):
3365 __tablename__ = 'changeset_statuses'
3366 __table_args__ = (
3367 Index('cs_revision_idx', 'revision'),
3368 Index('cs_version_idx', 'version'),
3369 UniqueConstraint('repo_id', 'revision', 'version'),
3370 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3371 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3372 )
3373 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
3374 STATUS_APPROVED = 'approved'
3375 STATUS_REJECTED = 'rejected'
3376 STATUS_UNDER_REVIEW = 'under_review'
3377
3378 STATUSES = [
3379 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
3380 (STATUS_APPROVED, _("Approved")),
3381 (STATUS_REJECTED, _("Rejected")),
3382 (STATUS_UNDER_REVIEW, _("Under Review")),
3383 ]
3384
3385 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
3386 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3387 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
3388 revision = Column('revision', String(40), nullable=False)
3389 status = Column('status', String(128), nullable=False, default=DEFAULT)
3390 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
3391 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
3392 version = Column('version', Integer(), nullable=False, default=0)
3393 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3394
3395 author = relationship('User', lazy='joined')
3396 repo = relationship('Repository')
3397 comment = relationship('ChangesetComment', lazy='joined')
3398 pull_request = relationship('PullRequest', lazy='joined')
3399
3400 def __unicode__(self):
3401 return u"<%s('%s[v%s]:%s')>" % (
3402 self.__class__.__name__,
3403 self.status, self.version, self.author
3404 )
3405
3406 @classmethod
3407 def get_status_lbl(cls, value):
3408 return dict(cls.STATUSES).get(value)
3409
3410 @property
3411 def status_lbl(self):
3412 return ChangesetStatus.get_status_lbl(self.status)
3413
3414 def get_api_data(self):
3415 status = self
3416 data = {
3417 'status_id': status.changeset_status_id,
3418 'status': status.status,
3419 }
3420 return data
3421
3422 def __json__(self):
3423 data = dict()
3424 data.update(self.get_api_data())
3425 return data
3426
3427
3428 class _PullRequestBase(BaseModel):
3429 """
3430 Common attributes of pull request and version entries.
3431 """
3432
3433 # .status values
3434 STATUS_NEW = u'new'
3435 STATUS_OPEN = u'open'
3436 STATUS_CLOSED = u'closed'
3437
3438 title = Column('title', Unicode(255), nullable=True)
3439 description = Column(
3440 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
3441 nullable=True)
3442 # new/open/closed status of pull request (not approve/reject/etc)
3443 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
3444 created_on = Column(
3445 'created_on', DateTime(timezone=False), nullable=False,
3446 default=datetime.datetime.now)
3447 updated_on = Column(
3448 'updated_on', DateTime(timezone=False), nullable=False,
3449 default=datetime.datetime.now)
3450
3451 @declared_attr
3452 def user_id(cls):
3453 return Column(
3454 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
3455 unique=None)
3456
3457 # 500 revisions max
3458 _revisions = Column(
3459 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
3460
3461 @declared_attr
3462 def source_repo_id(cls):
3463 # TODO: dan: rename column to source_repo_id
3464 return Column(
3465 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3466 nullable=False)
3467
3468 source_ref = Column('org_ref', Unicode(255), nullable=False)
3469
3470 @declared_attr
3471 def target_repo_id(cls):
3472 # TODO: dan: rename column to target_repo_id
3473 return Column(
3474 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3475 nullable=False)
3476
3477 target_ref = Column('other_ref', Unicode(255), nullable=False)
3478 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
3479
3480 # TODO: dan: rename column to last_merge_source_rev
3481 _last_merge_source_rev = Column(
3482 'last_merge_org_rev', String(40), nullable=True)
3483 # TODO: dan: rename column to last_merge_target_rev
3484 _last_merge_target_rev = Column(
3485 'last_merge_other_rev', String(40), nullable=True)
3486 _last_merge_status = Column('merge_status', Integer(), nullable=True)
3487 merge_rev = Column('merge_rev', String(40), nullable=True)
3488
3489 reviewer_data = Column(
3490 'reviewer_data_json', MutationObj.as_mutable(
3491 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3492
3493 @property
3494 def reviewer_data_json(self):
3495 return json.dumps(self.reviewer_data)
3496
3497 @hybrid_property
3498 def description_safe(self):
3499 from rhodecode.lib import helpers as h
3500 return h.escape(self.description)
3501
3502 @hybrid_property
3503 def revisions(self):
3504 return self._revisions.split(':') if self._revisions else []
3505
3506 @revisions.setter
3507 def revisions(self, val):
3508 self._revisions = ':'.join(val)
3509
3510 @hybrid_property
3511 def last_merge_status(self):
3512 return safe_int(self._last_merge_status)
3513
3514 @last_merge_status.setter
3515 def last_merge_status(self, val):
3516 self._last_merge_status = val
3517
3518 @declared_attr
3519 def author(cls):
3520 return relationship('User', lazy='joined')
3521
3522 @declared_attr
3523 def source_repo(cls):
3524 return relationship(
3525 'Repository',
3526 primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
3527
3528 @property
3529 def source_ref_parts(self):
3530 return self.unicode_to_reference(self.source_ref)
3531
3532 @declared_attr
3533 def target_repo(cls):
3534 return relationship(
3535 'Repository',
3536 primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
3537
3538 @property
3539 def target_ref_parts(self):
3540 return self.unicode_to_reference(self.target_ref)
3541
3542 @property
3543 def shadow_merge_ref(self):
3544 return self.unicode_to_reference(self._shadow_merge_ref)
3545
3546 @shadow_merge_ref.setter
3547 def shadow_merge_ref(self, ref):
3548 self._shadow_merge_ref = self.reference_to_unicode(ref)
3549
3550 def unicode_to_reference(self, raw):
3551 """
3552 Convert a unicode (or string) to a reference object.
3553 If unicode evaluates to False it returns None.
3554 """
3555 if raw:
3556 refs = raw.split(':')
3557 return Reference(*refs)
3558 else:
3559 return None
3560
3561 def reference_to_unicode(self, ref):
3562 """
3563 Convert a reference object to unicode.
3564 If reference is None it returns None.
3565 """
3566 if ref:
3567 return u':'.join(ref)
3568 else:
3569 return None
3570
3571 def get_api_data(self, with_merge_state=True):
3572 from rhodecode.model.pull_request import PullRequestModel
3573
3574 pull_request = self
3575 if with_merge_state:
3576 merge_status = PullRequestModel().merge_status(pull_request)
3577 merge_state = {
3578 'status': merge_status[0],
3579 'message': safe_unicode(merge_status[1]),
3580 }
3581 else:
3582 merge_state = {'status': 'not_available',
3583 'message': 'not_available'}
3584
3585 merge_data = {
3586 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
3587 'reference': (
3588 pull_request.shadow_merge_ref._asdict()
3589 if pull_request.shadow_merge_ref else None),
3590 }
3591
3592 data = {
3593 'pull_request_id': pull_request.pull_request_id,
3594 'url': PullRequestModel().get_url(pull_request),
3595 'title': pull_request.title,
3596 'description': pull_request.description,
3597 'status': pull_request.status,
3598 'created_on': pull_request.created_on,
3599 'updated_on': pull_request.updated_on,
3600 'commit_ids': pull_request.revisions,
3601 'review_status': pull_request.calculated_review_status(),
3602 'mergeable': merge_state,
3603 'source': {
3604 'clone_url': pull_request.source_repo.clone_url(),
3605 'repository': pull_request.source_repo.repo_name,
3606 'reference': {
3607 'name': pull_request.source_ref_parts.name,
3608 'type': pull_request.source_ref_parts.type,
3609 'commit_id': pull_request.source_ref_parts.commit_id,
3610 },
3611 },
3612 'target': {
3613 'clone_url': pull_request.target_repo.clone_url(),
3614 'repository': pull_request.target_repo.repo_name,
3615 'reference': {
3616 'name': pull_request.target_ref_parts.name,
3617 'type': pull_request.target_ref_parts.type,
3618 'commit_id': pull_request.target_ref_parts.commit_id,
3619 },
3620 },
3621 'merge': merge_data,
3622 'author': pull_request.author.get_api_data(include_secrets=False,
3623 details='basic'),
3624 'reviewers': [
3625 {
3626 'user': reviewer.get_api_data(include_secrets=False,
3627 details='basic'),
3628 'reasons': reasons,
3629 'review_status': st[0][1].status if st else 'not_reviewed',
3630 }
3631 for obj, reviewer, reasons, mandatory, st in
3632 pull_request.reviewers_statuses()
3633 ]
3634 }
3635
3636 return data
3637
3638
3639 class PullRequest(Base, _PullRequestBase):
3640 __tablename__ = 'pull_requests'
3641 __table_args__ = (
3642 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3643 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3644 )
3645
3646 pull_request_id = Column(
3647 'pull_request_id', Integer(), nullable=False, primary_key=True)
3648
3649 def __repr__(self):
3650 if self.pull_request_id:
3651 return '<DB:PullRequest #%s>' % self.pull_request_id
3652 else:
3653 return '<DB:PullRequest at %#x>' % id(self)
3654
3655 reviewers = relationship('PullRequestReviewers',
3656 cascade="all, delete, delete-orphan")
3657 statuses = relationship('ChangesetStatus',
3658 cascade="all, delete, delete-orphan")
3659 comments = relationship('ChangesetComment',
3660 cascade="all, delete, delete-orphan")
3661 versions = relationship('PullRequestVersion',
3662 cascade="all, delete, delete-orphan",
3663 lazy='dynamic')
3664
3665 @classmethod
3666 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
3667 internal_methods=None):
3668
3669 class PullRequestDisplay(object):
3670 """
3671 Special object wrapper for showing PullRequest data via Versions
3672 It mimics PR object as close as possible. This is read only object
3673 just for display
3674 """
3675
3676 def __init__(self, attrs, internal=None):
3677 self.attrs = attrs
3678 # internal have priority over the given ones via attrs
3679 self.internal = internal or ['versions']
3680
3681 def __getattr__(self, item):
3682 if item in self.internal:
3683 return getattr(self, item)
3684 try:
3685 return self.attrs[item]
3686 except KeyError:
3687 raise AttributeError(
3688 '%s object has no attribute %s' % (self, item))
3689
3690 def __repr__(self):
3691 return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
3692
3693 def versions(self):
3694 return pull_request_obj.versions.order_by(
3695 PullRequestVersion.pull_request_version_id).all()
3696
3697 def is_closed(self):
3698 return pull_request_obj.is_closed()
3699
3700 @property
3701 def pull_request_version_id(self):
3702 return getattr(pull_request_obj, 'pull_request_version_id', None)
3703
3704 attrs = StrictAttributeDict(pull_request_obj.get_api_data())
3705
3706 attrs.author = StrictAttributeDict(
3707 pull_request_obj.author.get_api_data())
3708 if pull_request_obj.target_repo:
3709 attrs.target_repo = StrictAttributeDict(
3710 pull_request_obj.target_repo.get_api_data())
3711 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
3712
3713 if pull_request_obj.source_repo:
3714 attrs.source_repo = StrictAttributeDict(
3715 pull_request_obj.source_repo.get_api_data())
3716 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
3717
3718 attrs.source_ref_parts = pull_request_obj.source_ref_parts
3719 attrs.target_ref_parts = pull_request_obj.target_ref_parts
3720 attrs.revisions = pull_request_obj.revisions
3721
3722 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
3723 attrs.reviewer_data = org_pull_request_obj.reviewer_data
3724 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
3725
3726 return PullRequestDisplay(attrs, internal=internal_methods)
3727
3728 def is_closed(self):
3729 return self.status == self.STATUS_CLOSED
3730
3731 def __json__(self):
3732 return {
3733 'revisions': self.revisions,
3734 }
3735
3736 def calculated_review_status(self):
3737 from rhodecode.model.changeset_status import ChangesetStatusModel
3738 return ChangesetStatusModel().calculated_review_status(self)
3739
3740 def reviewers_statuses(self):
3741 from rhodecode.model.changeset_status import ChangesetStatusModel
3742 return ChangesetStatusModel().reviewers_statuses(self)
3743
3744 @property
3745 def workspace_id(self):
3746 from rhodecode.model.pull_request import PullRequestModel
3747 return PullRequestModel()._workspace_id(self)
3748
3749 def get_shadow_repo(self):
3750 workspace_id = self.workspace_id
3751 vcs_obj = self.target_repo.scm_instance()
3752 shadow_repository_path = vcs_obj._get_shadow_repository_path(
3753 workspace_id)
3754 return vcs_obj._get_shadow_instance(shadow_repository_path)
3755
3756
3757 class PullRequestVersion(Base, _PullRequestBase):
3758 __tablename__ = 'pull_request_versions'
3759 __table_args__ = (
3760 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3761 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3762 )
3763
3764 pull_request_version_id = Column(
3765 'pull_request_version_id', Integer(), nullable=False, primary_key=True)
3766 pull_request_id = Column(
3767 'pull_request_id', Integer(),
3768 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3769 pull_request = relationship('PullRequest')
3770
3771 def __repr__(self):
3772 if self.pull_request_version_id:
3773 return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
3774 else:
3775 return '<DB:PullRequestVersion at %#x>' % id(self)
3776
3777 @property
3778 def reviewers(self):
3779 return self.pull_request.reviewers
3780
3781 @property
3782 def versions(self):
3783 return self.pull_request.versions
3784
3785 def is_closed(self):
3786 # calculate from original
3787 return self.pull_request.status == self.STATUS_CLOSED
3788
3789 def calculated_review_status(self):
3790 return self.pull_request.calculated_review_status()
3791
3792 def reviewers_statuses(self):
3793 return self.pull_request.reviewers_statuses()
3794
3795
3796 class PullRequestReviewers(Base, BaseModel):
3797 __tablename__ = 'pull_request_reviewers'
3798 __table_args__ = (
3799 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3800 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3801 )
3802
3803 @hybrid_property
3804 def reasons(self):
3805 if not self._reasons:
3806 return []
3807 return self._reasons
3808
3809 @reasons.setter
3810 def reasons(self, val):
3811 val = val or []
3812 if any(not isinstance(x, basestring) for x in val):
3813 raise Exception('invalid reasons type, must be list of strings')
3814 self._reasons = val
3815
3816 pull_requests_reviewers_id = Column(
3817 'pull_requests_reviewers_id', Integer(), nullable=False,
3818 primary_key=True)
3819 pull_request_id = Column(
3820 "pull_request_id", Integer(),
3821 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3822 user_id = Column(
3823 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
3824 _reasons = Column(
3825 'reason', MutationList.as_mutable(
3826 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
3827
3828 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
3829 user = relationship('User')
3830 pull_request = relationship('PullRequest')
3831
3832 rule_data = Column(
3833 'rule_data_json',
3834 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
3835
3836 def rule_user_group_data(self):
3837 """
3838 Returns the voting user group rule data for this reviewer
3839 """
3840
3841 if self.rule_data and 'vote_rule' in self.rule_data:
3842 user_group_data = {}
3843 if 'rule_user_group_entry_id' in self.rule_data:
3844 # means a group with voting rules !
3845 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
3846 user_group_data['name'] = self.rule_data['rule_name']
3847 user_group_data['vote_rule'] = self.rule_data['vote_rule']
3848
3849 return user_group_data
3850
3851 def __unicode__(self):
3852 return u"<%s('id:%s')>" % (self.__class__.__name__,
3853 self.pull_requests_reviewers_id)
3854
3855
3856 class Notification(Base, BaseModel):
3857 __tablename__ = 'notifications'
3858 __table_args__ = (
3859 Index('notification_type_idx', 'type'),
3860 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3861 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3862 )
3863
3864 TYPE_CHANGESET_COMMENT = u'cs_comment'
3865 TYPE_MESSAGE = u'message'
3866 TYPE_MENTION = u'mention'
3867 TYPE_REGISTRATION = u'registration'
3868 TYPE_PULL_REQUEST = u'pull_request'
3869 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
3870
3871 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
3872 subject = Column('subject', Unicode(512), nullable=True)
3873 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
3874 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
3875 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3876 type_ = Column('type', Unicode(255))
3877
3878 created_by_user = relationship('User')
3879 notifications_to_users = relationship('UserNotification', lazy='joined',
3880 cascade="all, delete, delete-orphan")
3881
3882 @property
3883 def recipients(self):
3884 return [x.user for x in UserNotification.query()\
3885 .filter(UserNotification.notification == self)\
3886 .order_by(UserNotification.user_id.asc()).all()]
3887
3888 @classmethod
3889 def create(cls, created_by, subject, body, recipients, type_=None):
3890 if type_ is None:
3891 type_ = Notification.TYPE_MESSAGE
3892
3893 notification = cls()
3894 notification.created_by_user = created_by
3895 notification.subject = subject
3896 notification.body = body
3897 notification.type_ = type_
3898 notification.created_on = datetime.datetime.now()
3899
3900 for u in recipients:
3901 assoc = UserNotification()
3902 assoc.notification = notification
3903
3904 # if created_by is inside recipients mark his notification
3905 # as read
3906 if u.user_id == created_by.user_id:
3907 assoc.read = True
3908
3909 u.notifications.append(assoc)
3910 Session().add(notification)
3911
3912 return notification
3913
3914
3915 class UserNotification(Base, BaseModel):
3916 __tablename__ = 'user_to_notification'
3917 __table_args__ = (
3918 UniqueConstraint('user_id', 'notification_id'),
3919 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3920 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3921 )
3922 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
3923 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
3924 read = Column('read', Boolean, default=False)
3925 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
3926
3927 user = relationship('User', lazy="joined")
3928 notification = relationship('Notification', lazy="joined",
3929 order_by=lambda: Notification.created_on.desc(),)
3930
3931 def mark_as_read(self):
3932 self.read = True
3933 Session().add(self)
3934
3935
3936 class Gist(Base, BaseModel):
3937 __tablename__ = 'gists'
3938 __table_args__ = (
3939 Index('g_gist_access_id_idx', 'gist_access_id'),
3940 Index('g_created_on_idx', 'created_on'),
3941 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3942 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3943 )
3944 GIST_PUBLIC = u'public'
3945 GIST_PRIVATE = u'private'
3946 DEFAULT_FILENAME = u'gistfile1.txt'
3947
3948 ACL_LEVEL_PUBLIC = u'acl_public'
3949 ACL_LEVEL_PRIVATE = u'acl_private'
3950
3951 gist_id = Column('gist_id', Integer(), primary_key=True)
3952 gist_access_id = Column('gist_access_id', Unicode(250))
3953 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
3954 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
3955 gist_expires = Column('gist_expires', Float(53), nullable=False)
3956 gist_type = Column('gist_type', Unicode(128), nullable=False)
3957 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3958 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3959 acl_level = Column('acl_level', Unicode(128), nullable=True)
3960
3961 owner = relationship('User')
3962
3963 def __repr__(self):
3964 return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
3965
3966 @hybrid_property
3967 def description_safe(self):
3968 from rhodecode.lib import helpers as h
3969 return h.escape(self.gist_description)
3970
3971 @classmethod
3972 def get_or_404(cls, id_):
3973 from pyramid.httpexceptions import HTTPNotFound
3974
3975 res = cls.query().filter(cls.gist_access_id == id_).scalar()
3976 if not res:
3977 raise HTTPNotFound()
3978 return res
3979
3980 @classmethod
3981 def get_by_access_id(cls, gist_access_id):
3982 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
3983
3984 def gist_url(self):
3985 from rhodecode.model.gist import GistModel
3986 return GistModel().get_url(self)
3987
3988 @classmethod
3989 def base_path(cls):
3990 """
3991 Returns base path when all gists are stored
3992
3993 :param cls:
3994 """
3995 from rhodecode.model.gist import GIST_STORE_LOC
3996 q = Session().query(RhodeCodeUi)\
3997 .filter(RhodeCodeUi.ui_key == URL_SEP)
3998 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
3999 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
4000
4001 def get_api_data(self):
4002 """
4003 Common function for generating gist related data for API
4004 """
4005 gist = self
4006 data = {
4007 'gist_id': gist.gist_id,
4008 'type': gist.gist_type,
4009 'access_id': gist.gist_access_id,
4010 'description': gist.gist_description,
4011 'url': gist.gist_url(),
4012 'expires': gist.gist_expires,
4013 'created_on': gist.created_on,
4014 'modified_at': gist.modified_at,
4015 'content': None,
4016 'acl_level': gist.acl_level,
4017 }
4018 return data
4019
4020 def __json__(self):
4021 data = dict(
4022 )
4023 data.update(self.get_api_data())
4024 return data
4025 # SCM functions
4026
4027 def scm_instance(self, **kwargs):
4028 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
4029 return get_vcs_instance(
4030 repo_path=safe_str(full_repo_path), create=False)
4031
4032
4033 class ExternalIdentity(Base, BaseModel):
4034 __tablename__ = 'external_identities'
4035 __table_args__ = (
4036 Index('local_user_id_idx', 'local_user_id'),
4037 Index('external_id_idx', 'external_id'),
4038 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4039 'mysql_charset': 'utf8'})
4040
4041 external_id = Column('external_id', Unicode(255), default=u'',
4042 primary_key=True)
4043 external_username = Column('external_username', Unicode(1024), default=u'')
4044 local_user_id = Column('local_user_id', Integer(),
4045 ForeignKey('users.user_id'), primary_key=True)
4046 provider_name = Column('provider_name', Unicode(255), default=u'',
4047 primary_key=True)
4048 access_token = Column('access_token', String(1024), default=u'')
4049 alt_token = Column('alt_token', String(1024), default=u'')
4050 token_secret = Column('token_secret', String(1024), default=u'')
4051
4052 @classmethod
4053 def by_external_id_and_provider(cls, external_id, provider_name,
4054 local_user_id=None):
4055 """
4056 Returns ExternalIdentity instance based on search params
4057
4058 :param external_id:
4059 :param provider_name:
4060 :return: ExternalIdentity
4061 """
4062 query = cls.query()
4063 query = query.filter(cls.external_id == external_id)
4064 query = query.filter(cls.provider_name == provider_name)
4065 if local_user_id:
4066 query = query.filter(cls.local_user_id == local_user_id)
4067 return query.first()
4068
4069 @classmethod
4070 def user_by_external_id_and_provider(cls, external_id, provider_name):
4071 """
4072 Returns User instance based on search params
4073
4074 :param external_id:
4075 :param provider_name:
4076 :return: User
4077 """
4078 query = User.query()
4079 query = query.filter(cls.external_id == external_id)
4080 query = query.filter(cls.provider_name == provider_name)
4081 query = query.filter(User.user_id == cls.local_user_id)
4082 return query.first()
4083
4084 @classmethod
4085 def by_local_user_id(cls, local_user_id):
4086 """
4087 Returns all tokens for user
4088
4089 :param local_user_id:
4090 :return: ExternalIdentity
4091 """
4092 query = cls.query()
4093 query = query.filter(cls.local_user_id == local_user_id)
4094 return query
4095
4096
4097 class Integration(Base, BaseModel):
4098 __tablename__ = 'integrations'
4099 __table_args__ = (
4100 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4101 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
4102 )
4103
4104 integration_id = Column('integration_id', Integer(), primary_key=True)
4105 integration_type = Column('integration_type', String(255))
4106 enabled = Column('enabled', Boolean(), nullable=False)
4107 name = Column('name', String(255), nullable=False)
4108 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
4109 default=False)
4110
4111 settings = Column(
4112 'settings_json', MutationObj.as_mutable(
4113 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4114 repo_id = Column(
4115 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
4116 nullable=True, unique=None, default=None)
4117 repo = relationship('Repository', lazy='joined')
4118
4119 repo_group_id = Column(
4120 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
4121 nullable=True, unique=None, default=None)
4122 repo_group = relationship('RepoGroup', lazy='joined')
4123
4124 @property
4125 def scope(self):
4126 if self.repo:
4127 return repr(self.repo)
4128 if self.repo_group:
4129 if self.child_repos_only:
4130 return repr(self.repo_group) + ' (child repos only)'
4131 else:
4132 return repr(self.repo_group) + ' (recursive)'
4133 if self.child_repos_only:
4134 return 'root_repos'
4135 return 'global'
4136
4137 def __repr__(self):
4138 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
4139
4140
4141 class RepoReviewRuleUser(Base, BaseModel):
4142 __tablename__ = 'repo_review_rules_users'
4143 __table_args__ = (
4144 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4145 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4146 )
4147
4148 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
4149 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4150 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
4151 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4152 user = relationship('User')
4153
4154 def rule_data(self):
4155 return {
4156 'mandatory': self.mandatory
4157 }
4158
4159
4160 class RepoReviewRuleUserGroup(Base, BaseModel):
4161 __tablename__ = 'repo_review_rules_users_groups'
4162 __table_args__ = (
4163 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4164 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4165 )
4166 VOTE_RULE_ALL = -1
4167
4168 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
4169 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4170 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
4171 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4172 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
4173 users_group = relationship('UserGroup')
4174
4175 def rule_data(self):
4176 return {
4177 'mandatory': self.mandatory,
4178 'vote_rule': self.vote_rule
4179 }
4180
4181 @property
4182 def vote_rule_label(self):
4183 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
4184 return 'all must vote'
4185 else:
4186 return 'min. vote {}'.format(self.vote_rule)
4187
4188
4189 class RepoReviewRule(Base, BaseModel):
4190 __tablename__ = 'repo_review_rules'
4191 __table_args__ = (
4192 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4193 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4194 )
4195
4196 repo_review_rule_id = Column(
4197 'repo_review_rule_id', Integer(), primary_key=True)
4198 repo_id = Column(
4199 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
4200 repo = relationship('Repository', backref='review_rules')
4201
4202 review_rule_name = Column('review_rule_name', String(255))
4203 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4204 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4205 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4206
4207 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
4208 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
4209 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
4210 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
4211
4212 rule_users = relationship('RepoReviewRuleUser')
4213 rule_user_groups = relationship('RepoReviewRuleUserGroup')
4214
4215 def _validate_glob(self, value):
4216 re.compile('^' + glob2re(value) + '$')
4217
4218 @hybrid_property
4219 def source_branch_pattern(self):
4220 return self._branch_pattern or '*'
4221
4222 @source_branch_pattern.setter
4223 def source_branch_pattern(self, value):
4224 self._validate_glob(value)
4225 self._branch_pattern = value or '*'
4226
4227 @hybrid_property
4228 def target_branch_pattern(self):
4229 return self._target_branch_pattern or '*'
4230
4231 @target_branch_pattern.setter
4232 def target_branch_pattern(self, value):
4233 self._validate_glob(value)
4234 self._target_branch_pattern = value or '*'
4235
4236 @hybrid_property
4237 def file_pattern(self):
4238 return self._file_pattern or '*'
4239
4240 @file_pattern.setter
4241 def file_pattern(self, value):
4242 self._validate_glob(value)
4243 self._file_pattern = value or '*'
4244
4245 def matches(self, source_branch, target_branch, files_changed):
4246 """
4247 Check if this review rule matches a branch/files in a pull request
4248
4249 :param source_branch: source branch name for the commit
4250 :param target_branch: target branch name for the commit
4251 :param files_changed: list of file paths changed in the pull request
4252 """
4253
4254 source_branch = source_branch or ''
4255 target_branch = target_branch or ''
4256 files_changed = files_changed or []
4257
4258 branch_matches = True
4259 if source_branch or target_branch:
4260 if self.source_branch_pattern == '*':
4261 source_branch_match = True
4262 else:
4263 source_branch_regex = re.compile(
4264 '^' + glob2re(self.source_branch_pattern) + '$')
4265 source_branch_match = bool(source_branch_regex.search(source_branch))
4266 if self.target_branch_pattern == '*':
4267 target_branch_match = True
4268 else:
4269 target_branch_regex = re.compile(
4270 '^' + glob2re(self.target_branch_pattern) + '$')
4271 target_branch_match = bool(target_branch_regex.search(target_branch))
4272
4273 branch_matches = source_branch_match and target_branch_match
4274
4275 files_matches = True
4276 if self.file_pattern != '*':
4277 files_matches = False
4278 file_regex = re.compile(glob2re(self.file_pattern))
4279 for filename in files_changed:
4280 if file_regex.search(filename):
4281 files_matches = True
4282 break
4283
4284 return branch_matches and files_matches
4285
4286 @property
4287 def review_users(self):
4288 """ Returns the users which this rule applies to """
4289
4290 users = collections.OrderedDict()
4291
4292 for rule_user in self.rule_users:
4293 if rule_user.user.active:
4294 if rule_user.user not in users:
4295 users[rule_user.user.username] = {
4296 'user': rule_user.user,
4297 'source': 'user',
4298 'source_data': {},
4299 'data': rule_user.rule_data()
4300 }
4301
4302 for rule_user_group in self.rule_user_groups:
4303 source_data = {
4304 'user_group_id': rule_user_group.users_group.users_group_id,
4305 'name': rule_user_group.users_group.users_group_name,
4306 'members': len(rule_user_group.users_group.members)
4307 }
4308 for member in rule_user_group.users_group.members:
4309 if member.user.active:
4310 key = member.user.username
4311 if key in users:
4312 # skip this member as we have him already
4313 # this prevents from override the "first" matched
4314 # users with duplicates in multiple groups
4315 continue
4316
4317 users[key] = {
4318 'user': member.user,
4319 'source': 'user_group',
4320 'source_data': source_data,
4321 'data': rule_user_group.rule_data()
4322 }
4323
4324 return users
4325
4326 def user_group_vote_rule(self):
4327 rules = []
4328 if self.rule_user_groups:
4329 for user_group in self.rule_user_groups:
4330 rules.append(user_group)
4331 return rules
4332
4333 def __repr__(self):
4334 return '<RepoReviewerRule(id=%r, repo=%r)>' % (
4335 self.repo_review_rule_id, self.repo)
4336
4337
4338 class ScheduleEntry(Base, BaseModel):
4339 __tablename__ = 'schedule_entries'
4340 __table_args__ = (
4341 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
4342 UniqueConstraint('task_uid', name='s_task_uid_idx'),
4343 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4344 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
4345 )
4346 schedule_types = ['crontab', 'timedelta', 'integer']
4347 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
4348
4349 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
4350 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
4351 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
4352
4353 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
4354 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
4355
4356 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
4357 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
4358
4359 # task
4360 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
4361 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
4362 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
4363 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
4364
4365 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4366 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
4367
4368 @hybrid_property
4369 def schedule_type(self):
4370 return self._schedule_type
4371
4372 @schedule_type.setter
4373 def schedule_type(self, val):
4374 if val not in self.schedule_types:
4375 raise ValueError('Value must be on of `{}` and got `{}`'.format(
4376 val, self.schedule_type))
4377
4378 self._schedule_type = val
4379
4380 @classmethod
4381 def get_uid(cls, obj):
4382 args = obj.task_args
4383 kwargs = obj.task_kwargs
4384 if isinstance(args, JsonRaw):
4385 try:
4386 args = json.loads(args)
4387 except ValueError:
4388 args = tuple()
4389
4390 if isinstance(kwargs, JsonRaw):
4391 try:
4392 kwargs = json.loads(kwargs)
4393 except ValueError:
4394 kwargs = dict()
4395
4396 dot_notation = obj.task_dot_notation
4397 val = '.'.join(map(safe_str, [
4398 sorted(dot_notation), args, sorted(kwargs.items())]))
4399 return hashlib.sha1(val).hexdigest()
4400
4401 @classmethod
4402 def get_by_schedule_name(cls, schedule_name):
4403 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
4404
4405 @classmethod
4406 def get_by_schedule_id(cls, schedule_id):
4407 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
4408
4409 @property
4410 def task(self):
4411 return self.task_dot_notation
4412
4413 @property
4414 def schedule(self):
4415 from rhodecode.lib.celerylib.utils import raw_2_schedule
4416 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
4417 return schedule
4418
4419 @property
4420 def args(self):
4421 try:
4422 return list(self.task_args or [])
4423 except ValueError:
4424 return list()
4425
4426 @property
4427 def kwargs(self):
4428 try:
4429 return dict(self.task_kwargs or {})
4430 except ValueError:
4431 return dict()
4432
4433 def _as_raw(self, val):
4434 if hasattr(val, 'de_coerce'):
4435 val = val.de_coerce()
4436 if val:
4437 val = json.dumps(val)
4438
4439 return val
4440
4441 @property
4442 def schedule_definition_raw(self):
4443 return self._as_raw(self.schedule_definition)
4444
4445 @property
4446 def args_raw(self):
4447 return self._as_raw(self.task_args)
4448
4449 @property
4450 def kwargs_raw(self):
4451 return self._as_raw(self.task_kwargs)
4452
4453 def __repr__(self):
4454 return '<DB:ScheduleEntry({}:{})>'.format(
4455 self.schedule_entry_id, self.schedule_name)
4456
4457
4458 @event.listens_for(ScheduleEntry, 'before_update')
4459 def update_task_uid(mapper, connection, target):
4460 target.task_uid = ScheduleEntry.get_uid(target)
4461
4462
4463 @event.listens_for(ScheduleEntry, 'before_insert')
4464 def set_task_uid(mapper, connection, target):
4465 target.task_uid = ScheduleEntry.get_uid(target)
4466
4467
4468 class _BaseBranchPerms(BaseModel):
4469 @classmethod
4470 def compute_hash(cls, value):
4471 return md5_safe(value)
4472
4473 @hybrid_property
4474 def branch_pattern(self):
4475 return self._branch_pattern or '*'
4476
4477 @hybrid_property
4478 def branch_hash(self):
4479 return self._branch_hash
4480
4481 def _validate_glob(self, value):
4482 re.compile('^' + glob2re(value) + '$')
4483
4484 @branch_pattern.setter
4485 def branch_pattern(self, value):
4486 self._validate_glob(value)
4487 self._branch_pattern = value or '*'
4488 # set the Hash when setting the branch pattern
4489 self._branch_hash = self.compute_hash(self._branch_pattern)
4490
4491 def matches(self, branch):
4492 """
4493 Check if this the branch matches entry
4494
4495 :param branch: branch name for the commit
4496 """
4497
4498 branch = branch or ''
4499
4500 branch_matches = True
4501 if branch:
4502 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
4503 branch_matches = bool(branch_regex.search(branch))
4504
4505 return branch_matches
4506
4507
4508 class UserToRepoBranchPermission(Base, _BaseBranchPerms):
4509 __tablename__ = 'user_to_repo_branch_permissions'
4510 __table_args__ = (
4511 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4512 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4513 )
4514
4515 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
4516
4517 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
4518 repo = relationship('Repository', backref='user_branch_perms')
4519
4520 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
4521 permission = relationship('Permission')
4522
4523 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
4524 user_repo_to_perm = relationship('UserRepoToPerm')
4525
4526 rule_order = Column('rule_order', Integer(), nullable=False)
4527 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
4528 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
4529
4530 def __unicode__(self):
4531 return u'<UserBranchPermission(%s => %r)>' % (
4532 self.user_repo_to_perm, self.branch_pattern)
4533
4534
4535 class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
4536 __tablename__ = 'user_group_to_repo_branch_permissions'
4537 __table_args__ = (
4538 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4539 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4540 )
4541
4542 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
4543
4544 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
4545 repo = relationship('Repository', backref='user_group_branch_perms')
4546
4547 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
4548 permission = relationship('Permission')
4549
4550 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
4551 user_group_repo_to_perm = relationship('UserGroupRepoToPerm')
4552
4553 rule_order = Column('rule_order', Integer(), nullable=False)
4554 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
4555 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
4556
4557 def __unicode__(self):
4558 return u'<UserBranchPermission(%s => %r)>' % (
4559 self.user_group_repo_to_perm, self.branch_pattern)
4560
4561
4562 class DbMigrateVersion(Base, BaseModel):
4563 __tablename__ = 'db_migrate_version'
4564 __table_args__ = (
4565 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4566 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
4567 )
4568 repository_id = Column('repository_id', String(250), primary_key=True)
4569 repository_path = Column('repository_path', Text)
4570 version = Column('version', Integer)
4571
4572
4573 class DbSession(Base, BaseModel):
4574 __tablename__ = 'db_session'
4575 __table_args__ = (
4576 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4577 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
4578 )
4579
4580 def __repr__(self):
4581 return '<DB:DbSession({})>'.format(self.id)
4582
4583 id = Column('id', Integer())
4584 namespace = Column('namespace', String(255), primary_key=True)
4585 accessed = Column('accessed', DateTime, nullable=False)
4586 created = Column('created', DateTime, nullable=False)
4587 data = Column('data', PickleType, nullable=False)
Show file before | Show file after | Hide comments
@@ -0,0 +1,46 b''
1 import logging
2
3 from sqlalchemy import *
4 from sqlalchemy.engine import reflection
5 from sqlalchemy.dialects.mysql import LONGTEXT
6
7 from alembic.migration import MigrationContext
8 from alembic.operations import Operations
9
10 from rhodecode.lib.dbmigrate.utils import create_default_permissions, \
11 create_default_object_permission
12 from rhodecode.model import meta
13 from rhodecode.lib.dbmigrate.versions import _reset_base, notify
14
15 log = logging.getLogger(__name__)
16
17
18 def upgrade(migrate_engine):
19 """
20 Upgrade operations go here.
21 Don't create your own engine; bind migrate_engine to your metadata
22 """
23 _reset_base(migrate_engine)
24 from rhodecode.lib.dbmigrate.schema import db_4_13_0_0 as db
25
26 # issue fixups
27 fixups(db, meta.Session)
28
29
30 def downgrade(migrate_engine):
31 meta = MetaData()
32 meta.bind = migrate_engine
33
34
35 def fixups(models, _SESSION):
36 # create default permissions
37 create_default_permissions(_SESSION, models)
38 log.info('created default global permissions definitions')
39 _SESSION().commit()
40
41 # # fix default object permissions
42 # create_default_object_permission(_SESSION, models)
43
44 log.info('created default permission')
45 _SESSION().commit()
46
Show file before | Show file after | Hide comments
@@ -0,0 +1,39 b''
1 import logging
2
3 from sqlalchemy import *
4 from sqlalchemy.engine import reflection
5 from sqlalchemy.dialects.mysql import LONGTEXT
6
7 from alembic.migration import MigrationContext
8 from alembic.operations import Operations
9
10 from rhodecode.model import meta
11 from rhodecode.lib.dbmigrate.versions import _reset_base, notify
12
13 log = logging.getLogger(__name__)
14
15
16 def upgrade(migrate_engine):
17 """
18 Upgrade operations go here.
19 Don't create your own engine; bind migrate_engine to your metadata
20 """
21 _reset_base(migrate_engine)
22 from rhodecode.lib.dbmigrate.schema import db_4_13_0_0 as db
23
24 db.UserToRepoBranchPermission.__table__.create()
25 db.UserGroupToRepoBranchPermission.__table__.create()
26
27 # issue fixups
28 fixups(db, meta.Session)
29
30
31 def downgrade(migrate_engine):
32 meta = MetaData()
33 meta.bind = migrate_engine
34
35
36 def fixups(models, _SESSION):
37 pass
38
39
Show file before | Show file after | Hide comments
@@ -0,0 +1,43 b''
1 import logging
2
3 from sqlalchemy import *
4
5 from rhodecode.lib.dbmigrate.utils import (
6 create_default_object_permission, create_default_permissions)
7
8 from rhodecode.model import meta
9 from rhodecode.lib.dbmigrate.versions import _reset_base, notify
10
11 log = logging.getLogger(__name__)
12
13
14 def upgrade(migrate_engine):
15 """
16 Upgrade operations go here.
17 Don't create your own engine; bind migrate_engine to your metadata
18 """
19 _reset_base(migrate_engine)
20 from rhodecode.lib.dbmigrate.schema import db_4_13_0_0 as db
21
22 # issue fixups
23 fixups(db, meta.Session)
24
25
26 def downgrade(migrate_engine):
27 meta = MetaData()
28 meta.bind = migrate_engine
29
30
31 def fixups(models, _SESSION):
32 # create default permissions
33 create_default_permissions(_SESSION, models)
34 log.info('created default global permissions definitions')
35 _SESSION().commit()
36
37 # fix default object permissions
38 create_default_object_permission(_SESSION, models)
39
40 log.info('created default permission')
41 _SESSION().commit()
42
43
Show file before | Show file after | Hide comments
@@ -0,0 +1,9 b''
1 <div class="panel panel-default">
2 <div class="panel-heading">
3 <h3 class="panel-title">${_('Default Permissions for Branches.')}</h3>
4 </div>
5 <div class="panel-body">
6 <h4>${_('This feature is available in RhodeCode EE edition only. Contact {sales_email} to obtain a trial license.').format(sales_email='<a href="mailto:sales@rhodecode.com">sales@rhodecode.com</a>')|n}</h4>
7 <img style="width: 100%; height: 100%" src="${h.asset('images/ee_features/admin_branch_permissions.png')}"/>
8 </div>
9 </div>
Show file before | Show file after | Hide comments
@@ -0,0 +1,9 b''
1 <div class="panel panel-default">
2 <div class="panel-heading">
3 <h3 class="panel-title">${_('Repository Branch Permissions.')}</h3>
4 </div>
5 <div class="panel-body">
6 <h4>${_('This feature is available in RhodeCode EE edition only. Contact {sales_email} to obtain a trial license.').format(sales_email='<a href="mailto:sales@rhodecode.com">sales@rhodecode.com</a>')|n}</h4>
7 <img style="width: 100%; height: 100%" src="${h.asset('images/ee_features/repo_branch_permissions.png')}"/>
8 </div>
9 </div>
Show file before | Show file after | Hide comments
@@ -1,63 +1,63 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2018 RhodeCode GmbH
3 # Copyright (C) 2010-2018 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 """
21 """
22
22
23 RhodeCode, a web based repository management software
23 RhodeCode, a web based repository management software
24 versioning implementation: http://www.python.org/dev/peps/pep-0386/
24 versioning implementation: http://www.python.org/dev/peps/pep-0386/
25 """
25 """
26
26
27 import os
27 import os
28 import sys
28 import sys
29 import platform
29 import platform
30
30
31 VERSION = tuple(open(os.path.join(
31 VERSION = tuple(open(os.path.join(
32 os.path.dirname(__file__), 'VERSION')).read().split('.'))
32 os.path.dirname(__file__), 'VERSION')).read().split('.'))
33
33
34 BACKENDS = {
34 BACKENDS = {
35 'hg': 'Mercurial repository',
35 'hg': 'Mercurial repository',
36 'git': 'Git repository',
36 'git': 'Git repository',
37 'svn': 'Subversion repository',
37 'svn': 'Subversion repository',
38 }
38 }
39
39
40 CELERY_ENABLED = False
40 CELERY_ENABLED = False
41 CELERY_EAGER = False
41 CELERY_EAGER = False
42
42
43 # link to config for pyramid
43 # link to config for pyramid
44 CONFIG = {}
44 CONFIG = {}
45
45
46 # Populated with the settings dictionary from application init in
46 # Populated with the settings dictionary from application init in
47 # rhodecode.conf.environment.load_pyramid_environment
47 # rhodecode.conf.environment.load_pyramid_environment
48 PYRAMID_SETTINGS = {}
48 PYRAMID_SETTINGS = {}
49
49
50 # Linked module for extensions
50 # Linked module for extensions
51 EXTENSIONS = {}
51 EXTENSIONS = {}
52
52
53 __version__ = ('.'.join((str(each) for each in VERSION[:3])))
53 __version__ = ('.'.join((str(each) for each in VERSION[:3])))
54 __dbversion__ = 87 # defines current db version for migrations
54 __dbversion__ = 90 # defines current db version for migrations
55 __platform__ = platform.system()
55 __platform__ = platform.system()
56 __license__ = 'AGPLv3, and Commercial License'
56 __license__ = 'AGPLv3, and Commercial License'
57 __author__ = 'RhodeCode GmbH'
57 __author__ = 'RhodeCode GmbH'
58 __url__ = 'https://code.rhodecode.com'
58 __url__ = 'https://code.rhodecode.com'
59
59
60 is_windows = __platform__ in ['Windows']
60 is_windows = __platform__ in ['Windows']
61 is_unix = not is_windows
61 is_unix = not is_windows
62 is_test = False
62 is_test = False
63 disable_error_handler = False
63 disable_error_handler = False
Show file before | Show file after | Hide comments
@@ -1,439 +1,444 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2016-2018 RhodeCode GmbH
3 # Copyright (C) 2016-2018 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21
21
22 from rhodecode.apps._base import ADMIN_PREFIX
22 from rhodecode.apps._base import ADMIN_PREFIX
23
23
24
24
25 def admin_routes(config):
25 def admin_routes(config):
26 """
26 """
27 Admin prefixed routes
27 Admin prefixed routes
28 """
28 """
29
29
30 config.add_route(
30 config.add_route(
31 name='admin_audit_logs',
31 name='admin_audit_logs',
32 pattern='/audit_logs')
32 pattern='/audit_logs')
33
33
34 config.add_route(
34 config.add_route(
35 name='admin_audit_log_entry',
35 name='admin_audit_log_entry',
36 pattern='/audit_logs/{audit_log_id}')
36 pattern='/audit_logs/{audit_log_id}')
37
37
38 config.add_route(
38 config.add_route(
39 name='pull_requests_global_0', # backward compat
39 name='pull_requests_global_0', # backward compat
40 pattern='/pull_requests/{pull_request_id:\d+}')
40 pattern='/pull_requests/{pull_request_id:\d+}')
41 config.add_route(
41 config.add_route(
42 name='pull_requests_global_1', # backward compat
42 name='pull_requests_global_1', # backward compat
43 pattern='/pull-requests/{pull_request_id:\d+}')
43 pattern='/pull-requests/{pull_request_id:\d+}')
44 config.add_route(
44 config.add_route(
45 name='pull_requests_global',
45 name='pull_requests_global',
46 pattern='/pull-request/{pull_request_id:\d+}')
46 pattern='/pull-request/{pull_request_id:\d+}')
47
47
48 config.add_route(
48 config.add_route(
49 name='admin_settings_open_source',
49 name='admin_settings_open_source',
50 pattern='/settings/open_source')
50 pattern='/settings/open_source')
51 config.add_route(
51 config.add_route(
52 name='admin_settings_vcs_svn_generate_cfg',
52 name='admin_settings_vcs_svn_generate_cfg',
53 pattern='/settings/vcs/svn_generate_cfg')
53 pattern='/settings/vcs/svn_generate_cfg')
54
54
55 config.add_route(
55 config.add_route(
56 name='admin_settings_system',
56 name='admin_settings_system',
57 pattern='/settings/system')
57 pattern='/settings/system')
58 config.add_route(
58 config.add_route(
59 name='admin_settings_system_update',
59 name='admin_settings_system_update',
60 pattern='/settings/system/updates')
60 pattern='/settings/system/updates')
61
61
62 config.add_route(
62 config.add_route(
63 name='admin_settings_exception_tracker',
63 name='admin_settings_exception_tracker',
64 pattern='/settings/exceptions')
64 pattern='/settings/exceptions')
65 config.add_route(
65 config.add_route(
66 name='admin_settings_exception_tracker_delete_all',
66 name='admin_settings_exception_tracker_delete_all',
67 pattern='/settings/exceptions/delete')
67 pattern='/settings/exceptions/delete')
68 config.add_route(
68 config.add_route(
69 name='admin_settings_exception_tracker_show',
69 name='admin_settings_exception_tracker_show',
70 pattern='/settings/exceptions/{exception_id}')
70 pattern='/settings/exceptions/{exception_id}')
71 config.add_route(
71 config.add_route(
72 name='admin_settings_exception_tracker_delete',
72 name='admin_settings_exception_tracker_delete',
73 pattern='/settings/exceptions/{exception_id}/delete')
73 pattern='/settings/exceptions/{exception_id}/delete')
74
74
75 config.add_route(
75 config.add_route(
76 name='admin_settings_sessions',
76 name='admin_settings_sessions',
77 pattern='/settings/sessions')
77 pattern='/settings/sessions')
78 config.add_route(
78 config.add_route(
79 name='admin_settings_sessions_cleanup',
79 name='admin_settings_sessions_cleanup',
80 pattern='/settings/sessions/cleanup')
80 pattern='/settings/sessions/cleanup')
81
81
82 config.add_route(
82 config.add_route(
83 name='admin_settings_process_management',
83 name='admin_settings_process_management',
84 pattern='/settings/process_management')
84 pattern='/settings/process_management')
85 config.add_route(
85 config.add_route(
86 name='admin_settings_process_management_data',
86 name='admin_settings_process_management_data',
87 pattern='/settings/process_management/data')
87 pattern='/settings/process_management/data')
88 config.add_route(
88 config.add_route(
89 name='admin_settings_process_management_signal',
89 name='admin_settings_process_management_signal',
90 pattern='/settings/process_management/signal')
90 pattern='/settings/process_management/signal')
91 config.add_route(
91 config.add_route(
92 name='admin_settings_process_management_master_signal',
92 name='admin_settings_process_management_master_signal',
93 pattern='/settings/process_management/master_signal')
93 pattern='/settings/process_management/master_signal')
94
94
95 # default settings
95 # default settings
96 config.add_route(
96 config.add_route(
97 name='admin_defaults_repositories',
97 name='admin_defaults_repositories',
98 pattern='/defaults/repositories')
98 pattern='/defaults/repositories')
99 config.add_route(
99 config.add_route(
100 name='admin_defaults_repositories_update',
100 name='admin_defaults_repositories_update',
101 pattern='/defaults/repositories/update')
101 pattern='/defaults/repositories/update')
102
102
103 # admin settings
103 # admin settings
104
104
105 config.add_route(
105 config.add_route(
106 name='admin_settings',
106 name='admin_settings',
107 pattern='/settings')
107 pattern='/settings')
108 config.add_route(
108 config.add_route(
109 name='admin_settings_update',
109 name='admin_settings_update',
110 pattern='/settings/update')
110 pattern='/settings/update')
111
111
112 config.add_route(
112 config.add_route(
113 name='admin_settings_global',
113 name='admin_settings_global',
114 pattern='/settings/global')
114 pattern='/settings/global')
115 config.add_route(
115 config.add_route(
116 name='admin_settings_global_update',
116 name='admin_settings_global_update',
117 pattern='/settings/global/update')
117 pattern='/settings/global/update')
118
118
119 config.add_route(
119 config.add_route(
120 name='admin_settings_vcs',
120 name='admin_settings_vcs',
121 pattern='/settings/vcs')
121 pattern='/settings/vcs')
122 config.add_route(
122 config.add_route(
123 name='admin_settings_vcs_update',
123 name='admin_settings_vcs_update',
124 pattern='/settings/vcs/update')
124 pattern='/settings/vcs/update')
125 config.add_route(
125 config.add_route(
126 name='admin_settings_vcs_svn_pattern_delete',
126 name='admin_settings_vcs_svn_pattern_delete',
127 pattern='/settings/vcs/svn_pattern_delete')
127 pattern='/settings/vcs/svn_pattern_delete')
128
128
129 config.add_route(
129 config.add_route(
130 name='admin_settings_mapping',
130 name='admin_settings_mapping',
131 pattern='/settings/mapping')
131 pattern='/settings/mapping')
132 config.add_route(
132 config.add_route(
133 name='admin_settings_mapping_update',
133 name='admin_settings_mapping_update',
134 pattern='/settings/mapping/update')
134 pattern='/settings/mapping/update')
135
135
136 config.add_route(
136 config.add_route(
137 name='admin_settings_visual',
137 name='admin_settings_visual',
138 pattern='/settings/visual')
138 pattern='/settings/visual')
139 config.add_route(
139 config.add_route(
140 name='admin_settings_visual_update',
140 name='admin_settings_visual_update',
141 pattern='/settings/visual/update')
141 pattern='/settings/visual/update')
142
142
143
143
144 config.add_route(
144 config.add_route(
145 name='admin_settings_issuetracker',
145 name='admin_settings_issuetracker',
146 pattern='/settings/issue-tracker')
146 pattern='/settings/issue-tracker')
147 config.add_route(
147 config.add_route(
148 name='admin_settings_issuetracker_update',
148 name='admin_settings_issuetracker_update',
149 pattern='/settings/issue-tracker/update')
149 pattern='/settings/issue-tracker/update')
150 config.add_route(
150 config.add_route(
151 name='admin_settings_issuetracker_test',
151 name='admin_settings_issuetracker_test',
152 pattern='/settings/issue-tracker/test')
152 pattern='/settings/issue-tracker/test')
153 config.add_route(
153 config.add_route(
154 name='admin_settings_issuetracker_delete',
154 name='admin_settings_issuetracker_delete',
155 pattern='/settings/issue-tracker/delete')
155 pattern='/settings/issue-tracker/delete')
156
156
157 config.add_route(
157 config.add_route(
158 name='admin_settings_email',
158 name='admin_settings_email',
159 pattern='/settings/email')
159 pattern='/settings/email')
160 config.add_route(
160 config.add_route(
161 name='admin_settings_email_update',
161 name='admin_settings_email_update',
162 pattern='/settings/email/update')
162 pattern='/settings/email/update')
163
163
164 config.add_route(
164 config.add_route(
165 name='admin_settings_hooks',
165 name='admin_settings_hooks',
166 pattern='/settings/hooks')
166 pattern='/settings/hooks')
167 config.add_route(
167 config.add_route(
168 name='admin_settings_hooks_update',
168 name='admin_settings_hooks_update',
169 pattern='/settings/hooks/update')
169 pattern='/settings/hooks/update')
170 config.add_route(
170 config.add_route(
171 name='admin_settings_hooks_delete',
171 name='admin_settings_hooks_delete',
172 pattern='/settings/hooks/delete')
172 pattern='/settings/hooks/delete')
173
173
174 config.add_route(
174 config.add_route(
175 name='admin_settings_search',
175 name='admin_settings_search',
176 pattern='/settings/search')
176 pattern='/settings/search')
177
177
178 config.add_route(
178 config.add_route(
179 name='admin_settings_labs',
179 name='admin_settings_labs',
180 pattern='/settings/labs')
180 pattern='/settings/labs')
181 config.add_route(
181 config.add_route(
182 name='admin_settings_labs_update',
182 name='admin_settings_labs_update',
183 pattern='/settings/labs/update')
183 pattern='/settings/labs/update')
184
184
185 # Automation EE feature
185 # Automation EE feature
186 config.add_route(
186 config.add_route(
187 'admin_settings_automation',
187 'admin_settings_automation',
188 pattern=ADMIN_PREFIX + '/settings/automation')
188 pattern=ADMIN_PREFIX + '/settings/automation')
189
189
190 # global permissions
190 # global permissions
191
191
192 config.add_route(
192 config.add_route(
193 name='admin_permissions_application',
193 name='admin_permissions_application',
194 pattern='/permissions/application')
194 pattern='/permissions/application')
195 config.add_route(
195 config.add_route(
196 name='admin_permissions_application_update',
196 name='admin_permissions_application_update',
197 pattern='/permissions/application/update')
197 pattern='/permissions/application/update')
198
198
199 config.add_route(
199 config.add_route(
200 name='admin_permissions_global',
200 name='admin_permissions_global',
201 pattern='/permissions/global')
201 pattern='/permissions/global')
202 config.add_route(
202 config.add_route(
203 name='admin_permissions_global_update',
203 name='admin_permissions_global_update',
204 pattern='/permissions/global/update')
204 pattern='/permissions/global/update')
205
205
206 config.add_route(
206 config.add_route(
207 name='admin_permissions_object',
207 name='admin_permissions_object',
208 pattern='/permissions/object')
208 pattern='/permissions/object')
209 config.add_route(
209 config.add_route(
210 name='admin_permissions_object_update',
210 name='admin_permissions_object_update',
211 pattern='/permissions/object/update')
211 pattern='/permissions/object/update')
212
212
213 # Branch perms EE feature
214 config.add_route(
215 name='admin_permissions_branch',
216 pattern='/permissions/branch')
217
213 config.add_route(
218 config.add_route(
214 name='admin_permissions_ips',
219 name='admin_permissions_ips',
215 pattern='/permissions/ips')
220 pattern='/permissions/ips')
216
221
217 config.add_route(
222 config.add_route(
218 name='admin_permissions_overview',
223 name='admin_permissions_overview',
219 pattern='/permissions/overview')
224 pattern='/permissions/overview')
220
225
221 config.add_route(
226 config.add_route(
222 name='admin_permissions_auth_token_access',
227 name='admin_permissions_auth_token_access',
223 pattern='/permissions/auth_token_access')
228 pattern='/permissions/auth_token_access')
224
229
225 config.add_route(
230 config.add_route(
226 name='admin_permissions_ssh_keys',
231 name='admin_permissions_ssh_keys',
227 pattern='/permissions/ssh_keys')
232 pattern='/permissions/ssh_keys')
228 config.add_route(
233 config.add_route(
229 name='admin_permissions_ssh_keys_data',
234 name='admin_permissions_ssh_keys_data',
230 pattern='/permissions/ssh_keys/data')
235 pattern='/permissions/ssh_keys/data')
231 config.add_route(
236 config.add_route(
232 name='admin_permissions_ssh_keys_update',
237 name='admin_permissions_ssh_keys_update',
233 pattern='/permissions/ssh_keys/update')
238 pattern='/permissions/ssh_keys/update')
234
239
235 # users admin
240 # users admin
236 config.add_route(
241 config.add_route(
237 name='users',
242 name='users',
238 pattern='/users')
243 pattern='/users')
239
244
240 config.add_route(
245 config.add_route(
241 name='users_data',
246 name='users_data',
242 pattern='/users_data')
247 pattern='/users_data')
243
248
244 config.add_route(
249 config.add_route(
245 name='users_create',
250 name='users_create',
246 pattern='/users/create')
251 pattern='/users/create')
247
252
248 config.add_route(
253 config.add_route(
249 name='users_new',
254 name='users_new',
250 pattern='/users/new')
255 pattern='/users/new')
251
256
252 # user management
257 # user management
253 config.add_route(
258 config.add_route(
254 name='user_edit',
259 name='user_edit',
255 pattern='/users/{user_id:\d+}/edit',
260 pattern='/users/{user_id:\d+}/edit',
256 user_route=True)
261 user_route=True)
257 config.add_route(
262 config.add_route(
258 name='user_edit_advanced',
263 name='user_edit_advanced',
259 pattern='/users/{user_id:\d+}/edit/advanced',
264 pattern='/users/{user_id:\d+}/edit/advanced',
260 user_route=True)
265 user_route=True)
261 config.add_route(
266 config.add_route(
262 name='user_edit_global_perms',
267 name='user_edit_global_perms',
263 pattern='/users/{user_id:\d+}/edit/global_permissions',
268 pattern='/users/{user_id:\d+}/edit/global_permissions',
264 user_route=True)
269 user_route=True)
265 config.add_route(
270 config.add_route(
266 name='user_edit_global_perms_update',
271 name='user_edit_global_perms_update',
267 pattern='/users/{user_id:\d+}/edit/global_permissions/update',
272 pattern='/users/{user_id:\d+}/edit/global_permissions/update',
268 user_route=True)
273 user_route=True)
269 config.add_route(
274 config.add_route(
270 name='user_update',
275 name='user_update',
271 pattern='/users/{user_id:\d+}/update',
276 pattern='/users/{user_id:\d+}/update',
272 user_route=True)
277 user_route=True)
273 config.add_route(
278 config.add_route(
274 name='user_delete',
279 name='user_delete',
275 pattern='/users/{user_id:\d+}/delete',
280 pattern='/users/{user_id:\d+}/delete',
276 user_route=True)
281 user_route=True)
277 config.add_route(
282 config.add_route(
278 name='user_force_password_reset',
283 name='user_force_password_reset',
279 pattern='/users/{user_id:\d+}/password_reset',
284 pattern='/users/{user_id:\d+}/password_reset',
280 user_route=True)
285 user_route=True)
281 config.add_route(
286 config.add_route(
282 name='user_create_personal_repo_group',
287 name='user_create_personal_repo_group',
283 pattern='/users/{user_id:\d+}/create_repo_group',
288 pattern='/users/{user_id:\d+}/create_repo_group',
284 user_route=True)
289 user_route=True)
285
290
286 # user auth tokens
291 # user auth tokens
287 config.add_route(
292 config.add_route(
288 name='edit_user_auth_tokens',
293 name='edit_user_auth_tokens',
289 pattern='/users/{user_id:\d+}/edit/auth_tokens',
294 pattern='/users/{user_id:\d+}/edit/auth_tokens',
290 user_route=True)
295 user_route=True)
291 config.add_route(
296 config.add_route(
292 name='edit_user_auth_tokens_add',
297 name='edit_user_auth_tokens_add',
293 pattern='/users/{user_id:\d+}/edit/auth_tokens/new',
298 pattern='/users/{user_id:\d+}/edit/auth_tokens/new',
294 user_route=True)
299 user_route=True)
295 config.add_route(
300 config.add_route(
296 name='edit_user_auth_tokens_delete',
301 name='edit_user_auth_tokens_delete',
297 pattern='/users/{user_id:\d+}/edit/auth_tokens/delete',
302 pattern='/users/{user_id:\d+}/edit/auth_tokens/delete',
298 user_route=True)
303 user_route=True)
299
304
300 # user ssh keys
305 # user ssh keys
301 config.add_route(
306 config.add_route(
302 name='edit_user_ssh_keys',
307 name='edit_user_ssh_keys',
303 pattern='/users/{user_id:\d+}/edit/ssh_keys',
308 pattern='/users/{user_id:\d+}/edit/ssh_keys',
304 user_route=True)
309 user_route=True)
305 config.add_route(
310 config.add_route(
306 name='edit_user_ssh_keys_generate_keypair',
311 name='edit_user_ssh_keys_generate_keypair',
307 pattern='/users/{user_id:\d+}/edit/ssh_keys/generate',
312 pattern='/users/{user_id:\d+}/edit/ssh_keys/generate',
308 user_route=True)
313 user_route=True)
309 config.add_route(
314 config.add_route(
310 name='edit_user_ssh_keys_add',
315 name='edit_user_ssh_keys_add',
311 pattern='/users/{user_id:\d+}/edit/ssh_keys/new',
316 pattern='/users/{user_id:\d+}/edit/ssh_keys/new',
312 user_route=True)
317 user_route=True)
313 config.add_route(
318 config.add_route(
314 name='edit_user_ssh_keys_delete',
319 name='edit_user_ssh_keys_delete',
315 pattern='/users/{user_id:\d+}/edit/ssh_keys/delete',
320 pattern='/users/{user_id:\d+}/edit/ssh_keys/delete',
316 user_route=True)
321 user_route=True)
317
322
318 # user emails
323 # user emails
319 config.add_route(
324 config.add_route(
320 name='edit_user_emails',
325 name='edit_user_emails',
321 pattern='/users/{user_id:\d+}/edit/emails',
326 pattern='/users/{user_id:\d+}/edit/emails',
322 user_route=True)
327 user_route=True)
323 config.add_route(
328 config.add_route(
324 name='edit_user_emails_add',
329 name='edit_user_emails_add',
325 pattern='/users/{user_id:\d+}/edit/emails/new',
330 pattern='/users/{user_id:\d+}/edit/emails/new',
326 user_route=True)
331 user_route=True)
327 config.add_route(
332 config.add_route(
328 name='edit_user_emails_delete',
333 name='edit_user_emails_delete',
329 pattern='/users/{user_id:\d+}/edit/emails/delete',
334 pattern='/users/{user_id:\d+}/edit/emails/delete',
330 user_route=True)
335 user_route=True)
331
336
332 # user IPs
337 # user IPs
333 config.add_route(
338 config.add_route(
334 name='edit_user_ips',
339 name='edit_user_ips',
335 pattern='/users/{user_id:\d+}/edit/ips',
340 pattern='/users/{user_id:\d+}/edit/ips',
336 user_route=True)
341 user_route=True)
337 config.add_route(
342 config.add_route(
338 name='edit_user_ips_add',
343 name='edit_user_ips_add',
339 pattern='/users/{user_id:\d+}/edit/ips/new',
344 pattern='/users/{user_id:\d+}/edit/ips/new',
340 user_route_with_default=True) # enabled for default user too
345 user_route_with_default=True) # enabled for default user too
341 config.add_route(
346 config.add_route(
342 name='edit_user_ips_delete',
347 name='edit_user_ips_delete',
343 pattern='/users/{user_id:\d+}/edit/ips/delete',
348 pattern='/users/{user_id:\d+}/edit/ips/delete',
344 user_route_with_default=True) # enabled for default user too
349 user_route_with_default=True) # enabled for default user too
345
350
346 # user perms
351 # user perms
347 config.add_route(
352 config.add_route(
348 name='edit_user_perms_summary',
353 name='edit_user_perms_summary',
349 pattern='/users/{user_id:\d+}/edit/permissions_summary',
354 pattern='/users/{user_id:\d+}/edit/permissions_summary',
350 user_route=True)
355 user_route=True)
351 config.add_route(
356 config.add_route(
352 name='edit_user_perms_summary_json',
357 name='edit_user_perms_summary_json',
353 pattern='/users/{user_id:\d+}/edit/permissions_summary/json',
358 pattern='/users/{user_id:\d+}/edit/permissions_summary/json',
354 user_route=True)
359 user_route=True)
355
360
356 # user user groups management
361 # user user groups management
357 config.add_route(
362 config.add_route(
358 name='edit_user_groups_management',
363 name='edit_user_groups_management',
359 pattern='/users/{user_id:\d+}/edit/groups_management',
364 pattern='/users/{user_id:\d+}/edit/groups_management',
360 user_route=True)
365 user_route=True)
361
366
362 config.add_route(
367 config.add_route(
363 name='edit_user_groups_management_updates',
368 name='edit_user_groups_management_updates',
364 pattern='/users/{user_id:\d+}/edit/edit_user_groups_management/updates',
369 pattern='/users/{user_id:\d+}/edit/edit_user_groups_management/updates',
365 user_route=True)
370 user_route=True)
366
371
367 # user audit logs
372 # user audit logs
368 config.add_route(
373 config.add_route(
369 name='edit_user_audit_logs',
374 name='edit_user_audit_logs',
370 pattern='/users/{user_id:\d+}/edit/audit', user_route=True)
375 pattern='/users/{user_id:\d+}/edit/audit', user_route=True)
371
376
372 # user caches
377 # user caches
373 config.add_route(
378 config.add_route(
374 name='edit_user_caches',
379 name='edit_user_caches',
375 pattern='/users/{user_id:\d+}/edit/caches',
380 pattern='/users/{user_id:\d+}/edit/caches',
376 user_route=True)
381 user_route=True)
377 config.add_route(
382 config.add_route(
378 name='edit_user_caches_update',
383 name='edit_user_caches_update',
379 pattern='/users/{user_id:\d+}/edit/caches/update',
384 pattern='/users/{user_id:\d+}/edit/caches/update',
380 user_route=True)
385 user_route=True)
381
386
382 # user-groups admin
387 # user-groups admin
383 config.add_route(
388 config.add_route(
384 name='user_groups',
389 name='user_groups',
385 pattern='/user_groups')
390 pattern='/user_groups')
386
391
387 config.add_route(
392 config.add_route(
388 name='user_groups_data',
393 name='user_groups_data',
389 pattern='/user_groups_data')
394 pattern='/user_groups_data')
390
395
391 config.add_route(
396 config.add_route(
392 name='user_groups_new',
397 name='user_groups_new',
393 pattern='/user_groups/new')
398 pattern='/user_groups/new')
394
399
395 config.add_route(
400 config.add_route(
396 name='user_groups_create',
401 name='user_groups_create',
397 pattern='/user_groups/create')
402 pattern='/user_groups/create')
398
403
399 # repos admin
404 # repos admin
400 config.add_route(
405 config.add_route(
401 name='repos',
406 name='repos',
402 pattern='/repos')
407 pattern='/repos')
403
408
404 config.add_route(
409 config.add_route(
405 name='repo_new',
410 name='repo_new',
406 pattern='/repos/new')
411 pattern='/repos/new')
407
412
408 config.add_route(
413 config.add_route(
409 name='repo_create',
414 name='repo_create',
410 pattern='/repos/create')
415 pattern='/repos/create')
411
416
412 # repo groups admin
417 # repo groups admin
413 config.add_route(
418 config.add_route(
414 name='repo_groups',
419 name='repo_groups',
415 pattern='/repo_groups')
420 pattern='/repo_groups')
416
421
417 config.add_route(
422 config.add_route(
418 name='repo_group_new',
423 name='repo_group_new',
419 pattern='/repo_group/new')
424 pattern='/repo_group/new')
420
425
421 config.add_route(
426 config.add_route(
422 name='repo_group_create',
427 name='repo_group_create',
423 pattern='/repo_group/create')
428 pattern='/repo_group/create')
424
429
425
430
426 def includeme(config):
431 def includeme(config):
427 from rhodecode.apps.admin.navigation import includeme as nav_includeme
432 from rhodecode.apps.admin.navigation import includeme as nav_includeme
428
433
429 # Create admin navigation registry and add it to the pyramid registry.
434 # Create admin navigation registry and add it to the pyramid registry.
430 nav_includeme(config)
435 nav_includeme(config)
431
436
432 # main admin routes
437 # main admin routes
433 config.add_route(name='admin_home', pattern=ADMIN_PREFIX)
438 config.add_route(name='admin_home', pattern=ADMIN_PREFIX)
434 config.include(admin_routes, route_prefix=ADMIN_PREFIX)
439 config.include(admin_routes, route_prefix=ADMIN_PREFIX)
435
440
436 config.include('.subscribers')
441 config.include('.subscribers')
437
442
438 # Scan module for configuration decorators.
443 # Scan module for configuration decorators.
439 config.scan('.views', ignore='.tests')
444 config.scan('.views', ignore='.tests')
Show file before | Show file after | Hide comments
@@ -1,484 +1,509 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2016-2018 RhodeCode GmbH
3 # Copyright (C) 2016-2018 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 import re
21 import re
22 import logging
22 import logging
23 import formencode
23 import formencode
24 import formencode.htmlfill
24 import formencode.htmlfill
25 import datetime
25 import datetime
26 from pyramid.interfaces import IRoutesMapper
26 from pyramid.interfaces import IRoutesMapper
27
27
28 from pyramid.view import view_config
28 from pyramid.view import view_config
29 from pyramid.httpexceptions import HTTPFound
29 from pyramid.httpexceptions import HTTPFound
30 from pyramid.renderers import render
30 from pyramid.renderers import render
31 from pyramid.response import Response
31 from pyramid.response import Response
32
32
33 from rhodecode.apps._base import BaseAppView, DataGridAppView
33 from rhodecode.apps._base import BaseAppView, DataGridAppView
34 from rhodecode.apps.ssh_support import SshKeyFileChangeEvent
34 from rhodecode.apps.ssh_support import SshKeyFileChangeEvent
35 from rhodecode.events import trigger
35 from rhodecode.events import trigger
36
36
37 from rhodecode.lib import helpers as h
37 from rhodecode.lib import helpers as h
38 from rhodecode.lib.auth import (
38 from rhodecode.lib.auth import (
39 LoginRequired, HasPermissionAllDecorator, CSRFRequired)
39 LoginRequired, HasPermissionAllDecorator, CSRFRequired)
40 from rhodecode.lib.utils2 import aslist, safe_unicode
40 from rhodecode.lib.utils2 import aslist, safe_unicode
41 from rhodecode.model.db import (
41 from rhodecode.model.db import (
42 or_, coalesce, User, UserIpMap, UserSshKeys)
42 or_, coalesce, User, UserIpMap, UserSshKeys)
43 from rhodecode.model.forms import (
43 from rhodecode.model.forms import (
44 ApplicationPermissionsForm, ObjectPermissionsForm, UserPermissionsForm)
44 ApplicationPermissionsForm, ObjectPermissionsForm, UserPermissionsForm)
45 from rhodecode.model.meta import Session
45 from rhodecode.model.meta import Session
46 from rhodecode.model.permission import PermissionModel
46 from rhodecode.model.permission import PermissionModel
47 from rhodecode.model.settings import SettingsModel
47 from rhodecode.model.settings import SettingsModel
48
48
49
49
50 log = logging.getLogger(__name__)
50 log = logging.getLogger(__name__)
51
51
52
52
53 class AdminPermissionsView(BaseAppView, DataGridAppView):
53 class AdminPermissionsView(BaseAppView, DataGridAppView):
54 def load_default_context(self):
54 def load_default_context(self):
55 c = self._get_local_tmpl_context()
55 c = self._get_local_tmpl_context()
56 PermissionModel().set_global_permission_choices(
56 PermissionModel().set_global_permission_choices(
57 c, gettext_translator=self.request.translate)
57 c, gettext_translator=self.request.translate)
58 return c
58 return c
59
59
60 @LoginRequired()
60 @LoginRequired()
61 @HasPermissionAllDecorator('hg.admin')
61 @HasPermissionAllDecorator('hg.admin')
62 @view_config(
62 @view_config(
63 route_name='admin_permissions_application', request_method='GET',
63 route_name='admin_permissions_application', request_method='GET',
64 renderer='rhodecode:templates/admin/permissions/permissions.mako')
64 renderer='rhodecode:templates/admin/permissions/permissions.mako')
65 def permissions_application(self):
65 def permissions_application(self):
66 c = self.load_default_context()
66 c = self.load_default_context()
67 c.active = 'application'
67 c.active = 'application'
68
68
69 c.user = User.get_default_user(refresh=True)
69 c.user = User.get_default_user(refresh=True)
70
70
71 app_settings = SettingsModel().get_all_settings()
71 app_settings = SettingsModel().get_all_settings()
72 defaults = {
72 defaults = {
73 'anonymous': c.user.active,
73 'anonymous': c.user.active,
74 'default_register_message': app_settings.get(
74 'default_register_message': app_settings.get(
75 'rhodecode_register_message')
75 'rhodecode_register_message')
76 }
76 }
77 defaults.update(c.user.get_default_perms())
77 defaults.update(c.user.get_default_perms())
78
78
79 data = render('rhodecode:templates/admin/permissions/permissions.mako',
79 data = render('rhodecode:templates/admin/permissions/permissions.mako',
80 self._get_template_context(c), self.request)
80 self._get_template_context(c), self.request)
81 html = formencode.htmlfill.render(
81 html = formencode.htmlfill.render(
82 data,
82 data,
83 defaults=defaults,
83 defaults=defaults,
84 encoding="UTF-8",
84 encoding="UTF-8",
85 force_defaults=False
85 force_defaults=False
86 )
86 )
87 return Response(html)
87 return Response(html)
88
88
89 @LoginRequired()
89 @LoginRequired()
90 @HasPermissionAllDecorator('hg.admin')
90 @HasPermissionAllDecorator('hg.admin')
91 @CSRFRequired()
91 @CSRFRequired()
92 @view_config(
92 @view_config(
93 route_name='admin_permissions_application_update', request_method='POST',
93 route_name='admin_permissions_application_update', request_method='POST',
94 renderer='rhodecode:templates/admin/permissions/permissions.mako')
94 renderer='rhodecode:templates/admin/permissions/permissions.mako')
95 def permissions_application_update(self):
95 def permissions_application_update(self):
96 _ = self.request.translate
96 _ = self.request.translate
97 c = self.load_default_context()
97 c = self.load_default_context()
98 c.active = 'application'
98 c.active = 'application'
99
99
100 _form = ApplicationPermissionsForm(
100 _form = ApplicationPermissionsForm(
101 self.request.translate,
101 self.request.translate,
102 [x[0] for x in c.register_choices],
102 [x[0] for x in c.register_choices],
103 [x[0] for x in c.password_reset_choices],
103 [x[0] for x in c.password_reset_choices],
104 [x[0] for x in c.extern_activate_choices])()
104 [x[0] for x in c.extern_activate_choices])()
105
105
106 try:
106 try:
107 form_result = _form.to_python(dict(self.request.POST))
107 form_result = _form.to_python(dict(self.request.POST))
108 form_result.update({'perm_user_name': User.DEFAULT_USER})
108 form_result.update({'perm_user_name': User.DEFAULT_USER})
109 PermissionModel().update_application_permissions(form_result)
109 PermissionModel().update_application_permissions(form_result)
110
110
111 settings = [
111 settings = [
112 ('register_message', 'default_register_message'),
112 ('register_message', 'default_register_message'),
113 ]
113 ]
114 for setting, form_key in settings:
114 for setting, form_key in settings:
115 sett = SettingsModel().create_or_update_setting(
115 sett = SettingsModel().create_or_update_setting(
116 setting, form_result[form_key])
116 setting, form_result[form_key])
117 Session().add(sett)
117 Session().add(sett)
118
118
119 Session().commit()
119 Session().commit()
120 h.flash(_('Application permissions updated successfully'),
120 h.flash(_('Application permissions updated successfully'),
121 category='success')
121 category='success')
122
122
123 except formencode.Invalid as errors:
123 except formencode.Invalid as errors:
124 defaults = errors.value
124 defaults = errors.value
125
125
126 data = render(
126 data = render(
127 'rhodecode:templates/admin/permissions/permissions.mako',
127 'rhodecode:templates/admin/permissions/permissions.mako',
128 self._get_template_context(c), self.request)
128 self._get_template_context(c), self.request)
129 html = formencode.htmlfill.render(
129 html = formencode.htmlfill.render(
130 data,
130 data,
131 defaults=defaults,
131 defaults=defaults,
132 errors=errors.error_dict or {},
132 errors=errors.error_dict or {},
133 prefix_error=False,
133 prefix_error=False,
134 encoding="UTF-8",
134 encoding="UTF-8",
135 force_defaults=False
135 force_defaults=False
136 )
136 )
137 return Response(html)
137 return Response(html)
138
138
139 except Exception:
139 except Exception:
140 log.exception("Exception during update of permissions")
140 log.exception("Exception during update of permissions")
141 h.flash(_('Error occurred during update of permissions'),
141 h.flash(_('Error occurred during update of permissions'),
142 category='error')
142 category='error')
143
143
144 raise HTTPFound(h.route_path('admin_permissions_application'))
144 raise HTTPFound(h.route_path('admin_permissions_application'))
145
145
146 @LoginRequired()
146 @LoginRequired()
147 @HasPermissionAllDecorator('hg.admin')
147 @HasPermissionAllDecorator('hg.admin')
148 @view_config(
148 @view_config(
149 route_name='admin_permissions_object', request_method='GET',
149 route_name='admin_permissions_object', request_method='GET',
150 renderer='rhodecode:templates/admin/permissions/permissions.mako')
150 renderer='rhodecode:templates/admin/permissions/permissions.mako')
151 def permissions_objects(self):
151 def permissions_objects(self):
152 c = self.load_default_context()
152 c = self.load_default_context()
153 c.active = 'objects'
153 c.active = 'objects'
154
154
155 c.user = User.get_default_user(refresh=True)
155 c.user = User.get_default_user(refresh=True)
156 defaults = {}
156 defaults = {}
157 defaults.update(c.user.get_default_perms())
157 defaults.update(c.user.get_default_perms())
158
158
159 data = render(
159 data = render(
160 'rhodecode:templates/admin/permissions/permissions.mako',
160 'rhodecode:templates/admin/permissions/permissions.mako',
161 self._get_template_context(c), self.request)
161 self._get_template_context(c), self.request)
162 html = formencode.htmlfill.render(
162 html = formencode.htmlfill.render(
163 data,
163 data,
164 defaults=defaults,
164 defaults=defaults,
165 encoding="UTF-8",
165 encoding="UTF-8",
166 force_defaults=False
166 force_defaults=False
167 )
167 )
168 return Response(html)
168 return Response(html)
169
169
170 @LoginRequired()
170 @LoginRequired()
171 @HasPermissionAllDecorator('hg.admin')
171 @HasPermissionAllDecorator('hg.admin')
172 @CSRFRequired()
172 @CSRFRequired()
173 @view_config(
173 @view_config(
174 route_name='admin_permissions_object_update', request_method='POST',
174 route_name='admin_permissions_object_update', request_method='POST',
175 renderer='rhodecode:templates/admin/permissions/permissions.mako')
175 renderer='rhodecode:templates/admin/permissions/permissions.mako')
176 def permissions_objects_update(self):
176 def permissions_objects_update(self):
177 _ = self.request.translate
177 _ = self.request.translate
178 c = self.load_default_context()
178 c = self.load_default_context()
179 c.active = 'objects'
179 c.active = 'objects'
180
180
181 _form = ObjectPermissionsForm(
181 _form = ObjectPermissionsForm(
182 self.request.translate,
182 self.request.translate,
183 [x[0] for x in c.repo_perms_choices],
183 [x[0] for x in c.repo_perms_choices],
184 [x[0] for x in c.group_perms_choices],
184 [x[0] for x in c.group_perms_choices],
185 [x[0] for x in c.user_group_perms_choices])()
185 [x[0] for x in c.user_group_perms_choices],
186 )()
186
187
187 try:
188 try:
188 form_result = _form.to_python(dict(self.request.POST))
189 form_result = _form.to_python(dict(self.request.POST))
189 form_result.update({'perm_user_name': User.DEFAULT_USER})
190 form_result.update({'perm_user_name': User.DEFAULT_USER})
190 PermissionModel().update_object_permissions(form_result)
191 PermissionModel().update_object_permissions(form_result)
191
192
192 Session().commit()
193 Session().commit()
193 h.flash(_('Object permissions updated successfully'),
194 h.flash(_('Object permissions updated successfully'),
194 category='success')
195 category='success')
195
196
196 except formencode.Invalid as errors:
197 except formencode.Invalid as errors:
197 defaults = errors.value
198 defaults = errors.value
198
199
199 data = render(
200 data = render(
200 'rhodecode:templates/admin/permissions/permissions.mako',
201 'rhodecode:templates/admin/permissions/permissions.mako',
201 self._get_template_context(c), self.request)
202 self._get_template_context(c), self.request)
202 html = formencode.htmlfill.render(
203 html = formencode.htmlfill.render(
203 data,
204 data,
204 defaults=defaults,
205 defaults=defaults,
205 errors=errors.error_dict or {},
206 errors=errors.error_dict or {},
206 prefix_error=False,
207 prefix_error=False,
207 encoding="UTF-8",
208 encoding="UTF-8",
208 force_defaults=False
209 force_defaults=False
209 )
210 )
210 return Response(html)
211 return Response(html)
211 except Exception:
212 except Exception:
212 log.exception("Exception during update of permissions")
213 log.exception("Exception during update of permissions")
213 h.flash(_('Error occurred during update of permissions'),
214 h.flash(_('Error occurred during update of permissions'),
214 category='error')
215 category='error')
215
216
216 raise HTTPFound(h.route_path('admin_permissions_object'))
217 raise HTTPFound(h.route_path('admin_permissions_object'))
217
218
218 @LoginRequired()
219 @LoginRequired()
219 @HasPermissionAllDecorator('hg.admin')
220 @HasPermissionAllDecorator('hg.admin')
220 @view_config(
221 @view_config(
222 route_name='admin_permissions_branch', request_method='GET',
223 renderer='rhodecode:templates/admin/permissions/permissions.mako')
224 def permissions_branch(self):
225 c = self.load_default_context()
226 c.active = 'branch'
227
228 c.user = User.get_default_user(refresh=True)
229 defaults = {}
230 defaults.update(c.user.get_default_perms())
231
232 data = render(
233 'rhodecode:templates/admin/permissions/permissions.mako',
234 self._get_template_context(c), self.request)
235 html = formencode.htmlfill.render(
236 data,
237 defaults=defaults,
238 encoding="UTF-8",
239 force_defaults=False
240 )
241 return Response(html)
242
243 @LoginRequired()
244 @HasPermissionAllDecorator('hg.admin')
245 @view_config(
221 route_name='admin_permissions_global', request_method='GET',
246 route_name='admin_permissions_global', request_method='GET',
222 renderer='rhodecode:templates/admin/permissions/permissions.mako')
247 renderer='rhodecode:templates/admin/permissions/permissions.mako')
223 def permissions_global(self):
248 def permissions_global(self):
224 c = self.load_default_context()
249 c = self.load_default_context()
225 c.active = 'global'
250 c.active = 'global'
226
251
227 c.user = User.get_default_user(refresh=True)
252 c.user = User.get_default_user(refresh=True)
228 defaults = {}
253 defaults = {}
229 defaults.update(c.user.get_default_perms())
254 defaults.update(c.user.get_default_perms())
230
255
231 data = render(
256 data = render(
232 'rhodecode:templates/admin/permissions/permissions.mako',
257 'rhodecode:templates/admin/permissions/permissions.mako',
233 self._get_template_context(c), self.request)
258 self._get_template_context(c), self.request)
234 html = formencode.htmlfill.render(
259 html = formencode.htmlfill.render(
235 data,
260 data,
236 defaults=defaults,
261 defaults=defaults,
237 encoding="UTF-8",
262 encoding="UTF-8",
238 force_defaults=False
263 force_defaults=False
239 )
264 )
240 return Response(html)
265 return Response(html)
241
266
242 @LoginRequired()
267 @LoginRequired()
243 @HasPermissionAllDecorator('hg.admin')
268 @HasPermissionAllDecorator('hg.admin')
244 @CSRFRequired()
269 @CSRFRequired()
245 @view_config(
270 @view_config(
246 route_name='admin_permissions_global_update', request_method='POST',
271 route_name='admin_permissions_global_update', request_method='POST',
247 renderer='rhodecode:templates/admin/permissions/permissions.mako')
272 renderer='rhodecode:templates/admin/permissions/permissions.mako')
248 def permissions_global_update(self):
273 def permissions_global_update(self):
249 _ = self.request.translate
274 _ = self.request.translate
250 c = self.load_default_context()
275 c = self.load_default_context()
251 c.active = 'global'
276 c.active = 'global'
252
277
253 _form = UserPermissionsForm(
278 _form = UserPermissionsForm(
254 self.request.translate,
279 self.request.translate,
255 [x[0] for x in c.repo_create_choices],
280 [x[0] for x in c.repo_create_choices],
256 [x[0] for x in c.repo_create_on_write_choices],
281 [x[0] for x in c.repo_create_on_write_choices],
257 [x[0] for x in c.repo_group_create_choices],
282 [x[0] for x in c.repo_group_create_choices],
258 [x[0] for x in c.user_group_create_choices],
283 [x[0] for x in c.user_group_create_choices],
259 [x[0] for x in c.fork_choices],
284 [x[0] for x in c.fork_choices],
260 [x[0] for x in c.inherit_default_permission_choices])()
285 [x[0] for x in c.inherit_default_permission_choices])()
261
286
262 try:
287 try:
263 form_result = _form.to_python(dict(self.request.POST))
288 form_result = _form.to_python(dict(self.request.POST))
264 form_result.update({'perm_user_name': User.DEFAULT_USER})
289 form_result.update({'perm_user_name': User.DEFAULT_USER})
265 PermissionModel().update_user_permissions(form_result)
290 PermissionModel().update_user_permissions(form_result)
266
291
267 Session().commit()
292 Session().commit()
268 h.flash(_('Global permissions updated successfully'),
293 h.flash(_('Global permissions updated successfully'),
269 category='success')
294 category='success')
270
295
271 except formencode.Invalid as errors:
296 except formencode.Invalid as errors:
272 defaults = errors.value
297 defaults = errors.value
273
298
274 data = render(
299 data = render(
275 'rhodecode:templates/admin/permissions/permissions.mako',
300 'rhodecode:templates/admin/permissions/permissions.mako',
276 self._get_template_context(c), self.request)
301 self._get_template_context(c), self.request)
277 html = formencode.htmlfill.render(
302 html = formencode.htmlfill.render(
278 data,
303 data,
279 defaults=defaults,
304 defaults=defaults,
280 errors=errors.error_dict or {},
305 errors=errors.error_dict or {},
281 prefix_error=False,
306 prefix_error=False,
282 encoding="UTF-8",
307 encoding="UTF-8",
283 force_defaults=False
308 force_defaults=False
284 )
309 )
285 return Response(html)
310 return Response(html)
286 except Exception:
311 except Exception:
287 log.exception("Exception during update of permissions")
312 log.exception("Exception during update of permissions")
288 h.flash(_('Error occurred during update of permissions'),
313 h.flash(_('Error occurred during update of permissions'),
289 category='error')
314 category='error')
290
315
291 raise HTTPFound(h.route_path('admin_permissions_global'))
316 raise HTTPFound(h.route_path('admin_permissions_global'))
292
317
293 @LoginRequired()
318 @LoginRequired()
294 @HasPermissionAllDecorator('hg.admin')
319 @HasPermissionAllDecorator('hg.admin')
295 @view_config(
320 @view_config(
296 route_name='admin_permissions_ips', request_method='GET',
321 route_name='admin_permissions_ips', request_method='GET',
297 renderer='rhodecode:templates/admin/permissions/permissions.mako')
322 renderer='rhodecode:templates/admin/permissions/permissions.mako')
298 def permissions_ips(self):
323 def permissions_ips(self):
299 c = self.load_default_context()
324 c = self.load_default_context()
300 c.active = 'ips'
325 c.active = 'ips'
301
326
302 c.user = User.get_default_user(refresh=True)
327 c.user = User.get_default_user(refresh=True)
303 c.user_ip_map = (
328 c.user_ip_map = (
304 UserIpMap.query().filter(UserIpMap.user == c.user).all())
329 UserIpMap.query().filter(UserIpMap.user == c.user).all())
305
330
306 return self._get_template_context(c)
331 return self._get_template_context(c)
307
332
308 @LoginRequired()
333 @LoginRequired()
309 @HasPermissionAllDecorator('hg.admin')
334 @HasPermissionAllDecorator('hg.admin')
310 @view_config(
335 @view_config(
311 route_name='admin_permissions_overview', request_method='GET',
336 route_name='admin_permissions_overview', request_method='GET',
312 renderer='rhodecode:templates/admin/permissions/permissions.mako')
337 renderer='rhodecode:templates/admin/permissions/permissions.mako')
313 def permissions_overview(self):
338 def permissions_overview(self):
314 c = self.load_default_context()
339 c = self.load_default_context()
315 c.active = 'perms'
340 c.active = 'perms'
316
341
317 c.user = User.get_default_user(refresh=True)
342 c.user = User.get_default_user(refresh=True)
318 c.perm_user = c.user.AuthUser()
343 c.perm_user = c.user.AuthUser()
319 return self._get_template_context(c)
344 return self._get_template_context(c)
320
345
321 @LoginRequired()
346 @LoginRequired()
322 @HasPermissionAllDecorator('hg.admin')
347 @HasPermissionAllDecorator('hg.admin')
323 @view_config(
348 @view_config(
324 route_name='admin_permissions_auth_token_access', request_method='GET',
349 route_name='admin_permissions_auth_token_access', request_method='GET',
325 renderer='rhodecode:templates/admin/permissions/permissions.mako')
350 renderer='rhodecode:templates/admin/permissions/permissions.mako')
326 def auth_token_access(self):
351 def auth_token_access(self):
327 from rhodecode import CONFIG
352 from rhodecode import CONFIG
328
353
329 c = self.load_default_context()
354 c = self.load_default_context()
330 c.active = 'auth_token_access'
355 c.active = 'auth_token_access'
331
356
332 c.user = User.get_default_user(refresh=True)
357 c.user = User.get_default_user(refresh=True)
333 c.perm_user = c.user.AuthUser()
358 c.perm_user = c.user.AuthUser()
334
359
335 mapper = self.request.registry.queryUtility(IRoutesMapper)
360 mapper = self.request.registry.queryUtility(IRoutesMapper)
336 c.view_data = []
361 c.view_data = []
337
362
338 _argument_prog = re.compile('\{(.*?)\}|:\((.*)\)')
363 _argument_prog = re.compile('\{(.*?)\}|:\((.*)\)')
339 introspector = self.request.registry.introspector
364 introspector = self.request.registry.introspector
340
365
341 view_intr = {}
366 view_intr = {}
342 for view_data in introspector.get_category('views'):
367 for view_data in introspector.get_category('views'):
343 intr = view_data['introspectable']
368 intr = view_data['introspectable']
344
369
345 if 'route_name' in intr and intr['attr']:
370 if 'route_name' in intr and intr['attr']:
346 view_intr[intr['route_name']] = '{}:{}'.format(
371 view_intr[intr['route_name']] = '{}:{}'.format(
347 str(intr['derived_callable'].func_name), intr['attr']
372 str(intr['derived_callable'].func_name), intr['attr']
348 )
373 )
349
374
350 c.whitelist_key = 'api_access_controllers_whitelist'
375 c.whitelist_key = 'api_access_controllers_whitelist'
351 c.whitelist_file = CONFIG.get('__file__')
376 c.whitelist_file = CONFIG.get('__file__')
352 whitelist_views = aslist(
377 whitelist_views = aslist(
353 CONFIG.get(c.whitelist_key), sep=',')
378 CONFIG.get(c.whitelist_key), sep=',')
354
379
355 for route_info in mapper.get_routes():
380 for route_info in mapper.get_routes():
356 if not route_info.name.startswith('__'):
381 if not route_info.name.startswith('__'):
357 routepath = route_info.pattern
382 routepath = route_info.pattern
358
383
359 def replace(matchobj):
384 def replace(matchobj):
360 if matchobj.group(1):
385 if matchobj.group(1):
361 return "{%s}" % matchobj.group(1).split(':')[0]
386 return "{%s}" % matchobj.group(1).split(':')[0]
362 else:
387 else:
363 return "{%s}" % matchobj.group(2)
388 return "{%s}" % matchobj.group(2)
364
389
365 routepath = _argument_prog.sub(replace, routepath)
390 routepath = _argument_prog.sub(replace, routepath)
366
391
367 if not routepath.startswith('/'):
392 if not routepath.startswith('/'):
368 routepath = '/' + routepath
393 routepath = '/' + routepath
369
394
370 view_fqn = view_intr.get(route_info.name, 'NOT AVAILABLE')
395 view_fqn = view_intr.get(route_info.name, 'NOT AVAILABLE')
371 active = view_fqn in whitelist_views
396 active = view_fqn in whitelist_views
372 c.view_data.append((route_info.name, view_fqn, routepath, active))
397 c.view_data.append((route_info.name, view_fqn, routepath, active))
373
398
374 c.whitelist_views = whitelist_views
399 c.whitelist_views = whitelist_views
375 return self._get_template_context(c)
400 return self._get_template_context(c)
376
401
377 def ssh_enabled(self):
402 def ssh_enabled(self):
378 return self.request.registry.settings.get(
403 return self.request.registry.settings.get(
379 'ssh.generate_authorized_keyfile')
404 'ssh.generate_authorized_keyfile')
380
405
381 @LoginRequired()
406 @LoginRequired()
382 @HasPermissionAllDecorator('hg.admin')
407 @HasPermissionAllDecorator('hg.admin')
383 @view_config(
408 @view_config(
384 route_name='admin_permissions_ssh_keys', request_method='GET',
409 route_name='admin_permissions_ssh_keys', request_method='GET',
385 renderer='rhodecode:templates/admin/permissions/permissions.mako')
410 renderer='rhodecode:templates/admin/permissions/permissions.mako')
386 def ssh_keys(self):
411 def ssh_keys(self):
387 c = self.load_default_context()
412 c = self.load_default_context()
388 c.active = 'ssh_keys'
413 c.active = 'ssh_keys'
389 c.ssh_enabled = self.ssh_enabled()
414 c.ssh_enabled = self.ssh_enabled()
390 return self._get_template_context(c)
415 return self._get_template_context(c)
391
416
392 @LoginRequired()
417 @LoginRequired()
393 @HasPermissionAllDecorator('hg.admin')
418 @HasPermissionAllDecorator('hg.admin')
394 @view_config(
419 @view_config(
395 route_name='admin_permissions_ssh_keys_data', request_method='GET',
420 route_name='admin_permissions_ssh_keys_data', request_method='GET',
396 renderer='json_ext', xhr=True)
421 renderer='json_ext', xhr=True)
397 def ssh_keys_data(self):
422 def ssh_keys_data(self):
398 _ = self.request.translate
423 _ = self.request.translate
399 self.load_default_context()
424 self.load_default_context()
400 column_map = {
425 column_map = {
401 'fingerprint': 'ssh_key_fingerprint',
426 'fingerprint': 'ssh_key_fingerprint',
402 'username': User.username
427 'username': User.username
403 }
428 }
404 draw, start, limit = self._extract_chunk(self.request)
429 draw, start, limit = self._extract_chunk(self.request)
405 search_q, order_by, order_dir = self._extract_ordering(
430 search_q, order_by, order_dir = self._extract_ordering(
406 self.request, column_map=column_map)
431 self.request, column_map=column_map)
407
432
408 ssh_keys_data_total_count = UserSshKeys.query()\
433 ssh_keys_data_total_count = UserSshKeys.query()\
409 .count()
434 .count()
410
435
411 # json generate
436 # json generate
412 base_q = UserSshKeys.query().join(UserSshKeys.user)
437 base_q = UserSshKeys.query().join(UserSshKeys.user)
413
438
414 if search_q:
439 if search_q:
415 like_expression = u'%{}%'.format(safe_unicode(search_q))
440 like_expression = u'%{}%'.format(safe_unicode(search_q))
416 base_q = base_q.filter(or_(
441 base_q = base_q.filter(or_(
417 User.username.ilike(like_expression),
442 User.username.ilike(like_expression),
418 UserSshKeys.ssh_key_fingerprint.ilike(like_expression),
443 UserSshKeys.ssh_key_fingerprint.ilike(like_expression),
419 ))
444 ))
420
445
421 users_data_total_filtered_count = base_q.count()
446 users_data_total_filtered_count = base_q.count()
422
447
423 sort_col = self._get_order_col(order_by, UserSshKeys)
448 sort_col = self._get_order_col(order_by, UserSshKeys)
424 if sort_col:
449 if sort_col:
425 if order_dir == 'asc':
450 if order_dir == 'asc':
426 # handle null values properly to order by NULL last
451 # handle null values properly to order by NULL last
427 if order_by in ['created_on']:
452 if order_by in ['created_on']:
428 sort_col = coalesce(sort_col, datetime.date.max)
453 sort_col = coalesce(sort_col, datetime.date.max)
429 sort_col = sort_col.asc()
454 sort_col = sort_col.asc()
430 else:
455 else:
431 # handle null values properly to order by NULL last
456 # handle null values properly to order by NULL last
432 if order_by in ['created_on']:
457 if order_by in ['created_on']:
433 sort_col = coalesce(sort_col, datetime.date.min)
458 sort_col = coalesce(sort_col, datetime.date.min)
434 sort_col = sort_col.desc()
459 sort_col = sort_col.desc()
435
460
436 base_q = base_q.order_by(sort_col)
461 base_q = base_q.order_by(sort_col)
437 base_q = base_q.offset(start).limit(limit)
462 base_q = base_q.offset(start).limit(limit)
438
463
439 ssh_keys = base_q.all()
464 ssh_keys = base_q.all()
440
465
441 ssh_keys_data = []
466 ssh_keys_data = []
442 for ssh_key in ssh_keys:
467 for ssh_key in ssh_keys:
443 ssh_keys_data.append({
468 ssh_keys_data.append({
444 "username": h.gravatar_with_user(self.request, ssh_key.user.username),
469 "username": h.gravatar_with_user(self.request, ssh_key.user.username),
445 "fingerprint": ssh_key.ssh_key_fingerprint,
470 "fingerprint": ssh_key.ssh_key_fingerprint,
446 "description": ssh_key.description,
471 "description": ssh_key.description,
447 "created_on": h.format_date(ssh_key.created_on),
472 "created_on": h.format_date(ssh_key.created_on),
448 "accessed_on": h.format_date(ssh_key.accessed_on),
473 "accessed_on": h.format_date(ssh_key.accessed_on),
449 "action": h.link_to(
474 "action": h.link_to(
450 _('Edit'), h.route_path('edit_user_ssh_keys',
475 _('Edit'), h.route_path('edit_user_ssh_keys',
451 user_id=ssh_key.user.user_id))
476 user_id=ssh_key.user.user_id))
452 })
477 })
453
478
454 data = ({
479 data = ({
455 'draw': draw,
480 'draw': draw,
456 'data': ssh_keys_data,
481 'data': ssh_keys_data,
457 'recordsTotal': ssh_keys_data_total_count,
482 'recordsTotal': ssh_keys_data_total_count,
458 'recordsFiltered': users_data_total_filtered_count,
483 'recordsFiltered': users_data_total_filtered_count,
459 })
484 })
460
485
461 return data
486 return data
462
487
463 @LoginRequired()
488 @LoginRequired()
464 @HasPermissionAllDecorator('hg.admin')
489 @HasPermissionAllDecorator('hg.admin')
465 @CSRFRequired()
490 @CSRFRequired()
466 @view_config(
491 @view_config(
467 route_name='admin_permissions_ssh_keys_update', request_method='POST',
492 route_name='admin_permissions_ssh_keys_update', request_method='POST',
468 renderer='rhodecode:templates/admin/permissions/permissions.mako')
493 renderer='rhodecode:templates/admin/permissions/permissions.mako')
469 def ssh_keys_update(self):
494 def ssh_keys_update(self):
470 _ = self.request.translate
495 _ = self.request.translate
471 self.load_default_context()
496 self.load_default_context()
472
497
473 ssh_enabled = self.ssh_enabled()
498 ssh_enabled = self.ssh_enabled()
474 key_file = self.request.registry.settings.get(
499 key_file = self.request.registry.settings.get(
475 'ssh.authorized_keys_file_path')
500 'ssh.authorized_keys_file_path')
476 if ssh_enabled:
501 if ssh_enabled:
477 trigger(SshKeyFileChangeEvent(), self.request.registry)
502 trigger(SshKeyFileChangeEvent(), self.request.registry)
478 h.flash(_('Updated SSH keys file: {}').format(key_file),
503 h.flash(_('Updated SSH keys file: {}').format(key_file),
479 category='success')
504 category='success')
480 else:
505 else:
481 h.flash(_('SSH key support is disabled in .ini file'),
506 h.flash(_('SSH key support is disabled in .ini file'),
482 category='warning')
507 category='warning')
483
508
484 raise HTTPFound(h.route_path('admin_permissions_ssh_keys'))
509 raise HTTPFound(h.route_path('admin_permissions_ssh_keys'))
Show file before | Show file after | Hide comments
@@ -1,467 +1,476 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2016-2018 RhodeCode GmbH
3 # Copyright (C) 2016-2018 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 from rhodecode.apps._base import add_route_with_slash
20 from rhodecode.apps._base import add_route_with_slash
21
21
22
22
23 def includeme(config):
23 def includeme(config):
24
24
25 # repo creating checks, special cases that aren't repo routes
25 # repo creating checks, special cases that aren't repo routes
26 config.add_route(
26 config.add_route(
27 name='repo_creating',
27 name='repo_creating',
28 pattern='/{repo_name:.*?[^/]}/repo_creating')
28 pattern='/{repo_name:.*?[^/]}/repo_creating')
29
29
30 config.add_route(
30 config.add_route(
31 name='repo_creating_check',
31 name='repo_creating_check',
32 pattern='/{repo_name:.*?[^/]}/repo_creating_check')
32 pattern='/{repo_name:.*?[^/]}/repo_creating_check')
33
33
34 # Summary
34 # Summary
35 # NOTE(marcink): one additional route is defined in very bottom, catch
35 # NOTE(marcink): one additional route is defined in very bottom, catch
36 # all pattern
36 # all pattern
37 config.add_route(
37 config.add_route(
38 name='repo_summary_explicit',
38 name='repo_summary_explicit',
39 pattern='/{repo_name:.*?[^/]}/summary', repo_route=True)
39 pattern='/{repo_name:.*?[^/]}/summary', repo_route=True)
40 config.add_route(
40 config.add_route(
41 name='repo_summary_commits',
41 name='repo_summary_commits',
42 pattern='/{repo_name:.*?[^/]}/summary-commits', repo_route=True)
42 pattern='/{repo_name:.*?[^/]}/summary-commits', repo_route=True)
43
43
44 # Commits
44 # Commits
45 config.add_route(
45 config.add_route(
46 name='repo_commit',
46 name='repo_commit',
47 pattern='/{repo_name:.*?[^/]}/changeset/{commit_id}', repo_route=True)
47 pattern='/{repo_name:.*?[^/]}/changeset/{commit_id}', repo_route=True)
48
48
49 config.add_route(
49 config.add_route(
50 name='repo_commit_children',
50 name='repo_commit_children',
51 pattern='/{repo_name:.*?[^/]}/changeset_children/{commit_id}', repo_route=True)
51 pattern='/{repo_name:.*?[^/]}/changeset_children/{commit_id}', repo_route=True)
52
52
53 config.add_route(
53 config.add_route(
54 name='repo_commit_parents',
54 name='repo_commit_parents',
55 pattern='/{repo_name:.*?[^/]}/changeset_parents/{commit_id}', repo_route=True)
55 pattern='/{repo_name:.*?[^/]}/changeset_parents/{commit_id}', repo_route=True)
56
56
57 config.add_route(
57 config.add_route(
58 name='repo_commit_raw',
58 name='repo_commit_raw',
59 pattern='/{repo_name:.*?[^/]}/changeset-diff/{commit_id}', repo_route=True)
59 pattern='/{repo_name:.*?[^/]}/changeset-diff/{commit_id}', repo_route=True)
60
60
61 config.add_route(
61 config.add_route(
62 name='repo_commit_patch',
62 name='repo_commit_patch',
63 pattern='/{repo_name:.*?[^/]}/changeset-patch/{commit_id}', repo_route=True)
63 pattern='/{repo_name:.*?[^/]}/changeset-patch/{commit_id}', repo_route=True)
64
64
65 config.add_route(
65 config.add_route(
66 name='repo_commit_download',
66 name='repo_commit_download',
67 pattern='/{repo_name:.*?[^/]}/changeset-download/{commit_id}', repo_route=True)
67 pattern='/{repo_name:.*?[^/]}/changeset-download/{commit_id}', repo_route=True)
68
68
69 config.add_route(
69 config.add_route(
70 name='repo_commit_data',
70 name='repo_commit_data',
71 pattern='/{repo_name:.*?[^/]}/changeset-data/{commit_id}', repo_route=True)
71 pattern='/{repo_name:.*?[^/]}/changeset-data/{commit_id}', repo_route=True)
72
72
73 config.add_route(
73 config.add_route(
74 name='repo_commit_comment_create',
74 name='repo_commit_comment_create',
75 pattern='/{repo_name:.*?[^/]}/changeset/{commit_id}/comment/create', repo_route=True)
75 pattern='/{repo_name:.*?[^/]}/changeset/{commit_id}/comment/create', repo_route=True)
76
76
77 config.add_route(
77 config.add_route(
78 name='repo_commit_comment_preview',
78 name='repo_commit_comment_preview',
79 pattern='/{repo_name:.*?[^/]}/changeset/{commit_id}/comment/preview', repo_route=True)
79 pattern='/{repo_name:.*?[^/]}/changeset/{commit_id}/comment/preview', repo_route=True)
80
80
81 config.add_route(
81 config.add_route(
82 name='repo_commit_comment_delete',
82 name='repo_commit_comment_delete',
83 pattern='/{repo_name:.*?[^/]}/changeset/{commit_id}/comment/{comment_id}/delete', repo_route=True)
83 pattern='/{repo_name:.*?[^/]}/changeset/{commit_id}/comment/{comment_id}/delete', repo_route=True)
84
84
85 # still working url for backward compat.
85 # still working url for backward compat.
86 config.add_route(
86 config.add_route(
87 name='repo_commit_raw_deprecated',
87 name='repo_commit_raw_deprecated',
88 pattern='/{repo_name:.*?[^/]}/raw-changeset/{commit_id}', repo_route=True)
88 pattern='/{repo_name:.*?[^/]}/raw-changeset/{commit_id}', repo_route=True)
89
89
90 # Files
90 # Files
91 config.add_route(
91 config.add_route(
92 name='repo_archivefile',
92 name='repo_archivefile',
93 pattern='/{repo_name:.*?[^/]}/archive/{fname}', repo_route=True)
93 pattern='/{repo_name:.*?[^/]}/archive/{fname}', repo_route=True)
94
94
95 config.add_route(
95 config.add_route(
96 name='repo_files_diff',
96 name='repo_files_diff',
97 pattern='/{repo_name:.*?[^/]}/diff/{f_path:.*}', repo_route=True)
97 pattern='/{repo_name:.*?[^/]}/diff/{f_path:.*}', repo_route=True)
98 config.add_route( # legacy route to make old links work
98 config.add_route( # legacy route to make old links work
99 name='repo_files_diff_2way_redirect',
99 name='repo_files_diff_2way_redirect',
100 pattern='/{repo_name:.*?[^/]}/diff-2way/{f_path:.*}', repo_route=True)
100 pattern='/{repo_name:.*?[^/]}/diff-2way/{f_path:.*}', repo_route=True)
101
101
102 config.add_route(
102 config.add_route(
103 name='repo_files',
103 name='repo_files',
104 pattern='/{repo_name:.*?[^/]}/files/{commit_id}/{f_path:.*}', repo_route=True)
104 pattern='/{repo_name:.*?[^/]}/files/{commit_id}/{f_path:.*}', repo_route=True)
105 config.add_route(
105 config.add_route(
106 name='repo_files:default_path',
106 name='repo_files:default_path',
107 pattern='/{repo_name:.*?[^/]}/files/{commit_id}/', repo_route=True)
107 pattern='/{repo_name:.*?[^/]}/files/{commit_id}/', repo_route=True)
108 config.add_route(
108 config.add_route(
109 name='repo_files:default_commit',
109 name='repo_files:default_commit',
110 pattern='/{repo_name:.*?[^/]}/files', repo_route=True)
110 pattern='/{repo_name:.*?[^/]}/files', repo_route=True)
111
111
112 config.add_route(
112 config.add_route(
113 name='repo_files:rendered',
113 name='repo_files:rendered',
114 pattern='/{repo_name:.*?[^/]}/render/{commit_id}/{f_path:.*}', repo_route=True)
114 pattern='/{repo_name:.*?[^/]}/render/{commit_id}/{f_path:.*}', repo_route=True)
115
115
116 config.add_route(
116 config.add_route(
117 name='repo_files:annotated',
117 name='repo_files:annotated',
118 pattern='/{repo_name:.*?[^/]}/annotate/{commit_id}/{f_path:.*}', repo_route=True)
118 pattern='/{repo_name:.*?[^/]}/annotate/{commit_id}/{f_path:.*}', repo_route=True)
119 config.add_route(
119 config.add_route(
120 name='repo_files:annotated_previous',
120 name='repo_files:annotated_previous',
121 pattern='/{repo_name:.*?[^/]}/annotate-previous/{commit_id}/{f_path:.*}', repo_route=True)
121 pattern='/{repo_name:.*?[^/]}/annotate-previous/{commit_id}/{f_path:.*}', repo_route=True)
122
122
123 config.add_route(
123 config.add_route(
124 name='repo_nodetree_full',
124 name='repo_nodetree_full',
125 pattern='/{repo_name:.*?[^/]}/nodetree_full/{commit_id}/{f_path:.*}', repo_route=True)
125 pattern='/{repo_name:.*?[^/]}/nodetree_full/{commit_id}/{f_path:.*}', repo_route=True)
126 config.add_route(
126 config.add_route(
127 name='repo_nodetree_full:default_path',
127 name='repo_nodetree_full:default_path',
128 pattern='/{repo_name:.*?[^/]}/nodetree_full/{commit_id}/', repo_route=True)
128 pattern='/{repo_name:.*?[^/]}/nodetree_full/{commit_id}/', repo_route=True)
129
129
130 config.add_route(
130 config.add_route(
131 name='repo_files_nodelist',
131 name='repo_files_nodelist',
132 pattern='/{repo_name:.*?[^/]}/nodelist/{commit_id}/{f_path:.*}', repo_route=True)
132 pattern='/{repo_name:.*?[^/]}/nodelist/{commit_id}/{f_path:.*}', repo_route=True)
133
133
134 config.add_route(
134 config.add_route(
135 name='repo_file_raw',
135 name='repo_file_raw',
136 pattern='/{repo_name:.*?[^/]}/raw/{commit_id}/{f_path:.*}', repo_route=True)
136 pattern='/{repo_name:.*?[^/]}/raw/{commit_id}/{f_path:.*}', repo_route=True)
137
137
138 config.add_route(
138 config.add_route(
139 name='repo_file_download',
139 name='repo_file_download',
140 pattern='/{repo_name:.*?[^/]}/download/{commit_id}/{f_path:.*}', repo_route=True)
140 pattern='/{repo_name:.*?[^/]}/download/{commit_id}/{f_path:.*}', repo_route=True)
141 config.add_route( # backward compat to keep old links working
141 config.add_route( # backward compat to keep old links working
142 name='repo_file_download:legacy',
142 name='repo_file_download:legacy',
143 pattern='/{repo_name:.*?[^/]}/rawfile/{commit_id}/{f_path:.*}',
143 pattern='/{repo_name:.*?[^/]}/rawfile/{commit_id}/{f_path:.*}',
144 repo_route=True)
144 repo_route=True)
145
145
146 config.add_route(
146 config.add_route(
147 name='repo_file_history',
147 name='repo_file_history',
148 pattern='/{repo_name:.*?[^/]}/history/{commit_id}/{f_path:.*}', repo_route=True)
148 pattern='/{repo_name:.*?[^/]}/history/{commit_id}/{f_path:.*}', repo_route=True)
149
149
150 config.add_route(
150 config.add_route(
151 name='repo_file_authors',
151 name='repo_file_authors',
152 pattern='/{repo_name:.*?[^/]}/authors/{commit_id}/{f_path:.*}', repo_route=True)
152 pattern='/{repo_name:.*?[^/]}/authors/{commit_id}/{f_path:.*}', repo_route=True)
153
153
154 config.add_route(
154 config.add_route(
155 name='repo_files_remove_file',
155 name='repo_files_remove_file',
156 pattern='/{repo_name:.*?[^/]}/remove_file/{commit_id}/{f_path:.*}',
156 pattern='/{repo_name:.*?[^/]}/remove_file/{commit_id}/{f_path:.*}',
157 repo_route=True)
157 repo_route=True)
158 config.add_route(
158 config.add_route(
159 name='repo_files_delete_file',
159 name='repo_files_delete_file',
160 pattern='/{repo_name:.*?[^/]}/delete_file/{commit_id}/{f_path:.*}',
160 pattern='/{repo_name:.*?[^/]}/delete_file/{commit_id}/{f_path:.*}',
161 repo_route=True)
161 repo_route=True)
162 config.add_route(
162 config.add_route(
163 name='repo_files_edit_file',
163 name='repo_files_edit_file',
164 pattern='/{repo_name:.*?[^/]}/edit_file/{commit_id}/{f_path:.*}',
164 pattern='/{repo_name:.*?[^/]}/edit_file/{commit_id}/{f_path:.*}',
165 repo_route=True)
165 repo_route=True)
166 config.add_route(
166 config.add_route(
167 name='repo_files_update_file',
167 name='repo_files_update_file',
168 pattern='/{repo_name:.*?[^/]}/update_file/{commit_id}/{f_path:.*}',
168 pattern='/{repo_name:.*?[^/]}/update_file/{commit_id}/{f_path:.*}',
169 repo_route=True)
169 repo_route=True)
170 config.add_route(
170 config.add_route(
171 name='repo_files_add_file',
171 name='repo_files_add_file',
172 pattern='/{repo_name:.*?[^/]}/add_file/{commit_id}/{f_path:.*}',
172 pattern='/{repo_name:.*?[^/]}/add_file/{commit_id}/{f_path:.*}',
173 repo_route=True)
173 repo_route=True)
174 config.add_route(
174 config.add_route(
175 name='repo_files_create_file',
175 name='repo_files_create_file',
176 pattern='/{repo_name:.*?[^/]}/create_file/{commit_id}/{f_path:.*}',
176 pattern='/{repo_name:.*?[^/]}/create_file/{commit_id}/{f_path:.*}',
177 repo_route=True)
177 repo_route=True)
178
178
179 # Refs data
179 # Refs data
180 config.add_route(
180 config.add_route(
181 name='repo_refs_data',
181 name='repo_refs_data',
182 pattern='/{repo_name:.*?[^/]}/refs-data', repo_route=True)
182 pattern='/{repo_name:.*?[^/]}/refs-data', repo_route=True)
183
183
184 config.add_route(
184 config.add_route(
185 name='repo_refs_changelog_data',
185 name='repo_refs_changelog_data',
186 pattern='/{repo_name:.*?[^/]}/refs-data-changelog', repo_route=True)
186 pattern='/{repo_name:.*?[^/]}/refs-data-changelog', repo_route=True)
187
187
188 config.add_route(
188 config.add_route(
189 name='repo_stats',
189 name='repo_stats',
190 pattern='/{repo_name:.*?[^/]}/repo_stats/{commit_id}', repo_route=True)
190 pattern='/{repo_name:.*?[^/]}/repo_stats/{commit_id}', repo_route=True)
191
191
192 # Changelog
192 # Changelog
193 config.add_route(
193 config.add_route(
194 name='repo_changelog',
194 name='repo_changelog',
195 pattern='/{repo_name:.*?[^/]}/changelog', repo_route=True)
195 pattern='/{repo_name:.*?[^/]}/changelog', repo_route=True)
196 config.add_route(
196 config.add_route(
197 name='repo_changelog_file',
197 name='repo_changelog_file',
198 pattern='/{repo_name:.*?[^/]}/changelog/{commit_id}/{f_path:.*}', repo_route=True)
198 pattern='/{repo_name:.*?[^/]}/changelog/{commit_id}/{f_path:.*}', repo_route=True)
199 config.add_route(
199 config.add_route(
200 name='repo_changelog_elements',
200 name='repo_changelog_elements',
201 pattern='/{repo_name:.*?[^/]}/changelog_elements', repo_route=True)
201 pattern='/{repo_name:.*?[^/]}/changelog_elements', repo_route=True)
202 config.add_route(
202 config.add_route(
203 name='repo_changelog_elements_file',
203 name='repo_changelog_elements_file',
204 pattern='/{repo_name:.*?[^/]}/changelog_elements/{commit_id}/{f_path:.*}', repo_route=True)
204 pattern='/{repo_name:.*?[^/]}/changelog_elements/{commit_id}/{f_path:.*}', repo_route=True)
205
205
206 # Compare
206 # Compare
207 config.add_route(
207 config.add_route(
208 name='repo_compare_select',
208 name='repo_compare_select',
209 pattern='/{repo_name:.*?[^/]}/compare', repo_route=True)
209 pattern='/{repo_name:.*?[^/]}/compare', repo_route=True)
210
210
211 config.add_route(
211 config.add_route(
212 name='repo_compare',
212 name='repo_compare',
213 pattern='/{repo_name:.*?[^/]}/compare/{source_ref_type}@{source_ref:.*?}...{target_ref_type}@{target_ref:.*?}', repo_route=True)
213 pattern='/{repo_name:.*?[^/]}/compare/{source_ref_type}@{source_ref:.*?}...{target_ref_type}@{target_ref:.*?}', repo_route=True)
214
214
215 # Tags
215 # Tags
216 config.add_route(
216 config.add_route(
217 name='tags_home',
217 name='tags_home',
218 pattern='/{repo_name:.*?[^/]}/tags', repo_route=True)
218 pattern='/{repo_name:.*?[^/]}/tags', repo_route=True)
219
219
220 # Branches
220 # Branches
221 config.add_route(
221 config.add_route(
222 name='branches_home',
222 name='branches_home',
223 pattern='/{repo_name:.*?[^/]}/branches', repo_route=True)
223 pattern='/{repo_name:.*?[^/]}/branches', repo_route=True)
224
224
225 # Bookmarks
225 # Bookmarks
226 config.add_route(
226 config.add_route(
227 name='bookmarks_home',
227 name='bookmarks_home',
228 pattern='/{repo_name:.*?[^/]}/bookmarks', repo_route=True)
228 pattern='/{repo_name:.*?[^/]}/bookmarks', repo_route=True)
229
229
230 # Forks
230 # Forks
231 config.add_route(
231 config.add_route(
232 name='repo_fork_new',
232 name='repo_fork_new',
233 pattern='/{repo_name:.*?[^/]}/fork', repo_route=True,
233 pattern='/{repo_name:.*?[^/]}/fork', repo_route=True,
234 repo_accepted_types=['hg', 'git'])
234 repo_accepted_types=['hg', 'git'])
235
235
236 config.add_route(
236 config.add_route(
237 name='repo_fork_create',
237 name='repo_fork_create',
238 pattern='/{repo_name:.*?[^/]}/fork/create', repo_route=True,
238 pattern='/{repo_name:.*?[^/]}/fork/create', repo_route=True,
239 repo_accepted_types=['hg', 'git'])
239 repo_accepted_types=['hg', 'git'])
240
240
241 config.add_route(
241 config.add_route(
242 name='repo_forks_show_all',
242 name='repo_forks_show_all',
243 pattern='/{repo_name:.*?[^/]}/forks', repo_route=True,
243 pattern='/{repo_name:.*?[^/]}/forks', repo_route=True,
244 repo_accepted_types=['hg', 'git'])
244 repo_accepted_types=['hg', 'git'])
245 config.add_route(
245 config.add_route(
246 name='repo_forks_data',
246 name='repo_forks_data',
247 pattern='/{repo_name:.*?[^/]}/forks/data', repo_route=True,
247 pattern='/{repo_name:.*?[^/]}/forks/data', repo_route=True,
248 repo_accepted_types=['hg', 'git'])
248 repo_accepted_types=['hg', 'git'])
249
249
250 # Pull Requests
250 # Pull Requests
251 config.add_route(
251 config.add_route(
252 name='pullrequest_show',
252 name='pullrequest_show',
253 pattern='/{repo_name:.*?[^/]}/pull-request/{pull_request_id:\d+}',
253 pattern='/{repo_name:.*?[^/]}/pull-request/{pull_request_id:\d+}',
254 repo_route=True)
254 repo_route=True)
255
255
256 config.add_route(
256 config.add_route(
257 name='pullrequest_show_all',
257 name='pullrequest_show_all',
258 pattern='/{repo_name:.*?[^/]}/pull-request',
258 pattern='/{repo_name:.*?[^/]}/pull-request',
259 repo_route=True, repo_accepted_types=['hg', 'git'])
259 repo_route=True, repo_accepted_types=['hg', 'git'])
260
260
261 config.add_route(
261 config.add_route(
262 name='pullrequest_show_all_data',
262 name='pullrequest_show_all_data',
263 pattern='/{repo_name:.*?[^/]}/pull-request-data',
263 pattern='/{repo_name:.*?[^/]}/pull-request-data',
264 repo_route=True, repo_accepted_types=['hg', 'git'])
264 repo_route=True, repo_accepted_types=['hg', 'git'])
265
265
266 config.add_route(
266 config.add_route(
267 name='pullrequest_repo_refs',
267 name='pullrequest_repo_refs',
268 pattern='/{repo_name:.*?[^/]}/pull-request/refs/{target_repo_name:.*?[^/]}',
268 pattern='/{repo_name:.*?[^/]}/pull-request/refs/{target_repo_name:.*?[^/]}',
269 repo_route=True)
269 repo_route=True)
270
270
271 config.add_route(
271 config.add_route(
272 name='pullrequest_repo_destinations',
272 name='pullrequest_repo_destinations',
273 pattern='/{repo_name:.*?[^/]}/pull-request/repo-destinations',
273 pattern='/{repo_name:.*?[^/]}/pull-request/repo-destinations',
274 repo_route=True)
274 repo_route=True)
275
275
276 config.add_route(
276 config.add_route(
277 name='pullrequest_new',
277 name='pullrequest_new',
278 pattern='/{repo_name:.*?[^/]}/pull-request/new',
278 pattern='/{repo_name:.*?[^/]}/pull-request/new',
279 repo_route=True, repo_accepted_types=['hg', 'git'])
279 repo_route=True, repo_accepted_types=['hg', 'git'])
280
280
281 config.add_route(
281 config.add_route(
282 name='pullrequest_create',
282 name='pullrequest_create',
283 pattern='/{repo_name:.*?[^/]}/pull-request/create',
283 pattern='/{repo_name:.*?[^/]}/pull-request/create',
284 repo_route=True, repo_accepted_types=['hg', 'git'])
284 repo_route=True, repo_accepted_types=['hg', 'git'])
285
285
286 config.add_route(
286 config.add_route(
287 name='pullrequest_update',
287 name='pullrequest_update',
288 pattern='/{repo_name:.*?[^/]}/pull-request/{pull_request_id:\d+}/update',
288 pattern='/{repo_name:.*?[^/]}/pull-request/{pull_request_id:\d+}/update',
289 repo_route=True)
289 repo_route=True)
290
290
291 config.add_route(
291 config.add_route(
292 name='pullrequest_merge',
292 name='pullrequest_merge',
293 pattern='/{repo_name:.*?[^/]}/pull-request/{pull_request_id:\d+}/merge',
293 pattern='/{repo_name:.*?[^/]}/pull-request/{pull_request_id:\d+}/merge',
294 repo_route=True)
294 repo_route=True)
295
295
296 config.add_route(
296 config.add_route(
297 name='pullrequest_delete',
297 name='pullrequest_delete',
298 pattern='/{repo_name:.*?[^/]}/pull-request/{pull_request_id:\d+}/delete',
298 pattern='/{repo_name:.*?[^/]}/pull-request/{pull_request_id:\d+}/delete',
299 repo_route=True)
299 repo_route=True)
300
300
301 config.add_route(
301 config.add_route(
302 name='pullrequest_comment_create',
302 name='pullrequest_comment_create',
303 pattern='/{repo_name:.*?[^/]}/pull-request/{pull_request_id:\d+}/comment',
303 pattern='/{repo_name:.*?[^/]}/pull-request/{pull_request_id:\d+}/comment',
304 repo_route=True)
304 repo_route=True)
305
305
306 config.add_route(
306 config.add_route(
307 name='pullrequest_comment_delete',
307 name='pullrequest_comment_delete',
308 pattern='/{repo_name:.*?[^/]}/pull-request/{pull_request_id:\d+}/comment/{comment_id}/delete',
308 pattern='/{repo_name:.*?[^/]}/pull-request/{pull_request_id:\d+}/comment/{comment_id}/delete',
309 repo_route=True, repo_accepted_types=['hg', 'git'])
309 repo_route=True, repo_accepted_types=['hg', 'git'])
310
310
311 # Settings
311 # Settings
312 config.add_route(
312 config.add_route(
313 name='edit_repo',
313 name='edit_repo',
314 pattern='/{repo_name:.*?[^/]}/settings', repo_route=True)
314 pattern='/{repo_name:.*?[^/]}/settings', repo_route=True)
315 # update is POST on edit_repo
315 # update is POST on edit_repo
316
316
317 # Settings advanced
317 # Settings advanced
318 config.add_route(
318 config.add_route(
319 name='edit_repo_advanced',
319 name='edit_repo_advanced',
320 pattern='/{repo_name:.*?[^/]}/settings/advanced', repo_route=True)
320 pattern='/{repo_name:.*?[^/]}/settings/advanced', repo_route=True)
321 config.add_route(
321 config.add_route(
322 name='edit_repo_advanced_delete',
322 name='edit_repo_advanced_delete',
323 pattern='/{repo_name:.*?[^/]}/settings/advanced/delete', repo_route=True)
323 pattern='/{repo_name:.*?[^/]}/settings/advanced/delete', repo_route=True)
324 config.add_route(
324 config.add_route(
325 name='edit_repo_advanced_locking',
325 name='edit_repo_advanced_locking',
326 pattern='/{repo_name:.*?[^/]}/settings/advanced/locking', repo_route=True)
326 pattern='/{repo_name:.*?[^/]}/settings/advanced/locking', repo_route=True)
327 config.add_route(
327 config.add_route(
328 name='edit_repo_advanced_journal',
328 name='edit_repo_advanced_journal',
329 pattern='/{repo_name:.*?[^/]}/settings/advanced/journal', repo_route=True)
329 pattern='/{repo_name:.*?[^/]}/settings/advanced/journal', repo_route=True)
330 config.add_route(
330 config.add_route(
331 name='edit_repo_advanced_fork',
331 name='edit_repo_advanced_fork',
332 pattern='/{repo_name:.*?[^/]}/settings/advanced/fork', repo_route=True)
332 pattern='/{repo_name:.*?[^/]}/settings/advanced/fork', repo_route=True)
333
333
334 config.add_route(
334 config.add_route(
335 name='edit_repo_advanced_hooks',
335 name='edit_repo_advanced_hooks',
336 pattern='/{repo_name:.*?[^/]}/settings/advanced/hooks', repo_route=True)
336 pattern='/{repo_name:.*?[^/]}/settings/advanced/hooks', repo_route=True)
337
337
338 # Caches
338 # Caches
339 config.add_route(
339 config.add_route(
340 name='edit_repo_caches',
340 name='edit_repo_caches',
341 pattern='/{repo_name:.*?[^/]}/settings/caches', repo_route=True)
341 pattern='/{repo_name:.*?[^/]}/settings/caches', repo_route=True)
342
342
343 # Permissions
343 # Permissions
344 config.add_route(
344 config.add_route(
345 name='edit_repo_perms',
345 name='edit_repo_perms',
346 pattern='/{repo_name:.*?[^/]}/settings/permissions', repo_route=True)
346 pattern='/{repo_name:.*?[^/]}/settings/permissions', repo_route=True)
347
347
348 # Permissions Branch (EE feature)
349 config.add_route(
350 name='edit_repo_perms_branch',
351 pattern='/{repo_name:.*?[^/]}/settings/branch_permissions', repo_route=True)
352 config.add_route(
353 name='edit_repo_perms_branch_delete',
354 pattern='/{repo_name:.*?[^/]}/settings/branch_permissions/{rule_id}/delete',
355 repo_route=True)
356
348 # Maintenance
357 # Maintenance
349 config.add_route(
358 config.add_route(
350 name='edit_repo_maintenance',
359 name='edit_repo_maintenance',
351 pattern='/{repo_name:.*?[^/]}/settings/maintenance', repo_route=True)
360 pattern='/{repo_name:.*?[^/]}/settings/maintenance', repo_route=True)
352
361
353 config.add_route(
362 config.add_route(
354 name='edit_repo_maintenance_execute',
363 name='edit_repo_maintenance_execute',
355 pattern='/{repo_name:.*?[^/]}/settings/maintenance/execute', repo_route=True)
364 pattern='/{repo_name:.*?[^/]}/settings/maintenance/execute', repo_route=True)
356
365
357 # Fields
366 # Fields
358 config.add_route(
367 config.add_route(
359 name='edit_repo_fields',
368 name='edit_repo_fields',
360 pattern='/{repo_name:.*?[^/]}/settings/fields', repo_route=True)
369 pattern='/{repo_name:.*?[^/]}/settings/fields', repo_route=True)
361 config.add_route(
370 config.add_route(
362 name='edit_repo_fields_create',
371 name='edit_repo_fields_create',
363 pattern='/{repo_name:.*?[^/]}/settings/fields/create', repo_route=True)
372 pattern='/{repo_name:.*?[^/]}/settings/fields/create', repo_route=True)
364 config.add_route(
373 config.add_route(
365 name='edit_repo_fields_delete',
374 name='edit_repo_fields_delete',
366 pattern='/{repo_name:.*?[^/]}/settings/fields/{field_id}/delete', repo_route=True)
375 pattern='/{repo_name:.*?[^/]}/settings/fields/{field_id}/delete', repo_route=True)
367
376
368 # Locking
377 # Locking
369 config.add_route(
378 config.add_route(
370 name='repo_edit_toggle_locking',
379 name='repo_edit_toggle_locking',
371 pattern='/{repo_name:.*?[^/]}/settings/toggle_locking', repo_route=True)
380 pattern='/{repo_name:.*?[^/]}/settings/toggle_locking', repo_route=True)
372
381
373 # Remote
382 # Remote
374 config.add_route(
383 config.add_route(
375 name='edit_repo_remote',
384 name='edit_repo_remote',
376 pattern='/{repo_name:.*?[^/]}/settings/remote', repo_route=True)
385 pattern='/{repo_name:.*?[^/]}/settings/remote', repo_route=True)
377 config.add_route(
386 config.add_route(
378 name='edit_repo_remote_pull',
387 name='edit_repo_remote_pull',
379 pattern='/{repo_name:.*?[^/]}/settings/remote/pull', repo_route=True)
388 pattern='/{repo_name:.*?[^/]}/settings/remote/pull', repo_route=True)
380 config.add_route(
389 config.add_route(
381 name='edit_repo_remote_push',
390 name='edit_repo_remote_push',
382 pattern='/{repo_name:.*?[^/]}/settings/remote/push', repo_route=True)
391 pattern='/{repo_name:.*?[^/]}/settings/remote/push', repo_route=True)
383
392
384 # Statistics
393 # Statistics
385 config.add_route(
394 config.add_route(
386 name='edit_repo_statistics',
395 name='edit_repo_statistics',
387 pattern='/{repo_name:.*?[^/]}/settings/statistics', repo_route=True)
396 pattern='/{repo_name:.*?[^/]}/settings/statistics', repo_route=True)
388 config.add_route(
397 config.add_route(
389 name='edit_repo_statistics_reset',
398 name='edit_repo_statistics_reset',
390 pattern='/{repo_name:.*?[^/]}/settings/statistics/update', repo_route=True)
399 pattern='/{repo_name:.*?[^/]}/settings/statistics/update', repo_route=True)
391
400
392 # Issue trackers
401 # Issue trackers
393 config.add_route(
402 config.add_route(
394 name='edit_repo_issuetracker',
403 name='edit_repo_issuetracker',
395 pattern='/{repo_name:.*?[^/]}/settings/issue_trackers', repo_route=True)
404 pattern='/{repo_name:.*?[^/]}/settings/issue_trackers', repo_route=True)
396 config.add_route(
405 config.add_route(
397 name='edit_repo_issuetracker_test',
406 name='edit_repo_issuetracker_test',
398 pattern='/{repo_name:.*?[^/]}/settings/issue_trackers/test', repo_route=True)
407 pattern='/{repo_name:.*?[^/]}/settings/issue_trackers/test', repo_route=True)
399 config.add_route(
408 config.add_route(
400 name='edit_repo_issuetracker_delete',
409 name='edit_repo_issuetracker_delete',
401 pattern='/{repo_name:.*?[^/]}/settings/issue_trackers/delete', repo_route=True)
410 pattern='/{repo_name:.*?[^/]}/settings/issue_trackers/delete', repo_route=True)
402 config.add_route(
411 config.add_route(
403 name='edit_repo_issuetracker_update',
412 name='edit_repo_issuetracker_update',
404 pattern='/{repo_name:.*?[^/]}/settings/issue_trackers/update', repo_route=True)
413 pattern='/{repo_name:.*?[^/]}/settings/issue_trackers/update', repo_route=True)
405
414
406 # VCS Settings
415 # VCS Settings
407 config.add_route(
416 config.add_route(
408 name='edit_repo_vcs',
417 name='edit_repo_vcs',
409 pattern='/{repo_name:.*?[^/]}/settings/vcs', repo_route=True)
418 pattern='/{repo_name:.*?[^/]}/settings/vcs', repo_route=True)
410 config.add_route(
419 config.add_route(
411 name='edit_repo_vcs_update',
420 name='edit_repo_vcs_update',
412 pattern='/{repo_name:.*?[^/]}/settings/vcs/update', repo_route=True)
421 pattern='/{repo_name:.*?[^/]}/settings/vcs/update', repo_route=True)
413
422
414 # svn pattern
423 # svn pattern
415 config.add_route(
424 config.add_route(
416 name='edit_repo_vcs_svn_pattern_delete',
425 name='edit_repo_vcs_svn_pattern_delete',
417 pattern='/{repo_name:.*?[^/]}/settings/vcs/svn_pattern/delete', repo_route=True)
426 pattern='/{repo_name:.*?[^/]}/settings/vcs/svn_pattern/delete', repo_route=True)
418
427
419 # Repo Review Rules (EE feature)
428 # Repo Review Rules (EE feature)
420 config.add_route(
429 config.add_route(
421 name='repo_reviewers',
430 name='repo_reviewers',
422 pattern='/{repo_name:.*?[^/]}/settings/review/rules', repo_route=True)
431 pattern='/{repo_name:.*?[^/]}/settings/review/rules', repo_route=True)
423
432
424 config.add_route(
433 config.add_route(
425 name='repo_default_reviewers_data',
434 name='repo_default_reviewers_data',
426 pattern='/{repo_name:.*?[^/]}/settings/review/default-reviewers', repo_route=True)
435 pattern='/{repo_name:.*?[^/]}/settings/review/default-reviewers', repo_route=True)
427
436
428 # Repo Automation (EE feature)
437 # Repo Automation (EE feature)
429 config.add_route(
438 config.add_route(
430 name='repo_automation',
439 name='repo_automation',
431 pattern='/{repo_name:.*?[^/]}/settings/automation', repo_route=True)
440 pattern='/{repo_name:.*?[^/]}/settings/automation', repo_route=True)
432
441
433 # Strip
442 # Strip
434 config.add_route(
443 config.add_route(
435 name='edit_repo_strip',
444 name='edit_repo_strip',
436 pattern='/{repo_name:.*?[^/]}/settings/strip', repo_route=True)
445 pattern='/{repo_name:.*?[^/]}/settings/strip', repo_route=True)
437
446
438 config.add_route(
447 config.add_route(
439 name='strip_check',
448 name='strip_check',
440 pattern='/{repo_name:.*?[^/]}/settings/strip_check', repo_route=True)
449 pattern='/{repo_name:.*?[^/]}/settings/strip_check', repo_route=True)
441
450
442 config.add_route(
451 config.add_route(
443 name='strip_execute',
452 name='strip_execute',
444 pattern='/{repo_name:.*?[^/]}/settings/strip_execute', repo_route=True)
453 pattern='/{repo_name:.*?[^/]}/settings/strip_execute', repo_route=True)
445
454
446 # Audit logs
455 # Audit logs
447 config.add_route(
456 config.add_route(
448 name='edit_repo_audit_logs',
457 name='edit_repo_audit_logs',
449 pattern='/{repo_name:.*?[^/]}/settings/audit_logs', repo_route=True)
458 pattern='/{repo_name:.*?[^/]}/settings/audit_logs', repo_route=True)
450
459
451 # ATOM/RSS Feed
460 # ATOM/RSS Feed
452 config.add_route(
461 config.add_route(
453 name='rss_feed_home',
462 name='rss_feed_home',
454 pattern='/{repo_name:.*?[^/]}/feed/rss', repo_route=True)
463 pattern='/{repo_name:.*?[^/]}/feed/rss', repo_route=True)
455
464
456 config.add_route(
465 config.add_route(
457 name='atom_feed_home',
466 name='atom_feed_home',
458 pattern='/{repo_name:.*?[^/]}/feed/atom', repo_route=True)
467 pattern='/{repo_name:.*?[^/]}/feed/atom', repo_route=True)
459
468
460 # NOTE(marcink): needs to be at the end for catch-all
469 # NOTE(marcink): needs to be at the end for catch-all
461 add_route_with_slash(
470 add_route_with_slash(
462 config,
471 config,
463 name='repo_summary',
472 name='repo_summary',
464 pattern='/{repo_name:.*?[^/]}', repo_route=True)
473 pattern='/{repo_name:.*?[^/]}', repo_route=True)
465
474
466 # Scan module for configuration decorators.
475 # Scan module for configuration decorators.
467 config.scan('.views', ignore='.tests')
476 config.scan('.views', ignore='.tests')
Show file before | Show file after | Hide comments
@@ -1,2195 +1,2295 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2018 RhodeCode GmbH
3 # Copyright (C) 2010-2018 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 """
21 """
22 authentication and permission libraries
22 authentication and permission libraries
23 """
23 """
24
24
25 import os
25 import os
26 import time
26 import time
27 import inspect
27 import inspect
28 import collections
28 import collections
29 import fnmatch
29 import fnmatch
30 import hashlib
30 import hashlib
31 import itertools
31 import itertools
32 import logging
32 import logging
33 import random
33 import random
34 import traceback
34 import traceback
35 from functools import wraps
35 from functools import wraps
36
36
37 import ipaddress
37 import ipaddress
38
38
39 from pyramid.httpexceptions import HTTPForbidden, HTTPFound, HTTPNotFound
39 from pyramid.httpexceptions import HTTPForbidden, HTTPFound, HTTPNotFound
40 from sqlalchemy.orm.exc import ObjectDeletedError
40 from sqlalchemy.orm.exc import ObjectDeletedError
41 from sqlalchemy.orm import joinedload
41 from sqlalchemy.orm import joinedload
42 from zope.cachedescriptors.property import Lazy as LazyProperty
42 from zope.cachedescriptors.property import Lazy as LazyProperty
43
43
44 import rhodecode
44 import rhodecode
45 from rhodecode.model import meta
45 from rhodecode.model import meta
46 from rhodecode.model.meta import Session
46 from rhodecode.model.meta import Session
47 from rhodecode.model.user import UserModel
47 from rhodecode.model.user import UserModel
48 from rhodecode.model.db import (
48 from rhodecode.model.db import (
49 User, Repository, Permission, UserToPerm, UserGroupToPerm, UserGroupMember,
49 User, Repository, Permission, UserToPerm, UserGroupToPerm, UserGroupMember,
50 UserIpMap, UserApiKeys, RepoGroup, UserGroup)
50 UserIpMap, UserApiKeys, RepoGroup, UserGroup)
51 from rhodecode.lib import rc_cache
51 from rhodecode.lib import rc_cache
52 from rhodecode.lib.utils2 import safe_unicode, aslist, safe_str, md5, safe_int, sha1
52 from rhodecode.lib.utils2 import safe_unicode, aslist, safe_str, md5, safe_int, sha1
53 from rhodecode.lib.utils import (
53 from rhodecode.lib.utils import (
54 get_repo_slug, get_repo_group_slug, get_user_group_slug)
54 get_repo_slug, get_repo_group_slug, get_user_group_slug)
55 from rhodecode.lib.caching_query import FromCache
55 from rhodecode.lib.caching_query import FromCache
56
56
57
57
58 if rhodecode.is_unix:
58 if rhodecode.is_unix:
59 import bcrypt
59 import bcrypt
60
60
61 log = logging.getLogger(__name__)
61 log = logging.getLogger(__name__)
62
62
63 csrf_token_key = "csrf_token"
63 csrf_token_key = "csrf_token"
64
64
65
65
66 class PasswordGenerator(object):
66 class PasswordGenerator(object):
67 """
67 """
68 This is a simple class for generating password from different sets of
68 This is a simple class for generating password from different sets of
69 characters
69 characters
70 usage::
70 usage::
71
71
72 passwd_gen = PasswordGenerator()
72 passwd_gen = PasswordGenerator()
73 #print 8-letter password containing only big and small letters
73 #print 8-letter password containing only big and small letters
74 of alphabet
74 of alphabet
75 passwd_gen.gen_password(8, passwd_gen.ALPHABETS_BIG_SMALL)
75 passwd_gen.gen_password(8, passwd_gen.ALPHABETS_BIG_SMALL)
76 """
76 """
77 ALPHABETS_NUM = r'''1234567890'''
77 ALPHABETS_NUM = r'''1234567890'''
78 ALPHABETS_SMALL = r'''qwertyuiopasdfghjklzxcvbnm'''
78 ALPHABETS_SMALL = r'''qwertyuiopasdfghjklzxcvbnm'''
79 ALPHABETS_BIG = r'''QWERTYUIOPASDFGHJKLZXCVBNM'''
79 ALPHABETS_BIG = r'''QWERTYUIOPASDFGHJKLZXCVBNM'''
80 ALPHABETS_SPECIAL = r'''`-=[]\;',./~!@#$%^&*()_+{}|:"<>?'''
80 ALPHABETS_SPECIAL = r'''`-=[]\;',./~!@#$%^&*()_+{}|:"<>?'''
81 ALPHABETS_FULL = ALPHABETS_BIG + ALPHABETS_SMALL \
81 ALPHABETS_FULL = ALPHABETS_BIG + ALPHABETS_SMALL \
82 + ALPHABETS_NUM + ALPHABETS_SPECIAL
82 + ALPHABETS_NUM + ALPHABETS_SPECIAL
83 ALPHABETS_ALPHANUM = ALPHABETS_BIG + ALPHABETS_SMALL + ALPHABETS_NUM
83 ALPHABETS_ALPHANUM = ALPHABETS_BIG + ALPHABETS_SMALL + ALPHABETS_NUM
84 ALPHABETS_BIG_SMALL = ALPHABETS_BIG + ALPHABETS_SMALL
84 ALPHABETS_BIG_SMALL = ALPHABETS_BIG + ALPHABETS_SMALL
85 ALPHABETS_ALPHANUM_BIG = ALPHABETS_BIG + ALPHABETS_NUM
85 ALPHABETS_ALPHANUM_BIG = ALPHABETS_BIG + ALPHABETS_NUM
86 ALPHABETS_ALPHANUM_SMALL = ALPHABETS_SMALL + ALPHABETS_NUM
86 ALPHABETS_ALPHANUM_SMALL = ALPHABETS_SMALL + ALPHABETS_NUM
87
87
88 def __init__(self, passwd=''):
88 def __init__(self, passwd=''):
89 self.passwd = passwd
89 self.passwd = passwd
90
90
91 def gen_password(self, length, type_=None):
91 def gen_password(self, length, type_=None):
92 if type_ is None:
92 if type_ is None:
93 type_ = self.ALPHABETS_FULL
93 type_ = self.ALPHABETS_FULL
94 self.passwd = ''.join([random.choice(type_) for _ in range(length)])
94 self.passwd = ''.join([random.choice(type_) for _ in range(length)])
95 return self.passwd
95 return self.passwd
96
96
97
97
98 class _RhodeCodeCryptoBase(object):
98 class _RhodeCodeCryptoBase(object):
99 ENC_PREF = None
99 ENC_PREF = None
100
100
101 def hash_create(self, str_):
101 def hash_create(self, str_):
102 """
102 """
103 hash the string using
103 hash the string using
104
104
105 :param str_: password to hash
105 :param str_: password to hash
106 """
106 """
107 raise NotImplementedError
107 raise NotImplementedError
108
108
109 def hash_check_with_upgrade(self, password, hashed):
109 def hash_check_with_upgrade(self, password, hashed):
110 """
110 """
111 Returns tuple in which first element is boolean that states that
111 Returns tuple in which first element is boolean that states that
112 given password matches it's hashed version, and the second is new hash
112 given password matches it's hashed version, and the second is new hash
113 of the password, in case this password should be migrated to new
113 of the password, in case this password should be migrated to new
114 cipher.
114 cipher.
115 """
115 """
116 checked_hash = self.hash_check(password, hashed)
116 checked_hash = self.hash_check(password, hashed)
117 return checked_hash, None
117 return checked_hash, None
118
118
119 def hash_check(self, password, hashed):
119 def hash_check(self, password, hashed):
120 """
120 """
121 Checks matching password with it's hashed value.
121 Checks matching password with it's hashed value.
122
122
123 :param password: password
123 :param password: password
124 :param hashed: password in hashed form
124 :param hashed: password in hashed form
125 """
125 """
126 raise NotImplementedError
126 raise NotImplementedError
127
127
128 def _assert_bytes(self, value):
128 def _assert_bytes(self, value):
129 """
129 """
130 Passing in an `unicode` object can lead to hard to detect issues
130 Passing in an `unicode` object can lead to hard to detect issues
131 if passwords contain non-ascii characters. Doing a type check
131 if passwords contain non-ascii characters. Doing a type check
132 during runtime, so that such mistakes are detected early on.
132 during runtime, so that such mistakes are detected early on.
133 """
133 """
134 if not isinstance(value, str):
134 if not isinstance(value, str):
135 raise TypeError(
135 raise TypeError(
136 "Bytestring required as input, got %r." % (value, ))
136 "Bytestring required as input, got %r." % (value, ))
137
137
138
138
139 class _RhodeCodeCryptoBCrypt(_RhodeCodeCryptoBase):
139 class _RhodeCodeCryptoBCrypt(_RhodeCodeCryptoBase):
140 ENC_PREF = ('$2a$10', '$2b$10')
140 ENC_PREF = ('$2a$10', '$2b$10')
141
141
142 def hash_create(self, str_):
142 def hash_create(self, str_):
143 self._assert_bytes(str_)
143 self._assert_bytes(str_)
144 return bcrypt.hashpw(str_, bcrypt.gensalt(10))
144 return bcrypt.hashpw(str_, bcrypt.gensalt(10))
145
145
146 def hash_check_with_upgrade(self, password, hashed):
146 def hash_check_with_upgrade(self, password, hashed):
147 """
147 """
148 Returns tuple in which first element is boolean that states that
148 Returns tuple in which first element is boolean that states that
149 given password matches it's hashed version, and the second is new hash
149 given password matches it's hashed version, and the second is new hash
150 of the password, in case this password should be migrated to new
150 of the password, in case this password should be migrated to new
151 cipher.
151 cipher.
152
152
153 This implements special upgrade logic which works like that:
153 This implements special upgrade logic which works like that:
154 - check if the given password == bcrypted hash, if yes then we
154 - check if the given password == bcrypted hash, if yes then we
155 properly used password and it was already in bcrypt. Proceed
155 properly used password and it was already in bcrypt. Proceed
156 without any changes
156 without any changes
157 - if bcrypt hash check is not working try with sha256. If hash compare
157 - if bcrypt hash check is not working try with sha256. If hash compare
158 is ok, it means we using correct but old hashed password. indicate
158 is ok, it means we using correct but old hashed password. indicate
159 hash change and proceed
159 hash change and proceed
160 """
160 """
161
161
162 new_hash = None
162 new_hash = None
163
163
164 # regular pw check
164 # regular pw check
165 password_match_bcrypt = self.hash_check(password, hashed)
165 password_match_bcrypt = self.hash_check(password, hashed)
166
166
167 # now we want to know if the password was maybe from sha256
167 # now we want to know if the password was maybe from sha256
168 # basically calling _RhodeCodeCryptoSha256().hash_check()
168 # basically calling _RhodeCodeCryptoSha256().hash_check()
169 if not password_match_bcrypt:
169 if not password_match_bcrypt:
170 if _RhodeCodeCryptoSha256().hash_check(password, hashed):
170 if _RhodeCodeCryptoSha256().hash_check(password, hashed):
171 new_hash = self.hash_create(password) # make new bcrypt hash
171 new_hash = self.hash_create(password) # make new bcrypt hash
172 password_match_bcrypt = True
172 password_match_bcrypt = True
173
173
174 return password_match_bcrypt, new_hash
174 return password_match_bcrypt, new_hash
175
175
176 def hash_check(self, password, hashed):
176 def hash_check(self, password, hashed):
177 """
177 """
178 Checks matching password with it's hashed value.
178 Checks matching password with it's hashed value.
179
179
180 :param password: password
180 :param password: password
181 :param hashed: password in hashed form
181 :param hashed: password in hashed form
182 """
182 """
183 self._assert_bytes(password)
183 self._assert_bytes(password)
184 try:
184 try:
185 return bcrypt.hashpw(password, hashed) == hashed
185 return bcrypt.hashpw(password, hashed) == hashed
186 except ValueError as e:
186 except ValueError as e:
187 # we're having a invalid salt here probably, we should not crash
187 # we're having a invalid salt here probably, we should not crash
188 # just return with False as it would be a wrong password.
188 # just return with False as it would be a wrong password.
189 log.debug('Failed to check password hash using bcrypt %s',
189 log.debug('Failed to check password hash using bcrypt %s',
190 safe_str(e))
190 safe_str(e))
191
191
192 return False
192 return False
193
193
194
194
195 class _RhodeCodeCryptoSha256(_RhodeCodeCryptoBase):
195 class _RhodeCodeCryptoSha256(_RhodeCodeCryptoBase):
196 ENC_PREF = '_'
196 ENC_PREF = '_'
197
197
198 def hash_create(self, str_):
198 def hash_create(self, str_):
199 self._assert_bytes(str_)
199 self._assert_bytes(str_)
200 return hashlib.sha256(str_).hexdigest()
200 return hashlib.sha256(str_).hexdigest()
201
201
202 def hash_check(self, password, hashed):
202 def hash_check(self, password, hashed):
203 """
203 """
204 Checks matching password with it's hashed value.
204 Checks matching password with it's hashed value.
205
205
206 :param password: password
206 :param password: password
207 :param hashed: password in hashed form
207 :param hashed: password in hashed form
208 """
208 """
209 self._assert_bytes(password)
209 self._assert_bytes(password)
210 return hashlib.sha256(password).hexdigest() == hashed
210 return hashlib.sha256(password).hexdigest() == hashed
211
211
212
212
213 class _RhodeCodeCryptoTest(_RhodeCodeCryptoBase):
213 class _RhodeCodeCryptoTest(_RhodeCodeCryptoBase):
214 ENC_PREF = '_'
214 ENC_PREF = '_'
215
215
216 def hash_create(self, str_):
216 def hash_create(self, str_):
217 self._assert_bytes(str_)
217 self._assert_bytes(str_)
218 return sha1(str_)
218 return sha1(str_)
219
219
220 def hash_check(self, password, hashed):
220 def hash_check(self, password, hashed):
221 """
221 """
222 Checks matching password with it's hashed value.
222 Checks matching password with it's hashed value.
223
223
224 :param password: password
224 :param password: password
225 :param hashed: password in hashed form
225 :param hashed: password in hashed form
226 """
226 """
227 self._assert_bytes(password)
227 self._assert_bytes(password)
228 return sha1(password) == hashed
228 return sha1(password) == hashed
229
229
230
230
231 def crypto_backend():
231 def crypto_backend():
232 """
232 """
233 Return the matching crypto backend.
233 Return the matching crypto backend.
234
234
235 Selection is based on if we run tests or not, we pick sha1-test backend to run
235 Selection is based on if we run tests or not, we pick sha1-test backend to run
236 tests faster since BCRYPT is expensive to calculate
236 tests faster since BCRYPT is expensive to calculate
237 """
237 """
238 if rhodecode.is_test:
238 if rhodecode.is_test:
239 RhodeCodeCrypto = _RhodeCodeCryptoTest()
239 RhodeCodeCrypto = _RhodeCodeCryptoTest()
240 else:
240 else:
241 RhodeCodeCrypto = _RhodeCodeCryptoBCrypt()
241 RhodeCodeCrypto = _RhodeCodeCryptoBCrypt()
242
242
243 return RhodeCodeCrypto
243 return RhodeCodeCrypto
244
244
245
245
246 def get_crypt_password(password):
246 def get_crypt_password(password):
247 """
247 """
248 Create the hash of `password` with the active crypto backend.
248 Create the hash of `password` with the active crypto backend.
249
249
250 :param password: The cleartext password.
250 :param password: The cleartext password.
251 :type password: unicode
251 :type password: unicode
252 """
252 """
253 password = safe_str(password)
253 password = safe_str(password)
254 return crypto_backend().hash_create(password)
254 return crypto_backend().hash_create(password)
255
255
256
256
257 def check_password(password, hashed):
257 def check_password(password, hashed):
258 """
258 """
259 Check if the value in `password` matches the hash in `hashed`.
259 Check if the value in `password` matches the hash in `hashed`.
260
260
261 :param password: The cleartext password.
261 :param password: The cleartext password.
262 :type password: unicode
262 :type password: unicode
263
263
264 :param hashed: The expected hashed version of the password.
264 :param hashed: The expected hashed version of the password.
265 :type hashed: The hash has to be passed in in text representation.
265 :type hashed: The hash has to be passed in in text representation.
266 """
266 """
267 password = safe_str(password)
267 password = safe_str(password)
268 return crypto_backend().hash_check(password, hashed)
268 return crypto_backend().hash_check(password, hashed)
269
269
270
270
271 def generate_auth_token(data, salt=None):
271 def generate_auth_token(data, salt=None):
272 """
272 """
273 Generates API KEY from given string
273 Generates API KEY from given string
274 """
274 """
275
275
276 if salt is None:
276 if salt is None:
277 salt = os.urandom(16)
277 salt = os.urandom(16)
278 return hashlib.sha1(safe_str(data) + salt).hexdigest()
278 return hashlib.sha1(safe_str(data) + salt).hexdigest()
279
279
280
280
281 def get_came_from(request):
281 def get_came_from(request):
282 """
282 """
283 get query_string+path from request sanitized after removing auth_token
283 get query_string+path from request sanitized after removing auth_token
284 """
284 """
285 _req = request
285 _req = request
286
286
287 path = _req.path
287 path = _req.path
288 if 'auth_token' in _req.GET:
288 if 'auth_token' in _req.GET:
289 # sanitize the request and remove auth_token for redirection
289 # sanitize the request and remove auth_token for redirection
290 _req.GET.pop('auth_token')
290 _req.GET.pop('auth_token')
291 qs = _req.query_string
291 qs = _req.query_string
292 if qs:
292 if qs:
293 path += '?' + qs
293 path += '?' + qs
294
294
295 return path
295 return path
296
296
297
297
298 class CookieStoreWrapper(object):
298 class CookieStoreWrapper(object):
299
299
300 def __init__(self, cookie_store):
300 def __init__(self, cookie_store):
301 self.cookie_store = cookie_store
301 self.cookie_store = cookie_store
302
302
303 def __repr__(self):
303 def __repr__(self):
304 return 'CookieStore<%s>' % (self.cookie_store)
304 return 'CookieStore<%s>' % (self.cookie_store)
305
305
306 def get(self, key, other=None):
306 def get(self, key, other=None):
307 if isinstance(self.cookie_store, dict):
307 if isinstance(self.cookie_store, dict):
308 return self.cookie_store.get(key, other)
308 return self.cookie_store.get(key, other)
309 elif isinstance(self.cookie_store, AuthUser):
309 elif isinstance(self.cookie_store, AuthUser):
310 return self.cookie_store.__dict__.get(key, other)
310 return self.cookie_store.__dict__.get(key, other)
311
311
312
312
313 def _cached_perms_data(user_id, scope, user_is_admin,
313 def _cached_perms_data(user_id, scope, user_is_admin,
314 user_inherit_default_permissions, explicit, algo,
314 user_inherit_default_permissions, explicit, algo,
315 calculate_super_admin):
315 calculate_super_admin):
316
316
317 permissions = PermissionCalculator(
317 permissions = PermissionCalculator(
318 user_id, scope, user_is_admin, user_inherit_default_permissions,
318 user_id, scope, user_is_admin, user_inherit_default_permissions,
319 explicit, algo, calculate_super_admin)
319 explicit, algo, calculate_super_admin)
320 return permissions.calculate()
320 return permissions.calculate()
321
321
322
322
323 class PermOrigin(object):
323 class PermOrigin(object):
324 SUPER_ADMIN = 'superadmin'
324 SUPER_ADMIN = 'superadmin'
325
325
326 REPO_USER = 'user:%s'
326 REPO_USER = 'user:%s'
327 REPO_USERGROUP = 'usergroup:%s'
327 REPO_USERGROUP = 'usergroup:%s'
328 REPO_OWNER = 'repo.owner'
328 REPO_OWNER = 'repo.owner'
329 REPO_DEFAULT = 'repo.default'
329 REPO_DEFAULT = 'repo.default'
330 REPO_DEFAULT_NO_INHERIT = 'repo.default.no.inherit'
330 REPO_DEFAULT_NO_INHERIT = 'repo.default.no.inherit'
331 REPO_PRIVATE = 'repo.private'
331 REPO_PRIVATE = 'repo.private'
332
332
333 REPOGROUP_USER = 'user:%s'
333 REPOGROUP_USER = 'user:%s'
334 REPOGROUP_USERGROUP = 'usergroup:%s'
334 REPOGROUP_USERGROUP = 'usergroup:%s'
335 REPOGROUP_OWNER = 'group.owner'
335 REPOGROUP_OWNER = 'group.owner'
336 REPOGROUP_DEFAULT = 'group.default'
336 REPOGROUP_DEFAULT = 'group.default'
337 REPOGROUP_DEFAULT_NO_INHERIT = 'group.default.no.inherit'
337 REPOGROUP_DEFAULT_NO_INHERIT = 'group.default.no.inherit'
338
338
339 USERGROUP_USER = 'user:%s'
339 USERGROUP_USER = 'user:%s'
340 USERGROUP_USERGROUP = 'usergroup:%s'
340 USERGROUP_USERGROUP = 'usergroup:%s'
341 USERGROUP_OWNER = 'usergroup.owner'
341 USERGROUP_OWNER = 'usergroup.owner'
342 USERGROUP_DEFAULT = 'usergroup.default'
342 USERGROUP_DEFAULT = 'usergroup.default'
343 USERGROUP_DEFAULT_NO_INHERIT = 'usergroup.default.no.inherit'
343 USERGROUP_DEFAULT_NO_INHERIT = 'usergroup.default.no.inherit'
344
344
345
345
346 class PermOriginDict(dict):
346 class PermOriginDict(dict):
347 """
347 """
348 A special dict used for tracking permissions along with their origins.
348 A special dict used for tracking permissions along with their origins.
349
349
350 `__setitem__` has been overridden to expect a tuple(perm, origin)
350 `__setitem__` has been overridden to expect a tuple(perm, origin)
351 `__getitem__` will return only the perm
351 `__getitem__` will return only the perm
352 `.perm_origin_stack` will return the stack of (perm, origin) set per key
352 `.perm_origin_stack` will return the stack of (perm, origin) set per key
353
353
354 >>> perms = PermOriginDict()
354 >>> perms = PermOriginDict()
355 >>> perms['resource'] = 'read', 'default'
355 >>> perms['resource'] = 'read', 'default'
356 >>> perms['resource']
356 >>> perms['resource']
357 'read'
357 'read'
358 >>> perms['resource'] = 'write', 'admin'
358 >>> perms['resource'] = 'write', 'admin'
359 >>> perms['resource']
359 >>> perms['resource']
360 'write'
360 'write'
361 >>> perms.perm_origin_stack
361 >>> perms.perm_origin_stack
362 {'resource': [('read', 'default'), ('write', 'admin')]}
362 {'resource': [('read', 'default'), ('write', 'admin')]}
363 """
363 """
364
364
365 def __init__(self, *args, **kw):
365 def __init__(self, *args, **kw):
366 dict.__init__(self, *args, **kw)
366 dict.__init__(self, *args, **kw)
367 self.perm_origin_stack = collections.OrderedDict()
367 self.perm_origin_stack = collections.OrderedDict()
368
368
369 def __setitem__(self, key, (perm, origin)):
369 def __setitem__(self, key, (perm, origin)):
370 self.perm_origin_stack.setdefault(key, []).append((perm, origin))
370 self.perm_origin_stack.setdefault(key, []).append(
371 (perm, origin))
371 dict.__setitem__(self, key, perm)
372 dict.__setitem__(self, key, perm)
372
373
373
374
375 class BranchPermOriginDict(PermOriginDict):
376 """
377 Dedicated branch permissions dict, with tracking of patterns and origins.
378
379 >>> perms = BranchPermOriginDict()
380 >>> perms['resource'] = '*pattern', 'read', 'default'
381 >>> perms['resource']
382 {'*pattern': 'read'}
383 >>> perms['resource'] = '*pattern', 'write', 'admin'
384 >>> perms['resource']
385 {'*pattern': 'write'}
386 >>> perms.perm_origin_stack
387 {'resource': {'*pattern': [('read', 'default'), ('write', 'admin')]}}
388 """
389 def __setitem__(self, key, (pattern, perm, origin)):
390
391 self.perm_origin_stack.setdefault(key, {}) \
392 .setdefault(pattern, []).append((perm, origin))
393
394 if key in self:
395 self[key].__setitem__(pattern, perm)
396 else:
397 patterns = collections.OrderedDict()
398 patterns[pattern] = perm
399 dict.__setitem__(self, key, patterns)
400
401
374 class PermissionCalculator(object):
402 class PermissionCalculator(object):
375
403
376 def __init__(
404 def __init__(
377 self, user_id, scope, user_is_admin,
405 self, user_id, scope, user_is_admin,
378 user_inherit_default_permissions, explicit, algo,
406 user_inherit_default_permissions, explicit, algo,
379 calculate_super_admin=False):
407 calculate_super_admin=False):
380
408
381 self.user_id = user_id
409 self.user_id = user_id
382 self.user_is_admin = user_is_admin
410 self.user_is_admin = user_is_admin
383 self.inherit_default_permissions = user_inherit_default_permissions
411 self.inherit_default_permissions = user_inherit_default_permissions
384 self.explicit = explicit
412 self.explicit = explicit
385 self.algo = algo
413 self.algo = algo
386 self.calculate_super_admin = calculate_super_admin
414 self.calculate_super_admin = calculate_super_admin
387
415
388 scope = scope or {}
416 scope = scope or {}
389 self.scope_repo_id = scope.get('repo_id')
417 self.scope_repo_id = scope.get('repo_id')
390 self.scope_repo_group_id = scope.get('repo_group_id')
418 self.scope_repo_group_id = scope.get('repo_group_id')
391 self.scope_user_group_id = scope.get('user_group_id')
419 self.scope_user_group_id = scope.get('user_group_id')
392
420
393 self.default_user_id = User.get_default_user(cache=True).user_id
421 self.default_user_id = User.get_default_user(cache=True).user_id
394
422
395 self.permissions_repositories = PermOriginDict()
423 self.permissions_repositories = PermOriginDict()
396 self.permissions_repository_groups = PermOriginDict()
424 self.permissions_repository_groups = PermOriginDict()
397 self.permissions_user_groups = PermOriginDict()
425 self.permissions_user_groups = PermOriginDict()
426 self.permissions_repository_branches = BranchPermOriginDict()
398 self.permissions_global = set()
427 self.permissions_global = set()
399
428
400 self.default_repo_perms = Permission.get_default_repo_perms(
429 self.default_repo_perms = Permission.get_default_repo_perms(
401 self.default_user_id, self.scope_repo_id)
430 self.default_user_id, self.scope_repo_id)
402 self.default_repo_groups_perms = Permission.get_default_group_perms(
431 self.default_repo_groups_perms = Permission.get_default_group_perms(
403 self.default_user_id, self.scope_repo_group_id)
432 self.default_user_id, self.scope_repo_group_id)
404 self.default_user_group_perms = \
433 self.default_user_group_perms = \
405 Permission.get_default_user_group_perms(
434 Permission.get_default_user_group_perms(
406 self.default_user_id, self.scope_user_group_id)
435 self.default_user_id, self.scope_user_group_id)
407
436
437 # default branch perms
438 self.default_branch_repo_perms = \
439 Permission.get_default_repo_branch_perms(
440 self.default_user_id, self.scope_repo_id)
441
408 def calculate(self):
442 def calculate(self):
409 if self.user_is_admin and not self.calculate_super_admin:
443 if self.user_is_admin and not self.calculate_super_admin:
410 return self._admin_permissions()
444 return self._admin_permissions()
411
445
412 self._calculate_global_default_permissions()
446 self._calculate_global_default_permissions()
413 self._calculate_global_permissions()
447 self._calculate_global_permissions()
414 self._calculate_default_permissions()
448 self._calculate_default_permissions()
415 self._calculate_repository_permissions()
449 self._calculate_repository_permissions()
450 self._calculate_repository_branch_permissions()
416 self._calculate_repository_group_permissions()
451 self._calculate_repository_group_permissions()
417 self._calculate_user_group_permissions()
452 self._calculate_user_group_permissions()
418 return self._permission_structure()
453 return self._permission_structure()
419
454
420 def _admin_permissions(self):
455 def _admin_permissions(self):
421 """
456 """
422 admin user have all default rights for repositories
457 admin user have all default rights for repositories
423 and groups set to admin
458 and groups set to admin
424 """
459 """
425 self.permissions_global.add('hg.admin')
460 self.permissions_global.add('hg.admin')
426 self.permissions_global.add('hg.create.write_on_repogroup.true')
461 self.permissions_global.add('hg.create.write_on_repogroup.true')
427
462
428 # repositories
463 # repositories
429 for perm in self.default_repo_perms:
464 for perm in self.default_repo_perms:
430 r_k = perm.UserRepoToPerm.repository.repo_name
465 r_k = perm.UserRepoToPerm.repository.repo_name
431 p = 'repository.admin'
466 p = 'repository.admin'
432 self.permissions_repositories[r_k] = p, PermOrigin.SUPER_ADMIN
467 self.permissions_repositories[r_k] = p, PermOrigin.SUPER_ADMIN
433
468
434 # repository groups
469 # repository groups
435 for perm in self.default_repo_groups_perms:
470 for perm in self.default_repo_groups_perms:
436 rg_k = perm.UserRepoGroupToPerm.group.group_name
471 rg_k = perm.UserRepoGroupToPerm.group.group_name
437 p = 'group.admin'
472 p = 'group.admin'
438 self.permissions_repository_groups[rg_k] = p, PermOrigin.SUPER_ADMIN
473 self.permissions_repository_groups[rg_k] = p, PermOrigin.SUPER_ADMIN
439
474
440 # user groups
475 # user groups
441 for perm in self.default_user_group_perms:
476 for perm in self.default_user_group_perms:
442 u_k = perm.UserUserGroupToPerm.user_group.users_group_name
477 u_k = perm.UserUserGroupToPerm.user_group.users_group_name
443 p = 'usergroup.admin'
478 p = 'usergroup.admin'
444 self.permissions_user_groups[u_k] = p, PermOrigin.SUPER_ADMIN
479 self.permissions_user_groups[u_k] = p, PermOrigin.SUPER_ADMIN
445
480
481 # branch permissions
482 # TODO(marcink): validate this, especially
483 # how this should work using multiple patterns specified ??
484 # looks ok, but still needs double check !!
485 for perm in self.default_branch_repo_perms:
486 r_k = perm.UserRepoToPerm.repository.repo_name
487 p = 'branch.push_force'
488 self.permissions_repository_branches[r_k] = '*', p, PermOrigin.SUPER_ADMIN
489
446 return self._permission_structure()
490 return self._permission_structure()
447
491
448 def _calculate_global_default_permissions(self):
492 def _calculate_global_default_permissions(self):
449 """
493 """
450 global permissions taken from the default user
494 global permissions taken from the default user
451 """
495 """
452 default_global_perms = UserToPerm.query()\
496 default_global_perms = UserToPerm.query()\
453 .filter(UserToPerm.user_id == self.default_user_id)\
497 .filter(UserToPerm.user_id == self.default_user_id)\
454 .options(joinedload(UserToPerm.permission))
498 .options(joinedload(UserToPerm.permission))
455
499
456 for perm in default_global_perms:
500 for perm in default_global_perms:
457 self.permissions_global.add(perm.permission.permission_name)
501 self.permissions_global.add(perm.permission.permission_name)
458
502
459 if self.user_is_admin:
503 if self.user_is_admin:
460 self.permissions_global.add('hg.admin')
504 self.permissions_global.add('hg.admin')
461 self.permissions_global.add('hg.create.write_on_repogroup.true')
505 self.permissions_global.add('hg.create.write_on_repogroup.true')
462
506
463 def _calculate_global_permissions(self):
507 def _calculate_global_permissions(self):
464 """
508 """
465 Set global system permissions with user permissions or permissions
509 Set global system permissions with user permissions or permissions
466 taken from the user groups of the current user.
510 taken from the user groups of the current user.
467
511
468 The permissions include repo creating, repo group creating, forking
512 The permissions include repo creating, repo group creating, forking
469 etc.
513 etc.
470 """
514 """
471
515
472 # now we read the defined permissions and overwrite what we have set
516 # now we read the defined permissions and overwrite what we have set
473 # before those can be configured from groups or users explicitly.
517 # before those can be configured from groups or users explicitly.
474
518
475 # TODO: johbo: This seems to be out of sync, find out the reason
519 # In case we want to extend this list we should make sure
476 # for the comment below and update it.
520 # this is in sync with User.DEFAULT_USER_PERMISSIONS definitions
477
478 # In case we want to extend this list we should be always in sync with
479 # User.DEFAULT_USER_PERMISSIONS definitions
480 _configurable = frozenset([
521 _configurable = frozenset([
481 'hg.fork.none', 'hg.fork.repository',
522 'hg.fork.none', 'hg.fork.repository',
482 'hg.create.none', 'hg.create.repository',
523 'hg.create.none', 'hg.create.repository',
483 'hg.usergroup.create.false', 'hg.usergroup.create.true',
524 'hg.usergroup.create.false', 'hg.usergroup.create.true',
484 'hg.repogroup.create.false', 'hg.repogroup.create.true',
525 'hg.repogroup.create.false', 'hg.repogroup.create.true',
485 'hg.create.write_on_repogroup.false',
526 'hg.create.write_on_repogroup.false', 'hg.create.write_on_repogroup.true',
486 'hg.create.write_on_repogroup.true',
487 'hg.inherit_default_perms.false', 'hg.inherit_default_perms.true'
527 'hg.inherit_default_perms.false', 'hg.inherit_default_perms.true'
488 ])
528 ])
489
529
490 # USER GROUPS comes first user group global permissions
530 # USER GROUPS comes first user group global permissions
491 user_perms_from_users_groups = Session().query(UserGroupToPerm)\
531 user_perms_from_users_groups = Session().query(UserGroupToPerm)\
492 .options(joinedload(UserGroupToPerm.permission))\
532 .options(joinedload(UserGroupToPerm.permission))\
493 .join((UserGroupMember, UserGroupToPerm.users_group_id ==
533 .join((UserGroupMember, UserGroupToPerm.users_group_id ==
494 UserGroupMember.users_group_id))\
534 UserGroupMember.users_group_id))\
495 .filter(UserGroupMember.user_id == self.user_id)\
535 .filter(UserGroupMember.user_id == self.user_id)\
496 .order_by(UserGroupToPerm.users_group_id)\
536 .order_by(UserGroupToPerm.users_group_id)\
497 .all()
537 .all()
498
538
499 # need to group here by groups since user can be in more than
539 # need to group here by groups since user can be in more than
500 # one group, so we get all groups
540 # one group, so we get all groups
501 _explicit_grouped_perms = [
541 _explicit_grouped_perms = [
502 [x, list(y)] for x, y in
542 [x, list(y)] for x, y in
503 itertools.groupby(user_perms_from_users_groups,
543 itertools.groupby(user_perms_from_users_groups,
504 lambda _x: _x.users_group)]
544 lambda _x: _x.users_group)]
505
545
506 for gr, perms in _explicit_grouped_perms:
546 for gr, perms in _explicit_grouped_perms:
507 # since user can be in multiple groups iterate over them and
547 # since user can be in multiple groups iterate over them and
508 # select the lowest permissions first (more explicit)
548 # select the lowest permissions first (more explicit)
509 # TODO: marcink: do this^^
549 # TODO(marcink): do this^^
510
550
511 # group doesn't inherit default permissions so we actually set them
551 # group doesn't inherit default permissions so we actually set them
512 if not gr.inherit_default_permissions:
552 if not gr.inherit_default_permissions:
513 # NEED TO IGNORE all previously set configurable permissions
553 # NEED TO IGNORE all previously set configurable permissions
514 # and replace them with explicitly set from this user
554 # and replace them with explicitly set from this user
515 # group permissions
555 # group permissions
516 self.permissions_global = self.permissions_global.difference(
556 self.permissions_global = self.permissions_global.difference(
517 _configurable)
557 _configurable)
518 for perm in perms:
558 for perm in perms:
519 self.permissions_global.add(perm.permission.permission_name)
559 self.permissions_global.add(perm.permission.permission_name)
520
560
521 # user explicit global permissions
561 # user explicit global permissions
522 user_perms = Session().query(UserToPerm)\
562 user_perms = Session().query(UserToPerm)\
523 .options(joinedload(UserToPerm.permission))\
563 .options(joinedload(UserToPerm.permission))\
524 .filter(UserToPerm.user_id == self.user_id).all()
564 .filter(UserToPerm.user_id == self.user_id).all()
525
565
526 if not self.inherit_default_permissions:
566 if not self.inherit_default_permissions:
527 # NEED TO IGNORE all configurable permissions and
567 # NEED TO IGNORE all configurable permissions and
528 # replace them with explicitly set from this user permissions
568 # replace them with explicitly set from this user permissions
529 self.permissions_global = self.permissions_global.difference(
569 self.permissions_global = self.permissions_global.difference(
530 _configurable)
570 _configurable)
531 for perm in user_perms:
571 for perm in user_perms:
532 self.permissions_global.add(perm.permission.permission_name)
572 self.permissions_global.add(perm.permission.permission_name)
533
573
534 def _calculate_default_permissions(self):
574 def _calculate_default_permissions(self):
535 """
575 """
536 Set default user permissions for repositories, repository groups
576 Set default user permissions for repositories, repository branches,
537 taken from the default user.
577 repository groups, user groups taken from the default user.
538
578
539 Calculate inheritance of object permissions based on what we have now
579 Calculate inheritance of object permissions based on what we have now
540 in GLOBAL permissions. We check if .false is in GLOBAL since this is
580 in GLOBAL permissions. We check if .false is in GLOBAL since this is
541 explicitly set. Inherit is the opposite of .false being there.
581 explicitly set. Inherit is the opposite of .false being there.
542
582
543 .. note::
583 .. note::
544
584
545 the syntax is little bit odd but what we need to check here is
585 the syntax is little bit odd but what we need to check here is
546 the opposite of .false permission being in the list so even for
586 the opposite of .false permission being in the list so even for
547 inconsistent state when both .true/.false is there
587 inconsistent state when both .true/.false is there
548 .false is more important
588 .false is more important
549
589
550 """
590 """
551 user_inherit_object_permissions = not ('hg.inherit_default_perms.false'
591 user_inherit_object_permissions = not ('hg.inherit_default_perms.false'
552 in self.permissions_global)
592 in self.permissions_global)
553
593
554 # defaults for repositories, taken from `default` user permissions
594 # default permissions for repositories, taken from `default` user permissions
555 # on given repo
556 for perm in self.default_repo_perms:
595 for perm in self.default_repo_perms:
557 r_k = perm.UserRepoToPerm.repository.repo_name
596 r_k = perm.UserRepoToPerm.repository.repo_name
558 p = perm.Permission.permission_name
597 p = perm.Permission.permission_name
559 o = PermOrigin.REPO_DEFAULT
598 o = PermOrigin.REPO_DEFAULT
560 self.permissions_repositories[r_k] = p, o
599 self.permissions_repositories[r_k] = p, o
561
600
562 # if we decide this user isn't inheriting permissions from
601 # if we decide this user isn't inheriting permissions from
563 # default user we set him to .none so only explicit
602 # default user we set him to .none so only explicit
564 # permissions work
603 # permissions work
565 if not user_inherit_object_permissions:
604 if not user_inherit_object_permissions:
566 p = 'repository.none'
605 p = 'repository.none'
567 o = PermOrigin.REPO_DEFAULT_NO_INHERIT
606 o = PermOrigin.REPO_DEFAULT_NO_INHERIT
568 self.permissions_repositories[r_k] = p, o
607 self.permissions_repositories[r_k] = p, o
569
608
570 if perm.Repository.private and not (
609 if perm.Repository.private and not (
571 perm.Repository.user_id == self.user_id):
610 perm.Repository.user_id == self.user_id):
572 # disable defaults for private repos,
611 # disable defaults for private repos,
573 p = 'repository.none'
612 p = 'repository.none'
574 o = PermOrigin.REPO_PRIVATE
613 o = PermOrigin.REPO_PRIVATE
575 self.permissions_repositories[r_k] = p, o
614 self.permissions_repositories[r_k] = p, o
576
615
577 elif perm.Repository.user_id == self.user_id:
616 elif perm.Repository.user_id == self.user_id:
578 # set admin if owner
617 # set admin if owner
579 p = 'repository.admin'
618 p = 'repository.admin'
580 o = PermOrigin.REPO_OWNER
619 o = PermOrigin.REPO_OWNER
581 self.permissions_repositories[r_k] = p, o
620 self.permissions_repositories[r_k] = p, o
582
621
583 if self.user_is_admin:
622 if self.user_is_admin:
584 p = 'repository.admin'
623 p = 'repository.admin'
585 o = PermOrigin.SUPER_ADMIN
624 o = PermOrigin.SUPER_ADMIN
586 self.permissions_repositories[r_k] = p, o
625 self.permissions_repositories[r_k] = p, o
587
626
588 # defaults for repository groups taken from `default` user permission
627 # default permissions branch for repositories, taken from `default` user permissions
589 # on given group
628 for perm in self.default_branch_repo_perms:
629
630 r_k = perm.UserRepoToPerm.repository.repo_name
631 p = perm.Permission.permission_name
632 pattern = perm.UserToRepoBranchPermission.branch_pattern
633 o = PermOrigin.REPO_USER % perm.UserRepoToPerm.user.username
634
635 if not self.explicit:
636 # TODO(marcink): fix this for multiple entries
637 cur_perm = self.permissions_repository_branches.get(r_k) or 'branch.none'
638 p = self._choose_permission(p, cur_perm)
639
640 # NOTE(marcink): register all pattern/perm instances in this
641 # special dict that aggregates entries
642 self.permissions_repository_branches[r_k] = pattern, p, o
643
644 # default permissions for repository groups taken from `default` user permission
590 for perm in self.default_repo_groups_perms:
645 for perm in self.default_repo_groups_perms:
591 rg_k = perm.UserRepoGroupToPerm.group.group_name
646 rg_k = perm.UserRepoGroupToPerm.group.group_name
592 p = perm.Permission.permission_name
647 p = perm.Permission.permission_name
593 o = PermOrigin.REPOGROUP_DEFAULT
648 o = PermOrigin.REPOGROUP_DEFAULT
594 self.permissions_repository_groups[rg_k] = p, o
649 self.permissions_repository_groups[rg_k] = p, o
595
650
596 # if we decide this user isn't inheriting permissions from default
651 # if we decide this user isn't inheriting permissions from default
597 # user we set him to .none so only explicit permissions work
652 # user we set him to .none so only explicit permissions work
598 if not user_inherit_object_permissions:
653 if not user_inherit_object_permissions:
599 p = 'group.none'
654 p = 'group.none'
600 o = PermOrigin.REPOGROUP_DEFAULT_NO_INHERIT
655 o = PermOrigin.REPOGROUP_DEFAULT_NO_INHERIT
601 self.permissions_repository_groups[rg_k] = p, o
656 self.permissions_repository_groups[rg_k] = p, o
602
657
603 if perm.RepoGroup.user_id == self.user_id:
658 if perm.RepoGroup.user_id == self.user_id:
604 # set admin if owner
659 # set admin if owner
605 p = 'group.admin'
660 p = 'group.admin'
606 o = PermOrigin.REPOGROUP_OWNER
661 o = PermOrigin.REPOGROUP_OWNER
607 self.permissions_repository_groups[rg_k] = p, o
662 self.permissions_repository_groups[rg_k] = p, o
608
663
609 if self.user_is_admin:
664 if self.user_is_admin:
610 p = 'group.admin'
665 p = 'group.admin'
611 o = PermOrigin.SUPER_ADMIN
666 o = PermOrigin.SUPER_ADMIN
612 self.permissions_repository_groups[rg_k] = p, o
667 self.permissions_repository_groups[rg_k] = p, o
613
668
614 # defaults for user groups taken from `default` user permission
669 # default permissions for user groups taken from `default` user permission
615 # on given user group
616 for perm in self.default_user_group_perms:
670 for perm in self.default_user_group_perms:
617 u_k = perm.UserUserGroupToPerm.user_group.users_group_name
671 u_k = perm.UserUserGroupToPerm.user_group.users_group_name
618 p = perm.Permission.permission_name
672 p = perm.Permission.permission_name
619 o = PermOrigin.USERGROUP_DEFAULT
673 o = PermOrigin.USERGROUP_DEFAULT
620 self.permissions_user_groups[u_k] = p, o
674 self.permissions_user_groups[u_k] = p, o
621
675
622 # if we decide this user isn't inheriting permissions from default
676 # if we decide this user isn't inheriting permissions from default
623 # user we set him to .none so only explicit permissions work
677 # user we set him to .none so only explicit permissions work
624 if not user_inherit_object_permissions:
678 if not user_inherit_object_permissions:
625 p = 'usergroup.none'
679 p = 'usergroup.none'
626 o = PermOrigin.USERGROUP_DEFAULT_NO_INHERIT
680 o = PermOrigin.USERGROUP_DEFAULT_NO_INHERIT
627 self.permissions_user_groups[u_k] = p, o
681 self.permissions_user_groups[u_k] = p, o
628
682
629 if perm.UserGroup.user_id == self.user_id:
683 if perm.UserGroup.user_id == self.user_id:
630 # set admin if owner
684 # set admin if owner
631 p = 'usergroup.admin'
685 p = 'usergroup.admin'
632 o = PermOrigin.USERGROUP_OWNER
686 o = PermOrigin.USERGROUP_OWNER
633 self.permissions_user_groups[u_k] = p, o
687 self.permissions_user_groups[u_k] = p, o
634
688
635 if self.user_is_admin:
689 if self.user_is_admin:
636 p = 'usergroup.admin'
690 p = 'usergroup.admin'
637 o = PermOrigin.SUPER_ADMIN
691 o = PermOrigin.SUPER_ADMIN
638 self.permissions_user_groups[u_k] = p, o
692 self.permissions_user_groups[u_k] = p, o
639
693
640 def _calculate_repository_permissions(self):
694 def _calculate_repository_permissions(self):
641 """
695 """
642 Repository permissions for the current user.
696 Repository permissions for the current user.
643
697
644 Check if the user is part of user groups for this repository and
698 Check if the user is part of user groups for this repository and
645 fill in the permission from it. `_choose_permission` decides of which
699 fill in the permission from it. `_choose_permission` decides of which
646 permission should be selected based on selected method.
700 permission should be selected based on selected method.
647 """
701 """
648
702
649 # user group for repositories permissions
703 # user group for repositories permissions
650 user_repo_perms_from_user_group = Permission\
704 user_repo_perms_from_user_group = Permission\
651 .get_default_repo_perms_from_user_group(
705 .get_default_repo_perms_from_user_group(
652 self.user_id, self.scope_repo_id)
706 self.user_id, self.scope_repo_id)
653
707
654 multiple_counter = collections.defaultdict(int)
708 multiple_counter = collections.defaultdict(int)
655 for perm in user_repo_perms_from_user_group:
709 for perm in user_repo_perms_from_user_group:
656 r_k = perm.UserGroupRepoToPerm.repository.repo_name
710 r_k = perm.UserGroupRepoToPerm.repository.repo_name
657 multiple_counter[r_k] += 1
711 multiple_counter[r_k] += 1
658 p = perm.Permission.permission_name
712 p = perm.Permission.permission_name
659 o = PermOrigin.REPO_USERGROUP % perm.UserGroupRepoToPerm\
713 o = PermOrigin.REPO_USERGROUP % perm.UserGroupRepoToPerm\
660 .users_group.users_group_name
714 .users_group.users_group_name
661
715
662 if multiple_counter[r_k] > 1:
716 if multiple_counter[r_k] > 1:
663 cur_perm = self.permissions_repositories[r_k]
717 cur_perm = self.permissions_repositories[r_k]
664 p = self._choose_permission(p, cur_perm)
718 p = self._choose_permission(p, cur_perm)
665
719
666 self.permissions_repositories[r_k] = p, o
720 self.permissions_repositories[r_k] = p, o
667
721
668 if perm.Repository.user_id == self.user_id:
722 if perm.Repository.user_id == self.user_id:
669 # set admin if owner
723 # set admin if owner
670 p = 'repository.admin'
724 p = 'repository.admin'
671 o = PermOrigin.REPO_OWNER
725 o = PermOrigin.REPO_OWNER
672 self.permissions_repositories[r_k] = p, o
726 self.permissions_repositories[r_k] = p, o
673
727
674 if self.user_is_admin:
728 if self.user_is_admin:
675 p = 'repository.admin'
729 p = 'repository.admin'
676 o = PermOrigin.SUPER_ADMIN
730 o = PermOrigin.SUPER_ADMIN
677 self.permissions_repositories[r_k] = p, o
731 self.permissions_repositories[r_k] = p, o
678
732
679 # user explicit permissions for repositories, overrides any specified
733 # user explicit permissions for repositories, overrides any specified
680 # by the group permission
734 # by the group permission
681 user_repo_perms = Permission.get_default_repo_perms(
735 user_repo_perms = Permission.get_default_repo_perms(
682 self.user_id, self.scope_repo_id)
736 self.user_id, self.scope_repo_id)
683 for perm in user_repo_perms:
737 for perm in user_repo_perms:
684 r_k = perm.UserRepoToPerm.repository.repo_name
738 r_k = perm.UserRepoToPerm.repository.repo_name
685 p = perm.Permission.permission_name
739 p = perm.Permission.permission_name
686 o = PermOrigin.REPO_USER % perm.UserRepoToPerm.user.username
740 o = PermOrigin.REPO_USER % perm.UserRepoToPerm.user.username
687
741
688 if not self.explicit:
742 if not self.explicit:
689 cur_perm = self.permissions_repositories.get(
743 cur_perm = self.permissions_repositories.get(
690 r_k, 'repository.none')
744 r_k, 'repository.none')
691 p = self._choose_permission(p, cur_perm)
745 p = self._choose_permission(p, cur_perm)
692
746
693 self.permissions_repositories[r_k] = p, o
747 self.permissions_repositories[r_k] = p, o
694
748
695 if perm.Repository.user_id == self.user_id:
749 if perm.Repository.user_id == self.user_id:
696 # set admin if owner
750 # set admin if owner
697 p = 'repository.admin'
751 p = 'repository.admin'
698 o = PermOrigin.REPO_OWNER
752 o = PermOrigin.REPO_OWNER
699 self.permissions_repositories[r_k] = p, o
753 self.permissions_repositories[r_k] = p, o
700
754
701 if self.user_is_admin:
755 if self.user_is_admin:
702 p = 'repository.admin'
756 p = 'repository.admin'
703 o = PermOrigin.SUPER_ADMIN
757 o = PermOrigin.SUPER_ADMIN
704 self.permissions_repositories[r_k] = p, o
758 self.permissions_repositories[r_k] = p, o
705
759
760 def _calculate_repository_branch_permissions(self):
761 # user group for repositories permissions
762 user_repo_branch_perms_from_user_group = Permission\
763 .get_default_repo_branch_perms_from_user_group(
764 self.user_id, self.scope_repo_id)
765
766 multiple_counter = collections.defaultdict(int)
767 for perm in user_repo_branch_perms_from_user_group:
768 r_k = perm.UserGroupRepoToPerm.repository.repo_name
769 p = perm.Permission.permission_name
770 pattern = perm.UserGroupToRepoBranchPermission.branch_pattern
771 o = PermOrigin.REPO_USERGROUP % perm.UserGroupRepoToPerm\
772 .users_group.users_group_name
773
774 multiple_counter[r_k] += 1
775 if multiple_counter[r_k] > 1:
776 # TODO(marcink): fix this for multi branch support, and multiple entries
777 cur_perm = self.permissions_repository_branches[r_k]
778 p = self._choose_permission(p, cur_perm)
779
780 self.permissions_repository_branches[r_k] = pattern, p, o
781
782 # user explicit branch permissions for repositories, overrides
783 # any specified by the group permission
784 user_repo_branch_perms = Permission.get_default_repo_branch_perms(
785 self.user_id, self.scope_repo_id)
786 for perm in user_repo_branch_perms:
787
788 r_k = perm.UserRepoToPerm.repository.repo_name
789 p = perm.Permission.permission_name
790 pattern = perm.UserToRepoBranchPermission.branch_pattern
791 o = PermOrigin.REPO_USER % perm.UserRepoToPerm.user.username
792
793 if not self.explicit:
794 # TODO(marcink): fix this for multiple entries
795 cur_perm = self.permissions_repository_branches.get(r_k) or 'branch.none'
796 p = self._choose_permission(p, cur_perm)
797
798 # NOTE(marcink): register all pattern/perm instances in this
799 # special dict that aggregates entries
800 self.permissions_repository_branches[r_k] = pattern, p, o
801
802
706 def _calculate_repository_group_permissions(self):
803 def _calculate_repository_group_permissions(self):
707 """
804 """
708 Repository group permissions for the current user.
805 Repository group permissions for the current user.
709
806
710 Check if the user is part of user groups for repository groups and
807 Check if the user is part of user groups for repository groups and
711 fill in the permissions from it. `_choose_permission` decides of which
808 fill in the permissions from it. `_choose_permission` decides of which
712 permission should be selected based on selected method.
809 permission should be selected based on selected method.
713 """
810 """
714 # user group for repo groups permissions
811 # user group for repo groups permissions
715 user_repo_group_perms_from_user_group = Permission\
812 user_repo_group_perms_from_user_group = Permission\
716 .get_default_group_perms_from_user_group(
813 .get_default_group_perms_from_user_group(
717 self.user_id, self.scope_repo_group_id)
814 self.user_id, self.scope_repo_group_id)
718
815
719 multiple_counter = collections.defaultdict(int)
816 multiple_counter = collections.defaultdict(int)
720 for perm in user_repo_group_perms_from_user_group:
817 for perm in user_repo_group_perms_from_user_group:
721 rg_k = perm.UserGroupRepoGroupToPerm.group.group_name
818 rg_k = perm.UserGroupRepoGroupToPerm.group.group_name
722 multiple_counter[rg_k] += 1
819 multiple_counter[rg_k] += 1
723 o = PermOrigin.REPOGROUP_USERGROUP % perm.UserGroupRepoGroupToPerm\
820 o = PermOrigin.REPOGROUP_USERGROUP % perm.UserGroupRepoGroupToPerm\
724 .users_group.users_group_name
821 .users_group.users_group_name
725 p = perm.Permission.permission_name
822 p = perm.Permission.permission_name
726
823
727 if multiple_counter[rg_k] > 1:
824 if multiple_counter[rg_k] > 1:
728 cur_perm = self.permissions_repository_groups[rg_k]
825 cur_perm = self.permissions_repository_groups[rg_k]
729 p = self._choose_permission(p, cur_perm)
826 p = self._choose_permission(p, cur_perm)
730 self.permissions_repository_groups[rg_k] = p, o
827 self.permissions_repository_groups[rg_k] = p, o
731
828
732 if perm.RepoGroup.user_id == self.user_id:
829 if perm.RepoGroup.user_id == self.user_id:
733 # set admin if owner, even for member of other user group
830 # set admin if owner, even for member of other user group
734 p = 'group.admin'
831 p = 'group.admin'
735 o = PermOrigin.REPOGROUP_OWNER
832 o = PermOrigin.REPOGROUP_OWNER
736 self.permissions_repository_groups[rg_k] = p, o
833 self.permissions_repository_groups[rg_k] = p, o
737
834
738 if self.user_is_admin:
835 if self.user_is_admin:
739 p = 'group.admin'
836 p = 'group.admin'
740 o = PermOrigin.SUPER_ADMIN
837 o = PermOrigin.SUPER_ADMIN
741 self.permissions_repository_groups[rg_k] = p, o
838 self.permissions_repository_groups[rg_k] = p, o
742
839
743 # user explicit permissions for repository groups
840 # user explicit permissions for repository groups
744 user_repo_groups_perms = Permission.get_default_group_perms(
841 user_repo_groups_perms = Permission.get_default_group_perms(
745 self.user_id, self.scope_repo_group_id)
842 self.user_id, self.scope_repo_group_id)
746 for perm in user_repo_groups_perms:
843 for perm in user_repo_groups_perms:
747 rg_k = perm.UserRepoGroupToPerm.group.group_name
844 rg_k = perm.UserRepoGroupToPerm.group.group_name
748 o = PermOrigin.REPOGROUP_USER % perm.UserRepoGroupToPerm\
845 o = PermOrigin.REPOGROUP_USER % perm.UserRepoGroupToPerm\
749 .user.username
846 .user.username
750 p = perm.Permission.permission_name
847 p = perm.Permission.permission_name
751
848
752 if not self.explicit:
849 if not self.explicit:
753 cur_perm = self.permissions_repository_groups.get(
850 cur_perm = self.permissions_repository_groups.get(
754 rg_k, 'group.none')
851 rg_k, 'group.none')
755 p = self._choose_permission(p, cur_perm)
852 p = self._choose_permission(p, cur_perm)
756
853
757 self.permissions_repository_groups[rg_k] = p, o
854 self.permissions_repository_groups[rg_k] = p, o
758
855
759 if perm.RepoGroup.user_id == self.user_id:
856 if perm.RepoGroup.user_id == self.user_id:
760 # set admin if owner
857 # set admin if owner
761 p = 'group.admin'
858 p = 'group.admin'
762 o = PermOrigin.REPOGROUP_OWNER
859 o = PermOrigin.REPOGROUP_OWNER
763 self.permissions_repository_groups[rg_k] = p, o
860 self.permissions_repository_groups[rg_k] = p, o
764
861
765 if self.user_is_admin:
862 if self.user_is_admin:
766 p = 'group.admin'
863 p = 'group.admin'
767 o = PermOrigin.SUPER_ADMIN
864 o = PermOrigin.SUPER_ADMIN
768 self.permissions_repository_groups[rg_k] = p, o
865 self.permissions_repository_groups[rg_k] = p, o
769
866
770 def _calculate_user_group_permissions(self):
867 def _calculate_user_group_permissions(self):
771 """
868 """
772 User group permissions for the current user.
869 User group permissions for the current user.
773 """
870 """
774 # user group for user group permissions
871 # user group for user group permissions
775 user_group_from_user_group = Permission\
872 user_group_from_user_group = Permission\
776 .get_default_user_group_perms_from_user_group(
873 .get_default_user_group_perms_from_user_group(
777 self.user_id, self.scope_user_group_id)
874 self.user_id, self.scope_user_group_id)
778
875
779 multiple_counter = collections.defaultdict(int)
876 multiple_counter = collections.defaultdict(int)
780 for perm in user_group_from_user_group:
877 for perm in user_group_from_user_group:
781 ug_k = perm.UserGroupUserGroupToPerm\
878 ug_k = perm.UserGroupUserGroupToPerm\
782 .target_user_group.users_group_name
879 .target_user_group.users_group_name
783 multiple_counter[ug_k] += 1
880 multiple_counter[ug_k] += 1
784 o = PermOrigin.USERGROUP_USERGROUP % perm.UserGroupUserGroupToPerm\
881 o = PermOrigin.USERGROUP_USERGROUP % perm.UserGroupUserGroupToPerm\
785 .user_group.users_group_name
882 .user_group.users_group_name
786 p = perm.Permission.permission_name
883 p = perm.Permission.permission_name
787
884
788 if multiple_counter[ug_k] > 1:
885 if multiple_counter[ug_k] > 1:
789 cur_perm = self.permissions_user_groups[ug_k]
886 cur_perm = self.permissions_user_groups[ug_k]
790 p = self._choose_permission(p, cur_perm)
887 p = self._choose_permission(p, cur_perm)
791
888
792 self.permissions_user_groups[ug_k] = p, o
889 self.permissions_user_groups[ug_k] = p, o
793
890
794 if perm.UserGroup.user_id == self.user_id:
891 if perm.UserGroup.user_id == self.user_id:
795 # set admin if owner, even for member of other user group
892 # set admin if owner, even for member of other user group
796 p = 'usergroup.admin'
893 p = 'usergroup.admin'
797 o = PermOrigin.USERGROUP_OWNER
894 o = PermOrigin.USERGROUP_OWNER
798 self.permissions_user_groups[ug_k] = p, o
895 self.permissions_user_groups[ug_k] = p, o
799
896
800 if self.user_is_admin:
897 if self.user_is_admin:
801 p = 'usergroup.admin'
898 p = 'usergroup.admin'
802 o = PermOrigin.SUPER_ADMIN
899 o = PermOrigin.SUPER_ADMIN
803 self.permissions_user_groups[ug_k] = p, o
900 self.permissions_user_groups[ug_k] = p, o
804
901
805 # user explicit permission for user groups
902 # user explicit permission for user groups
806 user_user_groups_perms = Permission.get_default_user_group_perms(
903 user_user_groups_perms = Permission.get_default_user_group_perms(
807 self.user_id, self.scope_user_group_id)
904 self.user_id, self.scope_user_group_id)
808 for perm in user_user_groups_perms:
905 for perm in user_user_groups_perms:
809 ug_k = perm.UserUserGroupToPerm.user_group.users_group_name
906 ug_k = perm.UserUserGroupToPerm.user_group.users_group_name
810 o = PermOrigin.USERGROUP_USER % perm.UserUserGroupToPerm\
907 o = PermOrigin.USERGROUP_USER % perm.UserUserGroupToPerm\
811 .user.username
908 .user.username
812 p = perm.Permission.permission_name
909 p = perm.Permission.permission_name
813
910
814 if not self.explicit:
911 if not self.explicit:
815 cur_perm = self.permissions_user_groups.get(
912 cur_perm = self.permissions_user_groups.get(
816 ug_k, 'usergroup.none')
913 ug_k, 'usergroup.none')
817 p = self._choose_permission(p, cur_perm)
914 p = self._choose_permission(p, cur_perm)
818
915
819 self.permissions_user_groups[ug_k] = p, o
916 self.permissions_user_groups[ug_k] = p, o
820
917
821 if perm.UserGroup.user_id == self.user_id:
918 if perm.UserGroup.user_id == self.user_id:
822 # set admin if owner
919 # set admin if owner
823 p = 'usergroup.admin'
920 p = 'usergroup.admin'
824 o = PermOrigin.USERGROUP_OWNER
921 o = PermOrigin.USERGROUP_OWNER
825 self.permissions_user_groups[ug_k] = p, o
922 self.permissions_user_groups[ug_k] = p, o
826
923
827 if self.user_is_admin:
924 if self.user_is_admin:
828 p = 'usergroup.admin'
925 p = 'usergroup.admin'
829 o = PermOrigin.SUPER_ADMIN
926 o = PermOrigin.SUPER_ADMIN
830 self.permissions_user_groups[ug_k] = p, o
927 self.permissions_user_groups[ug_k] = p, o
831
928
832 def _choose_permission(self, new_perm, cur_perm):
929 def _choose_permission(self, new_perm, cur_perm):
833 new_perm_val = Permission.PERM_WEIGHTS[new_perm]
930 new_perm_val = Permission.PERM_WEIGHTS[new_perm]
834 cur_perm_val = Permission.PERM_WEIGHTS[cur_perm]
931 cur_perm_val = Permission.PERM_WEIGHTS[cur_perm]
835 if self.algo == 'higherwin':
932 if self.algo == 'higherwin':
836 if new_perm_val > cur_perm_val:
933 if new_perm_val > cur_perm_val:
837 return new_perm
934 return new_perm
838 return cur_perm
935 return cur_perm
839 elif self.algo == 'lowerwin':
936 elif self.algo == 'lowerwin':
840 if new_perm_val < cur_perm_val:
937 if new_perm_val < cur_perm_val:
841 return new_perm
938 return new_perm
842 return cur_perm
939 return cur_perm
843
940
844 def _permission_structure(self):
941 def _permission_structure(self):
845 return {
942 return {
846 'global': self.permissions_global,
943 'global': self.permissions_global,
847 'repositories': self.permissions_repositories,
944 'repositories': self.permissions_repositories,
945 'repository_branches': self.permissions_repository_branches,
848 'repositories_groups': self.permissions_repository_groups,
946 'repositories_groups': self.permissions_repository_groups,
849 'user_groups': self.permissions_user_groups,
947 'user_groups': self.permissions_user_groups,
850 }
948 }
851
949
852
950
853 def allowed_auth_token_access(view_name, auth_token, whitelist=None):
951 def allowed_auth_token_access(view_name, auth_token, whitelist=None):
854 """
952 """
855 Check if given controller_name is in whitelist of auth token access
953 Check if given controller_name is in whitelist of auth token access
856 """
954 """
857 if not whitelist:
955 if not whitelist:
858 from rhodecode import CONFIG
956 from rhodecode import CONFIG
859 whitelist = aslist(
957 whitelist = aslist(
860 CONFIG.get('api_access_controllers_whitelist'), sep=',')
958 CONFIG.get('api_access_controllers_whitelist'), sep=',')
861 # backward compat translation
959 # backward compat translation
862 compat = {
960 compat = {
863 # old controller, new VIEW
961 # old controller, new VIEW
864 'ChangesetController:*': 'RepoCommitsView:*',
962 'ChangesetController:*': 'RepoCommitsView:*',
865 'ChangesetController:changeset_patch': 'RepoCommitsView:repo_commit_patch',
963 'ChangesetController:changeset_patch': 'RepoCommitsView:repo_commit_patch',
866 'ChangesetController:changeset_raw': 'RepoCommitsView:repo_commit_raw',
964 'ChangesetController:changeset_raw': 'RepoCommitsView:repo_commit_raw',
867 'FilesController:raw': 'RepoCommitsView:repo_commit_raw',
965 'FilesController:raw': 'RepoCommitsView:repo_commit_raw',
868 'FilesController:archivefile': 'RepoFilesView:repo_archivefile',
966 'FilesController:archivefile': 'RepoFilesView:repo_archivefile',
869 'GistsController:*': 'GistView:*',
967 'GistsController:*': 'GistView:*',
870 }
968 }
871
969
872 log.debug(
970 log.debug(
873 'Allowed views for AUTH TOKEN access: %s' % (whitelist,))
971 'Allowed views for AUTH TOKEN access: %s' % (whitelist,))
874 auth_token_access_valid = False
972 auth_token_access_valid = False
875
973
876 for entry in whitelist:
974 for entry in whitelist:
877 token_match = True
975 token_match = True
878 if entry in compat:
976 if entry in compat:
879 # translate from old Controllers to Pyramid Views
977 # translate from old Controllers to Pyramid Views
880 entry = compat[entry]
978 entry = compat[entry]
881
979
882 if '@' in entry:
980 if '@' in entry:
883 # specific AuthToken
981 # specific AuthToken
884 entry, allowed_token = entry.split('@', 1)
982 entry, allowed_token = entry.split('@', 1)
885 token_match = auth_token == allowed_token
983 token_match = auth_token == allowed_token
886
984
887 if fnmatch.fnmatch(view_name, entry) and token_match:
985 if fnmatch.fnmatch(view_name, entry) and token_match:
888 auth_token_access_valid = True
986 auth_token_access_valid = True
889 break
987 break
890
988
891 if auth_token_access_valid:
989 if auth_token_access_valid:
892 log.debug('view: `%s` matches entry in whitelist: %s'
990 log.debug('view: `%s` matches entry in whitelist: %s'
893 % (view_name, whitelist))
991 % (view_name, whitelist))
894 else:
992 else:
895 msg = ('view: `%s` does *NOT* match any entry in whitelist: %s'
993 msg = ('view: `%s` does *NOT* match any entry in whitelist: %s'
896 % (view_name, whitelist))
994 % (view_name, whitelist))
897 if auth_token:
995 if auth_token:
898 # if we use auth token key and don't have access it's a warning
996 # if we use auth token key and don't have access it's a warning
899 log.warning(msg)
997 log.warning(msg)
900 else:
998 else:
901 log.debug(msg)
999 log.debug(msg)
902
1000
903 return auth_token_access_valid
1001 return auth_token_access_valid
904
1002
905
1003
906 class AuthUser(object):
1004 class AuthUser(object):
907 """
1005 """
908 A simple object that handles all attributes of user in RhodeCode
1006 A simple object that handles all attributes of user in RhodeCode
909
1007
910 It does lookup based on API key,given user, or user present in session
1008 It does lookup based on API key,given user, or user present in session
911 Then it fills all required information for such user. It also checks if
1009 Then it fills all required information for such user. It also checks if
912 anonymous access is enabled and if so, it returns default user as logged in
1010 anonymous access is enabled and if so, it returns default user as logged in
913 """
1011 """
914 GLOBAL_PERMS = [x[0] for x in Permission.PERMS]
1012 GLOBAL_PERMS = [x[0] for x in Permission.PERMS]
915
1013
916 def __init__(self, user_id=None, api_key=None, username=None, ip_addr=None):
1014 def __init__(self, user_id=None, api_key=None, username=None, ip_addr=None):
917
1015
918 self.user_id = user_id
1016 self.user_id = user_id
919 self._api_key = api_key
1017 self._api_key = api_key
920
1018
921 self.api_key = None
1019 self.api_key = None
922 self.username = username
1020 self.username = username
923 self.ip_addr = ip_addr
1021 self.ip_addr = ip_addr
924 self.name = ''
1022 self.name = ''
925 self.lastname = ''
1023 self.lastname = ''
926 self.first_name = ''
1024 self.first_name = ''
927 self.last_name = ''
1025 self.last_name = ''
928 self.email = ''
1026 self.email = ''
929 self.is_authenticated = False
1027 self.is_authenticated = False
930 self.admin = False
1028 self.admin = False
931 self.inherit_default_permissions = False
1029 self.inherit_default_permissions = False
932 self.password = ''
1030 self.password = ''
933
1031
934 self.anonymous_user = None # propagated on propagate_data
1032 self.anonymous_user = None # propagated on propagate_data
935 self.propagate_data()
1033 self.propagate_data()
936 self._instance = None
1034 self._instance = None
937 self._permissions_scoped_cache = {} # used to bind scoped calculation
1035 self._permissions_scoped_cache = {} # used to bind scoped calculation
938
1036
939 @LazyProperty
1037 @LazyProperty
940 def permissions(self):
1038 def permissions(self):
941 return self.get_perms(user=self, cache=False)
1039 return self.get_perms(user=self, cache=False)
942
1040
943 @LazyProperty
1041 @LazyProperty
944 def permissions_safe(self):
1042 def permissions_safe(self):
945 """
1043 """
946 Filtered permissions excluding not allowed repositories
1044 Filtered permissions excluding not allowed repositories
947 """
1045 """
948 perms = self.get_perms(user=self, cache=False)
1046 perms = self.get_perms(user=self, cache=False)
949
1047
950 perms['repositories'] = {
1048 perms['repositories'] = {
951 k: v for k, v in perms['repositories'].items()
1049 k: v for k, v in perms['repositories'].items()
952 if v != 'repository.none'}
1050 if v != 'repository.none'}
953 perms['repositories_groups'] = {
1051 perms['repositories_groups'] = {
954 k: v for k, v in perms['repositories_groups'].items()
1052 k: v for k, v in perms['repositories_groups'].items()
955 if v != 'group.none'}
1053 if v != 'group.none'}
956 perms['user_groups'] = {
1054 perms['user_groups'] = {
957 k: v for k, v in perms['user_groups'].items()
1055 k: v for k, v in perms['user_groups'].items()
958 if v != 'usergroup.none'}
1056 if v != 'usergroup.none'}
1057 perms['repository_branches'] = {
1058 k: v for k, v in perms['repository_branches'].iteritems()
1059 if v != 'branch.none'}
959 return perms
1060 return perms
960
1061
961 @LazyProperty
1062 @LazyProperty
962 def permissions_full_details(self):
1063 def permissions_full_details(self):
963 return self.get_perms(
1064 return self.get_perms(
964 user=self, cache=False, calculate_super_admin=True)
1065 user=self, cache=False, calculate_super_admin=True)
965
1066
966 def permissions_with_scope(self, scope):
1067 def permissions_with_scope(self, scope):
967 """
1068 """
968 Call the get_perms function with scoped data. The scope in that function
1069 Call the get_perms function with scoped data. The scope in that function
969 narrows the SQL calls to the given ID of objects resulting in fetching
1070 narrows the SQL calls to the given ID of objects resulting in fetching
970 Just particular permission we want to obtain. If scope is an empty dict
1071 Just particular permission we want to obtain. If scope is an empty dict
971 then it basically narrows the scope to GLOBAL permissions only.
1072 then it basically narrows the scope to GLOBAL permissions only.
972
1073
973 :param scope: dict
1074 :param scope: dict
974 """
1075 """
975 if 'repo_name' in scope:
1076 if 'repo_name' in scope:
976 obj = Repository.get_by_repo_name(scope['repo_name'])
1077 obj = Repository.get_by_repo_name(scope['repo_name'])
977 if obj:
1078 if obj:
978 scope['repo_id'] = obj.repo_id
1079 scope['repo_id'] = obj.repo_id
979 _scope = collections.OrderedDict()
1080 _scope = collections.OrderedDict()
980 _scope['repo_id'] = -1
1081 _scope['repo_id'] = -1
981 _scope['user_group_id'] = -1
1082 _scope['user_group_id'] = -1
982 _scope['repo_group_id'] = -1
1083 _scope['repo_group_id'] = -1
983
1084
984 for k in sorted(scope.keys()):
1085 for k in sorted(scope.keys()):
985 _scope[k] = scope[k]
1086 _scope[k] = scope[k]
986
1087
987 # store in cache to mimic how the @LazyProperty works,
1088 # store in cache to mimic how the @LazyProperty works,
988 # the difference here is that we use the unique key calculated
1089 # the difference here is that we use the unique key calculated
989 # from params and values
1090 # from params and values
990 return self.get_perms(user=self, cache=False, scope=_scope)
1091 return self.get_perms(user=self, cache=False, scope=_scope)
991
1092
992 def get_instance(self):
1093 def get_instance(self):
993 return User.get(self.user_id)
1094 return User.get(self.user_id)
994
1095
995 def propagate_data(self):
1096 def propagate_data(self):
996 """
1097 """
997 Fills in user data and propagates values to this instance. Maps fetched
1098 Fills in user data and propagates values to this instance. Maps fetched
998 user attributes to this class instance attributes
1099 user attributes to this class instance attributes
999 """
1100 """
1000 log.debug('AuthUser: starting data propagation for new potential user')
1101 log.debug('AuthUser: starting data propagation for new potential user')
1001 user_model = UserModel()
1102 user_model = UserModel()
1002 anon_user = self.anonymous_user = User.get_default_user(cache=True)
1103 anon_user = self.anonymous_user = User.get_default_user(cache=True)
1003 is_user_loaded = False
1104 is_user_loaded = False
1004
1105
1005 # lookup by userid
1106 # lookup by userid
1006 if self.user_id is not None and self.user_id != anon_user.user_id:
1107 if self.user_id is not None and self.user_id != anon_user.user_id:
1007 log.debug('Trying Auth User lookup by USER ID: `%s`', self.user_id)
1108 log.debug('Trying Auth User lookup by USER ID: `%s`', self.user_id)
1008 is_user_loaded = user_model.fill_data(self, user_id=self.user_id)
1109 is_user_loaded = user_model.fill_data(self, user_id=self.user_id)
1009
1110
1010 # try go get user by api key
1111 # try go get user by api key
1011 elif self._api_key and self._api_key != anon_user.api_key:
1112 elif self._api_key and self._api_key != anon_user.api_key:
1012 log.debug('Trying Auth User lookup by API KEY: `%s`', self._api_key)
1113 log.debug('Trying Auth User lookup by API KEY: `%s`', self._api_key)
1013 is_user_loaded = user_model.fill_data(self, api_key=self._api_key)
1114 is_user_loaded = user_model.fill_data(self, api_key=self._api_key)
1014
1115
1015 # lookup by username
1116 # lookup by username
1016 elif self.username:
1117 elif self.username:
1017 log.debug('Trying Auth User lookup by USER NAME: `%s`', self.username)
1118 log.debug('Trying Auth User lookup by USER NAME: `%s`', self.username)
1018 is_user_loaded = user_model.fill_data(self, username=self.username)
1119 is_user_loaded = user_model.fill_data(self, username=self.username)
1019 else:
1120 else:
1020 log.debug('No data in %s that could been used to log in', self)
1121 log.debug('No data in %s that could been used to log in', self)
1021
1122
1022 if not is_user_loaded:
1123 if not is_user_loaded:
1023 log.debug(
1124 log.debug(
1024 'Failed to load user. Fallback to default user %s', anon_user)
1125 'Failed to load user. Fallback to default user %s', anon_user)
1025 # if we cannot authenticate user try anonymous
1126 # if we cannot authenticate user try anonymous
1026 if anon_user.active:
1127 if anon_user.active:
1027 log.debug('default user is active, using it as a session user')
1128 log.debug('default user is active, using it as a session user')
1028 user_model.fill_data(self, user_id=anon_user.user_id)
1129 user_model.fill_data(self, user_id=anon_user.user_id)
1029 # then we set this user is logged in
1130 # then we set this user is logged in
1030 self.is_authenticated = True
1131 self.is_authenticated = True
1031 else:
1132 else:
1032 log.debug('default user is NOT active')
1133 log.debug('default user is NOT active')
1033 # in case of disabled anonymous user we reset some of the
1134 # in case of disabled anonymous user we reset some of the
1034 # parameters so such user is "corrupted", skipping the fill_data
1135 # parameters so such user is "corrupted", skipping the fill_data
1035 for attr in ['user_id', 'username', 'admin', 'active']:
1136 for attr in ['user_id', 'username', 'admin', 'active']:
1036 setattr(self, attr, None)
1137 setattr(self, attr, None)
1037 self.is_authenticated = False
1138 self.is_authenticated = False
1038
1139
1039 if not self.username:
1140 if not self.username:
1040 self.username = 'None'
1141 self.username = 'None'
1041
1142
1042 log.debug('AuthUser: propagated user is now %s', self)
1143 log.debug('AuthUser: propagated user is now %s', self)
1043
1144
1044 def get_perms(self, user, scope=None, explicit=True, algo='higherwin',
1145 def get_perms(self, user, scope=None, explicit=True, algo='higherwin',
1045 calculate_super_admin=False, cache=False):
1146 calculate_super_admin=False, cache=False):
1046 """
1147 """
1047 Fills user permission attribute with permissions taken from database
1148 Fills user permission attribute with permissions taken from database
1048 works for permissions given for repositories, and for permissions that
1149 works for permissions given for repositories, and for permissions that
1049 are granted to groups
1150 are granted to groups
1050
1151
1051 :param user: instance of User object from database
1152 :param user: instance of User object from database
1052 :param explicit: In case there are permissions both for user and a group
1153 :param explicit: In case there are permissions both for user and a group
1053 that user is part of, explicit flag will defiine if user will
1154 that user is part of, explicit flag will defiine if user will
1054 explicitly override permissions from group, if it's False it will
1155 explicitly override permissions from group, if it's False it will
1055 make decision based on the algo
1156 make decision based on the algo
1056 :param algo: algorithm to decide what permission should be choose if
1157 :param algo: algorithm to decide what permission should be choose if
1057 it's multiple defined, eg user in two different groups. It also
1158 it's multiple defined, eg user in two different groups. It also
1058 decides if explicit flag is turned off how to specify the permission
1159 decides if explicit flag is turned off how to specify the permission
1059 for case when user is in a group + have defined separate permission
1160 for case when user is in a group + have defined separate permission
1060 """
1161 """
1061 user_id = user.user_id
1162 user_id = user.user_id
1062 user_is_admin = user.is_admin
1163 user_is_admin = user.is_admin
1063
1164
1064 # inheritance of global permissions like create repo/fork repo etc
1165 # inheritance of global permissions like create repo/fork repo etc
1065 user_inherit_default_permissions = user.inherit_default_permissions
1166 user_inherit_default_permissions = user.inherit_default_permissions
1066
1167
1067 cache_seconds = safe_int(
1168 cache_seconds = safe_int(
1068 rhodecode.CONFIG.get('rc_cache.cache_perms.expiration_time'))
1169 rhodecode.CONFIG.get('rc_cache.cache_perms.expiration_time'))
1069
1170
1070 cache_on = cache or cache_seconds > 0
1171 cache_on = cache or cache_seconds > 0
1071 log.debug(
1172 log.debug(
1072 'Computing PERMISSION tree for user %s scope `%s` '
1173 'Computing PERMISSION tree for user %s scope `%s` '
1073 'with caching: %s[TTL: %ss]' % (user, scope, cache_on, cache_seconds or 0))
1174 'with caching: %s[TTL: %ss]' % (user, scope, cache_on, cache_seconds or 0))
1074
1175
1075 cache_namespace_uid = 'cache_user_auth.{}'.format(user_id)
1176 cache_namespace_uid = 'cache_user_auth.{}'.format(user_id)
1076 region = rc_cache.get_or_create_region('cache_perms', cache_namespace_uid)
1177 region = rc_cache.get_or_create_region('cache_perms', cache_namespace_uid)
1077
1178
1078 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid,
1179 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid,
1079 condition=cache_on)
1180 condition=cache_on)
1080 def compute_perm_tree(cache_name,
1181 def compute_perm_tree(cache_name,
1081 user_id, scope, user_is_admin,user_inherit_default_permissions,
1182 user_id, scope, user_is_admin,user_inherit_default_permissions,
1082 explicit, algo, calculate_super_admin):
1183 explicit, algo, calculate_super_admin):
1083 return _cached_perms_data(
1184 return _cached_perms_data(
1084 user_id, scope, user_is_admin, user_inherit_default_permissions,
1185 user_id, scope, user_is_admin, user_inherit_default_permissions,
1085 explicit, algo, calculate_super_admin)
1186 explicit, algo, calculate_super_admin)
1086
1187
1087 start = time.time()
1188 start = time.time()
1088 result = compute_perm_tree('permissions', user_id, scope, user_is_admin,
1189 result = compute_perm_tree('permissions', user_id, scope, user_is_admin,
1089 user_inherit_default_permissions, explicit, algo,
1190 user_inherit_default_permissions, explicit, algo,
1090 calculate_super_admin)
1191 calculate_super_admin)
1091
1192
1092 result_repr = []
1193 result_repr = []
1093 for k in result:
1194 for k in result:
1094 result_repr.append((k, len(result[k])))
1195 result_repr.append((k, len(result[k])))
1095 total = time.time() - start
1196 total = time.time() - start
1096 log.debug('PERMISSION tree for user %s computed in %.3fs: %s' % (
1197 log.debug('PERMISSION tree for user %s computed in %.3fs: %s' % (
1097 user, total, result_repr))
1198 user, total, result_repr))
1098
1199
1099 return result
1200 return result
1100
1201
1101 @property
1202 @property
1102 def is_default(self):
1203 def is_default(self):
1103 return self.username == User.DEFAULT_USER
1204 return self.username == User.DEFAULT_USER
1104
1205
1105 @property
1206 @property
1106 def is_admin(self):
1207 def is_admin(self):
1107 return self.admin
1208 return self.admin
1108
1209
1109 @property
1210 @property
1110 def is_user_object(self):
1211 def is_user_object(self):
1111 return self.user_id is not None
1212 return self.user_id is not None
1112
1213
1113 @property
1214 @property
1114 def repositories_admin(self):
1215 def repositories_admin(self):
1115 """
1216 """
1116 Returns list of repositories you're an admin of
1217 Returns list of repositories you're an admin of
1117 """
1218 """
1118 return [
1219 return [
1119 x[0] for x in self.permissions['repositories'].items()
1220 x[0] for x in self.permissions['repositories'].items()
1120 if x[1] == 'repository.admin']
1221 if x[1] == 'repository.admin']
1121
1222
1122 @property
1223 @property
1123 def repository_groups_admin(self):
1224 def repository_groups_admin(self):
1124 """
1225 """
1125 Returns list of repository groups you're an admin of
1226 Returns list of repository groups you're an admin of
1126 """
1227 """
1127 return [
1228 return [
1128 x[0] for x in self.permissions['repositories_groups'].items()
1229 x[0] for x in self.permissions['repositories_groups'].items()
1129 if x[1] == 'group.admin']
1230 if x[1] == 'group.admin']
1130
1231
1131 @property
1232 @property
1132 def user_groups_admin(self):
1233 def user_groups_admin(self):
1133 """
1234 """
1134 Returns list of user groups you're an admin of
1235 Returns list of user groups you're an admin of
1135 """
1236 """
1136 return [
1237 return [
1137 x[0] for x in self.permissions['user_groups'].items()
1238 x[0] for x in self.permissions['user_groups'].items()
1138 if x[1] == 'usergroup.admin']
1239 if x[1] == 'usergroup.admin']
1139
1240
1140 def repo_acl_ids(self, perms=None, name_filter=None, cache=False):
1241 def repo_acl_ids(self, perms=None, name_filter=None, cache=False):
1141 """
1242 """
1142 Returns list of repository ids that user have access to based on given
1243 Returns list of repository ids that user have access to based on given
1143 perms. The cache flag should be only used in cases that are used for
1244 perms. The cache flag should be only used in cases that are used for
1144 display purposes, NOT IN ANY CASE for permission checks.
1245 display purposes, NOT IN ANY CASE for permission checks.
1145 """
1246 """
1146 from rhodecode.model.scm import RepoList
1247 from rhodecode.model.scm import RepoList
1147 if not perms:
1248 if not perms:
1148 perms = [
1249 perms = [
1149 'repository.read', 'repository.write', 'repository.admin']
1250 'repository.read', 'repository.write', 'repository.admin']
1150
1251
1151 def _cached_repo_acl(user_id, perm_def, _name_filter):
1252 def _cached_repo_acl(user_id, perm_def, _name_filter):
1152 qry = Repository.query()
1253 qry = Repository.query()
1153 if _name_filter:
1254 if _name_filter:
1154 ilike_expression = u'%{}%'.format(safe_unicode(_name_filter))
1255 ilike_expression = u'%{}%'.format(safe_unicode(_name_filter))
1155 qry = qry.filter(
1256 qry = qry.filter(
1156 Repository.repo_name.ilike(ilike_expression))
1257 Repository.repo_name.ilike(ilike_expression))
1157
1258
1158 return [x.repo_id for x in
1259 return [x.repo_id for x in
1159 RepoList(qry, perm_set=perm_def)]
1260 RepoList(qry, perm_set=perm_def)]
1160
1261
1161 return _cached_repo_acl(self.user_id, perms, name_filter)
1262 return _cached_repo_acl(self.user_id, perms, name_filter)
1162
1263
1163 def repo_group_acl_ids(self, perms=None, name_filter=None, cache=False):
1264 def repo_group_acl_ids(self, perms=None, name_filter=None, cache=False):
1164 """
1265 """
1165 Returns list of repository group ids that user have access to based on given
1266 Returns list of repository group ids that user have access to based on given
1166 perms. The cache flag should be only used in cases that are used for
1267 perms. The cache flag should be only used in cases that are used for
1167 display purposes, NOT IN ANY CASE for permission checks.
1268 display purposes, NOT IN ANY CASE for permission checks.
1168 """
1269 """
1169 from rhodecode.model.scm import RepoGroupList
1270 from rhodecode.model.scm import RepoGroupList
1170 if not perms:
1271 if not perms:
1171 perms = [
1272 perms = [
1172 'group.read', 'group.write', 'group.admin']
1273 'group.read', 'group.write', 'group.admin']
1173
1274
1174 def _cached_repo_group_acl(user_id, perm_def, _name_filter):
1275 def _cached_repo_group_acl(user_id, perm_def, _name_filter):
1175 qry = RepoGroup.query()
1276 qry = RepoGroup.query()
1176 if _name_filter:
1277 if _name_filter:
1177 ilike_expression = u'%{}%'.format(safe_unicode(_name_filter))
1278 ilike_expression = u'%{}%'.format(safe_unicode(_name_filter))
1178 qry = qry.filter(
1279 qry = qry.filter(
1179 RepoGroup.group_name.ilike(ilike_expression))
1280 RepoGroup.group_name.ilike(ilike_expression))
1180
1281
1181 return [x.group_id for x in
1282 return [x.group_id for x in
1182 RepoGroupList(qry, perm_set=perm_def)]
1283 RepoGroupList(qry, perm_set=perm_def)]
1183
1284
1184 return _cached_repo_group_acl(self.user_id, perms, name_filter)
1285 return _cached_repo_group_acl(self.user_id, perms, name_filter)
1185
1286
1186 def user_group_acl_ids(self, perms=None, name_filter=None, cache=False):
1287 def user_group_acl_ids(self, perms=None, name_filter=None, cache=False):
1187 """
1288 """
1188 Returns list of user group ids that user have access to based on given
1289 Returns list of user group ids that user have access to based on given
1189 perms. The cache flag should be only used in cases that are used for
1290 perms. The cache flag should be only used in cases that are used for
1190 display purposes, NOT IN ANY CASE for permission checks.
1291 display purposes, NOT IN ANY CASE for permission checks.
1191 """
1292 """
1192 from rhodecode.model.scm import UserGroupList
1293 from rhodecode.model.scm import UserGroupList
1193 if not perms:
1294 if not perms:
1194 perms = [
1295 perms = [
1195 'usergroup.read', 'usergroup.write', 'usergroup.admin']
1296 'usergroup.read', 'usergroup.write', 'usergroup.admin']
1196
1297
1197 def _cached_user_group_acl(user_id, perm_def, name_filter):
1298 def _cached_user_group_acl(user_id, perm_def, name_filter):
1198 qry = UserGroup.query()
1299 qry = UserGroup.query()
1199 if name_filter:
1300 if name_filter:
1200 ilike_expression = u'%{}%'.format(safe_unicode(name_filter))
1301 ilike_expression = u'%{}%'.format(safe_unicode(name_filter))
1201 qry = qry.filter(
1302 qry = qry.filter(
1202 UserGroup.users_group_name.ilike(ilike_expression))
1303 UserGroup.users_group_name.ilike(ilike_expression))
1203
1304
1204 return [x.users_group_id for x in
1305 return [x.users_group_id for x in
1205 UserGroupList(qry, perm_set=perm_def)]
1306 UserGroupList(qry, perm_set=perm_def)]
1206
1307
1207 return _cached_user_group_acl(self.user_id, perms, name_filter)
1308 return _cached_user_group_acl(self.user_id, perms, name_filter)
1208
1309
1209 @property
1310 @property
1210 def ip_allowed(self):
1311 def ip_allowed(self):
1211 """
1312 """
1212 Checks if ip_addr used in constructor is allowed from defined list of
1313 Checks if ip_addr used in constructor is allowed from defined list of
1213 allowed ip_addresses for user
1314 allowed ip_addresses for user
1214
1315
1215 :returns: boolean, True if ip is in allowed ip range
1316 :returns: boolean, True if ip is in allowed ip range
1216 """
1317 """
1217 # check IP
1318 # check IP
1218 inherit = self.inherit_default_permissions
1319 inherit = self.inherit_default_permissions
1219 return AuthUser.check_ip_allowed(self.user_id, self.ip_addr,
1320 return AuthUser.check_ip_allowed(self.user_id, self.ip_addr,
1220 inherit_from_default=inherit)
1321 inherit_from_default=inherit)
1221 @property
1322 @property
1222 def personal_repo_group(self):
1323 def personal_repo_group(self):
1223 return RepoGroup.get_user_personal_repo_group(self.user_id)
1324 return RepoGroup.get_user_personal_repo_group(self.user_id)
1224
1325
1225 @LazyProperty
1326 @LazyProperty
1226 def feed_token(self):
1327 def feed_token(self):
1227 return self.get_instance().feed_token
1328 return self.get_instance().feed_token
1228
1329
1229 @classmethod
1330 @classmethod
1230 def check_ip_allowed(cls, user_id, ip_addr, inherit_from_default):
1331 def check_ip_allowed(cls, user_id, ip_addr, inherit_from_default):
1231 allowed_ips = AuthUser.get_allowed_ips(
1332 allowed_ips = AuthUser.get_allowed_ips(
1232 user_id, cache=True, inherit_from_default=inherit_from_default)
1333 user_id, cache=True, inherit_from_default=inherit_from_default)
1233 if check_ip_access(source_ip=ip_addr, allowed_ips=allowed_ips):
1334 if check_ip_access(source_ip=ip_addr, allowed_ips=allowed_ips):
1234 log.debug('IP:%s for user %s is in range of %s' % (
1335 log.debug('IP:%s for user %s is in range of %s' % (
1235 ip_addr, user_id, allowed_ips))
1336 ip_addr, user_id, allowed_ips))
1236 return True
1337 return True
1237 else:
1338 else:
1238 log.info('Access for IP:%s forbidden for user %s, '
1339 log.info('Access for IP:%s forbidden for user %s, '
1239 'not in %s' % (ip_addr, user_id, allowed_ips))
1340 'not in %s' % (ip_addr, user_id, allowed_ips))
1240 return False
1341 return False
1241
1342
1242 def __repr__(self):
1343 def __repr__(self):
1243 return "<AuthUser('id:%s[%s] ip:%s auth:%s')>"\
1344 return "<AuthUser('id:%s[%s] ip:%s auth:%s')>"\
1244 % (self.user_id, self.username, self.ip_addr, self.is_authenticated)
1345 % (self.user_id, self.username, self.ip_addr, self.is_authenticated)
1245
1346
1246 def set_authenticated(self, authenticated=True):
1347 def set_authenticated(self, authenticated=True):
1247 if self.user_id != self.anonymous_user.user_id:
1348 if self.user_id != self.anonymous_user.user_id:
1248 self.is_authenticated = authenticated
1349 self.is_authenticated = authenticated
1249
1350
1250 def get_cookie_store(self):
1351 def get_cookie_store(self):
1251 return {
1352 return {
1252 'username': self.username,
1353 'username': self.username,
1253 'password': md5(self.password or ''),
1354 'password': md5(self.password or ''),
1254 'user_id': self.user_id,
1355 'user_id': self.user_id,
1255 'is_authenticated': self.is_authenticated
1356 'is_authenticated': self.is_authenticated
1256 }
1357 }
1257
1358
1258 @classmethod
1359 @classmethod
1259 def from_cookie_store(cls, cookie_store):
1360 def from_cookie_store(cls, cookie_store):
1260 """
1361 """
1261 Creates AuthUser from a cookie store
1362 Creates AuthUser from a cookie store
1262
1363
1263 :param cls:
1364 :param cls:
1264 :param cookie_store:
1365 :param cookie_store:
1265 """
1366 """
1266 user_id = cookie_store.get('user_id')
1367 user_id = cookie_store.get('user_id')
1267 username = cookie_store.get('username')
1368 username = cookie_store.get('username')
1268 api_key = cookie_store.get('api_key')
1369 api_key = cookie_store.get('api_key')
1269 return AuthUser(user_id, api_key, username)
1370 return AuthUser(user_id, api_key, username)
1270
1371
1271 @classmethod
1372 @classmethod
1272 def get_allowed_ips(cls, user_id, cache=False, inherit_from_default=False):
1373 def get_allowed_ips(cls, user_id, cache=False, inherit_from_default=False):
1273 _set = set()
1374 _set = set()
1274
1375
1275 if inherit_from_default:
1376 if inherit_from_default:
1276 def_user_id = User.get_default_user(cache=True).user_id
1377 def_user_id = User.get_default_user(cache=True).user_id
1277 default_ips = UserIpMap.query().filter(UserIpMap.user_id == def_user_id)
1378 default_ips = UserIpMap.query().filter(UserIpMap.user_id == def_user_id)
1278 if cache:
1379 if cache:
1279 default_ips = default_ips.options(
1380 default_ips = default_ips.options(
1280 FromCache("sql_cache_short", "get_user_ips_default"))
1381 FromCache("sql_cache_short", "get_user_ips_default"))
1281
1382
1282 # populate from default user
1383 # populate from default user
1283 for ip in default_ips:
1384 for ip in default_ips:
1284 try:
1385 try:
1285 _set.add(ip.ip_addr)
1386 _set.add(ip.ip_addr)
1286 except ObjectDeletedError:
1387 except ObjectDeletedError:
1287 # since we use heavy caching sometimes it happens that
1388 # since we use heavy caching sometimes it happens that
1288 # we get deleted objects here, we just skip them
1389 # we get deleted objects here, we just skip them
1289 pass
1390 pass
1290
1391
1291 # NOTE:(marcink) we don't want to load any rules for empty
1392 # NOTE:(marcink) we don't want to load any rules for empty
1292 # user_id which is the case of access of non logged users when anonymous
1393 # user_id which is the case of access of non logged users when anonymous
1293 # access is disabled
1394 # access is disabled
1294 user_ips = []
1395 user_ips = []
1295 if user_id:
1396 if user_id:
1296 user_ips = UserIpMap.query().filter(UserIpMap.user_id == user_id)
1397 user_ips = UserIpMap.query().filter(UserIpMap.user_id == user_id)
1297 if cache:
1398 if cache:
1298 user_ips = user_ips.options(
1399 user_ips = user_ips.options(
1299 FromCache("sql_cache_short", "get_user_ips_%s" % user_id))
1400 FromCache("sql_cache_short", "get_user_ips_%s" % user_id))
1300
1401
1301 for ip in user_ips:
1402 for ip in user_ips:
1302 try:
1403 try:
1303 _set.add(ip.ip_addr)
1404 _set.add(ip.ip_addr)
1304 except ObjectDeletedError:
1405 except ObjectDeletedError:
1305 # since we use heavy caching sometimes it happens that we get
1406 # since we use heavy caching sometimes it happens that we get
1306 # deleted objects here, we just skip them
1407 # deleted objects here, we just skip them
1307 pass
1408 pass
1308 return _set or {ip for ip in ['0.0.0.0/0', '::/0']}
1409 return _set or {ip for ip in ['0.0.0.0/0', '::/0']}
1309
1410
1310
1411
1311 def set_available_permissions(settings):
1412 def set_available_permissions(settings):
1312 """
1413 """
1313 This function will propagate pyramid settings with all available defined
1414 This function will propagate pyramid settings with all available defined
1314 permission given in db. We don't want to check each time from db for new
1415 permission given in db. We don't want to check each time from db for new
1315 permissions since adding a new permission also requires application restart
1416 permissions since adding a new permission also requires application restart
1316 ie. to decorate new views with the newly created permission
1417 ie. to decorate new views with the newly created permission
1317
1418
1318 :param settings: current pyramid registry.settings
1419 :param settings: current pyramid registry.settings
1319
1420
1320 """
1421 """
1321 log.debug('auth: getting information about all available permissions')
1422 log.debug('auth: getting information about all available permissions')
1322 try:
1423 try:
1323 sa = meta.Session
1424 sa = meta.Session
1324 all_perms = sa.query(Permission).all()
1425 all_perms = sa.query(Permission).all()
1325 settings.setdefault('available_permissions',
1426 settings.setdefault('available_permissions',
1326 [x.permission_name for x in all_perms])
1427 [x.permission_name for x in all_perms])
1327 log.debug('auth: set available permissions')
1428 log.debug('auth: set available permissions')
1328 except Exception:
1429 except Exception:
1329 log.exception('Failed to fetch permissions from the database.')
1430 log.exception('Failed to fetch permissions from the database.')
1330 raise
1431 raise
1331
1432
1332
1433
1333 def get_csrf_token(session, force_new=False, save_if_missing=True):
1434 def get_csrf_token(session, force_new=False, save_if_missing=True):
1334 """
1435 """
1335 Return the current authentication token, creating one if one doesn't
1436 Return the current authentication token, creating one if one doesn't
1336 already exist and the save_if_missing flag is present.
1437 already exist and the save_if_missing flag is present.
1337
1438
1338 :param session: pass in the pyramid session, else we use the global ones
1439 :param session: pass in the pyramid session, else we use the global ones
1339 :param force_new: force to re-generate the token and store it in session
1440 :param force_new: force to re-generate the token and store it in session
1340 :param save_if_missing: save the newly generated token if it's missing in
1441 :param save_if_missing: save the newly generated token if it's missing in
1341 session
1442 session
1342 """
1443 """
1343 # NOTE(marcink): probably should be replaced with below one from pyramid 1.9
1444 # NOTE(marcink): probably should be replaced with below one from pyramid 1.9
1344 # from pyramid.csrf import get_csrf_token
1445 # from pyramid.csrf import get_csrf_token
1345
1446
1346 if (csrf_token_key not in session and save_if_missing) or force_new:
1447 if (csrf_token_key not in session and save_if_missing) or force_new:
1347 token = hashlib.sha1(str(random.getrandbits(128))).hexdigest()
1448 token = hashlib.sha1(str(random.getrandbits(128))).hexdigest()
1348 session[csrf_token_key] = token
1449 session[csrf_token_key] = token
1349 if hasattr(session, 'save'):
1450 if hasattr(session, 'save'):
1350 session.save()
1451 session.save()
1351 return session.get(csrf_token_key)
1452 return session.get(csrf_token_key)
1352
1453
1353
1454
1354 def get_request(perm_class_instance):
1455 def get_request(perm_class_instance):
1355 from pyramid.threadlocal import get_current_request
1456 from pyramid.threadlocal import get_current_request
1356 pyramid_request = get_current_request()
1457 pyramid_request = get_current_request()
1357 return pyramid_request
1458 return pyramid_request
1358
1459
1359
1460
1360 # CHECK DECORATORS
1461 # CHECK DECORATORS
1361 class CSRFRequired(object):
1462 class CSRFRequired(object):
1362 """
1463 """
1363 Decorator for authenticating a form
1464 Decorator for authenticating a form
1364
1465
1365 This decorator uses an authorization token stored in the client's
1466 This decorator uses an authorization token stored in the client's
1366 session for prevention of certain Cross-site request forgery (CSRF)
1467 session for prevention of certain Cross-site request forgery (CSRF)
1367 attacks (See
1468 attacks (See
1368 http://en.wikipedia.org/wiki/Cross-site_request_forgery for more
1469 http://en.wikipedia.org/wiki/Cross-site_request_forgery for more
1369 information).
1470 information).
1370
1471
1371 For use with the ``webhelpers.secure_form`` helper functions.
1472 For use with the ``webhelpers.secure_form`` helper functions.
1372
1473
1373 """
1474 """
1374 def __init__(self, token=csrf_token_key, header='X-CSRF-Token',
1475 def __init__(self, token=csrf_token_key, header='X-CSRF-Token',
1375 except_methods=None):
1476 except_methods=None):
1376 self.token = token
1477 self.token = token
1377 self.header = header
1478 self.header = header
1378 self.except_methods = except_methods or []
1479 self.except_methods = except_methods or []
1379
1480
1380 def __call__(self, func):
1481 def __call__(self, func):
1381 return get_cython_compat_decorator(self.__wrapper, func)
1482 return get_cython_compat_decorator(self.__wrapper, func)
1382
1483
1383 def _get_csrf(self, _request):
1484 def _get_csrf(self, _request):
1384 return _request.POST.get(self.token, _request.headers.get(self.header))
1485 return _request.POST.get(self.token, _request.headers.get(self.header))
1385
1486
1386 def check_csrf(self, _request, cur_token):
1487 def check_csrf(self, _request, cur_token):
1387 supplied_token = self._get_csrf(_request)
1488 supplied_token = self._get_csrf(_request)
1388 return supplied_token and supplied_token == cur_token
1489 return supplied_token and supplied_token == cur_token
1389
1490
1390 def _get_request(self):
1491 def _get_request(self):
1391 return get_request(self)
1492 return get_request(self)
1392
1493
1393 def __wrapper(self, func, *fargs, **fkwargs):
1494 def __wrapper(self, func, *fargs, **fkwargs):
1394 request = self._get_request()
1495 request = self._get_request()
1395
1496
1396 if request.method in self.except_methods:
1497 if request.method in self.except_methods:
1397 return func(*fargs, **fkwargs)
1498 return func(*fargs, **fkwargs)
1398
1499
1399 cur_token = get_csrf_token(request.session, save_if_missing=False)
1500 cur_token = get_csrf_token(request.session, save_if_missing=False)
1400 if self.check_csrf(request, cur_token):
1501 if self.check_csrf(request, cur_token):
1401 if request.POST.get(self.token):
1502 if request.POST.get(self.token):
1402 del request.POST[self.token]
1503 del request.POST[self.token]
1403 return func(*fargs, **fkwargs)
1504 return func(*fargs, **fkwargs)
1404 else:
1505 else:
1405 reason = 'token-missing'
1506 reason = 'token-missing'
1406 supplied_token = self._get_csrf(request)
1507 supplied_token = self._get_csrf(request)
1407 if supplied_token and cur_token != supplied_token:
1508 if supplied_token and cur_token != supplied_token:
1408 reason = 'token-mismatch [%s:%s]' % (
1509 reason = 'token-mismatch [%s:%s]' % (
1409 cur_token or ''[:6], supplied_token or ''[:6])
1510 cur_token or ''[:6], supplied_token or ''[:6])
1410
1511
1411 csrf_message = \
1512 csrf_message = \
1412 ("Cross-site request forgery detected, request denied. See "
1513 ("Cross-site request forgery detected, request denied. See "
1413 "http://en.wikipedia.org/wiki/Cross-site_request_forgery for "
1514 "http://en.wikipedia.org/wiki/Cross-site_request_forgery for "
1414 "more information.")
1515 "more information.")
1415 log.warn('Cross-site request forgery detected, request %r DENIED: %s '
1516 log.warn('Cross-site request forgery detected, request %r DENIED: %s '
1416 'REMOTE_ADDR:%s, HEADERS:%s' % (
1517 'REMOTE_ADDR:%s, HEADERS:%s' % (
1417 request, reason, request.remote_addr, request.headers))
1518 request, reason, request.remote_addr, request.headers))
1418
1519
1419 raise HTTPForbidden(explanation=csrf_message)
1520 raise HTTPForbidden(explanation=csrf_message)
1420
1521
1421
1522
1422 class LoginRequired(object):
1523 class LoginRequired(object):
1423 """
1524 """
1424 Must be logged in to execute this function else
1525 Must be logged in to execute this function else
1425 redirect to login page
1526 redirect to login page
1426
1527
1427 :param api_access: if enabled this checks only for valid auth token
1528 :param api_access: if enabled this checks only for valid auth token
1428 and grants access based on valid token
1529 and grants access based on valid token
1429 """
1530 """
1430 def __init__(self, auth_token_access=None):
1531 def __init__(self, auth_token_access=None):
1431 self.auth_token_access = auth_token_access
1532 self.auth_token_access = auth_token_access
1432
1533
1433 def __call__(self, func):
1534 def __call__(self, func):
1434 return get_cython_compat_decorator(self.__wrapper, func)
1535 return get_cython_compat_decorator(self.__wrapper, func)
1435
1536
1436 def _get_request(self):
1537 def _get_request(self):
1437 return get_request(self)
1538 return get_request(self)
1438
1539
1439 def __wrapper(self, func, *fargs, **fkwargs):
1540 def __wrapper(self, func, *fargs, **fkwargs):
1440 from rhodecode.lib import helpers as h
1541 from rhodecode.lib import helpers as h
1441 cls = fargs[0]
1542 cls = fargs[0]
1442 user = cls._rhodecode_user
1543 user = cls._rhodecode_user
1443 request = self._get_request()
1544 request = self._get_request()
1444 _ = request.translate
1545 _ = request.translate
1445
1546
1446 loc = "%s:%s" % (cls.__class__.__name__, func.__name__)
1547 loc = "%s:%s" % (cls.__class__.__name__, func.__name__)
1447 log.debug('Starting login restriction checks for user: %s' % (user,))
1548 log.debug('Starting login restriction checks for user: %s' % (user,))
1448 # check if our IP is allowed
1549 # check if our IP is allowed
1449 ip_access_valid = True
1550 ip_access_valid = True
1450 if not user.ip_allowed:
1551 if not user.ip_allowed:
1451 h.flash(h.literal(_('IP %s not allowed' % (user.ip_addr,))),
1552 h.flash(h.literal(_('IP %s not allowed' % (user.ip_addr,))),
1452 category='warning')
1553 category='warning')
1453 ip_access_valid = False
1554 ip_access_valid = False
1454
1555
1455 # check if we used an APIKEY and it's a valid one
1556 # check if we used an APIKEY and it's a valid one
1456 # defined white-list of controllers which API access will be enabled
1557 # defined white-list of controllers which API access will be enabled
1457 _auth_token = request.GET.get(
1558 _auth_token = request.GET.get(
1458 'auth_token', '') or request.GET.get('api_key', '')
1559 'auth_token', '') or request.GET.get('api_key', '')
1459 auth_token_access_valid = allowed_auth_token_access(
1560 auth_token_access_valid = allowed_auth_token_access(
1460 loc, auth_token=_auth_token)
1561 loc, auth_token=_auth_token)
1461
1562
1462 # explicit controller is enabled or API is in our whitelist
1563 # explicit controller is enabled or API is in our whitelist
1463 if self.auth_token_access or auth_token_access_valid:
1564 if self.auth_token_access or auth_token_access_valid:
1464 log.debug('Checking AUTH TOKEN access for %s' % (cls,))
1565 log.debug('Checking AUTH TOKEN access for %s' % (cls,))
1465 db_user = user.get_instance()
1566 db_user = user.get_instance()
1466
1567
1467 if db_user:
1568 if db_user:
1468 if self.auth_token_access:
1569 if self.auth_token_access:
1469 roles = self.auth_token_access
1570 roles = self.auth_token_access
1470 else:
1571 else:
1471 roles = [UserApiKeys.ROLE_HTTP]
1572 roles = [UserApiKeys.ROLE_HTTP]
1472 token_match = db_user.authenticate_by_token(
1573 token_match = db_user.authenticate_by_token(
1473 _auth_token, roles=roles)
1574 _auth_token, roles=roles)
1474 else:
1575 else:
1475 log.debug('Unable to fetch db instance for auth user: %s', user)
1576 log.debug('Unable to fetch db instance for auth user: %s', user)
1476 token_match = False
1577 token_match = False
1477
1578
1478 if _auth_token and token_match:
1579 if _auth_token and token_match:
1479 auth_token_access_valid = True
1580 auth_token_access_valid = True
1480 log.debug('AUTH TOKEN ****%s is VALID' % (_auth_token[-4:],))
1581 log.debug('AUTH TOKEN ****%s is VALID' % (_auth_token[-4:],))
1481 else:
1582 else:
1482 auth_token_access_valid = False
1583 auth_token_access_valid = False
1483 if not _auth_token:
1584 if not _auth_token:
1484 log.debug("AUTH TOKEN *NOT* present in request")
1585 log.debug("AUTH TOKEN *NOT* present in request")
1485 else:
1586 else:
1486 log.warning(
1587 log.warning(
1487 "AUTH TOKEN ****%s *NOT* valid" % _auth_token[-4:])
1588 "AUTH TOKEN ****%s *NOT* valid" % _auth_token[-4:])
1488
1589
1489 log.debug('Checking if %s is authenticated @ %s' % (user.username, loc))
1590 log.debug('Checking if %s is authenticated @ %s' % (user.username, loc))
1490 reason = 'RHODECODE_AUTH' if user.is_authenticated \
1591 reason = 'RHODECODE_AUTH' if user.is_authenticated \
1491 else 'AUTH_TOKEN_AUTH'
1592 else 'AUTH_TOKEN_AUTH'
1492
1593
1493 if ip_access_valid and (
1594 if ip_access_valid and (
1494 user.is_authenticated or auth_token_access_valid):
1595 user.is_authenticated or auth_token_access_valid):
1495 log.info(
1596 log.info(
1496 'user %s authenticating with:%s IS authenticated on func %s'
1597 'user %s authenticating with:%s IS authenticated on func %s'
1497 % (user, reason, loc))
1598 % (user, reason, loc))
1498
1599
1499 return func(*fargs, **fkwargs)
1600 return func(*fargs, **fkwargs)
1500 else:
1601 else:
1501 log.warning(
1602 log.warning(
1502 'user %s authenticating with:%s NOT authenticated on '
1603 'user %s authenticating with:%s NOT authenticated on '
1503 'func: %s: IP_ACCESS:%s AUTH_TOKEN_ACCESS:%s'
1604 'func: %s: IP_ACCESS:%s AUTH_TOKEN_ACCESS:%s'
1504 % (user, reason, loc, ip_access_valid,
1605 % (user, reason, loc, ip_access_valid,
1505 auth_token_access_valid))
1606 auth_token_access_valid))
1506 # we preserve the get PARAM
1607 # we preserve the get PARAM
1507 came_from = get_came_from(request)
1608 came_from = get_came_from(request)
1508
1609
1509 log.debug('redirecting to login page with %s' % (came_from,))
1610 log.debug('redirecting to login page with %s' % (came_from,))
1510 raise HTTPFound(
1611 raise HTTPFound(
1511 h.route_path('login', _query={'came_from': came_from}))
1612 h.route_path('login', _query={'came_from': came_from}))
1512
1613
1513
1614
1514 class NotAnonymous(object):
1615 class NotAnonymous(object):
1515 """
1616 """
1516 Must be logged in to execute this function else
1617 Must be logged in to execute this function else
1517 redirect to login page
1618 redirect to login page
1518 """
1619 """
1519
1620
1520 def __call__(self, func):
1621 def __call__(self, func):
1521 return get_cython_compat_decorator(self.__wrapper, func)
1622 return get_cython_compat_decorator(self.__wrapper, func)
1522
1623
1523 def _get_request(self):
1624 def _get_request(self):
1524 return get_request(self)
1625 return get_request(self)
1525
1626
1526 def __wrapper(self, func, *fargs, **fkwargs):
1627 def __wrapper(self, func, *fargs, **fkwargs):
1527 import rhodecode.lib.helpers as h
1628 import rhodecode.lib.helpers as h
1528 cls = fargs[0]
1629 cls = fargs[0]
1529 self.user = cls._rhodecode_user
1630 self.user = cls._rhodecode_user
1530 request = self._get_request()
1631 request = self._get_request()
1531 _ = request.translate
1632 _ = request.translate
1532 log.debug('Checking if user is not anonymous @%s' % cls)
1633 log.debug('Checking if user is not anonymous @%s' % cls)
1533
1634
1534 anonymous = self.user.username == User.DEFAULT_USER
1635 anonymous = self.user.username == User.DEFAULT_USER
1535
1636
1536 if anonymous:
1637 if anonymous:
1537 came_from = get_came_from(request)
1638 came_from = get_came_from(request)
1538 h.flash(_('You need to be a registered user to '
1639 h.flash(_('You need to be a registered user to '
1539 'perform this action'),
1640 'perform this action'),
1540 category='warning')
1641 category='warning')
1541 raise HTTPFound(
1642 raise HTTPFound(
1542 h.route_path('login', _query={'came_from': came_from}))
1643 h.route_path('login', _query={'came_from': came_from}))
1543 else:
1644 else:
1544 return func(*fargs, **fkwargs)
1645 return func(*fargs, **fkwargs)
1545
1646
1546
1647
1547 class PermsDecorator(object):
1648 class PermsDecorator(object):
1548 """
1649 """
1549 Base class for controller decorators, we extract the current user from
1650 Base class for controller decorators, we extract the current user from
1550 the class itself, which has it stored in base controllers
1651 the class itself, which has it stored in base controllers
1551 """
1652 """
1552
1653
1553 def __init__(self, *required_perms):
1654 def __init__(self, *required_perms):
1554 self.required_perms = set(required_perms)
1655 self.required_perms = set(required_perms)
1555
1656
1556 def __call__(self, func):
1657 def __call__(self, func):
1557 return get_cython_compat_decorator(self.__wrapper, func)
1658 return get_cython_compat_decorator(self.__wrapper, func)
1558
1659
1559 def _get_request(self):
1660 def _get_request(self):
1560 return get_request(self)
1661 return get_request(self)
1561
1662
1562 def __wrapper(self, func, *fargs, **fkwargs):
1663 def __wrapper(self, func, *fargs, **fkwargs):
1563 import rhodecode.lib.helpers as h
1664 import rhodecode.lib.helpers as h
1564 cls = fargs[0]
1665 cls = fargs[0]
1565 _user = cls._rhodecode_user
1666 _user = cls._rhodecode_user
1566 request = self._get_request()
1667 request = self._get_request()
1567 _ = request.translate
1668 _ = request.translate
1568
1669
1569 log.debug('checking %s permissions %s for %s %s',
1670 log.debug('checking %s permissions %s for %s %s',
1570 self.__class__.__name__, self.required_perms, cls, _user)
1671 self.__class__.__name__, self.required_perms, cls, _user)
1571
1672
1572 if self.check_permissions(_user):
1673 if self.check_permissions(_user):
1573 log.debug('Permission granted for %s %s', cls, _user)
1674 log.debug('Permission granted for %s %s', cls, _user)
1574 return func(*fargs, **fkwargs)
1675 return func(*fargs, **fkwargs)
1575
1676
1576 else:
1677 else:
1577 log.debug('Permission denied for %s %s', cls, _user)
1678 log.debug('Permission denied for %s %s', cls, _user)
1578 anonymous = _user.username == User.DEFAULT_USER
1679 anonymous = _user.username == User.DEFAULT_USER
1579
1680
1580 if anonymous:
1681 if anonymous:
1581 came_from = get_came_from(self._get_request())
1682 came_from = get_came_from(self._get_request())
1582 h.flash(_('You need to be signed in to view this page'),
1683 h.flash(_('You need to be signed in to view this page'),
1583 category='warning')
1684 category='warning')
1584 raise HTTPFound(
1685 raise HTTPFound(
1585 h.route_path('login', _query={'came_from': came_from}))
1686 h.route_path('login', _query={'came_from': came_from}))
1586
1687
1587 else:
1688 else:
1588 # redirect with 404 to prevent resource discovery
1689 # redirect with 404 to prevent resource discovery
1589 raise HTTPNotFound()
1690 raise HTTPNotFound()
1590
1691
1591 def check_permissions(self, user):
1692 def check_permissions(self, user):
1592 """Dummy function for overriding"""
1693 """Dummy function for overriding"""
1593 raise NotImplementedError(
1694 raise NotImplementedError(
1594 'You have to write this function in child class')
1695 'You have to write this function in child class')
1595
1696
1596
1697
1597 class HasPermissionAllDecorator(PermsDecorator):
1698 class HasPermissionAllDecorator(PermsDecorator):
1598 """
1699 """
1599 Checks for access permission for all given predicates. All of them
1700 Checks for access permission for all given predicates. All of them
1600 have to be meet in order to fulfill the request
1701 have to be meet in order to fulfill the request
1601 """
1702 """
1602
1703
1603 def check_permissions(self, user):
1704 def check_permissions(self, user):
1604 perms = user.permissions_with_scope({})
1705 perms = user.permissions_with_scope({})
1605 if self.required_perms.issubset(perms['global']):
1706 if self.required_perms.issubset(perms['global']):
1606 return True
1707 return True
1607 return False
1708 return False
1608
1709
1609
1710
1610 class HasPermissionAnyDecorator(PermsDecorator):
1711 class HasPermissionAnyDecorator(PermsDecorator):
1611 """
1712 """
1612 Checks for access permission for any of given predicates. In order to
1713 Checks for access permission for any of given predicates. In order to
1613 fulfill the request any of predicates must be meet
1714 fulfill the request any of predicates must be meet
1614 """
1715 """
1615
1716
1616 def check_permissions(self, user):
1717 def check_permissions(self, user):
1617 perms = user.permissions_with_scope({})
1718 perms = user.permissions_with_scope({})
1618 if self.required_perms.intersection(perms['global']):
1719 if self.required_perms.intersection(perms['global']):
1619 return True
1720 return True
1620 return False
1721 return False
1621
1722
1622
1723
1623 class HasRepoPermissionAllDecorator(PermsDecorator):
1724 class HasRepoPermissionAllDecorator(PermsDecorator):
1624 """
1725 """
1625 Checks for access permission for all given predicates for specific
1726 Checks for access permission for all given predicates for specific
1626 repository. All of them have to be meet in order to fulfill the request
1727 repository. All of them have to be meet in order to fulfill the request
1627 """
1728 """
1628 def _get_repo_name(self):
1729 def _get_repo_name(self):
1629 _request = self._get_request()
1730 _request = self._get_request()
1630 return get_repo_slug(_request)
1731 return get_repo_slug(_request)
1631
1732
1632 def check_permissions(self, user):
1733 def check_permissions(self, user):
1633 perms = user.permissions
1734 perms = user.permissions
1634 repo_name = self._get_repo_name()
1735 repo_name = self._get_repo_name()
1635
1736
1636 try:
1737 try:
1637 user_perms = {perms['repositories'][repo_name]}
1738 user_perms = {perms['repositories'][repo_name]}
1638 except KeyError:
1739 except KeyError:
1639 log.debug('cannot locate repo with name: `%s` in permissions defs',
1740 log.debug('cannot locate repo with name: `%s` in permissions defs',
1640 repo_name)
1741 repo_name)
1641 return False
1742 return False
1642
1743
1643 log.debug('checking `%s` permissions for repo `%s`',
1744 log.debug('checking `%s` permissions for repo `%s`',
1644 user_perms, repo_name)
1745 user_perms, repo_name)
1645 if self.required_perms.issubset(user_perms):
1746 if self.required_perms.issubset(user_perms):
1646 return True
1747 return True
1647 return False
1748 return False
1648
1749
1649
1750
1650 class HasRepoPermissionAnyDecorator(PermsDecorator):
1751 class HasRepoPermissionAnyDecorator(PermsDecorator):
1651 """
1752 """
1652 Checks for access permission for any of given predicates for specific
1753 Checks for access permission for any of given predicates for specific
1653 repository. In order to fulfill the request any of predicates must be meet
1754 repository. In order to fulfill the request any of predicates must be meet
1654 """
1755 """
1655 def _get_repo_name(self):
1756 def _get_repo_name(self):
1656 _request = self._get_request()
1757 _request = self._get_request()
1657 return get_repo_slug(_request)
1758 return get_repo_slug(_request)
1658
1759
1659 def check_permissions(self, user):
1760 def check_permissions(self, user):
1660 perms = user.permissions
1761 perms = user.permissions
1661 repo_name = self._get_repo_name()
1762 repo_name = self._get_repo_name()
1662
1763
1663 try:
1764 try:
1664 user_perms = {perms['repositories'][repo_name]}
1765 user_perms = {perms['repositories'][repo_name]}
1665 except KeyError:
1766 except KeyError:
1666 log.debug(
1767 log.debug(
1667 'cannot locate repo with name: `%s` in permissions defs',
1768 'cannot locate repo with name: `%s` in permissions defs',
1668 repo_name)
1769 repo_name)
1669 return False
1770 return False
1670
1771
1671 log.debug('checking `%s` permissions for repo `%s`',
1772 log.debug('checking `%s` permissions for repo `%s`',
1672 user_perms, repo_name)
1773 user_perms, repo_name)
1673 if self.required_perms.intersection(user_perms):
1774 if self.required_perms.intersection(user_perms):
1674 return True
1775 return True
1675 return False
1776 return False
1676
1777
1677
1778
1678 class HasRepoGroupPermissionAllDecorator(PermsDecorator):
1779 class HasRepoGroupPermissionAllDecorator(PermsDecorator):
1679 """
1780 """
1680 Checks for access permission for all given predicates for specific
1781 Checks for access permission for all given predicates for specific
1681 repository group. All of them have to be meet in order to
1782 repository group. All of them have to be meet in order to
1682 fulfill the request
1783 fulfill the request
1683 """
1784 """
1684 def _get_repo_group_name(self):
1785 def _get_repo_group_name(self):
1685 _request = self._get_request()
1786 _request = self._get_request()
1686 return get_repo_group_slug(_request)
1787 return get_repo_group_slug(_request)
1687
1788
1688 def check_permissions(self, user):
1789 def check_permissions(self, user):
1689 perms = user.permissions
1790 perms = user.permissions
1690 group_name = self._get_repo_group_name()
1791 group_name = self._get_repo_group_name()
1691 try:
1792 try:
1692 user_perms = {perms['repositories_groups'][group_name]}
1793 user_perms = {perms['repositories_groups'][group_name]}
1693 except KeyError:
1794 except KeyError:
1694 log.debug(
1795 log.debug(
1695 'cannot locate repo group with name: `%s` in permissions defs',
1796 'cannot locate repo group with name: `%s` in permissions defs',
1696 group_name)
1797 group_name)
1697 return False
1798 return False
1698
1799
1699 log.debug('checking `%s` permissions for repo group `%s`',
1800 log.debug('checking `%s` permissions for repo group `%s`',
1700 user_perms, group_name)
1801 user_perms, group_name)
1701 if self.required_perms.issubset(user_perms):
1802 if self.required_perms.issubset(user_perms):
1702 return True
1803 return True
1703 return False
1804 return False
1704
1805
1705
1806
1706 class HasRepoGroupPermissionAnyDecorator(PermsDecorator):
1807 class HasRepoGroupPermissionAnyDecorator(PermsDecorator):
1707 """
1808 """
1708 Checks for access permission for any of given predicates for specific
1809 Checks for access permission for any of given predicates for specific
1709 repository group. In order to fulfill the request any
1810 repository group. In order to fulfill the request any
1710 of predicates must be met
1811 of predicates must be met
1711 """
1812 """
1712 def _get_repo_group_name(self):
1813 def _get_repo_group_name(self):
1713 _request = self._get_request()
1814 _request = self._get_request()
1714 return get_repo_group_slug(_request)
1815 return get_repo_group_slug(_request)
1715
1816
1716 def check_permissions(self, user):
1817 def check_permissions(self, user):
1717 perms = user.permissions
1818 perms = user.permissions
1718 group_name = self._get_repo_group_name()
1819 group_name = self._get_repo_group_name()
1719
1820
1720 try:
1821 try:
1721 user_perms = {perms['repositories_groups'][group_name]}
1822 user_perms = {perms['repositories_groups'][group_name]}
1722 except KeyError:
1823 except KeyError:
1723 log.debug(
1824 log.debug(
1724 'cannot locate repo group with name: `%s` in permissions defs',
1825 'cannot locate repo group with name: `%s` in permissions defs',
1725 group_name)
1826 group_name)
1726 return False
1827 return False
1727
1828
1728 log.debug('checking `%s` permissions for repo group `%s`',
1829 log.debug('checking `%s` permissions for repo group `%s`',
1729 user_perms, group_name)
1830 user_perms, group_name)
1730 if self.required_perms.intersection(user_perms):
1831 if self.required_perms.intersection(user_perms):
1731 return True
1832 return True
1732 return False
1833 return False
1733
1834
1734
1835
1735 class HasUserGroupPermissionAllDecorator(PermsDecorator):
1836 class HasUserGroupPermissionAllDecorator(PermsDecorator):
1736 """
1837 """
1737 Checks for access permission for all given predicates for specific
1838 Checks for access permission for all given predicates for specific
1738 user group. All of them have to be meet in order to fulfill the request
1839 user group. All of them have to be meet in order to fulfill the request
1739 """
1840 """
1740 def _get_user_group_name(self):
1841 def _get_user_group_name(self):
1741 _request = self._get_request()
1842 _request = self._get_request()
1742 return get_user_group_slug(_request)
1843 return get_user_group_slug(_request)
1743
1844
1744 def check_permissions(self, user):
1845 def check_permissions(self, user):
1745 perms = user.permissions
1846 perms = user.permissions
1746 group_name = self._get_user_group_name()
1847 group_name = self._get_user_group_name()
1747 try:
1848 try:
1748 user_perms = {perms['user_groups'][group_name]}
1849 user_perms = {perms['user_groups'][group_name]}
1749 except KeyError:
1850 except KeyError:
1750 return False
1851 return False
1751
1852
1752 if self.required_perms.issubset(user_perms):
1853 if self.required_perms.issubset(user_perms):
1753 return True
1854 return True
1754 return False
1855 return False
1755
1856
1756
1857
1757 class HasUserGroupPermissionAnyDecorator(PermsDecorator):
1858 class HasUserGroupPermissionAnyDecorator(PermsDecorator):
1758 """
1859 """
1759 Checks for access permission for any of given predicates for specific
1860 Checks for access permission for any of given predicates for specific
1760 user group. In order to fulfill the request any of predicates must be meet
1861 user group. In order to fulfill the request any of predicates must be meet
1761 """
1862 """
1762 def _get_user_group_name(self):
1863 def _get_user_group_name(self):
1763 _request = self._get_request()
1864 _request = self._get_request()
1764 return get_user_group_slug(_request)
1865 return get_user_group_slug(_request)
1765
1866
1766 def check_permissions(self, user):
1867 def check_permissions(self, user):
1767 perms = user.permissions
1868 perms = user.permissions
1768 group_name = self._get_user_group_name()
1869 group_name = self._get_user_group_name()
1769 try:
1870 try:
1770 user_perms = {perms['user_groups'][group_name]}
1871 user_perms = {perms['user_groups'][group_name]}
1771 except KeyError:
1872 except KeyError:
1772 return False
1873 return False
1773
1874
1774 if self.required_perms.intersection(user_perms):
1875 if self.required_perms.intersection(user_perms):
1775 return True
1876 return True
1776 return False
1877 return False
1777
1878
1778
1879
1779 # CHECK FUNCTIONS
1880 # CHECK FUNCTIONS
1780 class PermsFunction(object):
1881 class PermsFunction(object):
1781 """Base function for other check functions"""
1882 """Base function for other check functions"""
1782
1883
1783 def __init__(self, *perms):
1884 def __init__(self, *perms):
1784 self.required_perms = set(perms)
1885 self.required_perms = set(perms)
1785 self.repo_name = None
1886 self.repo_name = None
1786 self.repo_group_name = None
1887 self.repo_group_name = None
1787 self.user_group_name = None
1888 self.user_group_name = None
1788
1889
1789 def __bool__(self):
1890 def __bool__(self):
1790 frame = inspect.currentframe()
1891 frame = inspect.currentframe()
1791 stack_trace = traceback.format_stack(frame)
1892 stack_trace = traceback.format_stack(frame)
1792 log.error('Checking bool value on a class instance of perm '
1893 log.error('Checking bool value on a class instance of perm '
1793 'function is not allowed: %s' % ''.join(stack_trace))
1894 'function is not allowed: %s' % ''.join(stack_trace))
1794 # rather than throwing errors, here we always return False so if by
1895 # rather than throwing errors, here we always return False so if by
1795 # accident someone checks truth for just an instance it will always end
1896 # accident someone checks truth for just an instance it will always end
1796 # up in returning False
1897 # up in returning False
1797 return False
1898 return False
1798 __nonzero__ = __bool__
1899 __nonzero__ = __bool__
1799
1900
1800 def __call__(self, check_location='', user=None):
1901 def __call__(self, check_location='', user=None):
1801 if not user:
1902 if not user:
1802 log.debug('Using user attribute from global request')
1903 log.debug('Using user attribute from global request')
1803 # TODO: remove this someday,put as user as attribute here
1804 request = self._get_request()
1904 request = self._get_request()
1805 user = request.user
1905 user = request.user
1806
1906
1807 # init auth user if not already given
1907 # init auth user if not already given
1808 if not isinstance(user, AuthUser):
1908 if not isinstance(user, AuthUser):
1809 log.debug('Wrapping user %s into AuthUser', user)
1909 log.debug('Wrapping user %s into AuthUser', user)
1810 user = AuthUser(user.user_id)
1910 user = AuthUser(user.user_id)
1811
1911
1812 cls_name = self.__class__.__name__
1912 cls_name = self.__class__.__name__
1813 check_scope = self._get_check_scope(cls_name)
1913 check_scope = self._get_check_scope(cls_name)
1814 check_location = check_location or 'unspecified location'
1914 check_location = check_location or 'unspecified location'
1815
1915
1816 log.debug('checking cls:%s %s usr:%s %s @ %s', cls_name,
1916 log.debug('checking cls:%s %s usr:%s %s @ %s', cls_name,
1817 self.required_perms, user, check_scope, check_location)
1917 self.required_perms, user, check_scope, check_location)
1818 if not user:
1918 if not user:
1819 log.warning('Empty user given for permission check')
1919 log.warning('Empty user given for permission check')
1820 return False
1920 return False
1821
1921
1822 if self.check_permissions(user):
1922 if self.check_permissions(user):
1823 log.debug('Permission to repo:`%s` GRANTED for user:`%s` @ %s',
1923 log.debug('Permission to repo:`%s` GRANTED for user:`%s` @ %s',
1824 check_scope, user, check_location)
1924 check_scope, user, check_location)
1825 return True
1925 return True
1826
1926
1827 else:
1927 else:
1828 log.debug('Permission to repo:`%s` DENIED for user:`%s` @ %s',
1928 log.debug('Permission to repo:`%s` DENIED for user:`%s` @ %s',
1829 check_scope, user, check_location)
1929 check_scope, user, check_location)
1830 return False
1930 return False
1831
1931
1832 def _get_request(self):
1932 def _get_request(self):
1833 return get_request(self)
1933 return get_request(self)
1834
1934
1835 def _get_check_scope(self, cls_name):
1935 def _get_check_scope(self, cls_name):
1836 return {
1936 return {
1837 'HasPermissionAll': 'GLOBAL',
1937 'HasPermissionAll': 'GLOBAL',
1838 'HasPermissionAny': 'GLOBAL',
1938 'HasPermissionAny': 'GLOBAL',
1839 'HasRepoPermissionAll': 'repo:%s' % self.repo_name,
1939 'HasRepoPermissionAll': 'repo:%s' % self.repo_name,
1840 'HasRepoPermissionAny': 'repo:%s' % self.repo_name,
1940 'HasRepoPermissionAny': 'repo:%s' % self.repo_name,
1841 'HasRepoGroupPermissionAll': 'repo_group:%s' % self.repo_group_name,
1941 'HasRepoGroupPermissionAll': 'repo_group:%s' % self.repo_group_name,
1842 'HasRepoGroupPermissionAny': 'repo_group:%s' % self.repo_group_name,
1942 'HasRepoGroupPermissionAny': 'repo_group:%s' % self.repo_group_name,
1843 'HasUserGroupPermissionAll': 'user_group:%s' % self.user_group_name,
1943 'HasUserGroupPermissionAll': 'user_group:%s' % self.user_group_name,
1844 'HasUserGroupPermissionAny': 'user_group:%s' % self.user_group_name,
1944 'HasUserGroupPermissionAny': 'user_group:%s' % self.user_group_name,
1845 }.get(cls_name, '?:%s' % cls_name)
1945 }.get(cls_name, '?:%s' % cls_name)
1846
1946
1847 def check_permissions(self, user):
1947 def check_permissions(self, user):
1848 """Dummy function for overriding"""
1948 """Dummy function for overriding"""
1849 raise Exception('You have to write this function in child class')
1949 raise Exception('You have to write this function in child class')
1850
1950
1851
1951
1852 class HasPermissionAll(PermsFunction):
1952 class HasPermissionAll(PermsFunction):
1853 def check_permissions(self, user):
1953 def check_permissions(self, user):
1854 perms = user.permissions_with_scope({})
1954 perms = user.permissions_with_scope({})
1855 if self.required_perms.issubset(perms.get('global')):
1955 if self.required_perms.issubset(perms.get('global')):
1856 return True
1956 return True
1857 return False
1957 return False
1858
1958
1859
1959
1860 class HasPermissionAny(PermsFunction):
1960 class HasPermissionAny(PermsFunction):
1861 def check_permissions(self, user):
1961 def check_permissions(self, user):
1862 perms = user.permissions_with_scope({})
1962 perms = user.permissions_with_scope({})
1863 if self.required_perms.intersection(perms.get('global')):
1963 if self.required_perms.intersection(perms.get('global')):
1864 return True
1964 return True
1865 return False
1965 return False
1866
1966
1867
1967
1868 class HasRepoPermissionAll(PermsFunction):
1968 class HasRepoPermissionAll(PermsFunction):
1869 def __call__(self, repo_name=None, check_location='', user=None):
1969 def __call__(self, repo_name=None, check_location='', user=None):
1870 self.repo_name = repo_name
1970 self.repo_name = repo_name
1871 return super(HasRepoPermissionAll, self).__call__(check_location, user)
1971 return super(HasRepoPermissionAll, self).__call__(check_location, user)
1872
1972
1873 def _get_repo_name(self):
1973 def _get_repo_name(self):
1874 if not self.repo_name:
1974 if not self.repo_name:
1875 _request = self._get_request()
1975 _request = self._get_request()
1876 self.repo_name = get_repo_slug(_request)
1976 self.repo_name = get_repo_slug(_request)
1877 return self.repo_name
1977 return self.repo_name
1878
1978
1879 def check_permissions(self, user):
1979 def check_permissions(self, user):
1880 self.repo_name = self._get_repo_name()
1980 self.repo_name = self._get_repo_name()
1881 perms = user.permissions
1981 perms = user.permissions
1882 try:
1982 try:
1883 user_perms = {perms['repositories'][self.repo_name]}
1983 user_perms = {perms['repositories'][self.repo_name]}
1884 except KeyError:
1984 except KeyError:
1885 return False
1985 return False
1886 if self.required_perms.issubset(user_perms):
1986 if self.required_perms.issubset(user_perms):
1887 return True
1987 return True
1888 return False
1988 return False
1889
1989
1890
1990
1891 class HasRepoPermissionAny(PermsFunction):
1991 class HasRepoPermissionAny(PermsFunction):
1892 def __call__(self, repo_name=None, check_location='', user=None):
1992 def __call__(self, repo_name=None, check_location='', user=None):
1893 self.repo_name = repo_name
1993 self.repo_name = repo_name
1894 return super(HasRepoPermissionAny, self).__call__(check_location, user)
1994 return super(HasRepoPermissionAny, self).__call__(check_location, user)
1895
1995
1896 def _get_repo_name(self):
1996 def _get_repo_name(self):
1897 if not self.repo_name:
1997 if not self.repo_name:
1898 _request = self._get_request()
1998 _request = self._get_request()
1899 self.repo_name = get_repo_slug(_request)
1999 self.repo_name = get_repo_slug(_request)
1900 return self.repo_name
2000 return self.repo_name
1901
2001
1902 def check_permissions(self, user):
2002 def check_permissions(self, user):
1903 self.repo_name = self._get_repo_name()
2003 self.repo_name = self._get_repo_name()
1904 perms = user.permissions
2004 perms = user.permissions
1905 try:
2005 try:
1906 user_perms = {perms['repositories'][self.repo_name]}
2006 user_perms = {perms['repositories'][self.repo_name]}
1907 except KeyError:
2007 except KeyError:
1908 return False
2008 return False
1909 if self.required_perms.intersection(user_perms):
2009 if self.required_perms.intersection(user_perms):
1910 return True
2010 return True
1911 return False
2011 return False
1912
2012
1913
2013
1914 class HasRepoGroupPermissionAny(PermsFunction):
2014 class HasRepoGroupPermissionAny(PermsFunction):
1915 def __call__(self, group_name=None, check_location='', user=None):
2015 def __call__(self, group_name=None, check_location='', user=None):
1916 self.repo_group_name = group_name
2016 self.repo_group_name = group_name
1917 return super(HasRepoGroupPermissionAny, self).__call__(
2017 return super(HasRepoGroupPermissionAny, self).__call__(
1918 check_location, user)
2018 check_location, user)
1919
2019
1920 def check_permissions(self, user):
2020 def check_permissions(self, user):
1921 perms = user.permissions
2021 perms = user.permissions
1922 try:
2022 try:
1923 user_perms = {perms['repositories_groups'][self.repo_group_name]}
2023 user_perms = {perms['repositories_groups'][self.repo_group_name]}
1924 except KeyError:
2024 except KeyError:
1925 return False
2025 return False
1926 if self.required_perms.intersection(user_perms):
2026 if self.required_perms.intersection(user_perms):
1927 return True
2027 return True
1928 return False
2028 return False
1929
2029
1930
2030
1931 class HasRepoGroupPermissionAll(PermsFunction):
2031 class HasRepoGroupPermissionAll(PermsFunction):
1932 def __call__(self, group_name=None, check_location='', user=None):
2032 def __call__(self, group_name=None, check_location='', user=None):
1933 self.repo_group_name = group_name
2033 self.repo_group_name = group_name
1934 return super(HasRepoGroupPermissionAll, self).__call__(
2034 return super(HasRepoGroupPermissionAll, self).__call__(
1935 check_location, user)
2035 check_location, user)
1936
2036
1937 def check_permissions(self, user):
2037 def check_permissions(self, user):
1938 perms = user.permissions
2038 perms = user.permissions
1939 try:
2039 try:
1940 user_perms = {perms['repositories_groups'][self.repo_group_name]}
2040 user_perms = {perms['repositories_groups'][self.repo_group_name]}
1941 except KeyError:
2041 except KeyError:
1942 return False
2042 return False
1943 if self.required_perms.issubset(user_perms):
2043 if self.required_perms.issubset(user_perms):
1944 return True
2044 return True
1945 return False
2045 return False
1946
2046
1947
2047
1948 class HasUserGroupPermissionAny(PermsFunction):
2048 class HasUserGroupPermissionAny(PermsFunction):
1949 def __call__(self, user_group_name=None, check_location='', user=None):
2049 def __call__(self, user_group_name=None, check_location='', user=None):
1950 self.user_group_name = user_group_name
2050 self.user_group_name = user_group_name
1951 return super(HasUserGroupPermissionAny, self).__call__(
2051 return super(HasUserGroupPermissionAny, self).__call__(
1952 check_location, user)
2052 check_location, user)
1953
2053
1954 def check_permissions(self, user):
2054 def check_permissions(self, user):
1955 perms = user.permissions
2055 perms = user.permissions
1956 try:
2056 try:
1957 user_perms = {perms['user_groups'][self.user_group_name]}
2057 user_perms = {perms['user_groups'][self.user_group_name]}
1958 except KeyError:
2058 except KeyError:
1959 return False
2059 return False
1960 if self.required_perms.intersection(user_perms):
2060 if self.required_perms.intersection(user_perms):
1961 return True
2061 return True
1962 return False
2062 return False
1963
2063
1964
2064
1965 class HasUserGroupPermissionAll(PermsFunction):
2065 class HasUserGroupPermissionAll(PermsFunction):
1966 def __call__(self, user_group_name=None, check_location='', user=None):
2066 def __call__(self, user_group_name=None, check_location='', user=None):
1967 self.user_group_name = user_group_name
2067 self.user_group_name = user_group_name
1968 return super(HasUserGroupPermissionAll, self).__call__(
2068 return super(HasUserGroupPermissionAll, self).__call__(
1969 check_location, user)
2069 check_location, user)
1970
2070
1971 def check_permissions(self, user):
2071 def check_permissions(self, user):
1972 perms = user.permissions
2072 perms = user.permissions
1973 try:
2073 try:
1974 user_perms = {perms['user_groups'][self.user_group_name]}
2074 user_perms = {perms['user_groups'][self.user_group_name]}
1975 except KeyError:
2075 except KeyError:
1976 return False
2076 return False
1977 if self.required_perms.issubset(user_perms):
2077 if self.required_perms.issubset(user_perms):
1978 return True
2078 return True
1979 return False
2079 return False
1980
2080
1981
2081
1982 # SPECIAL VERSION TO HANDLE MIDDLEWARE AUTH
2082 # SPECIAL VERSION TO HANDLE MIDDLEWARE AUTH
1983 class HasPermissionAnyMiddleware(object):
2083 class HasPermissionAnyMiddleware(object):
1984 def __init__(self, *perms):
2084 def __init__(self, *perms):
1985 self.required_perms = set(perms)
2085 self.required_perms = set(perms)
1986
2086
1987 def __call__(self, user, repo_name):
2087 def __call__(self, user, repo_name):
1988 # repo_name MUST be unicode, since we handle keys in permission
2088 # repo_name MUST be unicode, since we handle keys in permission
1989 # dict by unicode
2089 # dict by unicode
1990 repo_name = safe_unicode(repo_name)
2090 repo_name = safe_unicode(repo_name)
1991 user = AuthUser(user.user_id)
2091 user = AuthUser(user.user_id)
1992 log.debug(
2092 log.debug(
1993 'Checking VCS protocol permissions %s for user:%s repo:`%s`',
2093 'Checking VCS protocol permissions %s for user:%s repo:`%s`',
1994 self.required_perms, user, repo_name)
2094 self.required_perms, user, repo_name)
1995
2095
1996 if self.check_permissions(user, repo_name):
2096 if self.check_permissions(user, repo_name):
1997 log.debug('Permission to repo:`%s` GRANTED for user:%s @ %s',
2097 log.debug('Permission to repo:`%s` GRANTED for user:%s @ %s',
1998 repo_name, user, 'PermissionMiddleware')
2098 repo_name, user, 'PermissionMiddleware')
1999 return True
2099 return True
2000
2100
2001 else:
2101 else:
2002 log.debug('Permission to repo:`%s` DENIED for user:%s @ %s',
2102 log.debug('Permission to repo:`%s` DENIED for user:%s @ %s',
2003 repo_name, user, 'PermissionMiddleware')
2103 repo_name, user, 'PermissionMiddleware')
2004 return False
2104 return False
2005
2105
2006 def check_permissions(self, user, repo_name):
2106 def check_permissions(self, user, repo_name):
2007 perms = user.permissions_with_scope({'repo_name': repo_name})
2107 perms = user.permissions_with_scope({'repo_name': repo_name})
2008
2108
2009 try:
2109 try:
2010 user_perms = {perms['repositories'][repo_name]}
2110 user_perms = {perms['repositories'][repo_name]}
2011 except Exception:
2111 except Exception:
2012 log.exception('Error while accessing user permissions')
2112 log.exception('Error while accessing user permissions')
2013 return False
2113 return False
2014
2114
2015 if self.required_perms.intersection(user_perms):
2115 if self.required_perms.intersection(user_perms):
2016 return True
2116 return True
2017 return False
2117 return False
2018
2118
2019
2119
2020 # SPECIAL VERSION TO HANDLE API AUTH
2120 # SPECIAL VERSION TO HANDLE API AUTH
2021 class _BaseApiPerm(object):
2121 class _BaseApiPerm(object):
2022 def __init__(self, *perms):
2122 def __init__(self, *perms):
2023 self.required_perms = set(perms)
2123 self.required_perms = set(perms)
2024
2124
2025 def __call__(self, check_location=None, user=None, repo_name=None,
2125 def __call__(self, check_location=None, user=None, repo_name=None,
2026 group_name=None, user_group_name=None):
2126 group_name=None, user_group_name=None):
2027 cls_name = self.__class__.__name__
2127 cls_name = self.__class__.__name__
2028 check_scope = 'global:%s' % (self.required_perms,)
2128 check_scope = 'global:%s' % (self.required_perms,)
2029 if repo_name:
2129 if repo_name:
2030 check_scope += ', repo_name:%s' % (repo_name,)
2130 check_scope += ', repo_name:%s' % (repo_name,)
2031
2131
2032 if group_name:
2132 if group_name:
2033 check_scope += ', repo_group_name:%s' % (group_name,)
2133 check_scope += ', repo_group_name:%s' % (group_name,)
2034
2134
2035 if user_group_name:
2135 if user_group_name:
2036 check_scope += ', user_group_name:%s' % (user_group_name,)
2136 check_scope += ', user_group_name:%s' % (user_group_name,)
2037
2137
2038 log.debug(
2138 log.debug(
2039 'checking cls:%s %s %s @ %s'
2139 'checking cls:%s %s %s @ %s'
2040 % (cls_name, self.required_perms, check_scope, check_location))
2140 % (cls_name, self.required_perms, check_scope, check_location))
2041 if not user:
2141 if not user:
2042 log.debug('Empty User passed into arguments')
2142 log.debug('Empty User passed into arguments')
2043 return False
2143 return False
2044
2144
2045 # process user
2145 # process user
2046 if not isinstance(user, AuthUser):
2146 if not isinstance(user, AuthUser):
2047 user = AuthUser(user.user_id)
2147 user = AuthUser(user.user_id)
2048 if not check_location:
2148 if not check_location:
2049 check_location = 'unspecified'
2149 check_location = 'unspecified'
2050 if self.check_permissions(user.permissions, repo_name, group_name,
2150 if self.check_permissions(user.permissions, repo_name, group_name,
2051 user_group_name):
2151 user_group_name):
2052 log.debug('Permission to repo:`%s` GRANTED for user:`%s` @ %s',
2152 log.debug('Permission to repo:`%s` GRANTED for user:`%s` @ %s',
2053 check_scope, user, check_location)
2153 check_scope, user, check_location)
2054 return True
2154 return True
2055
2155
2056 else:
2156 else:
2057 log.debug('Permission to repo:`%s` DENIED for user:`%s` @ %s',
2157 log.debug('Permission to repo:`%s` DENIED for user:`%s` @ %s',
2058 check_scope, user, check_location)
2158 check_scope, user, check_location)
2059 return False
2159 return False
2060
2160
2061 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2161 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2062 user_group_name=None):
2162 user_group_name=None):
2063 """
2163 """
2064 implement in child class should return True if permissions are ok,
2164 implement in child class should return True if permissions are ok,
2065 False otherwise
2165 False otherwise
2066
2166
2067 :param perm_defs: dict with permission definitions
2167 :param perm_defs: dict with permission definitions
2068 :param repo_name: repo name
2168 :param repo_name: repo name
2069 """
2169 """
2070 raise NotImplementedError()
2170 raise NotImplementedError()
2071
2171
2072
2172
2073 class HasPermissionAllApi(_BaseApiPerm):
2173 class HasPermissionAllApi(_BaseApiPerm):
2074 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2174 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2075 user_group_name=None):
2175 user_group_name=None):
2076 if self.required_perms.issubset(perm_defs.get('global')):
2176 if self.required_perms.issubset(perm_defs.get('global')):
2077 return True
2177 return True
2078 return False
2178 return False
2079
2179
2080
2180
2081 class HasPermissionAnyApi(_BaseApiPerm):
2181 class HasPermissionAnyApi(_BaseApiPerm):
2082 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2182 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2083 user_group_name=None):
2183 user_group_name=None):
2084 if self.required_perms.intersection(perm_defs.get('global')):
2184 if self.required_perms.intersection(perm_defs.get('global')):
2085 return True
2185 return True
2086 return False
2186 return False
2087
2187
2088
2188
2089 class HasRepoPermissionAllApi(_BaseApiPerm):
2189 class HasRepoPermissionAllApi(_BaseApiPerm):
2090 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2190 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2091 user_group_name=None):
2191 user_group_name=None):
2092 try:
2192 try:
2093 _user_perms = {perm_defs['repositories'][repo_name]}
2193 _user_perms = {perm_defs['repositories'][repo_name]}
2094 except KeyError:
2194 except KeyError:
2095 log.warning(traceback.format_exc())
2195 log.warning(traceback.format_exc())
2096 return False
2196 return False
2097 if self.required_perms.issubset(_user_perms):
2197 if self.required_perms.issubset(_user_perms):
2098 return True
2198 return True
2099 return False
2199 return False
2100
2200
2101
2201
2102 class HasRepoPermissionAnyApi(_BaseApiPerm):
2202 class HasRepoPermissionAnyApi(_BaseApiPerm):
2103 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2203 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2104 user_group_name=None):
2204 user_group_name=None):
2105 try:
2205 try:
2106 _user_perms = {perm_defs['repositories'][repo_name]}
2206 _user_perms = {perm_defs['repositories'][repo_name]}
2107 except KeyError:
2207 except KeyError:
2108 log.warning(traceback.format_exc())
2208 log.warning(traceback.format_exc())
2109 return False
2209 return False
2110 if self.required_perms.intersection(_user_perms):
2210 if self.required_perms.intersection(_user_perms):
2111 return True
2211 return True
2112 return False
2212 return False
2113
2213
2114
2214
2115 class HasRepoGroupPermissionAnyApi(_BaseApiPerm):
2215 class HasRepoGroupPermissionAnyApi(_BaseApiPerm):
2116 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2216 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2117 user_group_name=None):
2217 user_group_name=None):
2118 try:
2218 try:
2119 _user_perms = {perm_defs['repositories_groups'][group_name]}
2219 _user_perms = {perm_defs['repositories_groups'][group_name]}
2120 except KeyError:
2220 except KeyError:
2121 log.warning(traceback.format_exc())
2221 log.warning(traceback.format_exc())
2122 return False
2222 return False
2123 if self.required_perms.intersection(_user_perms):
2223 if self.required_perms.intersection(_user_perms):
2124 return True
2224 return True
2125 return False
2225 return False
2126
2226
2127
2227
2128 class HasRepoGroupPermissionAllApi(_BaseApiPerm):
2228 class HasRepoGroupPermissionAllApi(_BaseApiPerm):
2129 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2229 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2130 user_group_name=None):
2230 user_group_name=None):
2131 try:
2231 try:
2132 _user_perms = {perm_defs['repositories_groups'][group_name]}
2232 _user_perms = {perm_defs['repositories_groups'][group_name]}
2133 except KeyError:
2233 except KeyError:
2134 log.warning(traceback.format_exc())
2234 log.warning(traceback.format_exc())
2135 return False
2235 return False
2136 if self.required_perms.issubset(_user_perms):
2236 if self.required_perms.issubset(_user_perms):
2137 return True
2237 return True
2138 return False
2238 return False
2139
2239
2140
2240
2141 class HasUserGroupPermissionAnyApi(_BaseApiPerm):
2241 class HasUserGroupPermissionAnyApi(_BaseApiPerm):
2142 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2242 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
2143 user_group_name=None):
2243 user_group_name=None):
2144 try:
2244 try:
2145 _user_perms = {perm_defs['user_groups'][user_group_name]}
2245 _user_perms = {perm_defs['user_groups'][user_group_name]}
2146 except KeyError:
2246 except KeyError:
2147 log.warning(traceback.format_exc())
2247 log.warning(traceback.format_exc())
2148 return False
2248 return False
2149 if self.required_perms.intersection(_user_perms):
2249 if self.required_perms.intersection(_user_perms):
2150 return True
2250 return True
2151 return False
2251 return False
2152
2252
2153
2253
2154 def check_ip_access(source_ip, allowed_ips=None):
2254 def check_ip_access(source_ip, allowed_ips=None):
2155 """
2255 """
2156 Checks if source_ip is a subnet of any of allowed_ips.
2256 Checks if source_ip is a subnet of any of allowed_ips.
2157
2257
2158 :param source_ip:
2258 :param source_ip:
2159 :param allowed_ips: list of allowed ips together with mask
2259 :param allowed_ips: list of allowed ips together with mask
2160 """
2260 """
2161 log.debug('checking if ip:%s is subnet of %s' % (source_ip, allowed_ips))
2261 log.debug('checking if ip:%s is subnet of %s' % (source_ip, allowed_ips))
2162 source_ip_address = ipaddress.ip_address(safe_unicode(source_ip))
2262 source_ip_address = ipaddress.ip_address(safe_unicode(source_ip))
2163 if isinstance(allowed_ips, (tuple, list, set)):
2263 if isinstance(allowed_ips, (tuple, list, set)):
2164 for ip in allowed_ips:
2264 for ip in allowed_ips:
2165 ip = safe_unicode(ip)
2265 ip = safe_unicode(ip)
2166 try:
2266 try:
2167 network_address = ipaddress.ip_network(ip, strict=False)
2267 network_address = ipaddress.ip_network(ip, strict=False)
2168 if source_ip_address in network_address:
2268 if source_ip_address in network_address:
2169 log.debug('IP %s is network %s' %
2269 log.debug('IP %s is network %s' %
2170 (source_ip_address, network_address))
2270 (source_ip_address, network_address))
2171 return True
2271 return True
2172 # for any case we cannot determine the IP, don't crash just
2272 # for any case we cannot determine the IP, don't crash just
2173 # skip it and log as error, we want to say forbidden still when
2273 # skip it and log as error, we want to say forbidden still when
2174 # sending bad IP
2274 # sending bad IP
2175 except Exception:
2275 except Exception:
2176 log.error(traceback.format_exc())
2276 log.error(traceback.format_exc())
2177 continue
2277 continue
2178 return False
2278 return False
2179
2279
2180
2280
2181 def get_cython_compat_decorator(wrapper, func):
2281 def get_cython_compat_decorator(wrapper, func):
2182 """
2282 """
2183 Creates a cython compatible decorator. The previously used
2283 Creates a cython compatible decorator. The previously used
2184 decorator.decorator() function seems to be incompatible with cython.
2284 decorator.decorator() function seems to be incompatible with cython.
2185
2285
2186 :param wrapper: __wrapper method of the decorator class
2286 :param wrapper: __wrapper method of the decorator class
2187 :param func: decorated function
2287 :param func: decorated function
2188 """
2288 """
2189 @wraps(func)
2289 @wraps(func)
2190 def local_wrapper(*args, **kwds):
2290 def local_wrapper(*args, **kwds):
2191 return wrapper(func, *args, **kwds)
2291 return wrapper(func, *args, **kwds)
2192 local_wrapper.__wrapped__ = func
2292 local_wrapper.__wrapped__ = func
2193 return local_wrapper
2293 return local_wrapper
2194
2294
2195
2295
Show file before | Show file after | Hide comments
@@ -1,1004 +1,1011 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2011-2018 RhodeCode GmbH
3 # Copyright (C) 2011-2018 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21
21
22 """
22 """
23 Some simple helper functions
23 Some simple helper functions
24 """
24 """
25
25
26 import collections
26 import collections
27 import datetime
27 import datetime
28 import dateutil.relativedelta
28 import dateutil.relativedelta
29 import hashlib
29 import hashlib
30 import logging
30 import logging
31 import re
31 import re
32 import sys
32 import sys
33 import time
33 import time
34 import urllib
34 import urllib
35 import urlobject
35 import urlobject
36 import uuid
36 import uuid
37 import getpass
37 import getpass
38
38
39 import pygments.lexers
39 import pygments.lexers
40 import sqlalchemy
40 import sqlalchemy
41 import sqlalchemy.engine.url
41 import sqlalchemy.engine.url
42 import sqlalchemy.exc
42 import sqlalchemy.exc
43 import sqlalchemy.sql
43 import sqlalchemy.sql
44 import webob
44 import webob
45 import pyramid.threadlocal
45 import pyramid.threadlocal
46
46
47 import rhodecode
47 import rhodecode
48 from rhodecode.translation import _, _pluralize
48 from rhodecode.translation import _, _pluralize
49
49
50
50
51 def md5(s):
51 def md5(s):
52 return hashlib.md5(s).hexdigest()
52 return hashlib.md5(s).hexdigest()
53
53
54
54
55 def md5_safe(s):
55 def md5_safe(s):
56 return md5(safe_str(s))
56 return md5(safe_str(s))
57
57
58
58
59 def sha1(s):
59 def sha1(s):
60 return hashlib.sha1(s).hexdigest()
60 return hashlib.sha1(s).hexdigest()
61
61
62
62
63 def sha1_safe(s):
63 def sha1_safe(s):
64 return sha1(safe_str(s))
64 return sha1(safe_str(s))
65
65
66
66
67 def __get_lem(extra_mapping=None):
67 def __get_lem(extra_mapping=None):
68 """
68 """
69 Get language extension map based on what's inside pygments lexers
69 Get language extension map based on what's inside pygments lexers
70 """
70 """
71 d = collections.defaultdict(lambda: [])
71 d = collections.defaultdict(lambda: [])
72
72
73 def __clean(s):
73 def __clean(s):
74 s = s.lstrip('*')
74 s = s.lstrip('*')
75 s = s.lstrip('.')
75 s = s.lstrip('.')
76
76
77 if s.find('[') != -1:
77 if s.find('[') != -1:
78 exts = []
78 exts = []
79 start, stop = s.find('['), s.find(']')
79 start, stop = s.find('['), s.find(']')
80
80
81 for suffix in s[start + 1:stop]:
81 for suffix in s[start + 1:stop]:
82 exts.append(s[:s.find('[')] + suffix)
82 exts.append(s[:s.find('[')] + suffix)
83 return [e.lower() for e in exts]
83 return [e.lower() for e in exts]
84 else:
84 else:
85 return [s.lower()]
85 return [s.lower()]
86
86
87 for lx, t in sorted(pygments.lexers.LEXERS.items()):
87 for lx, t in sorted(pygments.lexers.LEXERS.items()):
88 m = map(__clean, t[-2])
88 m = map(__clean, t[-2])
89 if m:
89 if m:
90 m = reduce(lambda x, y: x + y, m)
90 m = reduce(lambda x, y: x + y, m)
91 for ext in m:
91 for ext in m:
92 desc = lx.replace('Lexer', '')
92 desc = lx.replace('Lexer', '')
93 d[ext].append(desc)
93 d[ext].append(desc)
94
94
95 data = dict(d)
95 data = dict(d)
96
96
97 extra_mapping = extra_mapping or {}
97 extra_mapping = extra_mapping or {}
98 if extra_mapping:
98 if extra_mapping:
99 for k, v in extra_mapping.items():
99 for k, v in extra_mapping.items():
100 if k not in data:
100 if k not in data:
101 # register new mapping2lexer
101 # register new mapping2lexer
102 data[k] = [v]
102 data[k] = [v]
103
103
104 return data
104 return data
105
105
106
106
107 def str2bool(_str):
107 def str2bool(_str):
108 """
108 """
109 returns True/False value from given string, it tries to translate the
109 returns True/False value from given string, it tries to translate the
110 string into boolean
110 string into boolean
111
111
112 :param _str: string value to translate into boolean
112 :param _str: string value to translate into boolean
113 :rtype: boolean
113 :rtype: boolean
114 :returns: boolean from given string
114 :returns: boolean from given string
115 """
115 """
116 if _str is None:
116 if _str is None:
117 return False
117 return False
118 if _str in (True, False):
118 if _str in (True, False):
119 return _str
119 return _str
120 _str = str(_str).strip().lower()
120 _str = str(_str).strip().lower()
121 return _str in ('t', 'true', 'y', 'yes', 'on', '1')
121 return _str in ('t', 'true', 'y', 'yes', 'on', '1')
122
122
123
123
124 def aslist(obj, sep=None, strip=True):
124 def aslist(obj, sep=None, strip=True):
125 """
125 """
126 Returns given string separated by sep as list
126 Returns given string separated by sep as list
127
127
128 :param obj:
128 :param obj:
129 :param sep:
129 :param sep:
130 :param strip:
130 :param strip:
131 """
131 """
132 if isinstance(obj, (basestring,)):
132 if isinstance(obj, (basestring,)):
133 lst = obj.split(sep)
133 lst = obj.split(sep)
134 if strip:
134 if strip:
135 lst = [v.strip() for v in lst]
135 lst = [v.strip() for v in lst]
136 return lst
136 return lst
137 elif isinstance(obj, (list, tuple)):
137 elif isinstance(obj, (list, tuple)):
138 return obj
138 return obj
139 elif obj is None:
139 elif obj is None:
140 return []
140 return []
141 else:
141 else:
142 return [obj]
142 return [obj]
143
143
144
144
145 def convert_line_endings(line, mode):
145 def convert_line_endings(line, mode):
146 """
146 """
147 Converts a given line "line end" accordingly to given mode
147 Converts a given line "line end" accordingly to given mode
148
148
149 Available modes are::
149 Available modes are::
150 0 - Unix
150 0 - Unix
151 1 - Mac
151 1 - Mac
152 2 - DOS
152 2 - DOS
153
153
154 :param line: given line to convert
154 :param line: given line to convert
155 :param mode: mode to convert to
155 :param mode: mode to convert to
156 :rtype: str
156 :rtype: str
157 :return: converted line according to mode
157 :return: converted line according to mode
158 """
158 """
159 if mode == 0:
159 if mode == 0:
160 line = line.replace('\r\n', '\n')
160 line = line.replace('\r\n', '\n')
161 line = line.replace('\r', '\n')
161 line = line.replace('\r', '\n')
162 elif mode == 1:
162 elif mode == 1:
163 line = line.replace('\r\n', '\r')
163 line = line.replace('\r\n', '\r')
164 line = line.replace('\n', '\r')
164 line = line.replace('\n', '\r')
165 elif mode == 2:
165 elif mode == 2:
166 line = re.sub('\r(?!\n)|(?<!\r)\n', '\r\n', line)
166 line = re.sub('\r(?!\n)|(?<!\r)\n', '\r\n', line)
167 return line
167 return line
168
168
169
169
170 def detect_mode(line, default):
170 def detect_mode(line, default):
171 """
171 """
172 Detects line break for given line, if line break couldn't be found
172 Detects line break for given line, if line break couldn't be found
173 given default value is returned
173 given default value is returned
174
174
175 :param line: str line
175 :param line: str line
176 :param default: default
176 :param default: default
177 :rtype: int
177 :rtype: int
178 :return: value of line end on of 0 - Unix, 1 - Mac, 2 - DOS
178 :return: value of line end on of 0 - Unix, 1 - Mac, 2 - DOS
179 """
179 """
180 if line.endswith('\r\n'):
180 if line.endswith('\r\n'):
181 return 2
181 return 2
182 elif line.endswith('\n'):
182 elif line.endswith('\n'):
183 return 0
183 return 0
184 elif line.endswith('\r'):
184 elif line.endswith('\r'):
185 return 1
185 return 1
186 else:
186 else:
187 return default
187 return default
188
188
189
189
190 def safe_int(val, default=None):
190 def safe_int(val, default=None):
191 """
191 """
192 Returns int() of val if val is not convertable to int use default
192 Returns int() of val if val is not convertable to int use default
193 instead
193 instead
194
194
195 :param val:
195 :param val:
196 :param default:
196 :param default:
197 """
197 """
198
198
199 try:
199 try:
200 val = int(val)
200 val = int(val)
201 except (ValueError, TypeError):
201 except (ValueError, TypeError):
202 val = default
202 val = default
203
203
204 return val
204 return val
205
205
206
206
207 def safe_unicode(str_, from_encoding=None):
207 def safe_unicode(str_, from_encoding=None):
208 """
208 """
209 safe unicode function. Does few trick to turn str_ into unicode
209 safe unicode function. Does few trick to turn str_ into unicode
210
210
211 In case of UnicodeDecode error, we try to return it with encoding detected
211 In case of UnicodeDecode error, we try to return it with encoding detected
212 by chardet library if it fails fallback to unicode with errors replaced
212 by chardet library if it fails fallback to unicode with errors replaced
213
213
214 :param str_: string to decode
214 :param str_: string to decode
215 :rtype: unicode
215 :rtype: unicode
216 :returns: unicode object
216 :returns: unicode object
217 """
217 """
218 if isinstance(str_, unicode):
218 if isinstance(str_, unicode):
219 return str_
219 return str_
220
220
221 if not from_encoding:
221 if not from_encoding:
222 DEFAULT_ENCODINGS = aslist(rhodecode.CONFIG.get('default_encoding',
222 DEFAULT_ENCODINGS = aslist(rhodecode.CONFIG.get('default_encoding',
223 'utf8'), sep=',')
223 'utf8'), sep=',')
224 from_encoding = DEFAULT_ENCODINGS
224 from_encoding = DEFAULT_ENCODINGS
225
225
226 if not isinstance(from_encoding, (list, tuple)):
226 if not isinstance(from_encoding, (list, tuple)):
227 from_encoding = [from_encoding]
227 from_encoding = [from_encoding]
228
228
229 try:
229 try:
230 return unicode(str_)
230 return unicode(str_)
231 except UnicodeDecodeError:
231 except UnicodeDecodeError:
232 pass
232 pass
233
233
234 for enc in from_encoding:
234 for enc in from_encoding:
235 try:
235 try:
236 return unicode(str_, enc)
236 return unicode(str_, enc)
237 except UnicodeDecodeError:
237 except UnicodeDecodeError:
238 pass
238 pass
239
239
240 try:
240 try:
241 import chardet
241 import chardet
242 encoding = chardet.detect(str_)['encoding']
242 encoding = chardet.detect(str_)['encoding']
243 if encoding is None:
243 if encoding is None:
244 raise Exception()
244 raise Exception()
245 return str_.decode(encoding)
245 return str_.decode(encoding)
246 except (ImportError, UnicodeDecodeError, Exception):
246 except (ImportError, UnicodeDecodeError, Exception):
247 return unicode(str_, from_encoding[0], 'replace')
247 return unicode(str_, from_encoding[0], 'replace')
248
248
249
249
250 def safe_str(unicode_, to_encoding=None):
250 def safe_str(unicode_, to_encoding=None):
251 """
251 """
252 safe str function. Does few trick to turn unicode_ into string
252 safe str function. Does few trick to turn unicode_ into string
253
253
254 In case of UnicodeEncodeError, we try to return it with encoding detected
254 In case of UnicodeEncodeError, we try to return it with encoding detected
255 by chardet library if it fails fallback to string with errors replaced
255 by chardet library if it fails fallback to string with errors replaced
256
256
257 :param unicode_: unicode to encode
257 :param unicode_: unicode to encode
258 :rtype: str
258 :rtype: str
259 :returns: str object
259 :returns: str object
260 """
260 """
261
261
262 # if it's not basestr cast to str
262 # if it's not basestr cast to str
263 if not isinstance(unicode_, basestring):
263 if not isinstance(unicode_, basestring):
264 return str(unicode_)
264 return str(unicode_)
265
265
266 if isinstance(unicode_, str):
266 if isinstance(unicode_, str):
267 return unicode_
267 return unicode_
268
268
269 if not to_encoding:
269 if not to_encoding:
270 DEFAULT_ENCODINGS = aslist(rhodecode.CONFIG.get('default_encoding',
270 DEFAULT_ENCODINGS = aslist(rhodecode.CONFIG.get('default_encoding',
271 'utf8'), sep=',')
271 'utf8'), sep=',')
272 to_encoding = DEFAULT_ENCODINGS
272 to_encoding = DEFAULT_ENCODINGS
273
273
274 if not isinstance(to_encoding, (list, tuple)):
274 if not isinstance(to_encoding, (list, tuple)):
275 to_encoding = [to_encoding]
275 to_encoding = [to_encoding]
276
276
277 for enc in to_encoding:
277 for enc in to_encoding:
278 try:
278 try:
279 return unicode_.encode(enc)
279 return unicode_.encode(enc)
280 except UnicodeEncodeError:
280 except UnicodeEncodeError:
281 pass
281 pass
282
282
283 try:
283 try:
284 import chardet
284 import chardet
285 encoding = chardet.detect(unicode_)['encoding']
285 encoding = chardet.detect(unicode_)['encoding']
286 if encoding is None:
286 if encoding is None:
287 raise UnicodeEncodeError()
287 raise UnicodeEncodeError()
288
288
289 return unicode_.encode(encoding)
289 return unicode_.encode(encoding)
290 except (ImportError, UnicodeEncodeError):
290 except (ImportError, UnicodeEncodeError):
291 return unicode_.encode(to_encoding[0], 'replace')
291 return unicode_.encode(to_encoding[0], 'replace')
292
292
293
293
294 def remove_suffix(s, suffix):
294 def remove_suffix(s, suffix):
295 if s.endswith(suffix):
295 if s.endswith(suffix):
296 s = s[:-1 * len(suffix)]
296 s = s[:-1 * len(suffix)]
297 return s
297 return s
298
298
299
299
300 def remove_prefix(s, prefix):
300 def remove_prefix(s, prefix):
301 if s.startswith(prefix):
301 if s.startswith(prefix):
302 s = s[len(prefix):]
302 s = s[len(prefix):]
303 return s
303 return s
304
304
305
305
306 def find_calling_context(ignore_modules=None):
306 def find_calling_context(ignore_modules=None):
307 """
307 """
308 Look through the calling stack and return the frame which called
308 Look through the calling stack and return the frame which called
309 this function and is part of core module ( ie. rhodecode.* )
309 this function and is part of core module ( ie. rhodecode.* )
310
310
311 :param ignore_modules: list of modules to ignore eg. ['rhodecode.lib']
311 :param ignore_modules: list of modules to ignore eg. ['rhodecode.lib']
312 """
312 """
313
313
314 ignore_modules = ignore_modules or []
314 ignore_modules = ignore_modules or []
315
315
316 f = sys._getframe(2)
316 f = sys._getframe(2)
317 while f.f_back is not None:
317 while f.f_back is not None:
318 name = f.f_globals.get('__name__')
318 name = f.f_globals.get('__name__')
319 if name and name.startswith(__name__.split('.')[0]):
319 if name and name.startswith(__name__.split('.')[0]):
320 if name not in ignore_modules:
320 if name not in ignore_modules:
321 return f
321 return f
322 f = f.f_back
322 f = f.f_back
323 return None
323 return None
324
324
325
325
326 def ping_connection(connection, branch):
326 def ping_connection(connection, branch):
327 if branch:
327 if branch:
328 # "branch" refers to a sub-connection of a connection,
328 # "branch" refers to a sub-connection of a connection,
329 # we don't want to bother pinging on these.
329 # we don't want to bother pinging on these.
330 return
330 return
331
331
332 # turn off "close with result". This flag is only used with
332 # turn off "close with result". This flag is only used with
333 # "connectionless" execution, otherwise will be False in any case
333 # "connectionless" execution, otherwise will be False in any case
334 save_should_close_with_result = connection.should_close_with_result
334 save_should_close_with_result = connection.should_close_with_result
335 connection.should_close_with_result = False
335 connection.should_close_with_result = False
336
336
337 try:
337 try:
338 # run a SELECT 1. use a core select() so that
338 # run a SELECT 1. use a core select() so that
339 # the SELECT of a scalar value without a table is
339 # the SELECT of a scalar value without a table is
340 # appropriately formatted for the backend
340 # appropriately formatted for the backend
341 connection.scalar(sqlalchemy.sql.select([1]))
341 connection.scalar(sqlalchemy.sql.select([1]))
342 except sqlalchemy.exc.DBAPIError as err:
342 except sqlalchemy.exc.DBAPIError as err:
343 # catch SQLAlchemy's DBAPIError, which is a wrapper
343 # catch SQLAlchemy's DBAPIError, which is a wrapper
344 # for the DBAPI's exception. It includes a .connection_invalidated
344 # for the DBAPI's exception. It includes a .connection_invalidated
345 # attribute which specifies if this connection is a "disconnect"
345 # attribute which specifies if this connection is a "disconnect"
346 # condition, which is based on inspection of the original exception
346 # condition, which is based on inspection of the original exception
347 # by the dialect in use.
347 # by the dialect in use.
348 if err.connection_invalidated:
348 if err.connection_invalidated:
349 # run the same SELECT again - the connection will re-validate
349 # run the same SELECT again - the connection will re-validate
350 # itself and establish a new connection. The disconnect detection
350 # itself and establish a new connection. The disconnect detection
351 # here also causes the whole connection pool to be invalidated
351 # here also causes the whole connection pool to be invalidated
352 # so that all stale connections are discarded.
352 # so that all stale connections are discarded.
353 connection.scalar(sqlalchemy.sql.select([1]))
353 connection.scalar(sqlalchemy.sql.select([1]))
354 else:
354 else:
355 raise
355 raise
356 finally:
356 finally:
357 # restore "close with result"
357 # restore "close with result"
358 connection.should_close_with_result = save_should_close_with_result
358 connection.should_close_with_result = save_should_close_with_result
359
359
360
360
361 def engine_from_config(configuration, prefix='sqlalchemy.', **kwargs):
361 def engine_from_config(configuration, prefix='sqlalchemy.', **kwargs):
362 """Custom engine_from_config functions."""
362 """Custom engine_from_config functions."""
363 log = logging.getLogger('sqlalchemy.engine')
363 log = logging.getLogger('sqlalchemy.engine')
364 _ping_connection = configuration.pop('sqlalchemy.db1.ping_connection', None)
364 _ping_connection = configuration.pop('sqlalchemy.db1.ping_connection', None)
365
365
366 engine = sqlalchemy.engine_from_config(configuration, prefix, **kwargs)
366 engine = sqlalchemy.engine_from_config(configuration, prefix, **kwargs)
367
367
368 def color_sql(sql):
368 def color_sql(sql):
369 color_seq = '\033[1;33m' # This is yellow: code 33
369 color_seq = '\033[1;33m' # This is yellow: code 33
370 normal = '\x1b[0m'
370 normal = '\x1b[0m'
371 return ''.join([color_seq, sql, normal])
371 return ''.join([color_seq, sql, normal])
372
372
373 if configuration['debug'] or _ping_connection:
373 if configuration['debug'] or _ping_connection:
374 sqlalchemy.event.listen(engine, "engine_connect", ping_connection)
374 sqlalchemy.event.listen(engine, "engine_connect", ping_connection)
375
375
376 if configuration['debug']:
376 if configuration['debug']:
377 # attach events only for debug configuration
377 # attach events only for debug configuration
378
378
379 def before_cursor_execute(conn, cursor, statement,
379 def before_cursor_execute(conn, cursor, statement,
380 parameters, context, executemany):
380 parameters, context, executemany):
381 setattr(conn, 'query_start_time', time.time())
381 setattr(conn, 'query_start_time', time.time())
382 log.info(color_sql(">>>>> STARTING QUERY >>>>>"))
382 log.info(color_sql(">>>>> STARTING QUERY >>>>>"))
383 calling_context = find_calling_context(ignore_modules=[
383 calling_context = find_calling_context(ignore_modules=[
384 'rhodecode.lib.caching_query',
384 'rhodecode.lib.caching_query',
385 'rhodecode.model.settings',
385 'rhodecode.model.settings',
386 ])
386 ])
387 if calling_context:
387 if calling_context:
388 log.info(color_sql('call context %s:%s' % (
388 log.info(color_sql('call context %s:%s' % (
389 calling_context.f_code.co_filename,
389 calling_context.f_code.co_filename,
390 calling_context.f_lineno,
390 calling_context.f_lineno,
391 )))
391 )))
392
392
393 def after_cursor_execute(conn, cursor, statement,
393 def after_cursor_execute(conn, cursor, statement,
394 parameters, context, executemany):
394 parameters, context, executemany):
395 delattr(conn, 'query_start_time')
395 delattr(conn, 'query_start_time')
396
396
397 sqlalchemy.event.listen(engine, "before_cursor_execute",
397 sqlalchemy.event.listen(engine, "before_cursor_execute",
398 before_cursor_execute)
398 before_cursor_execute)
399 sqlalchemy.event.listen(engine, "after_cursor_execute",
399 sqlalchemy.event.listen(engine, "after_cursor_execute",
400 after_cursor_execute)
400 after_cursor_execute)
401
401
402 return engine
402 return engine
403
403
404
404
405 def get_encryption_key(config):
405 def get_encryption_key(config):
406 secret = config.get('rhodecode.encrypted_values.secret')
406 secret = config.get('rhodecode.encrypted_values.secret')
407 default = config['beaker.session.secret']
407 default = config['beaker.session.secret']
408 return secret or default
408 return secret or default
409
409
410
410
411 def age(prevdate, now=None, show_short_version=False, show_suffix=True,
411 def age(prevdate, now=None, show_short_version=False, show_suffix=True,
412 short_format=False):
412 short_format=False):
413 """
413 """
414 Turns a datetime into an age string.
414 Turns a datetime into an age string.
415 If show_short_version is True, this generates a shorter string with
415 If show_short_version is True, this generates a shorter string with
416 an approximate age; ex. '1 day ago', rather than '1 day and 23 hours ago'.
416 an approximate age; ex. '1 day ago', rather than '1 day and 23 hours ago'.
417
417
418 * IMPORTANT*
418 * IMPORTANT*
419 Code of this function is written in special way so it's easier to
419 Code of this function is written in special way so it's easier to
420 backport it to javascript. If you mean to update it, please also update
420 backport it to javascript. If you mean to update it, please also update
421 `jquery.timeago-extension.js` file
421 `jquery.timeago-extension.js` file
422
422
423 :param prevdate: datetime object
423 :param prevdate: datetime object
424 :param now: get current time, if not define we use
424 :param now: get current time, if not define we use
425 `datetime.datetime.now()`
425 `datetime.datetime.now()`
426 :param show_short_version: if it should approximate the date and
426 :param show_short_version: if it should approximate the date and
427 return a shorter string
427 return a shorter string
428 :param show_suffix:
428 :param show_suffix:
429 :param short_format: show short format, eg 2D instead of 2 days
429 :param short_format: show short format, eg 2D instead of 2 days
430 :rtype: unicode
430 :rtype: unicode
431 :returns: unicode words describing age
431 :returns: unicode words describing age
432 """
432 """
433
433
434 def _get_relative_delta(now, prevdate):
434 def _get_relative_delta(now, prevdate):
435 base = dateutil.relativedelta.relativedelta(now, prevdate)
435 base = dateutil.relativedelta.relativedelta(now, prevdate)
436 return {
436 return {
437 'year': base.years,
437 'year': base.years,
438 'month': base.months,
438 'month': base.months,
439 'day': base.days,
439 'day': base.days,
440 'hour': base.hours,
440 'hour': base.hours,
441 'minute': base.minutes,
441 'minute': base.minutes,
442 'second': base.seconds,
442 'second': base.seconds,
443 }
443 }
444
444
445 def _is_leap_year(year):
445 def _is_leap_year(year):
446 return year % 4 == 0 and (year % 100 != 0 or year % 400 == 0)
446 return year % 4 == 0 and (year % 100 != 0 or year % 400 == 0)
447
447
448 def get_month(prevdate):
448 def get_month(prevdate):
449 return prevdate.month
449 return prevdate.month
450
450
451 def get_year(prevdate):
451 def get_year(prevdate):
452 return prevdate.year
452 return prevdate.year
453
453
454 now = now or datetime.datetime.now()
454 now = now or datetime.datetime.now()
455 order = ['year', 'month', 'day', 'hour', 'minute', 'second']
455 order = ['year', 'month', 'day', 'hour', 'minute', 'second']
456 deltas = {}
456 deltas = {}
457 future = False
457 future = False
458
458
459 if prevdate > now:
459 if prevdate > now:
460 now_old = now
460 now_old = now
461 now = prevdate
461 now = prevdate
462 prevdate = now_old
462 prevdate = now_old
463 future = True
463 future = True
464 if future:
464 if future:
465 prevdate = prevdate.replace(microsecond=0)
465 prevdate = prevdate.replace(microsecond=0)
466 # Get date parts deltas
466 # Get date parts deltas
467 for part in order:
467 for part in order:
468 rel_delta = _get_relative_delta(now, prevdate)
468 rel_delta = _get_relative_delta(now, prevdate)
469 deltas[part] = rel_delta[part]
469 deltas[part] = rel_delta[part]
470
470
471 # Fix negative offsets (there is 1 second between 10:59:59 and 11:00:00,
471 # Fix negative offsets (there is 1 second between 10:59:59 and 11:00:00,
472 # not 1 hour, -59 minutes and -59 seconds)
472 # not 1 hour, -59 minutes and -59 seconds)
473 offsets = [[5, 60], [4, 60], [3, 24]]
473 offsets = [[5, 60], [4, 60], [3, 24]]
474 for element in offsets: # seconds, minutes, hours
474 for element in offsets: # seconds, minutes, hours
475 num = element[0]
475 num = element[0]
476 length = element[1]
476 length = element[1]
477
477
478 part = order[num]
478 part = order[num]
479 carry_part = order[num - 1]
479 carry_part = order[num - 1]
480
480
481 if deltas[part] < 0:
481 if deltas[part] < 0:
482 deltas[part] += length
482 deltas[part] += length
483 deltas[carry_part] -= 1
483 deltas[carry_part] -= 1
484
484
485 # Same thing for days except that the increment depends on the (variable)
485 # Same thing for days except that the increment depends on the (variable)
486 # number of days in the month
486 # number of days in the month
487 month_lengths = [31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31]
487 month_lengths = [31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31]
488 if deltas['day'] < 0:
488 if deltas['day'] < 0:
489 if get_month(prevdate) == 2 and _is_leap_year(get_year(prevdate)):
489 if get_month(prevdate) == 2 and _is_leap_year(get_year(prevdate)):
490 deltas['day'] += 29
490 deltas['day'] += 29
491 else:
491 else:
492 deltas['day'] += month_lengths[get_month(prevdate) - 1]
492 deltas['day'] += month_lengths[get_month(prevdate) - 1]
493
493
494 deltas['month'] -= 1
494 deltas['month'] -= 1
495
495
496 if deltas['month'] < 0:
496 if deltas['month'] < 0:
497 deltas['month'] += 12
497 deltas['month'] += 12
498 deltas['year'] -= 1
498 deltas['year'] -= 1
499
499
500 # Format the result
500 # Format the result
501 if short_format:
501 if short_format:
502 fmt_funcs = {
502 fmt_funcs = {
503 'year': lambda d: u'%dy' % d,
503 'year': lambda d: u'%dy' % d,
504 'month': lambda d: u'%dm' % d,
504 'month': lambda d: u'%dm' % d,
505 'day': lambda d: u'%dd' % d,
505 'day': lambda d: u'%dd' % d,
506 'hour': lambda d: u'%dh' % d,
506 'hour': lambda d: u'%dh' % d,
507 'minute': lambda d: u'%dmin' % d,
507 'minute': lambda d: u'%dmin' % d,
508 'second': lambda d: u'%dsec' % d,
508 'second': lambda d: u'%dsec' % d,
509 }
509 }
510 else:
510 else:
511 fmt_funcs = {
511 fmt_funcs = {
512 'year': lambda d: _pluralize(u'${num} year', u'${num} years', d, mapping={'num': d}).interpolate(),
512 'year': lambda d: _pluralize(u'${num} year', u'${num} years', d, mapping={'num': d}).interpolate(),
513 'month': lambda d: _pluralize(u'${num} month', u'${num} months', d, mapping={'num': d}).interpolate(),
513 'month': lambda d: _pluralize(u'${num} month', u'${num} months', d, mapping={'num': d}).interpolate(),
514 'day': lambda d: _pluralize(u'${num} day', u'${num} days', d, mapping={'num': d}).interpolate(),
514 'day': lambda d: _pluralize(u'${num} day', u'${num} days', d, mapping={'num': d}).interpolate(),
515 'hour': lambda d: _pluralize(u'${num} hour', u'${num} hours', d, mapping={'num': d}).interpolate(),
515 'hour': lambda d: _pluralize(u'${num} hour', u'${num} hours', d, mapping={'num': d}).interpolate(),
516 'minute': lambda d: _pluralize(u'${num} minute', u'${num} minutes', d, mapping={'num': d}).interpolate(),
516 'minute': lambda d: _pluralize(u'${num} minute', u'${num} minutes', d, mapping={'num': d}).interpolate(),
517 'second': lambda d: _pluralize(u'${num} second', u'${num} seconds', d, mapping={'num': d}).interpolate(),
517 'second': lambda d: _pluralize(u'${num} second', u'${num} seconds', d, mapping={'num': d}).interpolate(),
518 }
518 }
519
519
520 i = 0
520 i = 0
521 for part in order:
521 for part in order:
522 value = deltas[part]
522 value = deltas[part]
523 if value != 0:
523 if value != 0:
524
524
525 if i < 5:
525 if i < 5:
526 sub_part = order[i + 1]
526 sub_part = order[i + 1]
527 sub_value = deltas[sub_part]
527 sub_value = deltas[sub_part]
528 else:
528 else:
529 sub_value = 0
529 sub_value = 0
530
530
531 if sub_value == 0 or show_short_version:
531 if sub_value == 0 or show_short_version:
532 _val = fmt_funcs[part](value)
532 _val = fmt_funcs[part](value)
533 if future:
533 if future:
534 if show_suffix:
534 if show_suffix:
535 return _(u'in ${ago}', mapping={'ago': _val})
535 return _(u'in ${ago}', mapping={'ago': _val})
536 else:
536 else:
537 return _(_val)
537 return _(_val)
538
538
539 else:
539 else:
540 if show_suffix:
540 if show_suffix:
541 return _(u'${ago} ago', mapping={'ago': _val})
541 return _(u'${ago} ago', mapping={'ago': _val})
542 else:
542 else:
543 return _(_val)
543 return _(_val)
544
544
545 val = fmt_funcs[part](value)
545 val = fmt_funcs[part](value)
546 val_detail = fmt_funcs[sub_part](sub_value)
546 val_detail = fmt_funcs[sub_part](sub_value)
547 mapping = {'val': val, 'detail': val_detail}
547 mapping = {'val': val, 'detail': val_detail}
548
548
549 if short_format:
549 if short_format:
550 datetime_tmpl = _(u'${val}, ${detail}', mapping=mapping)
550 datetime_tmpl = _(u'${val}, ${detail}', mapping=mapping)
551 if show_suffix:
551 if show_suffix:
552 datetime_tmpl = _(u'${val}, ${detail} ago', mapping=mapping)
552 datetime_tmpl = _(u'${val}, ${detail} ago', mapping=mapping)
553 if future:
553 if future:
554 datetime_tmpl = _(u'in ${val}, ${detail}', mapping=mapping)
554 datetime_tmpl = _(u'in ${val}, ${detail}', mapping=mapping)
555 else:
555 else:
556 datetime_tmpl = _(u'${val} and ${detail}', mapping=mapping)
556 datetime_tmpl = _(u'${val} and ${detail}', mapping=mapping)
557 if show_suffix:
557 if show_suffix:
558 datetime_tmpl = _(u'${val} and ${detail} ago', mapping=mapping)
558 datetime_tmpl = _(u'${val} and ${detail} ago', mapping=mapping)
559 if future:
559 if future:
560 datetime_tmpl = _(u'in ${val} and ${detail}', mapping=mapping)
560 datetime_tmpl = _(u'in ${val} and ${detail}', mapping=mapping)
561
561
562 return datetime_tmpl
562 return datetime_tmpl
563 i += 1
563 i += 1
564 return _(u'just now')
564 return _(u'just now')
565
565
566
566
567 def cleaned_uri(uri):
567 def cleaned_uri(uri):
568 """
568 """
569 Quotes '[' and ']' from uri if there is only one of them.
569 Quotes '[' and ']' from uri if there is only one of them.
570 according to RFC3986 we cannot use such chars in uri
570 according to RFC3986 we cannot use such chars in uri
571 :param uri:
571 :param uri:
572 :return: uri without this chars
572 :return: uri without this chars
573 """
573 """
574 return urllib.quote(uri, safe='@$:/')
574 return urllib.quote(uri, safe='@$:/')
575
575
576
576
577 def uri_filter(uri):
577 def uri_filter(uri):
578 """
578 """
579 Removes user:password from given url string
579 Removes user:password from given url string
580
580
581 :param uri:
581 :param uri:
582 :rtype: unicode
582 :rtype: unicode
583 :returns: filtered list of strings
583 :returns: filtered list of strings
584 """
584 """
585 if not uri:
585 if not uri:
586 return ''
586 return ''
587
587
588 proto = ''
588 proto = ''
589
589
590 for pat in ('https://', 'http://'):
590 for pat in ('https://', 'http://'):
591 if uri.startswith(pat):
591 if uri.startswith(pat):
592 uri = uri[len(pat):]
592 uri = uri[len(pat):]
593 proto = pat
593 proto = pat
594 break
594 break
595
595
596 # remove passwords and username
596 # remove passwords and username
597 uri = uri[uri.find('@') + 1:]
597 uri = uri[uri.find('@') + 1:]
598
598
599 # get the port
599 # get the port
600 cred_pos = uri.find(':')
600 cred_pos = uri.find(':')
601 if cred_pos == -1:
601 if cred_pos == -1:
602 host, port = uri, None
602 host, port = uri, None
603 else:
603 else:
604 host, port = uri[:cred_pos], uri[cred_pos + 1:]
604 host, port = uri[:cred_pos], uri[cred_pos + 1:]
605
605
606 return filter(None, [proto, host, port])
606 return filter(None, [proto, host, port])
607
607
608
608
609 def credentials_filter(uri):
609 def credentials_filter(uri):
610 """
610 """
611 Returns a url with removed credentials
611 Returns a url with removed credentials
612
612
613 :param uri:
613 :param uri:
614 """
614 """
615
615
616 uri = uri_filter(uri)
616 uri = uri_filter(uri)
617 # check if we have port
617 # check if we have port
618 if len(uri) > 2 and uri[2]:
618 if len(uri) > 2 and uri[2]:
619 uri[2] = ':' + uri[2]
619 uri[2] = ':' + uri[2]
620
620
621 return ''.join(uri)
621 return ''.join(uri)
622
622
623
623
624 def get_clone_url(request, uri_tmpl, repo_name, repo_id, **override):
624 def get_clone_url(request, uri_tmpl, repo_name, repo_id, **override):
625 qualifed_home_url = request.route_url('home')
625 qualifed_home_url = request.route_url('home')
626 parsed_url = urlobject.URLObject(qualifed_home_url)
626 parsed_url = urlobject.URLObject(qualifed_home_url)
627 decoded_path = safe_unicode(urllib.unquote(parsed_url.path.rstrip('/')))
627 decoded_path = safe_unicode(urllib.unquote(parsed_url.path.rstrip('/')))
628
628
629 args = {
629 args = {
630 'scheme': parsed_url.scheme,
630 'scheme': parsed_url.scheme,
631 'user': '',
631 'user': '',
632 'sys_user': getpass.getuser(),
632 'sys_user': getpass.getuser(),
633 # path if we use proxy-prefix
633 # path if we use proxy-prefix
634 'netloc': parsed_url.netloc+decoded_path,
634 'netloc': parsed_url.netloc+decoded_path,
635 'hostname': parsed_url.hostname,
635 'hostname': parsed_url.hostname,
636 'prefix': decoded_path,
636 'prefix': decoded_path,
637 'repo': repo_name,
637 'repo': repo_name,
638 'repoid': str(repo_id)
638 'repoid': str(repo_id)
639 }
639 }
640 args.update(override)
640 args.update(override)
641 args['user'] = urllib.quote(safe_str(args['user']))
641 args['user'] = urllib.quote(safe_str(args['user']))
642
642
643 for k, v in args.items():
643 for k, v in args.items():
644 uri_tmpl = uri_tmpl.replace('{%s}' % k, v)
644 uri_tmpl = uri_tmpl.replace('{%s}' % k, v)
645
645
646 # remove leading @ sign if it's present. Case of empty user
646 # remove leading @ sign if it's present. Case of empty user
647 url_obj = urlobject.URLObject(uri_tmpl)
647 url_obj = urlobject.URLObject(uri_tmpl)
648 url = url_obj.with_netloc(url_obj.netloc.lstrip('@'))
648 url = url_obj.with_netloc(url_obj.netloc.lstrip('@'))
649
649
650 return safe_unicode(url)
650 return safe_unicode(url)
651
651
652
652
653 def get_commit_safe(repo, commit_id=None, commit_idx=None, pre_load=None):
653 def get_commit_safe(repo, commit_id=None, commit_idx=None, pre_load=None):
654 """
654 """
655 Safe version of get_commit if this commit doesn't exists for a
655 Safe version of get_commit if this commit doesn't exists for a
656 repository it returns a Dummy one instead
656 repository it returns a Dummy one instead
657
657
658 :param repo: repository instance
658 :param repo: repository instance
659 :param commit_id: commit id as str
659 :param commit_id: commit id as str
660 :param pre_load: optional list of commit attributes to load
660 :param pre_load: optional list of commit attributes to load
661 """
661 """
662 # TODO(skreft): remove these circular imports
662 # TODO(skreft): remove these circular imports
663 from rhodecode.lib.vcs.backends.base import BaseRepository, EmptyCommit
663 from rhodecode.lib.vcs.backends.base import BaseRepository, EmptyCommit
664 from rhodecode.lib.vcs.exceptions import RepositoryError
664 from rhodecode.lib.vcs.exceptions import RepositoryError
665 if not isinstance(repo, BaseRepository):
665 if not isinstance(repo, BaseRepository):
666 raise Exception('You must pass an Repository '
666 raise Exception('You must pass an Repository '
667 'object as first argument got %s', type(repo))
667 'object as first argument got %s', type(repo))
668
668
669 try:
669 try:
670 commit = repo.get_commit(
670 commit = repo.get_commit(
671 commit_id=commit_id, commit_idx=commit_idx, pre_load=pre_load)
671 commit_id=commit_id, commit_idx=commit_idx, pre_load=pre_load)
672 except (RepositoryError, LookupError):
672 except (RepositoryError, LookupError):
673 commit = EmptyCommit()
673 commit = EmptyCommit()
674 return commit
674 return commit
675
675
676
676
677 def datetime_to_time(dt):
677 def datetime_to_time(dt):
678 if dt:
678 if dt:
679 return time.mktime(dt.timetuple())
679 return time.mktime(dt.timetuple())
680
680
681
681
682 def time_to_datetime(tm):
682 def time_to_datetime(tm):
683 if tm:
683 if tm:
684 if isinstance(tm, basestring):
684 if isinstance(tm, basestring):
685 try:
685 try:
686 tm = float(tm)
686 tm = float(tm)
687 except ValueError:
687 except ValueError:
688 return
688 return
689 return datetime.datetime.fromtimestamp(tm)
689 return datetime.datetime.fromtimestamp(tm)
690
690
691
691
692 def time_to_utcdatetime(tm):
692 def time_to_utcdatetime(tm):
693 if tm:
693 if tm:
694 if isinstance(tm, basestring):
694 if isinstance(tm, basestring):
695 try:
695 try:
696 tm = float(tm)
696 tm = float(tm)
697 except ValueError:
697 except ValueError:
698 return
698 return
699 return datetime.datetime.utcfromtimestamp(tm)
699 return datetime.datetime.utcfromtimestamp(tm)
700
700
701
701
702 MENTIONS_REGEX = re.compile(
702 MENTIONS_REGEX = re.compile(
703 # ^@ or @ without any special chars in front
703 # ^@ or @ without any special chars in front
704 r'(?:^@|[^a-zA-Z0-9\-\_\.]@)'
704 r'(?:^@|[^a-zA-Z0-9\-\_\.]@)'
705 # main body starts with letter, then can be . - _
705 # main body starts with letter, then can be . - _
706 r'([a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+)',
706 r'([a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+)',
707 re.VERBOSE | re.MULTILINE)
707 re.VERBOSE | re.MULTILINE)
708
708
709
709
710 def extract_mentioned_users(s):
710 def extract_mentioned_users(s):
711 """
711 """
712 Returns unique usernames from given string s that have @mention
712 Returns unique usernames from given string s that have @mention
713
713
714 :param s: string to get mentions
714 :param s: string to get mentions
715 """
715 """
716 usrs = set()
716 usrs = set()
717 for username in MENTIONS_REGEX.findall(s):
717 for username in MENTIONS_REGEX.findall(s):
718 usrs.add(username)
718 usrs.add(username)
719
719
720 return sorted(list(usrs), key=lambda k: k.lower())
720 return sorted(list(usrs), key=lambda k: k.lower())
721
721
722
722
723 class AttributeDictBase(dict):
723 class AttributeDictBase(dict):
724 def __getstate__(self):
724 def __getstate__(self):
725 odict = self.__dict__ # get attribute dictionary
725 odict = self.__dict__ # get attribute dictionary
726 return odict
726 return odict
727
727
728 def __setstate__(self, dict):
728 def __setstate__(self, dict):
729 self.__dict__ = dict
729 self.__dict__ = dict
730
730
731 __setattr__ = dict.__setitem__
731 __setattr__ = dict.__setitem__
732 __delattr__ = dict.__delitem__
732 __delattr__ = dict.__delitem__
733
733
734
734
735 class StrictAttributeDict(AttributeDictBase):
735 class StrictAttributeDict(AttributeDictBase):
736 """
736 """
737 Strict Version of Attribute dict which raises an Attribute error when
737 Strict Version of Attribute dict which raises an Attribute error when
738 requested attribute is not set
738 requested attribute is not set
739 """
739 """
740 def __getattr__(self, attr):
740 def __getattr__(self, attr):
741 try:
741 try:
742 return self[attr]
742 return self[attr]
743 except KeyError:
743 except KeyError:
744 raise AttributeError('%s object has no attribute %s' % (
744 raise AttributeError('%s object has no attribute %s' % (
745 self.__class__, attr))
745 self.__class__, attr))
746
746
747
747
748 class AttributeDict(AttributeDictBase):
748 class AttributeDict(AttributeDictBase):
749 def __getattr__(self, attr):
749 def __getattr__(self, attr):
750 return self.get(attr, None)
750 return self.get(attr, None)
751
751
752
752
753
753
754 class OrderedDefaultDict(collections.OrderedDict, collections.defaultdict):
755 def __init__(self, default_factory=None, *args, **kwargs):
756 # in python3 you can omit the args to super
757 super(OrderedDefaultDict, self).__init__(*args, **kwargs)
758 self.default_factory = default_factory
759
760
754 def fix_PATH(os_=None):
761 def fix_PATH(os_=None):
755 """
762 """
756 Get current active python path, and append it to PATH variable to fix
763 Get current active python path, and append it to PATH variable to fix
757 issues of subprocess calls and different python versions
764 issues of subprocess calls and different python versions
758 """
765 """
759 if os_ is None:
766 if os_ is None:
760 import os
767 import os
761 else:
768 else:
762 os = os_
769 os = os_
763
770
764 cur_path = os.path.split(sys.executable)[0]
771 cur_path = os.path.split(sys.executable)[0]
765 if not os.environ['PATH'].startswith(cur_path):
772 if not os.environ['PATH'].startswith(cur_path):
766 os.environ['PATH'] = '%s:%s' % (cur_path, os.environ['PATH'])
773 os.environ['PATH'] = '%s:%s' % (cur_path, os.environ['PATH'])
767
774
768
775
769 def obfuscate_url_pw(engine):
776 def obfuscate_url_pw(engine):
770 _url = engine or ''
777 _url = engine or ''
771 try:
778 try:
772 _url = sqlalchemy.engine.url.make_url(engine)
779 _url = sqlalchemy.engine.url.make_url(engine)
773 if _url.password:
780 if _url.password:
774 _url.password = 'XXXXX'
781 _url.password = 'XXXXX'
775 except Exception:
782 except Exception:
776 pass
783 pass
777 return unicode(_url)
784 return unicode(_url)
778
785
779
786
780 def get_server_url(environ):
787 def get_server_url(environ):
781 req = webob.Request(environ)
788 req = webob.Request(environ)
782 return req.host_url + req.script_name
789 return req.host_url + req.script_name
783
790
784
791
785 def unique_id(hexlen=32):
792 def unique_id(hexlen=32):
786 alphabet = "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjklmnpqrstuvwxyz"
793 alphabet = "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjklmnpqrstuvwxyz"
787 return suuid(truncate_to=hexlen, alphabet=alphabet)
794 return suuid(truncate_to=hexlen, alphabet=alphabet)
788
795
789
796
790 def suuid(url=None, truncate_to=22, alphabet=None):
797 def suuid(url=None, truncate_to=22, alphabet=None):
791 """
798 """
792 Generate and return a short URL safe UUID.
799 Generate and return a short URL safe UUID.
793
800
794 If the url parameter is provided, set the namespace to the provided
801 If the url parameter is provided, set the namespace to the provided
795 URL and generate a UUID.
802 URL and generate a UUID.
796
803
797 :param url to get the uuid for
804 :param url to get the uuid for
798 :truncate_to: truncate the basic 22 UUID to shorter version
805 :truncate_to: truncate the basic 22 UUID to shorter version
799
806
800 The IDs won't be universally unique any longer, but the probability of
807 The IDs won't be universally unique any longer, but the probability of
801 a collision will still be very low.
808 a collision will still be very low.
802 """
809 """
803 # Define our alphabet.
810 # Define our alphabet.
804 _ALPHABET = alphabet or "23456789ABCDEFGHJKLMNPQRSTUVWXYZ"
811 _ALPHABET = alphabet or "23456789ABCDEFGHJKLMNPQRSTUVWXYZ"
805
812
806 # If no URL is given, generate a random UUID.
813 # If no URL is given, generate a random UUID.
807 if url is None:
814 if url is None:
808 unique_id = uuid.uuid4().int
815 unique_id = uuid.uuid4().int
809 else:
816 else:
810 unique_id = uuid.uuid3(uuid.NAMESPACE_URL, url).int
817 unique_id = uuid.uuid3(uuid.NAMESPACE_URL, url).int
811
818
812 alphabet_length = len(_ALPHABET)
819 alphabet_length = len(_ALPHABET)
813 output = []
820 output = []
814 while unique_id > 0:
821 while unique_id > 0:
815 digit = unique_id % alphabet_length
822 digit = unique_id % alphabet_length
816 output.append(_ALPHABET[digit])
823 output.append(_ALPHABET[digit])
817 unique_id = int(unique_id / alphabet_length)
824 unique_id = int(unique_id / alphabet_length)
818 return "".join(output)[:truncate_to]
825 return "".join(output)[:truncate_to]
819
826
820
827
821 def get_current_rhodecode_user(request=None):
828 def get_current_rhodecode_user(request=None):
822 """
829 """
823 Gets rhodecode user from request
830 Gets rhodecode user from request
824 """
831 """
825 pyramid_request = request or pyramid.threadlocal.get_current_request()
832 pyramid_request = request or pyramid.threadlocal.get_current_request()
826
833
827 # web case
834 # web case
828 if pyramid_request and hasattr(pyramid_request, 'user'):
835 if pyramid_request and hasattr(pyramid_request, 'user'):
829 return pyramid_request.user
836 return pyramid_request.user
830
837
831 # api case
838 # api case
832 if pyramid_request and hasattr(pyramid_request, 'rpc_user'):
839 if pyramid_request and hasattr(pyramid_request, 'rpc_user'):
833 return pyramid_request.rpc_user
840 return pyramid_request.rpc_user
834
841
835 return None
842 return None
836
843
837
844
838 def action_logger_generic(action, namespace=''):
845 def action_logger_generic(action, namespace=''):
839 """
846 """
840 A generic logger for actions useful to the system overview, tries to find
847 A generic logger for actions useful to the system overview, tries to find
841 an acting user for the context of the call otherwise reports unknown user
848 an acting user for the context of the call otherwise reports unknown user
842
849
843 :param action: logging message eg 'comment 5 deleted'
850 :param action: logging message eg 'comment 5 deleted'
844 :param type: string
851 :param type: string
845
852
846 :param namespace: namespace of the logging message eg. 'repo.comments'
853 :param namespace: namespace of the logging message eg. 'repo.comments'
847 :param type: string
854 :param type: string
848
855
849 """
856 """
850
857
851 logger_name = 'rhodecode.actions'
858 logger_name = 'rhodecode.actions'
852
859
853 if namespace:
860 if namespace:
854 logger_name += '.' + namespace
861 logger_name += '.' + namespace
855
862
856 log = logging.getLogger(logger_name)
863 log = logging.getLogger(logger_name)
857
864
858 # get a user if we can
865 # get a user if we can
859 user = get_current_rhodecode_user()
866 user = get_current_rhodecode_user()
860
867
861 logfunc = log.info
868 logfunc = log.info
862
869
863 if not user:
870 if not user:
864 user = '<unknown user>'
871 user = '<unknown user>'
865 logfunc = log.warning
872 logfunc = log.warning
866
873
867 logfunc('Logging action by {}: {}'.format(user, action))
874 logfunc('Logging action by {}: {}'.format(user, action))
868
875
869
876
870 def escape_split(text, sep=',', maxsplit=-1):
877 def escape_split(text, sep=',', maxsplit=-1):
871 r"""
878 r"""
872 Allows for escaping of the separator: e.g. arg='foo\, bar'
879 Allows for escaping of the separator: e.g. arg='foo\, bar'
873
880
874 It should be noted that the way bash et. al. do command line parsing, those
881 It should be noted that the way bash et. al. do command line parsing, those
875 single quotes are required.
882 single quotes are required.
876 """
883 """
877 escaped_sep = r'\%s' % sep
884 escaped_sep = r'\%s' % sep
878
885
879 if escaped_sep not in text:
886 if escaped_sep not in text:
880 return text.split(sep, maxsplit)
887 return text.split(sep, maxsplit)
881
888
882 before, _mid, after = text.partition(escaped_sep)
889 before, _mid, after = text.partition(escaped_sep)
883 startlist = before.split(sep, maxsplit) # a regular split is fine here
890 startlist = before.split(sep, maxsplit) # a regular split is fine here
884 unfinished = startlist[-1]
891 unfinished = startlist[-1]
885 startlist = startlist[:-1]
892 startlist = startlist[:-1]
886
893
887 # recurse because there may be more escaped separators
894 # recurse because there may be more escaped separators
888 endlist = escape_split(after, sep, maxsplit)
895 endlist = escape_split(after, sep, maxsplit)
889
896
890 # finish building the escaped value. we use endlist[0] becaue the first
897 # finish building the escaped value. we use endlist[0] becaue the first
891 # part of the string sent in recursion is the rest of the escaped value.
898 # part of the string sent in recursion is the rest of the escaped value.
892 unfinished += sep + endlist[0]
899 unfinished += sep + endlist[0]
893
900
894 return startlist + [unfinished] + endlist[1:] # put together all the parts
901 return startlist + [unfinished] + endlist[1:] # put together all the parts
895
902
896
903
897 class OptionalAttr(object):
904 class OptionalAttr(object):
898 """
905 """
899 Special Optional Option that defines other attribute. Example::
906 Special Optional Option that defines other attribute. Example::
900
907
901 def test(apiuser, userid=Optional(OAttr('apiuser')):
908 def test(apiuser, userid=Optional(OAttr('apiuser')):
902 user = Optional.extract(userid)
909 user = Optional.extract(userid)
903 # calls
910 # calls
904
911
905 """
912 """
906
913
907 def __init__(self, attr_name):
914 def __init__(self, attr_name):
908 self.attr_name = attr_name
915 self.attr_name = attr_name
909
916
910 def __repr__(self):
917 def __repr__(self):
911 return '<OptionalAttr:%s>' % self.attr_name
918 return '<OptionalAttr:%s>' % self.attr_name
912
919
913 def __call__(self):
920 def __call__(self):
914 return self
921 return self
915
922
916
923
917 # alias
924 # alias
918 OAttr = OptionalAttr
925 OAttr = OptionalAttr
919
926
920
927
921 class Optional(object):
928 class Optional(object):
922 """
929 """
923 Defines an optional parameter::
930 Defines an optional parameter::
924
931
925 param = param.getval() if isinstance(param, Optional) else param
932 param = param.getval() if isinstance(param, Optional) else param
926 param = param() if isinstance(param, Optional) else param
933 param = param() if isinstance(param, Optional) else param
927
934
928 is equivalent of::
935 is equivalent of::
929
936
930 param = Optional.extract(param)
937 param = Optional.extract(param)
931
938
932 """
939 """
933
940
934 def __init__(self, type_):
941 def __init__(self, type_):
935 self.type_ = type_
942 self.type_ = type_
936
943
937 def __repr__(self):
944 def __repr__(self):
938 return '<Optional:%s>' % self.type_.__repr__()
945 return '<Optional:%s>' % self.type_.__repr__()
939
946
940 def __call__(self):
947 def __call__(self):
941 return self.getval()
948 return self.getval()
942
949
943 def getval(self):
950 def getval(self):
944 """
951 """
945 returns value from this Optional instance
952 returns value from this Optional instance
946 """
953 """
947 if isinstance(self.type_, OAttr):
954 if isinstance(self.type_, OAttr):
948 # use params name
955 # use params name
949 return self.type_.attr_name
956 return self.type_.attr_name
950 return self.type_
957 return self.type_
951
958
952 @classmethod
959 @classmethod
953 def extract(cls, val):
960 def extract(cls, val):
954 """
961 """
955 Extracts value from Optional() instance
962 Extracts value from Optional() instance
956
963
957 :param val:
964 :param val:
958 :return: original value if it's not Optional instance else
965 :return: original value if it's not Optional instance else
959 value of instance
966 value of instance
960 """
967 """
961 if isinstance(val, cls):
968 if isinstance(val, cls):
962 return val.getval()
969 return val.getval()
963 return val
970 return val
964
971
965
972
966 def glob2re(pat):
973 def glob2re(pat):
967 """
974 """
968 Translate a shell PATTERN to a regular expression.
975 Translate a shell PATTERN to a regular expression.
969
976
970 There is no way to quote meta-characters.
977 There is no way to quote meta-characters.
971 """
978 """
972
979
973 i, n = 0, len(pat)
980 i, n = 0, len(pat)
974 res = ''
981 res = ''
975 while i < n:
982 while i < n:
976 c = pat[i]
983 c = pat[i]
977 i = i+1
984 i = i+1
978 if c == '*':
985 if c == '*':
979 #res = res + '.*'
986 #res = res + '.*'
980 res = res + '[^/]*'
987 res = res + '[^/]*'
981 elif c == '?':
988 elif c == '?':
982 #res = res + '.'
989 #res = res + '.'
983 res = res + '[^/]'
990 res = res + '[^/]'
984 elif c == '[':
991 elif c == '[':
985 j = i
992 j = i
986 if j < n and pat[j] == '!':
993 if j < n and pat[j] == '!':
987 j = j+1
994 j = j+1
988 if j < n and pat[j] == ']':
995 if j < n and pat[j] == ']':
989 j = j+1
996 j = j+1
990 while j < n and pat[j] != ']':
997 while j < n and pat[j] != ']':
991 j = j+1
998 j = j+1
992 if j >= n:
999 if j >= n:
993 res = res + '\\['
1000 res = res + '\\['
994 else:
1001 else:
995 stuff = pat[i:j].replace('\\','\\\\')
1002 stuff = pat[i:j].replace('\\','\\\\')
996 i = j+1
1003 i = j+1
997 if stuff[0] == '!':
1004 if stuff[0] == '!':
998 stuff = '^' + stuff[1:]
1005 stuff = '^' + stuff[1:]
999 elif stuff[0] == '^':
1006 elif stuff[0] == '^':
1000 stuff = '\\' + stuff
1007 stuff = '\\' + stuff
1001 res = '%s[%s]' % (res, stuff)
1008 res = '%s[%s]' % (res, stuff)
1002 else:
1009 else:
1003 res = res + re.escape(c)
1010 res = res + re.escape(c)
1004 return res + '\Z(?ms)'
1011 return res + '\Z(?ms)'
Show file before | Show file after | Hide comments
@@ -1,4506 +1,4662 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2018 RhodeCode GmbH
3 # Copyright (C) 2010-2018 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 """
21 """
22 Database Models for RhodeCode Enterprise
22 Database Models for RhodeCode Enterprise
23 """
23 """
24
24
25 import re
25 import re
26 import os
26 import os
27 import time
27 import time
28 import hashlib
28 import hashlib
29 import logging
29 import logging
30 import datetime
30 import datetime
31 import warnings
31 import warnings
32 import ipaddress
32 import ipaddress
33 import functools
33 import functools
34 import traceback
34 import traceback
35 import collections
35 import collections
36
36
37 from sqlalchemy import (
37 from sqlalchemy import (
38 or_, and_, not_, func, TypeDecorator, event,
38 or_, and_, not_, func, TypeDecorator, event,
39 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
39 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
40 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
40 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
41 Text, Float, PickleType)
41 Text, Float, PickleType)
42 from sqlalchemy.sql.expression import true, false
42 from sqlalchemy.sql.expression import true, false
43 from sqlalchemy.sql.functions import coalesce, count # noqa
43 from sqlalchemy.sql.functions import coalesce, count # noqa
44 from sqlalchemy.orm import (
44 from sqlalchemy.orm import (
45 relationship, joinedload, class_mapper, validates, aliased)
45 relationship, joinedload, class_mapper, validates, aliased)
46 from sqlalchemy.ext.declarative import declared_attr
46 from sqlalchemy.ext.declarative import declared_attr
47 from sqlalchemy.ext.hybrid import hybrid_property
47 from sqlalchemy.ext.hybrid import hybrid_property
48 from sqlalchemy.exc import IntegrityError # noqa
48 from sqlalchemy.exc import IntegrityError # noqa
49 from sqlalchemy.dialects.mysql import LONGTEXT
49 from sqlalchemy.dialects.mysql import LONGTEXT
50 from zope.cachedescriptors.property import Lazy as LazyProperty
50 from zope.cachedescriptors.property import Lazy as LazyProperty
51
51
52 from pyramid.threadlocal import get_current_request
52 from pyramid.threadlocal import get_current_request
53
53
54 from rhodecode.translation import _
54 from rhodecode.translation import _
55 from rhodecode.lib.vcs import get_vcs_instance
55 from rhodecode.lib.vcs import get_vcs_instance
56 from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
56 from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
57 from rhodecode.lib.utils2 import (
57 from rhodecode.lib.utils2 import (
58 str2bool, safe_str, get_commit_safe, safe_unicode, sha1_safe,
58 str2bool, safe_str, get_commit_safe, safe_unicode, sha1_safe,
59 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
59 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
60 glob2re, StrictAttributeDict, cleaned_uri)
60 glob2re, StrictAttributeDict, cleaned_uri)
61 from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \
61 from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \
62 JsonRaw
62 JsonRaw
63 from rhodecode.lib.ext_json import json
63 from rhodecode.lib.ext_json import json
64 from rhodecode.lib.caching_query import FromCache
64 from rhodecode.lib.caching_query import FromCache
65 from rhodecode.lib.encrypt import AESCipher
65 from rhodecode.lib.encrypt import AESCipher
66
66
67 from rhodecode.model.meta import Base, Session
67 from rhodecode.model.meta import Base, Session
68
68
69 URL_SEP = '/'
69 URL_SEP = '/'
70 log = logging.getLogger(__name__)
70 log = logging.getLogger(__name__)
71
71
72 # =============================================================================
72 # =============================================================================
73 # BASE CLASSES
73 # BASE CLASSES
74 # =============================================================================
74 # =============================================================================
75
75
76 # this is propagated from .ini file rhodecode.encrypted_values.secret or
76 # this is propagated from .ini file rhodecode.encrypted_values.secret or
77 # beaker.session.secret if first is not set.
77 # beaker.session.secret if first is not set.
78 # and initialized at environment.py
78 # and initialized at environment.py
79 ENCRYPTION_KEY = None
79 ENCRYPTION_KEY = None
80
80
81 # used to sort permissions by types, '#' used here is not allowed to be in
81 # used to sort permissions by types, '#' used here is not allowed to be in
82 # usernames, and it's very early in sorted string.printable table.
82 # usernames, and it's very early in sorted string.printable table.
83 PERMISSION_TYPE_SORT = {
83 PERMISSION_TYPE_SORT = {
84 'admin': '####',
84 'admin': '####',
85 'write': '###',
85 'write': '###',
86 'read': '##',
86 'read': '##',
87 'none': '#',
87 'none': '#',
88 }
88 }
89
89
90
90
91 def display_user_sort(obj):
91 def display_user_sort(obj):
92 """
92 """
93 Sort function used to sort permissions in .permissions() function of
93 Sort function used to sort permissions in .permissions() function of
94 Repository, RepoGroup, UserGroup. Also it put the default user in front
94 Repository, RepoGroup, UserGroup. Also it put the default user in front
95 of all other resources
95 of all other resources
96 """
96 """
97
97
98 if obj.username == User.DEFAULT_USER:
98 if obj.username == User.DEFAULT_USER:
99 return '#####'
99 return '#####'
100 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
100 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
101 return prefix + obj.username
101 return prefix + obj.username
102
102
103
103
104 def display_user_group_sort(obj):
104 def display_user_group_sort(obj):
105 """
105 """
106 Sort function used to sort permissions in .permissions() function of
106 Sort function used to sort permissions in .permissions() function of
107 Repository, RepoGroup, UserGroup. Also it put the default user in front
107 Repository, RepoGroup, UserGroup. Also it put the default user in front
108 of all other resources
108 of all other resources
109 """
109 """
110
110
111 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
111 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
112 return prefix + obj.users_group_name
112 return prefix + obj.users_group_name
113
113
114
114
115 def _hash_key(k):
115 def _hash_key(k):
116 return sha1_safe(k)
116 return sha1_safe(k)
117
117
118
118
119 def in_filter_generator(qry, items, limit=500):
119 def in_filter_generator(qry, items, limit=500):
120 """
120 """
121 Splits IN() into multiple with OR
121 Splits IN() into multiple with OR
122 e.g.::
122 e.g.::
123 cnt = Repository.query().filter(
123 cnt = Repository.query().filter(
124 or_(
124 or_(
125 *in_filter_generator(Repository.repo_id, range(100000))
125 *in_filter_generator(Repository.repo_id, range(100000))
126 )).count()
126 )).count()
127 """
127 """
128 if not items:
128 if not items:
129 # empty list will cause empty query which might cause security issues
129 # empty list will cause empty query which might cause security issues
130 # this can lead to hidden unpleasant results
130 # this can lead to hidden unpleasant results
131 items = [-1]
131 items = [-1]
132
132
133 parts = []
133 parts = []
134 for chunk in xrange(0, len(items), limit):
134 for chunk in xrange(0, len(items), limit):
135 parts.append(
135 parts.append(
136 qry.in_(items[chunk: chunk + limit])
136 qry.in_(items[chunk: chunk + limit])
137 )
137 )
138
138
139 return parts
139 return parts
140
140
141
141
142 base_table_args = {
142 base_table_args = {
143 'extend_existing': True,
143 'extend_existing': True,
144 'mysql_engine': 'InnoDB',
144 'mysql_engine': 'InnoDB',
145 'mysql_charset': 'utf8',
145 'mysql_charset': 'utf8',
146 'sqlite_autoincrement': True
146 'sqlite_autoincrement': True
147 }
147 }
148
148
149
149
150 class EncryptedTextValue(TypeDecorator):
150 class EncryptedTextValue(TypeDecorator):
151 """
151 """
152 Special column for encrypted long text data, use like::
152 Special column for encrypted long text data, use like::
153
153
154 value = Column("encrypted_value", EncryptedValue(), nullable=False)
154 value = Column("encrypted_value", EncryptedValue(), nullable=False)
155
155
156 This column is intelligent so if value is in unencrypted form it return
156 This column is intelligent so if value is in unencrypted form it return
157 unencrypted form, but on save it always encrypts
157 unencrypted form, but on save it always encrypts
158 """
158 """
159 impl = Text
159 impl = Text
160
160
161 def process_bind_param(self, value, dialect):
161 def process_bind_param(self, value, dialect):
162 if not value:
162 if not value:
163 return value
163 return value
164 if value.startswith('enc$aes$') or value.startswith('enc$aes_hmac$'):
164 if value.startswith('enc$aes$') or value.startswith('enc$aes_hmac$'):
165 # protect against double encrypting if someone manually starts
165 # protect against double encrypting if someone manually starts
166 # doing
166 # doing
167 raise ValueError('value needs to be in unencrypted format, ie. '
167 raise ValueError('value needs to be in unencrypted format, ie. '
168 'not starting with enc$aes')
168 'not starting with enc$aes')
169 return 'enc$aes_hmac$%s' % AESCipher(
169 return 'enc$aes_hmac$%s' % AESCipher(
170 ENCRYPTION_KEY, hmac=True).encrypt(value)
170 ENCRYPTION_KEY, hmac=True).encrypt(value)
171
171
172 def process_result_value(self, value, dialect):
172 def process_result_value(self, value, dialect):
173 import rhodecode
173 import rhodecode
174
174
175 if not value:
175 if not value:
176 return value
176 return value
177
177
178 parts = value.split('$', 3)
178 parts = value.split('$', 3)
179 if not len(parts) == 3:
179 if not len(parts) == 3:
180 # probably not encrypted values
180 # probably not encrypted values
181 return value
181 return value
182 else:
182 else:
183 if parts[0] != 'enc':
183 if parts[0] != 'enc':
184 # parts ok but without our header ?
184 # parts ok but without our header ?
185 return value
185 return value
186 enc_strict_mode = str2bool(rhodecode.CONFIG.get(
186 enc_strict_mode = str2bool(rhodecode.CONFIG.get(
187 'rhodecode.encrypted_values.strict') or True)
187 'rhodecode.encrypted_values.strict') or True)
188 # at that stage we know it's our encryption
188 # at that stage we know it's our encryption
189 if parts[1] == 'aes':
189 if parts[1] == 'aes':
190 decrypted_data = AESCipher(ENCRYPTION_KEY).decrypt(parts[2])
190 decrypted_data = AESCipher(ENCRYPTION_KEY).decrypt(parts[2])
191 elif parts[1] == 'aes_hmac':
191 elif parts[1] == 'aes_hmac':
192 decrypted_data = AESCipher(
192 decrypted_data = AESCipher(
193 ENCRYPTION_KEY, hmac=True,
193 ENCRYPTION_KEY, hmac=True,
194 strict_verification=enc_strict_mode).decrypt(parts[2])
194 strict_verification=enc_strict_mode).decrypt(parts[2])
195 else:
195 else:
196 raise ValueError(
196 raise ValueError(
197 'Encryption type part is wrong, must be `aes` '
197 'Encryption type part is wrong, must be `aes` '
198 'or `aes_hmac`, got `%s` instead' % (parts[1]))
198 'or `aes_hmac`, got `%s` instead' % (parts[1]))
199 return decrypted_data
199 return decrypted_data
200
200
201
201
202 class BaseModel(object):
202 class BaseModel(object):
203 """
203 """
204 Base Model for all classes
204 Base Model for all classes
205 """
205 """
206
206
207 @classmethod
207 @classmethod
208 def _get_keys(cls):
208 def _get_keys(cls):
209 """return column names for this model """
209 """return column names for this model """
210 return class_mapper(cls).c.keys()
210 return class_mapper(cls).c.keys()
211
211
212 def get_dict(self):
212 def get_dict(self):
213 """
213 """
214 return dict with keys and values corresponding
214 return dict with keys and values corresponding
215 to this model data """
215 to this model data """
216
216
217 d = {}
217 d = {}
218 for k in self._get_keys():
218 for k in self._get_keys():
219 d[k] = getattr(self, k)
219 d[k] = getattr(self, k)
220
220
221 # also use __json__() if present to get additional fields
221 # also use __json__() if present to get additional fields
222 _json_attr = getattr(self, '__json__', None)
222 _json_attr = getattr(self, '__json__', None)
223 if _json_attr:
223 if _json_attr:
224 # update with attributes from __json__
224 # update with attributes from __json__
225 if callable(_json_attr):
225 if callable(_json_attr):
226 _json_attr = _json_attr()
226 _json_attr = _json_attr()
227 for k, val in _json_attr.iteritems():
227 for k, val in _json_attr.iteritems():
228 d[k] = val
228 d[k] = val
229 return d
229 return d
230
230
231 def get_appstruct(self):
231 def get_appstruct(self):
232 """return list with keys and values tuples corresponding
232 """return list with keys and values tuples corresponding
233 to this model data """
233 to this model data """
234
234
235 lst = []
235 lst = []
236 for k in self._get_keys():
236 for k in self._get_keys():
237 lst.append((k, getattr(self, k),))
237 lst.append((k, getattr(self, k),))
238 return lst
238 return lst
239
239
240 def populate_obj(self, populate_dict):
240 def populate_obj(self, populate_dict):
241 """populate model with data from given populate_dict"""
241 """populate model with data from given populate_dict"""
242
242
243 for k in self._get_keys():
243 for k in self._get_keys():
244 if k in populate_dict:
244 if k in populate_dict:
245 setattr(self, k, populate_dict[k])
245 setattr(self, k, populate_dict[k])
246
246
247 @classmethod
247 @classmethod
248 def query(cls):
248 def query(cls):
249 return Session().query(cls)
249 return Session().query(cls)
250
250
251 @classmethod
251 @classmethod
252 def get(cls, id_):
252 def get(cls, id_):
253 if id_:
253 if id_:
254 return cls.query().get(id_)
254 return cls.query().get(id_)
255
255
256 @classmethod
256 @classmethod
257 def get_or_404(cls, id_):
257 def get_or_404(cls, id_):
258 from pyramid.httpexceptions import HTTPNotFound
258 from pyramid.httpexceptions import HTTPNotFound
259
259
260 try:
260 try:
261 id_ = int(id_)
261 id_ = int(id_)
262 except (TypeError, ValueError):
262 except (TypeError, ValueError):
263 raise HTTPNotFound()
263 raise HTTPNotFound()
264
264
265 res = cls.query().get(id_)
265 res = cls.query().get(id_)
266 if not res:
266 if not res:
267 raise HTTPNotFound()
267 raise HTTPNotFound()
268 return res
268 return res
269
269
270 @classmethod
270 @classmethod
271 def getAll(cls):
271 def getAll(cls):
272 # deprecated and left for backward compatibility
272 # deprecated and left for backward compatibility
273 return cls.get_all()
273 return cls.get_all()
274
274
275 @classmethod
275 @classmethod
276 def get_all(cls):
276 def get_all(cls):
277 return cls.query().all()
277 return cls.query().all()
278
278
279 @classmethod
279 @classmethod
280 def delete(cls, id_):
280 def delete(cls, id_):
281 obj = cls.query().get(id_)
281 obj = cls.query().get(id_)
282 Session().delete(obj)
282 Session().delete(obj)
283
283
284 @classmethod
284 @classmethod
285 def identity_cache(cls, session, attr_name, value):
285 def identity_cache(cls, session, attr_name, value):
286 exist_in_session = []
286 exist_in_session = []
287 for (item_cls, pkey), instance in session.identity_map.items():
287 for (item_cls, pkey), instance in session.identity_map.items():
288 if cls == item_cls and getattr(instance, attr_name) == value:
288 if cls == item_cls and getattr(instance, attr_name) == value:
289 exist_in_session.append(instance)
289 exist_in_session.append(instance)
290 if exist_in_session:
290 if exist_in_session:
291 if len(exist_in_session) == 1:
291 if len(exist_in_session) == 1:
292 return exist_in_session[0]
292 return exist_in_session[0]
293 log.exception(
293 log.exception(
294 'multiple objects with attr %s and '
294 'multiple objects with attr %s and '
295 'value %s found with same name: %r',
295 'value %s found with same name: %r',
296 attr_name, value, exist_in_session)
296 attr_name, value, exist_in_session)
297
297
298 def __repr__(self):
298 def __repr__(self):
299 if hasattr(self, '__unicode__'):
299 if hasattr(self, '__unicode__'):
300 # python repr needs to return str
300 # python repr needs to return str
301 try:
301 try:
302 return safe_str(self.__unicode__())
302 return safe_str(self.__unicode__())
303 except UnicodeDecodeError:
303 except UnicodeDecodeError:
304 pass
304 pass
305 return '<DB:%s>' % (self.__class__.__name__)
305 return '<DB:%s>' % (self.__class__.__name__)
306
306
307
307
308 class RhodeCodeSetting(Base, BaseModel):
308 class RhodeCodeSetting(Base, BaseModel):
309 __tablename__ = 'rhodecode_settings'
309 __tablename__ = 'rhodecode_settings'
310 __table_args__ = (
310 __table_args__ = (
311 UniqueConstraint('app_settings_name'),
311 UniqueConstraint('app_settings_name'),
312 base_table_args
312 base_table_args
313 )
313 )
314
314
315 SETTINGS_TYPES = {
315 SETTINGS_TYPES = {
316 'str': safe_str,
316 'str': safe_str,
317 'int': safe_int,
317 'int': safe_int,
318 'unicode': safe_unicode,
318 'unicode': safe_unicode,
319 'bool': str2bool,
319 'bool': str2bool,
320 'list': functools.partial(aslist, sep=',')
320 'list': functools.partial(aslist, sep=',')
321 }
321 }
322 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
322 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
323 GLOBAL_CONF_KEY = 'app_settings'
323 GLOBAL_CONF_KEY = 'app_settings'
324
324
325 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
325 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
326 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
326 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
327 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
327 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
328 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
328 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
329
329
330 def __init__(self, key='', val='', type='unicode'):
330 def __init__(self, key='', val='', type='unicode'):
331 self.app_settings_name = key
331 self.app_settings_name = key
332 self.app_settings_type = type
332 self.app_settings_type = type
333 self.app_settings_value = val
333 self.app_settings_value = val
334
334
335 @validates('_app_settings_value')
335 @validates('_app_settings_value')
336 def validate_settings_value(self, key, val):
336 def validate_settings_value(self, key, val):
337 assert type(val) == unicode
337 assert type(val) == unicode
338 return val
338 return val
339
339
340 @hybrid_property
340 @hybrid_property
341 def app_settings_value(self):
341 def app_settings_value(self):
342 v = self._app_settings_value
342 v = self._app_settings_value
343 _type = self.app_settings_type
343 _type = self.app_settings_type
344 if _type:
344 if _type:
345 _type = self.app_settings_type.split('.')[0]
345 _type = self.app_settings_type.split('.')[0]
346 # decode the encrypted value
346 # decode the encrypted value
347 if 'encrypted' in self.app_settings_type:
347 if 'encrypted' in self.app_settings_type:
348 cipher = EncryptedTextValue()
348 cipher = EncryptedTextValue()
349 v = safe_unicode(cipher.process_result_value(v, None))
349 v = safe_unicode(cipher.process_result_value(v, None))
350
350
351 converter = self.SETTINGS_TYPES.get(_type) or \
351 converter = self.SETTINGS_TYPES.get(_type) or \
352 self.SETTINGS_TYPES['unicode']
352 self.SETTINGS_TYPES['unicode']
353 return converter(v)
353 return converter(v)
354
354
355 @app_settings_value.setter
355 @app_settings_value.setter
356 def app_settings_value(self, val):
356 def app_settings_value(self, val):
357 """
357 """
358 Setter that will always make sure we use unicode in app_settings_value
358 Setter that will always make sure we use unicode in app_settings_value
359
359
360 :param val:
360 :param val:
361 """
361 """
362 val = safe_unicode(val)
362 val = safe_unicode(val)
363 # encode the encrypted value
363 # encode the encrypted value
364 if 'encrypted' in self.app_settings_type:
364 if 'encrypted' in self.app_settings_type:
365 cipher = EncryptedTextValue()
365 cipher = EncryptedTextValue()
366 val = safe_unicode(cipher.process_bind_param(val, None))
366 val = safe_unicode(cipher.process_bind_param(val, None))
367 self._app_settings_value = val
367 self._app_settings_value = val
368
368
369 @hybrid_property
369 @hybrid_property
370 def app_settings_type(self):
370 def app_settings_type(self):
371 return self._app_settings_type
371 return self._app_settings_type
372
372
373 @app_settings_type.setter
373 @app_settings_type.setter
374 def app_settings_type(self, val):
374 def app_settings_type(self, val):
375 if val.split('.')[0] not in self.SETTINGS_TYPES:
375 if val.split('.')[0] not in self.SETTINGS_TYPES:
376 raise Exception('type must be one of %s got %s'
376 raise Exception('type must be one of %s got %s'
377 % (self.SETTINGS_TYPES.keys(), val))
377 % (self.SETTINGS_TYPES.keys(), val))
378 self._app_settings_type = val
378 self._app_settings_type = val
379
379
380 def __unicode__(self):
380 def __unicode__(self):
381 return u"<%s('%s:%s[%s]')>" % (
381 return u"<%s('%s:%s[%s]')>" % (
382 self.__class__.__name__,
382 self.__class__.__name__,
383 self.app_settings_name, self.app_settings_value,
383 self.app_settings_name, self.app_settings_value,
384 self.app_settings_type
384 self.app_settings_type
385 )
385 )
386
386
387
387
388 class RhodeCodeUi(Base, BaseModel):
388 class RhodeCodeUi(Base, BaseModel):
389 __tablename__ = 'rhodecode_ui'
389 __tablename__ = 'rhodecode_ui'
390 __table_args__ = (
390 __table_args__ = (
391 UniqueConstraint('ui_key'),
391 UniqueConstraint('ui_key'),
392 base_table_args
392 base_table_args
393 )
393 )
394
394
395 HOOK_REPO_SIZE = 'changegroup.repo_size'
395 HOOK_REPO_SIZE = 'changegroup.repo_size'
396 # HG
396 # HG
397 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
397 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
398 HOOK_PULL = 'outgoing.pull_logger'
398 HOOK_PULL = 'outgoing.pull_logger'
399 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
399 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
400 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
400 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
401 HOOK_PUSH = 'changegroup.push_logger'
401 HOOK_PUSH = 'changegroup.push_logger'
402 HOOK_PUSH_KEY = 'pushkey.key_push'
402 HOOK_PUSH_KEY = 'pushkey.key_push'
403
403
404 # TODO: johbo: Unify way how hooks are configured for git and hg,
404 # TODO: johbo: Unify way how hooks are configured for git and hg,
405 # git part is currently hardcoded.
405 # git part is currently hardcoded.
406
406
407 # SVN PATTERNS
407 # SVN PATTERNS
408 SVN_BRANCH_ID = 'vcs_svn_branch'
408 SVN_BRANCH_ID = 'vcs_svn_branch'
409 SVN_TAG_ID = 'vcs_svn_tag'
409 SVN_TAG_ID = 'vcs_svn_tag'
410
410
411 ui_id = Column(
411 ui_id = Column(
412 "ui_id", Integer(), nullable=False, unique=True, default=None,
412 "ui_id", Integer(), nullable=False, unique=True, default=None,
413 primary_key=True)
413 primary_key=True)
414 ui_section = Column(
414 ui_section = Column(
415 "ui_section", String(255), nullable=True, unique=None, default=None)
415 "ui_section", String(255), nullable=True, unique=None, default=None)
416 ui_key = Column(
416 ui_key = Column(
417 "ui_key", String(255), nullable=True, unique=None, default=None)
417 "ui_key", String(255), nullable=True, unique=None, default=None)
418 ui_value = Column(
418 ui_value = Column(
419 "ui_value", String(255), nullable=True, unique=None, default=None)
419 "ui_value", String(255), nullable=True, unique=None, default=None)
420 ui_active = Column(
420 ui_active = Column(
421 "ui_active", Boolean(), nullable=True, unique=None, default=True)
421 "ui_active", Boolean(), nullable=True, unique=None, default=True)
422
422
423 def __repr__(self):
423 def __repr__(self):
424 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
424 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
425 self.ui_key, self.ui_value)
425 self.ui_key, self.ui_value)
426
426
427
427
428 class RepoRhodeCodeSetting(Base, BaseModel):
428 class RepoRhodeCodeSetting(Base, BaseModel):
429 __tablename__ = 'repo_rhodecode_settings'
429 __tablename__ = 'repo_rhodecode_settings'
430 __table_args__ = (
430 __table_args__ = (
431 UniqueConstraint(
431 UniqueConstraint(
432 'app_settings_name', 'repository_id',
432 'app_settings_name', 'repository_id',
433 name='uq_repo_rhodecode_setting_name_repo_id'),
433 name='uq_repo_rhodecode_setting_name_repo_id'),
434 base_table_args
434 base_table_args
435 )
435 )
436
436
437 repository_id = Column(
437 repository_id = Column(
438 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
438 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
439 nullable=False)
439 nullable=False)
440 app_settings_id = Column(
440 app_settings_id = Column(
441 "app_settings_id", Integer(), nullable=False, unique=True,
441 "app_settings_id", Integer(), nullable=False, unique=True,
442 default=None, primary_key=True)
442 default=None, primary_key=True)
443 app_settings_name = Column(
443 app_settings_name = Column(
444 "app_settings_name", String(255), nullable=True, unique=None,
444 "app_settings_name", String(255), nullable=True, unique=None,
445 default=None)
445 default=None)
446 _app_settings_value = Column(
446 _app_settings_value = Column(
447 "app_settings_value", String(4096), nullable=True, unique=None,
447 "app_settings_value", String(4096), nullable=True, unique=None,
448 default=None)
448 default=None)
449 _app_settings_type = Column(
449 _app_settings_type = Column(
450 "app_settings_type", String(255), nullable=True, unique=None,
450 "app_settings_type", String(255), nullable=True, unique=None,
451 default=None)
451 default=None)
452
452
453 repository = relationship('Repository')
453 repository = relationship('Repository')
454
454
455 def __init__(self, repository_id, key='', val='', type='unicode'):
455 def __init__(self, repository_id, key='', val='', type='unicode'):
456 self.repository_id = repository_id
456 self.repository_id = repository_id
457 self.app_settings_name = key
457 self.app_settings_name = key
458 self.app_settings_type = type
458 self.app_settings_type = type
459 self.app_settings_value = val
459 self.app_settings_value = val
460
460
461 @validates('_app_settings_value')
461 @validates('_app_settings_value')
462 def validate_settings_value(self, key, val):
462 def validate_settings_value(self, key, val):
463 assert type(val) == unicode
463 assert type(val) == unicode
464 return val
464 return val
465
465
466 @hybrid_property
466 @hybrid_property
467 def app_settings_value(self):
467 def app_settings_value(self):
468 v = self._app_settings_value
468 v = self._app_settings_value
469 type_ = self.app_settings_type
469 type_ = self.app_settings_type
470 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
470 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
471 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
471 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
472 return converter(v)
472 return converter(v)
473
473
474 @app_settings_value.setter
474 @app_settings_value.setter
475 def app_settings_value(self, val):
475 def app_settings_value(self, val):
476 """
476 """
477 Setter that will always make sure we use unicode in app_settings_value
477 Setter that will always make sure we use unicode in app_settings_value
478
478
479 :param val:
479 :param val:
480 """
480 """
481 self._app_settings_value = safe_unicode(val)
481 self._app_settings_value = safe_unicode(val)
482
482
483 @hybrid_property
483 @hybrid_property
484 def app_settings_type(self):
484 def app_settings_type(self):
485 return self._app_settings_type
485 return self._app_settings_type
486
486
487 @app_settings_type.setter
487 @app_settings_type.setter
488 def app_settings_type(self, val):
488 def app_settings_type(self, val):
489 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
489 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
490 if val not in SETTINGS_TYPES:
490 if val not in SETTINGS_TYPES:
491 raise Exception('type must be one of %s got %s'
491 raise Exception('type must be one of %s got %s'
492 % (SETTINGS_TYPES.keys(), val))
492 % (SETTINGS_TYPES.keys(), val))
493 self._app_settings_type = val
493 self._app_settings_type = val
494
494
495 def __unicode__(self):
495 def __unicode__(self):
496 return u"<%s('%s:%s:%s[%s]')>" % (
496 return u"<%s('%s:%s:%s[%s]')>" % (
497 self.__class__.__name__, self.repository.repo_name,
497 self.__class__.__name__, self.repository.repo_name,
498 self.app_settings_name, self.app_settings_value,
498 self.app_settings_name, self.app_settings_value,
499 self.app_settings_type
499 self.app_settings_type
500 )
500 )
501
501
502
502
503 class RepoRhodeCodeUi(Base, BaseModel):
503 class RepoRhodeCodeUi(Base, BaseModel):
504 __tablename__ = 'repo_rhodecode_ui'
504 __tablename__ = 'repo_rhodecode_ui'
505 __table_args__ = (
505 __table_args__ = (
506 UniqueConstraint(
506 UniqueConstraint(
507 'repository_id', 'ui_section', 'ui_key',
507 'repository_id', 'ui_section', 'ui_key',
508 name='uq_repo_rhodecode_ui_repository_id_section_key'),
508 name='uq_repo_rhodecode_ui_repository_id_section_key'),
509 base_table_args
509 base_table_args
510 )
510 )
511
511
512 repository_id = Column(
512 repository_id = Column(
513 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
513 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
514 nullable=False)
514 nullable=False)
515 ui_id = Column(
515 ui_id = Column(
516 "ui_id", Integer(), nullable=False, unique=True, default=None,
516 "ui_id", Integer(), nullable=False, unique=True, default=None,
517 primary_key=True)
517 primary_key=True)
518 ui_section = Column(
518 ui_section = Column(
519 "ui_section", String(255), nullable=True, unique=None, default=None)
519 "ui_section", String(255), nullable=True, unique=None, default=None)
520 ui_key = Column(
520 ui_key = Column(
521 "ui_key", String(255), nullable=True, unique=None, default=None)
521 "ui_key", String(255), nullable=True, unique=None, default=None)
522 ui_value = Column(
522 ui_value = Column(
523 "ui_value", String(255), nullable=True, unique=None, default=None)
523 "ui_value", String(255), nullable=True, unique=None, default=None)
524 ui_active = Column(
524 ui_active = Column(
525 "ui_active", Boolean(), nullable=True, unique=None, default=True)
525 "ui_active", Boolean(), nullable=True, unique=None, default=True)
526
526
527 repository = relationship('Repository')
527 repository = relationship('Repository')
528
528
529 def __repr__(self):
529 def __repr__(self):
530 return '<%s[%s:%s]%s=>%s]>' % (
530 return '<%s[%s:%s]%s=>%s]>' % (
531 self.__class__.__name__, self.repository.repo_name,
531 self.__class__.__name__, self.repository.repo_name,
532 self.ui_section, self.ui_key, self.ui_value)
532 self.ui_section, self.ui_key, self.ui_value)
533
533
534
534
535 class User(Base, BaseModel):
535 class User(Base, BaseModel):
536 __tablename__ = 'users'
536 __tablename__ = 'users'
537 __table_args__ = (
537 __table_args__ = (
538 UniqueConstraint('username'), UniqueConstraint('email'),
538 UniqueConstraint('username'), UniqueConstraint('email'),
539 Index('u_username_idx', 'username'),
539 Index('u_username_idx', 'username'),
540 Index('u_email_idx', 'email'),
540 Index('u_email_idx', 'email'),
541 base_table_args
541 base_table_args
542 )
542 )
543
543
544 DEFAULT_USER = 'default'
544 DEFAULT_USER = 'default'
545 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
545 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
546 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
546 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
547
547
548 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
548 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
549 username = Column("username", String(255), nullable=True, unique=None, default=None)
549 username = Column("username", String(255), nullable=True, unique=None, default=None)
550 password = Column("password", String(255), nullable=True, unique=None, default=None)
550 password = Column("password", String(255), nullable=True, unique=None, default=None)
551 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
551 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
552 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
552 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
553 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
553 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
554 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
554 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
555 _email = Column("email", String(255), nullable=True, unique=None, default=None)
555 _email = Column("email", String(255), nullable=True, unique=None, default=None)
556 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
556 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
557 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
557 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
558
558
559 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
559 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
560 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
560 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
561 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
561 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
562 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
562 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
563 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
563 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
564 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
564 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
565
565
566 user_log = relationship('UserLog')
566 user_log = relationship('UserLog')
567 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
567 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
568
568
569 repositories = relationship('Repository')
569 repositories = relationship('Repository')
570 repository_groups = relationship('RepoGroup')
570 repository_groups = relationship('RepoGroup')
571 user_groups = relationship('UserGroup')
571 user_groups = relationship('UserGroup')
572
572
573 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
573 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
574 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
574 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
575
575
576 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
576 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
577 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
577 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
578 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all')
578 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all')
579
579
580 group_member = relationship('UserGroupMember', cascade='all')
580 group_member = relationship('UserGroupMember', cascade='all')
581
581
582 notifications = relationship('UserNotification', cascade='all')
582 notifications = relationship('UserNotification', cascade='all')
583 # notifications assigned to this user
583 # notifications assigned to this user
584 user_created_notifications = relationship('Notification', cascade='all')
584 user_created_notifications = relationship('Notification', cascade='all')
585 # comments created by this user
585 # comments created by this user
586 user_comments = relationship('ChangesetComment', cascade='all')
586 user_comments = relationship('ChangesetComment', cascade='all')
587 # user profile extra info
587 # user profile extra info
588 user_emails = relationship('UserEmailMap', cascade='all')
588 user_emails = relationship('UserEmailMap', cascade='all')
589 user_ip_map = relationship('UserIpMap', cascade='all')
589 user_ip_map = relationship('UserIpMap', cascade='all')
590 user_auth_tokens = relationship('UserApiKeys', cascade='all')
590 user_auth_tokens = relationship('UserApiKeys', cascade='all')
591 user_ssh_keys = relationship('UserSshKeys', cascade='all')
591 user_ssh_keys = relationship('UserSshKeys', cascade='all')
592
592
593 # gists
593 # gists
594 user_gists = relationship('Gist', cascade='all')
594 user_gists = relationship('Gist', cascade='all')
595 # user pull requests
595 # user pull requests
596 user_pull_requests = relationship('PullRequest', cascade='all')
596 user_pull_requests = relationship('PullRequest', cascade='all')
597 # external identities
597 # external identities
598 extenal_identities = relationship(
598 extenal_identities = relationship(
599 'ExternalIdentity',
599 'ExternalIdentity',
600 primaryjoin="User.user_id==ExternalIdentity.local_user_id",
600 primaryjoin="User.user_id==ExternalIdentity.local_user_id",
601 cascade='all')
601 cascade='all')
602 # review rules
602 # review rules
603 user_review_rules = relationship('RepoReviewRuleUser', cascade='all')
603 user_review_rules = relationship('RepoReviewRuleUser', cascade='all')
604
604
605 def __unicode__(self):
605 def __unicode__(self):
606 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
606 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
607 self.user_id, self.username)
607 self.user_id, self.username)
608
608
609 @hybrid_property
609 @hybrid_property
610 def email(self):
610 def email(self):
611 return self._email
611 return self._email
612
612
613 @email.setter
613 @email.setter
614 def email(self, val):
614 def email(self, val):
615 self._email = val.lower() if val else None
615 self._email = val.lower() if val else None
616
616
617 @hybrid_property
617 @hybrid_property
618 def first_name(self):
618 def first_name(self):
619 from rhodecode.lib import helpers as h
619 from rhodecode.lib import helpers as h
620 if self.name:
620 if self.name:
621 return h.escape(self.name)
621 return h.escape(self.name)
622 return self.name
622 return self.name
623
623
624 @hybrid_property
624 @hybrid_property
625 def last_name(self):
625 def last_name(self):
626 from rhodecode.lib import helpers as h
626 from rhodecode.lib import helpers as h
627 if self.lastname:
627 if self.lastname:
628 return h.escape(self.lastname)
628 return h.escape(self.lastname)
629 return self.lastname
629 return self.lastname
630
630
631 @hybrid_property
631 @hybrid_property
632 def api_key(self):
632 def api_key(self):
633 """
633 """
634 Fetch if exist an auth-token with role ALL connected to this user
634 Fetch if exist an auth-token with role ALL connected to this user
635 """
635 """
636 user_auth_token = UserApiKeys.query()\
636 user_auth_token = UserApiKeys.query()\
637 .filter(UserApiKeys.user_id == self.user_id)\
637 .filter(UserApiKeys.user_id == self.user_id)\
638 .filter(or_(UserApiKeys.expires == -1,
638 .filter(or_(UserApiKeys.expires == -1,
639 UserApiKeys.expires >= time.time()))\
639 UserApiKeys.expires >= time.time()))\
640 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
640 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
641 if user_auth_token:
641 if user_auth_token:
642 user_auth_token = user_auth_token.api_key
642 user_auth_token = user_auth_token.api_key
643
643
644 return user_auth_token
644 return user_auth_token
645
645
646 @api_key.setter
646 @api_key.setter
647 def api_key(self, val):
647 def api_key(self, val):
648 # don't allow to set API key this is deprecated for now
648 # don't allow to set API key this is deprecated for now
649 self._api_key = None
649 self._api_key = None
650
650
651 @property
651 @property
652 def reviewer_pull_requests(self):
652 def reviewer_pull_requests(self):
653 return PullRequestReviewers.query() \
653 return PullRequestReviewers.query() \
654 .options(joinedload(PullRequestReviewers.pull_request)) \
654 .options(joinedload(PullRequestReviewers.pull_request)) \
655 .filter(PullRequestReviewers.user_id == self.user_id) \
655 .filter(PullRequestReviewers.user_id == self.user_id) \
656 .all()
656 .all()
657
657
658 @property
658 @property
659 def firstname(self):
659 def firstname(self):
660 # alias for future
660 # alias for future
661 return self.name
661 return self.name
662
662
663 @property
663 @property
664 def emails(self):
664 def emails(self):
665 other = UserEmailMap.query()\
665 other = UserEmailMap.query()\
666 .filter(UserEmailMap.user == self) \
666 .filter(UserEmailMap.user == self) \
667 .order_by(UserEmailMap.email_id.asc()) \
667 .order_by(UserEmailMap.email_id.asc()) \
668 .all()
668 .all()
669 return [self.email] + [x.email for x in other]
669 return [self.email] + [x.email for x in other]
670
670
671 @property
671 @property
672 def auth_tokens(self):
672 def auth_tokens(self):
673 auth_tokens = self.get_auth_tokens()
673 auth_tokens = self.get_auth_tokens()
674 return [x.api_key for x in auth_tokens]
674 return [x.api_key for x in auth_tokens]
675
675
676 def get_auth_tokens(self):
676 def get_auth_tokens(self):
677 return UserApiKeys.query()\
677 return UserApiKeys.query()\
678 .filter(UserApiKeys.user == self)\
678 .filter(UserApiKeys.user == self)\
679 .order_by(UserApiKeys.user_api_key_id.asc())\
679 .order_by(UserApiKeys.user_api_key_id.asc())\
680 .all()
680 .all()
681
681
682 @LazyProperty
682 @LazyProperty
683 def feed_token(self):
683 def feed_token(self):
684 return self.get_feed_token()
684 return self.get_feed_token()
685
685
686 def get_feed_token(self, cache=True):
686 def get_feed_token(self, cache=True):
687 feed_tokens = UserApiKeys.query()\
687 feed_tokens = UserApiKeys.query()\
688 .filter(UserApiKeys.user == self)\
688 .filter(UserApiKeys.user == self)\
689 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
689 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
690 if cache:
690 if cache:
691 feed_tokens = feed_tokens.options(
691 feed_tokens = feed_tokens.options(
692 FromCache("sql_cache_short", "get_user_feed_token_%s" % self.user_id))
692 FromCache("sql_cache_short", "get_user_feed_token_%s" % self.user_id))
693
693
694 feed_tokens = feed_tokens.all()
694 feed_tokens = feed_tokens.all()
695 if feed_tokens:
695 if feed_tokens:
696 return feed_tokens[0].api_key
696 return feed_tokens[0].api_key
697 return 'NO_FEED_TOKEN_AVAILABLE'
697 return 'NO_FEED_TOKEN_AVAILABLE'
698
698
699 @classmethod
699 @classmethod
700 def get(cls, user_id, cache=False):
700 def get(cls, user_id, cache=False):
701 if not user_id:
701 if not user_id:
702 return
702 return
703
703
704 user = cls.query()
704 user = cls.query()
705 if cache:
705 if cache:
706 user = user.options(
706 user = user.options(
707 FromCache("sql_cache_short", "get_users_%s" % user_id))
707 FromCache("sql_cache_short", "get_users_%s" % user_id))
708 return user.get(user_id)
708 return user.get(user_id)
709
709
710 @classmethod
710 @classmethod
711 def extra_valid_auth_tokens(cls, user, role=None):
711 def extra_valid_auth_tokens(cls, user, role=None):
712 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
712 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
713 .filter(or_(UserApiKeys.expires == -1,
713 .filter(or_(UserApiKeys.expires == -1,
714 UserApiKeys.expires >= time.time()))
714 UserApiKeys.expires >= time.time()))
715 if role:
715 if role:
716 tokens = tokens.filter(or_(UserApiKeys.role == role,
716 tokens = tokens.filter(or_(UserApiKeys.role == role,
717 UserApiKeys.role == UserApiKeys.ROLE_ALL))
717 UserApiKeys.role == UserApiKeys.ROLE_ALL))
718 return tokens.all()
718 return tokens.all()
719
719
720 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
720 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
721 from rhodecode.lib import auth
721 from rhodecode.lib import auth
722
722
723 log.debug('Trying to authenticate user: %s via auth-token, '
723 log.debug('Trying to authenticate user: %s via auth-token, '
724 'and roles: %s', self, roles)
724 'and roles: %s', self, roles)
725
725
726 if not auth_token:
726 if not auth_token:
727 return False
727 return False
728
728
729 crypto_backend = auth.crypto_backend()
729 crypto_backend = auth.crypto_backend()
730
730
731 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
731 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
732 tokens_q = UserApiKeys.query()\
732 tokens_q = UserApiKeys.query()\
733 .filter(UserApiKeys.user_id == self.user_id)\
733 .filter(UserApiKeys.user_id == self.user_id)\
734 .filter(or_(UserApiKeys.expires == -1,
734 .filter(or_(UserApiKeys.expires == -1,
735 UserApiKeys.expires >= time.time()))
735 UserApiKeys.expires >= time.time()))
736
736
737 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
737 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
738
738
739 plain_tokens = []
739 plain_tokens = []
740 hash_tokens = []
740 hash_tokens = []
741
741
742 for token in tokens_q.all():
742 for token in tokens_q.all():
743 # verify scope first
743 # verify scope first
744 if token.repo_id:
744 if token.repo_id:
745 # token has a scope, we need to verify it
745 # token has a scope, we need to verify it
746 if scope_repo_id != token.repo_id:
746 if scope_repo_id != token.repo_id:
747 log.debug(
747 log.debug(
748 'Scope mismatch: token has a set repo scope: %s, '
748 'Scope mismatch: token has a set repo scope: %s, '
749 'and calling scope is:%s, skipping further checks',
749 'and calling scope is:%s, skipping further checks',
750 token.repo, scope_repo_id)
750 token.repo, scope_repo_id)
751 # token has a scope, and it doesn't match, skip token
751 # token has a scope, and it doesn't match, skip token
752 continue
752 continue
753
753
754 if token.api_key.startswith(crypto_backend.ENC_PREF):
754 if token.api_key.startswith(crypto_backend.ENC_PREF):
755 hash_tokens.append(token.api_key)
755 hash_tokens.append(token.api_key)
756 else:
756 else:
757 plain_tokens.append(token.api_key)
757 plain_tokens.append(token.api_key)
758
758
759 is_plain_match = auth_token in plain_tokens
759 is_plain_match = auth_token in plain_tokens
760 if is_plain_match:
760 if is_plain_match:
761 return True
761 return True
762
762
763 for hashed in hash_tokens:
763 for hashed in hash_tokens:
764 # TODO(marcink): this is expensive to calculate, but most secure
764 # TODO(marcink): this is expensive to calculate, but most secure
765 match = crypto_backend.hash_check(auth_token, hashed)
765 match = crypto_backend.hash_check(auth_token, hashed)
766 if match:
766 if match:
767 return True
767 return True
768
768
769 return False
769 return False
770
770
771 @property
771 @property
772 def ip_addresses(self):
772 def ip_addresses(self):
773 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
773 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
774 return [x.ip_addr for x in ret]
774 return [x.ip_addr for x in ret]
775
775
776 @property
776 @property
777 def username_and_name(self):
777 def username_and_name(self):
778 return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
778 return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
779
779
780 @property
780 @property
781 def username_or_name_or_email(self):
781 def username_or_name_or_email(self):
782 full_name = self.full_name if self.full_name is not ' ' else None
782 full_name = self.full_name if self.full_name is not ' ' else None
783 return self.username or full_name or self.email
783 return self.username or full_name or self.email
784
784
785 @property
785 @property
786 def full_name(self):
786 def full_name(self):
787 return '%s %s' % (self.first_name, self.last_name)
787 return '%s %s' % (self.first_name, self.last_name)
788
788
789 @property
789 @property
790 def full_name_or_username(self):
790 def full_name_or_username(self):
791 return ('%s %s' % (self.first_name, self.last_name)
791 return ('%s %s' % (self.first_name, self.last_name)
792 if (self.first_name and self.last_name) else self.username)
792 if (self.first_name and self.last_name) else self.username)
793
793
794 @property
794 @property
795 def full_contact(self):
795 def full_contact(self):
796 return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
796 return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
797
797
798 @property
798 @property
799 def short_contact(self):
799 def short_contact(self):
800 return '%s %s' % (self.first_name, self.last_name)
800 return '%s %s' % (self.first_name, self.last_name)
801
801
802 @property
802 @property
803 def is_admin(self):
803 def is_admin(self):
804 return self.admin
804 return self.admin
805
805
806 def AuthUser(self, **kwargs):
806 def AuthUser(self, **kwargs):
807 """
807 """
808 Returns instance of AuthUser for this user
808 Returns instance of AuthUser for this user
809 """
809 """
810 from rhodecode.lib.auth import AuthUser
810 from rhodecode.lib.auth import AuthUser
811 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
811 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
812
812
813 @hybrid_property
813 @hybrid_property
814 def user_data(self):
814 def user_data(self):
815 if not self._user_data:
815 if not self._user_data:
816 return {}
816 return {}
817
817
818 try:
818 try:
819 return json.loads(self._user_data)
819 return json.loads(self._user_data)
820 except TypeError:
820 except TypeError:
821 return {}
821 return {}
822
822
823 @user_data.setter
823 @user_data.setter
824 def user_data(self, val):
824 def user_data(self, val):
825 if not isinstance(val, dict):
825 if not isinstance(val, dict):
826 raise Exception('user_data must be dict, got %s' % type(val))
826 raise Exception('user_data must be dict, got %s' % type(val))
827 try:
827 try:
828 self._user_data = json.dumps(val)
828 self._user_data = json.dumps(val)
829 except Exception:
829 except Exception:
830 log.error(traceback.format_exc())
830 log.error(traceback.format_exc())
831
831
832 @classmethod
832 @classmethod
833 def get_by_username(cls, username, case_insensitive=False,
833 def get_by_username(cls, username, case_insensitive=False,
834 cache=False, identity_cache=False):
834 cache=False, identity_cache=False):
835 session = Session()
835 session = Session()
836
836
837 if case_insensitive:
837 if case_insensitive:
838 q = cls.query().filter(
838 q = cls.query().filter(
839 func.lower(cls.username) == func.lower(username))
839 func.lower(cls.username) == func.lower(username))
840 else:
840 else:
841 q = cls.query().filter(cls.username == username)
841 q = cls.query().filter(cls.username == username)
842
842
843 if cache:
843 if cache:
844 if identity_cache:
844 if identity_cache:
845 val = cls.identity_cache(session, 'username', username)
845 val = cls.identity_cache(session, 'username', username)
846 if val:
846 if val:
847 return val
847 return val
848 else:
848 else:
849 cache_key = "get_user_by_name_%s" % _hash_key(username)
849 cache_key = "get_user_by_name_%s" % _hash_key(username)
850 q = q.options(
850 q = q.options(
851 FromCache("sql_cache_short", cache_key))
851 FromCache("sql_cache_short", cache_key))
852
852
853 return q.scalar()
853 return q.scalar()
854
854
855 @classmethod
855 @classmethod
856 def get_by_auth_token(cls, auth_token, cache=False):
856 def get_by_auth_token(cls, auth_token, cache=False):
857 q = UserApiKeys.query()\
857 q = UserApiKeys.query()\
858 .filter(UserApiKeys.api_key == auth_token)\
858 .filter(UserApiKeys.api_key == auth_token)\
859 .filter(or_(UserApiKeys.expires == -1,
859 .filter(or_(UserApiKeys.expires == -1,
860 UserApiKeys.expires >= time.time()))
860 UserApiKeys.expires >= time.time()))
861 if cache:
861 if cache:
862 q = q.options(
862 q = q.options(
863 FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
863 FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
864
864
865 match = q.first()
865 match = q.first()
866 if match:
866 if match:
867 return match.user
867 return match.user
868
868
869 @classmethod
869 @classmethod
870 def get_by_email(cls, email, case_insensitive=False, cache=False):
870 def get_by_email(cls, email, case_insensitive=False, cache=False):
871
871
872 if case_insensitive:
872 if case_insensitive:
873 q = cls.query().filter(func.lower(cls.email) == func.lower(email))
873 q = cls.query().filter(func.lower(cls.email) == func.lower(email))
874
874
875 else:
875 else:
876 q = cls.query().filter(cls.email == email)
876 q = cls.query().filter(cls.email == email)
877
877
878 email_key = _hash_key(email)
878 email_key = _hash_key(email)
879 if cache:
879 if cache:
880 q = q.options(
880 q = q.options(
881 FromCache("sql_cache_short", "get_email_key_%s" % email_key))
881 FromCache("sql_cache_short", "get_email_key_%s" % email_key))
882
882
883 ret = q.scalar()
883 ret = q.scalar()
884 if ret is None:
884 if ret is None:
885 q = UserEmailMap.query()
885 q = UserEmailMap.query()
886 # try fetching in alternate email map
886 # try fetching in alternate email map
887 if case_insensitive:
887 if case_insensitive:
888 q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
888 q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
889 else:
889 else:
890 q = q.filter(UserEmailMap.email == email)
890 q = q.filter(UserEmailMap.email == email)
891 q = q.options(joinedload(UserEmailMap.user))
891 q = q.options(joinedload(UserEmailMap.user))
892 if cache:
892 if cache:
893 q = q.options(
893 q = q.options(
894 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
894 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
895 ret = getattr(q.scalar(), 'user', None)
895 ret = getattr(q.scalar(), 'user', None)
896
896
897 return ret
897 return ret
898
898
899 @classmethod
899 @classmethod
900 def get_from_cs_author(cls, author):
900 def get_from_cs_author(cls, author):
901 """
901 """
902 Tries to get User objects out of commit author string
902 Tries to get User objects out of commit author string
903
903
904 :param author:
904 :param author:
905 """
905 """
906 from rhodecode.lib.helpers import email, author_name
906 from rhodecode.lib.helpers import email, author_name
907 # Valid email in the attribute passed, see if they're in the system
907 # Valid email in the attribute passed, see if they're in the system
908 _email = email(author)
908 _email = email(author)
909 if _email:
909 if _email:
910 user = cls.get_by_email(_email, case_insensitive=True)
910 user = cls.get_by_email(_email, case_insensitive=True)
911 if user:
911 if user:
912 return user
912 return user
913 # Maybe we can match by username?
913 # Maybe we can match by username?
914 _author = author_name(author)
914 _author = author_name(author)
915 user = cls.get_by_username(_author, case_insensitive=True)
915 user = cls.get_by_username(_author, case_insensitive=True)
916 if user:
916 if user:
917 return user
917 return user
918
918
919 def update_userdata(self, **kwargs):
919 def update_userdata(self, **kwargs):
920 usr = self
920 usr = self
921 old = usr.user_data
921 old = usr.user_data
922 old.update(**kwargs)
922 old.update(**kwargs)
923 usr.user_data = old
923 usr.user_data = old
924 Session().add(usr)
924 Session().add(usr)
925 log.debug('updated userdata with ', kwargs)
925 log.debug('updated userdata with ', kwargs)
926
926
927 def update_lastlogin(self):
927 def update_lastlogin(self):
928 """Update user lastlogin"""
928 """Update user lastlogin"""
929 self.last_login = datetime.datetime.now()
929 self.last_login = datetime.datetime.now()
930 Session().add(self)
930 Session().add(self)
931 log.debug('updated user %s lastlogin', self.username)
931 log.debug('updated user %s lastlogin', self.username)
932
932
933 def update_password(self, new_password):
933 def update_password(self, new_password):
934 from rhodecode.lib.auth import get_crypt_password
934 from rhodecode.lib.auth import get_crypt_password
935
935
936 self.password = get_crypt_password(new_password)
936 self.password = get_crypt_password(new_password)
937 Session().add(self)
937 Session().add(self)
938
938
939 @classmethod
939 @classmethod
940 def get_first_super_admin(cls):
940 def get_first_super_admin(cls):
941 user = User.query().filter(User.admin == true()).first()
941 user = User.query().filter(User.admin == true()).first()
942 if user is None:
942 if user is None:
943 raise Exception('FATAL: Missing administrative account!')
943 raise Exception('FATAL: Missing administrative account!')
944 return user
944 return user
945
945
946 @classmethod
946 @classmethod
947 def get_all_super_admins(cls):
947 def get_all_super_admins(cls):
948 """
948 """
949 Returns all admin accounts sorted by username
949 Returns all admin accounts sorted by username
950 """
950 """
951 return User.query().filter(User.admin == true())\
951 return User.query().filter(User.admin == true())\
952 .order_by(User.username.asc()).all()
952 .order_by(User.username.asc()).all()
953
953
954 @classmethod
954 @classmethod
955 def get_default_user(cls, cache=False, refresh=False):
955 def get_default_user(cls, cache=False, refresh=False):
956 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
956 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
957 if user is None:
957 if user is None:
958 raise Exception('FATAL: Missing default account!')
958 raise Exception('FATAL: Missing default account!')
959 if refresh:
959 if refresh:
960 # The default user might be based on outdated state which
960 # The default user might be based on outdated state which
961 # has been loaded from the cache.
961 # has been loaded from the cache.
962 # A call to refresh() ensures that the
962 # A call to refresh() ensures that the
963 # latest state from the database is used.
963 # latest state from the database is used.
964 Session().refresh(user)
964 Session().refresh(user)
965 return user
965 return user
966
966
967 def _get_default_perms(self, user, suffix=''):
967 def _get_default_perms(self, user, suffix=''):
968 from rhodecode.model.permission import PermissionModel
968 from rhodecode.model.permission import PermissionModel
969 return PermissionModel().get_default_perms(user.user_perms, suffix)
969 return PermissionModel().get_default_perms(user.user_perms, suffix)
970
970
971 def get_default_perms(self, suffix=''):
971 def get_default_perms(self, suffix=''):
972 return self._get_default_perms(self, suffix)
972 return self._get_default_perms(self, suffix)
973
973
974 def get_api_data(self, include_secrets=False, details='full'):
974 def get_api_data(self, include_secrets=False, details='full'):
975 """
975 """
976 Common function for generating user related data for API
976 Common function for generating user related data for API
977
977
978 :param include_secrets: By default secrets in the API data will be replaced
978 :param include_secrets: By default secrets in the API data will be replaced
979 by a placeholder value to prevent exposing this data by accident. In case
979 by a placeholder value to prevent exposing this data by accident. In case
980 this data shall be exposed, set this flag to ``True``.
980 this data shall be exposed, set this flag to ``True``.
981
981
982 :param details: details can be 'basic|full' basic gives only a subset of
982 :param details: details can be 'basic|full' basic gives only a subset of
983 the available user information that includes user_id, name and emails.
983 the available user information that includes user_id, name and emails.
984 """
984 """
985 user = self
985 user = self
986 user_data = self.user_data
986 user_data = self.user_data
987 data = {
987 data = {
988 'user_id': user.user_id,
988 'user_id': user.user_id,
989 'username': user.username,
989 'username': user.username,
990 'firstname': user.name,
990 'firstname': user.name,
991 'lastname': user.lastname,
991 'lastname': user.lastname,
992 'email': user.email,
992 'email': user.email,
993 'emails': user.emails,
993 'emails': user.emails,
994 }
994 }
995 if details == 'basic':
995 if details == 'basic':
996 return data
996 return data
997
997
998 auth_token_length = 40
998 auth_token_length = 40
999 auth_token_replacement = '*' * auth_token_length
999 auth_token_replacement = '*' * auth_token_length
1000
1000
1001 extras = {
1001 extras = {
1002 'auth_tokens': [auth_token_replacement],
1002 'auth_tokens': [auth_token_replacement],
1003 'active': user.active,
1003 'active': user.active,
1004 'admin': user.admin,
1004 'admin': user.admin,
1005 'extern_type': user.extern_type,
1005 'extern_type': user.extern_type,
1006 'extern_name': user.extern_name,
1006 'extern_name': user.extern_name,
1007 'last_login': user.last_login,
1007 'last_login': user.last_login,
1008 'last_activity': user.last_activity,
1008 'last_activity': user.last_activity,
1009 'ip_addresses': user.ip_addresses,
1009 'ip_addresses': user.ip_addresses,
1010 'language': user_data.get('language')
1010 'language': user_data.get('language')
1011 }
1011 }
1012 data.update(extras)
1012 data.update(extras)
1013
1013
1014 if include_secrets:
1014 if include_secrets:
1015 data['auth_tokens'] = user.auth_tokens
1015 data['auth_tokens'] = user.auth_tokens
1016 return data
1016 return data
1017
1017
1018 def __json__(self):
1018 def __json__(self):
1019 data = {
1019 data = {
1020 'full_name': self.full_name,
1020 'full_name': self.full_name,
1021 'full_name_or_username': self.full_name_or_username,
1021 'full_name_or_username': self.full_name_or_username,
1022 'short_contact': self.short_contact,
1022 'short_contact': self.short_contact,
1023 'full_contact': self.full_contact,
1023 'full_contact': self.full_contact,
1024 }
1024 }
1025 data.update(self.get_api_data())
1025 data.update(self.get_api_data())
1026 return data
1026 return data
1027
1027
1028
1028
1029 class UserApiKeys(Base, BaseModel):
1029 class UserApiKeys(Base, BaseModel):
1030 __tablename__ = 'user_api_keys'
1030 __tablename__ = 'user_api_keys'
1031 __table_args__ = (
1031 __table_args__ = (
1032 Index('uak_api_key_idx', 'api_key', unique=True),
1032 Index('uak_api_key_idx', 'api_key', unique=True),
1033 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1033 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1034 base_table_args
1034 base_table_args
1035 )
1035 )
1036 __mapper_args__ = {}
1036 __mapper_args__ = {}
1037
1037
1038 # ApiKey role
1038 # ApiKey role
1039 ROLE_ALL = 'token_role_all'
1039 ROLE_ALL = 'token_role_all'
1040 ROLE_HTTP = 'token_role_http'
1040 ROLE_HTTP = 'token_role_http'
1041 ROLE_VCS = 'token_role_vcs'
1041 ROLE_VCS = 'token_role_vcs'
1042 ROLE_API = 'token_role_api'
1042 ROLE_API = 'token_role_api'
1043 ROLE_FEED = 'token_role_feed'
1043 ROLE_FEED = 'token_role_feed'
1044 ROLE_PASSWORD_RESET = 'token_password_reset'
1044 ROLE_PASSWORD_RESET = 'token_password_reset'
1045
1045
1046 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
1046 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
1047
1047
1048 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1048 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1049 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1049 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1050 api_key = Column("api_key", String(255), nullable=False, unique=True)
1050 api_key = Column("api_key", String(255), nullable=False, unique=True)
1051 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1051 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1052 expires = Column('expires', Float(53), nullable=False)
1052 expires = Column('expires', Float(53), nullable=False)
1053 role = Column('role', String(255), nullable=True)
1053 role = Column('role', String(255), nullable=True)
1054 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1054 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1055
1055
1056 # scope columns
1056 # scope columns
1057 repo_id = Column(
1057 repo_id = Column(
1058 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1058 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1059 nullable=True, unique=None, default=None)
1059 nullable=True, unique=None, default=None)
1060 repo = relationship('Repository', lazy='joined')
1060 repo = relationship('Repository', lazy='joined')
1061
1061
1062 repo_group_id = Column(
1062 repo_group_id = Column(
1063 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1063 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1064 nullable=True, unique=None, default=None)
1064 nullable=True, unique=None, default=None)
1065 repo_group = relationship('RepoGroup', lazy='joined')
1065 repo_group = relationship('RepoGroup', lazy='joined')
1066
1066
1067 user = relationship('User', lazy='joined')
1067 user = relationship('User', lazy='joined')
1068
1068
1069 def __unicode__(self):
1069 def __unicode__(self):
1070 return u"<%s('%s')>" % (self.__class__.__name__, self.role)
1070 return u"<%s('%s')>" % (self.__class__.__name__, self.role)
1071
1071
1072 def __json__(self):
1072 def __json__(self):
1073 data = {
1073 data = {
1074 'auth_token': self.api_key,
1074 'auth_token': self.api_key,
1075 'role': self.role,
1075 'role': self.role,
1076 'scope': self.scope_humanized,
1076 'scope': self.scope_humanized,
1077 'expired': self.expired
1077 'expired': self.expired
1078 }
1078 }
1079 return data
1079 return data
1080
1080
1081 def get_api_data(self, include_secrets=False):
1081 def get_api_data(self, include_secrets=False):
1082 data = self.__json__()
1082 data = self.__json__()
1083 if include_secrets:
1083 if include_secrets:
1084 return data
1084 return data
1085 else:
1085 else:
1086 data['auth_token'] = self.token_obfuscated
1086 data['auth_token'] = self.token_obfuscated
1087 return data
1087 return data
1088
1088
1089 @hybrid_property
1089 @hybrid_property
1090 def description_safe(self):
1090 def description_safe(self):
1091 from rhodecode.lib import helpers as h
1091 from rhodecode.lib import helpers as h
1092 return h.escape(self.description)
1092 return h.escape(self.description)
1093
1093
1094 @property
1094 @property
1095 def expired(self):
1095 def expired(self):
1096 if self.expires == -1:
1096 if self.expires == -1:
1097 return False
1097 return False
1098 return time.time() > self.expires
1098 return time.time() > self.expires
1099
1099
1100 @classmethod
1100 @classmethod
1101 def _get_role_name(cls, role):
1101 def _get_role_name(cls, role):
1102 return {
1102 return {
1103 cls.ROLE_ALL: _('all'),
1103 cls.ROLE_ALL: _('all'),
1104 cls.ROLE_HTTP: _('http/web interface'),
1104 cls.ROLE_HTTP: _('http/web interface'),
1105 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1105 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1106 cls.ROLE_API: _('api calls'),
1106 cls.ROLE_API: _('api calls'),
1107 cls.ROLE_FEED: _('feed access'),
1107 cls.ROLE_FEED: _('feed access'),
1108 }.get(role, role)
1108 }.get(role, role)
1109
1109
1110 @property
1110 @property
1111 def role_humanized(self):
1111 def role_humanized(self):
1112 return self._get_role_name(self.role)
1112 return self._get_role_name(self.role)
1113
1113
1114 def _get_scope(self):
1114 def _get_scope(self):
1115 if self.repo:
1115 if self.repo:
1116 return repr(self.repo)
1116 return repr(self.repo)
1117 if self.repo_group:
1117 if self.repo_group:
1118 return repr(self.repo_group) + ' (recursive)'
1118 return repr(self.repo_group) + ' (recursive)'
1119 return 'global'
1119 return 'global'
1120
1120
1121 @property
1121 @property
1122 def scope_humanized(self):
1122 def scope_humanized(self):
1123 return self._get_scope()
1123 return self._get_scope()
1124
1124
1125 @property
1125 @property
1126 def token_obfuscated(self):
1126 def token_obfuscated(self):
1127 if self.api_key:
1127 if self.api_key:
1128 return self.api_key[:4] + "****"
1128 return self.api_key[:4] + "****"
1129
1129
1130
1130
1131 class UserEmailMap(Base, BaseModel):
1131 class UserEmailMap(Base, BaseModel):
1132 __tablename__ = 'user_email_map'
1132 __tablename__ = 'user_email_map'
1133 __table_args__ = (
1133 __table_args__ = (
1134 Index('uem_email_idx', 'email'),
1134 Index('uem_email_idx', 'email'),
1135 UniqueConstraint('email'),
1135 UniqueConstraint('email'),
1136 base_table_args
1136 base_table_args
1137 )
1137 )
1138 __mapper_args__ = {}
1138 __mapper_args__ = {}
1139
1139
1140 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1140 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1141 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1141 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1142 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1142 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1143 user = relationship('User', lazy='joined')
1143 user = relationship('User', lazy='joined')
1144
1144
1145 @validates('_email')
1145 @validates('_email')
1146 def validate_email(self, key, email):
1146 def validate_email(self, key, email):
1147 # check if this email is not main one
1147 # check if this email is not main one
1148 main_email = Session().query(User).filter(User.email == email).scalar()
1148 main_email = Session().query(User).filter(User.email == email).scalar()
1149 if main_email is not None:
1149 if main_email is not None:
1150 raise AttributeError('email %s is present is user table' % email)
1150 raise AttributeError('email %s is present is user table' % email)
1151 return email
1151 return email
1152
1152
1153 @hybrid_property
1153 @hybrid_property
1154 def email(self):
1154 def email(self):
1155 return self._email
1155 return self._email
1156
1156
1157 @email.setter
1157 @email.setter
1158 def email(self, val):
1158 def email(self, val):
1159 self._email = val.lower() if val else None
1159 self._email = val.lower() if val else None
1160
1160
1161
1161
1162 class UserIpMap(Base, BaseModel):
1162 class UserIpMap(Base, BaseModel):
1163 __tablename__ = 'user_ip_map'
1163 __tablename__ = 'user_ip_map'
1164 __table_args__ = (
1164 __table_args__ = (
1165 UniqueConstraint('user_id', 'ip_addr'),
1165 UniqueConstraint('user_id', 'ip_addr'),
1166 base_table_args
1166 base_table_args
1167 )
1167 )
1168 __mapper_args__ = {}
1168 __mapper_args__ = {}
1169
1169
1170 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1170 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1171 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1171 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1172 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1172 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1173 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1173 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1174 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1174 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1175 user = relationship('User', lazy='joined')
1175 user = relationship('User', lazy='joined')
1176
1176
1177 @hybrid_property
1177 @hybrid_property
1178 def description_safe(self):
1178 def description_safe(self):
1179 from rhodecode.lib import helpers as h
1179 from rhodecode.lib import helpers as h
1180 return h.escape(self.description)
1180 return h.escape(self.description)
1181
1181
1182 @classmethod
1182 @classmethod
1183 def _get_ip_range(cls, ip_addr):
1183 def _get_ip_range(cls, ip_addr):
1184 net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)
1184 net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)
1185 return [str(net.network_address), str(net.broadcast_address)]
1185 return [str(net.network_address), str(net.broadcast_address)]
1186
1186
1187 def __json__(self):
1187 def __json__(self):
1188 return {
1188 return {
1189 'ip_addr': self.ip_addr,
1189 'ip_addr': self.ip_addr,
1190 'ip_range': self._get_ip_range(self.ip_addr),
1190 'ip_range': self._get_ip_range(self.ip_addr),
1191 }
1191 }
1192
1192
1193 def __unicode__(self):
1193 def __unicode__(self):
1194 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1194 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1195 self.user_id, self.ip_addr)
1195 self.user_id, self.ip_addr)
1196
1196
1197
1197
1198 class UserSshKeys(Base, BaseModel):
1198 class UserSshKeys(Base, BaseModel):
1199 __tablename__ = 'user_ssh_keys'
1199 __tablename__ = 'user_ssh_keys'
1200 __table_args__ = (
1200 __table_args__ = (
1201 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1201 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1202
1202
1203 UniqueConstraint('ssh_key_fingerprint'),
1203 UniqueConstraint('ssh_key_fingerprint'),
1204
1204
1205 base_table_args
1205 base_table_args
1206 )
1206 )
1207 __mapper_args__ = {}
1207 __mapper_args__ = {}
1208
1208
1209 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1209 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1210 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1210 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1211 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1211 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1212
1212
1213 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1213 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1214
1214
1215 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1215 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1216 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1216 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1217 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1217 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1218
1218
1219 user = relationship('User', lazy='joined')
1219 user = relationship('User', lazy='joined')
1220
1220
1221 def __json__(self):
1221 def __json__(self):
1222 data = {
1222 data = {
1223 'ssh_fingerprint': self.ssh_key_fingerprint,
1223 'ssh_fingerprint': self.ssh_key_fingerprint,
1224 'description': self.description,
1224 'description': self.description,
1225 'created_on': self.created_on
1225 'created_on': self.created_on
1226 }
1226 }
1227 return data
1227 return data
1228
1228
1229 def get_api_data(self):
1229 def get_api_data(self):
1230 data = self.__json__()
1230 data = self.__json__()
1231 return data
1231 return data
1232
1232
1233
1233
1234 class UserLog(Base, BaseModel):
1234 class UserLog(Base, BaseModel):
1235 __tablename__ = 'user_logs'
1235 __tablename__ = 'user_logs'
1236 __table_args__ = (
1236 __table_args__ = (
1237 base_table_args,
1237 base_table_args,
1238 )
1238 )
1239
1239
1240 VERSION_1 = 'v1'
1240 VERSION_1 = 'v1'
1241 VERSION_2 = 'v2'
1241 VERSION_2 = 'v2'
1242 VERSIONS = [VERSION_1, VERSION_2]
1242 VERSIONS = [VERSION_1, VERSION_2]
1243
1243
1244 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1244 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1245 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1245 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1246 username = Column("username", String(255), nullable=True, unique=None, default=None)
1246 username = Column("username", String(255), nullable=True, unique=None, default=None)
1247 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1247 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1248 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1248 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1249 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1249 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1250 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1250 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1251 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1251 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1252
1252
1253 version = Column("version", String(255), nullable=True, default=VERSION_1)
1253 version = Column("version", String(255), nullable=True, default=VERSION_1)
1254 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1254 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1255 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1255 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1256
1256
1257 def __unicode__(self):
1257 def __unicode__(self):
1258 return u"<%s('id:%s:%s')>" % (
1258 return u"<%s('id:%s:%s')>" % (
1259 self.__class__.__name__, self.repository_name, self.action)
1259 self.__class__.__name__, self.repository_name, self.action)
1260
1260
1261 def __json__(self):
1261 def __json__(self):
1262 return {
1262 return {
1263 'user_id': self.user_id,
1263 'user_id': self.user_id,
1264 'username': self.username,
1264 'username': self.username,
1265 'repository_id': self.repository_id,
1265 'repository_id': self.repository_id,
1266 'repository_name': self.repository_name,
1266 'repository_name': self.repository_name,
1267 'user_ip': self.user_ip,
1267 'user_ip': self.user_ip,
1268 'action_date': self.action_date,
1268 'action_date': self.action_date,
1269 'action': self.action,
1269 'action': self.action,
1270 }
1270 }
1271
1271
1272 @hybrid_property
1272 @hybrid_property
1273 def entry_id(self):
1273 def entry_id(self):
1274 return self.user_log_id
1274 return self.user_log_id
1275
1275
1276 @property
1276 @property
1277 def action_as_day(self):
1277 def action_as_day(self):
1278 return datetime.date(*self.action_date.timetuple()[:3])
1278 return datetime.date(*self.action_date.timetuple()[:3])
1279
1279
1280 user = relationship('User')
1280 user = relationship('User')
1281 repository = relationship('Repository', cascade='')
1281 repository = relationship('Repository', cascade='')
1282
1282
1283
1283
1284 class UserGroup(Base, BaseModel):
1284 class UserGroup(Base, BaseModel):
1285 __tablename__ = 'users_groups'
1285 __tablename__ = 'users_groups'
1286 __table_args__ = (
1286 __table_args__ = (
1287 base_table_args,
1287 base_table_args,
1288 )
1288 )
1289
1289
1290 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1290 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1291 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1291 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1292 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1292 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1293 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1293 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1294 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1294 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1295 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1295 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1296 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1296 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1297 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1297 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1298
1298
1299 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
1299 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
1300 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
1300 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
1301 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1301 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1302 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
1302 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
1303 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
1303 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
1304 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
1304 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
1305
1305
1306 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')
1306 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')
1307 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")
1307 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")
1308
1308
1309 @classmethod
1309 @classmethod
1310 def _load_group_data(cls, column):
1310 def _load_group_data(cls, column):
1311 if not column:
1311 if not column:
1312 return {}
1312 return {}
1313
1313
1314 try:
1314 try:
1315 return json.loads(column) or {}
1315 return json.loads(column) or {}
1316 except TypeError:
1316 except TypeError:
1317 return {}
1317 return {}
1318
1318
1319 @hybrid_property
1319 @hybrid_property
1320 def description_safe(self):
1320 def description_safe(self):
1321 from rhodecode.lib import helpers as h
1321 from rhodecode.lib import helpers as h
1322 return h.escape(self.user_group_description)
1322 return h.escape(self.user_group_description)
1323
1323
1324 @hybrid_property
1324 @hybrid_property
1325 def group_data(self):
1325 def group_data(self):
1326 return self._load_group_data(self._group_data)
1326 return self._load_group_data(self._group_data)
1327
1327
1328 @group_data.expression
1328 @group_data.expression
1329 def group_data(self, **kwargs):
1329 def group_data(self, **kwargs):
1330 return self._group_data
1330 return self._group_data
1331
1331
1332 @group_data.setter
1332 @group_data.setter
1333 def group_data(self, val):
1333 def group_data(self, val):
1334 try:
1334 try:
1335 self._group_data = json.dumps(val)
1335 self._group_data = json.dumps(val)
1336 except Exception:
1336 except Exception:
1337 log.error(traceback.format_exc())
1337 log.error(traceback.format_exc())
1338
1338
1339 @classmethod
1339 @classmethod
1340 def _load_sync(cls, group_data):
1340 def _load_sync(cls, group_data):
1341 if group_data:
1341 if group_data:
1342 return group_data.get('extern_type')
1342 return group_data.get('extern_type')
1343
1343
1344 @property
1344 @property
1345 def sync(self):
1345 def sync(self):
1346 return self._load_sync(self.group_data)
1346 return self._load_sync(self.group_data)
1347
1347
1348 def __unicode__(self):
1348 def __unicode__(self):
1349 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
1349 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
1350 self.users_group_id,
1350 self.users_group_id,
1351 self.users_group_name)
1351 self.users_group_name)
1352
1352
1353 @classmethod
1353 @classmethod
1354 def get_by_group_name(cls, group_name, cache=False,
1354 def get_by_group_name(cls, group_name, cache=False,
1355 case_insensitive=False):
1355 case_insensitive=False):
1356 if case_insensitive:
1356 if case_insensitive:
1357 q = cls.query().filter(func.lower(cls.users_group_name) ==
1357 q = cls.query().filter(func.lower(cls.users_group_name) ==
1358 func.lower(group_name))
1358 func.lower(group_name))
1359
1359
1360 else:
1360 else:
1361 q = cls.query().filter(cls.users_group_name == group_name)
1361 q = cls.query().filter(cls.users_group_name == group_name)
1362 if cache:
1362 if cache:
1363 q = q.options(
1363 q = q.options(
1364 FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
1364 FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
1365 return q.scalar()
1365 return q.scalar()
1366
1366
1367 @classmethod
1367 @classmethod
1368 def get(cls, user_group_id, cache=False):
1368 def get(cls, user_group_id, cache=False):
1369 if not user_group_id:
1369 if not user_group_id:
1370 return
1370 return
1371
1371
1372 user_group = cls.query()
1372 user_group = cls.query()
1373 if cache:
1373 if cache:
1374 user_group = user_group.options(
1374 user_group = user_group.options(
1375 FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
1375 FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
1376 return user_group.get(user_group_id)
1376 return user_group.get(user_group_id)
1377
1377
1378 def permissions(self, with_admins=True, with_owner=True):
1378 def permissions(self, with_admins=True, with_owner=True):
1379 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1379 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1380 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1380 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1381 joinedload(UserUserGroupToPerm.user),
1381 joinedload(UserUserGroupToPerm.user),
1382 joinedload(UserUserGroupToPerm.permission),)
1382 joinedload(UserUserGroupToPerm.permission),)
1383
1383
1384 # get owners and admins and permissions. We do a trick of re-writing
1384 # get owners and admins and permissions. We do a trick of re-writing
1385 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1385 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1386 # has a global reference and changing one object propagates to all
1386 # has a global reference and changing one object propagates to all
1387 # others. This means if admin is also an owner admin_row that change
1387 # others. This means if admin is also an owner admin_row that change
1388 # would propagate to both objects
1388 # would propagate to both objects
1389 perm_rows = []
1389 perm_rows = []
1390 for _usr in q.all():
1390 for _usr in q.all():
1391 usr = AttributeDict(_usr.user.get_dict())
1391 usr = AttributeDict(_usr.user.get_dict())
1392 usr.permission = _usr.permission.permission_name
1392 usr.permission = _usr.permission.permission_name
1393 perm_rows.append(usr)
1393 perm_rows.append(usr)
1394
1394
1395 # filter the perm rows by 'default' first and then sort them by
1395 # filter the perm rows by 'default' first and then sort them by
1396 # admin,write,read,none permissions sorted again alphabetically in
1396 # admin,write,read,none permissions sorted again alphabetically in
1397 # each group
1397 # each group
1398 perm_rows = sorted(perm_rows, key=display_user_sort)
1398 perm_rows = sorted(perm_rows, key=display_user_sort)
1399
1399
1400 _admin_perm = 'usergroup.admin'
1400 _admin_perm = 'usergroup.admin'
1401 owner_row = []
1401 owner_row = []
1402 if with_owner:
1402 if with_owner:
1403 usr = AttributeDict(self.user.get_dict())
1403 usr = AttributeDict(self.user.get_dict())
1404 usr.owner_row = True
1404 usr.owner_row = True
1405 usr.permission = _admin_perm
1405 usr.permission = _admin_perm
1406 owner_row.append(usr)
1406 owner_row.append(usr)
1407
1407
1408 super_admin_rows = []
1408 super_admin_rows = []
1409 if with_admins:
1409 if with_admins:
1410 for usr in User.get_all_super_admins():
1410 for usr in User.get_all_super_admins():
1411 # if this admin is also owner, don't double the record
1411 # if this admin is also owner, don't double the record
1412 if usr.user_id == owner_row[0].user_id:
1412 if usr.user_id == owner_row[0].user_id:
1413 owner_row[0].admin_row = True
1413 owner_row[0].admin_row = True
1414 else:
1414 else:
1415 usr = AttributeDict(usr.get_dict())
1415 usr = AttributeDict(usr.get_dict())
1416 usr.admin_row = True
1416 usr.admin_row = True
1417 usr.permission = _admin_perm
1417 usr.permission = _admin_perm
1418 super_admin_rows.append(usr)
1418 super_admin_rows.append(usr)
1419
1419
1420 return super_admin_rows + owner_row + perm_rows
1420 return super_admin_rows + owner_row + perm_rows
1421
1421
1422 def permission_user_groups(self):
1422 def permission_user_groups(self):
1423 q = UserGroupUserGroupToPerm.query().filter(UserGroupUserGroupToPerm.target_user_group == self)
1423 q = UserGroupUserGroupToPerm.query().filter(UserGroupUserGroupToPerm.target_user_group == self)
1424 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1424 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1425 joinedload(UserGroupUserGroupToPerm.target_user_group),
1425 joinedload(UserGroupUserGroupToPerm.target_user_group),
1426 joinedload(UserGroupUserGroupToPerm.permission),)
1426 joinedload(UserGroupUserGroupToPerm.permission),)
1427
1427
1428 perm_rows = []
1428 perm_rows = []
1429 for _user_group in q.all():
1429 for _user_group in q.all():
1430 usr = AttributeDict(_user_group.user_group.get_dict())
1430 usr = AttributeDict(_user_group.user_group.get_dict())
1431 usr.permission = _user_group.permission.permission_name
1431 usr.permission = _user_group.permission.permission_name
1432 perm_rows.append(usr)
1432 perm_rows.append(usr)
1433
1433
1434 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1434 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1435 return perm_rows
1435 return perm_rows
1436
1436
1437 def _get_default_perms(self, user_group, suffix=''):
1437 def _get_default_perms(self, user_group, suffix=''):
1438 from rhodecode.model.permission import PermissionModel
1438 from rhodecode.model.permission import PermissionModel
1439 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1439 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1440
1440
1441 def get_default_perms(self, suffix=''):
1441 def get_default_perms(self, suffix=''):
1442 return self._get_default_perms(self, suffix)
1442 return self._get_default_perms(self, suffix)
1443
1443
1444 def get_api_data(self, with_group_members=True, include_secrets=False):
1444 def get_api_data(self, with_group_members=True, include_secrets=False):
1445 """
1445 """
1446 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1446 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1447 basically forwarded.
1447 basically forwarded.
1448
1448
1449 """
1449 """
1450 user_group = self
1450 user_group = self
1451 data = {
1451 data = {
1452 'users_group_id': user_group.users_group_id,
1452 'users_group_id': user_group.users_group_id,
1453 'group_name': user_group.users_group_name,
1453 'group_name': user_group.users_group_name,
1454 'group_description': user_group.user_group_description,
1454 'group_description': user_group.user_group_description,
1455 'active': user_group.users_group_active,
1455 'active': user_group.users_group_active,
1456 'owner': user_group.user.username,
1456 'owner': user_group.user.username,
1457 'sync': user_group.sync,
1457 'sync': user_group.sync,
1458 'owner_email': user_group.user.email,
1458 'owner_email': user_group.user.email,
1459 }
1459 }
1460
1460
1461 if with_group_members:
1461 if with_group_members:
1462 users = []
1462 users = []
1463 for user in user_group.members:
1463 for user in user_group.members:
1464 user = user.user
1464 user = user.user
1465 users.append(user.get_api_data(include_secrets=include_secrets))
1465 users.append(user.get_api_data(include_secrets=include_secrets))
1466 data['users'] = users
1466 data['users'] = users
1467
1467
1468 return data
1468 return data
1469
1469
1470
1470
1471 class UserGroupMember(Base, BaseModel):
1471 class UserGroupMember(Base, BaseModel):
1472 __tablename__ = 'users_groups_members'
1472 __tablename__ = 'users_groups_members'
1473 __table_args__ = (
1473 __table_args__ = (
1474 base_table_args,
1474 base_table_args,
1475 )
1475 )
1476
1476
1477 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1477 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1478 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1478 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1479 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1479 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1480
1480
1481 user = relationship('User', lazy='joined')
1481 user = relationship('User', lazy='joined')
1482 users_group = relationship('UserGroup')
1482 users_group = relationship('UserGroup')
1483
1483
1484 def __init__(self, gr_id='', u_id=''):
1484 def __init__(self, gr_id='', u_id=''):
1485 self.users_group_id = gr_id
1485 self.users_group_id = gr_id
1486 self.user_id = u_id
1486 self.user_id = u_id
1487
1487
1488
1488
1489 class RepositoryField(Base, BaseModel):
1489 class RepositoryField(Base, BaseModel):
1490 __tablename__ = 'repositories_fields'
1490 __tablename__ = 'repositories_fields'
1491 __table_args__ = (
1491 __table_args__ = (
1492 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1492 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1493 base_table_args,
1493 base_table_args,
1494 )
1494 )
1495
1495
1496 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1496 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1497
1497
1498 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1498 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1499 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1499 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1500 field_key = Column("field_key", String(250))
1500 field_key = Column("field_key", String(250))
1501 field_label = Column("field_label", String(1024), nullable=False)
1501 field_label = Column("field_label", String(1024), nullable=False)
1502 field_value = Column("field_value", String(10000), nullable=False)
1502 field_value = Column("field_value", String(10000), nullable=False)
1503 field_desc = Column("field_desc", String(1024), nullable=False)
1503 field_desc = Column("field_desc", String(1024), nullable=False)
1504 field_type = Column("field_type", String(255), nullable=False, unique=None)
1504 field_type = Column("field_type", String(255), nullable=False, unique=None)
1505 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1505 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1506
1506
1507 repository = relationship('Repository')
1507 repository = relationship('Repository')
1508
1508
1509 @property
1509 @property
1510 def field_key_prefixed(self):
1510 def field_key_prefixed(self):
1511 return 'ex_%s' % self.field_key
1511 return 'ex_%s' % self.field_key
1512
1512
1513 @classmethod
1513 @classmethod
1514 def un_prefix_key(cls, key):
1514 def un_prefix_key(cls, key):
1515 if key.startswith(cls.PREFIX):
1515 if key.startswith(cls.PREFIX):
1516 return key[len(cls.PREFIX):]
1516 return key[len(cls.PREFIX):]
1517 return key
1517 return key
1518
1518
1519 @classmethod
1519 @classmethod
1520 def get_by_key_name(cls, key, repo):
1520 def get_by_key_name(cls, key, repo):
1521 row = cls.query()\
1521 row = cls.query()\
1522 .filter(cls.repository == repo)\
1522 .filter(cls.repository == repo)\
1523 .filter(cls.field_key == key).scalar()
1523 .filter(cls.field_key == key).scalar()
1524 return row
1524 return row
1525
1525
1526
1526
1527 class Repository(Base, BaseModel):
1527 class Repository(Base, BaseModel):
1528 __tablename__ = 'repositories'
1528 __tablename__ = 'repositories'
1529 __table_args__ = (
1529 __table_args__ = (
1530 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1530 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1531 base_table_args,
1531 base_table_args,
1532 )
1532 )
1533 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1533 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1534 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1534 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1535 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1535 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1536
1536
1537 STATE_CREATED = 'repo_state_created'
1537 STATE_CREATED = 'repo_state_created'
1538 STATE_PENDING = 'repo_state_pending'
1538 STATE_PENDING = 'repo_state_pending'
1539 STATE_ERROR = 'repo_state_error'
1539 STATE_ERROR = 'repo_state_error'
1540
1540
1541 LOCK_AUTOMATIC = 'lock_auto'
1541 LOCK_AUTOMATIC = 'lock_auto'
1542 LOCK_API = 'lock_api'
1542 LOCK_API = 'lock_api'
1543 LOCK_WEB = 'lock_web'
1543 LOCK_WEB = 'lock_web'
1544 LOCK_PULL = 'lock_pull'
1544 LOCK_PULL = 'lock_pull'
1545
1545
1546 NAME_SEP = URL_SEP
1546 NAME_SEP = URL_SEP
1547
1547
1548 repo_id = Column(
1548 repo_id = Column(
1549 "repo_id", Integer(), nullable=False, unique=True, default=None,
1549 "repo_id", Integer(), nullable=False, unique=True, default=None,
1550 primary_key=True)
1550 primary_key=True)
1551 _repo_name = Column(
1551 _repo_name = Column(
1552 "repo_name", Text(), nullable=False, default=None)
1552 "repo_name", Text(), nullable=False, default=None)
1553 _repo_name_hash = Column(
1553 _repo_name_hash = Column(
1554 "repo_name_hash", String(255), nullable=False, unique=True)
1554 "repo_name_hash", String(255), nullable=False, unique=True)
1555 repo_state = Column("repo_state", String(255), nullable=True)
1555 repo_state = Column("repo_state", String(255), nullable=True)
1556
1556
1557 clone_uri = Column(
1557 clone_uri = Column(
1558 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1558 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1559 default=None)
1559 default=None)
1560 push_uri = Column(
1560 push_uri = Column(
1561 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1561 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1562 default=None)
1562 default=None)
1563 repo_type = Column(
1563 repo_type = Column(
1564 "repo_type", String(255), nullable=False, unique=False, default=None)
1564 "repo_type", String(255), nullable=False, unique=False, default=None)
1565 user_id = Column(
1565 user_id = Column(
1566 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1566 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1567 unique=False, default=None)
1567 unique=False, default=None)
1568 private = Column(
1568 private = Column(
1569 "private", Boolean(), nullable=True, unique=None, default=None)
1569 "private", Boolean(), nullable=True, unique=None, default=None)
1570 enable_statistics = Column(
1570 enable_statistics = Column(
1571 "statistics", Boolean(), nullable=True, unique=None, default=True)
1571 "statistics", Boolean(), nullable=True, unique=None, default=True)
1572 enable_downloads = Column(
1572 enable_downloads = Column(
1573 "downloads", Boolean(), nullable=True, unique=None, default=True)
1573 "downloads", Boolean(), nullable=True, unique=None, default=True)
1574 description = Column(
1574 description = Column(
1575 "description", String(10000), nullable=True, unique=None, default=None)
1575 "description", String(10000), nullable=True, unique=None, default=None)
1576 created_on = Column(
1576 created_on = Column(
1577 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1577 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1578 default=datetime.datetime.now)
1578 default=datetime.datetime.now)
1579 updated_on = Column(
1579 updated_on = Column(
1580 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1580 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1581 default=datetime.datetime.now)
1581 default=datetime.datetime.now)
1582 _landing_revision = Column(
1582 _landing_revision = Column(
1583 "landing_revision", String(255), nullable=False, unique=False,
1583 "landing_revision", String(255), nullable=False, unique=False,
1584 default=None)
1584 default=None)
1585 enable_locking = Column(
1585 enable_locking = Column(
1586 "enable_locking", Boolean(), nullable=False, unique=None,
1586 "enable_locking", Boolean(), nullable=False, unique=None,
1587 default=False)
1587 default=False)
1588 _locked = Column(
1588 _locked = Column(
1589 "locked", String(255), nullable=True, unique=False, default=None)
1589 "locked", String(255), nullable=True, unique=False, default=None)
1590 _changeset_cache = Column(
1590 _changeset_cache = Column(
1591 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1591 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1592
1592
1593 fork_id = Column(
1593 fork_id = Column(
1594 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1594 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1595 nullable=True, unique=False, default=None)
1595 nullable=True, unique=False, default=None)
1596 group_id = Column(
1596 group_id = Column(
1597 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1597 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1598 unique=False, default=None)
1598 unique=False, default=None)
1599
1599
1600 user = relationship('User', lazy='joined')
1600 user = relationship('User', lazy='joined')
1601 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1601 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1602 group = relationship('RepoGroup', lazy='joined')
1602 group = relationship('RepoGroup', lazy='joined')
1603 repo_to_perm = relationship(
1603 repo_to_perm = relationship(
1604 'UserRepoToPerm', cascade='all',
1604 'UserRepoToPerm', cascade='all',
1605 order_by='UserRepoToPerm.repo_to_perm_id')
1605 order_by='UserRepoToPerm.repo_to_perm_id')
1606 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1606 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1607 stats = relationship('Statistics', cascade='all', uselist=False)
1607 stats = relationship('Statistics', cascade='all', uselist=False)
1608
1608
1609 followers = relationship(
1609 followers = relationship(
1610 'UserFollowing',
1610 'UserFollowing',
1611 primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
1611 primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
1612 cascade='all')
1612 cascade='all')
1613 extra_fields = relationship(
1613 extra_fields = relationship(
1614 'RepositoryField', cascade="all, delete, delete-orphan")
1614 'RepositoryField', cascade="all, delete, delete-orphan")
1615 logs = relationship('UserLog')
1615 logs = relationship('UserLog')
1616 comments = relationship(
1616 comments = relationship(
1617 'ChangesetComment', cascade="all, delete, delete-orphan")
1617 'ChangesetComment', cascade="all, delete, delete-orphan")
1618 pull_requests_source = relationship(
1618 pull_requests_source = relationship(
1619 'PullRequest',
1619 'PullRequest',
1620 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1620 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1621 cascade="all, delete, delete-orphan")
1621 cascade="all, delete, delete-orphan")
1622 pull_requests_target = relationship(
1622 pull_requests_target = relationship(
1623 'PullRequest',
1623 'PullRequest',
1624 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1624 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1625 cascade="all, delete, delete-orphan")
1625 cascade="all, delete, delete-orphan")
1626 ui = relationship('RepoRhodeCodeUi', cascade="all")
1626 ui = relationship('RepoRhodeCodeUi', cascade="all")
1627 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1627 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1628 integrations = relationship('Integration',
1628 integrations = relationship('Integration',
1629 cascade="all, delete, delete-orphan")
1629 cascade="all, delete, delete-orphan")
1630
1630
1631 scoped_tokens = relationship('UserApiKeys', cascade="all")
1631 scoped_tokens = relationship('UserApiKeys', cascade="all")
1632
1632
1633 def __unicode__(self):
1633 def __unicode__(self):
1634 return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
1634 return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
1635 safe_unicode(self.repo_name))
1635 safe_unicode(self.repo_name))
1636
1636
1637 @hybrid_property
1637 @hybrid_property
1638 def description_safe(self):
1638 def description_safe(self):
1639 from rhodecode.lib import helpers as h
1639 from rhodecode.lib import helpers as h
1640 return h.escape(self.description)
1640 return h.escape(self.description)
1641
1641
1642 @hybrid_property
1642 @hybrid_property
1643 def landing_rev(self):
1643 def landing_rev(self):
1644 # always should return [rev_type, rev]
1644 # always should return [rev_type, rev]
1645 if self._landing_revision:
1645 if self._landing_revision:
1646 _rev_info = self._landing_revision.split(':')
1646 _rev_info = self._landing_revision.split(':')
1647 if len(_rev_info) < 2:
1647 if len(_rev_info) < 2:
1648 _rev_info.insert(0, 'rev')
1648 _rev_info.insert(0, 'rev')
1649 return [_rev_info[0], _rev_info[1]]
1649 return [_rev_info[0], _rev_info[1]]
1650 return [None, None]
1650 return [None, None]
1651
1651
1652 @landing_rev.setter
1652 @landing_rev.setter
1653 def landing_rev(self, val):
1653 def landing_rev(self, val):
1654 if ':' not in val:
1654 if ':' not in val:
1655 raise ValueError('value must be delimited with `:` and consist '
1655 raise ValueError('value must be delimited with `:` and consist '
1656 'of <rev_type>:<rev>, got %s instead' % val)
1656 'of <rev_type>:<rev>, got %s instead' % val)
1657 self._landing_revision = val
1657 self._landing_revision = val
1658
1658
1659 @hybrid_property
1659 @hybrid_property
1660 def locked(self):
1660 def locked(self):
1661 if self._locked:
1661 if self._locked:
1662 user_id, timelocked, reason = self._locked.split(':')
1662 user_id, timelocked, reason = self._locked.split(':')
1663 lock_values = int(user_id), timelocked, reason
1663 lock_values = int(user_id), timelocked, reason
1664 else:
1664 else:
1665 lock_values = [None, None, None]
1665 lock_values = [None, None, None]
1666 return lock_values
1666 return lock_values
1667
1667
1668 @locked.setter
1668 @locked.setter
1669 def locked(self, val):
1669 def locked(self, val):
1670 if val and isinstance(val, (list, tuple)):
1670 if val and isinstance(val, (list, tuple)):
1671 self._locked = ':'.join(map(str, val))
1671 self._locked = ':'.join(map(str, val))
1672 else:
1672 else:
1673 self._locked = None
1673 self._locked = None
1674
1674
1675 @hybrid_property
1675 @hybrid_property
1676 def changeset_cache(self):
1676 def changeset_cache(self):
1677 from rhodecode.lib.vcs.backends.base import EmptyCommit
1677 from rhodecode.lib.vcs.backends.base import EmptyCommit
1678 dummy = EmptyCommit().__json__()
1678 dummy = EmptyCommit().__json__()
1679 if not self._changeset_cache:
1679 if not self._changeset_cache:
1680 return dummy
1680 return dummy
1681 try:
1681 try:
1682 return json.loads(self._changeset_cache)
1682 return json.loads(self._changeset_cache)
1683 except TypeError:
1683 except TypeError:
1684 return dummy
1684 return dummy
1685 except Exception:
1685 except Exception:
1686 log.error(traceback.format_exc())
1686 log.error(traceback.format_exc())
1687 return dummy
1687 return dummy
1688
1688
1689 @changeset_cache.setter
1689 @changeset_cache.setter
1690 def changeset_cache(self, val):
1690 def changeset_cache(self, val):
1691 try:
1691 try:
1692 self._changeset_cache = json.dumps(val)
1692 self._changeset_cache = json.dumps(val)
1693 except Exception:
1693 except Exception:
1694 log.error(traceback.format_exc())
1694 log.error(traceback.format_exc())
1695
1695
1696 @hybrid_property
1696 @hybrid_property
1697 def repo_name(self):
1697 def repo_name(self):
1698 return self._repo_name
1698 return self._repo_name
1699
1699
1700 @repo_name.setter
1700 @repo_name.setter
1701 def repo_name(self, value):
1701 def repo_name(self, value):
1702 self._repo_name = value
1702 self._repo_name = value
1703 self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
1703 self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
1704
1704
1705 @classmethod
1705 @classmethod
1706 def normalize_repo_name(cls, repo_name):
1706 def normalize_repo_name(cls, repo_name):
1707 """
1707 """
1708 Normalizes os specific repo_name to the format internally stored inside
1708 Normalizes os specific repo_name to the format internally stored inside
1709 database using URL_SEP
1709 database using URL_SEP
1710
1710
1711 :param cls:
1711 :param cls:
1712 :param repo_name:
1712 :param repo_name:
1713 """
1713 """
1714 return cls.NAME_SEP.join(repo_name.split(os.sep))
1714 return cls.NAME_SEP.join(repo_name.split(os.sep))
1715
1715
1716 @classmethod
1716 @classmethod
1717 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1717 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1718 session = Session()
1718 session = Session()
1719 q = session.query(cls).filter(cls.repo_name == repo_name)
1719 q = session.query(cls).filter(cls.repo_name == repo_name)
1720
1720
1721 if cache:
1721 if cache:
1722 if identity_cache:
1722 if identity_cache:
1723 val = cls.identity_cache(session, 'repo_name', repo_name)
1723 val = cls.identity_cache(session, 'repo_name', repo_name)
1724 if val:
1724 if val:
1725 return val
1725 return val
1726 else:
1726 else:
1727 cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
1727 cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
1728 q = q.options(
1728 q = q.options(
1729 FromCache("sql_cache_short", cache_key))
1729 FromCache("sql_cache_short", cache_key))
1730
1730
1731 return q.scalar()
1731 return q.scalar()
1732
1732
1733 @classmethod
1733 @classmethod
1734 def get_by_id_or_repo_name(cls, repoid):
1734 def get_by_id_or_repo_name(cls, repoid):
1735 if isinstance(repoid, (int, long)):
1735 if isinstance(repoid, (int, long)):
1736 try:
1736 try:
1737 repo = cls.get(repoid)
1737 repo = cls.get(repoid)
1738 except ValueError:
1738 except ValueError:
1739 repo = None
1739 repo = None
1740 else:
1740 else:
1741 repo = cls.get_by_repo_name(repoid)
1741 repo = cls.get_by_repo_name(repoid)
1742 return repo
1742 return repo
1743
1743
1744 @classmethod
1744 @classmethod
1745 def get_by_full_path(cls, repo_full_path):
1745 def get_by_full_path(cls, repo_full_path):
1746 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1746 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1747 repo_name = cls.normalize_repo_name(repo_name)
1747 repo_name = cls.normalize_repo_name(repo_name)
1748 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1748 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1749
1749
1750 @classmethod
1750 @classmethod
1751 def get_repo_forks(cls, repo_id):
1751 def get_repo_forks(cls, repo_id):
1752 return cls.query().filter(Repository.fork_id == repo_id)
1752 return cls.query().filter(Repository.fork_id == repo_id)
1753
1753
1754 @classmethod
1754 @classmethod
1755 def base_path(cls):
1755 def base_path(cls):
1756 """
1756 """
1757 Returns base path when all repos are stored
1757 Returns base path when all repos are stored
1758
1758
1759 :param cls:
1759 :param cls:
1760 """
1760 """
1761 q = Session().query(RhodeCodeUi)\
1761 q = Session().query(RhodeCodeUi)\
1762 .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
1762 .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
1763 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1763 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1764 return q.one().ui_value
1764 return q.one().ui_value
1765
1765
1766 @classmethod
1766 @classmethod
1767 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1767 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1768 case_insensitive=True):
1768 case_insensitive=True):
1769 q = Repository.query()
1769 q = Repository.query()
1770
1770
1771 if not isinstance(user_id, Optional):
1771 if not isinstance(user_id, Optional):
1772 q = q.filter(Repository.user_id == user_id)
1772 q = q.filter(Repository.user_id == user_id)
1773
1773
1774 if not isinstance(group_id, Optional):
1774 if not isinstance(group_id, Optional):
1775 q = q.filter(Repository.group_id == group_id)
1775 q = q.filter(Repository.group_id == group_id)
1776
1776
1777 if case_insensitive:
1777 if case_insensitive:
1778 q = q.order_by(func.lower(Repository.repo_name))
1778 q = q.order_by(func.lower(Repository.repo_name))
1779 else:
1779 else:
1780 q = q.order_by(Repository.repo_name)
1780 q = q.order_by(Repository.repo_name)
1781 return q.all()
1781 return q.all()
1782
1782
1783 @property
1783 @property
1784 def forks(self):
1784 def forks(self):
1785 """
1785 """
1786 Return forks of this repo
1786 Return forks of this repo
1787 """
1787 """
1788 return Repository.get_repo_forks(self.repo_id)
1788 return Repository.get_repo_forks(self.repo_id)
1789
1789
1790 @property
1790 @property
1791 def parent(self):
1791 def parent(self):
1792 """
1792 """
1793 Returns fork parent
1793 Returns fork parent
1794 """
1794 """
1795 return self.fork
1795 return self.fork
1796
1796
1797 @property
1797 @property
1798 def just_name(self):
1798 def just_name(self):
1799 return self.repo_name.split(self.NAME_SEP)[-1]
1799 return self.repo_name.split(self.NAME_SEP)[-1]
1800
1800
1801 @property
1801 @property
1802 def groups_with_parents(self):
1802 def groups_with_parents(self):
1803 groups = []
1803 groups = []
1804 if self.group is None:
1804 if self.group is None:
1805 return groups
1805 return groups
1806
1806
1807 cur_gr = self.group
1807 cur_gr = self.group
1808 groups.insert(0, cur_gr)
1808 groups.insert(0, cur_gr)
1809 while 1:
1809 while 1:
1810 gr = getattr(cur_gr, 'parent_group', None)
1810 gr = getattr(cur_gr, 'parent_group', None)
1811 cur_gr = cur_gr.parent_group
1811 cur_gr = cur_gr.parent_group
1812 if gr is None:
1812 if gr is None:
1813 break
1813 break
1814 groups.insert(0, gr)
1814 groups.insert(0, gr)
1815
1815
1816 return groups
1816 return groups
1817
1817
1818 @property
1818 @property
1819 def groups_and_repo(self):
1819 def groups_and_repo(self):
1820 return self.groups_with_parents, self
1820 return self.groups_with_parents, self
1821
1821
1822 @LazyProperty
1822 @LazyProperty
1823 def repo_path(self):
1823 def repo_path(self):
1824 """
1824 """
1825 Returns base full path for that repository means where it actually
1825 Returns base full path for that repository means where it actually
1826 exists on a filesystem
1826 exists on a filesystem
1827 """
1827 """
1828 q = Session().query(RhodeCodeUi).filter(
1828 q = Session().query(RhodeCodeUi).filter(
1829 RhodeCodeUi.ui_key == self.NAME_SEP)
1829 RhodeCodeUi.ui_key == self.NAME_SEP)
1830 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1830 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1831 return q.one().ui_value
1831 return q.one().ui_value
1832
1832
1833 @property
1833 @property
1834 def repo_full_path(self):
1834 def repo_full_path(self):
1835 p = [self.repo_path]
1835 p = [self.repo_path]
1836 # we need to split the name by / since this is how we store the
1836 # we need to split the name by / since this is how we store the
1837 # names in the database, but that eventually needs to be converted
1837 # names in the database, but that eventually needs to be converted
1838 # into a valid system path
1838 # into a valid system path
1839 p += self.repo_name.split(self.NAME_SEP)
1839 p += self.repo_name.split(self.NAME_SEP)
1840 return os.path.join(*map(safe_unicode, p))
1840 return os.path.join(*map(safe_unicode, p))
1841
1841
1842 @property
1842 @property
1843 def cache_keys(self):
1843 def cache_keys(self):
1844 """
1844 """
1845 Returns associated cache keys for that repo
1845 Returns associated cache keys for that repo
1846 """
1846 """
1847 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
1847 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
1848 repo_id=self.repo_id)
1848 repo_id=self.repo_id)
1849 return CacheKey.query()\
1849 return CacheKey.query()\
1850 .filter(CacheKey.cache_args == invalidation_namespace)\
1850 .filter(CacheKey.cache_args == invalidation_namespace)\
1851 .order_by(CacheKey.cache_key)\
1851 .order_by(CacheKey.cache_key)\
1852 .all()
1852 .all()
1853
1853
1854 @property
1854 @property
1855 def cached_diffs_relative_dir(self):
1855 def cached_diffs_relative_dir(self):
1856 """
1856 """
1857 Return a relative to the repository store path of cached diffs
1857 Return a relative to the repository store path of cached diffs
1858 used for safe display for users, who shouldn't know the absolute store
1858 used for safe display for users, who shouldn't know the absolute store
1859 path
1859 path
1860 """
1860 """
1861 return os.path.join(
1861 return os.path.join(
1862 os.path.dirname(self.repo_name),
1862 os.path.dirname(self.repo_name),
1863 self.cached_diffs_dir.split(os.path.sep)[-1])
1863 self.cached_diffs_dir.split(os.path.sep)[-1])
1864
1864
1865 @property
1865 @property
1866 def cached_diffs_dir(self):
1866 def cached_diffs_dir(self):
1867 path = self.repo_full_path
1867 path = self.repo_full_path
1868 return os.path.join(
1868 return os.path.join(
1869 os.path.dirname(path),
1869 os.path.dirname(path),
1870 '.__shadow_diff_cache_repo_{}'.format(self.repo_id))
1870 '.__shadow_diff_cache_repo_{}'.format(self.repo_id))
1871
1871
1872 def cached_diffs(self):
1872 def cached_diffs(self):
1873 diff_cache_dir = self.cached_diffs_dir
1873 diff_cache_dir = self.cached_diffs_dir
1874 if os.path.isdir(diff_cache_dir):
1874 if os.path.isdir(diff_cache_dir):
1875 return os.listdir(diff_cache_dir)
1875 return os.listdir(diff_cache_dir)
1876 return []
1876 return []
1877
1877
1878 def shadow_repos(self):
1878 def shadow_repos(self):
1879 shadow_repos_pattern = '.__shadow_repo_{}'.format(self.repo_id)
1879 shadow_repos_pattern = '.__shadow_repo_{}'.format(self.repo_id)
1880 return [
1880 return [
1881 x for x in os.listdir(os.path.dirname(self.repo_full_path))
1881 x for x in os.listdir(os.path.dirname(self.repo_full_path))
1882 if x.startswith(shadow_repos_pattern)]
1882 if x.startswith(shadow_repos_pattern)]
1883
1883
1884 def get_new_name(self, repo_name):
1884 def get_new_name(self, repo_name):
1885 """
1885 """
1886 returns new full repository name based on assigned group and new new
1886 returns new full repository name based on assigned group and new new
1887
1887
1888 :param group_name:
1888 :param group_name:
1889 """
1889 """
1890 path_prefix = self.group.full_path_splitted if self.group else []
1890 path_prefix = self.group.full_path_splitted if self.group else []
1891 return self.NAME_SEP.join(path_prefix + [repo_name])
1891 return self.NAME_SEP.join(path_prefix + [repo_name])
1892
1892
1893 @property
1893 @property
1894 def _config(self):
1894 def _config(self):
1895 """
1895 """
1896 Returns db based config object.
1896 Returns db based config object.
1897 """
1897 """
1898 from rhodecode.lib.utils import make_db_config
1898 from rhodecode.lib.utils import make_db_config
1899 return make_db_config(clear_session=False, repo=self)
1899 return make_db_config(clear_session=False, repo=self)
1900
1900
1901 def permissions(self, with_admins=True, with_owner=True):
1901 def permissions(self, with_admins=True, with_owner=True):
1902 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
1902 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
1903 q = q.options(joinedload(UserRepoToPerm.repository),
1903 q = q.options(joinedload(UserRepoToPerm.repository),
1904 joinedload(UserRepoToPerm.user),
1904 joinedload(UserRepoToPerm.user),
1905 joinedload(UserRepoToPerm.permission),)
1905 joinedload(UserRepoToPerm.permission),)
1906
1906
1907 # get owners and admins and permissions. We do a trick of re-writing
1907 # get owners and admins and permissions. We do a trick of re-writing
1908 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1908 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1909 # has a global reference and changing one object propagates to all
1909 # has a global reference and changing one object propagates to all
1910 # others. This means if admin is also an owner admin_row that change
1910 # others. This means if admin is also an owner admin_row that change
1911 # would propagate to both objects
1911 # would propagate to both objects
1912 perm_rows = []
1912 perm_rows = []
1913 for _usr in q.all():
1913 for _usr in q.all():
1914 usr = AttributeDict(_usr.user.get_dict())
1914 usr = AttributeDict(_usr.user.get_dict())
1915 usr.permission = _usr.permission.permission_name
1915 usr.permission = _usr.permission.permission_name
1916 usr.permission_id = _usr.repo_to_perm_id
1916 perm_rows.append(usr)
1917 perm_rows.append(usr)
1917
1918
1918 # filter the perm rows by 'default' first and then sort them by
1919 # filter the perm rows by 'default' first and then sort them by
1919 # admin,write,read,none permissions sorted again alphabetically in
1920 # admin,write,read,none permissions sorted again alphabetically in
1920 # each group
1921 # each group
1921 perm_rows = sorted(perm_rows, key=display_user_sort)
1922 perm_rows = sorted(perm_rows, key=display_user_sort)
1922
1923
1923 _admin_perm = 'repository.admin'
1924 _admin_perm = 'repository.admin'
1924 owner_row = []
1925 owner_row = []
1925 if with_owner:
1926 if with_owner:
1926 usr = AttributeDict(self.user.get_dict())
1927 usr = AttributeDict(self.user.get_dict())
1927 usr.owner_row = True
1928 usr.owner_row = True
1928 usr.permission = _admin_perm
1929 usr.permission = _admin_perm
1930 usr.permission_id = None
1929 owner_row.append(usr)
1931 owner_row.append(usr)
1930
1932
1931 super_admin_rows = []
1933 super_admin_rows = []
1932 if with_admins:
1934 if with_admins:
1933 for usr in User.get_all_super_admins():
1935 for usr in User.get_all_super_admins():
1934 # if this admin is also owner, don't double the record
1936 # if this admin is also owner, don't double the record
1935 if usr.user_id == owner_row[0].user_id:
1937 if usr.user_id == owner_row[0].user_id:
1936 owner_row[0].admin_row = True
1938 owner_row[0].admin_row = True
1937 else:
1939 else:
1938 usr = AttributeDict(usr.get_dict())
1940 usr = AttributeDict(usr.get_dict())
1939 usr.admin_row = True
1941 usr.admin_row = True
1940 usr.permission = _admin_perm
1942 usr.permission = _admin_perm
1943 usr.permission_id = None
1941 super_admin_rows.append(usr)
1944 super_admin_rows.append(usr)
1942
1945
1943 return super_admin_rows + owner_row + perm_rows
1946 return super_admin_rows + owner_row + perm_rows
1944
1947
1945 def permission_user_groups(self):
1948 def permission_user_groups(self):
1946 q = UserGroupRepoToPerm.query().filter(
1949 q = UserGroupRepoToPerm.query().filter(
1947 UserGroupRepoToPerm.repository == self)
1950 UserGroupRepoToPerm.repository == self)
1948 q = q.options(joinedload(UserGroupRepoToPerm.repository),
1951 q = q.options(joinedload(UserGroupRepoToPerm.repository),
1949 joinedload(UserGroupRepoToPerm.users_group),
1952 joinedload(UserGroupRepoToPerm.users_group),
1950 joinedload(UserGroupRepoToPerm.permission),)
1953 joinedload(UserGroupRepoToPerm.permission),)
1951
1954
1952 perm_rows = []
1955 perm_rows = []
1953 for _user_group in q.all():
1956 for _user_group in q.all():
1954 usr = AttributeDict(_user_group.users_group.get_dict())
1957 usr = AttributeDict(_user_group.users_group.get_dict())
1955 usr.permission = _user_group.permission.permission_name
1958 usr.permission = _user_group.permission.permission_name
1956 perm_rows.append(usr)
1959 perm_rows.append(usr)
1957
1960
1958 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1961 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1959 return perm_rows
1962 return perm_rows
1960
1963
1961 def get_api_data(self, include_secrets=False):
1964 def get_api_data(self, include_secrets=False):
1962 """
1965 """
1963 Common function for generating repo api data
1966 Common function for generating repo api data
1964
1967
1965 :param include_secrets: See :meth:`User.get_api_data`.
1968 :param include_secrets: See :meth:`User.get_api_data`.
1966
1969
1967 """
1970 """
1968 # TODO: mikhail: Here there is an anti-pattern, we probably need to
1971 # TODO: mikhail: Here there is an anti-pattern, we probably need to
1969 # move this methods on models level.
1972 # move this methods on models level.
1970 from rhodecode.model.settings import SettingsModel
1973 from rhodecode.model.settings import SettingsModel
1971 from rhodecode.model.repo import RepoModel
1974 from rhodecode.model.repo import RepoModel
1972
1975
1973 repo = self
1976 repo = self
1974 _user_id, _time, _reason = self.locked
1977 _user_id, _time, _reason = self.locked
1975
1978
1976 data = {
1979 data = {
1977 'repo_id': repo.repo_id,
1980 'repo_id': repo.repo_id,
1978 'repo_name': repo.repo_name,
1981 'repo_name': repo.repo_name,
1979 'repo_type': repo.repo_type,
1982 'repo_type': repo.repo_type,
1980 'clone_uri': repo.clone_uri or '',
1983 'clone_uri': repo.clone_uri or '',
1981 'push_uri': repo.push_uri or '',
1984 'push_uri': repo.push_uri or '',
1982 'url': RepoModel().get_url(self),
1985 'url': RepoModel().get_url(self),
1983 'private': repo.private,
1986 'private': repo.private,
1984 'created_on': repo.created_on,
1987 'created_on': repo.created_on,
1985 'description': repo.description_safe,
1988 'description': repo.description_safe,
1986 'landing_rev': repo.landing_rev,
1989 'landing_rev': repo.landing_rev,
1987 'owner': repo.user.username,
1990 'owner': repo.user.username,
1988 'fork_of': repo.fork.repo_name if repo.fork else None,
1991 'fork_of': repo.fork.repo_name if repo.fork else None,
1989 'fork_of_id': repo.fork.repo_id if repo.fork else None,
1992 'fork_of_id': repo.fork.repo_id if repo.fork else None,
1990 'enable_statistics': repo.enable_statistics,
1993 'enable_statistics': repo.enable_statistics,
1991 'enable_locking': repo.enable_locking,
1994 'enable_locking': repo.enable_locking,
1992 'enable_downloads': repo.enable_downloads,
1995 'enable_downloads': repo.enable_downloads,
1993 'last_changeset': repo.changeset_cache,
1996 'last_changeset': repo.changeset_cache,
1994 'locked_by': User.get(_user_id).get_api_data(
1997 'locked_by': User.get(_user_id).get_api_data(
1995 include_secrets=include_secrets) if _user_id else None,
1998 include_secrets=include_secrets) if _user_id else None,
1996 'locked_date': time_to_datetime(_time) if _time else None,
1999 'locked_date': time_to_datetime(_time) if _time else None,
1997 'lock_reason': _reason if _reason else None,
2000 'lock_reason': _reason if _reason else None,
1998 }
2001 }
1999
2002
2000 # TODO: mikhail: should be per-repo settings here
2003 # TODO: mikhail: should be per-repo settings here
2001 rc_config = SettingsModel().get_all_settings()
2004 rc_config = SettingsModel().get_all_settings()
2002 repository_fields = str2bool(
2005 repository_fields = str2bool(
2003 rc_config.get('rhodecode_repository_fields'))
2006 rc_config.get('rhodecode_repository_fields'))
2004 if repository_fields:
2007 if repository_fields:
2005 for f in self.extra_fields:
2008 for f in self.extra_fields:
2006 data[f.field_key_prefixed] = f.field_value
2009 data[f.field_key_prefixed] = f.field_value
2007
2010
2008 return data
2011 return data
2009
2012
2010 @classmethod
2013 @classmethod
2011 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2014 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2012 if not lock_time:
2015 if not lock_time:
2013 lock_time = time.time()
2016 lock_time = time.time()
2014 if not lock_reason:
2017 if not lock_reason:
2015 lock_reason = cls.LOCK_AUTOMATIC
2018 lock_reason = cls.LOCK_AUTOMATIC
2016 repo.locked = [user_id, lock_time, lock_reason]
2019 repo.locked = [user_id, lock_time, lock_reason]
2017 Session().add(repo)
2020 Session().add(repo)
2018 Session().commit()
2021 Session().commit()
2019
2022
2020 @classmethod
2023 @classmethod
2021 def unlock(cls, repo):
2024 def unlock(cls, repo):
2022 repo.locked = None
2025 repo.locked = None
2023 Session().add(repo)
2026 Session().add(repo)
2024 Session().commit()
2027 Session().commit()
2025
2028
2026 @classmethod
2029 @classmethod
2027 def getlock(cls, repo):
2030 def getlock(cls, repo):
2028 return repo.locked
2031 return repo.locked
2029
2032
2030 def is_user_lock(self, user_id):
2033 def is_user_lock(self, user_id):
2031 if self.lock[0]:
2034 if self.lock[0]:
2032 lock_user_id = safe_int(self.lock[0])
2035 lock_user_id = safe_int(self.lock[0])
2033 user_id = safe_int(user_id)
2036 user_id = safe_int(user_id)
2034 # both are ints, and they are equal
2037 # both are ints, and they are equal
2035 return all([lock_user_id, user_id]) and lock_user_id == user_id
2038 return all([lock_user_id, user_id]) and lock_user_id == user_id
2036
2039
2037 return False
2040 return False
2038
2041
2039 def get_locking_state(self, action, user_id, only_when_enabled=True):
2042 def get_locking_state(self, action, user_id, only_when_enabled=True):
2040 """
2043 """
2041 Checks locking on this repository, if locking is enabled and lock is
2044 Checks locking on this repository, if locking is enabled and lock is
2042 present returns a tuple of make_lock, locked, locked_by.
2045 present returns a tuple of make_lock, locked, locked_by.
2043 make_lock can have 3 states None (do nothing) True, make lock
2046 make_lock can have 3 states None (do nothing) True, make lock
2044 False release lock, This value is later propagated to hooks, which
2047 False release lock, This value is later propagated to hooks, which
2045 do the locking. Think about this as signals passed to hooks what to do.
2048 do the locking. Think about this as signals passed to hooks what to do.
2046
2049
2047 """
2050 """
2048 # TODO: johbo: This is part of the business logic and should be moved
2051 # TODO: johbo: This is part of the business logic and should be moved
2049 # into the RepositoryModel.
2052 # into the RepositoryModel.
2050
2053
2051 if action not in ('push', 'pull'):
2054 if action not in ('push', 'pull'):
2052 raise ValueError("Invalid action value: %s" % repr(action))
2055 raise ValueError("Invalid action value: %s" % repr(action))
2053
2056
2054 # defines if locked error should be thrown to user
2057 # defines if locked error should be thrown to user
2055 currently_locked = False
2058 currently_locked = False
2056 # defines if new lock should be made, tri-state
2059 # defines if new lock should be made, tri-state
2057 make_lock = None
2060 make_lock = None
2058 repo = self
2061 repo = self
2059 user = User.get(user_id)
2062 user = User.get(user_id)
2060
2063
2061 lock_info = repo.locked
2064 lock_info = repo.locked
2062
2065
2063 if repo and (repo.enable_locking or not only_when_enabled):
2066 if repo and (repo.enable_locking or not only_when_enabled):
2064 if action == 'push':
2067 if action == 'push':
2065 # check if it's already locked !, if it is compare users
2068 # check if it's already locked !, if it is compare users
2066 locked_by_user_id = lock_info[0]
2069 locked_by_user_id = lock_info[0]
2067 if user.user_id == locked_by_user_id:
2070 if user.user_id == locked_by_user_id:
2068 log.debug(
2071 log.debug(
2069 'Got `push` action from user %s, now unlocking', user)
2072 'Got `push` action from user %s, now unlocking', user)
2070 # unlock if we have push from user who locked
2073 # unlock if we have push from user who locked
2071 make_lock = False
2074 make_lock = False
2072 else:
2075 else:
2073 # we're not the same user who locked, ban with
2076 # we're not the same user who locked, ban with
2074 # code defined in settings (default is 423 HTTP Locked) !
2077 # code defined in settings (default is 423 HTTP Locked) !
2075 log.debug('Repo %s is currently locked by %s', repo, user)
2078 log.debug('Repo %s is currently locked by %s', repo, user)
2076 currently_locked = True
2079 currently_locked = True
2077 elif action == 'pull':
2080 elif action == 'pull':
2078 # [0] user [1] date
2081 # [0] user [1] date
2079 if lock_info[0] and lock_info[1]:
2082 if lock_info[0] and lock_info[1]:
2080 log.debug('Repo %s is currently locked by %s', repo, user)
2083 log.debug('Repo %s is currently locked by %s', repo, user)
2081 currently_locked = True
2084 currently_locked = True
2082 else:
2085 else:
2083 log.debug('Setting lock on repo %s by %s', repo, user)
2086 log.debug('Setting lock on repo %s by %s', repo, user)
2084 make_lock = True
2087 make_lock = True
2085
2088
2086 else:
2089 else:
2087 log.debug('Repository %s do not have locking enabled', repo)
2090 log.debug('Repository %s do not have locking enabled', repo)
2088
2091
2089 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2092 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2090 make_lock, currently_locked, lock_info)
2093 make_lock, currently_locked, lock_info)
2091
2094
2092 from rhodecode.lib.auth import HasRepoPermissionAny
2095 from rhodecode.lib.auth import HasRepoPermissionAny
2093 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2096 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2094 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2097 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2095 # if we don't have at least write permission we cannot make a lock
2098 # if we don't have at least write permission we cannot make a lock
2096 log.debug('lock state reset back to FALSE due to lack '
2099 log.debug('lock state reset back to FALSE due to lack '
2097 'of at least read permission')
2100 'of at least read permission')
2098 make_lock = False
2101 make_lock = False
2099
2102
2100 return make_lock, currently_locked, lock_info
2103 return make_lock, currently_locked, lock_info
2101
2104
2102 @property
2105 @property
2103 def last_db_change(self):
2106 def last_db_change(self):
2104 return self.updated_on
2107 return self.updated_on
2105
2108
2106 @property
2109 @property
2107 def clone_uri_hidden(self):
2110 def clone_uri_hidden(self):
2108 clone_uri = self.clone_uri
2111 clone_uri = self.clone_uri
2109 if clone_uri:
2112 if clone_uri:
2110 import urlobject
2113 import urlobject
2111 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2114 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2112 if url_obj.password:
2115 if url_obj.password:
2113 clone_uri = url_obj.with_password('*****')
2116 clone_uri = url_obj.with_password('*****')
2114 return clone_uri
2117 return clone_uri
2115
2118
2116 @property
2119 @property
2117 def push_uri_hidden(self):
2120 def push_uri_hidden(self):
2118 push_uri = self.push_uri
2121 push_uri = self.push_uri
2119 if push_uri:
2122 if push_uri:
2120 import urlobject
2123 import urlobject
2121 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2124 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2122 if url_obj.password:
2125 if url_obj.password:
2123 push_uri = url_obj.with_password('*****')
2126 push_uri = url_obj.with_password('*****')
2124 return push_uri
2127 return push_uri
2125
2128
2126 def clone_url(self, **override):
2129 def clone_url(self, **override):
2127 from rhodecode.model.settings import SettingsModel
2130 from rhodecode.model.settings import SettingsModel
2128
2131
2129 uri_tmpl = None
2132 uri_tmpl = None
2130 if 'with_id' in override:
2133 if 'with_id' in override:
2131 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2134 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2132 del override['with_id']
2135 del override['with_id']
2133
2136
2134 if 'uri_tmpl' in override:
2137 if 'uri_tmpl' in override:
2135 uri_tmpl = override['uri_tmpl']
2138 uri_tmpl = override['uri_tmpl']
2136 del override['uri_tmpl']
2139 del override['uri_tmpl']
2137
2140
2138 ssh = False
2141 ssh = False
2139 if 'ssh' in override:
2142 if 'ssh' in override:
2140 ssh = True
2143 ssh = True
2141 del override['ssh']
2144 del override['ssh']
2142
2145
2143 # we didn't override our tmpl from **overrides
2146 # we didn't override our tmpl from **overrides
2144 if not uri_tmpl:
2147 if not uri_tmpl:
2145 rc_config = SettingsModel().get_all_settings(cache=True)
2148 rc_config = SettingsModel().get_all_settings(cache=True)
2146 if ssh:
2149 if ssh:
2147 uri_tmpl = rc_config.get(
2150 uri_tmpl = rc_config.get(
2148 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2151 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2149 else:
2152 else:
2150 uri_tmpl = rc_config.get(
2153 uri_tmpl = rc_config.get(
2151 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2154 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2152
2155
2153 request = get_current_request()
2156 request = get_current_request()
2154 return get_clone_url(request=request,
2157 return get_clone_url(request=request,
2155 uri_tmpl=uri_tmpl,
2158 uri_tmpl=uri_tmpl,
2156 repo_name=self.repo_name,
2159 repo_name=self.repo_name,
2157 repo_id=self.repo_id, **override)
2160 repo_id=self.repo_id, **override)
2158
2161
2159 def set_state(self, state):
2162 def set_state(self, state):
2160 self.repo_state = state
2163 self.repo_state = state
2161 Session().add(self)
2164 Session().add(self)
2162 #==========================================================================
2165 #==========================================================================
2163 # SCM PROPERTIES
2166 # SCM PROPERTIES
2164 #==========================================================================
2167 #==========================================================================
2165
2168
2166 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
2169 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
2167 return get_commit_safe(
2170 return get_commit_safe(
2168 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
2171 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
2169
2172
2170 def get_changeset(self, rev=None, pre_load=None):
2173 def get_changeset(self, rev=None, pre_load=None):
2171 warnings.warn("Use get_commit", DeprecationWarning)
2174 warnings.warn("Use get_commit", DeprecationWarning)
2172 commit_id = None
2175 commit_id = None
2173 commit_idx = None
2176 commit_idx = None
2174 if isinstance(rev, basestring):
2177 if isinstance(rev, basestring):
2175 commit_id = rev
2178 commit_id = rev
2176 else:
2179 else:
2177 commit_idx = rev
2180 commit_idx = rev
2178 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2181 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2179 pre_load=pre_load)
2182 pre_load=pre_load)
2180
2183
2181 def get_landing_commit(self):
2184 def get_landing_commit(self):
2182 """
2185 """
2183 Returns landing commit, or if that doesn't exist returns the tip
2186 Returns landing commit, or if that doesn't exist returns the tip
2184 """
2187 """
2185 _rev_type, _rev = self.landing_rev
2188 _rev_type, _rev = self.landing_rev
2186 commit = self.get_commit(_rev)
2189 commit = self.get_commit(_rev)
2187 if isinstance(commit, EmptyCommit):
2190 if isinstance(commit, EmptyCommit):
2188 return self.get_commit()
2191 return self.get_commit()
2189 return commit
2192 return commit
2190
2193
2191 def update_commit_cache(self, cs_cache=None, config=None):
2194 def update_commit_cache(self, cs_cache=None, config=None):
2192 """
2195 """
2193 Update cache of last changeset for repository, keys should be::
2196 Update cache of last changeset for repository, keys should be::
2194
2197
2195 short_id
2198 short_id
2196 raw_id
2199 raw_id
2197 revision
2200 revision
2198 parents
2201 parents
2199 message
2202 message
2200 date
2203 date
2201 author
2204 author
2202
2205
2203 :param cs_cache:
2206 :param cs_cache:
2204 """
2207 """
2205 from rhodecode.lib.vcs.backends.base import BaseChangeset
2208 from rhodecode.lib.vcs.backends.base import BaseChangeset
2206 if cs_cache is None:
2209 if cs_cache is None:
2207 # use no-cache version here
2210 # use no-cache version here
2208 scm_repo = self.scm_instance(cache=False, config=config)
2211 scm_repo = self.scm_instance(cache=False, config=config)
2209
2212
2210 empty = scm_repo.is_empty()
2213 empty = scm_repo.is_empty()
2211 if not empty:
2214 if not empty:
2212 cs_cache = scm_repo.get_commit(
2215 cs_cache = scm_repo.get_commit(
2213 pre_load=["author", "date", "message", "parents"])
2216 pre_load=["author", "date", "message", "parents"])
2214 else:
2217 else:
2215 cs_cache = EmptyCommit()
2218 cs_cache = EmptyCommit()
2216
2219
2217 if isinstance(cs_cache, BaseChangeset):
2220 if isinstance(cs_cache, BaseChangeset):
2218 cs_cache = cs_cache.__json__()
2221 cs_cache = cs_cache.__json__()
2219
2222
2220 def is_outdated(new_cs_cache):
2223 def is_outdated(new_cs_cache):
2221 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2224 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2222 new_cs_cache['revision'] != self.changeset_cache['revision']):
2225 new_cs_cache['revision'] != self.changeset_cache['revision']):
2223 return True
2226 return True
2224 return False
2227 return False
2225
2228
2226 # check if we have maybe already latest cached revision
2229 # check if we have maybe already latest cached revision
2227 if is_outdated(cs_cache) or not self.changeset_cache:
2230 if is_outdated(cs_cache) or not self.changeset_cache:
2228 _default = datetime.datetime.utcnow()
2231 _default = datetime.datetime.utcnow()
2229 last_change = cs_cache.get('date') or _default
2232 last_change = cs_cache.get('date') or _default
2230 if self.updated_on and self.updated_on > last_change:
2233 if self.updated_on and self.updated_on > last_change:
2231 # we check if last update is newer than the new value
2234 # we check if last update is newer than the new value
2232 # if yes, we use the current timestamp instead. Imagine you get
2235 # if yes, we use the current timestamp instead. Imagine you get
2233 # old commit pushed 1y ago, we'd set last update 1y to ago.
2236 # old commit pushed 1y ago, we'd set last update 1y to ago.
2234 last_change = _default
2237 last_change = _default
2235 log.debug('updated repo %s with new cs cache %s',
2238 log.debug('updated repo %s with new cs cache %s',
2236 self.repo_name, cs_cache)
2239 self.repo_name, cs_cache)
2237 self.updated_on = last_change
2240 self.updated_on = last_change
2238 self.changeset_cache = cs_cache
2241 self.changeset_cache = cs_cache
2239 Session().add(self)
2242 Session().add(self)
2240 Session().commit()
2243 Session().commit()
2241 else:
2244 else:
2242 log.debug('Skipping update_commit_cache for repo:`%s` '
2245 log.debug('Skipping update_commit_cache for repo:`%s` '
2243 'commit already with latest changes', self.repo_name)
2246 'commit already with latest changes', self.repo_name)
2244
2247
2245 @property
2248 @property
2246 def tip(self):
2249 def tip(self):
2247 return self.get_commit('tip')
2250 return self.get_commit('tip')
2248
2251
2249 @property
2252 @property
2250 def author(self):
2253 def author(self):
2251 return self.tip.author
2254 return self.tip.author
2252
2255
2253 @property
2256 @property
2254 def last_change(self):
2257 def last_change(self):
2255 return self.scm_instance().last_change
2258 return self.scm_instance().last_change
2256
2259
2257 def get_comments(self, revisions=None):
2260 def get_comments(self, revisions=None):
2258 """
2261 """
2259 Returns comments for this repository grouped by revisions
2262 Returns comments for this repository grouped by revisions
2260
2263
2261 :param revisions: filter query by revisions only
2264 :param revisions: filter query by revisions only
2262 """
2265 """
2263 cmts = ChangesetComment.query()\
2266 cmts = ChangesetComment.query()\
2264 .filter(ChangesetComment.repo == self)
2267 .filter(ChangesetComment.repo == self)
2265 if revisions:
2268 if revisions:
2266 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2269 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2267 grouped = collections.defaultdict(list)
2270 grouped = collections.defaultdict(list)
2268 for cmt in cmts.all():
2271 for cmt in cmts.all():
2269 grouped[cmt.revision].append(cmt)
2272 grouped[cmt.revision].append(cmt)
2270 return grouped
2273 return grouped
2271
2274
2272 def statuses(self, revisions=None):
2275 def statuses(self, revisions=None):
2273 """
2276 """
2274 Returns statuses for this repository
2277 Returns statuses for this repository
2275
2278
2276 :param revisions: list of revisions to get statuses for
2279 :param revisions: list of revisions to get statuses for
2277 """
2280 """
2278 statuses = ChangesetStatus.query()\
2281 statuses = ChangesetStatus.query()\
2279 .filter(ChangesetStatus.repo == self)\
2282 .filter(ChangesetStatus.repo == self)\
2280 .filter(ChangesetStatus.version == 0)
2283 .filter(ChangesetStatus.version == 0)
2281
2284
2282 if revisions:
2285 if revisions:
2283 # Try doing the filtering in chunks to avoid hitting limits
2286 # Try doing the filtering in chunks to avoid hitting limits
2284 size = 500
2287 size = 500
2285 status_results = []
2288 status_results = []
2286 for chunk in xrange(0, len(revisions), size):
2289 for chunk in xrange(0, len(revisions), size):
2287 status_results += statuses.filter(
2290 status_results += statuses.filter(
2288 ChangesetStatus.revision.in_(
2291 ChangesetStatus.revision.in_(
2289 revisions[chunk: chunk+size])
2292 revisions[chunk: chunk+size])
2290 ).all()
2293 ).all()
2291 else:
2294 else:
2292 status_results = statuses.all()
2295 status_results = statuses.all()
2293
2296
2294 grouped = {}
2297 grouped = {}
2295
2298
2296 # maybe we have open new pullrequest without a status?
2299 # maybe we have open new pullrequest without a status?
2297 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2300 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2298 status_lbl = ChangesetStatus.get_status_lbl(stat)
2301 status_lbl = ChangesetStatus.get_status_lbl(stat)
2299 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2302 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2300 for rev in pr.revisions:
2303 for rev in pr.revisions:
2301 pr_id = pr.pull_request_id
2304 pr_id = pr.pull_request_id
2302 pr_repo = pr.target_repo.repo_name
2305 pr_repo = pr.target_repo.repo_name
2303 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2306 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2304
2307
2305 for stat in status_results:
2308 for stat in status_results:
2306 pr_id = pr_repo = None
2309 pr_id = pr_repo = None
2307 if stat.pull_request:
2310 if stat.pull_request:
2308 pr_id = stat.pull_request.pull_request_id
2311 pr_id = stat.pull_request.pull_request_id
2309 pr_repo = stat.pull_request.target_repo.repo_name
2312 pr_repo = stat.pull_request.target_repo.repo_name
2310 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2313 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2311 pr_id, pr_repo]
2314 pr_id, pr_repo]
2312 return grouped
2315 return grouped
2313
2316
2314 # ==========================================================================
2317 # ==========================================================================
2315 # SCM CACHE INSTANCE
2318 # SCM CACHE INSTANCE
2316 # ==========================================================================
2319 # ==========================================================================
2317
2320
2318 def scm_instance(self, **kwargs):
2321 def scm_instance(self, **kwargs):
2319 import rhodecode
2322 import rhodecode
2320
2323
2321 # Passing a config will not hit the cache currently only used
2324 # Passing a config will not hit the cache currently only used
2322 # for repo2dbmapper
2325 # for repo2dbmapper
2323 config = kwargs.pop('config', None)
2326 config = kwargs.pop('config', None)
2324 cache = kwargs.pop('cache', None)
2327 cache = kwargs.pop('cache', None)
2325 full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
2328 full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
2326 # if cache is NOT defined use default global, else we have a full
2329 # if cache is NOT defined use default global, else we have a full
2327 # control over cache behaviour
2330 # control over cache behaviour
2328 if cache is None and full_cache and not config:
2331 if cache is None and full_cache and not config:
2329 return self._get_instance_cached()
2332 return self._get_instance_cached()
2330 return self._get_instance(cache=bool(cache), config=config)
2333 return self._get_instance(cache=bool(cache), config=config)
2331
2334
2332 def _get_instance_cached(self):
2335 def _get_instance_cached(self):
2333 from rhodecode.lib import rc_cache
2336 from rhodecode.lib import rc_cache
2334
2337
2335 cache_namespace_uid = 'cache_repo_instance.{}'.format(self.repo_id)
2338 cache_namespace_uid = 'cache_repo_instance.{}'.format(self.repo_id)
2336 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
2339 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
2337 repo_id=self.repo_id)
2340 repo_id=self.repo_id)
2338 region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
2341 region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
2339
2342
2340 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
2343 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
2341 def get_instance_cached(repo_id, context_id):
2344 def get_instance_cached(repo_id, context_id):
2342 return self._get_instance()
2345 return self._get_instance()
2343
2346
2344 # we must use thread scoped cache here,
2347 # we must use thread scoped cache here,
2345 # because each thread of gevent needs it's own not shared connection and cache
2348 # because each thread of gevent needs it's own not shared connection and cache
2346 # we also alter `args` so the cache key is individual for every green thread.
2349 # we also alter `args` so the cache key is individual for every green thread.
2347 inv_context_manager = rc_cache.InvalidationContext(
2350 inv_context_manager = rc_cache.InvalidationContext(
2348 uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace,
2351 uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace,
2349 thread_scoped=True)
2352 thread_scoped=True)
2350 with inv_context_manager as invalidation_context:
2353 with inv_context_manager as invalidation_context:
2351 args = (self.repo_id, inv_context_manager.cache_key)
2354 args = (self.repo_id, inv_context_manager.cache_key)
2352 # re-compute and store cache if we get invalidate signal
2355 # re-compute and store cache if we get invalidate signal
2353 if invalidation_context.should_invalidate():
2356 if invalidation_context.should_invalidate():
2354 instance = get_instance_cached.refresh(*args)
2357 instance = get_instance_cached.refresh(*args)
2355 else:
2358 else:
2356 instance = get_instance_cached(*args)
2359 instance = get_instance_cached(*args)
2357
2360
2358 log.debug(
2361 log.debug(
2359 'Repo instance fetched in %.3fs', inv_context_manager.compute_time)
2362 'Repo instance fetched in %.3fs', inv_context_manager.compute_time)
2360 return instance
2363 return instance
2361
2364
2362 def _get_instance(self, cache=True, config=None):
2365 def _get_instance(self, cache=True, config=None):
2363 config = config or self._config
2366 config = config or self._config
2364 custom_wire = {
2367 custom_wire = {
2365 'cache': cache # controls the vcs.remote cache
2368 'cache': cache # controls the vcs.remote cache
2366 }
2369 }
2367 repo = get_vcs_instance(
2370 repo = get_vcs_instance(
2368 repo_path=safe_str(self.repo_full_path),
2371 repo_path=safe_str(self.repo_full_path),
2369 config=config,
2372 config=config,
2370 with_wire=custom_wire,
2373 with_wire=custom_wire,
2371 create=False,
2374 create=False,
2372 _vcs_alias=self.repo_type)
2375 _vcs_alias=self.repo_type)
2373
2376
2374 return repo
2377 return repo
2375
2378
2376 def __json__(self):
2379 def __json__(self):
2377 return {'landing_rev': self.landing_rev}
2380 return {'landing_rev': self.landing_rev}
2378
2381
2379 def get_dict(self):
2382 def get_dict(self):
2380
2383
2381 # Since we transformed `repo_name` to a hybrid property, we need to
2384 # Since we transformed `repo_name` to a hybrid property, we need to
2382 # keep compatibility with the code which uses `repo_name` field.
2385 # keep compatibility with the code which uses `repo_name` field.
2383
2386
2384 result = super(Repository, self).get_dict()
2387 result = super(Repository, self).get_dict()
2385 result['repo_name'] = result.pop('_repo_name', None)
2388 result['repo_name'] = result.pop('_repo_name', None)
2386 return result
2389 return result
2387
2390
2388
2391
2389 class RepoGroup(Base, BaseModel):
2392 class RepoGroup(Base, BaseModel):
2390 __tablename__ = 'groups'
2393 __tablename__ = 'groups'
2391 __table_args__ = (
2394 __table_args__ = (
2392 UniqueConstraint('group_name', 'group_parent_id'),
2395 UniqueConstraint('group_name', 'group_parent_id'),
2393 CheckConstraint('group_id != group_parent_id'),
2396 CheckConstraint('group_id != group_parent_id'),
2394 base_table_args,
2397 base_table_args,
2395 )
2398 )
2396 __mapper_args__ = {'order_by': 'group_name'}
2399 __mapper_args__ = {'order_by': 'group_name'}
2397
2400
2398 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2401 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2399
2402
2400 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2403 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2401 group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2404 group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2402 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2405 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2403 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2406 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2404 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2407 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2405 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2408 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2406 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2409 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2407 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2410 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2408 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2411 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2409
2412
2410 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
2413 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
2411 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
2414 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
2412 parent_group = relationship('RepoGroup', remote_side=group_id)
2415 parent_group = relationship('RepoGroup', remote_side=group_id)
2413 user = relationship('User')
2416 user = relationship('User')
2414 integrations = relationship('Integration',
2417 integrations = relationship('Integration',
2415 cascade="all, delete, delete-orphan")
2418 cascade="all, delete, delete-orphan")
2416
2419
2417 def __init__(self, group_name='', parent_group=None):
2420 def __init__(self, group_name='', parent_group=None):
2418 self.group_name = group_name
2421 self.group_name = group_name
2419 self.parent_group = parent_group
2422 self.parent_group = parent_group
2420
2423
2421 def __unicode__(self):
2424 def __unicode__(self):
2422 return u"<%s('id:%s:%s')>" % (
2425 return u"<%s('id:%s:%s')>" % (
2423 self.__class__.__name__, self.group_id, self.group_name)
2426 self.__class__.__name__, self.group_id, self.group_name)
2424
2427
2425 @hybrid_property
2428 @hybrid_property
2426 def description_safe(self):
2429 def description_safe(self):
2427 from rhodecode.lib import helpers as h
2430 from rhodecode.lib import helpers as h
2428 return h.escape(self.group_description)
2431 return h.escape(self.group_description)
2429
2432
2430 @classmethod
2433 @classmethod
2431 def _generate_choice(cls, repo_group):
2434 def _generate_choice(cls, repo_group):
2432 from webhelpers.html import literal as _literal
2435 from webhelpers.html import literal as _literal
2433 _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
2436 _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
2434 return repo_group.group_id, _name(repo_group.full_path_splitted)
2437 return repo_group.group_id, _name(repo_group.full_path_splitted)
2435
2438
2436 @classmethod
2439 @classmethod
2437 def groups_choices(cls, groups=None, show_empty_group=True):
2440 def groups_choices(cls, groups=None, show_empty_group=True):
2438 if not groups:
2441 if not groups:
2439 groups = cls.query().all()
2442 groups = cls.query().all()
2440
2443
2441 repo_groups = []
2444 repo_groups = []
2442 if show_empty_group:
2445 if show_empty_group:
2443 repo_groups = [(-1, u'-- %s --' % _('No parent'))]
2446 repo_groups = [(-1, u'-- %s --' % _('No parent'))]
2444
2447
2445 repo_groups.extend([cls._generate_choice(x) for x in groups])
2448 repo_groups.extend([cls._generate_choice(x) for x in groups])
2446
2449
2447 repo_groups = sorted(
2450 repo_groups = sorted(
2448 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2451 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2449 return repo_groups
2452 return repo_groups
2450
2453
2451 @classmethod
2454 @classmethod
2452 def url_sep(cls):
2455 def url_sep(cls):
2453 return URL_SEP
2456 return URL_SEP
2454
2457
2455 @classmethod
2458 @classmethod
2456 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2459 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2457 if case_insensitive:
2460 if case_insensitive:
2458 gr = cls.query().filter(func.lower(cls.group_name)
2461 gr = cls.query().filter(func.lower(cls.group_name)
2459 == func.lower(group_name))
2462 == func.lower(group_name))
2460 else:
2463 else:
2461 gr = cls.query().filter(cls.group_name == group_name)
2464 gr = cls.query().filter(cls.group_name == group_name)
2462 if cache:
2465 if cache:
2463 name_key = _hash_key(group_name)
2466 name_key = _hash_key(group_name)
2464 gr = gr.options(
2467 gr = gr.options(
2465 FromCache("sql_cache_short", "get_group_%s" % name_key))
2468 FromCache("sql_cache_short", "get_group_%s" % name_key))
2466 return gr.scalar()
2469 return gr.scalar()
2467
2470
2468 @classmethod
2471 @classmethod
2469 def get_user_personal_repo_group(cls, user_id):
2472 def get_user_personal_repo_group(cls, user_id):
2470 user = User.get(user_id)
2473 user = User.get(user_id)
2471 if user.username == User.DEFAULT_USER:
2474 if user.username == User.DEFAULT_USER:
2472 return None
2475 return None
2473
2476
2474 return cls.query()\
2477 return cls.query()\
2475 .filter(cls.personal == true()) \
2478 .filter(cls.personal == true()) \
2476 .filter(cls.user == user).scalar()
2479 .filter(cls.user == user).scalar()
2477
2480
2478 @classmethod
2481 @classmethod
2479 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2482 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2480 case_insensitive=True):
2483 case_insensitive=True):
2481 q = RepoGroup.query()
2484 q = RepoGroup.query()
2482
2485
2483 if not isinstance(user_id, Optional):
2486 if not isinstance(user_id, Optional):
2484 q = q.filter(RepoGroup.user_id == user_id)
2487 q = q.filter(RepoGroup.user_id == user_id)
2485
2488
2486 if not isinstance(group_id, Optional):
2489 if not isinstance(group_id, Optional):
2487 q = q.filter(RepoGroup.group_parent_id == group_id)
2490 q = q.filter(RepoGroup.group_parent_id == group_id)
2488
2491
2489 if case_insensitive:
2492 if case_insensitive:
2490 q = q.order_by(func.lower(RepoGroup.group_name))
2493 q = q.order_by(func.lower(RepoGroup.group_name))
2491 else:
2494 else:
2492 q = q.order_by(RepoGroup.group_name)
2495 q = q.order_by(RepoGroup.group_name)
2493 return q.all()
2496 return q.all()
2494
2497
2495 @property
2498 @property
2496 def parents(self):
2499 def parents(self):
2497 parents_recursion_limit = 10
2500 parents_recursion_limit = 10
2498 groups = []
2501 groups = []
2499 if self.parent_group is None:
2502 if self.parent_group is None:
2500 return groups
2503 return groups
2501 cur_gr = self.parent_group
2504 cur_gr = self.parent_group
2502 groups.insert(0, cur_gr)
2505 groups.insert(0, cur_gr)
2503 cnt = 0
2506 cnt = 0
2504 while 1:
2507 while 1:
2505 cnt += 1
2508 cnt += 1
2506 gr = getattr(cur_gr, 'parent_group', None)
2509 gr = getattr(cur_gr, 'parent_group', None)
2507 cur_gr = cur_gr.parent_group
2510 cur_gr = cur_gr.parent_group
2508 if gr is None:
2511 if gr is None:
2509 break
2512 break
2510 if cnt == parents_recursion_limit:
2513 if cnt == parents_recursion_limit:
2511 # this will prevent accidental infinit loops
2514 # this will prevent accidental infinit loops
2512 log.error(('more than %s parents found for group %s, stopping '
2515 log.error(('more than %s parents found for group %s, stopping '
2513 'recursive parent fetching' % (parents_recursion_limit, self)))
2516 'recursive parent fetching' % (parents_recursion_limit, self)))
2514 break
2517 break
2515
2518
2516 groups.insert(0, gr)
2519 groups.insert(0, gr)
2517 return groups
2520 return groups
2518
2521
2519 @property
2522 @property
2520 def last_db_change(self):
2523 def last_db_change(self):
2521 return self.updated_on
2524 return self.updated_on
2522
2525
2523 @property
2526 @property
2524 def children(self):
2527 def children(self):
2525 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2528 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2526
2529
2527 @property
2530 @property
2528 def name(self):
2531 def name(self):
2529 return self.group_name.split(RepoGroup.url_sep())[-1]
2532 return self.group_name.split(RepoGroup.url_sep())[-1]
2530
2533
2531 @property
2534 @property
2532 def full_path(self):
2535 def full_path(self):
2533 return self.group_name
2536 return self.group_name
2534
2537
2535 @property
2538 @property
2536 def full_path_splitted(self):
2539 def full_path_splitted(self):
2537 return self.group_name.split(RepoGroup.url_sep())
2540 return self.group_name.split(RepoGroup.url_sep())
2538
2541
2539 @property
2542 @property
2540 def repositories(self):
2543 def repositories(self):
2541 return Repository.query()\
2544 return Repository.query()\
2542 .filter(Repository.group == self)\
2545 .filter(Repository.group == self)\
2543 .order_by(Repository.repo_name)
2546 .order_by(Repository.repo_name)
2544
2547
2545 @property
2548 @property
2546 def repositories_recursive_count(self):
2549 def repositories_recursive_count(self):
2547 cnt = self.repositories.count()
2550 cnt = self.repositories.count()
2548
2551
2549 def children_count(group):
2552 def children_count(group):
2550 cnt = 0
2553 cnt = 0
2551 for child in group.children:
2554 for child in group.children:
2552 cnt += child.repositories.count()
2555 cnt += child.repositories.count()
2553 cnt += children_count(child)
2556 cnt += children_count(child)
2554 return cnt
2557 return cnt
2555
2558
2556 return cnt + children_count(self)
2559 return cnt + children_count(self)
2557
2560
2558 def _recursive_objects(self, include_repos=True):
2561 def _recursive_objects(self, include_repos=True):
2559 all_ = []
2562 all_ = []
2560
2563
2561 def _get_members(root_gr):
2564 def _get_members(root_gr):
2562 if include_repos:
2565 if include_repos:
2563 for r in root_gr.repositories:
2566 for r in root_gr.repositories:
2564 all_.append(r)
2567 all_.append(r)
2565 childs = root_gr.children.all()
2568 childs = root_gr.children.all()
2566 if childs:
2569 if childs:
2567 for gr in childs:
2570 for gr in childs:
2568 all_.append(gr)
2571 all_.append(gr)
2569 _get_members(gr)
2572 _get_members(gr)
2570
2573
2571 _get_members(self)
2574 _get_members(self)
2572 return [self] + all_
2575 return [self] + all_
2573
2576
2574 def recursive_groups_and_repos(self):
2577 def recursive_groups_and_repos(self):
2575 """
2578 """
2576 Recursive return all groups, with repositories in those groups
2579 Recursive return all groups, with repositories in those groups
2577 """
2580 """
2578 return self._recursive_objects()
2581 return self._recursive_objects()
2579
2582
2580 def recursive_groups(self):
2583 def recursive_groups(self):
2581 """
2584 """
2582 Returns all children groups for this group including children of children
2585 Returns all children groups for this group including children of children
2583 """
2586 """
2584 return self._recursive_objects(include_repos=False)
2587 return self._recursive_objects(include_repos=False)
2585
2588
2586 def get_new_name(self, group_name):
2589 def get_new_name(self, group_name):
2587 """
2590 """
2588 returns new full group name based on parent and new name
2591 returns new full group name based on parent and new name
2589
2592
2590 :param group_name:
2593 :param group_name:
2591 """
2594 """
2592 path_prefix = (self.parent_group.full_path_splitted if
2595 path_prefix = (self.parent_group.full_path_splitted if
2593 self.parent_group else [])
2596 self.parent_group else [])
2594 return RepoGroup.url_sep().join(path_prefix + [group_name])
2597 return RepoGroup.url_sep().join(path_prefix + [group_name])
2595
2598
2596 def permissions(self, with_admins=True, with_owner=True):
2599 def permissions(self, with_admins=True, with_owner=True):
2597 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
2600 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
2598 q = q.options(joinedload(UserRepoGroupToPerm.group),
2601 q = q.options(joinedload(UserRepoGroupToPerm.group),
2599 joinedload(UserRepoGroupToPerm.user),
2602 joinedload(UserRepoGroupToPerm.user),
2600 joinedload(UserRepoGroupToPerm.permission),)
2603 joinedload(UserRepoGroupToPerm.permission),)
2601
2604
2602 # get owners and admins and permissions. We do a trick of re-writing
2605 # get owners and admins and permissions. We do a trick of re-writing
2603 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2606 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2604 # has a global reference and changing one object propagates to all
2607 # has a global reference and changing one object propagates to all
2605 # others. This means if admin is also an owner admin_row that change
2608 # others. This means if admin is also an owner admin_row that change
2606 # would propagate to both objects
2609 # would propagate to both objects
2607 perm_rows = []
2610 perm_rows = []
2608 for _usr in q.all():
2611 for _usr in q.all():
2609 usr = AttributeDict(_usr.user.get_dict())
2612 usr = AttributeDict(_usr.user.get_dict())
2610 usr.permission = _usr.permission.permission_name
2613 usr.permission = _usr.permission.permission_name
2611 perm_rows.append(usr)
2614 perm_rows.append(usr)
2612
2615
2613 # filter the perm rows by 'default' first and then sort them by
2616 # filter the perm rows by 'default' first and then sort them by
2614 # admin,write,read,none permissions sorted again alphabetically in
2617 # admin,write,read,none permissions sorted again alphabetically in
2615 # each group
2618 # each group
2616 perm_rows = sorted(perm_rows, key=display_user_sort)
2619 perm_rows = sorted(perm_rows, key=display_user_sort)
2617
2620
2618 _admin_perm = 'group.admin'
2621 _admin_perm = 'group.admin'
2619 owner_row = []
2622 owner_row = []
2620 if with_owner:
2623 if with_owner:
2621 usr = AttributeDict(self.user.get_dict())
2624 usr = AttributeDict(self.user.get_dict())
2622 usr.owner_row = True
2625 usr.owner_row = True
2623 usr.permission = _admin_perm
2626 usr.permission = _admin_perm
2624 owner_row.append(usr)
2627 owner_row.append(usr)
2625
2628
2626 super_admin_rows = []
2629 super_admin_rows = []
2627 if with_admins:
2630 if with_admins:
2628 for usr in User.get_all_super_admins():
2631 for usr in User.get_all_super_admins():
2629 # if this admin is also owner, don't double the record
2632 # if this admin is also owner, don't double the record
2630 if usr.user_id == owner_row[0].user_id:
2633 if usr.user_id == owner_row[0].user_id:
2631 owner_row[0].admin_row = True
2634 owner_row[0].admin_row = True
2632 else:
2635 else:
2633 usr = AttributeDict(usr.get_dict())
2636 usr = AttributeDict(usr.get_dict())
2634 usr.admin_row = True
2637 usr.admin_row = True
2635 usr.permission = _admin_perm
2638 usr.permission = _admin_perm
2636 super_admin_rows.append(usr)
2639 super_admin_rows.append(usr)
2637
2640
2638 return super_admin_rows + owner_row + perm_rows
2641 return super_admin_rows + owner_row + perm_rows
2639
2642
2640 def permission_user_groups(self):
2643 def permission_user_groups(self):
2641 q = UserGroupRepoGroupToPerm.query().filter(UserGroupRepoGroupToPerm.group == self)
2644 q = UserGroupRepoGroupToPerm.query().filter(UserGroupRepoGroupToPerm.group == self)
2642 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
2645 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
2643 joinedload(UserGroupRepoGroupToPerm.users_group),
2646 joinedload(UserGroupRepoGroupToPerm.users_group),
2644 joinedload(UserGroupRepoGroupToPerm.permission),)
2647 joinedload(UserGroupRepoGroupToPerm.permission),)
2645
2648
2646 perm_rows = []
2649 perm_rows = []
2647 for _user_group in q.all():
2650 for _user_group in q.all():
2648 usr = AttributeDict(_user_group.users_group.get_dict())
2651 usr = AttributeDict(_user_group.users_group.get_dict())
2649 usr.permission = _user_group.permission.permission_name
2652 usr.permission = _user_group.permission.permission_name
2650 perm_rows.append(usr)
2653 perm_rows.append(usr)
2651
2654
2652 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2655 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2653 return perm_rows
2656 return perm_rows
2654
2657
2655 def get_api_data(self):
2658 def get_api_data(self):
2656 """
2659 """
2657 Common function for generating api data
2660 Common function for generating api data
2658
2661
2659 """
2662 """
2660 group = self
2663 group = self
2661 data = {
2664 data = {
2662 'group_id': group.group_id,
2665 'group_id': group.group_id,
2663 'group_name': group.group_name,
2666 'group_name': group.group_name,
2664 'group_description': group.description_safe,
2667 'group_description': group.description_safe,
2665 'parent_group': group.parent_group.group_name if group.parent_group else None,
2668 'parent_group': group.parent_group.group_name if group.parent_group else None,
2666 'repositories': [x.repo_name for x in group.repositories],
2669 'repositories': [x.repo_name for x in group.repositories],
2667 'owner': group.user.username,
2670 'owner': group.user.username,
2668 }
2671 }
2669 return data
2672 return data
2670
2673
2671
2674
2672 class Permission(Base, BaseModel):
2675 class Permission(Base, BaseModel):
2673 __tablename__ = 'permissions'
2676 __tablename__ = 'permissions'
2674 __table_args__ = (
2677 __table_args__ = (
2675 Index('p_perm_name_idx', 'permission_name'),
2678 Index('p_perm_name_idx', 'permission_name'),
2676 base_table_args,
2679 base_table_args,
2677 )
2680 )
2678
2681
2679 PERMS = [
2682 PERMS = [
2680 ('hg.admin', _('RhodeCode Super Administrator')),
2683 ('hg.admin', _('RhodeCode Super Administrator')),
2681
2684
2682 ('repository.none', _('Repository no access')),
2685 ('repository.none', _('Repository no access')),
2683 ('repository.read', _('Repository read access')),
2686 ('repository.read', _('Repository read access')),
2684 ('repository.write', _('Repository write access')),
2687 ('repository.write', _('Repository write access')),
2685 ('repository.admin', _('Repository admin access')),
2688 ('repository.admin', _('Repository admin access')),
2686
2689
2687 ('group.none', _('Repository group no access')),
2690 ('group.none', _('Repository group no access')),
2688 ('group.read', _('Repository group read access')),
2691 ('group.read', _('Repository group read access')),
2689 ('group.write', _('Repository group write access')),
2692 ('group.write', _('Repository group write access')),
2690 ('group.admin', _('Repository group admin access')),
2693 ('group.admin', _('Repository group admin access')),
2691
2694
2692 ('usergroup.none', _('User group no access')),
2695 ('usergroup.none', _('User group no access')),
2693 ('usergroup.read', _('User group read access')),
2696 ('usergroup.read', _('User group read access')),
2694 ('usergroup.write', _('User group write access')),
2697 ('usergroup.write', _('User group write access')),
2695 ('usergroup.admin', _('User group admin access')),
2698 ('usergroup.admin', _('User group admin access')),
2696
2699
2700 ('branch.none', _('Branch no permissions')),
2701 ('branch.merge', _('Branch access by web merge')),
2702 ('branch.push', _('Branch access by push')),
2703 ('branch.push_force', _('Branch access by push with force')),
2704
2697 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
2705 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
2698 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
2706 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
2699
2707
2700 ('hg.usergroup.create.false', _('User Group creation disabled')),
2708 ('hg.usergroup.create.false', _('User Group creation disabled')),
2701 ('hg.usergroup.create.true', _('User Group creation enabled')),
2709 ('hg.usergroup.create.true', _('User Group creation enabled')),
2702
2710
2703 ('hg.create.none', _('Repository creation disabled')),
2711 ('hg.create.none', _('Repository creation disabled')),
2704 ('hg.create.repository', _('Repository creation enabled')),
2712 ('hg.create.repository', _('Repository creation enabled')),
2705 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
2713 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
2706 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
2714 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
2707
2715
2708 ('hg.fork.none', _('Repository forking disabled')),
2716 ('hg.fork.none', _('Repository forking disabled')),
2709 ('hg.fork.repository', _('Repository forking enabled')),
2717 ('hg.fork.repository', _('Repository forking enabled')),
2710
2718
2711 ('hg.register.none', _('Registration disabled')),
2719 ('hg.register.none', _('Registration disabled')),
2712 ('hg.register.manual_activate', _('User Registration with manual account activation')),
2720 ('hg.register.manual_activate', _('User Registration with manual account activation')),
2713 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
2721 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
2714
2722
2715 ('hg.password_reset.enabled', _('Password reset enabled')),
2723 ('hg.password_reset.enabled', _('Password reset enabled')),
2716 ('hg.password_reset.hidden', _('Password reset hidden')),
2724 ('hg.password_reset.hidden', _('Password reset hidden')),
2717 ('hg.password_reset.disabled', _('Password reset disabled')),
2725 ('hg.password_reset.disabled', _('Password reset disabled')),
2718
2726
2719 ('hg.extern_activate.manual', _('Manual activation of external account')),
2727 ('hg.extern_activate.manual', _('Manual activation of external account')),
2720 ('hg.extern_activate.auto', _('Automatic activation of external account')),
2728 ('hg.extern_activate.auto', _('Automatic activation of external account')),
2721
2729
2722 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
2730 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
2723 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
2731 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
2724 ]
2732 ]
2725
2733
2726 # definition of system default permissions for DEFAULT user
2734 # definition of system default permissions for DEFAULT user, created on
2735 # system setup
2727 DEFAULT_USER_PERMISSIONS = [
2736 DEFAULT_USER_PERMISSIONS = [
2737 # object perms
2728 'repository.read',
2738 'repository.read',
2729 'group.read',
2739 'group.read',
2730 'usergroup.read',
2740 'usergroup.read',
2741 # branch, for backward compat we need same value as before so forced pushed
2742 'branch.push_force',
2743 # global
2731 'hg.create.repository',
2744 'hg.create.repository',
2732 'hg.repogroup.create.false',
2745 'hg.repogroup.create.false',
2733 'hg.usergroup.create.false',
2746 'hg.usergroup.create.false',
2734 'hg.create.write_on_repogroup.true',
2747 'hg.create.write_on_repogroup.true',
2735 'hg.fork.repository',
2748 'hg.fork.repository',
2736 'hg.register.manual_activate',
2749 'hg.register.manual_activate',
2737 'hg.password_reset.enabled',
2750 'hg.password_reset.enabled',
2738 'hg.extern_activate.auto',
2751 'hg.extern_activate.auto',
2739 'hg.inherit_default_perms.true',
2752 'hg.inherit_default_perms.true',
2740 ]
2753 ]
2741
2754
2742 # defines which permissions are more important higher the more important
2755 # defines which permissions are more important higher the more important
2743 # Weight defines which permissions are more important.
2756 # Weight defines which permissions are more important.
2744 # The higher number the more important.
2757 # The higher number the more important.
2745 PERM_WEIGHTS = {
2758 PERM_WEIGHTS = {
2746 'repository.none': 0,
2759 'repository.none': 0,
2747 'repository.read': 1,
2760 'repository.read': 1,
2748 'repository.write': 3,
2761 'repository.write': 3,
2749 'repository.admin': 4,
2762 'repository.admin': 4,
2750
2763
2751 'group.none': 0,
2764 'group.none': 0,
2752 'group.read': 1,
2765 'group.read': 1,
2753 'group.write': 3,
2766 'group.write': 3,
2754 'group.admin': 4,
2767 'group.admin': 4,
2755
2768
2756 'usergroup.none': 0,
2769 'usergroup.none': 0,
2757 'usergroup.read': 1,
2770 'usergroup.read': 1,
2758 'usergroup.write': 3,
2771 'usergroup.write': 3,
2759 'usergroup.admin': 4,
2772 'usergroup.admin': 4,
2760
2773
2774 'branch.none': 0,
2775 'branch.merge': 1,
2776 'branch.push': 3,
2777 'branch.push_force': 4,
2778
2761 'hg.repogroup.create.false': 0,
2779 'hg.repogroup.create.false': 0,
2762 'hg.repogroup.create.true': 1,
2780 'hg.repogroup.create.true': 1,
2763
2781
2764 'hg.usergroup.create.false': 0,
2782 'hg.usergroup.create.false': 0,
2765 'hg.usergroup.create.true': 1,
2783 'hg.usergroup.create.true': 1,
2766
2784
2767 'hg.fork.none': 0,
2785 'hg.fork.none': 0,
2768 'hg.fork.repository': 1,
2786 'hg.fork.repository': 1,
2769 'hg.create.none': 0,
2787 'hg.create.none': 0,
2770 'hg.create.repository': 1
2788 'hg.create.repository': 1
2771 }
2789 }
2772
2790
2773 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2791 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2774 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
2792 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
2775 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
2793 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
2776
2794
2777 def __unicode__(self):
2795 def __unicode__(self):
2778 return u"<%s('%s:%s')>" % (
2796 return u"<%s('%s:%s')>" % (
2779 self.__class__.__name__, self.permission_id, self.permission_name
2797 self.__class__.__name__, self.permission_id, self.permission_name
2780 )
2798 )
2781
2799
2782 @classmethod
2800 @classmethod
2783 def get_by_key(cls, key):
2801 def get_by_key(cls, key):
2784 return cls.query().filter(cls.permission_name == key).scalar()
2802 return cls.query().filter(cls.permission_name == key).scalar()
2785
2803
2786 @classmethod
2804 @classmethod
2787 def get_default_repo_perms(cls, user_id, repo_id=None):
2805 def get_default_repo_perms(cls, user_id, repo_id=None):
2788 q = Session().query(UserRepoToPerm, Repository, Permission)\
2806 q = Session().query(UserRepoToPerm, Repository, Permission)\
2789 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
2807 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
2790 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
2808 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
2791 .filter(UserRepoToPerm.user_id == user_id)
2809 .filter(UserRepoToPerm.user_id == user_id)
2792 if repo_id:
2810 if repo_id:
2793 q = q.filter(UserRepoToPerm.repository_id == repo_id)
2811 q = q.filter(UserRepoToPerm.repository_id == repo_id)
2794 return q.all()
2812 return q.all()
2795
2813
2796 @classmethod
2814 @classmethod
2815 def get_default_repo_branch_perms(cls, user_id, repo_id=None):
2816 q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \
2817 .join(
2818 Permission,
2819 UserToRepoBranchPermission.permission_id == Permission.permission_id) \
2820 .join(
2821 UserRepoToPerm,
2822 UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \
2823 .filter(UserRepoToPerm.user_id == user_id)
2824
2825 if repo_id:
2826 q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)
2827 return q.order_by(UserToRepoBranchPermission.rule_order).all()
2828
2829 @classmethod
2797 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
2830 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
2798 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
2831 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
2799 .join(
2832 .join(
2800 Permission,
2833 Permission,
2801 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
2834 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
2802 .join(
2835 .join(
2803 Repository,
2836 Repository,
2804 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
2837 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
2805 .join(
2838 .join(
2806 UserGroup,
2839 UserGroup,
2807 UserGroupRepoToPerm.users_group_id ==
2840 UserGroupRepoToPerm.users_group_id ==
2808 UserGroup.users_group_id)\
2841 UserGroup.users_group_id)\
2809 .join(
2842 .join(
2810 UserGroupMember,
2843 UserGroupMember,
2811 UserGroupRepoToPerm.users_group_id ==
2844 UserGroupRepoToPerm.users_group_id ==
2812 UserGroupMember.users_group_id)\
2845 UserGroupMember.users_group_id)\
2813 .filter(
2846 .filter(
2814 UserGroupMember.user_id == user_id,
2847 UserGroupMember.user_id == user_id,
2815 UserGroup.users_group_active == true())
2848 UserGroup.users_group_active == true())
2816 if repo_id:
2849 if repo_id:
2817 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
2850 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
2818 return q.all()
2851 return q.all()
2819
2852
2820 @classmethod
2853 @classmethod
2854 def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):
2855 q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \
2856 .join(
2857 Permission,
2858 UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \
2859 .join(
2860 UserGroupRepoToPerm,
2861 UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \
2862 .join(
2863 UserGroup,
2864 UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \
2865 .join(
2866 UserGroupMember,
2867 UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \
2868 .filter(
2869 UserGroupMember.user_id == user_id,
2870 UserGroup.users_group_active == true())
2871
2872 if repo_id:
2873 q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)
2874 return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()
2875
2876 @classmethod
2821 def get_default_group_perms(cls, user_id, repo_group_id=None):
2877 def get_default_group_perms(cls, user_id, repo_group_id=None):
2822 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
2878 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
2823 .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\
2879 .join(
2824 .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
2880 Permission,
2881 UserRepoGroupToPerm.permission_id == Permission.permission_id)\
2882 .join(
2883 RepoGroup,
2884 UserRepoGroupToPerm.group_id == RepoGroup.group_id)\
2825 .filter(UserRepoGroupToPerm.user_id == user_id)
2885 .filter(UserRepoGroupToPerm.user_id == user_id)
2826 if repo_group_id:
2886 if repo_group_id:
2827 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
2887 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
2828 return q.all()
2888 return q.all()
2829
2889
2830 @classmethod
2890 @classmethod
2831 def get_default_group_perms_from_user_group(
2891 def get_default_group_perms_from_user_group(
2832 cls, user_id, repo_group_id=None):
2892 cls, user_id, repo_group_id=None):
2833 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
2893 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
2834 .join(
2894 .join(
2835 Permission,
2895 Permission,
2836 UserGroupRepoGroupToPerm.permission_id ==
2896 UserGroupRepoGroupToPerm.permission_id ==
2837 Permission.permission_id)\
2897 Permission.permission_id)\
2838 .join(
2898 .join(
2839 RepoGroup,
2899 RepoGroup,
2840 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
2900 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
2841 .join(
2901 .join(
2842 UserGroup,
2902 UserGroup,
2843 UserGroupRepoGroupToPerm.users_group_id ==
2903 UserGroupRepoGroupToPerm.users_group_id ==
2844 UserGroup.users_group_id)\
2904 UserGroup.users_group_id)\
2845 .join(
2905 .join(
2846 UserGroupMember,
2906 UserGroupMember,
2847 UserGroupRepoGroupToPerm.users_group_id ==
2907 UserGroupRepoGroupToPerm.users_group_id ==
2848 UserGroupMember.users_group_id)\
2908 UserGroupMember.users_group_id)\
2849 .filter(
2909 .filter(
2850 UserGroupMember.user_id == user_id,
2910 UserGroupMember.user_id == user_id,
2851 UserGroup.users_group_active == true())
2911 UserGroup.users_group_active == true())
2852 if repo_group_id:
2912 if repo_group_id:
2853 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
2913 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
2854 return q.all()
2914 return q.all()
2855
2915
2856 @classmethod
2916 @classmethod
2857 def get_default_user_group_perms(cls, user_id, user_group_id=None):
2917 def get_default_user_group_perms(cls, user_id, user_group_id=None):
2858 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
2918 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
2859 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
2919 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
2860 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
2920 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
2861 .filter(UserUserGroupToPerm.user_id == user_id)
2921 .filter(UserUserGroupToPerm.user_id == user_id)
2862 if user_group_id:
2922 if user_group_id:
2863 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
2923 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
2864 return q.all()
2924 return q.all()
2865
2925
2866 @classmethod
2926 @classmethod
2867 def get_default_user_group_perms_from_user_group(
2927 def get_default_user_group_perms_from_user_group(
2868 cls, user_id, user_group_id=None):
2928 cls, user_id, user_group_id=None):
2869 TargetUserGroup = aliased(UserGroup, name='target_user_group')
2929 TargetUserGroup = aliased(UserGroup, name='target_user_group')
2870 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
2930 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
2871 .join(
2931 .join(
2872 Permission,
2932 Permission,
2873 UserGroupUserGroupToPerm.permission_id ==
2933 UserGroupUserGroupToPerm.permission_id ==
2874 Permission.permission_id)\
2934 Permission.permission_id)\
2875 .join(
2935 .join(
2876 TargetUserGroup,
2936 TargetUserGroup,
2877 UserGroupUserGroupToPerm.target_user_group_id ==
2937 UserGroupUserGroupToPerm.target_user_group_id ==
2878 TargetUserGroup.users_group_id)\
2938 TargetUserGroup.users_group_id)\
2879 .join(
2939 .join(
2880 UserGroup,
2940 UserGroup,
2881 UserGroupUserGroupToPerm.user_group_id ==
2941 UserGroupUserGroupToPerm.user_group_id ==
2882 UserGroup.users_group_id)\
2942 UserGroup.users_group_id)\
2883 .join(
2943 .join(
2884 UserGroupMember,
2944 UserGroupMember,
2885 UserGroupUserGroupToPerm.user_group_id ==
2945 UserGroupUserGroupToPerm.user_group_id ==
2886 UserGroupMember.users_group_id)\
2946 UserGroupMember.users_group_id)\
2887 .filter(
2947 .filter(
2888 UserGroupMember.user_id == user_id,
2948 UserGroupMember.user_id == user_id,
2889 UserGroup.users_group_active == true())
2949 UserGroup.users_group_active == true())
2890 if user_group_id:
2950 if user_group_id:
2891 q = q.filter(
2951 q = q.filter(
2892 UserGroupUserGroupToPerm.user_group_id == user_group_id)
2952 UserGroupUserGroupToPerm.user_group_id == user_group_id)
2893
2953
2894 return q.all()
2954 return q.all()
2895
2955
2896
2956
2897 class UserRepoToPerm(Base, BaseModel):
2957 class UserRepoToPerm(Base, BaseModel):
2898 __tablename__ = 'repo_to_perm'
2958 __tablename__ = 'repo_to_perm'
2899 __table_args__ = (
2959 __table_args__ = (
2900 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
2960 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
2901 base_table_args
2961 base_table_args
2902 )
2962 )
2903
2963
2904 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2964 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2905 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2965 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2906 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2966 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2907 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2967 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2908
2968
2909 user = relationship('User')
2969 user = relationship('User')
2910 repository = relationship('Repository')
2970 repository = relationship('Repository')
2911 permission = relationship('Permission')
2971 permission = relationship('Permission')
2912
2972
2973 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete, delete-orphan", lazy='joined')
2974
2913 @classmethod
2975 @classmethod
2914 def create(cls, user, repository, permission):
2976 def create(cls, user, repository, permission):
2915 n = cls()
2977 n = cls()
2916 n.user = user
2978 n.user = user
2917 n.repository = repository
2979 n.repository = repository
2918 n.permission = permission
2980 n.permission = permission
2919 Session().add(n)
2981 Session().add(n)
2920 return n
2982 return n
2921
2983
2922 def __unicode__(self):
2984 def __unicode__(self):
2923 return u'<%s => %s >' % (self.user, self.repository)
2985 return u'<%s => %s >' % (self.user, self.repository)
2924
2986
2925
2987
2926 class UserUserGroupToPerm(Base, BaseModel):
2988 class UserUserGroupToPerm(Base, BaseModel):
2927 __tablename__ = 'user_user_group_to_perm'
2989 __tablename__ = 'user_user_group_to_perm'
2928 __table_args__ = (
2990 __table_args__ = (
2929 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
2991 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
2930 base_table_args
2992 base_table_args
2931 )
2993 )
2932
2994
2933 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2995 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2934 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2996 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2935 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2997 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2936 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2998 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2937
2999
2938 user = relationship('User')
3000 user = relationship('User')
2939 user_group = relationship('UserGroup')
3001 user_group = relationship('UserGroup')
2940 permission = relationship('Permission')
3002 permission = relationship('Permission')
2941
3003
2942 @classmethod
3004 @classmethod
2943 def create(cls, user, user_group, permission):
3005 def create(cls, user, user_group, permission):
2944 n = cls()
3006 n = cls()
2945 n.user = user
3007 n.user = user
2946 n.user_group = user_group
3008 n.user_group = user_group
2947 n.permission = permission
3009 n.permission = permission
2948 Session().add(n)
3010 Session().add(n)
2949 return n
3011 return n
2950
3012
2951 def __unicode__(self):
3013 def __unicode__(self):
2952 return u'<%s => %s >' % (self.user, self.user_group)
3014 return u'<%s => %s >' % (self.user, self.user_group)
2953
3015
2954
3016
2955 class UserToPerm(Base, BaseModel):
3017 class UserToPerm(Base, BaseModel):
2956 __tablename__ = 'user_to_perm'
3018 __tablename__ = 'user_to_perm'
2957 __table_args__ = (
3019 __table_args__ = (
2958 UniqueConstraint('user_id', 'permission_id'),
3020 UniqueConstraint('user_id', 'permission_id'),
2959 base_table_args
3021 base_table_args
2960 )
3022 )
2961
3023
2962 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3024 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2963 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3025 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2964 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3026 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2965
3027
2966 user = relationship('User')
3028 user = relationship('User')
2967 permission = relationship('Permission', lazy='joined')
3029 permission = relationship('Permission', lazy='joined')
2968
3030
2969 def __unicode__(self):
3031 def __unicode__(self):
2970 return u'<%s => %s >' % (self.user, self.permission)
3032 return u'<%s => %s >' % (self.user, self.permission)
2971
3033
2972
3034
2973 class UserGroupRepoToPerm(Base, BaseModel):
3035 class UserGroupRepoToPerm(Base, BaseModel):
2974 __tablename__ = 'users_group_repo_to_perm'
3036 __tablename__ = 'users_group_repo_to_perm'
2975 __table_args__ = (
3037 __table_args__ = (
2976 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
3038 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
2977 base_table_args
3039 base_table_args
2978 )
3040 )
2979
3041
2980 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3042 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2981 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3043 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2982 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3044 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2983 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3045 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2984
3046
2985 users_group = relationship('UserGroup')
3047 users_group = relationship('UserGroup')
2986 permission = relationship('Permission')
3048 permission = relationship('Permission')
2987 repository = relationship('Repository')
3049 repository = relationship('Repository')
2988
3050
2989 @classmethod
3051 @classmethod
2990 def create(cls, users_group, repository, permission):
3052 def create(cls, users_group, repository, permission):
2991 n = cls()
3053 n = cls()
2992 n.users_group = users_group
3054 n.users_group = users_group
2993 n.repository = repository
3055 n.repository = repository
2994 n.permission = permission
3056 n.permission = permission
2995 Session().add(n)
3057 Session().add(n)
2996 return n
3058 return n
2997
3059
2998 def __unicode__(self):
3060 def __unicode__(self):
2999 return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
3061 return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
3000
3062
3001
3063
3002 class UserGroupUserGroupToPerm(Base, BaseModel):
3064 class UserGroupUserGroupToPerm(Base, BaseModel):
3003 __tablename__ = 'user_group_user_group_to_perm'
3065 __tablename__ = 'user_group_user_group_to_perm'
3004 __table_args__ = (
3066 __table_args__ = (
3005 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
3067 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
3006 CheckConstraint('target_user_group_id != user_group_id'),
3068 CheckConstraint('target_user_group_id != user_group_id'),
3007 base_table_args
3069 base_table_args
3008 )
3070 )
3009
3071
3010 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3072 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3011 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3073 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3012 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3074 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3013 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3075 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3014
3076
3015 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
3077 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
3016 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3078 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3017 permission = relationship('Permission')
3079 permission = relationship('Permission')
3018
3080
3019 @classmethod
3081 @classmethod
3020 def create(cls, target_user_group, user_group, permission):
3082 def create(cls, target_user_group, user_group, permission):
3021 n = cls()
3083 n = cls()
3022 n.target_user_group = target_user_group
3084 n.target_user_group = target_user_group
3023 n.user_group = user_group
3085 n.user_group = user_group
3024 n.permission = permission
3086 n.permission = permission
3025 Session().add(n)
3087 Session().add(n)
3026 return n
3088 return n
3027
3089
3028 def __unicode__(self):
3090 def __unicode__(self):
3029 return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
3091 return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
3030
3092
3031
3093
3032 class UserGroupToPerm(Base, BaseModel):
3094 class UserGroupToPerm(Base, BaseModel):
3033 __tablename__ = 'users_group_to_perm'
3095 __tablename__ = 'users_group_to_perm'
3034 __table_args__ = (
3096 __table_args__ = (
3035 UniqueConstraint('users_group_id', 'permission_id',),
3097 UniqueConstraint('users_group_id', 'permission_id',),
3036 base_table_args
3098 base_table_args
3037 )
3099 )
3038
3100
3039 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3101 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3040 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3102 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3041 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3103 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3042
3104
3043 users_group = relationship('UserGroup')
3105 users_group = relationship('UserGroup')
3044 permission = relationship('Permission')
3106 permission = relationship('Permission')
3045
3107
3046
3108
3047 class UserRepoGroupToPerm(Base, BaseModel):
3109 class UserRepoGroupToPerm(Base, BaseModel):
3048 __tablename__ = 'user_repo_group_to_perm'
3110 __tablename__ = 'user_repo_group_to_perm'
3049 __table_args__ = (
3111 __table_args__ = (
3050 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3112 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3051 base_table_args
3113 base_table_args
3052 )
3114 )
3053
3115
3054 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3116 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3055 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3117 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3056 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3118 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3057 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3119 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3058
3120
3059 user = relationship('User')
3121 user = relationship('User')
3060 group = relationship('RepoGroup')
3122 group = relationship('RepoGroup')
3061 permission = relationship('Permission')
3123 permission = relationship('Permission')
3062
3124
3063 @classmethod
3125 @classmethod
3064 def create(cls, user, repository_group, permission):
3126 def create(cls, user, repository_group, permission):
3065 n = cls()
3127 n = cls()
3066 n.user = user
3128 n.user = user
3067 n.group = repository_group
3129 n.group = repository_group
3068 n.permission = permission
3130 n.permission = permission
3069 Session().add(n)
3131 Session().add(n)
3070 return n
3132 return n
3071
3133
3072
3134
3073 class UserGroupRepoGroupToPerm(Base, BaseModel):
3135 class UserGroupRepoGroupToPerm(Base, BaseModel):
3074 __tablename__ = 'users_group_repo_group_to_perm'
3136 __tablename__ = 'users_group_repo_group_to_perm'
3075 __table_args__ = (
3137 __table_args__ = (
3076 UniqueConstraint('users_group_id', 'group_id'),
3138 UniqueConstraint('users_group_id', 'group_id'),
3077 base_table_args
3139 base_table_args
3078 )
3140 )
3079
3141
3080 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3142 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3081 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3143 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3082 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3144 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3083 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3145 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3084
3146
3085 users_group = relationship('UserGroup')
3147 users_group = relationship('UserGroup')
3086 permission = relationship('Permission')
3148 permission = relationship('Permission')
3087 group = relationship('RepoGroup')
3149 group = relationship('RepoGroup')
3088
3150
3089 @classmethod
3151 @classmethod
3090 def create(cls, user_group, repository_group, permission):
3152 def create(cls, user_group, repository_group, permission):
3091 n = cls()
3153 n = cls()
3092 n.users_group = user_group
3154 n.users_group = user_group
3093 n.group = repository_group
3155 n.group = repository_group
3094 n.permission = permission
3156 n.permission = permission
3095 Session().add(n)
3157 Session().add(n)
3096 return n
3158 return n
3097
3159
3098 def __unicode__(self):
3160 def __unicode__(self):
3099 return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3161 return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3100
3162
3101
3163
3102 class Statistics(Base, BaseModel):
3164 class Statistics(Base, BaseModel):
3103 __tablename__ = 'statistics'
3165 __tablename__ = 'statistics'
3104 __table_args__ = (
3166 __table_args__ = (
3105 base_table_args
3167 base_table_args
3106 )
3168 )
3107
3169
3108 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3170 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3109 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3171 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3110 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3172 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3111 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
3173 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
3112 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
3174 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
3113 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
3175 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
3114
3176
3115 repository = relationship('Repository', single_parent=True)
3177 repository = relationship('Repository', single_parent=True)
3116
3178
3117
3179
3118 class UserFollowing(Base, BaseModel):
3180 class UserFollowing(Base, BaseModel):
3119 __tablename__ = 'user_followings'
3181 __tablename__ = 'user_followings'
3120 __table_args__ = (
3182 __table_args__ = (
3121 UniqueConstraint('user_id', 'follows_repository_id'),
3183 UniqueConstraint('user_id', 'follows_repository_id'),
3122 UniqueConstraint('user_id', 'follows_user_id'),
3184 UniqueConstraint('user_id', 'follows_user_id'),
3123 base_table_args
3185 base_table_args
3124 )
3186 )
3125
3187
3126 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3188 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3127 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3189 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3128 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3190 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3129 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3191 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3130 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3192 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3131
3193
3132 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
3194 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
3133
3195
3134 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3196 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3135 follows_repository = relationship('Repository', order_by='Repository.repo_name')
3197 follows_repository = relationship('Repository', order_by='Repository.repo_name')
3136
3198
3137 @classmethod
3199 @classmethod
3138 def get_repo_followers(cls, repo_id):
3200 def get_repo_followers(cls, repo_id):
3139 return cls.query().filter(cls.follows_repo_id == repo_id)
3201 return cls.query().filter(cls.follows_repo_id == repo_id)
3140
3202
3141
3203
3142 class CacheKey(Base, BaseModel):
3204 class CacheKey(Base, BaseModel):
3143 __tablename__ = 'cache_invalidation'
3205 __tablename__ = 'cache_invalidation'
3144 __table_args__ = (
3206 __table_args__ = (
3145 UniqueConstraint('cache_key'),
3207 UniqueConstraint('cache_key'),
3146 Index('key_idx', 'cache_key'),
3208 Index('key_idx', 'cache_key'),
3147 base_table_args,
3209 base_table_args,
3148 )
3210 )
3149
3211
3150 CACHE_TYPE_FEED = 'FEED'
3212 CACHE_TYPE_FEED = 'FEED'
3151 CACHE_TYPE_README = 'README'
3213 CACHE_TYPE_README = 'README'
3152 # namespaces used to register process/thread aware caches
3214 # namespaces used to register process/thread aware caches
3153 REPO_INVALIDATION_NAMESPACE = 'repo_cache:{repo_id}'
3215 REPO_INVALIDATION_NAMESPACE = 'repo_cache:{repo_id}'
3154 SETTINGS_INVALIDATION_NAMESPACE = 'system_settings'
3216 SETTINGS_INVALIDATION_NAMESPACE = 'system_settings'
3155
3217
3156 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3218 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3157 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3219 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3158 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3220 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3159 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3221 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3160
3222
3161 def __init__(self, cache_key, cache_args=''):
3223 def __init__(self, cache_key, cache_args=''):
3162 self.cache_key = cache_key
3224 self.cache_key = cache_key
3163 self.cache_args = cache_args
3225 self.cache_args = cache_args
3164 self.cache_active = False
3226 self.cache_active = False
3165
3227
3166 def __unicode__(self):
3228 def __unicode__(self):
3167 return u"<%s('%s:%s[%s]')>" % (
3229 return u"<%s('%s:%s[%s]')>" % (
3168 self.__class__.__name__,
3230 self.__class__.__name__,
3169 self.cache_id, self.cache_key, self.cache_active)
3231 self.cache_id, self.cache_key, self.cache_active)
3170
3232
3171 def _cache_key_partition(self):
3233 def _cache_key_partition(self):
3172 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3234 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3173 return prefix, repo_name, suffix
3235 return prefix, repo_name, suffix
3174
3236
3175 def get_prefix(self):
3237 def get_prefix(self):
3176 """
3238 """
3177 Try to extract prefix from existing cache key. The key could consist
3239 Try to extract prefix from existing cache key. The key could consist
3178 of prefix, repo_name, suffix
3240 of prefix, repo_name, suffix
3179 """
3241 """
3180 # this returns prefix, repo_name, suffix
3242 # this returns prefix, repo_name, suffix
3181 return self._cache_key_partition()[0]
3243 return self._cache_key_partition()[0]
3182
3244
3183 def get_suffix(self):
3245 def get_suffix(self):
3184 """
3246 """
3185 get suffix that might have been used in _get_cache_key to
3247 get suffix that might have been used in _get_cache_key to
3186 generate self.cache_key. Only used for informational purposes
3248 generate self.cache_key. Only used for informational purposes
3187 in repo_edit.mako.
3249 in repo_edit.mako.
3188 """
3250 """
3189 # prefix, repo_name, suffix
3251 # prefix, repo_name, suffix
3190 return self._cache_key_partition()[2]
3252 return self._cache_key_partition()[2]
3191
3253
3192 @classmethod
3254 @classmethod
3193 def delete_all_cache(cls):
3255 def delete_all_cache(cls):
3194 """
3256 """
3195 Delete all cache keys from database.
3257 Delete all cache keys from database.
3196 Should only be run when all instances are down and all entries
3258 Should only be run when all instances are down and all entries
3197 thus stale.
3259 thus stale.
3198 """
3260 """
3199 cls.query().delete()
3261 cls.query().delete()
3200 Session().commit()
3262 Session().commit()
3201
3263
3202 @classmethod
3264 @classmethod
3203 def set_invalidate(cls, cache_uid, delete=False):
3265 def set_invalidate(cls, cache_uid, delete=False):
3204 """
3266 """
3205 Mark all caches of a repo as invalid in the database.
3267 Mark all caches of a repo as invalid in the database.
3206 """
3268 """
3207
3269
3208 try:
3270 try:
3209 qry = Session().query(cls).filter(cls.cache_args == cache_uid)
3271 qry = Session().query(cls).filter(cls.cache_args == cache_uid)
3210 if delete:
3272 if delete:
3211 qry.delete()
3273 qry.delete()
3212 log.debug('cache objects deleted for cache args %s',
3274 log.debug('cache objects deleted for cache args %s',
3213 safe_str(cache_uid))
3275 safe_str(cache_uid))
3214 else:
3276 else:
3215 qry.update({"cache_active": False})
3277 qry.update({"cache_active": False})
3216 log.debug('cache objects marked as invalid for cache args %s',
3278 log.debug('cache objects marked as invalid for cache args %s',
3217 safe_str(cache_uid))
3279 safe_str(cache_uid))
3218
3280
3219 Session().commit()
3281 Session().commit()
3220 except Exception:
3282 except Exception:
3221 log.exception(
3283 log.exception(
3222 'Cache key invalidation failed for cache args %s',
3284 'Cache key invalidation failed for cache args %s',
3223 safe_str(cache_uid))
3285 safe_str(cache_uid))
3224 Session().rollback()
3286 Session().rollback()
3225
3287
3226 @classmethod
3288 @classmethod
3227 def get_active_cache(cls, cache_key):
3289 def get_active_cache(cls, cache_key):
3228 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3290 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3229 if inv_obj:
3291 if inv_obj:
3230 return inv_obj
3292 return inv_obj
3231 return None
3293 return None
3232
3294
3233
3295
3234 class ChangesetComment(Base, BaseModel):
3296 class ChangesetComment(Base, BaseModel):
3235 __tablename__ = 'changeset_comments'
3297 __tablename__ = 'changeset_comments'
3236 __table_args__ = (
3298 __table_args__ = (
3237 Index('cc_revision_idx', 'revision'),
3299 Index('cc_revision_idx', 'revision'),
3238 base_table_args,
3300 base_table_args,
3239 )
3301 )
3240
3302
3241 COMMENT_OUTDATED = u'comment_outdated'
3303 COMMENT_OUTDATED = u'comment_outdated'
3242 COMMENT_TYPE_NOTE = u'note'
3304 COMMENT_TYPE_NOTE = u'note'
3243 COMMENT_TYPE_TODO = u'todo'
3305 COMMENT_TYPE_TODO = u'todo'
3244 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3306 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3245
3307
3246 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3308 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3247 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3309 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3248 revision = Column('revision', String(40), nullable=True)
3310 revision = Column('revision', String(40), nullable=True)
3249 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3311 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3250 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3312 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3251 line_no = Column('line_no', Unicode(10), nullable=True)
3313 line_no = Column('line_no', Unicode(10), nullable=True)
3252 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3314 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3253 f_path = Column('f_path', Unicode(1000), nullable=True)
3315 f_path = Column('f_path', Unicode(1000), nullable=True)
3254 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3316 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3255 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3317 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3256 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3318 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3257 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3319 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3258 renderer = Column('renderer', Unicode(64), nullable=True)
3320 renderer = Column('renderer', Unicode(64), nullable=True)
3259 display_state = Column('display_state', Unicode(128), nullable=True)
3321 display_state = Column('display_state', Unicode(128), nullable=True)
3260
3322
3261 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3323 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3262 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3324 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3263 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, backref='resolved_by')
3325 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, backref='resolved_by')
3264 author = relationship('User', lazy='joined')
3326 author = relationship('User', lazy='joined')
3265 repo = relationship('Repository')
3327 repo = relationship('Repository')
3266 status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan", lazy='joined')
3328 status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan", lazy='joined')
3267 pull_request = relationship('PullRequest', lazy='joined')
3329 pull_request = relationship('PullRequest', lazy='joined')
3268 pull_request_version = relationship('PullRequestVersion')
3330 pull_request_version = relationship('PullRequestVersion')
3269
3331
3270 @classmethod
3332 @classmethod
3271 def get_users(cls, revision=None, pull_request_id=None):
3333 def get_users(cls, revision=None, pull_request_id=None):
3272 """
3334 """
3273 Returns user associated with this ChangesetComment. ie those
3335 Returns user associated with this ChangesetComment. ie those
3274 who actually commented
3336 who actually commented
3275
3337
3276 :param cls:
3338 :param cls:
3277 :param revision:
3339 :param revision:
3278 """
3340 """
3279 q = Session().query(User)\
3341 q = Session().query(User)\
3280 .join(ChangesetComment.author)
3342 .join(ChangesetComment.author)
3281 if revision:
3343 if revision:
3282 q = q.filter(cls.revision == revision)
3344 q = q.filter(cls.revision == revision)
3283 elif pull_request_id:
3345 elif pull_request_id:
3284 q = q.filter(cls.pull_request_id == pull_request_id)
3346 q = q.filter(cls.pull_request_id == pull_request_id)
3285 return q.all()
3347 return q.all()
3286
3348
3287 @classmethod
3349 @classmethod
3288 def get_index_from_version(cls, pr_version, versions):
3350 def get_index_from_version(cls, pr_version, versions):
3289 num_versions = [x.pull_request_version_id for x in versions]
3351 num_versions = [x.pull_request_version_id for x in versions]
3290 try:
3352 try:
3291 return num_versions.index(pr_version) +1
3353 return num_versions.index(pr_version) +1
3292 except (IndexError, ValueError):
3354 except (IndexError, ValueError):
3293 return
3355 return
3294
3356
3295 @property
3357 @property
3296 def outdated(self):
3358 def outdated(self):
3297 return self.display_state == self.COMMENT_OUTDATED
3359 return self.display_state == self.COMMENT_OUTDATED
3298
3360
3299 def outdated_at_version(self, version):
3361 def outdated_at_version(self, version):
3300 """
3362 """
3301 Checks if comment is outdated for given pull request version
3363 Checks if comment is outdated for given pull request version
3302 """
3364 """
3303 return self.outdated and self.pull_request_version_id != version
3365 return self.outdated and self.pull_request_version_id != version
3304
3366
3305 def older_than_version(self, version):
3367 def older_than_version(self, version):
3306 """
3368 """
3307 Checks if comment is made from previous version than given
3369 Checks if comment is made from previous version than given
3308 """
3370 """
3309 if version is None:
3371 if version is None:
3310 return self.pull_request_version_id is not None
3372 return self.pull_request_version_id is not None
3311
3373
3312 return self.pull_request_version_id < version
3374 return self.pull_request_version_id < version
3313
3375
3314 @property
3376 @property
3315 def resolved(self):
3377 def resolved(self):
3316 return self.resolved_by[0] if self.resolved_by else None
3378 return self.resolved_by[0] if self.resolved_by else None
3317
3379
3318 @property
3380 @property
3319 def is_todo(self):
3381 def is_todo(self):
3320 return self.comment_type == self.COMMENT_TYPE_TODO
3382 return self.comment_type == self.COMMENT_TYPE_TODO
3321
3383
3322 @property
3384 @property
3323 def is_inline(self):
3385 def is_inline(self):
3324 return self.line_no and self.f_path
3386 return self.line_no and self.f_path
3325
3387
3326 def get_index_version(self, versions):
3388 def get_index_version(self, versions):
3327 return self.get_index_from_version(
3389 return self.get_index_from_version(
3328 self.pull_request_version_id, versions)
3390 self.pull_request_version_id, versions)
3329
3391
3330 def __repr__(self):
3392 def __repr__(self):
3331 if self.comment_id:
3393 if self.comment_id:
3332 return '<DB:Comment #%s>' % self.comment_id
3394 return '<DB:Comment #%s>' % self.comment_id
3333 else:
3395 else:
3334 return '<DB:Comment at %#x>' % id(self)
3396 return '<DB:Comment at %#x>' % id(self)
3335
3397
3336 def get_api_data(self):
3398 def get_api_data(self):
3337 comment = self
3399 comment = self
3338 data = {
3400 data = {
3339 'comment_id': comment.comment_id,
3401 'comment_id': comment.comment_id,
3340 'comment_type': comment.comment_type,
3402 'comment_type': comment.comment_type,
3341 'comment_text': comment.text,
3403 'comment_text': comment.text,
3342 'comment_status': comment.status_change,
3404 'comment_status': comment.status_change,
3343 'comment_f_path': comment.f_path,
3405 'comment_f_path': comment.f_path,
3344 'comment_lineno': comment.line_no,
3406 'comment_lineno': comment.line_no,
3345 'comment_author': comment.author,
3407 'comment_author': comment.author,
3346 'comment_created_on': comment.created_on
3408 'comment_created_on': comment.created_on
3347 }
3409 }
3348 return data
3410 return data
3349
3411
3350 def __json__(self):
3412 def __json__(self):
3351 data = dict()
3413 data = dict()
3352 data.update(self.get_api_data())
3414 data.update(self.get_api_data())
3353 return data
3415 return data
3354
3416
3355
3417
3356 class ChangesetStatus(Base, BaseModel):
3418 class ChangesetStatus(Base, BaseModel):
3357 __tablename__ = 'changeset_statuses'
3419 __tablename__ = 'changeset_statuses'
3358 __table_args__ = (
3420 __table_args__ = (
3359 Index('cs_revision_idx', 'revision'),
3421 Index('cs_revision_idx', 'revision'),
3360 Index('cs_version_idx', 'version'),
3422 Index('cs_version_idx', 'version'),
3361 UniqueConstraint('repo_id', 'revision', 'version'),
3423 UniqueConstraint('repo_id', 'revision', 'version'),
3362 base_table_args
3424 base_table_args
3363 )
3425 )
3364
3426
3365 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
3427 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
3366 STATUS_APPROVED = 'approved'
3428 STATUS_APPROVED = 'approved'
3367 STATUS_REJECTED = 'rejected'
3429 STATUS_REJECTED = 'rejected'
3368 STATUS_UNDER_REVIEW = 'under_review'
3430 STATUS_UNDER_REVIEW = 'under_review'
3369
3431
3370 STATUSES = [
3432 STATUSES = [
3371 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
3433 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
3372 (STATUS_APPROVED, _("Approved")),
3434 (STATUS_APPROVED, _("Approved")),
3373 (STATUS_REJECTED, _("Rejected")),
3435 (STATUS_REJECTED, _("Rejected")),
3374 (STATUS_UNDER_REVIEW, _("Under Review")),
3436 (STATUS_UNDER_REVIEW, _("Under Review")),
3375 ]
3437 ]
3376
3438
3377 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
3439 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
3378 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3440 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3379 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
3441 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
3380 revision = Column('revision', String(40), nullable=False)
3442 revision = Column('revision', String(40), nullable=False)
3381 status = Column('status', String(128), nullable=False, default=DEFAULT)
3443 status = Column('status', String(128), nullable=False, default=DEFAULT)
3382 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
3444 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
3383 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
3445 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
3384 version = Column('version', Integer(), nullable=False, default=0)
3446 version = Column('version', Integer(), nullable=False, default=0)
3385 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3447 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3386
3448
3387 author = relationship('User', lazy='joined')
3449 author = relationship('User', lazy='joined')
3388 repo = relationship('Repository')
3450 repo = relationship('Repository')
3389 comment = relationship('ChangesetComment', lazy='joined')
3451 comment = relationship('ChangesetComment', lazy='joined')
3390 pull_request = relationship('PullRequest', lazy='joined')
3452 pull_request = relationship('PullRequest', lazy='joined')
3391
3453
3392 def __unicode__(self):
3454 def __unicode__(self):
3393 return u"<%s('%s[v%s]:%s')>" % (
3455 return u"<%s('%s[v%s]:%s')>" % (
3394 self.__class__.__name__,
3456 self.__class__.__name__,
3395 self.status, self.version, self.author
3457 self.status, self.version, self.author
3396 )
3458 )
3397
3459
3398 @classmethod
3460 @classmethod
3399 def get_status_lbl(cls, value):
3461 def get_status_lbl(cls, value):
3400 return dict(cls.STATUSES).get(value)
3462 return dict(cls.STATUSES).get(value)
3401
3463
3402 @property
3464 @property
3403 def status_lbl(self):
3465 def status_lbl(self):
3404 return ChangesetStatus.get_status_lbl(self.status)
3466 return ChangesetStatus.get_status_lbl(self.status)
3405
3467
3406 def get_api_data(self):
3468 def get_api_data(self):
3407 status = self
3469 status = self
3408 data = {
3470 data = {
3409 'status_id': status.changeset_status_id,
3471 'status_id': status.changeset_status_id,
3410 'status': status.status,
3472 'status': status.status,
3411 }
3473 }
3412 return data
3474 return data
3413
3475
3414 def __json__(self):
3476 def __json__(self):
3415 data = dict()
3477 data = dict()
3416 data.update(self.get_api_data())
3478 data.update(self.get_api_data())
3417 return data
3479 return data
3418
3480
3419
3481
3420 class _PullRequestBase(BaseModel):
3482 class _PullRequestBase(BaseModel):
3421 """
3483 """
3422 Common attributes of pull request and version entries.
3484 Common attributes of pull request and version entries.
3423 """
3485 """
3424
3486
3425 # .status values
3487 # .status values
3426 STATUS_NEW = u'new'
3488 STATUS_NEW = u'new'
3427 STATUS_OPEN = u'open'
3489 STATUS_OPEN = u'open'
3428 STATUS_CLOSED = u'closed'
3490 STATUS_CLOSED = u'closed'
3429
3491
3430 title = Column('title', Unicode(255), nullable=True)
3492 title = Column('title', Unicode(255), nullable=True)
3431 description = Column(
3493 description = Column(
3432 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
3494 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
3433 nullable=True)
3495 nullable=True)
3434 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
3496 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
3435
3497
3436 # new/open/closed status of pull request (not approve/reject/etc)
3498 # new/open/closed status of pull request (not approve/reject/etc)
3437 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
3499 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
3438 created_on = Column(
3500 created_on = Column(
3439 'created_on', DateTime(timezone=False), nullable=False,
3501 'created_on', DateTime(timezone=False), nullable=False,
3440 default=datetime.datetime.now)
3502 default=datetime.datetime.now)
3441 updated_on = Column(
3503 updated_on = Column(
3442 'updated_on', DateTime(timezone=False), nullable=False,
3504 'updated_on', DateTime(timezone=False), nullable=False,
3443 default=datetime.datetime.now)
3505 default=datetime.datetime.now)
3444
3506
3445 @declared_attr
3507 @declared_attr
3446 def user_id(cls):
3508 def user_id(cls):
3447 return Column(
3509 return Column(
3448 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
3510 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
3449 unique=None)
3511 unique=None)
3450
3512
3451 # 500 revisions max
3513 # 500 revisions max
3452 _revisions = Column(
3514 _revisions = Column(
3453 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
3515 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
3454
3516
3455 @declared_attr
3517 @declared_attr
3456 def source_repo_id(cls):
3518 def source_repo_id(cls):
3457 # TODO: dan: rename column to source_repo_id
3519 # TODO: dan: rename column to source_repo_id
3458 return Column(
3520 return Column(
3459 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3521 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3460 nullable=False)
3522 nullable=False)
3461
3523
3462 source_ref = Column('org_ref', Unicode(255), nullable=False)
3524 source_ref = Column('org_ref', Unicode(255), nullable=False)
3463
3525
3464 @declared_attr
3526 @declared_attr
3465 def target_repo_id(cls):
3527 def target_repo_id(cls):
3466 # TODO: dan: rename column to target_repo_id
3528 # TODO: dan: rename column to target_repo_id
3467 return Column(
3529 return Column(
3468 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3530 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3469 nullable=False)
3531 nullable=False)
3470
3532
3471 target_ref = Column('other_ref', Unicode(255), nullable=False)
3533 target_ref = Column('other_ref', Unicode(255), nullable=False)
3472 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
3534 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
3473
3535
3474 # TODO: dan: rename column to last_merge_source_rev
3536 # TODO: dan: rename column to last_merge_source_rev
3475 _last_merge_source_rev = Column(
3537 _last_merge_source_rev = Column(
3476 'last_merge_org_rev', String(40), nullable=True)
3538 'last_merge_org_rev', String(40), nullable=True)
3477 # TODO: dan: rename column to last_merge_target_rev
3539 # TODO: dan: rename column to last_merge_target_rev
3478 _last_merge_target_rev = Column(
3540 _last_merge_target_rev = Column(
3479 'last_merge_other_rev', String(40), nullable=True)
3541 'last_merge_other_rev', String(40), nullable=True)
3480 _last_merge_status = Column('merge_status', Integer(), nullable=True)
3542 _last_merge_status = Column('merge_status', Integer(), nullable=True)
3481 merge_rev = Column('merge_rev', String(40), nullable=True)
3543 merge_rev = Column('merge_rev', String(40), nullable=True)
3482
3544
3483 reviewer_data = Column(
3545 reviewer_data = Column(
3484 'reviewer_data_json', MutationObj.as_mutable(
3546 'reviewer_data_json', MutationObj.as_mutable(
3485 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3547 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3486
3548
3487 @property
3549 @property
3488 def reviewer_data_json(self):
3550 def reviewer_data_json(self):
3489 return json.dumps(self.reviewer_data)
3551 return json.dumps(self.reviewer_data)
3490
3552
3491 @hybrid_property
3553 @hybrid_property
3492 def description_safe(self):
3554 def description_safe(self):
3493 from rhodecode.lib import helpers as h
3555 from rhodecode.lib import helpers as h
3494 return h.escape(self.description)
3556 return h.escape(self.description)
3495
3557
3496 @hybrid_property
3558 @hybrid_property
3497 def revisions(self):
3559 def revisions(self):
3498 return self._revisions.split(':') if self._revisions else []
3560 return self._revisions.split(':') if self._revisions else []
3499
3561
3500 @revisions.setter
3562 @revisions.setter
3501 def revisions(self, val):
3563 def revisions(self, val):
3502 self._revisions = ':'.join(val)
3564 self._revisions = ':'.join(val)
3503
3565
3504 @hybrid_property
3566 @hybrid_property
3505 def last_merge_status(self):
3567 def last_merge_status(self):
3506 return safe_int(self._last_merge_status)
3568 return safe_int(self._last_merge_status)
3507
3569
3508 @last_merge_status.setter
3570 @last_merge_status.setter
3509 def last_merge_status(self, val):
3571 def last_merge_status(self, val):
3510 self._last_merge_status = val
3572 self._last_merge_status = val
3511
3573
3512 @declared_attr
3574 @declared_attr
3513 def author(cls):
3575 def author(cls):
3514 return relationship('User', lazy='joined')
3576 return relationship('User', lazy='joined')
3515
3577
3516 @declared_attr
3578 @declared_attr
3517 def source_repo(cls):
3579 def source_repo(cls):
3518 return relationship(
3580 return relationship(
3519 'Repository',
3581 'Repository',
3520 primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
3582 primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
3521
3583
3522 @property
3584 @property
3523 def source_ref_parts(self):
3585 def source_ref_parts(self):
3524 return self.unicode_to_reference(self.source_ref)
3586 return self.unicode_to_reference(self.source_ref)
3525
3587
3526 @declared_attr
3588 @declared_attr
3527 def target_repo(cls):
3589 def target_repo(cls):
3528 return relationship(
3590 return relationship(
3529 'Repository',
3591 'Repository',
3530 primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
3592 primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
3531
3593
3532 @property
3594 @property
3533 def target_ref_parts(self):
3595 def target_ref_parts(self):
3534 return self.unicode_to_reference(self.target_ref)
3596 return self.unicode_to_reference(self.target_ref)
3535
3597
3536 @property
3598 @property
3537 def shadow_merge_ref(self):
3599 def shadow_merge_ref(self):
3538 return self.unicode_to_reference(self._shadow_merge_ref)
3600 return self.unicode_to_reference(self._shadow_merge_ref)
3539
3601
3540 @shadow_merge_ref.setter
3602 @shadow_merge_ref.setter
3541 def shadow_merge_ref(self, ref):
3603 def shadow_merge_ref(self, ref):
3542 self._shadow_merge_ref = self.reference_to_unicode(ref)
3604 self._shadow_merge_ref = self.reference_to_unicode(ref)
3543
3605
3544 def unicode_to_reference(self, raw):
3606 def unicode_to_reference(self, raw):
3545 """
3607 """
3546 Convert a unicode (or string) to a reference object.
3608 Convert a unicode (or string) to a reference object.
3547 If unicode evaluates to False it returns None.
3609 If unicode evaluates to False it returns None.
3548 """
3610 """
3549 if raw:
3611 if raw:
3550 refs = raw.split(':')
3612 refs = raw.split(':')
3551 return Reference(*refs)
3613 return Reference(*refs)
3552 else:
3614 else:
3553 return None
3615 return None
3554
3616
3555 def reference_to_unicode(self, ref):
3617 def reference_to_unicode(self, ref):
3556 """
3618 """
3557 Convert a reference object to unicode.
3619 Convert a reference object to unicode.
3558 If reference is None it returns None.
3620 If reference is None it returns None.
3559 """
3621 """
3560 if ref:
3622 if ref:
3561 return u':'.join(ref)
3623 return u':'.join(ref)
3562 else:
3624 else:
3563 return None
3625 return None
3564
3626
3565 def get_api_data(self, with_merge_state=True):
3627 def get_api_data(self, with_merge_state=True):
3566 from rhodecode.model.pull_request import PullRequestModel
3628 from rhodecode.model.pull_request import PullRequestModel
3567
3629
3568 pull_request = self
3630 pull_request = self
3569 if with_merge_state:
3631 if with_merge_state:
3570 merge_status = PullRequestModel().merge_status(pull_request)
3632 merge_status = PullRequestModel().merge_status(pull_request)
3571 merge_state = {
3633 merge_state = {
3572 'status': merge_status[0],
3634 'status': merge_status[0],
3573 'message': safe_unicode(merge_status[1]),
3635 'message': safe_unicode(merge_status[1]),
3574 }
3636 }
3575 else:
3637 else:
3576 merge_state = {'status': 'not_available',
3638 merge_state = {'status': 'not_available',
3577 'message': 'not_available'}
3639 'message': 'not_available'}
3578
3640
3579 merge_data = {
3641 merge_data = {
3580 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
3642 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
3581 'reference': (
3643 'reference': (
3582 pull_request.shadow_merge_ref._asdict()
3644 pull_request.shadow_merge_ref._asdict()
3583 if pull_request.shadow_merge_ref else None),
3645 if pull_request.shadow_merge_ref else None),
3584 }
3646 }
3585
3647
3586 data = {
3648 data = {
3587 'pull_request_id': pull_request.pull_request_id,
3649 'pull_request_id': pull_request.pull_request_id,
3588 'url': PullRequestModel().get_url(pull_request),
3650 'url': PullRequestModel().get_url(pull_request),
3589 'title': pull_request.title,
3651 'title': pull_request.title,
3590 'description': pull_request.description,
3652 'description': pull_request.description,
3591 'status': pull_request.status,
3653 'status': pull_request.status,
3592 'created_on': pull_request.created_on,
3654 'created_on': pull_request.created_on,
3593 'updated_on': pull_request.updated_on,
3655 'updated_on': pull_request.updated_on,
3594 'commit_ids': pull_request.revisions,
3656 'commit_ids': pull_request.revisions,
3595 'review_status': pull_request.calculated_review_status(),
3657 'review_status': pull_request.calculated_review_status(),
3596 'mergeable': merge_state,
3658 'mergeable': merge_state,
3597 'source': {
3659 'source': {
3598 'clone_url': pull_request.source_repo.clone_url(),
3660 'clone_url': pull_request.source_repo.clone_url(),
3599 'repository': pull_request.source_repo.repo_name,
3661 'repository': pull_request.source_repo.repo_name,
3600 'reference': {
3662 'reference': {
3601 'name': pull_request.source_ref_parts.name,
3663 'name': pull_request.source_ref_parts.name,
3602 'type': pull_request.source_ref_parts.type,
3664 'type': pull_request.source_ref_parts.type,
3603 'commit_id': pull_request.source_ref_parts.commit_id,
3665 'commit_id': pull_request.source_ref_parts.commit_id,
3604 },
3666 },
3605 },
3667 },
3606 'target': {
3668 'target': {
3607 'clone_url': pull_request.target_repo.clone_url(),
3669 'clone_url': pull_request.target_repo.clone_url(),
3608 'repository': pull_request.target_repo.repo_name,
3670 'repository': pull_request.target_repo.repo_name,
3609 'reference': {
3671 'reference': {
3610 'name': pull_request.target_ref_parts.name,
3672 'name': pull_request.target_ref_parts.name,
3611 'type': pull_request.target_ref_parts.type,
3673 'type': pull_request.target_ref_parts.type,
3612 'commit_id': pull_request.target_ref_parts.commit_id,
3674 'commit_id': pull_request.target_ref_parts.commit_id,
3613 },
3675 },
3614 },
3676 },
3615 'merge': merge_data,
3677 'merge': merge_data,
3616 'author': pull_request.author.get_api_data(include_secrets=False,
3678 'author': pull_request.author.get_api_data(include_secrets=False,
3617 details='basic'),
3679 details='basic'),
3618 'reviewers': [
3680 'reviewers': [
3619 {
3681 {
3620 'user': reviewer.get_api_data(include_secrets=False,
3682 'user': reviewer.get_api_data(include_secrets=False,
3621 details='basic'),
3683 details='basic'),
3622 'reasons': reasons,
3684 'reasons': reasons,
3623 'review_status': st[0][1].status if st else 'not_reviewed',
3685 'review_status': st[0][1].status if st else 'not_reviewed',
3624 }
3686 }
3625 for obj, reviewer, reasons, mandatory, st in
3687 for obj, reviewer, reasons, mandatory, st in
3626 pull_request.reviewers_statuses()
3688 pull_request.reviewers_statuses()
3627 ]
3689 ]
3628 }
3690 }
3629
3691
3630 return data
3692 return data
3631
3693
3632
3694
3633 class PullRequest(Base, _PullRequestBase):
3695 class PullRequest(Base, _PullRequestBase):
3634 __tablename__ = 'pull_requests'
3696 __tablename__ = 'pull_requests'
3635 __table_args__ = (
3697 __table_args__ = (
3636 base_table_args,
3698 base_table_args,
3637 )
3699 )
3638
3700
3639 pull_request_id = Column(
3701 pull_request_id = Column(
3640 'pull_request_id', Integer(), nullable=False, primary_key=True)
3702 'pull_request_id', Integer(), nullable=False, primary_key=True)
3641
3703
3642 def __repr__(self):
3704 def __repr__(self):
3643 if self.pull_request_id:
3705 if self.pull_request_id:
3644 return '<DB:PullRequest #%s>' % self.pull_request_id
3706 return '<DB:PullRequest #%s>' % self.pull_request_id
3645 else:
3707 else:
3646 return '<DB:PullRequest at %#x>' % id(self)
3708 return '<DB:PullRequest at %#x>' % id(self)
3647
3709
3648 reviewers = relationship('PullRequestReviewers',
3710 reviewers = relationship('PullRequestReviewers',
3649 cascade="all, delete, delete-orphan")
3711 cascade="all, delete, delete-orphan")
3650 statuses = relationship('ChangesetStatus',
3712 statuses = relationship('ChangesetStatus',
3651 cascade="all, delete, delete-orphan")
3713 cascade="all, delete, delete-orphan")
3652 comments = relationship('ChangesetComment',
3714 comments = relationship('ChangesetComment',
3653 cascade="all, delete, delete-orphan")
3715 cascade="all, delete, delete-orphan")
3654 versions = relationship('PullRequestVersion',
3716 versions = relationship('PullRequestVersion',
3655 cascade="all, delete, delete-orphan",
3717 cascade="all, delete, delete-orphan",
3656 lazy='dynamic')
3718 lazy='dynamic')
3657
3719
3658 @classmethod
3720 @classmethod
3659 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
3721 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
3660 internal_methods=None):
3722 internal_methods=None):
3661
3723
3662 class PullRequestDisplay(object):
3724 class PullRequestDisplay(object):
3663 """
3725 """
3664 Special object wrapper for showing PullRequest data via Versions
3726 Special object wrapper for showing PullRequest data via Versions
3665 It mimics PR object as close as possible. This is read only object
3727 It mimics PR object as close as possible. This is read only object
3666 just for display
3728 just for display
3667 """
3729 """
3668
3730
3669 def __init__(self, attrs, internal=None):
3731 def __init__(self, attrs, internal=None):
3670 self.attrs = attrs
3732 self.attrs = attrs
3671 # internal have priority over the given ones via attrs
3733 # internal have priority over the given ones via attrs
3672 self.internal = internal or ['versions']
3734 self.internal = internal or ['versions']
3673
3735
3674 def __getattr__(self, item):
3736 def __getattr__(self, item):
3675 if item in self.internal:
3737 if item in self.internal:
3676 return getattr(self, item)
3738 return getattr(self, item)
3677 try:
3739 try:
3678 return self.attrs[item]
3740 return self.attrs[item]
3679 except KeyError:
3741 except KeyError:
3680 raise AttributeError(
3742 raise AttributeError(
3681 '%s object has no attribute %s' % (self, item))
3743 '%s object has no attribute %s' % (self, item))
3682
3744
3683 def __repr__(self):
3745 def __repr__(self):
3684 return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
3746 return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
3685
3747
3686 def versions(self):
3748 def versions(self):
3687 return pull_request_obj.versions.order_by(
3749 return pull_request_obj.versions.order_by(
3688 PullRequestVersion.pull_request_version_id).all()
3750 PullRequestVersion.pull_request_version_id).all()
3689
3751
3690 def is_closed(self):
3752 def is_closed(self):
3691 return pull_request_obj.is_closed()
3753 return pull_request_obj.is_closed()
3692
3754
3693 @property
3755 @property
3694 def pull_request_version_id(self):
3756 def pull_request_version_id(self):
3695 return getattr(pull_request_obj, 'pull_request_version_id', None)
3757 return getattr(pull_request_obj, 'pull_request_version_id', None)
3696
3758
3697 attrs = StrictAttributeDict(pull_request_obj.get_api_data())
3759 attrs = StrictAttributeDict(pull_request_obj.get_api_data())
3698
3760
3699 attrs.author = StrictAttributeDict(
3761 attrs.author = StrictAttributeDict(
3700 pull_request_obj.author.get_api_data())
3762 pull_request_obj.author.get_api_data())
3701 if pull_request_obj.target_repo:
3763 if pull_request_obj.target_repo:
3702 attrs.target_repo = StrictAttributeDict(
3764 attrs.target_repo = StrictAttributeDict(
3703 pull_request_obj.target_repo.get_api_data())
3765 pull_request_obj.target_repo.get_api_data())
3704 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
3766 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
3705
3767
3706 if pull_request_obj.source_repo:
3768 if pull_request_obj.source_repo:
3707 attrs.source_repo = StrictAttributeDict(
3769 attrs.source_repo = StrictAttributeDict(
3708 pull_request_obj.source_repo.get_api_data())
3770 pull_request_obj.source_repo.get_api_data())
3709 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
3771 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
3710
3772
3711 attrs.source_ref_parts = pull_request_obj.source_ref_parts
3773 attrs.source_ref_parts = pull_request_obj.source_ref_parts
3712 attrs.target_ref_parts = pull_request_obj.target_ref_parts
3774 attrs.target_ref_parts = pull_request_obj.target_ref_parts
3713 attrs.revisions = pull_request_obj.revisions
3775 attrs.revisions = pull_request_obj.revisions
3714
3776
3715 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
3777 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
3716 attrs.reviewer_data = org_pull_request_obj.reviewer_data
3778 attrs.reviewer_data = org_pull_request_obj.reviewer_data
3717 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
3779 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
3718
3780
3719 return PullRequestDisplay(attrs, internal=internal_methods)
3781 return PullRequestDisplay(attrs, internal=internal_methods)
3720
3782
3721 def is_closed(self):
3783 def is_closed(self):
3722 return self.status == self.STATUS_CLOSED
3784 return self.status == self.STATUS_CLOSED
3723
3785
3724 def __json__(self):
3786 def __json__(self):
3725 return {
3787 return {
3726 'revisions': self.revisions,
3788 'revisions': self.revisions,
3727 }
3789 }
3728
3790
3729 def calculated_review_status(self):
3791 def calculated_review_status(self):
3730 from rhodecode.model.changeset_status import ChangesetStatusModel
3792 from rhodecode.model.changeset_status import ChangesetStatusModel
3731 return ChangesetStatusModel().calculated_review_status(self)
3793 return ChangesetStatusModel().calculated_review_status(self)
3732
3794
3733 def reviewers_statuses(self):
3795 def reviewers_statuses(self):
3734 from rhodecode.model.changeset_status import ChangesetStatusModel
3796 from rhodecode.model.changeset_status import ChangesetStatusModel
3735 return ChangesetStatusModel().reviewers_statuses(self)
3797 return ChangesetStatusModel().reviewers_statuses(self)
3736
3798
3737 @property
3799 @property
3738 def workspace_id(self):
3800 def workspace_id(self):
3739 from rhodecode.model.pull_request import PullRequestModel
3801 from rhodecode.model.pull_request import PullRequestModel
3740 return PullRequestModel()._workspace_id(self)
3802 return PullRequestModel()._workspace_id(self)
3741
3803
3742 def get_shadow_repo(self):
3804 def get_shadow_repo(self):
3743 workspace_id = self.workspace_id
3805 workspace_id = self.workspace_id
3744 vcs_obj = self.target_repo.scm_instance()
3806 vcs_obj = self.target_repo.scm_instance()
3745 shadow_repository_path = vcs_obj._get_shadow_repository_path(
3807 shadow_repository_path = vcs_obj._get_shadow_repository_path(
3746 self.target_repo.repo_id, workspace_id)
3808 self.target_repo.repo_id, workspace_id)
3747 if os.path.isdir(shadow_repository_path):
3809 if os.path.isdir(shadow_repository_path):
3748 return vcs_obj._get_shadow_instance(shadow_repository_path)
3810 return vcs_obj._get_shadow_instance(shadow_repository_path)
3749
3811
3750
3812
3751 class PullRequestVersion(Base, _PullRequestBase):
3813 class PullRequestVersion(Base, _PullRequestBase):
3752 __tablename__ = 'pull_request_versions'
3814 __tablename__ = 'pull_request_versions'
3753 __table_args__ = (
3815 __table_args__ = (
3754 base_table_args,
3816 base_table_args,
3755 )
3817 )
3756
3818
3757 pull_request_version_id = Column(
3819 pull_request_version_id = Column(
3758 'pull_request_version_id', Integer(), nullable=False, primary_key=True)
3820 'pull_request_version_id', Integer(), nullable=False, primary_key=True)
3759 pull_request_id = Column(
3821 pull_request_id = Column(
3760 'pull_request_id', Integer(),
3822 'pull_request_id', Integer(),
3761 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3823 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3762 pull_request = relationship('PullRequest')
3824 pull_request = relationship('PullRequest')
3763
3825
3764 def __repr__(self):
3826 def __repr__(self):
3765 if self.pull_request_version_id:
3827 if self.pull_request_version_id:
3766 return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
3828 return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
3767 else:
3829 else:
3768 return '<DB:PullRequestVersion at %#x>' % id(self)
3830 return '<DB:PullRequestVersion at %#x>' % id(self)
3769
3831
3770 @property
3832 @property
3771 def reviewers(self):
3833 def reviewers(self):
3772 return self.pull_request.reviewers
3834 return self.pull_request.reviewers
3773
3835
3774 @property
3836 @property
3775 def versions(self):
3837 def versions(self):
3776 return self.pull_request.versions
3838 return self.pull_request.versions
3777
3839
3778 def is_closed(self):
3840 def is_closed(self):
3779 # calculate from original
3841 # calculate from original
3780 return self.pull_request.status == self.STATUS_CLOSED
3842 return self.pull_request.status == self.STATUS_CLOSED
3781
3843
3782 def calculated_review_status(self):
3844 def calculated_review_status(self):
3783 return self.pull_request.calculated_review_status()
3845 return self.pull_request.calculated_review_status()
3784
3846
3785 def reviewers_statuses(self):
3847 def reviewers_statuses(self):
3786 return self.pull_request.reviewers_statuses()
3848 return self.pull_request.reviewers_statuses()
3787
3849
3788
3850
3789 class PullRequestReviewers(Base, BaseModel):
3851 class PullRequestReviewers(Base, BaseModel):
3790 __tablename__ = 'pull_request_reviewers'
3852 __tablename__ = 'pull_request_reviewers'
3791 __table_args__ = (
3853 __table_args__ = (
3792 base_table_args,
3854 base_table_args,
3793 )
3855 )
3794
3856
3795 @hybrid_property
3857 @hybrid_property
3796 def reasons(self):
3858 def reasons(self):
3797 if not self._reasons:
3859 if not self._reasons:
3798 return []
3860 return []
3799 return self._reasons
3861 return self._reasons
3800
3862
3801 @reasons.setter
3863 @reasons.setter
3802 def reasons(self, val):
3864 def reasons(self, val):
3803 val = val or []
3865 val = val or []
3804 if any(not isinstance(x, basestring) for x in val):
3866 if any(not isinstance(x, basestring) for x in val):
3805 raise Exception('invalid reasons type, must be list of strings')
3867 raise Exception('invalid reasons type, must be list of strings')
3806 self._reasons = val
3868 self._reasons = val
3807
3869
3808 pull_requests_reviewers_id = Column(
3870 pull_requests_reviewers_id = Column(
3809 'pull_requests_reviewers_id', Integer(), nullable=False,
3871 'pull_requests_reviewers_id', Integer(), nullable=False,
3810 primary_key=True)
3872 primary_key=True)
3811 pull_request_id = Column(
3873 pull_request_id = Column(
3812 "pull_request_id", Integer(),
3874 "pull_request_id", Integer(),
3813 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3875 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3814 user_id = Column(
3876 user_id = Column(
3815 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
3877 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
3816 _reasons = Column(
3878 _reasons = Column(
3817 'reason', MutationList.as_mutable(
3879 'reason', MutationList.as_mutable(
3818 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
3880 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
3819
3881
3820 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
3882 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
3821 user = relationship('User')
3883 user = relationship('User')
3822 pull_request = relationship('PullRequest')
3884 pull_request = relationship('PullRequest')
3823
3885
3824 rule_data = Column(
3886 rule_data = Column(
3825 'rule_data_json',
3887 'rule_data_json',
3826 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
3888 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
3827
3889
3828 def rule_user_group_data(self):
3890 def rule_user_group_data(self):
3829 """
3891 """
3830 Returns the voting user group rule data for this reviewer
3892 Returns the voting user group rule data for this reviewer
3831 """
3893 """
3832
3894
3833 if self.rule_data and 'vote_rule' in self.rule_data:
3895 if self.rule_data and 'vote_rule' in self.rule_data:
3834 user_group_data = {}
3896 user_group_data = {}
3835 if 'rule_user_group_entry_id' in self.rule_data:
3897 if 'rule_user_group_entry_id' in self.rule_data:
3836 # means a group with voting rules !
3898 # means a group with voting rules !
3837 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
3899 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
3838 user_group_data['name'] = self.rule_data['rule_name']
3900 user_group_data['name'] = self.rule_data['rule_name']
3839 user_group_data['vote_rule'] = self.rule_data['vote_rule']
3901 user_group_data['vote_rule'] = self.rule_data['vote_rule']
3840
3902
3841 return user_group_data
3903 return user_group_data
3842
3904
3843 def __unicode__(self):
3905 def __unicode__(self):
3844 return u"<%s('id:%s')>" % (self.__class__.__name__,
3906 return u"<%s('id:%s')>" % (self.__class__.__name__,
3845 self.pull_requests_reviewers_id)
3907 self.pull_requests_reviewers_id)
3846
3908
3847
3909
3848 class Notification(Base, BaseModel):
3910 class Notification(Base, BaseModel):
3849 __tablename__ = 'notifications'
3911 __tablename__ = 'notifications'
3850 __table_args__ = (
3912 __table_args__ = (
3851 Index('notification_type_idx', 'type'),
3913 Index('notification_type_idx', 'type'),
3852 base_table_args,
3914 base_table_args,
3853 )
3915 )
3854
3916
3855 TYPE_CHANGESET_COMMENT = u'cs_comment'
3917 TYPE_CHANGESET_COMMENT = u'cs_comment'
3856 TYPE_MESSAGE = u'message'
3918 TYPE_MESSAGE = u'message'
3857 TYPE_MENTION = u'mention'
3919 TYPE_MENTION = u'mention'
3858 TYPE_REGISTRATION = u'registration'
3920 TYPE_REGISTRATION = u'registration'
3859 TYPE_PULL_REQUEST = u'pull_request'
3921 TYPE_PULL_REQUEST = u'pull_request'
3860 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
3922 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
3861
3923
3862 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
3924 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
3863 subject = Column('subject', Unicode(512), nullable=True)
3925 subject = Column('subject', Unicode(512), nullable=True)
3864 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
3926 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
3865 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
3927 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
3866 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3928 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3867 type_ = Column('type', Unicode(255))
3929 type_ = Column('type', Unicode(255))
3868
3930
3869 created_by_user = relationship('User')
3931 created_by_user = relationship('User')
3870 notifications_to_users = relationship('UserNotification', lazy='joined',
3932 notifications_to_users = relationship('UserNotification', lazy='joined',
3871 cascade="all, delete, delete-orphan")
3933 cascade="all, delete, delete-orphan")
3872
3934
3873 @property
3935 @property
3874 def recipients(self):
3936 def recipients(self):
3875 return [x.user for x in UserNotification.query()\
3937 return [x.user for x in UserNotification.query()\
3876 .filter(UserNotification.notification == self)\
3938 .filter(UserNotification.notification == self)\
3877 .order_by(UserNotification.user_id.asc()).all()]
3939 .order_by(UserNotification.user_id.asc()).all()]
3878
3940
3879 @classmethod
3941 @classmethod
3880 def create(cls, created_by, subject, body, recipients, type_=None):
3942 def create(cls, created_by, subject, body, recipients, type_=None):
3881 if type_ is None:
3943 if type_ is None:
3882 type_ = Notification.TYPE_MESSAGE
3944 type_ = Notification.TYPE_MESSAGE
3883
3945
3884 notification = cls()
3946 notification = cls()
3885 notification.created_by_user = created_by
3947 notification.created_by_user = created_by
3886 notification.subject = subject
3948 notification.subject = subject
3887 notification.body = body
3949 notification.body = body
3888 notification.type_ = type_
3950 notification.type_ = type_
3889 notification.created_on = datetime.datetime.now()
3951 notification.created_on = datetime.datetime.now()
3890
3952
3891 # For each recipient link the created notification to his account
3953 # For each recipient link the created notification to his account
3892 for u in recipients:
3954 for u in recipients:
3893 assoc = UserNotification()
3955 assoc = UserNotification()
3894 assoc.user_id = u.user_id
3956 assoc.user_id = u.user_id
3895 assoc.notification = notification
3957 assoc.notification = notification
3896
3958
3897 # if created_by is inside recipients mark his notification
3959 # if created_by is inside recipients mark his notification
3898 # as read
3960 # as read
3899 if u.user_id == created_by.user_id:
3961 if u.user_id == created_by.user_id:
3900 assoc.read = True
3962 assoc.read = True
3901 Session().add(assoc)
3963 Session().add(assoc)
3902
3964
3903 Session().add(notification)
3965 Session().add(notification)
3904
3966
3905 return notification
3967 return notification
3906
3968
3907
3969
3908 class UserNotification(Base, BaseModel):
3970 class UserNotification(Base, BaseModel):
3909 __tablename__ = 'user_to_notification'
3971 __tablename__ = 'user_to_notification'
3910 __table_args__ = (
3972 __table_args__ = (
3911 UniqueConstraint('user_id', 'notification_id'),
3973 UniqueConstraint('user_id', 'notification_id'),
3912 base_table_args
3974 base_table_args
3913 )
3975 )
3914
3976
3915 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
3977 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
3916 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
3978 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
3917 read = Column('read', Boolean, default=False)
3979 read = Column('read', Boolean, default=False)
3918 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
3980 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
3919
3981
3920 user = relationship('User', lazy="joined")
3982 user = relationship('User', lazy="joined")
3921 notification = relationship('Notification', lazy="joined",
3983 notification = relationship('Notification', lazy="joined",
3922 order_by=lambda: Notification.created_on.desc(),)
3984 order_by=lambda: Notification.created_on.desc(),)
3923
3985
3924 def mark_as_read(self):
3986 def mark_as_read(self):
3925 self.read = True
3987 self.read = True
3926 Session().add(self)
3988 Session().add(self)
3927
3989
3928
3990
3929 class Gist(Base, BaseModel):
3991 class Gist(Base, BaseModel):
3930 __tablename__ = 'gists'
3992 __tablename__ = 'gists'
3931 __table_args__ = (
3993 __table_args__ = (
3932 Index('g_gist_access_id_idx', 'gist_access_id'),
3994 Index('g_gist_access_id_idx', 'gist_access_id'),
3933 Index('g_created_on_idx', 'created_on'),
3995 Index('g_created_on_idx', 'created_on'),
3934 base_table_args
3996 base_table_args
3935 )
3997 )
3936
3998
3937 GIST_PUBLIC = u'public'
3999 GIST_PUBLIC = u'public'
3938 GIST_PRIVATE = u'private'
4000 GIST_PRIVATE = u'private'
3939 DEFAULT_FILENAME = u'gistfile1.txt'
4001 DEFAULT_FILENAME = u'gistfile1.txt'
3940
4002
3941 ACL_LEVEL_PUBLIC = u'acl_public'
4003 ACL_LEVEL_PUBLIC = u'acl_public'
3942 ACL_LEVEL_PRIVATE = u'acl_private'
4004 ACL_LEVEL_PRIVATE = u'acl_private'
3943
4005
3944 gist_id = Column('gist_id', Integer(), primary_key=True)
4006 gist_id = Column('gist_id', Integer(), primary_key=True)
3945 gist_access_id = Column('gist_access_id', Unicode(250))
4007 gist_access_id = Column('gist_access_id', Unicode(250))
3946 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
4008 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
3947 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
4009 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
3948 gist_expires = Column('gist_expires', Float(53), nullable=False)
4010 gist_expires = Column('gist_expires', Float(53), nullable=False)
3949 gist_type = Column('gist_type', Unicode(128), nullable=False)
4011 gist_type = Column('gist_type', Unicode(128), nullable=False)
3950 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4012 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3951 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4013 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3952 acl_level = Column('acl_level', Unicode(128), nullable=True)
4014 acl_level = Column('acl_level', Unicode(128), nullable=True)
3953
4015
3954 owner = relationship('User')
4016 owner = relationship('User')
3955
4017
3956 def __repr__(self):
4018 def __repr__(self):
3957 return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
4019 return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
3958
4020
3959 @hybrid_property
4021 @hybrid_property
3960 def description_safe(self):
4022 def description_safe(self):
3961 from rhodecode.lib import helpers as h
4023 from rhodecode.lib import helpers as h
3962 return h.escape(self.gist_description)
4024 return h.escape(self.gist_description)
3963
4025
3964 @classmethod
4026 @classmethod
3965 def get_or_404(cls, id_):
4027 def get_or_404(cls, id_):
3966 from pyramid.httpexceptions import HTTPNotFound
4028 from pyramid.httpexceptions import HTTPNotFound
3967
4029
3968 res = cls.query().filter(cls.gist_access_id == id_).scalar()
4030 res = cls.query().filter(cls.gist_access_id == id_).scalar()
3969 if not res:
4031 if not res:
3970 raise HTTPNotFound()
4032 raise HTTPNotFound()
3971 return res
4033 return res
3972
4034
3973 @classmethod
4035 @classmethod
3974 def get_by_access_id(cls, gist_access_id):
4036 def get_by_access_id(cls, gist_access_id):
3975 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
4037 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
3976
4038
3977 def gist_url(self):
4039 def gist_url(self):
3978 from rhodecode.model.gist import GistModel
4040 from rhodecode.model.gist import GistModel
3979 return GistModel().get_url(self)
4041 return GistModel().get_url(self)
3980
4042
3981 @classmethod
4043 @classmethod
3982 def base_path(cls):
4044 def base_path(cls):
3983 """
4045 """
3984 Returns base path when all gists are stored
4046 Returns base path when all gists are stored
3985
4047
3986 :param cls:
4048 :param cls:
3987 """
4049 """
3988 from rhodecode.model.gist import GIST_STORE_LOC
4050 from rhodecode.model.gist import GIST_STORE_LOC
3989 q = Session().query(RhodeCodeUi)\
4051 q = Session().query(RhodeCodeUi)\
3990 .filter(RhodeCodeUi.ui_key == URL_SEP)
4052 .filter(RhodeCodeUi.ui_key == URL_SEP)
3991 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
4053 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
3992 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
4054 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
3993
4055
3994 def get_api_data(self):
4056 def get_api_data(self):
3995 """
4057 """
3996 Common function for generating gist related data for API
4058 Common function for generating gist related data for API
3997 """
4059 """
3998 gist = self
4060 gist = self
3999 data = {
4061 data = {
4000 'gist_id': gist.gist_id,
4062 'gist_id': gist.gist_id,
4001 'type': gist.gist_type,
4063 'type': gist.gist_type,
4002 'access_id': gist.gist_access_id,
4064 'access_id': gist.gist_access_id,
4003 'description': gist.gist_description,
4065 'description': gist.gist_description,
4004 'url': gist.gist_url(),
4066 'url': gist.gist_url(),
4005 'expires': gist.gist_expires,
4067 'expires': gist.gist_expires,
4006 'created_on': gist.created_on,
4068 'created_on': gist.created_on,
4007 'modified_at': gist.modified_at,
4069 'modified_at': gist.modified_at,
4008 'content': None,
4070 'content': None,
4009 'acl_level': gist.acl_level,
4071 'acl_level': gist.acl_level,
4010 }
4072 }
4011 return data
4073 return data
4012
4074
4013 def __json__(self):
4075 def __json__(self):
4014 data = dict(
4076 data = dict(
4015 )
4077 )
4016 data.update(self.get_api_data())
4078 data.update(self.get_api_data())
4017 return data
4079 return data
4018 # SCM functions
4080 # SCM functions
4019
4081
4020 def scm_instance(self, **kwargs):
4082 def scm_instance(self, **kwargs):
4021 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
4083 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
4022 return get_vcs_instance(
4084 return get_vcs_instance(
4023 repo_path=safe_str(full_repo_path), create=False)
4085 repo_path=safe_str(full_repo_path), create=False)
4024
4086
4025
4087
4026 class ExternalIdentity(Base, BaseModel):
4088 class ExternalIdentity(Base, BaseModel):
4027 __tablename__ = 'external_identities'
4089 __tablename__ = 'external_identities'
4028 __table_args__ = (
4090 __table_args__ = (
4029 Index('local_user_id_idx', 'local_user_id'),
4091 Index('local_user_id_idx', 'local_user_id'),
4030 Index('external_id_idx', 'external_id'),
4092 Index('external_id_idx', 'external_id'),
4031 base_table_args
4093 base_table_args
4032 )
4094 )
4033
4095
4034 external_id = Column('external_id', Unicode(255), default=u'',
4096 external_id = Column('external_id', Unicode(255), default=u'',
4035 primary_key=True)
4097 primary_key=True)
4036 external_username = Column('external_username', Unicode(1024), default=u'')
4098 external_username = Column('external_username', Unicode(1024), default=u'')
4037 local_user_id = Column('local_user_id', Integer(),
4099 local_user_id = Column('local_user_id', Integer(),
4038 ForeignKey('users.user_id'), primary_key=True)
4100 ForeignKey('users.user_id'), primary_key=True)
4039 provider_name = Column('provider_name', Unicode(255), default=u'',
4101 provider_name = Column('provider_name', Unicode(255), default=u'',
4040 primary_key=True)
4102 primary_key=True)
4041 access_token = Column('access_token', String(1024), default=u'')
4103 access_token = Column('access_token', String(1024), default=u'')
4042 alt_token = Column('alt_token', String(1024), default=u'')
4104 alt_token = Column('alt_token', String(1024), default=u'')
4043 token_secret = Column('token_secret', String(1024), default=u'')
4105 token_secret = Column('token_secret', String(1024), default=u'')
4044
4106
4045 @classmethod
4107 @classmethod
4046 def by_external_id_and_provider(cls, external_id, provider_name,
4108 def by_external_id_and_provider(cls, external_id, provider_name,
4047 local_user_id=None):
4109 local_user_id=None):
4048 """
4110 """
4049 Returns ExternalIdentity instance based on search params
4111 Returns ExternalIdentity instance based on search params
4050
4112
4051 :param external_id:
4113 :param external_id:
4052 :param provider_name:
4114 :param provider_name:
4053 :return: ExternalIdentity
4115 :return: ExternalIdentity
4054 """
4116 """
4055 query = cls.query()
4117 query = cls.query()
4056 query = query.filter(cls.external_id == external_id)
4118 query = query.filter(cls.external_id == external_id)
4057 query = query.filter(cls.provider_name == provider_name)
4119 query = query.filter(cls.provider_name == provider_name)
4058 if local_user_id:
4120 if local_user_id:
4059 query = query.filter(cls.local_user_id == local_user_id)
4121 query = query.filter(cls.local_user_id == local_user_id)
4060 return query.first()
4122 return query.first()
4061
4123
4062 @classmethod
4124 @classmethod
4063 def user_by_external_id_and_provider(cls, external_id, provider_name):
4125 def user_by_external_id_and_provider(cls, external_id, provider_name):
4064 """
4126 """
4065 Returns User instance based on search params
4127 Returns User instance based on search params
4066
4128
4067 :param external_id:
4129 :param external_id:
4068 :param provider_name:
4130 :param provider_name:
4069 :return: User
4131 :return: User
4070 """
4132 """
4071 query = User.query()
4133 query = User.query()
4072 query = query.filter(cls.external_id == external_id)
4134 query = query.filter(cls.external_id == external_id)
4073 query = query.filter(cls.provider_name == provider_name)
4135 query = query.filter(cls.provider_name == provider_name)
4074 query = query.filter(User.user_id == cls.local_user_id)
4136 query = query.filter(User.user_id == cls.local_user_id)
4075 return query.first()
4137 return query.first()
4076
4138
4077 @classmethod
4139 @classmethod
4078 def by_local_user_id(cls, local_user_id):
4140 def by_local_user_id(cls, local_user_id):
4079 """
4141 """
4080 Returns all tokens for user
4142 Returns all tokens for user
4081
4143
4082 :param local_user_id:
4144 :param local_user_id:
4083 :return: ExternalIdentity
4145 :return: ExternalIdentity
4084 """
4146 """
4085 query = cls.query()
4147 query = cls.query()
4086 query = query.filter(cls.local_user_id == local_user_id)
4148 query = query.filter(cls.local_user_id == local_user_id)
4087 return query
4149 return query
4088
4150
4089
4151
4090 class Integration(Base, BaseModel):
4152 class Integration(Base, BaseModel):
4091 __tablename__ = 'integrations'
4153 __tablename__ = 'integrations'
4092 __table_args__ = (
4154 __table_args__ = (
4093 base_table_args
4155 base_table_args
4094 )
4156 )
4095
4157
4096 integration_id = Column('integration_id', Integer(), primary_key=True)
4158 integration_id = Column('integration_id', Integer(), primary_key=True)
4097 integration_type = Column('integration_type', String(255))
4159 integration_type = Column('integration_type', String(255))
4098 enabled = Column('enabled', Boolean(), nullable=False)
4160 enabled = Column('enabled', Boolean(), nullable=False)
4099 name = Column('name', String(255), nullable=False)
4161 name = Column('name', String(255), nullable=False)
4100 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
4162 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
4101 default=False)
4163 default=False)
4102
4164
4103 settings = Column(
4165 settings = Column(
4104 'settings_json', MutationObj.as_mutable(
4166 'settings_json', MutationObj.as_mutable(
4105 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4167 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4106 repo_id = Column(
4168 repo_id = Column(
4107 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
4169 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
4108 nullable=True, unique=None, default=None)
4170 nullable=True, unique=None, default=None)
4109 repo = relationship('Repository', lazy='joined')
4171 repo = relationship('Repository', lazy='joined')
4110
4172
4111 repo_group_id = Column(
4173 repo_group_id = Column(
4112 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
4174 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
4113 nullable=True, unique=None, default=None)
4175 nullable=True, unique=None, default=None)
4114 repo_group = relationship('RepoGroup', lazy='joined')
4176 repo_group = relationship('RepoGroup', lazy='joined')
4115
4177
4116 @property
4178 @property
4117 def scope(self):
4179 def scope(self):
4118 if self.repo:
4180 if self.repo:
4119 return repr(self.repo)
4181 return repr(self.repo)
4120 if self.repo_group:
4182 if self.repo_group:
4121 if self.child_repos_only:
4183 if self.child_repos_only:
4122 return repr(self.repo_group) + ' (child repos only)'
4184 return repr(self.repo_group) + ' (child repos only)'
4123 else:
4185 else:
4124 return repr(self.repo_group) + ' (recursive)'
4186 return repr(self.repo_group) + ' (recursive)'
4125 if self.child_repos_only:
4187 if self.child_repos_only:
4126 return 'root_repos'
4188 return 'root_repos'
4127 return 'global'
4189 return 'global'
4128
4190
4129 def __repr__(self):
4191 def __repr__(self):
4130 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
4192 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
4131
4193
4132
4194
4133 class RepoReviewRuleUser(Base, BaseModel):
4195 class RepoReviewRuleUser(Base, BaseModel):
4134 __tablename__ = 'repo_review_rules_users'
4196 __tablename__ = 'repo_review_rules_users'
4135 __table_args__ = (
4197 __table_args__ = (
4136 base_table_args
4198 base_table_args
4137 )
4199 )
4138
4200
4139 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
4201 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
4140 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4202 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4141 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
4203 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
4142 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4204 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4143 user = relationship('User')
4205 user = relationship('User')
4144
4206
4145 def rule_data(self):
4207 def rule_data(self):
4146 return {
4208 return {
4147 'mandatory': self.mandatory
4209 'mandatory': self.mandatory
4148 }
4210 }
4149
4211
4150
4212
4151 class RepoReviewRuleUserGroup(Base, BaseModel):
4213 class RepoReviewRuleUserGroup(Base, BaseModel):
4152 __tablename__ = 'repo_review_rules_users_groups'
4214 __tablename__ = 'repo_review_rules_users_groups'
4153 __table_args__ = (
4215 __table_args__ = (
4154 base_table_args
4216 base_table_args
4155 )
4217 )
4156
4218
4157 VOTE_RULE_ALL = -1
4219 VOTE_RULE_ALL = -1
4158
4220
4159 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
4221 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
4160 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4222 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4161 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
4223 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
4162 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4224 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4163 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
4225 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
4164 users_group = relationship('UserGroup')
4226 users_group = relationship('UserGroup')
4165
4227
4166 def rule_data(self):
4228 def rule_data(self):
4167 return {
4229 return {
4168 'mandatory': self.mandatory,
4230 'mandatory': self.mandatory,
4169 'vote_rule': self.vote_rule
4231 'vote_rule': self.vote_rule
4170 }
4232 }
4171
4233
4172 @property
4234 @property
4173 def vote_rule_label(self):
4235 def vote_rule_label(self):
4174 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
4236 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
4175 return 'all must vote'
4237 return 'all must vote'
4176 else:
4238 else:
4177 return 'min. vote {}'.format(self.vote_rule)
4239 return 'min. vote {}'.format(self.vote_rule)
4178
4240
4179
4241
4180 class RepoReviewRule(Base, BaseModel):
4242 class RepoReviewRule(Base, BaseModel):
4181 __tablename__ = 'repo_review_rules'
4243 __tablename__ = 'repo_review_rules'
4182 __table_args__ = (
4244 __table_args__ = (
4183 base_table_args
4245 base_table_args
4184 )
4246 )
4185
4247
4186 repo_review_rule_id = Column(
4248 repo_review_rule_id = Column(
4187 'repo_review_rule_id', Integer(), primary_key=True)
4249 'repo_review_rule_id', Integer(), primary_key=True)
4188 repo_id = Column(
4250 repo_id = Column(
4189 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
4251 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
4190 repo = relationship('Repository', backref='review_rules')
4252 repo = relationship('Repository', backref='review_rules')
4191
4253
4192 review_rule_name = Column('review_rule_name', String(255))
4254 review_rule_name = Column('review_rule_name', String(255))
4193 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4255 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4194 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4256 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4195 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4257 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4196
4258
4197 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
4259 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
4198 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
4260 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
4199 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
4261 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
4200 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
4262 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
4201
4263
4202 rule_users = relationship('RepoReviewRuleUser')
4264 rule_users = relationship('RepoReviewRuleUser')
4203 rule_user_groups = relationship('RepoReviewRuleUserGroup')
4265 rule_user_groups = relationship('RepoReviewRuleUserGroup')
4204
4266
4205 def _validate_pattern(self, value):
4267 def _validate_pattern(self, value):
4206 re.compile('^' + glob2re(value) + '$')
4268 re.compile('^' + glob2re(value) + '$')
4207
4269
4208 @hybrid_property
4270 @hybrid_property
4209 def source_branch_pattern(self):
4271 def source_branch_pattern(self):
4210 return self._branch_pattern or '*'
4272 return self._branch_pattern or '*'
4211
4273
4212 @source_branch_pattern.setter
4274 @source_branch_pattern.setter
4213 def source_branch_pattern(self, value):
4275 def source_branch_pattern(self, value):
4214 self._validate_pattern(value)
4276 self._validate_pattern(value)
4215 self._branch_pattern = value or '*'
4277 self._branch_pattern = value or '*'
4216
4278
4217 @hybrid_property
4279 @hybrid_property
4218 def target_branch_pattern(self):
4280 def target_branch_pattern(self):
4219 return self._target_branch_pattern or '*'
4281 return self._target_branch_pattern or '*'
4220
4282
4221 @target_branch_pattern.setter
4283 @target_branch_pattern.setter
4222 def target_branch_pattern(self, value):
4284 def target_branch_pattern(self, value):
4223 self._validate_pattern(value)
4285 self._validate_pattern(value)
4224 self._target_branch_pattern = value or '*'
4286 self._target_branch_pattern = value or '*'
4225
4287
4226 @hybrid_property
4288 @hybrid_property
4227 def file_pattern(self):
4289 def file_pattern(self):
4228 return self._file_pattern or '*'
4290 return self._file_pattern or '*'
4229
4291
4230 @file_pattern.setter
4292 @file_pattern.setter
4231 def file_pattern(self, value):
4293 def file_pattern(self, value):
4232 self._validate_pattern(value)
4294 self._validate_pattern(value)
4233 self._file_pattern = value or '*'
4295 self._file_pattern = value or '*'
4234
4296
4235 def matches(self, source_branch, target_branch, files_changed):
4297 def matches(self, source_branch, target_branch, files_changed):
4236 """
4298 """
4237 Check if this review rule matches a branch/files in a pull request
4299 Check if this review rule matches a branch/files in a pull request
4238
4300
4239 :param source_branch: source branch name for the commit
4301 :param source_branch: source branch name for the commit
4240 :param target_branch: target branch name for the commit
4302 :param target_branch: target branch name for the commit
4241 :param files_changed: list of file paths changed in the pull request
4303 :param files_changed: list of file paths changed in the pull request
4242 """
4304 """
4243
4305
4244 source_branch = source_branch or ''
4306 source_branch = source_branch or ''
4245 target_branch = target_branch or ''
4307 target_branch = target_branch or ''
4246 files_changed = files_changed or []
4308 files_changed = files_changed or []
4247
4309
4248 branch_matches = True
4310 branch_matches = True
4249 if source_branch or target_branch:
4311 if source_branch or target_branch:
4250 if self.source_branch_pattern == '*':
4312 if self.source_branch_pattern == '*':
4251 source_branch_match = True
4313 source_branch_match = True
4252 else:
4314 else:
4253 if self.source_branch_pattern.startswith('re:'):
4315 if self.source_branch_pattern.startswith('re:'):
4254 source_pattern = self.source_branch_pattern[3:]
4316 source_pattern = self.source_branch_pattern[3:]
4255 else:
4317 else:
4256 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
4318 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
4257 source_branch_regex = re.compile(source_pattern)
4319 source_branch_regex = re.compile(source_pattern)
4258 source_branch_match = bool(source_branch_regex.search(source_branch))
4320 source_branch_match = bool(source_branch_regex.search(source_branch))
4259 if self.target_branch_pattern == '*':
4321 if self.target_branch_pattern == '*':
4260 target_branch_match = True
4322 target_branch_match = True
4261 else:
4323 else:
4262 if self.target_branch_pattern.startswith('re:'):
4324 if self.target_branch_pattern.startswith('re:'):
4263 target_pattern = self.target_branch_pattern[3:]
4325 target_pattern = self.target_branch_pattern[3:]
4264 else:
4326 else:
4265 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
4327 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
4266 target_branch_regex = re.compile(target_pattern)
4328 target_branch_regex = re.compile(target_pattern)
4267 target_branch_match = bool(target_branch_regex.search(target_branch))
4329 target_branch_match = bool(target_branch_regex.search(target_branch))
4268
4330
4269 branch_matches = source_branch_match and target_branch_match
4331 branch_matches = source_branch_match and target_branch_match
4270
4332
4271 files_matches = True
4333 files_matches = True
4272 if self.file_pattern != '*':
4334 if self.file_pattern != '*':
4273 files_matches = False
4335 files_matches = False
4274 if self.file_pattern.startswith('re:'):
4336 if self.file_pattern.startswith('re:'):
4275 file_pattern = self.file_pattern[3:]
4337 file_pattern = self.file_pattern[3:]
4276 else:
4338 else:
4277 file_pattern = glob2re(self.file_pattern)
4339 file_pattern = glob2re(self.file_pattern)
4278 file_regex = re.compile(file_pattern)
4340 file_regex = re.compile(file_pattern)
4279 for filename in files_changed:
4341 for filename in files_changed:
4280 if file_regex.search(filename):
4342 if file_regex.search(filename):
4281 files_matches = True
4343 files_matches = True
4282 break
4344 break
4283
4345
4284 return branch_matches and files_matches
4346 return branch_matches and files_matches
4285
4347
4286 @property
4348 @property
4287 def review_users(self):
4349 def review_users(self):
4288 """ Returns the users which this rule applies to """
4350 """ Returns the users which this rule applies to """
4289
4351
4290 users = collections.OrderedDict()
4352 users = collections.OrderedDict()
4291
4353
4292 for rule_user in self.rule_users:
4354 for rule_user in self.rule_users:
4293 if rule_user.user.active:
4355 if rule_user.user.active:
4294 if rule_user.user not in users:
4356 if rule_user.user not in users:
4295 users[rule_user.user.username] = {
4357 users[rule_user.user.username] = {
4296 'user': rule_user.user,
4358 'user': rule_user.user,
4297 'source': 'user',
4359 'source': 'user',
4298 'source_data': {},
4360 'source_data': {},
4299 'data': rule_user.rule_data()
4361 'data': rule_user.rule_data()
4300 }
4362 }
4301
4363
4302 for rule_user_group in self.rule_user_groups:
4364 for rule_user_group in self.rule_user_groups:
4303 source_data = {
4365 source_data = {
4304 'user_group_id': rule_user_group.users_group.users_group_id,
4366 'user_group_id': rule_user_group.users_group.users_group_id,
4305 'name': rule_user_group.users_group.users_group_name,
4367 'name': rule_user_group.users_group.users_group_name,
4306 'members': len(rule_user_group.users_group.members)
4368 'members': len(rule_user_group.users_group.members)
4307 }
4369 }
4308 for member in rule_user_group.users_group.members:
4370 for member in rule_user_group.users_group.members:
4309 if member.user.active:
4371 if member.user.active:
4310 key = member.user.username
4372 key = member.user.username
4311 if key in users:
4373 if key in users:
4312 # skip this member as we have him already
4374 # skip this member as we have him already
4313 # this prevents from override the "first" matched
4375 # this prevents from override the "first" matched
4314 # users with duplicates in multiple groups
4376 # users with duplicates in multiple groups
4315 continue
4377 continue
4316
4378
4317 users[key] = {
4379 users[key] = {
4318 'user': member.user,
4380 'user': member.user,
4319 'source': 'user_group',
4381 'source': 'user_group',
4320 'source_data': source_data,
4382 'source_data': source_data,
4321 'data': rule_user_group.rule_data()
4383 'data': rule_user_group.rule_data()
4322 }
4384 }
4323
4385
4324 return users
4386 return users
4325
4387
4326 def user_group_vote_rule(self, user_id):
4388 def user_group_vote_rule(self, user_id):
4327
4389
4328 rules = []
4390 rules = []
4329 if not self.rule_user_groups:
4391 if not self.rule_user_groups:
4330 return rules
4392 return rules
4331
4393
4332 for user_group in self.rule_user_groups:
4394 for user_group in self.rule_user_groups:
4333 user_group_members = [x.user_id for x in user_group.users_group.members]
4395 user_group_members = [x.user_id for x in user_group.users_group.members]
4334 if user_id in user_group_members:
4396 if user_id in user_group_members:
4335 rules.append(user_group)
4397 rules.append(user_group)
4336 return rules
4398 return rules
4337
4399
4338 def __repr__(self):
4400 def __repr__(self):
4339 return '<RepoReviewerRule(id=%r, repo=%r)>' % (
4401 return '<RepoReviewerRule(id=%r, repo=%r)>' % (
4340 self.repo_review_rule_id, self.repo)
4402 self.repo_review_rule_id, self.repo)
4341
4403
4342
4404
4343 class ScheduleEntry(Base, BaseModel):
4405 class ScheduleEntry(Base, BaseModel):
4344 __tablename__ = 'schedule_entries'
4406 __tablename__ = 'schedule_entries'
4345 __table_args__ = (
4407 __table_args__ = (
4346 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
4408 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
4347 UniqueConstraint('task_uid', name='s_task_uid_idx'),
4409 UniqueConstraint('task_uid', name='s_task_uid_idx'),
4348 base_table_args,
4410 base_table_args,
4349 )
4411 )
4350
4412
4351 schedule_types = ['crontab', 'timedelta', 'integer']
4413 schedule_types = ['crontab', 'timedelta', 'integer']
4352 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
4414 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
4353
4415
4354 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
4416 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
4355 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
4417 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
4356 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
4418 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
4357
4419
4358 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
4420 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
4359 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
4421 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
4360
4422
4361 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
4423 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
4362 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
4424 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
4363
4425
4364 # task
4426 # task
4365 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
4427 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
4366 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
4428 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
4367 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
4429 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
4368 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
4430 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
4369
4431
4370 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4432 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4371 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
4433 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
4372
4434
4373 @hybrid_property
4435 @hybrid_property
4374 def schedule_type(self):
4436 def schedule_type(self):
4375 return self._schedule_type
4437 return self._schedule_type
4376
4438
4377 @schedule_type.setter
4439 @schedule_type.setter
4378 def schedule_type(self, val):
4440 def schedule_type(self, val):
4379 if val not in self.schedule_types:
4441 if val not in self.schedule_types:
4380 raise ValueError('Value must be on of `{}` and got `{}`'.format(
4442 raise ValueError('Value must be on of `{}` and got `{}`'.format(
4381 val, self.schedule_type))
4443 val, self.schedule_type))
4382
4444
4383 self._schedule_type = val
4445 self._schedule_type = val
4384
4446
4385 @classmethod
4447 @classmethod
4386 def get_uid(cls, obj):
4448 def get_uid(cls, obj):
4387 args = obj.task_args
4449 args = obj.task_args
4388 kwargs = obj.task_kwargs
4450 kwargs = obj.task_kwargs
4389 if isinstance(args, JsonRaw):
4451 if isinstance(args, JsonRaw):
4390 try:
4452 try:
4391 args = json.loads(args)
4453 args = json.loads(args)
4392 except ValueError:
4454 except ValueError:
4393 args = tuple()
4455 args = tuple()
4394
4456
4395 if isinstance(kwargs, JsonRaw):
4457 if isinstance(kwargs, JsonRaw):
4396 try:
4458 try:
4397 kwargs = json.loads(kwargs)
4459 kwargs = json.loads(kwargs)
4398 except ValueError:
4460 except ValueError:
4399 kwargs = dict()
4461 kwargs = dict()
4400
4462
4401 dot_notation = obj.task_dot_notation
4463 dot_notation = obj.task_dot_notation
4402 val = '.'.join(map(safe_str, [
4464 val = '.'.join(map(safe_str, [
4403 sorted(dot_notation), args, sorted(kwargs.items())]))
4465 sorted(dot_notation), args, sorted(kwargs.items())]))
4404 return hashlib.sha1(val).hexdigest()
4466 return hashlib.sha1(val).hexdigest()
4405
4467
4406 @classmethod
4468 @classmethod
4407 def get_by_schedule_name(cls, schedule_name):
4469 def get_by_schedule_name(cls, schedule_name):
4408 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
4470 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
4409
4471
4410 @classmethod
4472 @classmethod
4411 def get_by_schedule_id(cls, schedule_id):
4473 def get_by_schedule_id(cls, schedule_id):
4412 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
4474 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
4413
4475
4414 @property
4476 @property
4415 def task(self):
4477 def task(self):
4416 return self.task_dot_notation
4478 return self.task_dot_notation
4417
4479
4418 @property
4480 @property
4419 def schedule(self):
4481 def schedule(self):
4420 from rhodecode.lib.celerylib.utils import raw_2_schedule
4482 from rhodecode.lib.celerylib.utils import raw_2_schedule
4421 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
4483 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
4422 return schedule
4484 return schedule
4423
4485
4424 @property
4486 @property
4425 def args(self):
4487 def args(self):
4426 try:
4488 try:
4427 return list(self.task_args or [])
4489 return list(self.task_args or [])
4428 except ValueError:
4490 except ValueError:
4429 return list()
4491 return list()
4430
4492
4431 @property
4493 @property
4432 def kwargs(self):
4494 def kwargs(self):
4433 try:
4495 try:
4434 return dict(self.task_kwargs or {})
4496 return dict(self.task_kwargs or {})
4435 except ValueError:
4497 except ValueError:
4436 return dict()
4498 return dict()
4437
4499
4438 def _as_raw(self, val):
4500 def _as_raw(self, val):
4439 if hasattr(val, 'de_coerce'):
4501 if hasattr(val, 'de_coerce'):
4440 val = val.de_coerce()
4502 val = val.de_coerce()
4441 if val:
4503 if val:
4442 val = json.dumps(val)
4504 val = json.dumps(val)
4443
4505
4444 return val
4506 return val
4445
4507
4446 @property
4508 @property
4447 def schedule_definition_raw(self):
4509 def schedule_definition_raw(self):
4448 return self._as_raw(self.schedule_definition)
4510 return self._as_raw(self.schedule_definition)
4449
4511
4450 @property
4512 @property
4451 def args_raw(self):
4513 def args_raw(self):
4452 return self._as_raw(self.task_args)
4514 return self._as_raw(self.task_args)
4453
4515
4454 @property
4516 @property
4455 def kwargs_raw(self):
4517 def kwargs_raw(self):
4456 return self._as_raw(self.task_kwargs)
4518 return self._as_raw(self.task_kwargs)
4457
4519
4458 def __repr__(self):
4520 def __repr__(self):
4459 return '<DB:ScheduleEntry({}:{})>'.format(
4521 return '<DB:ScheduleEntry({}:{})>'.format(
4460 self.schedule_entry_id, self.schedule_name)
4522 self.schedule_entry_id, self.schedule_name)
4461
4523
4462
4524
4463 @event.listens_for(ScheduleEntry, 'before_update')
4525 @event.listens_for(ScheduleEntry, 'before_update')
4464 def update_task_uid(mapper, connection, target):
4526 def update_task_uid(mapper, connection, target):
4465 target.task_uid = ScheduleEntry.get_uid(target)
4527 target.task_uid = ScheduleEntry.get_uid(target)
4466
4528
4467
4529
4468 @event.listens_for(ScheduleEntry, 'before_insert')
4530 @event.listens_for(ScheduleEntry, 'before_insert')
4469 def set_task_uid(mapper, connection, target):
4531 def set_task_uid(mapper, connection, target):
4470 target.task_uid = ScheduleEntry.get_uid(target)
4532 target.task_uid = ScheduleEntry.get_uid(target)
4471
4533
4472
4534
4535 class _BaseBranchPerms(BaseModel):
4536 @classmethod
4537 def compute_hash(cls, value):
4538 return sha1_safe(value)
4539
4540 @hybrid_property
4541 def branch_pattern(self):
4542 return self._branch_pattern or '*'
4543
4544 @hybrid_property
4545 def branch_hash(self):
4546 return self._branch_hash
4547
4548 def _validate_glob(self, value):
4549 re.compile('^' + glob2re(value) + '$')
4550
4551 @branch_pattern.setter
4552 def branch_pattern(self, value):
4553 self._validate_glob(value)
4554 self._branch_pattern = value or '*'
4555 # set the Hash when setting the branch pattern
4556 self._branch_hash = self.compute_hash(self._branch_pattern)
4557
4558 def matches(self, branch):
4559 """
4560 Check if this the branch matches entry
4561
4562 :param branch: branch name for the commit
4563 """
4564
4565 branch = branch or ''
4566
4567 branch_matches = True
4568 if branch:
4569 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
4570 branch_matches = bool(branch_regex.search(branch))
4571
4572 return branch_matches
4573
4574
4575 class UserToRepoBranchPermission(Base, _BaseBranchPerms):
4576 __tablename__ = 'user_to_repo_branch_permissions'
4577 __table_args__ = (
4578 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4579 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4580 )
4581
4582 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
4583
4584 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
4585 repo = relationship('Repository', backref='user_branch_perms')
4586
4587 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
4588 permission = relationship('Permission')
4589
4590 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
4591 user_repo_to_perm = relationship('UserRepoToPerm')
4592
4593 rule_order = Column('rule_order', Integer(), nullable=False)
4594 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
4595 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
4596
4597 def __unicode__(self):
4598 return u'<UserBranchPermission(%s => %r)>' % (
4599 self.user_repo_to_perm, self.branch_pattern)
4600
4601
4602 class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
4603 __tablename__ = 'user_group_to_repo_branch_permissions'
4604 __table_args__ = (
4605 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4606 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
4607 )
4608
4609 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
4610
4611 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
4612 repo = relationship('Repository', backref='user_group_branch_perms')
4613
4614 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
4615 permission = relationship('Permission')
4616
4617 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
4618 user_group_repo_to_perm = relationship('UserGroupRepoToPerm')
4619
4620 rule_order = Column('rule_order', Integer(), nullable=False)
4621 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
4622 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
4623
4624 def __unicode__(self):
4625 return u'<UserBranchPermission(%s => %r)>' % (
4626 self.user_group_repo_to_perm, self.branch_pattern)
4627
4628
4473 class DbMigrateVersion(Base, BaseModel):
4629 class DbMigrateVersion(Base, BaseModel):
4474 __tablename__ = 'db_migrate_version'
4630 __tablename__ = 'db_migrate_version'
4475 __table_args__ = (
4631 __table_args__ = (
4476 base_table_args,
4632 base_table_args,
4477 )
4633 )
4478
4634
4479 repository_id = Column('repository_id', String(250), primary_key=True)
4635 repository_id = Column('repository_id', String(250), primary_key=True)
4480 repository_path = Column('repository_path', Text)
4636 repository_path = Column('repository_path', Text)
4481 version = Column('version', Integer)
4637 version = Column('version', Integer)
4482
4638
4483 @classmethod
4639 @classmethod
4484 def set_version(cls, version):
4640 def set_version(cls, version):
4485 """
4641 """
4486 Helper for forcing a different version, usually for debugging purposes via ishell.
4642 Helper for forcing a different version, usually for debugging purposes via ishell.
4487 """
4643 """
4488 ver = DbMigrateVersion.query().first()
4644 ver = DbMigrateVersion.query().first()
4489 ver.version = version
4645 ver.version = version
4490 Session().commit()
4646 Session().commit()
4491
4647
4492
4648
4493 class DbSession(Base, BaseModel):
4649 class DbSession(Base, BaseModel):
4494 __tablename__ = 'db_session'
4650 __tablename__ = 'db_session'
4495 __table_args__ = (
4651 __table_args__ = (
4496 base_table_args,
4652 base_table_args,
4497 )
4653 )
4498
4654
4499 def __repr__(self):
4655 def __repr__(self):
4500 return '<DB:DbSession({})>'.format(self.id)
4656 return '<DB:DbSession({})>'.format(self.id)
4501
4657
4502 id = Column('id', Integer())
4658 id = Column('id', Integer())
4503 namespace = Column('namespace', String(255), primary_key=True)
4659 namespace = Column('namespace', String(255), primary_key=True)
4504 accessed = Column('accessed', DateTime, nullable=False)
4660 accessed = Column('accessed', DateTime, nullable=False)
4505 created = Column('created', DateTime, nullable=False)
4661 created = Column('created', DateTime, nullable=False)
4506 data = Column('data', PickleType, nullable=False)
4662 data = Column('data', PickleType, nullable=False)
Show file before | Show file after | Hide comments
@@ -1,621 +1,635 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2018 RhodeCode GmbH
3 # Copyright (C) 2010-2018 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 """
21 """
22 this is forms validation classes
22 this is forms validation classes
23 http://formencode.org/module-formencode.validators.html
23 http://formencode.org/module-formencode.validators.html
24 for list off all availible validators
24 for list off all availible validators
25
25
26 we can create our own validators
26 we can create our own validators
27
27
28 The table below outlines the options which can be used in a schema in addition to the validators themselves
28 The table below outlines the options which can be used in a schema in addition to the validators themselves
29 pre_validators [] These validators will be applied before the schema
29 pre_validators [] These validators will be applied before the schema
30 chained_validators [] These validators will be applied after the schema
30 chained_validators [] These validators will be applied after the schema
31 allow_extra_fields False If True, then it is not an error when keys that aren't associated with a validator are present
31 allow_extra_fields False If True, then it is not an error when keys that aren't associated with a validator are present
32 filter_extra_fields False If True, then keys that aren't associated with a validator are removed
32 filter_extra_fields False If True, then keys that aren't associated with a validator are removed
33 if_key_missing NoDefault If this is given, then any keys that aren't available but are expected will be replaced with this value (and then validated). This does not override a present .if_missing attribute on validators. NoDefault is a special FormEncode class to mean that no default values has been specified and therefore missing keys shouldn't take a default value.
33 if_key_missing NoDefault If this is given, then any keys that aren't available but are expected will be replaced with this value (and then validated). This does not override a present .if_missing attribute on validators. NoDefault is a special FormEncode class to mean that no default values has been specified and therefore missing keys shouldn't take a default value.
34 ignore_key_missing False If True, then missing keys will be missing in the result, if the validator doesn't have .if_missing on it already
34 ignore_key_missing False If True, then missing keys will be missing in the result, if the validator doesn't have .if_missing on it already
35
35
36
36
37 <name> = formencode.validators.<name of validator>
37 <name> = formencode.validators.<name of validator>
38 <name> must equal form name
38 <name> must equal form name
39 list=[1,2,3,4,5]
39 list=[1,2,3,4,5]
40 for SELECT use formencode.All(OneOf(list), Int())
40 for SELECT use formencode.All(OneOf(list), Int())
41
41
42 """
42 """
43
43
44 import deform
44 import deform
45 import logging
45 import logging
46 import formencode
46 import formencode
47
47
48 from pkg_resources import resource_filename
48 from pkg_resources import resource_filename
49 from formencode import All, Pipe
49 from formencode import All, Pipe
50
50
51 from pyramid.threadlocal import get_current_request
51 from pyramid.threadlocal import get_current_request
52
52
53 from rhodecode import BACKENDS
53 from rhodecode import BACKENDS
54 from rhodecode.lib import helpers
54 from rhodecode.lib import helpers
55 from rhodecode.model import validators as v
55 from rhodecode.model import validators as v
56
56
57 log = logging.getLogger(__name__)
57 log = logging.getLogger(__name__)
58
58
59
59
60 deform_templates = resource_filename('deform', 'templates')
60 deform_templates = resource_filename('deform', 'templates')
61 rhodecode_templates = resource_filename('rhodecode', 'templates/forms')
61 rhodecode_templates = resource_filename('rhodecode', 'templates/forms')
62 search_path = (rhodecode_templates, deform_templates)
62 search_path = (rhodecode_templates, deform_templates)
63
63
64
64
65 class RhodecodeFormZPTRendererFactory(deform.ZPTRendererFactory):
65 class RhodecodeFormZPTRendererFactory(deform.ZPTRendererFactory):
66 """ Subclass of ZPTRendererFactory to add rhodecode context variables """
66 """ Subclass of ZPTRendererFactory to add rhodecode context variables """
67 def __call__(self, template_name, **kw):
67 def __call__(self, template_name, **kw):
68 kw['h'] = helpers
68 kw['h'] = helpers
69 kw['request'] = get_current_request()
69 kw['request'] = get_current_request()
70 return self.load(template_name)(**kw)
70 return self.load(template_name)(**kw)
71
71
72
72
73 form_renderer = RhodecodeFormZPTRendererFactory(search_path)
73 form_renderer = RhodecodeFormZPTRendererFactory(search_path)
74 deform.Form.set_default_renderer(form_renderer)
74 deform.Form.set_default_renderer(form_renderer)
75
75
76
76
77 def LoginForm(localizer):
77 def LoginForm(localizer):
78 _ = localizer
78 _ = localizer
79
79
80 class _LoginForm(formencode.Schema):
80 class _LoginForm(formencode.Schema):
81 allow_extra_fields = True
81 allow_extra_fields = True
82 filter_extra_fields = True
82 filter_extra_fields = True
83 username = v.UnicodeString(
83 username = v.UnicodeString(
84 strip=True,
84 strip=True,
85 min=1,
85 min=1,
86 not_empty=True,
86 not_empty=True,
87 messages={
87 messages={
88 'empty': _(u'Please enter a login'),
88 'empty': _(u'Please enter a login'),
89 'tooShort': _(u'Enter a value %(min)i characters long or more')
89 'tooShort': _(u'Enter a value %(min)i characters long or more')
90 }
90 }
91 )
91 )
92
92
93 password = v.UnicodeString(
93 password = v.UnicodeString(
94 strip=False,
94 strip=False,
95 min=3,
95 min=3,
96 max=72,
96 max=72,
97 not_empty=True,
97 not_empty=True,
98 messages={
98 messages={
99 'empty': _(u'Please enter a password'),
99 'empty': _(u'Please enter a password'),
100 'tooShort': _(u'Enter %(min)i characters or more')}
100 'tooShort': _(u'Enter %(min)i characters or more')}
101 )
101 )
102
102
103 remember = v.StringBoolean(if_missing=False)
103 remember = v.StringBoolean(if_missing=False)
104
104
105 chained_validators = [v.ValidAuth(localizer)]
105 chained_validators = [v.ValidAuth(localizer)]
106 return _LoginForm
106 return _LoginForm
107
107
108
108
109 def UserForm(localizer, edit=False, available_languages=None, old_data=None):
109 def UserForm(localizer, edit=False, available_languages=None, old_data=None):
110 old_data = old_data or {}
110 old_data = old_data or {}
111 available_languages = available_languages or []
111 available_languages = available_languages or []
112 _ = localizer
112 _ = localizer
113
113
114 class _UserForm(formencode.Schema):
114 class _UserForm(formencode.Schema):
115 allow_extra_fields = True
115 allow_extra_fields = True
116 filter_extra_fields = True
116 filter_extra_fields = True
117 username = All(v.UnicodeString(strip=True, min=1, not_empty=True),
117 username = All(v.UnicodeString(strip=True, min=1, not_empty=True),
118 v.ValidUsername(localizer, edit, old_data))
118 v.ValidUsername(localizer, edit, old_data))
119 if edit:
119 if edit:
120 new_password = All(
120 new_password = All(
121 v.ValidPassword(localizer),
121 v.ValidPassword(localizer),
122 v.UnicodeString(strip=False, min=6, max=72, not_empty=False)
122 v.UnicodeString(strip=False, min=6, max=72, not_empty=False)
123 )
123 )
124 password_confirmation = All(
124 password_confirmation = All(
125 v.ValidPassword(localizer),
125 v.ValidPassword(localizer),
126 v.UnicodeString(strip=False, min=6, max=72, not_empty=False),
126 v.UnicodeString(strip=False, min=6, max=72, not_empty=False),
127 )
127 )
128 admin = v.StringBoolean(if_missing=False)
128 admin = v.StringBoolean(if_missing=False)
129 else:
129 else:
130 password = All(
130 password = All(
131 v.ValidPassword(localizer),
131 v.ValidPassword(localizer),
132 v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
132 v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
133 )
133 )
134 password_confirmation = All(
134 password_confirmation = All(
135 v.ValidPassword(localizer),
135 v.ValidPassword(localizer),
136 v.UnicodeString(strip=False, min=6, max=72, not_empty=False)
136 v.UnicodeString(strip=False, min=6, max=72, not_empty=False)
137 )
137 )
138
138
139 password_change = v.StringBoolean(if_missing=False)
139 password_change = v.StringBoolean(if_missing=False)
140 create_repo_group = v.StringBoolean(if_missing=False)
140 create_repo_group = v.StringBoolean(if_missing=False)
141
141
142 active = v.StringBoolean(if_missing=False)
142 active = v.StringBoolean(if_missing=False)
143 firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
143 firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
144 lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
144 lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
145 email = All(v.UniqSystemEmail(localizer, old_data), v.Email(not_empty=True))
145 email = All(v.UniqSystemEmail(localizer, old_data), v.Email(not_empty=True))
146 extern_name = v.UnicodeString(strip=True)
146 extern_name = v.UnicodeString(strip=True)
147 extern_type = v.UnicodeString(strip=True)
147 extern_type = v.UnicodeString(strip=True)
148 language = v.OneOf(available_languages, hideList=False,
148 language = v.OneOf(available_languages, hideList=False,
149 testValueList=True, if_missing=None)
149 testValueList=True, if_missing=None)
150 chained_validators = [v.ValidPasswordsMatch(localizer)]
150 chained_validators = [v.ValidPasswordsMatch(localizer)]
151 return _UserForm
151 return _UserForm
152
152
153
153
154 def UserGroupForm(localizer, edit=False, old_data=None, allow_disabled=False):
154 def UserGroupForm(localizer, edit=False, old_data=None, allow_disabled=False):
155 old_data = old_data or {}
155 old_data = old_data or {}
156 _ = localizer
156 _ = localizer
157
157
158 class _UserGroupForm(formencode.Schema):
158 class _UserGroupForm(formencode.Schema):
159 allow_extra_fields = True
159 allow_extra_fields = True
160 filter_extra_fields = True
160 filter_extra_fields = True
161
161
162 users_group_name = All(
162 users_group_name = All(
163 v.UnicodeString(strip=True, min=1, not_empty=True),
163 v.UnicodeString(strip=True, min=1, not_empty=True),
164 v.ValidUserGroup(localizer, edit, old_data)
164 v.ValidUserGroup(localizer, edit, old_data)
165 )
165 )
166 user_group_description = v.UnicodeString(strip=True, min=1,
166 user_group_description = v.UnicodeString(strip=True, min=1,
167 not_empty=False)
167 not_empty=False)
168
168
169 users_group_active = v.StringBoolean(if_missing=False)
169 users_group_active = v.StringBoolean(if_missing=False)
170
170
171 if edit:
171 if edit:
172 # this is user group owner
172 # this is user group owner
173 user = All(
173 user = All(
174 v.UnicodeString(not_empty=True),
174 v.UnicodeString(not_empty=True),
175 v.ValidRepoUser(localizer, allow_disabled))
175 v.ValidRepoUser(localizer, allow_disabled))
176 return _UserGroupForm
176 return _UserGroupForm
177
177
178
178
179 def RepoGroupForm(localizer, edit=False, old_data=None, available_groups=None,
179 def RepoGroupForm(localizer, edit=False, old_data=None, available_groups=None,
180 can_create_in_root=False, allow_disabled=False):
180 can_create_in_root=False, allow_disabled=False):
181 _ = localizer
181 _ = localizer
182 old_data = old_data or {}
182 old_data = old_data or {}
183 available_groups = available_groups or []
183 available_groups = available_groups or []
184
184
185 class _RepoGroupForm(formencode.Schema):
185 class _RepoGroupForm(formencode.Schema):
186 allow_extra_fields = True
186 allow_extra_fields = True
187 filter_extra_fields = False
187 filter_extra_fields = False
188
188
189 group_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
189 group_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
190 v.SlugifyName(localizer),)
190 v.SlugifyName(localizer),)
191 group_description = v.UnicodeString(strip=True, min=1,
191 group_description = v.UnicodeString(strip=True, min=1,
192 not_empty=False)
192 not_empty=False)
193 group_copy_permissions = v.StringBoolean(if_missing=False)
193 group_copy_permissions = v.StringBoolean(if_missing=False)
194
194
195 group_parent_id = v.OneOf(available_groups, hideList=False,
195 group_parent_id = v.OneOf(available_groups, hideList=False,
196 testValueList=True, not_empty=True)
196 testValueList=True, not_empty=True)
197 enable_locking = v.StringBoolean(if_missing=False)
197 enable_locking = v.StringBoolean(if_missing=False)
198 chained_validators = [
198 chained_validators = [
199 v.ValidRepoGroup(localizer, edit, old_data, can_create_in_root)]
199 v.ValidRepoGroup(localizer, edit, old_data, can_create_in_root)]
200
200
201 if edit:
201 if edit:
202 # this is repo group owner
202 # this is repo group owner
203 user = All(
203 user = All(
204 v.UnicodeString(not_empty=True),
204 v.UnicodeString(not_empty=True),
205 v.ValidRepoUser(localizer, allow_disabled))
205 v.ValidRepoUser(localizer, allow_disabled))
206 return _RepoGroupForm
206 return _RepoGroupForm
207
207
208
208
209 def RegisterForm(localizer, edit=False, old_data=None):
209 def RegisterForm(localizer, edit=False, old_data=None):
210 _ = localizer
210 _ = localizer
211 old_data = old_data or {}
211 old_data = old_data or {}
212
212
213 class _RegisterForm(formencode.Schema):
213 class _RegisterForm(formencode.Schema):
214 allow_extra_fields = True
214 allow_extra_fields = True
215 filter_extra_fields = True
215 filter_extra_fields = True
216 username = All(
216 username = All(
217 v.ValidUsername(localizer, edit, old_data),
217 v.ValidUsername(localizer, edit, old_data),
218 v.UnicodeString(strip=True, min=1, not_empty=True)
218 v.UnicodeString(strip=True, min=1, not_empty=True)
219 )
219 )
220 password = All(
220 password = All(
221 v.ValidPassword(localizer),
221 v.ValidPassword(localizer),
222 v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
222 v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
223 )
223 )
224 password_confirmation = All(
224 password_confirmation = All(
225 v.ValidPassword(localizer),
225 v.ValidPassword(localizer),
226 v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
226 v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
227 )
227 )
228 active = v.StringBoolean(if_missing=False)
228 active = v.StringBoolean(if_missing=False)
229 firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
229 firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
230 lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
230 lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
231 email = All(v.UniqSystemEmail(localizer, old_data), v.Email(not_empty=True))
231 email = All(v.UniqSystemEmail(localizer, old_data), v.Email(not_empty=True))
232
232
233 chained_validators = [v.ValidPasswordsMatch(localizer)]
233 chained_validators = [v.ValidPasswordsMatch(localizer)]
234 return _RegisterForm
234 return _RegisterForm
235
235
236
236
237 def PasswordResetForm(localizer):
237 def PasswordResetForm(localizer):
238 _ = localizer
238 _ = localizer
239
239
240 class _PasswordResetForm(formencode.Schema):
240 class _PasswordResetForm(formencode.Schema):
241 allow_extra_fields = True
241 allow_extra_fields = True
242 filter_extra_fields = True
242 filter_extra_fields = True
243 email = All(v.ValidSystemEmail(localizer), v.Email(not_empty=True))
243 email = All(v.ValidSystemEmail(localizer), v.Email(not_empty=True))
244 return _PasswordResetForm
244 return _PasswordResetForm
245
245
246
246
247 def RepoForm(localizer, edit=False, old_data=None, repo_groups=None,
247 def RepoForm(localizer, edit=False, old_data=None, repo_groups=None,
248 landing_revs=None, allow_disabled=False):
248 landing_revs=None, allow_disabled=False):
249 _ = localizer
249 _ = localizer
250 old_data = old_data or {}
250 old_data = old_data or {}
251 repo_groups = repo_groups or []
251 repo_groups = repo_groups or []
252 landing_revs = landing_revs or []
252 landing_revs = landing_revs or []
253 supported_backends = BACKENDS.keys()
253 supported_backends = BACKENDS.keys()
254
254
255 class _RepoForm(formencode.Schema):
255 class _RepoForm(formencode.Schema):
256 allow_extra_fields = True
256 allow_extra_fields = True
257 filter_extra_fields = False
257 filter_extra_fields = False
258 repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
258 repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
259 v.SlugifyName(localizer), v.CannotHaveGitSuffix(localizer))
259 v.SlugifyName(localizer), v.CannotHaveGitSuffix(localizer))
260 repo_group = All(v.CanWriteGroup(localizer, old_data),
260 repo_group = All(v.CanWriteGroup(localizer, old_data),
261 v.OneOf(repo_groups, hideList=True))
261 v.OneOf(repo_groups, hideList=True))
262 repo_type = v.OneOf(supported_backends, required=False,
262 repo_type = v.OneOf(supported_backends, required=False,
263 if_missing=old_data.get('repo_type'))
263 if_missing=old_data.get('repo_type'))
264 repo_description = v.UnicodeString(strip=True, min=1, not_empty=False)
264 repo_description = v.UnicodeString(strip=True, min=1, not_empty=False)
265 repo_private = v.StringBoolean(if_missing=False)
265 repo_private = v.StringBoolean(if_missing=False)
266 repo_landing_rev = v.OneOf(landing_revs, hideList=True)
266 repo_landing_rev = v.OneOf(landing_revs, hideList=True)
267 repo_copy_permissions = v.StringBoolean(if_missing=False)
267 repo_copy_permissions = v.StringBoolean(if_missing=False)
268 clone_uri = All(v.UnicodeString(strip=True, min=1, not_empty=False))
268 clone_uri = All(v.UnicodeString(strip=True, min=1, not_empty=False))
269
269
270 repo_enable_statistics = v.StringBoolean(if_missing=False)
270 repo_enable_statistics = v.StringBoolean(if_missing=False)
271 repo_enable_downloads = v.StringBoolean(if_missing=False)
271 repo_enable_downloads = v.StringBoolean(if_missing=False)
272 repo_enable_locking = v.StringBoolean(if_missing=False)
272 repo_enable_locking = v.StringBoolean(if_missing=False)
273
273
274 if edit:
274 if edit:
275 # this is repo owner
275 # this is repo owner
276 user = All(
276 user = All(
277 v.UnicodeString(not_empty=True),
277 v.UnicodeString(not_empty=True),
278 v.ValidRepoUser(localizer, allow_disabled))
278 v.ValidRepoUser(localizer, allow_disabled))
279 clone_uri_change = v.UnicodeString(
279 clone_uri_change = v.UnicodeString(
280 not_empty=False, if_missing=v.Missing)
280 not_empty=False, if_missing=v.Missing)
281
281
282 chained_validators = [v.ValidCloneUri(localizer),
282 chained_validators = [v.ValidCloneUri(localizer),
283 v.ValidRepoName(localizer, edit, old_data)]
283 v.ValidRepoName(localizer, edit, old_data)]
284 return _RepoForm
284 return _RepoForm
285
285
286
286
287 def RepoPermsForm(localizer):
287 def RepoPermsForm(localizer):
288 _ = localizer
288 _ = localizer
289
289
290 class _RepoPermsForm(formencode.Schema):
290 class _RepoPermsForm(formencode.Schema):
291 allow_extra_fields = True
291 allow_extra_fields = True
292 filter_extra_fields = False
292 filter_extra_fields = False
293 chained_validators = [v.ValidPerms(localizer, type_='repo')]
293 chained_validators = [v.ValidPerms(localizer, type_='repo')]
294 return _RepoPermsForm
294 return _RepoPermsForm
295
295
296
296
297 def RepoGroupPermsForm(localizer, valid_recursive_choices):
297 def RepoGroupPermsForm(localizer, valid_recursive_choices):
298 _ = localizer
298 _ = localizer
299
299
300 class _RepoGroupPermsForm(formencode.Schema):
300 class _RepoGroupPermsForm(formencode.Schema):
301 allow_extra_fields = True
301 allow_extra_fields = True
302 filter_extra_fields = False
302 filter_extra_fields = False
303 recursive = v.OneOf(valid_recursive_choices)
303 recursive = v.OneOf(valid_recursive_choices)
304 chained_validators = [v.ValidPerms(localizer, type_='repo_group')]
304 chained_validators = [v.ValidPerms(localizer, type_='repo_group')]
305 return _RepoGroupPermsForm
305 return _RepoGroupPermsForm
306
306
307
307
308 def UserGroupPermsForm(localizer):
308 def UserGroupPermsForm(localizer):
309 _ = localizer
309 _ = localizer
310
310
311 class _UserPermsForm(formencode.Schema):
311 class _UserPermsForm(formencode.Schema):
312 allow_extra_fields = True
312 allow_extra_fields = True
313 filter_extra_fields = False
313 filter_extra_fields = False
314 chained_validators = [v.ValidPerms(localizer, type_='user_group')]
314 chained_validators = [v.ValidPerms(localizer, type_='user_group')]
315 return _UserPermsForm
315 return _UserPermsForm
316
316
317
317
318 def RepoFieldForm(localizer):
318 def RepoFieldForm(localizer):
319 _ = localizer
319 _ = localizer
320
320
321 class _RepoFieldForm(formencode.Schema):
321 class _RepoFieldForm(formencode.Schema):
322 filter_extra_fields = True
322 filter_extra_fields = True
323 allow_extra_fields = True
323 allow_extra_fields = True
324
324
325 new_field_key = All(v.FieldKey(localizer),
325 new_field_key = All(v.FieldKey(localizer),
326 v.UnicodeString(strip=True, min=3, not_empty=True))
326 v.UnicodeString(strip=True, min=3, not_empty=True))
327 new_field_value = v.UnicodeString(not_empty=False, if_missing=u'')
327 new_field_value = v.UnicodeString(not_empty=False, if_missing=u'')
328 new_field_type = v.OneOf(['str', 'unicode', 'list', 'tuple'],
328 new_field_type = v.OneOf(['str', 'unicode', 'list', 'tuple'],
329 if_missing='str')
329 if_missing='str')
330 new_field_label = v.UnicodeString(not_empty=False)
330 new_field_label = v.UnicodeString(not_empty=False)
331 new_field_desc = v.UnicodeString(not_empty=False)
331 new_field_desc = v.UnicodeString(not_empty=False)
332 return _RepoFieldForm
332 return _RepoFieldForm
333
333
334
334
335 def RepoForkForm(localizer, edit=False, old_data=None,
335 def RepoForkForm(localizer, edit=False, old_data=None,
336 supported_backends=BACKENDS.keys(), repo_groups=None,
336 supported_backends=BACKENDS.keys(), repo_groups=None,
337 landing_revs=None):
337 landing_revs=None):
338 _ = localizer
338 _ = localizer
339 old_data = old_data or {}
339 old_data = old_data or {}
340 repo_groups = repo_groups or []
340 repo_groups = repo_groups or []
341 landing_revs = landing_revs or []
341 landing_revs = landing_revs or []
342
342
343 class _RepoForkForm(formencode.Schema):
343 class _RepoForkForm(formencode.Schema):
344 allow_extra_fields = True
344 allow_extra_fields = True
345 filter_extra_fields = False
345 filter_extra_fields = False
346 repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
346 repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
347 v.SlugifyName(localizer))
347 v.SlugifyName(localizer))
348 repo_group = All(v.CanWriteGroup(localizer, ),
348 repo_group = All(v.CanWriteGroup(localizer, ),
349 v.OneOf(repo_groups, hideList=True))
349 v.OneOf(repo_groups, hideList=True))
350 repo_type = All(v.ValidForkType(localizer, old_data), v.OneOf(supported_backends))
350 repo_type = All(v.ValidForkType(localizer, old_data), v.OneOf(supported_backends))
351 description = v.UnicodeString(strip=True, min=1, not_empty=True)
351 description = v.UnicodeString(strip=True, min=1, not_empty=True)
352 private = v.StringBoolean(if_missing=False)
352 private = v.StringBoolean(if_missing=False)
353 copy_permissions = v.StringBoolean(if_missing=False)
353 copy_permissions = v.StringBoolean(if_missing=False)
354 fork_parent_id = v.UnicodeString()
354 fork_parent_id = v.UnicodeString()
355 chained_validators = [v.ValidForkName(localizer, edit, old_data)]
355 chained_validators = [v.ValidForkName(localizer, edit, old_data)]
356 landing_rev = v.OneOf(landing_revs, hideList=True)
356 landing_rev = v.OneOf(landing_revs, hideList=True)
357 return _RepoForkForm
357 return _RepoForkForm
358
358
359
359
360 def ApplicationSettingsForm(localizer):
360 def ApplicationSettingsForm(localizer):
361 _ = localizer
361 _ = localizer
362
362
363 class _ApplicationSettingsForm(formencode.Schema):
363 class _ApplicationSettingsForm(formencode.Schema):
364 allow_extra_fields = True
364 allow_extra_fields = True
365 filter_extra_fields = False
365 filter_extra_fields = False
366 rhodecode_title = v.UnicodeString(strip=True, max=40, not_empty=False)
366 rhodecode_title = v.UnicodeString(strip=True, max=40, not_empty=False)
367 rhodecode_realm = v.UnicodeString(strip=True, min=1, not_empty=True)
367 rhodecode_realm = v.UnicodeString(strip=True, min=1, not_empty=True)
368 rhodecode_pre_code = v.UnicodeString(strip=True, min=1, not_empty=False)
368 rhodecode_pre_code = v.UnicodeString(strip=True, min=1, not_empty=False)
369 rhodecode_post_code = v.UnicodeString(strip=True, min=1, not_empty=False)
369 rhodecode_post_code = v.UnicodeString(strip=True, min=1, not_empty=False)
370 rhodecode_captcha_public_key = v.UnicodeString(strip=True, min=1, not_empty=False)
370 rhodecode_captcha_public_key = v.UnicodeString(strip=True, min=1, not_empty=False)
371 rhodecode_captcha_private_key = v.UnicodeString(strip=True, min=1, not_empty=False)
371 rhodecode_captcha_private_key = v.UnicodeString(strip=True, min=1, not_empty=False)
372 rhodecode_create_personal_repo_group = v.StringBoolean(if_missing=False)
372 rhodecode_create_personal_repo_group = v.StringBoolean(if_missing=False)
373 rhodecode_personal_repo_group_pattern = v.UnicodeString(strip=True, min=1, not_empty=False)
373 rhodecode_personal_repo_group_pattern = v.UnicodeString(strip=True, min=1, not_empty=False)
374 return _ApplicationSettingsForm
374 return _ApplicationSettingsForm
375
375
376
376
377 def ApplicationVisualisationForm(localizer):
377 def ApplicationVisualisationForm(localizer):
378 from rhodecode.model.db import Repository
378 from rhodecode.model.db import Repository
379 _ = localizer
379 _ = localizer
380
380
381 class _ApplicationVisualisationForm(formencode.Schema):
381 class _ApplicationVisualisationForm(formencode.Schema):
382 allow_extra_fields = True
382 allow_extra_fields = True
383 filter_extra_fields = False
383 filter_extra_fields = False
384 rhodecode_show_public_icon = v.StringBoolean(if_missing=False)
384 rhodecode_show_public_icon = v.StringBoolean(if_missing=False)
385 rhodecode_show_private_icon = v.StringBoolean(if_missing=False)
385 rhodecode_show_private_icon = v.StringBoolean(if_missing=False)
386 rhodecode_stylify_metatags = v.StringBoolean(if_missing=False)
386 rhodecode_stylify_metatags = v.StringBoolean(if_missing=False)
387
387
388 rhodecode_repository_fields = v.StringBoolean(if_missing=False)
388 rhodecode_repository_fields = v.StringBoolean(if_missing=False)
389 rhodecode_lightweight_journal = v.StringBoolean(if_missing=False)
389 rhodecode_lightweight_journal = v.StringBoolean(if_missing=False)
390 rhodecode_dashboard_items = v.Int(min=5, not_empty=True)
390 rhodecode_dashboard_items = v.Int(min=5, not_empty=True)
391 rhodecode_admin_grid_items = v.Int(min=5, not_empty=True)
391 rhodecode_admin_grid_items = v.Int(min=5, not_empty=True)
392 rhodecode_show_version = v.StringBoolean(if_missing=False)
392 rhodecode_show_version = v.StringBoolean(if_missing=False)
393 rhodecode_use_gravatar = v.StringBoolean(if_missing=False)
393 rhodecode_use_gravatar = v.StringBoolean(if_missing=False)
394 rhodecode_markup_renderer = v.OneOf(['markdown', 'rst'])
394 rhodecode_markup_renderer = v.OneOf(['markdown', 'rst'])
395 rhodecode_gravatar_url = v.UnicodeString(min=3)
395 rhodecode_gravatar_url = v.UnicodeString(min=3)
396 rhodecode_clone_uri_tmpl = v.UnicodeString(not_empty=False, if_empty=Repository.DEFAULT_CLONE_URI)
396 rhodecode_clone_uri_tmpl = v.UnicodeString(not_empty=False, if_empty=Repository.DEFAULT_CLONE_URI)
397 rhodecode_clone_uri_ssh_tmpl = v.UnicodeString(not_empty=False, if_empty=Repository.DEFAULT_CLONE_URI_SSH)
397 rhodecode_clone_uri_ssh_tmpl = v.UnicodeString(not_empty=False, if_empty=Repository.DEFAULT_CLONE_URI_SSH)
398 rhodecode_support_url = v.UnicodeString()
398 rhodecode_support_url = v.UnicodeString()
399 rhodecode_show_revision_number = v.StringBoolean(if_missing=False)
399 rhodecode_show_revision_number = v.StringBoolean(if_missing=False)
400 rhodecode_show_sha_length = v.Int(min=4, not_empty=True)
400 rhodecode_show_sha_length = v.Int(min=4, not_empty=True)
401 return _ApplicationVisualisationForm
401 return _ApplicationVisualisationForm
402
402
403
403
404 class _BaseVcsSettingsForm(formencode.Schema):
404 class _BaseVcsSettingsForm(formencode.Schema):
405
405
406 allow_extra_fields = True
406 allow_extra_fields = True
407 filter_extra_fields = False
407 filter_extra_fields = False
408 hooks_changegroup_repo_size = v.StringBoolean(if_missing=False)
408 hooks_changegroup_repo_size = v.StringBoolean(if_missing=False)
409 hooks_changegroup_push_logger = v.StringBoolean(if_missing=False)
409 hooks_changegroup_push_logger = v.StringBoolean(if_missing=False)
410 hooks_outgoing_pull_logger = v.StringBoolean(if_missing=False)
410 hooks_outgoing_pull_logger = v.StringBoolean(if_missing=False)
411
411
412 # PR/Code-review
412 # PR/Code-review
413 rhodecode_pr_merge_enabled = v.StringBoolean(if_missing=False)
413 rhodecode_pr_merge_enabled = v.StringBoolean(if_missing=False)
414 rhodecode_use_outdated_comments = v.StringBoolean(if_missing=False)
414 rhodecode_use_outdated_comments = v.StringBoolean(if_missing=False)
415
415
416 # hg
416 # hg
417 extensions_largefiles = v.StringBoolean(if_missing=False)
417 extensions_largefiles = v.StringBoolean(if_missing=False)
418 extensions_evolve = v.StringBoolean(if_missing=False)
418 extensions_evolve = v.StringBoolean(if_missing=False)
419 phases_publish = v.StringBoolean(if_missing=False)
419 phases_publish = v.StringBoolean(if_missing=False)
420
420
421 rhodecode_hg_use_rebase_for_merging = v.StringBoolean(if_missing=False)
421 rhodecode_hg_use_rebase_for_merging = v.StringBoolean(if_missing=False)
422 rhodecode_hg_close_branch_before_merging = v.StringBoolean(if_missing=False)
422 rhodecode_hg_close_branch_before_merging = v.StringBoolean(if_missing=False)
423
423
424 # git
424 # git
425 vcs_git_lfs_enabled = v.StringBoolean(if_missing=False)
425 vcs_git_lfs_enabled = v.StringBoolean(if_missing=False)
426 rhodecode_git_use_rebase_for_merging = v.StringBoolean(if_missing=False)
426 rhodecode_git_use_rebase_for_merging = v.StringBoolean(if_missing=False)
427 rhodecode_git_close_branch_before_merging = v.StringBoolean(if_missing=False)
427 rhodecode_git_close_branch_before_merging = v.StringBoolean(if_missing=False)
428
428
429 # svn
429 # svn
430 vcs_svn_proxy_http_requests_enabled = v.StringBoolean(if_missing=False)
430 vcs_svn_proxy_http_requests_enabled = v.StringBoolean(if_missing=False)
431 vcs_svn_proxy_http_server_url = v.UnicodeString(strip=True, if_missing=None)
431 vcs_svn_proxy_http_server_url = v.UnicodeString(strip=True, if_missing=None)
432
432
433 # cache
433 # cache
434 rhodecode_diff_cache = v.StringBoolean(if_missing=False)
434 rhodecode_diff_cache = v.StringBoolean(if_missing=False)
435
435
436
436
437 def ApplicationUiSettingsForm(localizer):
437 def ApplicationUiSettingsForm(localizer):
438 _ = localizer
438 _ = localizer
439
439
440 class _ApplicationUiSettingsForm(_BaseVcsSettingsForm):
440 class _ApplicationUiSettingsForm(_BaseVcsSettingsForm):
441 web_push_ssl = v.StringBoolean(if_missing=False)
441 web_push_ssl = v.StringBoolean(if_missing=False)
442 paths_root_path = All(
442 paths_root_path = All(
443 v.ValidPath(localizer),
443 v.ValidPath(localizer),
444 v.UnicodeString(strip=True, min=1, not_empty=True)
444 v.UnicodeString(strip=True, min=1, not_empty=True)
445 )
445 )
446 largefiles_usercache = All(
446 largefiles_usercache = All(
447 v.ValidPath(localizer),
447 v.ValidPath(localizer),
448 v.UnicodeString(strip=True, min=2, not_empty=True))
448 v.UnicodeString(strip=True, min=2, not_empty=True))
449 vcs_git_lfs_store_location = All(
449 vcs_git_lfs_store_location = All(
450 v.ValidPath(localizer),
450 v.ValidPath(localizer),
451 v.UnicodeString(strip=True, min=2, not_empty=True))
451 v.UnicodeString(strip=True, min=2, not_empty=True))
452 extensions_hgsubversion = v.StringBoolean(if_missing=False)
452 extensions_hgsubversion = v.StringBoolean(if_missing=False)
453 extensions_hggit = v.StringBoolean(if_missing=False)
453 extensions_hggit = v.StringBoolean(if_missing=False)
454 new_svn_branch = v.ValidSvnPattern(localizer, section='vcs_svn_branch')
454 new_svn_branch = v.ValidSvnPattern(localizer, section='vcs_svn_branch')
455 new_svn_tag = v.ValidSvnPattern(localizer, section='vcs_svn_tag')
455 new_svn_tag = v.ValidSvnPattern(localizer, section='vcs_svn_tag')
456 return _ApplicationUiSettingsForm
456 return _ApplicationUiSettingsForm
457
457
458
458
459 def RepoVcsSettingsForm(localizer, repo_name):
459 def RepoVcsSettingsForm(localizer, repo_name):
460 _ = localizer
460 _ = localizer
461
461
462 class _RepoVcsSettingsForm(_BaseVcsSettingsForm):
462 class _RepoVcsSettingsForm(_BaseVcsSettingsForm):
463 inherit_global_settings = v.StringBoolean(if_missing=False)
463 inherit_global_settings = v.StringBoolean(if_missing=False)
464 new_svn_branch = v.ValidSvnPattern(localizer,
464 new_svn_branch = v.ValidSvnPattern(localizer,
465 section='vcs_svn_branch', repo_name=repo_name)
465 section='vcs_svn_branch', repo_name=repo_name)
466 new_svn_tag = v.ValidSvnPattern(localizer,
466 new_svn_tag = v.ValidSvnPattern(localizer,
467 section='vcs_svn_tag', repo_name=repo_name)
467 section='vcs_svn_tag', repo_name=repo_name)
468 return _RepoVcsSettingsForm
468 return _RepoVcsSettingsForm
469
469
470
470
471 def LabsSettingsForm(localizer):
471 def LabsSettingsForm(localizer):
472 _ = localizer
472 _ = localizer
473
473
474 class _LabSettingsForm(formencode.Schema):
474 class _LabSettingsForm(formencode.Schema):
475 allow_extra_fields = True
475 allow_extra_fields = True
476 filter_extra_fields = False
476 filter_extra_fields = False
477 return _LabSettingsForm
477 return _LabSettingsForm
478
478
479
479
480 def ApplicationPermissionsForm(
480 def ApplicationPermissionsForm(
481 localizer, register_choices, password_reset_choices,
481 localizer, register_choices, password_reset_choices,
482 extern_activate_choices):
482 extern_activate_choices):
483 _ = localizer
483 _ = localizer
484
484
485 class _DefaultPermissionsForm(formencode.Schema):
485 class _DefaultPermissionsForm(formencode.Schema):
486 allow_extra_fields = True
486 allow_extra_fields = True
487 filter_extra_fields = True
487 filter_extra_fields = True
488
488
489 anonymous = v.StringBoolean(if_missing=False)
489 anonymous = v.StringBoolean(if_missing=False)
490 default_register = v.OneOf(register_choices)
490 default_register = v.OneOf(register_choices)
491 default_register_message = v.UnicodeString()
491 default_register_message = v.UnicodeString()
492 default_password_reset = v.OneOf(password_reset_choices)
492 default_password_reset = v.OneOf(password_reset_choices)
493 default_extern_activate = v.OneOf(extern_activate_choices)
493 default_extern_activate = v.OneOf(extern_activate_choices)
494 return _DefaultPermissionsForm
494 return _DefaultPermissionsForm
495
495
496
496
497 def ObjectPermissionsForm(localizer, repo_perms_choices, group_perms_choices,
497 def ObjectPermissionsForm(localizer, repo_perms_choices, group_perms_choices,
498 user_group_perms_choices):
498 user_group_perms_choices):
499 _ = localizer
499 _ = localizer
500
500
501 class _ObjectPermissionsForm(formencode.Schema):
501 class _ObjectPermissionsForm(formencode.Schema):
502 allow_extra_fields = True
502 allow_extra_fields = True
503 filter_extra_fields = True
503 filter_extra_fields = True
504 overwrite_default_repo = v.StringBoolean(if_missing=False)
504 overwrite_default_repo = v.StringBoolean(if_missing=False)
505 overwrite_default_group = v.StringBoolean(if_missing=False)
505 overwrite_default_group = v.StringBoolean(if_missing=False)
506 overwrite_default_user_group = v.StringBoolean(if_missing=False)
506 overwrite_default_user_group = v.StringBoolean(if_missing=False)
507
507 default_repo_perm = v.OneOf(repo_perms_choices)
508 default_repo_perm = v.OneOf(repo_perms_choices)
508 default_group_perm = v.OneOf(group_perms_choices)
509 default_group_perm = v.OneOf(group_perms_choices)
509 default_user_group_perm = v.OneOf(user_group_perms_choices)
510 default_user_group_perm = v.OneOf(user_group_perms_choices)
511
510 return _ObjectPermissionsForm
512 return _ObjectPermissionsForm
511
513
512
514
515 def BranchPermissionsForm(localizer, branch_perms_choices):
516 _ = localizer
517
518 class _BranchPermissionsForm(formencode.Schema):
519 allow_extra_fields = True
520 filter_extra_fields = True
521 overwrite_default_branch = v.StringBoolean(if_missing=False)
522 default_branch_perm = v.OneOf(branch_perms_choices)
523
524 return _BranchPermissionsForm
525
526
513 def UserPermissionsForm(localizer, create_choices, create_on_write_choices,
527 def UserPermissionsForm(localizer, create_choices, create_on_write_choices,
514 repo_group_create_choices, user_group_create_choices,
528 repo_group_create_choices, user_group_create_choices,
515 fork_choices, inherit_default_permissions_choices):
529 fork_choices, inherit_default_permissions_choices):
516 _ = localizer
530 _ = localizer
517
531
518 class _DefaultPermissionsForm(formencode.Schema):
532 class _DefaultPermissionsForm(formencode.Schema):
519 allow_extra_fields = True
533 allow_extra_fields = True
520 filter_extra_fields = True
534 filter_extra_fields = True
521
535
522 anonymous = v.StringBoolean(if_missing=False)
536 anonymous = v.StringBoolean(if_missing=False)
523
537
524 default_repo_create = v.OneOf(create_choices)
538 default_repo_create = v.OneOf(create_choices)
525 default_repo_create_on_write = v.OneOf(create_on_write_choices)
539 default_repo_create_on_write = v.OneOf(create_on_write_choices)
526 default_user_group_create = v.OneOf(user_group_create_choices)
540 default_user_group_create = v.OneOf(user_group_create_choices)
527 default_repo_group_create = v.OneOf(repo_group_create_choices)
541 default_repo_group_create = v.OneOf(repo_group_create_choices)
528 default_fork_create = v.OneOf(fork_choices)
542 default_fork_create = v.OneOf(fork_choices)
529 default_inherit_default_permissions = v.OneOf(inherit_default_permissions_choices)
543 default_inherit_default_permissions = v.OneOf(inherit_default_permissions_choices)
530 return _DefaultPermissionsForm
544 return _DefaultPermissionsForm
531
545
532
546
533 def UserIndividualPermissionsForm(localizer):
547 def UserIndividualPermissionsForm(localizer):
534 _ = localizer
548 _ = localizer
535
549
536 class _DefaultPermissionsForm(formencode.Schema):
550 class _DefaultPermissionsForm(formencode.Schema):
537 allow_extra_fields = True
551 allow_extra_fields = True
538 filter_extra_fields = True
552 filter_extra_fields = True
539
553
540 inherit_default_permissions = v.StringBoolean(if_missing=False)
554 inherit_default_permissions = v.StringBoolean(if_missing=False)
541 return _DefaultPermissionsForm
555 return _DefaultPermissionsForm
542
556
543
557
544 def DefaultsForm(localizer, edit=False, old_data=None, supported_backends=BACKENDS.keys()):
558 def DefaultsForm(localizer, edit=False, old_data=None, supported_backends=BACKENDS.keys()):
545 _ = localizer
559 _ = localizer
546 old_data = old_data or {}
560 old_data = old_data or {}
547
561
548 class _DefaultsForm(formencode.Schema):
562 class _DefaultsForm(formencode.Schema):
549 allow_extra_fields = True
563 allow_extra_fields = True
550 filter_extra_fields = True
564 filter_extra_fields = True
551 default_repo_type = v.OneOf(supported_backends)
565 default_repo_type = v.OneOf(supported_backends)
552 default_repo_private = v.StringBoolean(if_missing=False)
566 default_repo_private = v.StringBoolean(if_missing=False)
553 default_repo_enable_statistics = v.StringBoolean(if_missing=False)
567 default_repo_enable_statistics = v.StringBoolean(if_missing=False)
554 default_repo_enable_downloads = v.StringBoolean(if_missing=False)
568 default_repo_enable_downloads = v.StringBoolean(if_missing=False)
555 default_repo_enable_locking = v.StringBoolean(if_missing=False)
569 default_repo_enable_locking = v.StringBoolean(if_missing=False)
556 return _DefaultsForm
570 return _DefaultsForm
557
571
558
572
559 def AuthSettingsForm(localizer):
573 def AuthSettingsForm(localizer):
560 _ = localizer
574 _ = localizer
561
575
562 class _AuthSettingsForm(formencode.Schema):
576 class _AuthSettingsForm(formencode.Schema):
563 allow_extra_fields = True
577 allow_extra_fields = True
564 filter_extra_fields = True
578 filter_extra_fields = True
565 auth_plugins = All(v.ValidAuthPlugins(localizer),
579 auth_plugins = All(v.ValidAuthPlugins(localizer),
566 v.UniqueListFromString(localizer)(not_empty=True))
580 v.UniqueListFromString(localizer)(not_empty=True))
567 return _AuthSettingsForm
581 return _AuthSettingsForm
568
582
569
583
570 def UserExtraEmailForm(localizer):
584 def UserExtraEmailForm(localizer):
571 _ = localizer
585 _ = localizer
572
586
573 class _UserExtraEmailForm(formencode.Schema):
587 class _UserExtraEmailForm(formencode.Schema):
574 email = All(v.UniqSystemEmail(localizer), v.Email(not_empty=True))
588 email = All(v.UniqSystemEmail(localizer), v.Email(not_empty=True))
575 return _UserExtraEmailForm
589 return _UserExtraEmailForm
576
590
577
591
578 def UserExtraIpForm(localizer):
592 def UserExtraIpForm(localizer):
579 _ = localizer
593 _ = localizer
580
594
581 class _UserExtraIpForm(formencode.Schema):
595 class _UserExtraIpForm(formencode.Schema):
582 ip = v.ValidIp(localizer)(not_empty=True)
596 ip = v.ValidIp(localizer)(not_empty=True)
583 return _UserExtraIpForm
597 return _UserExtraIpForm
584
598
585
599
586 def PullRequestForm(localizer, repo_id):
600 def PullRequestForm(localizer, repo_id):
587 _ = localizer
601 _ = localizer
588
602
589 class ReviewerForm(formencode.Schema):
603 class ReviewerForm(formencode.Schema):
590 user_id = v.Int(not_empty=True)
604 user_id = v.Int(not_empty=True)
591 reasons = All()
605 reasons = All()
592 rules = All(v.UniqueList(localizer, convert=int)())
606 rules = All(v.UniqueList(localizer, convert=int)())
593 mandatory = v.StringBoolean()
607 mandatory = v.StringBoolean()
594
608
595 class _PullRequestForm(formencode.Schema):
609 class _PullRequestForm(formencode.Schema):
596 allow_extra_fields = True
610 allow_extra_fields = True
597 filter_extra_fields = True
611 filter_extra_fields = True
598
612
599 common_ancestor = v.UnicodeString(strip=True, required=True)
613 common_ancestor = v.UnicodeString(strip=True, required=True)
600 source_repo = v.UnicodeString(strip=True, required=True)
614 source_repo = v.UnicodeString(strip=True, required=True)
601 source_ref = v.UnicodeString(strip=True, required=True)
615 source_ref = v.UnicodeString(strip=True, required=True)
602 target_repo = v.UnicodeString(strip=True, required=True)
616 target_repo = v.UnicodeString(strip=True, required=True)
603 target_ref = v.UnicodeString(strip=True, required=True)
617 target_ref = v.UnicodeString(strip=True, required=True)
604 revisions = All(#v.NotReviewedRevisions(localizer, repo_id)(),
618 revisions = All(#v.NotReviewedRevisions(localizer, repo_id)(),
605 v.UniqueList(localizer)(not_empty=True))
619 v.UniqueList(localizer)(not_empty=True))
606 review_members = formencode.ForEach(ReviewerForm())
620 review_members = formencode.ForEach(ReviewerForm())
607 pullrequest_title = v.UnicodeString(strip=True, required=True, min=3, max=255)
621 pullrequest_title = v.UnicodeString(strip=True, required=True, min=3, max=255)
608 pullrequest_desc = v.UnicodeString(strip=True, required=False)
622 pullrequest_desc = v.UnicodeString(strip=True, required=False)
609 description_renderer = v.UnicodeString(strip=True, required=False)
623 description_renderer = v.UnicodeString(strip=True, required=False)
610
624
611 return _PullRequestForm
625 return _PullRequestForm
612
626
613
627
614 def IssueTrackerPatternsForm(localizer):
628 def IssueTrackerPatternsForm(localizer):
615 _ = localizer
629 _ = localizer
616
630
617 class _IssueTrackerPatternsForm(formencode.Schema):
631 class _IssueTrackerPatternsForm(formencode.Schema):
618 allow_extra_fields = True
632 allow_extra_fields = True
619 filter_extra_fields = False
633 filter_extra_fields = False
620 chained_validators = [v.ValidPattern(localizer)]
634 chained_validators = [v.ValidPattern(localizer)]
621 return _IssueTrackerPatternsForm
635 return _IssueTrackerPatternsForm
Show file before | Show file after | Hide comments
@@ -1,484 +1,557 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2018 RhodeCode GmbH
3 # Copyright (C) 2010-2018 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 """
21 """
22 permissions model for RhodeCode
22 permissions model for RhodeCode
23 """
23 """
24
24
25
25
26 import logging
26 import logging
27 import traceback
27 import traceback
28
28
29 from sqlalchemy.exc import DatabaseError
29 from sqlalchemy.exc import DatabaseError
30
30
31 from rhodecode.model import BaseModel
31 from rhodecode.model import BaseModel
32 from rhodecode.model.db import (
32 from rhodecode.model.db import (
33 User, Permission, UserToPerm, UserRepoToPerm, UserRepoGroupToPerm,
33 User, Permission, UserToPerm, UserRepoToPerm, UserRepoGroupToPerm,
34 UserUserGroupToPerm, UserGroup, UserGroupToPerm)
34 UserUserGroupToPerm, UserGroup, UserGroupToPerm, UserToRepoBranchPermission)
35 from rhodecode.lib.utils2 import str2bool, safe_int
35 from rhodecode.lib.utils2 import str2bool, safe_int
36
36
37 log = logging.getLogger(__name__)
37 log = logging.getLogger(__name__)
38
38
39
39
40 class PermissionModel(BaseModel):
40 class PermissionModel(BaseModel):
41 """
41 """
42 Permissions model for RhodeCode
42 Permissions model for RhodeCode
43 """
43 """
44
44
45 cls = Permission
45 cls = Permission
46 global_perms = {
46 global_perms = {
47 'default_repo_create': None,
47 'default_repo_create': None,
48 # special case for create repos on write access to group
48 # special case for create repos on write access to group
49 'default_repo_create_on_write': None,
49 'default_repo_create_on_write': None,
50 'default_repo_group_create': None,
50 'default_repo_group_create': None,
51 'default_user_group_create': None,
51 'default_user_group_create': None,
52 'default_fork_create': None,
52 'default_fork_create': None,
53 'default_inherit_default_permissions': None,
53 'default_inherit_default_permissions': None,
54 'default_register': None,
54 'default_register': None,
55 'default_password_reset': None,
55 'default_password_reset': None,
56 'default_extern_activate': None,
56 'default_extern_activate': None,
57
57
58 # object permissions below
58 # object permissions below
59 'default_repo_perm': None,
59 'default_repo_perm': None,
60 'default_group_perm': None,
60 'default_group_perm': None,
61 'default_user_group_perm': None,
61 'default_user_group_perm': None,
62
63 # branch
64 'default_branch_perm': None,
62 }
65 }
63
66
64 def set_global_permission_choices(self, c_obj, gettext_translator):
67 def set_global_permission_choices(self, c_obj, gettext_translator):
65 _ = gettext_translator
68 _ = gettext_translator
66
69
67 c_obj.repo_perms_choices = [
70 c_obj.repo_perms_choices = [
68 ('repository.none', _('None'),),
71 ('repository.none', _('None'),),
69 ('repository.read', _('Read'),),
72 ('repository.read', _('Read'),),
70 ('repository.write', _('Write'),),
73 ('repository.write', _('Write'),),
71 ('repository.admin', _('Admin'),)]
74 ('repository.admin', _('Admin'),)]
72
75
73 c_obj.group_perms_choices = [
76 c_obj.group_perms_choices = [
74 ('group.none', _('None'),),
77 ('group.none', _('None'),),
75 ('group.read', _('Read'),),
78 ('group.read', _('Read'),),
76 ('group.write', _('Write'),),
79 ('group.write', _('Write'),),
77 ('group.admin', _('Admin'),)]
80 ('group.admin', _('Admin'),)]
78
81
79 c_obj.user_group_perms_choices = [
82 c_obj.user_group_perms_choices = [
80 ('usergroup.none', _('None'),),
83 ('usergroup.none', _('None'),),
81 ('usergroup.read', _('Read'),),
84 ('usergroup.read', _('Read'),),
82 ('usergroup.write', _('Write'),),
85 ('usergroup.write', _('Write'),),
83 ('usergroup.admin', _('Admin'),)]
86 ('usergroup.admin', _('Admin'),)]
84
87
88 c_obj.branch_perms_choices = [
89 ('branch.none', _('Protected/No Access'),),
90 ('branch.merge', _('Web merge'),),
91 ('branch.push', _('Push'),),
92 ('branch.push_force', _('Force Push'),)]
93
85 c_obj.register_choices = [
94 c_obj.register_choices = [
86 ('hg.register.none', _('Disabled')),
95 ('hg.register.none', _('Disabled')),
87 ('hg.register.manual_activate', _('Allowed with manual account activation')),
96 ('hg.register.manual_activate', _('Allowed with manual account activation')),
88 ('hg.register.auto_activate', _('Allowed with automatic account activation')),]
97 ('hg.register.auto_activate', _('Allowed with automatic account activation')),]
89
98
90 c_obj.password_reset_choices = [
99 c_obj.password_reset_choices = [
91 ('hg.password_reset.enabled', _('Allow password recovery')),
100 ('hg.password_reset.enabled', _('Allow password recovery')),
92 ('hg.password_reset.hidden', _('Hide password recovery link')),
101 ('hg.password_reset.hidden', _('Hide password recovery link')),
93 ('hg.password_reset.disabled', _('Disable password recovery')),]
102 ('hg.password_reset.disabled', _('Disable password recovery')),]
94
103
95 c_obj.extern_activate_choices = [
104 c_obj.extern_activate_choices = [
96 ('hg.extern_activate.manual', _('Manual activation of external account')),
105 ('hg.extern_activate.manual', _('Manual activation of external account')),
97 ('hg.extern_activate.auto', _('Automatic activation of external account')),]
106 ('hg.extern_activate.auto', _('Automatic activation of external account')),]
98
107
99 c_obj.repo_create_choices = [
108 c_obj.repo_create_choices = [
100 ('hg.create.none', _('Disabled')),
109 ('hg.create.none', _('Disabled')),
101 ('hg.create.repository', _('Enabled'))]
110 ('hg.create.repository', _('Enabled'))]
102
111
103 c_obj.repo_create_on_write_choices = [
112 c_obj.repo_create_on_write_choices = [
104 ('hg.create.write_on_repogroup.false', _('Disabled')),
113 ('hg.create.write_on_repogroup.false', _('Disabled')),
105 ('hg.create.write_on_repogroup.true', _('Enabled'))]
114 ('hg.create.write_on_repogroup.true', _('Enabled'))]
106
115
107 c_obj.user_group_create_choices = [
116 c_obj.user_group_create_choices = [
108 ('hg.usergroup.create.false', _('Disabled')),
117 ('hg.usergroup.create.false', _('Disabled')),
109 ('hg.usergroup.create.true', _('Enabled'))]
118 ('hg.usergroup.create.true', _('Enabled'))]
110
119
111 c_obj.repo_group_create_choices = [
120 c_obj.repo_group_create_choices = [
112 ('hg.repogroup.create.false', _('Disabled')),
121 ('hg.repogroup.create.false', _('Disabled')),
113 ('hg.repogroup.create.true', _('Enabled'))]
122 ('hg.repogroup.create.true', _('Enabled'))]
114
123
115 c_obj.fork_choices = [
124 c_obj.fork_choices = [
116 ('hg.fork.none', _('Disabled')),
125 ('hg.fork.none', _('Disabled')),
117 ('hg.fork.repository', _('Enabled'))]
126 ('hg.fork.repository', _('Enabled'))]
118
127
119 c_obj.inherit_default_permission_choices = [
128 c_obj.inherit_default_permission_choices = [
120 ('hg.inherit_default_perms.false', _('Disabled')),
129 ('hg.inherit_default_perms.false', _('Disabled')),
121 ('hg.inherit_default_perms.true', _('Enabled'))]
130 ('hg.inherit_default_perms.true', _('Enabled'))]
122
131
123 def get_default_perms(self, object_perms, suffix):
132 def get_default_perms(self, object_perms, suffix):
124 defaults = {}
133 defaults = {}
125 for perm in object_perms:
134 for perm in object_perms:
126 # perms
135 # perms
127 if perm.permission.permission_name.startswith('repository.'):
136 if perm.permission.permission_name.startswith('repository.'):
128 defaults['default_repo_perm' + suffix] = perm.permission.permission_name
137 defaults['default_repo_perm' + suffix] = perm.permission.permission_name
129
138
130 if perm.permission.permission_name.startswith('group.'):
139 if perm.permission.permission_name.startswith('group.'):
131 defaults['default_group_perm' + suffix] = perm.permission.permission_name
140 defaults['default_group_perm' + suffix] = perm.permission.permission_name
132
141
133 if perm.permission.permission_name.startswith('usergroup.'):
142 if perm.permission.permission_name.startswith('usergroup.'):
134 defaults['default_user_group_perm' + suffix] = perm.permission.permission_name
143 defaults['default_user_group_perm' + suffix] = perm.permission.permission_name
135
144
145 # branch
146 if perm.permission.permission_name.startswith('branch.'):
147 defaults['default_branch_perm' + suffix] = perm.permission.permission_name
148
136 # creation of objects
149 # creation of objects
137 if perm.permission.permission_name.startswith('hg.create.write_on_repogroup'):
150 if perm.permission.permission_name.startswith('hg.create.write_on_repogroup'):
138 defaults['default_repo_create_on_write' + suffix] = perm.permission.permission_name
151 defaults['default_repo_create_on_write' + suffix] = perm.permission.permission_name
139
152
140 elif perm.permission.permission_name.startswith('hg.create.'):
153 elif perm.permission.permission_name.startswith('hg.create.'):
141 defaults['default_repo_create' + suffix] = perm.permission.permission_name
154 defaults['default_repo_create' + suffix] = perm.permission.permission_name
142
155
143 if perm.permission.permission_name.startswith('hg.fork.'):
156 if perm.permission.permission_name.startswith('hg.fork.'):
144 defaults['default_fork_create' + suffix] = perm.permission.permission_name
157 defaults['default_fork_create' + suffix] = perm.permission.permission_name
145
158
146 if perm.permission.permission_name.startswith('hg.inherit_default_perms.'):
159 if perm.permission.permission_name.startswith('hg.inherit_default_perms.'):
147 defaults['default_inherit_default_permissions' + suffix] = perm.permission.permission_name
160 defaults['default_inherit_default_permissions' + suffix] = perm.permission.permission_name
148
161
149 if perm.permission.permission_name.startswith('hg.repogroup.'):
162 if perm.permission.permission_name.startswith('hg.repogroup.'):
150 defaults['default_repo_group_create' + suffix] = perm.permission.permission_name
163 defaults['default_repo_group_create' + suffix] = perm.permission.permission_name
151
164
152 if perm.permission.permission_name.startswith('hg.usergroup.'):
165 if perm.permission.permission_name.startswith('hg.usergroup.'):
153 defaults['default_user_group_create' + suffix] = perm.permission.permission_name
166 defaults['default_user_group_create' + suffix] = perm.permission.permission_name
154
167
155 # registration and external account activation
168 # registration and external account activation
156 if perm.permission.permission_name.startswith('hg.register.'):
169 if perm.permission.permission_name.startswith('hg.register.'):
157 defaults['default_register' + suffix] = perm.permission.permission_name
170 defaults['default_register' + suffix] = perm.permission.permission_name
158
171
159 if perm.permission.permission_name.startswith('hg.password_reset.'):
172 if perm.permission.permission_name.startswith('hg.password_reset.'):
160 defaults['default_password_reset' + suffix] = perm.permission.permission_name
173 defaults['default_password_reset' + suffix] = perm.permission.permission_name
161
174
162 if perm.permission.permission_name.startswith('hg.extern_activate.'):
175 if perm.permission.permission_name.startswith('hg.extern_activate.'):
163 defaults['default_extern_activate' + suffix] = perm.permission.permission_name
176 defaults['default_extern_activate' + suffix] = perm.permission.permission_name
164
177
165 return defaults
178 return defaults
166
179
167 def _make_new_user_perm(self, user, perm_name):
180 def _make_new_user_perm(self, user, perm_name):
168 log.debug('Creating new user permission:%s', perm_name)
181 log.debug('Creating new user permission:%s', perm_name)
169 new = UserToPerm()
182 new = UserToPerm()
170 new.user = user
183 new.user = user
171 new.permission = Permission.get_by_key(perm_name)
184 new.permission = Permission.get_by_key(perm_name)
172 return new
185 return new
173
186
174 def _make_new_user_group_perm(self, user_group, perm_name):
187 def _make_new_user_group_perm(self, user_group, perm_name):
175 log.debug('Creating new user group permission:%s', perm_name)
188 log.debug('Creating new user group permission:%s', perm_name)
176 new = UserGroupToPerm()
189 new = UserGroupToPerm()
177 new.users_group = user_group
190 new.users_group = user_group
178 new.permission = Permission.get_by_key(perm_name)
191 new.permission = Permission.get_by_key(perm_name)
179 return new
192 return new
180
193
181 def _keep_perm(self, perm_name, keep_fields):
194 def _keep_perm(self, perm_name, keep_fields):
182 def get_pat(field_name):
195 def get_pat(field_name):
183 return {
196 return {
184 # global perms
197 # global perms
185 'default_repo_create': 'hg.create.',
198 'default_repo_create': 'hg.create.',
186 # special case for create repos on write access to group
199 # special case for create repos on write access to group
187 'default_repo_create_on_write': 'hg.create.write_on_repogroup.',
200 'default_repo_create_on_write': 'hg.create.write_on_repogroup.',
188 'default_repo_group_create': 'hg.repogroup.create.',
201 'default_repo_group_create': 'hg.repogroup.create.',
189 'default_user_group_create': 'hg.usergroup.create.',
202 'default_user_group_create': 'hg.usergroup.create.',
190 'default_fork_create': 'hg.fork.',
203 'default_fork_create': 'hg.fork.',
191 'default_inherit_default_permissions': 'hg.inherit_default_perms.',
204 'default_inherit_default_permissions': 'hg.inherit_default_perms.',
192
205
193 # application perms
206 # application perms
194 'default_register': 'hg.register.',
207 'default_register': 'hg.register.',
195 'default_password_reset': 'hg.password_reset.',
208 'default_password_reset': 'hg.password_reset.',
196 'default_extern_activate': 'hg.extern_activate.',
209 'default_extern_activate': 'hg.extern_activate.',
197
210
198 # object permissions below
211 # object permissions below
199 'default_repo_perm': 'repository.',
212 'default_repo_perm': 'repository.',
200 'default_group_perm': 'group.',
213 'default_group_perm': 'group.',
201 'default_user_group_perm': 'usergroup.',
214 'default_user_group_perm': 'usergroup.',
215 # branch
216 'default_branch_perm': 'branch.',
217
202 }[field_name]
218 }[field_name]
203 for field in keep_fields:
219 for field in keep_fields:
204 pat = get_pat(field)
220 pat = get_pat(field)
205 if perm_name.startswith(pat):
221 if perm_name.startswith(pat):
206 return True
222 return True
207 return False
223 return False
208
224
209 def _clear_object_perm(self, object_perms, preserve=None):
225 def _clear_object_perm(self, object_perms, preserve=None):
210 preserve = preserve or []
226 preserve = preserve or []
211 _deleted = []
227 _deleted = []
212 for perm in object_perms:
228 for perm in object_perms:
213 perm_name = perm.permission.permission_name
229 perm_name = perm.permission.permission_name
214 if not self._keep_perm(perm_name, keep_fields=preserve):
230 if not self._keep_perm(perm_name, keep_fields=preserve):
215 _deleted.append(perm_name)
231 _deleted.append(perm_name)
216 self.sa.delete(perm)
232 self.sa.delete(perm)
217 return _deleted
233 return _deleted
218
234
219 def _clear_user_perms(self, user_id, preserve=None):
235 def _clear_user_perms(self, user_id, preserve=None):
220 perms = self.sa.query(UserToPerm)\
236 perms = self.sa.query(UserToPerm)\
221 .filter(UserToPerm.user_id == user_id)\
237 .filter(UserToPerm.user_id == user_id)\
222 .all()
238 .all()
223 return self._clear_object_perm(perms, preserve=preserve)
239 return self._clear_object_perm(perms, preserve=preserve)
224
240
225 def _clear_user_group_perms(self, user_group_id, preserve=None):
241 def _clear_user_group_perms(self, user_group_id, preserve=None):
226 perms = self.sa.query(UserGroupToPerm)\
242 perms = self.sa.query(UserGroupToPerm)\
227 .filter(UserGroupToPerm.users_group_id == user_group_id)\
243 .filter(UserGroupToPerm.users_group_id == user_group_id)\
228 .all()
244 .all()
229 return self._clear_object_perm(perms, preserve=preserve)
245 return self._clear_object_perm(perms, preserve=preserve)
230
246
231 def _set_new_object_perms(self, obj_type, object, form_result, preserve=None):
247 def _set_new_object_perms(self, obj_type, object, form_result, preserve=None):
232 # clear current entries, to make this function idempotent
248 # clear current entries, to make this function idempotent
233 # it will fix even if we define more permissions or permissions
249 # it will fix even if we define more permissions or permissions
234 # are somehow missing
250 # are somehow missing
235 preserve = preserve or []
251 preserve = preserve or []
236 _global_perms = self.global_perms.copy()
252 _global_perms = self.global_perms.copy()
237 if obj_type not in ['user', 'user_group']:
253 if obj_type not in ['user', 'user_group']:
238 raise ValueError("obj_type must be on of 'user' or 'user_group'")
254 raise ValueError("obj_type must be on of 'user' or 'user_group'")
239 if len(_global_perms) != len(Permission.DEFAULT_USER_PERMISSIONS):
255 global_perms = len(_global_perms)
240 raise Exception('Inconsistent permissions definition')
256 default_user_perms = len(Permission.DEFAULT_USER_PERMISSIONS)
257 if global_perms != default_user_perms:
258 raise Exception(
259 'Inconsistent permissions definition. Got {} vs {}'.format(
260 global_perms, default_user_perms))
241
261
242 if obj_type == 'user':
262 if obj_type == 'user':
243 self._clear_user_perms(object.user_id, preserve)
263 self._clear_user_perms(object.user_id, preserve)
244 if obj_type == 'user_group':
264 if obj_type == 'user_group':
245 self._clear_user_group_perms(object.users_group_id, preserve)
265 self._clear_user_group_perms(object.users_group_id, preserve)
246
266
247 # now kill the keys that we want to preserve from the form.
267 # now kill the keys that we want to preserve from the form.
248 for key in preserve:
268 for key in preserve:
249 del _global_perms[key]
269 del _global_perms[key]
250
270
251 for k in _global_perms.copy():
271 for k in _global_perms.copy():
252 _global_perms[k] = form_result[k]
272 _global_perms[k] = form_result[k]
253
273
254 # at that stage we validate all are passed inside form_result
274 # at that stage we validate all are passed inside form_result
255 for _perm_key, perm_value in _global_perms.items():
275 for _perm_key, perm_value in _global_perms.items():
256 if perm_value is None:
276 if perm_value is None:
257 raise ValueError('Missing permission for %s' % (_perm_key,))
277 raise ValueError('Missing permission for %s' % (_perm_key,))
258
278
259 if obj_type == 'user':
279 if obj_type == 'user':
260 p = self._make_new_user_perm(object, perm_value)
280 p = self._make_new_user_perm(object, perm_value)
261 self.sa.add(p)
281 self.sa.add(p)
262 if obj_type == 'user_group':
282 if obj_type == 'user_group':
263 p = self._make_new_user_group_perm(object, perm_value)
283 p = self._make_new_user_group_perm(object, perm_value)
264 self.sa.add(p)
284 self.sa.add(p)
265
285
266 def _set_new_user_perms(self, user, form_result, preserve=None):
286 def _set_new_user_perms(self, user, form_result, preserve=None):
267 return self._set_new_object_perms(
287 return self._set_new_object_perms(
268 'user', user, form_result, preserve)
288 'user', user, form_result, preserve)
269
289
270 def _set_new_user_group_perms(self, user_group, form_result, preserve=None):
290 def _set_new_user_group_perms(self, user_group, form_result, preserve=None):
271 return self._set_new_object_perms(
291 return self._set_new_object_perms(
272 'user_group', user_group, form_result, preserve)
292 'user_group', user_group, form_result, preserve)
273
293
274 def set_new_user_perms(self, user, form_result):
294 def set_new_user_perms(self, user, form_result):
275 # calculate what to preserve from what is given in form_result
295 # calculate what to preserve from what is given in form_result
276 preserve = set(self.global_perms.keys()).difference(set(form_result.keys()))
296 preserve = set(self.global_perms.keys()).difference(set(form_result.keys()))
277 return self._set_new_user_perms(user, form_result, preserve)
297 return self._set_new_user_perms(user, form_result, preserve)
278
298
279 def set_new_user_group_perms(self, user_group, form_result):
299 def set_new_user_group_perms(self, user_group, form_result):
280 # calculate what to preserve from what is given in form_result
300 # calculate what to preserve from what is given in form_result
281 preserve = set(self.global_perms.keys()).difference(set(form_result.keys()))
301 preserve = set(self.global_perms.keys()).difference(set(form_result.keys()))
282 return self._set_new_user_group_perms(user_group, form_result, preserve)
302 return self._set_new_user_group_perms(user_group, form_result, preserve)
283
303
284 def create_permissions(self):
304 def create_permissions(self):
285 """
305 """
286 Create permissions for whole system
306 Create permissions for whole system
287 """
307 """
288 for p in Permission.PERMS:
308 for p in Permission.PERMS:
289 if not Permission.get_by_key(p[0]):
309 if not Permission.get_by_key(p[0]):
290 new_perm = Permission()
310 new_perm = Permission()
291 new_perm.permission_name = p[0]
311 new_perm.permission_name = p[0]
292 new_perm.permission_longname = p[0] # translation err with p[1]
312 new_perm.permission_longname = p[0] # translation err with p[1]
293 self.sa.add(new_perm)
313 self.sa.add(new_perm)
294
314
295 def _create_default_object_permission(self, obj_type, obj, obj_perms,
315 def _create_default_object_permission(self, obj_type, obj, obj_perms,
296 force=False):
316 force=False):
297 if obj_type not in ['user', 'user_group']:
317 if obj_type not in ['user', 'user_group']:
298 raise ValueError("obj_type must be on of 'user' or 'user_group'")
318 raise ValueError("obj_type must be on of 'user' or 'user_group'")
299
319
300 def _get_group(perm_name):
320 def _get_group(perm_name):
301 return '.'.join(perm_name.split('.')[:1])
321 return '.'.join(perm_name.split('.')[:1])
302
322
303 defined_perms_groups = map(
323 defined_perms_groups = map(
304 _get_group, (x.permission.permission_name for x in obj_perms))
324 _get_group, (x.permission.permission_name for x in obj_perms))
305 log.debug('GOT ALREADY DEFINED:%s', obj_perms)
325 log.debug('GOT ALREADY DEFINED:%s', obj_perms)
306
326
307 if force:
327 if force:
308 self._clear_object_perm(obj_perms)
328 self._clear_object_perm(obj_perms)
309 self.sa.commit()
329 self.sa.commit()
310 defined_perms_groups = []
330 defined_perms_groups = []
311 # for every default permission that needs to be created, we check if
331 # for every default permission that needs to be created, we check if
312 # it's group is already defined, if it's not we create default perm
332 # it's group is already defined, if it's not we create default perm
313 for perm_name in Permission.DEFAULT_USER_PERMISSIONS:
333 for perm_name in Permission.DEFAULT_USER_PERMISSIONS:
314 gr = _get_group(perm_name)
334 gr = _get_group(perm_name)
315 if gr not in defined_perms_groups:
335 if gr not in defined_perms_groups:
316 log.debug('GR:%s not found, creating permission %s',
336 log.debug('GR:%s not found, creating permission %s',
317 gr, perm_name)
337 gr, perm_name)
318 if obj_type == 'user':
338 if obj_type == 'user':
319 new_perm = self._make_new_user_perm(obj, perm_name)
339 new_perm = self._make_new_user_perm(obj, perm_name)
320 self.sa.add(new_perm)
340 self.sa.add(new_perm)
321 if obj_type == 'user_group':
341 if obj_type == 'user_group':
322 new_perm = self._make_new_user_group_perm(obj, perm_name)
342 new_perm = self._make_new_user_group_perm(obj, perm_name)
323 self.sa.add(new_perm)
343 self.sa.add(new_perm)
324
344
325 def create_default_user_permissions(self, user, force=False):
345 def create_default_user_permissions(self, user, force=False):
326 """
346 """
327 Creates only missing default permissions for user, if force is set it
347 Creates only missing default permissions for user, if force is set it
328 resets the default permissions for that user
348 resets the default permissions for that user
329
349
330 :param user:
350 :param user:
331 :param force:
351 :param force:
332 """
352 """
333 user = self._get_user(user)
353 user = self._get_user(user)
334 obj_perms = UserToPerm.query().filter(UserToPerm.user == user).all()
354 obj_perms = UserToPerm.query().filter(UserToPerm.user == user).all()
335 return self._create_default_object_permission(
355 return self._create_default_object_permission(
336 'user', user, obj_perms, force)
356 'user', user, obj_perms, force)
337
357
338 def create_default_user_group_permissions(self, user_group, force=False):
358 def create_default_user_group_permissions(self, user_group, force=False):
339 """
359 """
340 Creates only missing default permissions for user group, if force is set it
360 Creates only missing default permissions for user group, if force is
341 resets the default permissions for that user group
361 set it resets the default permissions for that user group
342
362
343 :param user_group:
363 :param user_group:
344 :param force:
364 :param force:
345 """
365 """
346 user_group = self._get_user_group(user_group)
366 user_group = self._get_user_group(user_group)
347 obj_perms = UserToPerm.query().filter(UserGroupToPerm.users_group == user_group).all()
367 obj_perms = UserToPerm.query().filter(UserGroupToPerm.users_group == user_group).all()
348 return self._create_default_object_permission(
368 return self._create_default_object_permission(
349 'user_group', user_group, obj_perms, force)
369 'user_group', user_group, obj_perms, force)
350
370
351 def update_application_permissions(self, form_result):
371 def update_application_permissions(self, form_result):
352 if 'perm_user_id' in form_result:
372 if 'perm_user_id' in form_result:
353 perm_user = User.get(safe_int(form_result['perm_user_id']))
373 perm_user = User.get(safe_int(form_result['perm_user_id']))
354 else:
374 else:
355 # used mostly to do lookup for default user
375 # used mostly to do lookup for default user
356 perm_user = User.get_by_username(form_result['perm_user_name'])
376 perm_user = User.get_by_username(form_result['perm_user_name'])
357
377
358 try:
378 try:
359 # stage 1 set anonymous access
379 # stage 1 set anonymous access
360 if perm_user.username == User.DEFAULT_USER:
380 if perm_user.username == User.DEFAULT_USER:
361 perm_user.active = str2bool(form_result['anonymous'])
381 perm_user.active = str2bool(form_result['anonymous'])
362 self.sa.add(perm_user)
382 self.sa.add(perm_user)
363
383
364 # stage 2 reset defaults and set them from form data
384 # stage 2 reset defaults and set them from form data
365 self._set_new_user_perms(perm_user, form_result, preserve=[
385 self._set_new_user_perms(perm_user, form_result, preserve=[
366 'default_repo_perm',
386 'default_repo_perm',
367 'default_group_perm',
387 'default_group_perm',
368 'default_user_group_perm',
388 'default_user_group_perm',
389 'default_branch_perm',
369
390
370 'default_repo_group_create',
391 'default_repo_group_create',
371 'default_user_group_create',
392 'default_user_group_create',
372 'default_repo_create_on_write',
393 'default_repo_create_on_write',
373 'default_repo_create',
394 'default_repo_create',
374 'default_fork_create',
395 'default_fork_create',
375 'default_inherit_default_permissions',])
396 'default_inherit_default_permissions',])
376
397
377 self.sa.commit()
398 self.sa.commit()
378 except (DatabaseError,):
399 except (DatabaseError,):
379 log.error(traceback.format_exc())
400 log.error(traceback.format_exc())
380 self.sa.rollback()
401 self.sa.rollback()
381 raise
402 raise
382
403
383 def update_user_permissions(self, form_result):
404 def update_user_permissions(self, form_result):
384 if 'perm_user_id' in form_result:
405 if 'perm_user_id' in form_result:
385 perm_user = User.get(safe_int(form_result['perm_user_id']))
406 perm_user = User.get(safe_int(form_result['perm_user_id']))
386 else:
407 else:
387 # used mostly to do lookup for default user
408 # used mostly to do lookup for default user
388 perm_user = User.get_by_username(form_result['perm_user_name'])
409 perm_user = User.get_by_username(form_result['perm_user_name'])
389 try:
410 try:
390 # stage 2 reset defaults and set them from form data
411 # stage 2 reset defaults and set them from form data
391 self._set_new_user_perms(perm_user, form_result, preserve=[
412 self._set_new_user_perms(perm_user, form_result, preserve=[
392 'default_repo_perm',
413 'default_repo_perm',
393 'default_group_perm',
414 'default_group_perm',
394 'default_user_group_perm',
415 'default_user_group_perm',
416 'default_branch_perm',
395
417
396 'default_register',
418 'default_register',
397 'default_password_reset',
419 'default_password_reset',
398 'default_extern_activate'])
420 'default_extern_activate'])
399 self.sa.commit()
421 self.sa.commit()
400 except (DatabaseError,):
422 except (DatabaseError,):
401 log.error(traceback.format_exc())
423 log.error(traceback.format_exc())
402 self.sa.rollback()
424 self.sa.rollback()
403 raise
425 raise
404
426
405 def update_user_group_permissions(self, form_result):
427 def update_user_group_permissions(self, form_result):
406 if 'perm_user_group_id' in form_result:
428 if 'perm_user_group_id' in form_result:
407 perm_user_group = UserGroup.get(safe_int(form_result['perm_user_group_id']))
429 perm_user_group = UserGroup.get(safe_int(form_result['perm_user_group_id']))
408 else:
430 else:
409 # used mostly to do lookup for default user
431 # used mostly to do lookup for default user
410 perm_user_group = UserGroup.get_by_group_name(form_result['perm_user_group_name'])
432 perm_user_group = UserGroup.get_by_group_name(form_result['perm_user_group_name'])
411 try:
433 try:
412 # stage 2 reset defaults and set them from form data
434 # stage 2 reset defaults and set them from form data
413 self._set_new_user_group_perms(perm_user_group, form_result, preserve=[
435 self._set_new_user_group_perms(perm_user_group, form_result, preserve=[
414 'default_repo_perm',
436 'default_repo_perm',
415 'default_group_perm',
437 'default_group_perm',
416 'default_user_group_perm',
438 'default_user_group_perm',
439 'default_branch_perm',
417
440
418 'default_register',
441 'default_register',
419 'default_password_reset',
442 'default_password_reset',
420 'default_extern_activate'])
443 'default_extern_activate'])
421 self.sa.commit()
444 self.sa.commit()
422 except (DatabaseError,):
445 except (DatabaseError,):
423 log.error(traceback.format_exc())
446 log.error(traceback.format_exc())
424 self.sa.rollback()
447 self.sa.rollback()
425 raise
448 raise
426
449
427 def update_object_permissions(self, form_result):
450 def update_object_permissions(self, form_result):
428 if 'perm_user_id' in form_result:
451 if 'perm_user_id' in form_result:
429 perm_user = User.get(safe_int(form_result['perm_user_id']))
452 perm_user = User.get(safe_int(form_result['perm_user_id']))
430 else:
453 else:
431 # used mostly to do lookup for default user
454 # used mostly to do lookup for default user
432 perm_user = User.get_by_username(form_result['perm_user_name'])
455 perm_user = User.get_by_username(form_result['perm_user_name'])
433 try:
456 try:
434
457
435 # stage 2 reset defaults and set them from form data
458 # stage 2 reset defaults and set them from form data
436 self._set_new_user_perms(perm_user, form_result, preserve=[
459 self._set_new_user_perms(perm_user, form_result, preserve=[
437 'default_repo_group_create',
460 'default_repo_group_create',
438 'default_user_group_create',
461 'default_user_group_create',
439 'default_repo_create_on_write',
462 'default_repo_create_on_write',
440 'default_repo_create',
463 'default_repo_create',
441 'default_fork_create',
464 'default_fork_create',
442 'default_inherit_default_permissions',
465 'default_inherit_default_permissions',
466 'default_branch_perm',
443
467
444 'default_register',
468 'default_register',
445 'default_password_reset',
469 'default_password_reset',
446 'default_extern_activate'])
470 'default_extern_activate'])
447
471
448 # overwrite default repo permissions
472 # overwrite default repo permissions
449 if form_result['overwrite_default_repo']:
473 if form_result['overwrite_default_repo']:
450 _def_name = form_result['default_repo_perm'].split('repository.')[-1]
474 _def_name = form_result['default_repo_perm'].split('repository.')[-1]
451 _def = Permission.get_by_key('repository.' + _def_name)
475 _def = Permission.get_by_key('repository.' + _def_name)
452 for r2p in self.sa.query(UserRepoToPerm)\
476 for r2p in self.sa.query(UserRepoToPerm)\
453 .filter(UserRepoToPerm.user == perm_user)\
477 .filter(UserRepoToPerm.user == perm_user)\
454 .all():
478 .all():
455 # don't reset PRIVATE repositories
479 # don't reset PRIVATE repositories
456 if not r2p.repository.private:
480 if not r2p.repository.private:
457 r2p.permission = _def
481 r2p.permission = _def
458 self.sa.add(r2p)
482 self.sa.add(r2p)
459
483
460 # overwrite default repo group permissions
484 # overwrite default repo group permissions
461 if form_result['overwrite_default_group']:
485 if form_result['overwrite_default_group']:
462 _def_name = form_result['default_group_perm'].split('group.')[-1]
486 _def_name = form_result['default_group_perm'].split('group.')[-1]
463 _def = Permission.get_by_key('group.' + _def_name)
487 _def = Permission.get_by_key('group.' + _def_name)
464 for g2p in self.sa.query(UserRepoGroupToPerm)\
488 for g2p in self.sa.query(UserRepoGroupToPerm)\
465 .filter(UserRepoGroupToPerm.user == perm_user)\
489 .filter(UserRepoGroupToPerm.user == perm_user)\
466 .all():
490 .all():
467 g2p.permission = _def
491 g2p.permission = _def
468 self.sa.add(g2p)
492 self.sa.add(g2p)
469
493
470 # overwrite default user group permissions
494 # overwrite default user group permissions
471 if form_result['overwrite_default_user_group']:
495 if form_result['overwrite_default_user_group']:
472 _def_name = form_result['default_user_group_perm'].split('usergroup.')[-1]
496 _def_name = form_result['default_user_group_perm'].split('usergroup.')[-1]
473 # user groups
497 # user groups
474 _def = Permission.get_by_key('usergroup.' + _def_name)
498 _def = Permission.get_by_key('usergroup.' + _def_name)
475 for g2p in self.sa.query(UserUserGroupToPerm)\
499 for g2p in self.sa.query(UserUserGroupToPerm)\
476 .filter(UserUserGroupToPerm.user == perm_user)\
500 .filter(UserUserGroupToPerm.user == perm_user)\
477 .all():
501 .all():
478 g2p.permission = _def
502 g2p.permission = _def
479 self.sa.add(g2p)
503 self.sa.add(g2p)
504
505 # COMMIT
480 self.sa.commit()
506 self.sa.commit()
481 except (DatabaseError,):
507 except (DatabaseError,):
482 log.exception('Failed to set default object permissions')
508 log.exception('Failed to set default object permissions')
483 self.sa.rollback()
509 self.sa.rollback()
484 raise
510 raise
511
512 def update_branch_permissions(self, form_result):
513 if 'perm_user_id' in form_result:
514 perm_user = User.get(safe_int(form_result['perm_user_id']))
515 else:
516 # used mostly to do lookup for default user
517 perm_user = User.get_by_username(form_result['perm_user_name'])
518 try:
519
520 # stage 2 reset defaults and set them from form data
521 self._set_new_user_perms(perm_user, form_result, preserve=[
522 'default_repo_perm',
523 'default_group_perm',
524 'default_user_group_perm',
525
526 'default_repo_group_create',
527 'default_user_group_create',
528 'default_repo_create_on_write',
529 'default_repo_create',
530 'default_fork_create',
531 'default_inherit_default_permissions',
532
533 'default_register',
534 'default_password_reset',
535 'default_extern_activate'])
536
537 # overwrite default branch permissions
538 if form_result['overwrite_default_branch']:
539 _def_name = \
540 form_result['default_branch_perm'].split('branch.')[-1]
541
542 _def = Permission.get_by_key('branch.' + _def_name)
543
544 # TODO(marcink): those are bind to repo, perms, we need to unfold user somehow from this
545 for g2p in self.sa.query(UserToRepoBranchPermission) \
546 .filter(UserToRepoBranchPermission.user == perm_user) \
547 .all():
548 g2p.permission = _def
549 self.sa.add(g2p)
550
551 # COMMIT
552 self.sa.commit()
553 except (DatabaseError,):
554 log.exception('Failed to set default branch permissions')
555 self.sa.rollback()
556 raise
557
Show file before | Show file after | Hide comments
@@ -1,392 +1,409 b''
1
1
2 // Contains the style definitions used for .main-content
2 // Contains the style definitions used for .main-content
3 // elements which are mainly around the admin settings.
3 // elements which are mainly around the admin settings.
4
4
5
5
6 // TODO: johbo: Integrate in a better way, this is for "main content" which
6 // TODO: johbo: Integrate in a better way, this is for "main content" which
7 // should not have a limit on the width.
7 // should not have a limit on the width.
8 .main-content-full {
8 .main-content-full {
9 clear: both;
9 clear: both;
10 }
10 }
11
11
12
12
13 .main-content {
13 .main-content {
14 max-width: @maincontent-maxwidth;
14 max-width: @maincontent-maxwidth;
15
15
16 h3,
16 h3,
17 // TODO: johbo: Change templates to use h3 instead of h4 here
17 // TODO: johbo: Change templates to use h3 instead of h4 here
18 h4 {
18 h4 {
19 line-height: 1em;
19 line-height: 1em;
20 }
20 }
21
21
22 // TODO: johbo: Check if we can do that on a global level
22 // TODO: johbo: Check if we can do that on a global level
23 table {
23 table {
24 th {
24 th {
25 padding: 0;
25 padding: 0;
26 }
26 }
27 td.field{
27 td.field{
28 .help-block{
28 .help-block{
29 margin-left: 0;
29 margin-left: 0;
30 }
30 }
31 }
31 }
32 }
32 }
33
33
34 // TODO: johbo: Tweak this into the general styling, for a full width
34 // TODO: johbo: Tweak this into the general styling, for a full width
35 // textarea
35 // textarea
36 .textarea-full {
36 .textarea-full {
37 // 2x 10px padding and 2x 1px border
37 // 2x 10px padding and 2x 1px border
38 margin-right: 22px;
38 margin-right: 22px;
39 }
39 }
40
40
41 }
41 }
42
42
43
43
44 // TODO: johbo: duplicated, think about a mixins.less
44 // TODO: johbo: duplicated, think about a mixins.less
45 .block-left{
45 .block-left{
46 float: left;
46 float: left;
47 }
47 }
48
48
49 .form {
49 .form {
50 .checkboxes {
50 .checkboxes {
51 // TODO: johbo: Should be changed in .checkboxes already
51 // TODO: johbo: Should be changed in .checkboxes already
52 width: auto;
52 width: auto;
53 }
53 }
54
54
55 // TODO: johbo: some settings pages are broken and don't have the .buttons
55 // TODO: johbo: some settings pages are broken and don't have the .buttons
56 // inside the .fields, tweak those templates and remove this.
56 // inside the .fields, tweak those templates and remove this.
57 .buttons {
57 .buttons {
58 margin-top: @textmargin;
58 margin-top: @textmargin;
59 }
59 }
60
60
61 .help-block {
61 .help-block {
62 display: block;
62 display: block;
63 margin-left: @label-width;
63 margin-left: @label-width;
64 &.pre-formatting {
64 &.pre-formatting {
65 white-space: pre;
65 white-space: pre;
66 }
66 }
67 }
67 }
68
68
69 .action_button {
69 .action_button {
70 color: @grey4;
70 color: @grey4;
71 }
71 }
72 }
72 }
73
73
74 .main-content-full-width {
74 .main-content-full-width {
75 .main-content;
75 .main-content;
76 width: 100%;
76 width: 100%;
77 min-width: 100%;
77 min-width: 100%;
78 }
78 }
79
79
80 .main-content-auto-width {
80 .main-content-auto-width {
81 .main-content;
81 .main-content;
82 width: auto;
82 width: auto;
83 min-width: 100%;
83 min-width: 100%;
84 max-width: inherit;
84 max-width: inherit;
85 }
85 }
86
86
87 .field {
87 .field {
88 clear: left;
88 clear: left;
89 margin-bottom: @padding;
89 margin-bottom: @padding;
90
90
91 }
91 }
92
92
93 .input-monospace {
93 .input-monospace {
94 font-family: @font-family-monospace;
94 font-family: @font-family-monospace;
95 }
95 }
96
96
97 .fields {
97 .fields {
98 label {
98 label {
99 color: @grey2;
99 color: @grey2;
100 }
100 }
101
101
102 .field {
102 .field {
103 clear: right;
103 clear: right;
104 margin-bottom: @textmargin;
104 margin-bottom: @textmargin;
105 width: 100%;
105 width: 100%;
106
106
107 .label {
107 .label {
108 float: left;
108 float: left;
109 margin-right: @form-vertical-margin;
109 margin-right: @form-vertical-margin;
110 margin-top: 0;
110 margin-top: 0;
111 padding-top: @input-padding-px + @border-thickness-inputs;
111 padding-top: @input-padding-px + @border-thickness-inputs;
112 width: @label-width - @form-vertical-margin;
112 width: @label-width - @form-vertical-margin;
113 }
113 }
114 // used in forms for fields that show just text
114 // used in forms for fields that show just text
115 .label-text {
115 .label-text {
116 .label;
116 .label;
117 padding-top: 5px;
117 padding-top: 5px;
118 }
118 }
119 .label-branch-perm {
120 .label;
121 width: 20px;
122 }
123
119 // Used to position content on the right side of a .label
124 // Used to position content on the right side of a .label
120 .content,
125 .content,
121 .side-by-side-selector {
126 .side-by-side-selector {
122 padding-top: @input-padding-px + @input-border-thickness;
127 padding-top: @input-padding-px + @input-border-thickness;
123 }
128 }
124
129
125 .checkboxes,
130 .checkboxes,
126 .input,
131 .input,
127 .select,
132 .select,
128 .textarea,
133 .textarea,
129 .content {
134 .content {
130 float: none;
135 float: none;
131 margin-left: @label-width;
136 margin-left: @label-width;
132
137
133 .help-block {
138 .help-block {
134 margin-left: 0;
139 margin-left: 0;
135 }
140 }
136 }
141 }
137
142
143 .input-branch-perm {
144 .input;
145 margin-left: 90px;
146 }
147
148 .input-branch-perm-order {
149 width: 40px;
150 }
151
138 .checkboxes,
152 .checkboxes,
139 .input,
153 .input,
140 .select {
154 .select {
141 .help-block {
155 .help-block {
142 display: block;
156 display: block;
143 }
157 }
144 }
158 }
145
159
146 .checkboxes,
160 .checkboxes,
147 .radios {
161 .radios {
148 // TODO: johbo: We get a 4px margin from the from-bootstrap,
162 // TODO: johbo: We get a 4px margin from the from-bootstrap,
149 // compensating here to align well with labels on the left.
163 // compensating here to align well with labels on the left.
150 padding-top: @input-padding-px + @input-border-thickness - 3px;
164 padding-top: @input-padding-px + @input-border-thickness - 3px;
151 }
165 }
152
166
153 .checkbox,
167 .checkbox,
154 .radio {
168 .radio {
155 display: block;
169 display: block;
156 width: auto;
170 width: auto;
157 }
171 }
158
172
159 .checkbox + .checkbox {
173 .checkbox + .checkbox {
160 display: block;
174 display: block;
161 }
175 }
162
176
163 .input,
177 .input,
164 .select {
178 .select {
165 .help-block,
179 .help-block,
166 .info-block {
180 .info-block {
167 margin-top: @form-vertical-margin / 2;
181 margin-top: @form-vertical-margin / 2;
168 }
182 }
169 }
183 }
170
184
171 .input {
185 .input {
186 .branch-perm {
187 width: 80px;
188 }
172 .medium {
189 .medium {
173 width: @fields-input-m;
190 width: @fields-input-m;
174 }
191 }
175 .large {
192 .large {
176 width: @fields-input-l;
193 width: @fields-input-l;
177 }
194 }
178
195
179 .text-as-placeholder {
196 .text-as-placeholder {
180 padding-top: @input-padding-px + @border-thickness-inputs;
197 padding-top: @input-padding-px + @border-thickness-inputs;
181 }
198 }
182 }
199 }
183
200
184 // TODO: johbo: Try to find a better integration of this bit.
201 // TODO: johbo: Try to find a better integration of this bit.
185 // When using a select2 inside of a field, it should not have the
202 // When using a select2 inside of a field, it should not have the
186 // top margin.
203 // top margin.
187 .select .drop-menu {
204 .select .drop-menu {
188 margin-top: 0;
205 margin-top: 0;
189 }
206 }
190
207
191 .textarea {
208 .textarea {
192 float: none;
209 float: none;
193
210
194 textarea {
211 textarea {
195 // TODO: johbo: From somewhere we get a clear which does
212 // TODO: johbo: From somewhere we get a clear which does
196 // more harm than good here.
213 // more harm than good here.
197 clear: none;
214 clear: none;
198 }
215 }
199
216
200 .CodeMirror {
217 .CodeMirror {
201 // TODO: johbo: Tweak to position the .help-block nicer,
218 // TODO: johbo: Tweak to position the .help-block nicer,
202 // figure out how to apply for .text-block instead.
219 // figure out how to apply for .text-block instead.
203 margin-bottom: 10px;
220 margin-bottom: 10px;
204 }
221 }
205
222
206 // TODO: johbo: Check if we can remove the grey background on
223 // TODO: johbo: Check if we can remove the grey background on
207 // the global level and remove this if possible.
224 // the global level and remove this if possible.
208 .help-block {
225 .help-block {
209 background: transparent;
226 background: transparent;
210 padding: 0;
227 padding: 0;
211 }
228 }
212 }
229 }
213
230
214 &.tag_patterns,
231 &.tag_patterns,
215 &.branch_patterns {
232 &.branch_patterns {
216
233
217 input {
234 input {
218 max-width: 430px;
235 max-width: 430px;
219 }
236 }
220 }
237 }
221 }
238 }
222
239
223 .field-sm {
240 .field-sm {
224 .label {
241 .label {
225 padding-top: @input-padding-px / 2 + @input-border-thickness;
242 padding-top: @input-padding-px / 2 + @input-border-thickness;
226 }
243 }
227 .checkboxes,
244 .checkboxes,
228 .radios {
245 .radios {
229 // TODO: johbo: We get a 4px margin from the from-bootstrap,
246 // TODO: johbo: We get a 4px margin from the from-bootstrap,
230 // compensating here to align well with labels on the left.
247 // compensating here to align well with labels on the left.
231 padding-top: @input-padding-px / 2 + @input-border-thickness - 3px;
248 padding-top: @input-padding-px / 2 + @input-border-thickness - 3px;
232 }
249 }
233 }
250 }
234
251
235 .field.customhooks {
252 .field.customhooks {
236 .label {
253 .label {
237 padding-top: 0;
254 padding-top: 0;
238 }
255 }
239 .input-wrapper {
256 .input-wrapper {
240 padding-right: 25px;
257 padding-right: 25px;
241
258
242 input {
259 input {
243 width: 100%;
260 width: 100%;
244 }
261 }
245 }
262 }
246 .input {
263 .input {
247 padding-right: 25px;
264 padding-right: 25px;
248 }
265 }
249 }
266 }
250
267
251 .buttons {
268 .buttons {
252 // TODO: johbo: define variable for this value.
269 // TODO: johbo: define variable for this value.
253 // Note that this should be 40px but since most elements add some
270 // Note that this should be 40px but since most elements add some
254 // space in the bottom, we are with 20 closer to 40.
271 // space in the bottom, we are with 20 closer to 40.
255 margin-top: 20px;
272 margin-top: 20px;
256 clear: both;
273 clear: both;
257 margin-bottom: @padding;
274 margin-bottom: @padding;
258 }
275 }
259
276
260 .desc{
277 .desc{
261 margin-right: @textmargin;
278 margin-right: @textmargin;
262 }
279 }
263
280
264 input,
281 input,
265 .drop-menu {
282 .drop-menu {
266 margin-right: @padding/3;
283 margin-right: @padding/3;
267 }
284 }
268
285
269 }
286 }
270
287
271 .form-vertical .fields .field {
288 .form-vertical .fields .field {
272
289
273 .label {
290 .label {
274 float: none;
291 float: none;
275 width: auto;
292 width: auto;
276 }
293 }
277
294
278 .checkboxes,
295 .checkboxes,
279 .input,
296 .input,
280 .select,
297 .select,
281 .textarea {
298 .textarea {
282 margin-left: 0;
299 margin-left: 0;
283 }
300 }
284
301
285 // TODO: johbo: had to tweak the width here to make it big enough for
302 // TODO: johbo: had to tweak the width here to make it big enough for
286 // the license.
303 // the license.
287 .textarea.editor {
304 .textarea.editor {
288 max-width: none;
305 max-width: none;
289 }
306 }
290
307
291 .textarea.large textarea {
308 .textarea.large textarea {
292 min-height: 200px;
309 min-height: 200px;
293 }
310 }
294
311
295 .help-block {
312 .help-block {
296 margin-left: 0;
313 margin-left: 0;
297 }
314 }
298 }
315 }
299
316
300
317
301
318
302
319
303 .main-content {
320 .main-content {
304 .block-left;
321 .block-left;
305
322
306 .section {
323 .section {
307 margin-bottom: @space;
324 margin-bottom: @space;
308 }
325 }
309
326
310
327
311 // Table aligning same way as forms in admin section, e.g.
328 // Table aligning same way as forms in admin section, e.g.
312 // python packages table
329 // python packages table
313 table.formalign {
330 table.formalign {
314 float: left;
331 float: left;
315 width: auto;
332 width: auto;
316
333
317 .label {
334 .label {
318 width: @label-width;
335 width: @label-width;
319 }
336 }
320
337
321 }
338 }
322
339
323
340
324 table.issuetracker {
341 table.issuetracker {
325
342
326 color: @text-color;
343 color: @text-color;
327
344
328 .issue-tracker-example {
345 .issue-tracker-example {
329 color: @grey4;
346 color: @grey4;
330 }
347 }
331 }
348 }
332
349
333 .side-by-side-selector{
350 .side-by-side-selector{
334 .left-group,
351 .left-group,
335 .middle-group,
352 .middle-group,
336 .right-group{
353 .right-group{
337 float: left;
354 float: left;
338 }
355 }
339
356
340 .left-group,
357 .left-group,
341 .right-group{
358 .right-group{
342 width: 45%;
359 width: 45%;
343 text-align: center;
360 text-align: center;
344
361
345 label{
362 label{
346 width: 100%;
363 width: 100%;
347 text-align: left;
364 text-align: left;
348 }
365 }
349
366
350 select{
367 select{
351 width: 100%;
368 width: 100%;
352 background: none;
369 background: none;
353 border-color: @border-highlight-color;
370 border-color: @border-highlight-color;
354 color: @text-color;
371 color: @text-color;
355 font-family: @text-light;
372 font-family: @text-light;
356 font-size: @basefontsize;
373 font-size: @basefontsize;
357 color: @grey1;
374 color: @grey1;
358 padding: @textmargin/2;
375 padding: @textmargin/2;
359 }
376 }
360
377
361 select:after{
378 select:after{
362 content: "";
379 content: "";
363 }
380 }
364
381
365 }
382 }
366
383
367 .middle-group{
384 .middle-group{
368 width: 10%;
385 width: 10%;
369 text-align: center;
386 text-align: center;
370 padding-top: 4em;
387 padding-top: 4em;
371 i {
388 i {
372 font-size: 18px;
389 font-size: 18px;
373 cursor: pointer;
390 cursor: pointer;
374 line-height: 2em;
391 line-height: 2em;
375 }
392 }
376 }
393 }
377
394
378 }
395 }
379
396
380 .permissions_boxes{
397 .permissions_boxes{
381 label, .label{
398 label, .label{
382 margin-right: @textmargin/2;
399 margin-right: @textmargin/2;
383 }
400 }
384 }
401 }
385
402
386 .radios{
403 .radios{
387 label{
404 label{
388 margin-right: @textmargin;
405 margin-right: @textmargin;
389 }
406 }
390 }
407 }
391 }
408 }
392
409
Show file before | Show file after | Hide comments
@@ -1,2466 +1,2466 b''
1 //Primary CSS
1 //Primary CSS
2
2
3 //--- IMPORTS ------------------//
3 //--- IMPORTS ------------------//
4
4
5 @import 'helpers';
5 @import 'helpers';
6 @import 'mixins';
6 @import 'mixins';
7 @import 'rcicons';
7 @import 'rcicons';
8 @import 'fonts';
8 @import 'fonts';
9 @import 'variables';
9 @import 'variables';
10 @import 'bootstrap-variables';
10 @import 'bootstrap-variables';
11 @import 'form-bootstrap';
11 @import 'form-bootstrap';
12 @import 'codemirror';
12 @import 'codemirror';
13 @import 'legacy_code_styles';
13 @import 'legacy_code_styles';
14 @import 'readme-box';
14 @import 'readme-box';
15 @import 'progress-bar';
15 @import 'progress-bar';
16
16
17 @import 'type';
17 @import 'type';
18 @import 'alerts';
18 @import 'alerts';
19 @import 'buttons';
19 @import 'buttons';
20 @import 'tags';
20 @import 'tags';
21 @import 'code-block';
21 @import 'code-block';
22 @import 'examples';
22 @import 'examples';
23 @import 'login';
23 @import 'login';
24 @import 'main-content';
24 @import 'main-content';
25 @import 'select2';
25 @import 'select2';
26 @import 'comments';
26 @import 'comments';
27 @import 'panels-bootstrap';
27 @import 'panels-bootstrap';
28 @import 'panels';
28 @import 'panels';
29 @import 'deform';
29 @import 'deform';
30
30
31 //--- BASE ------------------//
31 //--- BASE ------------------//
32 .noscript-error {
32 .noscript-error {
33 top: 0;
33 top: 0;
34 left: 0;
34 left: 0;
35 width: 100%;
35 width: 100%;
36 z-index: 101;
36 z-index: 101;
37 text-align: center;
37 text-align: center;
38 font-family: @text-semibold;
38 font-family: @text-semibold;
39 font-size: 120%;
39 font-size: 120%;
40 color: white;
40 color: white;
41 background-color: @alert2;
41 background-color: @alert2;
42 padding: 5px 0 5px 0;
42 padding: 5px 0 5px 0;
43 }
43 }
44
44
45 html {
45 html {
46 display: table;
46 display: table;
47 height: 100%;
47 height: 100%;
48 width: 100%;
48 width: 100%;
49 }
49 }
50
50
51 body {
51 body {
52 display: table-cell;
52 display: table-cell;
53 width: 100%;
53 width: 100%;
54 }
54 }
55
55
56 //--- LAYOUT ------------------//
56 //--- LAYOUT ------------------//
57
57
58 .hidden{
58 .hidden{
59 display: none !important;
59 display: none !important;
60 }
60 }
61
61
62 .box{
62 .box{
63 float: left;
63 float: left;
64 width: 100%;
64 width: 100%;
65 }
65 }
66
66
67 .browser-header {
67 .browser-header {
68 clear: both;
68 clear: both;
69 }
69 }
70 .main {
70 .main {
71 clear: both;
71 clear: both;
72 padding:0 0 @pagepadding;
72 padding:0 0 @pagepadding;
73 height: auto;
73 height: auto;
74
74
75 &:after { //clearfix
75 &:after { //clearfix
76 content:"";
76 content:"";
77 clear:both;
77 clear:both;
78 width:100%;
78 width:100%;
79 display:block;
79 display:block;
80 }
80 }
81 }
81 }
82
82
83 .action-link{
83 .action-link{
84 margin-left: @padding;
84 margin-left: @padding;
85 padding-left: @padding;
85 padding-left: @padding;
86 border-left: @border-thickness solid @border-default-color;
86 border-left: @border-thickness solid @border-default-color;
87 }
87 }
88
88
89 input + .action-link, .action-link.first{
89 input + .action-link, .action-link.first{
90 border-left: none;
90 border-left: none;
91 }
91 }
92
92
93 .action-link.last{
93 .action-link.last{
94 margin-right: @padding;
94 margin-right: @padding;
95 padding-right: @padding;
95 padding-right: @padding;
96 }
96 }
97
97
98 .action-link.active,
98 .action-link.active,
99 .action-link.active a{
99 .action-link.active a{
100 color: @grey4;
100 color: @grey4;
101 }
101 }
102
102
103 .action-link.disabled {
103 .action-link.disabled {
104 color: @grey4;
104 color: @grey4;
105 cursor: inherit;
105 cursor: inherit;
106 }
106 }
107
107
108 .clipboard-action {
108 .clipboard-action {
109 cursor: pointer;
109 cursor: pointer;
110 }
110 }
111
111
112 ul.simple-list{
112 ul.simple-list{
113 list-style: none;
113 list-style: none;
114 margin: 0;
114 margin: 0;
115 padding: 0;
115 padding: 0;
116 }
116 }
117
117
118 .main-content {
118 .main-content {
119 padding-bottom: @pagepadding;
119 padding-bottom: @pagepadding;
120 }
120 }
121
121
122 .wide-mode-wrapper {
122 .wide-mode-wrapper {
123 max-width:4000px !important;
123 max-width:4000px !important;
124 }
124 }
125
125
126 .wrapper {
126 .wrapper {
127 position: relative;
127 position: relative;
128 max-width: @wrapper-maxwidth;
128 max-width: @wrapper-maxwidth;
129 margin: 0 auto;
129 margin: 0 auto;
130 }
130 }
131
131
132 #content {
132 #content {
133 clear: both;
133 clear: both;
134 padding: 0 @contentpadding;
134 padding: 0 @contentpadding;
135 }
135 }
136
136
137 .advanced-settings-fields{
137 .advanced-settings-fields{
138 input{
138 input{
139 margin-left: @textmargin;
139 margin-left: @textmargin;
140 margin-right: @padding/2;
140 margin-right: @padding/2;
141 }
141 }
142 }
142 }
143
143
144 .cs_files_title {
144 .cs_files_title {
145 margin: @pagepadding 0 0;
145 margin: @pagepadding 0 0;
146 }
146 }
147
147
148 input.inline[type="file"] {
148 input.inline[type="file"] {
149 display: inline;
149 display: inline;
150 }
150 }
151
151
152 .error_page {
152 .error_page {
153 margin: 10% auto;
153 margin: 10% auto;
154
154
155 h1 {
155 h1 {
156 color: @grey2;
156 color: @grey2;
157 }
157 }
158
158
159 .alert {
159 .alert {
160 margin: @padding 0;
160 margin: @padding 0;
161 }
161 }
162
162
163 .error-branding {
163 .error-branding {
164 font-family: @text-semibold;
164 font-family: @text-semibold;
165 color: @grey4;
165 color: @grey4;
166 }
166 }
167
167
168 .error_message {
168 .error_message {
169 font-family: @text-regular;
169 font-family: @text-regular;
170 }
170 }
171
171
172 .sidebar {
172 .sidebar {
173 min-height: 275px;
173 min-height: 275px;
174 margin: 0;
174 margin: 0;
175 padding: 0 0 @sidebarpadding @sidebarpadding;
175 padding: 0 0 @sidebarpadding @sidebarpadding;
176 border: none;
176 border: none;
177 }
177 }
178
178
179 .main-content {
179 .main-content {
180 position: relative;
180 position: relative;
181 margin: 0 @sidebarpadding @sidebarpadding;
181 margin: 0 @sidebarpadding @sidebarpadding;
182 padding: 0 0 0 @sidebarpadding;
182 padding: 0 0 0 @sidebarpadding;
183 border-left: @border-thickness solid @grey5;
183 border-left: @border-thickness solid @grey5;
184
184
185 @media (max-width:767px) {
185 @media (max-width:767px) {
186 clear: both;
186 clear: both;
187 width: 100%;
187 width: 100%;
188 margin: 0;
188 margin: 0;
189 border: none;
189 border: none;
190 }
190 }
191 }
191 }
192
192
193 .inner-column {
193 .inner-column {
194 float: left;
194 float: left;
195 width: 29.75%;
195 width: 29.75%;
196 min-height: 150px;
196 min-height: 150px;
197 margin: @sidebarpadding 2% 0 0;
197 margin: @sidebarpadding 2% 0 0;
198 padding: 0 2% 0 0;
198 padding: 0 2% 0 0;
199 border-right: @border-thickness solid @grey5;
199 border-right: @border-thickness solid @grey5;
200
200
201 @media (max-width:767px) {
201 @media (max-width:767px) {
202 clear: both;
202 clear: both;
203 width: 100%;
203 width: 100%;
204 border: none;
204 border: none;
205 }
205 }
206
206
207 ul {
207 ul {
208 padding-left: 1.25em;
208 padding-left: 1.25em;
209 }
209 }
210
210
211 &:last-child {
211 &:last-child {
212 margin: @sidebarpadding 0 0;
212 margin: @sidebarpadding 0 0;
213 border: none;
213 border: none;
214 }
214 }
215
215
216 h4 {
216 h4 {
217 margin: 0 0 @padding;
217 margin: 0 0 @padding;
218 font-family: @text-semibold;
218 font-family: @text-semibold;
219 }
219 }
220 }
220 }
221 }
221 }
222 .error-page-logo {
222 .error-page-logo {
223 width: 130px;
223 width: 130px;
224 height: 160px;
224 height: 160px;
225 }
225 }
226
226
227 // HEADER
227 // HEADER
228 .header {
228 .header {
229
229
230 // TODO: johbo: Fix login pages, so that they work without a min-height
230 // TODO: johbo: Fix login pages, so that they work without a min-height
231 // for the header and then remove the min-height. I chose a smaller value
231 // for the header and then remove the min-height. I chose a smaller value
232 // intentionally here to avoid rendering issues in the main navigation.
232 // intentionally here to avoid rendering issues in the main navigation.
233 min-height: 49px;
233 min-height: 49px;
234
234
235 position: relative;
235 position: relative;
236 vertical-align: bottom;
236 vertical-align: bottom;
237 padding: 0 @header-padding;
237 padding: 0 @header-padding;
238 background-color: @grey2;
238 background-color: @grey2;
239 color: @grey5;
239 color: @grey5;
240
240
241 .title {
241 .title {
242 overflow: visible;
242 overflow: visible;
243 }
243 }
244
244
245 &:before,
245 &:before,
246 &:after {
246 &:after {
247 content: "";
247 content: "";
248 clear: both;
248 clear: both;
249 width: 100%;
249 width: 100%;
250 }
250 }
251
251
252 // TODO: johbo: Avoids breaking "Repositories" chooser
252 // TODO: johbo: Avoids breaking "Repositories" chooser
253 .select2-container .select2-choice .select2-arrow {
253 .select2-container .select2-choice .select2-arrow {
254 display: none;
254 display: none;
255 }
255 }
256 }
256 }
257
257
258 #header-inner {
258 #header-inner {
259 &.title {
259 &.title {
260 margin: 0;
260 margin: 0;
261 }
261 }
262 &:before,
262 &:before,
263 &:after {
263 &:after {
264 content: "";
264 content: "";
265 clear: both;
265 clear: both;
266 }
266 }
267 }
267 }
268
268
269 // Gists
269 // Gists
270 #files_data {
270 #files_data {
271 clear: both; //for firefox
271 clear: both; //for firefox
272 }
272 }
273 #gistid {
273 #gistid {
274 margin-right: @padding;
274 margin-right: @padding;
275 }
275 }
276
276
277 // Global Settings Editor
277 // Global Settings Editor
278 .textarea.editor {
278 .textarea.editor {
279 float: left;
279 float: left;
280 position: relative;
280 position: relative;
281 max-width: @texteditor-width;
281 max-width: @texteditor-width;
282
282
283 select {
283 select {
284 position: absolute;
284 position: absolute;
285 top:10px;
285 top:10px;
286 right:0;
286 right:0;
287 }
287 }
288
288
289 .CodeMirror {
289 .CodeMirror {
290 margin: 0;
290 margin: 0;
291 }
291 }
292
292
293 .help-block {
293 .help-block {
294 margin: 0 0 @padding;
294 margin: 0 0 @padding;
295 padding:.5em;
295 padding:.5em;
296 background-color: @grey6;
296 background-color: @grey6;
297 &.pre-formatting {
297 &.pre-formatting {
298 white-space: pre;
298 white-space: pre;
299 }
299 }
300 }
300 }
301 }
301 }
302
302
303 ul.auth_plugins {
303 ul.auth_plugins {
304 margin: @padding 0 @padding @legend-width;
304 margin: @padding 0 @padding @legend-width;
305 padding: 0;
305 padding: 0;
306
306
307 li {
307 li {
308 margin-bottom: @padding;
308 margin-bottom: @padding;
309 line-height: 1em;
309 line-height: 1em;
310 list-style-type: none;
310 list-style-type: none;
311
311
312 .auth_buttons .btn {
312 .auth_buttons .btn {
313 margin-right: @padding;
313 margin-right: @padding;
314 }
314 }
315
315
316 &:before { content: none; }
316 &:before { content: none; }
317 }
317 }
318 }
318 }
319
319
320
320
321 // My Account PR list
321 // My Account PR list
322
322
323 #show_closed {
323 #show_closed {
324 margin: 0 1em 0 0;
324 margin: 0 1em 0 0;
325 }
325 }
326
326
327 .pullrequestlist {
327 .pullrequestlist {
328 .closed {
328 .closed {
329 background-color: @grey6;
329 background-color: @grey6;
330 }
330 }
331 .td-status {
331 .td-status {
332 padding-left: .5em;
332 padding-left: .5em;
333 }
333 }
334 .log-container .truncate {
334 .log-container .truncate {
335 height: 2.75em;
335 height: 2.75em;
336 white-space: pre-line;
336 white-space: pre-line;
337 }
337 }
338 table.rctable .user {
338 table.rctable .user {
339 padding-left: 0;
339 padding-left: 0;
340 }
340 }
341 table.rctable {
341 table.rctable {
342 td.td-description,
342 td.td-description,
343 .rc-user {
343 .rc-user {
344 min-width: auto;
344 min-width: auto;
345 }
345 }
346 }
346 }
347 }
347 }
348
348
349 // Pull Requests
349 // Pull Requests
350
350
351 .pullrequests_section_head {
351 .pullrequests_section_head {
352 display: block;
352 display: block;
353 clear: both;
353 clear: both;
354 margin: @padding 0;
354 margin: @padding 0;
355 font-family: @text-bold;
355 font-family: @text-bold;
356 }
356 }
357
357
358 .pr-origininfo, .pr-targetinfo {
358 .pr-origininfo, .pr-targetinfo {
359 position: relative;
359 position: relative;
360
360
361 .tag {
361 .tag {
362 display: inline-block;
362 display: inline-block;
363 margin: 0 1em .5em 0;
363 margin: 0 1em .5em 0;
364 }
364 }
365
365
366 .clone-url {
366 .clone-url {
367 display: inline-block;
367 display: inline-block;
368 margin: 0 0 .5em 0;
368 margin: 0 0 .5em 0;
369 padding: 0;
369 padding: 0;
370 line-height: 1.2em;
370 line-height: 1.2em;
371 }
371 }
372 }
372 }
373
373
374 .pr-mergeinfo {
374 .pr-mergeinfo {
375 min-width: 95% !important;
375 min-width: 95% !important;
376 padding: 0 !important;
376 padding: 0 !important;
377 border: 0;
377 border: 0;
378 }
378 }
379 .pr-mergeinfo-copy {
379 .pr-mergeinfo-copy {
380 padding: 0 0;
380 padding: 0 0;
381 }
381 }
382
382
383 .pr-pullinfo {
383 .pr-pullinfo {
384 min-width: 95% !important;
384 min-width: 95% !important;
385 padding: 0 !important;
385 padding: 0 !important;
386 border: 0;
386 border: 0;
387 }
387 }
388 .pr-pullinfo-copy {
388 .pr-pullinfo-copy {
389 padding: 0 0;
389 padding: 0 0;
390 }
390 }
391
391
392
392
393 #pr-title-input {
393 #pr-title-input {
394 width: 72%;
394 width: 72%;
395 font-size: 1em;
395 font-size: 1em;
396 font-family: @text-bold;
396 font-family: @text-bold;
397 margin: 0;
397 margin: 0;
398 padding: 0 0 0 @padding/4;
398 padding: 0 0 0 @padding/4;
399 line-height: 1.7em;
399 line-height: 1.7em;
400 color: @text-color;
400 color: @text-color;
401 letter-spacing: .02em;
401 letter-spacing: .02em;
402 }
402 }
403
403
404 #pullrequest_title {
404 #pullrequest_title {
405 width: 100%;
405 width: 100%;
406 box-sizing: border-box;
406 box-sizing: border-box;
407 }
407 }
408
408
409 #pr_open_message {
409 #pr_open_message {
410 border: @border-thickness solid #fff;
410 border: @border-thickness solid #fff;
411 border-radius: @border-radius;
411 border-radius: @border-radius;
412 padding: @padding-large-vertical @padding-large-vertical @padding-large-vertical 0;
412 padding: @padding-large-vertical @padding-large-vertical @padding-large-vertical 0;
413 text-align: left;
413 text-align: left;
414 overflow: hidden;
414 overflow: hidden;
415 }
415 }
416
416
417 .pr-submit-button {
417 .pr-submit-button {
418 float: right;
418 float: right;
419 margin: 0 0 0 5px;
419 margin: 0 0 0 5px;
420 }
420 }
421
421
422 .pr-spacing-container {
422 .pr-spacing-container {
423 padding: 20px;
423 padding: 20px;
424 clear: both
424 clear: both
425 }
425 }
426
426
427 #pr-description-input {
427 #pr-description-input {
428 margin-bottom: 0;
428 margin-bottom: 0;
429 }
429 }
430
430
431 .pr-description-label {
431 .pr-description-label {
432 vertical-align: top;
432 vertical-align: top;
433 }
433 }
434
434
435 .perms_section_head {
435 .perms_section_head {
436 min-width: 625px;
436 min-width: 625px;
437
437
438 h2 {
438 h2 {
439 margin-bottom: 0;
439 margin-bottom: 0;
440 }
440 }
441
441
442 .label-checkbox {
442 .label-checkbox {
443 float: left;
443 float: left;
444 }
444 }
445
445
446 &.field {
446 &.field {
447 margin: @space 0 @padding;
447 margin: @space 0 @padding;
448 }
448 }
449
449
450 &:first-child.field {
450 &:first-child.field {
451 margin-top: 0;
451 margin-top: 0;
452
452
453 .label {
453 .label {
454 margin-top: 0;
454 margin-top: 0;
455 padding-top: 0;
455 padding-top: 0;
456 }
456 }
457
457
458 .radios {
458 .radios {
459 padding-top: 0;
459 padding-top: 0;
460 }
460 }
461 }
461 }
462
462
463 .radios {
463 .radios {
464 position: relative;
464 position: relative;
465 width: 405px;
465 width: 505px;
466 }
466 }
467 }
467 }
468
468
469 //--- MODULES ------------------//
469 //--- MODULES ------------------//
470
470
471
471
472 // Server Announcement
472 // Server Announcement
473 #server-announcement {
473 #server-announcement {
474 width: 95%;
474 width: 95%;
475 margin: @padding auto;
475 margin: @padding auto;
476 padding: @padding;
476 padding: @padding;
477 border-width: 2px;
477 border-width: 2px;
478 border-style: solid;
478 border-style: solid;
479 .border-radius(2px);
479 .border-radius(2px);
480 font-family: @text-bold;
480 font-family: @text-bold;
481
481
482 &.info { border-color: @alert4; background-color: @alert4-inner; }
482 &.info { border-color: @alert4; background-color: @alert4-inner; }
483 &.warning { border-color: @alert3; background-color: @alert3-inner; }
483 &.warning { border-color: @alert3; background-color: @alert3-inner; }
484 &.error { border-color: @alert2; background-color: @alert2-inner; }
484 &.error { border-color: @alert2; background-color: @alert2-inner; }
485 &.success { border-color: @alert1; background-color: @alert1-inner; }
485 &.success { border-color: @alert1; background-color: @alert1-inner; }
486 &.neutral { border-color: @grey3; background-color: @grey6; }
486 &.neutral { border-color: @grey3; background-color: @grey6; }
487 }
487 }
488
488
489 // Fixed Sidebar Column
489 // Fixed Sidebar Column
490 .sidebar-col-wrapper {
490 .sidebar-col-wrapper {
491 padding-left: @sidebar-all-width;
491 padding-left: @sidebar-all-width;
492
492
493 .sidebar {
493 .sidebar {
494 width: @sidebar-width;
494 width: @sidebar-width;
495 margin-left: -@sidebar-all-width;
495 margin-left: -@sidebar-all-width;
496 }
496 }
497 }
497 }
498
498
499 .sidebar-col-wrapper.scw-small {
499 .sidebar-col-wrapper.scw-small {
500 padding-left: @sidebar-small-all-width;
500 padding-left: @sidebar-small-all-width;
501
501
502 .sidebar {
502 .sidebar {
503 width: @sidebar-small-width;
503 width: @sidebar-small-width;
504 margin-left: -@sidebar-small-all-width;
504 margin-left: -@sidebar-small-all-width;
505 }
505 }
506 }
506 }
507
507
508
508
509 // FOOTER
509 // FOOTER
510 #footer {
510 #footer {
511 padding: 0;
511 padding: 0;
512 text-align: center;
512 text-align: center;
513 vertical-align: middle;
513 vertical-align: middle;
514 color: @grey2;
514 color: @grey2;
515 background-color: @grey6;
515 background-color: @grey6;
516
516
517 p {
517 p {
518 margin: 0;
518 margin: 0;
519 padding: 1em;
519 padding: 1em;
520 line-height: 1em;
520 line-height: 1em;
521 }
521 }
522
522
523 .server-instance { //server instance
523 .server-instance { //server instance
524 display: none;
524 display: none;
525 }
525 }
526
526
527 .title {
527 .title {
528 float: none;
528 float: none;
529 margin: 0 auto;
529 margin: 0 auto;
530 }
530 }
531 }
531 }
532
532
533 button.close {
533 button.close {
534 padding: 0;
534 padding: 0;
535 cursor: pointer;
535 cursor: pointer;
536 background: transparent;
536 background: transparent;
537 border: 0;
537 border: 0;
538 .box-shadow(none);
538 .box-shadow(none);
539 -webkit-appearance: none;
539 -webkit-appearance: none;
540 }
540 }
541
541
542 .close {
542 .close {
543 float: right;
543 float: right;
544 font-size: 21px;
544 font-size: 21px;
545 font-family: @text-bootstrap;
545 font-family: @text-bootstrap;
546 line-height: 1em;
546 line-height: 1em;
547 font-weight: bold;
547 font-weight: bold;
548 color: @grey2;
548 color: @grey2;
549
549
550 &:hover,
550 &:hover,
551 &:focus {
551 &:focus {
552 color: @grey1;
552 color: @grey1;
553 text-decoration: none;
553 text-decoration: none;
554 cursor: pointer;
554 cursor: pointer;
555 }
555 }
556 }
556 }
557
557
558 // GRID
558 // GRID
559 .sorting,
559 .sorting,
560 .sorting_desc,
560 .sorting_desc,
561 .sorting_asc {
561 .sorting_asc {
562 cursor: pointer;
562 cursor: pointer;
563 }
563 }
564 .sorting_desc:after {
564 .sorting_desc:after {
565 content: "\00A0\25B2";
565 content: "\00A0\25B2";
566 font-size: .75em;
566 font-size: .75em;
567 }
567 }
568 .sorting_asc:after {
568 .sorting_asc:after {
569 content: "\00A0\25BC";
569 content: "\00A0\25BC";
570 font-size: .68em;
570 font-size: .68em;
571 }
571 }
572
572
573
573
574 .user_auth_tokens {
574 .user_auth_tokens {
575
575
576 &.truncate {
576 &.truncate {
577 white-space: nowrap;
577 white-space: nowrap;
578 overflow: hidden;
578 overflow: hidden;
579 text-overflow: ellipsis;
579 text-overflow: ellipsis;
580 }
580 }
581
581
582 .fields .field .input {
582 .fields .field .input {
583 margin: 0;
583 margin: 0;
584 }
584 }
585
585
586 input#description {
586 input#description {
587 width: 100px;
587 width: 100px;
588 margin: 0;
588 margin: 0;
589 }
589 }
590
590
591 .drop-menu {
591 .drop-menu {
592 // TODO: johbo: Remove this, should work out of the box when
592 // TODO: johbo: Remove this, should work out of the box when
593 // having multiple inputs inline
593 // having multiple inputs inline
594 margin: 0 0 0 5px;
594 margin: 0 0 0 5px;
595 }
595 }
596 }
596 }
597 #user_list_table {
597 #user_list_table {
598 .closed {
598 .closed {
599 background-color: @grey6;
599 background-color: @grey6;
600 }
600 }
601 }
601 }
602
602
603
603
604 input {
604 input {
605 &.disabled {
605 &.disabled {
606 opacity: .5;
606 opacity: .5;
607 }
607 }
608 }
608 }
609
609
610 // remove extra padding in firefox
610 // remove extra padding in firefox
611 input::-moz-focus-inner { border:0; padding:0 }
611 input::-moz-focus-inner { border:0; padding:0 }
612
612
613 .adjacent input {
613 .adjacent input {
614 margin-bottom: @padding;
614 margin-bottom: @padding;
615 }
615 }
616
616
617 .permissions_boxes {
617 .permissions_boxes {
618 display: block;
618 display: block;
619 }
619 }
620
620
621 //TODO: lisa: this should be in tables
621 //TODO: lisa: this should be in tables
622 .show_more_col {
622 .show_more_col {
623 width: 20px;
623 width: 20px;
624 }
624 }
625
625
626 //FORMS
626 //FORMS
627
627
628 .medium-inline,
628 .medium-inline,
629 input#description.medium-inline {
629 input#description.medium-inline {
630 display: inline;
630 display: inline;
631 width: @medium-inline-input-width;
631 width: @medium-inline-input-width;
632 min-width: 100px;
632 min-width: 100px;
633 }
633 }
634
634
635 select {
635 select {
636 //reset
636 //reset
637 -webkit-appearance: none;
637 -webkit-appearance: none;
638 -moz-appearance: none;
638 -moz-appearance: none;
639
639
640 display: inline-block;
640 display: inline-block;
641 height: 28px;
641 height: 28px;
642 width: auto;
642 width: auto;
643 margin: 0 @padding @padding 0;
643 margin: 0 @padding @padding 0;
644 padding: 0 18px 0 8px;
644 padding: 0 18px 0 8px;
645 line-height:1em;
645 line-height:1em;
646 font-size: @basefontsize;
646 font-size: @basefontsize;
647 border: @border-thickness solid @rcblue;
647 border: @border-thickness solid @rcblue;
648 background:white url("../images/dt-arrow-dn.png") no-repeat 100% 50%;
648 background:white url("../images/dt-arrow-dn.png") no-repeat 100% 50%;
649 color: @rcblue;
649 color: @rcblue;
650
650
651 &:after {
651 &:after {
652 content: "\00A0\25BE";
652 content: "\00A0\25BE";
653 }
653 }
654
654
655 &:focus {
655 &:focus {
656 outline: none;
656 outline: none;
657 }
657 }
658 }
658 }
659
659
660 option {
660 option {
661 &:focus {
661 &:focus {
662 outline: none;
662 outline: none;
663 }
663 }
664 }
664 }
665
665
666 input,
666 input,
667 textarea {
667 textarea {
668 padding: @input-padding;
668 padding: @input-padding;
669 border: @input-border-thickness solid @border-highlight-color;
669 border: @input-border-thickness solid @border-highlight-color;
670 .border-radius (@border-radius);
670 .border-radius (@border-radius);
671 font-family: @text-light;
671 font-family: @text-light;
672 font-size: @basefontsize;
672 font-size: @basefontsize;
673
673
674 &.input-sm {
674 &.input-sm {
675 padding: 5px;
675 padding: 5px;
676 }
676 }
677
677
678 &#description {
678 &#description {
679 min-width: @input-description-minwidth;
679 min-width: @input-description-minwidth;
680 min-height: 1em;
680 min-height: 1em;
681 padding: 10px;
681 padding: 10px;
682 }
682 }
683 }
683 }
684
684
685 .field-sm {
685 .field-sm {
686 input,
686 input,
687 textarea {
687 textarea {
688 padding: 5px;
688 padding: 5px;
689 }
689 }
690 }
690 }
691
691
692 textarea {
692 textarea {
693 display: block;
693 display: block;
694 clear: both;
694 clear: both;
695 width: 100%;
695 width: 100%;
696 min-height: 100px;
696 min-height: 100px;
697 margin-bottom: @padding;
697 margin-bottom: @padding;
698 .box-sizing(border-box);
698 .box-sizing(border-box);
699 overflow: auto;
699 overflow: auto;
700 }
700 }
701
701
702 label {
702 label {
703 font-family: @text-light;
703 font-family: @text-light;
704 }
704 }
705
705
706 // GRAVATARS
706 // GRAVATARS
707 // centers gravatar on username to the right
707 // centers gravatar on username to the right
708
708
709 .gravatar {
709 .gravatar {
710 display: inline;
710 display: inline;
711 min-width: 16px;
711 min-width: 16px;
712 min-height: 16px;
712 min-height: 16px;
713 margin: -5px 0;
713 margin: -5px 0;
714 padding: 0;
714 padding: 0;
715 line-height: 1em;
715 line-height: 1em;
716 border: 1px solid @grey4;
716 border: 1px solid @grey4;
717 box-sizing: content-box;
717 box-sizing: content-box;
718
718
719 &.gravatar-large {
719 &.gravatar-large {
720 margin: -0.5em .25em -0.5em 0;
720 margin: -0.5em .25em -0.5em 0;
721 }
721 }
722
722
723 & + .user {
723 & + .user {
724 display: inline;
724 display: inline;
725 margin: 0;
725 margin: 0;
726 padding: 0 0 0 .17em;
726 padding: 0 0 0 .17em;
727 line-height: 1em;
727 line-height: 1em;
728 }
728 }
729 }
729 }
730
730
731 .user-inline-data {
731 .user-inline-data {
732 display: inline-block;
732 display: inline-block;
733 float: left;
733 float: left;
734 padding-left: .5em;
734 padding-left: .5em;
735 line-height: 1.3em;
735 line-height: 1.3em;
736 }
736 }
737
737
738 .rc-user { // gravatar + user wrapper
738 .rc-user { // gravatar + user wrapper
739 float: left;
739 float: left;
740 position: relative;
740 position: relative;
741 min-width: 100px;
741 min-width: 100px;
742 max-width: 200px;
742 max-width: 200px;
743 min-height: (@gravatar-size + @border-thickness * 2); // account for border
743 min-height: (@gravatar-size + @border-thickness * 2); // account for border
744 display: block;
744 display: block;
745 padding: 0 0 0 (@gravatar-size + @basefontsize/2 + @border-thickness * 2);
745 padding: 0 0 0 (@gravatar-size + @basefontsize/2 + @border-thickness * 2);
746
746
747
747
748 .gravatar {
748 .gravatar {
749 display: block;
749 display: block;
750 position: absolute;
750 position: absolute;
751 top: 0;
751 top: 0;
752 left: 0;
752 left: 0;
753 min-width: @gravatar-size;
753 min-width: @gravatar-size;
754 min-height: @gravatar-size;
754 min-height: @gravatar-size;
755 margin: 0;
755 margin: 0;
756 }
756 }
757
757
758 .user {
758 .user {
759 display: block;
759 display: block;
760 max-width: 175px;
760 max-width: 175px;
761 padding-top: 2px;
761 padding-top: 2px;
762 overflow: hidden;
762 overflow: hidden;
763 text-overflow: ellipsis;
763 text-overflow: ellipsis;
764 }
764 }
765 }
765 }
766
766
767 .gist-gravatar,
767 .gist-gravatar,
768 .journal_container {
768 .journal_container {
769 .gravatar-large {
769 .gravatar-large {
770 margin: 0 .5em -10px 0;
770 margin: 0 .5em -10px 0;
771 }
771 }
772 }
772 }
773
773
774
774
775 // ADMIN SETTINGS
775 // ADMIN SETTINGS
776
776
777 // Tag Patterns
777 // Tag Patterns
778 .tag_patterns {
778 .tag_patterns {
779 .tag_input {
779 .tag_input {
780 margin-bottom: @padding;
780 margin-bottom: @padding;
781 }
781 }
782 }
782 }
783
783
784 .locked_input {
784 .locked_input {
785 position: relative;
785 position: relative;
786
786
787 input {
787 input {
788 display: inline;
788 display: inline;
789 margin: 3px 5px 0px 0px;
789 margin: 3px 5px 0px 0px;
790 }
790 }
791
791
792 br {
792 br {
793 display: none;
793 display: none;
794 }
794 }
795
795
796 .error-message {
796 .error-message {
797 float: left;
797 float: left;
798 width: 100%;
798 width: 100%;
799 }
799 }
800
800
801 .lock_input_button {
801 .lock_input_button {
802 display: inline;
802 display: inline;
803 }
803 }
804
804
805 .help-block {
805 .help-block {
806 clear: both;
806 clear: both;
807 }
807 }
808 }
808 }
809
809
810 // Notifications
810 // Notifications
811
811
812 .notifications_buttons {
812 .notifications_buttons {
813 margin: 0 0 @space 0;
813 margin: 0 0 @space 0;
814 padding: 0;
814 padding: 0;
815
815
816 .btn {
816 .btn {
817 display: inline-block;
817 display: inline-block;
818 }
818 }
819 }
819 }
820
820
821 .notification-list {
821 .notification-list {
822
822
823 div {
823 div {
824 display: inline-block;
824 display: inline-block;
825 vertical-align: middle;
825 vertical-align: middle;
826 }
826 }
827
827
828 .container {
828 .container {
829 display: block;
829 display: block;
830 margin: 0 0 @padding 0;
830 margin: 0 0 @padding 0;
831 }
831 }
832
832
833 .delete-notifications {
833 .delete-notifications {
834 margin-left: @padding;
834 margin-left: @padding;
835 text-align: right;
835 text-align: right;
836 cursor: pointer;
836 cursor: pointer;
837 }
837 }
838
838
839 .read-notifications {
839 .read-notifications {
840 margin-left: @padding/2;
840 margin-left: @padding/2;
841 text-align: right;
841 text-align: right;
842 width: 35px;
842 width: 35px;
843 cursor: pointer;
843 cursor: pointer;
844 }
844 }
845
845
846 .icon-minus-sign {
846 .icon-minus-sign {
847 color: @alert2;
847 color: @alert2;
848 }
848 }
849
849
850 .icon-ok-sign {
850 .icon-ok-sign {
851 color: @alert1;
851 color: @alert1;
852 }
852 }
853 }
853 }
854
854
855 .user_settings {
855 .user_settings {
856 float: left;
856 float: left;
857 clear: both;
857 clear: both;
858 display: block;
858 display: block;
859 width: 100%;
859 width: 100%;
860
860
861 .gravatar_box {
861 .gravatar_box {
862 margin-bottom: @padding;
862 margin-bottom: @padding;
863
863
864 &:after {
864 &:after {
865 content: " ";
865 content: " ";
866 clear: both;
866 clear: both;
867 width: 100%;
867 width: 100%;
868 }
868 }
869 }
869 }
870
870
871 .fields .field {
871 .fields .field {
872 clear: both;
872 clear: both;
873 }
873 }
874 }
874 }
875
875
876 .advanced_settings {
876 .advanced_settings {
877 margin-bottom: @space;
877 margin-bottom: @space;
878
878
879 .help-block {
879 .help-block {
880 margin-left: 0;
880 margin-left: 0;
881 }
881 }
882
882
883 button + .help-block {
883 button + .help-block {
884 margin-top: @padding;
884 margin-top: @padding;
885 }
885 }
886 }
886 }
887
887
888 // admin settings radio buttons and labels
888 // admin settings radio buttons and labels
889 .label-2 {
889 .label-2 {
890 float: left;
890 float: left;
891 width: @label2-width;
891 width: @label2-width;
892
892
893 label {
893 label {
894 color: @grey1;
894 color: @grey1;
895 }
895 }
896 }
896 }
897 .checkboxes {
897 .checkboxes {
898 float: left;
898 float: left;
899 width: @checkboxes-width;
899 width: @checkboxes-width;
900 margin-bottom: @padding;
900 margin-bottom: @padding;
901
901
902 .checkbox {
902 .checkbox {
903 width: 100%;
903 width: 100%;
904
904
905 label {
905 label {
906 margin: 0;
906 margin: 0;
907 padding: 0;
907 padding: 0;
908 }
908 }
909 }
909 }
910
910
911 .checkbox + .checkbox {
911 .checkbox + .checkbox {
912 display: inline-block;
912 display: inline-block;
913 }
913 }
914
914
915 label {
915 label {
916 margin-right: 1em;
916 margin-right: 1em;
917 }
917 }
918 }
918 }
919
919
920 // CHANGELOG
920 // CHANGELOG
921 .container_header {
921 .container_header {
922 float: left;
922 float: left;
923 display: block;
923 display: block;
924 width: 100%;
924 width: 100%;
925 margin: @padding 0 @padding;
925 margin: @padding 0 @padding;
926
926
927 #filter_changelog {
927 #filter_changelog {
928 float: left;
928 float: left;
929 margin-right: @padding;
929 margin-right: @padding;
930 }
930 }
931
931
932 .breadcrumbs_light {
932 .breadcrumbs_light {
933 display: inline-block;
933 display: inline-block;
934 }
934 }
935 }
935 }
936
936
937 .info_box {
937 .info_box {
938 float: right;
938 float: right;
939 }
939 }
940
940
941
941
942 #graph_nodes {
942 #graph_nodes {
943 padding-top: 43px;
943 padding-top: 43px;
944 }
944 }
945
945
946 #graph_content{
946 #graph_content{
947
947
948 // adjust for table headers so that graph renders properly
948 // adjust for table headers so that graph renders properly
949 // #graph_nodes padding - table cell padding
949 // #graph_nodes padding - table cell padding
950 padding-top: (@space - (@basefontsize * 2.4));
950 padding-top: (@space - (@basefontsize * 2.4));
951
951
952 &.graph_full_width {
952 &.graph_full_width {
953 width: 100%;
953 width: 100%;
954 max-width: 100%;
954 max-width: 100%;
955 }
955 }
956 }
956 }
957
957
958 #graph {
958 #graph {
959 .flag_status {
959 .flag_status {
960 margin: 0;
960 margin: 0;
961 }
961 }
962
962
963 .pagination-left {
963 .pagination-left {
964 float: left;
964 float: left;
965 clear: both;
965 clear: both;
966 }
966 }
967
967
968 .log-container {
968 .log-container {
969 max-width: 345px;
969 max-width: 345px;
970
970
971 .message{
971 .message{
972 max-width: 340px;
972 max-width: 340px;
973 }
973 }
974 }
974 }
975
975
976 .graph-col-wrapper {
976 .graph-col-wrapper {
977 padding-left: 110px;
977 padding-left: 110px;
978
978
979 #graph_nodes {
979 #graph_nodes {
980 width: 100px;
980 width: 100px;
981 margin-left: -110px;
981 margin-left: -110px;
982 float: left;
982 float: left;
983 clear: left;
983 clear: left;
984 }
984 }
985 }
985 }
986
986
987 .load-more-commits {
987 .load-more-commits {
988 text-align: center;
988 text-align: center;
989 }
989 }
990 .load-more-commits:hover {
990 .load-more-commits:hover {
991 background-color: @grey7;
991 background-color: @grey7;
992 }
992 }
993 .load-more-commits {
993 .load-more-commits {
994 a {
994 a {
995 display: block;
995 display: block;
996 }
996 }
997 }
997 }
998 }
998 }
999
999
1000 #filter_changelog {
1000 #filter_changelog {
1001 float: left;
1001 float: left;
1002 }
1002 }
1003
1003
1004
1004
1005 //--- THEME ------------------//
1005 //--- THEME ------------------//
1006
1006
1007 #logo {
1007 #logo {
1008 float: left;
1008 float: left;
1009 margin: 9px 0 0 0;
1009 margin: 9px 0 0 0;
1010
1010
1011 .header {
1011 .header {
1012 background-color: transparent;
1012 background-color: transparent;
1013 }
1013 }
1014
1014
1015 a {
1015 a {
1016 display: inline-block;
1016 display: inline-block;
1017 }
1017 }
1018
1018
1019 img {
1019 img {
1020 height:30px;
1020 height:30px;
1021 }
1021 }
1022 }
1022 }
1023
1023
1024 .logo-wrapper {
1024 .logo-wrapper {
1025 float:left;
1025 float:left;
1026 }
1026 }
1027
1027
1028 .branding{
1028 .branding{
1029 float: left;
1029 float: left;
1030 padding: 9px 2px;
1030 padding: 9px 2px;
1031 line-height: 1em;
1031 line-height: 1em;
1032 font-size: @navigation-fontsize;
1032 font-size: @navigation-fontsize;
1033 }
1033 }
1034
1034
1035 img {
1035 img {
1036 border: none;
1036 border: none;
1037 outline: none;
1037 outline: none;
1038 }
1038 }
1039 user-profile-header
1039 user-profile-header
1040 label {
1040 label {
1041
1041
1042 input[type="checkbox"] {
1042 input[type="checkbox"] {
1043 margin-right: 1em;
1043 margin-right: 1em;
1044 }
1044 }
1045 input[type="radio"] {
1045 input[type="radio"] {
1046 margin-right: 1em;
1046 margin-right: 1em;
1047 }
1047 }
1048 }
1048 }
1049
1049
1050 .flag_status {
1050 .flag_status {
1051 margin: 2px 8px 6px 2px;
1051 margin: 2px 8px 6px 2px;
1052 &.under_review {
1052 &.under_review {
1053 .circle(5px, @alert3);
1053 .circle(5px, @alert3);
1054 }
1054 }
1055 &.approved {
1055 &.approved {
1056 .circle(5px, @alert1);
1056 .circle(5px, @alert1);
1057 }
1057 }
1058 &.rejected,
1058 &.rejected,
1059 &.forced_closed{
1059 &.forced_closed{
1060 .circle(5px, @alert2);
1060 .circle(5px, @alert2);
1061 }
1061 }
1062 &.not_reviewed {
1062 &.not_reviewed {
1063 .circle(5px, @grey5);
1063 .circle(5px, @grey5);
1064 }
1064 }
1065 }
1065 }
1066
1066
1067 .flag_status_comment_box {
1067 .flag_status_comment_box {
1068 margin: 5px 6px 0px 2px;
1068 margin: 5px 6px 0px 2px;
1069 }
1069 }
1070 .test_pattern_preview {
1070 .test_pattern_preview {
1071 margin: @space 0;
1071 margin: @space 0;
1072
1072
1073 p {
1073 p {
1074 margin-bottom: 0;
1074 margin-bottom: 0;
1075 border-bottom: @border-thickness solid @border-default-color;
1075 border-bottom: @border-thickness solid @border-default-color;
1076 color: @grey3;
1076 color: @grey3;
1077 }
1077 }
1078
1078
1079 .btn {
1079 .btn {
1080 margin-bottom: @padding;
1080 margin-bottom: @padding;
1081 }
1081 }
1082 }
1082 }
1083 #test_pattern_result {
1083 #test_pattern_result {
1084 display: none;
1084 display: none;
1085 &:extend(pre);
1085 &:extend(pre);
1086 padding: .9em;
1086 padding: .9em;
1087 color: @grey3;
1087 color: @grey3;
1088 background-color: @grey7;
1088 background-color: @grey7;
1089 border-right: @border-thickness solid @border-default-color;
1089 border-right: @border-thickness solid @border-default-color;
1090 border-bottom: @border-thickness solid @border-default-color;
1090 border-bottom: @border-thickness solid @border-default-color;
1091 border-left: @border-thickness solid @border-default-color;
1091 border-left: @border-thickness solid @border-default-color;
1092 }
1092 }
1093
1093
1094 #repo_vcs_settings {
1094 #repo_vcs_settings {
1095 #inherit_overlay_vcs_default {
1095 #inherit_overlay_vcs_default {
1096 display: none;
1096 display: none;
1097 }
1097 }
1098 #inherit_overlay_vcs_custom {
1098 #inherit_overlay_vcs_custom {
1099 display: custom;
1099 display: custom;
1100 }
1100 }
1101 &.inherited {
1101 &.inherited {
1102 #inherit_overlay_vcs_default {
1102 #inherit_overlay_vcs_default {
1103 display: block;
1103 display: block;
1104 }
1104 }
1105 #inherit_overlay_vcs_custom {
1105 #inherit_overlay_vcs_custom {
1106 display: none;
1106 display: none;
1107 }
1107 }
1108 }
1108 }
1109 }
1109 }
1110
1110
1111 .issue-tracker-link {
1111 .issue-tracker-link {
1112 color: @rcblue;
1112 color: @rcblue;
1113 }
1113 }
1114
1114
1115 // Issue Tracker Table Show/Hide
1115 // Issue Tracker Table Show/Hide
1116 #repo_issue_tracker {
1116 #repo_issue_tracker {
1117 #inherit_overlay {
1117 #inherit_overlay {
1118 display: none;
1118 display: none;
1119 }
1119 }
1120 #custom_overlay {
1120 #custom_overlay {
1121 display: custom;
1121 display: custom;
1122 }
1122 }
1123 &.inherited {
1123 &.inherited {
1124 #inherit_overlay {
1124 #inherit_overlay {
1125 display: block;
1125 display: block;
1126 }
1126 }
1127 #custom_overlay {
1127 #custom_overlay {
1128 display: none;
1128 display: none;
1129 }
1129 }
1130 }
1130 }
1131 }
1131 }
1132 table.issuetracker {
1132 table.issuetracker {
1133 &.readonly {
1133 &.readonly {
1134 tr, td {
1134 tr, td {
1135 color: @grey3;
1135 color: @grey3;
1136 }
1136 }
1137 }
1137 }
1138 .edit {
1138 .edit {
1139 display: none;
1139 display: none;
1140 }
1140 }
1141 .editopen {
1141 .editopen {
1142 .edit {
1142 .edit {
1143 display: inline;
1143 display: inline;
1144 }
1144 }
1145 .entry {
1145 .entry {
1146 display: none;
1146 display: none;
1147 }
1147 }
1148 }
1148 }
1149 tr td.td-action {
1149 tr td.td-action {
1150 min-width: 117px;
1150 min-width: 117px;
1151 }
1151 }
1152 td input {
1152 td input {
1153 max-width: none;
1153 max-width: none;
1154 min-width: 30px;
1154 min-width: 30px;
1155 width: 80%;
1155 width: 80%;
1156 }
1156 }
1157 .issuetracker_pref input {
1157 .issuetracker_pref input {
1158 width: 40%;
1158 width: 40%;
1159 }
1159 }
1160 input.edit_issuetracker_update {
1160 input.edit_issuetracker_update {
1161 margin-right: 0;
1161 margin-right: 0;
1162 width: auto;
1162 width: auto;
1163 }
1163 }
1164 }
1164 }
1165
1165
1166 table.integrations {
1166 table.integrations {
1167 .td-icon {
1167 .td-icon {
1168 width: 20px;
1168 width: 20px;
1169 .integration-icon {
1169 .integration-icon {
1170 height: 20px;
1170 height: 20px;
1171 width: 20px;
1171 width: 20px;
1172 }
1172 }
1173 }
1173 }
1174 }
1174 }
1175
1175
1176 .integrations {
1176 .integrations {
1177 a.integration-box {
1177 a.integration-box {
1178 color: @text-color;
1178 color: @text-color;
1179 &:hover {
1179 &:hover {
1180 .panel {
1180 .panel {
1181 background: #fbfbfb;
1181 background: #fbfbfb;
1182 }
1182 }
1183 }
1183 }
1184 .integration-icon {
1184 .integration-icon {
1185 width: 30px;
1185 width: 30px;
1186 height: 30px;
1186 height: 30px;
1187 margin-right: 20px;
1187 margin-right: 20px;
1188 float: left;
1188 float: left;
1189 }
1189 }
1190
1190
1191 .panel-body {
1191 .panel-body {
1192 padding: 10px;
1192 padding: 10px;
1193 }
1193 }
1194 .panel {
1194 .panel {
1195 margin-bottom: 10px;
1195 margin-bottom: 10px;
1196 }
1196 }
1197 h2 {
1197 h2 {
1198 display: inline-block;
1198 display: inline-block;
1199 margin: 0;
1199 margin: 0;
1200 min-width: 140px;
1200 min-width: 140px;
1201 }
1201 }
1202 }
1202 }
1203 a.integration-box.dummy-integration {
1203 a.integration-box.dummy-integration {
1204 color: @grey4
1204 color: @grey4
1205 }
1205 }
1206 }
1206 }
1207
1207
1208 //Permissions Settings
1208 //Permissions Settings
1209 #add_perm {
1209 #add_perm {
1210 margin: 0 0 @padding;
1210 margin: 0 0 @padding;
1211 cursor: pointer;
1211 cursor: pointer;
1212 }
1212 }
1213
1213
1214 .perm_ac {
1214 .perm_ac {
1215 input {
1215 input {
1216 width: 95%;
1216 width: 95%;
1217 }
1217 }
1218 }
1218 }
1219
1219
1220 .autocomplete-suggestions {
1220 .autocomplete-suggestions {
1221 width: auto !important; // overrides autocomplete.js
1221 width: auto !important; // overrides autocomplete.js
1222 margin: 0;
1222 margin: 0;
1223 border: @border-thickness solid @rcblue;
1223 border: @border-thickness solid @rcblue;
1224 border-radius: @border-radius;
1224 border-radius: @border-radius;
1225 color: @rcblue;
1225 color: @rcblue;
1226 background-color: white;
1226 background-color: white;
1227 }
1227 }
1228 .autocomplete-selected {
1228 .autocomplete-selected {
1229 background: #F0F0F0;
1229 background: #F0F0F0;
1230 }
1230 }
1231 .ac-container-wrap {
1231 .ac-container-wrap {
1232 margin: 0;
1232 margin: 0;
1233 padding: 8px;
1233 padding: 8px;
1234 border-bottom: @border-thickness solid @rclightblue;
1234 border-bottom: @border-thickness solid @rclightblue;
1235 list-style-type: none;
1235 list-style-type: none;
1236 cursor: pointer;
1236 cursor: pointer;
1237
1237
1238 &:hover {
1238 &:hover {
1239 background-color: @rclightblue;
1239 background-color: @rclightblue;
1240 }
1240 }
1241
1241
1242 img {
1242 img {
1243 height: @gravatar-size;
1243 height: @gravatar-size;
1244 width: @gravatar-size;
1244 width: @gravatar-size;
1245 margin-right: 1em;
1245 margin-right: 1em;
1246 }
1246 }
1247
1247
1248 strong {
1248 strong {
1249 font-weight: normal;
1249 font-weight: normal;
1250 }
1250 }
1251 }
1251 }
1252
1252
1253 // Settings Dropdown
1253 // Settings Dropdown
1254 .user-menu .container {
1254 .user-menu .container {
1255 padding: 0 4px;
1255 padding: 0 4px;
1256 margin: 0;
1256 margin: 0;
1257 }
1257 }
1258
1258
1259 .user-menu .gravatar {
1259 .user-menu .gravatar {
1260 cursor: pointer;
1260 cursor: pointer;
1261 }
1261 }
1262
1262
1263 .codeblock {
1263 .codeblock {
1264 margin-bottom: @padding;
1264 margin-bottom: @padding;
1265 clear: both;
1265 clear: both;
1266
1266
1267 .stats{
1267 .stats{
1268 overflow: hidden;
1268 overflow: hidden;
1269 }
1269 }
1270
1270
1271 .message{
1271 .message{
1272 textarea{
1272 textarea{
1273 margin: 0;
1273 margin: 0;
1274 }
1274 }
1275 }
1275 }
1276
1276
1277 .code-header {
1277 .code-header {
1278 .stats {
1278 .stats {
1279 line-height: 2em;
1279 line-height: 2em;
1280
1280
1281 .revision_id {
1281 .revision_id {
1282 margin-left: 0;
1282 margin-left: 0;
1283 }
1283 }
1284 .buttons {
1284 .buttons {
1285 padding-right: 0;
1285 padding-right: 0;
1286 }
1286 }
1287 }
1287 }
1288
1288
1289 .item{
1289 .item{
1290 margin-right: 0.5em;
1290 margin-right: 0.5em;
1291 }
1291 }
1292 }
1292 }
1293
1293
1294 #editor_container{
1294 #editor_container{
1295 position: relative;
1295 position: relative;
1296 margin: @padding;
1296 margin: @padding;
1297 }
1297 }
1298 }
1298 }
1299
1299
1300 #file_history_container {
1300 #file_history_container {
1301 display: none;
1301 display: none;
1302 }
1302 }
1303
1303
1304 .file-history-inner {
1304 .file-history-inner {
1305 margin-bottom: 10px;
1305 margin-bottom: 10px;
1306 }
1306 }
1307
1307
1308 // Pull Requests
1308 // Pull Requests
1309 .summary-details {
1309 .summary-details {
1310 width: 72%;
1310 width: 72%;
1311 }
1311 }
1312 .pr-summary {
1312 .pr-summary {
1313 border-bottom: @border-thickness solid @grey5;
1313 border-bottom: @border-thickness solid @grey5;
1314 margin-bottom: @space;
1314 margin-bottom: @space;
1315 }
1315 }
1316 .reviewers-title {
1316 .reviewers-title {
1317 width: 25%;
1317 width: 25%;
1318 min-width: 200px;
1318 min-width: 200px;
1319 }
1319 }
1320 .reviewers {
1320 .reviewers {
1321 width: 25%;
1321 width: 25%;
1322 min-width: 200px;
1322 min-width: 200px;
1323 }
1323 }
1324 .reviewers ul li {
1324 .reviewers ul li {
1325 position: relative;
1325 position: relative;
1326 width: 100%;
1326 width: 100%;
1327 padding-bottom: 8px;
1327 padding-bottom: 8px;
1328 }
1328 }
1329
1329
1330 .reviewer_entry {
1330 .reviewer_entry {
1331 min-height: 55px;
1331 min-height: 55px;
1332 }
1332 }
1333
1333
1334 .reviewers_member {
1334 .reviewers_member {
1335 width: 100%;
1335 width: 100%;
1336 overflow: auto;
1336 overflow: auto;
1337 }
1337 }
1338 .reviewer_reason {
1338 .reviewer_reason {
1339 padding-left: 20px;
1339 padding-left: 20px;
1340 line-height: 1.5em;
1340 line-height: 1.5em;
1341 }
1341 }
1342 .reviewer_status {
1342 .reviewer_status {
1343 display: inline-block;
1343 display: inline-block;
1344 vertical-align: top;
1344 vertical-align: top;
1345 width: 25px;
1345 width: 25px;
1346 min-width: 25px;
1346 min-width: 25px;
1347 height: 1.2em;
1347 height: 1.2em;
1348 margin-top: 3px;
1348 margin-top: 3px;
1349 line-height: 1em;
1349 line-height: 1em;
1350 }
1350 }
1351
1351
1352 .reviewer_name {
1352 .reviewer_name {
1353 display: inline-block;
1353 display: inline-block;
1354 max-width: 83%;
1354 max-width: 83%;
1355 padding-right: 20px;
1355 padding-right: 20px;
1356 vertical-align: middle;
1356 vertical-align: middle;
1357 line-height: 1;
1357 line-height: 1;
1358
1358
1359 .rc-user {
1359 .rc-user {
1360 min-width: 0;
1360 min-width: 0;
1361 margin: -2px 1em 0 0;
1361 margin: -2px 1em 0 0;
1362 }
1362 }
1363
1363
1364 .reviewer {
1364 .reviewer {
1365 float: left;
1365 float: left;
1366 }
1366 }
1367 }
1367 }
1368
1368
1369 .reviewer_member_mandatory {
1369 .reviewer_member_mandatory {
1370 position: absolute;
1370 position: absolute;
1371 left: 15px;
1371 left: 15px;
1372 top: 8px;
1372 top: 8px;
1373 width: 16px;
1373 width: 16px;
1374 font-size: 11px;
1374 font-size: 11px;
1375 margin: 0;
1375 margin: 0;
1376 padding: 0;
1376 padding: 0;
1377 color: black;
1377 color: black;
1378 }
1378 }
1379
1379
1380 .reviewer_member_mandatory_remove,
1380 .reviewer_member_mandatory_remove,
1381 .reviewer_member_remove {
1381 .reviewer_member_remove {
1382 position: absolute;
1382 position: absolute;
1383 right: 0;
1383 right: 0;
1384 top: 0;
1384 top: 0;
1385 width: 16px;
1385 width: 16px;
1386 margin-bottom: 10px;
1386 margin-bottom: 10px;
1387 padding: 0;
1387 padding: 0;
1388 color: black;
1388 color: black;
1389 }
1389 }
1390
1390
1391 .reviewer_member_mandatory_remove {
1391 .reviewer_member_mandatory_remove {
1392 color: @grey4;
1392 color: @grey4;
1393 }
1393 }
1394
1394
1395 .reviewer_member_status {
1395 .reviewer_member_status {
1396 margin-top: 5px;
1396 margin-top: 5px;
1397 }
1397 }
1398 .pr-summary #summary{
1398 .pr-summary #summary{
1399 width: 100%;
1399 width: 100%;
1400 }
1400 }
1401 .pr-summary .action_button:hover {
1401 .pr-summary .action_button:hover {
1402 border: 0;
1402 border: 0;
1403 cursor: pointer;
1403 cursor: pointer;
1404 }
1404 }
1405 .pr-details-title {
1405 .pr-details-title {
1406 padding-bottom: 8px;
1406 padding-bottom: 8px;
1407 border-bottom: @border-thickness solid @grey5;
1407 border-bottom: @border-thickness solid @grey5;
1408
1408
1409 .action_button.disabled {
1409 .action_button.disabled {
1410 color: @grey4;
1410 color: @grey4;
1411 cursor: inherit;
1411 cursor: inherit;
1412 }
1412 }
1413 .action_button {
1413 .action_button {
1414 color: @rcblue;
1414 color: @rcblue;
1415 }
1415 }
1416 }
1416 }
1417 .pr-details-content {
1417 .pr-details-content {
1418 margin-top: @textmargin;
1418 margin-top: @textmargin;
1419 margin-bottom: @textmargin;
1419 margin-bottom: @textmargin;
1420 }
1420 }
1421
1421
1422 .pr-reviewer-rules {
1422 .pr-reviewer-rules {
1423 padding: 10px 0px 20px 0px;
1423 padding: 10px 0px 20px 0px;
1424 }
1424 }
1425
1425
1426 .group_members {
1426 .group_members {
1427 margin-top: 0;
1427 margin-top: 0;
1428 padding: 0;
1428 padding: 0;
1429 list-style: outside none none;
1429 list-style: outside none none;
1430
1430
1431 img {
1431 img {
1432 height: @gravatar-size;
1432 height: @gravatar-size;
1433 width: @gravatar-size;
1433 width: @gravatar-size;
1434 margin-right: .5em;
1434 margin-right: .5em;
1435 margin-left: 3px;
1435 margin-left: 3px;
1436 }
1436 }
1437
1437
1438 .to-delete {
1438 .to-delete {
1439 .user {
1439 .user {
1440 text-decoration: line-through;
1440 text-decoration: line-through;
1441 }
1441 }
1442 }
1442 }
1443 }
1443 }
1444
1444
1445 .compare_view_commits_title {
1445 .compare_view_commits_title {
1446 .disabled {
1446 .disabled {
1447 cursor: inherit;
1447 cursor: inherit;
1448 &:hover{
1448 &:hover{
1449 background-color: inherit;
1449 background-color: inherit;
1450 color: inherit;
1450 color: inherit;
1451 }
1451 }
1452 }
1452 }
1453 }
1453 }
1454
1454
1455 .subtitle-compare {
1455 .subtitle-compare {
1456 margin: -15px 0px 0px 0px;
1456 margin: -15px 0px 0px 0px;
1457 }
1457 }
1458
1458
1459 .comments-summary-td {
1459 .comments-summary-td {
1460 border-top: 1px dashed @grey5;
1460 border-top: 1px dashed @grey5;
1461 }
1461 }
1462
1462
1463 // new entry in group_members
1463 // new entry in group_members
1464 .td-author-new-entry {
1464 .td-author-new-entry {
1465 background-color: rgba(red(@alert1), green(@alert1), blue(@alert1), 0.3);
1465 background-color: rgba(red(@alert1), green(@alert1), blue(@alert1), 0.3);
1466 }
1466 }
1467
1467
1468 .usergroup_member_remove {
1468 .usergroup_member_remove {
1469 width: 16px;
1469 width: 16px;
1470 margin-bottom: 10px;
1470 margin-bottom: 10px;
1471 padding: 0;
1471 padding: 0;
1472 color: black !important;
1472 color: black !important;
1473 cursor: pointer;
1473 cursor: pointer;
1474 }
1474 }
1475
1475
1476 .reviewer_ac .ac-input {
1476 .reviewer_ac .ac-input {
1477 width: 92%;
1477 width: 92%;
1478 margin-bottom: 1em;
1478 margin-bottom: 1em;
1479 }
1479 }
1480
1480
1481 .compare_view_commits tr{
1481 .compare_view_commits tr{
1482 height: 20px;
1482 height: 20px;
1483 }
1483 }
1484 .compare_view_commits td {
1484 .compare_view_commits td {
1485 vertical-align: top;
1485 vertical-align: top;
1486 padding-top: 10px;
1486 padding-top: 10px;
1487 }
1487 }
1488 .compare_view_commits .author {
1488 .compare_view_commits .author {
1489 margin-left: 5px;
1489 margin-left: 5px;
1490 }
1490 }
1491
1491
1492 .compare_view_commits {
1492 .compare_view_commits {
1493 .color-a {
1493 .color-a {
1494 color: @alert1;
1494 color: @alert1;
1495 }
1495 }
1496
1496
1497 .color-c {
1497 .color-c {
1498 color: @color3;
1498 color: @color3;
1499 }
1499 }
1500
1500
1501 .color-r {
1501 .color-r {
1502 color: @color5;
1502 color: @color5;
1503 }
1503 }
1504
1504
1505 .color-a-bg {
1505 .color-a-bg {
1506 background-color: @alert1;
1506 background-color: @alert1;
1507 }
1507 }
1508
1508
1509 .color-c-bg {
1509 .color-c-bg {
1510 background-color: @alert3;
1510 background-color: @alert3;
1511 }
1511 }
1512
1512
1513 .color-r-bg {
1513 .color-r-bg {
1514 background-color: @alert2;
1514 background-color: @alert2;
1515 }
1515 }
1516
1516
1517 .color-a-border {
1517 .color-a-border {
1518 border: 1px solid @alert1;
1518 border: 1px solid @alert1;
1519 }
1519 }
1520
1520
1521 .color-c-border {
1521 .color-c-border {
1522 border: 1px solid @alert3;
1522 border: 1px solid @alert3;
1523 }
1523 }
1524
1524
1525 .color-r-border {
1525 .color-r-border {
1526 border: 1px solid @alert2;
1526 border: 1px solid @alert2;
1527 }
1527 }
1528
1528
1529 .commit-change-indicator {
1529 .commit-change-indicator {
1530 width: 15px;
1530 width: 15px;
1531 height: 15px;
1531 height: 15px;
1532 position: relative;
1532 position: relative;
1533 left: 15px;
1533 left: 15px;
1534 }
1534 }
1535
1535
1536 .commit-change-content {
1536 .commit-change-content {
1537 text-align: center;
1537 text-align: center;
1538 vertical-align: middle;
1538 vertical-align: middle;
1539 line-height: 15px;
1539 line-height: 15px;
1540 }
1540 }
1541 }
1541 }
1542
1542
1543 .compare_view_filepath {
1543 .compare_view_filepath {
1544 color: @grey1;
1544 color: @grey1;
1545 }
1545 }
1546
1546
1547 .show_more {
1547 .show_more {
1548 display: inline-block;
1548 display: inline-block;
1549 position: relative;
1549 position: relative;
1550 vertical-align: middle;
1550 vertical-align: middle;
1551 width: 4px;
1551 width: 4px;
1552 height: @basefontsize;
1552 height: @basefontsize;
1553
1553
1554 &:after {
1554 &:after {
1555 content: "\00A0\25BE";
1555 content: "\00A0\25BE";
1556 display: inline-block;
1556 display: inline-block;
1557 width:10px;
1557 width:10px;
1558 line-height: 5px;
1558 line-height: 5px;
1559 font-size: 12px;
1559 font-size: 12px;
1560 cursor: pointer;
1560 cursor: pointer;
1561 }
1561 }
1562 }
1562 }
1563
1563
1564 .journal_more .show_more {
1564 .journal_more .show_more {
1565 display: inline;
1565 display: inline;
1566
1566
1567 &:after {
1567 &:after {
1568 content: none;
1568 content: none;
1569 }
1569 }
1570 }
1570 }
1571
1571
1572 .open .show_more:after,
1572 .open .show_more:after,
1573 .select2-dropdown-open .show_more:after {
1573 .select2-dropdown-open .show_more:after {
1574 .rotate(180deg);
1574 .rotate(180deg);
1575 margin-left: 4px;
1575 margin-left: 4px;
1576 }
1576 }
1577
1577
1578
1578
1579 .compare_view_commits .collapse_commit:after {
1579 .compare_view_commits .collapse_commit:after {
1580 cursor: pointer;
1580 cursor: pointer;
1581 content: "\00A0\25B4";
1581 content: "\00A0\25B4";
1582 margin-left: -3px;
1582 margin-left: -3px;
1583 font-size: 17px;
1583 font-size: 17px;
1584 color: @grey4;
1584 color: @grey4;
1585 }
1585 }
1586
1586
1587 .diff_links {
1587 .diff_links {
1588 margin-left: 8px;
1588 margin-left: 8px;
1589 }
1589 }
1590
1590
1591 div.ancestor {
1591 div.ancestor {
1592 margin: -30px 0px;
1592 margin: -30px 0px;
1593 }
1593 }
1594
1594
1595 .cs_icon_td input[type="checkbox"] {
1595 .cs_icon_td input[type="checkbox"] {
1596 display: none;
1596 display: none;
1597 }
1597 }
1598
1598
1599 .cs_icon_td .expand_file_icon:after {
1599 .cs_icon_td .expand_file_icon:after {
1600 cursor: pointer;
1600 cursor: pointer;
1601 content: "\00A0\25B6";
1601 content: "\00A0\25B6";
1602 font-size: 12px;
1602 font-size: 12px;
1603 color: @grey4;
1603 color: @grey4;
1604 }
1604 }
1605
1605
1606 .cs_icon_td .collapse_file_icon:after {
1606 .cs_icon_td .collapse_file_icon:after {
1607 cursor: pointer;
1607 cursor: pointer;
1608 content: "\00A0\25BC";
1608 content: "\00A0\25BC";
1609 font-size: 12px;
1609 font-size: 12px;
1610 color: @grey4;
1610 color: @grey4;
1611 }
1611 }
1612
1612
1613 /*new binary
1613 /*new binary
1614 NEW_FILENODE = 1
1614 NEW_FILENODE = 1
1615 DEL_FILENODE = 2
1615 DEL_FILENODE = 2
1616 MOD_FILENODE = 3
1616 MOD_FILENODE = 3
1617 RENAMED_FILENODE = 4
1617 RENAMED_FILENODE = 4
1618 COPIED_FILENODE = 5
1618 COPIED_FILENODE = 5
1619 CHMOD_FILENODE = 6
1619 CHMOD_FILENODE = 6
1620 BIN_FILENODE = 7
1620 BIN_FILENODE = 7
1621 */
1621 */
1622 .cs_files_expand {
1622 .cs_files_expand {
1623 font-size: @basefontsize + 5px;
1623 font-size: @basefontsize + 5px;
1624 line-height: 1.8em;
1624 line-height: 1.8em;
1625 float: right;
1625 float: right;
1626 }
1626 }
1627
1627
1628 .cs_files_expand span{
1628 .cs_files_expand span{
1629 color: @rcblue;
1629 color: @rcblue;
1630 cursor: pointer;
1630 cursor: pointer;
1631 }
1631 }
1632 .cs_files {
1632 .cs_files {
1633 clear: both;
1633 clear: both;
1634 padding-bottom: @padding;
1634 padding-bottom: @padding;
1635
1635
1636 .cur_cs {
1636 .cur_cs {
1637 margin: 10px 2px;
1637 margin: 10px 2px;
1638 font-weight: bold;
1638 font-weight: bold;
1639 }
1639 }
1640
1640
1641 .node {
1641 .node {
1642 float: left;
1642 float: left;
1643 }
1643 }
1644
1644
1645 .changes {
1645 .changes {
1646 float: right;
1646 float: right;
1647 color: white;
1647 color: white;
1648 font-size: @basefontsize - 4px;
1648 font-size: @basefontsize - 4px;
1649 margin-top: 4px;
1649 margin-top: 4px;
1650 opacity: 0.6;
1650 opacity: 0.6;
1651 filter: Alpha(opacity=60); /* IE8 and earlier */
1651 filter: Alpha(opacity=60); /* IE8 and earlier */
1652
1652
1653 .added {
1653 .added {
1654 background-color: @alert1;
1654 background-color: @alert1;
1655 float: left;
1655 float: left;
1656 text-align: center;
1656 text-align: center;
1657 }
1657 }
1658
1658
1659 .deleted {
1659 .deleted {
1660 background-color: @alert2;
1660 background-color: @alert2;
1661 float: left;
1661 float: left;
1662 text-align: center;
1662 text-align: center;
1663 }
1663 }
1664
1664
1665 .bin {
1665 .bin {
1666 background-color: @alert1;
1666 background-color: @alert1;
1667 text-align: center;
1667 text-align: center;
1668 }
1668 }
1669
1669
1670 /*new binary*/
1670 /*new binary*/
1671 .bin.bin1 {
1671 .bin.bin1 {
1672 background-color: @alert1;
1672 background-color: @alert1;
1673 text-align: center;
1673 text-align: center;
1674 }
1674 }
1675
1675
1676 /*deleted binary*/
1676 /*deleted binary*/
1677 .bin.bin2 {
1677 .bin.bin2 {
1678 background-color: @alert2;
1678 background-color: @alert2;
1679 text-align: center;
1679 text-align: center;
1680 }
1680 }
1681
1681
1682 /*mod binary*/
1682 /*mod binary*/
1683 .bin.bin3 {
1683 .bin.bin3 {
1684 background-color: @grey2;
1684 background-color: @grey2;
1685 text-align: center;
1685 text-align: center;
1686 }
1686 }
1687
1687
1688 /*rename file*/
1688 /*rename file*/
1689 .bin.bin4 {
1689 .bin.bin4 {
1690 background-color: @alert4;
1690 background-color: @alert4;
1691 text-align: center;
1691 text-align: center;
1692 }
1692 }
1693
1693
1694 /*copied file*/
1694 /*copied file*/
1695 .bin.bin5 {
1695 .bin.bin5 {
1696 background-color: @alert4;
1696 background-color: @alert4;
1697 text-align: center;
1697 text-align: center;
1698 }
1698 }
1699
1699
1700 /*chmod file*/
1700 /*chmod file*/
1701 .bin.bin6 {
1701 .bin.bin6 {
1702 background-color: @grey2;
1702 background-color: @grey2;
1703 text-align: center;
1703 text-align: center;
1704 }
1704 }
1705 }
1705 }
1706 }
1706 }
1707
1707
1708 .cs_files .cs_added, .cs_files .cs_A,
1708 .cs_files .cs_added, .cs_files .cs_A,
1709 .cs_files .cs_added, .cs_files .cs_M,
1709 .cs_files .cs_added, .cs_files .cs_M,
1710 .cs_files .cs_added, .cs_files .cs_D {
1710 .cs_files .cs_added, .cs_files .cs_D {
1711 height: 16px;
1711 height: 16px;
1712 padding-right: 10px;
1712 padding-right: 10px;
1713 margin-top: 7px;
1713 margin-top: 7px;
1714 text-align: left;
1714 text-align: left;
1715 }
1715 }
1716
1716
1717 .cs_icon_td {
1717 .cs_icon_td {
1718 min-width: 16px;
1718 min-width: 16px;
1719 width: 16px;
1719 width: 16px;
1720 }
1720 }
1721
1721
1722 .pull-request-merge {
1722 .pull-request-merge {
1723 border: 1px solid @grey5;
1723 border: 1px solid @grey5;
1724 padding: 10px 0px 20px;
1724 padding: 10px 0px 20px;
1725 margin-top: 10px;
1725 margin-top: 10px;
1726 margin-bottom: 20px;
1726 margin-bottom: 20px;
1727 }
1727 }
1728
1728
1729 .pull-request-merge ul {
1729 .pull-request-merge ul {
1730 padding: 0px 0px;
1730 padding: 0px 0px;
1731 }
1731 }
1732
1732
1733 .pull-request-merge li:before{
1733 .pull-request-merge li:before{
1734 content:none;
1734 content:none;
1735 }
1735 }
1736
1736
1737 .pull-request-merge .pull-request-wrap {
1737 .pull-request-merge .pull-request-wrap {
1738 height: auto;
1738 height: auto;
1739 padding: 0px 0px;
1739 padding: 0px 0px;
1740 text-align: right;
1740 text-align: right;
1741 }
1741 }
1742
1742
1743 .pull-request-merge span {
1743 .pull-request-merge span {
1744 margin-right: 5px;
1744 margin-right: 5px;
1745 }
1745 }
1746
1746
1747 .pull-request-merge-actions {
1747 .pull-request-merge-actions {
1748 min-height: 30px;
1748 min-height: 30px;
1749 padding: 0px 0px;
1749 padding: 0px 0px;
1750 }
1750 }
1751
1751
1752 .pull-request-merge-info {
1752 .pull-request-merge-info {
1753 padding: 0px 5px 5px 0px;
1753 padding: 0px 5px 5px 0px;
1754 }
1754 }
1755
1755
1756 .merge-status {
1756 .merge-status {
1757 margin-right: 5px;
1757 margin-right: 5px;
1758 }
1758 }
1759
1759
1760 .merge-message {
1760 .merge-message {
1761 font-size: 1.2em
1761 font-size: 1.2em
1762 }
1762 }
1763
1763
1764 .merge-message.success i,
1764 .merge-message.success i,
1765 .merge-icon.success i {
1765 .merge-icon.success i {
1766 color:@alert1;
1766 color:@alert1;
1767 }
1767 }
1768
1768
1769 .merge-message.warning i,
1769 .merge-message.warning i,
1770 .merge-icon.warning i {
1770 .merge-icon.warning i {
1771 color: @alert3;
1771 color: @alert3;
1772 }
1772 }
1773
1773
1774 .merge-message.error i,
1774 .merge-message.error i,
1775 .merge-icon.error i {
1775 .merge-icon.error i {
1776 color:@alert2;
1776 color:@alert2;
1777 }
1777 }
1778
1778
1779 .pr-versions {
1779 .pr-versions {
1780 font-size: 1.1em;
1780 font-size: 1.1em;
1781
1781
1782 table {
1782 table {
1783 padding: 0px 5px;
1783 padding: 0px 5px;
1784 }
1784 }
1785
1785
1786 td {
1786 td {
1787 line-height: 15px;
1787 line-height: 15px;
1788 }
1788 }
1789
1789
1790 .flag_status {
1790 .flag_status {
1791 margin: 0;
1791 margin: 0;
1792 }
1792 }
1793
1793
1794 .compare-radio-button {
1794 .compare-radio-button {
1795 position: relative;
1795 position: relative;
1796 top: -3px;
1796 top: -3px;
1797 }
1797 }
1798 }
1798 }
1799
1799
1800
1800
1801 #close_pull_request {
1801 #close_pull_request {
1802 margin-right: 0px;
1802 margin-right: 0px;
1803 }
1803 }
1804
1804
1805 .empty_data {
1805 .empty_data {
1806 color: @grey4;
1806 color: @grey4;
1807 }
1807 }
1808
1808
1809 #changeset_compare_view_content {
1809 #changeset_compare_view_content {
1810 margin-bottom: @space;
1810 margin-bottom: @space;
1811 clear: both;
1811 clear: both;
1812 width: 100%;
1812 width: 100%;
1813 box-sizing: border-box;
1813 box-sizing: border-box;
1814 .border-radius(@border-radius);
1814 .border-radius(@border-radius);
1815
1815
1816 .help-block {
1816 .help-block {
1817 margin: @padding 0;
1817 margin: @padding 0;
1818 color: @text-color;
1818 color: @text-color;
1819 &.pre-formatting {
1819 &.pre-formatting {
1820 white-space: pre;
1820 white-space: pre;
1821 }
1821 }
1822 }
1822 }
1823
1823
1824 .empty_data {
1824 .empty_data {
1825 margin: @padding 0;
1825 margin: @padding 0;
1826 }
1826 }
1827
1827
1828 .alert {
1828 .alert {
1829 margin-bottom: @space;
1829 margin-bottom: @space;
1830 }
1830 }
1831 }
1831 }
1832
1832
1833 .table_disp {
1833 .table_disp {
1834 .status {
1834 .status {
1835 width: auto;
1835 width: auto;
1836
1836
1837 .flag_status {
1837 .flag_status {
1838 float: left;
1838 float: left;
1839 }
1839 }
1840 }
1840 }
1841 }
1841 }
1842
1842
1843
1843
1844 .creation_in_progress {
1844 .creation_in_progress {
1845 color: @grey4
1845 color: @grey4
1846 }
1846 }
1847
1847
1848 .status_box_menu {
1848 .status_box_menu {
1849 margin: 0;
1849 margin: 0;
1850 }
1850 }
1851
1851
1852 .notification-table{
1852 .notification-table{
1853 margin-bottom: @space;
1853 margin-bottom: @space;
1854 display: table;
1854 display: table;
1855 width: 100%;
1855 width: 100%;
1856
1856
1857 .container{
1857 .container{
1858 display: table-row;
1858 display: table-row;
1859
1859
1860 .notification-header{
1860 .notification-header{
1861 border-bottom: @border-thickness solid @border-default-color;
1861 border-bottom: @border-thickness solid @border-default-color;
1862 }
1862 }
1863
1863
1864 .notification-subject{
1864 .notification-subject{
1865 display: table-cell;
1865 display: table-cell;
1866 }
1866 }
1867 }
1867 }
1868 }
1868 }
1869
1869
1870 // Notifications
1870 // Notifications
1871 .notification-header{
1871 .notification-header{
1872 display: table;
1872 display: table;
1873 width: 100%;
1873 width: 100%;
1874 padding: floor(@basefontsize/2) 0;
1874 padding: floor(@basefontsize/2) 0;
1875 line-height: 1em;
1875 line-height: 1em;
1876
1876
1877 .desc, .delete-notifications, .read-notifications{
1877 .desc, .delete-notifications, .read-notifications{
1878 display: table-cell;
1878 display: table-cell;
1879 text-align: left;
1879 text-align: left;
1880 }
1880 }
1881
1881
1882 .desc{
1882 .desc{
1883 width: 1163px;
1883 width: 1163px;
1884 }
1884 }
1885
1885
1886 .delete-notifications, .read-notifications{
1886 .delete-notifications, .read-notifications{
1887 width: 35px;
1887 width: 35px;
1888 min-width: 35px; //fixes when only one button is displayed
1888 min-width: 35px; //fixes when only one button is displayed
1889 }
1889 }
1890 }
1890 }
1891
1891
1892 .notification-body {
1892 .notification-body {
1893 .markdown-block,
1893 .markdown-block,
1894 .rst-block {
1894 .rst-block {
1895 padding: @padding 0;
1895 padding: @padding 0;
1896 }
1896 }
1897
1897
1898 .notification-subject {
1898 .notification-subject {
1899 padding: @textmargin 0;
1899 padding: @textmargin 0;
1900 border-bottom: @border-thickness solid @border-default-color;
1900 border-bottom: @border-thickness solid @border-default-color;
1901 }
1901 }
1902 }
1902 }
1903
1903
1904
1904
1905 .notifications_buttons{
1905 .notifications_buttons{
1906 float: right;
1906 float: right;
1907 }
1907 }
1908
1908
1909 #notification-status{
1909 #notification-status{
1910 display: inline;
1910 display: inline;
1911 }
1911 }
1912
1912
1913 // Repositories
1913 // Repositories
1914
1914
1915 #summary.fields{
1915 #summary.fields{
1916 display: table;
1916 display: table;
1917
1917
1918 .field{
1918 .field{
1919 display: table-row;
1919 display: table-row;
1920
1920
1921 .label-summary{
1921 .label-summary{
1922 display: table-cell;
1922 display: table-cell;
1923 min-width: @label-summary-minwidth;
1923 min-width: @label-summary-minwidth;
1924 padding-top: @padding/2;
1924 padding-top: @padding/2;
1925 padding-bottom: @padding/2;
1925 padding-bottom: @padding/2;
1926 padding-right: @padding/2;
1926 padding-right: @padding/2;
1927 }
1927 }
1928
1928
1929 .input{
1929 .input{
1930 display: table-cell;
1930 display: table-cell;
1931 padding: @padding/2;
1931 padding: @padding/2;
1932
1932
1933 input{
1933 input{
1934 min-width: 29em;
1934 min-width: 29em;
1935 padding: @padding/4;
1935 padding: @padding/4;
1936 }
1936 }
1937 }
1937 }
1938 .statistics, .downloads{
1938 .statistics, .downloads{
1939 .disabled{
1939 .disabled{
1940 color: @grey4;
1940 color: @grey4;
1941 }
1941 }
1942 }
1942 }
1943 }
1943 }
1944 }
1944 }
1945
1945
1946 #summary{
1946 #summary{
1947 width: 70%;
1947 width: 70%;
1948 }
1948 }
1949
1949
1950
1950
1951 // Journal
1951 // Journal
1952 .journal.title {
1952 .journal.title {
1953 h5 {
1953 h5 {
1954 float: left;
1954 float: left;
1955 margin: 0;
1955 margin: 0;
1956 width: 70%;
1956 width: 70%;
1957 }
1957 }
1958
1958
1959 ul {
1959 ul {
1960 float: right;
1960 float: right;
1961 display: inline-block;
1961 display: inline-block;
1962 margin: 0;
1962 margin: 0;
1963 width: 30%;
1963 width: 30%;
1964 text-align: right;
1964 text-align: right;
1965
1965
1966 li {
1966 li {
1967 display: inline;
1967 display: inline;
1968 font-size: @journal-fontsize;
1968 font-size: @journal-fontsize;
1969 line-height: 1em;
1969 line-height: 1em;
1970
1970
1971 &:before { content: none; }
1971 &:before { content: none; }
1972 }
1972 }
1973 }
1973 }
1974 }
1974 }
1975
1975
1976 .filterexample {
1976 .filterexample {
1977 position: absolute;
1977 position: absolute;
1978 top: 95px;
1978 top: 95px;
1979 left: @contentpadding;
1979 left: @contentpadding;
1980 color: @rcblue;
1980 color: @rcblue;
1981 font-size: 11px;
1981 font-size: 11px;
1982 font-family: @text-regular;
1982 font-family: @text-regular;
1983 cursor: help;
1983 cursor: help;
1984
1984
1985 &:hover {
1985 &:hover {
1986 color: @rcdarkblue;
1986 color: @rcdarkblue;
1987 }
1987 }
1988
1988
1989 @media (max-width:768px) {
1989 @media (max-width:768px) {
1990 position: relative;
1990 position: relative;
1991 top: auto;
1991 top: auto;
1992 left: auto;
1992 left: auto;
1993 display: block;
1993 display: block;
1994 }
1994 }
1995 }
1995 }
1996
1996
1997
1997
1998 #journal{
1998 #journal{
1999 margin-bottom: @space;
1999 margin-bottom: @space;
2000
2000
2001 .journal_day{
2001 .journal_day{
2002 margin-bottom: @textmargin/2;
2002 margin-bottom: @textmargin/2;
2003 padding-bottom: @textmargin/2;
2003 padding-bottom: @textmargin/2;
2004 font-size: @journal-fontsize;
2004 font-size: @journal-fontsize;
2005 border-bottom: @border-thickness solid @border-default-color;
2005 border-bottom: @border-thickness solid @border-default-color;
2006 }
2006 }
2007
2007
2008 .journal_container{
2008 .journal_container{
2009 margin-bottom: @space;
2009 margin-bottom: @space;
2010
2010
2011 .journal_user{
2011 .journal_user{
2012 display: inline-block;
2012 display: inline-block;
2013 }
2013 }
2014 .journal_action_container{
2014 .journal_action_container{
2015 display: block;
2015 display: block;
2016 margin-top: @textmargin;
2016 margin-top: @textmargin;
2017
2017
2018 div{
2018 div{
2019 display: inline;
2019 display: inline;
2020 }
2020 }
2021
2021
2022 div.journal_action_params{
2022 div.journal_action_params{
2023 display: block;
2023 display: block;
2024 }
2024 }
2025
2025
2026 div.journal_repo:after{
2026 div.journal_repo:after{
2027 content: "\A";
2027 content: "\A";
2028 white-space: pre;
2028 white-space: pre;
2029 }
2029 }
2030
2030
2031 div.date{
2031 div.date{
2032 display: block;
2032 display: block;
2033 margin-bottom: @textmargin;
2033 margin-bottom: @textmargin;
2034 }
2034 }
2035 }
2035 }
2036 }
2036 }
2037 }
2037 }
2038
2038
2039 // Files
2039 // Files
2040 .edit-file-title {
2040 .edit-file-title {
2041 border-bottom: @border-thickness solid @border-default-color;
2041 border-bottom: @border-thickness solid @border-default-color;
2042
2042
2043 .breadcrumbs {
2043 .breadcrumbs {
2044 margin-bottom: 0;
2044 margin-bottom: 0;
2045 }
2045 }
2046 }
2046 }
2047
2047
2048 .edit-file-fieldset {
2048 .edit-file-fieldset {
2049 margin-top: @sidebarpadding;
2049 margin-top: @sidebarpadding;
2050
2050
2051 .fieldset {
2051 .fieldset {
2052 .left-label {
2052 .left-label {
2053 width: 13%;
2053 width: 13%;
2054 }
2054 }
2055 .right-content {
2055 .right-content {
2056 width: 87%;
2056 width: 87%;
2057 max-width: 100%;
2057 max-width: 100%;
2058 }
2058 }
2059 .filename-label {
2059 .filename-label {
2060 margin-top: 13px;
2060 margin-top: 13px;
2061 }
2061 }
2062 .commit-message-label {
2062 .commit-message-label {
2063 margin-top: 4px;
2063 margin-top: 4px;
2064 }
2064 }
2065 .file-upload-input {
2065 .file-upload-input {
2066 input {
2066 input {
2067 display: none;
2067 display: none;
2068 }
2068 }
2069 margin-top: 10px;
2069 margin-top: 10px;
2070 }
2070 }
2071 .file-upload-label {
2071 .file-upload-label {
2072 margin-top: 10px;
2072 margin-top: 10px;
2073 }
2073 }
2074 p {
2074 p {
2075 margin-top: 5px;
2075 margin-top: 5px;
2076 }
2076 }
2077
2077
2078 }
2078 }
2079 .custom-path-link {
2079 .custom-path-link {
2080 margin-left: 5px;
2080 margin-left: 5px;
2081 }
2081 }
2082 #commit {
2082 #commit {
2083 resize: vertical;
2083 resize: vertical;
2084 }
2084 }
2085 }
2085 }
2086
2086
2087 .delete-file-preview {
2087 .delete-file-preview {
2088 max-height: 250px;
2088 max-height: 250px;
2089 }
2089 }
2090
2090
2091 .new-file,
2091 .new-file,
2092 #filter_activate,
2092 #filter_activate,
2093 #filter_deactivate {
2093 #filter_deactivate {
2094 float: left;
2094 float: left;
2095 margin: 0 0 0 15px;
2095 margin: 0 0 0 15px;
2096 }
2096 }
2097
2097
2098 h3.files_location{
2098 h3.files_location{
2099 line-height: 2.4em;
2099 line-height: 2.4em;
2100 }
2100 }
2101
2101
2102 .browser-nav {
2102 .browser-nav {
2103 display: table;
2103 display: table;
2104 margin-bottom: @space;
2104 margin-bottom: @space;
2105
2105
2106
2106
2107 .info_box {
2107 .info_box {
2108 display: inline-table;
2108 display: inline-table;
2109 height: 2.5em;
2109 height: 2.5em;
2110
2110
2111 .browser-cur-rev, .info_box_elem {
2111 .browser-cur-rev, .info_box_elem {
2112 display: table-cell;
2112 display: table-cell;
2113 vertical-align: middle;
2113 vertical-align: middle;
2114 }
2114 }
2115
2115
2116 .info_box_elem {
2116 .info_box_elem {
2117 border-top: @border-thickness solid @rcblue;
2117 border-top: @border-thickness solid @rcblue;
2118 border-bottom: @border-thickness solid @rcblue;
2118 border-bottom: @border-thickness solid @rcblue;
2119
2119
2120 #at_rev, a {
2120 #at_rev, a {
2121 padding: 0.6em 0.9em;
2121 padding: 0.6em 0.9em;
2122 margin: 0;
2122 margin: 0;
2123 .box-shadow(none);
2123 .box-shadow(none);
2124 border: 0;
2124 border: 0;
2125 height: 12px;
2125 height: 12px;
2126 }
2126 }
2127
2127
2128 input#at_rev {
2128 input#at_rev {
2129 max-width: 50px;
2129 max-width: 50px;
2130 text-align: right;
2130 text-align: right;
2131 }
2131 }
2132
2132
2133 &.previous {
2133 &.previous {
2134 border: @border-thickness solid @rcblue;
2134 border: @border-thickness solid @rcblue;
2135 .disabled {
2135 .disabled {
2136 color: @grey4;
2136 color: @grey4;
2137 cursor: not-allowed;
2137 cursor: not-allowed;
2138 }
2138 }
2139 }
2139 }
2140
2140
2141 &.next {
2141 &.next {
2142 border: @border-thickness solid @rcblue;
2142 border: @border-thickness solid @rcblue;
2143 .disabled {
2143 .disabled {
2144 color: @grey4;
2144 color: @grey4;
2145 cursor: not-allowed;
2145 cursor: not-allowed;
2146 }
2146 }
2147 }
2147 }
2148 }
2148 }
2149
2149
2150 .browser-cur-rev {
2150 .browser-cur-rev {
2151
2151
2152 span{
2152 span{
2153 margin: 0;
2153 margin: 0;
2154 color: @rcblue;
2154 color: @rcblue;
2155 height: 12px;
2155 height: 12px;
2156 display: inline-block;
2156 display: inline-block;
2157 padding: 0.7em 1em ;
2157 padding: 0.7em 1em ;
2158 border: @border-thickness solid @rcblue;
2158 border: @border-thickness solid @rcblue;
2159 margin-right: @padding;
2159 margin-right: @padding;
2160 }
2160 }
2161 }
2161 }
2162 }
2162 }
2163
2163
2164 .search_activate {
2164 .search_activate {
2165 display: table-cell;
2165 display: table-cell;
2166 vertical-align: middle;
2166 vertical-align: middle;
2167
2167
2168 input, label{
2168 input, label{
2169 margin: 0;
2169 margin: 0;
2170 padding: 0;
2170 padding: 0;
2171 }
2171 }
2172
2172
2173 input{
2173 input{
2174 margin-left: @textmargin;
2174 margin-left: @textmargin;
2175 }
2175 }
2176
2176
2177 }
2177 }
2178 }
2178 }
2179
2179
2180 .browser-cur-rev{
2180 .browser-cur-rev{
2181 margin-bottom: @textmargin;
2181 margin-bottom: @textmargin;
2182 }
2182 }
2183
2183
2184 #node_filter_box_loading{
2184 #node_filter_box_loading{
2185 .info_text;
2185 .info_text;
2186 }
2186 }
2187
2187
2188 .browser-search {
2188 .browser-search {
2189 margin: -25px 0px 5px 0px;
2189 margin: -25px 0px 5px 0px;
2190 }
2190 }
2191
2191
2192 .node-filter {
2192 .node-filter {
2193 font-size: @repo-title-fontsize;
2193 font-size: @repo-title-fontsize;
2194 padding: 4px 0px 0px 0px;
2194 padding: 4px 0px 0px 0px;
2195
2195
2196 .node-filter-path {
2196 .node-filter-path {
2197 float: left;
2197 float: left;
2198 color: @grey4;
2198 color: @grey4;
2199 }
2199 }
2200 .node-filter-input {
2200 .node-filter-input {
2201 float: left;
2201 float: left;
2202 margin: -2px 0px 0px 2px;
2202 margin: -2px 0px 0px 2px;
2203 input {
2203 input {
2204 padding: 2px;
2204 padding: 2px;
2205 border: none;
2205 border: none;
2206 font-size: @repo-title-fontsize;
2206 font-size: @repo-title-fontsize;
2207 }
2207 }
2208 }
2208 }
2209 }
2209 }
2210
2210
2211
2211
2212 .browser-result{
2212 .browser-result{
2213 td a{
2213 td a{
2214 margin-left: 0.5em;
2214 margin-left: 0.5em;
2215 display: inline-block;
2215 display: inline-block;
2216
2216
2217 em{
2217 em{
2218 font-family: @text-bold;
2218 font-family: @text-bold;
2219 }
2219 }
2220 }
2220 }
2221 }
2221 }
2222
2222
2223 .browser-highlight{
2223 .browser-highlight{
2224 background-color: @grey5-alpha;
2224 background-color: @grey5-alpha;
2225 }
2225 }
2226
2226
2227
2227
2228 // Search
2228 // Search
2229
2229
2230 .search-form{
2230 .search-form{
2231 #q {
2231 #q {
2232 width: @search-form-width;
2232 width: @search-form-width;
2233 }
2233 }
2234 .fields{
2234 .fields{
2235 margin: 0 0 @space;
2235 margin: 0 0 @space;
2236 }
2236 }
2237
2237
2238 label{
2238 label{
2239 display: inline-block;
2239 display: inline-block;
2240 margin-right: @textmargin;
2240 margin-right: @textmargin;
2241 padding-top: 0.25em;
2241 padding-top: 0.25em;
2242 }
2242 }
2243
2243
2244
2244
2245 .results{
2245 .results{
2246 clear: both;
2246 clear: both;
2247 margin: 0 0 @padding;
2247 margin: 0 0 @padding;
2248 }
2248 }
2249 }
2249 }
2250
2250
2251 div.search-feedback-items {
2251 div.search-feedback-items {
2252 display: inline-block;
2252 display: inline-block;
2253 padding:0px 0px 0px 96px;
2253 padding:0px 0px 0px 96px;
2254 }
2254 }
2255
2255
2256 div.search-code-body {
2256 div.search-code-body {
2257 background-color: #ffffff; padding: 5px 0 5px 10px;
2257 background-color: #ffffff; padding: 5px 0 5px 10px;
2258 pre {
2258 pre {
2259 .match { background-color: #faffa6;}
2259 .match { background-color: #faffa6;}
2260 .break { display: block; width: 100%; background-color: #DDE7EF; color: #747474; }
2260 .break { display: block; width: 100%; background-color: #DDE7EF; color: #747474; }
2261 }
2261 }
2262 }
2262 }
2263
2263
2264 .expand_commit.search {
2264 .expand_commit.search {
2265 .show_more.open {
2265 .show_more.open {
2266 height: auto;
2266 height: auto;
2267 max-height: none;
2267 max-height: none;
2268 }
2268 }
2269 }
2269 }
2270
2270
2271 .search-results {
2271 .search-results {
2272
2272
2273 h2 {
2273 h2 {
2274 margin-bottom: 0;
2274 margin-bottom: 0;
2275 }
2275 }
2276 .codeblock {
2276 .codeblock {
2277 border: none;
2277 border: none;
2278 background: transparent;
2278 background: transparent;
2279 }
2279 }
2280
2280
2281 .codeblock-header {
2281 .codeblock-header {
2282 border: none;
2282 border: none;
2283 background: transparent;
2283 background: transparent;
2284 }
2284 }
2285
2285
2286 .code-body {
2286 .code-body {
2287 border: @border-thickness solid @border-default-color;
2287 border: @border-thickness solid @border-default-color;
2288 .border-radius(@border-radius);
2288 .border-radius(@border-radius);
2289 }
2289 }
2290
2290
2291 .td-commit {
2291 .td-commit {
2292 &:extend(pre);
2292 &:extend(pre);
2293 border-bottom: @border-thickness solid @border-default-color;
2293 border-bottom: @border-thickness solid @border-default-color;
2294 }
2294 }
2295
2295
2296 .message {
2296 .message {
2297 height: auto;
2297 height: auto;
2298 max-width: 350px;
2298 max-width: 350px;
2299 white-space: normal;
2299 white-space: normal;
2300 text-overflow: initial;
2300 text-overflow: initial;
2301 overflow: visible;
2301 overflow: visible;
2302
2302
2303 .match { background-color: #faffa6;}
2303 .match { background-color: #faffa6;}
2304 .break { background-color: #DDE7EF; width: 100%; color: #747474; display: block; }
2304 .break { background-color: #DDE7EF; width: 100%; color: #747474; display: block; }
2305 }
2305 }
2306
2306
2307 }
2307 }
2308
2308
2309 table.rctable td.td-search-results div {
2309 table.rctable td.td-search-results div {
2310 max-width: 100%;
2310 max-width: 100%;
2311 }
2311 }
2312
2312
2313 #tip-box, .tip-box{
2313 #tip-box, .tip-box{
2314 padding: @menupadding/2;
2314 padding: @menupadding/2;
2315 display: block;
2315 display: block;
2316 border: @border-thickness solid @border-highlight-color;
2316 border: @border-thickness solid @border-highlight-color;
2317 .border-radius(@border-radius);
2317 .border-radius(@border-radius);
2318 background-color: white;
2318 background-color: white;
2319 z-index: 99;
2319 z-index: 99;
2320 white-space: pre-wrap;
2320 white-space: pre-wrap;
2321 }
2321 }
2322
2322
2323 #linktt {
2323 #linktt {
2324 width: 79px;
2324 width: 79px;
2325 }
2325 }
2326
2326
2327 #help_kb .modal-content{
2327 #help_kb .modal-content{
2328 max-width: 750px;
2328 max-width: 750px;
2329 margin: 10% auto;
2329 margin: 10% auto;
2330
2330
2331 table{
2331 table{
2332 td,th{
2332 td,th{
2333 border-bottom: none;
2333 border-bottom: none;
2334 line-height: 2.5em;
2334 line-height: 2.5em;
2335 }
2335 }
2336 th{
2336 th{
2337 padding-bottom: @textmargin/2;
2337 padding-bottom: @textmargin/2;
2338 }
2338 }
2339 td.keys{
2339 td.keys{
2340 text-align: center;
2340 text-align: center;
2341 }
2341 }
2342 }
2342 }
2343
2343
2344 .block-left{
2344 .block-left{
2345 width: 45%;
2345 width: 45%;
2346 margin-right: 5%;
2346 margin-right: 5%;
2347 }
2347 }
2348 .modal-footer{
2348 .modal-footer{
2349 clear: both;
2349 clear: both;
2350 }
2350 }
2351 .key.tag{
2351 .key.tag{
2352 padding: 0.5em;
2352 padding: 0.5em;
2353 background-color: @rcblue;
2353 background-color: @rcblue;
2354 color: white;
2354 color: white;
2355 border-color: @rcblue;
2355 border-color: @rcblue;
2356 .box-shadow(none);
2356 .box-shadow(none);
2357 }
2357 }
2358 }
2358 }
2359
2359
2360
2360
2361
2361
2362 //--- IMPORTS FOR REFACTORED STYLES ------------------//
2362 //--- IMPORTS FOR REFACTORED STYLES ------------------//
2363
2363
2364 @import 'statistics-graph';
2364 @import 'statistics-graph';
2365 @import 'tables';
2365 @import 'tables';
2366 @import 'forms';
2366 @import 'forms';
2367 @import 'diff';
2367 @import 'diff';
2368 @import 'summary';
2368 @import 'summary';
2369 @import 'navigation';
2369 @import 'navigation';
2370
2370
2371 //--- SHOW/HIDE SECTIONS --//
2371 //--- SHOW/HIDE SECTIONS --//
2372
2372
2373 .btn-collapse {
2373 .btn-collapse {
2374 float: right;
2374 float: right;
2375 text-align: right;
2375 text-align: right;
2376 font-family: @text-light;
2376 font-family: @text-light;
2377 font-size: @basefontsize;
2377 font-size: @basefontsize;
2378 cursor: pointer;
2378 cursor: pointer;
2379 border: none;
2379 border: none;
2380 color: @rcblue;
2380 color: @rcblue;
2381 }
2381 }
2382
2382
2383 table.rctable,
2383 table.rctable,
2384 table.dataTable {
2384 table.dataTable {
2385 .btn-collapse {
2385 .btn-collapse {
2386 float: right;
2386 float: right;
2387 text-align: right;
2387 text-align: right;
2388 }
2388 }
2389 }
2389 }
2390
2390
2391
2391
2392 // TODO: johbo: Fix for IE10, this avoids that we see a border
2392 // TODO: johbo: Fix for IE10, this avoids that we see a border
2393 // and padding around checkboxes and radio boxes. Move to the right place,
2393 // and padding around checkboxes and radio boxes. Move to the right place,
2394 // or better: Remove this once we did the form refactoring.
2394 // or better: Remove this once we did the form refactoring.
2395 input[type=checkbox],
2395 input[type=checkbox],
2396 input[type=radio] {
2396 input[type=radio] {
2397 padding: 0;
2397 padding: 0;
2398 border: none;
2398 border: none;
2399 }
2399 }
2400
2400
2401 .toggle-ajax-spinner{
2401 .toggle-ajax-spinner{
2402 height: 16px;
2402 height: 16px;
2403 width: 16px;
2403 width: 16px;
2404 }
2404 }
2405
2405
2406
2406
2407 .markup-form .clearfix {
2407 .markup-form .clearfix {
2408 .border-radius(@border-radius);
2408 .border-radius(@border-radius);
2409 margin: 0px;
2409 margin: 0px;
2410 }
2410 }
2411
2411
2412 .markup-form-area {
2412 .markup-form-area {
2413 padding: 8px 12px;
2413 padding: 8px 12px;
2414 border: 1px solid @grey4;
2414 border: 1px solid @grey4;
2415 .border-radius(@border-radius);
2415 .border-radius(@border-radius);
2416 }
2416 }
2417
2417
2418 .markup-form-area-header .nav-links {
2418 .markup-form-area-header .nav-links {
2419 display: flex;
2419 display: flex;
2420 flex-flow: row wrap;
2420 flex-flow: row wrap;
2421 -webkit-flex-flow: row wrap;
2421 -webkit-flex-flow: row wrap;
2422 width: 100%;
2422 width: 100%;
2423 }
2423 }
2424
2424
2425 .markup-form-area-footer {
2425 .markup-form-area-footer {
2426 display: flex;
2426 display: flex;
2427 }
2427 }
2428
2428
2429 .markup-form-area-footer .toolbar {
2429 .markup-form-area-footer .toolbar {
2430
2430
2431 }
2431 }
2432
2432
2433 // markup Form
2433 // markup Form
2434 div.markup-form {
2434 div.markup-form {
2435 margin-top: 20px;
2435 margin-top: 20px;
2436 }
2436 }
2437
2437
2438 .markup-form strong {
2438 .markup-form strong {
2439 display: block;
2439 display: block;
2440 margin-bottom: 15px;
2440 margin-bottom: 15px;
2441 }
2441 }
2442
2442
2443 .markup-form textarea {
2443 .markup-form textarea {
2444 width: 100%;
2444 width: 100%;
2445 height: 100px;
2445 height: 100px;
2446 font-family: 'Monaco', 'Courier', 'Courier New', monospace;
2446 font-family: 'Monaco', 'Courier', 'Courier New', monospace;
2447 }
2447 }
2448
2448
2449 form.markup-form {
2449 form.markup-form {
2450 margin-top: 10px;
2450 margin-top: 10px;
2451 margin-left: 10px;
2451 margin-left: 10px;
2452 }
2452 }
2453
2453
2454 .markup-form .comment-block-ta,
2454 .markup-form .comment-block-ta,
2455 .markup-form .preview-box {
2455 .markup-form .preview-box {
2456 .border-radius(@border-radius);
2456 .border-radius(@border-radius);
2457 .box-sizing(border-box);
2457 .box-sizing(border-box);
2458 background-color: white;
2458 background-color: white;
2459 }
2459 }
2460
2460
2461 .markup-form .preview-box.unloaded {
2461 .markup-form .preview-box.unloaded {
2462 height: 50px;
2462 height: 50px;
2463 text-align: center;
2463 text-align: center;
2464 padding: 20px;
2464 padding: 20px;
2465 background-color: white;
2465 background-color: white;
2466 }
2466 }
Show file before | Show file after | Hide comments
@@ -1,161 +1,167 b''
1 @font-face {
1 @font-face {
2 font-family: 'rcicons';
2 font-family: 'rcicons';
3 src: url('../fonts/RCIcons/rcicons.eot?74666722');
3 src: url('../fonts/RCIcons/rcicons.eot?74666722');
4 src: url('../fonts/RCIcons/rcicons.eot?74666722#iefix') format('embedded-opentype'),
4 src: url('../fonts/RCIcons/rcicons.eot?74666722#iefix') format('embedded-opentype'),
5 url('../fonts/RCIcons/rcicons.woff2?74666722') format('woff2'),
5 url('../fonts/RCIcons/rcicons.woff2?74666722') format('woff2'),
6 url('../fonts/RCIcons/rcicons.woff?74666722') format('woff'),
6 url('../fonts/RCIcons/rcicons.woff?74666722') format('woff'),
7 url('../fonts/RCIcons/rcicons.ttf?74666722') format('truetype'),
7 url('../fonts/RCIcons/rcicons.ttf?74666722') format('truetype'),
8 url('../fonts/RCIcons/rcicons.svg?74666722#rcicons') format('svg');
8 url('../fonts/RCIcons/rcicons.svg?74666722#rcicons') format('svg');
9 font-weight: normal;
9 font-weight: normal;
10 font-style: normal;
10 font-style: normal;
11 }
11 }
12 /* Chrome hack: SVG is rendered more smooth in Windozze. 100% magic, uncomment if you need it. */
12 /* Chrome hack: SVG is rendered more smooth in Windozze. 100% magic, uncomment if you need it. */
13 /* Note, that will break hinting! In other OS-es font will be not as sharp as it could be */
13 /* Note, that will break hinting! In other OS-es font will be not as sharp as it could be */
14 /*
14 /*
15 @media screen and (-webkit-min-device-pixel-ratio:0) {
15 @media screen and (-webkit-min-device-pixel-ratio:0) {
16 @font-face {
16 @font-face {
17 font-family: 'rcicons';
17 font-family: 'rcicons';
18 src: url('../fonts/RCIcons/rcicons.svg?74666722#rcicons') format('svg');
18 src: url('../fonts/RCIcons/rcicons.svg?74666722#rcicons') format('svg');
19 }
19 }
20 }
20 }
21 */
21 */
22
22
23 [class^="icon-"]:before, [class*=" icon-"]:before {
23 [class^="icon-"]:before, [class*=" icon-"]:before {
24 font-family: "rcicons";
24 font-family: "rcicons";
25 font-style: normal;
25 font-style: normal;
26 font-weight: normal;
26 font-weight: normal;
27 speak: none;
27 speak: none;
28
28
29 display: inline-block;
29 display: inline-block;
30 text-decoration: inherit;
30 text-decoration: inherit;
31 width: 1em;
31 width: 1em;
32 margin-right: .2em;
32 margin-right: .2em;
33 text-align: center;
33 text-align: center;
34 /* opacity: .8; */
34 /* opacity: .8; */
35
35
36 /* For safety - reset parent styles, that can break glyph codes*/
36 /* For safety - reset parent styles, that can break glyph codes*/
37 font-variant: normal;
37 font-variant: normal;
38 text-transform: none;
38 text-transform: none;
39
39
40 /* fix buttons height, for twitter bootstrap */
40 /* fix buttons height, for twitter bootstrap */
41 line-height: 1em;
41 line-height: 1em;
42
42
43 /* Animation center compensation - margins should be symmetric */
43 /* Animation center compensation - margins should be symmetric */
44 /* remove if not needed */
44 /* remove if not needed */
45 margin-left: .2em;
45 margin-left: .2em;
46
46
47 /* you can be more comfortable with increased icons size */
47 /* you can be more comfortable with increased icons size */
48 /* font-size: 120%; */
48 /* font-size: 120%; */
49
49
50 /* Font smoothing. That was taken from TWBS */
50 /* Font smoothing. That was taken from TWBS */
51 -webkit-font-smoothing: antialiased;
51 -webkit-font-smoothing: antialiased;
52 -moz-osx-font-smoothing: grayscale;
52 -moz-osx-font-smoothing: grayscale;
53
53
54 /* Uncomment for 3D effect */
54 /* Uncomment for 3D effect */
55 /* text-shadow: 1px 1px 1px rgba(127, 127, 127, 0.3); */
55 /* text-shadow: 1px 1px 1px rgba(127, 127, 127, 0.3); */
56 }
56 }
57
57
58 .icon-no-margin::before {
58 .icon-no-margin::before {
59 margin: 0;
59 margin: 0;
60
60
61 }
61 }
62 // -- ICON CLASSES -- //
62 // -- ICON CLASSES -- //
63
63
64 .icon-bookmark:before { content: '\e803'; } /* '' */
64 .icon-bookmark:before { content: '\e803'; } /* '' */
65 .icon-branch:before { content: '\e804'; } /* '' */
65 .icon-branch:before { content: '\e804'; } /* '' */
66 .icon-lock:before { content: '\e806'; } /* '' */
66 .icon-lock:before { content: '\e806'; } /* '' */
67 .icon-unlock:before { content: '\e807'; } /* '' */
67 .icon-unlock:before { content: '\e807'; } /* '' */
68 .icon-delete:before { content: '\e808'; } /* '' */
68 .icon-delete:before { content: '\e808'; } /* '' */
69 .icon-false:before { content: '\e808'; } /* '' */
69 .icon-false:before { content: '\e808'; } /* '' */
70
70
71 .icon-ok:before { content: '\e809'; } /* '' */
71 .icon-ok:before { content: '\e809'; } /* '' */
72 .icon-true:before { content: '\e809'; } /* '' */
72 .icon-true:before { content: '\e809'; } /* '' */
73
73
74 .icon-comment:before { content: '\e80a'; } /* '' */
74 .icon-comment:before { content: '\e80a'; } /* '' */
75 .icon-comment-add:before { content: '\e816'; } /* '' */
75 .icon-comment-add:before { content: '\e816'; } /* '' */
76 .icon-comment_toggle:before { content: '\e818'; } /* '' */
76 .icon-comment_toggle:before { content: '\e818'; } /* '' */
77
77
78 .icon-feed:before { content: '\e80b'; } /* '' */
78 .icon-feed:before { content: '\e80b'; } /* '' */
79
79
80 .icon-right:before { content: '\e80c'; } /* '' */
80 .icon-right:before { content: '\e80c'; } /* '' */
81 .icon-left:before { content: '\e80d'; } /* '' */
81 .icon-left:before { content: '\e80d'; } /* '' */
82
82
83 .icon-arrow_down:before { content: '\e80e'; } /* '' */
83 .icon-arrow_down:before { content: '\e80e'; } /* '' */
84 .icon-arrow_up:before { content: '\e80e'; } /* '' */
84 .icon-arrow_up:before { content: '\e80e'; } /* '' */
85
85
86 .icon-group:before { content: '\e812'; } /* '' */
86 .icon-group:before { content: '\e812'; } /* '' */
87
87
88 .icon-fork:before { content: '\e814'; } /* '' */
88 .icon-fork:before { content: '\e814'; } /* '' */
89 .icon-merge:before { content: '\e814'; } /* '' */
89 .icon-merge:before { content: '\e814'; } /* '' */
90
90
91 .icon-more:before { content: '\e815'; } /* '' */
91 .icon-more:before { content: '\e815'; } /* '' */
92
92
93 .icon-git-inv:before { content: '\e80f'; } /* '' */
93 .icon-git-inv:before { content: '\e80f'; } /* '' */
94 .icon-hg-inv:before { content: '\e810'; } /* '' */
94 .icon-hg-inv:before { content: '\e810'; } /* '' */
95 .icon-svn-inv:before { content: '\e811'; } /* '' */
95 .icon-svn-inv:before { content: '\e811'; } /* '' */
96
96
97 .icon-git:before { content: '\e81a'; } /* '' */
97 .icon-git:before { content: '\e81a'; } /* '' */
98 .icon-hg:before { content: '\e81b'; } /* '' */
98 .icon-hg:before { content: '\e81b'; } /* '' */
99 .icon-svn:before { content: '\e820'; } /* '' */
99 .icon-svn:before { content: '\e820'; } /* '' */
100
100
101 .icon-minus:before { content: '\e81c'; } /* '' */
101 .icon-minus:before { content: '\e81c'; } /* '' */
102 .icon-plus:before { content: '\e81d'; } /* '' */
102 .icon-plus:before { content: '\e81d'; } /* '' */
103 .icon-remove:before { content: '\e81e'; } /* '' */
103 .icon-remove:before { content: '\e81e'; } /* '' */
104 .icon-remove-sign:before { content: '\e81e'; } /* '' */
104 .icon-remove-sign:before { content: '\e81e'; } /* '' */
105
105
106 .icon-rhodecode:before { content: '\e81f'; } /* '' */
106 .icon-rhodecode:before { content: '\e81f'; } /* '' */
107
107
108 .icon-tag:before { content: '\e821'; } /* '' */
108 .icon-tag:before { content: '\e821'; } /* '' */
109 .icon-copy:before { content: '\f0c5'; } /* '' */
109 .icon-copy:before { content: '\f0c5'; } /* '' */
110 .icon-clipboard:before { content: '\f0c5'; } /* '' */
110 .icon-clipboard:before { content: '\f0c5'; } /* '' */
111
111
112
112
113 .icon-folder:before { content: '\e813'; } /* '' */
113 .icon-folder:before { content: '\e813'; } /* '' */
114 .icon-folder-close:before { content: '\e813'; } /* '' */
114 .icon-folder-close:before { content: '\e813'; } /* '' */
115
115
116 .icon-directory:before { content: '\e800'; } /* '' */
116 .icon-directory:before { content: '\e800'; } /* '' */
117 .icon-directory-empty:before { content: '\f114'; } /* '' */
117 .icon-directory-empty:before { content: '\f114'; } /* '' */
118 .icon-file-text:before { content: '\f0f6'; } /* '' */
118 .icon-file-text:before { content: '\f0f6'; } /* '' */
119 .icon-file-text-inv:before { content: '\f15c'; } /* '' */
119 .icon-file-text-inv:before { content: '\f15c'; } /* '' */
120 .icon-file-code:before { content: '\f1c9'; } /* '' */
120 .icon-file-code:before { content: '\f1c9'; } /* '' */
121
121
122 // MERGED ICONS
122 // MERGED ICONS
123
123
124 .icon-repo-private:before { &:extend(.icon-lock:before); }
124 .icon-repo-private:before { &:extend(.icon-lock:before); }
125 .icon-repo-lock:before { &:extend(.icon-lock:before); }
125 .icon-repo-lock:before { &:extend(.icon-lock:before); }
126 .icon-unlock-alt:before { &:extend(.icon-unlock:before); }
126 .icon-unlock-alt:before { &:extend(.icon-unlock:before); }
127 .icon-repo-unlock:before { &:extend(.icon-unlock:before); }
127 .icon-repo-unlock:before { &:extend(.icon-unlock:before); }
128 .icon-repo-public:before { &:extend(.icon-unlock:before); }
128 .icon-repo-public:before { &:extend(.icon-unlock:before); }
129 .icon-rss-sign:before { &:extend(.icon-feed:before); }
129 .icon-rss-sign:before { &:extend(.icon-feed:before); }
130 .icon-code-fork:before { &:extend(.icon-fork:before); }
130 .icon-code-fork:before { &:extend(.icon-fork:before); }
131
131
132 // TRANSFORM
132 // TRANSFORM
133 .icon-arrow_up:before {transform: rotate(180deg);}
133 .icon-arrow_up:before {transform: rotate(180deg);}
134 .icon-merge:before {transform: rotate(180deg);}
134 .icon-merge:before {transform: rotate(180deg);}
135
135
136 // -- END ICON CLASSES -- //
136 // -- END ICON CLASSES -- //
137
137
138
138
139 //--- ICONS STYLING ------------------//
139 //--- ICONS STYLING ------------------//
140
140
141 .icon-git { color: @color4 !important; }
141 .icon-git { color: @color4 !important; }
142 .icon-hg { color: @color8 !important; }
142 .icon-hg { color: @color8 !important; }
143 .icon-svn { color: @color1 !important; }
143 .icon-svn { color: @color1 !important; }
144 .icon-git-inv { color: @color4 !important; }
144 .icon-git-inv { color: @color4 !important; }
145 .icon-hg-inv { color: @color8 !important; }
145 .icon-hg-inv { color: @color8 !important; }
146 .icon-svn-inv { color: @color1 !important; }
146 .icon-svn-inv { color: @color1 !important; }
147 .icon-repo-lock { color: #FF0000; }
147 .icon-repo-lock { color: #FF0000; }
148 .icon-repo-unlock { color: #FF0000; }
148 .icon-repo-unlock { color: #FF0000; }
149
149
150 .repo-switcher-dropdown .select2-result-label {
150 .repo-switcher-dropdown .select2-result-label {
151 .icon-git:before {
151 .icon-git:before {
152 &:extend(.icon-git-transparent:before);
152 &:extend(.icon-git-transparent:before);
153 }
153 }
154 .icon-hg:before {
154 .icon-hg:before {
155 &:extend(.icon-hg-transparent:before);
155 &:extend(.icon-hg-transparent:before);
156 color: @alert4;
156 color: @alert4;
157 }
157 }
158 .icon-svn:before {
158 .icon-svn:before {
159 &:extend(.icon-svn-transparent:before);
159 &:extend(.icon-svn-transparent:before);
160 }
160 }
161 }
161 }
162
163 .icon-user-group:before {
164 &:extend(.icon-group:before);
165 margin: 0;
166 font-size: 16px;
167 }
Show file before | Show file after | Hide comments
@@ -1,127 +1,135 b''
1 // tags.less
1 // tags.less
2 // For use in RhodeCode applications;
2 // For use in RhodeCode applications;
3 // see style guide documentation for guidelines.
3 // see style guide documentation for guidelines.
4
4
5 // TAGS
5 // TAGS
6 .tag,
6 .tag,
7 .tagtag {
7 .tagtag {
8 display: inline-block;
8 display: inline-block;
9 min-height: 0;
9 min-height: 0;
10 margin: 0 auto;
10 margin: 0 auto;
11 padding: .25em;
11 padding: .25em;
12 text-align: center;
12 text-align: center;
13 font-size: (-1 + @basefontsize); //fit in tables
13 font-size: (-1 + @basefontsize); //fit in tables
14 line-height: .9em;
14 line-height: .9em;
15 border: none;
15 border: none;
16 .border-radius(@border-radius);
16 .border-radius(@border-radius);
17 font-family: @text-regular;
17 font-family: @text-regular;
18 background-image: none;
18 background-image: none;
19 color: @grey4;
19 color: @grey4;
20 .border ( @border-thickness-tags, @grey4 );
20 .border ( @border-thickness-tags, @grey4 );
21 white-space: nowrap;
21 white-space: nowrap;
22 a {
22 a {
23 color: inherit;
23 color: inherit;
24 text-decoration: underline;
24 text-decoration: underline;
25
25
26 i,
26 i,
27 [class^="icon-"]:before,
27 [class^="icon-"]:before,
28 [class*=" icon-"]:before {
28 [class*=" icon-"]:before {
29 text-decoration: none;
29 text-decoration: none;
30 }
30 }
31 }
31 }
32 }
32 }
33
33
34 .tag0 { .border ( @border-thickness-tags, @grey4 ); color:@grey4; }
34 .tag0 { .border ( @border-thickness-tags, @grey4 ); color:@grey4; }
35 .tag1 { .border ( @border-thickness-tags, @color1 ); color:@color1; }
35 .tag1 { .border ( @border-thickness-tags, @color1 ); color:@color1; }
36 .tag2 { .border ( @border-thickness-tags, @color2 ); color:@color2; }
36 .tag2 { .border ( @border-thickness-tags, @color2 ); color:@color2; }
37 .tag3 { .border ( @border-thickness-tags, @color3 ); color:@color3; }
37 .tag3 { .border ( @border-thickness-tags, @color3 ); color:@color3; }
38 .tag4 { .border ( @border-thickness-tags, @color4 ); color:@color4; }
38 .tag4 { .border ( @border-thickness-tags, @color4 ); color:@color4; }
39 .tag5 { .border ( @border-thickness-tags, @color5 ); color:@color5; }
39 .tag5 { .border ( @border-thickness-tags, @color5 ); color:@color5; }
40 .tag6 { .border ( @border-thickness-tags, @color6 ); color:@color6; }
40 .tag6 { .border ( @border-thickness-tags, @color6 ); color:@color6; }
41 .tag7 { .border ( @border-thickness-tags, @color7 ); color:@color7; }
41 .tag7 { .border ( @border-thickness-tags, @color7 ); color:@color7; }
42 .tag8 { .border ( @border-thickness-tags, @color8 ); color:@color8; }
42 .tag8 { .border ( @border-thickness-tags, @color8 ); color:@color8; }
43
43
44 .metatag-list {
44 .metatag-list {
45 margin: 0;
45 margin: 0;
46 padding: 0;
46 padding: 0;
47
47
48 li {
48 li {
49 margin: 0 0 @padding;
49 margin: 0 0 @padding;
50 line-height: 1em;
50 line-height: 1em;
51 list-style-type: none;
51 list-style-type: none;
52
52
53 &:before { content: none; }
53 &:before { content: none; }
54 }
54 }
55 }
55 }
56
56
57 .branchtag, .booktag {
57 .branchtag, .booktag {
58 &:extend(.tag);
58 &:extend(.tag);
59
59
60
60
61 a {
61 a {
62 color:inherit;
62 color:inherit;
63 }
63 }
64 }
64 }
65
65
66 .metatag {
66 .metatag {
67 &:extend(.tag);
67 &:extend(.tag);
68 a {
68 a {
69 color:inherit;
69 color:inherit;
70 text-decoration: underline;
70 text-decoration: underline;
71 }
71 }
72 }
72 }
73
73
74 [tag="generic"] { &:extend(.tag0); }
74 [tag="generic"] { &:extend(.tag0); }
75 [tag="label"] { &:extend(.tag0); }
75 [tag="label"] { &:extend(.tag0); }
76
76
77 [tag="state featured"] { &:extend(.tag1); }
77 [tag="state featured"] { &:extend(.tag1); }
78 [tag="state dev"] { &:extend(.tag1); }
78 [tag="state dev"] { &:extend(.tag1); }
79 [tag="ref base"] { &:extend(.tag1); }
79 [tag="ref base"] { &:extend(.tag1); }
80
80
81 [tag="state stable"] { &:extend(.tag2); }
81 [tag="state stable"] { &:extend(.tag2); }
82 [tag="state stale"] { &:extend(.tag2); }
82 [tag="state stale"] { &:extend(.tag2); }
83
83
84 [tag="ref requires"] { &:extend(.tag3); }
84 [tag="ref requires"] { &:extend(.tag3); }
85
85
86 [tag="state dead"] { &:extend(.tag4); }
86 [tag="state dead"] { &:extend(.tag4); }
87 [tag="state deprecated"] { &:extend(.tag4); }
87 [tag="state deprecated"] { &:extend(.tag4); }
88
88
89 [tag="ref conflicts"] { &:extend(.tag4); }
89 [tag="ref conflicts"] { &:extend(.tag4); }
90
90
91 [tag="license"] { &:extend(.tag6); }
91 [tag="license"] { &:extend(.tag6); }
92
92
93 [tag="lang"] { &:extend(.tag7); }
93 [tag="lang"] { &:extend(.tag7); }
94 [tag="language"] { &:extend(.tag7); }
94 [tag="language"] { &:extend(.tag7); }
95 [tag="ref recommends"] { &:extend(.tag7); }
95 [tag="ref recommends"] { &:extend(.tag7); }
96
96
97 [tag="see"] { &:extend(.tag8); }
97 [tag="see"] { &:extend(.tag8); }
98 [tag="url"] { &:extend(.tag8); }
98 [tag="url"] { &:extend(.tag8); }
99
99
100
100
101 .perm_overriden {
101 .perm_overriden {
102 text-decoration: line-through;
102 text-decoration: line-through;
103 opacity: 0.6;
103 opacity: 0.6;
104 }
104 }
105
105
106 .perm_tag {
106 .perm_tag {
107 &:extend(.tag);
107 &:extend(.tag);
108
108
109 &.read {
109 &.read {
110 &:extend(.tag1);
110 &:extend(.tag1);
111 }
111 }
112
113 &.write {
112 &.write {
114 &:extend(.tag4);
113 &:extend(.tag4);
115 }
114 }
116 &.admin {
115 &.admin {
117 &:extend(.tag5);
116 &:extend(.tag5);
118 }
117 }
118 &.merge {
119 &:extend(.tag1);
120 }
121 &.push {
122 &:extend(.tag4);
123 }
124 &.push_force {
125 &:extend(.tag5);
126 }
119 }
127 }
120
128
121 .phase-draft {
129 .phase-draft {
122 color: @color3
130 color: @color3
123 }
131 }
124
132
125 .phase-secret {
133 .phase-secret {
126 color:@grey3
134 color:@grey3
127 }
135 }
Show file before | Show file after | Hide comments
@@ -1,331 +1,334 b''
1
1
2 /******************************************************************************
2 /******************************************************************************
3 * *
3 * *
4 * DO NOT CHANGE THIS FILE MANUALLY *
4 * DO NOT CHANGE THIS FILE MANUALLY *
5 * *
5 * *
6 * *
6 * *
7 * This file is automatically generated when the app starts up with *
7 * This file is automatically generated when the app starts up with *
8 * generate_js_files = true *
8 * generate_js_files = true *
9 * *
9 * *
10 * To add a route here pass jsroute=True to the route definition in the app *
10 * To add a route here pass jsroute=True to the route definition in the app *
11 * *
11 * *
12 ******************************************************************************/
12 ******************************************************************************/
13 function registerRCRoutes() {
13 function registerRCRoutes() {
14 // routes registration
14 // routes registration
15 pyroutes.register('favicon', '/favicon.ico', []);
15 pyroutes.register('favicon', '/favicon.ico', []);
16 pyroutes.register('robots', '/robots.txt', []);
16 pyroutes.register('robots', '/robots.txt', []);
17 pyroutes.register('auth_home', '/_admin/auth*traverse', []);
17 pyroutes.register('auth_home', '/_admin/auth*traverse', []);
18 pyroutes.register('global_integrations_new', '/_admin/integrations/new', []);
18 pyroutes.register('global_integrations_new', '/_admin/integrations/new', []);
19 pyroutes.register('global_integrations_home', '/_admin/integrations', []);
19 pyroutes.register('global_integrations_home', '/_admin/integrations', []);
20 pyroutes.register('global_integrations_list', '/_admin/integrations/%(integration)s', ['integration']);
20 pyroutes.register('global_integrations_list', '/_admin/integrations/%(integration)s', ['integration']);
21 pyroutes.register('global_integrations_create', '/_admin/integrations/%(integration)s/new', ['integration']);
21 pyroutes.register('global_integrations_create', '/_admin/integrations/%(integration)s/new', ['integration']);
22 pyroutes.register('global_integrations_edit', '/_admin/integrations/%(integration)s/%(integration_id)s', ['integration', 'integration_id']);
22 pyroutes.register('global_integrations_edit', '/_admin/integrations/%(integration)s/%(integration_id)s', ['integration', 'integration_id']);
23 pyroutes.register('repo_group_integrations_home', '/%(repo_group_name)s/_settings/integrations', ['repo_group_name']);
23 pyroutes.register('repo_group_integrations_home', '/%(repo_group_name)s/_settings/integrations', ['repo_group_name']);
24 pyroutes.register('repo_group_integrations_new', '/%(repo_group_name)s/_settings/integrations/new', ['repo_group_name']);
24 pyroutes.register('repo_group_integrations_new', '/%(repo_group_name)s/_settings/integrations/new', ['repo_group_name']);
25 pyroutes.register('repo_group_integrations_list', '/%(repo_group_name)s/_settings/integrations/%(integration)s', ['repo_group_name', 'integration']);
25 pyroutes.register('repo_group_integrations_list', '/%(repo_group_name)s/_settings/integrations/%(integration)s', ['repo_group_name', 'integration']);
26 pyroutes.register('repo_group_integrations_create', '/%(repo_group_name)s/_settings/integrations/%(integration)s/new', ['repo_group_name', 'integration']);
26 pyroutes.register('repo_group_integrations_create', '/%(repo_group_name)s/_settings/integrations/%(integration)s/new', ['repo_group_name', 'integration']);
27 pyroutes.register('repo_group_integrations_edit', '/%(repo_group_name)s/_settings/integrations/%(integration)s/%(integration_id)s', ['repo_group_name', 'integration', 'integration_id']);
27 pyroutes.register('repo_group_integrations_edit', '/%(repo_group_name)s/_settings/integrations/%(integration)s/%(integration_id)s', ['repo_group_name', 'integration', 'integration_id']);
28 pyroutes.register('repo_integrations_home', '/%(repo_name)s/settings/integrations', ['repo_name']);
28 pyroutes.register('repo_integrations_home', '/%(repo_name)s/settings/integrations', ['repo_name']);
29 pyroutes.register('repo_integrations_new', '/%(repo_name)s/settings/integrations/new', ['repo_name']);
29 pyroutes.register('repo_integrations_new', '/%(repo_name)s/settings/integrations/new', ['repo_name']);
30 pyroutes.register('repo_integrations_list', '/%(repo_name)s/settings/integrations/%(integration)s', ['repo_name', 'integration']);
30 pyroutes.register('repo_integrations_list', '/%(repo_name)s/settings/integrations/%(integration)s', ['repo_name', 'integration']);
31 pyroutes.register('repo_integrations_create', '/%(repo_name)s/settings/integrations/%(integration)s/new', ['repo_name', 'integration']);
31 pyroutes.register('repo_integrations_create', '/%(repo_name)s/settings/integrations/%(integration)s/new', ['repo_name', 'integration']);
32 pyroutes.register('repo_integrations_edit', '/%(repo_name)s/settings/integrations/%(integration)s/%(integration_id)s', ['repo_name', 'integration', 'integration_id']);
32 pyroutes.register('repo_integrations_edit', '/%(repo_name)s/settings/integrations/%(integration)s/%(integration_id)s', ['repo_name', 'integration', 'integration_id']);
33 pyroutes.register('ops_ping', '/_admin/ops/ping', []);
33 pyroutes.register('ops_ping', '/_admin/ops/ping', []);
34 pyroutes.register('ops_error_test', '/_admin/ops/error', []);
34 pyroutes.register('ops_error_test', '/_admin/ops/error', []);
35 pyroutes.register('ops_redirect_test', '/_admin/ops/redirect', []);
35 pyroutes.register('ops_redirect_test', '/_admin/ops/redirect', []);
36 pyroutes.register('ops_ping_legacy', '/_admin/ping', []);
36 pyroutes.register('ops_ping_legacy', '/_admin/ping', []);
37 pyroutes.register('ops_error_test_legacy', '/_admin/error_test', []);
37 pyroutes.register('ops_error_test_legacy', '/_admin/error_test', []);
38 pyroutes.register('admin_home', '/_admin', []);
38 pyroutes.register('admin_home', '/_admin', []);
39 pyroutes.register('admin_audit_logs', '/_admin/audit_logs', []);
39 pyroutes.register('admin_audit_logs', '/_admin/audit_logs', []);
40 pyroutes.register('admin_audit_log_entry', '/_admin/audit_logs/%(audit_log_id)s', ['audit_log_id']);
40 pyroutes.register('admin_audit_log_entry', '/_admin/audit_logs/%(audit_log_id)s', ['audit_log_id']);
41 pyroutes.register('pull_requests_global_0', '/_admin/pull_requests/%(pull_request_id)s', ['pull_request_id']);
41 pyroutes.register('pull_requests_global_0', '/_admin/pull_requests/%(pull_request_id)s', ['pull_request_id']);
42 pyroutes.register('pull_requests_global_1', '/_admin/pull-requests/%(pull_request_id)s', ['pull_request_id']);
42 pyroutes.register('pull_requests_global_1', '/_admin/pull-requests/%(pull_request_id)s', ['pull_request_id']);
43 pyroutes.register('pull_requests_global', '/_admin/pull-request/%(pull_request_id)s', ['pull_request_id']);
43 pyroutes.register('pull_requests_global', '/_admin/pull-request/%(pull_request_id)s', ['pull_request_id']);
44 pyroutes.register('admin_settings_open_source', '/_admin/settings/open_source', []);
44 pyroutes.register('admin_settings_open_source', '/_admin/settings/open_source', []);
45 pyroutes.register('admin_settings_vcs_svn_generate_cfg', '/_admin/settings/vcs/svn_generate_cfg', []);
45 pyroutes.register('admin_settings_vcs_svn_generate_cfg', '/_admin/settings/vcs/svn_generate_cfg', []);
46 pyroutes.register('admin_settings_system', '/_admin/settings/system', []);
46 pyroutes.register('admin_settings_system', '/_admin/settings/system', []);
47 pyroutes.register('admin_settings_system_update', '/_admin/settings/system/updates', []);
47 pyroutes.register('admin_settings_system_update', '/_admin/settings/system/updates', []);
48 pyroutes.register('admin_settings_exception_tracker', '/_admin/settings/exceptions', []);
48 pyroutes.register('admin_settings_exception_tracker', '/_admin/settings/exceptions', []);
49 pyroutes.register('admin_settings_exception_tracker_delete_all', '/_admin/settings/exceptions/delete', []);
49 pyroutes.register('admin_settings_exception_tracker_delete_all', '/_admin/settings/exceptions/delete', []);
50 pyroutes.register('admin_settings_exception_tracker_show', '/_admin/settings/exceptions/%(exception_id)s', ['exception_id']);
50 pyroutes.register('admin_settings_exception_tracker_show', '/_admin/settings/exceptions/%(exception_id)s', ['exception_id']);
51 pyroutes.register('admin_settings_exception_tracker_delete', '/_admin/settings/exceptions/%(exception_id)s/delete', ['exception_id']);
51 pyroutes.register('admin_settings_exception_tracker_delete', '/_admin/settings/exceptions/%(exception_id)s/delete', ['exception_id']);
52 pyroutes.register('admin_settings_sessions', '/_admin/settings/sessions', []);
52 pyroutes.register('admin_settings_sessions', '/_admin/settings/sessions', []);
53 pyroutes.register('admin_settings_sessions_cleanup', '/_admin/settings/sessions/cleanup', []);
53 pyroutes.register('admin_settings_sessions_cleanup', '/_admin/settings/sessions/cleanup', []);
54 pyroutes.register('admin_settings_process_management', '/_admin/settings/process_management', []);
54 pyroutes.register('admin_settings_process_management', '/_admin/settings/process_management', []);
55 pyroutes.register('admin_settings_process_management_data', '/_admin/settings/process_management/data', []);
55 pyroutes.register('admin_settings_process_management_data', '/_admin/settings/process_management/data', []);
56 pyroutes.register('admin_settings_process_management_signal', '/_admin/settings/process_management/signal', []);
56 pyroutes.register('admin_settings_process_management_signal', '/_admin/settings/process_management/signal', []);
57 pyroutes.register('admin_settings_process_management_master_signal', '/_admin/settings/process_management/master_signal', []);
57 pyroutes.register('admin_settings_process_management_master_signal', '/_admin/settings/process_management/master_signal', []);
58 pyroutes.register('admin_defaults_repositories', '/_admin/defaults/repositories', []);
58 pyroutes.register('admin_defaults_repositories', '/_admin/defaults/repositories', []);
59 pyroutes.register('admin_defaults_repositories_update', '/_admin/defaults/repositories/update', []);
59 pyroutes.register('admin_defaults_repositories_update', '/_admin/defaults/repositories/update', []);
60 pyroutes.register('admin_settings', '/_admin/settings', []);
60 pyroutes.register('admin_settings', '/_admin/settings', []);
61 pyroutes.register('admin_settings_update', '/_admin/settings/update', []);
61 pyroutes.register('admin_settings_update', '/_admin/settings/update', []);
62 pyroutes.register('admin_settings_global', '/_admin/settings/global', []);
62 pyroutes.register('admin_settings_global', '/_admin/settings/global', []);
63 pyroutes.register('admin_settings_global_update', '/_admin/settings/global/update', []);
63 pyroutes.register('admin_settings_global_update', '/_admin/settings/global/update', []);
64 pyroutes.register('admin_settings_vcs', '/_admin/settings/vcs', []);
64 pyroutes.register('admin_settings_vcs', '/_admin/settings/vcs', []);
65 pyroutes.register('admin_settings_vcs_update', '/_admin/settings/vcs/update', []);
65 pyroutes.register('admin_settings_vcs_update', '/_admin/settings/vcs/update', []);
66 pyroutes.register('admin_settings_vcs_svn_pattern_delete', '/_admin/settings/vcs/svn_pattern_delete', []);
66 pyroutes.register('admin_settings_vcs_svn_pattern_delete', '/_admin/settings/vcs/svn_pattern_delete', []);
67 pyroutes.register('admin_settings_mapping', '/_admin/settings/mapping', []);
67 pyroutes.register('admin_settings_mapping', '/_admin/settings/mapping', []);
68 pyroutes.register('admin_settings_mapping_update', '/_admin/settings/mapping/update', []);
68 pyroutes.register('admin_settings_mapping_update', '/_admin/settings/mapping/update', []);
69 pyroutes.register('admin_settings_visual', '/_admin/settings/visual', []);
69 pyroutes.register('admin_settings_visual', '/_admin/settings/visual', []);
70 pyroutes.register('admin_settings_visual_update', '/_admin/settings/visual/update', []);
70 pyroutes.register('admin_settings_visual_update', '/_admin/settings/visual/update', []);
71 pyroutes.register('admin_settings_issuetracker', '/_admin/settings/issue-tracker', []);
71 pyroutes.register('admin_settings_issuetracker', '/_admin/settings/issue-tracker', []);
72 pyroutes.register('admin_settings_issuetracker_update', '/_admin/settings/issue-tracker/update', []);
72 pyroutes.register('admin_settings_issuetracker_update', '/_admin/settings/issue-tracker/update', []);
73 pyroutes.register('admin_settings_issuetracker_test', '/_admin/settings/issue-tracker/test', []);
73 pyroutes.register('admin_settings_issuetracker_test', '/_admin/settings/issue-tracker/test', []);
74 pyroutes.register('admin_settings_issuetracker_delete', '/_admin/settings/issue-tracker/delete', []);
74 pyroutes.register('admin_settings_issuetracker_delete', '/_admin/settings/issue-tracker/delete', []);
75 pyroutes.register('admin_settings_email', '/_admin/settings/email', []);
75 pyroutes.register('admin_settings_email', '/_admin/settings/email', []);
76 pyroutes.register('admin_settings_email_update', '/_admin/settings/email/update', []);
76 pyroutes.register('admin_settings_email_update', '/_admin/settings/email/update', []);
77 pyroutes.register('admin_settings_hooks', '/_admin/settings/hooks', []);
77 pyroutes.register('admin_settings_hooks', '/_admin/settings/hooks', []);
78 pyroutes.register('admin_settings_hooks_update', '/_admin/settings/hooks/update', []);
78 pyroutes.register('admin_settings_hooks_update', '/_admin/settings/hooks/update', []);
79 pyroutes.register('admin_settings_hooks_delete', '/_admin/settings/hooks/delete', []);
79 pyroutes.register('admin_settings_hooks_delete', '/_admin/settings/hooks/delete', []);
80 pyroutes.register('admin_settings_search', '/_admin/settings/search', []);
80 pyroutes.register('admin_settings_search', '/_admin/settings/search', []);
81 pyroutes.register('admin_settings_labs', '/_admin/settings/labs', []);
81 pyroutes.register('admin_settings_labs', '/_admin/settings/labs', []);
82 pyroutes.register('admin_settings_labs_update', '/_admin/settings/labs/update', []);
82 pyroutes.register('admin_settings_labs_update', '/_admin/settings/labs/update', []);
83 pyroutes.register('admin_settings_automation', '/_admin/_admin/settings/automation', []);
83 pyroutes.register('admin_settings_automation', '/_admin/_admin/settings/automation', []);
84 pyroutes.register('admin_permissions_application', '/_admin/permissions/application', []);
84 pyroutes.register('admin_permissions_application', '/_admin/permissions/application', []);
85 pyroutes.register('admin_permissions_application_update', '/_admin/permissions/application/update', []);
85 pyroutes.register('admin_permissions_application_update', '/_admin/permissions/application/update', []);
86 pyroutes.register('admin_permissions_global', '/_admin/permissions/global', []);
86 pyroutes.register('admin_permissions_global', '/_admin/permissions/global', []);
87 pyroutes.register('admin_permissions_global_update', '/_admin/permissions/global/update', []);
87 pyroutes.register('admin_permissions_global_update', '/_admin/permissions/global/update', []);
88 pyroutes.register('admin_permissions_object', '/_admin/permissions/object', []);
88 pyroutes.register('admin_permissions_object', '/_admin/permissions/object', []);
89 pyroutes.register('admin_permissions_object_update', '/_admin/permissions/object/update', []);
89 pyroutes.register('admin_permissions_object_update', '/_admin/permissions/object/update', []);
90 pyroutes.register('admin_permissions_branch', '/_admin/permissions/branch', []);
90 pyroutes.register('admin_permissions_ips', '/_admin/permissions/ips', []);
91 pyroutes.register('admin_permissions_ips', '/_admin/permissions/ips', []);
91 pyroutes.register('admin_permissions_overview', '/_admin/permissions/overview', []);
92 pyroutes.register('admin_permissions_overview', '/_admin/permissions/overview', []);
92 pyroutes.register('admin_permissions_auth_token_access', '/_admin/permissions/auth_token_access', []);
93 pyroutes.register('admin_permissions_auth_token_access', '/_admin/permissions/auth_token_access', []);
93 pyroutes.register('admin_permissions_ssh_keys', '/_admin/permissions/ssh_keys', []);
94 pyroutes.register('admin_permissions_ssh_keys', '/_admin/permissions/ssh_keys', []);
94 pyroutes.register('admin_permissions_ssh_keys_data', '/_admin/permissions/ssh_keys/data', []);
95 pyroutes.register('admin_permissions_ssh_keys_data', '/_admin/permissions/ssh_keys/data', []);
95 pyroutes.register('admin_permissions_ssh_keys_update', '/_admin/permissions/ssh_keys/update', []);
96 pyroutes.register('admin_permissions_ssh_keys_update', '/_admin/permissions/ssh_keys/update', []);
96 pyroutes.register('users', '/_admin/users', []);
97 pyroutes.register('users', '/_admin/users', []);
97 pyroutes.register('users_data', '/_admin/users_data', []);
98 pyroutes.register('users_data', '/_admin/users_data', []);
98 pyroutes.register('users_create', '/_admin/users/create', []);
99 pyroutes.register('users_create', '/_admin/users/create', []);
99 pyroutes.register('users_new', '/_admin/users/new', []);
100 pyroutes.register('users_new', '/_admin/users/new', []);
100 pyroutes.register('user_edit', '/_admin/users/%(user_id)s/edit', ['user_id']);
101 pyroutes.register('user_edit', '/_admin/users/%(user_id)s/edit', ['user_id']);
101 pyroutes.register('user_edit_advanced', '/_admin/users/%(user_id)s/edit/advanced', ['user_id']);
102 pyroutes.register('user_edit_advanced', '/_admin/users/%(user_id)s/edit/advanced', ['user_id']);
102 pyroutes.register('user_edit_global_perms', '/_admin/users/%(user_id)s/edit/global_permissions', ['user_id']);
103 pyroutes.register('user_edit_global_perms', '/_admin/users/%(user_id)s/edit/global_permissions', ['user_id']);
103 pyroutes.register('user_edit_global_perms_update', '/_admin/users/%(user_id)s/edit/global_permissions/update', ['user_id']);
104 pyroutes.register('user_edit_global_perms_update', '/_admin/users/%(user_id)s/edit/global_permissions/update', ['user_id']);
104 pyroutes.register('user_update', '/_admin/users/%(user_id)s/update', ['user_id']);
105 pyroutes.register('user_update', '/_admin/users/%(user_id)s/update', ['user_id']);
105 pyroutes.register('user_delete', '/_admin/users/%(user_id)s/delete', ['user_id']);
106 pyroutes.register('user_delete', '/_admin/users/%(user_id)s/delete', ['user_id']);
106 pyroutes.register('user_force_password_reset', '/_admin/users/%(user_id)s/password_reset', ['user_id']);
107 pyroutes.register('user_force_password_reset', '/_admin/users/%(user_id)s/password_reset', ['user_id']);
107 pyroutes.register('user_create_personal_repo_group', '/_admin/users/%(user_id)s/create_repo_group', ['user_id']);
108 pyroutes.register('user_create_personal_repo_group', '/_admin/users/%(user_id)s/create_repo_group', ['user_id']);
108 pyroutes.register('edit_user_auth_tokens', '/_admin/users/%(user_id)s/edit/auth_tokens', ['user_id']);
109 pyroutes.register('edit_user_auth_tokens', '/_admin/users/%(user_id)s/edit/auth_tokens', ['user_id']);
109 pyroutes.register('edit_user_auth_tokens_add', '/_admin/users/%(user_id)s/edit/auth_tokens/new', ['user_id']);
110 pyroutes.register('edit_user_auth_tokens_add', '/_admin/users/%(user_id)s/edit/auth_tokens/new', ['user_id']);
110 pyroutes.register('edit_user_auth_tokens_delete', '/_admin/users/%(user_id)s/edit/auth_tokens/delete', ['user_id']);
111 pyroutes.register('edit_user_auth_tokens_delete', '/_admin/users/%(user_id)s/edit/auth_tokens/delete', ['user_id']);
111 pyroutes.register('edit_user_ssh_keys', '/_admin/users/%(user_id)s/edit/ssh_keys', ['user_id']);
112 pyroutes.register('edit_user_ssh_keys', '/_admin/users/%(user_id)s/edit/ssh_keys', ['user_id']);
112 pyroutes.register('edit_user_ssh_keys_generate_keypair', '/_admin/users/%(user_id)s/edit/ssh_keys/generate', ['user_id']);
113 pyroutes.register('edit_user_ssh_keys_generate_keypair', '/_admin/users/%(user_id)s/edit/ssh_keys/generate', ['user_id']);
113 pyroutes.register('edit_user_ssh_keys_add', '/_admin/users/%(user_id)s/edit/ssh_keys/new', ['user_id']);
114 pyroutes.register('edit_user_ssh_keys_add', '/_admin/users/%(user_id)s/edit/ssh_keys/new', ['user_id']);
114 pyroutes.register('edit_user_ssh_keys_delete', '/_admin/users/%(user_id)s/edit/ssh_keys/delete', ['user_id']);
115 pyroutes.register('edit_user_ssh_keys_delete', '/_admin/users/%(user_id)s/edit/ssh_keys/delete', ['user_id']);
115 pyroutes.register('edit_user_emails', '/_admin/users/%(user_id)s/edit/emails', ['user_id']);
116 pyroutes.register('edit_user_emails', '/_admin/users/%(user_id)s/edit/emails', ['user_id']);
116 pyroutes.register('edit_user_emails_add', '/_admin/users/%(user_id)s/edit/emails/new', ['user_id']);
117 pyroutes.register('edit_user_emails_add', '/_admin/users/%(user_id)s/edit/emails/new', ['user_id']);
117 pyroutes.register('edit_user_emails_delete', '/_admin/users/%(user_id)s/edit/emails/delete', ['user_id']);
118 pyroutes.register('edit_user_emails_delete', '/_admin/users/%(user_id)s/edit/emails/delete', ['user_id']);
118 pyroutes.register('edit_user_ips', '/_admin/users/%(user_id)s/edit/ips', ['user_id']);
119 pyroutes.register('edit_user_ips', '/_admin/users/%(user_id)s/edit/ips', ['user_id']);
119 pyroutes.register('edit_user_ips_add', '/_admin/users/%(user_id)s/edit/ips/new', ['user_id']);
120 pyroutes.register('edit_user_ips_add', '/_admin/users/%(user_id)s/edit/ips/new', ['user_id']);
120 pyroutes.register('edit_user_ips_delete', '/_admin/users/%(user_id)s/edit/ips/delete', ['user_id']);
121 pyroutes.register('edit_user_ips_delete', '/_admin/users/%(user_id)s/edit/ips/delete', ['user_id']);
121 pyroutes.register('edit_user_perms_summary', '/_admin/users/%(user_id)s/edit/permissions_summary', ['user_id']);
122 pyroutes.register('edit_user_perms_summary', '/_admin/users/%(user_id)s/edit/permissions_summary', ['user_id']);
122 pyroutes.register('edit_user_perms_summary_json', '/_admin/users/%(user_id)s/edit/permissions_summary/json', ['user_id']);
123 pyroutes.register('edit_user_perms_summary_json', '/_admin/users/%(user_id)s/edit/permissions_summary/json', ['user_id']);
123 pyroutes.register('edit_user_groups_management', '/_admin/users/%(user_id)s/edit/groups_management', ['user_id']);
124 pyroutes.register('edit_user_groups_management', '/_admin/users/%(user_id)s/edit/groups_management', ['user_id']);
124 pyroutes.register('edit_user_groups_management_updates', '/_admin/users/%(user_id)s/edit/edit_user_groups_management/updates', ['user_id']);
125 pyroutes.register('edit_user_groups_management_updates', '/_admin/users/%(user_id)s/edit/edit_user_groups_management/updates', ['user_id']);
125 pyroutes.register('edit_user_audit_logs', '/_admin/users/%(user_id)s/edit/audit', ['user_id']);
126 pyroutes.register('edit_user_audit_logs', '/_admin/users/%(user_id)s/edit/audit', ['user_id']);
126 pyroutes.register('edit_user_caches', '/_admin/users/%(user_id)s/edit/caches', ['user_id']);
127 pyroutes.register('edit_user_caches', '/_admin/users/%(user_id)s/edit/caches', ['user_id']);
127 pyroutes.register('edit_user_caches_update', '/_admin/users/%(user_id)s/edit/caches/update', ['user_id']);
128 pyroutes.register('edit_user_caches_update', '/_admin/users/%(user_id)s/edit/caches/update', ['user_id']);
128 pyroutes.register('user_groups', '/_admin/user_groups', []);
129 pyroutes.register('user_groups', '/_admin/user_groups', []);
129 pyroutes.register('user_groups_data', '/_admin/user_groups_data', []);
130 pyroutes.register('user_groups_data', '/_admin/user_groups_data', []);
130 pyroutes.register('user_groups_new', '/_admin/user_groups/new', []);
131 pyroutes.register('user_groups_new', '/_admin/user_groups/new', []);
131 pyroutes.register('user_groups_create', '/_admin/user_groups/create', []);
132 pyroutes.register('user_groups_create', '/_admin/user_groups/create', []);
132 pyroutes.register('repos', '/_admin/repos', []);
133 pyroutes.register('repos', '/_admin/repos', []);
133 pyroutes.register('repo_new', '/_admin/repos/new', []);
134 pyroutes.register('repo_new', '/_admin/repos/new', []);
134 pyroutes.register('repo_create', '/_admin/repos/create', []);
135 pyroutes.register('repo_create', '/_admin/repos/create', []);
135 pyroutes.register('repo_groups', '/_admin/repo_groups', []);
136 pyroutes.register('repo_groups', '/_admin/repo_groups', []);
136 pyroutes.register('repo_group_new', '/_admin/repo_group/new', []);
137 pyroutes.register('repo_group_new', '/_admin/repo_group/new', []);
137 pyroutes.register('repo_group_create', '/_admin/repo_group/create', []);
138 pyroutes.register('repo_group_create', '/_admin/repo_group/create', []);
138 pyroutes.register('channelstream_connect', '/_admin/channelstream/connect', []);
139 pyroutes.register('channelstream_connect', '/_admin/channelstream/connect', []);
139 pyroutes.register('channelstream_subscribe', '/_admin/channelstream/subscribe', []);
140 pyroutes.register('channelstream_subscribe', '/_admin/channelstream/subscribe', []);
140 pyroutes.register('channelstream_proxy', '/_channelstream', []);
141 pyroutes.register('channelstream_proxy', '/_channelstream', []);
141 pyroutes.register('login', '/_admin/login', []);
142 pyroutes.register('login', '/_admin/login', []);
142 pyroutes.register('logout', '/_admin/logout', []);
143 pyroutes.register('logout', '/_admin/logout', []);
143 pyroutes.register('register', '/_admin/register', []);
144 pyroutes.register('register', '/_admin/register', []);
144 pyroutes.register('reset_password', '/_admin/password_reset', []);
145 pyroutes.register('reset_password', '/_admin/password_reset', []);
145 pyroutes.register('reset_password_confirmation', '/_admin/password_reset_confirmation', []);
146 pyroutes.register('reset_password_confirmation', '/_admin/password_reset_confirmation', []);
146 pyroutes.register('home', '/', []);
147 pyroutes.register('home', '/', []);
147 pyroutes.register('user_autocomplete_data', '/_users', []);
148 pyroutes.register('user_autocomplete_data', '/_users', []);
148 pyroutes.register('user_group_autocomplete_data', '/_user_groups', []);
149 pyroutes.register('user_group_autocomplete_data', '/_user_groups', []);
149 pyroutes.register('repo_list_data', '/_repos', []);
150 pyroutes.register('repo_list_data', '/_repos', []);
150 pyroutes.register('goto_switcher_data', '/_goto_data', []);
151 pyroutes.register('goto_switcher_data', '/_goto_data', []);
151 pyroutes.register('markup_preview', '/_markup_preview', []);
152 pyroutes.register('markup_preview', '/_markup_preview', []);
152 pyroutes.register('journal', '/_admin/journal', []);
153 pyroutes.register('journal', '/_admin/journal', []);
153 pyroutes.register('journal_rss', '/_admin/journal/rss', []);
154 pyroutes.register('journal_rss', '/_admin/journal/rss', []);
154 pyroutes.register('journal_atom', '/_admin/journal/atom', []);
155 pyroutes.register('journal_atom', '/_admin/journal/atom', []);
155 pyroutes.register('journal_public', '/_admin/public_journal', []);
156 pyroutes.register('journal_public', '/_admin/public_journal', []);
156 pyroutes.register('journal_public_atom', '/_admin/public_journal/atom', []);
157 pyroutes.register('journal_public_atom', '/_admin/public_journal/atom', []);
157 pyroutes.register('journal_public_atom_old', '/_admin/public_journal_atom', []);
158 pyroutes.register('journal_public_atom_old', '/_admin/public_journal_atom', []);
158 pyroutes.register('journal_public_rss', '/_admin/public_journal/rss', []);
159 pyroutes.register('journal_public_rss', '/_admin/public_journal/rss', []);
159 pyroutes.register('journal_public_rss_old', '/_admin/public_journal_rss', []);
160 pyroutes.register('journal_public_rss_old', '/_admin/public_journal_rss', []);
160 pyroutes.register('toggle_following', '/_admin/toggle_following', []);
161 pyroutes.register('toggle_following', '/_admin/toggle_following', []);
161 pyroutes.register('repo_creating', '/%(repo_name)s/repo_creating', ['repo_name']);
162 pyroutes.register('repo_creating', '/%(repo_name)s/repo_creating', ['repo_name']);
162 pyroutes.register('repo_creating_check', '/%(repo_name)s/repo_creating_check', ['repo_name']);
163 pyroutes.register('repo_creating_check', '/%(repo_name)s/repo_creating_check', ['repo_name']);
163 pyroutes.register('repo_summary_explicit', '/%(repo_name)s/summary', ['repo_name']);
164 pyroutes.register('repo_summary_explicit', '/%(repo_name)s/summary', ['repo_name']);
164 pyroutes.register('repo_summary_commits', '/%(repo_name)s/summary-commits', ['repo_name']);
165 pyroutes.register('repo_summary_commits', '/%(repo_name)s/summary-commits', ['repo_name']);
165 pyroutes.register('repo_commit', '/%(repo_name)s/changeset/%(commit_id)s', ['repo_name', 'commit_id']);
166 pyroutes.register('repo_commit', '/%(repo_name)s/changeset/%(commit_id)s', ['repo_name', 'commit_id']);
166 pyroutes.register('repo_commit_children', '/%(repo_name)s/changeset_children/%(commit_id)s', ['repo_name', 'commit_id']);
167 pyroutes.register('repo_commit_children', '/%(repo_name)s/changeset_children/%(commit_id)s', ['repo_name', 'commit_id']);
167 pyroutes.register('repo_commit_parents', '/%(repo_name)s/changeset_parents/%(commit_id)s', ['repo_name', 'commit_id']);
168 pyroutes.register('repo_commit_parents', '/%(repo_name)s/changeset_parents/%(commit_id)s', ['repo_name', 'commit_id']);
168 pyroutes.register('repo_commit_raw', '/%(repo_name)s/changeset-diff/%(commit_id)s', ['repo_name', 'commit_id']);
169 pyroutes.register('repo_commit_raw', '/%(repo_name)s/changeset-diff/%(commit_id)s', ['repo_name', 'commit_id']);
169 pyroutes.register('repo_commit_patch', '/%(repo_name)s/changeset-patch/%(commit_id)s', ['repo_name', 'commit_id']);
170 pyroutes.register('repo_commit_patch', '/%(repo_name)s/changeset-patch/%(commit_id)s', ['repo_name', 'commit_id']);
170 pyroutes.register('repo_commit_download', '/%(repo_name)s/changeset-download/%(commit_id)s', ['repo_name', 'commit_id']);
171 pyroutes.register('repo_commit_download', '/%(repo_name)s/changeset-download/%(commit_id)s', ['repo_name', 'commit_id']);
171 pyroutes.register('repo_commit_data', '/%(repo_name)s/changeset-data/%(commit_id)s', ['repo_name', 'commit_id']);
172 pyroutes.register('repo_commit_data', '/%(repo_name)s/changeset-data/%(commit_id)s', ['repo_name', 'commit_id']);
172 pyroutes.register('repo_commit_comment_create', '/%(repo_name)s/changeset/%(commit_id)s/comment/create', ['repo_name', 'commit_id']);
173 pyroutes.register('repo_commit_comment_create', '/%(repo_name)s/changeset/%(commit_id)s/comment/create', ['repo_name', 'commit_id']);
173 pyroutes.register('repo_commit_comment_preview', '/%(repo_name)s/changeset/%(commit_id)s/comment/preview', ['repo_name', 'commit_id']);
174 pyroutes.register('repo_commit_comment_preview', '/%(repo_name)s/changeset/%(commit_id)s/comment/preview', ['repo_name', 'commit_id']);
174 pyroutes.register('repo_commit_comment_delete', '/%(repo_name)s/changeset/%(commit_id)s/comment/%(comment_id)s/delete', ['repo_name', 'commit_id', 'comment_id']);
175 pyroutes.register('repo_commit_comment_delete', '/%(repo_name)s/changeset/%(commit_id)s/comment/%(comment_id)s/delete', ['repo_name', 'commit_id', 'comment_id']);
175 pyroutes.register('repo_commit_raw_deprecated', '/%(repo_name)s/raw-changeset/%(commit_id)s', ['repo_name', 'commit_id']);
176 pyroutes.register('repo_commit_raw_deprecated', '/%(repo_name)s/raw-changeset/%(commit_id)s', ['repo_name', 'commit_id']);
176 pyroutes.register('repo_archivefile', '/%(repo_name)s/archive/%(fname)s', ['repo_name', 'fname']);
177 pyroutes.register('repo_archivefile', '/%(repo_name)s/archive/%(fname)s', ['repo_name', 'fname']);
177 pyroutes.register('repo_files_diff', '/%(repo_name)s/diff/%(f_path)s', ['repo_name', 'f_path']);
178 pyroutes.register('repo_files_diff', '/%(repo_name)s/diff/%(f_path)s', ['repo_name', 'f_path']);
178 pyroutes.register('repo_files_diff_2way_redirect', '/%(repo_name)s/diff-2way/%(f_path)s', ['repo_name', 'f_path']);
179 pyroutes.register('repo_files_diff_2way_redirect', '/%(repo_name)s/diff-2way/%(f_path)s', ['repo_name', 'f_path']);
179 pyroutes.register('repo_files', '/%(repo_name)s/files/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
180 pyroutes.register('repo_files', '/%(repo_name)s/files/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
180 pyroutes.register('repo_files:default_path', '/%(repo_name)s/files/%(commit_id)s/', ['repo_name', 'commit_id']);
181 pyroutes.register('repo_files:default_path', '/%(repo_name)s/files/%(commit_id)s/', ['repo_name', 'commit_id']);
181 pyroutes.register('repo_files:default_commit', '/%(repo_name)s/files', ['repo_name']);
182 pyroutes.register('repo_files:default_commit', '/%(repo_name)s/files', ['repo_name']);
182 pyroutes.register('repo_files:rendered', '/%(repo_name)s/render/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
183 pyroutes.register('repo_files:rendered', '/%(repo_name)s/render/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
183 pyroutes.register('repo_files:annotated', '/%(repo_name)s/annotate/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
184 pyroutes.register('repo_files:annotated', '/%(repo_name)s/annotate/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
184 pyroutes.register('repo_files:annotated_previous', '/%(repo_name)s/annotate-previous/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
185 pyroutes.register('repo_files:annotated_previous', '/%(repo_name)s/annotate-previous/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
185 pyroutes.register('repo_nodetree_full', '/%(repo_name)s/nodetree_full/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
186 pyroutes.register('repo_nodetree_full', '/%(repo_name)s/nodetree_full/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
186 pyroutes.register('repo_nodetree_full:default_path', '/%(repo_name)s/nodetree_full/%(commit_id)s/', ['repo_name', 'commit_id']);
187 pyroutes.register('repo_nodetree_full:default_path', '/%(repo_name)s/nodetree_full/%(commit_id)s/', ['repo_name', 'commit_id']);
187 pyroutes.register('repo_files_nodelist', '/%(repo_name)s/nodelist/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
188 pyroutes.register('repo_files_nodelist', '/%(repo_name)s/nodelist/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
188 pyroutes.register('repo_file_raw', '/%(repo_name)s/raw/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
189 pyroutes.register('repo_file_raw', '/%(repo_name)s/raw/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
189 pyroutes.register('repo_file_download', '/%(repo_name)s/download/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
190 pyroutes.register('repo_file_download', '/%(repo_name)s/download/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
190 pyroutes.register('repo_file_download:legacy', '/%(repo_name)s/rawfile/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
191 pyroutes.register('repo_file_download:legacy', '/%(repo_name)s/rawfile/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
191 pyroutes.register('repo_file_history', '/%(repo_name)s/history/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
192 pyroutes.register('repo_file_history', '/%(repo_name)s/history/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
192 pyroutes.register('repo_file_authors', '/%(repo_name)s/authors/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
193 pyroutes.register('repo_file_authors', '/%(repo_name)s/authors/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
193 pyroutes.register('repo_files_remove_file', '/%(repo_name)s/remove_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
194 pyroutes.register('repo_files_remove_file', '/%(repo_name)s/remove_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
194 pyroutes.register('repo_files_delete_file', '/%(repo_name)s/delete_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
195 pyroutes.register('repo_files_delete_file', '/%(repo_name)s/delete_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
195 pyroutes.register('repo_files_edit_file', '/%(repo_name)s/edit_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
196 pyroutes.register('repo_files_edit_file', '/%(repo_name)s/edit_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
196 pyroutes.register('repo_files_update_file', '/%(repo_name)s/update_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
197 pyroutes.register('repo_files_update_file', '/%(repo_name)s/update_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
197 pyroutes.register('repo_files_add_file', '/%(repo_name)s/add_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
198 pyroutes.register('repo_files_add_file', '/%(repo_name)s/add_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
198 pyroutes.register('repo_files_create_file', '/%(repo_name)s/create_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
199 pyroutes.register('repo_files_create_file', '/%(repo_name)s/create_file/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
199 pyroutes.register('repo_refs_data', '/%(repo_name)s/refs-data', ['repo_name']);
200 pyroutes.register('repo_refs_data', '/%(repo_name)s/refs-data', ['repo_name']);
200 pyroutes.register('repo_refs_changelog_data', '/%(repo_name)s/refs-data-changelog', ['repo_name']);
201 pyroutes.register('repo_refs_changelog_data', '/%(repo_name)s/refs-data-changelog', ['repo_name']);
201 pyroutes.register('repo_stats', '/%(repo_name)s/repo_stats/%(commit_id)s', ['repo_name', 'commit_id']);
202 pyroutes.register('repo_stats', '/%(repo_name)s/repo_stats/%(commit_id)s', ['repo_name', 'commit_id']);
202 pyroutes.register('repo_changelog', '/%(repo_name)s/changelog', ['repo_name']);
203 pyroutes.register('repo_changelog', '/%(repo_name)s/changelog', ['repo_name']);
203 pyroutes.register('repo_changelog_file', '/%(repo_name)s/changelog/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
204 pyroutes.register('repo_changelog_file', '/%(repo_name)s/changelog/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
204 pyroutes.register('repo_changelog_elements', '/%(repo_name)s/changelog_elements', ['repo_name']);
205 pyroutes.register('repo_changelog_elements', '/%(repo_name)s/changelog_elements', ['repo_name']);
205 pyroutes.register('repo_changelog_elements_file', '/%(repo_name)s/changelog_elements/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
206 pyroutes.register('repo_changelog_elements_file', '/%(repo_name)s/changelog_elements/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
206 pyroutes.register('repo_compare_select', '/%(repo_name)s/compare', ['repo_name']);
207 pyroutes.register('repo_compare_select', '/%(repo_name)s/compare', ['repo_name']);
207 pyroutes.register('repo_compare', '/%(repo_name)s/compare/%(source_ref_type)s@%(source_ref)s...%(target_ref_type)s@%(target_ref)s', ['repo_name', 'source_ref_type', 'source_ref', 'target_ref_type', 'target_ref']);
208 pyroutes.register('repo_compare', '/%(repo_name)s/compare/%(source_ref_type)s@%(source_ref)s...%(target_ref_type)s@%(target_ref)s', ['repo_name', 'source_ref_type', 'source_ref', 'target_ref_type', 'target_ref']);
208 pyroutes.register('tags_home', '/%(repo_name)s/tags', ['repo_name']);
209 pyroutes.register('tags_home', '/%(repo_name)s/tags', ['repo_name']);
209 pyroutes.register('branches_home', '/%(repo_name)s/branches', ['repo_name']);
210 pyroutes.register('branches_home', '/%(repo_name)s/branches', ['repo_name']);
210 pyroutes.register('bookmarks_home', '/%(repo_name)s/bookmarks', ['repo_name']);
211 pyroutes.register('bookmarks_home', '/%(repo_name)s/bookmarks', ['repo_name']);
211 pyroutes.register('repo_fork_new', '/%(repo_name)s/fork', ['repo_name']);
212 pyroutes.register('repo_fork_new', '/%(repo_name)s/fork', ['repo_name']);
212 pyroutes.register('repo_fork_create', '/%(repo_name)s/fork/create', ['repo_name']);
213 pyroutes.register('repo_fork_create', '/%(repo_name)s/fork/create', ['repo_name']);
213 pyroutes.register('repo_forks_show_all', '/%(repo_name)s/forks', ['repo_name']);
214 pyroutes.register('repo_forks_show_all', '/%(repo_name)s/forks', ['repo_name']);
214 pyroutes.register('repo_forks_data', '/%(repo_name)s/forks/data', ['repo_name']);
215 pyroutes.register('repo_forks_data', '/%(repo_name)s/forks/data', ['repo_name']);
215 pyroutes.register('pullrequest_show', '/%(repo_name)s/pull-request/%(pull_request_id)s', ['repo_name', 'pull_request_id']);
216 pyroutes.register('pullrequest_show', '/%(repo_name)s/pull-request/%(pull_request_id)s', ['repo_name', 'pull_request_id']);
216 pyroutes.register('pullrequest_show_all', '/%(repo_name)s/pull-request', ['repo_name']);
217 pyroutes.register('pullrequest_show_all', '/%(repo_name)s/pull-request', ['repo_name']);
217 pyroutes.register('pullrequest_show_all_data', '/%(repo_name)s/pull-request-data', ['repo_name']);
218 pyroutes.register('pullrequest_show_all_data', '/%(repo_name)s/pull-request-data', ['repo_name']);
218 pyroutes.register('pullrequest_repo_refs', '/%(repo_name)s/pull-request/refs/%(target_repo_name)s', ['repo_name', 'target_repo_name']);
219 pyroutes.register('pullrequest_repo_refs', '/%(repo_name)s/pull-request/refs/%(target_repo_name)s', ['repo_name', 'target_repo_name']);
219 pyroutes.register('pullrequest_repo_destinations', '/%(repo_name)s/pull-request/repo-destinations', ['repo_name']);
220 pyroutes.register('pullrequest_repo_destinations', '/%(repo_name)s/pull-request/repo-destinations', ['repo_name']);
220 pyroutes.register('pullrequest_new', '/%(repo_name)s/pull-request/new', ['repo_name']);
221 pyroutes.register('pullrequest_new', '/%(repo_name)s/pull-request/new', ['repo_name']);
221 pyroutes.register('pullrequest_create', '/%(repo_name)s/pull-request/create', ['repo_name']);
222 pyroutes.register('pullrequest_create', '/%(repo_name)s/pull-request/create', ['repo_name']);
222 pyroutes.register('pullrequest_update', '/%(repo_name)s/pull-request/%(pull_request_id)s/update', ['repo_name', 'pull_request_id']);
223 pyroutes.register('pullrequest_update', '/%(repo_name)s/pull-request/%(pull_request_id)s/update', ['repo_name', 'pull_request_id']);
223 pyroutes.register('pullrequest_merge', '/%(repo_name)s/pull-request/%(pull_request_id)s/merge', ['repo_name', 'pull_request_id']);
224 pyroutes.register('pullrequest_merge', '/%(repo_name)s/pull-request/%(pull_request_id)s/merge', ['repo_name', 'pull_request_id']);
224 pyroutes.register('pullrequest_delete', '/%(repo_name)s/pull-request/%(pull_request_id)s/delete', ['repo_name', 'pull_request_id']);
225 pyroutes.register('pullrequest_delete', '/%(repo_name)s/pull-request/%(pull_request_id)s/delete', ['repo_name', 'pull_request_id']);
225 pyroutes.register('pullrequest_comment_create', '/%(repo_name)s/pull-request/%(pull_request_id)s/comment', ['repo_name', 'pull_request_id']);
226 pyroutes.register('pullrequest_comment_create', '/%(repo_name)s/pull-request/%(pull_request_id)s/comment', ['repo_name', 'pull_request_id']);
226 pyroutes.register('pullrequest_comment_delete', '/%(repo_name)s/pull-request/%(pull_request_id)s/comment/%(comment_id)s/delete', ['repo_name', 'pull_request_id', 'comment_id']);
227 pyroutes.register('pullrequest_comment_delete', '/%(repo_name)s/pull-request/%(pull_request_id)s/comment/%(comment_id)s/delete', ['repo_name', 'pull_request_id', 'comment_id']);
227 pyroutes.register('edit_repo', '/%(repo_name)s/settings', ['repo_name']);
228 pyroutes.register('edit_repo', '/%(repo_name)s/settings', ['repo_name']);
228 pyroutes.register('edit_repo_advanced', '/%(repo_name)s/settings/advanced', ['repo_name']);
229 pyroutes.register('edit_repo_advanced', '/%(repo_name)s/settings/advanced', ['repo_name']);
229 pyroutes.register('edit_repo_advanced_delete', '/%(repo_name)s/settings/advanced/delete', ['repo_name']);
230 pyroutes.register('edit_repo_advanced_delete', '/%(repo_name)s/settings/advanced/delete', ['repo_name']);
230 pyroutes.register('edit_repo_advanced_locking', '/%(repo_name)s/settings/advanced/locking', ['repo_name']);
231 pyroutes.register('edit_repo_advanced_locking', '/%(repo_name)s/settings/advanced/locking', ['repo_name']);
231 pyroutes.register('edit_repo_advanced_journal', '/%(repo_name)s/settings/advanced/journal', ['repo_name']);
232 pyroutes.register('edit_repo_advanced_journal', '/%(repo_name)s/settings/advanced/journal', ['repo_name']);
232 pyroutes.register('edit_repo_advanced_fork', '/%(repo_name)s/settings/advanced/fork', ['repo_name']);
233 pyroutes.register('edit_repo_advanced_fork', '/%(repo_name)s/settings/advanced/fork', ['repo_name']);
233 pyroutes.register('edit_repo_advanced_hooks', '/%(repo_name)s/settings/advanced/hooks', ['repo_name']);
234 pyroutes.register('edit_repo_advanced_hooks', '/%(repo_name)s/settings/advanced/hooks', ['repo_name']);
234 pyroutes.register('edit_repo_caches', '/%(repo_name)s/settings/caches', ['repo_name']);
235 pyroutes.register('edit_repo_caches', '/%(repo_name)s/settings/caches', ['repo_name']);
235 pyroutes.register('edit_repo_perms', '/%(repo_name)s/settings/permissions', ['repo_name']);
236 pyroutes.register('edit_repo_perms', '/%(repo_name)s/settings/permissions', ['repo_name']);
237 pyroutes.register('edit_repo_perms_branch', '/%(repo_name)s/settings/branch_permissions', ['repo_name']);
238 pyroutes.register('edit_repo_perms_branch_delete', '/%(repo_name)s/settings/branch_permissions/%(rule_id)s/delete', ['repo_name', 'rule_id']);
236 pyroutes.register('edit_repo_maintenance', '/%(repo_name)s/settings/maintenance', ['repo_name']);
239 pyroutes.register('edit_repo_maintenance', '/%(repo_name)s/settings/maintenance', ['repo_name']);
237 pyroutes.register('edit_repo_maintenance_execute', '/%(repo_name)s/settings/maintenance/execute', ['repo_name']);
240 pyroutes.register('edit_repo_maintenance_execute', '/%(repo_name)s/settings/maintenance/execute', ['repo_name']);
238 pyroutes.register('edit_repo_fields', '/%(repo_name)s/settings/fields', ['repo_name']);
241 pyroutes.register('edit_repo_fields', '/%(repo_name)s/settings/fields', ['repo_name']);
239 pyroutes.register('edit_repo_fields_create', '/%(repo_name)s/settings/fields/create', ['repo_name']);
242 pyroutes.register('edit_repo_fields_create', '/%(repo_name)s/settings/fields/create', ['repo_name']);
240 pyroutes.register('edit_repo_fields_delete', '/%(repo_name)s/settings/fields/%(field_id)s/delete', ['repo_name', 'field_id']);
243 pyroutes.register('edit_repo_fields_delete', '/%(repo_name)s/settings/fields/%(field_id)s/delete', ['repo_name', 'field_id']);
241 pyroutes.register('repo_edit_toggle_locking', '/%(repo_name)s/settings/toggle_locking', ['repo_name']);
244 pyroutes.register('repo_edit_toggle_locking', '/%(repo_name)s/settings/toggle_locking', ['repo_name']);
242 pyroutes.register('edit_repo_remote', '/%(repo_name)s/settings/remote', ['repo_name']);
245 pyroutes.register('edit_repo_remote', '/%(repo_name)s/settings/remote', ['repo_name']);
243 pyroutes.register('edit_repo_remote_pull', '/%(repo_name)s/settings/remote/pull', ['repo_name']);
246 pyroutes.register('edit_repo_remote_pull', '/%(repo_name)s/settings/remote/pull', ['repo_name']);
244 pyroutes.register('edit_repo_remote_push', '/%(repo_name)s/settings/remote/push', ['repo_name']);
247 pyroutes.register('edit_repo_remote_push', '/%(repo_name)s/settings/remote/push', ['repo_name']);
245 pyroutes.register('edit_repo_statistics', '/%(repo_name)s/settings/statistics', ['repo_name']);
248 pyroutes.register('edit_repo_statistics', '/%(repo_name)s/settings/statistics', ['repo_name']);
246 pyroutes.register('edit_repo_statistics_reset', '/%(repo_name)s/settings/statistics/update', ['repo_name']);
249 pyroutes.register('edit_repo_statistics_reset', '/%(repo_name)s/settings/statistics/update', ['repo_name']);
247 pyroutes.register('edit_repo_issuetracker', '/%(repo_name)s/settings/issue_trackers', ['repo_name']);
250 pyroutes.register('edit_repo_issuetracker', '/%(repo_name)s/settings/issue_trackers', ['repo_name']);
248 pyroutes.register('edit_repo_issuetracker_test', '/%(repo_name)s/settings/issue_trackers/test', ['repo_name']);
251 pyroutes.register('edit_repo_issuetracker_test', '/%(repo_name)s/settings/issue_trackers/test', ['repo_name']);
249 pyroutes.register('edit_repo_issuetracker_delete', '/%(repo_name)s/settings/issue_trackers/delete', ['repo_name']);
252 pyroutes.register('edit_repo_issuetracker_delete', '/%(repo_name)s/settings/issue_trackers/delete', ['repo_name']);
250 pyroutes.register('edit_repo_issuetracker_update', '/%(repo_name)s/settings/issue_trackers/update', ['repo_name']);
253 pyroutes.register('edit_repo_issuetracker_update', '/%(repo_name)s/settings/issue_trackers/update', ['repo_name']);
251 pyroutes.register('edit_repo_vcs', '/%(repo_name)s/settings/vcs', ['repo_name']);
254 pyroutes.register('edit_repo_vcs', '/%(repo_name)s/settings/vcs', ['repo_name']);
252 pyroutes.register('edit_repo_vcs_update', '/%(repo_name)s/settings/vcs/update', ['repo_name']);
255 pyroutes.register('edit_repo_vcs_update', '/%(repo_name)s/settings/vcs/update', ['repo_name']);
253 pyroutes.register('edit_repo_vcs_svn_pattern_delete', '/%(repo_name)s/settings/vcs/svn_pattern/delete', ['repo_name']);
256 pyroutes.register('edit_repo_vcs_svn_pattern_delete', '/%(repo_name)s/settings/vcs/svn_pattern/delete', ['repo_name']);
254 pyroutes.register('repo_reviewers', '/%(repo_name)s/settings/review/rules', ['repo_name']);
257 pyroutes.register('repo_reviewers', '/%(repo_name)s/settings/review/rules', ['repo_name']);
255 pyroutes.register('repo_default_reviewers_data', '/%(repo_name)s/settings/review/default-reviewers', ['repo_name']);
258 pyroutes.register('repo_default_reviewers_data', '/%(repo_name)s/settings/review/default-reviewers', ['repo_name']);
256 pyroutes.register('repo_automation', '/%(repo_name)s/settings/automation', ['repo_name']);
259 pyroutes.register('repo_automation', '/%(repo_name)s/settings/automation', ['repo_name']);
257 pyroutes.register('edit_repo_strip', '/%(repo_name)s/settings/strip', ['repo_name']);
260 pyroutes.register('edit_repo_strip', '/%(repo_name)s/settings/strip', ['repo_name']);
258 pyroutes.register('strip_check', '/%(repo_name)s/settings/strip_check', ['repo_name']);
261 pyroutes.register('strip_check', '/%(repo_name)s/settings/strip_check', ['repo_name']);
259 pyroutes.register('strip_execute', '/%(repo_name)s/settings/strip_execute', ['repo_name']);
262 pyroutes.register('strip_execute', '/%(repo_name)s/settings/strip_execute', ['repo_name']);
260 pyroutes.register('edit_repo_audit_logs', '/%(repo_name)s/settings/audit_logs', ['repo_name']);
263 pyroutes.register('edit_repo_audit_logs', '/%(repo_name)s/settings/audit_logs', ['repo_name']);
261 pyroutes.register('rss_feed_home', '/%(repo_name)s/feed/rss', ['repo_name']);
264 pyroutes.register('rss_feed_home', '/%(repo_name)s/feed/rss', ['repo_name']);
262 pyroutes.register('atom_feed_home', '/%(repo_name)s/feed/atom', ['repo_name']);
265 pyroutes.register('atom_feed_home', '/%(repo_name)s/feed/atom', ['repo_name']);
263 pyroutes.register('repo_summary', '/%(repo_name)s', ['repo_name']);
266 pyroutes.register('repo_summary', '/%(repo_name)s', ['repo_name']);
264 pyroutes.register('repo_summary_slash', '/%(repo_name)s/', ['repo_name']);
267 pyroutes.register('repo_summary_slash', '/%(repo_name)s/', ['repo_name']);
265 pyroutes.register('edit_repo_group', '/%(repo_group_name)s/_edit', ['repo_group_name']);
268 pyroutes.register('edit_repo_group', '/%(repo_group_name)s/_edit', ['repo_group_name']);
266 pyroutes.register('edit_repo_group_advanced', '/%(repo_group_name)s/_settings/advanced', ['repo_group_name']);
269 pyroutes.register('edit_repo_group_advanced', '/%(repo_group_name)s/_settings/advanced', ['repo_group_name']);
267 pyroutes.register('edit_repo_group_advanced_delete', '/%(repo_group_name)s/_settings/advanced/delete', ['repo_group_name']);
270 pyroutes.register('edit_repo_group_advanced_delete', '/%(repo_group_name)s/_settings/advanced/delete', ['repo_group_name']);
268 pyroutes.register('edit_repo_group_perms', '/%(repo_group_name)s/_settings/permissions', ['repo_group_name']);
271 pyroutes.register('edit_repo_group_perms', '/%(repo_group_name)s/_settings/permissions', ['repo_group_name']);
269 pyroutes.register('edit_repo_group_perms_update', '/%(repo_group_name)s/_settings/permissions/update', ['repo_group_name']);
272 pyroutes.register('edit_repo_group_perms_update', '/%(repo_group_name)s/_settings/permissions/update', ['repo_group_name']);
270 pyroutes.register('repo_group_home', '/%(repo_group_name)s', ['repo_group_name']);
273 pyroutes.register('repo_group_home', '/%(repo_group_name)s', ['repo_group_name']);
271 pyroutes.register('repo_group_home_slash', '/%(repo_group_name)s/', ['repo_group_name']);
274 pyroutes.register('repo_group_home_slash', '/%(repo_group_name)s/', ['repo_group_name']);
272 pyroutes.register('user_group_members_data', '/_admin/user_groups/%(user_group_id)s/members', ['user_group_id']);
275 pyroutes.register('user_group_members_data', '/_admin/user_groups/%(user_group_id)s/members', ['user_group_id']);
273 pyroutes.register('edit_user_group_perms_summary', '/_admin/user_groups/%(user_group_id)s/edit/permissions_summary', ['user_group_id']);
276 pyroutes.register('edit_user_group_perms_summary', '/_admin/user_groups/%(user_group_id)s/edit/permissions_summary', ['user_group_id']);
274 pyroutes.register('edit_user_group_perms_summary_json', '/_admin/user_groups/%(user_group_id)s/edit/permissions_summary/json', ['user_group_id']);
277 pyroutes.register('edit_user_group_perms_summary_json', '/_admin/user_groups/%(user_group_id)s/edit/permissions_summary/json', ['user_group_id']);
275 pyroutes.register('edit_user_group', '/_admin/user_groups/%(user_group_id)s/edit', ['user_group_id']);
278 pyroutes.register('edit_user_group', '/_admin/user_groups/%(user_group_id)s/edit', ['user_group_id']);
276 pyroutes.register('user_groups_update', '/_admin/user_groups/%(user_group_id)s/update', ['user_group_id']);
279 pyroutes.register('user_groups_update', '/_admin/user_groups/%(user_group_id)s/update', ['user_group_id']);
277 pyroutes.register('edit_user_group_global_perms', '/_admin/user_groups/%(user_group_id)s/edit/global_permissions', ['user_group_id']);
280 pyroutes.register('edit_user_group_global_perms', '/_admin/user_groups/%(user_group_id)s/edit/global_permissions', ['user_group_id']);
278 pyroutes.register('edit_user_group_global_perms_update', '/_admin/user_groups/%(user_group_id)s/edit/global_permissions/update', ['user_group_id']);
281 pyroutes.register('edit_user_group_global_perms_update', '/_admin/user_groups/%(user_group_id)s/edit/global_permissions/update', ['user_group_id']);
279 pyroutes.register('edit_user_group_perms', '/_admin/user_groups/%(user_group_id)s/edit/permissions', ['user_group_id']);
282 pyroutes.register('edit_user_group_perms', '/_admin/user_groups/%(user_group_id)s/edit/permissions', ['user_group_id']);
280 pyroutes.register('edit_user_group_perms_update', '/_admin/user_groups/%(user_group_id)s/edit/permissions/update', ['user_group_id']);
283 pyroutes.register('edit_user_group_perms_update', '/_admin/user_groups/%(user_group_id)s/edit/permissions/update', ['user_group_id']);
281 pyroutes.register('edit_user_group_advanced', '/_admin/user_groups/%(user_group_id)s/edit/advanced', ['user_group_id']);
284 pyroutes.register('edit_user_group_advanced', '/_admin/user_groups/%(user_group_id)s/edit/advanced', ['user_group_id']);
282 pyroutes.register('edit_user_group_advanced_sync', '/_admin/user_groups/%(user_group_id)s/edit/advanced/sync', ['user_group_id']);
285 pyroutes.register('edit_user_group_advanced_sync', '/_admin/user_groups/%(user_group_id)s/edit/advanced/sync', ['user_group_id']);
283 pyroutes.register('user_groups_delete', '/_admin/user_groups/%(user_group_id)s/delete', ['user_group_id']);
286 pyroutes.register('user_groups_delete', '/_admin/user_groups/%(user_group_id)s/delete', ['user_group_id']);
284 pyroutes.register('search', '/_admin/search', []);
287 pyroutes.register('search', '/_admin/search', []);
285 pyroutes.register('search_repo', '/%(repo_name)s/search', ['repo_name']);
288 pyroutes.register('search_repo', '/%(repo_name)s/search', ['repo_name']);
286 pyroutes.register('user_profile', '/_profiles/%(username)s', ['username']);
289 pyroutes.register('user_profile', '/_profiles/%(username)s', ['username']);
287 pyroutes.register('user_group_profile', '/_profile_user_group/%(user_group_name)s', ['user_group_name']);
290 pyroutes.register('user_group_profile', '/_profile_user_group/%(user_group_name)s', ['user_group_name']);
288 pyroutes.register('my_account_profile', '/_admin/my_account/profile', []);
291 pyroutes.register('my_account_profile', '/_admin/my_account/profile', []);
289 pyroutes.register('my_account_edit', '/_admin/my_account/edit', []);
292 pyroutes.register('my_account_edit', '/_admin/my_account/edit', []);
290 pyroutes.register('my_account_update', '/_admin/my_account/update', []);
293 pyroutes.register('my_account_update', '/_admin/my_account/update', []);
291 pyroutes.register('my_account_password', '/_admin/my_account/password', []);
294 pyroutes.register('my_account_password', '/_admin/my_account/password', []);
292 pyroutes.register('my_account_password_update', '/_admin/my_account/password/update', []);
295 pyroutes.register('my_account_password_update', '/_admin/my_account/password/update', []);
293 pyroutes.register('my_account_auth_tokens', '/_admin/my_account/auth_tokens', []);
296 pyroutes.register('my_account_auth_tokens', '/_admin/my_account/auth_tokens', []);
294 pyroutes.register('my_account_auth_tokens_add', '/_admin/my_account/auth_tokens/new', []);
297 pyroutes.register('my_account_auth_tokens_add', '/_admin/my_account/auth_tokens/new', []);
295 pyroutes.register('my_account_auth_tokens_delete', '/_admin/my_account/auth_tokens/delete', []);
298 pyroutes.register('my_account_auth_tokens_delete', '/_admin/my_account/auth_tokens/delete', []);
296 pyroutes.register('my_account_ssh_keys', '/_admin/my_account/ssh_keys', []);
299 pyroutes.register('my_account_ssh_keys', '/_admin/my_account/ssh_keys', []);
297 pyroutes.register('my_account_ssh_keys_generate', '/_admin/my_account/ssh_keys/generate', []);
300 pyroutes.register('my_account_ssh_keys_generate', '/_admin/my_account/ssh_keys/generate', []);
298 pyroutes.register('my_account_ssh_keys_add', '/_admin/my_account/ssh_keys/new', []);
301 pyroutes.register('my_account_ssh_keys_add', '/_admin/my_account/ssh_keys/new', []);
299 pyroutes.register('my_account_ssh_keys_delete', '/_admin/my_account/ssh_keys/delete', []);
302 pyroutes.register('my_account_ssh_keys_delete', '/_admin/my_account/ssh_keys/delete', []);
300 pyroutes.register('my_account_user_group_membership', '/_admin/my_account/user_group_membership', []);
303 pyroutes.register('my_account_user_group_membership', '/_admin/my_account/user_group_membership', []);
301 pyroutes.register('my_account_emails', '/_admin/my_account/emails', []);
304 pyroutes.register('my_account_emails', '/_admin/my_account/emails', []);
302 pyroutes.register('my_account_emails_add', '/_admin/my_account/emails/new', []);
305 pyroutes.register('my_account_emails_add', '/_admin/my_account/emails/new', []);
303 pyroutes.register('my_account_emails_delete', '/_admin/my_account/emails/delete', []);
306 pyroutes.register('my_account_emails_delete', '/_admin/my_account/emails/delete', []);
304 pyroutes.register('my_account_repos', '/_admin/my_account/repos', []);
307 pyroutes.register('my_account_repos', '/_admin/my_account/repos', []);
305 pyroutes.register('my_account_watched', '/_admin/my_account/watched', []);
308 pyroutes.register('my_account_watched', '/_admin/my_account/watched', []);
306 pyroutes.register('my_account_perms', '/_admin/my_account/perms', []);
309 pyroutes.register('my_account_perms', '/_admin/my_account/perms', []);
307 pyroutes.register('my_account_notifications', '/_admin/my_account/notifications', []);
310 pyroutes.register('my_account_notifications', '/_admin/my_account/notifications', []);
308 pyroutes.register('my_account_notifications_toggle_visibility', '/_admin/my_account/toggle_visibility', []);
311 pyroutes.register('my_account_notifications_toggle_visibility', '/_admin/my_account/toggle_visibility', []);
309 pyroutes.register('my_account_pullrequests', '/_admin/my_account/pull_requests', []);
312 pyroutes.register('my_account_pullrequests', '/_admin/my_account/pull_requests', []);
310 pyroutes.register('my_account_pullrequests_data', '/_admin/my_account/pull_requests/data', []);
313 pyroutes.register('my_account_pullrequests_data', '/_admin/my_account/pull_requests/data', []);
311 pyroutes.register('notifications_show_all', '/_admin/notifications', []);
314 pyroutes.register('notifications_show_all', '/_admin/notifications', []);
312 pyroutes.register('notifications_mark_all_read', '/_admin/notifications/mark_all_read', []);
315 pyroutes.register('notifications_mark_all_read', '/_admin/notifications/mark_all_read', []);
313 pyroutes.register('notifications_show', '/_admin/notifications/%(notification_id)s', ['notification_id']);
316 pyroutes.register('notifications_show', '/_admin/notifications/%(notification_id)s', ['notification_id']);
314 pyroutes.register('notifications_update', '/_admin/notifications/%(notification_id)s/update', ['notification_id']);
317 pyroutes.register('notifications_update', '/_admin/notifications/%(notification_id)s/update', ['notification_id']);
315 pyroutes.register('notifications_delete', '/_admin/notifications/%(notification_id)s/delete', ['notification_id']);
318 pyroutes.register('notifications_delete', '/_admin/notifications/%(notification_id)s/delete', ['notification_id']);
316 pyroutes.register('my_account_notifications_test_channelstream', '/_admin/my_account/test_channelstream', []);
319 pyroutes.register('my_account_notifications_test_channelstream', '/_admin/my_account/test_channelstream', []);
317 pyroutes.register('gists_show', '/_admin/gists', []);
320 pyroutes.register('gists_show', '/_admin/gists', []);
318 pyroutes.register('gists_new', '/_admin/gists/new', []);
321 pyroutes.register('gists_new', '/_admin/gists/new', []);
319 pyroutes.register('gists_create', '/_admin/gists/create', []);
322 pyroutes.register('gists_create', '/_admin/gists/create', []);
320 pyroutes.register('gist_show', '/_admin/gists/%(gist_id)s', ['gist_id']);
323 pyroutes.register('gist_show', '/_admin/gists/%(gist_id)s', ['gist_id']);
321 pyroutes.register('gist_delete', '/_admin/gists/%(gist_id)s/delete', ['gist_id']);
324 pyroutes.register('gist_delete', '/_admin/gists/%(gist_id)s/delete', ['gist_id']);
322 pyroutes.register('gist_edit', '/_admin/gists/%(gist_id)s/edit', ['gist_id']);
325 pyroutes.register('gist_edit', '/_admin/gists/%(gist_id)s/edit', ['gist_id']);
323 pyroutes.register('gist_edit_check_revision', '/_admin/gists/%(gist_id)s/edit/check_revision', ['gist_id']);
326 pyroutes.register('gist_edit_check_revision', '/_admin/gists/%(gist_id)s/edit/check_revision', ['gist_id']);
324 pyroutes.register('gist_update', '/_admin/gists/%(gist_id)s/update', ['gist_id']);
327 pyroutes.register('gist_update', '/_admin/gists/%(gist_id)s/update', ['gist_id']);
325 pyroutes.register('gist_show_rev', '/_admin/gists/%(gist_id)s/%(revision)s', ['gist_id', 'revision']);
328 pyroutes.register('gist_show_rev', '/_admin/gists/%(gist_id)s/%(revision)s', ['gist_id', 'revision']);
326 pyroutes.register('gist_show_formatted', '/_admin/gists/%(gist_id)s/%(revision)s/%(format)s', ['gist_id', 'revision', 'format']);
329 pyroutes.register('gist_show_formatted', '/_admin/gists/%(gist_id)s/%(revision)s/%(format)s', ['gist_id', 'revision', 'format']);
327 pyroutes.register('gist_show_formatted_path', '/_admin/gists/%(gist_id)s/%(revision)s/%(format)s/%(f_path)s', ['gist_id', 'revision', 'format', 'f_path']);
330 pyroutes.register('gist_show_formatted_path', '/_admin/gists/%(gist_id)s/%(revision)s/%(format)s/%(f_path)s', ['gist_id', 'revision', 'format', 'f_path']);
328 pyroutes.register('debug_style_home', '/_admin/debug_style', []);
331 pyroutes.register('debug_style_home', '/_admin/debug_style', []);
329 pyroutes.register('debug_style_template', '/_admin/debug_style/t/%(t_path)s', ['t_path']);
332 pyroutes.register('debug_style_template', '/_admin/debug_style/t/%(t_path)s', ['t_path']);
330 pyroutes.register('apiv2', '/_admin/api', []);
333 pyroutes.register('apiv2', '/_admin/api', []);
331 }
334 }
Show file before | Show file after | Hide comments
@@ -1,75 +1,75 b''
1 ## -*- coding: utf-8 -*-
1 ## -*- coding: utf-8 -*-
2
2
3 <div class="panel panel-default">
3 <div class="panel panel-default">
4 <div class="panel-heading">
4 <div class="panel-heading">
5 <h3 class="panel-title">${_('User Group Membership')}</h3>
5 <h3 class="panel-title">${_('User Group Membership')}</h3>
6 </div>
6 </div>
7
7
8 <div class="panel-body">
8 <div class="panel-body">
9 <div class="groups_management">
9 <div class="groups_management">
10 <div id="repos_list_wrap">
10 <div id="repos_list_wrap">
11 <table id="user_group_list_table" class="display"></table>
11 <table id="user_group_list_table" class="display"></table>
12 </div>
12 </div>
13 </div>
13 </div>
14 </div>
14 </div>
15 </div>
15 </div>
16
16
17
17
18 <script>
18 <script>
19 var api;
19 var api;
20 $(document).ready(function() {
20 $(document).ready(function() {
21
21
22 var get_datatable_count = function(){
22 var get_datatable_count = function(){
23 $('#user_group_count').text(api.page.info().recordsDisplay);
23 $('#user_group_count').text(api.page.info().recordsDisplay);
24 };
24 };
25
25
26 $('#user_group_list_table').on('click', 'a.editor_remove', function (e) {
26 $('#user_group_list_table').on('click', 'a.editor_remove', function (e) {
27 e.preventDefault();
27 e.preventDefault();
28 var row = api.row($(this).closest('tr'));
28 var row = api.row($(this).closest('tr'));
29 row.remove().draw();
29 row.remove().draw();
30 } );
30 } );
31
31
32 $('#user_group_list_table').DataTable({
32 $('#user_group_list_table').DataTable({
33 data: ${c.user_groups|n},
33 data: ${c.user_groups|n},
34 dom: 'rtp',
34 dom: 'rtp',
35 pageLength: ${c.visual.admin_grid_items},
35 pageLength: ${c.visual.admin_grid_items},
36 order: [[ 0, "asc" ]],
36 order: [[ 0, "asc" ]],
37 columns: [
37 columns: [
38 { data: {"_": "group_name",
38 { data: {"_": "group_name",
39 "sort": "group_name"}, title: "${_('Name')}", className: "td-componentname," ,
39 "sort": "group_name"}, title: "${_('Name')}", className: "td-componentname," ,
40 render: function (data,type,full,meta)
40 render: function (data,type,full,meta)
41 {return '<div><i class="icon-group" title="User group">'+data+'</i></div>'}},
41 {return '<div><i class="icon-user-group" title="User group">'+data+'</i></div>'}},
42
42
43 { data: {"_": "group_description",
43 { data: {"_": "group_description",
44 "sort": "group_description"}, title: "${_('Description')}", className: "td-description" },
44 "sort": "group_description"}, title: "${_('Description')}", className: "td-description" },
45 { data: {"_": "users_group_id"}, className: "td-user",
45 { data: {"_": "users_group_id"}, className: "td-user",
46 render: function (data,type,full,meta)
46 render: function (data,type,full,meta)
47 {return '<input type="hidden" name="users_group_id" value="'+data+'">'}},
47 {return '<input type="hidden" name="users_group_id" value="'+data+'">'}},
48 { data: {"_": "active",
48 { data: {"_": "active",
49 "sort": "active"}, title: "${_('Active')}", className: "td-active"},
49 "sort": "active"}, title: "${_('Active')}", className: "td-active"},
50 { data: {"_": "owner_data"}, title: "${_('Owner')}", className: "td-user",
50 { data: {"_": "owner_data"}, title: "${_('Owner')}", className: "td-user",
51 render: function (data,type,full,meta)
51 render: function (data,type,full,meta)
52 {return '<div class="rc-user tooltip">'+
52 {return '<div class="rc-user tooltip">'+
53 '<img class="gravatar" src="'+ data.owner_icon +'" height="16" width="16">'+
53 '<img class="gravatar" src="'+ data.owner_icon +'" height="16" width="16">'+
54 data.owner +'</div>'
54 data.owner +'</div>'
55 }
55 }
56 }
56 }
57 ],
57 ],
58 language: {
58 language: {
59 paginate: DEFAULT_GRID_PAGINATION,
59 paginate: DEFAULT_GRID_PAGINATION,
60 emptyTable: _gettext("No user groups available yet.")
60 emptyTable: _gettext("No user groups available yet.")
61 },
61 },
62 "initComplete": function( settings, json ) {
62 "initComplete": function( settings, json ) {
63 var data_grid = $('#user_group_list_table').dataTable();
63 var data_grid = $('#user_group_list_table').dataTable();
64 api = data_grid.api();
64 api = data_grid.api();
65 get_datatable_count();
65 get_datatable_count();
66 }
66 }
67 });
67 });
68
68
69 // update the counter when doing search
69 // update the counter when doing search
70 $('#user_group_list_table').on( 'search.dt', function (e,settings) {
70 $('#user_group_list_table').on( 'search.dt', function (e,settings) {
71 get_datatable_count();
71 get_datatable_count();
72 });
72 });
73
73
74 });
74 });
75 </script> No newline at end of file
75 </script>
Show file before | Show file after | Hide comments
@@ -1,62 +1,65 b''
1 ## -*- coding: utf-8 -*-
1 ## -*- coding: utf-8 -*-
2 <%inherit file="/base/base.mako"/>
2 <%inherit file="/base/base.mako"/>
3
3
4 <%def name="title()">
4 <%def name="title()">
5 ${_('Permissions Administration')}
5 ${_('Permissions Administration')}
6 %if c.rhodecode_name:
6 %if c.rhodecode_name:
7 &middot; ${h.branding(c.rhodecode_name)}
7 &middot; ${h.branding(c.rhodecode_name)}
8 %endif
8 %endif
9 </%def>
9 </%def>
10
10
11 <%def name="breadcrumbs_links()">
11 <%def name="breadcrumbs_links()">
12 ${h.link_to(_('Admin'),h.route_path('admin_home'))}
12 ${h.link_to(_('Admin'),h.route_path('admin_home'))}
13 &raquo;
13 &raquo;
14 ${_('Permissions')}
14 ${_('Permissions')}
15 </%def>
15 </%def>
16
16
17 <%def name="menu_bar_nav()">
17 <%def name="menu_bar_nav()">
18 ${self.menu_items(active='admin')}
18 ${self.menu_items(active='admin')}
19 </%def>
19 </%def>
20
20
21
21
22 <%def name="main()">
22 <%def name="main()">
23 <div class="box">
23 <div class="box">
24 <div class="title">
24 <div class="title">
25 ${self.breadcrumbs()}
25 ${self.breadcrumbs()}
26 </div>
26 </div>
27
27
28 <div class="sidebar-col-wrapper scw-small">
28 <div class="sidebar-col-wrapper scw-small">
29 ##main
29 ##main
30 <div class="sidebar">
30 <div class="sidebar">
31 <ul class="nav nav-pills nav-stacked">
31 <ul class="nav nav-pills nav-stacked">
32 <li class="${'active' if c.active=='application' else ''}">
32 <li class="${'active' if c.active=='application' else ''}">
33 <a href="${h.route_path('admin_permissions_application')}">${_('Application')}</a>
33 <a href="${h.route_path('admin_permissions_application')}">${_('Application')}</a>
34 </li>
34 </li>
35 <li class="${'active' if c.active=='global' else ''}">
35 <li class="${'active' if c.active=='global' else ''}">
36 <a href="${h.route_path('admin_permissions_global')}">${_('Global')}</a>
36 <a href="${h.route_path('admin_permissions_global')}">${_('Global')}</a>
37 </li>
37 </li>
38 <li class="${'active' if c.active=='objects' else ''}">
38 <li class="${'active' if c.active=='objects' else ''}">
39 <a href="${h.route_path('admin_permissions_object')}">${_('Object')}</a>
39 <a href="${h.route_path('admin_permissions_object')}">${_('Object')}</a>
40 </li>
40 </li>
41 <li class="${'active' if c.active=='branch' else ''}">
42 <a href="${h.route_path('admin_permissions_branch')}">${_('Branch')}</a>
43 </li>
41 <li class="${'active' if c.active=='ips' else ''}">
44 <li class="${'active' if c.active=='ips' else ''}">
42 <a href="${h.route_path('admin_permissions_ips')}">${_('IP Whitelist')}</a>
45 <a href="${h.route_path('admin_permissions_ips')}">${_('IP Whitelist')}</a>
43 </li>
46 </li>
44 <li class="${'active' if c.active=='auth_token_access' else ''}">
47 <li class="${'active' if c.active=='auth_token_access' else ''}">
45 <a href="${h.route_path('admin_permissions_auth_token_access')}">${_('AuthToken Access')}</a>
48 <a href="${h.route_path('admin_permissions_auth_token_access')}">${_('AuthToken Access')}</a>
46 </li>
49 </li>
47 <li class="${'active' if c.active=='ssh_keys' else ''}">
50 <li class="${'active' if c.active=='ssh_keys' else ''}">
48 <a href="${h.route_path('admin_permissions_ssh_keys')}">${_('SSH Keys')}</a>
51 <a href="${h.route_path('admin_permissions_ssh_keys')}">${_('SSH Keys')}</a>
49 </li>
52 </li>
50 <li class="${'active' if c.active=='perms' else ''}">
53 <li class="${'active' if c.active=='perms' else ''}">
51 <a href="${h.route_path('admin_permissions_overview')}">${_('Overview')}</a>
54 <a href="${h.route_path('admin_permissions_overview')}">${_('Overview')}</a>
52 </li>
55 </li>
53 </ul>
56 </ul>
54 </div>
57 </div>
55
58
56 <div class="main-content-full-width">
59 <div class="main-content-full-width">
57 <%include file="/admin/permissions/permissions_${c.active}.mako"/>
60 <%include file="/admin/permissions/permissions_${c.active}.mako"/>
58 </div>
61 </div>
59 </div>
62 </div>
60 </div>
63 </div>
61
64
62 </%def>
65 </%def>
Show file before | Show file after | Hide comments
@@ -1,77 +1,80 b''
1 <div class="panel panel-default">
1 <div class="panel panel-default">
2 <div class="panel-heading">
2 <div class="panel-heading">
3 <h3 class="panel-title">${_('Default Permissions for Repositories, User Groups and Repository Groups.')}</h3>
3 <h3 class="panel-title">${_('Default Permissions for Repositories, User Groups and Repository Groups.')}</h3>
4 </div>
4 </div>
5 <div class="panel-body">
5 <div class="panel-body">
6 <p>${_('Default system permissions. Each permissions management entity will be created with the following default settings. Check the overwrite checkbox to force any permission changes on already existing settings.')}
6 <p>
7 ${_('Default access permissions. This defines permissions for the `default` user from which other users inherit permissions.')}
8 <br/>
9 ${_('Check the overwrite checkbox to force change all previously defined permissions for `default` user to the new selected value.')}
7 </p>
10 </p>
8 ${h.secure_form(h.route_path('admin_permissions_object_update'), request=request)}
11 ${h.secure_form(h.route_path('admin_permissions_object_update'), request=request)}
9 <div class="form">
12 <div class="form">
10 <div class="fields">
13 <div class="fields">
11 <div class="field">
14 <div class="field">
12 <div class="label">
15 <div class="label">
13 <label for="default_repo_perm">${_('Repository')}:</label>
16 <label for="default_repo_perm">${_('Repository')}:</label>
14 </div>
17 </div>
15 <div class="select">
18 <div class="select">
16 ${h.select('default_repo_perm','',c.repo_perms_choices)}
19 ${h.select('default_repo_perm','',c.repo_perms_choices)}
17
20
18 ${h.checkbox('overwrite_default_repo','true')}
21 ${h.checkbox('overwrite_default_repo','true')}
19 <label for="overwrite_default_repo">
22 <label for="overwrite_default_repo">
20 <span class="tooltip" title="${h.tooltip(_('All default permissions on each repository will be reset to chosen permission, note that all custom default permission on repositories will be lost'))}">
23 <span class="tooltip" title="${h.tooltip(_('All default permissions on each repository will be reset to chosen permission, note that all custom default permission on repositories will be lost'))}">
21 ${_('Overwrite Existing Settings')}
24 ${_('Overwrite Existing Settings')}
22 </span>
25 </span>
23 </label>
26 </label>
24 </div>
27 </div>
25 </div>
28 </div>
26 <div class="field">
29 <div class="field">
27 <div class="label">
30 <div class="label">
28 <label for="default_group_perm">${_('Repository Groups')}:</label>
31 <label for="default_group_perm">${_('Repository Groups')}:</label>
29 </div>
32 </div>
30 <div class="select">
33 <div class="select">
31 ${h.select('default_group_perm','',c.group_perms_choices)}
34 ${h.select('default_group_perm','',c.group_perms_choices)}
32 ${h.checkbox('overwrite_default_group','true')}
35 ${h.checkbox('overwrite_default_group','true')}
33 <label for="overwrite_default_group">
36 <label for="overwrite_default_group">
34 <span class="tooltip" title="${h.tooltip(_('All default permissions on each repository group will be reset to chosen permission, note that all custom default permission on repository groups will be lost'))}">
37 <span class="tooltip" title="${h.tooltip(_('All default permissions on each repository group will be reset to chosen permission, note that all custom default permission on repository groups will be lost'))}">
35 ${_('Overwrite Existing Settings')}
38 ${_('Overwrite Existing Settings')}
36 </span>
39 </span>
37 </label>
40 </label>
38 </div>
41 </div>
39 </div>
42 </div>
40 <div class="field">
43 <div class="field">
41 <div class="label">
44 <div class="label">
42 <label for="default_group_perm">${_('User Groups')}:</label>
45 <label for="default_group_perm">${_('User Groups')}:</label>
43 </div>
46 </div>
44 <div class="select">
47 <div class="select">
45 ${h.select('default_user_group_perm','',c.user_group_perms_choices)}
48 ${h.select('default_user_group_perm','',c.user_group_perms_choices)}
46 ${h.checkbox('overwrite_default_user_group','true')}
49 ${h.checkbox('overwrite_default_user_group','true')}
47 <label for="overwrite_default_user_group">
50 <label for="overwrite_default_user_group">
48 <span class="tooltip" title="${h.tooltip(_('All default permissions on each user group will be reset to chosen permission, note that all custom default permission on repository groups will be lost'))}">
51 <span class="tooltip" title="${h.tooltip(_('All default permissions on each user group will be reset to chosen permission, note that all custom default permission on user groups will be lost'))}">
49 ${_('Overwrite Existing Settings')}
52 ${_('Overwrite Existing Settings')}
50 </span>
53 </span>
51 </label>
54 </label>
52 </div>
55 </div>
53 </div>
56 </div>
54
57
55 <div class="buttons">
58 <div class="buttons">
56 ${h.submit('save',_('Save'),class_="btn")}
59 ${h.submit('save',_('Save'),class_="btn")}
57 ${h.reset('reset',_('Reset'),class_="btn")}
60 ${h.reset('reset',_('Reset'),class_="btn")}
58 </div>
61 </div>
59 </div>
62 </div>
60 </div>
63 </div>
61 ${h.end_form()}
64 ${h.end_form()}
62 </div>
65 </div>
63 </div>
66 </div>
64
67
65 <script>
68 <script>
66 $(document).ready(function(){
69 $(document).ready(function(){
67 var select2Options = {
70 var select2Options = {
68 containerCssClass: 'drop-menu',
71 containerCssClass: 'drop-menu',
69 dropdownCssClass: 'drop-menu-dropdown',
72 dropdownCssClass: 'drop-menu-dropdown',
70 dropdownAutoWidth: true,
73 dropdownAutoWidth: true,
71 minimumResultsForSearch: -1
74 minimumResultsForSearch: -1
72 };
75 };
73 $("#default_repo_perm").select2(select2Options);
76 $("#default_repo_perm").select2(select2Options);
74 $("#default_group_perm").select2(select2Options);
77 $("#default_group_perm").select2(select2Options);
75 $("#default_user_group_perm").select2(select2Options);
78 $("#default_user_group_perm").select2(select2Options);
76 });
79 });
77 </script>
80 </script>
Show file before | Show file after | Hide comments
@@ -1,146 +1,156 b''
1 <%namespace name="base" file="/base/base.mako"/>
1 <%namespace name="base" file="/base/base.mako"/>
2
2
3 <div class="panel panel-default">
3 <div class="panel panel-default">
4 <div class="panel-heading">
4 <div class="panel-heading">
5 <h3 class="panel-title">${_('Repository Group Permissions')}</h3>
5 <h3 class="panel-title">${_('Repository Group Permissions')}</h3>
6 </div>
6 </div>
7 <div class="panel-body">
7 <div class="panel-body">
8 ${h.secure_form(h.route_path('edit_repo_group_perms_update', repo_group_name=c.repo_group.group_name), request=request)}
8 ${h.secure_form(h.route_path('edit_repo_group_perms_update', repo_group_name=c.repo_group.group_name), request=request)}
9 <table id="permissions_manage" class="rctable permissions">
9 <table id="permissions_manage" class="rctable permissions">
10 <tr>
10 <tr>
11 <th class="td-radio">${_('None')}</th>
11 <th class="td-radio">${_('None')}</th>
12 <th class="td-radio">${_('Read')}</th>
12 <th class="td-radio">${_('Read')}</th>
13 <th class="td-radio">${_('Write')}</th>
13 <th class="td-radio">${_('Write')}</th>
14 <th class="td-radio">${_('Admin')}</th>
14 <th class="td-radio">${_('Admin')}</th>
15 <th class="td-owner">${_('User/User Group')}</th>
15 <th class="td-owner">${_('User/User Group')}</th>
16 <th></th>
16 <th></th>
17 </tr>
17 </tr>
18 ## USERS
18 ## USERS
19 %for _user in c.repo_group.permissions():
19 %for _user in c.repo_group.permissions():
20 %if getattr(_user, 'admin_row', None) or getattr(_user, 'owner_row', None):
20 %if getattr(_user, 'admin_row', None) or getattr(_user, 'owner_row', None):
21 <tr class="perm_admin_row">
21 <tr class="perm_admin_row">
22 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.none', disabled="disabled")}</td>
22 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.none', disabled="disabled")}</td>
23 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.read', disabled="disabled")}</td>
23 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.read', disabled="disabled")}</td>
24 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.write', disabled="disabled")}</td>
24 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.write', disabled="disabled")}</td>
25 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.admin', 'repository.admin', disabled="disabled")}</td>
25 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.admin', 'repository.admin', disabled="disabled")}</td>
26 <td class="td-user">
26 <td class="td-user">
27 ${base.gravatar(_user.email, 16)}
27 ${base.gravatar(_user.email, 16)}
28 ${h.link_to_user(_user.username)}
28 ${h.link_to_user(_user.username)}
29 %if getattr(_user, 'admin_row', None):
29 %if getattr(_user, 'admin_row', None):
30 (${_('super admin')})
30 (${_('super admin')})
31 %endif
31 %endif
32 %if getattr(_user, 'owner_row', None):
32 %if getattr(_user, 'owner_row', None):
33 (${_('owner')})
33 (${_('owner')})
34 %endif
34 %endif
35 </td>
35 </td>
36 <td></td>
36 <td></td>
37 </tr>
37 </tr>
38 %else:
38 %else:
39 <tr>
39 <tr>
40 ##forbid revoking permission from yourself, except if you're an super admin
40 ##forbid revoking permission from yourself, except if you're an super admin
41 %if c.rhodecode_user.user_id != _user.user_id or c.rhodecode_user.is_admin:
41 %if c.rhodecode_user.user_id != _user.user_id or c.rhodecode_user.is_admin:
42 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.none', checked=_user.permission=='group.none')}</td>
42 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.none', checked=_user.permission=='group.none')}</td>
43 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.read', checked=_user.permission=='group.read')}</td>
43 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.read', checked=_user.permission=='group.read')}</td>
44 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.write', checked=_user.permission=='group.write')}</td>
44 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.write', checked=_user.permission=='group.write')}</td>
45 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.admin', checked=_user.permission=='group.admin')}</td>
45 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.admin', checked=_user.permission=='group.admin')}</td>
46 <td class="td-user">
46 <td class="td-user">
47 ${base.gravatar(_user.email, 16)}
47 ${base.gravatar(_user.email, 16)}
48 <span class="user">
48 <span class="user">
49 % if _user.username == h.DEFAULT_USER:
49 % if _user.username == h.DEFAULT_USER:
50 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
50 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
51 % else:
51 % else:
52 ${h.link_to_user(_user.username)}
52 ${h.link_to_user(_user.username)}
53 % endif
53 % endif
54 </span>
54 </span>
55 </td>
55 </td>
56 <td class="td-action">
56 <td class="td-action">
57 %if _user.username != h.DEFAULT_USER:
57 %if _user.username != h.DEFAULT_USER:
58 <span class="btn btn-link btn-danger revoke_perm"
58 <span class="btn btn-link btn-danger revoke_perm"
59 member="${_user.user_id}" member_type="user">
59 member="${_user.user_id}" member_type="user">
60 <i class="icon-remove"></i> ${_('Revoke')}
60 ${_('Revoke')}
61 </span>
61 </span>
62 %endif
62 %endif
63 </td>
63 </td>
64 %else:
64 %else:
65 ## special case for current user permissions, we make sure he cannot take his own permissions
65 ## special case for current user permissions, we make sure he cannot take his own permissions
66 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.none', disabled="disabled")}</td>
66 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.none', disabled="disabled")}</td>
67 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.read', disabled="disabled")}</td>
67 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.read', disabled="disabled")}</td>
68 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.write', disabled="disabled")}</td>
68 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.write', disabled="disabled")}</td>
69 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.admin', disabled="disabled")}</td>
69 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'group.admin', disabled="disabled")}</td>
70 <td class="td-user">
70 <td class="td-user">
71 ${base.gravatar(_user.email, 16)}
71 ${base.gravatar(_user.email, 16)}
72 <span class="user">
72 <span class="user">
73 % if _user.username == h.DEFAULT_USER:
73 % if _user.username == h.DEFAULT_USER:
74 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
74 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
75 % else:
75 % else:
76 ${h.link_to_user(_user.username)}
76 ${h.link_to_user(_user.username)}
77 % endif
77 % endif
78 <span class="user-perm-help-text">(${_('delegated admin')})</span>
78 <span class="user-perm-help-text">(${_('delegated admin')})</span>
79 </span>
79 </span>
80 </td>
80 </td>
81 <td></td>
81 <td></td>
82 %endif
82 %endif
83 </tr>
83 </tr>
84 %endif
84 %endif
85 %endfor
85 %endfor
86
86
87 ## USER GROUPS
87 ## USER GROUPS
88 %for _user_group in c.repo_group.permission_user_groups():
88 %for _user_group in c.repo_group.permission_user_groups():
89 <tr id="id${id(_user_group.users_group_name)}">
89 <tr id="id${id(_user_group.users_group_name)}">
90 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'group.none', checked=_user_group.permission=='group.none')}</td>
90 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'group.none', checked=_user_group.permission=='group.none')}</td>
91 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'group.read', checked=_user_group.permission=='group.read')}</td>
91 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'group.read', checked=_user_group.permission=='group.read')}</td>
92 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'group.write', checked=_user_group.permission=='group.write')}</td>
92 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'group.write', checked=_user_group.permission=='group.write')}</td>
93 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'group.admin', checked=_user_group.permission=='group.admin')}</td>
93 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'group.admin', checked=_user_group.permission=='group.admin')}</td>
94 <td class="td-componentname">
94 <td class="td-componentname">
95 <i class="icon-group" ></i>
95 <i class="icon-user-group"></i>
96 %if h.HasPermissionAny('hg.admin')():
96 %if h.HasPermissionAny('hg.admin')():
97 <a href="${h.route_path('edit_user_group',user_group_id=_user_group.users_group_id)}">
97 <a href="${h.route_path('edit_user_group',user_group_id=_user_group.users_group_id)}">
98 ${_user_group.users_group_name}
98 ${_user_group.users_group_name}
99 </a>
99 </a>
100 %else:
100 %else:
101 ${h.link_to_group(_user_group.users_group_name)}
101 ${h.link_to_group(_user_group.users_group_name)}
102 %endif
102 %endif
103 </td>
103 </td>
104 <td class="td-action">
104 <td class="td-action">
105 <span class="btn btn-link btn-danger revoke_perm"
105 <span class="btn btn-link btn-danger revoke_perm"
106 member="${_user_group.users_group_id}" member_type="user_group">
106 member="${_user_group.users_group_id}" member_type="user_group">
107 <i class="icon-remove"></i> ${_('Revoke')}
107 ${_('Revoke')}
108 </span>
108 </span>
109 </td>
109 </td>
110 </tr>
110 </tr>
111 %endfor
111 %endfor
112
112
113 <tr class="new_members" id="add_perm_input"></tr>
113 <tr class="new_members" id="add_perm_input"></tr>
114 <tr>
115 <td></td>
116 <td></td>
117 <td></td>
118 <td></td>
119 <td></td>
120 <td>
121 <span id="add_perm" class="link">
122 ${_('Add user/user group')}
123 </span>
124 </td>
125 </tr>
114 </table>
126 </table>
115 <div id="add_perm" class="link">
127
116 ${_('Add new')}
117 </div>
118 <div class="fields">
128 <div class="fields">
119 <div class="field">
129 <div class="field">
120 <div class="label label-radio">
130 <div class="label label-radio">
121 ${_('Apply to children')}:
131 ${_('Apply to children')}:
122 </div>
132 </div>
123 <div class="radios">
133 <div class="radios">
124 ${h.radio('recursive', 'none', label=_('None'), checked="checked")}
134 ${h.radio('recursive', 'none', label=_('None'), checked="checked")}
125 ${h.radio('recursive', 'groups', label=_('Repository Groups'))}
135 ${h.radio('recursive', 'groups', label=_('Repository Groups'))}
126 ${h.radio('recursive', 'repos', label=_('Repositories'))}
136 ${h.radio('recursive', 'repos', label=_('Repositories'))}
127 ${h.radio('recursive', 'all', label=_('Both'))}
137 ${h.radio('recursive', 'all', label=_('Both'))}
128 <span class="help-block">${_('Set or revoke permissions to selected types of children of this group, including non-private repositories and other groups if chosen.')}</span>
138 <span class="help-block">${_('Set or revoke permissions to selected types of children of this group, including non-private repositories and other groups if chosen.')}</span>
129 </div>
139 </div>
130 </div>
140 </div>
131 </div>
141 </div>
132 <div class="buttons">
142 <div class="buttons">
133 ${h.submit('save',_('Save'),class_="btn btn-primary")}
143 ${h.submit('save',_('Save'),class_="btn btn-primary")}
134 ${h.reset('reset',_('Reset'),class_="btn btn-danger")}
144 ${h.reset('reset',_('Reset'),class_="btn btn-danger")}
135 </div>
145 </div>
136 ${h.end_form()}
146 ${h.end_form()}
137 </div>
147 </div>
138 </div>
148 </div>
139 <script type="text/javascript">
149 <script type="text/javascript">
140 $('#add_perm').on('click', function(e){
150 $('#add_perm').on('click', function(e){
141 addNewPermInput($(this), 'group');
151 addNewPermInput($(this), 'group');
142 });
152 });
143 $('.revoke_perm').on('click', function(e){
153 $('.revoke_perm').on('click', function(e){
144 markRevokePermInput($(this), 'group');
154 markRevokePermInput($(this), 'group');
145 })
155 })
146 </script>
156 </script>
Show file before | Show file after | Hide comments
@@ -1,105 +1,108 b''
1 ## -*- coding: utf-8 -*-
1 ## -*- coding: utf-8 -*-
2 ##
2 ##
3 ## See also repo_settings.html
3 ## See also repo_settings.html
4 ##
4 ##
5 <%inherit file="/base/base.mako"/>
5 <%inherit file="/base/base.mako"/>
6
6
7 <%def name="title()">
7 <%def name="title()">
8 ${_('%s repository settings') % c.rhodecode_db_repo.repo_name}
8 ${_('%s repository settings') % c.rhodecode_db_repo.repo_name}
9 %if c.rhodecode_name:
9 %if c.rhodecode_name:
10 &middot; ${h.branding(c.rhodecode_name)}
10 &middot; ${h.branding(c.rhodecode_name)}
11 %endif
11 %endif
12 </%def>
12 </%def>
13
13
14 <%def name="breadcrumbs_links()">
14 <%def name="breadcrumbs_links()">
15 ${_('Settings')}
15 ${_('Settings')}
16 </%def>
16 </%def>
17
17
18 <%def name="menu_bar_nav()">
18 <%def name="menu_bar_nav()">
19 ${self.menu_items(active='repositories')}
19 ${self.menu_items(active='repositories')}
20 </%def>
20 </%def>
21
21
22 <%def name="menu_bar_subnav()">
22 <%def name="menu_bar_subnav()">
23 ${self.repo_menu(active='options')}
23 ${self.repo_menu(active='options')}
24 </%def>
24 </%def>
25
25
26 <%def name="main_content()">
26 <%def name="main_content()">
27 % if hasattr(c, 'repo_edit_template'):
27 % if hasattr(c, 'repo_edit_template'):
28 <%include file="${c.repo_edit_template}"/>
28 <%include file="${c.repo_edit_template}"/>
29 % else:
29 % else:
30 <%include file="/admin/repos/repo_edit_${c.active}.mako"/>
30 <%include file="/admin/repos/repo_edit_${c.active}.mako"/>
31 % endif
31 % endif
32 </%def>
32 </%def>
33
33
34
34
35 <%def name="main()">
35 <%def name="main()">
36 <div class="box">
36 <div class="box">
37 <div class="title">
37 <div class="title">
38 ${self.repo_page_title(c.rhodecode_db_repo)}
38 ${self.repo_page_title(c.rhodecode_db_repo)}
39 ${self.breadcrumbs()}
39 ${self.breadcrumbs()}
40 </div>
40 </div>
41
41
42 <div class="sidebar-col-wrapper scw-small">
42 <div class="sidebar-col-wrapper scw-small">
43 <div class="sidebar">
43 <div class="sidebar">
44 <ul class="nav nav-pills nav-stacked">
44 <ul class="nav nav-pills nav-stacked">
45 <li class="${'active' if c.active=='settings' else ''}">
45 <li class="${'active' if c.active=='settings' else ''}">
46 <a href="${h.route_path('edit_repo', repo_name=c.repo_name)}">${_('Settings')}</a>
46 <a href="${h.route_path('edit_repo', repo_name=c.repo_name)}">${_('Settings')}</a>
47 </li>
47 </li>
48 <li class="${'active' if c.active=='permissions' else ''}">
48 <li class="${'active' if c.active=='permissions' else ''}">
49 <a href="${h.route_path('edit_repo_perms', repo_name=c.repo_name)}">${_('Permissions')}</a>
49 <a href="${h.route_path('edit_repo_perms', repo_name=c.repo_name)}">${_('Permissions')}</a>
50 </li>
50 </li>
51 <li class="${'active' if c.active=='permissions_branch' else ''}">
52 <a href="${h.route_path('edit_repo_perms_branch', repo_name=c.repo_name)}">${_('Branch Permissions')}</a>
53 </li>
51 <li class="${'active' if c.active=='advanced' else ''}">
54 <li class="${'active' if c.active=='advanced' else ''}">
52 <a href="${h.route_path('edit_repo_advanced', repo_name=c.repo_name)}">${_('Advanced')}</a>
55 <a href="${h.route_path('edit_repo_advanced', repo_name=c.repo_name)}">${_('Advanced')}</a>
53 </li>
56 </li>
54 <li class="${'active' if c.active=='vcs' else ''}">
57 <li class="${'active' if c.active=='vcs' else ''}">
55 <a href="${h.route_path('edit_repo_vcs', repo_name=c.repo_name)}">${_('VCS')}</a>
58 <a href="${h.route_path('edit_repo_vcs', repo_name=c.repo_name)}">${_('VCS')}</a>
56 </li>
59 </li>
57 <li class="${'active' if c.active=='fields' else ''}">
60 <li class="${'active' if c.active=='fields' else ''}">
58 <a href="${h.route_path('edit_repo_fields', repo_name=c.repo_name)}">${_('Extra Fields')}</a>
61 <a href="${h.route_path('edit_repo_fields', repo_name=c.repo_name)}">${_('Extra Fields')}</a>
59 </li>
62 </li>
60 <li class="${'active' if c.active=='issuetracker' else ''}">
63 <li class="${'active' if c.active=='issuetracker' else ''}">
61 <a href="${h.route_path('edit_repo_issuetracker', repo_name=c.repo_name)}">${_('Issue Tracker')}</a>
64 <a href="${h.route_path('edit_repo_issuetracker', repo_name=c.repo_name)}">${_('Issue Tracker')}</a>
62 </li>
65 </li>
63 <li class="${'active' if c.active=='caches' else ''}">
66 <li class="${'active' if c.active=='caches' else ''}">
64 <a href="${h.route_path('edit_repo_caches', repo_name=c.repo_name)}">${_('Caches')}</a>
67 <a href="${h.route_path('edit_repo_caches', repo_name=c.repo_name)}">${_('Caches')}</a>
65 </li>
68 </li>
66 %if c.rhodecode_db_repo.repo_type != 'svn':
69 %if c.rhodecode_db_repo.repo_type != 'svn':
67 <li class="${'active' if c.active=='remote' else ''}">
70 <li class="${'active' if c.active=='remote' else ''}">
68 <a href="${h.route_path('edit_repo_remote', repo_name=c.repo_name)}">${_('Remote sync')}</a>
71 <a href="${h.route_path('edit_repo_remote', repo_name=c.repo_name)}">${_('Remote sync')}</a>
69 </li>
72 </li>
70 %endif
73 %endif
71 <li class="${'active' if c.active=='statistics' else ''}">
74 <li class="${'active' if c.active=='statistics' else ''}">
72 <a href="${h.route_path('edit_repo_statistics', repo_name=c.repo_name)}">${_('Statistics')}</a>
75 <a href="${h.route_path('edit_repo_statistics', repo_name=c.repo_name)}">${_('Statistics')}</a>
73 </li>
76 </li>
74 <li class="${'active' if c.active=='integrations' else ''}">
77 <li class="${'active' if c.active=='integrations' else ''}">
75 <a href="${h.route_path('repo_integrations_home', repo_name=c.repo_name)}">${_('Integrations')}</a>
78 <a href="${h.route_path('repo_integrations_home', repo_name=c.repo_name)}">${_('Integrations')}</a>
76 </li>
79 </li>
77 %if c.rhodecode_db_repo.repo_type != 'svn':
80 %if c.rhodecode_db_repo.repo_type != 'svn':
78 <li class="${'active' if c.active=='reviewers' else ''}">
81 <li class="${'active' if c.active=='reviewers' else ''}">
79 <a href="${h.route_path('repo_reviewers', repo_name=c.repo_name)}">${_('Reviewer Rules')}</a>
82 <a href="${h.route_path('repo_reviewers', repo_name=c.repo_name)}">${_('Reviewer Rules')}</a>
80 </li>
83 </li>
81 %endif
84 %endif
82 <li class="${'active' if c.active=='automation' else ''}">
85 <li class="${'active' if c.active=='automation' else ''}">
83 <a href="${h.route_path('repo_automation', repo_name=c.repo_name)}">${_('Automation')}</a>
86 <a href="${h.route_path('repo_automation', repo_name=c.repo_name)}">${_('Automation')}</a>
84 </li>
87 </li>
85 <li class="${'active' if c.active=='maintenance' else ''}">
88 <li class="${'active' if c.active=='maintenance' else ''}">
86 <a href="${h.route_path('edit_repo_maintenance', repo_name=c.repo_name)}">${_('Maintenance')}</a>
89 <a href="${h.route_path('edit_repo_maintenance', repo_name=c.repo_name)}">${_('Maintenance')}</a>
87 </li>
90 </li>
88 <li class="${'active' if c.active=='strip' else ''}">
91 <li class="${'active' if c.active=='strip' else ''}">
89 <a href="${h.route_path('edit_repo_strip', repo_name=c.repo_name)}">${_('Strip')}</a>
92 <a href="${h.route_path('edit_repo_strip', repo_name=c.repo_name)}">${_('Strip')}</a>
90 </li>
93 </li>
91 <li class="${'active' if c.active=='audit' else ''}">
94 <li class="${'active' if c.active=='audit' else ''}">
92 <a href="${h.route_path('edit_repo_audit_logs', repo_name=c.repo_name)}">${_('Audit logs')}</a>
95 <a href="${h.route_path('edit_repo_audit_logs', repo_name=c.repo_name)}">${_('Audit logs')}</a>
93 </li>
96 </li>
94
97
95 </ul>
98 </ul>
96 </div>
99 </div>
97
100
98 <div class="main-content-full-width">
101 <div class="main-content-full-width">
99 ${self.main_content()}
102 ${self.main_content()}
100 </div>
103 </div>
101
104
102 </div>
105 </div>
103 </div>
106 </div>
104
107
105 </%def> No newline at end of file
108 </%def>
Show file before | Show file after | Hide comments
@@ -1,123 +1,135 b''
1 <%namespace name="base" file="/base/base.mako"/>
1 <%namespace name="base" file="/base/base.mako"/>
2
2
3 <div class="panel panel-default">
3 <div class="panel panel-default">
4 <div class="panel-heading">
4 <div class="panel-heading">
5 <h3 class="panel-title">${_('Repository Permissions')}</h3>
5 <h3 class="panel-title">${_('Repository Permissions')}</h3>
6 </div>
6 </div>
7 <div class="panel-body">
7 <div class="panel-body">
8 ${h.secure_form(h.route_path('edit_repo_perms', repo_name=c.repo_name), request=request)}
8 ${h.secure_form(h.route_path('edit_repo_perms', repo_name=c.repo_name), request=request)}
9 <table id="permissions_manage" class="rctable permissions">
9 <table id="permissions_manage" class="rctable permissions">
10 <tr>
10 <tr>
11 <th class="td-radio">${_('None')}</th>
11 <th class="td-radio">${_('None')}</th>
12 <th class="td-radio">${_('Read')}</th>
12 <th class="td-radio">${_('Read')}</th>
13 <th class="td-radio">${_('Write')}</th>
13 <th class="td-radio">${_('Write')}</th>
14 <th class="td-radio">${_('Admin')}</th>
14 <th class="td-radio">${_('Admin')}</th>
15 <th class="td-owner">${_('User/User Group')}</th>
15 <th class="td-owner">${_('User/User Group')}</th>
16 <th></th>
16 <th></th>
17 </tr>
17 </tr>
18 ## USERS
18 ## USERS
19 %for _user in c.rhodecode_db_repo.permissions():
19 %for _user in c.rhodecode_db_repo.permissions():
20 %if getattr(_user, 'admin_row', None) or getattr(_user, 'owner_row', None):
20 %if getattr(_user, 'admin_row', None) or getattr(_user, 'owner_row', None):
21 <tr class="perm_admin_row">
21 <tr class="perm_admin_row">
22 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.none', disabled="disabled")}</td>
22 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.none', disabled="disabled")}</td>
23 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.read', disabled="disabled")}</td>
23 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.read', disabled="disabled")}</td>
24 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.write', disabled="disabled")}</td>
24 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.write', disabled="disabled")}</td>
25 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.admin', 'repository.admin', disabled="disabled")}</td>
25 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.admin', 'repository.admin', disabled="disabled")}</td>
26 <td class="td-user">
26 <td class="td-user">
27 ${base.gravatar(_user.email, 16)}
27 ${base.gravatar(_user.email, 16)}
28 ${h.link_to_user(_user.username)}
28 ${h.link_to_user(_user.username)}
29 %if getattr(_user, 'admin_row', None):
29 %if getattr(_user, 'admin_row', None):
30 (${_('super admin')})
30 (${_('super admin')})
31 %endif
31 %endif
32 %if getattr(_user, 'owner_row', None):
32 %if getattr(_user, 'owner_row', None):
33 (${_('owner')})
33 (${_('owner')})
34 %endif
34 %endif
35 </td>
35 </td>
36 <td></td>
36 <td></td>
37 </tr>
37 </tr>
38 %elif _user.username == h.DEFAULT_USER and c.rhodecode_db_repo.private:
38 %elif _user.username == h.DEFAULT_USER and c.rhodecode_db_repo.private:
39 <tr>
39 <tr>
40 <td colspan="4">
40 <td colspan="4">
41 <span class="private_repo_msg">
41 <span class="private_repo_msg">
42 <strong title="${h.tooltip(_user.permission)}">${_('private repository')}</strong>
42 <strong title="${h.tooltip(_user.permission)}">${_('private repository')}</strong>
43 </span>
43 </span>
44 </td>
44 </td>
45 <td class="private_repo_msg">
45 <td class="private_repo_msg">
46 ${base.gravatar(h.DEFAULT_USER_EMAIL, 16)}
46 ${base.gravatar(h.DEFAULT_USER_EMAIL, 16)}
47 ${h.DEFAULT_USER} - ${_('only users/user groups explicitly added here will have access')}</td>
47 ${h.DEFAULT_USER} - ${_('only users/user groups explicitly added here will have access')}</td>
48 <td></td>
48 <td></td>
49 </tr>
49 </tr>
50 %else:
50 %else:
51 <tr>
51 <tr>
52 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.none', checked=_user.permission=='repository.none')}</td>
52 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.none', checked=_user.permission=='repository.none')}</td>
53 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.read', checked=_user.permission=='repository.read')}</td>
53 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.read', checked=_user.permission=='repository.read')}</td>
54 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.write', checked=_user.permission=='repository.write')}</td>
54 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.write', checked=_user.permission=='repository.write')}</td>
55 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.admin', checked=_user.permission=='repository.admin')}</td>
55 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'repository.admin', checked=_user.permission=='repository.admin')}</td>
56 <td class="td-user">
56 <td class="td-user">
57 ${base.gravatar(_user.email, 16)}
57 ${base.gravatar(_user.email, 16)}
58 <span class="user">
58 <span class="user">
59 % if _user.username == h.DEFAULT_USER:
59 % if _user.username == h.DEFAULT_USER:
60 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
60 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
61 % else:
61 % else:
62 ${h.link_to_user(_user.username)}
62 ${h.link_to_user(_user.username)}
63 % endif
63 % endif
64 </span>
64 </span>
65 </td>
65 </td>
66 <td class="td-action">
66 <td class="td-action">
67 %if _user.username != h.DEFAULT_USER:
67 %if _user.username != h.DEFAULT_USER:
68 <span class="btn btn-link btn-danger revoke_perm"
68 <span class="btn btn-link btn-danger revoke_perm"
69 member="${_user.user_id}" member_type="user">
69 member="${_user.user_id}" member_type="user">
70 <i class="icon-remove"></i> ${_('Revoke')}
70 ${_('Revoke')}
71 </span>
71 </span>
72 %endif
72 %endif
73 </td>
73 </td>
74 </tr>
74 </tr>
75 %endif
75 %endif
76 %endfor
76 %endfor
77
77
78 ## USER GROUPS
78 ## USER GROUPS
79 %for _user_group in c.rhodecode_db_repo.permission_user_groups():
79 %for _user_group in c.rhodecode_db_repo.permission_user_groups():
80 <tr>
80 <tr>
81 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.none', checked=_user_group.permission=='repository.none')}</td>
81 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.none', checked=_user_group.permission=='repository.none')}</td>
82 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.read', checked=_user_group.permission=='repository.read')}</td>
82 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.read', checked=_user_group.permission=='repository.read')}</td>
83 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.write', checked=_user_group.permission=='repository.write')}</td>
83 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.write', checked=_user_group.permission=='repository.write')}</td>
84 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.admin', checked=_user_group.permission=='repository.admin')}</td>
84 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'repository.admin', checked=_user_group.permission=='repository.admin')}</td>
85 <td class="td-componentname">
85 <td class="td-componentname">
86 <i class="icon-group" ></i>
86 <i class="icon-user-group"></i>
87 %if h.HasPermissionAny('hg.admin')():
87 %if h.HasPermissionAny('hg.admin')():
88 <a href="${h.route_path('edit_user_group',user_group_id=_user_group.users_group_id)}">
88 <a href="${h.route_path('edit_user_group',user_group_id=_user_group.users_group_id)}">
89 ${_user_group.users_group_name}
89 ${_user_group.users_group_name}
90 </a>
90 </a>
91 %else:
91 %else:
92 ${h.link_to_group(_user_group.users_group_name)}
92 ${h.link_to_group(_user_group.users_group_name)}
93 %endif
93 %endif
94 </td>
94 </td>
95 <td class="td-action">
95 <td class="td-action">
96 <span class="btn btn-link btn-danger revoke_perm"
96 <span class="btn btn-link btn-danger revoke_perm"
97 member="${_user_group.users_group_id}" member_type="user_group">
97 member="${_user_group.users_group_id}" member_type="user_group">
98 <i class="icon-remove"></i> ${_('Revoke')}
98 ${_('Revoke')}
99 </span>
99 </span>
100 </td>
100 </td>
101 </tr>
101 </tr>
102 %endfor
102 %endfor
103 <tr class="new_members" id="add_perm_input"></tr>
103 <tr class="new_members" id="add_perm_input"></tr>
104
105 <tr>
106 <td></td>
107 <td></td>
108 <td></td>
109 <td></td>
110 <td></td>
111 <td>
112 <span id="add_perm" class="link">
113 ${_('Add user/user group')}
114 </span>
115 </td>
116 </tr>
117
104 </table>
118 </table>
105 <div id="add_perm" class="link">
119
106 ${_('Add new')}
107 </div>
108 <div class="buttons">
120 <div class="buttons">
109 ${h.submit('save',_('Save'),class_="btn btn-primary")}
121 ${h.submit('save',_('Save'),class_="btn btn-primary")}
110 ${h.reset('reset',_('Reset'),class_="btn btn-danger")}
122 ${h.reset('reset',_('Reset'),class_="btn btn-danger")}
111 </div>
123 </div>
112 ${h.end_form()}
124 ${h.end_form()}
113 </div>
125 </div>
114 </div>
126 </div>
115
127
116 <script type="text/javascript">
128 <script type="text/javascript">
117 $('#add_perm').on('click', function(e){
129 $('#add_perm').on('click', function(e){
118 addNewPermInput($(this), 'repository');
130 addNewPermInput($(this), 'repository');
119 });
131 });
120 $('.revoke_perm').on('click', function(e){
132 $('.revoke_perm').on('click', function(e){
121 markRevokePermInput($(this), 'repository');
133 markRevokePermInput($(this), 'repository');
122 });
134 });
123 </script>
135 </script>
Show file before | Show file after | Hide comments
@@ -1,134 +1,144 b''
1 <%namespace name="base" file="/base/base.mako"/>
1 <%namespace name="base" file="/base/base.mako"/>
2
2
3 <div class="panel panel-default">
3 <div class="panel panel-default">
4 <div class="panel-heading">
4 <div class="panel-heading">
5 <h3 class="panel-title">${_('User Group Permissions')}</h3>
5 <h3 class="panel-title">${_('User Group Permissions')}</h3>
6 </div>
6 </div>
7 <div class="panel-body">
7 <div class="panel-body">
8 ${h.secure_form(h.route_path('edit_user_group_perms_update', user_group_id=c.user_group.users_group_id), request=request)}
8 ${h.secure_form(h.route_path('edit_user_group_perms_update', user_group_id=c.user_group.users_group_id), request=request)}
9 <table id="permissions_manage" class="rctable permissions">
9 <table id="permissions_manage" class="rctable permissions">
10 <tr>
10 <tr>
11 <th class="td-radio">${_('None')}</th>
11 <th class="td-radio">${_('None')}</th>
12 <th class="td-radio">${_('Read')}</th>
12 <th class="td-radio">${_('Read')}</th>
13 <th class="td-radio">${_('Write')}</th>
13 <th class="td-radio">${_('Write')}</th>
14 <th class="td-radio">${_('Admin')}</th>
14 <th class="td-radio">${_('Admin')}</th>
15 <th>${_('User/User Group')}</th>
15 <th>${_('User/User Group')}</th>
16 <th></th>
16 <th></th>
17 </tr>
17 </tr>
18 ## USERS
18 ## USERS
19 %for _user in c.user_group.permissions():
19 %for _user in c.user_group.permissions():
20 %if getattr(_user, 'admin_row', None) or getattr(_user, 'owner_row', None):
20 %if getattr(_user, 'admin_row', None) or getattr(_user, 'owner_row', None):
21 <tr class="perm_admin_row">
21 <tr class="perm_admin_row">
22 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.none', disabled="disabled")}</td>
22 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.none', disabled="disabled")}</td>
23 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.read', disabled="disabled")}</td>
23 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.read', disabled="disabled")}</td>
24 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.write', disabled="disabled")}</td>
24 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.write', disabled="disabled")}</td>
25 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.admin', 'repository.admin', disabled="disabled")}</td>
25 <td class="td-radio">${h.radio('admin_perm_%s' % _user.user_id,'repository.admin', 'repository.admin', disabled="disabled")}</td>
26 <td class="td-user">
26 <td class="td-user">
27 ${base.gravatar(_user.email, 16)}
27 ${base.gravatar(_user.email, 16)}
28 <span class="user">
28 <span class="user">
29 ${h.link_to_user(_user.username)}
29 ${h.link_to_user(_user.username)}
30 %if getattr(_user, 'admin_row', None):
30 %if getattr(_user, 'admin_row', None):
31 (${_('super admin')})
31 (${_('super admin')})
32 %endif
32 %endif
33 %if getattr(_user, 'owner_row', None):
33 %if getattr(_user, 'owner_row', None):
34 (${_('owner')})
34 (${_('owner')})
35 %endif
35 %endif
36 </span>
36 </span>
37 </td>
37 </td>
38 <td></td>
38 <td></td>
39 </tr>
39 </tr>
40 %else:
40 %else:
41 ##forbid revoking permission from yourself, except if you're an super admin
41 ##forbid revoking permission from yourself, except if you're an super admin
42 <tr>
42 <tr>
43 %if c.rhodecode_user.user_id != _user.user_id or c.rhodecode_user.is_admin:
43 %if c.rhodecode_user.user_id != _user.user_id or c.rhodecode_user.is_admin:
44 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.none')}</td>
44 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.none')}</td>
45 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.read')}</td>
45 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.read')}</td>
46 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.write')}</td>
46 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.write')}</td>
47 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.admin')}</td>
47 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.admin')}</td>
48 <td class="td-user">
48 <td class="td-user">
49 ${base.gravatar(_user.email, 16)}
49 ${base.gravatar(_user.email, 16)}
50 <span class="user">
50 <span class="user">
51 % if _user.username == h.DEFAULT_USER:
51 % if _user.username == h.DEFAULT_USER:
52 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
52 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
53 % else:
53 % else:
54 ${h.link_to_user(_user.username)}
54 ${h.link_to_user(_user.username)}
55 % endif
55 % endif
56 </span>
56 </span>
57 </td>
57 </td>
58 <td class="td-action">
58 <td class="td-action">
59 %if _user.username != h.DEFAULT_USER:
59 %if _user.username != h.DEFAULT_USER:
60 <span class="btn btn-link btn-danger revoke_perm"
60 <span class="btn btn-link btn-danger revoke_perm"
61 member="${_user.user_id}" member_type="user">
61 member="${_user.user_id}" member_type="user">
62 <i class="icon-remove"></i> ${_('revoke')}
62 ${_('Revoke')}
63 </span>
63 </span>
64 %endif
64 %endif
65 </td>
65 </td>
66 %else:
66 %else:
67 ## special case for current user permissions, we make sure he cannot take his own permissions
67 ## special case for current user permissions, we make sure he cannot take his own permissions
68 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.none', disabled="disabled")}</td>
68 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.none', disabled="disabled")}</td>
69 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.read', disabled="disabled")}</td>
69 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.read', disabled="disabled")}</td>
70 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.write', disabled="disabled")}</td>
70 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.write', disabled="disabled")}</td>
71 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.admin', disabled="disabled")}</td>
71 <td class="td-radio">${h.radio('u_perm_%s' % _user.user_id,'usergroup.admin', disabled="disabled")}</td>
72 <td class="td-user">
72 <td class="td-user">
73 ${base.gravatar(_user.email, 16)}
73 ${base.gravatar(_user.email, 16)}
74 <span class="user">
74 <span class="user">
75 % if _user.username == h.DEFAULT_USER:
75 % if _user.username == h.DEFAULT_USER:
76 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
76 ${h.DEFAULT_USER} <span class="user-perm-help-text"> - ${_('permission for all other users')}</span>
77 % else:
77 % else:
78 ${h.link_to_user(_user.username)}
78 ${h.link_to_user(_user.username)}
79 % endif
79 % endif
80 <span class="user-perm-help-text">(${_('delegated admin')})</span>
80 <span class="user-perm-help-text">(${_('delegated admin')})</span>
81 </span>
81 </span>
82 </td>
82 </td>
83 <td></td>
83 <td></td>
84 %endif
84 %endif
85 </tr>
85 </tr>
86 %endif
86 %endif
87 %endfor
87 %endfor
88
88
89 ## USER GROUPS
89 ## USER GROUPS
90 %for _user_group in c.user_group.permission_user_groups():
90 %for _user_group in c.user_group.permission_user_groups():
91 <tr>
91 <tr>
92 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'usergroup.none')}</td>
92 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'usergroup.none')}</td>
93 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'usergroup.read')}</td>
93 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'usergroup.read')}</td>
94 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'usergroup.write')}</td>
94 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'usergroup.write')}</td>
95 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'usergroup.admin')}</td>
95 <td class="td-radio">${h.radio('g_perm_%s' % _user_group.users_group_id,'usergroup.admin')}</td>
96 <td class="td-user">
96 <td class="td-user">
97 <i class="icon-group" ></i>
97 <i class="icon-user-group"></i>
98 %if h.HasPermissionAny('hg.admin')():
98 %if h.HasPermissionAny('hg.admin')():
99 <a href="${h.route_path('edit_user_group',user_group_id=_user_group.users_group_id)}">
99 <a href="${h.route_path('edit_user_group',user_group_id=_user_group.users_group_id)}">
100 ${_user_group.users_group_name}
100 ${_user_group.users_group_name}
101 </a>
101 </a>
102 %else:
102 %else:
103 ${h.link_to_group(_user_group.users_group_name)}
103 ${h.link_to_group(_user_group.users_group_name)}
104 %endif
104 %endif
105 </td>
105 </td>
106 <td class="td-action">
106 <td class="td-action">
107 <span class="btn btn-link btn-danger revoke_perm"
107 <span class="btn btn-link btn-danger revoke_perm"
108 member="${_user_group.users_group_id}" member_type="user_group">
108 member="${_user_group.users_group_id}" member_type="user_group">
109 <i class="icon-remove"></i> ${_('revoke')}
109 ${_('Revoke')}
110 </span>
110 </span>
111 </td>
111 </td>
112 </tr>
112 </tr>
113 %endfor
113 %endfor
114 <tr class="new_members" id="add_perm_input"></tr>
114 <tr class="new_members" id="add_perm_input"></tr>
115 <tr>
116 <td></td>
117 <td></td>
118 <td></td>
119 <td></td>
120 <td></td>
121 <td>
122 <span id="add_perm" class="link">
123 ${_('Add user/user group')}
124 </span>
125 </td>
126 </tr>
115 </table>
127 </table>
116 <div id="add_perm" class="link">
128
117 ${_('Add new')}
118 </div>
119 <div class="buttons">
129 <div class="buttons">
120 ${h.submit('save',_('Save'),class_="btn btn-primary")}
130 ${h.submit('save',_('Save'),class_="btn btn-primary")}
121 ${h.reset('reset',_('Reset'),class_="btn btn-danger")}
131 ${h.reset('reset',_('Reset'),class_="btn btn-danger")}
122 </div>
132 </div>
123 ${h.end_form()}
133 ${h.end_form()}
124 </div>
134 </div>
125 </div>
135 </div>
126
136
127 <script type="text/javascript">
137 <script type="text/javascript">
128 $('#add_perm').on('click', function(e){
138 $('#add_perm').on('click', function(e){
129 addNewPermInput($(this), 'usergroup');
139 addNewPermInput($(this), 'usergroup');
130 });
140 });
131 $('.revoke_perm').on('click', function(e){
141 $('.revoke_perm').on('click', function(e){
132 markRevokePermInput($(this), 'usergroup');
142 markRevokePermInput($(this), 'usergroup');
133 });
143 });
134 </script>
144 </script>
Show file before | Show file after | Hide comments
@@ -1,147 +1,147 b''
1 ## -*- coding: utf-8 -*-
1 ## -*- coding: utf-8 -*-
2
2
3
3
4 <div class="panel panel-default">
4 <div class="panel panel-default">
5 <div class="panel-heading">
5 <div class="panel-heading">
6 <h3 class="panel-title">${_('User groups administration')}</h3>
6 <h3 class="panel-title">${_('User groups administration')}</h3>
7 </div>
7 </div>
8 <div class="panel-body">
8 <div class="panel-body">
9 <div class="fields">
9 <div class="fields">
10 <div class="field">
10 <div class="field">
11 <div class="label label-checkbox">
11 <div class="label label-checkbox">
12 <label for="users_group_active">${_('Add `%s` to user group') % c.user.username}:</label>
12 <label for="users_group_active">${_('Add `%s` to user group') % c.user.username}:</label>
13 </div>
13 </div>
14 <div class="input">
14 <div class="input">
15 ${h.text('add_user_to_group', placeholder="user group name", class_="medium")}
15 ${h.text('add_user_to_group', placeholder="user group name", class_="medium")}
16 </div>
16 </div>
17
17
18 </div>
18 </div>
19 </div>
19 </div>
20
20
21 <div class="groups_management">
21 <div class="groups_management">
22 ${h.secure_form(h.route_path('edit_user_groups_management_updates', user_id=c.user.user_id), request=request)}
22 ${h.secure_form(h.route_path('edit_user_groups_management_updates', user_id=c.user.user_id), request=request)}
23 <div id="repos_list_wrap">
23 <div id="repos_list_wrap">
24 <table id="user_group_list_table" class="display"></table>
24 <table id="user_group_list_table" class="display"></table>
25 </div>
25 </div>
26 <div class="buttons">
26 <div class="buttons">
27 ${h.submit('save',_('Save'),class_="btn")}
27 ${h.submit('save',_('Save'),class_="btn")}
28 </div>
28 </div>
29 ${h.end_form()}
29 ${h.end_form()}
30 </div>
30 </div>
31 </div>
31 </div>
32 </div>
32 </div>
33 <script>
33 <script>
34 var api;
34 var api;
35 $(document).ready(function() {
35 $(document).ready(function() {
36
36
37 var get_datatable_count = function(){
37 var get_datatable_count = function(){
38 $('#user_group_count').text(api.page.info().recordsDisplay);
38 $('#user_group_count').text(api.page.info().recordsDisplay);
39 };
39 };
40
40
41 $('#user_group_list_table').on('click', 'a.editor_remove', function (e) {
41 $('#user_group_list_table').on('click', 'a.editor_remove', function (e) {
42 e.preventDefault();
42 e.preventDefault();
43 var row = api.row($(this).closest('tr'));
43 var row = api.row($(this).closest('tr'));
44 row.remove().draw();
44 row.remove().draw();
45 } );
45 } );
46
46
47 $('#user_group_list_table').DataTable({
47 $('#user_group_list_table').DataTable({
48 data: ${c.groups|n},
48 data: ${c.groups|n},
49 dom: 'rtp',
49 dom: 'rtp',
50 pageLength: ${c.visual.admin_grid_items},
50 pageLength: ${c.visual.admin_grid_items},
51 order: [[ 0, "asc" ]],
51 order: [[ 0, "asc" ]],
52 columns: [
52 columns: [
53 { data: {"_": "group_name",
53 { data: {"_": "group_name",
54 "sort": "group_name"}, title: "${_('Name')}", className: "td-componentname," ,
54 "sort": "group_name"}, title: "${_('Name')}", className: "td-componentname," ,
55 render: function (data,type,full,meta)
55 render: function (data,type,full,meta)
56 {return '<div><i class="icon-group" title="User group">'+data+'</i></div>'}},
56 {return '<div><i class="icon-user-group" title="User group">'+data+'</i></div>'}},
57
57
58 { data: {"_": "group_description",
58 { data: {"_": "group_description",
59 "sort": "group_description"}, title: "${_('Description')}", className: "td-description" },
59 "sort": "group_description"}, title: "${_('Description')}", className: "td-description" },
60 { data: {"_": "users_group_id"}, className: "td-user",
60 { data: {"_": "users_group_id"}, className: "td-user",
61 render: function (data,type,full,meta)
61 render: function (data,type,full,meta)
62 {return '<input type="hidden" name="users_group_id" value="'+data+'">'}},
62 {return '<input type="hidden" name="users_group_id" value="'+data+'">'}},
63 { data: {"_": "active",
63 { data: {"_": "active",
64 "sort": "active"}, title: "${_('Active')}", className: "td-active"},
64 "sort": "active"}, title: "${_('Active')}", className: "td-active"},
65 { data: {"_": "owner_data"}, title: "${_('Owner')}", className: "td-user",
65 { data: {"_": "owner_data"}, title: "${_('Owner')}", className: "td-user",
66 render: function (data,type,full,meta)
66 render: function (data,type,full,meta)
67 {return '<div class="rc-user tooltip">'+
67 {return '<div class="rc-user tooltip">'+
68 '<img class="gravatar" src="'+ data.owner_icon +'" height="16" width="16">'+
68 '<img class="gravatar" src="'+ data.owner_icon +'" height="16" width="16">'+
69 data.owner +'</div>'
69 data.owner +'</div>'
70 }
70 }
71 },
71 },
72 { data: null,
72 { data: null,
73 title: "${_('Action')}",
73 title: "${_('Action')}",
74 className: "td-action",
74 className: "td-action",
75 defaultContent: '-'
75 defaultContent: '-'
76 }
76 }
77 ],
77 ],
78 language: {
78 language: {
79 paginate: DEFAULT_GRID_PAGINATION,
79 paginate: DEFAULT_GRID_PAGINATION,
80 emptyTable: _gettext("No user groups available yet.")
80 emptyTable: _gettext("No user groups available yet.")
81 },
81 },
82 "initComplete": function( settings, json ) {
82 "initComplete": function( settings, json ) {
83 var data_grid = $('#user_group_list_table').dataTable();
83 var data_grid = $('#user_group_list_table').dataTable();
84 api = data_grid.api();
84 api = data_grid.api();
85 get_datatable_count();
85 get_datatable_count();
86 }
86 }
87 });
87 });
88
88
89 // update the counter when doing search
89 // update the counter when doing search
90 $('#user_group_list_table').on( 'search.dt', function (e,settings) {
90 $('#user_group_list_table').on( 'search.dt', function (e,settings) {
91 get_datatable_count();
91 get_datatable_count();
92 });
92 });
93
93
94 // filter, filter both grids
94 // filter, filter both grids
95 $('#q_filter').on( 'keyup', function () {
95 $('#q_filter').on( 'keyup', function () {
96 var user_api = $('#user_group_list_table').dataTable().api();
96 var user_api = $('#user_group_list_table').dataTable().api();
97 user_api
97 user_api
98 .columns(0)
98 .columns(0)
99 .search(this.value)
99 .search(this.value)
100 .draw();
100 .draw();
101 });
101 });
102
102
103 // refilter table if page load via back button
103 // refilter table if page load via back button
104 $("#q_filter").trigger('keyup');
104 $("#q_filter").trigger('keyup');
105
105
106 });
106 });
107
107
108 $('#language').select2({
108 $('#language').select2({
109 'containerCssClass': "drop-menu",
109 'containerCssClass': "drop-menu",
110 'dropdownCssClass': "drop-menu-dropdown",
110 'dropdownCssClass': "drop-menu-dropdown",
111 'dropdownAutoWidth': true
111 'dropdownAutoWidth': true
112 });
112 });
113
113
114
114
115
115
116 $(document).ready(function(){
116 $(document).ready(function(){
117 $("#group_parent_id").select2({
117 $("#group_parent_id").select2({
118 'containerCssClass': "drop-menu",
118 'containerCssClass': "drop-menu",
119 'dropdownCssClass': "drop-menu-dropdown",
119 'dropdownCssClass': "drop-menu-dropdown",
120 'dropdownAutoWidth': true
120 'dropdownAutoWidth': true
121 });
121 });
122
122
123 $('#add_user_to_group').autocomplete({
123 $('#add_user_to_group').autocomplete({
124 serviceUrl: pyroutes.url('user_group_autocomplete_data'),
124 serviceUrl: pyroutes.url('user_group_autocomplete_data'),
125 minChars:2,
125 minChars:2,
126 maxHeight:400,
126 maxHeight:400,
127 width:300,
127 width:300,
128 deferRequestBy: 300, //miliseconds
128 deferRequestBy: 300, //miliseconds
129 showNoSuggestionNotice: true,
129 showNoSuggestionNotice: true,
130 params: { user_groups:true },
130 params: { user_groups:true },
131 formatResult: autocompleteFormatResult,
131 formatResult: autocompleteFormatResult,
132 lookupFilter: autocompleteFilterResult,
132 lookupFilter: autocompleteFilterResult,
133 onSelect: function(element, suggestion){
133 onSelect: function(element, suggestion){
134 var owner = {owner_icon: suggestion.owner_icon, owner:suggestion.owner};
134 var owner = {owner_icon: suggestion.owner_icon, owner:suggestion.owner};
135 api.row.add(
135 api.row.add(
136 {"active": suggestion.active,
136 {"active": suggestion.active,
137 "owner_data": owner,
137 "owner_data": owner,
138 "users_group_id": suggestion.id,
138 "users_group_id": suggestion.id,
139 "group_description": suggestion.description,
139 "group_description": suggestion.description,
140 "group_name": suggestion.value}).draw();
140 "group_name": suggestion.value}).draw();
141 }
141 }
142 });
142 });
143 })
143 })
144
144
145 </script>
145 </script>
146
146
147
147
Show file before | Show file after | Hide comments
@@ -1,268 +1,353 b''
1 ## snippet for displaying permissions overview for users
1 ## snippet for displaying permissions overview for users
2 ## usage:
2 ## usage:
3 ## <%namespace name="p" file="/base/perms_summary.mako"/>
3 ## <%namespace name="p" file="/base/perms_summary.mako"/>
4 ## ${p.perms_summary(c.perm_user.permissions)}
4 ## ${p.perms_summary(c.perm_user.permissions)}
5
5
6 <%def name="perms_summary(permissions, show_all=False, actions=True, side_link=None)">
6 <%def name="perms_summary(permissions, show_all=False, actions=True, side_link=None)">
7 <% section_to_label = {
8 'global': 'Global Permissions',
9 'repository_branches': 'Repository Branch Rules',
10 'repositories': 'Repository Permissions',
11 'user_groups': 'User Group Permissions',
12 'repositories_groups': 'Repository Group Permissions',
13 } %>
7 <div id="perms" class="table fields">
14 <div id="perms" class="table fields">
8 %for section in sorted(permissions.keys()):
15 %for section in sorted(permissions.keys(), key=lambda item: {'global': 0, 'repository_branches': 1}.get(item, 1000)):
9 <div class="panel panel-default">
16 <div class="panel panel-default">
10 <div class="panel-heading">
17 <div class="panel-heading" id="${section.replace("_","-")}-permissions">
11 <h3 class="panel-title">${section.replace("_"," ").capitalize()}</h3>
18 <h3 class="panel-title">${section_to_label.get(section, section)} - ${len(permissions[section])}
19 <a class="permalink" href="#${section.replace("_","-")}-permissions"></a>
20 </h3>
12 % if side_link:
21 % if side_link:
13 <div class="pull-right">
22 <div class="pull-right">
14 <a href="${side_link}">${_('in JSON format')}</a>
23 <a href="${side_link}">${_('in JSON format')}</a>
15 </div>
24 </div>
16 % endif
25 % endif
17 </div>
26 </div>
18 <div class="panel-body">
27 <div class="panel-body">
19 <div class="perms_section_head field">
28 <div class="perms_section_head field">
20 <div class="radios">
29 <div class="radios">
21 %if section != 'global':
30 % if section == 'repository_branches':
22 <span class="permissions_boxes">
31 <span class="permissions_boxes">
23 <span class="desc">${_('show')}: </span>
32 <span class="desc">${_('show')}: </span>
24 ${h.checkbox('perms_filter_none_%s' % section, 'none', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='none')} <label for="${'perms_filter_none_%s' % section}"><span class="perm_tag none">${_('none')}</span></label>
33 ${h.checkbox('perms_filter_none_%s' % section, 'none', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='none')} <label for="${'perms_filter_none_{}'.format(section)}"><span class="perm_tag none">${_('none')}</span></label>
25 ${h.checkbox('perms_filter_read_%s' % section, 'read', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='read')} <label for="${'perms_filter_read_%s' % section}"><span class="perm_tag read">${_('read')}</span></label>
34 ${h.checkbox('perms_filter_merge_%s' % section, 'merge', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='merge')} <label for="${'perms_filter_merge_{}'.format(section)}"><span class="perm_tag merge">${_('merge')}</span></label>
26 ${h.checkbox('perms_filter_write_%s' % section, 'write', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='write')} <label for="${'perms_filter_write_%s' % section}"> <span class="perm_tag write">${_('write')}</span></label>
35 ${h.checkbox('perms_filter_push_%s' % section, 'push', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='push')} <label for="${'perms_filter_push_{}'.format(section)}"> <span class="perm_tag push">${_('push')}</span></label>
27 ${h.checkbox('perms_filter_admin_%s' % section, 'admin', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='admin')} <label for="${'perms_filter_admin_%s' % section}"><span class="perm_tag admin">${_('admin')}</span></label>
36 ${h.checkbox('perms_filter_push_force_%s' % section, 'push_force', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='push_force')} <label for="${'perms_filter_push_force_{}'.format(section)}"><span class="perm_tag push_force">${_('push force')}</span></label>
28 </span>
37 </span>
29 %endif
38 % elif section != 'global':
39 <span class="permissions_boxes">
40 <span class="desc">${_('show')}: </span>
41 ${h.checkbox('perms_filter_none_%s' % section, 'none', '', class_='perm_filter filter_%s' % section, section=section, perm_type='none')} <label for="${'perms_filter_none_{}'.format(section)}"><span class="perm_tag none">${_('none')}</span></label>
42 ${h.checkbox('perms_filter_read_%s' % section, 'read', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='read')} <label for="${'perms_filter_read_{}'.format(section)}"><span class="perm_tag read">${_('read')}</span></label>
43 ${h.checkbox('perms_filter_write_%s' % section, 'write', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='write')} <label for="${'perms_filter_write_{}'.format(section)}"> <span class="perm_tag write">${_('write')}</span></label>
44 ${h.checkbox('perms_filter_admin_%s' % section, 'admin', 'checked', class_='perm_filter filter_%s' % section, section=section, perm_type='admin')} <label for="${'perms_filter_admin_{}'.format(section)}"><span class="perm_tag admin">${_('admin')}</span></label>
45 </span>
46 % endif
47
30 </div>
48 </div>
31 </div>
49 </div>
32 <div class="field">
50 <div class="field">
33 %if not permissions[section]:
51 %if not permissions[section]:
34 <p class="empty_data help-block">${_('No permissions defined')}</p>
52 <p class="empty_data help-block">${_('No permissions defined')}</p>
35 %else:
53 %else:
36 <div id='tbl_list_wrap_${section}'>
54 <div id='tbl_list_wrap_${section}'>
37 <table id="tbl_list_${section}" class="rctable">
55 <table id="tbl_list_${section}" class="rctable">
38 ## global permission box
56 ## global permission box
39 %if section == 'global':
57 %if section == 'global':
40 <thead>
58 <thead>
41 <tr>
59 <tr>
42 <th colspan="2" class="left">${_('Permission')}</th>
60 <th colspan="2" class="left">${_('Permission')}</th>
43 %if actions:
61 %if actions:
44 <th colspan="2">${_('Edit Permission')}</th>
62 <th colspan="2">${_('Edit Permission')}</th>
45 %endif
63 %endif
46 </thead>
64 </thead>
47 <tbody>
65 <tbody>
48
66
49 <%
67 <%
50 def get_section_perms(prefix, opts):
68 def get_section_perms(prefix, opts):
51 _selected = []
69 _selected = []
52 for op in opts:
70 for op in opts:
53 if op.startswith(prefix) and not op.startswith('hg.create.write_on_repogroup'):
71 if op.startswith(prefix) and not op.startswith('hg.create.write_on_repogroup'):
54 _selected.append(op)
72 _selected.append(op)
55 admin = 'hg.admin' in opts
73 admin = 'hg.admin' in opts
56 _selected_vals = [x.partition(prefix)[-1] for x in _selected]
74 _selected_vals = [x.partition(prefix)[-1] for x in _selected]
57 return admin, _selected_vals, _selected
75 return admin, _selected_vals, _selected
58 %>
76 %>
59
77
60 <%def name="glob(lbl, val, val_lbl=None, edit_url=None, edit_global_url=None)">
78 <%def name="glob(lbl, val, val_lbl=None, edit_url=None, edit_global_url=None)">
61 <tr>
79 <tr>
62 <td class="td-tags">
80 <td class="td-tags">
63 ${lbl}
81 ${lbl}
64 </td>
82 </td>
65 <td class="td-tags">
83 <td class="td-tags">
66 %if val[0]:
84 %if val[0]:
67 %if not val_lbl:
85 %if not val_lbl:
68 ## super admin case
86 ## super admin case
69 True
87 True
70 %else:
88 %else:
71 <span class="perm_tag admin">${val_lbl}.admin</span>
89 <span class="perm_tag admin">${val_lbl}.admin</span>
72 %endif
90 %endif
73 %else:
91 %else:
74 %if not val_lbl:
92 %if not val_lbl:
75 ${
93 ${{'false': False,
76 {'false': False,
77 'true': True,
94 'true': True,
78 'none': False,
95 'none': False,
79 'repository': True}.get(val[1][0] if 0 < len(val[1]) else 'false')
96 'repository': True}.get(val[1][0] if 0 < len(val[1]) else 'false')}
80 }
81 %else:
97 %else:
82 <span class="perm_tag ${val[1][0]}">${val_lbl}.${val[1][0]}</span>
98 <span class="perm_tag ${val[1][0]}">${val_lbl}.${val[1][0]}</span>
83 %endif
99 %endif
84 %endif
100 %endif
85 </td>
101 </td>
86 %if actions:
102 %if actions:
87
103
88 % if edit_url or edit_global_url:
104 % if edit_url or edit_global_url:
89
105
90 <td class="td-action">
106 <td class="td-action">
91 % if edit_url:
107 % if edit_url:
92 <a href="${edit_url}">${_('edit')}</a>
108 <a href="${edit_url}">${_('edit')}</a>
93 % else:
109 % else:
94 -
110 -
95 % endif
111 % endif
96 </td>
112 </td>
97
113
98 <td class="td-action">
114 <td class="td-action">
99 % if edit_global_url:
115 % if edit_global_url:
100 <a href="${edit_global_url}">${_('edit global')}</a>
116 <a href="${edit_global_url}">${_('edit global')}</a>
101 % else:
117 % else:
102 -
118 -
103 % endif
119 % endif
104 </td>
120 </td>
105
121
106 % else:
122 % else:
107 <td class="td-action"></td>
123 <td class="td-action"></td>
108 <td class="td-action">
124 <td class="td-action">
109 <a href="${h.route_path('admin_permissions_global')}">${_('edit global')}</a>
125 <a href="${h.route_path('admin_permissions_global')}">${_('edit global')}</a>
110 <td class="td-action">
126 <td class="td-action">
111 % endif
127 % endif
112
128
113 %endif
129 %endif
114 </tr>
130 </tr>
115 </%def>
131 </%def>
116
132
117 ${glob(_('Repository default permission'), get_section_perms('repository.', permissions[section]), 'repository',
133 ${glob(_('Repository default permission'), get_section_perms('repository.', permissions[section]), 'repository',
118 edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))}
134 edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))}
119
135
120 ${glob(_('Repository group default permission'), get_section_perms('group.', permissions[section]), 'group',
136 ${glob(_('Repository group default permission'), get_section_perms('group.', permissions[section]), 'group',
121 edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))}
137 edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))}
122
138
123 ${glob(_('User group default permission'), get_section_perms('usergroup.', permissions[section]), 'usergroup',
139 ${glob(_('User group default permission'), get_section_perms('usergroup.', permissions[section]), 'usergroup',
124 edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))}
140 edit_url=None, edit_global_url=h.route_path('admin_permissions_object'))}
125
141
126 ${glob(_('Super admin'), get_section_perms('hg.admin', permissions[section]),
142 ${glob(_('Super admin'), get_section_perms('hg.admin', permissions[section]),
127 edit_url=h.route_path('user_edit', user_id=c.user.user_id, _anchor='admin'), edit_global_url=None)}
143 edit_url=h.route_path('user_edit', user_id=c.user.user_id, _anchor='admin'), edit_global_url=None)}
128
144
129 ${glob(_('Inherit permissions'), get_section_perms('hg.inherit_default_perms.', permissions[section]),
145 ${glob(_('Inherit permissions'), get_section_perms('hg.inherit_default_perms.', permissions[section]),
130 edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=None)}
146 edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=None)}
131
147
132 ${glob(_('Create repositories'), get_section_perms('hg.create.', permissions[section]),
148 ${glob(_('Create repositories'), get_section_perms('hg.create.', permissions[section]),
133 edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
149 edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
134
150
135 ${glob(_('Fork repositories'), get_section_perms('hg.fork.', permissions[section]),
151 ${glob(_('Fork repositories'), get_section_perms('hg.fork.', permissions[section]),
136 edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
152 edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
137
153
138 ${glob(_('Create repository groups'), get_section_perms('hg.repogroup.create.', permissions[section]),
154 ${glob(_('Create repository groups'), get_section_perms('hg.repogroup.create.', permissions[section]),
139 edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
155 edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
140
156
141 ${glob(_('Create user groups'), get_section_perms('hg.usergroup.create.', permissions[section]),
157 ${glob(_('Create user groups'), get_section_perms('hg.usergroup.create.', permissions[section]),
142 edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
158 edit_url=h.route_path('user_edit_global_perms', user_id=c.user.user_id), edit_global_url=h.route_path('admin_permissions_object'))}
143
159
144 </tbody>
160 </tbody>
161 ## Branch perms
162 %elif section == 'repository_branches':
163 <thead>
164 <tr>
165 <th>${_('Name')}</th>
166 <th>${_('Pattern')}</th>
167 <th>${_('Permission')}</th>
168 %if actions:
169 <th>${_('Edit Branch Permission')}</th>
170 %endif
171 </thead>
172 <tbody class="section_${section}">
173 <%
174 def name_sorter(permissions):
175 def custom_sorter(item):
176 return item[0]
177 return sorted(permissions, key=custom_sorter)
178
179 def branch_sorter(permissions):
180 def custom_sorter(item):
181 ## none, merge, push, push_force
182 section = item[1].split('.')[-1]
183 section_importance = {'none': u'0',
184 'merge': u'1',
185 'push': u'2',
186 'push_force': u'3'}.get(section)
187 ## sort by importance + name
188 return section_importance + item[0]
189 return sorted(permissions, key=custom_sorter)
190 %>
191 %for k, section_perms in name_sorter(permissions[section].items()):
192 % for pattern, perm in branch_sorter(section_perms.items()):
193 <tr class="perm_row ${'{}_{}'.format(section, perm.split('.')[-1])}">
194 <td class="td-name">
195 <a href="${h.route_path('repo_summary',repo_name=k)}">${k}</a>
196 </td>
197 <td>${pattern}</td>
198 <td class="td-tags">
199 ## TODO: calculate origin somehow
200 ## % for i, ((_pat, perm), origin) in enumerate((permissions[section].perm_origin_stack[k])):
201
202 <div>
203 <% i = 0 %>
204 <% origin = 'unknown' %>
205 <% _css_class = i > 0 and 'perm_overriden' or '' %>
206
207 <span class="${_css_class} perm_tag ${perm.split('.')[-1]}">
208 ${perm}
209 ##(${origin})
210 </span>
211 </div>
212 ## % endfor
213 </td>
214 %if actions:
215 <td class="td-action">
216 <a href="${h.route_path('edit_repo_perms_branch',repo_name=k)}">${_('edit')}</a>
217 </td>
218 %endif
219 </tr>
220 % endfor
221 %endfor
222 </tbody>
223
224 ## Repos/Repo Groups/users groups perms
145 %else:
225 %else:
226
146 ## none/read/write/admin permissions on groups/repos etc
227 ## none/read/write/admin permissions on groups/repos etc
147 <thead>
228 <thead>
148 <tr>
229 <tr>
149 <th>${_('Name')}</th>
230 <th>${_('Name')}</th>
150 <th>${_('Permission')}</th>
231 <th>${_('Permission')}</th>
151 %if actions:
232 %if actions:
152 <th>${_('Edit Permission')}</th>
233 <th>${_('Edit Permission')}</th>
153 %endif
234 %endif
154 </thead>
235 </thead>
155 <tbody class="section_${section}">
236 <tbody class="section_${section}">
156 <%
237 <%
157 def sorter(permissions):
238 def sorter(permissions):
158 def custom_sorter(item):
239 def custom_sorter(item):
159 ## read/write/admin
240 ## read/write/admin
160 section = item[1].split('.')[-1]
241 section = item[1].split('.')[-1]
161 section_importance = {'none': u'0',
242 section_importance = {'none': u'0',
162 'read': u'1',
243 'read': u'1',
163 'write':u'2',
244 'write':u'2',
164 'admin':u'3'}.get(section)
245 'admin':u'3'}.get(section)
165 ## sort by group importance+name
246 ## sort by group importance+name
166 return section_importance+item[0]
247 return section_importance+item[0]
167 return sorted(permissions, key=custom_sorter)
248 return sorted(permissions, key=custom_sorter)
168 %>
249 %>
169 %for k, section_perm in sorter(permissions[section].items()):
250 %for k, section_perm in sorter(permissions[section].items()):
170 %if section_perm.split('.')[-1] != 'none' or show_all:
251 <% perm_value = section_perm.split('.')[-1] %>
171 <tr class="perm_row ${'%s_%s' % (section, section_perm.split('.')[-1])}">
252 <% _css_class = 'display:none' if perm_value in ['none'] else '' %>
253
254 %if perm_value != 'none' or show_all:
255 <tr class="perm_row ${'{}_{}'.format(section, section_perm.split('.')[-1])}" style="${_css_class}">
172 <td class="td-name">
256 <td class="td-name">
173 %if section == 'repositories':
257 %if section == 'repositories':
174 <a href="${h.route_path('repo_summary',repo_name=k)}">${k}</a>
258 <a href="${h.route_path('repo_summary',repo_name=k)}">${k}</a>
175 %elif section == 'repositories_groups':
259 %elif section == 'repositories_groups':
176 <a href="${h.route_path('repo_group_home', repo_group_name=k)}">${k}</a>
260 <a href="${h.route_path('repo_group_home', repo_group_name=k)}">${k}</a>
177 %elif section == 'user_groups':
261 %elif section == 'user_groups':
178 ##<a href="${h.route_path('edit_user_group',user_group_id=k)}">${k}</a>
262 ##<a href="${h.route_path('edit_user_group',user_group_id=k)}">${k}</a>
179 ${k}
263 ${k}
180 %endif
264 %endif
181 </td>
265 </td>
182 <td class="td-tags">
266 <td class="td-tags">
183 %if hasattr(permissions[section], 'perm_origin_stack'):
267 %if hasattr(permissions[section], 'perm_origin_stack'):
184 <div>
268 <div>
185 %for i, (perm, origin) in enumerate(reversed(permissions[section].perm_origin_stack[k])):
269 %for i, (perm, origin) in enumerate(reversed(permissions[section].perm_origin_stack[k])):
186
270 <% _css_class = i > 0 and 'perm_overriden' or '' %>
187 % if i > 0:
271 % if i > 0:
188 <div style="color: #979797">
272 <div style="color: #979797">
189 <i class="icon-arrow_up"></i>
273 <i class="icon-arrow_up"></i>
190 ${_('overridden by')}
274 ${_('overridden by')}
191 <i class="icon-arrow_up"></i>
275 <i class="icon-arrow_up"></i>
192 </div>
276 </div>
193 % endif
277 % endif
194
278
195 <div>
279 <div>
196 <span class="${i > 0 and 'perm_overriden' or ''} perm_tag ${perm.split('.')[-1]}">
280 <span class="${_css_class} perm_tag ${perm.split('.')[-1]}">
197 ${perm} (${origin})
281 ${perm} (${origin})
198 </span>
282 </span>
199 </div>
283 </div>
200
284
201 %endfor
285 %endfor
202 </div>
286 </div>
203 %else:
287 %else:
204 <span class="perm_tag ${section_perm.split('.')[-1]}">${section_perm}</span>
288 <span class="perm_tag ${section_perm.split('.')[-1]}">${section_perm}</span>
205 %endif
289 %endif
206 </td>
290 </td>
207 %if actions:
291 %if actions:
208 <td class="td-action">
292 <td class="td-action">
209 %if section == 'repositories':
293 %if section == 'repositories':
210 <a href="${h.route_path('edit_repo_perms',repo_name=k,_anchor='permissions_manage')}">${_('edit')}</a>
294 <a href="${h.route_path('edit_repo_perms',repo_name=k,_anchor='permissions_manage')}">${_('edit')}</a>
211 %elif section == 'repositories_groups':
295 %elif section == 'repositories_groups':
212 <a href="${h.route_path('edit_repo_group_perms',repo_group_name=k,_anchor='permissions_manage')}">${_('edit')}</a>
296 <a href="${h.route_path('edit_repo_group_perms',repo_group_name=k,_anchor='permissions_manage')}">${_('edit')}</a>
213 %elif section == 'user_groups':
297 %elif section == 'user_groups':
214 ##<a href="${h.route_path('edit_user_group',user_group_id=k)}">${_('edit')}</a>
298 ##<a href="${h.route_path('edit_user_group',user_group_id=k)}">${_('edit')}</a>
215 %endif
299 %endif
216 </td>
300 </td>
217 %endif
301 %endif
218 </tr>
302 </tr>
219 %endif
303 %endif
220 %endfor
304 %endfor
221
305
222 <tr id="empty_${section}" class="noborder" style="display:none;">
306 <tr id="empty_${section}" class="noborder" style="display:none;">
223 <td colspan="6">${_('No permission defined')}</td>
307 <td colspan="6">${_('No matching permission defined')}</td>
224 </tr>
308 </tr>
225
309
226 </tbody>
310 </tbody>
227 %endif
311 %endif
228 </table>
312 </table>
229 </div>
313 </div>
230 %endif
314 %endif
231 </div>
315 </div>
232 </div>
316 </div>
233 </div>
317 </div>
234 %endfor
318 %endfor
235 </div>
319 </div>
236
320
237 <script>
321 <script>
238 $(document).ready(function(){
322 $(document).ready(function(){
239 var show_empty = function(section){
323 var showEmpty = function(section){
240 var visible = $('.section_{0} tr.perm_row:visible'.format(section)).length;
324 var visible = $('.section_{0} tr.perm_row:visible'.format(section)).length;
241 if(visible == 0){
325 if(visible === 0){
242 $('#empty_{0}'.format(section)).show();
326 $('#empty_{0}'.format(section)).show();
243 }
327 }
244 else{
328 else{
245 $('#empty_{0}'.format(section)).hide();
329 $('#empty_{0}'.format(section)).hide();
246 }
330 }
247 };
331 };
332
248 $('.perm_filter').on('change', function(e){
333 $('.perm_filter').on('change', function(e){
249 var self = this;
334 var self = this;
250 var section = $(this).attr('section');
335 var section = $(this).attr('section');
251
336
252 var opts = {};
337 var opts = {};
253 var elems = $('.filter_' + section).each(function(el){
338 var elems = $('.filter_' + section).each(function(el){
254 var perm_type = $(this).attr('perm_type');
339 var perm_type = $(this).attr('perm_type');
255 var checked = this.checked;
340 var checked = this.checked;
256 opts[perm_type] = checked;
341 opts[perm_type] = checked;
257 if(checked){
342 if(checked){
258 $('.'+section+'_'+perm_type).show();
343 $('.'+section+'_'+perm_type).show();
259 }
344 }
260 else{
345 else{
261 $('.'+section+'_'+perm_type).hide();
346 $('.'+section+'_'+perm_type).hide();
262 }
347 }
263 });
348 });
264 show_empty(section);
349 showEmpty(section);
265 })
350 })
266 })
351 })
267 </script>
352 </script>
268 </%def>
353 </%def>
Show file before | Show file after | Hide comments
@@ -1,425 +1,425 b''
1 ## DATA TABLE RE USABLE ELEMENTS
1 ## DATA TABLE RE USABLE ELEMENTS
2 ## usage:
2 ## usage:
3 ## <%namespace name="dt" file="/data_table/_dt_elements.mako"/>
3 ## <%namespace name="dt" file="/data_table/_dt_elements.mako"/>
4 <%namespace name="base" file="/base/base.mako"/>
4 <%namespace name="base" file="/base/base.mako"/>
5
5
6 <%def name="metatags_help()">
6 <%def name="metatags_help()">
7 <table>
7 <table>
8 <%
8 <%
9 example_tags = [
9 example_tags = [
10 ('state','[stable]'),
10 ('state','[stable]'),
11 ('state','[stale]'),
11 ('state','[stale]'),
12 ('state','[featured]'),
12 ('state','[featured]'),
13 ('state','[dev]'),
13 ('state','[dev]'),
14 ('state','[dead]'),
14 ('state','[dead]'),
15 ('state','[deprecated]'),
15 ('state','[deprecated]'),
16
16
17 ('label','[personal]'),
17 ('label','[personal]'),
18 ('generic','[v2.0.0]'),
18 ('generic','[v2.0.0]'),
19
19
20 ('lang','[lang =&gt; JavaScript]'),
20 ('lang','[lang =&gt; JavaScript]'),
21 ('license','[license =&gt; LicenseName]'),
21 ('license','[license =&gt; LicenseName]'),
22
22
23 ('ref','[requires =&gt; RepoName]'),
23 ('ref','[requires =&gt; RepoName]'),
24 ('ref','[recommends =&gt; GroupName]'),
24 ('ref','[recommends =&gt; GroupName]'),
25 ('ref','[conflicts =&gt; SomeName]'),
25 ('ref','[conflicts =&gt; SomeName]'),
26 ('ref','[base =&gt; SomeName]'),
26 ('ref','[base =&gt; SomeName]'),
27 ('url','[url =&gt; [linkName](https://rhodecode.com)]'),
27 ('url','[url =&gt; [linkName](https://rhodecode.com)]'),
28 ('see','[see =&gt; http://rhodecode.com]'),
28 ('see','[see =&gt; http://rhodecode.com]'),
29 ]
29 ]
30 %>
30 %>
31 % for tag_type, tag in example_tags:
31 % for tag_type, tag in example_tags:
32 <tr>
32 <tr>
33 <td>${tag|n}</td>
33 <td>${tag|n}</td>
34 <td>${h.style_metatag(tag_type, tag)|n}</td>
34 <td>${h.style_metatag(tag_type, tag)|n}</td>
35 </tr>
35 </tr>
36 % endfor
36 % endfor
37 </table>
37 </table>
38 </%def>
38 </%def>
39
39
40 ## REPOSITORY RENDERERS
40 ## REPOSITORY RENDERERS
41 <%def name="quick_menu(repo_name)">
41 <%def name="quick_menu(repo_name)">
42 <i class="icon-more"></i>
42 <i class="icon-more"></i>
43 <div class="menu_items_container hidden">
43 <div class="menu_items_container hidden">
44 <ul class="menu_items">
44 <ul class="menu_items">
45 <li>
45 <li>
46 <a title="${_('Summary')}" href="${h.route_path('repo_summary',repo_name=repo_name)}">
46 <a title="${_('Summary')}" href="${h.route_path('repo_summary',repo_name=repo_name)}">
47 <span>${_('Summary')}</span>
47 <span>${_('Summary')}</span>
48 </a>
48 </a>
49 </li>
49 </li>
50 <li>
50 <li>
51 <a title="${_('Changelog')}" href="${h.route_path('repo_changelog',repo_name=repo_name)}">
51 <a title="${_('Changelog')}" href="${h.route_path('repo_changelog',repo_name=repo_name)}">
52 <span>${_('Changelog')}</span>
52 <span>${_('Changelog')}</span>
53 </a>
53 </a>
54 </li>
54 </li>
55 <li>
55 <li>
56 <a title="${_('Files')}" href="${h.route_path('repo_files:default_commit',repo_name=repo_name)}">
56 <a title="${_('Files')}" href="${h.route_path('repo_files:default_commit',repo_name=repo_name)}">
57 <span>${_('Files')}</span>
57 <span>${_('Files')}</span>
58 </a>
58 </a>
59 </li>
59 </li>
60 <li>
60 <li>
61 <a title="${_('Fork')}" href="${h.route_path('repo_fork_new',repo_name=repo_name)}">
61 <a title="${_('Fork')}" href="${h.route_path('repo_fork_new',repo_name=repo_name)}">
62 <span>${_('Fork')}</span>
62 <span>${_('Fork')}</span>
63 </a>
63 </a>
64 </li>
64 </li>
65 </ul>
65 </ul>
66 </div>
66 </div>
67 </%def>
67 </%def>
68
68
69 <%def name="repo_name(name,rtype,rstate,private,fork_of,short_name=False,admin=False)">
69 <%def name="repo_name(name,rtype,rstate,private,fork_of,short_name=False,admin=False)">
70 <%
70 <%
71 def get_name(name,short_name=short_name):
71 def get_name(name,short_name=short_name):
72 if short_name:
72 if short_name:
73 return name.split('/')[-1]
73 return name.split('/')[-1]
74 else:
74 else:
75 return name
75 return name
76 %>
76 %>
77 <div class="${'repo_state_pending' if rstate == 'repo_state_pending' else ''} truncate">
77 <div class="${'repo_state_pending' if rstate == 'repo_state_pending' else ''} truncate">
78 ##NAME
78 ##NAME
79 <a href="${h.route_path('edit_repo',repo_name=name) if admin else h.route_path('repo_summary',repo_name=name)}">
79 <a href="${h.route_path('edit_repo',repo_name=name) if admin else h.route_path('repo_summary',repo_name=name)}">
80
80
81 ##TYPE OF REPO
81 ##TYPE OF REPO
82 %if h.is_hg(rtype):
82 %if h.is_hg(rtype):
83 <span title="${_('Mercurial repository')}"><i class="icon-hg" style="font-size: 14px;"></i></span>
83 <span title="${_('Mercurial repository')}"><i class="icon-hg" style="font-size: 14px;"></i></span>
84 %elif h.is_git(rtype):
84 %elif h.is_git(rtype):
85 <span title="${_('Git repository')}"><i class="icon-git" style="font-size: 14px"></i></span>
85 <span title="${_('Git repository')}"><i class="icon-git" style="font-size: 14px"></i></span>
86 %elif h.is_svn(rtype):
86 %elif h.is_svn(rtype):
87 <span title="${_('Subversion repository')}"><i class="icon-svn" style="font-size: 14px"></i></span>
87 <span title="${_('Subversion repository')}"><i class="icon-svn" style="font-size: 14px"></i></span>
88 %endif
88 %endif
89
89
90 ##PRIVATE/PUBLIC
90 ##PRIVATE/PUBLIC
91 %if private and c.visual.show_private_icon:
91 %if private and c.visual.show_private_icon:
92 <i class="icon-lock" title="${_('Private repository')}"></i>
92 <i class="icon-lock" title="${_('Private repository')}"></i>
93 %elif not private and c.visual.show_public_icon:
93 %elif not private and c.visual.show_public_icon:
94 <i class="icon-unlock-alt" title="${_('Public repository')}"></i>
94 <i class="icon-unlock-alt" title="${_('Public repository')}"></i>
95 %else:
95 %else:
96 <span></span>
96 <span></span>
97 %endif
97 %endif
98 ${get_name(name)}
98 ${get_name(name)}
99 </a>
99 </a>
100 %if fork_of:
100 %if fork_of:
101 <a href="${h.route_path('repo_summary',repo_name=fork_of.repo_name)}"><i class="icon-code-fork"></i></a>
101 <a href="${h.route_path('repo_summary',repo_name=fork_of.repo_name)}"><i class="icon-code-fork"></i></a>
102 %endif
102 %endif
103 %if rstate == 'repo_state_pending':
103 %if rstate == 'repo_state_pending':
104 <span class="creation_in_progress tooltip" title="${_('This repository is being created in a background task')}">
104 <span class="creation_in_progress tooltip" title="${_('This repository is being created in a background task')}">
105 (${_('creating...')})
105 (${_('creating...')})
106 </span>
106 </span>
107 %endif
107 %endif
108 </div>
108 </div>
109 </%def>
109 </%def>
110
110
111 <%def name="repo_desc(description, stylify_metatags)">
111 <%def name="repo_desc(description, stylify_metatags)">
112 <%
112 <%
113 tags, description = h.extract_metatags(description)
113 tags, description = h.extract_metatags(description)
114 %>
114 %>
115
115
116 <div class="truncate-wrap">
116 <div class="truncate-wrap">
117 % if stylify_metatags:
117 % if stylify_metatags:
118 % for tag_type, tag in tags:
118 % for tag_type, tag in tags:
119 ${h.style_metatag(tag_type, tag)|n}
119 ${h.style_metatag(tag_type, tag)|n}
120 % endfor
120 % endfor
121 % endif
121 % endif
122 ${description}
122 ${description}
123 </div>
123 </div>
124
124
125 </%def>
125 </%def>
126
126
127 <%def name="last_change(last_change)">
127 <%def name="last_change(last_change)">
128 ${h.age_component(last_change, time_is_local=True)}
128 ${h.age_component(last_change, time_is_local=True)}
129 </%def>
129 </%def>
130
130
131 <%def name="revision(name,rev,tip,author,last_msg, commit_date)">
131 <%def name="revision(name,rev,tip,author,last_msg, commit_date)">
132 <div>
132 <div>
133 %if rev >= 0:
133 %if rev >= 0:
134 <code><a title="${h.tooltip('%s\n%s\n\n%s' % (author, commit_date, last_msg))}" class="tooltip" href="${h.route_path('repo_commit',repo_name=name,commit_id=tip)}">${'r%s:%s' % (rev,h.short_id(tip))}</a></code>
134 <code><a title="${h.tooltip('%s\n%s\n\n%s' % (author, commit_date, last_msg))}" class="tooltip" href="${h.route_path('repo_commit',repo_name=name,commit_id=tip)}">${'r%s:%s' % (rev,h.short_id(tip))}</a></code>
135 %else:
135 %else:
136 ${_('No commits yet')}
136 ${_('No commits yet')}
137 %endif
137 %endif
138 </div>
138 </div>
139 </%def>
139 </%def>
140
140
141 <%def name="rss(name)">
141 <%def name="rss(name)">
142 %if c.rhodecode_user.username != h.DEFAULT_USER:
142 %if c.rhodecode_user.username != h.DEFAULT_USER:
143 <a title="${h.tooltip(_('Subscribe to %s rss feed')% name)}" href="${h.route_path('rss_feed_home', repo_name=name, _query=dict(auth_token=c.rhodecode_user.feed_token))}"><i class="icon-rss-sign"></i></a>
143 <a title="${h.tooltip(_('Subscribe to %s rss feed')% name)}" href="${h.route_path('rss_feed_home', repo_name=name, _query=dict(auth_token=c.rhodecode_user.feed_token))}"><i class="icon-rss-sign"></i></a>
144 %else:
144 %else:
145 <a title="${h.tooltip(_('Subscribe to %s rss feed')% name)}" href="${h.route_path('rss_feed_home', repo_name=name)}"><i class="icon-rss-sign"></i></a>
145 <a title="${h.tooltip(_('Subscribe to %s rss feed')% name)}" href="${h.route_path('rss_feed_home', repo_name=name)}"><i class="icon-rss-sign"></i></a>
146 %endif
146 %endif
147 </%def>
147 </%def>
148
148
149 <%def name="atom(name)">
149 <%def name="atom(name)">
150 %if c.rhodecode_user.username != h.DEFAULT_USER:
150 %if c.rhodecode_user.username != h.DEFAULT_USER:
151 <a title="${h.tooltip(_('Subscribe to %s atom feed')% name)}" href="${h.route_path('atom_feed_home', repo_name=name, _query=dict(auth_token=c.rhodecode_user.feed_token))}"><i class="icon-rss-sign"></i></a>
151 <a title="${h.tooltip(_('Subscribe to %s atom feed')% name)}" href="${h.route_path('atom_feed_home', repo_name=name, _query=dict(auth_token=c.rhodecode_user.feed_token))}"><i class="icon-rss-sign"></i></a>
152 %else:
152 %else:
153 <a title="${h.tooltip(_('Subscribe to %s atom feed')% name)}" href="${h.route_path('atom_feed_home', repo_name=name)}"><i class="icon-rss-sign"></i></a>
153 <a title="${h.tooltip(_('Subscribe to %s atom feed')% name)}" href="${h.route_path('atom_feed_home', repo_name=name)}"><i class="icon-rss-sign"></i></a>
154 %endif
154 %endif
155 </%def>
155 </%def>
156
156
157 <%def name="user_gravatar(email, size=16)">
157 <%def name="user_gravatar(email, size=16)">
158 <div class="rc-user tooltip" title="${h.tooltip(h.author_string(email))}">
158 <div class="rc-user tooltip" title="${h.tooltip(h.author_string(email))}">
159 ${base.gravatar(email, 16)}
159 ${base.gravatar(email, 16)}
160 </div>
160 </div>
161 </%def>
161 </%def>
162
162
163 <%def name="repo_actions(repo_name, super_user=True)">
163 <%def name="repo_actions(repo_name, super_user=True)">
164 <div>
164 <div>
165 <div class="grid_edit">
165 <div class="grid_edit">
166 <a href="${h.route_path('edit_repo',repo_name=repo_name)}" title="${_('Edit')}">
166 <a href="${h.route_path('edit_repo',repo_name=repo_name)}" title="${_('Edit')}">
167 <i class="icon-pencil"></i>Edit</a>
167 <i class="icon-pencil"></i>Edit</a>
168 </div>
168 </div>
169 <div class="grid_delete">
169 <div class="grid_delete">
170 ${h.secure_form(h.route_path('edit_repo_advanced_delete', repo_name=repo_name), request=request)}
170 ${h.secure_form(h.route_path('edit_repo_advanced_delete', repo_name=repo_name), request=request)}
171 ${h.submit('remove_%s' % repo_name,_('Delete'),class_="btn btn-link btn-danger",
171 ${h.submit('remove_%s' % repo_name,_('Delete'),class_="btn btn-link btn-danger",
172 onclick="return confirm('"+_('Confirm to delete this repository: %s') % repo_name+"');")}
172 onclick="return confirm('"+_('Confirm to delete this repository: %s') % repo_name+"');")}
173 ${h.end_form()}
173 ${h.end_form()}
174 </div>
174 </div>
175 </div>
175 </div>
176 </%def>
176 </%def>
177
177
178 <%def name="repo_state(repo_state)">
178 <%def name="repo_state(repo_state)">
179 <div>
179 <div>
180 %if repo_state == 'repo_state_pending':
180 %if repo_state == 'repo_state_pending':
181 <div class="tag tag4">${_('Creating')}</div>
181 <div class="tag tag4">${_('Creating')}</div>
182 %elif repo_state == 'repo_state_created':
182 %elif repo_state == 'repo_state_created':
183 <div class="tag tag1">${_('Created')}</div>
183 <div class="tag tag1">${_('Created')}</div>
184 %else:
184 %else:
185 <div class="tag alert2" title="${h.tooltip(repo_state)}">invalid</div>
185 <div class="tag alert2" title="${h.tooltip(repo_state)}">invalid</div>
186 %endif
186 %endif
187 </div>
187 </div>
188 </%def>
188 </%def>
189
189
190
190
191 ## REPO GROUP RENDERERS
191 ## REPO GROUP RENDERERS
192 <%def name="quick_repo_group_menu(repo_group_name)">
192 <%def name="quick_repo_group_menu(repo_group_name)">
193 <i class="icon-more"></i>
193 <i class="icon-more"></i>
194 <div class="menu_items_container hidden">
194 <div class="menu_items_container hidden">
195 <ul class="menu_items">
195 <ul class="menu_items">
196 <li>
196 <li>
197 <a href="${h.route_path('repo_group_home', repo_group_name=repo_group_name)}">${_('Summary')}</a>
197 <a href="${h.route_path('repo_group_home', repo_group_name=repo_group_name)}">${_('Summary')}</a>
198 </li>
198 </li>
199
199
200 </ul>
200 </ul>
201 </div>
201 </div>
202 </%def>
202 </%def>
203
203
204 <%def name="repo_group_name(repo_group_name, children_groups=None)">
204 <%def name="repo_group_name(repo_group_name, children_groups=None)">
205 <div>
205 <div>
206 <a href="${h.route_path('repo_group_home', repo_group_name=repo_group_name)}">
206 <a href="${h.route_path('repo_group_home', repo_group_name=repo_group_name)}">
207 <i class="icon-folder-close" title="${_('Repository group')}" style="font-size: 16px"></i>
207 <i class="icon-folder-close" title="${_('Repository group')}" style="font-size: 16px"></i>
208 %if children_groups:
208 %if children_groups:
209 ${h.literal(' &raquo; '.join(children_groups))}
209 ${h.literal(' &raquo; '.join(children_groups))}
210 %else:
210 %else:
211 ${repo_group_name}
211 ${repo_group_name}
212 %endif
212 %endif
213 </a>
213 </a>
214 </div>
214 </div>
215 </%def>
215 </%def>
216
216
217 <%def name="repo_group_desc(description, personal, stylify_metatags)">
217 <%def name="repo_group_desc(description, personal, stylify_metatags)">
218
218
219 <%
219 <%
220 tags, description = h.extract_metatags(description)
220 tags, description = h.extract_metatags(description)
221 %>
221 %>
222
222
223 <div class="truncate-wrap">
223 <div class="truncate-wrap">
224 % if personal:
224 % if personal:
225 <div class="metatag" tag="personal">${_('personal')}</div>
225 <div class="metatag" tag="personal">${_('personal')}</div>
226 % endif
226 % endif
227
227
228 % if stylify_metatags:
228 % if stylify_metatags:
229 % for tag_type, tag in tags:
229 % for tag_type, tag in tags:
230 ${h.style_metatag(tag_type, tag)|n}
230 ${h.style_metatag(tag_type, tag)|n}
231 % endfor
231 % endfor
232 % endif
232 % endif
233 ${description}
233 ${description}
234 </div>
234 </div>
235
235
236 </%def>
236 </%def>
237
237
238 <%def name="repo_group_actions(repo_group_id, repo_group_name, gr_count)">
238 <%def name="repo_group_actions(repo_group_id, repo_group_name, gr_count)">
239 <div class="grid_edit">
239 <div class="grid_edit">
240 <a href="${h.route_path('edit_repo_group',repo_group_name=repo_group_name)}" title="${_('Edit')}">Edit</a>
240 <a href="${h.route_path('edit_repo_group',repo_group_name=repo_group_name)}" title="${_('Edit')}">Edit</a>
241 </div>
241 </div>
242 <div class="grid_delete">
242 <div class="grid_delete">
243 ${h.secure_form(h.route_path('edit_repo_group_advanced_delete', repo_group_name=repo_group_name), request=request)}
243 ${h.secure_form(h.route_path('edit_repo_group_advanced_delete', repo_group_name=repo_group_name), request=request)}
244 ${h.submit('remove_%s' % repo_group_name,_('Delete'),class_="btn btn-link btn-danger",
244 ${h.submit('remove_%s' % repo_group_name,_('Delete'),class_="btn btn-link btn-danger",
245 onclick="return confirm('"+_ungettext('Confirm to delete this group: %s with %s repository','Confirm to delete this group: %s with %s repositories',gr_count) % (repo_group_name, gr_count)+"');")}
245 onclick="return confirm('"+_ungettext('Confirm to delete this group: %s with %s repository','Confirm to delete this group: %s with %s repositories',gr_count) % (repo_group_name, gr_count)+"');")}
246 ${h.end_form()}
246 ${h.end_form()}
247 </div>
247 </div>
248 </%def>
248 </%def>
249
249
250
250
251 <%def name="user_actions(user_id, username)">
251 <%def name="user_actions(user_id, username)">
252 <div class="grid_edit">
252 <div class="grid_edit">
253 <a href="${h.route_path('user_edit',user_id=user_id)}" title="${_('Edit')}">
253 <a href="${h.route_path('user_edit',user_id=user_id)}" title="${_('Edit')}">
254 <i class="icon-pencil"></i>${_('Edit')}</a>
254 <i class="icon-pencil"></i>${_('Edit')}</a>
255 </div>
255 </div>
256 <div class="grid_delete">
256 <div class="grid_delete">
257 ${h.secure_form(h.route_path('user_delete', user_id=user_id), request=request)}
257 ${h.secure_form(h.route_path('user_delete', user_id=user_id), request=request)}
258 ${h.submit('remove_',_('Delete'),id="remove_user_%s" % user_id, class_="btn btn-link btn-danger",
258 ${h.submit('remove_',_('Delete'),id="remove_user_%s" % user_id, class_="btn btn-link btn-danger",
259 onclick="return confirm('"+_('Confirm to delete this user: %s') % username+"');")}
259 onclick="return confirm('"+_('Confirm to delete this user: %s') % username+"');")}
260 ${h.end_form()}
260 ${h.end_form()}
261 </div>
261 </div>
262 </%def>
262 </%def>
263
263
264 <%def name="user_group_actions(user_group_id, user_group_name)">
264 <%def name="user_group_actions(user_group_id, user_group_name)">
265 <div class="grid_edit">
265 <div class="grid_edit">
266 <a href="${h.route_path('edit_user_group', user_group_id=user_group_id)}" title="${_('Edit')}">Edit</a>
266 <a href="${h.route_path('edit_user_group', user_group_id=user_group_id)}" title="${_('Edit')}">Edit</a>
267 </div>
267 </div>
268 <div class="grid_delete">
268 <div class="grid_delete">
269 ${h.secure_form(h.route_path('user_groups_delete', user_group_id=user_group_id), request=request)}
269 ${h.secure_form(h.route_path('user_groups_delete', user_group_id=user_group_id), request=request)}
270 ${h.submit('remove_',_('Delete'),id="remove_group_%s" % user_group_id, class_="btn btn-link btn-danger",
270 ${h.submit('remove_',_('Delete'),id="remove_group_%s" % user_group_id, class_="btn btn-link btn-danger",
271 onclick="return confirm('"+_('Confirm to delete this user group: %s') % user_group_name+"');")}
271 onclick="return confirm('"+_('Confirm to delete this user group: %s') % user_group_name+"');")}
272 ${h.end_form()}
272 ${h.end_form()}
273 </div>
273 </div>
274 </%def>
274 </%def>
275
275
276
276
277 <%def name="user_name(user_id, username)">
277 <%def name="user_name(user_id, username)">
278 ${h.link_to(h.person(username, 'username_or_name_or_email'), h.route_path('user_edit', user_id=user_id))}
278 ${h.link_to(h.person(username, 'username_or_name_or_email'), h.route_path('user_edit', user_id=user_id))}
279 </%def>
279 </%def>
280
280
281 <%def name="user_profile(username)">
281 <%def name="user_profile(username)">
282 ${base.gravatar_with_user(username, 16)}
282 ${base.gravatar_with_user(username, 16)}
283 </%def>
283 </%def>
284
284
285 <%def name="user_group_name(user_group_name)">
285 <%def name="user_group_name(user_group_name)">
286 <div>
286 <div>
287 <i class="icon-group" title="${_('User group')}"></i>
287 <i class="icon-user-group" title="${_('User group')}"></i>
288 ${h.link_to_group(user_group_name)}
288 ${h.link_to_group(user_group_name)}
289 </div>
289 </div>
290 </%def>
290 </%def>
291
291
292
292
293 ## GISTS
293 ## GISTS
294
294
295 <%def name="gist_gravatar(full_contact)">
295 <%def name="gist_gravatar(full_contact)">
296 <div class="gist_gravatar">
296 <div class="gist_gravatar">
297 ${base.gravatar(full_contact, 30)}
297 ${base.gravatar(full_contact, 30)}
298 </div>
298 </div>
299 </%def>
299 </%def>
300
300
301 <%def name="gist_access_id(gist_access_id, full_contact)">
301 <%def name="gist_access_id(gist_access_id, full_contact)">
302 <div>
302 <div>
303 <b>
303 <b>
304 <a href="${h.route_path('gist_show', gist_id=gist_access_id)}">gist: ${gist_access_id}</a>
304 <a href="${h.route_path('gist_show', gist_id=gist_access_id)}">gist: ${gist_access_id}</a>
305 </b>
305 </b>
306 </div>
306 </div>
307 </%def>
307 </%def>
308
308
309 <%def name="gist_author(full_contact, created_on, expires)">
309 <%def name="gist_author(full_contact, created_on, expires)">
310 ${base.gravatar_with_user(full_contact, 16)}
310 ${base.gravatar_with_user(full_contact, 16)}
311 </%def>
311 </%def>
312
312
313
313
314 <%def name="gist_created(created_on)">
314 <%def name="gist_created(created_on)">
315 <div class="created">
315 <div class="created">
316 ${h.age_component(created_on, time_is_local=True)}
316 ${h.age_component(created_on, time_is_local=True)}
317 </div>
317 </div>
318 </%def>
318 </%def>
319
319
320 <%def name="gist_expires(expires)">
320 <%def name="gist_expires(expires)">
321 <div class="created">
321 <div class="created">
322 %if expires == -1:
322 %if expires == -1:
323 ${_('never')}
323 ${_('never')}
324 %else:
324 %else:
325 ${h.age_component(h.time_to_utcdatetime(expires))}
325 ${h.age_component(h.time_to_utcdatetime(expires))}
326 %endif
326 %endif
327 </div>
327 </div>
328 </%def>
328 </%def>
329
329
330 <%def name="gist_type(gist_type)">
330 <%def name="gist_type(gist_type)">
331 %if gist_type != 'public':
331 %if gist_type != 'public':
332 <div class="tag">${_('Private')}</div>
332 <div class="tag">${_('Private')}</div>
333 %endif
333 %endif
334 </%def>
334 </%def>
335
335
336 <%def name="gist_description(gist_description)">
336 <%def name="gist_description(gist_description)">
337 ${gist_description}
337 ${gist_description}
338 </%def>
338 </%def>
339
339
340
340
341 ## PULL REQUESTS GRID RENDERERS
341 ## PULL REQUESTS GRID RENDERERS
342
342
343 <%def name="pullrequest_target_repo(repo_name)">
343 <%def name="pullrequest_target_repo(repo_name)">
344 <div class="truncate">
344 <div class="truncate">
345 ${h.link_to(repo_name,h.route_path('repo_summary',repo_name=repo_name))}
345 ${h.link_to(repo_name,h.route_path('repo_summary',repo_name=repo_name))}
346 </div>
346 </div>
347 </%def>
347 </%def>
348 <%def name="pullrequest_status(status)">
348 <%def name="pullrequest_status(status)">
349 <div class="${'flag_status %s' % status} pull-left"></div>
349 <div class="${'flag_status %s' % status} pull-left"></div>
350 </%def>
350 </%def>
351
351
352 <%def name="pullrequest_title(title, description)">
352 <%def name="pullrequest_title(title, description)">
353 ${title}
353 ${title}
354 </%def>
354 </%def>
355
355
356 <%def name="pullrequest_comments(comments_nr)">
356 <%def name="pullrequest_comments(comments_nr)">
357 <i class="icon-comment"></i> ${comments_nr}
357 <i class="icon-comment"></i> ${comments_nr}
358 </%def>
358 </%def>
359
359
360 <%def name="pullrequest_name(pull_request_id, target_repo_name, short=False)">
360 <%def name="pullrequest_name(pull_request_id, target_repo_name, short=False)">
361 <a href="${h.route_path('pullrequest_show',repo_name=target_repo_name,pull_request_id=pull_request_id)}">
361 <a href="${h.route_path('pullrequest_show',repo_name=target_repo_name,pull_request_id=pull_request_id)}">
362 % if short:
362 % if short:
363 #${pull_request_id}
363 #${pull_request_id}
364 % else:
364 % else:
365 ${_('Pull request #%(pr_number)s') % {'pr_number': pull_request_id,}}
365 ${_('Pull request #%(pr_number)s') % {'pr_number': pull_request_id,}}
366 % endif
366 % endif
367 </a>
367 </a>
368 </%def>
368 </%def>
369
369
370 <%def name="pullrequest_updated_on(updated_on)">
370 <%def name="pullrequest_updated_on(updated_on)">
371 ${h.age_component(h.time_to_utcdatetime(updated_on))}
371 ${h.age_component(h.time_to_utcdatetime(updated_on))}
372 </%def>
372 </%def>
373
373
374 <%def name="pullrequest_author(full_contact)">
374 <%def name="pullrequest_author(full_contact)">
375 ${base.gravatar_with_user(full_contact, 16)}
375 ${base.gravatar_with_user(full_contact, 16)}
376 </%def>
376 </%def>
377
377
378
378
379 <%def name="markup_form(form_id, form_text='', help_text=None)">
379 <%def name="markup_form(form_id, form_text='', help_text=None)">
380
380
381 <div class="markup-form">
381 <div class="markup-form">
382 <div class="markup-form-area">
382 <div class="markup-form-area">
383 <div class="markup-form-area-header">
383 <div class="markup-form-area-header">
384 <ul class="nav-links clearfix">
384 <ul class="nav-links clearfix">
385 <li class="active">
385 <li class="active">
386 <a href="#edit-text" tabindex="-1" id="edit-btn_${form_id}">${_('Write')}</a>
386 <a href="#edit-text" tabindex="-1" id="edit-btn_${form_id}">${_('Write')}</a>
387 </li>
387 </li>
388 <li class="">
388 <li class="">
389 <a href="#preview-text" tabindex="-1" id="preview-btn_${form_id}">${_('Preview')}</a>
389 <a href="#preview-text" tabindex="-1" id="preview-btn_${form_id}">${_('Preview')}</a>
390 </li>
390 </li>
391 </ul>
391 </ul>
392 </div>
392 </div>
393
393
394 <div class="markup-form-area-write" style="display: block;">
394 <div class="markup-form-area-write" style="display: block;">
395 <div id="edit-container_${form_id}">
395 <div id="edit-container_${form_id}">
396 <textarea id="${form_id}" name="${form_id}" class="comment-block-ta ac-input">${form_text if form_text else ''}</textarea>
396 <textarea id="${form_id}" name="${form_id}" class="comment-block-ta ac-input">${form_text if form_text else ''}</textarea>
397 </div>
397 </div>
398 <div id="preview-container_${form_id}" class="clearfix" style="display: none;">
398 <div id="preview-container_${form_id}" class="clearfix" style="display: none;">
399 <div id="preview-box_${form_id}" class="preview-box"></div>
399 <div id="preview-box_${form_id}" class="preview-box"></div>
400 </div>
400 </div>
401 </div>
401 </div>
402
402
403 <div class="markup-form-area-footer">
403 <div class="markup-form-area-footer">
404 <div class="toolbar">
404 <div class="toolbar">
405 <div class="toolbar-text">
405 <div class="toolbar-text">
406 ${(_('Parsed using %s syntax') % (
406 ${(_('Parsed using %s syntax') % (
407 ('<a href="%s">%s</a>' % (h.route_url('%s_help' % c.visual.default_renderer), c.visual.default_renderer.upper())),
407 ('<a href="%s">%s</a>' % (h.route_url('%s_help' % c.visual.default_renderer), c.visual.default_renderer.upper())),
408 )
408 )
409 )|n}
409 )|n}
410 </div>
410 </div>
411 </div>
411 </div>
412 </div>
412 </div>
413 </div>
413 </div>
414
414
415 <div class="markup-form-footer">
415 <div class="markup-form-footer">
416 % if help_text:
416 % if help_text:
417 <span class="help-block">${help_text}</span>
417 <span class="help-block">${help_text}</span>
418 % endif
418 % endif
419 </div>
419 </div>
420 </div>
420 </div>
421 <script type="text/javascript">
421 <script type="text/javascript">
422 new MarkupForm('${form_id}');
422 new MarkupForm('${form_id}');
423 </script>
423 </script>
424
424
425 </%def>
425 </%def>
Show file before | Show file after | Hide comments
@@ -1,545 +1,545 b''
1 ## -*- coding: utf-8 -*-
1 ## -*- coding: utf-8 -*-
2 <%inherit file="/debug_style/index.html"/>
2 <%inherit file="/debug_style/index.html"/>
3
3
4 <%def name="breadcrumbs_links()">
4 <%def name="breadcrumbs_links()">
5 ${h.link_to(_('Style'), h.route_path('debug_style_home'))}
5 ${h.link_to(_('Style'), h.route_path('debug_style_home'))}
6 &raquo;
6 &raquo;
7 ${c.active}
7 ${c.active}
8 </%def>
8 </%def>
9
9
10
10
11 <%def name="real_main()">
11 <%def name="real_main()">
12 <div class="box">
12 <div class="box">
13 <div class="title">
13 <div class="title">
14 ${self.breadcrumbs()}
14 ${self.breadcrumbs()}
15 </div>
15 </div>
16
16
17 <div class='sidebar-col-wrapper'>
17 <div class='sidebar-col-wrapper'>
18 ##main
18 ##main
19 ${self.sidebar()}
19 ${self.sidebar()}
20
20
21 <div class="main-content">
21 <div class="main-content">
22
22
23 <div style="opacity:.5">
23 <div style="opacity:.5">
24
24
25 <h2>Simple tables</h2>
25 <h2>Simple tables</h2>
26
26
27 <p>These styles will be adjusted later to provide a baseline style
27 <p>These styles will be adjusted later to provide a baseline style
28 for all tables without classes added, whether part of the
28 for all tables without classes added, whether part of the
29 application or not. Currently, some of the
29 application or not. Currently, some of the
30 application-specific styles are applied to this table.</p>
30 application-specific styles are applied to this table.</p>
31 <p>This is a baseline style for all tables, whether part of the
31 <p>This is a baseline style for all tables, whether part of the
32 application or not. It has no class applied for styling. Use
32 application or not. It has no class applied for styling. Use
33 the "rctable" class as outlined before for tables which are
33 the "rctable" class as outlined before for tables which are
34 part of the RhodeCode application.</p>
34 part of the RhodeCode application.</p>
35 <table>
35 <table>
36 <tbody>
36 <tbody>
37 <tr>
37 <tr>
38 <th>Header A</th>
38 <th>Header A</th>
39 <th>Header B</th>
39 <th>Header B</th>
40 <th>Header C</th>
40 <th>Header C</th>
41 <th>Header D</th>
41 <th>Header D</th>
42 </tr>
42 </tr>
43 <tr>
43 <tr>
44 <td>Content of col A</td>
44 <td>Content of col A</td>
45 <td>Content of col B</td>
45 <td>Content of col B</td>
46 <td>Content of col C</td>
46 <td>Content of col C</td>
47 <td>Content of col D</td>
47 <td>Content of col D</td>
48 </tr>
48 </tr>
49 <tr>
49 <tr>
50 <td>Content of col A</td>
50 <td>Content of col A</td>
51 <td>Content of col B</td>
51 <td>Content of col B</td>
52 <td>Content of col C</td>
52 <td>Content of col C</td>
53 <td>Content of col D</td>
53 <td>Content of col D</td>
54 </tr>
54 </tr>
55 <tr>
55 <tr>
56 <td>Content of col A</td>
56 <td>Content of col A</td>
57 <td>Content of col B</td>
57 <td>Content of col B</td>
58 <td>Content of col C</td>
58 <td>Content of col C</td>
59 <td>Content of col D</td>
59 <td>Content of col D</td>
60 </tr>
60 </tr>
61 <tr>
61 <tr>
62 <td>Content of col A</td>
62 <td>Content of col A</td>
63 <td>Content of col B</td>
63 <td>Content of col B</td>
64 <td>Content of col C</td>
64 <td>Content of col C</td>
65 <td>Content of col D</td>
65 <td>Content of col D</td>
66 </tr>
66 </tr>
67 </tbody>
67 </tbody>
68 </table>
68 </table>
69 </div>
69 </div>
70
70
71
71
72
72
73
73
74 <h2>RC application table with examples</h2>
74 <h2>RC application table with examples</h2>
75
75
76 <p>This is a standard table which applies the rhodecode-specific styling to be used
76 <p>This is a standard table which applies the rhodecode-specific styling to be used
77 throughout the application; it has <code>&lt;table class="rctable"&gt;</code>.
77 throughout the application; it has <code>&lt;table class="rctable"&gt;</code>.
78 <br/>
78 <br/>
79 By default, table data is not truncated, and wraps inside of the <code>&lt;td&gt
79 By default, table data is not truncated, and wraps inside of the <code>&lt;td&gt
80 ;</code>. To prevent wrapping and contain data on one line, use the <code>&lt;
80 ;</code>. To prevent wrapping and contain data on one line, use the <code>&lt;
81 class="truncate-wrap"&gt;</code> on the <code>&lt;td&gt;</code>, and <code>span
81 class="truncate-wrap"&gt;</code> on the <code>&lt;td&gt;</code>, and <code>span
82 class="truncate"</code> around the specific data to be truncated.
82 class="truncate"</code> around the specific data to be truncated.
83 </p>
83 </p>
84 <p>
84 <p>
85 Ellipsis is added via CSS. Please always add a row of headers using <code>&lt;th
85 Ellipsis is added via CSS. Please always add a row of headers using <code>&lt;th
86 &gt;</code> to the top of a table.
86 &gt;</code> to the top of a table.
87 </p>
87 </p>
88
88
89 ## TODO: johbo: in case we have more tables with examples, we should
89 ## TODO: johbo: in case we have more tables with examples, we should
90 ## create a generic class here.
90 ## create a generic class here.
91 <table class="rctable issuetracker">
91 <table class="rctable issuetracker">
92 <thead>
92 <thead>
93 <tr>
93 <tr>
94 <th>Header A</th>
94 <th>Header A</th>
95 <th>Header B</th>
95 <th>Header B</th>
96 <th>Header C</th>
96 <th>Header C</th>
97 <th>Header D</th>
97 <th>Header D</th>
98 </tr>
98 </tr>
99 </thead>
99 </thead>
100 <tbody>
100 <tbody>
101 <tr>
101 <tr>
102 <td class="issue-tracker-example">
102 <td class="issue-tracker-example">
103 Example of col A
103 Example of col A
104 </td>
104 </td>
105 <td class="issue-tracker-example">
105 <td class="issue-tracker-example">
106 Example of col B
106 Example of col B
107 </td>
107 </td>
108 <td class="issue-tracker-example">
108 <td class="issue-tracker-example">
109 Example of col C
109 Example of col C
110 </td>
110 </td>
111 <td class="issue-tracker-example">
111 <td class="issue-tracker-example">
112 Example of col D
112 Example of col D
113 </td>
113 </td>
114 </tr>
114 </tr>
115 <tr>
115 <tr>
116 <td>Content of col A</td>
116 <td>Content of col A</td>
117 <td>Content of col B</td>
117 <td>Content of col B</td>
118 <td>Content of col C which is very long and will not be
118 <td>Content of col C which is very long and will not be
119 truncated because sometimes people just want to write
119 truncated because sometimes people just want to write
120 really, really long commit messages which explain what
120 really, really long commit messages which explain what
121 they did in excruciating detail and you really, really
121 they did in excruciating detail and you really, really
122 want to read them.</td>
122 want to read them.</td>
123 <td>Content of col D</td>
123 <td>Content of col D</td>
124 </tr>
124 </tr>
125 <tr>
125 <tr>
126 <td>Content of col A</td>
126 <td>Content of col A</td>
127 <td>Content of col B</td>
127 <td>Content of col B</td>
128 <td>Content of col C</td>
128 <td>Content of col C</td>
129 <td class="truncate-wrap"><span class="truncate">Truncated
129 <td class="truncate-wrap"><span class="truncate">Truncated
130 content of column D truncate truncate truncatetruncate
130 content of column D truncate truncate truncatetruncate
131 truncate truncate</span></td>
131 truncate truncate</span></td>
132 </tr>
132 </tr>
133 </tbody>
133 </tbody>
134 </table>
134 </table>
135
135
136 <h2>RC application table data classes</h2>
136 <h2>RC application table data classes</h2>
137
137
138 <p>The following tables contain documentation of all existing table data classes.
138 <p>The following tables contain documentation of all existing table data classes.
139 Please update when new classes are made.
139 Please update when new classes are made.
140 </p>
140 </p>
141 <table class="rctable examples">
141 <table class="rctable examples">
142 <thead>
142 <thead>
143 <tr>
143 <tr>
144 <th>Class</th>
144 <th>Class</th>
145 <th>Description</th>
145 <th>Description</th>
146 <th>Example</th>
146 <th>Example</th>
147 </tr>
147 </tr>
148 </thead>
148 </thead>
149 <tbody>
149 <tbody>
150 <td>td-user</td>
150 <td>td-user</td>
151 <td>Any username/gravatar combination (see also Icons style).</td>
151 <td>Any username/gravatar combination (see also Icons style).</td>
152 <td class="td-user author">
152 <td class="td-user author">
153 <img class="gravatar" alt="gravatar" src="https://secure.gravatar.com/avatar/0c9a7e6674b6f0b35d98dbe073e3f0ab?d=identicon&amp;s=32" height="16" width="16">
153 <img class="gravatar" alt="gravatar" src="https://secure.gravatar.com/avatar/0c9a7e6674b6f0b35d98dbe073e3f0ab?d=identicon&amp;s=32" height="16" width="16">
154 <span title="Oliver Strobel <oliver@rhodecode.com>" class="user">ostrobel (Oliver Strobel)</span>
154 <span title="Oliver Strobel <oliver@rhodecode.com>" class="user">ostrobel (Oliver Strobel)</span>
155 </td>
155 </td>
156 </tr>
156 </tr>
157 <tr>
157 <tr>
158 <td>td-hash</td>
158 <td>td-hash</td>
159 <td>Any hash; a commit, revision, etc. Use <code>&lt;pre&gt;</code> and header 'Commit'</td>
159 <td>Any hash; a commit, revision, etc. Use <code>&lt;pre&gt;</code> and header 'Commit'</td>
160 <td class="td-commit">
160 <td class="td-commit">
161 <pre><a href="/anothercpythonforkkkk/files/8d6b27837c6979983b037693fe975cdbb761b500/">r93699:8d6b27837c69</a></pre>
161 <pre><a href="/anothercpythonforkkkk/files/8d6b27837c6979983b037693fe975cdbb761b500/">r93699:8d6b27837c69</a></pre>
162 </td>
162 </td>
163 </tr>
163 </tr>
164 <tr>
164 <tr>
165 <td>td-rss</td>
165 <td>td-rss</td>
166 <td>RSS feed link icon</td>
166 <td>RSS feed link icon</td>
167 <td class="td-rss">
167 <td class="td-rss">
168 <a title="Subscribe to rss feed" href="/feed/rss"><i class="icon-rss-sign"></i></a>
168 <a title="Subscribe to rss feed" href="/feed/rss"><i class="icon-rss-sign"></i></a>
169 </td>
169 </td>
170 </tr>
170 </tr>
171 <tr>
171 <tr>
172 <td>td-componentname</td>
172 <td>td-componentname</td>
173 <td>Any group, file, gist, or directory name.</td>
173 <td>Any group, file, gist, or directory name.</td>
174 <td class="td-componentname">
174 <td class="td-componentname">
175 <a href="/cpythonfork">
175 <a href="/cpythonfork">
176 <span title="Mercurial repository"><i class="icon-hg"></i></span>
176 <span title="Mercurial repository"><i class="icon-hg"></i></span>
177 <i class="icon-unlock-alt" title="Public repository"></i>
177 <i class="icon-unlock-alt" title="Public repository"></i>
178 rhodecode-dev-restyle-fork
178 rhodecode-dev-restyle-fork
179 </a>
179 </a>
180 </td>
180 </td>
181 </tr>
181 </tr>
182 <tr>
182 <tr>
183 <td>td-tags</td>
183 <td>td-tags</td>
184 <td>Any cell containing tags, including branches and bookmarks.</td>
184 <td>Any cell containing tags, including branches and bookmarks.</td>
185 <td class="td-tags">
185 <td class="td-tags">
186 <span class="branchtag tag" title="Branch default">
186 <span class="branchtag tag" title="Branch default">
187 <a href="/rhodecode-dev-restyle- fork/changelog?branch=default"><i class="icon-code-fork"></i>default</a>
187 <a href="/rhodecode-dev-restyle- fork/changelog?branch=default"><i class="icon-code-fork"></i>default</a>
188 </span>
188 </span>
189 </td>
189 </td>
190 </tr>
190 </tr>
191 <tr>
191 <tr>
192 <td>tags-truncate</td>
192 <td>tags-truncate</td>
193 <td>Used to truncate a cell containing tags; avoid if possible.</td>
193 <td>Used to truncate a cell containing tags; avoid if possible.</td>
194 <td class="td-tags truncate-wrap">
194 <td class="td-tags truncate-wrap">
195 <div class="truncate tags-truncate">
195 <div class="truncate tags-truncate">
196 <div class="autoexpand">
196 <div class="autoexpand">
197 <span class="tagtag tag" title="Tag tip">
197 <span class="tagtag tag" title="Tag tip">
198 <a href="/rhodecode-dev-restyle-fork/files/e519d5a0e71466d27257ddff921c4a13c540408e/"><i class="icon-tag"></i>tip</a>
198 <a href="/rhodecode-dev-restyle-fork/files/e519d5a0e71466d27257ddff921c4a13c540408e/"><i class="icon-tag"></i>tip</a>
199 </span>
199 </span>
200 <span class="branchtag tag" title="Branch default">
200 <span class="branchtag tag" title="Branch default">
201 <a href="/rhodecode-dev-restyle-fork/changelog?branch=default"><i class="icon-code-fork"></i>default</a>
201 <a href="/rhodecode-dev-restyle-fork/changelog?branch=default"><i class="icon-code-fork"></i>default</a>
202 </span>
202 </span>
203 <span class="branchtag tag" title="Branch default">
203 <span class="branchtag tag" title="Branch default">
204 <a href="/rhodecode-dev-restyle-fork/changelog?branch=default"><i class="icon-code-fork"></i>default</a>
204 <a href="/rhodecode-dev-restyle-fork/changelog?branch=default"><i class="icon-code-fork"></i>default</a>
205 </span>
205 </span>
206 </div>
206 </div>
207 </div>
207 </div>
208 </td>
208 </td>
209 </tr>
209 </tr>
210 <tr>
210 <tr>
211 <td>td-ip</td>
211 <td>td-ip</td>
212 <td>Any ip address.</td>
212 <td>Any ip address.</td>
213 <td class="td-ip">
213 <td class="td-ip">
214 172.16.115.168
214 172.16.115.168
215 </td>
215 </td>
216 </tr>
216 </tr>
217 <tr>
217 <tr>
218 <td>td-type</td>
218 <td>td-type</td>
219 <td>A state or an auth type.</td>
219 <td>A state or an auth type.</td>
220 <td class="td-type">
220 <td class="td-type">
221 rhodecode
221 rhodecode
222 </td>
222 </td>
223 </tr>
223 </tr>
224 <tr>
224 <tr>
225 <td>td-authtoken</td>
225 <td>td-authtoken</td>
226 <td>For auth tokens. Use truncate classes for hover expand; see html.</td>
226 <td>For auth tokens. Use truncate classes for hover expand; see html.</td>
227 <td class="truncate-wrap td-authtoken">
227 <td class="truncate-wrap td-authtoken">
228 <div class="truncate autoexpand">
228 <div class="truncate autoexpand">
229 <code>688df65b87d3ad16ae9f8fc6338a551d40f41c7a</code>
229 <code>688df65b87d3ad16ae9f8fc6338a551d40f41c7a</code>
230 </div>
230 </div>
231 </td>
231 </td>
232 </tr>
232 </tr>
233 <tr>
233 <tr>
234 <td>td-action</td>
234 <td>td-action</td>
235 <td>Buttons which perform an action.</td>
235 <td>Buttons which perform an action.</td>
236 <td class="td-action">
236 <td class="td-action">
237 <div class="grid_edit">
237 <div class="grid_edit">
238 <a href="/_admin/users/2/edit" title="edit">
238 <a href="/_admin/users/2/edit" title="edit">
239 <i class="icon-pencil"></i>Edit</a>
239 <i class="icon-pencil"></i>Edit</a>
240 </div>
240 </div>
241 <div class="grid_delete">
241 <div class="grid_delete">
242 <form action="/_admin/users/2" method="post">
242 <form action="/_admin/users/2" method="post">
243 <i class="icon-remove-sign"></i>
243 <i class="icon-remove-sign"></i>
244 <input class="btn btn-danger btn-link" id="remove_user_2" name="remove_" type="submit" value="delete">
244 <input class="btn btn-danger btn-link" id="remove_user_2" name="remove_" type="submit" value="delete">
245 </form>
245 </form>
246 </div>
246 </div>
247 </td>
247 </td>
248 </tr>
248 </tr>
249 <tr>
249 <tr>
250 <td>td-radio</td>
250 <td>td-radio</td>
251 <td>Radio buttons for a form. Centers element.</td>
251 <td>Radio buttons for a form. Centers element.</td>
252 <td class="td-radio">
252 <td class="td-radio">
253 <input type="radio" checked="checked" value="" name="1" id="read"></td>
253 <input type="radio" checked="checked" value="" name="1" id="read"></td>
254 </tr>
254 </tr>
255 <tr>
255 <tr>
256 <td>td-checkbox</td>
256 <td>td-checkbox</td>
257 <td>Checkbox for a form. Centers element.</td>
257 <td>Checkbox for a form. Centers element.</td>
258 <td class="td-checkbox">
258 <td class="td-checkbox">
259 <input type="checkbox" checked="checked" value="" name="1" id="read"></td>
259 <input type="checkbox" checked="checked" value="" name="1" id="read"></td>
260 </tr>
260 </tr>
261 <tr>
261 <tr>
262 <tr>
262 <tr>
263 <td>td-buttons</td>
263 <td>td-buttons</td>
264 <td>Buttons.</td>
264 <td>Buttons.</td>
265 <td class="td-buttons">
265 <td class="td-buttons">
266 <span class="btn btn-mini btn-primary">feed access</span>
266 <span class="btn btn-mini btn-primary">feed access</span>
267 </td>
267 </td>
268 </tr>
268 </tr>
269 <tr>
269 <tr>
270 <td>td-compare</td>
270 <td>td-compare</td>
271 <td>Radio buttons to compare commits.</td>
271 <td>Radio buttons to compare commits.</td>
272 <td class=" td-compare">
272 <td class=" td-compare">
273 <input class="compare-radio-button" type="radio" name="compare_source" value="2.0">
273 <input class="compare-radio-button" type="radio" name="compare_source" value="2.0">
274 <input class="compare-radio-button" type="radio" name="compare_target" value="2.0">
274 <input class="compare-radio-button" type="radio" name="compare_target" value="2.0">
275 </td>
275 </td>
276 </tr>
276 </tr>
277 <tr>
277 <tr>
278 <td>td-comments</td>
278 <td>td-comments</td>
279 <td>Comments indicator icon.</td>
279 <td>Comments indicator icon.</td>
280 <td>
280 <td>
281 <i class="icon-comment"></i> 0
281 <i class="icon-comment"></i> 0
282 </td>
282 </td>
283 </tr>
283 </tr>
284 <tr>
284 <tr>
285 <td>td-status</td>
285 <td>td-status</td>
286 <td>Status indicator icon.</td>
286 <td>Status indicator icon.</td>
287 <td class="td-description">
287 <td class="td-description">
288 <div class="flag_status under_review pull-left"></div>
288 <div class="flag_status under_review pull-left"></div>
289 </td>
289 </td>
290 </tr>
290 </tr>
291 </tbody>
291 </tbody>
292 </table>
292 </table>
293 <table class="dataTable rctable examples">
293 <table class="dataTable rctable examples">
294 <tbody>
294 <tbody>
295 <tr>
295 <tr>
296 <td>quick_repo_menu</td>
296 <td>quick_repo_menu</td>
297 <td>Hidden menu generated by dataTable.</td>
297 <td>Hidden menu generated by dataTable.</td>
298 <td class="quick_repo_menu">
298 <td class="quick_repo_menu">
299 <i class="icon-more"></i>
299 <i class="icon-more"></i>
300 <div class="menu_items_container" style="display: none;">
300 <div class="menu_items_container" style="display: none;">
301 <ul class="menu_items">
301 <ul class="menu_items">
302 <li>
302 <li>
303 <a title="Summary" href="/anothercpythonforkkkk-fork">
303 <a title="Summary" href="/anothercpythonforkkkk-fork">
304 <span>Summary</span>
304 <span>Summary</span>
305 </a>
305 </a>
306 </li>
306 </li>
307 <li>
307 <li>
308 <a title="Changelog" href="/anothercpythonforkkkk-fork/changelog">
308 <a title="Changelog" href="/anothercpythonforkkkk-fork/changelog">
309 <span>Changelog</span>
309 <span>Changelog</span>
310 </a>
310 </a>
311 </li>
311 </li>
312 <li>
312 <li>
313 <a title="Files" href="/anothercpythonforkkkk-fork/files/tip/">
313 <a title="Files" href="/anothercpythonforkkkk-fork/files/tip/">
314 <span>Files</span>
314 <span>Files</span>
315 </a>
315 </a>
316 </li>
316 </li>
317 <li>
317 <li>
318 <a title="Fork" href="/anothercpythonforkkkk-fork/fork">
318 <a title="Fork" href="/anothercpythonforkkkk-fork/fork">
319 <span>Fork</span>
319 <span>Fork</span>
320 </a>
320 </a>
321 </li>
321 </li>
322 </ul>
322 </ul>
323 </div>
323 </div>
324 </td>
324 </td>
325 <td></td>
325 <td></td>
326 </tr>
326 </tr>
327 </tbody>
327 </tbody>
328 </table>
328 </table>
329 <script>quick_repo_menu();</script>
329 <script>quick_repo_menu();</script>
330 <table class="rctable examples">
330 <table class="rctable examples">
331 <tbody>
331 <tbody>
332 <tr>
332 <tr>
333 <td>td-description</td>
333 <td>td-description</td>
334 <td>Any description. They may be rather long, and using the expand_commit outlined below is recommended.</td>
334 <td>Any description. They may be rather long, and using the expand_commit outlined below is recommended.</td>
335 <td class="td-description">
335 <td class="td-description">
336 Ultrices mattis! Enim pellentesque lacus, sit magna natoque risus turpis ut, auctor ultrices facilisis dapibus odio? Parturient! Porta egestas nascetur, quis, elementum dolor, in magna ac dis sit etiam turpis, scelerisque! Integer tristique aliquam.
336 Ultrices mattis! Enim pellentesque lacus, sit magna natoque risus turpis ut, auctor ultrices facilisis dapibus odio? Parturient! Porta egestas nascetur, quis, elementum dolor, in magna ac dis sit etiam turpis, scelerisque! Integer tristique aliquam.
337 </td>
337 </td>
338 </tr>
338 </tr>
339 </tbody>
339 </tbody>
340 </table>
340 </table>
341 <table id="changesets" class="rctable examples end">
341 <table id="changesets" class="rctable examples end">
342 <tbody>
342 <tbody>
343 <tr>
343 <tr>
344 <td>expand_commit</td>
344 <td>expand_commit</td>
345 <td>Expands a long message; see html+js.</td>
345 <td>Expands a long message; see html+js.</td>
346 <td class="expand_commit" data-commit-id="2ffc6faabc7a9c790b1b452943a3f0c047b8b436" title="Expand commit message">
346 <td class="expand_commit" data-commit-id="2ffc6faabc7a9c790b1b452943a3f0c047b8b436" title="Expand commit message">
347 <div class="show_more_col">
347 <div class="show_more_col">
348 <i class="show_more"></i>
348 <i class="show_more"></i>
349 </div>
349 </div>
350 </td>
350 </td>
351 <td class="mid td-description">
351 <td class="mid td-description">
352 <div class="log-container truncate-wrap">
352 <div class="log-container truncate-wrap">
353 <div id="c-2ffc6faabc7a9c790b1b452943a3f0c047b8b436" class="message truncate" data-message-raw="tests: Test echo method on the server object
353 <div id="c-2ffc6faabc7a9c790b1b452943a3f0c047b8b436" class="message truncate" data-message-raw="tests: Test echo method on the server object
354
354
355 This only works for Pyro4 so far, have to extend it still for HTTP to work.">tests: Test echo method on the server object
355 This only works for Pyro4 so far, have to extend it still for HTTP to work.">tests: Test echo method on the server object
356
356
357 This only works for Pyro4 so far, have to extend it still for HTTP to work.</div>
357 This only works for Pyro4 so far, have to extend it still for HTTP to work.</div>
358 </div>
358 </div>
359 </td>
359 </td>
360 </tr>
360 </tr>
361 </tbody>
361 </tbody>
362 </table>
362 </table>
363 <script type="text/javascript">
363 <script type="text/javascript">
364 var cache = {};
364 var cache = {};
365 $('.expand_commit').on('click',function(e){
365 $('.expand_commit').on('click',function(e){
366 var target_expand = $(this);
366 var target_expand = $(this);
367 var cid = target_expand.data('commitId');
367 var cid = target_expand.data('commitId');
368
368
369 if (target_expand.hasClass('open')){
369 if (target_expand.hasClass('open')){
370 $('#c-'+cid).css({'height': '1.5em', 'white-space': 'nowrap', 'text-overflow': 'ellipsis', 'overflow':'hidden'});
370 $('#c-'+cid).css({'height': '1.5em', 'white-space': 'nowrap', 'text-overflow': 'ellipsis', 'overflow':'hidden'});
371 $('#t-'+cid).css({'height': '1.5em', 'max-height': '1.5em', 'text-overflow': 'ellipsis', 'overflow':'hidden', 'white-space':'nowrap'});
371 $('#t-'+cid).css({'height': '1.5em', 'max-height': '1.5em', 'text-overflow': 'ellipsis', 'overflow':'hidden', 'white-space':'nowrap'});
372 target_expand.removeClass('open');
372 target_expand.removeClass('open');
373 }
373 }
374 else {
374 else {
375 $('#c-'+cid).css({'height': 'auto', 'white-space': 'pre-line', 'text-overflow': 'initial', 'overflow':'visible'});
375 $('#c-'+cid).css({'height': 'auto', 'white-space': 'pre-line', 'text-overflow': 'initial', 'overflow':'visible'});
376 $('#t-'+cid).css({'height': 'auto', 'max-height': 'none', 'text-overflow': 'initial', 'overflow':'visible', 'white-space':'normal'});
376 $('#t-'+cid).css({'height': 'auto', 'max-height': 'none', 'text-overflow': 'initial', 'overflow':'visible', 'white-space':'normal'});
377 target_expand.addClass('open');
377 target_expand.addClass('open');
378 }
378 }
379 });
379 });
380
380
381 </script>
381 </script>
382 <p>The following classes currently do not have unique styles applied.</p>
382 <p>The following classes currently do not have unique styles applied.</p>
383 <table class="rctable examples end">
383 <table class="rctable examples end">
384 <tbody>
384 <tbody>
385 <tr>
385 <tr>
386 <td>td-regex</td>
386 <td>td-regex</td>
387 <td>Regex patterns</td>
387 <td>Regex patterns</td>
388 <td class="td-regex">(?:#)(?P<issue_id>\d+)</td>
388 <td class="td-regex">(?:#)(?P<issue_id>\d+)</td>
389 </tr>
389 </tr>
390 <tr>
390 <tr>
391 <td>td-url</td>
391 <td>td-url</td>
392 <td>Any URL.</td>
392 <td>Any URL.</td>
393 <td class="td-url">https://rhodecode.com</td>
393 <td class="td-url">https://rhodecode.com</td>
394 </tr>
394 </tr>
395 <tr>
395 <tr>
396 <td>td-journalaction</td>
396 <td>td-journalaction</td>
397 <td>Action listed in a journal</td>
397 <td>Action listed in a journal</td>
398 <td class="td-journalaction">started following repository supervisor-fork-4</td>
398 <td class="td-journalaction">started following repository supervisor-fork-4</td>
399 </tr>
399 </tr>
400 <tr>
400 <tr>
401 <td>td-iprange</td>
401 <td>td-iprange</td>
402 <td>Any ip address.</td>
402 <td>Any ip address.</td>
403 <td class="td-ip">127.0.0.1-127.0.0.10</td>
403 <td class="td-ip">127.0.0.1-127.0.0.10</td>
404 </tr>
404 </tr>
405 <tr>
405 <tr>
406 <td>td-exp</td>
406 <td>td-exp</td>
407 <td>Expiration time.</td>
407 <td>Expiration time.</td>
408 <td class="td-exp">never</td>
408 <td class="td-exp">never</td>
409 </tr>
409 </tr>
410 <tr>
410 <tr>
411 <td>td-prefix</td>
411 <td>td-prefix</td>
412 <td>Prefixes outlined in settings.</td>
412 <td>Prefixes outlined in settings.</td>
413 <td class="td-prefix">ubuntu-92539</td>
413 <td class="td-prefix">ubuntu-92539</td>
414 </tr>
414 </tr>
415 <tr>
415 <tr>
416 <td>td-cachekey</td>
416 <td>td-cachekey</td>
417 <td>Cache key value.</td>
417 <td>Cache key value.</td>
418 <td class="td-cachekey">ubuntu-92539supervisor</td>
418 <td class="td-cachekey">ubuntu-92539supervisor</td>
419 </tr>
419 </tr>
420 <tr>
420 <tr>
421 <td>td-email</td>
421 <td>td-email</td>
422 <td>Any email address.</td>
422 <td>Any email address.</td>
423 <td class="td-email">example@rhodecode.com</td>
423 <td class="td-email">example@rhodecode.com</td>
424 </tr>
424 </tr>
425 <tr>
425 <tr>
426 <td>td-active</td>
426 <td>td-active</td>
427 <td>Shows active state with icon-true/icon-false.</td>
427 <td>Shows active state with icon-true/icon-false.</td>
428 <td class="td-active"><i class="icon-false"></i></td>
428 <td class="td-active"><i class="icon-false"></i></td>
429 </tr>
429 </tr>
430 <tr>
430 <tr>
431 <td>td-size</td>
431 <td>td-size</td>
432 <td>File, repo, or directory size.</td>
432 <td>File, repo, or directory size.</td>
433 <td class="td-size">89 MB</td>
433 <td class="td-size">89 MB</td>
434 </tr>
434 </tr>
435 <tr>
435 <tr>
436 <td>td-number</td>
436 <td>td-number</td>
437 <td>Any numerical data.</td>
437 <td>Any numerical data.</td>
438 <td class="td-number">42</td>
438 <td class="td-number">42</td>
439 </tr>
439 </tr>
440 <tr>
440 <tr>
441 <td>td-message</td>
441 <td>td-message</td>
442 <td>Any commit message. Often treated with the truncate class used for descriptions as well.</td>
442 <td>Any commit message. Often treated with the truncate class used for descriptions as well.</td>
443 <td class="td-message">Updated the files</td>
443 <td class="td-message">Updated the files</td>
444 </tr>
444 </tr>
445 </tbody>
445 </tbody>
446 </table>
446 </table>
447
447
448
448
449 <h2>Permissions table</h2>
449 <h2>Permissions table</h2>
450
450
451 <p>
451 <p>
452 This is a special-case table; it has
452 This is a special-case table; it has
453 <code>table class="rctable permissions"</code>
453 <code>table class="rctable permissions"</code>
454 where "rctable" applies the rhodecode styling as above, and
454 where "rctable" applies the rhodecode styling as above, and
455 "permissions" adds an extra layer of customization specific to
455 "permissions" adds an extra layer of customization specific to
456 permissions tables. Other special-case tables may exist or be
456 permissions tables. Other special-case tables may exist or be
457 created if necessary.
457 created if necessary.
458 </p>
458 </p>
459
459
460 <table class="rctable permissions">
460 <table class="rctable permissions">
461 <tr>
461 <tr>
462 <th class="td-radio">none</th>
462 <th class="td-radio">none</th>
463 <th class="td-radio">read</th>
463 <th class="td-radio">read</th>
464 <th class="td-radio">write</th>
464 <th class="td-radio">write</th>
465 <th class="td-radio">admin</th>
465 <th class="td-radio">admin</th>
466 <th>user/user group</th>
466 <th>user/user group</th>
467 <th></th>
467 <th></th>
468 </tr>
468 </tr>
469 <tr class="perm_admin_row">
469 <tr class="perm_admin_row">
470 <td class="td-radio"><input type="radio" value="repository.none"
470 <td class="td-radio"><input type="radio" value="repository.none"
471 name="admin_perm_2" id="admin_perm_2_repositorynone"
471 name="admin_perm_2" id="admin_perm_2_repositorynone"
472 disabled="disabled"></td>
472 disabled="disabled"></td>
473 <td class="td-radio"><input type="radio" value="repository.read"
473 <td class="td-radio"><input type="radio" value="repository.read"
474 name="admin_perm_2" id="admin_perm_2_repositoryread"
474 name="admin_perm_2" id="admin_perm_2_repositoryread"
475 disabled="disabled"></td>
475 disabled="disabled"></td>
476 <td class="td-radio"><input type="radio" value="repository.write"
476 <td class="td-radio"><input type="radio" value="repository.write"
477 name="admin_perm_2" id="admin_perm_2_repositorywrite"
477 name="admin_perm_2" id="admin_perm_2_repositorywrite"
478 disabled="disabled"></td>
478 disabled="disabled"></td>
479 <td class="td-radio"><input type="radio" value="repository.admin"
479 <td class="td-radio"><input type="radio" value="repository.admin"
480 name="admin_perm_2" id="admin_perm_2_repositoryadmin"
480 name="admin_perm_2" id="admin_perm_2_repositoryadmin"
481 disabled="disabled" checked="checked"></td>
481 disabled="disabled" checked="checked"></td>
482 <td>
482 <td>
483 <img class="gravatar" src="https://secure.gravatar.com/avatar/be9d18f611892a738e54f2a3a171e2f9?d=identicon&amp;s=32" height="16" width="16">
483 <img class="gravatar" src="https://secure.gravatar.com/avatar/be9d18f611892a738e54f2a3a171e2f9?d=identicon&amp;s=32" height="16" width="16">
484 <span class="user">dev (super admin) (owner)</span>
484 <span class="user">dev (super admin) (owner)</span>
485 </td>
485 </td>
486 <td></td>
486 <td></td>
487 </tr>
487 </tr>
488 <tr>
488 <tr>
489 <td colspan="4">
489 <td colspan="4">
490 <span class="private_repo_msg">
490 <span class="private_repo_msg">
491 private repository
491 private repository
492 </span>
492 </span>
493 </td>
493 </td>
494 <td class="private_repo_msg">
494 <td class="private_repo_msg">
495 <i class="icon-user"></i>
495 <i class="icon-user"></i>
496 default - only people explicitly added here will have access</td>
496 default - only people explicitly added here will have access</td>
497 <td></td>
497 <td></td>
498 </tr>
498 </tr>
499 <tr>
499 <tr>
500 <td class="td-radio"><input type="radio" value="repository.none"
500 <td class="td-radio"><input type="radio" value="repository.none"
501 name="u_perm_1" id="u_perm_1_repositorynone"></td>
501 name="u_perm_1" id="u_perm_1_repositorynone"></td>
502 <td class="td-radio"><input type="radio" checked="checked"
502 <td class="td-radio"><input type="radio" checked="checked"
503 value="repository.read" name="u_perm_1"
503 value="repository.read" name="u_perm_1"
504 id="u_perm_1_repositoryread"></td>
504 id="u_perm_1_repositoryread"></td>
505 <td class="td-radio"><input type="radio" value="repository.write"
505 <td class="td-radio"><input type="radio" value="repository.write"
506 name="u_perm_1" id="u_perm_1_repositorywrite"></td>
506 name="u_perm_1" id="u_perm_1_repositorywrite"></td>
507 <td class="td-radio"><input type="radio" value="repository.admin"
507 <td class="td-radio"><input type="radio" value="repository.admin"
508 name="u_perm_1" id="u_perm_1_repositoryadmin"></td>
508 name="u_perm_1" id="u_perm_1_repositoryadmin"></td>
509 <td>
509 <td>
510 <img class="gravatar" src="/_static/rhodecode/images/user30.png" height="16" width="16">
510 <img class="gravatar" src="/_static/rhodecode/images/user30.png" height="16" width="16">
511 <span class="user">default</span>
511 <span class="user">default</span>
512 </td>
512 </td>
513 <td></td>
513 <td></td>
514 </tr>
514 </tr>
515 <tr>
515 <tr>
516 <td class="td-radio"><input type="radio" value="repository.none"
516 <td class="td-radio"><input type="radio" value="repository.none"
517 name="u_perm_2" id="u_perm_2_repositorynone"></td>
517 name="u_perm_2" id="u_perm_2_repositorynone"></td>
518 <td class="td-radio"><input type="radio" checked="checked"
518 <td class="td-radio"><input type="radio" checked="checked"
519 value="repository.read" name="u_perm_2"
519 value="repository.read" name="u_perm_2"
520 id="u_perm_2_repositoryread"></td>
520 id="u_perm_2_repositoryread"></td>
521 <td class="td-radio"><input type="radio" value="repository.write"
521 <td class="td-radio"><input type="radio" value="repository.write"
522 name="u_perm_2" id="u_perm_2_repositorywrite"></td>
522 name="u_perm_2" id="u_perm_2_repositorywrite"></td>
523 <td class="td-radio"><input type="radio" value="repository.admin"
523 <td class="td-radio"><input type="radio" value="repository.admin"
524 name="u_perm_2" id="u_perm_2_repositoryadmin"></td>
524 name="u_perm_2" id="u_perm_2_repositoryadmin"></td>
525 <td>
525 <td>
526 <img class="gravatar" src="https://secure.gravatar.com/avatar/be9d18f611892a738e54f2a3a171e2f9?d=identicon&amp;s=32" height="16" width="16">
526 <img class="gravatar" src="https://secure.gravatar.com/avatar/be9d18f611892a738e54f2a3a171e2f9?d=identicon&amp;s=32" height="16" width="16">
527 <a class="user" href="/_admin/users/2/edit">dev</a>
527 <a class="user" href="/_admin/users/2/edit">dev</a>
528 </td>
528 </td>
529 <td>
529 <td>
530 <span member_type="user" member="2"
530 <span member_type="user" member="2"
531 class="btn action_button btn-link btn-danger">revoke</span>
531 class="btn action_button btn-link btn-danger">revoke</span>
532 </td>
532 </td>
533 </tr>
533 </tr>
534 </tbody>
534 </tbody>
535 </table>
535 </table>
536 <div class="link" id="add_perm">
536 <div class="link" id="add_perm">
537 Add new
537 Add user/user group
538 </div>
538 </div>
539
539
540
540
541
541
542 </div>
542 </div>
543 </div>
543 </div>
544 </div>
544 </div>
545 </%def>
545 </%def>
Show file before | Show file after | Hide comments
@@ -1,33 +1,32 b''
1 <tal:def tal:define="title title|field.title;
1 <tal:def tal:define="title title|field.title;
2 description description|field.description;
2 description description|field.description;
3 errormsg errormsg|field.errormsg;
3 errormsg errormsg|field.errormsg;
4 item_template item_template|field.widget.item_template"
4 item_template item_template|field.widget.item_template"
5 i18n:domain="deform">
5 i18n:domain="deform">
6
6
7 <div class="panel panel-default">
7 <div class="panel panel-default">
8 <div class="panel-heading">${title}</div>
8 <div class="panel-heading">${title}</div>
9 <div class="panel-body">
9 <div class="panel-body">
10
10
11 <div tal:condition="errormsg"
11 <div tal:condition="errormsg" class="clearfix alert alert-error">
12 class="clearfix alert alert-danger">
12 <span i18n:translate="">
13 <p i18n:translate="">
14 There was a problem with this section
13 There was a problem with this section
15 </p>
14 </span>
16 <p>${errormsg}</p>
15 <div>${errormsg}</div>
17 </div>
16 </div>
18
17
19 <div tal:condition="description">
18 <div tal:condition="description">
20 ${description}
19 ${description}
21 </div>
20 </div>
22
21
23 ${field.start_mapping()}
22 ${field.start_mapping()}
24 <div tal:repeat="child field.children"
23 <div tal:repeat="child field.children"
25 tal:replace="structure child.render_template(item_template)" >
24 tal:replace="structure child.render_template(item_template)" >
26 </div>
25 </div>
27 ${field.end_mapping()}
26 ${field.end_mapping()}
28
27
29 <div style="clear: both"></div>
28 <div style="clear: both"></div>
30 </div>
29 </div>
31 </div>
30 </div>
32
31
33 </tal:def> No newline at end of file
32 </tal:def>
Show file before | Show file after | Hide comments
@@ -1,717 +1,735 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2018 RhodeCode GmbH
3 # Copyright (C) 2010-2018 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 import pytest
21 import pytest
22
22
23 from rhodecode.lib.auth import AuthUser
23 from rhodecode.lib.auth import AuthUser
24 from rhodecode.model.db import (
24 from rhodecode.model.db import (
25 RepoGroup, User, UserGroupRepoGroupToPerm, Permission, UserToPerm,
25 RepoGroup, User, UserGroupRepoGroupToPerm, Permission, UserToPerm,
26 UserGroupToPerm)
26 UserGroupToPerm)
27 from rhodecode.model.meta import Session
27 from rhodecode.model.meta import Session
28 from rhodecode.model.permission import PermissionModel
28 from rhodecode.model.permission import PermissionModel
29 from rhodecode.model.repo import RepoModel
29 from rhodecode.model.repo import RepoModel
30 from rhodecode.model.repo_group import RepoGroupModel
30 from rhodecode.model.repo_group import RepoGroupModel
31 from rhodecode.model.user import UserModel
31 from rhodecode.model.user import UserModel
32 from rhodecode.model.user_group import UserGroupModel
32 from rhodecode.model.user_group import UserGroupModel
33 from rhodecode.tests.fixture import Fixture
33 from rhodecode.tests.fixture import Fixture
34
34
35
35
36 fixture = Fixture()
36 fixture = Fixture()
37
37
38
38
39 @pytest.fixture
39 @pytest.fixture
40 def repo_name(backend_hg):
40 def repo_name(backend_hg):
41 return backend_hg.repo_name
41 return backend_hg.repo_name
42
42
43
43
44 class TestPermissions(object):
44 class TestPermissions(object):
45
45
46 @pytest.fixture(scope='class', autouse=True)
46 @pytest.fixture(scope='class', autouse=True)
47 def default_permissions(self, request, baseapp):
47 def default_permissions(self, request, baseapp):
48 # recreate default user to get a clean start
48 # recreate default user to get a clean start
49 PermissionModel().create_default_user_permissions(
49 PermissionModel().create_default_user_permissions(
50 user=User.DEFAULT_USER, force=True)
50 user=User.DEFAULT_USER, force=True)
51 Session().commit()
51 Session().commit()
52
52
53 @pytest.fixture(autouse=True)
53 @pytest.fixture(autouse=True)
54 def prepare_users(self, request):
54 def prepare_users(self, request):
55 # TODO: User creation is a duplicate of test_nofitications, check
55 # TODO: User creation is a duplicate of test_nofitications, check
56 # if that can be unified
56 # if that can be unified
57 self.u1 = UserModel().create_or_update(
57 self.u1 = UserModel().create_or_update(
58 username=u'u1', password=u'qweqwe',
58 username=u'u1', password=u'qweqwe',
59 email=u'u1@rhodecode.org', firstname=u'u1', lastname=u'u1'
59 email=u'u1@rhodecode.org', firstname=u'u1', lastname=u'u1'
60 )
60 )
61 self.u2 = UserModel().create_or_update(
61 self.u2 = UserModel().create_or_update(
62 username=u'u2', password=u'qweqwe',
62 username=u'u2', password=u'qweqwe',
63 email=u'u2@rhodecode.org', firstname=u'u2', lastname=u'u2'
63 email=u'u2@rhodecode.org', firstname=u'u2', lastname=u'u2'
64 )
64 )
65 self.u3 = UserModel().create_or_update(
65 self.u3 = UserModel().create_or_update(
66 username=u'u3', password=u'qweqwe',
66 username=u'u3', password=u'qweqwe',
67 email=u'u3@rhodecode.org', firstname=u'u3', lastname=u'u3'
67 email=u'u3@rhodecode.org', firstname=u'u3', lastname=u'u3'
68 )
68 )
69 self.anon = User.get_default_user()
69 self.anon = User.get_default_user()
70 self.a1 = UserModel().create_or_update(
70 self.a1 = UserModel().create_or_update(
71 username=u'a1', password=u'qweqwe',
71 username=u'a1', password=u'qweqwe',
72 email=u'a1@rhodecode.org', firstname=u'a1', lastname=u'a1',
72 email=u'a1@rhodecode.org', firstname=u'a1', lastname=u'a1',
73 admin=True
73 admin=True
74 )
74 )
75 Session().commit()
75 Session().commit()
76
76
77 request.addfinalizer(self.cleanup)
77 request.addfinalizer(self.cleanup)
78
78
79 def cleanup(self):
79 def cleanup(self):
80 if hasattr(self, 'test_repo'):
80 if hasattr(self, 'test_repo'):
81 RepoModel().delete(repo=self.test_repo)
81 RepoModel().delete(repo=self.test_repo)
82
82
83 if hasattr(self, 'g1'):
83 if hasattr(self, 'g1'):
84 RepoGroupModel().delete(self.g1.group_id)
84 RepoGroupModel().delete(self.g1.group_id)
85 if hasattr(self, 'g2'):
85 if hasattr(self, 'g2'):
86 RepoGroupModel().delete(self.g2.group_id)
86 RepoGroupModel().delete(self.g2.group_id)
87
87
88 UserModel().delete(self.u1)
88 UserModel().delete(self.u1)
89 UserModel().delete(self.u2)
89 UserModel().delete(self.u2)
90 UserModel().delete(self.u3)
90 UserModel().delete(self.u3)
91 UserModel().delete(self.a1)
91 UserModel().delete(self.a1)
92
92
93 if hasattr(self, 'ug1'):
93 if hasattr(self, 'ug1'):
94 UserGroupModel().delete(self.ug1, force=True)
94 UserGroupModel().delete(self.ug1, force=True)
95
95
96 Session().commit()
96 Session().commit()
97
97
98 def test_default_perms_set(self, repo_name):
98 def test_default_perms_set(self, repo_name):
99 assert repo_perms(self.u1)[repo_name] == 'repository.read'
99 assert repo_perms(self.u1)[repo_name] == 'repository.read'
100 new_perm = 'repository.write'
100 new_perm = 'repository.write'
101 RepoModel().grant_user_permission(repo=repo_name, user=self.u1,
101 RepoModel().grant_user_permission(repo=repo_name, user=self.u1,
102 perm=new_perm)
102 perm=new_perm)
103 Session().commit()
103 Session().commit()
104 assert repo_perms(self.u1)[repo_name] == new_perm
104 assert repo_perms(self.u1)[repo_name] == new_perm
105
105
106 def test_default_admin_perms_set(self, repo_name):
106 def test_default_admin_perms_set(self, repo_name):
107 assert repo_perms(self.a1)[repo_name] == 'repository.admin'
107 assert repo_perms(self.a1)[repo_name] == 'repository.admin'
108 RepoModel().grant_user_permission(repo=repo_name, user=self.a1,
108 RepoModel().grant_user_permission(repo=repo_name, user=self.a1,
109 perm='repository.write')
109 perm='repository.write')
110 Session().commit()
110 Session().commit()
111 # cannot really downgrade admins permissions !? they still gets set as
111 # cannot really downgrade admins permissions !? they still gets set as
112 # admin !
112 # admin !
113 assert repo_perms(self.a1)[repo_name] == 'repository.admin'
113 assert repo_perms(self.a1)[repo_name] == 'repository.admin'
114
114
115 def test_default_group_perms(self, repo_name):
115 def test_default_group_perms(self, repo_name):
116 self.g1 = fixture.create_repo_group('test1', skip_if_exists=True)
116 self.g1 = fixture.create_repo_group('test1', skip_if_exists=True)
117 self.g2 = fixture.create_repo_group('test2', skip_if_exists=True)
117 self.g2 = fixture.create_repo_group('test2', skip_if_exists=True)
118
118
119 assert repo_perms(self.u1)[repo_name] == 'repository.read'
119 assert repo_perms(self.u1)[repo_name] == 'repository.read'
120 assert group_perms(self.u1) == {
120 assert group_perms(self.u1) == {
121 'test1': 'group.read', 'test2': 'group.read'}
121 'test1': 'group.read', 'test2': 'group.read'}
122 assert global_perms(self.u1) == set(
122 assert global_perms(self.u1) == set(
123 Permission.DEFAULT_USER_PERMISSIONS)
123 Permission.DEFAULT_USER_PERMISSIONS)
124
124
125 def test_default_admin_group_perms(self, repo_name):
125 def test_default_admin_group_perms(self, repo_name):
126 self.g1 = fixture.create_repo_group('test1', skip_if_exists=True)
126 self.g1 = fixture.create_repo_group('test1', skip_if_exists=True)
127 self.g2 = fixture.create_repo_group('test2', skip_if_exists=True)
127 self.g2 = fixture.create_repo_group('test2', skip_if_exists=True)
128
128
129 assert repo_perms(self.a1)[repo_name] == 'repository.admin'
129 assert repo_perms(self.a1)[repo_name] == 'repository.admin'
130 assert group_perms(self.a1) == {
130 assert group_perms(self.a1) == {
131 'test1': 'group.admin', 'test2': 'group.admin'}
131 'test1': 'group.admin', 'test2': 'group.admin'}
132
132
133 def test_default_owner_repo_perms(self, backend, user_util, test_repo):
133 def test_default_owner_repo_perms(self, backend, user_util, test_repo):
134 user = user_util.create_user()
134 user = user_util.create_user()
135 repo = test_repo('minimal', backend.alias)
135 repo = test_repo('minimal', backend.alias)
136 org_owner = repo.user
136 org_owner = repo.user
137 assert repo_perms(user)[repo.repo_name] == 'repository.read'
137 assert repo_perms(user)[repo.repo_name] == 'repository.read'
138
138
139 repo.user = user
139 repo.user = user
140 assert repo_perms(user)[repo.repo_name] == 'repository.admin'
140 assert repo_perms(user)[repo.repo_name] == 'repository.admin'
141 repo.user = org_owner
141 repo.user = org_owner
142
142
143 def test_default_owner_branch_perms(self, user_util, test_user_group):
144 user = user_util.create_user()
145 assert branch_perms(user) == {}
146
143 def test_default_owner_repo_group_perms(self, user_util, test_repo_group):
147 def test_default_owner_repo_group_perms(self, user_util, test_repo_group):
144 user = user_util.create_user()
148 user = user_util.create_user()
145 org_owner = test_repo_group.user
149 org_owner = test_repo_group.user
146
150
147 assert group_perms(user)[test_repo_group.group_name] == 'group.read'
151 assert group_perms(user)[test_repo_group.group_name] == 'group.read'
148
152
149 test_repo_group.user = user
153 test_repo_group.user = user
150 assert group_perms(user)[test_repo_group.group_name] == 'group.admin'
154 assert group_perms(user)[test_repo_group.group_name] == 'group.admin'
151 test_repo_group.user = org_owner
155 test_repo_group.user = org_owner
152
156
153 def test_default_owner_user_group_perms(self, user_util, test_user_group):
157 def test_default_owner_user_group_perms(self, user_util, test_user_group):
154 user = user_util.create_user()
158 user = user_util.create_user()
155 org_owner = test_user_group.user
159 org_owner = test_user_group.user
156
160
157 assert user_group_perms(user)[test_user_group.users_group_name] == 'usergroup.read'
161 assert user_group_perms(user)[test_user_group.users_group_name] == 'usergroup.read'
158
162
159 test_user_group.user = user
163 test_user_group.user = user
160 assert user_group_perms(user)[test_user_group.users_group_name] == 'usergroup.admin'
164 assert user_group_perms(user)[test_user_group.users_group_name] == 'usergroup.admin'
161
165
162 test_user_group.user = org_owner
166 test_user_group.user = org_owner
163
167
164 def test_propagated_permission_from_users_group_by_explicit_perms_exist(
168 def test_propagated_permission_from_users_group_by_explicit_perms_exist(
165 self, repo_name):
169 self, repo_name):
166 # make group
170 # make group
167 self.ug1 = fixture.create_user_group('G1')
171 self.ug1 = fixture.create_user_group('G1')
168 UserGroupModel().add_user_to_group(self.ug1, self.u1)
172 UserGroupModel().add_user_to_group(self.ug1, self.u1)
169
173
170 # set permission to lower
174 # set permission to lower
171 new_perm = 'repository.none'
175 new_perm = 'repository.none'
172 RepoModel().grant_user_permission(
176 RepoModel().grant_user_permission(
173 repo=repo_name, user=self.u1, perm=new_perm)
177 repo=repo_name, user=self.u1, perm=new_perm)
174 Session().commit()
178 Session().commit()
175 assert repo_perms(self.u1)[repo_name] == new_perm
179 assert repo_perms(self.u1)[repo_name] == new_perm
176
180
177 # grant perm for group this should not override permission from user
181 # grant perm for group this should not override permission from user
178 # since it has explicitly set
182 # since it has explicitly set
179 new_perm_gr = 'repository.write'
183 new_perm_gr = 'repository.write'
180 RepoModel().grant_user_group_permission(
184 RepoModel().grant_user_group_permission(
181 repo=repo_name, group_name=self.ug1, perm=new_perm_gr)
185 repo=repo_name, group_name=self.ug1, perm=new_perm_gr)
182
186
183 assert repo_perms(self.u1)[repo_name] == new_perm
187 assert repo_perms(self.u1)[repo_name] == new_perm
184 assert group_perms(self.u1) == {}
188 assert group_perms(self.u1) == {}
185
189
186 def test_propagated_permission_from_users_group(self, repo_name):
190 def test_propagated_permission_from_users_group(self, repo_name):
187 # make group
191 # make group
188 self.ug1 = fixture.create_user_group('G1')
192 self.ug1 = fixture.create_user_group('G1')
189 UserGroupModel().add_user_to_group(self.ug1, self.u3)
193 UserGroupModel().add_user_to_group(self.ug1, self.u3)
190
194
191 # grant perm for group
195 # grant perm for group
192 # this should override default permission from user
196 # this should override default permission from user
193 new_perm_gr = 'repository.write'
197 new_perm_gr = 'repository.write'
194 RepoModel().grant_user_group_permission(
198 RepoModel().grant_user_group_permission(
195 repo=repo_name, group_name=self.ug1, perm=new_perm_gr)
199 repo=repo_name, group_name=self.ug1, perm=new_perm_gr)
196
200
197 assert repo_perms(self.u3)[repo_name] == new_perm_gr
201 assert repo_perms(self.u3)[repo_name] == new_perm_gr
198 assert group_perms(self.u3) == {}
202 assert group_perms(self.u3) == {}
199
203
200 def test_propagated_permission_from_users_group_lower_weight(
204 def test_propagated_permission_from_users_group_lower_weight(
201 self, repo_name):
205 self, repo_name):
202 # make group with user
206 # make group with user
203 self.ug1 = fixture.create_user_group('G1')
207 self.ug1 = fixture.create_user_group('G1')
204 UserGroupModel().add_user_to_group(self.ug1, self.u1)
208 UserGroupModel().add_user_to_group(self.ug1, self.u1)
205
209
206 # set permission to lower
210 # set permission to lower
207 new_perm_h = 'repository.write'
211 new_perm_h = 'repository.write'
208 RepoModel().grant_user_permission(
212 RepoModel().grant_user_permission(
209 repo=repo_name, user=self.u1, perm=new_perm_h)
213 repo=repo_name, user=self.u1, perm=new_perm_h)
210 Session().commit()
214 Session().commit()
211
215
212 assert repo_perms(self.u1)[repo_name] == new_perm_h
216 assert repo_perms(self.u1)[repo_name] == new_perm_h
213
217
214 # grant perm for group this should NOT override permission from user
218 # grant perm for group this should NOT override permission from user
215 # since it's lower than granted
219 # since it's lower than granted
216 new_perm_l = 'repository.read'
220 new_perm_l = 'repository.read'
217 RepoModel().grant_user_group_permission(
221 RepoModel().grant_user_group_permission(
218 repo=repo_name, group_name=self.ug1, perm=new_perm_l)
222 repo=repo_name, group_name=self.ug1, perm=new_perm_l)
219
223
220 assert repo_perms(self.u1)[repo_name] == new_perm_h
224 assert repo_perms(self.u1)[repo_name] == new_perm_h
221 assert group_perms(self.u1) == {}
225 assert group_perms(self.u1) == {}
222
226
223 def test_repo_in_group_permissions(self):
227 def test_repo_in_group_permissions(self):
224 self.g1 = fixture.create_repo_group('group1', skip_if_exists=True)
228 self.g1 = fixture.create_repo_group('group1', skip_if_exists=True)
225 self.g2 = fixture.create_repo_group('group2', skip_if_exists=True)
229 self.g2 = fixture.create_repo_group('group2', skip_if_exists=True)
226 # both perms should be read !
230 # both perms should be read !
227 assert group_perms(self.u1) == \
231 assert group_perms(self.u1) == \
228 {u'group1': u'group.read', u'group2': u'group.read'}
232 {u'group1': u'group.read', u'group2': u'group.read'}
229
233
230 assert group_perms(self.anon) == \
234 assert group_perms(self.anon) == \
231 {u'group1': u'group.read', u'group2': u'group.read'}
235 {u'group1': u'group.read', u'group2': u'group.read'}
232
236
233 # Change perms to none for both groups
237 # Change perms to none for both groups
234 RepoGroupModel().grant_user_permission(
238 RepoGroupModel().grant_user_permission(
235 repo_group=self.g1, user=self.anon, perm='group.none')
239 repo_group=self.g1, user=self.anon, perm='group.none')
236 RepoGroupModel().grant_user_permission(
240 RepoGroupModel().grant_user_permission(
237 repo_group=self.g2, user=self.anon, perm='group.none')
241 repo_group=self.g2, user=self.anon, perm='group.none')
238
242
239 assert group_perms(self.u1) == \
243 assert group_perms(self.u1) == \
240 {u'group1': u'group.none', u'group2': u'group.none'}
244 {u'group1': u'group.none', u'group2': u'group.none'}
241 assert group_perms(self.anon) == \
245 assert group_perms(self.anon) == \
242 {u'group1': u'group.none', u'group2': u'group.none'}
246 {u'group1': u'group.none', u'group2': u'group.none'}
243
247
244 # add repo to group
248 # add repo to group
245 name = RepoGroup.url_sep().join([self.g1.group_name, 'test_perm'])
249 name = RepoGroup.url_sep().join([self.g1.group_name, 'test_perm'])
246 self.test_repo = fixture.create_repo(name=name,
250 self.test_repo = fixture.create_repo(name=name,
247 repo_type='hg',
251 repo_type='hg',
248 repo_group=self.g1,
252 repo_group=self.g1,
249 cur_user=self.u1,)
253 cur_user=self.u1,)
250
254
251 assert group_perms(self.u1) == \
255 assert group_perms(self.u1) == \
252 {u'group1': u'group.none', u'group2': u'group.none'}
256 {u'group1': u'group.none', u'group2': u'group.none'}
253 assert group_perms(self.anon) == \
257 assert group_perms(self.anon) == \
254 {u'group1': u'group.none', u'group2': u'group.none'}
258 {u'group1': u'group.none', u'group2': u'group.none'}
255
259
256 # grant permission for u2 !
260 # grant permission for u2 !
257 RepoGroupModel().grant_user_permission(
261 RepoGroupModel().grant_user_permission(
258 repo_group=self.g1, user=self.u2, perm='group.read')
262 repo_group=self.g1, user=self.u2, perm='group.read')
259 RepoGroupModel().grant_user_permission(
263 RepoGroupModel().grant_user_permission(
260 repo_group=self.g2, user=self.u2, perm='group.read')
264 repo_group=self.g2, user=self.u2, perm='group.read')
261 Session().commit()
265 Session().commit()
262 assert self.u1 != self.u2
266 assert self.u1 != self.u2
263
267
264 # u1 and anon should have not change perms while u2 should !
268 # u1 and anon should have not change perms while u2 should !
265 assert group_perms(self.u1) == \
269 assert group_perms(self.u1) == \
266 {u'group1': u'group.none', u'group2': u'group.none'}
270 {u'group1': u'group.none', u'group2': u'group.none'}
267 assert group_perms(self.u2) == \
271 assert group_perms(self.u2) == \
268 {u'group1': u'group.read', u'group2': u'group.read'}
272 {u'group1': u'group.read', u'group2': u'group.read'}
269 assert group_perms(self.anon) == \
273 assert group_perms(self.anon) == \
270 {u'group1': u'group.none', u'group2': u'group.none'}
274 {u'group1': u'group.none', u'group2': u'group.none'}
271
275
272 def test_repo_group_user_as_user_group_member(self):
276 def test_repo_group_user_as_user_group_member(self):
273 # create Group1
277 # create Group1
274 self.g1 = fixture.create_repo_group('group1', skip_if_exists=True)
278 self.g1 = fixture.create_repo_group('group1', skip_if_exists=True)
275 assert group_perms(self.anon) == {u'group1': u'group.read'}
279 assert group_perms(self.anon) == {u'group1': u'group.read'}
276
280
277 # set default permission to none
281 # set default permission to none
278 RepoGroupModel().grant_user_permission(
282 RepoGroupModel().grant_user_permission(
279 repo_group=self.g1, user=self.anon, perm='group.none')
283 repo_group=self.g1, user=self.anon, perm='group.none')
280 # make group
284 # make group
281 self.ug1 = fixture.create_user_group('G1')
285 self.ug1 = fixture.create_user_group('G1')
282 # add user to group
286 # add user to group
283 UserGroupModel().add_user_to_group(self.ug1, self.u1)
287 UserGroupModel().add_user_to_group(self.ug1, self.u1)
284 Session().commit()
288 Session().commit()
285
289
286 # check if user is in the group
290 # check if user is in the group
287 ug1 = UserGroupModel().get(self.ug1.users_group_id)
291 ug1 = UserGroupModel().get(self.ug1.users_group_id)
288 members = [x.user_id for x in ug1.members]
292 members = [x.user_id for x in ug1.members]
289 assert members == [self.u1.user_id]
293 assert members == [self.u1.user_id]
290 # add some user to that group
294 # add some user to that group
291
295
292 # check his permissions
296 # check his permissions
293 assert group_perms(self.anon) == {u'group1': u'group.none'}
297 assert group_perms(self.anon) == {u'group1': u'group.none'}
294 assert group_perms(self.u1) == {u'group1': u'group.none'}
298 assert group_perms(self.u1) == {u'group1': u'group.none'}
295
299
296 # grant ug1 read permissions for
300 # grant ug1 read permissions for
297 RepoGroupModel().grant_user_group_permission(
301 RepoGroupModel().grant_user_group_permission(
298 repo_group=self.g1, group_name=self.ug1, perm='group.read')
302 repo_group=self.g1, group_name=self.ug1, perm='group.read')
299 Session().commit()
303 Session().commit()
300
304
301 # check if the
305 # check if the
302 obj = Session().query(UserGroupRepoGroupToPerm)\
306 obj = Session().query(UserGroupRepoGroupToPerm)\
303 .filter(UserGroupRepoGroupToPerm.group == self.g1)\
307 .filter(UserGroupRepoGroupToPerm.group == self.g1)\
304 .filter(UserGroupRepoGroupToPerm.users_group == self.ug1)\
308 .filter(UserGroupRepoGroupToPerm.users_group == self.ug1)\
305 .scalar()
309 .scalar()
306 assert obj.permission.permission_name == 'group.read'
310 assert obj.permission.permission_name == 'group.read'
307
311
308 assert group_perms(self.anon) == {u'group1': u'group.none'}
312 assert group_perms(self.anon) == {u'group1': u'group.none'}
309 assert group_perms(self.u1) == {u'group1': u'group.read'}
313 assert group_perms(self.u1) == {u'group1': u'group.read'}
310
314
311 def test_inherited_permissions_from_default_on_user_enabled(self):
315 def test_inherited_permissions_from_default_on_user_enabled(self):
312 # enable fork and create on default user
316 # enable fork and create on default user
313 _form_result = {
317 _form_result = {
314 'default_repo_create': 'hg.create.repository',
318 'default_repo_create': 'hg.create.repository',
315 'default_fork_create': 'hg.fork.repository'
319 'default_fork_create': 'hg.fork.repository'
316 }
320 }
317 PermissionModel().set_new_user_perms(
321 PermissionModel().set_new_user_perms(
318 User.get_default_user(), _form_result)
322 User.get_default_user(), _form_result)
319 Session().commit()
323 Session().commit()
320
324
321 # make sure inherit flag is turned on
325 # make sure inherit flag is turned on
322 self.u1.inherit_default_permissions = True
326 self.u1.inherit_default_permissions = True
323 Session().commit()
327 Session().commit()
324
328
325 # this user will have inherited permissions from default user
329 # this user will have inherited permissions from default user
326 assert global_perms(self.u1) == default_perms()
330 assert global_perms(self.u1) == default_perms()
327
331
328 def test_inherited_permissions_from_default_on_user_disabled(self):
332 def test_inherited_permissions_from_default_on_user_disabled(self):
329 # disable fork and create on default user
333 # disable fork and create on default user
330 _form_result = {
334 _form_result = {
331 'default_repo_create': 'hg.create.none',
335 'default_repo_create': 'hg.create.none',
332 'default_fork_create': 'hg.fork.none'
336 'default_fork_create': 'hg.fork.none'
333 }
337 }
334 PermissionModel().set_new_user_perms(
338 PermissionModel().set_new_user_perms(
335 User.get_default_user(), _form_result)
339 User.get_default_user(), _form_result)
336 Session().commit()
340 Session().commit()
337
341
338 # make sure inherit flag is turned on
342 # make sure inherit flag is turned on
339 self.u1.inherit_default_permissions = True
343 self.u1.inherit_default_permissions = True
340 Session().commit()
344 Session().commit()
341
345
342 # this user will have inherited permissions from default user
346 # this user will have inherited permissions from default user
343 expected_perms = default_perms(
347 expected_perms = default_perms(
344 added=['hg.create.none', 'hg.fork.none'],
348 added=['hg.create.none', 'hg.fork.none'],
345 removed=['hg.create.repository', 'hg.fork.repository'])
349 removed=['hg.create.repository', 'hg.fork.repository'])
346 assert global_perms(self.u1) == expected_perms
350 assert global_perms(self.u1) == expected_perms
347
351
348 def test_non_inherited_permissions_from_default_on_user_enabled(self):
352 def test_non_inherited_permissions_from_default_on_user_enabled(self):
349 user_model = UserModel()
353 user_model = UserModel()
350 # enable fork and create on default user
354 # enable fork and create on default user
351 usr = User.DEFAULT_USER
355 usr = User.DEFAULT_USER
352 user_model.revoke_perm(usr, 'hg.create.none')
356 user_model.revoke_perm(usr, 'hg.create.none')
353 user_model.grant_perm(usr, 'hg.create.repository')
357 user_model.grant_perm(usr, 'hg.create.repository')
354 user_model.revoke_perm(usr, 'hg.fork.none')
358 user_model.revoke_perm(usr, 'hg.fork.none')
355 user_model.grant_perm(usr, 'hg.fork.repository')
359 user_model.grant_perm(usr, 'hg.fork.repository')
356
360
357 # disable global perms on specific user
361 # disable global perms on specific user
358 user_model.revoke_perm(self.u1, 'hg.create.repository')
362 user_model.revoke_perm(self.u1, 'hg.create.repository')
359 user_model.grant_perm(self.u1, 'hg.create.none')
363 user_model.grant_perm(self.u1, 'hg.create.none')
360 user_model.revoke_perm(self.u1, 'hg.fork.repository')
364 user_model.revoke_perm(self.u1, 'hg.fork.repository')
361 user_model.grant_perm(self.u1, 'hg.fork.none')
365 user_model.grant_perm(self.u1, 'hg.fork.none')
362
366
367 # TODO(marcink): check branch permissions now ?
368
363 # make sure inherit flag is turned off
369 # make sure inherit flag is turned off
364 self.u1.inherit_default_permissions = False
370 self.u1.inherit_default_permissions = False
365 Session().commit()
371 Session().commit()
366
372
367 # this user will have non inherited permissions from he's
373 # this user will have non inherited permissions from he's
368 # explicitly set permissions
374 # explicitly set permissions
369 assert global_perms(self.u1) == set([
375 assert global_perms(self.u1) == {
370 'hg.create.none',
376 'hg.create.none',
371 'hg.fork.none',
377 'hg.fork.none',
372 'hg.register.manual_activate',
378 'hg.register.manual_activate',
373 'hg.password_reset.enabled',
379 'hg.password_reset.enabled',
374 'hg.extern_activate.auto',
380 'hg.extern_activate.auto',
375 'repository.read',
381 'repository.read',
376 'group.read',
382 'group.read',
377 'usergroup.read',
383 'usergroup.read',
378 ])
384 'branch.push_force',
385 }
379
386
380 def test_non_inherited_permissions_from_default_on_user_disabled(self):
387 def test_non_inherited_permissions_from_default_on_user_disabled(self):
381 user_model = UserModel()
388 user_model = UserModel()
382 # disable fork and create on default user
389 # disable fork and create on default user
383 usr = User.DEFAULT_USER
390 usr = User.DEFAULT_USER
384 user_model.revoke_perm(usr, 'hg.create.repository')
391 user_model.revoke_perm(usr, 'hg.create.repository')
385 user_model.grant_perm(usr, 'hg.create.none')
392 user_model.grant_perm(usr, 'hg.create.none')
386 user_model.revoke_perm(usr, 'hg.fork.repository')
393 user_model.revoke_perm(usr, 'hg.fork.repository')
387 user_model.grant_perm(usr, 'hg.fork.none')
394 user_model.grant_perm(usr, 'hg.fork.none')
388
395
389 # enable global perms on specific user
396 # enable global perms on specific user
390 user_model.revoke_perm(self.u1, 'hg.create.none')
397 user_model.revoke_perm(self.u1, 'hg.create.none')
391 user_model.grant_perm(self.u1, 'hg.create.repository')
398 user_model.grant_perm(self.u1, 'hg.create.repository')
392 user_model.revoke_perm(self.u1, 'hg.fork.none')
399 user_model.revoke_perm(self.u1, 'hg.fork.none')
393 user_model.grant_perm(self.u1, 'hg.fork.repository')
400 user_model.grant_perm(self.u1, 'hg.fork.repository')
394
401
395 # make sure inherit flag is turned off
402 # make sure inherit flag is turned off
396 self.u1.inherit_default_permissions = False
403 self.u1.inherit_default_permissions = False
397 Session().commit()
404 Session().commit()
398
405
406 # TODO(marcink): check branch perms
407
399 # this user will have non inherited permissions from he's
408 # this user will have non inherited permissions from he's
400 # explicitly set permissions
409 # explicitly set permissions
401 assert global_perms(self.u1) == set([
410 assert global_perms(self.u1) == {
402 'hg.create.repository',
411 'hg.create.repository',
403 'hg.fork.repository',
412 'hg.fork.repository',
404 'hg.register.manual_activate',
413 'hg.register.manual_activate',
405 'hg.password_reset.enabled',
414 'hg.password_reset.enabled',
406 'hg.extern_activate.auto',
415 'hg.extern_activate.auto',
407 'repository.read',
416 'repository.read',
408 'group.read',
417 'group.read',
409 'usergroup.read',
418 'usergroup.read',
410 ])
419 'branch.push_force',
420 }
411
421
412 @pytest.mark.parametrize('perm, expected_perm', [
422 @pytest.mark.parametrize('perm, expected_perm', [
413 ('hg.inherit_default_perms.false', 'repository.none', ),
423 ('hg.inherit_default_perms.false', 'repository.none', ),
414 ('hg.inherit_default_perms.true', 'repository.read', ),
424 ('hg.inherit_default_perms.true', 'repository.read', ),
415 ])
425 ])
416 def test_inherited_permissions_on_objects(self, perm, expected_perm):
426 def test_inherited_permissions_on_objects(self, perm, expected_perm):
417 _form_result = {
427 _form_result = {
418 'default_inherit_default_permissions': perm,
428 'default_inherit_default_permissions': perm,
419 }
429 }
420 PermissionModel().set_new_user_perms(
430 PermissionModel().set_new_user_perms(
421 User.get_default_user(), _form_result)
431 User.get_default_user(), _form_result)
422 Session().commit()
432 Session().commit()
423
433
424 # make sure inherit flag is turned on
434 # make sure inherit flag is turned on
425 self.u1.inherit_default_permissions = True
435 self.u1.inherit_default_permissions = True
426 Session().commit()
436 Session().commit()
427
437
438 # TODO(marcink): check branch perms
439
428 # this user will have inherited permissions from default user
440 # this user will have inherited permissions from default user
429 assert global_perms(self.u1) == set([
441 assert global_perms(self.u1) == {
430 'hg.create.none',
442 'hg.create.none',
431 'hg.fork.none',
443 'hg.fork.none',
432 'hg.register.manual_activate',
444 'hg.register.manual_activate',
433 'hg.password_reset.enabled',
445 'hg.password_reset.enabled',
434 'hg.extern_activate.auto',
446 'hg.extern_activate.auto',
435 'repository.read',
447 'repository.read',
436 'group.read',
448 'group.read',
437 'usergroup.read',
449 'usergroup.read',
450 'branch.push_force',
438 'hg.create.write_on_repogroup.true',
451 'hg.create.write_on_repogroup.true',
439 'hg.usergroup.create.false',
452 'hg.usergroup.create.false',
440 'hg.repogroup.create.false',
453 'hg.repogroup.create.false',
441 perm,
454 perm
442 ])
455 }
443
456
444 assert set(repo_perms(self.u1).values()) == set([expected_perm])
457 assert set(repo_perms(self.u1).values()) == set([expected_perm])
445
458
446 def test_repo_owner_permissions_not_overwritten_by_group(self):
459 def test_repo_owner_permissions_not_overwritten_by_group(self):
447 # create repo as USER,
460 # create repo as USER,
448 self.test_repo = fixture.create_repo(name='myownrepo',
461 self.test_repo = fixture.create_repo(name='myownrepo',
449 repo_type='hg',
462 repo_type='hg',
450 cur_user=self.u1)
463 cur_user=self.u1)
451
464
452 # he has permissions of admin as owner
465 # he has permissions of admin as owner
453 assert repo_perms(self.u1)['myownrepo'] == 'repository.admin'
466 assert repo_perms(self.u1)['myownrepo'] == 'repository.admin'
454
467
455 # set his permission as user group, he should still be admin
468 # set his permission as user group, he should still be admin
456 self.ug1 = fixture.create_user_group('G1')
469 self.ug1 = fixture.create_user_group('G1')
457 UserGroupModel().add_user_to_group(self.ug1, self.u1)
470 UserGroupModel().add_user_to_group(self.ug1, self.u1)
458 RepoModel().grant_user_group_permission(
471 RepoModel().grant_user_group_permission(
459 self.test_repo,
472 self.test_repo,
460 group_name=self.ug1,
473 group_name=self.ug1,
461 perm='repository.none')
474 perm='repository.none')
462 Session().commit()
475 Session().commit()
463
476
464 assert repo_perms(self.u1)['myownrepo'] == 'repository.admin'
477 assert repo_perms(self.u1)['myownrepo'] == 'repository.admin'
465
478
466 def test_repo_owner_permissions_not_overwritten_by_others(self):
479 def test_repo_owner_permissions_not_overwritten_by_others(self):
467 # create repo as USER,
480 # create repo as USER,
468 self.test_repo = fixture.create_repo(name='myownrepo',
481 self.test_repo = fixture.create_repo(name='myownrepo',
469 repo_type='hg',
482 repo_type='hg',
470 cur_user=self.u1)
483 cur_user=self.u1)
471
484
472 # he has permissions of admin as owner
485 # he has permissions of admin as owner
473 assert repo_perms(self.u1)['myownrepo'] == 'repository.admin'
486 assert repo_perms(self.u1)['myownrepo'] == 'repository.admin'
474
487
475 # set his permission as user, he should still be admin
488 # set his permission as user, he should still be admin
476 RepoModel().grant_user_permission(
489 RepoModel().grant_user_permission(
477 self.test_repo, user=self.u1, perm='repository.none')
490 self.test_repo, user=self.u1, perm='repository.none')
478 Session().commit()
491 Session().commit()
479
492
480 assert repo_perms(self.u1)['myownrepo'] == 'repository.admin'
493 assert repo_perms(self.u1)['myownrepo'] == 'repository.admin'
481
494
482 def test_repo_group_owner_permissions_not_overwritten_by_group(self):
495 def test_repo_group_owner_permissions_not_overwritten_by_group(self):
483 # "u1" shall be owner without any special permission assigned
496 # "u1" shall be owner without any special permission assigned
484 self.g1 = fixture.create_repo_group('test1')
497 self.g1 = fixture.create_repo_group('test1')
485
498
486 # Make user group and grant a permission to user group
499 # Make user group and grant a permission to user group
487 self.ug1 = fixture.create_user_group('G1')
500 self.ug1 = fixture.create_user_group('G1')
488 UserGroupModel().add_user_to_group(self.ug1, self.u1)
501 UserGroupModel().add_user_to_group(self.ug1, self.u1)
489 RepoGroupModel().grant_user_group_permission(
502 RepoGroupModel().grant_user_group_permission(
490 repo_group=self.g1, group_name=self.ug1, perm='group.write')
503 repo_group=self.g1, group_name=self.ug1, perm='group.write')
491
504
492 # Verify that user does not get any special permission if he is not
505 # Verify that user does not get any special permission if he is not
493 # owner
506 # owner
494 assert group_perms(self.u1) == {'test1': 'group.write'}
507 assert group_perms(self.u1) == {'test1': 'group.write'}
495
508
496 # Make him owner of the repo group
509 # Make him owner of the repo group
497 self.g1.user = self.u1
510 self.g1.user = self.u1
498 assert group_perms(self.u1) == {'test1': 'group.admin'}
511 assert group_perms(self.u1) == {'test1': 'group.admin'}
499
512
500 def test_repo_group_owner_permissions_not_overwritten_by_others(self):
513 def test_repo_group_owner_permissions_not_overwritten_by_others(self):
501 # "u1" shall be owner without any special permission assigned
514 # "u1" shall be owner without any special permission assigned
502 self.g1 = fixture.create_repo_group('test1')
515 self.g1 = fixture.create_repo_group('test1')
503 RepoGroupModel().grant_user_permission(
516 RepoGroupModel().grant_user_permission(
504 repo_group=self.g1, user=self.u1, perm='group.write')
517 repo_group=self.g1, user=self.u1, perm='group.write')
505
518
506 # Verify that user does not get any special permission if he is not
519 # Verify that user does not get any special permission if he is not
507 # owner
520 # owner
508 assert group_perms(self.u1) == {'test1': 'group.write'}
521 assert group_perms(self.u1) == {'test1': 'group.write'}
509
522
510 # Make him owner of the repo group
523 # Make him owner of the repo group
511 self.g1.user = self.u1
524 self.g1.user = self.u1
512 assert group_perms(self.u1) == {u'test1': 'group.admin'}
525 assert group_perms(self.u1) == {u'test1': 'group.admin'}
513
526
514 def _test_def_user_perm_equal(
527 def _test_def_user_perm_equal(
515 self, user, change_factor=0, compare_keys=None):
528 self, user, change_factor=0, compare_keys=None):
516 perms = UserToPerm.query().filter(UserToPerm.user == user).all()
529 perms = UserToPerm.query().filter(UserToPerm.user == user).all()
517 assert len(perms) == \
530 assert len(perms) == \
518 len(Permission.DEFAULT_USER_PERMISSIONS) + change_factor
531 len(Permission.DEFAULT_USER_PERMISSIONS) + change_factor
519 if compare_keys:
532 if compare_keys:
520 assert set(
533 assert set(
521 x.permissions.permission_name for x in perms) == compare_keys
534 x.permissions.permission_name for x in perms) == compare_keys
522
535
523 def _test_def_user_group_perm_equal(
536 def _test_def_user_group_perm_equal(
524 self, user_group, change_factor=0, compare_keys=None):
537 self, user_group, change_factor=0, compare_keys=None):
525 perms = UserGroupToPerm.query().filter(
538 perms = UserGroupToPerm.query().filter(
526 UserGroupToPerm.users_group == user_group).all()
539 UserGroupToPerm.users_group == user_group).all()
527 assert len(perms) == \
540 assert len(perms) == \
528 len(Permission.DEFAULT_USER_PERMISSIONS) + change_factor
541 len(Permission.DEFAULT_USER_PERMISSIONS) + change_factor
529 if compare_keys:
542 if compare_keys:
530 assert set(
543 assert set(
531 x.permissions.permission_name for x in perms) == compare_keys
544 x.permissions.permission_name for x in perms) == compare_keys
532
545
533 def test_set_default_permissions(self):
546 def test_set_default_permissions(self):
534 PermissionModel().create_default_user_permissions(user=self.u1)
547 PermissionModel().create_default_user_permissions(user=self.u1)
535 self._test_def_user_perm_equal(user=self.u1)
548 self._test_def_user_perm_equal(user=self.u1)
536
549
537 def test_set_default_permissions_after_one_is_missing(self):
550 def test_set_default_permissions_after_one_is_missing(self):
538 PermissionModel().create_default_user_permissions(user=self.u1)
551 PermissionModel().create_default_user_permissions(user=self.u1)
539 self._test_def_user_perm_equal(user=self.u1)
552 self._test_def_user_perm_equal(user=self.u1)
540 # now we delete one, it should be re-created after another call
553 # now we delete one, it should be re-created after another call
541 perms = UserToPerm.query().filter(UserToPerm.user == self.u1).all()
554 perms = UserToPerm.query().filter(UserToPerm.user == self.u1).all()
542 Session().delete(perms[0])
555 Session().delete(perms[0])
543 Session().commit()
556 Session().commit()
544
557
545 self._test_def_user_perm_equal(user=self.u1, change_factor=-1)
558 self._test_def_user_perm_equal(user=self.u1, change_factor=-1)
546
559
547 # create missing one !
560 # create missing one !
548 PermissionModel().create_default_user_permissions(user=self.u1)
561 PermissionModel().create_default_user_permissions(user=self.u1)
549 self._test_def_user_perm_equal(user=self.u1)
562 self._test_def_user_perm_equal(user=self.u1)
550
563
551 @pytest.mark.parametrize("perm, modify_to", [
564 @pytest.mark.parametrize("perm, modify_to", [
552 ('repository.read', 'repository.none'),
565 ('repository.read', 'repository.none'),
553 ('group.read', 'group.none'),
566 ('group.read', 'group.none'),
554 ('usergroup.read', 'usergroup.none'),
567 ('usergroup.read', 'usergroup.none'),
555 ('hg.create.repository', 'hg.create.none'),
568 ('hg.create.repository', 'hg.create.none'),
556 ('hg.fork.repository', 'hg.fork.none'),
569 ('hg.fork.repository', 'hg.fork.none'),
557 ('hg.register.manual_activate', 'hg.register.auto_activate',)
570 ('hg.register.manual_activate', 'hg.register.auto_activate',)
558 ])
571 ])
559 def test_set_default_permissions_after_modification(self, perm, modify_to):
572 def test_set_default_permissions_after_modification(self, perm, modify_to):
560 PermissionModel().create_default_user_permissions(user=self.u1)
573 PermissionModel().create_default_user_permissions(user=self.u1)
561 self._test_def_user_perm_equal(user=self.u1)
574 self._test_def_user_perm_equal(user=self.u1)
562
575
563 old = Permission.get_by_key(perm)
576 old = Permission.get_by_key(perm)
564 new = Permission.get_by_key(modify_to)
577 new = Permission.get_by_key(modify_to)
565 assert old is not None
578 assert old is not None
566 assert new is not None
579 assert new is not None
567
580
568 # now modify permissions
581 # now modify permissions
569 p = UserToPerm.query().filter(
582 p = UserToPerm.query().filter(
570 UserToPerm.user == self.u1).filter(
583 UserToPerm.user == self.u1).filter(
571 UserToPerm.permission == old).one()
584 UserToPerm.permission == old).one()
572 p.permission = new
585 p.permission = new
573 Session().add(p)
586 Session().add(p)
574 Session().commit()
587 Session().commit()
575
588
576 PermissionModel().create_default_user_permissions(user=self.u1)
589 PermissionModel().create_default_user_permissions(user=self.u1)
577 self._test_def_user_perm_equal(user=self.u1)
590 self._test_def_user_perm_equal(user=self.u1)
578
591
579 def test_clear_user_perms(self):
592 def test_clear_user_perms(self):
580 PermissionModel().create_default_user_permissions(user=self.u1)
593 PermissionModel().create_default_user_permissions(user=self.u1)
581 self._test_def_user_perm_equal(user=self.u1)
594 self._test_def_user_perm_equal(user=self.u1)
582
595
583 # now clear permissions
596 # now clear permissions
584 cleared = PermissionModel()._clear_user_perms(self.u1.user_id)
597 cleared = PermissionModel()._clear_user_perms(self.u1.user_id)
585 self._test_def_user_perm_equal(user=self.u1,
598 self._test_def_user_perm_equal(user=self.u1,
586 change_factor=len(cleared)*-1)
599 change_factor=len(cleared)*-1)
587
600
588 def test_clear_user_group_perms(self):
601 def test_clear_user_group_perms(self):
589 self.ug1 = fixture.create_user_group('G1')
602 self.ug1 = fixture.create_user_group('G1')
590 PermissionModel().create_default_user_group_permissions(
603 PermissionModel().create_default_user_group_permissions(
591 user_group=self.ug1)
604 user_group=self.ug1)
592 self._test_def_user_group_perm_equal(user_group=self.ug1)
605 self._test_def_user_group_perm_equal(user_group=self.ug1)
593
606
594 # now clear permissions
607 # now clear permissions
595 cleared = PermissionModel()._clear_user_group_perms(
608 cleared = PermissionModel()._clear_user_group_perms(
596 self.ug1.users_group_id)
609 self.ug1.users_group_id)
597 self._test_def_user_group_perm_equal(user_group=self.ug1,
610 self._test_def_user_group_perm_equal(user_group=self.ug1,
598 change_factor=len(cleared)*-1)
611 change_factor=len(cleared)*-1)
599
612
600 @pytest.mark.parametrize("form_result", [
613 @pytest.mark.parametrize("form_result", [
601 {},
614 {},
602 {'default_repo_create': 'hg.create.repository'},
615 {'default_repo_create': 'hg.create.repository'},
603 {'default_repo_create': 'hg.create.repository',
616 {'default_repo_create': 'hg.create.repository',
604 'default_repo_perm': 'repository.read'},
617 'default_repo_perm': 'repository.read'},
605 {'default_repo_create': 'hg.create.none',
618 {'default_repo_create': 'hg.create.none',
606 'default_repo_perm': 'repository.write',
619 'default_repo_perm': 'repository.write',
607 'default_fork_create': 'hg.fork.none'},
620 'default_fork_create': 'hg.fork.none'},
608 ])
621 ])
609 def test_set_new_user_permissions(self, form_result):
622 def test_set_new_user_permissions(self, form_result):
610 _form_result = {}
623 _form_result = {}
611 _form_result.update(form_result)
624 _form_result.update(form_result)
612 PermissionModel().set_new_user_perms(self.u1, _form_result)
625 PermissionModel().set_new_user_perms(self.u1, _form_result)
613 Session().commit()
626 Session().commit()
614 change_factor = -1 * (len(Permission.DEFAULT_USER_PERMISSIONS)
627 change_factor = -1 * (len(Permission.DEFAULT_USER_PERMISSIONS)
615 - len(form_result.keys()))
628 - len(form_result.keys()))
616 self._test_def_user_perm_equal(
629 self._test_def_user_perm_equal(
617 self.u1, change_factor=change_factor)
630 self.u1, change_factor=change_factor)
618
631
619 @pytest.mark.parametrize("form_result", [
632 @pytest.mark.parametrize("form_result", [
620 {},
633 {},
621 {'default_repo_create': 'hg.create.repository'},
634 {'default_repo_create': 'hg.create.repository'},
622 {'default_repo_create': 'hg.create.repository',
635 {'default_repo_create': 'hg.create.repository',
623 'default_repo_perm': 'repository.read'},
636 'default_repo_perm': 'repository.read'},
624 {'default_repo_create': 'hg.create.none',
637 {'default_repo_create': 'hg.create.none',
625 'default_repo_perm': 'repository.write',
638 'default_repo_perm': 'repository.write',
626 'default_fork_create': 'hg.fork.none'},
639 'default_fork_create': 'hg.fork.none'},
627 ])
640 ])
628 def test_set_new_user_group_permissions(self, form_result):
641 def test_set_new_user_group_permissions(self, form_result):
629 _form_result = {}
642 _form_result = {}
630 _form_result.update(form_result)
643 _form_result.update(form_result)
631 self.ug1 = fixture.create_user_group('G1')
644 self.ug1 = fixture.create_user_group('G1')
632 PermissionModel().set_new_user_group_perms(self.ug1, _form_result)
645 PermissionModel().set_new_user_group_perms(self.ug1, _form_result)
633 Session().commit()
646 Session().commit()
634 change_factor = -1 * (len(Permission.DEFAULT_USER_PERMISSIONS)
647 change_factor = -1 * (len(Permission.DEFAULT_USER_PERMISSIONS)
635 - len(form_result.keys()))
648 - len(form_result.keys()))
636 self._test_def_user_group_perm_equal(
649 self._test_def_user_group_perm_equal(
637 self.ug1, change_factor=change_factor)
650 self.ug1, change_factor=change_factor)
638
651
639 @pytest.mark.parametrize("group_active, expected_perm", [
652 @pytest.mark.parametrize("group_active, expected_perm", [
640 (True, 'repository.admin'),
653 (True, 'repository.admin'),
641 (False, 'repository.read'),
654 (False, 'repository.read'),
642 ])
655 ])
643 def test_get_default_repo_perms_from_user_group_with_active_group(
656 def test_get_default_repo_perms_from_user_group_with_active_group(
644 self, backend, user_util, group_active, expected_perm):
657 self, backend, user_util, group_active, expected_perm):
645 repo = backend.create_repo()
658 repo = backend.create_repo()
646 user = user_util.create_user()
659 user = user_util.create_user()
647 user_group = user_util.create_user_group(
660 user_group = user_util.create_user_group(
648 members=[user], users_group_active=group_active)
661 members=[user], users_group_active=group_active)
649
662
650 user_util.grant_user_group_permission_to_repo(
663 user_util.grant_user_group_permission_to_repo(
651 repo, user_group, 'repository.admin')
664 repo, user_group, 'repository.admin')
652 permissions = repo_perms(user)
665 permissions = repo_perms(user)
653 repo_permission = permissions.get(repo.repo_name)
666 repo_permission = permissions.get(repo.repo_name)
654 assert repo_permission == expected_perm
667 assert repo_permission == expected_perm
655
668
656 @pytest.mark.parametrize("group_active, expected_perm", [
669 @pytest.mark.parametrize("group_active, expected_perm", [
657 (True, 'group.admin'),
670 (True, 'group.admin'),
658 (False, 'group.read')
671 (False, 'group.read')
659 ])
672 ])
660 def test_get_default_group_perms_from_user_group_with_active_group(
673 def test_get_default_group_perms_from_user_group_with_active_group(
661 self, user_util, group_active, expected_perm):
674 self, user_util, group_active, expected_perm):
662 user = user_util.create_user()
675 user = user_util.create_user()
663 repo_group = user_util.create_repo_group()
676 repo_group = user_util.create_repo_group()
664 user_group = user_util.create_user_group(
677 user_group = user_util.create_user_group(
665 members=[user], users_group_active=group_active)
678 members=[user], users_group_active=group_active)
666
679
667 user_util.grant_user_group_permission_to_repo_group(
680 user_util.grant_user_group_permission_to_repo_group(
668 repo_group, user_group, 'group.admin')
681 repo_group, user_group, 'group.admin')
669 permissions = group_perms(user)
682 permissions = group_perms(user)
670 group_permission = permissions.get(repo_group.name)
683 group_permission = permissions.get(repo_group.name)
671 assert group_permission == expected_perm
684 assert group_permission == expected_perm
672
685
673 @pytest.mark.parametrize("group_active, expected_perm", [
686 @pytest.mark.parametrize("group_active, expected_perm", [
674 (True, 'usergroup.admin'),
687 (True, 'usergroup.admin'),
675 (False, 'usergroup.read')
688 (False, 'usergroup.read')
676 ])
689 ])
677 def test_get_default_user_group_perms_from_user_group_with_active_group(
690 def test_get_default_user_group_perms_from_user_group_with_active_group(
678 self, user_util, group_active, expected_perm):
691 self, user_util, group_active, expected_perm):
679 user = user_util.create_user()
692 user = user_util.create_user()
680 user_group = user_util.create_user_group(
693 user_group = user_util.create_user_group(
681 members=[user], users_group_active=group_active)
694 members=[user], users_group_active=group_active)
682 target_user_group = user_util.create_user_group()
695 target_user_group = user_util.create_user_group()
683
696
684 user_util.grant_user_group_permission_to_user_group(
697 user_util.grant_user_group_permission_to_user_group(
685 target_user_group, user_group, 'usergroup.admin')
698 target_user_group, user_group, 'usergroup.admin')
686 permissions = user_group_perms(user)
699 permissions = user_group_perms(user)
687 group_permission = permissions.get(target_user_group.users_group_name)
700 group_permission = permissions.get(target_user_group.users_group_name)
688 assert group_permission == expected_perm
701 assert group_permission == expected_perm
689
702
690
703
691 def repo_perms(user):
704 def repo_perms(user):
692 auth_user = AuthUser(user_id=user.user_id)
705 auth_user = AuthUser(user_id=user.user_id)
693 return auth_user.permissions['repositories']
706 return auth_user.permissions['repositories']
694
707
695
708
709 def branch_perms(user):
710 auth_user = AuthUser(user_id=user.user_id)
711 return auth_user.permissions['repository_branches']
712
713
696 def group_perms(user):
714 def group_perms(user):
697 auth_user = AuthUser(user_id=user.user_id)
715 auth_user = AuthUser(user_id=user.user_id)
698 return auth_user.permissions['repositories_groups']
716 return auth_user.permissions['repositories_groups']
699
717
700
718
701 def user_group_perms(user):
719 def user_group_perms(user):
702 auth_user = AuthUser(user_id=user.user_id)
720 auth_user = AuthUser(user_id=user.user_id)
703 return auth_user.permissions['user_groups']
721 return auth_user.permissions['user_groups']
704
722
705
723
706 def global_perms(user):
724 def global_perms(user):
707 auth_user = AuthUser(user_id=user.user_id)
725 auth_user = AuthUser(user_id=user.user_id)
708 return auth_user.permissions['global']
726 return auth_user.permissions['global']
709
727
710
728
711 def default_perms(added=None, removed=None):
729 def default_perms(added=None, removed=None):
712 expected_perms = set(Permission.DEFAULT_USER_PERMISSIONS)
730 expected_perms = set(Permission.DEFAULT_USER_PERMISSIONS)
713 if removed:
731 if removed:
714 expected_perms.difference_update(removed)
732 expected_perms.difference_update(removed)
715 if added:
733 if added:
716 expected_perms.update(added)
734 expected_perms.update(added)
717 return expected_perms
735 return expected_perms
Show file before | Show file after | Hide comments
@@ -1,70 +1,70 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2018 RhodeCode GmbH
3 # Copyright (C) 2010-2018 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 import pytest
21 import pytest
22
22
23 from rhodecode.tests.vcs.conftest import BackendTestMixin
23 from rhodecode.tests.vcs.conftest import BackendTestMixin
24 from rhodecode.lib.vcs.exceptions import (
24 from rhodecode.lib.vcs.exceptions import (
25 TagAlreadyExistError, TagDoesNotExistError)
25 TagAlreadyExistError, TagDoesNotExistError)
26
26
27
27
28 pytestmark = pytest.mark.backends("git", "hg")
28 pytestmark = pytest.mark.backends("git", "hg")
29
29
30
30
31 @pytest.mark.usefixtures("vcs_repository_support")
31 @pytest.mark.usefixtures("vcs_repository_support")
32 class TestTags(BackendTestMixin):
32 class TestTags(BackendTestMixin):
33
33
34 def test_new_tag(self):
34 def test_new_tag(self):
35 tip = self.repo.get_commit()
35 tip = self.repo.get_commit()
36 tagsize = len(self.repo.tags)
36 tagsize = len(self.repo.tags)
37 tag = self.repo.tag('last-commit', 'joe', tip.raw_id)
37 tag = self.repo.tag('last-commit', 'joe', tip.raw_id)
38
38
39 assert len(self.repo.tags) == tagsize + 1
39 assert len(self.repo.tags) == tagsize + 1
40 for top, __, __ in tip.walk():
40 for top, __, __ in tip.walk():
41 assert top == tag.get_node(top.path)
41 assert top == tag.get_node(top.path)
42
42
43 def test_tag_already_exist(self):
43 def test_tag_already_exist(self):
44 tip = self.repo.get_commit()
44 tip = self.repo.get_commit()
45 self.repo.tag('last-commit', 'joe', tip.raw_id)
45 self.repo.tag('last-commit', 'joe', tip.raw_id)
46
46
47 with pytest.raises(TagAlreadyExistError):
47 with pytest.raises(TagAlreadyExistError):
48 self.repo.tag('last-commit', 'joe', tip.raw_id)
48 self.repo.tag('last-commit', 'joe', tip.raw_id)
49
49
50 commit = self.repo.get_commit(commit_idx=0)
50 commit = self.repo.get_commit(commit_idx=0)
51 with pytest.raises(TagAlreadyExistError):
51 with pytest.raises(TagAlreadyExistError):
52 self.repo.tag('last-commit', 'jane', commit.raw_id)
52 self.repo.tag('last-commit', 'jane', commit.raw_id)
53
53
54 def test_remove_tag(self):
54 def test_remove_tag(self):
55 tip = self.repo.get_commit()
55 tip = self.repo.get_commit()
56 self.repo.tag('last-commit', 'joe', tip.raw_id)
56 self.repo.tag('last-commit', 'joe', tip.raw_id)
57 tagsize = len(self.repo.tags)
57 tagsize = len(self.repo.tags)
58
58
59 self.repo.remove_tag('last-commit', user='evil joe')
59 self.repo.remove_tag('last-commit', user='evil joe')
60 assert len(self.repo.tags) == tagsize - 1
60 assert len(self.repo.tags) == tagsize - 1
61
61
62 def test_remove_tag_which_does_not_exist(self):
62 def test_remove_tag_which_does_not_exist(self):
63 with pytest.raises(TagDoesNotExistError):
63 with pytest.raises(TagDoesNotExistError):
64 self.repo.remove_tag('last-commit', user='evil joe')
64 self.repo.remove_tag('last-commit', user='evil joe')
65
65
66 def test_name_with_slash(self):
66 def test_name_with_slash(self):
67 self.repo.tag('19/10/11', 'joe')
67 self.repo.tag('19/10/11', 'joe')
68 assert '19/10/11' in self.repo.tags
68 assert '19/10/11' in self.repo.tags
69 self.repo.tag('11', 'joe')
69 self.repo.tag('rel.11', 'joe')
70 assert '11' in self.repo.tags
70 assert 'rel.11' in self.repo.tags
General Comments 0
You need to be logged in to leave comments. Login now