##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
tests: stabilize tests for mysql/postgres.
marcink -
r3981:39e93a55 default
parent child Browse files
Show More

The requested changes are too big and content was truncated. Show full diff

Show file before | Show file after | Hide comments
@@ -1,202 +1,202 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import pytest
22 22
23 23 from rhodecode.tests import assert_session_flash
24 24 from rhodecode.tests.utils import AssertResponse
25 25 from rhodecode.model.db import Session
26 26 from rhodecode.model.settings import SettingsModel
27 27
28 28
29 29 def assert_auth_settings_updated(response):
30 30 assert response.status_int == 302, 'Expected response HTTP Found 302'
31 31 assert_session_flash(response, 'Auth settings updated successfully')
32 32
33 33
34 34 @pytest.mark.usefixtures("autologin_user", "app")
35 35 class TestAuthSettingsView(object):
36 36
37 37 def _enable_plugins(self, plugins_list, csrf_token, override=None,
38 38 verify_response=False):
39 39 test_url = '/_admin/auth'
40 40 params = {
41 41 'auth_plugins': plugins_list,
42 42 'csrf_token': csrf_token,
43 43 }
44 44 if override:
45 45 params.update(override)
46 46 _enabled_plugins = []
47 47 for plugin in plugins_list.split(','):
48 48 plugin_name = plugin.partition('#')[-1]
49 49 enabled_plugin = '%s_enabled' % plugin_name
50 50 cache_ttl = '%s_cache_ttl' % plugin_name
51 51
52 52 # default params that are needed for each plugin,
53 53 # `enabled` and `cache_ttl`
54 54 params.update({
55 55 enabled_plugin: True,
56 56 cache_ttl: 0
57 57 })
58 58 _enabled_plugins.append(enabled_plugin)
59 59
60 60 # we need to clean any enabled plugin before, since they require
61 61 # form params to be present
62 62 db_plugin = SettingsModel().get_setting_by_name('auth_plugins')
63 63 db_plugin.app_settings_value = \
64 64 'egg:rhodecode-enterprise-ce#rhodecode'
65 65 Session().add(db_plugin)
66 66 Session().commit()
67 67 for _plugin in _enabled_plugins:
68 68 db_plugin = SettingsModel().get_setting_by_name(_plugin)
69 69 if db_plugin:
70 70 Session().delete(db_plugin)
71 71 Session().commit()
72 72
73 73 response = self.app.post(url=test_url, params=params)
74 74
75 75 if verify_response:
76 76 assert_auth_settings_updated(response)
77 77 return params
78 78
79 79 def _post_ldap_settings(self, params, override=None, force=False):
80 80
81 81 params.update({
82 82 'filter': 'user',
83 83 'user_member_of': '',
84 84 'user_search_base': '',
85 85 'user_search_filter': 'test_filter',
86 86
87 87 'host': 'dc.example.com',
88 88 'port': '999',
89 89 'timeout': 3600,
90 90 'tls_kind': 'PLAIN',
91 91 'tls_reqcert': 'NEVER',
92 92 'tls_cert_dir':'/etc/openldap/cacerts',
93 93 'dn_user': 'test_user',
94 94 'dn_pass': 'test_pass',
95 95 'base_dn': 'test_base_dn',
96 96 'search_scope': 'BASE',
97 97 'attr_login': 'test_attr_login',
98 98 'attr_firstname': 'ima',
99 99 'attr_lastname': 'tester',
100 100 'attr_email': 'test@example.com',
101 101 'cache_ttl': '0',
102 102 })
103 103 if force:
104 104 params = {}
105 105 params.update(override or {})
106 106
107 107 test_url = '/_admin/auth/ldap/'
108 108
109 109 response = self.app.post(url=test_url, params=params)
110 110 return response
111 111
112 112 def test_index(self):
113 113 response = self.app.get('/_admin/auth')
114 114 response.mustcontain('Authentication Plugins')
115 115
116 116 @pytest.mark.parametrize("disable_plugin, needs_import", [
117 117 ('egg:rhodecode-enterprise-ce#headers', None),
118 118 ('egg:rhodecode-enterprise-ce#crowd', None),
119 119 ('egg:rhodecode-enterprise-ce#jasig_cas', None),
120 120 ('egg:rhodecode-enterprise-ce#ldap', None),
121 121 ('egg:rhodecode-enterprise-ce#pam', "pam"),
122 122 ])
123 123 def test_disable_plugin(self, csrf_token, disable_plugin, needs_import):
124 124 # TODO: johbo: "pam" is currently not available on darwin,
125 125 # although the docs state that it should work on darwin.
126 126 if needs_import:
127 127 pytest.importorskip(needs_import)
128 128
129 129 self._enable_plugins(
130 130 'egg:rhodecode-enterprise-ce#rhodecode,' + disable_plugin,
131 131 csrf_token, verify_response=True)
132 132
133 133 self._enable_plugins(
134 134 'egg:rhodecode-enterprise-ce#rhodecode', csrf_token,
135 135 verify_response=True)
136 136
137 137 def test_ldap_save_settings(self, csrf_token):
138 138 params = self._enable_plugins(
139 139 'egg:rhodecode-enterprise-ce#rhodecode,'
140 140 'egg:rhodecode-enterprise-ce#ldap',
141 141 csrf_token)
142 142 response = self._post_ldap_settings(params)
143 143 assert_auth_settings_updated(response)
144 144
145 145 new_settings = SettingsModel().get_auth_settings()
146 146 assert new_settings['auth_ldap_host'] == u'dc.example.com', \
147 147 'fail db write compare'
148 148
149 149 def test_ldap_error_form_wrong_port_number(self, csrf_token):
150 150 params = self._enable_plugins(
151 151 'egg:rhodecode-enterprise-ce#rhodecode,'
152 152 'egg:rhodecode-enterprise-ce#ldap',
153 153 csrf_token)
154 154 invalid_port_value = 'invalid-port-number'
155 155 response = self._post_ldap_settings(params, override={
156 156 'port': invalid_port_value,
157 157 })
158 assertr = AssertResponse(response)
158 assertr = response.assert_response()
159 159 assertr.element_contains(
160 160 '.form .field #port ~ .error-message',
161 161 invalid_port_value)
162 162
163 163 def test_ldap_error_form(self, csrf_token):
164 164 params = self._enable_plugins(
165 165 'egg:rhodecode-enterprise-ce#rhodecode,'
166 166 'egg:rhodecode-enterprise-ce#ldap',
167 167 csrf_token)
168 168 response = self._post_ldap_settings(params, override={
169 169 'attr_login': '',
170 170 })
171 171 response.mustcontain("""<span class="error-message">The LDAP Login"""
172 172 """ attribute of the CN must be specified""")
173 173
174 174 def test_post_ldap_group_settings(self, csrf_token):
175 175 params = self._enable_plugins(
176 176 'egg:rhodecode-enterprise-ce#rhodecode,'
177 177 'egg:rhodecode-enterprise-ce#ldap',
178 178 csrf_token)
179 179
180 180 response = self._post_ldap_settings(params, override={
181 181 'host': 'dc-legacy.example.com',
182 182 'port': '999',
183 183 'tls_kind': 'PLAIN',
184 184 'tls_reqcert': 'NEVER',
185 185 'dn_user': 'test_user',
186 186 'dn_pass': 'test_pass',
187 187 'base_dn': 'test_base_dn',
188 188 'filter': 'test_filter',
189 189 'search_scope': 'BASE',
190 190 'attr_login': 'test_attr_login',
191 191 'attr_firstname': 'ima',
192 192 'attr_lastname': 'tester',
193 193 'attr_email': 'test@example.com',
194 194 'cache_ttl': '60',
195 195 'csrf_token': csrf_token,
196 196 }
197 197 )
198 198 assert_auth_settings_updated(response)
199 199
200 200 new_settings = SettingsModel().get_auth_settings()
201 201 assert new_settings['auth_ldap_host'] == u'dc-legacy.example.com', \
202 202 'fail db write compare'
Show file before | Show file after | Hide comments
@@ -1,512 +1,512 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import urllib
22 22
23 23 import mock
24 24 import pytest
25 25
26 26 from rhodecode.apps._base import ADMIN_PREFIX
27 27 from rhodecode.lib import auth
28 28 from rhodecode.lib.utils2 import safe_str
29 29 from rhodecode.lib import helpers as h
30 30 from rhodecode.model.db import (
31 31 Repository, RepoGroup, UserRepoToPerm, User, Permission)
32 32 from rhodecode.model.meta import Session
33 33 from rhodecode.model.repo import RepoModel
34 34 from rhodecode.model.repo_group import RepoGroupModel
35 35 from rhodecode.model.user import UserModel
36 36 from rhodecode.tests import (
37 37 login_user_session, assert_session_flash, TEST_USER_ADMIN_LOGIN,
38 38 TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
39 39 from rhodecode.tests.fixture import Fixture, error_function
40 40 from rhodecode.tests.utils import AssertResponse, repo_on_filesystem
41 41
42 42 fixture = Fixture()
43 43
44 44
45 45 def route_path(name, params=None, **kwargs):
46 46 import urllib
47 47
48 48 base_url = {
49 49 'repos': ADMIN_PREFIX + '/repos',
50 50 'repo_new': ADMIN_PREFIX + '/repos/new',
51 51 'repo_create': ADMIN_PREFIX + '/repos/create',
52 52
53 53 'repo_creating_check': '/{repo_name}/repo_creating_check',
54 54 }[name].format(**kwargs)
55 55
56 56 if params:
57 57 base_url = '{}?{}'.format(base_url, urllib.urlencode(params))
58 58 return base_url
59 59
60 60
61 61 def _get_permission_for_user(user, repo):
62 62 perm = UserRepoToPerm.query()\
63 63 .filter(UserRepoToPerm.repository ==
64 64 Repository.get_by_repo_name(repo))\
65 65 .filter(UserRepoToPerm.user == User.get_by_username(user))\
66 66 .all()
67 67 return perm
68 68
69 69
70 70 @pytest.mark.usefixtures("app")
71 71 class TestAdminRepos(object):
72 72
73 73 def test_repo_list(self, autologin_user, user_util):
74 74 repo = user_util.create_repo()
75 75 repo_name = repo.repo_name
76 76 response = self.app.get(
77 77 route_path('repos'), status=200)
78 78
79 79 response.mustcontain(repo_name)
80 80
81 81 def test_create_page_restricted_to_single_backend(self, autologin_user, backend):
82 82 with mock.patch('rhodecode.BACKENDS', {'git': 'git'}):
83 83 response = self.app.get(route_path('repo_new'), status=200)
84 assert_response = AssertResponse(response)
84 assert_response = response.assert_response()
85 85 element = assert_response.get_element('#repo_type')
86 86 assert element.text_content() == '\ngit\n'
87 87
88 88 def test_create_page_non_restricted_backends(self, autologin_user, backend):
89 89 response = self.app.get(route_path('repo_new'), status=200)
90 assert_response = AssertResponse(response)
90 assert_response = response.assert_response()
91 91 assert_response.element_contains('#repo_type', 'git')
92 92 assert_response.element_contains('#repo_type', 'svn')
93 93 assert_response.element_contains('#repo_type', 'hg')
94 94
95 95 @pytest.mark.parametrize(
96 96 "suffix", [u'', u'xxa'], ids=['', 'non-ascii'])
97 97 def test_create(self, autologin_user, backend, suffix, csrf_token):
98 98 repo_name_unicode = backend.new_repo_name(suffix=suffix)
99 99 repo_name = repo_name_unicode.encode('utf8')
100 100 description_unicode = u'description for newly created repo' + suffix
101 101 description = description_unicode.encode('utf8')
102 102 response = self.app.post(
103 103 route_path('repo_create'),
104 104 fixture._get_repo_create_params(
105 105 repo_private=False,
106 106 repo_name=repo_name,
107 107 repo_type=backend.alias,
108 108 repo_description=description,
109 109 csrf_token=csrf_token),
110 110 status=302)
111 111
112 112 self.assert_repository_is_created_correctly(
113 113 repo_name, description, backend)
114 114
115 115 def test_create_numeric_name(self, autologin_user, backend, csrf_token):
116 116 numeric_repo = '1234'
117 117 repo_name = numeric_repo
118 118 description = 'description for newly created repo' + numeric_repo
119 119 self.app.post(
120 120 route_path('repo_create'),
121 121 fixture._get_repo_create_params(
122 122 repo_private=False,
123 123 repo_name=repo_name,
124 124 repo_type=backend.alias,
125 125 repo_description=description,
126 126 csrf_token=csrf_token))
127 127
128 128 self.assert_repository_is_created_correctly(
129 129 repo_name, description, backend)
130 130
131 131 @pytest.mark.parametrize("suffix", [u'', u'ąćę'], ids=['', 'non-ascii'])
132 132 def test_create_in_group(
133 133 self, autologin_user, backend, suffix, csrf_token):
134 134 # create GROUP
135 135 group_name = 'sometest_%s' % backend.alias
136 136 gr = RepoGroupModel().create(group_name=group_name,
137 137 group_description='test',
138 138 owner=TEST_USER_ADMIN_LOGIN)
139 139 Session().commit()
140 140
141 141 repo_name = u'ingroup' + suffix
142 142 repo_name_full = RepoGroup.url_sep().join(
143 143 [group_name, repo_name])
144 144 description = u'description for newly created repo'
145 145 self.app.post(
146 146 route_path('repo_create'),
147 147 fixture._get_repo_create_params(
148 148 repo_private=False,
149 149 repo_name=safe_str(repo_name),
150 150 repo_type=backend.alias,
151 151 repo_description=description,
152 152 repo_group=gr.group_id,
153 153 csrf_token=csrf_token))
154 154
155 155 # TODO: johbo: Cleanup work to fixture
156 156 try:
157 157 self.assert_repository_is_created_correctly(
158 158 repo_name_full, description, backend)
159 159
160 160 new_repo = RepoModel().get_by_repo_name(repo_name_full)
161 161 inherited_perms = UserRepoToPerm.query().filter(
162 162 UserRepoToPerm.repository_id == new_repo.repo_id).all()
163 163 assert len(inherited_perms) == 1
164 164 finally:
165 165 RepoModel().delete(repo_name_full)
166 166 RepoGroupModel().delete(group_name)
167 167 Session().commit()
168 168
169 169 def test_create_in_group_numeric_name(
170 170 self, autologin_user, backend, csrf_token):
171 171 # create GROUP
172 172 group_name = 'sometest_%s' % backend.alias
173 173 gr = RepoGroupModel().create(group_name=group_name,
174 174 group_description='test',
175 175 owner=TEST_USER_ADMIN_LOGIN)
176 176 Session().commit()
177 177
178 178 repo_name = '12345'
179 179 repo_name_full = RepoGroup.url_sep().join([group_name, repo_name])
180 180 description = 'description for newly created repo'
181 181 self.app.post(
182 182 route_path('repo_create'),
183 183 fixture._get_repo_create_params(
184 184 repo_private=False,
185 185 repo_name=repo_name,
186 186 repo_type=backend.alias,
187 187 repo_description=description,
188 188 repo_group=gr.group_id,
189 189 csrf_token=csrf_token))
190 190
191 191 # TODO: johbo: Cleanup work to fixture
192 192 try:
193 193 self.assert_repository_is_created_correctly(
194 194 repo_name_full, description, backend)
195 195
196 196 new_repo = RepoModel().get_by_repo_name(repo_name_full)
197 197 inherited_perms = UserRepoToPerm.query()\
198 198 .filter(UserRepoToPerm.repository_id == new_repo.repo_id).all()
199 199 assert len(inherited_perms) == 1
200 200 finally:
201 201 RepoModel().delete(repo_name_full)
202 202 RepoGroupModel().delete(group_name)
203 203 Session().commit()
204 204
205 205 def test_create_in_group_without_needed_permissions(self, backend):
206 206 session = login_user_session(
207 207 self.app, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
208 208 csrf_token = auth.get_csrf_token(session)
209 209 # revoke
210 210 user_model = UserModel()
211 211 # disable fork and create on default user
212 212 user_model.revoke_perm(User.DEFAULT_USER, 'hg.create.repository')
213 213 user_model.grant_perm(User.DEFAULT_USER, 'hg.create.none')
214 214 user_model.revoke_perm(User.DEFAULT_USER, 'hg.fork.repository')
215 215 user_model.grant_perm(User.DEFAULT_USER, 'hg.fork.none')
216 216
217 217 # disable on regular user
218 218 user_model.revoke_perm(TEST_USER_REGULAR_LOGIN, 'hg.create.repository')
219 219 user_model.grant_perm(TEST_USER_REGULAR_LOGIN, 'hg.create.none')
220 220 user_model.revoke_perm(TEST_USER_REGULAR_LOGIN, 'hg.fork.repository')
221 221 user_model.grant_perm(TEST_USER_REGULAR_LOGIN, 'hg.fork.none')
222 222 Session().commit()
223 223
224 224 # create GROUP
225 225 group_name = 'reg_sometest_%s' % backend.alias
226 226 gr = RepoGroupModel().create(group_name=group_name,
227 227 group_description='test',
228 228 owner=TEST_USER_ADMIN_LOGIN)
229 229 Session().commit()
230 230 repo_group_id = gr.group_id
231 231
232 232 group_name_allowed = 'reg_sometest_allowed_%s' % backend.alias
233 233 gr_allowed = RepoGroupModel().create(
234 234 group_name=group_name_allowed,
235 235 group_description='test',
236 236 owner=TEST_USER_REGULAR_LOGIN)
237 237 allowed_repo_group_id = gr_allowed.group_id
238 238 Session().commit()
239 239
240 240 repo_name = 'ingroup'
241 241 description = 'description for newly created repo'
242 242 response = self.app.post(
243 243 route_path('repo_create'),
244 244 fixture._get_repo_create_params(
245 245 repo_private=False,
246 246 repo_name=repo_name,
247 247 repo_type=backend.alias,
248 248 repo_description=description,
249 249 repo_group=repo_group_id,
250 250 csrf_token=csrf_token))
251 251
252 252 response.mustcontain('Invalid value')
253 253
254 254 # user is allowed to create in this group
255 255 repo_name = 'ingroup'
256 256 repo_name_full = RepoGroup.url_sep().join(
257 257 [group_name_allowed, repo_name])
258 258 description = 'description for newly created repo'
259 259 response = self.app.post(
260 260 route_path('repo_create'),
261 261 fixture._get_repo_create_params(
262 262 repo_private=False,
263 263 repo_name=repo_name,
264 264 repo_type=backend.alias,
265 265 repo_description=description,
266 266 repo_group=allowed_repo_group_id,
267 267 csrf_token=csrf_token))
268 268
269 269 # TODO: johbo: Cleanup in pytest fixture
270 270 try:
271 271 self.assert_repository_is_created_correctly(
272 272 repo_name_full, description, backend)
273 273
274 274 new_repo = RepoModel().get_by_repo_name(repo_name_full)
275 275 inherited_perms = UserRepoToPerm.query().filter(
276 276 UserRepoToPerm.repository_id == new_repo.repo_id).all()
277 277 assert len(inherited_perms) == 1
278 278
279 279 assert repo_on_filesystem(repo_name_full)
280 280 finally:
281 281 RepoModel().delete(repo_name_full)
282 282 RepoGroupModel().delete(group_name)
283 283 RepoGroupModel().delete(group_name_allowed)
284 284 Session().commit()
285 285
286 286 def test_create_in_group_inherit_permissions(self, autologin_user, backend,
287 287 csrf_token):
288 288 # create GROUP
289 289 group_name = 'sometest_%s' % backend.alias
290 290 gr = RepoGroupModel().create(group_name=group_name,
291 291 group_description='test',
292 292 owner=TEST_USER_ADMIN_LOGIN)
293 293 perm = Permission.get_by_key('repository.write')
294 294 RepoGroupModel().grant_user_permission(
295 295 gr, TEST_USER_REGULAR_LOGIN, perm)
296 296
297 297 # add repo permissions
298 298 Session().commit()
299 299 repo_group_id = gr.group_id
300 300 repo_name = 'ingroup_inherited_%s' % backend.alias
301 301 repo_name_full = RepoGroup.url_sep().join([group_name, repo_name])
302 302 description = 'description for newly created repo'
303 303 self.app.post(
304 304 route_path('repo_create'),
305 305 fixture._get_repo_create_params(
306 306 repo_private=False,
307 307 repo_name=repo_name,
308 308 repo_type=backend.alias,
309 309 repo_description=description,
310 310 repo_group=repo_group_id,
311 311 repo_copy_permissions=True,
312 312 csrf_token=csrf_token))
313 313
314 314 # TODO: johbo: Cleanup to pytest fixture
315 315 try:
316 316 self.assert_repository_is_created_correctly(
317 317 repo_name_full, description, backend)
318 318 except Exception:
319 319 RepoGroupModel().delete(group_name)
320 320 Session().commit()
321 321 raise
322 322
323 323 # check if inherited permissions are applied
324 324 new_repo = RepoModel().get_by_repo_name(repo_name_full)
325 325 inherited_perms = UserRepoToPerm.query().filter(
326 326 UserRepoToPerm.repository_id == new_repo.repo_id).all()
327 327 assert len(inherited_perms) == 2
328 328
329 329 assert TEST_USER_REGULAR_LOGIN in [
330 330 x.user.username for x in inherited_perms]
331 331 assert 'repository.write' in [
332 332 x.permission.permission_name for x in inherited_perms]
333 333
334 334 RepoModel().delete(repo_name_full)
335 335 RepoGroupModel().delete(group_name)
336 336 Session().commit()
337 337
338 338 @pytest.mark.xfail_backends(
339 339 "git", "hg", reason="Missing reposerver support")
340 340 def test_create_with_clone_uri(self, autologin_user, backend, reposerver,
341 341 csrf_token):
342 342 source_repo = backend.create_repo(number_of_commits=2)
343 343 source_repo_name = source_repo.repo_name
344 344 reposerver.serve(source_repo.scm_instance())
345 345
346 346 repo_name = backend.new_repo_name()
347 347 response = self.app.post(
348 348 route_path('repo_create'),
349 349 fixture._get_repo_create_params(
350 350 repo_private=False,
351 351 repo_name=repo_name,
352 352 repo_type=backend.alias,
353 353 repo_description='',
354 354 clone_uri=reposerver.url,
355 355 csrf_token=csrf_token),
356 356 status=302)
357 357
358 358 # Should be redirected to the creating page
359 359 response.mustcontain('repo_creating')
360 360
361 361 # Expecting that both repositories have same history
362 362 source_repo = RepoModel().get_by_repo_name(source_repo_name)
363 363 source_vcs = source_repo.scm_instance()
364 364 repo = RepoModel().get_by_repo_name(repo_name)
365 365 repo_vcs = repo.scm_instance()
366 366 assert source_vcs[0].message == repo_vcs[0].message
367 367 assert source_vcs.count() == repo_vcs.count()
368 368 assert source_vcs.commit_ids == repo_vcs.commit_ids
369 369
370 370 @pytest.mark.xfail_backends("svn", reason="Depends on import support")
371 371 def test_create_remote_repo_wrong_clone_uri(self, autologin_user, backend,
372 372 csrf_token):
373 373 repo_name = backend.new_repo_name()
374 374 description = 'description for newly created repo'
375 375 response = self.app.post(
376 376 route_path('repo_create'),
377 377 fixture._get_repo_create_params(
378 378 repo_private=False,
379 379 repo_name=repo_name,
380 380 repo_type=backend.alias,
381 381 repo_description=description,
382 382 clone_uri='http://repo.invalid/repo',
383 383 csrf_token=csrf_token))
384 384 response.mustcontain('invalid clone url')
385 385
386 386 @pytest.mark.xfail_backends("svn", reason="Depends on import support")
387 387 def test_create_remote_repo_wrong_clone_uri_hg_svn(
388 388 self, autologin_user, backend, csrf_token):
389 389 repo_name = backend.new_repo_name()
390 390 description = 'description for newly created repo'
391 391 response = self.app.post(
392 392 route_path('repo_create'),
393 393 fixture._get_repo_create_params(
394 394 repo_private=False,
395 395 repo_name=repo_name,
396 396 repo_type=backend.alias,
397 397 repo_description=description,
398 398 clone_uri='svn+http://svn.invalid/repo',
399 399 csrf_token=csrf_token))
400 400 response.mustcontain('invalid clone url')
401 401
402 402 def test_create_with_git_suffix(
403 403 self, autologin_user, backend, csrf_token):
404 404 repo_name = backend.new_repo_name() + ".git"
405 405 description = 'description for newly created repo'
406 406 response = self.app.post(
407 407 route_path('repo_create'),
408 408 fixture._get_repo_create_params(
409 409 repo_private=False,
410 410 repo_name=repo_name,
411 411 repo_type=backend.alias,
412 412 repo_description=description,
413 413 csrf_token=csrf_token))
414 414 response.mustcontain('Repository name cannot end with .git')
415 415
416 416 def test_default_user_cannot_access_private_repo_in_a_group(
417 417 self, autologin_user, user_util, backend):
418 418
419 419 group = user_util.create_repo_group()
420 420
421 421 repo = backend.create_repo(
422 422 repo_private=True, repo_group=group, repo_copy_permissions=True)
423 423
424 424 permissions = _get_permission_for_user(
425 425 user='default', repo=repo.repo_name)
426 426 assert len(permissions) == 1
427 427 assert permissions[0].permission.permission_name == 'repository.none'
428 428 assert permissions[0].repository.private is True
429 429
430 430 def test_create_on_top_level_without_permissions(self, backend):
431 431 session = login_user_session(
432 432 self.app, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
433 433 csrf_token = auth.get_csrf_token(session)
434 434
435 435 # revoke
436 436 user_model = UserModel()
437 437 # disable fork and create on default user
438 438 user_model.revoke_perm(User.DEFAULT_USER, 'hg.create.repository')
439 439 user_model.grant_perm(User.DEFAULT_USER, 'hg.create.none')
440 440 user_model.revoke_perm(User.DEFAULT_USER, 'hg.fork.repository')
441 441 user_model.grant_perm(User.DEFAULT_USER, 'hg.fork.none')
442 442
443 443 # disable on regular user
444 444 user_model.revoke_perm(TEST_USER_REGULAR_LOGIN, 'hg.create.repository')
445 445 user_model.grant_perm(TEST_USER_REGULAR_LOGIN, 'hg.create.none')
446 446 user_model.revoke_perm(TEST_USER_REGULAR_LOGIN, 'hg.fork.repository')
447 447 user_model.grant_perm(TEST_USER_REGULAR_LOGIN, 'hg.fork.none')
448 448 Session().commit()
449 449
450 450 repo_name = backend.new_repo_name()
451 451 description = 'description for newly created repo'
452 452 response = self.app.post(
453 453 route_path('repo_create'),
454 454 fixture._get_repo_create_params(
455 455 repo_private=False,
456 456 repo_name=repo_name,
457 457 repo_type=backend.alias,
458 458 repo_description=description,
459 459 csrf_token=csrf_token))
460 460
461 461 response.mustcontain(
462 462 u"You do not have the permission to store repositories in "
463 463 u"the root location.")
464 464
465 465 @mock.patch.object(RepoModel, '_create_filesystem_repo', error_function)
466 466 def test_create_repo_when_filesystem_op_fails(
467 467 self, autologin_user, backend, csrf_token):
468 468 repo_name = backend.new_repo_name()
469 469 description = 'description for newly created repo'
470 470
471 471 response = self.app.post(
472 472 route_path('repo_create'),
473 473 fixture._get_repo_create_params(
474 474 repo_private=False,
475 475 repo_name=repo_name,
476 476 repo_type=backend.alias,
477 477 repo_description=description,
478 478 csrf_token=csrf_token))
479 479
480 480 assert_session_flash(
481 481 response, 'Error creating repository %s' % repo_name)
482 482 # repo must not be in db
483 483 assert backend.repo is None
484 484 # repo must not be in filesystem !
485 485 assert not repo_on_filesystem(repo_name)
486 486
487 487 def assert_repository_is_created_correctly(
488 488 self, repo_name, description, backend):
489 489 repo_name_utf8 = safe_str(repo_name)
490 490
491 491 # run the check page that triggers the flash message
492 492 response = self.app.get(
493 493 route_path('repo_creating_check', repo_name=safe_str(repo_name)))
494 494 assert response.json == {u'result': True}
495 495
496 496 flash_msg = u'Created repository <a href="/{}">{}</a>'.format(
497 497 urllib.quote(repo_name_utf8), repo_name)
498 498 assert_session_flash(response, flash_msg)
499 499
500 500 # test if the repo was created in the database
501 501 new_repo = RepoModel().get_by_repo_name(repo_name)
502 502
503 503 assert new_repo.repo_name == repo_name
504 504 assert new_repo.description == description
505 505
506 506 # test if the repository is visible in the list ?
507 507 response = self.app.get(
508 508 h.route_path('repo_summary', repo_name=safe_str(repo_name)))
509 509 response.mustcontain(repo_name)
510 510 response.mustcontain(backend.alias)
511 511
512 512 assert repo_on_filesystem(repo_name)
Show file before | Show file after | Hide comments
@@ -1,743 +1,743 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import mock
22 22 import pytest
23 23
24 24 import rhodecode
25 25 from rhodecode.apps._base import ADMIN_PREFIX
26 26 from rhodecode.lib.utils2 import md5
27 27 from rhodecode.model.db import RhodeCodeUi
28 28 from rhodecode.model.meta import Session
29 29 from rhodecode.model.settings import SettingsModel, IssueTrackerSettingsModel
30 30 from rhodecode.tests import assert_session_flash
31 31 from rhodecode.tests.utils import AssertResponse
32 32
33 33
34 34 UPDATE_DATA_QUALNAME = 'rhodecode.model.update.UpdateModel.get_update_data'
35 35
36 36
37 37 def route_path(name, params=None, **kwargs):
38 38 import urllib
39 39 from rhodecode.apps._base import ADMIN_PREFIX
40 40
41 41 base_url = {
42 42
43 43 'admin_settings':
44 44 ADMIN_PREFIX +'/settings',
45 45 'admin_settings_update':
46 46 ADMIN_PREFIX + '/settings/update',
47 47 'admin_settings_global':
48 48 ADMIN_PREFIX + '/settings/global',
49 49 'admin_settings_global_update':
50 50 ADMIN_PREFIX + '/settings/global/update',
51 51 'admin_settings_vcs':
52 52 ADMIN_PREFIX + '/settings/vcs',
53 53 'admin_settings_vcs_update':
54 54 ADMIN_PREFIX + '/settings/vcs/update',
55 55 'admin_settings_vcs_svn_pattern_delete':
56 56 ADMIN_PREFIX + '/settings/vcs/svn_pattern_delete',
57 57 'admin_settings_mapping':
58 58 ADMIN_PREFIX + '/settings/mapping',
59 59 'admin_settings_mapping_update':
60 60 ADMIN_PREFIX + '/settings/mapping/update',
61 61 'admin_settings_visual':
62 62 ADMIN_PREFIX + '/settings/visual',
63 63 'admin_settings_visual_update':
64 64 ADMIN_PREFIX + '/settings/visual/update',
65 65 'admin_settings_issuetracker':
66 66 ADMIN_PREFIX + '/settings/issue-tracker',
67 67 'admin_settings_issuetracker_update':
68 68 ADMIN_PREFIX + '/settings/issue-tracker/update',
69 69 'admin_settings_issuetracker_test':
70 70 ADMIN_PREFIX + '/settings/issue-tracker/test',
71 71 'admin_settings_issuetracker_delete':
72 72 ADMIN_PREFIX + '/settings/issue-tracker/delete',
73 73 'admin_settings_email':
74 74 ADMIN_PREFIX + '/settings/email',
75 75 'admin_settings_email_update':
76 76 ADMIN_PREFIX + '/settings/email/update',
77 77 'admin_settings_hooks':
78 78 ADMIN_PREFIX + '/settings/hooks',
79 79 'admin_settings_hooks_update':
80 80 ADMIN_PREFIX + '/settings/hooks/update',
81 81 'admin_settings_hooks_delete':
82 82 ADMIN_PREFIX + '/settings/hooks/delete',
83 83 'admin_settings_search':
84 84 ADMIN_PREFIX + '/settings/search',
85 85 'admin_settings_labs':
86 86 ADMIN_PREFIX + '/settings/labs',
87 87 'admin_settings_labs_update':
88 88 ADMIN_PREFIX + '/settings/labs/update',
89 89
90 90 'admin_settings_sessions':
91 91 ADMIN_PREFIX + '/settings/sessions',
92 92 'admin_settings_sessions_cleanup':
93 93 ADMIN_PREFIX + '/settings/sessions/cleanup',
94 94 'admin_settings_system':
95 95 ADMIN_PREFIX + '/settings/system',
96 96 'admin_settings_system_update':
97 97 ADMIN_PREFIX + '/settings/system/updates',
98 98 'admin_settings_open_source':
99 99 ADMIN_PREFIX + '/settings/open_source',
100 100
101 101
102 102 }[name].format(**kwargs)
103 103
104 104 if params:
105 105 base_url = '{}?{}'.format(base_url, urllib.urlencode(params))
106 106 return base_url
107 107
108 108
109 109 @pytest.mark.usefixtures('autologin_user', 'app')
110 110 class TestAdminSettingsController(object):
111 111
112 112 @pytest.mark.parametrize('urlname', [
113 113 'admin_settings_vcs',
114 114 'admin_settings_mapping',
115 115 'admin_settings_global',
116 116 'admin_settings_visual',
117 117 'admin_settings_email',
118 118 'admin_settings_hooks',
119 119 'admin_settings_search',
120 120 ])
121 121 def test_simple_get(self, urlname):
122 122 self.app.get(route_path(urlname))
123 123
124 124 def test_create_custom_hook(self, csrf_token):
125 125 response = self.app.post(
126 126 route_path('admin_settings_hooks_update'),
127 127 params={
128 128 'new_hook_ui_key': 'test_hooks_1',
129 129 'new_hook_ui_value': 'cd /tmp',
130 130 'csrf_token': csrf_token})
131 131
132 132 response = response.follow()
133 133 response.mustcontain('test_hooks_1')
134 134 response.mustcontain('cd /tmp')
135 135
136 136 def test_create_custom_hook_delete(self, csrf_token):
137 137 response = self.app.post(
138 138 route_path('admin_settings_hooks_update'),
139 139 params={
140 140 'new_hook_ui_key': 'test_hooks_2',
141 141 'new_hook_ui_value': 'cd /tmp2',
142 142 'csrf_token': csrf_token})
143 143
144 144 response = response.follow()
145 145 response.mustcontain('test_hooks_2')
146 146 response.mustcontain('cd /tmp2')
147 147
148 148 hook_id = SettingsModel().get_ui_by_key('test_hooks_2').ui_id
149 149
150 150 # delete
151 151 self.app.post(
152 152 route_path('admin_settings_hooks_delete'),
153 153 params={'hook_id': hook_id, 'csrf_token': csrf_token})
154 154 response = self.app.get(route_path('admin_settings_hooks'))
155 155 response.mustcontain(no=['test_hooks_2'])
156 156 response.mustcontain(no=['cd /tmp2'])
157 157
158 158
159 159 @pytest.mark.usefixtures('autologin_user', 'app')
160 160 class TestAdminSettingsGlobal(object):
161 161
162 162 def test_pre_post_code_code_active(self, csrf_token):
163 163 pre_code = 'rc-pre-code-187652122'
164 164 post_code = 'rc-postcode-98165231'
165 165
166 166 response = self.post_and_verify_settings({
167 167 'rhodecode_pre_code': pre_code,
168 168 'rhodecode_post_code': post_code,
169 169 'csrf_token': csrf_token,
170 170 })
171 171
172 172 response = response.follow()
173 173 response.mustcontain(pre_code, post_code)
174 174
175 175 def test_pre_post_code_code_inactive(self, csrf_token):
176 176 pre_code = 'rc-pre-code-187652122'
177 177 post_code = 'rc-postcode-98165231'
178 178 response = self.post_and_verify_settings({
179 179 'rhodecode_pre_code': '',
180 180 'rhodecode_post_code': '',
181 181 'csrf_token': csrf_token,
182 182 })
183 183
184 184 response = response.follow()
185 185 response.mustcontain(no=[pre_code, post_code])
186 186
187 187 def test_captcha_activate(self, csrf_token):
188 188 self.post_and_verify_settings({
189 189 'rhodecode_captcha_private_key': '1234567890',
190 190 'rhodecode_captcha_public_key': '1234567890',
191 191 'csrf_token': csrf_token,
192 192 })
193 193
194 194 response = self.app.get(ADMIN_PREFIX + '/register')
195 195 response.mustcontain('captcha')
196 196
197 197 def test_captcha_deactivate(self, csrf_token):
198 198 self.post_and_verify_settings({
199 199 'rhodecode_captcha_private_key': '',
200 200 'rhodecode_captcha_public_key': '1234567890',
201 201 'csrf_token': csrf_token,
202 202 })
203 203
204 204 response = self.app.get(ADMIN_PREFIX + '/register')
205 205 response.mustcontain(no=['captcha'])
206 206
207 207 def test_title_change(self, csrf_token):
208 208 old_title = 'RhodeCode'
209 209
210 210 for new_title in ['Changed', 'Żółwik', old_title]:
211 211 response = self.post_and_verify_settings({
212 212 'rhodecode_title': new_title,
213 213 'csrf_token': csrf_token,
214 214 })
215 215
216 216 response = response.follow()
217 217 response.mustcontain(new_title)
218 218
219 219 def post_and_verify_settings(self, settings):
220 220 old_title = 'RhodeCode'
221 221 old_realm = 'RhodeCode authentication'
222 222 params = {
223 223 'rhodecode_title': old_title,
224 224 'rhodecode_realm': old_realm,
225 225 'rhodecode_pre_code': '',
226 226 'rhodecode_post_code': '',
227 227 'rhodecode_captcha_private_key': '',
228 228 'rhodecode_captcha_public_key': '',
229 229 'rhodecode_create_personal_repo_group': False,
230 230 'rhodecode_personal_repo_group_pattern': '${username}',
231 231 }
232 232 params.update(settings)
233 233 response = self.app.post(
234 234 route_path('admin_settings_global_update'), params=params)
235 235
236 236 assert_session_flash(response, 'Updated application settings')
237 237 app_settings = SettingsModel().get_all_settings()
238 238 del settings['csrf_token']
239 239 for key, value in settings.iteritems():
240 240 assert app_settings[key] == value.decode('utf-8')
241 241
242 242 return response
243 243
244 244
245 245 @pytest.mark.usefixtures('autologin_user', 'app')
246 246 class TestAdminSettingsVcs(object):
247 247
248 248 def test_contains_svn_default_patterns(self):
249 249 response = self.app.get(route_path('admin_settings_vcs'))
250 250 expected_patterns = [
251 251 '/trunk',
252 252 '/branches/*',
253 253 '/tags/*',
254 254 ]
255 255 for pattern in expected_patterns:
256 256 response.mustcontain(pattern)
257 257
258 258 def test_add_new_svn_branch_and_tag_pattern(
259 259 self, backend_svn, form_defaults, disable_sql_cache,
260 260 csrf_token):
261 261 form_defaults.update({
262 262 'new_svn_branch': '/exp/branches/*',
263 263 'new_svn_tag': '/important_tags/*',
264 264 'csrf_token': csrf_token,
265 265 })
266 266
267 267 response = self.app.post(
268 268 route_path('admin_settings_vcs_update'),
269 269 params=form_defaults, status=302)
270 270 response = response.follow()
271 271
272 272 # Expect to find the new values on the page
273 273 response.mustcontain('/exp/branches/*')
274 274 response.mustcontain('/important_tags/*')
275 275
276 276 # Expect that those patterns are used to match branches and tags now
277 277 repo = backend_svn['svn-simple-layout'].scm_instance()
278 278 assert 'exp/branches/exp-sphinx-docs' in repo.branches
279 279 assert 'important_tags/v0.5' in repo.tags
280 280
281 281 def test_add_same_svn_value_twice_shows_an_error_message(
282 282 self, form_defaults, csrf_token, settings_util):
283 283 settings_util.create_rhodecode_ui('vcs_svn_branch', '/test')
284 284 settings_util.create_rhodecode_ui('vcs_svn_tag', '/test')
285 285
286 286 response = self.app.post(
287 287 route_path('admin_settings_vcs_update'),
288 288 params={
289 289 'paths_root_path': form_defaults['paths_root_path'],
290 290 'new_svn_branch': '/test',
291 291 'new_svn_tag': '/test',
292 292 'csrf_token': csrf_token,
293 293 },
294 294 status=200)
295 295
296 296 response.mustcontain("Pattern already exists")
297 297 response.mustcontain("Some form inputs contain invalid data.")
298 298
299 299 @pytest.mark.parametrize('section', [
300 300 'vcs_svn_branch',
301 301 'vcs_svn_tag',
302 302 ])
303 303 def test_delete_svn_patterns(
304 304 self, section, csrf_token, settings_util):
305 305 setting = settings_util.create_rhodecode_ui(
306 306 section, '/test_delete', cleanup=False)
307 307
308 308 self.app.post(
309 309 route_path('admin_settings_vcs_svn_pattern_delete'),
310 310 params={
311 311 'delete_svn_pattern': setting.ui_id,
312 312 'csrf_token': csrf_token},
313 313 headers={'X-REQUESTED-WITH': 'XMLHttpRequest'})
314 314
315 315 @pytest.mark.parametrize('section', [
316 316 'vcs_svn_branch',
317 317 'vcs_svn_tag',
318 318 ])
319 319 def test_delete_svn_patterns_raises_404_when_no_xhr(
320 320 self, section, csrf_token, settings_util):
321 321 setting = settings_util.create_rhodecode_ui(section, '/test_delete')
322 322
323 323 self.app.post(
324 324 route_path('admin_settings_vcs_svn_pattern_delete'),
325 325 params={
326 326 'delete_svn_pattern': setting.ui_id,
327 327 'csrf_token': csrf_token},
328 328 status=404)
329 329
330 330 def test_extensions_hgsubversion(self, form_defaults, csrf_token):
331 331 form_defaults.update({
332 332 'csrf_token': csrf_token,
333 333 'extensions_hgsubversion': 'True',
334 334 })
335 335 response = self.app.post(
336 336 route_path('admin_settings_vcs_update'),
337 337 params=form_defaults,
338 338 status=302)
339 339
340 340 response = response.follow()
341 341 extensions_input = (
342 342 '<input id="extensions_hgsubversion" '
343 343 'name="extensions_hgsubversion" type="checkbox" '
344 344 'value="True" checked="checked" />')
345 345 response.mustcontain(extensions_input)
346 346
347 347 def test_extensions_hgevolve(self, form_defaults, csrf_token):
348 348 form_defaults.update({
349 349 'csrf_token': csrf_token,
350 350 'extensions_evolve': 'True',
351 351 })
352 352 response = self.app.post(
353 353 route_path('admin_settings_vcs_update'),
354 354 params=form_defaults,
355 355 status=302)
356 356
357 357 response = response.follow()
358 358 extensions_input = (
359 359 '<input id="extensions_evolve" '
360 360 'name="extensions_evolve" type="checkbox" '
361 361 'value="True" checked="checked" />')
362 362 response.mustcontain(extensions_input)
363 363
364 364 def test_has_a_section_for_pull_request_settings(self):
365 365 response = self.app.get(route_path('admin_settings_vcs'))
366 366 response.mustcontain('Pull Request Settings')
367 367
368 368 def test_has_an_input_for_invalidation_of_inline_comments(self):
369 369 response = self.app.get(route_path('admin_settings_vcs'))
370 assert_response = AssertResponse(response)
370 assert_response = response.assert_response()
371 371 assert_response.one_element_exists(
372 372 '[name=rhodecode_use_outdated_comments]')
373 373
374 374 @pytest.mark.parametrize('new_value', [True, False])
375 375 def test_allows_to_change_invalidation_of_inline_comments(
376 376 self, form_defaults, csrf_token, new_value):
377 377 setting_key = 'use_outdated_comments'
378 378 setting = SettingsModel().create_or_update_setting(
379 379 setting_key, not new_value, 'bool')
380 380 Session().add(setting)
381 381 Session().commit()
382 382
383 383 form_defaults.update({
384 384 'csrf_token': csrf_token,
385 385 'rhodecode_use_outdated_comments': str(new_value),
386 386 })
387 387 response = self.app.post(
388 388 route_path('admin_settings_vcs_update'),
389 389 params=form_defaults,
390 390 status=302)
391 391 response = response.follow()
392 392 setting = SettingsModel().get_setting_by_name(setting_key)
393 393 assert setting.app_settings_value is new_value
394 394
395 395 @pytest.mark.parametrize('new_value', [True, False])
396 396 def test_allows_to_change_hg_rebase_merge_strategy(
397 397 self, form_defaults, csrf_token, new_value):
398 398 setting_key = 'hg_use_rebase_for_merging'
399 399
400 400 form_defaults.update({
401 401 'csrf_token': csrf_token,
402 402 'rhodecode_' + setting_key: str(new_value),
403 403 })
404 404
405 405 with mock.patch.dict(
406 406 rhodecode.CONFIG, {'labs_settings_active': 'true'}):
407 407 self.app.post(
408 408 route_path('admin_settings_vcs_update'),
409 409 params=form_defaults,
410 410 status=302)
411 411
412 412 setting = SettingsModel().get_setting_by_name(setting_key)
413 413 assert setting.app_settings_value is new_value
414 414
415 415 @pytest.fixture()
416 416 def disable_sql_cache(self, request):
417 417 patcher = mock.patch(
418 418 'rhodecode.lib.caching_query.FromCache.process_query')
419 419 request.addfinalizer(patcher.stop)
420 420 patcher.start()
421 421
422 422 @pytest.fixture()
423 423 def form_defaults(self):
424 424 from rhodecode.apps.admin.views.settings import AdminSettingsView
425 425 return AdminSettingsView._form_defaults()
426 426
427 427 # TODO: johbo: What we really want is to checkpoint before a test run and
428 428 # reset the session afterwards.
429 429 @pytest.fixture(scope='class', autouse=True)
430 430 def cleanup_settings(self, request, baseapp):
431 431 ui_id = RhodeCodeUi.ui_id
432 432 original_ids = list(
433 433 r.ui_id for r in RhodeCodeUi.query().values(ui_id))
434 434
435 435 @request.addfinalizer
436 436 def cleanup():
437 437 RhodeCodeUi.query().filter(
438 438 ui_id.notin_(original_ids)).delete(False)
439 439
440 440
441 441 @pytest.mark.usefixtures('autologin_user', 'app')
442 442 class TestLabsSettings(object):
443 443 def test_get_settings_page_disabled(self):
444 444 with mock.patch.dict(
445 445 rhodecode.CONFIG, {'labs_settings_active': 'false'}):
446 446
447 447 response = self.app.get(
448 448 route_path('admin_settings_labs'), status=302)
449 449
450 450 assert response.location.endswith(route_path('admin_settings'))
451 451
452 452 def test_get_settings_page_enabled(self):
453 453 from rhodecode.apps.admin.views import settings
454 454 lab_settings = [
455 455 settings.LabSetting(
456 456 key='rhodecode_bool',
457 457 type='bool',
458 458 group='bool group',
459 459 label='bool label',
460 460 help='bool help'
461 461 ),
462 462 settings.LabSetting(
463 463 key='rhodecode_text',
464 464 type='unicode',
465 465 group='text group',
466 466 label='text label',
467 467 help='text help'
468 468 ),
469 469 ]
470 470 with mock.patch.dict(rhodecode.CONFIG,
471 471 {'labs_settings_active': 'true'}):
472 472 with mock.patch.object(settings, '_LAB_SETTINGS', lab_settings):
473 473 response = self.app.get(route_path('admin_settings_labs'))
474 474
475 475 assert '<label>bool group:</label>' in response
476 476 assert '<label for="rhodecode_bool">bool label</label>' in response
477 477 assert '<p class="help-block">bool help</p>' in response
478 478 assert 'name="rhodecode_bool" type="checkbox"' in response
479 479
480 480 assert '<label>text group:</label>' in response
481 481 assert '<label for="rhodecode_text">text label</label>' in response
482 482 assert '<p class="help-block">text help</p>' in response
483 483 assert 'name="rhodecode_text" size="60" type="text"' in response
484 484
485 485
486 486 @pytest.mark.usefixtures('app')
487 487 class TestOpenSourceLicenses(object):
488 488
489 489 def test_records_are_displayed(self, autologin_user):
490 490 sample_licenses = [
491 491 {
492 492 "license": [
493 493 {
494 494 "fullName": "BSD 4-clause \"Original\" or \"Old\" License",
495 495 "shortName": "bsdOriginal",
496 496 "spdxId": "BSD-4-Clause",
497 497 "url": "http://spdx.org/licenses/BSD-4-Clause.html"
498 498 }
499 499 ],
500 500 "name": "python2.7-coverage-3.7.1"
501 501 },
502 502 {
503 503 "license": [
504 504 {
505 505 "fullName": "MIT License",
506 506 "shortName": "mit",
507 507 "spdxId": "MIT",
508 508 "url": "http://spdx.org/licenses/MIT.html"
509 509 }
510 510 ],
511 511 "name": "python2.7-bootstrapped-pip-9.0.1"
512 512 },
513 513 ]
514 514 read_licenses_patch = mock.patch(
515 515 'rhodecode.apps.admin.views.open_source_licenses.read_opensource_licenses',
516 516 return_value=sample_licenses)
517 517 with read_licenses_patch:
518 518 response = self.app.get(
519 519 route_path('admin_settings_open_source'), status=200)
520 520
521 assert_response = AssertResponse(response)
521 assert_response = response.assert_response()
522 522 assert_response.element_contains(
523 523 '.panel-heading', 'Licenses of Third Party Packages')
524 524 for license_data in sample_licenses:
525 525 response.mustcontain(license_data["license"][0]["spdxId"])
526 526 assert_response.element_contains('.panel-body', license_data["name"])
527 527
528 528 def test_records_can_be_read(self, autologin_user):
529 529 response = self.app.get(
530 530 route_path('admin_settings_open_source'), status=200)
531 assert_response = AssertResponse(response)
531 assert_response = response.assert_response()
532 532 assert_response.element_contains(
533 533 '.panel-heading', 'Licenses of Third Party Packages')
534 534
535 535 def test_forbidden_when_normal_user(self, autologin_regular_user):
536 536 self.app.get(
537 537 route_path('admin_settings_open_source'), status=404)
538 538
539 539
540 540 @pytest.mark.usefixtures('app')
541 541 class TestUserSessions(object):
542 542
543 543 def test_forbidden_when_normal_user(self, autologin_regular_user):
544 544 self.app.get(route_path('admin_settings_sessions'), status=404)
545 545
546 546 def test_show_sessions_page(self, autologin_user):
547 547 response = self.app.get(route_path('admin_settings_sessions'), status=200)
548 548 response.mustcontain('file')
549 549
550 550 def test_cleanup_old_sessions(self, autologin_user, csrf_token):
551 551
552 552 post_data = {
553 553 'csrf_token': csrf_token,
554 554 'expire_days': '60'
555 555 }
556 556 response = self.app.post(
557 557 route_path('admin_settings_sessions_cleanup'), params=post_data,
558 558 status=302)
559 559 assert_session_flash(response, 'Cleaned up old sessions')
560 560
561 561
562 562 @pytest.mark.usefixtures('app')
563 563 class TestAdminSystemInfo(object):
564 564
565 565 def test_forbidden_when_normal_user(self, autologin_regular_user):
566 566 self.app.get(route_path('admin_settings_system'), status=404)
567 567
568 568 def test_system_info_page(self, autologin_user):
569 569 response = self.app.get(route_path('admin_settings_system'))
570 570 response.mustcontain('RhodeCode Community Edition, version {}'.format(
571 571 rhodecode.__version__))
572 572
573 573 def test_system_update_new_version(self, autologin_user):
574 574 update_data = {
575 575 'versions': [
576 576 {
577 577 'version': '100.3.1415926535',
578 578 'general': 'The latest version we are ever going to ship'
579 579 },
580 580 {
581 581 'version': '0.0.0',
582 582 'general': 'The first version we ever shipped'
583 583 }
584 584 ]
585 585 }
586 586 with mock.patch(UPDATE_DATA_QUALNAME, return_value=update_data):
587 587 response = self.app.get(route_path('admin_settings_system_update'))
588 588 response.mustcontain('A <b>new version</b> is available')
589 589
590 590 def test_system_update_nothing_new(self, autologin_user):
591 591 update_data = {
592 592 'versions': [
593 593 {
594 594 'version': '0.0.0',
595 595 'general': 'The first version we ever shipped'
596 596 }
597 597 ]
598 598 }
599 599 with mock.patch(UPDATE_DATA_QUALNAME, return_value=update_data):
600 600 response = self.app.get(route_path('admin_settings_system_update'))
601 601 response.mustcontain(
602 602 'This instance is already running the <b>latest</b> stable version')
603 603
604 604 def test_system_update_bad_response(self, autologin_user):
605 605 with mock.patch(UPDATE_DATA_QUALNAME, side_effect=ValueError('foo')):
606 606 response = self.app.get(route_path('admin_settings_system_update'))
607 607 response.mustcontain(
608 608 'Bad data sent from update server')
609 609
610 610
611 611 @pytest.mark.usefixtures("app")
612 612 class TestAdminSettingsIssueTracker(object):
613 613 RC_PREFIX = 'rhodecode_'
614 614 SHORT_PATTERN_KEY = 'issuetracker_pat_'
615 615 PATTERN_KEY = RC_PREFIX + SHORT_PATTERN_KEY
616 616
617 617 def test_issuetracker_index(self, autologin_user):
618 618 response = self.app.get(route_path('admin_settings_issuetracker'))
619 619 assert response.status_code == 200
620 620
621 621 def test_add_empty_issuetracker_pattern(
622 622 self, request, autologin_user, csrf_token):
623 623 post_url = route_path('admin_settings_issuetracker_update')
624 624 post_data = {
625 625 'csrf_token': csrf_token
626 626 }
627 627 self.app.post(post_url, post_data, status=302)
628 628
629 629 def test_add_issuetracker_pattern(
630 630 self, request, autologin_user, csrf_token):
631 631 pattern = 'issuetracker_pat'
632 632 another_pattern = pattern+'1'
633 633 post_url = route_path('admin_settings_issuetracker_update')
634 634 post_data = {
635 635 'new_pattern_pattern_0': pattern,
636 636 'new_pattern_url_0': 'http://url',
637 637 'new_pattern_prefix_0': 'prefix',
638 638 'new_pattern_description_0': 'description',
639 639 'new_pattern_pattern_1': another_pattern,
640 640 'new_pattern_url_1': 'https://url1',
641 641 'new_pattern_prefix_1': 'prefix1',
642 642 'new_pattern_description_1': 'description1',
643 643 'csrf_token': csrf_token
644 644 }
645 645 self.app.post(post_url, post_data, status=302)
646 646 settings = SettingsModel().get_all_settings()
647 647 self.uid = md5(pattern)
648 648 assert settings[self.PATTERN_KEY+self.uid] == pattern
649 649 self.another_uid = md5(another_pattern)
650 650 assert settings[self.PATTERN_KEY+self.another_uid] == another_pattern
651 651
652 652 @request.addfinalizer
653 653 def cleanup():
654 654 defaults = SettingsModel().get_all_settings()
655 655
656 656 entries = [name for name in defaults if (
657 657 (self.uid in name) or (self.another_uid) in name)]
658 658 start = len(self.RC_PREFIX)
659 659 for del_key in entries:
660 660 # TODO: anderson: get_by_name needs name without prefix
661 661 entry = SettingsModel().get_setting_by_name(del_key[start:])
662 662 Session().delete(entry)
663 663
664 664 Session().commit()
665 665
666 666 def test_edit_issuetracker_pattern(
667 667 self, autologin_user, backend, csrf_token, request):
668 668 old_pattern = 'issuetracker_pat'
669 669 old_uid = md5(old_pattern)
670 670 pattern = 'issuetracker_pat_new'
671 671 self.new_uid = md5(pattern)
672 672
673 673 SettingsModel().create_or_update_setting(
674 674 self.SHORT_PATTERN_KEY+old_uid, old_pattern, 'unicode')
675 675
676 676 post_url = route_path('admin_settings_issuetracker_update')
677 677 post_data = {
678 678 'new_pattern_pattern_0': pattern,
679 679 'new_pattern_url_0': 'https://url',
680 680 'new_pattern_prefix_0': 'prefix',
681 681 'new_pattern_description_0': 'description',
682 682 'uid': old_uid,
683 683 'csrf_token': csrf_token
684 684 }
685 685 self.app.post(post_url, post_data, status=302)
686 686 settings = SettingsModel().get_all_settings()
687 687 assert settings[self.PATTERN_KEY+self.new_uid] == pattern
688 688 assert self.PATTERN_KEY+old_uid not in settings
689 689
690 690 @request.addfinalizer
691 691 def cleanup():
692 692 IssueTrackerSettingsModel().delete_entries(self.new_uid)
693 693
694 694 def test_replace_issuetracker_pattern_description(
695 695 self, autologin_user, csrf_token, request, settings_util):
696 696 prefix = 'issuetracker'
697 697 pattern = 'issuetracker_pat'
698 698 self.uid = md5(pattern)
699 699 pattern_key = '_'.join([prefix, 'pat', self.uid])
700 700 rc_pattern_key = '_'.join(['rhodecode', pattern_key])
701 701 desc_key = '_'.join([prefix, 'desc', self.uid])
702 702 rc_desc_key = '_'.join(['rhodecode', desc_key])
703 703 new_description = 'new_description'
704 704
705 705 settings_util.create_rhodecode_setting(
706 706 pattern_key, pattern, 'unicode', cleanup=False)
707 707 settings_util.create_rhodecode_setting(
708 708 desc_key, 'old description', 'unicode', cleanup=False)
709 709
710 710 post_url = route_path('admin_settings_issuetracker_update')
711 711 post_data = {
712 712 'new_pattern_pattern_0': pattern,
713 713 'new_pattern_url_0': 'https://url',
714 714 'new_pattern_prefix_0': 'prefix',
715 715 'new_pattern_description_0': new_description,
716 716 'uid': self.uid,
717 717 'csrf_token': csrf_token
718 718 }
719 719 self.app.post(post_url, post_data, status=302)
720 720 settings = SettingsModel().get_all_settings()
721 721 assert settings[rc_pattern_key] == pattern
722 722 assert settings[rc_desc_key] == new_description
723 723
724 724 @request.addfinalizer
725 725 def cleanup():
726 726 IssueTrackerSettingsModel().delete_entries(self.uid)
727 727
728 728 def test_delete_issuetracker_pattern(
729 729 self, autologin_user, backend, csrf_token, settings_util):
730 730 pattern = 'issuetracker_pat'
731 731 uid = md5(pattern)
732 732 settings_util.create_rhodecode_setting(
733 733 self.SHORT_PATTERN_KEY+uid, pattern, 'unicode', cleanup=False)
734 734
735 735 post_url = route_path('admin_settings_issuetracker_delete')
736 736 post_data = {
737 737 '_method': 'delete',
738 738 'uid': uid,
739 739 'csrf_token': csrf_token
740 740 }
741 741 self.app.post(post_url, post_data, status=302)
742 742 settings = SettingsModel().get_all_settings()
743 743 assert 'rhodecode_%s%s' % (self.SHORT_PATTERN_KEY, uid) not in settings
Show file before | Show file after | Hide comments
@@ -1,118 +1,118 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import pytest
22 22
23 23 from rhodecode.lib import helpers as h
24 24 from rhodecode.tests import (
25 25 TestController, clear_cache_regions,
26 26 TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS)
27 27 from rhodecode.tests.fixture import Fixture
28 28 from rhodecode.tests.utils import AssertResponse
29 29
30 30 fixture = Fixture()
31 31
32 32
33 33 def route_path(name, params=None, **kwargs):
34 34 import urllib
35 35 from rhodecode.apps._base import ADMIN_PREFIX
36 36
37 37 base_url = {
38 38 'login': ADMIN_PREFIX + '/login',
39 39 'logout': ADMIN_PREFIX + '/logout',
40 40 'register': ADMIN_PREFIX + '/register',
41 41 'reset_password':
42 42 ADMIN_PREFIX + '/password_reset',
43 43 'reset_password_confirmation':
44 44 ADMIN_PREFIX + '/password_reset_confirmation',
45 45
46 46 'admin_permissions_application':
47 47 ADMIN_PREFIX + '/permissions/application',
48 48 'admin_permissions_application_update':
49 49 ADMIN_PREFIX + '/permissions/application/update',
50 50 }[name].format(**kwargs)
51 51
52 52 if params:
53 53 base_url = '{}?{}'.format(base_url, urllib.urlencode(params))
54 54 return base_url
55 55
56 56
57 57 class TestPasswordReset(TestController):
58 58
59 59 @pytest.mark.parametrize(
60 60 'pwd_reset_setting, show_link, show_reset', [
61 61 ('hg.password_reset.enabled', True, True),
62 62 ('hg.password_reset.hidden', False, True),
63 63 ('hg.password_reset.disabled', False, False),
64 64 ])
65 65 def test_password_reset_settings(
66 66 self, pwd_reset_setting, show_link, show_reset):
67 67 clear_cache_regions()
68 68 self.log_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS)
69 69 params = {
70 70 'csrf_token': self.csrf_token,
71 71 'anonymous': 'True',
72 72 'default_register': 'hg.register.auto_activate',
73 73 'default_register_message': '',
74 74 'default_password_reset': pwd_reset_setting,
75 75 'default_extern_activate': 'hg.extern_activate.auto',
76 76 }
77 77 resp = self.app.post(
78 78 route_path('admin_permissions_application_update'), params=params)
79 79 self.logout_user()
80 80
81 81 login_page = self.app.get(route_path('login'))
82 82 asr_login = AssertResponse(login_page)
83 83
84 84 if show_link:
85 85 asr_login.one_element_exists('a.pwd_reset')
86 86 else:
87 87 asr_login.no_element_exists('a.pwd_reset')
88 88
89 89 response = self.app.get(route_path('reset_password'))
90 90
91 assert_response = AssertResponse(response)
91 assert_response = response.assert_response()
92 92 if show_reset:
93 93 response.mustcontain('Send password reset email')
94 94 assert_response.one_element_exists('#email')
95 95 assert_response.one_element_exists('#send')
96 96 else:
97 97 response.mustcontain('Password reset is disabled.')
98 98 assert_response.no_element_exists('#email')
99 99 assert_response.no_element_exists('#send')
100 100
101 101 def test_password_form_disabled(self):
102 102 self.log_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS)
103 103 params = {
104 104 'csrf_token': self.csrf_token,
105 105 'anonymous': 'True',
106 106 'default_register': 'hg.register.auto_activate',
107 107 'default_register_message': '',
108 108 'default_password_reset': 'hg.password_reset.disabled',
109 109 'default_extern_activate': 'hg.extern_activate.auto',
110 110 }
111 111 self.app.post(route_path('admin_permissions_application_update'), params=params)
112 112 self.logout_user()
113 113
114 114 response = self.app.post(
115 115 route_path('reset_password'), {'email': 'lisa@rhodecode.com',}
116 116 )
117 117 response = response.follow()
118 118 response.mustcontain('Password reset is disabled.')
Show file before | Show file after | Hide comments
@@ -1,133 +1,133 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2016-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21
22 22 import mock
23 23 import pytest
24 24
25 25 from rhodecode.apps._base import ADMIN_PREFIX
26 26 from rhodecode.apps.login.views import LoginView, CaptchaData
27 27 from rhodecode.model.settings import SettingsModel
28 28 from rhodecode.lib.utils2 import AttributeDict
29 29 from rhodecode.tests.utils import AssertResponse
30 30
31 31
32 32 class RhodeCodeSetting(object):
33 33 def __init__(self, name, value):
34 34 self.name = name
35 35 self.value = value
36 36
37 37 def __enter__(self):
38 38 from rhodecode.model.settings import SettingsModel
39 39 model = SettingsModel()
40 40 self.old_setting = model.get_setting_by_name(self.name)
41 41 model.create_or_update_setting(name=self.name, val=self.value)
42 42 return self
43 43
44 44 def __exit__(self, exc_type, exc_val, exc_tb):
45 45 model = SettingsModel()
46 46 if self.old_setting:
47 47 model.create_or_update_setting(
48 48 name=self.name, val=self.old_setting.app_settings_value)
49 49 else:
50 50 model.create_or_update_setting(name=self.name)
51 51
52 52
53 53 class TestRegisterCaptcha(object):
54 54
55 55 @pytest.mark.parametrize('private_key, public_key, expected', [
56 56 ('', '', CaptchaData(False, '', '')),
57 57 ('', 'pubkey', CaptchaData(False, '', 'pubkey')),
58 58 ('privkey', '', CaptchaData(True, 'privkey', '')),
59 59 ('privkey', 'pubkey', CaptchaData(True, 'privkey', 'pubkey')),
60 60 ])
61 61 def test_get_captcha_data(self, private_key, public_key, expected,
62 62 request_stub, user_util):
63 63 request_stub.user = user_util.create_user().AuthUser()
64 64 request_stub.matched_route = AttributeDict({'name': 'login'})
65 65 login_view = LoginView(mock.Mock(), request_stub)
66 66
67 67 with RhodeCodeSetting('captcha_private_key', private_key):
68 68 with RhodeCodeSetting('captcha_public_key', public_key):
69 69 captcha = login_view._get_captcha_data()
70 70 assert captcha == expected
71 71
72 72 @pytest.mark.parametrize('active', [False, True])
73 73 @mock.patch.object(LoginView, '_get_captcha_data')
74 74 def test_private_key_does_not_leak_to_html(
75 75 self, m_get_captcha_data, active, app):
76 76 captcha = CaptchaData(
77 77 active=active, private_key='PRIVATE_KEY', public_key='PUBLIC_KEY')
78 78 m_get_captcha_data.return_value = captcha
79 79
80 80 response = app.get(ADMIN_PREFIX + '/register')
81 81 assert 'PRIVATE_KEY' not in response
82 82
83 83 @pytest.mark.parametrize('active', [False, True])
84 84 @mock.patch.object(LoginView, '_get_captcha_data')
85 85 def test_register_view_renders_captcha(
86 86 self, m_get_captcha_data, active, app):
87 87 captcha = CaptchaData(
88 88 active=active, private_key='PRIVATE_KEY', public_key='PUBLIC_KEY')
89 89 m_get_captcha_data.return_value = captcha
90 90
91 91 response = app.get(ADMIN_PREFIX + '/register')
92 92
93 assertr = AssertResponse(response)
93 assertr = response.assert_response()
94 94 if active:
95 95 assertr.one_element_exists('#recaptcha_field')
96 96 else:
97 97 assertr.no_element_exists('#recaptcha_field')
98 98
99 99 @pytest.mark.parametrize('valid', [False, True])
100 100 @mock.patch.object(LoginView, 'validate_captcha')
101 101 @mock.patch.object(LoginView, '_get_captcha_data')
102 102 def test_register_with_active_captcha(
103 103 self, m_get_captcha_data, m_validate_captcha, valid, app, csrf_token):
104 104 captcha = CaptchaData(
105 105 active=True, private_key='PRIVATE_KEY', public_key='PUBLIC_KEY')
106 106 m_get_captcha_data.return_value = captcha
107 107 m_response = mock.Mock()
108 108 m_response.is_valid = valid
109 109 m_validate_captcha.return_value = valid, 'ok'
110 110
111 111 params = {
112 112 'csrf_token': csrf_token,
113 113 'email': 'pytest@example.com',
114 114 'firstname': 'pytest-firstname',
115 115 'lastname': 'pytest-lastname',
116 116 'password': 'secret',
117 117 'password_confirmation': 'secret',
118 118 'username': 'pytest',
119 119 }
120 120 response = app.post(ADMIN_PREFIX + '/register', params=params)
121 121
122 122 if valid:
123 123 # If we provided a valid captcha input we expect a successful
124 124 # registration and redirect to the login page.
125 125 assert response.status_int == 302
126 126 assert 'location' in response.headers
127 127 assert ADMIN_PREFIX + '/login' in response.headers['location']
128 128 else:
129 129 # If captche input is invalid we expect to stay on the registration
130 130 # page with an error message displayed.
131 assertr = AssertResponse(response)
131 assertr = response.assert_response()
132 132 assert response.status_int == 200
133 133 assertr.one_element_exists('#recaptcha_field ~ span.error-message')
Show file before | Show file after | Hide comments
@@ -1,137 +1,137 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import pytest
22 22 from rhodecode.model.auth_token import AuthTokenModel
23 23 from rhodecode.tests import TestController
24 24
25 25
26 26 def route_path(name, params=None, **kwargs):
27 27 import urllib
28 28
29 29 base_url = {
30 30 'rss_feed_home': '/{repo_name}/feed-rss',
31 31 'atom_feed_home': '/{repo_name}/feed-atom',
32 32 'rss_feed_home_old': '/{repo_name}/feed/rss',
33 33 'atom_feed_home_old': '/{repo_name}/feed/atom',
34 34 }[name].format(**kwargs)
35 35
36 36 if params:
37 37 base_url = '{}?{}'.format(base_url, urllib.urlencode(params))
38 38 return base_url
39 39
40 40
41 41 class TestFeedView(TestController):
42 42
43 43 @pytest.mark.parametrize("feed_type,response_types,content_type",[
44 44 ('rss', ['<rss version="2.0">'],
45 45 "application/rss+xml"),
46 46 ('atom', ['xmlns="http://www.w3.org/2005/Atom"', 'xml:lang="en-us"'],
47 47 "application/atom+xml"),
48 48 ])
49 49 def test_feed(self, backend, feed_type, response_types, content_type):
50 50 self.log_user()
51 51 response = self.app.get(
52 52 route_path('{}_feed_home'.format(feed_type),
53 53 repo_name=backend.repo_name))
54 54
55 55 for content in response_types:
56 56 response.mustcontain(content)
57 57
58 58 assert response.content_type == content_type
59 59
60 60 @pytest.mark.parametrize("feed_type, content_type", [
61 61 ('rss', "application/rss+xml"),
62 62 ('atom', "application/atom+xml")
63 63 ])
64 64 def test_feed_with_auth_token(
65 65 self, backend, user_admin, feed_type, content_type):
66 66 auth_token = user_admin.feed_token
67 67 assert auth_token != ''
68 68
69 69 response = self.app.get(
70 70 route_path(
71 71 '{}_feed_home'.format(feed_type),
72 72 repo_name=backend.repo_name,
73 73 params=dict(auth_token=auth_token)),
74 74 status=200)
75 75
76 76 assert response.content_type == content_type
77 77
78 78 @pytest.mark.parametrize("feed_type, content_type", [
79 79 ('rss', "application/rss+xml"),
80 80 ('atom', "application/atom+xml")
81 81 ])
82 82 def test_feed_with_auth_token_by_uid(
83 83 self, backend, user_admin, feed_type, content_type):
84 84 auth_token = user_admin.feed_token
85 85 assert auth_token != ''
86 86
87 87 response = self.app.get(
88 88 route_path(
89 89 '{}_feed_home'.format(feed_type),
90 90 repo_name='_{}'.format(backend.repo.repo_id),
91 91 params=dict(auth_token=auth_token)),
92 92 status=200)
93 93
94 94 assert response.content_type == content_type
95 95
96 96 @pytest.mark.parametrize("feed_type, content_type", [
97 97 ('rss', "application/rss+xml"),
98 98 ('atom', "application/atom+xml")
99 99 ])
100 100 def test_feed_old_urls_with_auth_token(
101 101 self, backend, user_admin, feed_type, content_type):
102 102 auth_token = user_admin.feed_token
103 103 assert auth_token != ''
104 104
105 105 response = self.app.get(
106 106 route_path(
107 107 '{}_feed_home_old'.format(feed_type),
108 108 repo_name=backend.repo_name,
109 109 params=dict(auth_token=auth_token)),
110 110 status=200)
111 111
112 112 assert response.content_type == content_type
113 113
114 114 @pytest.mark.parametrize("feed_type", ['rss', 'atom'])
115 115 def test_feed_with_auth_token_of_wrong_type(
116 116 self, backend, user_util, feed_type):
117 117 user = user_util.create_user()
118 118 auth_token = AuthTokenModel().create(
119 user.user_id, 'test-token', -1, AuthTokenModel.cls.ROLE_API)
119 user.user_id, u'test-token', -1, AuthTokenModel.cls.ROLE_API)
120 120 auth_token = auth_token.api_key
121 121
122 122 self.app.get(
123 123 route_path(
124 124 '{}_feed_home'.format(feed_type),
125 125 repo_name=backend.repo_name,
126 126 params=dict(auth_token=auth_token)),
127 127 status=302)
128 128
129 129 auth_token = AuthTokenModel().create(
130 user.user_id, 'test-token', -1, AuthTokenModel.cls.ROLE_FEED)
130 user.user_id, u'test-token', -1, AuthTokenModel.cls.ROLE_FEED)
131 131 auth_token = auth_token.api_key
132 132 self.app.get(
133 133 route_path(
134 134 '{}_feed_home'.format(feed_type),
135 135 repo_name=backend.repo_name,
136 136 params=dict(auth_token=auth_token)),
137 137 status=200)
Show file before | Show file after | Hide comments
@@ -1,524 +1,524 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import re
22 22
23 23 import mock
24 24 import pytest
25 25
26 26 from rhodecode.apps.repository.views.repo_summary import RepoSummaryView
27 27 from rhodecode.lib import helpers as h
28 28 from rhodecode.lib.compat import OrderedDict
29 29 from rhodecode.lib.utils2 import AttributeDict, safe_str
30 30 from rhodecode.lib.vcs.exceptions import RepositoryRequirementError
31 31 from rhodecode.model.db import Repository
32 32 from rhodecode.model.meta import Session
33 33 from rhodecode.model.repo import RepoModel
34 34 from rhodecode.model.scm import ScmModel
35 35 from rhodecode.tests import assert_session_flash
36 36 from rhodecode.tests.fixture import Fixture
37 37 from rhodecode.tests.utils import AssertResponse, repo_on_filesystem
38 38
39 39
40 40 fixture = Fixture()
41 41
42 42
43 43 def route_path(name, params=None, **kwargs):
44 44 import urllib
45 45
46 46 base_url = {
47 47 'repo_summary': '/{repo_name}',
48 48 'repo_stats': '/{repo_name}/repo_stats/{commit_id}',
49 49 'repo_refs_data': '/{repo_name}/refs-data',
50 50 'repo_refs_changelog_data': '/{repo_name}/refs-data-changelog',
51 51 'repo_creating_check': '/{repo_name}/repo_creating_check',
52 52 }[name].format(**kwargs)
53 53
54 54 if params:
55 55 base_url = '{}?{}'.format(base_url, urllib.urlencode(params))
56 56 return base_url
57 57
58 58
59 59 def assert_clone_url(response, server, repo, disabled=False):
60 60
61 61 response.mustcontain(
62 62 '<input type="text" class="input-monospace clone_url_input" '
63 63 '{disabled}readonly="readonly" '
64 64 'value="http://test_admin@{server}/{repo}"/>'.format(
65 65 server=server, repo=repo, disabled='disabled ' if disabled else ' ')
66 66 )
67 67
68 68
69 69 @pytest.mark.usefixtures('app')
70 70 class TestSummaryView(object):
71 71 def test_index(self, autologin_user, backend, http_host_only_stub):
72 72 repo_id = backend.repo.repo_id
73 73 repo_name = backend.repo_name
74 74 with mock.patch('rhodecode.lib.helpers.is_svn_without_proxy',
75 75 return_value=False):
76 76 response = self.app.get(
77 77 route_path('repo_summary', repo_name=repo_name))
78 78
79 79 # repo type
80 80 response.mustcontain(
81 81 '<i class="icon-%s">' % (backend.alias, )
82 82 )
83 83 # public/private
84 84 response.mustcontain(
85 85 """<i class="icon-unlock-alt">"""
86 86 )
87 87
88 88 # clone url...
89 89 assert_clone_url(response, http_host_only_stub, repo_name)
90 90 assert_clone_url(response, http_host_only_stub, '_{}'.format(repo_id))
91 91
92 92 def test_index_svn_without_proxy(
93 93 self, autologin_user, backend_svn, http_host_only_stub):
94 94 repo_id = backend_svn.repo.repo_id
95 95 repo_name = backend_svn.repo_name
96 96 response = self.app.get(route_path('repo_summary', repo_name=repo_name))
97 97 # clone url...
98 98
99 99 assert_clone_url(response, http_host_only_stub, repo_name, disabled=True)
100 100 assert_clone_url(response, http_host_only_stub, '_{}'.format(repo_id), disabled=True)
101 101
102 102 def test_index_with_trailing_slash(
103 103 self, autologin_user, backend, http_host_only_stub):
104 104
105 105 repo_id = backend.repo.repo_id
106 106 repo_name = backend.repo_name
107 107 with mock.patch('rhodecode.lib.helpers.is_svn_without_proxy',
108 108 return_value=False):
109 109 response = self.app.get(
110 110 route_path('repo_summary', repo_name=repo_name) + '/',
111 111 status=200)
112 112
113 113 # clone url...
114 114 assert_clone_url(response, http_host_only_stub, repo_name)
115 115 assert_clone_url(response, http_host_only_stub, '_{}'.format(repo_id))
116 116
117 117 def test_index_by_id(self, autologin_user, backend):
118 118 repo_id = backend.repo.repo_id
119 119 response = self.app.get(
120 120 route_path('repo_summary', repo_name='_%s' % (repo_id,)))
121 121
122 122 # repo type
123 123 response.mustcontain(
124 124 '<i class="icon-%s">' % (backend.alias, )
125 125 )
126 126 # public/private
127 127 response.mustcontain(
128 128 """<i class="icon-unlock-alt">"""
129 129 )
130 130
131 131 def test_index_by_repo_having_id_path_in_name_hg(self, autologin_user):
132 132 fixture.create_repo(name='repo_1')
133 133 response = self.app.get(route_path('repo_summary', repo_name='repo_1'))
134 134
135 135 try:
136 136 response.mustcontain("repo_1")
137 137 finally:
138 138 RepoModel().delete(Repository.get_by_repo_name('repo_1'))
139 139 Session().commit()
140 140
141 141 def test_index_with_anonymous_access_disabled(
142 142 self, backend, disable_anonymous_user):
143 143 response = self.app.get(
144 144 route_path('repo_summary', repo_name=backend.repo_name), status=302)
145 145 assert 'login' in response.location
146 146
147 147 def _enable_stats(self, repo):
148 148 r = Repository.get_by_repo_name(repo)
149 149 r.enable_statistics = True
150 150 Session().add(r)
151 151 Session().commit()
152 152
153 153 expected_trending = {
154 154 'hg': {
155 155 "py": {"count": 68, "desc": ["Python"]},
156 156 "rst": {"count": 16, "desc": ["Rst"]},
157 157 "css": {"count": 2, "desc": ["Css"]},
158 158 "sh": {"count": 2, "desc": ["Bash"]},
159 159 "bat": {"count": 1, "desc": ["Batch"]},
160 160 "cfg": {"count": 1, "desc": ["Ini"]},
161 161 "html": {"count": 1, "desc": ["EvoqueHtml", "Html"]},
162 162 "ini": {"count": 1, "desc": ["Ini"]},
163 163 "js": {"count": 1, "desc": ["Javascript"]},
164 164 "makefile": {"count": 1, "desc": ["Makefile", "Makefile"]}
165 165 },
166 166 'git': {
167 167 "py": {"count": 68, "desc": ["Python"]},
168 168 "rst": {"count": 16, "desc": ["Rst"]},
169 169 "css": {"count": 2, "desc": ["Css"]},
170 170 "sh": {"count": 2, "desc": ["Bash"]},
171 171 "bat": {"count": 1, "desc": ["Batch"]},
172 172 "cfg": {"count": 1, "desc": ["Ini"]},
173 173 "html": {"count": 1, "desc": ["EvoqueHtml", "Html"]},
174 174 "ini": {"count": 1, "desc": ["Ini"]},
175 175 "js": {"count": 1, "desc": ["Javascript"]},
176 176 "makefile": {"count": 1, "desc": ["Makefile", "Makefile"]}
177 177 },
178 178 'svn': {
179 179 "py": {"count": 75, "desc": ["Python"]},
180 180 "rst": {"count": 16, "desc": ["Rst"]},
181 181 "html": {"count": 11, "desc": ["EvoqueHtml", "Html"]},
182 182 "css": {"count": 2, "desc": ["Css"]},
183 183 "bat": {"count": 1, "desc": ["Batch"]},
184 184 "cfg": {"count": 1, "desc": ["Ini"]},
185 185 "ini": {"count": 1, "desc": ["Ini"]},
186 186 "js": {"count": 1, "desc": ["Javascript"]},
187 187 "makefile": {"count": 1, "desc": ["Makefile", "Makefile"]},
188 188 "sh": {"count": 1, "desc": ["Bash"]}
189 189 },
190 190 }
191 191
192 192 def test_repo_stats(self, autologin_user, backend, xhr_header):
193 193 response = self.app.get(
194 194 route_path(
195 195 'repo_stats', repo_name=backend.repo_name, commit_id='tip'),
196 196 extra_environ=xhr_header,
197 197 status=200)
198 198 assert re.match(r'6[\d\.]+ KiB', response.json['size'])
199 199
200 200 def test_repo_stats_code_stats_enabled(self, autologin_user, backend, xhr_header):
201 201 repo_name = backend.repo_name
202 202
203 203 # codes stats
204 204 self._enable_stats(repo_name)
205 205 ScmModel().mark_for_invalidation(repo_name)
206 206
207 207 response = self.app.get(
208 208 route_path(
209 209 'repo_stats', repo_name=backend.repo_name, commit_id='tip'),
210 210 extra_environ=xhr_header,
211 211 status=200)
212 212
213 213 expected_data = self.expected_trending[backend.alias]
214 214 returned_stats = response.json['code_stats']
215 215 for k, v in expected_data.items():
216 216 assert v == returned_stats[k]
217 217
218 218 def test_repo_refs_data(self, backend):
219 219 response = self.app.get(
220 220 route_path('repo_refs_data', repo_name=backend.repo_name),
221 221 status=200)
222 222
223 223 # Ensure that there is the correct amount of items in the result
224 224 repo = backend.repo.scm_instance()
225 225 data = response.json['results']
226 226 items = sum(len(section['children']) for section in data)
227 227 repo_refs = len(repo.branches) + len(repo.tags) + len(repo.bookmarks)
228 228 assert items == repo_refs
229 229
230 230 def test_index_shows_missing_requirements_message(
231 231 self, backend, autologin_user):
232 232 repo_name = backend.repo_name
233 233 scm_patcher = mock.patch.object(
234 234 Repository, 'scm_instance', side_effect=RepositoryRequirementError)
235 235
236 236 with scm_patcher:
237 237 response = self.app.get(
238 238 route_path('repo_summary', repo_name=repo_name))
239 assert_response = AssertResponse(response)
239 assert_response = response.assert_response()
240 240 assert_response.element_contains(
241 241 '.main .alert-warning strong', 'Missing requirements')
242 242 assert_response.element_contains(
243 243 '.main .alert-warning',
244 244 'Commits cannot be displayed, because this repository '
245 245 'uses one or more extensions, which was not enabled.')
246 246
247 247 def test_missing_requirements_page_does_not_contains_switch_to(
248 248 self, autologin_user, backend):
249 249 repo_name = backend.repo_name
250 250 scm_patcher = mock.patch.object(
251 251 Repository, 'scm_instance', side_effect=RepositoryRequirementError)
252 252
253 253 with scm_patcher:
254 254 response = self.app.get(route_path('repo_summary', repo_name=repo_name))
255 255 response.mustcontain(no='Switch To')
256 256
257 257
258 258 @pytest.mark.usefixtures('app')
259 259 class TestRepoLocation(object):
260 260
261 261 @pytest.mark.parametrize("suffix", [u'', u'ąęł'], ids=['', 'non-ascii'])
262 262 def test_missing_filesystem_repo(
263 263 self, autologin_user, backend, suffix, csrf_token):
264 264 repo = backend.create_repo(name_suffix=suffix)
265 265 repo_name = repo.repo_name
266 266
267 267 # delete from file system
268 268 RepoModel()._delete_filesystem_repo(repo)
269 269
270 270 # test if the repo is still in the database
271 271 new_repo = RepoModel().get_by_repo_name(repo_name)
272 272 assert new_repo.repo_name == repo_name
273 273
274 274 # check if repo is not in the filesystem
275 275 assert not repo_on_filesystem(repo_name)
276 276
277 277 response = self.app.get(
278 278 route_path('repo_summary', repo_name=safe_str(repo_name)), status=302)
279 279
280 280 msg = 'The repository `%s` cannot be loaded in filesystem. ' \
281 281 'Please check if it exist, or is not damaged.' % repo_name
282 282 assert_session_flash(response, msg)
283 283
284 284 @pytest.mark.parametrize("suffix", [u'', u'ąęł'], ids=['', 'non-ascii'])
285 285 def test_missing_filesystem_repo_on_repo_check(
286 286 self, autologin_user, backend, suffix, csrf_token):
287 287 repo = backend.create_repo(name_suffix=suffix)
288 288 repo_name = repo.repo_name
289 289
290 290 # delete from file system
291 291 RepoModel()._delete_filesystem_repo(repo)
292 292
293 293 # test if the repo is still in the database
294 294 new_repo = RepoModel().get_by_repo_name(repo_name)
295 295 assert new_repo.repo_name == repo_name
296 296
297 297 # check if repo is not in the filesystem
298 298 assert not repo_on_filesystem(repo_name)
299 299
300 300 # flush the session
301 301 self.app.get(
302 302 route_path('repo_summary', repo_name=safe_str(repo_name)),
303 303 status=302)
304 304
305 305 response = self.app.get(
306 306 route_path('repo_creating_check', repo_name=safe_str(repo_name)),
307 307 status=200)
308 308 msg = 'The repository `%s` cannot be loaded in filesystem. ' \
309 309 'Please check if it exist, or is not damaged.' % repo_name
310 310 assert_session_flash(response, msg )
311 311
312 312
313 313 @pytest.fixture()
314 314 def summary_view(context_stub, request_stub, user_util):
315 315 """
316 316 Bootstrap view to test the view functions
317 317 """
318 318 request_stub.matched_route = AttributeDict(name='test_view')
319 319
320 320 request_stub.user = user_util.create_user().AuthUser()
321 321 request_stub.db_repo = user_util.create_repo()
322 322
323 323 view = RepoSummaryView(context=context_stub, request=request_stub)
324 324 return view
325 325
326 326
327 327 @pytest.mark.usefixtures('app')
328 328 class TestCreateReferenceData(object):
329 329
330 330 @pytest.fixture()
331 331 def example_refs(self):
332 332 section_1_refs = OrderedDict((('a', 'a_id'), ('b', 'b_id')))
333 333 example_refs = [
334 334 ('section_1', section_1_refs, 't1'),
335 335 ('section_2', {'c': 'c_id'}, 't2'),
336 336 ]
337 337 return example_refs
338 338
339 339 def test_generates_refs_based_on_commit_ids(self, example_refs, summary_view):
340 340 repo = mock.Mock()
341 341 repo.name = 'test-repo'
342 342 repo.alias = 'git'
343 343 full_repo_name = 'pytest-repo-group/' + repo.name
344 344
345 345 result = summary_view._create_reference_data(
346 346 repo, full_repo_name, example_refs)
347 347
348 348 expected_files_url = '/{}/files/'.format(full_repo_name)
349 349 expected_result = [
350 350 {
351 351 'children': [
352 352 {
353 353 'id': 'a', 'idx': 0, 'raw_id': 'a_id', 'text': 'a', 'type': 't1',
354 354 'files_url': expected_files_url + 'a/?at=a',
355 355 },
356 356 {
357 357 'id': 'b', 'idx': 0, 'raw_id': 'b_id', 'text': 'b', 'type': 't1',
358 358 'files_url': expected_files_url + 'b/?at=b',
359 359 }
360 360 ],
361 361 'text': 'section_1'
362 362 },
363 363 {
364 364 'children': [
365 365 {
366 366 'id': 'c', 'idx': 0, 'raw_id': 'c_id', 'text': 'c', 'type': 't2',
367 367 'files_url': expected_files_url + 'c/?at=c',
368 368 }
369 369 ],
370 370 'text': 'section_2'
371 371 }]
372 372 assert result == expected_result
373 373
374 374 def test_generates_refs_with_path_for_svn(self, example_refs, summary_view):
375 375 repo = mock.Mock()
376 376 repo.name = 'test-repo'
377 377 repo.alias = 'svn'
378 378 full_repo_name = 'pytest-repo-group/' + repo.name
379 379
380 380 result = summary_view._create_reference_data(
381 381 repo, full_repo_name, example_refs)
382 382
383 383 expected_files_url = '/{}/files/'.format(full_repo_name)
384 384 expected_result = [
385 385 {
386 386 'children': [
387 387 {
388 388 'id': 'a@a_id', 'idx': 0, 'raw_id': 'a_id',
389 389 'text': 'a', 'type': 't1',
390 390 'files_url': expected_files_url + 'a_id/a?at=a',
391 391 },
392 392 {
393 393 'id': 'b@b_id', 'idx': 0, 'raw_id': 'b_id',
394 394 'text': 'b', 'type': 't1',
395 395 'files_url': expected_files_url + 'b_id/b?at=b',
396 396 }
397 397 ],
398 398 'text': 'section_1'
399 399 },
400 400 {
401 401 'children': [
402 402 {
403 403 'id': 'c@c_id', 'idx': 0, 'raw_id': 'c_id',
404 404 'text': 'c', 'type': 't2',
405 405 'files_url': expected_files_url + 'c_id/c?at=c',
406 406 }
407 407 ],
408 408 'text': 'section_2'
409 409 }
410 410 ]
411 411 assert result == expected_result
412 412
413 413
414 414 class TestCreateFilesUrl(object):
415 415
416 416 def test_creates_non_svn_url(self, app, summary_view):
417 417 repo = mock.Mock()
418 418 repo.name = 'abcde'
419 419 full_repo_name = 'test-repo-group/' + repo.name
420 420 ref_name = 'branch1'
421 421 raw_id = 'deadbeef0123456789'
422 422 is_svn = False
423 423
424 424 with mock.patch('rhodecode.lib.helpers.route_path') as url_mock:
425 425 result = summary_view._create_files_url(
426 426 repo, full_repo_name, ref_name, raw_id, is_svn)
427 427 url_mock.assert_called_once_with(
428 428 'repo_files', repo_name=full_repo_name, commit_id=ref_name,
429 429 f_path='', _query=dict(at=ref_name))
430 430 assert result == url_mock.return_value
431 431
432 432 def test_creates_svn_url(self, app, summary_view):
433 433 repo = mock.Mock()
434 434 repo.name = 'abcde'
435 435 full_repo_name = 'test-repo-group/' + repo.name
436 436 ref_name = 'branch1'
437 437 raw_id = 'deadbeef0123456789'
438 438 is_svn = True
439 439
440 440 with mock.patch('rhodecode.lib.helpers.route_path') as url_mock:
441 441 result = summary_view._create_files_url(
442 442 repo, full_repo_name, ref_name, raw_id, is_svn)
443 443 url_mock.assert_called_once_with(
444 444 'repo_files', repo_name=full_repo_name, f_path=ref_name,
445 445 commit_id=raw_id, _query=dict(at=ref_name))
446 446 assert result == url_mock.return_value
447 447
448 448 def test_name_has_slashes(self, app, summary_view):
449 449 repo = mock.Mock()
450 450 repo.name = 'abcde'
451 451 full_repo_name = 'test-repo-group/' + repo.name
452 452 ref_name = 'branch1/branch2'
453 453 raw_id = 'deadbeef0123456789'
454 454 is_svn = False
455 455
456 456 with mock.patch('rhodecode.lib.helpers.route_path') as url_mock:
457 457 result = summary_view._create_files_url(
458 458 repo, full_repo_name, ref_name, raw_id, is_svn)
459 459 url_mock.assert_called_once_with(
460 460 'repo_files', repo_name=full_repo_name, commit_id=raw_id,
461 461 f_path='', _query=dict(at=ref_name))
462 462 assert result == url_mock.return_value
463 463
464 464
465 465 class TestReferenceItems(object):
466 466 repo = mock.Mock()
467 467 repo.name = 'pytest-repo'
468 468 repo_full_name = 'pytest-repo-group/' + repo.name
469 469 ref_type = 'branch'
470 470 fake_url = '/abcde/'
471 471
472 472 @staticmethod
473 473 def _format_function(name, id_):
474 474 return 'format_function_{}_{}'.format(name, id_)
475 475
476 476 def test_creates_required_amount_of_items(self, summary_view):
477 477 amount = 100
478 478 refs = {
479 479 'ref{}'.format(i): '{0:040d}'.format(i)
480 480 for i in range(amount)
481 481 }
482 482
483 483 url_patcher = mock.patch.object(summary_view, '_create_files_url')
484 484 svn_patcher = mock.patch('rhodecode.lib.helpers.is_svn',
485 485 return_value=False)
486 486
487 487 with url_patcher as url_mock, svn_patcher:
488 488 result = summary_view._create_reference_items(
489 489 self.repo, self.repo_full_name, refs, self.ref_type,
490 490 self._format_function)
491 491 assert len(result) == amount
492 492 assert url_mock.call_count == amount
493 493
494 494 def test_single_item_details(self, summary_view):
495 495 ref_name = 'ref1'
496 496 ref_id = 'deadbeef'
497 497 refs = {
498 498 ref_name: ref_id
499 499 }
500 500
501 501 svn_patcher = mock.patch('rhodecode.lib.helpers.is_svn',
502 502 return_value=False)
503 503
504 504 url_patcher = mock.patch.object(
505 505 summary_view, '_create_files_url', return_value=self.fake_url)
506 506
507 507 with url_patcher as url_mock, svn_patcher:
508 508 result = summary_view._create_reference_items(
509 509 self.repo, self.repo_full_name, refs, self.ref_type,
510 510 self._format_function)
511 511
512 512 url_mock.assert_called_once_with(
513 513 self.repo, self.repo_full_name, ref_name, ref_id, False)
514 514 expected_result = [
515 515 {
516 516 'text': ref_name,
517 517 'id': self._format_function(ref_name, ref_id),
518 518 'raw_id': ref_id,
519 519 'idx': 0,
520 520 'type': self.ref_type,
521 521 'files_url': self.fake_url
522 522 }
523 523 ]
524 524 assert result == expected_result
Show file before | Show file after | Hide comments
@@ -1,685 +1,685 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import mock
22 22 import pytest
23 23
24 24 from rhodecode.lib import auth
25 25 from rhodecode.lib.utils2 import str2bool
26 26 from rhodecode.model.db import (
27 27 Repository, UserRepoToPerm, User)
28 28 from rhodecode.model.meta import Session
29 29 from rhodecode.model.settings import SettingsModel, VcsSettingsModel
30 30 from rhodecode.model.user import UserModel
31 31 from rhodecode.tests import (
32 32 login_user_session, logout_user_session,
33 33 TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
34 34 from rhodecode.tests.fixture import Fixture
35 35 from rhodecode.tests.utils import AssertResponse
36 36
37 37 fixture = Fixture()
38 38
39 39
40 40 def route_path(name, params=None, **kwargs):
41 41 import urllib
42 42
43 43 base_url = {
44 44 'repo_summary': '/{repo_name}',
45 45 'repo_creating_check': '/{repo_name}/repo_creating_check',
46 46 'edit_repo': '/{repo_name}/settings',
47 47 'edit_repo_vcs': '/{repo_name}/settings/vcs',
48 48 'edit_repo_vcs_update': '/{repo_name}/settings/vcs/update',
49 49 'edit_repo_vcs_svn_pattern_delete': '/{repo_name}/settings/vcs/svn_pattern/delete'
50 50 }[name].format(**kwargs)
51 51
52 52 if params:
53 53 base_url = '{}?{}'.format(base_url, urllib.urlencode(params))
54 54 return base_url
55 55
56 56
57 57 @pytest.mark.usefixtures("app")
58 58 class TestVcsSettings(object):
59 59 FORM_DATA = {
60 60 'inherit_global_settings': False,
61 61 'hooks_changegroup_repo_size': False,
62 62 'hooks_changegroup_push_logger': False,
63 63 'hooks_outgoing_pull_logger': False,
64 64 'extensions_largefiles': False,
65 65 'extensions_evolve': False,
66 66 'phases_publish': 'False',
67 67 'rhodecode_pr_merge_enabled': False,
68 68 'rhodecode_use_outdated_comments': False,
69 69 'new_svn_branch': '',
70 70 'new_svn_tag': ''
71 71 }
72 72
73 73 @pytest.mark.skip_backends('svn')
74 74 def test_global_settings_initial_values(self, autologin_user, backend):
75 75 repo_name = backend.repo_name
76 76 response = self.app.get(route_path('edit_repo_vcs', repo_name=repo_name))
77 77
78 78 expected_settings = (
79 79 'rhodecode_use_outdated_comments', 'rhodecode_pr_merge_enabled',
80 80 'hooks_changegroup_repo_size', 'hooks_changegroup_push_logger',
81 81 'hooks_outgoing_pull_logger'
82 82 )
83 83 for setting in expected_settings:
84 84 self.assert_repo_value_equals_global_value(response, setting)
85 85
86 86 def test_show_settings_requires_repo_admin_permission(
87 87 self, backend, user_util, settings_util):
88 88 repo = backend.create_repo()
89 89 repo_name = repo.repo_name
90 90 user = UserModel().get_by_username(TEST_USER_REGULAR_LOGIN)
91 91 user_util.grant_user_permission_to_repo(repo, user, 'repository.admin')
92 92 login_user_session(
93 93 self.app, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
94 94 self.app.get(route_path('edit_repo_vcs', repo_name=repo_name), status=200)
95 95
96 96 def test_inherit_global_settings_flag_is_true_by_default(
97 97 self, autologin_user, backend):
98 98 repo_name = backend.repo_name
99 99 response = self.app.get(route_path('edit_repo_vcs', repo_name=repo_name))
100 100
101 assert_response = AssertResponse(response)
101 assert_response = response.assert_response()
102 102 element = assert_response.get_element('#inherit_global_settings')
103 103 assert element.checked
104 104
105 105 @pytest.mark.parametrize('checked_value', [True, False])
106 106 def test_inherit_global_settings_value(
107 107 self, autologin_user, backend, checked_value, settings_util):
108 108 repo = backend.create_repo()
109 109 repo_name = repo.repo_name
110 110 settings_util.create_repo_rhodecode_setting(
111 111 repo, 'inherit_vcs_settings', checked_value, 'bool')
112 112 response = self.app.get(route_path('edit_repo_vcs', repo_name=repo_name))
113 113
114 assert_response = AssertResponse(response)
114 assert_response = response.assert_response()
115 115 element = assert_response.get_element('#inherit_global_settings')
116 116 assert element.checked == checked_value
117 117
118 118 @pytest.mark.skip_backends('svn')
119 119 def test_hooks_settings_are_created(
120 120 self, autologin_user, backend, csrf_token):
121 121 repo_name = backend.repo_name
122 122 data = self.FORM_DATA.copy()
123 123 data['csrf_token'] = csrf_token
124 124 self.app.post(
125 125 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
126 126 settings = SettingsModel(repo=repo_name)
127 127 try:
128 128 for section, key in VcsSettingsModel.HOOKS_SETTINGS:
129 129 ui = settings.get_ui_by_section_and_key(section, key)
130 130 assert ui.ui_active is False
131 131 finally:
132 132 self._cleanup_repo_settings(settings)
133 133
134 134 def test_hooks_settings_are_not_created_for_svn(
135 135 self, autologin_user, backend_svn, csrf_token):
136 136 repo_name = backend_svn.repo_name
137 137 data = self.FORM_DATA.copy()
138 138 data['csrf_token'] = csrf_token
139 139 self.app.post(
140 140 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
141 141 settings = SettingsModel(repo=repo_name)
142 142 try:
143 143 for section, key in VcsSettingsModel.HOOKS_SETTINGS:
144 144 ui = settings.get_ui_by_section_and_key(section, key)
145 145 assert ui is None
146 146 finally:
147 147 self._cleanup_repo_settings(settings)
148 148
149 149 @pytest.mark.skip_backends('svn')
150 150 def test_hooks_settings_are_updated(
151 151 self, autologin_user, backend, csrf_token):
152 152 repo_name = backend.repo_name
153 153 settings = SettingsModel(repo=repo_name)
154 154 for section, key in VcsSettingsModel.HOOKS_SETTINGS:
155 155 settings.create_ui_section_value(section, '', key=key, active=True)
156 156
157 157 data = self.FORM_DATA.copy()
158 158 data['csrf_token'] = csrf_token
159 159 self.app.post(
160 160 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
161 161 try:
162 162 for section, key in VcsSettingsModel.HOOKS_SETTINGS:
163 163 ui = settings.get_ui_by_section_and_key(section, key)
164 164 assert ui.ui_active is False
165 165 finally:
166 166 self._cleanup_repo_settings(settings)
167 167
168 168 def test_hooks_settings_are_not_updated_for_svn(
169 169 self, autologin_user, backend_svn, csrf_token):
170 170 repo_name = backend_svn.repo_name
171 171 settings = SettingsModel(repo=repo_name)
172 172 for section, key in VcsSettingsModel.HOOKS_SETTINGS:
173 173 settings.create_ui_section_value(section, '', key=key, active=True)
174 174
175 175 data = self.FORM_DATA.copy()
176 176 data['csrf_token'] = csrf_token
177 177 self.app.post(
178 178 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
179 179 try:
180 180 for section, key in VcsSettingsModel.HOOKS_SETTINGS:
181 181 ui = settings.get_ui_by_section_and_key(section, key)
182 182 assert ui.ui_active is True
183 183 finally:
184 184 self._cleanup_repo_settings(settings)
185 185
186 186 @pytest.mark.skip_backends('svn')
187 187 def test_pr_settings_are_created(
188 188 self, autologin_user, backend, csrf_token):
189 189 repo_name = backend.repo_name
190 190 data = self.FORM_DATA.copy()
191 191 data['csrf_token'] = csrf_token
192 192 self.app.post(
193 193 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
194 194 settings = SettingsModel(repo=repo_name)
195 195 try:
196 196 for name in VcsSettingsModel.GENERAL_SETTINGS:
197 197 setting = settings.get_setting_by_name(name)
198 198 assert setting.app_settings_value is False
199 199 finally:
200 200 self._cleanup_repo_settings(settings)
201 201
202 202 def test_pr_settings_are_not_created_for_svn(
203 203 self, autologin_user, backend_svn, csrf_token):
204 204 repo_name = backend_svn.repo_name
205 205 data = self.FORM_DATA.copy()
206 206 data['csrf_token'] = csrf_token
207 207 self.app.post(
208 208 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
209 209 settings = SettingsModel(repo=repo_name)
210 210 try:
211 211 for name in VcsSettingsModel.GENERAL_SETTINGS:
212 212 setting = settings.get_setting_by_name(name)
213 213 assert setting is None
214 214 finally:
215 215 self._cleanup_repo_settings(settings)
216 216
217 217 def test_pr_settings_creation_requires_repo_admin_permission(
218 218 self, backend, user_util, settings_util, csrf_token):
219 219 repo = backend.create_repo()
220 220 repo_name = repo.repo_name
221 221
222 222 logout_user_session(self.app, csrf_token)
223 223 session = login_user_session(
224 224 self.app, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
225 225 new_csrf_token = auth.get_csrf_token(session)
226 226
227 227 user = UserModel().get_by_username(TEST_USER_REGULAR_LOGIN)
228 228 repo = Repository.get_by_repo_name(repo_name)
229 229 user_util.grant_user_permission_to_repo(repo, user, 'repository.admin')
230 230 data = self.FORM_DATA.copy()
231 231 data['csrf_token'] = new_csrf_token
232 232 settings = SettingsModel(repo=repo_name)
233 233
234 234 try:
235 235 self.app.post(
236 236 route_path('edit_repo_vcs_update', repo_name=repo_name), data,
237 237 status=302)
238 238 finally:
239 239 self._cleanup_repo_settings(settings)
240 240
241 241 @pytest.mark.skip_backends('svn')
242 242 def test_pr_settings_are_updated(
243 243 self, autologin_user, backend, csrf_token):
244 244 repo_name = backend.repo_name
245 245 settings = SettingsModel(repo=repo_name)
246 246 for name in VcsSettingsModel.GENERAL_SETTINGS:
247 247 settings.create_or_update_setting(name, True, 'bool')
248 248
249 249 data = self.FORM_DATA.copy()
250 250 data['csrf_token'] = csrf_token
251 251 self.app.post(
252 252 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
253 253 try:
254 254 for name in VcsSettingsModel.GENERAL_SETTINGS:
255 255 setting = settings.get_setting_by_name(name)
256 256 assert setting.app_settings_value is False
257 257 finally:
258 258 self._cleanup_repo_settings(settings)
259 259
260 260 def test_pr_settings_are_not_updated_for_svn(
261 261 self, autologin_user, backend_svn, csrf_token):
262 262 repo_name = backend_svn.repo_name
263 263 settings = SettingsModel(repo=repo_name)
264 264 for name in VcsSettingsModel.GENERAL_SETTINGS:
265 265 settings.create_or_update_setting(name, True, 'bool')
266 266
267 267 data = self.FORM_DATA.copy()
268 268 data['csrf_token'] = csrf_token
269 269 self.app.post(
270 270 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
271 271 try:
272 272 for name in VcsSettingsModel.GENERAL_SETTINGS:
273 273 setting = settings.get_setting_by_name(name)
274 274 assert setting.app_settings_value is True
275 275 finally:
276 276 self._cleanup_repo_settings(settings)
277 277
278 278 def test_svn_settings_are_created(
279 279 self, autologin_user, backend_svn, csrf_token, settings_util):
280 280 repo_name = backend_svn.repo_name
281 281 data = self.FORM_DATA.copy()
282 282 data['new_svn_tag'] = 'svn-tag'
283 283 data['new_svn_branch'] = 'svn-branch'
284 284 data['csrf_token'] = csrf_token
285 285
286 286 # Create few global settings to make sure that uniqueness validators
287 287 # are not triggered
288 288 settings_util.create_rhodecode_ui(
289 289 VcsSettingsModel.SVN_BRANCH_SECTION, 'svn-branch')
290 290 settings_util.create_rhodecode_ui(
291 291 VcsSettingsModel.SVN_TAG_SECTION, 'svn-tag')
292 292
293 293 self.app.post(
294 294 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
295 295 settings = SettingsModel(repo=repo_name)
296 296 try:
297 297 svn_branches = settings.get_ui_by_section(
298 298 VcsSettingsModel.SVN_BRANCH_SECTION)
299 299 svn_branch_names = [b.ui_value for b in svn_branches]
300 300 svn_tags = settings.get_ui_by_section(
301 301 VcsSettingsModel.SVN_TAG_SECTION)
302 302 svn_tag_names = [b.ui_value for b in svn_tags]
303 303 assert 'svn-branch' in svn_branch_names
304 304 assert 'svn-tag' in svn_tag_names
305 305 finally:
306 306 self._cleanup_repo_settings(settings)
307 307
308 308 def test_svn_settings_are_unique(
309 309 self, autologin_user, backend_svn, csrf_token, settings_util):
310 310 repo = backend_svn.repo
311 311 repo_name = repo.repo_name
312 312 data = self.FORM_DATA.copy()
313 313 data['new_svn_tag'] = 'test_tag'
314 314 data['new_svn_branch'] = 'test_branch'
315 315 data['csrf_token'] = csrf_token
316 316 settings_util.create_repo_rhodecode_ui(
317 317 repo, VcsSettingsModel.SVN_BRANCH_SECTION, 'test_branch')
318 318 settings_util.create_repo_rhodecode_ui(
319 319 repo, VcsSettingsModel.SVN_TAG_SECTION, 'test_tag')
320 320
321 321 response = self.app.post(
322 322 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=200)
323 323 response.mustcontain('Pattern already exists')
324 324
325 325 def test_svn_settings_with_empty_values_are_not_created(
326 326 self, autologin_user, backend_svn, csrf_token):
327 327 repo_name = backend_svn.repo_name
328 328 data = self.FORM_DATA.copy()
329 329 data['csrf_token'] = csrf_token
330 330 self.app.post(
331 331 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
332 332 settings = SettingsModel(repo=repo_name)
333 333 try:
334 334 svn_branches = settings.get_ui_by_section(
335 335 VcsSettingsModel.SVN_BRANCH_SECTION)
336 336 svn_tags = settings.get_ui_by_section(
337 337 VcsSettingsModel.SVN_TAG_SECTION)
338 338 assert len(svn_branches) == 0
339 339 assert len(svn_tags) == 0
340 340 finally:
341 341 self._cleanup_repo_settings(settings)
342 342
343 343 def test_svn_settings_are_shown_for_svn_repository(
344 344 self, autologin_user, backend_svn, csrf_token):
345 345 repo_name = backend_svn.repo_name
346 346 response = self.app.get(
347 347 route_path('edit_repo_vcs', repo_name=repo_name), status=200)
348 348 response.mustcontain('Subversion Settings')
349 349
350 350 @pytest.mark.skip_backends('svn')
351 351 def test_svn_settings_are_not_created_for_not_svn_repository(
352 352 self, autologin_user, backend, csrf_token):
353 353 repo_name = backend.repo_name
354 354 data = self.FORM_DATA.copy()
355 355 data['csrf_token'] = csrf_token
356 356 self.app.post(
357 357 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
358 358 settings = SettingsModel(repo=repo_name)
359 359 try:
360 360 svn_branches = settings.get_ui_by_section(
361 361 VcsSettingsModel.SVN_BRANCH_SECTION)
362 362 svn_tags = settings.get_ui_by_section(
363 363 VcsSettingsModel.SVN_TAG_SECTION)
364 364 assert len(svn_branches) == 0
365 365 assert len(svn_tags) == 0
366 366 finally:
367 367 self._cleanup_repo_settings(settings)
368 368
369 369 @pytest.mark.skip_backends('svn')
370 370 def test_svn_settings_are_shown_only_for_svn_repository(
371 371 self, autologin_user, backend, csrf_token):
372 372 repo_name = backend.repo_name
373 373 response = self.app.get(
374 374 route_path('edit_repo_vcs', repo_name=repo_name), status=200)
375 375 response.mustcontain(no='Subversion Settings')
376 376
377 377 def test_hg_settings_are_created(
378 378 self, autologin_user, backend_hg, csrf_token):
379 379 repo_name = backend_hg.repo_name
380 380 data = self.FORM_DATA.copy()
381 381 data['new_svn_tag'] = 'svn-tag'
382 382 data['new_svn_branch'] = 'svn-branch'
383 383 data['csrf_token'] = csrf_token
384 384 self.app.post(
385 385 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
386 386 settings = SettingsModel(repo=repo_name)
387 387 try:
388 388 largefiles_ui = settings.get_ui_by_section_and_key(
389 389 'extensions', 'largefiles')
390 390 assert largefiles_ui.ui_active is False
391 391 phases_ui = settings.get_ui_by_section_and_key(
392 392 'phases', 'publish')
393 393 assert str2bool(phases_ui.ui_value) is False
394 394 finally:
395 395 self._cleanup_repo_settings(settings)
396 396
397 397 def test_hg_settings_are_updated(
398 398 self, autologin_user, backend_hg, csrf_token):
399 399 repo_name = backend_hg.repo_name
400 400 settings = SettingsModel(repo=repo_name)
401 401 settings.create_ui_section_value(
402 402 'extensions', '', key='largefiles', active=True)
403 403 settings.create_ui_section_value(
404 404 'phases', '1', key='publish', active=True)
405 405
406 406 data = self.FORM_DATA.copy()
407 407 data['csrf_token'] = csrf_token
408 408 self.app.post(
409 409 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
410 410 try:
411 411 largefiles_ui = settings.get_ui_by_section_and_key(
412 412 'extensions', 'largefiles')
413 413 assert largefiles_ui.ui_active is False
414 414 phases_ui = settings.get_ui_by_section_and_key(
415 415 'phases', 'publish')
416 416 assert str2bool(phases_ui.ui_value) is False
417 417 finally:
418 418 self._cleanup_repo_settings(settings)
419 419
420 420 def test_hg_settings_are_shown_for_hg_repository(
421 421 self, autologin_user, backend_hg, csrf_token):
422 422 repo_name = backend_hg.repo_name
423 423 response = self.app.get(
424 424 route_path('edit_repo_vcs', repo_name=repo_name), status=200)
425 425 response.mustcontain('Mercurial Settings')
426 426
427 427 @pytest.mark.skip_backends('hg')
428 428 def test_hg_settings_are_created_only_for_hg_repository(
429 429 self, autologin_user, backend, csrf_token):
430 430 repo_name = backend.repo_name
431 431 data = self.FORM_DATA.copy()
432 432 data['csrf_token'] = csrf_token
433 433 self.app.post(
434 434 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
435 435 settings = SettingsModel(repo=repo_name)
436 436 try:
437 437 largefiles_ui = settings.get_ui_by_section_and_key(
438 438 'extensions', 'largefiles')
439 439 assert largefiles_ui is None
440 440 phases_ui = settings.get_ui_by_section_and_key(
441 441 'phases', 'publish')
442 442 assert phases_ui is None
443 443 finally:
444 444 self._cleanup_repo_settings(settings)
445 445
446 446 @pytest.mark.skip_backends('hg')
447 447 def test_hg_settings_are_shown_only_for_hg_repository(
448 448 self, autologin_user, backend, csrf_token):
449 449 repo_name = backend.repo_name
450 450 response = self.app.get(
451 451 route_path('edit_repo_vcs', repo_name=repo_name), status=200)
452 452 response.mustcontain(no='Mercurial Settings')
453 453
454 454 @pytest.mark.skip_backends('hg')
455 455 def test_hg_settings_are_updated_only_for_hg_repository(
456 456 self, autologin_user, backend, csrf_token):
457 457 repo_name = backend.repo_name
458 458 settings = SettingsModel(repo=repo_name)
459 459 settings.create_ui_section_value(
460 460 'extensions', '', key='largefiles', active=True)
461 461 settings.create_ui_section_value(
462 462 'phases', '1', key='publish', active=True)
463 463
464 464 data = self.FORM_DATA.copy()
465 465 data['csrf_token'] = csrf_token
466 466 self.app.post(
467 467 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
468 468 try:
469 469 largefiles_ui = settings.get_ui_by_section_and_key(
470 470 'extensions', 'largefiles')
471 471 assert largefiles_ui.ui_active is True
472 472 phases_ui = settings.get_ui_by_section_and_key(
473 473 'phases', 'publish')
474 474 assert phases_ui.ui_value == '1'
475 475 finally:
476 476 self._cleanup_repo_settings(settings)
477 477
478 478 def test_per_repo_svn_settings_are_displayed(
479 479 self, autologin_user, backend_svn, settings_util):
480 480 repo = backend_svn.create_repo()
481 481 repo_name = repo.repo_name
482 482 branches = [
483 483 settings_util.create_repo_rhodecode_ui(
484 484 repo, VcsSettingsModel.SVN_BRANCH_SECTION,
485 485 'branch_{}'.format(i))
486 486 for i in range(10)]
487 487 tags = [
488 488 settings_util.create_repo_rhodecode_ui(
489 489 repo, VcsSettingsModel.SVN_TAG_SECTION, 'tag_{}'.format(i))
490 490 for i in range(10)]
491 491
492 492 response = self.app.get(
493 493 route_path('edit_repo_vcs', repo_name=repo_name), status=200)
494 assert_response = AssertResponse(response)
494 assert_response = response.assert_response()
495 495 for branch in branches:
496 496 css_selector = '[name=branch_value_{}]'.format(branch.ui_id)
497 497 element = assert_response.get_element(css_selector)
498 498 assert element.value == branch.ui_value
499 499 for tag in tags:
500 500 css_selector = '[name=tag_ui_value_new_{}]'.format(tag.ui_id)
501 501 element = assert_response.get_element(css_selector)
502 502 assert element.value == tag.ui_value
503 503
504 504 def test_per_repo_hg_and_pr_settings_are_not_displayed_for_svn(
505 505 self, autologin_user, backend_svn, settings_util):
506 506 repo = backend_svn.create_repo()
507 507 repo_name = repo.repo_name
508 508 response = self.app.get(
509 509 route_path('edit_repo_vcs', repo_name=repo_name), status=200)
510 510 response.mustcontain(no='<label>Hooks:</label>')
511 511 response.mustcontain(no='<label>Pull Request Settings:</label>')
512 512
513 513 def test_inherit_global_settings_value_is_saved(
514 514 self, autologin_user, backend, csrf_token):
515 515 repo_name = backend.repo_name
516 516 data = self.FORM_DATA.copy()
517 517 data['csrf_token'] = csrf_token
518 518 data['inherit_global_settings'] = True
519 519 self.app.post(
520 520 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
521 521
522 522 settings = SettingsModel(repo=repo_name)
523 523 vcs_settings = VcsSettingsModel(repo=repo_name)
524 524 try:
525 525 assert vcs_settings.inherit_global_settings is True
526 526 finally:
527 527 self._cleanup_repo_settings(settings)
528 528
529 529 def test_repo_cache_is_invalidated_when_settings_are_updated(
530 530 self, autologin_user, backend, csrf_token):
531 531 repo_name = backend.repo_name
532 532 data = self.FORM_DATA.copy()
533 533 data['csrf_token'] = csrf_token
534 534 data['inherit_global_settings'] = True
535 535 settings = SettingsModel(repo=repo_name)
536 536
537 537 invalidation_patcher = mock.patch(
538 538 'rhodecode.model.scm.ScmModel.mark_for_invalidation')
539 539 with invalidation_patcher as invalidation_mock:
540 540 self.app.post(
541 541 route_path('edit_repo_vcs_update', repo_name=repo_name), data,
542 542 status=302)
543 543 try:
544 544 invalidation_mock.assert_called_once_with(repo_name, delete=True)
545 545 finally:
546 546 self._cleanup_repo_settings(settings)
547 547
548 548 def test_other_settings_not_saved_inherit_global_settings_is_true(
549 549 self, autologin_user, backend, csrf_token):
550 550 repo_name = backend.repo_name
551 551 data = self.FORM_DATA.copy()
552 552 data['csrf_token'] = csrf_token
553 553 data['inherit_global_settings'] = True
554 554 self.app.post(
555 555 route_path('edit_repo_vcs_update', repo_name=repo_name), data, status=302)
556 556
557 557 settings = SettingsModel(repo=repo_name)
558 558 ui_settings = (
559 559 VcsSettingsModel.HOOKS_SETTINGS + VcsSettingsModel.HG_SETTINGS)
560 560
561 561 vcs_settings = []
562 562 try:
563 563 for section, key in ui_settings:
564 564 ui = settings.get_ui_by_section_and_key(section, key)
565 565 if ui:
566 566 vcs_settings.append(ui)
567 567 vcs_settings.extend(settings.get_ui_by_section(
568 568 VcsSettingsModel.SVN_BRANCH_SECTION))
569 569 vcs_settings.extend(settings.get_ui_by_section(
570 570 VcsSettingsModel.SVN_TAG_SECTION))
571 571 for name in VcsSettingsModel.GENERAL_SETTINGS:
572 572 setting = settings.get_setting_by_name(name)
573 573 if setting:
574 574 vcs_settings.append(setting)
575 575 assert vcs_settings == []
576 576 finally:
577 577 self._cleanup_repo_settings(settings)
578 578
579 579 def test_delete_svn_branch_and_tag_patterns(
580 580 self, autologin_user, backend_svn, settings_util, csrf_token, xhr_header):
581 581 repo = backend_svn.create_repo()
582 582 repo_name = repo.repo_name
583 583 branch = settings_util.create_repo_rhodecode_ui(
584 584 repo, VcsSettingsModel.SVN_BRANCH_SECTION, 'test_branch',
585 585 cleanup=False)
586 586 tag = settings_util.create_repo_rhodecode_ui(
587 587 repo, VcsSettingsModel.SVN_TAG_SECTION, 'test_tag', cleanup=False)
588 588 data = {
589 589 'csrf_token': csrf_token
590 590 }
591 591 for id_ in (branch.ui_id, tag.ui_id):
592 592 data['delete_svn_pattern'] = id_,
593 593 self.app.post(
594 594 route_path('edit_repo_vcs_svn_pattern_delete', repo_name=repo_name),
595 595 data, extra_environ=xhr_header, status=200)
596 596 settings = VcsSettingsModel(repo=repo_name)
597 597 assert settings.get_repo_svn_branch_patterns() == []
598 598
599 599 def test_delete_svn_branch_requires_repo_admin_permission(
600 600 self, backend_svn, user_util, settings_util, csrf_token, xhr_header):
601 601 repo = backend_svn.create_repo()
602 602 repo_name = repo.repo_name
603 603
604 604 logout_user_session(self.app, csrf_token)
605 605 session = login_user_session(
606 606 self.app, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
607 607 csrf_token = auth.get_csrf_token(session)
608 608
609 609 repo = Repository.get_by_repo_name(repo_name)
610 610 user = UserModel().get_by_username(TEST_USER_REGULAR_LOGIN)
611 611 user_util.grant_user_permission_to_repo(repo, user, 'repository.admin')
612 612 branch = settings_util.create_repo_rhodecode_ui(
613 613 repo, VcsSettingsModel.SVN_BRANCH_SECTION, 'test_branch',
614 614 cleanup=False)
615 615 data = {
616 616 'csrf_token': csrf_token,
617 617 'delete_svn_pattern': branch.ui_id
618 618 }
619 619 self.app.post(
620 620 route_path('edit_repo_vcs_svn_pattern_delete', repo_name=repo_name),
621 621 data, extra_environ=xhr_header, status=200)
622 622
623 623 def test_delete_svn_branch_raises_400_when_not_found(
624 624 self, autologin_user, backend_svn, settings_util, csrf_token, xhr_header):
625 625 repo_name = backend_svn.repo_name
626 626 data = {
627 627 'delete_svn_pattern': 123,
628 628 'csrf_token': csrf_token
629 629 }
630 630 self.app.post(
631 631 route_path('edit_repo_vcs_svn_pattern_delete', repo_name=repo_name),
632 632 data, extra_environ=xhr_header, status=400)
633 633
634 634 def test_delete_svn_branch_raises_400_when_no_id_specified(
635 635 self, autologin_user, backend_svn, settings_util, csrf_token, xhr_header):
636 636 repo_name = backend_svn.repo_name
637 637 data = {
638 638 'csrf_token': csrf_token
639 639 }
640 640 self.app.post(
641 641 route_path('edit_repo_vcs_svn_pattern_delete', repo_name=repo_name),
642 642 data, extra_environ=xhr_header, status=400)
643 643
644 644 def _cleanup_repo_settings(self, settings_model):
645 645 cleanup = []
646 646 ui_settings = (
647 647 VcsSettingsModel.HOOKS_SETTINGS + VcsSettingsModel.HG_SETTINGS)
648 648
649 649 for section, key in ui_settings:
650 650 ui = settings_model.get_ui_by_section_and_key(section, key)
651 651 if ui:
652 652 cleanup.append(ui)
653 653
654 654 cleanup.extend(settings_model.get_ui_by_section(
655 655 VcsSettingsModel.INHERIT_SETTINGS))
656 656 cleanup.extend(settings_model.get_ui_by_section(
657 657 VcsSettingsModel.SVN_BRANCH_SECTION))
658 658 cleanup.extend(settings_model.get_ui_by_section(
659 659 VcsSettingsModel.SVN_TAG_SECTION))
660 660
661 661 for name in VcsSettingsModel.GENERAL_SETTINGS:
662 662 setting = settings_model.get_setting_by_name(name)
663 663 if setting:
664 664 cleanup.append(setting)
665 665
666 666 for object_ in cleanup:
667 667 Session().delete(object_)
668 668 Session().commit()
669 669
670 670 def assert_repo_value_equals_global_value(self, response, setting):
671 assert_response = AssertResponse(response)
671 assert_response = response.assert_response()
672 672 global_css_selector = '[name={}_inherited]'.format(setting)
673 673 repo_css_selector = '[name={}]'.format(setting)
674 674 repo_element = assert_response.get_element(repo_css_selector)
675 675 global_element = assert_response.get_element(global_css_selector)
676 676 assert repo_element.value == global_element.value
677 677
678 678
679 679 def _get_permission_for_user(user, repo):
680 680 perm = UserRepoToPerm.query()\
681 681 .filter(UserRepoToPerm.repository ==
682 682 Repository.get_by_repo_name(repo))\
683 683 .filter(UserRepoToPerm.user == User.get_by_username(user))\
684 684 .all()
685 685 return perm
Show file before | Show file after | Hide comments
@@ -1,104 +1,104 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import mock
22 22 import pytest
23 23
24 24 import rhodecode
25 25 from rhodecode.model.db import Repository
26 26 from rhodecode.model.settings import SettingsModel
27 27 from rhodecode.tests.utils import AssertResponse
28 28
29 29
30 30 def route_path(name, params=None, **kwargs):
31 31 import urllib
32 32
33 33 base_url = {
34 34 'edit_repo': '/{repo_name}/settings',
35 35 'edit_repo_vcs': '/{repo_name}/settings/vcs',
36 36 'edit_repo_vcs_update': '/{repo_name}/settings/vcs/update',
37 37 }[name].format(**kwargs)
38 38
39 39 if params:
40 40 base_url = '{}?{}'.format(base_url, urllib.urlencode(params))
41 41 return base_url
42 42
43 43
44 44 @pytest.mark.usefixtures('autologin_user', 'app')
45 45 class TestAdminRepoVcsSettings(object):
46 46
47 47 @pytest.mark.parametrize('setting_name, setting_backends', [
48 48 ('hg_use_rebase_for_merging', ['hg']),
49 49 ])
50 50 def test_labs_settings_visible_if_enabled(
51 51 self, setting_name, setting_backends, backend):
52 52 if backend.alias not in setting_backends:
53 53 pytest.skip('Setting not available for backend {}'.format(backend))
54 54
55 55 vcs_settings_url = route_path(
56 56 'edit_repo_vcs', repo_name=backend.repo.repo_name)
57 57
58 58 with mock.patch.dict(
59 59 rhodecode.CONFIG, {'labs_settings_active': 'true'}):
60 60 response = self.app.get(vcs_settings_url)
61 61
62 assertr = AssertResponse(response)
62 assertr = response.assert_response()
63 63 assertr.one_element_exists('#rhodecode_{}'.format(setting_name))
64 64
65 65 @pytest.mark.parametrize('setting_name, setting_backends', [
66 66 ('hg_use_rebase_for_merging', ['hg']),
67 67 ])
68 68 def test_update_boolean_settings(
69 69 self, csrf_token, setting_name, setting_backends, backend):
70 70 if backend.alias not in setting_backends:
71 71 pytest.skip('Setting not available for backend {}'.format(backend))
72 72
73 73 repo = backend.create_repo()
74 74 repo_name = repo.repo_name
75 75
76 76 settings_model = SettingsModel(repo=repo)
77 77 vcs_settings_url = route_path(
78 78 'edit_repo_vcs_update', repo_name=repo_name)
79 79
80 80 self.app.post(
81 81 vcs_settings_url,
82 82 params={
83 83 'inherit_global_settings': False,
84 84 'new_svn_branch': 'dummy-value-for-testing',
85 85 'new_svn_tag': 'dummy-value-for-testing',
86 86 'rhodecode_{}'.format(setting_name): 'true',
87 87 'csrf_token': csrf_token,
88 88 })
89 89 settings_model = SettingsModel(repo=Repository.get_by_repo_name(repo_name))
90 90 setting = settings_model.get_setting_by_name(setting_name)
91 91 assert setting.app_settings_value
92 92
93 93 self.app.post(
94 94 vcs_settings_url,
95 95 params={
96 96 'inherit_global_settings': False,
97 97 'new_svn_branch': 'dummy-value-for-testing',
98 98 'new_svn_tag': 'dummy-value-for-testing',
99 99 'rhodecode_{}'.format(setting_name): 'false',
100 100 'csrf_token': csrf_token,
101 101 })
102 102 settings_model = SettingsModel(repo=Repository.get_by_repo_name(repo_name))
103 103 setting = settings_model.get_setting_by_name(setting_name)
104 104 assert not setting.app_settings_value
Show file before | Show file after | Hide comments
@@ -1,202 +1,202 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import os
22 22
23 23 import mock
24 24 import pytest
25 25 from whoosh import query
26 26
27 27 from rhodecode.tests import (
28 28 TestController, HG_REPO,
29 29 TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
30 30 from rhodecode.tests.utils import AssertResponse
31 31
32 32
33 33 def route_path(name, **kwargs):
34 34 from rhodecode.apps._base import ADMIN_PREFIX
35 35 return {
36 36 'search':
37 37 ADMIN_PREFIX + '/search',
38 38 'search_repo':
39 39 '/{repo_name}/search',
40 40
41 41 }[name].format(**kwargs)
42 42
43 43
44 44 class TestSearchController(TestController):
45 45
46 46 def test_index(self):
47 47 self.log_user()
48 48 response = self.app.get(route_path('search'))
49 assert_response = AssertResponse(response)
49 assert_response = response.assert_response()
50 50 assert_response.one_element_exists('input#q')
51 51
52 52 def test_search_files_empty_search(self):
53 53 if os.path.isdir(self.index_location):
54 54 pytest.skip('skipped due to existing index')
55 55 else:
56 56 self.log_user()
57 57 response = self.app.get(route_path('search'),
58 58 {'q': HG_REPO})
59 59 response.mustcontain('There is no index to search in. '
60 60 'Please run whoosh indexer')
61 61
62 62 def test_search_validation(self):
63 63 self.log_user()
64 64 response = self.app.get(route_path('search'),
65 65 {'q': query, 'type': 'content', 'page_limit': 1000})
66 66
67 67 response.mustcontain(
68 68 'page_limit - 1000 is greater than maximum value 500')
69 69
70 70 @pytest.mark.parametrize("query, expected_hits, expected_paths", [
71 71 ('todo', 23, [
72 72 'vcs/backends/hg/inmemory.py',
73 73 'vcs/tests/test_git.py']),
74 74 ('extension:rst installation', 6, [
75 75 'docs/index.rst',
76 76 'docs/installation.rst']),
77 77 ('def repo', 87, [
78 78 'vcs/tests/test_git.py',
79 79 'vcs/tests/test_changesets.py']),
80 80 ('repository:%s def test' % HG_REPO, 18, [
81 81 'vcs/tests/test_git.py',
82 82 'vcs/tests/test_changesets.py']),
83 83 ('"def main"', 9, [
84 84 'vcs/__init__.py',
85 85 'vcs/tests/__init__.py',
86 86 'vcs/utils/progressbar.py']),
87 87 ('owner:test_admin', 358, [
88 88 'vcs/tests/base.py',
89 89 'MANIFEST.in',
90 90 'vcs/utils/termcolors.py',
91 91 'docs/theme/ADC/static/documentation.png']),
92 92 ('owner:test_admin def main', 72, [
93 93 'vcs/__init__.py',
94 94 'vcs/tests/test_utils_filesize.py',
95 95 'vcs/tests/test_cli.py']),
96 96 ('owner:michał test', 0, []),
97 97 ])
98 98 def test_search_files(self, query, expected_hits, expected_paths):
99 99 self.log_user()
100 100 response = self.app.get(route_path('search'),
101 101 {'q': query, 'type': 'content', 'page_limit': 500})
102 102
103 103 response.mustcontain('%s results' % expected_hits)
104 104 for path in expected_paths:
105 105 response.mustcontain(path)
106 106
107 107 @pytest.mark.parametrize("query, expected_hits, expected_commits", [
108 108 ('bother to ask where to fetch repo during tests', 3, [
109 109 ('hg', 'a00c1b6f5d7a6ae678fd553a8b81d92367f7ecf1'),
110 110 ('git', 'c6eb379775c578a95dad8ddab53f963b80894850'),
111 111 ('svn', '98')]),
112 112 ('michał', 0, []),
113 113 ('changed:tests/utils.py', 36, [
114 114 ('hg', 'a00c1b6f5d7a6ae678fd553a8b81d92367f7ecf1')]),
115 115 ('changed:vcs/utils/archivers.py', 11, [
116 116 ('hg', '25213a5fbb048dff8ba65d21e466a835536e5b70'),
117 117 ('hg', '47aedd538bf616eedcb0e7d630ea476df0e159c7'),
118 118 ('hg', 'f5d23247fad4856a1dabd5838afade1e0eed24fb'),
119 119 ('hg', '04ad456aefd6461aea24f90b63954b6b1ce07b3e'),
120 120 ('git', 'c994f0de03b2a0aa848a04fc2c0d7e737dba31fc'),
121 121 ('git', 'd1f898326327e20524fe22417c22d71064fe54a1'),
122 122 ('git', 'fe568b4081755c12abf6ba673ba777fc02a415f3'),
123 123 ('git', 'bafe786f0d8c2ff7da5c1dcfcfa577de0b5e92f1')]),
124 124 ('added:README.rst', 3, [
125 125 ('hg', '3803844fdbd3b711175fc3da9bdacfcd6d29a6fb'),
126 126 ('git', 'ff7ca51e58c505fec0dd2491de52c622bb7a806b'),
127 127 ('svn', '8')]),
128 128 ('changed:lazy.py', 15, [
129 129 ('hg', 'eaa291c5e6ae6126a203059de9854ccf7b5baa12'),
130 130 ('git', '17438a11f72b93f56d0e08e7d1fa79a378578a82'),
131 131 ('svn', '82'),
132 132 ('svn', '262'),
133 133 ('hg', 'f5d23247fad4856a1dabd5838afade1e0eed24fb'),
134 134 ('git', '33fa3223355104431402a888fa77a4e9956feb3e')
135 135 ]),
136 136 ('author:marcin@python-blog.com '
137 137 'commit_id:b986218ba1c9b0d6a259fac9b050b1724ed8e545', 1, [
138 138 ('hg', 'b986218ba1c9b0d6a259fac9b050b1724ed8e545')]),
139 139 ('b986218ba1c9b0d6a259fac9b050b1724ed8e545', 1, [
140 140 ('hg', 'b986218ba1c9b0d6a259fac9b050b1724ed8e545')]),
141 141 ('b986218b', 1, [
142 142 ('hg', 'b986218ba1c9b0d6a259fac9b050b1724ed8e545')]),
143 143 ])
144 144 def test_search_commit_messages(
145 145 self, query, expected_hits, expected_commits, enabled_backends):
146 146 self.log_user()
147 147 response = self.app.get(route_path('search'),
148 148 {'q': query, 'type': 'commit', 'page_limit': 500})
149 149
150 150 response.mustcontain('%s results' % expected_hits)
151 151 for backend, commit_id in expected_commits:
152 152 if backend in enabled_backends:
153 153 response.mustcontain(commit_id)
154 154
155 155 @pytest.mark.parametrize("query, expected_hits, expected_paths", [
156 156 ('readme.rst', 3, []),
157 157 ('test*', 75, []),
158 158 ('*model*', 1, []),
159 159 ('extension:rst', 48, []),
160 160 ('extension:rst api', 24, []),
161 161 ])
162 162 def test_search_file_paths(self, query, expected_hits, expected_paths):
163 163 self.log_user()
164 164 response = self.app.get(route_path('search'),
165 165 {'q': query, 'type': 'path', 'page_limit': 500})
166 166
167 167 response.mustcontain('%s results' % expected_hits)
168 168 for path in expected_paths:
169 169 response.mustcontain(path)
170 170
171 171 def test_search_commit_message_specific_repo(self, backend):
172 172 self.log_user()
173 173 response = self.app.get(
174 174 route_path('search_repo',repo_name=backend.repo_name),
175 175 {'q': 'bother to ask where to fetch repo during tests',
176 176 'type': 'commit'})
177 177
178 178 response.mustcontain('1 results')
179 179
180 180 def test_filters_are_not_applied_for_admin_user(self):
181 181 self.log_user()
182 182 with mock.patch('whoosh.searching.Searcher.search') as search_mock:
183 183 self.app.get(route_path('search'),
184 184 {'q': 'test query', 'type': 'commit'})
185 185 assert search_mock.call_count == 1
186 186 _, kwargs = search_mock.call_args
187 187 assert kwargs['filter'] is None
188 188
189 189 def test_filters_are_applied_for_normal_user(self, enabled_backends):
190 190 self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
191 191 with mock.patch('whoosh.searching.Searcher.search') as search_mock:
192 192 self.app.get(route_path('search'),
193 193 {'q': 'test query', 'type': 'commit'})
194 194 assert search_mock.call_count == 1
195 195 _, kwargs = search_mock.call_args
196 196 assert isinstance(kwargs['filter'], query.Or)
197 197 expected_repositories = [
198 198 'vcs_test_{}'.format(b) for b in enabled_backends]
199 199 queried_repositories = [
200 200 name for type_, name in kwargs['filter'].all_terms()]
201 201 for repository in expected_repositories:
202 202 assert repository in queried_repositories
Show file before | Show file after | Hide comments
@@ -1,75 +1,75 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import pytest
22 22
23 23 from rhodecode.model.db import User
24 24 from rhodecode.tests import (
25 25 TestController, TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS,
26 26 TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
27 27 from rhodecode.tests.fixture import Fixture
28 28 from rhodecode.tests.utils import AssertResponse
29 29
30 30 fixture = Fixture()
31 31
32 32
33 33 def route_path(name, **kwargs):
34 34 return '/_profiles/{username}'.format(**kwargs)
35 35
36 36
37 37 class TestUsersController(TestController):
38 38
39 39 def test_user_profile(self, user_util):
40 40 edit_link_css = '.user-profile .panel-edit'
41 41 self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
42 42 user = user_util.create_user(
43 43 'test-my-user', password='qweqwe', email='testme@rhodecode.org')
44 44 username = user.username
45 45
46 46 response = self.app.get(route_path('user_profile', username=username))
47 47 response.mustcontain('testme')
48 48 response.mustcontain('testme@rhodecode.org')
49 assert_response = AssertResponse(response)
49 assert_response = response.assert_response()
50 50 assert_response.no_element_exists(edit_link_css)
51 51
52 52 # edit should be available to superadmin users
53 53 self.logout_user()
54 54 self.log_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS)
55 55 response = self.app.get(route_path('user_profile', username=username))
56 assert_response = AssertResponse(response)
56 assert_response = response.assert_response()
57 57 assert_response.element_contains(edit_link_css, 'Edit')
58 58
59 59 def test_user_profile_not_available(self, user_util):
60 60 user = user_util.create_user()
61 61 username = user.username
62 62
63 63 # not logged in, redirect
64 64 self.app.get(route_path('user_profile', username=username), status=302)
65 65
66 66 self.log_user()
67 67 # after log-in show
68 68 self.app.get(route_path('user_profile', username=username), status=200)
69 69
70 70 # default user, not allowed to show it
71 71 self.app.get(
72 72 route_path('user_profile', username=User.DEFAULT_USER), status=404)
73 73
74 74 # actual 404
75 75 self.app.get(route_path('user_profile', username='unknown'), status=404)
Show file before | Show file after | Hide comments
@@ -1,5218 +1,5218 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 Database Models for RhodeCode Enterprise
23 23 """
24 24
25 25 import re
26 26 import os
27 27 import time
28 28 import string
29 29 import hashlib
30 30 import logging
31 31 import datetime
32 32 import uuid
33 33 import warnings
34 34 import ipaddress
35 35 import functools
36 36 import traceback
37 37 import collections
38 38
39 39 from sqlalchemy import (
40 40 or_, and_, not_, func, TypeDecorator, event,
41 41 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
42 42 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
43 43 Text, Float, PickleType)
44 44 from sqlalchemy.sql.expression import true, false, case
45 45 from sqlalchemy.sql.functions import coalesce, count # pragma: no cover
46 46 from sqlalchemy.orm import (
47 47 relationship, joinedload, class_mapper, validates, aliased)
48 48 from sqlalchemy.ext.declarative import declared_attr
49 49 from sqlalchemy.ext.hybrid import hybrid_property
50 50 from sqlalchemy.exc import IntegrityError # pragma: no cover
51 51 from sqlalchemy.dialects.mysql import LONGTEXT
52 52 from zope.cachedescriptors.property import Lazy as LazyProperty
53 53 from pyramid import compat
54 54 from pyramid.threadlocal import get_current_request
55 55 from webhelpers.text import collapse, remove_formatting
56 56
57 57 from rhodecode.translation import _
58 58 from rhodecode.lib.vcs import get_vcs_instance
59 59 from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
60 60 from rhodecode.lib.utils2 import (
61 61 str2bool, safe_str, get_commit_safe, safe_unicode, sha1_safe,
62 62 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
63 63 glob2re, StrictAttributeDict, cleaned_uri, datetime_to_time, OrderedDefaultDict)
64 64 from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \
65 65 JsonRaw
66 66 from rhodecode.lib.ext_json import json
67 67 from rhodecode.lib.caching_query import FromCache
68 68 from rhodecode.lib.encrypt import AESCipher, validate_and_get_enc_data
69 69 from rhodecode.lib.encrypt2 import Encryptor
70 70 from rhodecode.model.meta import Base, Session
71 71
72 72 URL_SEP = '/'
73 73 log = logging.getLogger(__name__)
74 74
75 75 # =============================================================================
76 76 # BASE CLASSES
77 77 # =============================================================================
78 78
79 79 # this is propagated from .ini file rhodecode.encrypted_values.secret or
80 80 # beaker.session.secret if first is not set.
81 81 # and initialized at environment.py
82 82 ENCRYPTION_KEY = None
83 83
84 84 # used to sort permissions by types, '#' used here is not allowed to be in
85 85 # usernames, and it's very early in sorted string.printable table.
86 86 PERMISSION_TYPE_SORT = {
87 87 'admin': '####',
88 88 'write': '###',
89 89 'read': '##',
90 90 'none': '#',
91 91 }
92 92
93 93
94 94 def display_user_sort(obj):
95 95 """
96 96 Sort function used to sort permissions in .permissions() function of
97 97 Repository, RepoGroup, UserGroup. Also it put the default user in front
98 98 of all other resources
99 99 """
100 100
101 101 if obj.username == User.DEFAULT_USER:
102 102 return '#####'
103 103 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
104 104 return prefix + obj.username
105 105
106 106
107 107 def display_user_group_sort(obj):
108 108 """
109 109 Sort function used to sort permissions in .permissions() function of
110 110 Repository, RepoGroup, UserGroup. Also it put the default user in front
111 111 of all other resources
112 112 """
113 113
114 114 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
115 115 return prefix + obj.users_group_name
116 116
117 117
118 118 def _hash_key(k):
119 119 return sha1_safe(k)
120 120
121 121
122 122 def in_filter_generator(qry, items, limit=500):
123 123 """
124 124 Splits IN() into multiple with OR
125 125 e.g.::
126 126 cnt = Repository.query().filter(
127 127 or_(
128 128 *in_filter_generator(Repository.repo_id, range(100000))
129 129 )).count()
130 130 """
131 131 if not items:
132 132 # empty list will cause empty query which might cause security issues
133 133 # this can lead to hidden unpleasant results
134 134 items = [-1]
135 135
136 136 parts = []
137 137 for chunk in xrange(0, len(items), limit):
138 138 parts.append(
139 139 qry.in_(items[chunk: chunk + limit])
140 140 )
141 141
142 142 return parts
143 143
144 144
145 145 base_table_args = {
146 146 'extend_existing': True,
147 147 'mysql_engine': 'InnoDB',
148 148 'mysql_charset': 'utf8',
149 149 'sqlite_autoincrement': True
150 150 }
151 151
152 152
153 153 class EncryptedTextValue(TypeDecorator):
154 154 """
155 155 Special column for encrypted long text data, use like::
156 156
157 157 value = Column("encrypted_value", EncryptedValue(), nullable=False)
158 158
159 159 This column is intelligent so if value is in unencrypted form it return
160 160 unencrypted form, but on save it always encrypts
161 161 """
162 162 impl = Text
163 163
164 164 def process_bind_param(self, value, dialect):
165 165 """
166 166 Setter for storing value
167 167 """
168 168 import rhodecode
169 169 if not value:
170 170 return value
171 171
172 172 # protect against double encrypting if values is already encrypted
173 173 if value.startswith('enc$aes$') \
174 174 or value.startswith('enc$aes_hmac$') \
175 175 or value.startswith('enc2$'):
176 176 raise ValueError('value needs to be in unencrypted format, '
177 177 'ie. not starting with enc$ or enc2$')
178 178
179 179 algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
180 180 if algo == 'aes':
181 181 return 'enc$aes_hmac$%s' % AESCipher(ENCRYPTION_KEY, hmac=True).encrypt(value)
182 182 elif algo == 'fernet':
183 183 return Encryptor(ENCRYPTION_KEY).encrypt(value)
184 184 else:
185 185 ValueError('Bad encryption algorithm, should be fernet or aes, got: {}'.format(algo))
186 186
187 187 def process_result_value(self, value, dialect):
188 188 """
189 189 Getter for retrieving value
190 190 """
191 191
192 192 import rhodecode
193 193 if not value:
194 194 return value
195 195
196 196 algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
197 197 enc_strict_mode = str2bool(rhodecode.CONFIG.get('rhodecode.encrypted_values.strict') or True)
198 198 if algo == 'aes':
199 199 decrypted_data = validate_and_get_enc_data(value, ENCRYPTION_KEY, enc_strict_mode)
200 200 elif algo == 'fernet':
201 201 return Encryptor(ENCRYPTION_KEY).decrypt(value)
202 202 else:
203 203 ValueError('Bad encryption algorithm, should be fernet or aes, got: {}'.format(algo))
204 204 return decrypted_data
205 205
206 206
207 207 class BaseModel(object):
208 208 """
209 209 Base Model for all classes
210 210 """
211 211
212 212 @classmethod
213 213 def _get_keys(cls):
214 214 """return column names for this model """
215 215 return class_mapper(cls).c.keys()
216 216
217 217 def get_dict(self):
218 218 """
219 219 return dict with keys and values corresponding
220 220 to this model data """
221 221
222 222 d = {}
223 223 for k in self._get_keys():
224 224 d[k] = getattr(self, k)
225 225
226 226 # also use __json__() if present to get additional fields
227 227 _json_attr = getattr(self, '__json__', None)
228 228 if _json_attr:
229 229 # update with attributes from __json__
230 230 if callable(_json_attr):
231 231 _json_attr = _json_attr()
232 232 for k, val in _json_attr.iteritems():
233 233 d[k] = val
234 234 return d
235 235
236 236 def get_appstruct(self):
237 237 """return list with keys and values tuples corresponding
238 238 to this model data """
239 239
240 240 lst = []
241 241 for k in self._get_keys():
242 242 lst.append((k, getattr(self, k),))
243 243 return lst
244 244
245 245 def populate_obj(self, populate_dict):
246 246 """populate model with data from given populate_dict"""
247 247
248 248 for k in self._get_keys():
249 249 if k in populate_dict:
250 250 setattr(self, k, populate_dict[k])
251 251
252 252 @classmethod
253 253 def query(cls):
254 254 return Session().query(cls)
255 255
256 256 @classmethod
257 257 def get(cls, id_):
258 258 if id_:
259 259 return cls.query().get(id_)
260 260
261 261 @classmethod
262 262 def get_or_404(cls, id_):
263 263 from pyramid.httpexceptions import HTTPNotFound
264 264
265 265 try:
266 266 id_ = int(id_)
267 267 except (TypeError, ValueError):
268 268 raise HTTPNotFound()
269 269
270 270 res = cls.query().get(id_)
271 271 if not res:
272 272 raise HTTPNotFound()
273 273 return res
274 274
275 275 @classmethod
276 276 def getAll(cls):
277 277 # deprecated and left for backward compatibility
278 278 return cls.get_all()
279 279
280 280 @classmethod
281 281 def get_all(cls):
282 282 return cls.query().all()
283 283
284 284 @classmethod
285 285 def delete(cls, id_):
286 286 obj = cls.query().get(id_)
287 287 Session().delete(obj)
288 288
289 289 @classmethod
290 290 def identity_cache(cls, session, attr_name, value):
291 291 exist_in_session = []
292 292 for (item_cls, pkey), instance in session.identity_map.items():
293 293 if cls == item_cls and getattr(instance, attr_name) == value:
294 294 exist_in_session.append(instance)
295 295 if exist_in_session:
296 296 if len(exist_in_session) == 1:
297 297 return exist_in_session[0]
298 298 log.exception(
299 299 'multiple objects with attr %s and '
300 300 'value %s found with same name: %r',
301 301 attr_name, value, exist_in_session)
302 302
303 303 def __repr__(self):
304 304 if hasattr(self, '__unicode__'):
305 305 # python repr needs to return str
306 306 try:
307 307 return safe_str(self.__unicode__())
308 308 except UnicodeDecodeError:
309 309 pass
310 310 return '<DB:%s>' % (self.__class__.__name__)
311 311
312 312
313 313 class RhodeCodeSetting(Base, BaseModel):
314 314 __tablename__ = 'rhodecode_settings'
315 315 __table_args__ = (
316 316 UniqueConstraint('app_settings_name'),
317 317 base_table_args
318 318 )
319 319
320 320 SETTINGS_TYPES = {
321 321 'str': safe_str,
322 322 'int': safe_int,
323 323 'unicode': safe_unicode,
324 324 'bool': str2bool,
325 325 'list': functools.partial(aslist, sep=',')
326 326 }
327 327 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
328 328 GLOBAL_CONF_KEY = 'app_settings'
329 329
330 330 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
331 331 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
332 332 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
333 333 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
334 334
335 335 def __init__(self, key='', val='', type='unicode'):
336 336 self.app_settings_name = key
337 337 self.app_settings_type = type
338 338 self.app_settings_value = val
339 339
340 340 @validates('_app_settings_value')
341 341 def validate_settings_value(self, key, val):
342 342 assert type(val) == unicode
343 343 return val
344 344
345 345 @hybrid_property
346 346 def app_settings_value(self):
347 347 v = self._app_settings_value
348 348 _type = self.app_settings_type
349 349 if _type:
350 350 _type = self.app_settings_type.split('.')[0]
351 351 # decode the encrypted value
352 352 if 'encrypted' in self.app_settings_type:
353 353 cipher = EncryptedTextValue()
354 354 v = safe_unicode(cipher.process_result_value(v, None))
355 355
356 356 converter = self.SETTINGS_TYPES.get(_type) or \
357 357 self.SETTINGS_TYPES['unicode']
358 358 return converter(v)
359 359
360 360 @app_settings_value.setter
361 361 def app_settings_value(self, val):
362 362 """
363 363 Setter that will always make sure we use unicode in app_settings_value
364 364
365 365 :param val:
366 366 """
367 367 val = safe_unicode(val)
368 368 # encode the encrypted value
369 369 if 'encrypted' in self.app_settings_type:
370 370 cipher = EncryptedTextValue()
371 371 val = safe_unicode(cipher.process_bind_param(val, None))
372 372 self._app_settings_value = val
373 373
374 374 @hybrid_property
375 375 def app_settings_type(self):
376 376 return self._app_settings_type
377 377
378 378 @app_settings_type.setter
379 379 def app_settings_type(self, val):
380 380 if val.split('.')[0] not in self.SETTINGS_TYPES:
381 381 raise Exception('type must be one of %s got %s'
382 382 % (self.SETTINGS_TYPES.keys(), val))
383 383 self._app_settings_type = val
384 384
385 385 @classmethod
386 386 def get_by_prefix(cls, prefix):
387 387 return RhodeCodeSetting.query()\
388 388 .filter(RhodeCodeSetting.app_settings_name.startswith(prefix))\
389 389 .all()
390 390
391 391 def __unicode__(self):
392 392 return u"<%s('%s:%s[%s]')>" % (
393 393 self.__class__.__name__,
394 394 self.app_settings_name, self.app_settings_value,
395 395 self.app_settings_type
396 396 )
397 397
398 398
399 399 class RhodeCodeUi(Base, BaseModel):
400 400 __tablename__ = 'rhodecode_ui'
401 401 __table_args__ = (
402 402 UniqueConstraint('ui_key'),
403 403 base_table_args
404 404 )
405 405
406 406 HOOK_REPO_SIZE = 'changegroup.repo_size'
407 407 # HG
408 408 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
409 409 HOOK_PULL = 'outgoing.pull_logger'
410 410 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
411 411 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
412 412 HOOK_PUSH = 'changegroup.push_logger'
413 413 HOOK_PUSH_KEY = 'pushkey.key_push'
414 414
415 415 HOOKS_BUILTIN = [
416 416 HOOK_PRE_PULL,
417 417 HOOK_PULL,
418 418 HOOK_PRE_PUSH,
419 419 HOOK_PRETX_PUSH,
420 420 HOOK_PUSH,
421 421 HOOK_PUSH_KEY,
422 422 ]
423 423
424 424 # TODO: johbo: Unify way how hooks are configured for git and hg,
425 425 # git part is currently hardcoded.
426 426
427 427 # SVN PATTERNS
428 428 SVN_BRANCH_ID = 'vcs_svn_branch'
429 429 SVN_TAG_ID = 'vcs_svn_tag'
430 430
431 431 ui_id = Column(
432 432 "ui_id", Integer(), nullable=False, unique=True, default=None,
433 433 primary_key=True)
434 434 ui_section = Column(
435 435 "ui_section", String(255), nullable=True, unique=None, default=None)
436 436 ui_key = Column(
437 437 "ui_key", String(255), nullable=True, unique=None, default=None)
438 438 ui_value = Column(
439 439 "ui_value", String(255), nullable=True, unique=None, default=None)
440 440 ui_active = Column(
441 441 "ui_active", Boolean(), nullable=True, unique=None, default=True)
442 442
443 443 def __repr__(self):
444 444 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
445 445 self.ui_key, self.ui_value)
446 446
447 447
448 448 class RepoRhodeCodeSetting(Base, BaseModel):
449 449 __tablename__ = 'repo_rhodecode_settings'
450 450 __table_args__ = (
451 451 UniqueConstraint(
452 452 'app_settings_name', 'repository_id',
453 453 name='uq_repo_rhodecode_setting_name_repo_id'),
454 454 base_table_args
455 455 )
456 456
457 457 repository_id = Column(
458 458 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
459 459 nullable=False)
460 460 app_settings_id = Column(
461 461 "app_settings_id", Integer(), nullable=False, unique=True,
462 462 default=None, primary_key=True)
463 463 app_settings_name = Column(
464 464 "app_settings_name", String(255), nullable=True, unique=None,
465 465 default=None)
466 466 _app_settings_value = Column(
467 467 "app_settings_value", String(4096), nullable=True, unique=None,
468 468 default=None)
469 469 _app_settings_type = Column(
470 470 "app_settings_type", String(255), nullable=True, unique=None,
471 471 default=None)
472 472
473 473 repository = relationship('Repository')
474 474
475 475 def __init__(self, repository_id, key='', val='', type='unicode'):
476 476 self.repository_id = repository_id
477 477 self.app_settings_name = key
478 478 self.app_settings_type = type
479 479 self.app_settings_value = val
480 480
481 481 @validates('_app_settings_value')
482 482 def validate_settings_value(self, key, val):
483 483 assert type(val) == unicode
484 484 return val
485 485
486 486 @hybrid_property
487 487 def app_settings_value(self):
488 488 v = self._app_settings_value
489 489 type_ = self.app_settings_type
490 490 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
491 491 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
492 492 return converter(v)
493 493
494 494 @app_settings_value.setter
495 495 def app_settings_value(self, val):
496 496 """
497 497 Setter that will always make sure we use unicode in app_settings_value
498 498
499 499 :param val:
500 500 """
501 501 self._app_settings_value = safe_unicode(val)
502 502
503 503 @hybrid_property
504 504 def app_settings_type(self):
505 505 return self._app_settings_type
506 506
507 507 @app_settings_type.setter
508 508 def app_settings_type(self, val):
509 509 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
510 510 if val not in SETTINGS_TYPES:
511 511 raise Exception('type must be one of %s got %s'
512 512 % (SETTINGS_TYPES.keys(), val))
513 513 self._app_settings_type = val
514 514
515 515 def __unicode__(self):
516 516 return u"<%s('%s:%s:%s[%s]')>" % (
517 517 self.__class__.__name__, self.repository.repo_name,
518 518 self.app_settings_name, self.app_settings_value,
519 519 self.app_settings_type
520 520 )
521 521
522 522
523 523 class RepoRhodeCodeUi(Base, BaseModel):
524 524 __tablename__ = 'repo_rhodecode_ui'
525 525 __table_args__ = (
526 526 UniqueConstraint(
527 527 'repository_id', 'ui_section', 'ui_key',
528 528 name='uq_repo_rhodecode_ui_repository_id_section_key'),
529 529 base_table_args
530 530 )
531 531
532 532 repository_id = Column(
533 533 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
534 534 nullable=False)
535 535 ui_id = Column(
536 536 "ui_id", Integer(), nullable=False, unique=True, default=None,
537 537 primary_key=True)
538 538 ui_section = Column(
539 539 "ui_section", String(255), nullable=True, unique=None, default=None)
540 540 ui_key = Column(
541 541 "ui_key", String(255), nullable=True, unique=None, default=None)
542 542 ui_value = Column(
543 543 "ui_value", String(255), nullable=True, unique=None, default=None)
544 544 ui_active = Column(
545 545 "ui_active", Boolean(), nullable=True, unique=None, default=True)
546 546
547 547 repository = relationship('Repository')
548 548
549 549 def __repr__(self):
550 550 return '<%s[%s:%s]%s=>%s]>' % (
551 551 self.__class__.__name__, self.repository.repo_name,
552 552 self.ui_section, self.ui_key, self.ui_value)
553 553
554 554
555 555 class User(Base, BaseModel):
556 556 __tablename__ = 'users'
557 557 __table_args__ = (
558 558 UniqueConstraint('username'), UniqueConstraint('email'),
559 559 Index('u_username_idx', 'username'),
560 560 Index('u_email_idx', 'email'),
561 561 base_table_args
562 562 )
563 563
564 564 DEFAULT_USER = 'default'
565 565 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
566 566 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
567 567
568 568 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
569 569 username = Column("username", String(255), nullable=True, unique=None, default=None)
570 570 password = Column("password", String(255), nullable=True, unique=None, default=None)
571 571 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
572 572 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
573 573 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
574 574 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
575 575 _email = Column("email", String(255), nullable=True, unique=None, default=None)
576 576 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
577 577 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
578 578
579 579 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
580 580 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
581 581 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
582 582 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
583 583 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
584 584 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
585 585
586 586 user_log = relationship('UserLog')
587 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
587 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all, delete-orphan')
588 588
589 589 repositories = relationship('Repository')
590 590 repository_groups = relationship('RepoGroup')
591 591 user_groups = relationship('UserGroup')
592 592
593 593 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
594 594 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
595 595
596 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
597 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
598 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all')
596 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all, delete-orphan')
597 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan')
598 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan')
599 599
600 600 group_member = relationship('UserGroupMember', cascade='all')
601 601
602 602 notifications = relationship('UserNotification', cascade='all')
603 603 # notifications assigned to this user
604 604 user_created_notifications = relationship('Notification', cascade='all')
605 605 # comments created by this user
606 606 user_comments = relationship('ChangesetComment', cascade='all')
607 607 # user profile extra info
608 608 user_emails = relationship('UserEmailMap', cascade='all')
609 609 user_ip_map = relationship('UserIpMap', cascade='all')
610 610 user_auth_tokens = relationship('UserApiKeys', cascade='all')
611 611 user_ssh_keys = relationship('UserSshKeys', cascade='all')
612 612
613 613 # gists
614 614 user_gists = relationship('Gist', cascade='all')
615 615 # user pull requests
616 616 user_pull_requests = relationship('PullRequest', cascade='all')
617 617 # external identities
618 618 extenal_identities = relationship(
619 619 'ExternalIdentity',
620 620 primaryjoin="User.user_id==ExternalIdentity.local_user_id",
621 621 cascade='all')
622 622 # review rules
623 623 user_review_rules = relationship('RepoReviewRuleUser', cascade='all')
624 624
625 625 def __unicode__(self):
626 626 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
627 627 self.user_id, self.username)
628 628
629 629 @hybrid_property
630 630 def email(self):
631 631 return self._email
632 632
633 633 @email.setter
634 634 def email(self, val):
635 635 self._email = val.lower() if val else None
636 636
637 637 @hybrid_property
638 638 def first_name(self):
639 639 from rhodecode.lib import helpers as h
640 640 if self.name:
641 641 return h.escape(self.name)
642 642 return self.name
643 643
644 644 @hybrid_property
645 645 def last_name(self):
646 646 from rhodecode.lib import helpers as h
647 647 if self.lastname:
648 648 return h.escape(self.lastname)
649 649 return self.lastname
650 650
651 651 @hybrid_property
652 652 def api_key(self):
653 653 """
654 654 Fetch if exist an auth-token with role ALL connected to this user
655 655 """
656 656 user_auth_token = UserApiKeys.query()\
657 657 .filter(UserApiKeys.user_id == self.user_id)\
658 658 .filter(or_(UserApiKeys.expires == -1,
659 659 UserApiKeys.expires >= time.time()))\
660 660 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
661 661 if user_auth_token:
662 662 user_auth_token = user_auth_token.api_key
663 663
664 664 return user_auth_token
665 665
666 666 @api_key.setter
667 667 def api_key(self, val):
668 668 # don't allow to set API key this is deprecated for now
669 669 self._api_key = None
670 670
671 671 @property
672 672 def reviewer_pull_requests(self):
673 673 return PullRequestReviewers.query() \
674 674 .options(joinedload(PullRequestReviewers.pull_request)) \
675 675 .filter(PullRequestReviewers.user_id == self.user_id) \
676 676 .all()
677 677
678 678 @property
679 679 def firstname(self):
680 680 # alias for future
681 681 return self.name
682 682
683 683 @property
684 684 def emails(self):
685 685 other = UserEmailMap.query()\
686 686 .filter(UserEmailMap.user == self) \
687 687 .order_by(UserEmailMap.email_id.asc()) \
688 688 .all()
689 689 return [self.email] + [x.email for x in other]
690 690
691 691 @property
692 692 def auth_tokens(self):
693 693 auth_tokens = self.get_auth_tokens()
694 694 return [x.api_key for x in auth_tokens]
695 695
696 696 def get_auth_tokens(self):
697 697 return UserApiKeys.query()\
698 698 .filter(UserApiKeys.user == self)\
699 699 .order_by(UserApiKeys.user_api_key_id.asc())\
700 700 .all()
701 701
702 702 @LazyProperty
703 703 def feed_token(self):
704 704 return self.get_feed_token()
705 705
706 706 def get_feed_token(self, cache=True):
707 707 feed_tokens = UserApiKeys.query()\
708 708 .filter(UserApiKeys.user == self)\
709 709 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
710 710 if cache:
711 711 feed_tokens = feed_tokens.options(
712 712 FromCache("sql_cache_short", "get_user_feed_token_%s" % self.user_id))
713 713
714 714 feed_tokens = feed_tokens.all()
715 715 if feed_tokens:
716 716 return feed_tokens[0].api_key
717 717 return 'NO_FEED_TOKEN_AVAILABLE'
718 718
719 719 @classmethod
720 720 def get(cls, user_id, cache=False):
721 721 if not user_id:
722 722 return
723 723
724 724 user = cls.query()
725 725 if cache:
726 726 user = user.options(
727 727 FromCache("sql_cache_short", "get_users_%s" % user_id))
728 728 return user.get(user_id)
729 729
730 730 @classmethod
731 731 def extra_valid_auth_tokens(cls, user, role=None):
732 732 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
733 733 .filter(or_(UserApiKeys.expires == -1,
734 734 UserApiKeys.expires >= time.time()))
735 735 if role:
736 736 tokens = tokens.filter(or_(UserApiKeys.role == role,
737 737 UserApiKeys.role == UserApiKeys.ROLE_ALL))
738 738 return tokens.all()
739 739
740 740 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
741 741 from rhodecode.lib import auth
742 742
743 743 log.debug('Trying to authenticate user: %s via auth-token, '
744 744 'and roles: %s', self, roles)
745 745
746 746 if not auth_token:
747 747 return False
748 748
749 749 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
750 750 tokens_q = UserApiKeys.query()\
751 751 .filter(UserApiKeys.user_id == self.user_id)\
752 752 .filter(or_(UserApiKeys.expires == -1,
753 753 UserApiKeys.expires >= time.time()))
754 754
755 755 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
756 756
757 757 crypto_backend = auth.crypto_backend()
758 758 enc_token_map = {}
759 759 plain_token_map = {}
760 760 for token in tokens_q:
761 761 if token.api_key.startswith(crypto_backend.ENC_PREF):
762 762 enc_token_map[token.api_key] = token
763 763 else:
764 764 plain_token_map[token.api_key] = token
765 765 log.debug(
766 766 'Found %s plain and %s encrypted user tokens to check for authentication',
767 767 len(plain_token_map), len(enc_token_map))
768 768
769 769 # plain token match comes first
770 770 match = plain_token_map.get(auth_token)
771 771
772 772 # check encrypted tokens now
773 773 if not match:
774 774 for token_hash, token in enc_token_map.items():
775 775 # NOTE(marcink): this is expensive to calculate, but most secure
776 776 if crypto_backend.hash_check(auth_token, token_hash):
777 777 match = token
778 778 break
779 779
780 780 if match:
781 781 log.debug('Found matching token %s', match)
782 782 if match.repo_id:
783 783 log.debug('Found scope, checking for scope match of token %s', match)
784 784 if match.repo_id == scope_repo_id:
785 785 return True
786 786 else:
787 787 log.debug(
788 788 'AUTH_TOKEN: scope mismatch, token has a set repo scope: %s, '
789 789 'and calling scope is:%s, skipping further checks',
790 790 match.repo, scope_repo_id)
791 791 return False
792 792 else:
793 793 return True
794 794
795 795 return False
796 796
797 797 @property
798 798 def ip_addresses(self):
799 799 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
800 800 return [x.ip_addr for x in ret]
801 801
802 802 @property
803 803 def username_and_name(self):
804 804 return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
805 805
806 806 @property
807 807 def username_or_name_or_email(self):
808 808 full_name = self.full_name if self.full_name is not ' ' else None
809 809 return self.username or full_name or self.email
810 810
811 811 @property
812 812 def full_name(self):
813 813 return '%s %s' % (self.first_name, self.last_name)
814 814
815 815 @property
816 816 def full_name_or_username(self):
817 817 return ('%s %s' % (self.first_name, self.last_name)
818 818 if (self.first_name and self.last_name) else self.username)
819 819
820 820 @property
821 821 def full_contact(self):
822 822 return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
823 823
824 824 @property
825 825 def short_contact(self):
826 826 return '%s %s' % (self.first_name, self.last_name)
827 827
828 828 @property
829 829 def is_admin(self):
830 830 return self.admin
831 831
832 832 def AuthUser(self, **kwargs):
833 833 """
834 834 Returns instance of AuthUser for this user
835 835 """
836 836 from rhodecode.lib.auth import AuthUser
837 837 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
838 838
839 839 @hybrid_property
840 840 def user_data(self):
841 841 if not self._user_data:
842 842 return {}
843 843
844 844 try:
845 845 return json.loads(self._user_data)
846 846 except TypeError:
847 847 return {}
848 848
849 849 @user_data.setter
850 850 def user_data(self, val):
851 851 if not isinstance(val, dict):
852 852 raise Exception('user_data must be dict, got %s' % type(val))
853 853 try:
854 854 self._user_data = json.dumps(val)
855 855 except Exception:
856 856 log.error(traceback.format_exc())
857 857
858 858 @classmethod
859 859 def get_by_username(cls, username, case_insensitive=False,
860 860 cache=False, identity_cache=False):
861 861 session = Session()
862 862
863 863 if case_insensitive:
864 864 q = cls.query().filter(
865 865 func.lower(cls.username) == func.lower(username))
866 866 else:
867 867 q = cls.query().filter(cls.username == username)
868 868
869 869 if cache:
870 870 if identity_cache:
871 871 val = cls.identity_cache(session, 'username', username)
872 872 if val:
873 873 return val
874 874 else:
875 875 cache_key = "get_user_by_name_%s" % _hash_key(username)
876 876 q = q.options(
877 877 FromCache("sql_cache_short", cache_key))
878 878
879 879 return q.scalar()
880 880
881 881 @classmethod
882 882 def get_by_auth_token(cls, auth_token, cache=False):
883 883 q = UserApiKeys.query()\
884 884 .filter(UserApiKeys.api_key == auth_token)\
885 885 .filter(or_(UserApiKeys.expires == -1,
886 886 UserApiKeys.expires >= time.time()))
887 887 if cache:
888 888 q = q.options(
889 889 FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
890 890
891 891 match = q.first()
892 892 if match:
893 893 return match.user
894 894
895 895 @classmethod
896 896 def get_by_email(cls, email, case_insensitive=False, cache=False):
897 897
898 898 if case_insensitive:
899 899 q = cls.query().filter(func.lower(cls.email) == func.lower(email))
900 900
901 901 else:
902 902 q = cls.query().filter(cls.email == email)
903 903
904 904 email_key = _hash_key(email)
905 905 if cache:
906 906 q = q.options(
907 907 FromCache("sql_cache_short", "get_email_key_%s" % email_key))
908 908
909 909 ret = q.scalar()
910 910 if ret is None:
911 911 q = UserEmailMap.query()
912 912 # try fetching in alternate email map
913 913 if case_insensitive:
914 914 q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
915 915 else:
916 916 q = q.filter(UserEmailMap.email == email)
917 917 q = q.options(joinedload(UserEmailMap.user))
918 918 if cache:
919 919 q = q.options(
920 920 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
921 921 ret = getattr(q.scalar(), 'user', None)
922 922
923 923 return ret
924 924
925 925 @classmethod
926 926 def get_from_cs_author(cls, author):
927 927 """
928 928 Tries to get User objects out of commit author string
929 929
930 930 :param author:
931 931 """
932 932 from rhodecode.lib.helpers import email, author_name
933 933 # Valid email in the attribute passed, see if they're in the system
934 934 _email = email(author)
935 935 if _email:
936 936 user = cls.get_by_email(_email, case_insensitive=True)
937 937 if user:
938 938 return user
939 939 # Maybe we can match by username?
940 940 _author = author_name(author)
941 941 user = cls.get_by_username(_author, case_insensitive=True)
942 942 if user:
943 943 return user
944 944
945 945 def update_userdata(self, **kwargs):
946 946 usr = self
947 947 old = usr.user_data
948 948 old.update(**kwargs)
949 949 usr.user_data = old
950 950 Session().add(usr)
951 951 log.debug('updated userdata with %s', kwargs)
952 952
953 953 def update_lastlogin(self):
954 954 """Update user lastlogin"""
955 955 self.last_login = datetime.datetime.now()
956 956 Session().add(self)
957 957 log.debug('updated user %s lastlogin', self.username)
958 958
959 959 def update_password(self, new_password):
960 960 from rhodecode.lib.auth import get_crypt_password
961 961
962 962 self.password = get_crypt_password(new_password)
963 963 Session().add(self)
964 964
965 965 @classmethod
966 966 def get_first_super_admin(cls):
967 967 user = User.query()\
968 968 .filter(User.admin == true()) \
969 969 .order_by(User.user_id.asc()) \
970 970 .first()
971 971
972 972 if user is None:
973 973 raise Exception('FATAL: Missing administrative account!')
974 974 return user
975 975
976 976 @classmethod
977 977 def get_all_super_admins(cls, only_active=False):
978 978 """
979 979 Returns all admin accounts sorted by username
980 980 """
981 981 qry = User.query().filter(User.admin == true()).order_by(User.username.asc())
982 982 if only_active:
983 983 qry = qry.filter(User.active == true())
984 984 return qry.all()
985 985
986 986 @classmethod
987 987 def get_default_user(cls, cache=False, refresh=False):
988 988 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
989 989 if user is None:
990 990 raise Exception('FATAL: Missing default account!')
991 991 if refresh:
992 992 # The default user might be based on outdated state which
993 993 # has been loaded from the cache.
994 994 # A call to refresh() ensures that the
995 995 # latest state from the database is used.
996 996 Session().refresh(user)
997 997 return user
998 998
999 999 def _get_default_perms(self, user, suffix=''):
1000 1000 from rhodecode.model.permission import PermissionModel
1001 1001 return PermissionModel().get_default_perms(user.user_perms, suffix)
1002 1002
1003 1003 def get_default_perms(self, suffix=''):
1004 1004 return self._get_default_perms(self, suffix)
1005 1005
1006 1006 def get_api_data(self, include_secrets=False, details='full'):
1007 1007 """
1008 1008 Common function for generating user related data for API
1009 1009
1010 1010 :param include_secrets: By default secrets in the API data will be replaced
1011 1011 by a placeholder value to prevent exposing this data by accident. In case
1012 1012 this data shall be exposed, set this flag to ``True``.
1013 1013
1014 1014 :param details: details can be 'basic|full' basic gives only a subset of
1015 1015 the available user information that includes user_id, name and emails.
1016 1016 """
1017 1017 user = self
1018 1018 user_data = self.user_data
1019 1019 data = {
1020 1020 'user_id': user.user_id,
1021 1021 'username': user.username,
1022 1022 'firstname': user.name,
1023 1023 'lastname': user.lastname,
1024 1024 'email': user.email,
1025 1025 'emails': user.emails,
1026 1026 }
1027 1027 if details == 'basic':
1028 1028 return data
1029 1029
1030 1030 auth_token_length = 40
1031 1031 auth_token_replacement = '*' * auth_token_length
1032 1032
1033 1033 extras = {
1034 1034 'auth_tokens': [auth_token_replacement],
1035 1035 'active': user.active,
1036 1036 'admin': user.admin,
1037 1037 'extern_type': user.extern_type,
1038 1038 'extern_name': user.extern_name,
1039 1039 'last_login': user.last_login,
1040 1040 'last_activity': user.last_activity,
1041 1041 'ip_addresses': user.ip_addresses,
1042 1042 'language': user_data.get('language')
1043 1043 }
1044 1044 data.update(extras)
1045 1045
1046 1046 if include_secrets:
1047 1047 data['auth_tokens'] = user.auth_tokens
1048 1048 return data
1049 1049
1050 1050 def __json__(self):
1051 1051 data = {
1052 1052 'full_name': self.full_name,
1053 1053 'full_name_or_username': self.full_name_or_username,
1054 1054 'short_contact': self.short_contact,
1055 1055 'full_contact': self.full_contact,
1056 1056 }
1057 1057 data.update(self.get_api_data())
1058 1058 return data
1059 1059
1060 1060
1061 1061 class UserApiKeys(Base, BaseModel):
1062 1062 __tablename__ = 'user_api_keys'
1063 1063 __table_args__ = (
1064 1064 Index('uak_api_key_idx', 'api_key'),
1065 1065 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1066 1066 base_table_args
1067 1067 )
1068 1068 __mapper_args__ = {}
1069 1069
1070 1070 # ApiKey role
1071 1071 ROLE_ALL = 'token_role_all'
1072 1072 ROLE_HTTP = 'token_role_http'
1073 1073 ROLE_VCS = 'token_role_vcs'
1074 1074 ROLE_API = 'token_role_api'
1075 1075 ROLE_FEED = 'token_role_feed'
1076 1076 ROLE_PASSWORD_RESET = 'token_password_reset'
1077 1077
1078 1078 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
1079 1079
1080 1080 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1081 1081 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1082 1082 api_key = Column("api_key", String(255), nullable=False, unique=True)
1083 1083 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1084 1084 expires = Column('expires', Float(53), nullable=False)
1085 1085 role = Column('role', String(255), nullable=True)
1086 1086 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1087 1087
1088 1088 # scope columns
1089 1089 repo_id = Column(
1090 1090 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1091 1091 nullable=True, unique=None, default=None)
1092 1092 repo = relationship('Repository', lazy='joined')
1093 1093
1094 1094 repo_group_id = Column(
1095 1095 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1096 1096 nullable=True, unique=None, default=None)
1097 1097 repo_group = relationship('RepoGroup', lazy='joined')
1098 1098
1099 1099 user = relationship('User', lazy='joined')
1100 1100
1101 1101 def __unicode__(self):
1102 1102 return u"<%s('%s')>" % (self.__class__.__name__, self.role)
1103 1103
1104 1104 def __json__(self):
1105 1105 data = {
1106 1106 'auth_token': self.api_key,
1107 1107 'role': self.role,
1108 1108 'scope': self.scope_humanized,
1109 1109 'expired': self.expired
1110 1110 }
1111 1111 return data
1112 1112
1113 1113 def get_api_data(self, include_secrets=False):
1114 1114 data = self.__json__()
1115 1115 if include_secrets:
1116 1116 return data
1117 1117 else:
1118 1118 data['auth_token'] = self.token_obfuscated
1119 1119 return data
1120 1120
1121 1121 @hybrid_property
1122 1122 def description_safe(self):
1123 1123 from rhodecode.lib import helpers as h
1124 1124 return h.escape(self.description)
1125 1125
1126 1126 @property
1127 1127 def expired(self):
1128 1128 if self.expires == -1:
1129 1129 return False
1130 1130 return time.time() > self.expires
1131 1131
1132 1132 @classmethod
1133 1133 def _get_role_name(cls, role):
1134 1134 return {
1135 1135 cls.ROLE_ALL: _('all'),
1136 1136 cls.ROLE_HTTP: _('http/web interface'),
1137 1137 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1138 1138 cls.ROLE_API: _('api calls'),
1139 1139 cls.ROLE_FEED: _('feed access'),
1140 1140 }.get(role, role)
1141 1141
1142 1142 @property
1143 1143 def role_humanized(self):
1144 1144 return self._get_role_name(self.role)
1145 1145
1146 1146 def _get_scope(self):
1147 1147 if self.repo:
1148 1148 return 'Repository: {}'.format(self.repo.repo_name)
1149 1149 if self.repo_group:
1150 1150 return 'RepositoryGroup: {} (recursive)'.format(self.repo_group.group_name)
1151 1151 return 'Global'
1152 1152
1153 1153 @property
1154 1154 def scope_humanized(self):
1155 1155 return self._get_scope()
1156 1156
1157 1157 @property
1158 1158 def token_obfuscated(self):
1159 1159 if self.api_key:
1160 1160 return self.api_key[:4] + "****"
1161 1161
1162 1162
1163 1163 class UserEmailMap(Base, BaseModel):
1164 1164 __tablename__ = 'user_email_map'
1165 1165 __table_args__ = (
1166 1166 Index('uem_email_idx', 'email'),
1167 1167 UniqueConstraint('email'),
1168 1168 base_table_args
1169 1169 )
1170 1170 __mapper_args__ = {}
1171 1171
1172 1172 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1173 1173 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1174 1174 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1175 1175 user = relationship('User', lazy='joined')
1176 1176
1177 1177 @validates('_email')
1178 1178 def validate_email(self, key, email):
1179 1179 # check if this email is not main one
1180 1180 main_email = Session().query(User).filter(User.email == email).scalar()
1181 1181 if main_email is not None:
1182 1182 raise AttributeError('email %s is present is user table' % email)
1183 1183 return email
1184 1184
1185 1185 @hybrid_property
1186 1186 def email(self):
1187 1187 return self._email
1188 1188
1189 1189 @email.setter
1190 1190 def email(self, val):
1191 1191 self._email = val.lower() if val else None
1192 1192
1193 1193
1194 1194 class UserIpMap(Base, BaseModel):
1195 1195 __tablename__ = 'user_ip_map'
1196 1196 __table_args__ = (
1197 1197 UniqueConstraint('user_id', 'ip_addr'),
1198 1198 base_table_args
1199 1199 )
1200 1200 __mapper_args__ = {}
1201 1201
1202 1202 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1203 1203 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1204 1204 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1205 1205 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1206 1206 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1207 1207 user = relationship('User', lazy='joined')
1208 1208
1209 1209 @hybrid_property
1210 1210 def description_safe(self):
1211 1211 from rhodecode.lib import helpers as h
1212 1212 return h.escape(self.description)
1213 1213
1214 1214 @classmethod
1215 1215 def _get_ip_range(cls, ip_addr):
1216 1216 net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)
1217 1217 return [str(net.network_address), str(net.broadcast_address)]
1218 1218
1219 1219 def __json__(self):
1220 1220 return {
1221 1221 'ip_addr': self.ip_addr,
1222 1222 'ip_range': self._get_ip_range(self.ip_addr),
1223 1223 }
1224 1224
1225 1225 def __unicode__(self):
1226 1226 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1227 1227 self.user_id, self.ip_addr)
1228 1228
1229 1229
1230 1230 class UserSshKeys(Base, BaseModel):
1231 1231 __tablename__ = 'user_ssh_keys'
1232 1232 __table_args__ = (
1233 1233 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1234 1234
1235 1235 UniqueConstraint('ssh_key_fingerprint'),
1236 1236
1237 1237 base_table_args
1238 1238 )
1239 1239 __mapper_args__ = {}
1240 1240
1241 1241 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1242 1242 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1243 1243 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1244 1244
1245 1245 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1246 1246
1247 1247 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1248 1248 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1249 1249 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1250 1250
1251 1251 user = relationship('User', lazy='joined')
1252 1252
1253 1253 def __json__(self):
1254 1254 data = {
1255 1255 'ssh_fingerprint': self.ssh_key_fingerprint,
1256 1256 'description': self.description,
1257 1257 'created_on': self.created_on
1258 1258 }
1259 1259 return data
1260 1260
1261 1261 def get_api_data(self):
1262 1262 data = self.__json__()
1263 1263 return data
1264 1264
1265 1265
1266 1266 class UserLog(Base, BaseModel):
1267 1267 __tablename__ = 'user_logs'
1268 1268 __table_args__ = (
1269 1269 base_table_args,
1270 1270 )
1271 1271
1272 1272 VERSION_1 = 'v1'
1273 1273 VERSION_2 = 'v2'
1274 1274 VERSIONS = [VERSION_1, VERSION_2]
1275 1275
1276 1276 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1277 1277 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1278 1278 username = Column("username", String(255), nullable=True, unique=None, default=None)
1279 1279 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1280 1280 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1281 1281 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1282 1282 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1283 1283 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1284 1284
1285 1285 version = Column("version", String(255), nullable=True, default=VERSION_1)
1286 1286 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1287 1287 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1288 1288
1289 1289 def __unicode__(self):
1290 1290 return u"<%s('id:%s:%s')>" % (
1291 1291 self.__class__.__name__, self.repository_name, self.action)
1292 1292
1293 1293 def __json__(self):
1294 1294 return {
1295 1295 'user_id': self.user_id,
1296 1296 'username': self.username,
1297 1297 'repository_id': self.repository_id,
1298 1298 'repository_name': self.repository_name,
1299 1299 'user_ip': self.user_ip,
1300 1300 'action_date': self.action_date,
1301 1301 'action': self.action,
1302 1302 }
1303 1303
1304 1304 @hybrid_property
1305 1305 def entry_id(self):
1306 1306 return self.user_log_id
1307 1307
1308 1308 @property
1309 1309 def action_as_day(self):
1310 1310 return datetime.date(*self.action_date.timetuple()[:3])
1311 1311
1312 1312 user = relationship('User')
1313 1313 repository = relationship('Repository', cascade='')
1314 1314
1315 1315
1316 1316 class UserGroup(Base, BaseModel):
1317 1317 __tablename__ = 'users_groups'
1318 1318 __table_args__ = (
1319 1319 base_table_args,
1320 1320 )
1321 1321
1322 1322 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1323 1323 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1324 1324 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1325 1325 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1326 1326 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1327 1327 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1328 1328 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1329 1329 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1330 1330
1331 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
1331 members = relationship('UserGroupMember', cascade="all, delete-orphan", lazy="joined")
1332 1332 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
1333 1333 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1334 1334 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
1335 1335 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
1336 1336 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
1337 1337
1338 1338 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')
1339 1339 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")
1340 1340
1341 1341 @classmethod
1342 1342 def _load_group_data(cls, column):
1343 1343 if not column:
1344 1344 return {}
1345 1345
1346 1346 try:
1347 1347 return json.loads(column) or {}
1348 1348 except TypeError:
1349 1349 return {}
1350 1350
1351 1351 @hybrid_property
1352 1352 def description_safe(self):
1353 1353 from rhodecode.lib import helpers as h
1354 1354 return h.escape(self.user_group_description)
1355 1355
1356 1356 @hybrid_property
1357 1357 def group_data(self):
1358 1358 return self._load_group_data(self._group_data)
1359 1359
1360 1360 @group_data.expression
1361 1361 def group_data(self, **kwargs):
1362 1362 return self._group_data
1363 1363
1364 1364 @group_data.setter
1365 1365 def group_data(self, val):
1366 1366 try:
1367 1367 self._group_data = json.dumps(val)
1368 1368 except Exception:
1369 1369 log.error(traceback.format_exc())
1370 1370
1371 1371 @classmethod
1372 1372 def _load_sync(cls, group_data):
1373 1373 if group_data:
1374 1374 return group_data.get('extern_type')
1375 1375
1376 1376 @property
1377 1377 def sync(self):
1378 1378 return self._load_sync(self.group_data)
1379 1379
1380 1380 def __unicode__(self):
1381 1381 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
1382 1382 self.users_group_id,
1383 1383 self.users_group_name)
1384 1384
1385 1385 @classmethod
1386 1386 def get_by_group_name(cls, group_name, cache=False,
1387 1387 case_insensitive=False):
1388 1388 if case_insensitive:
1389 1389 q = cls.query().filter(func.lower(cls.users_group_name) ==
1390 1390 func.lower(group_name))
1391 1391
1392 1392 else:
1393 1393 q = cls.query().filter(cls.users_group_name == group_name)
1394 1394 if cache:
1395 1395 q = q.options(
1396 1396 FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
1397 1397 return q.scalar()
1398 1398
1399 1399 @classmethod
1400 1400 def get(cls, user_group_id, cache=False):
1401 1401 if not user_group_id:
1402 1402 return
1403 1403
1404 1404 user_group = cls.query()
1405 1405 if cache:
1406 1406 user_group = user_group.options(
1407 1407 FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
1408 1408 return user_group.get(user_group_id)
1409 1409
1410 1410 def permissions(self, with_admins=True, with_owner=True,
1411 1411 expand_from_user_groups=False):
1412 1412 """
1413 1413 Permissions for user groups
1414 1414 """
1415 1415 _admin_perm = 'usergroup.admin'
1416 1416
1417 1417 owner_row = []
1418 1418 if with_owner:
1419 1419 usr = AttributeDict(self.user.get_dict())
1420 1420 usr.owner_row = True
1421 1421 usr.permission = _admin_perm
1422 1422 owner_row.append(usr)
1423 1423
1424 1424 super_admin_ids = []
1425 1425 super_admin_rows = []
1426 1426 if with_admins:
1427 1427 for usr in User.get_all_super_admins():
1428 1428 super_admin_ids.append(usr.user_id)
1429 1429 # if this admin is also owner, don't double the record
1430 1430 if usr.user_id == owner_row[0].user_id:
1431 1431 owner_row[0].admin_row = True
1432 1432 else:
1433 1433 usr = AttributeDict(usr.get_dict())
1434 1434 usr.admin_row = True
1435 1435 usr.permission = _admin_perm
1436 1436 super_admin_rows.append(usr)
1437 1437
1438 1438 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1439 1439 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1440 1440 joinedload(UserUserGroupToPerm.user),
1441 1441 joinedload(UserUserGroupToPerm.permission),)
1442 1442
1443 1443 # get owners and admins and permissions. We do a trick of re-writing
1444 1444 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1445 1445 # has a global reference and changing one object propagates to all
1446 1446 # others. This means if admin is also an owner admin_row that change
1447 1447 # would propagate to both objects
1448 1448 perm_rows = []
1449 1449 for _usr in q.all():
1450 1450 usr = AttributeDict(_usr.user.get_dict())
1451 1451 # if this user is also owner/admin, mark as duplicate record
1452 1452 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1453 1453 usr.duplicate_perm = True
1454 1454 usr.permission = _usr.permission.permission_name
1455 1455 perm_rows.append(usr)
1456 1456
1457 1457 # filter the perm rows by 'default' first and then sort them by
1458 1458 # admin,write,read,none permissions sorted again alphabetically in
1459 1459 # each group
1460 1460 perm_rows = sorted(perm_rows, key=display_user_sort)
1461 1461
1462 1462 user_groups_rows = []
1463 1463 if expand_from_user_groups:
1464 1464 for ug in self.permission_user_groups(with_members=True):
1465 1465 for user_data in ug.members:
1466 1466 user_groups_rows.append(user_data)
1467 1467
1468 1468 return super_admin_rows + owner_row + perm_rows + user_groups_rows
1469 1469
1470 1470 def permission_user_groups(self, with_members=False):
1471 1471 q = UserGroupUserGroupToPerm.query()\
1472 1472 .filter(UserGroupUserGroupToPerm.target_user_group == self)
1473 1473 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1474 1474 joinedload(UserGroupUserGroupToPerm.target_user_group),
1475 1475 joinedload(UserGroupUserGroupToPerm.permission),)
1476 1476
1477 1477 perm_rows = []
1478 1478 for _user_group in q.all():
1479 1479 entry = AttributeDict(_user_group.user_group.get_dict())
1480 1480 entry.permission = _user_group.permission.permission_name
1481 1481 if with_members:
1482 1482 entry.members = [x.user.get_dict()
1483 1483 for x in _user_group.user_group.members]
1484 1484 perm_rows.append(entry)
1485 1485
1486 1486 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1487 1487 return perm_rows
1488 1488
1489 1489 def _get_default_perms(self, user_group, suffix=''):
1490 1490 from rhodecode.model.permission import PermissionModel
1491 1491 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1492 1492
1493 1493 def get_default_perms(self, suffix=''):
1494 1494 return self._get_default_perms(self, suffix)
1495 1495
1496 1496 def get_api_data(self, with_group_members=True, include_secrets=False):
1497 1497 """
1498 1498 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1499 1499 basically forwarded.
1500 1500
1501 1501 """
1502 1502 user_group = self
1503 1503 data = {
1504 1504 'users_group_id': user_group.users_group_id,
1505 1505 'group_name': user_group.users_group_name,
1506 1506 'group_description': user_group.user_group_description,
1507 1507 'active': user_group.users_group_active,
1508 1508 'owner': user_group.user.username,
1509 1509 'sync': user_group.sync,
1510 1510 'owner_email': user_group.user.email,
1511 1511 }
1512 1512
1513 1513 if with_group_members:
1514 1514 users = []
1515 1515 for user in user_group.members:
1516 1516 user = user.user
1517 1517 users.append(user.get_api_data(include_secrets=include_secrets))
1518 1518 data['users'] = users
1519 1519
1520 1520 return data
1521 1521
1522 1522
1523 1523 class UserGroupMember(Base, BaseModel):
1524 1524 __tablename__ = 'users_groups_members'
1525 1525 __table_args__ = (
1526 1526 base_table_args,
1527 1527 )
1528 1528
1529 1529 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1530 1530 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1531 1531 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1532 1532
1533 1533 user = relationship('User', lazy='joined')
1534 1534 users_group = relationship('UserGroup')
1535 1535
1536 1536 def __init__(self, gr_id='', u_id=''):
1537 1537 self.users_group_id = gr_id
1538 1538 self.user_id = u_id
1539 1539
1540 1540
1541 1541 class RepositoryField(Base, BaseModel):
1542 1542 __tablename__ = 'repositories_fields'
1543 1543 __table_args__ = (
1544 1544 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1545 1545 base_table_args,
1546 1546 )
1547 1547
1548 1548 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1549 1549
1550 1550 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1551 1551 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1552 1552 field_key = Column("field_key", String(250))
1553 1553 field_label = Column("field_label", String(1024), nullable=False)
1554 1554 field_value = Column("field_value", String(10000), nullable=False)
1555 1555 field_desc = Column("field_desc", String(1024), nullable=False)
1556 1556 field_type = Column("field_type", String(255), nullable=False, unique=None)
1557 1557 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1558 1558
1559 1559 repository = relationship('Repository')
1560 1560
1561 1561 @property
1562 1562 def field_key_prefixed(self):
1563 1563 return 'ex_%s' % self.field_key
1564 1564
1565 1565 @classmethod
1566 1566 def un_prefix_key(cls, key):
1567 1567 if key.startswith(cls.PREFIX):
1568 1568 return key[len(cls.PREFIX):]
1569 1569 return key
1570 1570
1571 1571 @classmethod
1572 1572 def get_by_key_name(cls, key, repo):
1573 1573 row = cls.query()\
1574 1574 .filter(cls.repository == repo)\
1575 1575 .filter(cls.field_key == key).scalar()
1576 1576 return row
1577 1577
1578 1578
1579 1579 class Repository(Base, BaseModel):
1580 1580 __tablename__ = 'repositories'
1581 1581 __table_args__ = (
1582 1582 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1583 1583 base_table_args,
1584 1584 )
1585 1585 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1586 1586 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1587 1587 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1588 1588
1589 1589 STATE_CREATED = 'repo_state_created'
1590 1590 STATE_PENDING = 'repo_state_pending'
1591 1591 STATE_ERROR = 'repo_state_error'
1592 1592
1593 1593 LOCK_AUTOMATIC = 'lock_auto'
1594 1594 LOCK_API = 'lock_api'
1595 1595 LOCK_WEB = 'lock_web'
1596 1596 LOCK_PULL = 'lock_pull'
1597 1597
1598 1598 NAME_SEP = URL_SEP
1599 1599
1600 1600 repo_id = Column(
1601 1601 "repo_id", Integer(), nullable=False, unique=True, default=None,
1602 1602 primary_key=True)
1603 1603 _repo_name = Column(
1604 1604 "repo_name", Text(), nullable=False, default=None)
1605 1605 _repo_name_hash = Column(
1606 1606 "repo_name_hash", String(255), nullable=False, unique=True)
1607 1607 repo_state = Column("repo_state", String(255), nullable=True)
1608 1608
1609 1609 clone_uri = Column(
1610 1610 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1611 1611 default=None)
1612 1612 push_uri = Column(
1613 1613 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1614 1614 default=None)
1615 1615 repo_type = Column(
1616 1616 "repo_type", String(255), nullable=False, unique=False, default=None)
1617 1617 user_id = Column(
1618 1618 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1619 1619 unique=False, default=None)
1620 1620 private = Column(
1621 1621 "private", Boolean(), nullable=True, unique=None, default=None)
1622 1622 archived = Column(
1623 1623 "archived", Boolean(), nullable=True, unique=None, default=None)
1624 1624 enable_statistics = Column(
1625 1625 "statistics", Boolean(), nullable=True, unique=None, default=True)
1626 1626 enable_downloads = Column(
1627 1627 "downloads", Boolean(), nullable=True, unique=None, default=True)
1628 1628 description = Column(
1629 1629 "description", String(10000), nullable=True, unique=None, default=None)
1630 1630 created_on = Column(
1631 1631 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1632 1632 default=datetime.datetime.now)
1633 1633 updated_on = Column(
1634 1634 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1635 1635 default=datetime.datetime.now)
1636 1636 _landing_revision = Column(
1637 1637 "landing_revision", String(255), nullable=False, unique=False,
1638 1638 default=None)
1639 1639 enable_locking = Column(
1640 1640 "enable_locking", Boolean(), nullable=False, unique=None,
1641 1641 default=False)
1642 1642 _locked = Column(
1643 1643 "locked", String(255), nullable=True, unique=False, default=None)
1644 1644 _changeset_cache = Column(
1645 1645 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1646 1646
1647 1647 fork_id = Column(
1648 1648 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1649 1649 nullable=True, unique=False, default=None)
1650 1650 group_id = Column(
1651 1651 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1652 1652 unique=False, default=None)
1653 1653
1654 1654 user = relationship('User', lazy='joined')
1655 1655 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1656 1656 group = relationship('RepoGroup', lazy='joined')
1657 1657 repo_to_perm = relationship(
1658 1658 'UserRepoToPerm', cascade='all',
1659 1659 order_by='UserRepoToPerm.repo_to_perm_id')
1660 1660 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1661 1661 stats = relationship('Statistics', cascade='all', uselist=False)
1662 1662
1663 1663 followers = relationship(
1664 1664 'UserFollowing',
1665 1665 primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
1666 1666 cascade='all')
1667 1667 extra_fields = relationship(
1668 'RepositoryField', cascade="all, delete, delete-orphan")
1668 'RepositoryField', cascade="all, delete-orphan")
1669 1669 logs = relationship('UserLog')
1670 1670 comments = relationship(
1671 'ChangesetComment', cascade="all, delete, delete-orphan")
1671 'ChangesetComment', cascade="all, delete-orphan")
1672 1672 pull_requests_source = relationship(
1673 1673 'PullRequest',
1674 1674 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1675 cascade="all, delete, delete-orphan")
1675 cascade="all, delete-orphan")
1676 1676 pull_requests_target = relationship(
1677 1677 'PullRequest',
1678 1678 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1679 cascade="all, delete, delete-orphan")
1679 cascade="all, delete-orphan")
1680 1680 ui = relationship('RepoRhodeCodeUi', cascade="all")
1681 1681 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1682 integrations = relationship('Integration', cascade="all, delete, delete-orphan")
1682 integrations = relationship('Integration', cascade="all, delete-orphan")
1683 1683
1684 1684 scoped_tokens = relationship('UserApiKeys', cascade="all")
1685 1685
1686 1686 artifacts = relationship('FileStore', cascade="all")
1687 1687
1688 1688 def __unicode__(self):
1689 1689 return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
1690 1690 safe_unicode(self.repo_name))
1691 1691
1692 1692 @hybrid_property
1693 1693 def description_safe(self):
1694 1694 from rhodecode.lib import helpers as h
1695 1695 return h.escape(self.description)
1696 1696
1697 1697 @hybrid_property
1698 1698 def landing_rev(self):
1699 1699 # always should return [rev_type, rev]
1700 1700 if self._landing_revision:
1701 1701 _rev_info = self._landing_revision.split(':')
1702 1702 if len(_rev_info) < 2:
1703 1703 _rev_info.insert(0, 'rev')
1704 1704 return [_rev_info[0], _rev_info[1]]
1705 1705 return [None, None]
1706 1706
1707 1707 @landing_rev.setter
1708 1708 def landing_rev(self, val):
1709 1709 if ':' not in val:
1710 1710 raise ValueError('value must be delimited with `:` and consist '
1711 1711 'of <rev_type>:<rev>, got %s instead' % val)
1712 1712 self._landing_revision = val
1713 1713
1714 1714 @hybrid_property
1715 1715 def locked(self):
1716 1716 if self._locked:
1717 1717 user_id, timelocked, reason = self._locked.split(':')
1718 1718 lock_values = int(user_id), timelocked, reason
1719 1719 else:
1720 1720 lock_values = [None, None, None]
1721 1721 return lock_values
1722 1722
1723 1723 @locked.setter
1724 1724 def locked(self, val):
1725 1725 if val and isinstance(val, (list, tuple)):
1726 1726 self._locked = ':'.join(map(str, val))
1727 1727 else:
1728 1728 self._locked = None
1729 1729
1730 1730 @hybrid_property
1731 1731 def changeset_cache(self):
1732 1732 from rhodecode.lib.vcs.backends.base import EmptyCommit
1733 1733 dummy = EmptyCommit().__json__()
1734 1734 if not self._changeset_cache:
1735 1735 dummy['source_repo_id'] = self.repo_id
1736 1736 return json.loads(json.dumps(dummy))
1737 1737
1738 1738 try:
1739 1739 return json.loads(self._changeset_cache)
1740 1740 except TypeError:
1741 1741 return dummy
1742 1742 except Exception:
1743 1743 log.error(traceback.format_exc())
1744 1744 return dummy
1745 1745
1746 1746 @changeset_cache.setter
1747 1747 def changeset_cache(self, val):
1748 1748 try:
1749 1749 self._changeset_cache = json.dumps(val)
1750 1750 except Exception:
1751 1751 log.error(traceback.format_exc())
1752 1752
1753 1753 @hybrid_property
1754 1754 def repo_name(self):
1755 1755 return self._repo_name
1756 1756
1757 1757 @repo_name.setter
1758 1758 def repo_name(self, value):
1759 1759 self._repo_name = value
1760 1760 self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
1761 1761
1762 1762 @classmethod
1763 1763 def normalize_repo_name(cls, repo_name):
1764 1764 """
1765 1765 Normalizes os specific repo_name to the format internally stored inside
1766 1766 database using URL_SEP
1767 1767
1768 1768 :param cls:
1769 1769 :param repo_name:
1770 1770 """
1771 1771 return cls.NAME_SEP.join(repo_name.split(os.sep))
1772 1772
1773 1773 @classmethod
1774 1774 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1775 1775 session = Session()
1776 1776 q = session.query(cls).filter(cls.repo_name == repo_name)
1777 1777
1778 1778 if cache:
1779 1779 if identity_cache:
1780 1780 val = cls.identity_cache(session, 'repo_name', repo_name)
1781 1781 if val:
1782 1782 return val
1783 1783 else:
1784 1784 cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
1785 1785 q = q.options(
1786 1786 FromCache("sql_cache_short", cache_key))
1787 1787
1788 1788 return q.scalar()
1789 1789
1790 1790 @classmethod
1791 1791 def get_by_id_or_repo_name(cls, repoid):
1792 1792 if isinstance(repoid, (int, long)):
1793 1793 try:
1794 1794 repo = cls.get(repoid)
1795 1795 except ValueError:
1796 1796 repo = None
1797 1797 else:
1798 1798 repo = cls.get_by_repo_name(repoid)
1799 1799 return repo
1800 1800
1801 1801 @classmethod
1802 1802 def get_by_full_path(cls, repo_full_path):
1803 1803 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1804 1804 repo_name = cls.normalize_repo_name(repo_name)
1805 1805 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1806 1806
1807 1807 @classmethod
1808 1808 def get_repo_forks(cls, repo_id):
1809 1809 return cls.query().filter(Repository.fork_id == repo_id)
1810 1810
1811 1811 @classmethod
1812 1812 def base_path(cls):
1813 1813 """
1814 1814 Returns base path when all repos are stored
1815 1815
1816 1816 :param cls:
1817 1817 """
1818 1818 q = Session().query(RhodeCodeUi)\
1819 1819 .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
1820 1820 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1821 1821 return q.one().ui_value
1822 1822
1823 1823 @classmethod
1824 1824 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1825 1825 case_insensitive=True, archived=False):
1826 1826 q = Repository.query()
1827 1827
1828 1828 if not archived:
1829 1829 q = q.filter(Repository.archived.isnot(true()))
1830 1830
1831 1831 if not isinstance(user_id, Optional):
1832 1832 q = q.filter(Repository.user_id == user_id)
1833 1833
1834 1834 if not isinstance(group_id, Optional):
1835 1835 q = q.filter(Repository.group_id == group_id)
1836 1836
1837 1837 if case_insensitive:
1838 1838 q = q.order_by(func.lower(Repository.repo_name))
1839 1839 else:
1840 1840 q = q.order_by(Repository.repo_name)
1841 1841
1842 1842 return q.all()
1843 1843
1844 1844 @property
1845 1845 def repo_uid(self):
1846 1846 return '_{}'.format(self.repo_id)
1847 1847
1848 1848 @property
1849 1849 def forks(self):
1850 1850 """
1851 1851 Return forks of this repo
1852 1852 """
1853 1853 return Repository.get_repo_forks(self.repo_id)
1854 1854
1855 1855 @property
1856 1856 def parent(self):
1857 1857 """
1858 1858 Returns fork parent
1859 1859 """
1860 1860 return self.fork
1861 1861
1862 1862 @property
1863 1863 def just_name(self):
1864 1864 return self.repo_name.split(self.NAME_SEP)[-1]
1865 1865
1866 1866 @property
1867 1867 def groups_with_parents(self):
1868 1868 groups = []
1869 1869 if self.group is None:
1870 1870 return groups
1871 1871
1872 1872 cur_gr = self.group
1873 1873 groups.insert(0, cur_gr)
1874 1874 while 1:
1875 1875 gr = getattr(cur_gr, 'parent_group', None)
1876 1876 cur_gr = cur_gr.parent_group
1877 1877 if gr is None:
1878 1878 break
1879 1879 groups.insert(0, gr)
1880 1880
1881 1881 return groups
1882 1882
1883 1883 @property
1884 1884 def groups_and_repo(self):
1885 1885 return self.groups_with_parents, self
1886 1886
1887 1887 @LazyProperty
1888 1888 def repo_path(self):
1889 1889 """
1890 1890 Returns base full path for that repository means where it actually
1891 1891 exists on a filesystem
1892 1892 """
1893 1893 q = Session().query(RhodeCodeUi).filter(
1894 1894 RhodeCodeUi.ui_key == self.NAME_SEP)
1895 1895 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1896 1896 return q.one().ui_value
1897 1897
1898 1898 @property
1899 1899 def repo_full_path(self):
1900 1900 p = [self.repo_path]
1901 1901 # we need to split the name by / since this is how we store the
1902 1902 # names in the database, but that eventually needs to be converted
1903 1903 # into a valid system path
1904 1904 p += self.repo_name.split(self.NAME_SEP)
1905 1905 return os.path.join(*map(safe_unicode, p))
1906 1906
1907 1907 @property
1908 1908 def cache_keys(self):
1909 1909 """
1910 1910 Returns associated cache keys for that repo
1911 1911 """
1912 1912 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
1913 1913 repo_id=self.repo_id)
1914 1914 return CacheKey.query()\
1915 1915 .filter(CacheKey.cache_args == invalidation_namespace)\
1916 1916 .order_by(CacheKey.cache_key)\
1917 1917 .all()
1918 1918
1919 1919 @property
1920 1920 def cached_diffs_relative_dir(self):
1921 1921 """
1922 1922 Return a relative to the repository store path of cached diffs
1923 1923 used for safe display for users, who shouldn't know the absolute store
1924 1924 path
1925 1925 """
1926 1926 return os.path.join(
1927 1927 os.path.dirname(self.repo_name),
1928 1928 self.cached_diffs_dir.split(os.path.sep)[-1])
1929 1929
1930 1930 @property
1931 1931 def cached_diffs_dir(self):
1932 1932 path = self.repo_full_path
1933 1933 return os.path.join(
1934 1934 os.path.dirname(path),
1935 1935 '.__shadow_diff_cache_repo_{}'.format(self.repo_id))
1936 1936
1937 1937 def cached_diffs(self):
1938 1938 diff_cache_dir = self.cached_diffs_dir
1939 1939 if os.path.isdir(diff_cache_dir):
1940 1940 return os.listdir(diff_cache_dir)
1941 1941 return []
1942 1942
1943 1943 def shadow_repos(self):
1944 1944 shadow_repos_pattern = '.__shadow_repo_{}'.format(self.repo_id)
1945 1945 return [
1946 1946 x for x in os.listdir(os.path.dirname(self.repo_full_path))
1947 1947 if x.startswith(shadow_repos_pattern)]
1948 1948
1949 1949 def get_new_name(self, repo_name):
1950 1950 """
1951 1951 returns new full repository name based on assigned group and new new
1952 1952
1953 1953 :param group_name:
1954 1954 """
1955 1955 path_prefix = self.group.full_path_splitted if self.group else []
1956 1956 return self.NAME_SEP.join(path_prefix + [repo_name])
1957 1957
1958 1958 @property
1959 1959 def _config(self):
1960 1960 """
1961 1961 Returns db based config object.
1962 1962 """
1963 1963 from rhodecode.lib.utils import make_db_config
1964 1964 return make_db_config(clear_session=False, repo=self)
1965 1965
1966 1966 def permissions(self, with_admins=True, with_owner=True,
1967 1967 expand_from_user_groups=False):
1968 1968 """
1969 1969 Permissions for repositories
1970 1970 """
1971 1971 _admin_perm = 'repository.admin'
1972 1972
1973 1973 owner_row = []
1974 1974 if with_owner:
1975 1975 usr = AttributeDict(self.user.get_dict())
1976 1976 usr.owner_row = True
1977 1977 usr.permission = _admin_perm
1978 1978 usr.permission_id = None
1979 1979 owner_row.append(usr)
1980 1980
1981 1981 super_admin_ids = []
1982 1982 super_admin_rows = []
1983 1983 if with_admins:
1984 1984 for usr in User.get_all_super_admins():
1985 1985 super_admin_ids.append(usr.user_id)
1986 1986 # if this admin is also owner, don't double the record
1987 1987 if usr.user_id == owner_row[0].user_id:
1988 1988 owner_row[0].admin_row = True
1989 1989 else:
1990 1990 usr = AttributeDict(usr.get_dict())
1991 1991 usr.admin_row = True
1992 1992 usr.permission = _admin_perm
1993 1993 usr.permission_id = None
1994 1994 super_admin_rows.append(usr)
1995 1995
1996 1996 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
1997 1997 q = q.options(joinedload(UserRepoToPerm.repository),
1998 1998 joinedload(UserRepoToPerm.user),
1999 1999 joinedload(UserRepoToPerm.permission),)
2000 2000
2001 2001 # get owners and admins and permissions. We do a trick of re-writing
2002 2002 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2003 2003 # has a global reference and changing one object propagates to all
2004 2004 # others. This means if admin is also an owner admin_row that change
2005 2005 # would propagate to both objects
2006 2006 perm_rows = []
2007 2007 for _usr in q.all():
2008 2008 usr = AttributeDict(_usr.user.get_dict())
2009 2009 # if this user is also owner/admin, mark as duplicate record
2010 2010 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2011 2011 usr.duplicate_perm = True
2012 2012 # also check if this permission is maybe used by branch_permissions
2013 2013 if _usr.branch_perm_entry:
2014 2014 usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]
2015 2015
2016 2016 usr.permission = _usr.permission.permission_name
2017 2017 usr.permission_id = _usr.repo_to_perm_id
2018 2018 perm_rows.append(usr)
2019 2019
2020 2020 # filter the perm rows by 'default' first and then sort them by
2021 2021 # admin,write,read,none permissions sorted again alphabetically in
2022 2022 # each group
2023 2023 perm_rows = sorted(perm_rows, key=display_user_sort)
2024 2024
2025 2025 user_groups_rows = []
2026 2026 if expand_from_user_groups:
2027 2027 for ug in self.permission_user_groups(with_members=True):
2028 2028 for user_data in ug.members:
2029 2029 user_groups_rows.append(user_data)
2030 2030
2031 2031 return super_admin_rows + owner_row + perm_rows + user_groups_rows
2032 2032
2033 2033 def permission_user_groups(self, with_members=True):
2034 2034 q = UserGroupRepoToPerm.query()\
2035 2035 .filter(UserGroupRepoToPerm.repository == self)
2036 2036 q = q.options(joinedload(UserGroupRepoToPerm.repository),
2037 2037 joinedload(UserGroupRepoToPerm.users_group),
2038 2038 joinedload(UserGroupRepoToPerm.permission),)
2039 2039
2040 2040 perm_rows = []
2041 2041 for _user_group in q.all():
2042 2042 entry = AttributeDict(_user_group.users_group.get_dict())
2043 2043 entry.permission = _user_group.permission.permission_name
2044 2044 if with_members:
2045 2045 entry.members = [x.user.get_dict()
2046 2046 for x in _user_group.users_group.members]
2047 2047 perm_rows.append(entry)
2048 2048
2049 2049 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2050 2050 return perm_rows
2051 2051
2052 2052 def get_api_data(self, include_secrets=False):
2053 2053 """
2054 2054 Common function for generating repo api data
2055 2055
2056 2056 :param include_secrets: See :meth:`User.get_api_data`.
2057 2057
2058 2058 """
2059 2059 # TODO: mikhail: Here there is an anti-pattern, we probably need to
2060 2060 # move this methods on models level.
2061 2061 from rhodecode.model.settings import SettingsModel
2062 2062 from rhodecode.model.repo import RepoModel
2063 2063
2064 2064 repo = self
2065 2065 _user_id, _time, _reason = self.locked
2066 2066
2067 2067 data = {
2068 2068 'repo_id': repo.repo_id,
2069 2069 'repo_name': repo.repo_name,
2070 2070 'repo_type': repo.repo_type,
2071 2071 'clone_uri': repo.clone_uri or '',
2072 2072 'push_uri': repo.push_uri or '',
2073 2073 'url': RepoModel().get_url(self),
2074 2074 'private': repo.private,
2075 2075 'created_on': repo.created_on,
2076 2076 'description': repo.description_safe,
2077 2077 'landing_rev': repo.landing_rev,
2078 2078 'owner': repo.user.username,
2079 2079 'fork_of': repo.fork.repo_name if repo.fork else None,
2080 2080 'fork_of_id': repo.fork.repo_id if repo.fork else None,
2081 2081 'enable_statistics': repo.enable_statistics,
2082 2082 'enable_locking': repo.enable_locking,
2083 2083 'enable_downloads': repo.enable_downloads,
2084 2084 'last_changeset': repo.changeset_cache,
2085 2085 'locked_by': User.get(_user_id).get_api_data(
2086 2086 include_secrets=include_secrets) if _user_id else None,
2087 2087 'locked_date': time_to_datetime(_time) if _time else None,
2088 2088 'lock_reason': _reason if _reason else None,
2089 2089 }
2090 2090
2091 2091 # TODO: mikhail: should be per-repo settings here
2092 2092 rc_config = SettingsModel().get_all_settings()
2093 2093 repository_fields = str2bool(
2094 2094 rc_config.get('rhodecode_repository_fields'))
2095 2095 if repository_fields:
2096 2096 for f in self.extra_fields:
2097 2097 data[f.field_key_prefixed] = f.field_value
2098 2098
2099 2099 return data
2100 2100
2101 2101 @classmethod
2102 2102 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2103 2103 if not lock_time:
2104 2104 lock_time = time.time()
2105 2105 if not lock_reason:
2106 2106 lock_reason = cls.LOCK_AUTOMATIC
2107 2107 repo.locked = [user_id, lock_time, lock_reason]
2108 2108 Session().add(repo)
2109 2109 Session().commit()
2110 2110
2111 2111 @classmethod
2112 2112 def unlock(cls, repo):
2113 2113 repo.locked = None
2114 2114 Session().add(repo)
2115 2115 Session().commit()
2116 2116
2117 2117 @classmethod
2118 2118 def getlock(cls, repo):
2119 2119 return repo.locked
2120 2120
2121 2121 def is_user_lock(self, user_id):
2122 2122 if self.lock[0]:
2123 2123 lock_user_id = safe_int(self.lock[0])
2124 2124 user_id = safe_int(user_id)
2125 2125 # both are ints, and they are equal
2126 2126 return all([lock_user_id, user_id]) and lock_user_id == user_id
2127 2127
2128 2128 return False
2129 2129
2130 2130 def get_locking_state(self, action, user_id, only_when_enabled=True):
2131 2131 """
2132 2132 Checks locking on this repository, if locking is enabled and lock is
2133 2133 present returns a tuple of make_lock, locked, locked_by.
2134 2134 make_lock can have 3 states None (do nothing) True, make lock
2135 2135 False release lock, This value is later propagated to hooks, which
2136 2136 do the locking. Think about this as signals passed to hooks what to do.
2137 2137
2138 2138 """
2139 2139 # TODO: johbo: This is part of the business logic and should be moved
2140 2140 # into the RepositoryModel.
2141 2141
2142 2142 if action not in ('push', 'pull'):
2143 2143 raise ValueError("Invalid action value: %s" % repr(action))
2144 2144
2145 2145 # defines if locked error should be thrown to user
2146 2146 currently_locked = False
2147 2147 # defines if new lock should be made, tri-state
2148 2148 make_lock = None
2149 2149 repo = self
2150 2150 user = User.get(user_id)
2151 2151
2152 2152 lock_info = repo.locked
2153 2153
2154 2154 if repo and (repo.enable_locking or not only_when_enabled):
2155 2155 if action == 'push':
2156 2156 # check if it's already locked !, if it is compare users
2157 2157 locked_by_user_id = lock_info[0]
2158 2158 if user.user_id == locked_by_user_id:
2159 2159 log.debug(
2160 2160 'Got `push` action from user %s, now unlocking', user)
2161 2161 # unlock if we have push from user who locked
2162 2162 make_lock = False
2163 2163 else:
2164 2164 # we're not the same user who locked, ban with
2165 2165 # code defined in settings (default is 423 HTTP Locked) !
2166 2166 log.debug('Repo %s is currently locked by %s', repo, user)
2167 2167 currently_locked = True
2168 2168 elif action == 'pull':
2169 2169 # [0] user [1] date
2170 2170 if lock_info[0] and lock_info[1]:
2171 2171 log.debug('Repo %s is currently locked by %s', repo, user)
2172 2172 currently_locked = True
2173 2173 else:
2174 2174 log.debug('Setting lock on repo %s by %s', repo, user)
2175 2175 make_lock = True
2176 2176
2177 2177 else:
2178 2178 log.debug('Repository %s do not have locking enabled', repo)
2179 2179
2180 2180 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2181 2181 make_lock, currently_locked, lock_info)
2182 2182
2183 2183 from rhodecode.lib.auth import HasRepoPermissionAny
2184 2184 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2185 2185 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2186 2186 # if we don't have at least write permission we cannot make a lock
2187 2187 log.debug('lock state reset back to FALSE due to lack '
2188 2188 'of at least read permission')
2189 2189 make_lock = False
2190 2190
2191 2191 return make_lock, currently_locked, lock_info
2192 2192
2193 2193 @property
2194 2194 def last_commit_cache_update_diff(self):
2195 2195 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
2196 2196
2197 2197 @property
2198 2198 def last_commit_change(self):
2199 2199 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2200 2200 empty_date = datetime.datetime.fromtimestamp(0)
2201 2201 date_latest = self.changeset_cache.get('date', empty_date)
2202 2202 try:
2203 2203 return parse_datetime(date_latest)
2204 2204 except Exception:
2205 2205 return empty_date
2206 2206
2207 2207 @property
2208 2208 def last_db_change(self):
2209 2209 return self.updated_on
2210 2210
2211 2211 @property
2212 2212 def clone_uri_hidden(self):
2213 2213 clone_uri = self.clone_uri
2214 2214 if clone_uri:
2215 2215 import urlobject
2216 2216 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2217 2217 if url_obj.password:
2218 2218 clone_uri = url_obj.with_password('*****')
2219 2219 return clone_uri
2220 2220
2221 2221 @property
2222 2222 def push_uri_hidden(self):
2223 2223 push_uri = self.push_uri
2224 2224 if push_uri:
2225 2225 import urlobject
2226 2226 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2227 2227 if url_obj.password:
2228 2228 push_uri = url_obj.with_password('*****')
2229 2229 return push_uri
2230 2230
2231 2231 def clone_url(self, **override):
2232 2232 from rhodecode.model.settings import SettingsModel
2233 2233
2234 2234 uri_tmpl = None
2235 2235 if 'with_id' in override:
2236 2236 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2237 2237 del override['with_id']
2238 2238
2239 2239 if 'uri_tmpl' in override:
2240 2240 uri_tmpl = override['uri_tmpl']
2241 2241 del override['uri_tmpl']
2242 2242
2243 2243 ssh = False
2244 2244 if 'ssh' in override:
2245 2245 ssh = True
2246 2246 del override['ssh']
2247 2247
2248 2248 # we didn't override our tmpl from **overrides
2249 2249 request = get_current_request()
2250 2250 if not uri_tmpl:
2251 2251 if hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):
2252 2252 rc_config = request.call_context.rc_config
2253 2253 else:
2254 2254 rc_config = SettingsModel().get_all_settings(cache=True)
2255 2255 if ssh:
2256 2256 uri_tmpl = rc_config.get(
2257 2257 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2258 2258 else:
2259 2259 uri_tmpl = rc_config.get(
2260 2260 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2261 2261
2262 2262 return get_clone_url(request=request,
2263 2263 uri_tmpl=uri_tmpl,
2264 2264 repo_name=self.repo_name,
2265 2265 repo_id=self.repo_id, **override)
2266 2266
2267 2267 def set_state(self, state):
2268 2268 self.repo_state = state
2269 2269 Session().add(self)
2270 2270 #==========================================================================
2271 2271 # SCM PROPERTIES
2272 2272 #==========================================================================
2273 2273
2274 2274 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
2275 2275 return get_commit_safe(
2276 2276 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
2277 2277
2278 2278 def get_changeset(self, rev=None, pre_load=None):
2279 2279 warnings.warn("Use get_commit", DeprecationWarning)
2280 2280 commit_id = None
2281 2281 commit_idx = None
2282 2282 if isinstance(rev, compat.string_types):
2283 2283 commit_id = rev
2284 2284 else:
2285 2285 commit_idx = rev
2286 2286 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2287 2287 pre_load=pre_load)
2288 2288
2289 2289 def get_landing_commit(self):
2290 2290 """
2291 2291 Returns landing commit, or if that doesn't exist returns the tip
2292 2292 """
2293 2293 _rev_type, _rev = self.landing_rev
2294 2294 commit = self.get_commit(_rev)
2295 2295 if isinstance(commit, EmptyCommit):
2296 2296 return self.get_commit()
2297 2297 return commit
2298 2298
2299 2299 def update_commit_cache(self, cs_cache=None, config=None):
2300 2300 """
2301 2301 Update cache of last commit for repository, keys should be::
2302 2302
2303 2303 source_repo_id
2304 2304 short_id
2305 2305 raw_id
2306 2306 revision
2307 2307 parents
2308 2308 message
2309 2309 date
2310 2310 author
2311 2311 updated_on
2312 2312
2313 2313 """
2314 2314 from rhodecode.lib.vcs.backends.base import BaseChangeset
2315 2315 if cs_cache is None:
2316 2316 # use no-cache version here
2317 2317 scm_repo = self.scm_instance(cache=False, config=config)
2318 2318
2319 2319 empty = scm_repo is None or scm_repo.is_empty()
2320 2320 if not empty:
2321 2321 cs_cache = scm_repo.get_commit(
2322 2322 pre_load=["author", "date", "message", "parents", "branch"])
2323 2323 else:
2324 2324 cs_cache = EmptyCommit()
2325 2325
2326 2326 if isinstance(cs_cache, BaseChangeset):
2327 2327 cs_cache = cs_cache.__json__()
2328 2328
2329 2329 def is_outdated(new_cs_cache):
2330 2330 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2331 2331 new_cs_cache['revision'] != self.changeset_cache['revision']):
2332 2332 return True
2333 2333 return False
2334 2334
2335 2335 # check if we have maybe already latest cached revision
2336 2336 if is_outdated(cs_cache) or not self.changeset_cache:
2337 2337 _default = datetime.datetime.utcnow()
2338 2338 last_change = cs_cache.get('date') or _default
2339 2339 # we check if last update is newer than the new value
2340 2340 # if yes, we use the current timestamp instead. Imagine you get
2341 2341 # old commit pushed 1y ago, we'd set last update 1y to ago.
2342 2342 last_change_timestamp = datetime_to_time(last_change)
2343 2343 current_timestamp = datetime_to_time(last_change)
2344 2344 if last_change_timestamp > current_timestamp:
2345 2345 cs_cache['date'] = _default
2346 2346
2347 2347 cs_cache['updated_on'] = time.time()
2348 2348 self.changeset_cache = cs_cache
2349 2349 Session().add(self)
2350 2350 Session().commit()
2351 2351
2352 2352 log.debug('updated repo %s with new commit cache %s',
2353 2353 self.repo_name, cs_cache)
2354 2354 else:
2355 2355 cs_cache = self.changeset_cache
2356 2356 cs_cache['updated_on'] = time.time()
2357 2357 self.changeset_cache = cs_cache
2358 2358 Session().add(self)
2359 2359 Session().commit()
2360 2360
2361 2361 log.debug('Skipping update_commit_cache for repo:`%s` '
2362 2362 'commit already with latest changes', self.repo_name)
2363 2363
2364 2364 @property
2365 2365 def tip(self):
2366 2366 return self.get_commit('tip')
2367 2367
2368 2368 @property
2369 2369 def author(self):
2370 2370 return self.tip.author
2371 2371
2372 2372 @property
2373 2373 def last_change(self):
2374 2374 return self.scm_instance().last_change
2375 2375
2376 2376 def get_comments(self, revisions=None):
2377 2377 """
2378 2378 Returns comments for this repository grouped by revisions
2379 2379
2380 2380 :param revisions: filter query by revisions only
2381 2381 """
2382 2382 cmts = ChangesetComment.query()\
2383 2383 .filter(ChangesetComment.repo == self)
2384 2384 if revisions:
2385 2385 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2386 2386 grouped = collections.defaultdict(list)
2387 2387 for cmt in cmts.all():
2388 2388 grouped[cmt.revision].append(cmt)
2389 2389 return grouped
2390 2390
2391 2391 def statuses(self, revisions=None):
2392 2392 """
2393 2393 Returns statuses for this repository
2394 2394
2395 2395 :param revisions: list of revisions to get statuses for
2396 2396 """
2397 2397 statuses = ChangesetStatus.query()\
2398 2398 .filter(ChangesetStatus.repo == self)\
2399 2399 .filter(ChangesetStatus.version == 0)
2400 2400
2401 2401 if revisions:
2402 2402 # Try doing the filtering in chunks to avoid hitting limits
2403 2403 size = 500
2404 2404 status_results = []
2405 2405 for chunk in xrange(0, len(revisions), size):
2406 2406 status_results += statuses.filter(
2407 2407 ChangesetStatus.revision.in_(
2408 2408 revisions[chunk: chunk+size])
2409 2409 ).all()
2410 2410 else:
2411 2411 status_results = statuses.all()
2412 2412
2413 2413 grouped = {}
2414 2414
2415 2415 # maybe we have open new pullrequest without a status?
2416 2416 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2417 2417 status_lbl = ChangesetStatus.get_status_lbl(stat)
2418 2418 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2419 2419 for rev in pr.revisions:
2420 2420 pr_id = pr.pull_request_id
2421 2421 pr_repo = pr.target_repo.repo_name
2422 2422 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2423 2423
2424 2424 for stat in status_results:
2425 2425 pr_id = pr_repo = None
2426 2426 if stat.pull_request:
2427 2427 pr_id = stat.pull_request.pull_request_id
2428 2428 pr_repo = stat.pull_request.target_repo.repo_name
2429 2429 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2430 2430 pr_id, pr_repo]
2431 2431 return grouped
2432 2432
2433 2433 # ==========================================================================
2434 2434 # SCM CACHE INSTANCE
2435 2435 # ==========================================================================
2436 2436
2437 2437 def scm_instance(self, **kwargs):
2438 2438 import rhodecode
2439 2439
2440 2440 # Passing a config will not hit the cache currently only used
2441 2441 # for repo2dbmapper
2442 2442 config = kwargs.pop('config', None)
2443 2443 cache = kwargs.pop('cache', None)
2444 2444 vcs_full_cache = kwargs.pop('vcs_full_cache', None)
2445 2445 if vcs_full_cache is not None:
2446 2446 # allows override global config
2447 2447 full_cache = vcs_full_cache
2448 2448 else:
2449 2449 full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
2450 2450 # if cache is NOT defined use default global, else we have a full
2451 2451 # control over cache behaviour
2452 2452 if cache is None and full_cache and not config:
2453 2453 log.debug('Initializing pure cached instance for %s', self.repo_path)
2454 2454 return self._get_instance_cached()
2455 2455
2456 2456 # cache here is sent to the "vcs server"
2457 2457 return self._get_instance(cache=bool(cache), config=config)
2458 2458
2459 2459 def _get_instance_cached(self):
2460 2460 from rhodecode.lib import rc_cache
2461 2461
2462 2462 cache_namespace_uid = 'cache_repo_instance.{}'.format(self.repo_id)
2463 2463 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
2464 2464 repo_id=self.repo_id)
2465 2465 region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
2466 2466
2467 2467 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
2468 2468 def get_instance_cached(repo_id, context_id, _cache_state_uid):
2469 2469 return self._get_instance(repo_state_uid=_cache_state_uid)
2470 2470
2471 2471 # we must use thread scoped cache here,
2472 2472 # because each thread of gevent needs it's own not shared connection and cache
2473 2473 # we also alter `args` so the cache key is individual for every green thread.
2474 2474 inv_context_manager = rc_cache.InvalidationContext(
2475 2475 uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace,
2476 2476 thread_scoped=True)
2477 2477 with inv_context_manager as invalidation_context:
2478 2478 cache_state_uid = invalidation_context.cache_data['cache_state_uid']
2479 2479 args = (self.repo_id, inv_context_manager.cache_key, cache_state_uid)
2480 2480
2481 2481 # re-compute and store cache if we get invalidate signal
2482 2482 if invalidation_context.should_invalidate():
2483 2483 instance = get_instance_cached.refresh(*args)
2484 2484 else:
2485 2485 instance = get_instance_cached(*args)
2486 2486
2487 2487 log.debug('Repo instance fetched in %.4fs', inv_context_manager.compute_time)
2488 2488 return instance
2489 2489
2490 2490 def _get_instance(self, cache=True, config=None, repo_state_uid=None):
2491 2491 log.debug('Initializing %s instance `%s` with cache flag set to: %s',
2492 2492 self.repo_type, self.repo_path, cache)
2493 2493 config = config or self._config
2494 2494 custom_wire = {
2495 2495 'cache': cache, # controls the vcs.remote cache
2496 2496 'repo_state_uid': repo_state_uid
2497 2497 }
2498 2498 repo = get_vcs_instance(
2499 2499 repo_path=safe_str(self.repo_full_path),
2500 2500 config=config,
2501 2501 with_wire=custom_wire,
2502 2502 create=False,
2503 2503 _vcs_alias=self.repo_type)
2504 2504 if repo is not None:
2505 2505 repo.count() # cache rebuild
2506 2506 return repo
2507 2507
2508 2508 def get_shadow_repository_path(self, workspace_id):
2509 2509 from rhodecode.lib.vcs.backends.base import BaseRepository
2510 2510 shadow_repo_path = BaseRepository._get_shadow_repository_path(
2511 2511 self.repo_full_path, self.repo_id, workspace_id)
2512 2512 return shadow_repo_path
2513 2513
2514 2514 def __json__(self):
2515 2515 return {'landing_rev': self.landing_rev}
2516 2516
2517 2517 def get_dict(self):
2518 2518
2519 2519 # Since we transformed `repo_name` to a hybrid property, we need to
2520 2520 # keep compatibility with the code which uses `repo_name` field.
2521 2521
2522 2522 result = super(Repository, self).get_dict()
2523 2523 result['repo_name'] = result.pop('_repo_name', None)
2524 2524 return result
2525 2525
2526 2526
2527 2527 class RepoGroup(Base, BaseModel):
2528 2528 __tablename__ = 'groups'
2529 2529 __table_args__ = (
2530 2530 UniqueConstraint('group_name', 'group_parent_id'),
2531 2531 base_table_args,
2532 2532 )
2533 2533 __mapper_args__ = {'order_by': 'group_name'}
2534 2534
2535 2535 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2536 2536
2537 2537 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2538 2538 _group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2539 2539 group_name_hash = Column("repo_group_name_hash", String(1024), nullable=False, unique=False)
2540 2540 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2541 2541 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2542 2542 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2543 2543 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2544 2544 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2545 2545 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2546 2546 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2547 2547 _changeset_cache = Column(
2548 2548 "changeset_cache", LargeBinary(), nullable=True) # JSON data
2549 2549
2550 2550 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
2551 2551 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
2552 2552 parent_group = relationship('RepoGroup', remote_side=group_id)
2553 2553 user = relationship('User')
2554 integrations = relationship('Integration', cascade="all, delete, delete-orphan")
2554 integrations = relationship('Integration', cascade="all, delete-orphan")
2555 2555
2556 2556 def __init__(self, group_name='', parent_group=None):
2557 2557 self.group_name = group_name
2558 2558 self.parent_group = parent_group
2559 2559
2560 2560 def __unicode__(self):
2561 2561 return u"<%s('id:%s:%s')>" % (
2562 2562 self.__class__.__name__, self.group_id, self.group_name)
2563 2563
2564 2564 @hybrid_property
2565 2565 def group_name(self):
2566 2566 return self._group_name
2567 2567
2568 2568 @group_name.setter
2569 2569 def group_name(self, value):
2570 2570 self._group_name = value
2571 2571 self.group_name_hash = self.hash_repo_group_name(value)
2572 2572
2573 2573 @hybrid_property
2574 2574 def changeset_cache(self):
2575 2575 from rhodecode.lib.vcs.backends.base import EmptyCommit
2576 2576 dummy = EmptyCommit().__json__()
2577 2577 if not self._changeset_cache:
2578 2578 dummy['source_repo_id'] = ''
2579 2579 return json.loads(json.dumps(dummy))
2580 2580
2581 2581 try:
2582 2582 return json.loads(self._changeset_cache)
2583 2583 except TypeError:
2584 2584 return dummy
2585 2585 except Exception:
2586 2586 log.error(traceback.format_exc())
2587 2587 return dummy
2588 2588
2589 2589 @changeset_cache.setter
2590 2590 def changeset_cache(self, val):
2591 2591 try:
2592 2592 self._changeset_cache = json.dumps(val)
2593 2593 except Exception:
2594 2594 log.error(traceback.format_exc())
2595 2595
2596 2596 @validates('group_parent_id')
2597 2597 def validate_group_parent_id(self, key, val):
2598 2598 """
2599 2599 Check cycle references for a parent group to self
2600 2600 """
2601 2601 if self.group_id and val:
2602 2602 assert val != self.group_id
2603 2603
2604 2604 return val
2605 2605
2606 2606 @hybrid_property
2607 2607 def description_safe(self):
2608 2608 from rhodecode.lib import helpers as h
2609 2609 return h.escape(self.group_description)
2610 2610
2611 2611 @classmethod
2612 2612 def hash_repo_group_name(cls, repo_group_name):
2613 2613 val = remove_formatting(repo_group_name)
2614 2614 val = safe_str(val).lower()
2615 2615 chars = []
2616 2616 for c in val:
2617 2617 if c not in string.ascii_letters:
2618 2618 c = str(ord(c))
2619 2619 chars.append(c)
2620 2620
2621 2621 return ''.join(chars)
2622 2622
2623 2623 @classmethod
2624 2624 def _generate_choice(cls, repo_group):
2625 2625 from webhelpers.html import literal as _literal
2626 2626 _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
2627 2627 return repo_group.group_id, _name(repo_group.full_path_splitted)
2628 2628
2629 2629 @classmethod
2630 2630 def groups_choices(cls, groups=None, show_empty_group=True):
2631 2631 if not groups:
2632 2632 groups = cls.query().all()
2633 2633
2634 2634 repo_groups = []
2635 2635 if show_empty_group:
2636 2636 repo_groups = [(-1, u'-- %s --' % _('No parent'))]
2637 2637
2638 2638 repo_groups.extend([cls._generate_choice(x) for x in groups])
2639 2639
2640 2640 repo_groups = sorted(
2641 2641 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2642 2642 return repo_groups
2643 2643
2644 2644 @classmethod
2645 2645 def url_sep(cls):
2646 2646 return URL_SEP
2647 2647
2648 2648 @classmethod
2649 2649 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2650 2650 if case_insensitive:
2651 2651 gr = cls.query().filter(func.lower(cls.group_name)
2652 2652 == func.lower(group_name))
2653 2653 else:
2654 2654 gr = cls.query().filter(cls.group_name == group_name)
2655 2655 if cache:
2656 2656 name_key = _hash_key(group_name)
2657 2657 gr = gr.options(
2658 2658 FromCache("sql_cache_short", "get_group_%s" % name_key))
2659 2659 return gr.scalar()
2660 2660
2661 2661 @classmethod
2662 2662 def get_user_personal_repo_group(cls, user_id):
2663 2663 user = User.get(user_id)
2664 2664 if user.username == User.DEFAULT_USER:
2665 2665 return None
2666 2666
2667 2667 return cls.query()\
2668 2668 .filter(cls.personal == true()) \
2669 2669 .filter(cls.user == user) \
2670 2670 .order_by(cls.group_id.asc()) \
2671 2671 .first()
2672 2672
2673 2673 @classmethod
2674 2674 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2675 2675 case_insensitive=True):
2676 2676 q = RepoGroup.query()
2677 2677
2678 2678 if not isinstance(user_id, Optional):
2679 2679 q = q.filter(RepoGroup.user_id == user_id)
2680 2680
2681 2681 if not isinstance(group_id, Optional):
2682 2682 q = q.filter(RepoGroup.group_parent_id == group_id)
2683 2683
2684 2684 if case_insensitive:
2685 2685 q = q.order_by(func.lower(RepoGroup.group_name))
2686 2686 else:
2687 2687 q = q.order_by(RepoGroup.group_name)
2688 2688 return q.all()
2689 2689
2690 2690 @property
2691 2691 def parents(self, parents_recursion_limit = 10):
2692 2692 groups = []
2693 2693 if self.parent_group is None:
2694 2694 return groups
2695 2695 cur_gr = self.parent_group
2696 2696 groups.insert(0, cur_gr)
2697 2697 cnt = 0
2698 2698 while 1:
2699 2699 cnt += 1
2700 2700 gr = getattr(cur_gr, 'parent_group', None)
2701 2701 cur_gr = cur_gr.parent_group
2702 2702 if gr is None:
2703 2703 break
2704 2704 if cnt == parents_recursion_limit:
2705 2705 # this will prevent accidental infinit loops
2706 2706 log.error('more than %s parents found for group %s, stopping '
2707 2707 'recursive parent fetching', parents_recursion_limit, self)
2708 2708 break
2709 2709
2710 2710 groups.insert(0, gr)
2711 2711 return groups
2712 2712
2713 2713 @property
2714 2714 def last_commit_cache_update_diff(self):
2715 2715 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
2716 2716
2717 2717 @property
2718 2718 def last_commit_change(self):
2719 2719 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2720 2720 empty_date = datetime.datetime.fromtimestamp(0)
2721 2721 date_latest = self.changeset_cache.get('date', empty_date)
2722 2722 try:
2723 2723 return parse_datetime(date_latest)
2724 2724 except Exception:
2725 2725 return empty_date
2726 2726
2727 2727 @property
2728 2728 def last_db_change(self):
2729 2729 return self.updated_on
2730 2730
2731 2731 @property
2732 2732 def children(self):
2733 2733 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2734 2734
2735 2735 @property
2736 2736 def name(self):
2737 2737 return self.group_name.split(RepoGroup.url_sep())[-1]
2738 2738
2739 2739 @property
2740 2740 def full_path(self):
2741 2741 return self.group_name
2742 2742
2743 2743 @property
2744 2744 def full_path_splitted(self):
2745 2745 return self.group_name.split(RepoGroup.url_sep())
2746 2746
2747 2747 @property
2748 2748 def repositories(self):
2749 2749 return Repository.query()\
2750 2750 .filter(Repository.group == self)\
2751 2751 .order_by(Repository.repo_name)
2752 2752
2753 2753 @property
2754 2754 def repositories_recursive_count(self):
2755 2755 cnt = self.repositories.count()
2756 2756
2757 2757 def children_count(group):
2758 2758 cnt = 0
2759 2759 for child in group.children:
2760 2760 cnt += child.repositories.count()
2761 2761 cnt += children_count(child)
2762 2762 return cnt
2763 2763
2764 2764 return cnt + children_count(self)
2765 2765
2766 2766 def _recursive_objects(self, include_repos=True, include_groups=True):
2767 2767 all_ = []
2768 2768
2769 2769 def _get_members(root_gr):
2770 2770 if include_repos:
2771 2771 for r in root_gr.repositories:
2772 2772 all_.append(r)
2773 2773 childs = root_gr.children.all()
2774 2774 if childs:
2775 2775 for gr in childs:
2776 2776 if include_groups:
2777 2777 all_.append(gr)
2778 2778 _get_members(gr)
2779 2779
2780 2780 root_group = []
2781 2781 if include_groups:
2782 2782 root_group = [self]
2783 2783
2784 2784 _get_members(self)
2785 2785 return root_group + all_
2786 2786
2787 2787 def recursive_groups_and_repos(self):
2788 2788 """
2789 2789 Recursive return all groups, with repositories in those groups
2790 2790 """
2791 2791 return self._recursive_objects()
2792 2792
2793 2793 def recursive_groups(self):
2794 2794 """
2795 2795 Returns all children groups for this group including children of children
2796 2796 """
2797 2797 return self._recursive_objects(include_repos=False)
2798 2798
2799 2799 def recursive_repos(self):
2800 2800 """
2801 2801 Returns all children repositories for this group
2802 2802 """
2803 2803 return self._recursive_objects(include_groups=False)
2804 2804
2805 2805 def get_new_name(self, group_name):
2806 2806 """
2807 2807 returns new full group name based on parent and new name
2808 2808
2809 2809 :param group_name:
2810 2810 """
2811 2811 path_prefix = (self.parent_group.full_path_splitted if
2812 2812 self.parent_group else [])
2813 2813 return RepoGroup.url_sep().join(path_prefix + [group_name])
2814 2814
2815 2815 def update_commit_cache(self, config=None):
2816 2816 """
2817 2817 Update cache of last changeset for newest repository inside this group, keys should be::
2818 2818
2819 2819 source_repo_id
2820 2820 short_id
2821 2821 raw_id
2822 2822 revision
2823 2823 parents
2824 2824 message
2825 2825 date
2826 2826 author
2827 2827
2828 2828 """
2829 2829 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2830 2830
2831 2831 def repo_groups_and_repos():
2832 2832 all_entries = OrderedDefaultDict(list)
2833 2833
2834 2834 def _get_members(root_gr, pos=0):
2835 2835
2836 2836 for repo in root_gr.repositories:
2837 2837 all_entries[root_gr].append(repo)
2838 2838
2839 2839 # fill in all parent positions
2840 2840 for parent_group in root_gr.parents:
2841 2841 all_entries[parent_group].extend(all_entries[root_gr])
2842 2842
2843 2843 children_groups = root_gr.children.all()
2844 2844 if children_groups:
2845 2845 for cnt, gr in enumerate(children_groups, 1):
2846 2846 _get_members(gr, pos=pos+cnt)
2847 2847
2848 2848 _get_members(root_gr=self)
2849 2849 return all_entries
2850 2850
2851 2851 empty_date = datetime.datetime.fromtimestamp(0)
2852 2852 for repo_group, repos in repo_groups_and_repos().items():
2853 2853
2854 2854 latest_repo_cs_cache = {}
2855 2855 for repo in repos:
2856 2856 repo_cs_cache = repo.changeset_cache
2857 2857 date_latest = latest_repo_cs_cache.get('date', empty_date)
2858 2858 date_current = repo_cs_cache.get('date', empty_date)
2859 2859 current_timestamp = datetime_to_time(parse_datetime(date_latest))
2860 2860 if current_timestamp < datetime_to_time(parse_datetime(date_current)):
2861 2861 latest_repo_cs_cache = repo_cs_cache
2862 2862 latest_repo_cs_cache['source_repo_id'] = repo.repo_id
2863 2863
2864 2864 latest_repo_cs_cache['updated_on'] = time.time()
2865 2865 repo_group.changeset_cache = latest_repo_cs_cache
2866 2866 Session().add(repo_group)
2867 2867 Session().commit()
2868 2868
2869 2869 log.debug('updated repo group %s with new commit cache %s',
2870 2870 repo_group.group_name, latest_repo_cs_cache)
2871 2871
2872 2872 def permissions(self, with_admins=True, with_owner=True,
2873 2873 expand_from_user_groups=False):
2874 2874 """
2875 2875 Permissions for repository groups
2876 2876 """
2877 2877 _admin_perm = 'group.admin'
2878 2878
2879 2879 owner_row = []
2880 2880 if with_owner:
2881 2881 usr = AttributeDict(self.user.get_dict())
2882 2882 usr.owner_row = True
2883 2883 usr.permission = _admin_perm
2884 2884 owner_row.append(usr)
2885 2885
2886 2886 super_admin_ids = []
2887 2887 super_admin_rows = []
2888 2888 if with_admins:
2889 2889 for usr in User.get_all_super_admins():
2890 2890 super_admin_ids.append(usr.user_id)
2891 2891 # if this admin is also owner, don't double the record
2892 2892 if usr.user_id == owner_row[0].user_id:
2893 2893 owner_row[0].admin_row = True
2894 2894 else:
2895 2895 usr = AttributeDict(usr.get_dict())
2896 2896 usr.admin_row = True
2897 2897 usr.permission = _admin_perm
2898 2898 super_admin_rows.append(usr)
2899 2899
2900 2900 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
2901 2901 q = q.options(joinedload(UserRepoGroupToPerm.group),
2902 2902 joinedload(UserRepoGroupToPerm.user),
2903 2903 joinedload(UserRepoGroupToPerm.permission),)
2904 2904
2905 2905 # get owners and admins and permissions. We do a trick of re-writing
2906 2906 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2907 2907 # has a global reference and changing one object propagates to all
2908 2908 # others. This means if admin is also an owner admin_row that change
2909 2909 # would propagate to both objects
2910 2910 perm_rows = []
2911 2911 for _usr in q.all():
2912 2912 usr = AttributeDict(_usr.user.get_dict())
2913 2913 # if this user is also owner/admin, mark as duplicate record
2914 2914 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2915 2915 usr.duplicate_perm = True
2916 2916 usr.permission = _usr.permission.permission_name
2917 2917 perm_rows.append(usr)
2918 2918
2919 2919 # filter the perm rows by 'default' first and then sort them by
2920 2920 # admin,write,read,none permissions sorted again alphabetically in
2921 2921 # each group
2922 2922 perm_rows = sorted(perm_rows, key=display_user_sort)
2923 2923
2924 2924 user_groups_rows = []
2925 2925 if expand_from_user_groups:
2926 2926 for ug in self.permission_user_groups(with_members=True):
2927 2927 for user_data in ug.members:
2928 2928 user_groups_rows.append(user_data)
2929 2929
2930 2930 return super_admin_rows + owner_row + perm_rows + user_groups_rows
2931 2931
2932 2932 def permission_user_groups(self, with_members=False):
2933 2933 q = UserGroupRepoGroupToPerm.query()\
2934 2934 .filter(UserGroupRepoGroupToPerm.group == self)
2935 2935 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
2936 2936 joinedload(UserGroupRepoGroupToPerm.users_group),
2937 2937 joinedload(UserGroupRepoGroupToPerm.permission),)
2938 2938
2939 2939 perm_rows = []
2940 2940 for _user_group in q.all():
2941 2941 entry = AttributeDict(_user_group.users_group.get_dict())
2942 2942 entry.permission = _user_group.permission.permission_name
2943 2943 if with_members:
2944 2944 entry.members = [x.user.get_dict()
2945 2945 for x in _user_group.users_group.members]
2946 2946 perm_rows.append(entry)
2947 2947
2948 2948 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2949 2949 return perm_rows
2950 2950
2951 2951 def get_api_data(self):
2952 2952 """
2953 2953 Common function for generating api data
2954 2954
2955 2955 """
2956 2956 group = self
2957 2957 data = {
2958 2958 'group_id': group.group_id,
2959 2959 'group_name': group.group_name,
2960 2960 'group_description': group.description_safe,
2961 2961 'parent_group': group.parent_group.group_name if group.parent_group else None,
2962 2962 'repositories': [x.repo_name for x in group.repositories],
2963 2963 'owner': group.user.username,
2964 2964 }
2965 2965 return data
2966 2966
2967 2967 def get_dict(self):
2968 2968 # Since we transformed `group_name` to a hybrid property, we need to
2969 2969 # keep compatibility with the code which uses `group_name` field.
2970 2970 result = super(RepoGroup, self).get_dict()
2971 2971 result['group_name'] = result.pop('_group_name', None)
2972 2972 return result
2973 2973
2974 2974
2975 2975 class Permission(Base, BaseModel):
2976 2976 __tablename__ = 'permissions'
2977 2977 __table_args__ = (
2978 2978 Index('p_perm_name_idx', 'permission_name'),
2979 2979 base_table_args,
2980 2980 )
2981 2981
2982 2982 PERMS = [
2983 2983 ('hg.admin', _('RhodeCode Super Administrator')),
2984 2984
2985 2985 ('repository.none', _('Repository no access')),
2986 2986 ('repository.read', _('Repository read access')),
2987 2987 ('repository.write', _('Repository write access')),
2988 2988 ('repository.admin', _('Repository admin access')),
2989 2989
2990 2990 ('group.none', _('Repository group no access')),
2991 2991 ('group.read', _('Repository group read access')),
2992 2992 ('group.write', _('Repository group write access')),
2993 2993 ('group.admin', _('Repository group admin access')),
2994 2994
2995 2995 ('usergroup.none', _('User group no access')),
2996 2996 ('usergroup.read', _('User group read access')),
2997 2997 ('usergroup.write', _('User group write access')),
2998 2998 ('usergroup.admin', _('User group admin access')),
2999 2999
3000 3000 ('branch.none', _('Branch no permissions')),
3001 3001 ('branch.merge', _('Branch access by web merge')),
3002 3002 ('branch.push', _('Branch access by push')),
3003 3003 ('branch.push_force', _('Branch access by push with force')),
3004 3004
3005 3005 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
3006 3006 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
3007 3007
3008 3008 ('hg.usergroup.create.false', _('User Group creation disabled')),
3009 3009 ('hg.usergroup.create.true', _('User Group creation enabled')),
3010 3010
3011 3011 ('hg.create.none', _('Repository creation disabled')),
3012 3012 ('hg.create.repository', _('Repository creation enabled')),
3013 3013 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
3014 3014 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
3015 3015
3016 3016 ('hg.fork.none', _('Repository forking disabled')),
3017 3017 ('hg.fork.repository', _('Repository forking enabled')),
3018 3018
3019 3019 ('hg.register.none', _('Registration disabled')),
3020 3020 ('hg.register.manual_activate', _('User Registration with manual account activation')),
3021 3021 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
3022 3022
3023 3023 ('hg.password_reset.enabled', _('Password reset enabled')),
3024 3024 ('hg.password_reset.hidden', _('Password reset hidden')),
3025 3025 ('hg.password_reset.disabled', _('Password reset disabled')),
3026 3026
3027 3027 ('hg.extern_activate.manual', _('Manual activation of external account')),
3028 3028 ('hg.extern_activate.auto', _('Automatic activation of external account')),
3029 3029
3030 3030 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
3031 3031 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
3032 3032 ]
3033 3033
3034 3034 # definition of system default permissions for DEFAULT user, created on
3035 3035 # system setup
3036 3036 DEFAULT_USER_PERMISSIONS = [
3037 3037 # object perms
3038 3038 'repository.read',
3039 3039 'group.read',
3040 3040 'usergroup.read',
3041 3041 # branch, for backward compat we need same value as before so forced pushed
3042 3042 'branch.push_force',
3043 3043 # global
3044 3044 'hg.create.repository',
3045 3045 'hg.repogroup.create.false',
3046 3046 'hg.usergroup.create.false',
3047 3047 'hg.create.write_on_repogroup.true',
3048 3048 'hg.fork.repository',
3049 3049 'hg.register.manual_activate',
3050 3050 'hg.password_reset.enabled',
3051 3051 'hg.extern_activate.auto',
3052 3052 'hg.inherit_default_perms.true',
3053 3053 ]
3054 3054
3055 3055 # defines which permissions are more important higher the more important
3056 3056 # Weight defines which permissions are more important.
3057 3057 # The higher number the more important.
3058 3058 PERM_WEIGHTS = {
3059 3059 'repository.none': 0,
3060 3060 'repository.read': 1,
3061 3061 'repository.write': 3,
3062 3062 'repository.admin': 4,
3063 3063
3064 3064 'group.none': 0,
3065 3065 'group.read': 1,
3066 3066 'group.write': 3,
3067 3067 'group.admin': 4,
3068 3068
3069 3069 'usergroup.none': 0,
3070 3070 'usergroup.read': 1,
3071 3071 'usergroup.write': 3,
3072 3072 'usergroup.admin': 4,
3073 3073
3074 3074 'branch.none': 0,
3075 3075 'branch.merge': 1,
3076 3076 'branch.push': 3,
3077 3077 'branch.push_force': 4,
3078 3078
3079 3079 'hg.repogroup.create.false': 0,
3080 3080 'hg.repogroup.create.true': 1,
3081 3081
3082 3082 'hg.usergroup.create.false': 0,
3083 3083 'hg.usergroup.create.true': 1,
3084 3084
3085 3085 'hg.fork.none': 0,
3086 3086 'hg.fork.repository': 1,
3087 3087 'hg.create.none': 0,
3088 3088 'hg.create.repository': 1
3089 3089 }
3090 3090
3091 3091 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3092 3092 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
3093 3093 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
3094 3094
3095 3095 def __unicode__(self):
3096 3096 return u"<%s('%s:%s')>" % (
3097 3097 self.__class__.__name__, self.permission_id, self.permission_name
3098 3098 )
3099 3099
3100 3100 @classmethod
3101 3101 def get_by_key(cls, key):
3102 3102 return cls.query().filter(cls.permission_name == key).scalar()
3103 3103
3104 3104 @classmethod
3105 3105 def get_default_repo_perms(cls, user_id, repo_id=None):
3106 3106 q = Session().query(UserRepoToPerm, Repository, Permission)\
3107 3107 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
3108 3108 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
3109 3109 .filter(UserRepoToPerm.user_id == user_id)
3110 3110 if repo_id:
3111 3111 q = q.filter(UserRepoToPerm.repository_id == repo_id)
3112 3112 return q.all()
3113 3113
3114 3114 @classmethod
3115 3115 def get_default_repo_branch_perms(cls, user_id, repo_id=None):
3116 3116 q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \
3117 3117 .join(
3118 3118 Permission,
3119 3119 UserToRepoBranchPermission.permission_id == Permission.permission_id) \
3120 3120 .join(
3121 3121 UserRepoToPerm,
3122 3122 UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \
3123 3123 .filter(UserRepoToPerm.user_id == user_id)
3124 3124
3125 3125 if repo_id:
3126 3126 q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)
3127 3127 return q.order_by(UserToRepoBranchPermission.rule_order).all()
3128 3128
3129 3129 @classmethod
3130 3130 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
3131 3131 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
3132 3132 .join(
3133 3133 Permission,
3134 3134 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
3135 3135 .join(
3136 3136 Repository,
3137 3137 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
3138 3138 .join(
3139 3139 UserGroup,
3140 3140 UserGroupRepoToPerm.users_group_id ==
3141 3141 UserGroup.users_group_id)\
3142 3142 .join(
3143 3143 UserGroupMember,
3144 3144 UserGroupRepoToPerm.users_group_id ==
3145 3145 UserGroupMember.users_group_id)\
3146 3146 .filter(
3147 3147 UserGroupMember.user_id == user_id,
3148 3148 UserGroup.users_group_active == true())
3149 3149 if repo_id:
3150 3150 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
3151 3151 return q.all()
3152 3152
3153 3153 @classmethod
3154 3154 def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):
3155 3155 q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \
3156 3156 .join(
3157 3157 Permission,
3158 3158 UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \
3159 3159 .join(
3160 3160 UserGroupRepoToPerm,
3161 3161 UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \
3162 3162 .join(
3163 3163 UserGroup,
3164 3164 UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \
3165 3165 .join(
3166 3166 UserGroupMember,
3167 3167 UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \
3168 3168 .filter(
3169 3169 UserGroupMember.user_id == user_id,
3170 3170 UserGroup.users_group_active == true())
3171 3171
3172 3172 if repo_id:
3173 3173 q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)
3174 3174 return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()
3175 3175
3176 3176 @classmethod
3177 3177 def get_default_group_perms(cls, user_id, repo_group_id=None):
3178 3178 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
3179 3179 .join(
3180 3180 Permission,
3181 3181 UserRepoGroupToPerm.permission_id == Permission.permission_id)\
3182 3182 .join(
3183 3183 RepoGroup,
3184 3184 UserRepoGroupToPerm.group_id == RepoGroup.group_id)\
3185 3185 .filter(UserRepoGroupToPerm.user_id == user_id)
3186 3186 if repo_group_id:
3187 3187 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
3188 3188 return q.all()
3189 3189
3190 3190 @classmethod
3191 3191 def get_default_group_perms_from_user_group(
3192 3192 cls, user_id, repo_group_id=None):
3193 3193 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
3194 3194 .join(
3195 3195 Permission,
3196 3196 UserGroupRepoGroupToPerm.permission_id ==
3197 3197 Permission.permission_id)\
3198 3198 .join(
3199 3199 RepoGroup,
3200 3200 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
3201 3201 .join(
3202 3202 UserGroup,
3203 3203 UserGroupRepoGroupToPerm.users_group_id ==
3204 3204 UserGroup.users_group_id)\
3205 3205 .join(
3206 3206 UserGroupMember,
3207 3207 UserGroupRepoGroupToPerm.users_group_id ==
3208 3208 UserGroupMember.users_group_id)\
3209 3209 .filter(
3210 3210 UserGroupMember.user_id == user_id,
3211 3211 UserGroup.users_group_active == true())
3212 3212 if repo_group_id:
3213 3213 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
3214 3214 return q.all()
3215 3215
3216 3216 @classmethod
3217 3217 def get_default_user_group_perms(cls, user_id, user_group_id=None):
3218 3218 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
3219 3219 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
3220 3220 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
3221 3221 .filter(UserUserGroupToPerm.user_id == user_id)
3222 3222 if user_group_id:
3223 3223 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
3224 3224 return q.all()
3225 3225
3226 3226 @classmethod
3227 3227 def get_default_user_group_perms_from_user_group(
3228 3228 cls, user_id, user_group_id=None):
3229 3229 TargetUserGroup = aliased(UserGroup, name='target_user_group')
3230 3230 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
3231 3231 .join(
3232 3232 Permission,
3233 3233 UserGroupUserGroupToPerm.permission_id ==
3234 3234 Permission.permission_id)\
3235 3235 .join(
3236 3236 TargetUserGroup,
3237 3237 UserGroupUserGroupToPerm.target_user_group_id ==
3238 3238 TargetUserGroup.users_group_id)\
3239 3239 .join(
3240 3240 UserGroup,
3241 3241 UserGroupUserGroupToPerm.user_group_id ==
3242 3242 UserGroup.users_group_id)\
3243 3243 .join(
3244 3244 UserGroupMember,
3245 3245 UserGroupUserGroupToPerm.user_group_id ==
3246 3246 UserGroupMember.users_group_id)\
3247 3247 .filter(
3248 3248 UserGroupMember.user_id == user_id,
3249 3249 UserGroup.users_group_active == true())
3250 3250 if user_group_id:
3251 3251 q = q.filter(
3252 3252 UserGroupUserGroupToPerm.user_group_id == user_group_id)
3253 3253
3254 3254 return q.all()
3255 3255
3256 3256
3257 3257 class UserRepoToPerm(Base, BaseModel):
3258 3258 __tablename__ = 'repo_to_perm'
3259 3259 __table_args__ = (
3260 3260 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
3261 3261 base_table_args
3262 3262 )
3263 3263
3264 3264 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3265 3265 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3266 3266 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3267 3267 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3268 3268
3269 3269 user = relationship('User')
3270 3270 repository = relationship('Repository')
3271 3271 permission = relationship('Permission')
3272 3272
3273 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete, delete-orphan", lazy='joined')
3273 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete-orphan", lazy='joined')
3274 3274
3275 3275 @classmethod
3276 3276 def create(cls, user, repository, permission):
3277 3277 n = cls()
3278 3278 n.user = user
3279 3279 n.repository = repository
3280 3280 n.permission = permission
3281 3281 Session().add(n)
3282 3282 return n
3283 3283
3284 3284 def __unicode__(self):
3285 3285 return u'<%s => %s >' % (self.user, self.repository)
3286 3286
3287 3287
3288 3288 class UserUserGroupToPerm(Base, BaseModel):
3289 3289 __tablename__ = 'user_user_group_to_perm'
3290 3290 __table_args__ = (
3291 3291 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
3292 3292 base_table_args
3293 3293 )
3294 3294
3295 3295 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3296 3296 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3297 3297 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3298 3298 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3299 3299
3300 3300 user = relationship('User')
3301 3301 user_group = relationship('UserGroup')
3302 3302 permission = relationship('Permission')
3303 3303
3304 3304 @classmethod
3305 3305 def create(cls, user, user_group, permission):
3306 3306 n = cls()
3307 3307 n.user = user
3308 3308 n.user_group = user_group
3309 3309 n.permission = permission
3310 3310 Session().add(n)
3311 3311 return n
3312 3312
3313 3313 def __unicode__(self):
3314 3314 return u'<%s => %s >' % (self.user, self.user_group)
3315 3315
3316 3316
3317 3317 class UserToPerm(Base, BaseModel):
3318 3318 __tablename__ = 'user_to_perm'
3319 3319 __table_args__ = (
3320 3320 UniqueConstraint('user_id', 'permission_id'),
3321 3321 base_table_args
3322 3322 )
3323 3323
3324 3324 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3325 3325 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3326 3326 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3327 3327
3328 3328 user = relationship('User')
3329 3329 permission = relationship('Permission', lazy='joined')
3330 3330
3331 3331 def __unicode__(self):
3332 3332 return u'<%s => %s >' % (self.user, self.permission)
3333 3333
3334 3334
3335 3335 class UserGroupRepoToPerm(Base, BaseModel):
3336 3336 __tablename__ = 'users_group_repo_to_perm'
3337 3337 __table_args__ = (
3338 3338 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
3339 3339 base_table_args
3340 3340 )
3341 3341
3342 3342 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3343 3343 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3344 3344 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3345 3345 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3346 3346
3347 3347 users_group = relationship('UserGroup')
3348 3348 permission = relationship('Permission')
3349 3349 repository = relationship('Repository')
3350 3350 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission', cascade='all')
3351 3351
3352 3352 @classmethod
3353 3353 def create(cls, users_group, repository, permission):
3354 3354 n = cls()
3355 3355 n.users_group = users_group
3356 3356 n.repository = repository
3357 3357 n.permission = permission
3358 3358 Session().add(n)
3359 3359 return n
3360 3360
3361 3361 def __unicode__(self):
3362 3362 return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
3363 3363
3364 3364
3365 3365 class UserGroupUserGroupToPerm(Base, BaseModel):
3366 3366 __tablename__ = 'user_group_user_group_to_perm'
3367 3367 __table_args__ = (
3368 3368 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
3369 3369 CheckConstraint('target_user_group_id != user_group_id'),
3370 3370 base_table_args
3371 3371 )
3372 3372
3373 3373 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3374 3374 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3375 3375 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3376 3376 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3377 3377
3378 3378 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
3379 3379 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3380 3380 permission = relationship('Permission')
3381 3381
3382 3382 @classmethod
3383 3383 def create(cls, target_user_group, user_group, permission):
3384 3384 n = cls()
3385 3385 n.target_user_group = target_user_group
3386 3386 n.user_group = user_group
3387 3387 n.permission = permission
3388 3388 Session().add(n)
3389 3389 return n
3390 3390
3391 3391 def __unicode__(self):
3392 3392 return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
3393 3393
3394 3394
3395 3395 class UserGroupToPerm(Base, BaseModel):
3396 3396 __tablename__ = 'users_group_to_perm'
3397 3397 __table_args__ = (
3398 3398 UniqueConstraint('users_group_id', 'permission_id',),
3399 3399 base_table_args
3400 3400 )
3401 3401
3402 3402 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3403 3403 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3404 3404 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3405 3405
3406 3406 users_group = relationship('UserGroup')
3407 3407 permission = relationship('Permission')
3408 3408
3409 3409
3410 3410 class UserRepoGroupToPerm(Base, BaseModel):
3411 3411 __tablename__ = 'user_repo_group_to_perm'
3412 3412 __table_args__ = (
3413 3413 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3414 3414 base_table_args
3415 3415 )
3416 3416
3417 3417 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3418 3418 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3419 3419 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3420 3420 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3421 3421
3422 3422 user = relationship('User')
3423 3423 group = relationship('RepoGroup')
3424 3424 permission = relationship('Permission')
3425 3425
3426 3426 @classmethod
3427 3427 def create(cls, user, repository_group, permission):
3428 3428 n = cls()
3429 3429 n.user = user
3430 3430 n.group = repository_group
3431 3431 n.permission = permission
3432 3432 Session().add(n)
3433 3433 return n
3434 3434
3435 3435
3436 3436 class UserGroupRepoGroupToPerm(Base, BaseModel):
3437 3437 __tablename__ = 'users_group_repo_group_to_perm'
3438 3438 __table_args__ = (
3439 3439 UniqueConstraint('users_group_id', 'group_id'),
3440 3440 base_table_args
3441 3441 )
3442 3442
3443 3443 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3444 3444 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3445 3445 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3446 3446 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3447 3447
3448 3448 users_group = relationship('UserGroup')
3449 3449 permission = relationship('Permission')
3450 3450 group = relationship('RepoGroup')
3451 3451
3452 3452 @classmethod
3453 3453 def create(cls, user_group, repository_group, permission):
3454 3454 n = cls()
3455 3455 n.users_group = user_group
3456 3456 n.group = repository_group
3457 3457 n.permission = permission
3458 3458 Session().add(n)
3459 3459 return n
3460 3460
3461 3461 def __unicode__(self):
3462 3462 return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3463 3463
3464 3464
3465 3465 class Statistics(Base, BaseModel):
3466 3466 __tablename__ = 'statistics'
3467 3467 __table_args__ = (
3468 3468 base_table_args
3469 3469 )
3470 3470
3471 3471 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3472 3472 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3473 3473 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3474 3474 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
3475 3475 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
3476 3476 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
3477 3477
3478 3478 repository = relationship('Repository', single_parent=True)
3479 3479
3480 3480
3481 3481 class UserFollowing(Base, BaseModel):
3482 3482 __tablename__ = 'user_followings'
3483 3483 __table_args__ = (
3484 3484 UniqueConstraint('user_id', 'follows_repository_id'),
3485 3485 UniqueConstraint('user_id', 'follows_user_id'),
3486 3486 base_table_args
3487 3487 )
3488 3488
3489 3489 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3490 3490 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3491 3491 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3492 3492 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3493 3493 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3494 3494
3495 3495 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
3496 3496
3497 3497 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3498 3498 follows_repository = relationship('Repository', order_by='Repository.repo_name')
3499 3499
3500 3500 @classmethod
3501 3501 def get_repo_followers(cls, repo_id):
3502 3502 return cls.query().filter(cls.follows_repo_id == repo_id)
3503 3503
3504 3504
3505 3505 class CacheKey(Base, BaseModel):
3506 3506 __tablename__ = 'cache_invalidation'
3507 3507 __table_args__ = (
3508 3508 UniqueConstraint('cache_key'),
3509 3509 Index('key_idx', 'cache_key'),
3510 3510 base_table_args,
3511 3511 )
3512 3512
3513 3513 CACHE_TYPE_FEED = 'FEED'
3514 3514
3515 3515 # namespaces used to register process/thread aware caches
3516 3516 REPO_INVALIDATION_NAMESPACE = 'repo_cache:{repo_id}'
3517 3517 SETTINGS_INVALIDATION_NAMESPACE = 'system_settings'
3518 3518
3519 3519 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3520 3520 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3521 3521 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3522 3522 cache_state_uid = Column("cache_state_uid", String(255), nullable=True, unique=None, default=None)
3523 3523 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3524 3524
3525 3525 def __init__(self, cache_key, cache_args='', cache_state_uid=None):
3526 3526 self.cache_key = cache_key
3527 3527 self.cache_args = cache_args
3528 3528 self.cache_active = False
3529 3529 # first key should be same for all entries, since all workers should share it
3530 3530 self.cache_state_uid = cache_state_uid or self.generate_new_state_uid()
3531 3531
3532 3532 def __unicode__(self):
3533 3533 return u"<%s('%s:%s[%s]')>" % (
3534 3534 self.__class__.__name__,
3535 3535 self.cache_id, self.cache_key, self.cache_active)
3536 3536
3537 3537 def _cache_key_partition(self):
3538 3538 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3539 3539 return prefix, repo_name, suffix
3540 3540
3541 3541 def get_prefix(self):
3542 3542 """
3543 3543 Try to extract prefix from existing cache key. The key could consist
3544 3544 of prefix, repo_name, suffix
3545 3545 """
3546 3546 # this returns prefix, repo_name, suffix
3547 3547 return self._cache_key_partition()[0]
3548 3548
3549 3549 def get_suffix(self):
3550 3550 """
3551 3551 get suffix that might have been used in _get_cache_key to
3552 3552 generate self.cache_key. Only used for informational purposes
3553 3553 in repo_edit.mako.
3554 3554 """
3555 3555 # prefix, repo_name, suffix
3556 3556 return self._cache_key_partition()[2]
3557 3557
3558 3558 @classmethod
3559 3559 def generate_new_state_uid(cls, based_on=None):
3560 3560 if based_on:
3561 3561 return str(uuid.uuid5(uuid.NAMESPACE_URL, safe_str(based_on)))
3562 3562 else:
3563 3563 return str(uuid.uuid4())
3564 3564
3565 3565 @classmethod
3566 3566 def delete_all_cache(cls):
3567 3567 """
3568 3568 Delete all cache keys from database.
3569 3569 Should only be run when all instances are down and all entries
3570 3570 thus stale.
3571 3571 """
3572 3572 cls.query().delete()
3573 3573 Session().commit()
3574 3574
3575 3575 @classmethod
3576 3576 def set_invalidate(cls, cache_uid, delete=False):
3577 3577 """
3578 3578 Mark all caches of a repo as invalid in the database.
3579 3579 """
3580 3580
3581 3581 try:
3582 3582 qry = Session().query(cls).filter(cls.cache_args == cache_uid)
3583 3583 if delete:
3584 3584 qry.delete()
3585 3585 log.debug('cache objects deleted for cache args %s',
3586 3586 safe_str(cache_uid))
3587 3587 else:
3588 3588 qry.update({"cache_active": False,
3589 3589 "cache_state_uid": cls.generate_new_state_uid()})
3590 3590 log.debug('cache objects marked as invalid for cache args %s',
3591 3591 safe_str(cache_uid))
3592 3592
3593 3593 Session().commit()
3594 3594 except Exception:
3595 3595 log.exception(
3596 3596 'Cache key invalidation failed for cache args %s',
3597 3597 safe_str(cache_uid))
3598 3598 Session().rollback()
3599 3599
3600 3600 @classmethod
3601 3601 def get_active_cache(cls, cache_key):
3602 3602 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3603 3603 if inv_obj:
3604 3604 return inv_obj
3605 3605 return None
3606 3606
3607 3607 @classmethod
3608 3608 def get_namespace_map(cls, namespace):
3609 3609 return {
3610 3610 x.cache_key: x
3611 3611 for x in cls.query().filter(cls.cache_args == namespace)}
3612 3612
3613 3613
3614 3614 class ChangesetComment(Base, BaseModel):
3615 3615 __tablename__ = 'changeset_comments'
3616 3616 __table_args__ = (
3617 3617 Index('cc_revision_idx', 'revision'),
3618 3618 base_table_args,
3619 3619 )
3620 3620
3621 3621 COMMENT_OUTDATED = u'comment_outdated'
3622 3622 COMMENT_TYPE_NOTE = u'note'
3623 3623 COMMENT_TYPE_TODO = u'todo'
3624 3624 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3625 3625
3626 3626 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3627 3627 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3628 3628 revision = Column('revision', String(40), nullable=True)
3629 3629 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3630 3630 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3631 3631 line_no = Column('line_no', Unicode(10), nullable=True)
3632 3632 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3633 3633 f_path = Column('f_path', Unicode(1000), nullable=True)
3634 3634 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3635 3635 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3636 3636 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3637 3637 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3638 3638 renderer = Column('renderer', Unicode(64), nullable=True)
3639 3639 display_state = Column('display_state', Unicode(128), nullable=True)
3640 3640
3641 3641 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3642 3642 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3643 3643
3644 3644 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, back_populates='resolved_by')
3645 3645 resolved_by = relationship('ChangesetComment', back_populates='resolved_comment')
3646 3646
3647 3647 author = relationship('User', lazy='joined')
3648 3648 repo = relationship('Repository')
3649 status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan", lazy='joined')
3649 status_change = relationship('ChangesetStatus', cascade="all, delete-orphan", lazy='joined')
3650 3650 pull_request = relationship('PullRequest', lazy='joined')
3651 3651 pull_request_version = relationship('PullRequestVersion')
3652 3652
3653 3653 @classmethod
3654 3654 def get_users(cls, revision=None, pull_request_id=None):
3655 3655 """
3656 3656 Returns user associated with this ChangesetComment. ie those
3657 3657 who actually commented
3658 3658
3659 3659 :param cls:
3660 3660 :param revision:
3661 3661 """
3662 3662 q = Session().query(User)\
3663 3663 .join(ChangesetComment.author)
3664 3664 if revision:
3665 3665 q = q.filter(cls.revision == revision)
3666 3666 elif pull_request_id:
3667 3667 q = q.filter(cls.pull_request_id == pull_request_id)
3668 3668 return q.all()
3669 3669
3670 3670 @classmethod
3671 3671 def get_index_from_version(cls, pr_version, versions):
3672 3672 num_versions = [x.pull_request_version_id for x in versions]
3673 3673 try:
3674 3674 return num_versions.index(pr_version) +1
3675 3675 except (IndexError, ValueError):
3676 3676 return
3677 3677
3678 3678 @property
3679 3679 def outdated(self):
3680 3680 return self.display_state == self.COMMENT_OUTDATED
3681 3681
3682 3682 def outdated_at_version(self, version):
3683 3683 """
3684 3684 Checks if comment is outdated for given pull request version
3685 3685 """
3686 3686 return self.outdated and self.pull_request_version_id != version
3687 3687
3688 3688 def older_than_version(self, version):
3689 3689 """
3690 3690 Checks if comment is made from previous version than given
3691 3691 """
3692 3692 if version is None:
3693 3693 return self.pull_request_version_id is not None
3694 3694
3695 3695 return self.pull_request_version_id < version
3696 3696
3697 3697 @property
3698 3698 def resolved(self):
3699 3699 return self.resolved_by[0] if self.resolved_by else None
3700 3700
3701 3701 @property
3702 3702 def is_todo(self):
3703 3703 return self.comment_type == self.COMMENT_TYPE_TODO
3704 3704
3705 3705 @property
3706 3706 def is_inline(self):
3707 3707 return self.line_no and self.f_path
3708 3708
3709 3709 def get_index_version(self, versions):
3710 3710 return self.get_index_from_version(
3711 3711 self.pull_request_version_id, versions)
3712 3712
3713 3713 def __repr__(self):
3714 3714 if self.comment_id:
3715 3715 return '<DB:Comment #%s>' % self.comment_id
3716 3716 else:
3717 3717 return '<DB:Comment at %#x>' % id(self)
3718 3718
3719 3719 def get_api_data(self):
3720 3720 comment = self
3721 3721 data = {
3722 3722 'comment_id': comment.comment_id,
3723 3723 'comment_type': comment.comment_type,
3724 3724 'comment_text': comment.text,
3725 3725 'comment_status': comment.status_change,
3726 3726 'comment_f_path': comment.f_path,
3727 3727 'comment_lineno': comment.line_no,
3728 3728 'comment_author': comment.author,
3729 3729 'comment_created_on': comment.created_on,
3730 3730 'comment_resolved_by': self.resolved
3731 3731 }
3732 3732 return data
3733 3733
3734 3734 def __json__(self):
3735 3735 data = dict()
3736 3736 data.update(self.get_api_data())
3737 3737 return data
3738 3738
3739 3739
3740 3740 class ChangesetStatus(Base, BaseModel):
3741 3741 __tablename__ = 'changeset_statuses'
3742 3742 __table_args__ = (
3743 3743 Index('cs_revision_idx', 'revision'),
3744 3744 Index('cs_version_idx', 'version'),
3745 3745 UniqueConstraint('repo_id', 'revision', 'version'),
3746 3746 base_table_args
3747 3747 )
3748 3748
3749 3749 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
3750 3750 STATUS_APPROVED = 'approved'
3751 3751 STATUS_REJECTED = 'rejected'
3752 3752 STATUS_UNDER_REVIEW = 'under_review'
3753 3753
3754 3754 STATUSES = [
3755 3755 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
3756 3756 (STATUS_APPROVED, _("Approved")),
3757 3757 (STATUS_REJECTED, _("Rejected")),
3758 3758 (STATUS_UNDER_REVIEW, _("Under Review")),
3759 3759 ]
3760 3760
3761 3761 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
3762 3762 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3763 3763 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
3764 3764 revision = Column('revision', String(40), nullable=False)
3765 3765 status = Column('status', String(128), nullable=False, default=DEFAULT)
3766 3766 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
3767 3767 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
3768 3768 version = Column('version', Integer(), nullable=False, default=0)
3769 3769 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3770 3770
3771 3771 author = relationship('User', lazy='joined')
3772 3772 repo = relationship('Repository')
3773 3773 comment = relationship('ChangesetComment', lazy='joined')
3774 3774 pull_request = relationship('PullRequest', lazy='joined')
3775 3775
3776 3776 def __unicode__(self):
3777 3777 return u"<%s('%s[v%s]:%s')>" % (
3778 3778 self.__class__.__name__,
3779 3779 self.status, self.version, self.author
3780 3780 )
3781 3781
3782 3782 @classmethod
3783 3783 def get_status_lbl(cls, value):
3784 3784 return dict(cls.STATUSES).get(value)
3785 3785
3786 3786 @property
3787 3787 def status_lbl(self):
3788 3788 return ChangesetStatus.get_status_lbl(self.status)
3789 3789
3790 3790 def get_api_data(self):
3791 3791 status = self
3792 3792 data = {
3793 3793 'status_id': status.changeset_status_id,
3794 3794 'status': status.status,
3795 3795 }
3796 3796 return data
3797 3797
3798 3798 def __json__(self):
3799 3799 data = dict()
3800 3800 data.update(self.get_api_data())
3801 3801 return data
3802 3802
3803 3803
3804 3804 class _SetState(object):
3805 3805 """
3806 3806 Context processor allowing changing state for sensitive operation such as
3807 3807 pull request update or merge
3808 3808 """
3809 3809
3810 3810 def __init__(self, pull_request, pr_state, back_state=None):
3811 3811 self._pr = pull_request
3812 3812 self._org_state = back_state or pull_request.pull_request_state
3813 3813 self._pr_state = pr_state
3814 3814 self._current_state = None
3815 3815
3816 3816 def __enter__(self):
3817 3817 log.debug('StateLock: entering set state context, setting state to: `%s`',
3818 3818 self._pr_state)
3819 3819 self.set_pr_state(self._pr_state)
3820 3820 return self
3821 3821
3822 3822 def __exit__(self, exc_type, exc_val, exc_tb):
3823 3823 if exc_val is not None:
3824 3824 log.error(traceback.format_exc(exc_tb))
3825 3825 return None
3826 3826
3827 3827 self.set_pr_state(self._org_state)
3828 3828 log.debug('StateLock: exiting set state context, setting state to: `%s`',
3829 3829 self._org_state)
3830 3830 @property
3831 3831 def state(self):
3832 3832 return self._current_state
3833 3833
3834 3834 def set_pr_state(self, pr_state):
3835 3835 try:
3836 3836 self._pr.pull_request_state = pr_state
3837 3837 Session().add(self._pr)
3838 3838 Session().commit()
3839 3839 self._current_state = pr_state
3840 3840 except Exception:
3841 3841 log.exception('Failed to set PullRequest %s state to %s', self._pr, pr_state)
3842 3842 raise
3843 3843
3844 3844 class _PullRequestBase(BaseModel):
3845 3845 """
3846 3846 Common attributes of pull request and version entries.
3847 3847 """
3848 3848
3849 3849 # .status values
3850 3850 STATUS_NEW = u'new'
3851 3851 STATUS_OPEN = u'open'
3852 3852 STATUS_CLOSED = u'closed'
3853 3853
3854 3854 # available states
3855 3855 STATE_CREATING = u'creating'
3856 3856 STATE_UPDATING = u'updating'
3857 3857 STATE_MERGING = u'merging'
3858 3858 STATE_CREATED = u'created'
3859 3859
3860 3860 title = Column('title', Unicode(255), nullable=True)
3861 3861 description = Column(
3862 3862 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
3863 3863 nullable=True)
3864 3864 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
3865 3865
3866 3866 # new/open/closed status of pull request (not approve/reject/etc)
3867 3867 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
3868 3868 created_on = Column(
3869 3869 'created_on', DateTime(timezone=False), nullable=False,
3870 3870 default=datetime.datetime.now)
3871 3871 updated_on = Column(
3872 3872 'updated_on', DateTime(timezone=False), nullable=False,
3873 3873 default=datetime.datetime.now)
3874 3874
3875 3875 pull_request_state = Column("pull_request_state", String(255), nullable=True)
3876 3876
3877 3877 @declared_attr
3878 3878 def user_id(cls):
3879 3879 return Column(
3880 3880 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
3881 3881 unique=None)
3882 3882
3883 3883 # 500 revisions max
3884 3884 _revisions = Column(
3885 3885 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
3886 3886
3887 3887 @declared_attr
3888 3888 def source_repo_id(cls):
3889 3889 # TODO: dan: rename column to source_repo_id
3890 3890 return Column(
3891 3891 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3892 3892 nullable=False)
3893 3893
3894 3894 _source_ref = Column('org_ref', Unicode(255), nullable=False)
3895 3895
3896 3896 @hybrid_property
3897 3897 def source_ref(self):
3898 3898 return self._source_ref
3899 3899
3900 3900 @source_ref.setter
3901 3901 def source_ref(self, val):
3902 3902 parts = (val or '').split(':')
3903 3903 if len(parts) != 3:
3904 3904 raise ValueError(
3905 3905 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
3906 3906 self._source_ref = safe_unicode(val)
3907 3907
3908 3908 _target_ref = Column('other_ref', Unicode(255), nullable=False)
3909 3909
3910 3910 @hybrid_property
3911 3911 def target_ref(self):
3912 3912 return self._target_ref
3913 3913
3914 3914 @target_ref.setter
3915 3915 def target_ref(self, val):
3916 3916 parts = (val or '').split(':')
3917 3917 if len(parts) != 3:
3918 3918 raise ValueError(
3919 3919 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
3920 3920 self._target_ref = safe_unicode(val)
3921 3921
3922 3922 @declared_attr
3923 3923 def target_repo_id(cls):
3924 3924 # TODO: dan: rename column to target_repo_id
3925 3925 return Column(
3926 3926 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3927 3927 nullable=False)
3928 3928
3929 3929 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
3930 3930
3931 3931 # TODO: dan: rename column to last_merge_source_rev
3932 3932 _last_merge_source_rev = Column(
3933 3933 'last_merge_org_rev', String(40), nullable=True)
3934 3934 # TODO: dan: rename column to last_merge_target_rev
3935 3935 _last_merge_target_rev = Column(
3936 3936 'last_merge_other_rev', String(40), nullable=True)
3937 3937 _last_merge_status = Column('merge_status', Integer(), nullable=True)
3938 3938 merge_rev = Column('merge_rev', String(40), nullable=True)
3939 3939
3940 3940 reviewer_data = Column(
3941 3941 'reviewer_data_json', MutationObj.as_mutable(
3942 3942 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3943 3943
3944 3944 @property
3945 3945 def reviewer_data_json(self):
3946 3946 return json.dumps(self.reviewer_data)
3947 3947
3948 3948 @hybrid_property
3949 3949 def description_safe(self):
3950 3950 from rhodecode.lib import helpers as h
3951 3951 return h.escape(self.description)
3952 3952
3953 3953 @hybrid_property
3954 3954 def revisions(self):
3955 3955 return self._revisions.split(':') if self._revisions else []
3956 3956
3957 3957 @revisions.setter
3958 3958 def revisions(self, val):
3959 3959 self._revisions = u':'.join(val)
3960 3960
3961 3961 @hybrid_property
3962 3962 def last_merge_status(self):
3963 3963 return safe_int(self._last_merge_status)
3964 3964
3965 3965 @last_merge_status.setter
3966 3966 def last_merge_status(self, val):
3967 3967 self._last_merge_status = val
3968 3968
3969 3969 @declared_attr
3970 3970 def author(cls):
3971 3971 return relationship('User', lazy='joined')
3972 3972
3973 3973 @declared_attr
3974 3974 def source_repo(cls):
3975 3975 return relationship(
3976 3976 'Repository',
3977 3977 primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
3978 3978
3979 3979 @property
3980 3980 def source_ref_parts(self):
3981 3981 return self.unicode_to_reference(self.source_ref)
3982 3982
3983 3983 @declared_attr
3984 3984 def target_repo(cls):
3985 3985 return relationship(
3986 3986 'Repository',
3987 3987 primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
3988 3988
3989 3989 @property
3990 3990 def target_ref_parts(self):
3991 3991 return self.unicode_to_reference(self.target_ref)
3992 3992
3993 3993 @property
3994 3994 def shadow_merge_ref(self):
3995 3995 return self.unicode_to_reference(self._shadow_merge_ref)
3996 3996
3997 3997 @shadow_merge_ref.setter
3998 3998 def shadow_merge_ref(self, ref):
3999 3999 self._shadow_merge_ref = self.reference_to_unicode(ref)
4000 4000
4001 4001 @staticmethod
4002 4002 def unicode_to_reference(raw):
4003 4003 """
4004 4004 Convert a unicode (or string) to a reference object.
4005 4005 If unicode evaluates to False it returns None.
4006 4006 """
4007 4007 if raw:
4008 4008 refs = raw.split(':')
4009 4009 return Reference(*refs)
4010 4010 else:
4011 4011 return None
4012 4012
4013 4013 @staticmethod
4014 4014 def reference_to_unicode(ref):
4015 4015 """
4016 4016 Convert a reference object to unicode.
4017 4017 If reference is None it returns None.
4018 4018 """
4019 4019 if ref:
4020 4020 return u':'.join(ref)
4021 4021 else:
4022 4022 return None
4023 4023
4024 4024 def get_api_data(self, with_merge_state=True):
4025 4025 from rhodecode.model.pull_request import PullRequestModel
4026 4026
4027 4027 pull_request = self
4028 4028 if with_merge_state:
4029 4029 merge_status = PullRequestModel().merge_status(pull_request)
4030 4030 merge_state = {
4031 4031 'status': merge_status[0],
4032 4032 'message': safe_unicode(merge_status[1]),
4033 4033 }
4034 4034 else:
4035 4035 merge_state = {'status': 'not_available',
4036 4036 'message': 'not_available'}
4037 4037
4038 4038 merge_data = {
4039 4039 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
4040 4040 'reference': (
4041 4041 pull_request.shadow_merge_ref._asdict()
4042 4042 if pull_request.shadow_merge_ref else None),
4043 4043 }
4044 4044
4045 4045 data = {
4046 4046 'pull_request_id': pull_request.pull_request_id,
4047 4047 'url': PullRequestModel().get_url(pull_request),
4048 4048 'title': pull_request.title,
4049 4049 'description': pull_request.description,
4050 4050 'status': pull_request.status,
4051 4051 'state': pull_request.pull_request_state,
4052 4052 'created_on': pull_request.created_on,
4053 4053 'updated_on': pull_request.updated_on,
4054 4054 'commit_ids': pull_request.revisions,
4055 4055 'review_status': pull_request.calculated_review_status(),
4056 4056 'mergeable': merge_state,
4057 4057 'source': {
4058 4058 'clone_url': pull_request.source_repo.clone_url(),
4059 4059 'repository': pull_request.source_repo.repo_name,
4060 4060 'reference': {
4061 4061 'name': pull_request.source_ref_parts.name,
4062 4062 'type': pull_request.source_ref_parts.type,
4063 4063 'commit_id': pull_request.source_ref_parts.commit_id,
4064 4064 },
4065 4065 },
4066 4066 'target': {
4067 4067 'clone_url': pull_request.target_repo.clone_url(),
4068 4068 'repository': pull_request.target_repo.repo_name,
4069 4069 'reference': {
4070 4070 'name': pull_request.target_ref_parts.name,
4071 4071 'type': pull_request.target_ref_parts.type,
4072 4072 'commit_id': pull_request.target_ref_parts.commit_id,
4073 4073 },
4074 4074 },
4075 4075 'merge': merge_data,
4076 4076 'author': pull_request.author.get_api_data(include_secrets=False,
4077 4077 details='basic'),
4078 4078 'reviewers': [
4079 4079 {
4080 4080 'user': reviewer.get_api_data(include_secrets=False,
4081 4081 details='basic'),
4082 4082 'reasons': reasons,
4083 4083 'review_status': st[0][1].status if st else 'not_reviewed',
4084 4084 }
4085 4085 for obj, reviewer, reasons, mandatory, st in
4086 4086 pull_request.reviewers_statuses()
4087 4087 ]
4088 4088 }
4089 4089
4090 4090 return data
4091 4091
4092 4092 def set_state(self, pull_request_state, final_state=None):
4093 4093 """
4094 4094 # goes from initial state to updating to initial state.
4095 4095 # initial state can be changed by specifying back_state=
4096 4096 with pull_request_obj.set_state(PullRequest.STATE_UPDATING):
4097 4097 pull_request.merge()
4098 4098
4099 4099 :param pull_request_state:
4100 4100 :param final_state:
4101 4101
4102 4102 """
4103 4103
4104 4104 return _SetState(self, pull_request_state, back_state=final_state)
4105 4105
4106 4106
4107 4107 class PullRequest(Base, _PullRequestBase):
4108 4108 __tablename__ = 'pull_requests'
4109 4109 __table_args__ = (
4110 4110 base_table_args,
4111 4111 )
4112 4112
4113 4113 pull_request_id = Column(
4114 4114 'pull_request_id', Integer(), nullable=False, primary_key=True)
4115 4115
4116 4116 def __repr__(self):
4117 4117 if self.pull_request_id:
4118 4118 return '<DB:PullRequest #%s>' % self.pull_request_id
4119 4119 else:
4120 4120 return '<DB:PullRequest at %#x>' % id(self)
4121 4121
4122 4122 reviewers = relationship('PullRequestReviewers',
4123 cascade="all, delete, delete-orphan")
4123 cascade="all, delete-orphan")
4124 4124 statuses = relationship('ChangesetStatus',
4125 cascade="all, delete, delete-orphan")
4125 cascade="all, delete-orphan")
4126 4126 comments = relationship('ChangesetComment',
4127 cascade="all, delete, delete-orphan")
4127 cascade="all, delete-orphan")
4128 4128 versions = relationship('PullRequestVersion',
4129 cascade="all, delete, delete-orphan",
4129 cascade="all, delete-orphan",
4130 4130 lazy='dynamic')
4131 4131
4132 4132 @classmethod
4133 4133 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
4134 4134 internal_methods=None):
4135 4135
4136 4136 class PullRequestDisplay(object):
4137 4137 """
4138 4138 Special object wrapper for showing PullRequest data via Versions
4139 4139 It mimics PR object as close as possible. This is read only object
4140 4140 just for display
4141 4141 """
4142 4142
4143 4143 def __init__(self, attrs, internal=None):
4144 4144 self.attrs = attrs
4145 4145 # internal have priority over the given ones via attrs
4146 4146 self.internal = internal or ['versions']
4147 4147
4148 4148 def __getattr__(self, item):
4149 4149 if item in self.internal:
4150 4150 return getattr(self, item)
4151 4151 try:
4152 4152 return self.attrs[item]
4153 4153 except KeyError:
4154 4154 raise AttributeError(
4155 4155 '%s object has no attribute %s' % (self, item))
4156 4156
4157 4157 def __repr__(self):
4158 4158 return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
4159 4159
4160 4160 def versions(self):
4161 4161 return pull_request_obj.versions.order_by(
4162 4162 PullRequestVersion.pull_request_version_id).all()
4163 4163
4164 4164 def is_closed(self):
4165 4165 return pull_request_obj.is_closed()
4166 4166
4167 4167 @property
4168 4168 def pull_request_version_id(self):
4169 4169 return getattr(pull_request_obj, 'pull_request_version_id', None)
4170 4170
4171 4171 attrs = StrictAttributeDict(pull_request_obj.get_api_data(with_merge_state=False))
4172 4172
4173 4173 attrs.author = StrictAttributeDict(
4174 4174 pull_request_obj.author.get_api_data())
4175 4175 if pull_request_obj.target_repo:
4176 4176 attrs.target_repo = StrictAttributeDict(
4177 4177 pull_request_obj.target_repo.get_api_data())
4178 4178 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
4179 4179
4180 4180 if pull_request_obj.source_repo:
4181 4181 attrs.source_repo = StrictAttributeDict(
4182 4182 pull_request_obj.source_repo.get_api_data())
4183 4183 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
4184 4184
4185 4185 attrs.source_ref_parts = pull_request_obj.source_ref_parts
4186 4186 attrs.target_ref_parts = pull_request_obj.target_ref_parts
4187 4187 attrs.revisions = pull_request_obj.revisions
4188 4188
4189 4189 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
4190 4190 attrs.reviewer_data = org_pull_request_obj.reviewer_data
4191 4191 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
4192 4192
4193 4193 return PullRequestDisplay(attrs, internal=internal_methods)
4194 4194
4195 4195 def is_closed(self):
4196 4196 return self.status == self.STATUS_CLOSED
4197 4197
4198 4198 def __json__(self):
4199 4199 return {
4200 4200 'revisions': self.revisions,
4201 4201 }
4202 4202
4203 4203 def calculated_review_status(self):
4204 4204 from rhodecode.model.changeset_status import ChangesetStatusModel
4205 4205 return ChangesetStatusModel().calculated_review_status(self)
4206 4206
4207 4207 def reviewers_statuses(self):
4208 4208 from rhodecode.model.changeset_status import ChangesetStatusModel
4209 4209 return ChangesetStatusModel().reviewers_statuses(self)
4210 4210
4211 4211 @property
4212 4212 def workspace_id(self):
4213 4213 from rhodecode.model.pull_request import PullRequestModel
4214 4214 return PullRequestModel()._workspace_id(self)
4215 4215
4216 4216 def get_shadow_repo(self):
4217 4217 workspace_id = self.workspace_id
4218 4218 shadow_repository_path = self.target_repo.get_shadow_repository_path(workspace_id)
4219 4219 if os.path.isdir(shadow_repository_path):
4220 4220 vcs_obj = self.target_repo.scm_instance()
4221 4221 return vcs_obj.get_shadow_instance(shadow_repository_path)
4222 4222
4223 4223
4224 4224 class PullRequestVersion(Base, _PullRequestBase):
4225 4225 __tablename__ = 'pull_request_versions'
4226 4226 __table_args__ = (
4227 4227 base_table_args,
4228 4228 )
4229 4229
4230 4230 pull_request_version_id = Column(
4231 4231 'pull_request_version_id', Integer(), nullable=False, primary_key=True)
4232 4232 pull_request_id = Column(
4233 4233 'pull_request_id', Integer(),
4234 4234 ForeignKey('pull_requests.pull_request_id'), nullable=False)
4235 4235 pull_request = relationship('PullRequest')
4236 4236
4237 4237 def __repr__(self):
4238 4238 if self.pull_request_version_id:
4239 4239 return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
4240 4240 else:
4241 4241 return '<DB:PullRequestVersion at %#x>' % id(self)
4242 4242
4243 4243 @property
4244 4244 def reviewers(self):
4245 4245 return self.pull_request.reviewers
4246 4246
4247 4247 @property
4248 4248 def versions(self):
4249 4249 return self.pull_request.versions
4250 4250
4251 4251 def is_closed(self):
4252 4252 # calculate from original
4253 4253 return self.pull_request.status == self.STATUS_CLOSED
4254 4254
4255 4255 def calculated_review_status(self):
4256 4256 return self.pull_request.calculated_review_status()
4257 4257
4258 4258 def reviewers_statuses(self):
4259 4259 return self.pull_request.reviewers_statuses()
4260 4260
4261 4261
4262 4262 class PullRequestReviewers(Base, BaseModel):
4263 4263 __tablename__ = 'pull_request_reviewers'
4264 4264 __table_args__ = (
4265 4265 base_table_args,
4266 4266 )
4267 4267
4268 4268 @hybrid_property
4269 4269 def reasons(self):
4270 4270 if not self._reasons:
4271 4271 return []
4272 4272 return self._reasons
4273 4273
4274 4274 @reasons.setter
4275 4275 def reasons(self, val):
4276 4276 val = val or []
4277 4277 if any(not isinstance(x, compat.string_types) for x in val):
4278 4278 raise Exception('invalid reasons type, must be list of strings')
4279 4279 self._reasons = val
4280 4280
4281 4281 pull_requests_reviewers_id = Column(
4282 4282 'pull_requests_reviewers_id', Integer(), nullable=False,
4283 4283 primary_key=True)
4284 4284 pull_request_id = Column(
4285 4285 "pull_request_id", Integer(),
4286 4286 ForeignKey('pull_requests.pull_request_id'), nullable=False)
4287 4287 user_id = Column(
4288 4288 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
4289 4289 _reasons = Column(
4290 4290 'reason', MutationList.as_mutable(
4291 4291 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
4292 4292
4293 4293 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4294 4294 user = relationship('User')
4295 4295 pull_request = relationship('PullRequest')
4296 4296
4297 4297 rule_data = Column(
4298 4298 'rule_data_json',
4299 4299 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
4300 4300
4301 4301 def rule_user_group_data(self):
4302 4302 """
4303 4303 Returns the voting user group rule data for this reviewer
4304 4304 """
4305 4305
4306 4306 if self.rule_data and 'vote_rule' in self.rule_data:
4307 4307 user_group_data = {}
4308 4308 if 'rule_user_group_entry_id' in self.rule_data:
4309 4309 # means a group with voting rules !
4310 4310 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
4311 4311 user_group_data['name'] = self.rule_data['rule_name']
4312 4312 user_group_data['vote_rule'] = self.rule_data['vote_rule']
4313 4313
4314 4314 return user_group_data
4315 4315
4316 4316 def __unicode__(self):
4317 4317 return u"<%s('id:%s')>" % (self.__class__.__name__,
4318 4318 self.pull_requests_reviewers_id)
4319 4319
4320 4320
4321 4321 class Notification(Base, BaseModel):
4322 4322 __tablename__ = 'notifications'
4323 4323 __table_args__ = (
4324 4324 Index('notification_type_idx', 'type'),
4325 4325 base_table_args,
4326 4326 )
4327 4327
4328 4328 TYPE_CHANGESET_COMMENT = u'cs_comment'
4329 4329 TYPE_MESSAGE = u'message'
4330 4330 TYPE_MENTION = u'mention'
4331 4331 TYPE_REGISTRATION = u'registration'
4332 4332 TYPE_PULL_REQUEST = u'pull_request'
4333 4333 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
4334 4334
4335 4335 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
4336 4336 subject = Column('subject', Unicode(512), nullable=True)
4337 4337 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4338 4338 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
4339 4339 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4340 4340 type_ = Column('type', Unicode(255))
4341 4341
4342 4342 created_by_user = relationship('User')
4343 4343 notifications_to_users = relationship('UserNotification', lazy='joined',
4344 cascade="all, delete, delete-orphan")
4344 cascade="all, delete-orphan")
4345 4345
4346 4346 @property
4347 4347 def recipients(self):
4348 4348 return [x.user for x in UserNotification.query()\
4349 4349 .filter(UserNotification.notification == self)\
4350 4350 .order_by(UserNotification.user_id.asc()).all()]
4351 4351
4352 4352 @classmethod
4353 4353 def create(cls, created_by, subject, body, recipients, type_=None):
4354 4354 if type_ is None:
4355 4355 type_ = Notification.TYPE_MESSAGE
4356 4356
4357 4357 notification = cls()
4358 4358 notification.created_by_user = created_by
4359 4359 notification.subject = subject
4360 4360 notification.body = body
4361 4361 notification.type_ = type_
4362 4362 notification.created_on = datetime.datetime.now()
4363 4363
4364 4364 # For each recipient link the created notification to his account
4365 4365 for u in recipients:
4366 4366 assoc = UserNotification()
4367 4367 assoc.user_id = u.user_id
4368 4368 assoc.notification = notification
4369 4369
4370 4370 # if created_by is inside recipients mark his notification
4371 4371 # as read
4372 4372 if u.user_id == created_by.user_id:
4373 4373 assoc.read = True
4374 4374 Session().add(assoc)
4375 4375
4376 4376 Session().add(notification)
4377 4377
4378 4378 return notification
4379 4379
4380 4380
4381 4381 class UserNotification(Base, BaseModel):
4382 4382 __tablename__ = 'user_to_notification'
4383 4383 __table_args__ = (
4384 4384 UniqueConstraint('user_id', 'notification_id'),
4385 4385 base_table_args
4386 4386 )
4387 4387
4388 4388 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4389 4389 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
4390 4390 read = Column('read', Boolean, default=False)
4391 4391 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
4392 4392
4393 4393 user = relationship('User', lazy="joined")
4394 4394 notification = relationship('Notification', lazy="joined",
4395 4395 order_by=lambda: Notification.created_on.desc(),)
4396 4396
4397 4397 def mark_as_read(self):
4398 4398 self.read = True
4399 4399 Session().add(self)
4400 4400
4401 4401
4402 4402 class Gist(Base, BaseModel):
4403 4403 __tablename__ = 'gists'
4404 4404 __table_args__ = (
4405 4405 Index('g_gist_access_id_idx', 'gist_access_id'),
4406 4406 Index('g_created_on_idx', 'created_on'),
4407 4407 base_table_args
4408 4408 )
4409 4409
4410 4410 GIST_PUBLIC = u'public'
4411 4411 GIST_PRIVATE = u'private'
4412 4412 DEFAULT_FILENAME = u'gistfile1.txt'
4413 4413
4414 4414 ACL_LEVEL_PUBLIC = u'acl_public'
4415 4415 ACL_LEVEL_PRIVATE = u'acl_private'
4416 4416
4417 4417 gist_id = Column('gist_id', Integer(), primary_key=True)
4418 4418 gist_access_id = Column('gist_access_id', Unicode(250))
4419 4419 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
4420 4420 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
4421 4421 gist_expires = Column('gist_expires', Float(53), nullable=False)
4422 4422 gist_type = Column('gist_type', Unicode(128), nullable=False)
4423 4423 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4424 4424 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4425 4425 acl_level = Column('acl_level', Unicode(128), nullable=True)
4426 4426
4427 4427 owner = relationship('User')
4428 4428
4429 4429 def __repr__(self):
4430 4430 return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
4431 4431
4432 4432 @hybrid_property
4433 4433 def description_safe(self):
4434 4434 from rhodecode.lib import helpers as h
4435 4435 return h.escape(self.gist_description)
4436 4436
4437 4437 @classmethod
4438 4438 def get_or_404(cls, id_):
4439 4439 from pyramid.httpexceptions import HTTPNotFound
4440 4440
4441 4441 res = cls.query().filter(cls.gist_access_id == id_).scalar()
4442 4442 if not res:
4443 4443 raise HTTPNotFound()
4444 4444 return res
4445 4445
4446 4446 @classmethod
4447 4447 def get_by_access_id(cls, gist_access_id):
4448 4448 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
4449 4449
4450 4450 def gist_url(self):
4451 4451 from rhodecode.model.gist import GistModel
4452 4452 return GistModel().get_url(self)
4453 4453
4454 4454 @classmethod
4455 4455 def base_path(cls):
4456 4456 """
4457 4457 Returns base path when all gists are stored
4458 4458
4459 4459 :param cls:
4460 4460 """
4461 4461 from rhodecode.model.gist import GIST_STORE_LOC
4462 4462 q = Session().query(RhodeCodeUi)\
4463 4463 .filter(RhodeCodeUi.ui_key == URL_SEP)
4464 4464 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
4465 4465 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
4466 4466
4467 4467 def get_api_data(self):
4468 4468 """
4469 4469 Common function for generating gist related data for API
4470 4470 """
4471 4471 gist = self
4472 4472 data = {
4473 4473 'gist_id': gist.gist_id,
4474 4474 'type': gist.gist_type,
4475 4475 'access_id': gist.gist_access_id,
4476 4476 'description': gist.gist_description,
4477 4477 'url': gist.gist_url(),
4478 4478 'expires': gist.gist_expires,
4479 4479 'created_on': gist.created_on,
4480 4480 'modified_at': gist.modified_at,
4481 4481 'content': None,
4482 4482 'acl_level': gist.acl_level,
4483 4483 }
4484 4484 return data
4485 4485
4486 4486 def __json__(self):
4487 4487 data = dict(
4488 4488 )
4489 4489 data.update(self.get_api_data())
4490 4490 return data
4491 4491 # SCM functions
4492 4492
4493 4493 def scm_instance(self, **kwargs):
4494 4494 """
4495 4495 Get an instance of VCS Repository
4496 4496
4497 4497 :param kwargs:
4498 4498 """
4499 4499 from rhodecode.model.gist import GistModel
4500 4500 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
4501 4501 return get_vcs_instance(
4502 4502 repo_path=safe_str(full_repo_path), create=False,
4503 4503 _vcs_alias=GistModel.vcs_backend)
4504 4504
4505 4505
4506 4506 class ExternalIdentity(Base, BaseModel):
4507 4507 __tablename__ = 'external_identities'
4508 4508 __table_args__ = (
4509 4509 Index('local_user_id_idx', 'local_user_id'),
4510 4510 Index('external_id_idx', 'external_id'),
4511 4511 base_table_args
4512 4512 )
4513 4513
4514 4514 external_id = Column('external_id', Unicode(255), default=u'', primary_key=True)
4515 4515 external_username = Column('external_username', Unicode(1024), default=u'')
4516 4516 local_user_id = Column('local_user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4517 4517 provider_name = Column('provider_name', Unicode(255), default=u'', primary_key=True)
4518 4518 access_token = Column('access_token', String(1024), default=u'')
4519 4519 alt_token = Column('alt_token', String(1024), default=u'')
4520 4520 token_secret = Column('token_secret', String(1024), default=u'')
4521 4521
4522 4522 @classmethod
4523 4523 def by_external_id_and_provider(cls, external_id, provider_name, local_user_id=None):
4524 4524 """
4525 4525 Returns ExternalIdentity instance based on search params
4526 4526
4527 4527 :param external_id:
4528 4528 :param provider_name:
4529 4529 :return: ExternalIdentity
4530 4530 """
4531 4531 query = cls.query()
4532 4532 query = query.filter(cls.external_id == external_id)
4533 4533 query = query.filter(cls.provider_name == provider_name)
4534 4534 if local_user_id:
4535 4535 query = query.filter(cls.local_user_id == local_user_id)
4536 4536 return query.first()
4537 4537
4538 4538 @classmethod
4539 4539 def user_by_external_id_and_provider(cls, external_id, provider_name):
4540 4540 """
4541 4541 Returns User instance based on search params
4542 4542
4543 4543 :param external_id:
4544 4544 :param provider_name:
4545 4545 :return: User
4546 4546 """
4547 4547 query = User.query()
4548 4548 query = query.filter(cls.external_id == external_id)
4549 4549 query = query.filter(cls.provider_name == provider_name)
4550 4550 query = query.filter(User.user_id == cls.local_user_id)
4551 4551 return query.first()
4552 4552
4553 4553 @classmethod
4554 4554 def by_local_user_id(cls, local_user_id):
4555 4555 """
4556 4556 Returns all tokens for user
4557 4557
4558 4558 :param local_user_id:
4559 4559 :return: ExternalIdentity
4560 4560 """
4561 4561 query = cls.query()
4562 4562 query = query.filter(cls.local_user_id == local_user_id)
4563 4563 return query
4564 4564
4565 4565 @classmethod
4566 4566 def load_provider_plugin(cls, plugin_id):
4567 4567 from rhodecode.authentication.base import loadplugin
4568 4568 _plugin_id = 'egg:rhodecode-enterprise-ee#{}'.format(plugin_id)
4569 4569 auth_plugin = loadplugin(_plugin_id)
4570 4570 return auth_plugin
4571 4571
4572 4572
4573 4573 class Integration(Base, BaseModel):
4574 4574 __tablename__ = 'integrations'
4575 4575 __table_args__ = (
4576 4576 base_table_args
4577 4577 )
4578 4578
4579 4579 integration_id = Column('integration_id', Integer(), primary_key=True)
4580 4580 integration_type = Column('integration_type', String(255))
4581 4581 enabled = Column('enabled', Boolean(), nullable=False)
4582 4582 name = Column('name', String(255), nullable=False)
4583 4583 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
4584 4584 default=False)
4585 4585
4586 4586 settings = Column(
4587 4587 'settings_json', MutationObj.as_mutable(
4588 4588 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4589 4589 repo_id = Column(
4590 4590 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
4591 4591 nullable=True, unique=None, default=None)
4592 4592 repo = relationship('Repository', lazy='joined')
4593 4593
4594 4594 repo_group_id = Column(
4595 4595 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
4596 4596 nullable=True, unique=None, default=None)
4597 4597 repo_group = relationship('RepoGroup', lazy='joined')
4598 4598
4599 4599 @property
4600 4600 def scope(self):
4601 4601 if self.repo:
4602 4602 return repr(self.repo)
4603 4603 if self.repo_group:
4604 4604 if self.child_repos_only:
4605 4605 return repr(self.repo_group) + ' (child repos only)'
4606 4606 else:
4607 4607 return repr(self.repo_group) + ' (recursive)'
4608 4608 if self.child_repos_only:
4609 4609 return 'root_repos'
4610 4610 return 'global'
4611 4611
4612 4612 def __repr__(self):
4613 4613 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
4614 4614
4615 4615
4616 4616 class RepoReviewRuleUser(Base, BaseModel):
4617 4617 __tablename__ = 'repo_review_rules_users'
4618 4618 __table_args__ = (
4619 4619 base_table_args
4620 4620 )
4621 4621
4622 4622 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
4623 4623 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4624 4624 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
4625 4625 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4626 4626 user = relationship('User')
4627 4627
4628 4628 def rule_data(self):
4629 4629 return {
4630 4630 'mandatory': self.mandatory
4631 4631 }
4632 4632
4633 4633
4634 4634 class RepoReviewRuleUserGroup(Base, BaseModel):
4635 4635 __tablename__ = 'repo_review_rules_users_groups'
4636 4636 __table_args__ = (
4637 4637 base_table_args
4638 4638 )
4639 4639
4640 4640 VOTE_RULE_ALL = -1
4641 4641
4642 4642 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
4643 4643 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4644 4644 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
4645 4645 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4646 4646 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
4647 4647 users_group = relationship('UserGroup')
4648 4648
4649 4649 def rule_data(self):
4650 4650 return {
4651 4651 'mandatory': self.mandatory,
4652 4652 'vote_rule': self.vote_rule
4653 4653 }
4654 4654
4655 4655 @property
4656 4656 def vote_rule_label(self):
4657 4657 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
4658 4658 return 'all must vote'
4659 4659 else:
4660 4660 return 'min. vote {}'.format(self.vote_rule)
4661 4661
4662 4662
4663 4663 class RepoReviewRule(Base, BaseModel):
4664 4664 __tablename__ = 'repo_review_rules'
4665 4665 __table_args__ = (
4666 4666 base_table_args
4667 4667 )
4668 4668
4669 4669 repo_review_rule_id = Column(
4670 4670 'repo_review_rule_id', Integer(), primary_key=True)
4671 4671 repo_id = Column(
4672 4672 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
4673 4673 repo = relationship('Repository', backref='review_rules')
4674 4674
4675 4675 review_rule_name = Column('review_rule_name', String(255))
4676 4676 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4677 4677 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4678 4678 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4679 4679
4680 4680 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
4681 4681 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
4682 4682 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
4683 4683 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
4684 4684
4685 4685 rule_users = relationship('RepoReviewRuleUser')
4686 4686 rule_user_groups = relationship('RepoReviewRuleUserGroup')
4687 4687
4688 4688 def _validate_pattern(self, value):
4689 4689 re.compile('^' + glob2re(value) + '$')
4690 4690
4691 4691 @hybrid_property
4692 4692 def source_branch_pattern(self):
4693 4693 return self._branch_pattern or '*'
4694 4694
4695 4695 @source_branch_pattern.setter
4696 4696 def source_branch_pattern(self, value):
4697 4697 self._validate_pattern(value)
4698 4698 self._branch_pattern = value or '*'
4699 4699
4700 4700 @hybrid_property
4701 4701 def target_branch_pattern(self):
4702 4702 return self._target_branch_pattern or '*'
4703 4703
4704 4704 @target_branch_pattern.setter
4705 4705 def target_branch_pattern(self, value):
4706 4706 self._validate_pattern(value)
4707 4707 self._target_branch_pattern = value or '*'
4708 4708
4709 4709 @hybrid_property
4710 4710 def file_pattern(self):
4711 4711 return self._file_pattern or '*'
4712 4712
4713 4713 @file_pattern.setter
4714 4714 def file_pattern(self, value):
4715 4715 self._validate_pattern(value)
4716 4716 self._file_pattern = value or '*'
4717 4717
4718 4718 def matches(self, source_branch, target_branch, files_changed):
4719 4719 """
4720 4720 Check if this review rule matches a branch/files in a pull request
4721 4721
4722 4722 :param source_branch: source branch name for the commit
4723 4723 :param target_branch: target branch name for the commit
4724 4724 :param files_changed: list of file paths changed in the pull request
4725 4725 """
4726 4726
4727 4727 source_branch = source_branch or ''
4728 4728 target_branch = target_branch or ''
4729 4729 files_changed = files_changed or []
4730 4730
4731 4731 branch_matches = True
4732 4732 if source_branch or target_branch:
4733 4733 if self.source_branch_pattern == '*':
4734 4734 source_branch_match = True
4735 4735 else:
4736 4736 if self.source_branch_pattern.startswith('re:'):
4737 4737 source_pattern = self.source_branch_pattern[3:]
4738 4738 else:
4739 4739 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
4740 4740 source_branch_regex = re.compile(source_pattern)
4741 4741 source_branch_match = bool(source_branch_regex.search(source_branch))
4742 4742 if self.target_branch_pattern == '*':
4743 4743 target_branch_match = True
4744 4744 else:
4745 4745 if self.target_branch_pattern.startswith('re:'):
4746 4746 target_pattern = self.target_branch_pattern[3:]
4747 4747 else:
4748 4748 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
4749 4749 target_branch_regex = re.compile(target_pattern)
4750 4750 target_branch_match = bool(target_branch_regex.search(target_branch))
4751 4751
4752 4752 branch_matches = source_branch_match and target_branch_match
4753 4753
4754 4754 files_matches = True
4755 4755 if self.file_pattern != '*':
4756 4756 files_matches = False
4757 4757 if self.file_pattern.startswith('re:'):
4758 4758 file_pattern = self.file_pattern[3:]
4759 4759 else:
4760 4760 file_pattern = glob2re(self.file_pattern)
4761 4761 file_regex = re.compile(file_pattern)
4762 4762 for filename in files_changed:
4763 4763 if file_regex.search(filename):
4764 4764 files_matches = True
4765 4765 break
4766 4766
4767 4767 return branch_matches and files_matches
4768 4768
4769 4769 @property
4770 4770 def review_users(self):
4771 4771 """ Returns the users which this rule applies to """
4772 4772
4773 4773 users = collections.OrderedDict()
4774 4774
4775 4775 for rule_user in self.rule_users:
4776 4776 if rule_user.user.active:
4777 4777 if rule_user.user not in users:
4778 4778 users[rule_user.user.username] = {
4779 4779 'user': rule_user.user,
4780 4780 'source': 'user',
4781 4781 'source_data': {},
4782 4782 'data': rule_user.rule_data()
4783 4783 }
4784 4784
4785 4785 for rule_user_group in self.rule_user_groups:
4786 4786 source_data = {
4787 4787 'user_group_id': rule_user_group.users_group.users_group_id,
4788 4788 'name': rule_user_group.users_group.users_group_name,
4789 4789 'members': len(rule_user_group.users_group.members)
4790 4790 }
4791 4791 for member in rule_user_group.users_group.members:
4792 4792 if member.user.active:
4793 4793 key = member.user.username
4794 4794 if key in users:
4795 4795 # skip this member as we have him already
4796 4796 # this prevents from override the "first" matched
4797 4797 # users with duplicates in multiple groups
4798 4798 continue
4799 4799
4800 4800 users[key] = {
4801 4801 'user': member.user,
4802 4802 'source': 'user_group',
4803 4803 'source_data': source_data,
4804 4804 'data': rule_user_group.rule_data()
4805 4805 }
4806 4806
4807 4807 return users
4808 4808
4809 4809 def user_group_vote_rule(self, user_id):
4810 4810
4811 4811 rules = []
4812 4812 if not self.rule_user_groups:
4813 4813 return rules
4814 4814
4815 4815 for user_group in self.rule_user_groups:
4816 4816 user_group_members = [x.user_id for x in user_group.users_group.members]
4817 4817 if user_id in user_group_members:
4818 4818 rules.append(user_group)
4819 4819 return rules
4820 4820
4821 4821 def __repr__(self):
4822 4822 return '<RepoReviewerRule(id=%r, repo=%r)>' % (
4823 4823 self.repo_review_rule_id, self.repo)
4824 4824
4825 4825
4826 4826 class ScheduleEntry(Base, BaseModel):
4827 4827 __tablename__ = 'schedule_entries'
4828 4828 __table_args__ = (
4829 4829 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
4830 4830 UniqueConstraint('task_uid', name='s_task_uid_idx'),
4831 4831 base_table_args,
4832 4832 )
4833 4833
4834 4834 schedule_types = ['crontab', 'timedelta', 'integer']
4835 4835 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
4836 4836
4837 4837 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
4838 4838 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
4839 4839 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
4840 4840
4841 4841 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
4842 4842 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
4843 4843
4844 4844 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
4845 4845 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
4846 4846
4847 4847 # task
4848 4848 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
4849 4849 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
4850 4850 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
4851 4851 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
4852 4852
4853 4853 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4854 4854 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
4855 4855
4856 4856 @hybrid_property
4857 4857 def schedule_type(self):
4858 4858 return self._schedule_type
4859 4859
4860 4860 @schedule_type.setter
4861 4861 def schedule_type(self, val):
4862 4862 if val not in self.schedule_types:
4863 4863 raise ValueError('Value must be on of `{}` and got `{}`'.format(
4864 4864 val, self.schedule_type))
4865 4865
4866 4866 self._schedule_type = val
4867 4867
4868 4868 @classmethod
4869 4869 def get_uid(cls, obj):
4870 4870 args = obj.task_args
4871 4871 kwargs = obj.task_kwargs
4872 4872 if isinstance(args, JsonRaw):
4873 4873 try:
4874 4874 args = json.loads(args)
4875 4875 except ValueError:
4876 4876 args = tuple()
4877 4877
4878 4878 if isinstance(kwargs, JsonRaw):
4879 4879 try:
4880 4880 kwargs = json.loads(kwargs)
4881 4881 except ValueError:
4882 4882 kwargs = dict()
4883 4883
4884 4884 dot_notation = obj.task_dot_notation
4885 4885 val = '.'.join(map(safe_str, [
4886 4886 sorted(dot_notation), args, sorted(kwargs.items())]))
4887 4887 return hashlib.sha1(val).hexdigest()
4888 4888
4889 4889 @classmethod
4890 4890 def get_by_schedule_name(cls, schedule_name):
4891 4891 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
4892 4892
4893 4893 @classmethod
4894 4894 def get_by_schedule_id(cls, schedule_id):
4895 4895 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
4896 4896
4897 4897 @property
4898 4898 def task(self):
4899 4899 return self.task_dot_notation
4900 4900
4901 4901 @property
4902 4902 def schedule(self):
4903 4903 from rhodecode.lib.celerylib.utils import raw_2_schedule
4904 4904 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
4905 4905 return schedule
4906 4906
4907 4907 @property
4908 4908 def args(self):
4909 4909 try:
4910 4910 return list(self.task_args or [])
4911 4911 except ValueError:
4912 4912 return list()
4913 4913
4914 4914 @property
4915 4915 def kwargs(self):
4916 4916 try:
4917 4917 return dict(self.task_kwargs or {})
4918 4918 except ValueError:
4919 4919 return dict()
4920 4920
4921 4921 def _as_raw(self, val):
4922 4922 if hasattr(val, 'de_coerce'):
4923 4923 val = val.de_coerce()
4924 4924 if val:
4925 4925 val = json.dumps(val)
4926 4926
4927 4927 return val
4928 4928
4929 4929 @property
4930 4930 def schedule_definition_raw(self):
4931 4931 return self._as_raw(self.schedule_definition)
4932 4932
4933 4933 @property
4934 4934 def args_raw(self):
4935 4935 return self._as_raw(self.task_args)
4936 4936
4937 4937 @property
4938 4938 def kwargs_raw(self):
4939 4939 return self._as_raw(self.task_kwargs)
4940 4940
4941 4941 def __repr__(self):
4942 4942 return '<DB:ScheduleEntry({}:{})>'.format(
4943 4943 self.schedule_entry_id, self.schedule_name)
4944 4944
4945 4945
4946 4946 @event.listens_for(ScheduleEntry, 'before_update')
4947 4947 def update_task_uid(mapper, connection, target):
4948 4948 target.task_uid = ScheduleEntry.get_uid(target)
4949 4949
4950 4950
4951 4951 @event.listens_for(ScheduleEntry, 'before_insert')
4952 4952 def set_task_uid(mapper, connection, target):
4953 4953 target.task_uid = ScheduleEntry.get_uid(target)
4954 4954
4955 4955
4956 4956 class _BaseBranchPerms(BaseModel):
4957 4957 @classmethod
4958 4958 def compute_hash(cls, value):
4959 4959 return sha1_safe(value)
4960 4960
4961 4961 @hybrid_property
4962 4962 def branch_pattern(self):
4963 4963 return self._branch_pattern or '*'
4964 4964
4965 4965 @hybrid_property
4966 4966 def branch_hash(self):
4967 4967 return self._branch_hash
4968 4968
4969 4969 def _validate_glob(self, value):
4970 4970 re.compile('^' + glob2re(value) + '$')
4971 4971
4972 4972 @branch_pattern.setter
4973 4973 def branch_pattern(self, value):
4974 4974 self._validate_glob(value)
4975 4975 self._branch_pattern = value or '*'
4976 4976 # set the Hash when setting the branch pattern
4977 4977 self._branch_hash = self.compute_hash(self._branch_pattern)
4978 4978
4979 4979 def matches(self, branch):
4980 4980 """
4981 4981 Check if this the branch matches entry
4982 4982
4983 4983 :param branch: branch name for the commit
4984 4984 """
4985 4985
4986 4986 branch = branch or ''
4987 4987
4988 4988 branch_matches = True
4989 4989 if branch:
4990 4990 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
4991 4991 branch_matches = bool(branch_regex.search(branch))
4992 4992
4993 4993 return branch_matches
4994 4994
4995 4995
4996 4996 class UserToRepoBranchPermission(Base, _BaseBranchPerms):
4997 4997 __tablename__ = 'user_to_repo_branch_permissions'
4998 4998 __table_args__ = (
4999 4999 {'extend_existing': True, 'mysql_engine': 'InnoDB',
5000 5000 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
5001 5001 )
5002 5002
5003 5003 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5004 5004
5005 5005 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5006 5006 repo = relationship('Repository', backref='user_branch_perms')
5007 5007
5008 5008 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5009 5009 permission = relationship('Permission')
5010 5010
5011 5011 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
5012 5012 user_repo_to_perm = relationship('UserRepoToPerm')
5013 5013
5014 5014 rule_order = Column('rule_order', Integer(), nullable=False)
5015 5015 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
5016 5016 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5017 5017
5018 5018 def __unicode__(self):
5019 5019 return u'<UserBranchPermission(%s => %r)>' % (
5020 5020 self.user_repo_to_perm, self.branch_pattern)
5021 5021
5022 5022
5023 5023 class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
5024 5024 __tablename__ = 'user_group_to_repo_branch_permissions'
5025 5025 __table_args__ = (
5026 5026 {'extend_existing': True, 'mysql_engine': 'InnoDB',
5027 5027 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
5028 5028 )
5029 5029
5030 5030 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5031 5031
5032 5032 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5033 5033 repo = relationship('Repository', backref='user_group_branch_perms')
5034 5034
5035 5035 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5036 5036 permission = relationship('Permission')
5037 5037
5038 5038 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
5039 5039 user_group_repo_to_perm = relationship('UserGroupRepoToPerm')
5040 5040
5041 5041 rule_order = Column('rule_order', Integer(), nullable=False)
5042 5042 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
5043 5043 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5044 5044
5045 5045 def __unicode__(self):
5046 5046 return u'<UserBranchPermission(%s => %r)>' % (
5047 5047 self.user_group_repo_to_perm, self.branch_pattern)
5048 5048
5049 5049
5050 5050 class UserBookmark(Base, BaseModel):
5051 5051 __tablename__ = 'user_bookmarks'
5052 5052 __table_args__ = (
5053 5053 UniqueConstraint('user_id', 'bookmark_repo_id'),
5054 5054 UniqueConstraint('user_id', 'bookmark_repo_group_id'),
5055 5055 UniqueConstraint('user_id', 'bookmark_position'),
5056 5056 base_table_args
5057 5057 )
5058 5058
5059 5059 user_bookmark_id = Column("user_bookmark_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
5060 5060 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
5061 5061 position = Column("bookmark_position", Integer(), nullable=False)
5062 5062 title = Column("bookmark_title", String(255), nullable=True, unique=None, default=None)
5063 5063 redirect_url = Column("bookmark_redirect_url", String(10240), nullable=True, unique=None, default=None)
5064 5064 created_on = Column("created_on", DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5065 5065
5066 5066 bookmark_repo_id = Column("bookmark_repo_id", Integer(), ForeignKey("repositories.repo_id"), nullable=True, unique=None, default=None)
5067 5067 bookmark_repo_group_id = Column("bookmark_repo_group_id", Integer(), ForeignKey("groups.group_id"), nullable=True, unique=None, default=None)
5068 5068
5069 5069 user = relationship("User")
5070 5070
5071 5071 repository = relationship("Repository")
5072 5072 repository_group = relationship("RepoGroup")
5073 5073
5074 5074 @classmethod
5075 5075 def get_by_position_for_user(cls, position, user_id):
5076 5076 return cls.query() \
5077 5077 .filter(UserBookmark.user_id == user_id) \
5078 5078 .filter(UserBookmark.position == position).scalar()
5079 5079
5080 5080 @classmethod
5081 5081 def get_bookmarks_for_user(cls, user_id):
5082 5082 return cls.query() \
5083 5083 .filter(UserBookmark.user_id == user_id) \
5084 5084 .options(joinedload(UserBookmark.repository)) \
5085 5085 .options(joinedload(UserBookmark.repository_group)) \
5086 5086 .order_by(UserBookmark.position.asc()) \
5087 5087 .all()
5088 5088
5089 5089 def __unicode__(self):
5090 5090 return u'<UserBookmark(%d @ %r)>' % (self.position, self.redirect_url)
5091 5091
5092 5092
5093 5093 class FileStore(Base, BaseModel):
5094 5094 __tablename__ = 'file_store'
5095 5095 __table_args__ = (
5096 5096 base_table_args
5097 5097 )
5098 5098
5099 5099 file_store_id = Column('file_store_id', Integer(), primary_key=True)
5100 5100 file_uid = Column('file_uid', String(1024), nullable=False)
5101 5101 file_display_name = Column('file_display_name', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), nullable=True)
5102 5102 file_description = Column('file_description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=True)
5103 5103 file_org_name = Column('file_org_name', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=False)
5104 5104
5105 5105 # sha256 hash
5106 5106 file_hash = Column('file_hash', String(512), nullable=False)
5107 5107 file_size = Column('file_size', Integer(), nullable=False)
5108 5108
5109 5109 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5110 5110 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True)
5111 5111 accessed_count = Column('accessed_count', Integer(), default=0)
5112 5112
5113 5113 enabled = Column('enabled', Boolean(), nullable=False, default=True)
5114 5114
5115 5115 # if repo/repo_group reference is set, check for permissions
5116 5116 check_acl = Column('check_acl', Boolean(), nullable=False, default=True)
5117 5117
5118 5118 # hidden defines an attachment that should be hidden from showing in artifact listing
5119 5119 hidden = Column('hidden', Boolean(), nullable=False, default=False)
5120 5120
5121 5121 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
5122 5122 upload_user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.user_id')
5123 5123
5124 5124 # scope limited to user, which requester have access to
5125 5125 scope_user_id = Column(
5126 5126 'scope_user_id', Integer(), ForeignKey('users.user_id'),
5127 5127 nullable=True, unique=None, default=None)
5128 5128 user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.scope_user_id')
5129 5129
5130 5130 # scope limited to user group, which requester have access to
5131 5131 scope_user_group_id = Column(
5132 5132 'scope_user_group_id', Integer(), ForeignKey('users_groups.users_group_id'),
5133 5133 nullable=True, unique=None, default=None)
5134 5134 user_group = relationship('UserGroup', lazy='joined')
5135 5135
5136 5136 # scope limited to repo, which requester have access to
5137 5137 scope_repo_id = Column(
5138 5138 'scope_repo_id', Integer(), ForeignKey('repositories.repo_id'),
5139 5139 nullable=True, unique=None, default=None)
5140 5140 repo = relationship('Repository', lazy='joined')
5141 5141
5142 5142 # scope limited to repo group, which requester have access to
5143 5143 scope_repo_group_id = Column(
5144 5144 'scope_repo_group_id', Integer(), ForeignKey('groups.group_id'),
5145 5145 nullable=True, unique=None, default=None)
5146 5146 repo_group = relationship('RepoGroup', lazy='joined')
5147 5147
5148 5148 @classmethod
5149 5149 def create(cls, file_uid, filename, file_hash, file_size, file_display_name='',
5150 5150 file_description='', enabled=True, hidden=False, check_acl=True,
5151 5151 user_id=None, scope_user_id=None, scope_repo_id=None, scope_repo_group_id=None):
5152 5152
5153 5153 store_entry = FileStore()
5154 5154 store_entry.file_uid = file_uid
5155 5155 store_entry.file_display_name = file_display_name
5156 5156 store_entry.file_org_name = filename
5157 5157 store_entry.file_size = file_size
5158 5158 store_entry.file_hash = file_hash
5159 5159 store_entry.file_description = file_description
5160 5160
5161 5161 store_entry.check_acl = check_acl
5162 5162 store_entry.enabled = enabled
5163 5163 store_entry.hidden = hidden
5164 5164
5165 5165 store_entry.user_id = user_id
5166 5166 store_entry.scope_user_id = scope_user_id
5167 5167 store_entry.scope_repo_id = scope_repo_id
5168 5168 store_entry.scope_repo_group_id = scope_repo_group_id
5169 5169
5170 5170 return store_entry
5171 5171
5172 5172 @classmethod
5173 5173 def bump_access_counter(cls, file_uid, commit=True):
5174 5174 FileStore().query()\
5175 5175 .filter(FileStore.file_uid == file_uid)\
5176 5176 .update({FileStore.accessed_count: (FileStore.accessed_count + 1),
5177 5177 FileStore.accessed_on: datetime.datetime.now()})
5178 5178 if commit:
5179 5179 Session().commit()
5180 5180
5181 5181 def __repr__(self):
5182 5182 return '<FileStore({})>'.format(self.file_store_id)
5183 5183
5184 5184
5185 5185 class DbMigrateVersion(Base, BaseModel):
5186 5186 __tablename__ = 'db_migrate_version'
5187 5187 __table_args__ = (
5188 5188 base_table_args,
5189 5189 )
5190 5190
5191 5191 repository_id = Column('repository_id', String(250), primary_key=True)
5192 5192 repository_path = Column('repository_path', Text)
5193 5193 version = Column('version', Integer)
5194 5194
5195 5195 @classmethod
5196 5196 def set_version(cls, version):
5197 5197 """
5198 5198 Helper for forcing a different version, usually for debugging purposes via ishell.
5199 5199 """
5200 5200 ver = DbMigrateVersion.query().first()
5201 5201 ver.version = version
5202 5202 Session().commit()
5203 5203
5204 5204
5205 5205 class DbSession(Base, BaseModel):
5206 5206 __tablename__ = 'db_session'
5207 5207 __table_args__ = (
5208 5208 base_table_args,
5209 5209 )
5210 5210
5211 5211 def __repr__(self):
5212 5212 return '<DB:DbSession({})>'.format(self.id)
5213 5213
5214 5214 id = Column('id', Integer())
5215 5215 namespace = Column('namespace', String(255), primary_key=True)
5216 5216 accessed = Column('accessed', DateTime, nullable=False)
5217 5217 created = Column('created', DateTime, nullable=False)
5218 5218 data = Column('data', PickleType, nullable=False)
Show file before | Show file after | Hide comments
@@ -1,946 +1,945 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 users model for RhodeCode
23 23 """
24 24
25 25 import logging
26 26 import traceback
27 27 import datetime
28 28 import ipaddress
29 29
30 30 from pyramid.threadlocal import get_current_request
31 31 from sqlalchemy.exc import DatabaseError
32 32
33 33 from rhodecode import events
34 34 from rhodecode.lib.user_log_filter import user_log_filter
35 35 from rhodecode.lib.utils2 import (
36 36 safe_unicode, get_current_rhodecode_user, action_logger_generic,
37 37 AttributeDict, str2bool)
38 38 from rhodecode.lib.exceptions import (
39 39 DefaultUserException, UserOwnsReposException, UserOwnsRepoGroupsException,
40 40 UserOwnsUserGroupsException, NotAllowedToCreateUserError)
41 41 from rhodecode.lib.caching_query import FromCache
42 42 from rhodecode.model import BaseModel
43 43 from rhodecode.model.auth_token import AuthTokenModel
44 44 from rhodecode.model.db import (
45 45 _hash_key, true, false, or_, joinedload, User, UserToPerm,
46 46 UserEmailMap, UserIpMap, UserLog)
47 47 from rhodecode.model.meta import Session
48 48 from rhodecode.model.repo_group import RepoGroupModel
49 49
50 50
51 51 log = logging.getLogger(__name__)
52 52
53 53
54 54 class UserModel(BaseModel):
55 55 cls = User
56 56
57 57 def get(self, user_id, cache=False):
58 58 user = self.sa.query(User)
59 59 if cache:
60 60 user = user.options(
61 61 FromCache("sql_cache_short", "get_user_%s" % user_id))
62 62 return user.get(user_id)
63 63
64 64 def get_user(self, user):
65 65 return self._get_user(user)
66 66
67 67 def _serialize_user(self, user):
68 68 import rhodecode.lib.helpers as h
69 69
70 70 return {
71 71 'id': user.user_id,
72 72 'first_name': user.first_name,
73 73 'last_name': user.last_name,
74 74 'username': user.username,
75 75 'email': user.email,
76 76 'icon_link': h.gravatar_url(user.email, 30),
77 77 'profile_link': h.link_to_user(user),
78 78 'value_display': h.escape(h.person(user)),
79 79 'value': user.username,
80 80 'value_type': 'user',
81 81 'active': user.active,
82 82 }
83 83
84 84 def get_users(self, name_contains=None, limit=20, only_active=True):
85 85
86 86 query = self.sa.query(User)
87 87 if only_active:
88 88 query = query.filter(User.active == true())
89 89
90 90 if name_contains:
91 91 ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
92 92 query = query.filter(
93 93 or_(
94 94 User.name.ilike(ilike_expression),
95 95 User.lastname.ilike(ilike_expression),
96 96 User.username.ilike(ilike_expression)
97 97 )
98 98 )
99 99 query = query.limit(limit)
100 100 users = query.all()
101 101
102 102 _users = [
103 103 self._serialize_user(user) for user in users
104 104 ]
105 105 return _users
106 106
107 107 def get_by_username(self, username, cache=False, case_insensitive=False):
108 108
109 109 if case_insensitive:
110 110 user = self.sa.query(User).filter(User.username.ilike(username))
111 111 else:
112 112 user = self.sa.query(User)\
113 113 .filter(User.username == username)
114 114 if cache:
115 115 name_key = _hash_key(username)
116 116 user = user.options(
117 117 FromCache("sql_cache_short", "get_user_%s" % name_key))
118 118 return user.scalar()
119 119
120 120 def get_by_email(self, email, cache=False, case_insensitive=False):
121 121 return User.get_by_email(email, case_insensitive, cache)
122 122
123 123 def get_by_auth_token(self, auth_token, cache=False):
124 124 return User.get_by_auth_token(auth_token, cache)
125 125
126 126 def get_active_user_count(self, cache=False):
127 127 qry = User.query().filter(
128 128 User.active == true()).filter(
129 129 User.username != User.DEFAULT_USER)
130 130 if cache:
131 131 qry = qry.options(
132 132 FromCache("sql_cache_short", "get_active_users"))
133 133 return qry.count()
134 134
135 135 def create(self, form_data, cur_user=None):
136 136 if not cur_user:
137 137 cur_user = getattr(get_current_rhodecode_user(), 'username', None)
138 138
139 139 user_data = {
140 140 'username': form_data['username'],
141 141 'password': form_data['password'],
142 142 'email': form_data['email'],
143 143 'firstname': form_data['firstname'],
144 144 'lastname': form_data['lastname'],
145 145 'active': form_data['active'],
146 146 'extern_type': form_data['extern_type'],
147 147 'extern_name': form_data['extern_name'],
148 148 'admin': False,
149 149 'cur_user': cur_user
150 150 }
151 151
152 152 if 'create_repo_group' in form_data:
153 153 user_data['create_repo_group'] = str2bool(
154 154 form_data.get('create_repo_group'))
155 155
156 156 try:
157 157 if form_data.get('password_change'):
158 158 user_data['force_password_change'] = True
159 159 return UserModel().create_or_update(**user_data)
160 160 except Exception:
161 161 log.error(traceback.format_exc())
162 162 raise
163 163
164 164 def update_user(self, user, skip_attrs=None, **kwargs):
165 165 from rhodecode.lib.auth import get_crypt_password
166 166
167 167 user = self._get_user(user)
168 168 if user.username == User.DEFAULT_USER:
169 169 raise DefaultUserException(
170 170 "You can't edit this user (`%(username)s`) since it's "
171 171 "crucial for entire application" % {
172 172 'username': user.username})
173 173
174 174 # first store only defaults
175 175 user_attrs = {
176 176 'updating_user_id': user.user_id,
177 177 'username': user.username,
178 178 'password': user.password,
179 179 'email': user.email,
180 180 'firstname': user.name,
181 181 'lastname': user.lastname,
182 182 'active': user.active,
183 183 'admin': user.admin,
184 184 'extern_name': user.extern_name,
185 185 'extern_type': user.extern_type,
186 186 'language': user.user_data.get('language')
187 187 }
188 188
189 189 # in case there's new_password, that comes from form, use it to
190 190 # store password
191 191 if kwargs.get('new_password'):
192 192 kwargs['password'] = kwargs['new_password']
193 193
194 194 # cleanups, my_account password change form
195 195 kwargs.pop('current_password', None)
196 196 kwargs.pop('new_password', None)
197 197
198 198 # cleanups, user edit password change form
199 199 kwargs.pop('password_confirmation', None)
200 200 kwargs.pop('password_change', None)
201 201
202 202 # create repo group on user creation
203 203 kwargs.pop('create_repo_group', None)
204 204
205 205 # legacy forms send name, which is the firstname
206 206 firstname = kwargs.pop('name', None)
207 207 if firstname:
208 208 kwargs['firstname'] = firstname
209 209
210 210 for k, v in kwargs.items():
211 211 # skip if we don't want to update this
212 212 if skip_attrs and k in skip_attrs:
213 213 continue
214 214
215 215 user_attrs[k] = v
216 216
217 217 try:
218 218 return self.create_or_update(**user_attrs)
219 219 except Exception:
220 220 log.error(traceback.format_exc())
221 221 raise
222 222
223 223 def create_or_update(
224 224 self, username, password, email, firstname='', lastname='',
225 225 active=True, admin=False, extern_type=None, extern_name=None,
226 226 cur_user=None, plugin=None, force_password_change=False,
227 227 allow_to_create_user=True, create_repo_group=None,
228 228 updating_user_id=None, language=None, strict_creation_check=True):
229 229 """
230 230 Creates a new instance if not found, or updates current one
231 231
232 232 :param username:
233 233 :param password:
234 234 :param email:
235 235 :param firstname:
236 236 :param lastname:
237 237 :param active:
238 238 :param admin:
239 239 :param extern_type:
240 240 :param extern_name:
241 241 :param cur_user:
242 242 :param plugin: optional plugin this method was called from
243 243 :param force_password_change: toggles new or existing user flag
244 244 for password change
245 245 :param allow_to_create_user: Defines if the method can actually create
246 246 new users
247 247 :param create_repo_group: Defines if the method should also
248 248 create an repo group with user name, and owner
249 249 :param updating_user_id: if we set it up this is the user we want to
250 250 update this allows to editing username.
251 251 :param language: language of user from interface.
252 252
253 253 :returns: new User object with injected `is_new_user` attribute.
254 254 """
255 255
256 256 if not cur_user:
257 257 cur_user = getattr(get_current_rhodecode_user(), 'username', None)
258 258
259 259 from rhodecode.lib.auth import (
260 260 get_crypt_password, check_password, generate_auth_token)
261 261 from rhodecode.lib.hooks_base import (
262 262 log_create_user, check_allowed_create_user)
263 263
264 264 def _password_change(new_user, password):
265 265 old_password = new_user.password or ''
266 266 # empty password
267 267 if not old_password:
268 268 return False
269 269
270 270 # password check is only needed for RhodeCode internal auth calls
271 271 # in case it's a plugin we don't care
272 272 if not plugin:
273 273
274 274 # first check if we gave crypted password back, and if it
275 275 # matches it's not password change
276 276 if new_user.password == password:
277 277 return False
278 278
279 279 password_match = check_password(password, old_password)
280 280 if not password_match:
281 281 return True
282 282
283 283 return False
284 284
285 285 # read settings on default personal repo group creation
286 286 if create_repo_group is None:
287 287 default_create_repo_group = RepoGroupModel()\
288 288 .get_default_create_personal_repo_group()
289 289 create_repo_group = default_create_repo_group
290 290
291 291 user_data = {
292 292 'username': username,
293 293 'password': password,
294 294 'email': email,
295 295 'firstname': firstname,
296 296 'lastname': lastname,
297 297 'active': active,
298 298 'admin': admin
299 299 }
300 300
301 301 if updating_user_id:
302 302 log.debug('Checking for existing account in RhodeCode '
303 303 'database with user_id `%s` ', updating_user_id)
304 304 user = User.get(updating_user_id)
305 305 else:
306 306 log.debug('Checking for existing account in RhodeCode '
307 307 'database with username `%s` ', username)
308 308 user = User.get_by_username(username, case_insensitive=True)
309 309
310 310 if user is None:
311 311 # we check internal flag if this method is actually allowed to
312 312 # create new user
313 313 if not allow_to_create_user:
314 314 msg = ('Method wants to create new user, but it is not '
315 315 'allowed to do so')
316 316 log.warning(msg)
317 317 raise NotAllowedToCreateUserError(msg)
318 318
319 319 log.debug('Creating new user %s', username)
320 320
321 321 # only if we create user that is active
322 322 new_active_user = active
323 323 if new_active_user and strict_creation_check:
324 324 # raises UserCreationError if it's not allowed for any reason to
325 325 # create new active user, this also executes pre-create hooks
326 326 check_allowed_create_user(user_data, cur_user, strict_check=True)
327 327 events.trigger(events.UserPreCreate(user_data))
328 328 new_user = User()
329 329 edit = False
330 330 else:
331 331 log.debug('updating user `%s`', username)
332 332 events.trigger(events.UserPreUpdate(user, user_data))
333 333 new_user = user
334 334 edit = True
335 335
336 336 # we're not allowed to edit default user
337 337 if user.username == User.DEFAULT_USER:
338 338 raise DefaultUserException(
339 339 "You can't edit this user (`%(username)s`) since it's "
340 340 "crucial for entire application"
341 341 % {'username': user.username})
342 342
343 343 # inject special attribute that will tell us if User is new or old
344 344 new_user.is_new_user = not edit
345 345 # for users that didn's specify auth type, we use RhodeCode built in
346 346 from rhodecode.authentication.plugins import auth_rhodecode
347 347 extern_name = extern_name or auth_rhodecode.RhodeCodeAuthPlugin.uid
348 348 extern_type = extern_type or auth_rhodecode.RhodeCodeAuthPlugin.uid
349 349
350 350 try:
351 351 new_user.username = username
352 352 new_user.admin = admin
353 353 new_user.email = email
354 354 new_user.active = active
355 355 new_user.extern_name = safe_unicode(extern_name)
356 356 new_user.extern_type = safe_unicode(extern_type)
357 357 new_user.name = firstname
358 358 new_user.lastname = lastname
359 359
360 360 # set password only if creating an user or password is changed
361 361 if not edit or _password_change(new_user, password):
362 362 reason = 'new password' if edit else 'new user'
363 363 log.debug('Updating password reason=>%s', reason)
364 364 new_user.password = get_crypt_password(password) if password else None
365 365
366 366 if force_password_change:
367 367 new_user.update_userdata(force_password_change=True)
368 368 if language:
369 369 new_user.update_userdata(language=language)
370 370 new_user.update_userdata(notification_status=True)
371 371
372 372 self.sa.add(new_user)
373 373
374 374 if not edit and create_repo_group:
375 375 RepoGroupModel().create_personal_repo_group(
376 376 new_user, commit_early=False)
377 377
378 378 if not edit:
379 379 # add the RSS token
380 380 self.add_auth_token(
381 381 user=username, lifetime_minutes=-1,
382 382 role=self.auth_token_role.ROLE_FEED,
383 383 description=u'Generated feed token')
384 384
385 385 kwargs = new_user.get_dict()
386 386 # backward compat, require api_keys present
387 387 kwargs['api_keys'] = kwargs['auth_tokens']
388 388 log_create_user(created_by=cur_user, **kwargs)
389 389 events.trigger(events.UserPostCreate(user_data))
390 390 return new_user
391 391 except (DatabaseError,):
392 392 log.error(traceback.format_exc())
393 393 raise
394 394
395 395 def create_registration(self, form_data,
396 396 extern_name='rhodecode', extern_type='rhodecode'):
397 397 from rhodecode.model.notification import NotificationModel
398 398 from rhodecode.model.notification import EmailNotificationModel
399 399
400 400 try:
401 401 form_data['admin'] = False
402 402 form_data['extern_name'] = extern_name
403 403 form_data['extern_type'] = extern_type
404 404 new_user = self.create(form_data)
405 405
406 406 self.sa.add(new_user)
407 407 self.sa.flush()
408 408
409 409 user_data = new_user.get_dict()
410 410 kwargs = {
411 411 # use SQLALCHEMY safe dump of user data
412 412 'user': AttributeDict(user_data),
413 413 'date': datetime.datetime.now()
414 414 }
415 415 notification_type = EmailNotificationModel.TYPE_REGISTRATION
416 416 # pre-generate the subject for notification itself
417 417 (subject,
418 418 _h, _e, # we don't care about those
419 419 body_plaintext) = EmailNotificationModel().render_email(
420 420 notification_type, **kwargs)
421 421
422 422 # create notification objects, and emails
423 423 NotificationModel().create(
424 424 created_by=new_user,
425 425 notification_subject=subject,
426 426 notification_body=body_plaintext,
427 427 notification_type=notification_type,
428 428 recipients=None, # all admins
429 429 email_kwargs=kwargs,
430 430 )
431 431
432 432 return new_user
433 433 except Exception:
434 434 log.error(traceback.format_exc())
435 435 raise
436 436
437 437 def _handle_user_repos(self, username, repositories, handle_mode=None):
438 438 _superadmin = self.cls.get_first_super_admin()
439 439 left_overs = True
440 440
441 441 from rhodecode.model.repo import RepoModel
442 442
443 443 if handle_mode == 'detach':
444 444 for obj in repositories:
445 445 obj.user = _superadmin
446 446 # set description we know why we super admin now owns
447 447 # additional repositories that were orphaned !
448 448 obj.description += ' \n::detached repository from deleted user: %s' % (username,)
449 449 self.sa.add(obj)
450 450 left_overs = False
451 451 elif handle_mode == 'delete':
452 452 for obj in repositories:
453 453 RepoModel().delete(obj, forks='detach')
454 454 left_overs = False
455 455
456 456 # if nothing is done we have left overs left
457 457 return left_overs
458 458
459 459 def _handle_user_repo_groups(self, username, repository_groups,
460 460 handle_mode=None):
461 461 _superadmin = self.cls.get_first_super_admin()
462 462 left_overs = True
463 463
464 464 from rhodecode.model.repo_group import RepoGroupModel
465 465
466 466 if handle_mode == 'detach':
467 467 for r in repository_groups:
468 468 r.user = _superadmin
469 469 # set description we know why we super admin now owns
470 470 # additional repositories that were orphaned !
471 471 r.group_description += ' \n::detached repository group from deleted user: %s' % (username,)
472 472 r.personal = False
473 473 self.sa.add(r)
474 474 left_overs = False
475 475 elif handle_mode == 'delete':
476 476 for r in repository_groups:
477 477 RepoGroupModel().delete(r)
478 478 left_overs = False
479 479
480 480 # if nothing is done we have left overs left
481 481 return left_overs
482 482
483 483 def _handle_user_user_groups(self, username, user_groups, handle_mode=None):
484 484 _superadmin = self.cls.get_first_super_admin()
485 485 left_overs = True
486 486
487 487 from rhodecode.model.user_group import UserGroupModel
488 488
489 489 if handle_mode == 'detach':
490 490 for r in user_groups:
491 491 for user_user_group_to_perm in r.user_user_group_to_perm:
492 492 if user_user_group_to_perm.user.username == username:
493 493 user_user_group_to_perm.user = _superadmin
494 494 r.user = _superadmin
495 495 # set description we know why we super admin now owns
496 496 # additional repositories that were orphaned !
497 497 r.user_group_description += ' \n::detached user group from deleted user: %s' % (username,)
498 498 self.sa.add(r)
499 499 left_overs = False
500 500 elif handle_mode == 'delete':
501 501 for r in user_groups:
502 502 UserGroupModel().delete(r)
503 503 left_overs = False
504 504
505 505 # if nothing is done we have left overs left
506 506 return left_overs
507 507
508 508 def delete(self, user, cur_user=None, handle_repos=None,
509 509 handle_repo_groups=None, handle_user_groups=None):
510 510 from rhodecode.lib.hooks_base import log_delete_user
511 511
512 512 if not cur_user:
513 cur_user = getattr(
514 get_current_rhodecode_user(), 'username', None)
513 cur_user = getattr(get_current_rhodecode_user(), 'username', None)
515 514 user = self._get_user(user)
516 515
517 516 try:
518 517 if user.username == User.DEFAULT_USER:
519 518 raise DefaultUserException(
520 519 u"You can't remove this user since it's"
521 520 u" crucial for entire application")
522 521
523 522 left_overs = self._handle_user_repos(
524 523 user.username, user.repositories, handle_repos)
525 524 if left_overs and user.repositories:
526 525 repos = [x.repo_name for x in user.repositories]
527 526 raise UserOwnsReposException(
528 527 u'user "%(username)s" still owns %(len_repos)s repositories and cannot be '
529 528 u'removed. Switch owners or remove those repositories:%(list_repos)s'
530 529 % {'username': user.username, 'len_repos': len(repos),
531 530 'list_repos': ', '.join(repos)})
532 531
533 532 left_overs = self._handle_user_repo_groups(
534 533 user.username, user.repository_groups, handle_repo_groups)
535 534 if left_overs and user.repository_groups:
536 535 repo_groups = [x.group_name for x in user.repository_groups]
537 536 raise UserOwnsRepoGroupsException(
538 537 u'user "%(username)s" still owns %(len_repo_groups)s repository groups and cannot be '
539 538 u'removed. Switch owners or remove those repository groups:%(list_repo_groups)s'
540 539 % {'username': user.username, 'len_repo_groups': len(repo_groups),
541 540 'list_repo_groups': ', '.join(repo_groups)})
542 541
543 542 left_overs = self._handle_user_user_groups(
544 543 user.username, user.user_groups, handle_user_groups)
545 544 if left_overs and user.user_groups:
546 545 user_groups = [x.users_group_name for x in user.user_groups]
547 546 raise UserOwnsUserGroupsException(
548 547 u'user "%s" still owns %s user groups and cannot be '
549 548 u'removed. Switch owners or remove those user groups:%s'
550 549 % (user.username, len(user_groups), ', '.join(user_groups)))
551 550
552 551 user_data = user.get_dict() # fetch user data before expire
553 552
554 553 # we might change the user data with detach/delete, make sure
555 554 # the object is marked as expired before actually deleting !
556 555 self.sa.expire(user)
557 556 self.sa.delete(user)
558 557
559 558 log_delete_user(deleted_by=cur_user, **user_data)
560 559 except Exception:
561 560 log.error(traceback.format_exc())
562 561 raise
563 562
564 563 def reset_password_link(self, data, pwd_reset_url):
565 564 from rhodecode.lib.celerylib import tasks, run_task
566 565 from rhodecode.model.notification import EmailNotificationModel
567 566 user_email = data['email']
568 567 try:
569 568 user = User.get_by_email(user_email)
570 569 if user:
571 570 log.debug('password reset user found %s', user)
572 571
573 572 email_kwargs = {
574 573 'password_reset_url': pwd_reset_url,
575 574 'user': user,
576 575 'email': user_email,
577 576 'date': datetime.datetime.now()
578 577 }
579 578
580 579 (subject, headers, email_body,
581 580 email_body_plaintext) = EmailNotificationModel().render_email(
582 581 EmailNotificationModel.TYPE_PASSWORD_RESET, **email_kwargs)
583 582
584 583 recipients = [user_email]
585 584
586 585 action_logger_generic(
587 586 'sending password reset email to user: {}'.format(
588 587 user), namespace='security.password_reset')
589 588
590 589 run_task(tasks.send_email, recipients, subject,
591 590 email_body_plaintext, email_body)
592 591
593 592 else:
594 593 log.debug("password reset email %s not found", user_email)
595 594 except Exception:
596 595 log.error(traceback.format_exc())
597 596 return False
598 597
599 598 return True
600 599
601 600 def reset_password(self, data):
602 601 from rhodecode.lib.celerylib import tasks, run_task
603 602 from rhodecode.model.notification import EmailNotificationModel
604 603 from rhodecode.lib import auth
605 604 user_email = data['email']
606 605 pre_db = True
607 606 try:
608 607 user = User.get_by_email(user_email)
609 608 new_passwd = auth.PasswordGenerator().gen_password(
610 609 12, auth.PasswordGenerator.ALPHABETS_BIG_SMALL)
611 610 if user:
612 611 user.password = auth.get_crypt_password(new_passwd)
613 612 # also force this user to reset his password !
614 613 user.update_userdata(force_password_change=True)
615 614
616 615 Session().add(user)
617 616
618 617 # now delete the token in question
619 618 UserApiKeys = AuthTokenModel.cls
620 619 UserApiKeys().query().filter(
621 620 UserApiKeys.api_key == data['token']).delete()
622 621
623 622 Session().commit()
624 623 log.info('successfully reset password for `%s`', user_email)
625 624
626 625 if new_passwd is None:
627 626 raise Exception('unable to generate new password')
628 627
629 628 pre_db = False
630 629
631 630 email_kwargs = {
632 631 'new_password': new_passwd,
633 632 'user': user,
634 633 'email': user_email,
635 634 'date': datetime.datetime.now()
636 635 }
637 636
638 637 (subject, headers, email_body,
639 638 email_body_plaintext) = EmailNotificationModel().render_email(
640 639 EmailNotificationModel.TYPE_PASSWORD_RESET_CONFIRMATION,
641 640 **email_kwargs)
642 641
643 642 recipients = [user_email]
644 643
645 644 action_logger_generic(
646 645 'sent new password to user: {} with email: {}'.format(
647 646 user, user_email), namespace='security.password_reset')
648 647
649 648 run_task(tasks.send_email, recipients, subject,
650 649 email_body_plaintext, email_body)
651 650
652 651 except Exception:
653 652 log.error('Failed to update user password')
654 653 log.error(traceback.format_exc())
655 654 if pre_db:
656 655 # we rollback only if local db stuff fails. If it goes into
657 656 # run_task, we're pass rollback state this wouldn't work then
658 657 Session().rollback()
659 658
660 659 return True
661 660
662 661 def fill_data(self, auth_user, user_id=None, api_key=None, username=None):
663 662 """
664 663 Fetches auth_user by user_id,or api_key if present.
665 664 Fills auth_user attributes with those taken from database.
666 665 Additionally set's is_authenitated if lookup fails
667 666 present in database
668 667
669 668 :param auth_user: instance of user to set attributes
670 669 :param user_id: user id to fetch by
671 670 :param api_key: api key to fetch by
672 671 :param username: username to fetch by
673 672 """
674 673 def token_obfuscate(token):
675 674 if token:
676 675 return token[:4] + "****"
677 676
678 677 if user_id is None and api_key is None and username is None:
679 678 raise Exception('You need to pass user_id, api_key or username')
680 679
681 680 log.debug(
682 681 'AuthUser: fill data execution based on: '
683 682 'user_id:%s api_key:%s username:%s', user_id, api_key, username)
684 683 try:
685 684 dbuser = None
686 685 if user_id:
687 686 dbuser = self.get(user_id)
688 687 elif api_key:
689 688 dbuser = self.get_by_auth_token(api_key)
690 689 elif username:
691 690 dbuser = self.get_by_username(username)
692 691
693 692 if not dbuser:
694 693 log.warning(
695 694 'Unable to lookup user by id:%s api_key:%s username:%s',
696 695 user_id, token_obfuscate(api_key), username)
697 696 return False
698 697 if not dbuser.active:
699 698 log.debug('User `%s:%s` is inactive, skipping fill data',
700 699 username, user_id)
701 700 return False
702 701
703 702 log.debug('AuthUser: filling found user:%s data', dbuser)
704 703 user_data = dbuser.get_dict()
705 704
706 705 user_data.update({
707 706 # set explicit the safe escaped values
708 707 'first_name': dbuser.first_name,
709 708 'last_name': dbuser.last_name,
710 709 })
711 710
712 711 for k, v in user_data.items():
713 712 # properties of auth user we dont update
714 713 if k not in ['auth_tokens', 'permissions']:
715 714 setattr(auth_user, k, v)
716 715
717 716 except Exception:
718 717 log.error(traceback.format_exc())
719 718 auth_user.is_authenticated = False
720 719 return False
721 720
722 721 return True
723 722
724 723 def has_perm(self, user, perm):
725 724 perm = self._get_perm(perm)
726 725 user = self._get_user(user)
727 726
728 727 return UserToPerm.query().filter(UserToPerm.user == user)\
729 728 .filter(UserToPerm.permission == perm).scalar() is not None
730 729
731 730 def grant_perm(self, user, perm):
732 731 """
733 732 Grant user global permissions
734 733
735 734 :param user:
736 735 :param perm:
737 736 """
738 737 user = self._get_user(user)
739 738 perm = self._get_perm(perm)
740 739 # if this permission is already granted skip it
741 740 _perm = UserToPerm.query()\
742 741 .filter(UserToPerm.user == user)\
743 742 .filter(UserToPerm.permission == perm)\
744 743 .scalar()
745 744 if _perm:
746 745 return
747 746 new = UserToPerm()
748 747 new.user = user
749 748 new.permission = perm
750 749 self.sa.add(new)
751 750 return new
752 751
753 752 def revoke_perm(self, user, perm):
754 753 """
755 754 Revoke users global permissions
756 755
757 756 :param user:
758 757 :param perm:
759 758 """
760 759 user = self._get_user(user)
761 760 perm = self._get_perm(perm)
762 761
763 762 obj = UserToPerm.query()\
764 763 .filter(UserToPerm.user == user)\
765 764 .filter(UserToPerm.permission == perm)\
766 765 .scalar()
767 766 if obj:
768 767 self.sa.delete(obj)
769 768
770 769 def add_extra_email(self, user, email):
771 770 """
772 771 Adds email address to UserEmailMap
773 772
774 773 :param user:
775 774 :param email:
776 775 """
777 776
778 777 user = self._get_user(user)
779 778
780 779 obj = UserEmailMap()
781 780 obj.user = user
782 781 obj.email = email
783 782 self.sa.add(obj)
784 783 return obj
785 784
786 785 def delete_extra_email(self, user, email_id):
787 786 """
788 787 Removes email address from UserEmailMap
789 788
790 789 :param user:
791 790 :param email_id:
792 791 """
793 792 user = self._get_user(user)
794 793 obj = UserEmailMap.query().get(email_id)
795 794 if obj and obj.user_id == user.user_id:
796 795 self.sa.delete(obj)
797 796
798 797 def parse_ip_range(self, ip_range):
799 798 ip_list = []
800 799
801 800 def make_unique(value):
802 801 seen = []
803 802 return [c for c in value if not (c in seen or seen.append(c))]
804 803
805 804 # firsts split by commas
806 805 for ip_range in ip_range.split(','):
807 806 if not ip_range:
808 807 continue
809 808 ip_range = ip_range.strip()
810 809 if '-' in ip_range:
811 810 start_ip, end_ip = ip_range.split('-', 1)
812 811 start_ip = ipaddress.ip_address(safe_unicode(start_ip.strip()))
813 812 end_ip = ipaddress.ip_address(safe_unicode(end_ip.strip()))
814 813 parsed_ip_range = []
815 814
816 815 for index in xrange(int(start_ip), int(end_ip) + 1):
817 816 new_ip = ipaddress.ip_address(index)
818 817 parsed_ip_range.append(str(new_ip))
819 818 ip_list.extend(parsed_ip_range)
820 819 else:
821 820 ip_list.append(ip_range)
822 821
823 822 return make_unique(ip_list)
824 823
825 824 def add_extra_ip(self, user, ip, description=None):
826 825 """
827 826 Adds ip address to UserIpMap
828 827
829 828 :param user:
830 829 :param ip:
831 830 """
832 831
833 832 user = self._get_user(user)
834 833 obj = UserIpMap()
835 834 obj.user = user
836 835 obj.ip_addr = ip
837 836 obj.description = description
838 837 self.sa.add(obj)
839 838 return obj
840 839
841 840 auth_token_role = AuthTokenModel.cls
842 841
843 842 def add_auth_token(self, user, lifetime_minutes, role, description=u'',
844 843 scope_callback=None):
845 844 """
846 845 Add AuthToken for user.
847 846
848 847 :param user: username/user_id
849 848 :param lifetime_minutes: in minutes the lifetime for token, -1 equals no limit
850 849 :param role: one of AuthTokenModel.cls.ROLE_*
851 850 :param description: optional string description
852 851 """
853 852
854 853 token = AuthTokenModel().create(
855 854 user, description, lifetime_minutes, role)
856 855 if scope_callback and callable(scope_callback):
857 856 # call the callback if we provide, used to attach scope for EE edition
858 857 scope_callback(token)
859 858 return token
860 859
861 860 def delete_extra_ip(self, user, ip_id):
862 861 """
863 862 Removes ip address from UserIpMap
864 863
865 864 :param user:
866 865 :param ip_id:
867 866 """
868 867 user = self._get_user(user)
869 868 obj = UserIpMap.query().get(ip_id)
870 869 if obj and obj.user_id == user.user_id:
871 870 self.sa.delete(obj)
872 871
873 872 def get_accounts_in_creation_order(self, current_user=None):
874 873 """
875 874 Get accounts in order of creation for deactivation for license limits
876 875
877 876 pick currently logged in user, and append to the list in position 0
878 877 pick all super-admins in order of creation date and add it to the list
879 878 pick all other accounts in order of creation and add it to the list.
880 879
881 880 Based on that list, the last accounts can be disabled as they are
882 881 created at the end and don't include any of the super admins as well
883 882 as the current user.
884 883
885 884 :param current_user: optionally current user running this operation
886 885 """
887 886
888 887 if not current_user:
889 888 current_user = get_current_rhodecode_user()
890 889 active_super_admins = [
891 890 x.user_id for x in User.query()
892 891 .filter(User.user_id != current_user.user_id)
893 892 .filter(User.active == true())
894 893 .filter(User.admin == true())
895 894 .order_by(User.created_on.asc())]
896 895
897 896 active_regular_users = [
898 897 x.user_id for x in User.query()
899 898 .filter(User.user_id != current_user.user_id)
900 899 .filter(User.active == true())
901 900 .filter(User.admin == false())
902 901 .order_by(User.created_on.asc())]
903 902
904 903 list_of_accounts = [current_user.user_id]
905 904 list_of_accounts += active_super_admins
906 905 list_of_accounts += active_regular_users
907 906
908 907 return list_of_accounts
909 908
910 909 def deactivate_last_users(self, expected_users, current_user=None):
911 910 """
912 911 Deactivate accounts that are over the license limits.
913 912 Algorithm of which accounts to disabled is based on the formula:
914 913
915 914 Get current user, then super admins in creation order, then regular
916 915 active users in creation order.
917 916
918 917 Using that list we mark all accounts from the end of it as inactive.
919 918 This way we block only latest created accounts.
920 919
921 920 :param expected_users: list of users in special order, we deactivate
922 921 the end N amount of users from that list
923 922 """
924 923
925 924 list_of_accounts = self.get_accounts_in_creation_order(
926 925 current_user=current_user)
927 926
928 927 for acc_id in list_of_accounts[expected_users + 1:]:
929 928 user = User.get(acc_id)
930 929 log.info('Deactivating account %s for license unlock', user)
931 930 user.active = False
932 931 Session().add(user)
933 932 Session().commit()
934 933
935 934 return
936 935
937 936 def get_user_log(self, user, filter_term):
938 937 user_log = UserLog.query()\
939 938 .filter(or_(UserLog.user_id == user.user_id,
940 939 UserLog.username == user.username))\
941 940 .options(joinedload(UserLog.user))\
942 941 .options(joinedload(UserLog.repository))\
943 942 .order_by(UserLog.action_date.desc())
944 943
945 944 user_log = user_log_filter(user_log, filter_term)
946 945 return user_log
Show file before | Show file after | Hide comments
@@ -1,617 +1,632 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import os
22 22 from hashlib import sha1
23 23
24 24 import pytest
25 25 from mock import patch
26 26
27 27 from rhodecode.lib import auth
28 28 from rhodecode.lib.utils2 import md5
29 29 from rhodecode.model.auth_token import AuthTokenModel
30 from rhodecode.model.db import User
30 from rhodecode.model.db import Session, User
31 31 from rhodecode.model.repo import RepoModel
32 32 from rhodecode.model.user import UserModel
33 33 from rhodecode.model.user_group import UserGroupModel
34 34
35 35
36 36 def test_perm_origin_dict():
37 37 pod = auth.PermOriginDict()
38 38 pod['thing'] = 'read', 'default'
39 39 assert pod['thing'] == 'read'
40 40
41 41 assert pod.perm_origin_stack == {
42 42 'thing': [('read', 'default')]}
43 43
44 44 pod['thing'] = 'write', 'admin'
45 45 assert pod['thing'] == 'write'
46 46
47 47 assert pod.perm_origin_stack == {
48 48 'thing': [('read', 'default'), ('write', 'admin')]}
49 49
50 50 pod['other'] = 'write', 'default'
51 51
52 52 assert pod.perm_origin_stack == {
53 53 'other': [('write', 'default')],
54 54 'thing': [('read', 'default'), ('write', 'admin')]}
55 55
56 56 pod['other'] = 'none', 'override'
57 57
58 58 assert pod.perm_origin_stack == {
59 59 'other': [('write', 'default'), ('none', 'override')],
60 60 'thing': [('read', 'default'), ('write', 'admin')]}
61 61
62 62 with pytest.raises(ValueError):
63 63 pod['thing'] = 'read'
64 64
65 65
66 66 def test_cached_perms_data(user_regular, backend_random):
67 67 permissions = get_permissions(user_regular)
68 68 repo_name = backend_random.repo.repo_name
69 69 expected_global_permissions = {
70 70 'repository.read', 'group.read', 'usergroup.read'}
71 71 assert expected_global_permissions.issubset(permissions['global'])
72 72 assert permissions['repositories'][repo_name] == 'repository.read'
73 73
74 74
75 75 def test_cached_perms_data_with_admin_user(user_regular, backend_random):
76 76 permissions = get_permissions(user_regular, user_is_admin=True)
77 77 repo_name = backend_random.repo.repo_name
78 78 assert 'hg.admin' in permissions['global']
79 79 assert permissions['repositories'][repo_name] == 'repository.admin'
80 80
81 81
82 82 def test_cached_perms_data_with_admin_user_extended_calculation(user_regular, backend_random):
83 83 permissions = get_permissions(user_regular, user_is_admin=True,
84 84 calculate_super_admin=True)
85 85 repo_name = backend_random.repo.repo_name
86 86 assert 'hg.admin' in permissions['global']
87 87 assert permissions['repositories'][repo_name] == 'repository.admin'
88 88
89 89
90 90 def test_cached_perms_data_user_group_global_permissions(user_util):
91 91 user, user_group = user_util.create_user_with_group()
92 92 user_group.inherit_default_permissions = False
93 93
94 94 granted_permission = 'repository.write'
95 95 UserGroupModel().grant_perm(user_group, granted_permission)
96 Session().commit()
96 97
97 98 permissions = get_permissions(user)
98 99 assert granted_permission in permissions['global']
99 100
100 101
101 102 @pytest.mark.xfail(reason="Not implemented, see TODO note")
102 103 def test_cached_perms_data_user_group_global_permissions_(user_util):
103 104 user, user_group = user_util.create_user_with_group()
104 105
105 106 granted_permission = 'repository.write'
106 107 UserGroupModel().grant_perm(user_group, granted_permission)
108 Session().commit()
107 109
108 110 permissions = get_permissions(user)
109 111 assert granted_permission in permissions['global']
110 112
111 113
112 114 def test_cached_perms_data_user_global_permissions(user_util):
113 115 user = user_util.create_user()
114 116 UserModel().grant_perm(user, 'repository.none')
117 Session().commit()
115 118
116 119 permissions = get_permissions(user, user_inherit_default_permissions=True)
117 120 assert 'repository.read' in permissions['global']
118 121
119 122
120 123 def test_cached_perms_data_repository_permissions_on_private_repository(
121 124 backend_random, user_util):
122 125 user, user_group = user_util.create_user_with_group()
123 126
124 127 repo = backend_random.create_repo()
125 128 repo.private = True
126 129
127 130 granted_permission = 'repository.write'
128 131 RepoModel().grant_user_group_permission(
129 132 repo, user_group.users_group_name, granted_permission)
133 Session().commit()
130 134
131 135 permissions = get_permissions(user)
132 136 assert permissions['repositories'][repo.repo_name] == granted_permission
133 137
134 138
135 139 def test_cached_perms_data_repository_permissions_for_owner(
136 140 backend_random, user_util):
137 141 user = user_util.create_user()
138 142
139 143 repo = backend_random.create_repo()
140 144 repo.user_id = user.user_id
141 145
142 146 permissions = get_permissions(user)
143 147 assert permissions['repositories'][repo.repo_name] == 'repository.admin'
144 148
145 149 # TODO: johbo: Make cleanup in UserUtility smarter, then remove this hack
146 150 repo.user_id = User.get_default_user().user_id
147 151
148 152
149 153 def test_cached_perms_data_repository_permissions_not_inheriting_defaults(
150 154 backend_random, user_util):
151 155 user = user_util.create_user()
152 156 repo = backend_random.create_repo()
153 157
154 158 # Don't inherit default object permissions
155 159 UserModel().grant_perm(user, 'hg.inherit_default_perms.false')
160 Session().commit()
156 161
157 162 permissions = get_permissions(user)
158 163 assert permissions['repositories'][repo.repo_name] == 'repository.none'
159 164
160 165
161 166 def test_cached_perms_data_default_permissions_on_repository_group(user_util):
162 167 # Have a repository group with default permissions set
163 168 repo_group = user_util.create_repo_group()
164 169 default_user = User.get_default_user()
165 170 user_util.grant_user_permission_to_repo_group(
166 171 repo_group, default_user, 'repository.write')
167 172 user = user_util.create_user()
168 173
169 174 permissions = get_permissions(user)
170 175 assert permissions['repositories_groups'][repo_group.group_name] == \
171 176 'repository.write'
172 177
173 178
174 179 def test_cached_perms_data_default_permissions_on_repository_group_owner(
175 180 user_util):
176 181 # Have a repository group
177 182 repo_group = user_util.create_repo_group()
178 183 default_user = User.get_default_user()
179 184
180 185 # Add a permission for the default user to hit the code path
181 186 user_util.grant_user_permission_to_repo_group(
182 187 repo_group, default_user, 'repository.write')
183 188
184 189 # Have an owner of the group
185 190 user = user_util.create_user()
186 191 repo_group.user_id = user.user_id
187 192
188 193 permissions = get_permissions(user)
189 194 assert permissions['repositories_groups'][repo_group.group_name] == \
190 195 'group.admin'
191 196
192 197
193 198 def test_cached_perms_data_default_permissions_on_repository_group_no_inherit(
194 199 user_util):
195 200 # Have a repository group
196 201 repo_group = user_util.create_repo_group()
197 202 default_user = User.get_default_user()
198 203
199 204 # Add a permission for the default user to hit the code path
200 205 user_util.grant_user_permission_to_repo_group(
201 206 repo_group, default_user, 'repository.write')
202 207
203 208 # Don't inherit default object permissions
204 209 user = user_util.create_user()
205 210 UserModel().grant_perm(user, 'hg.inherit_default_perms.false')
211 Session().commit()
206 212
207 213 permissions = get_permissions(user)
208 214 assert permissions['repositories_groups'][repo_group.group_name] == \
209 215 'group.none'
210 216
211 217
212 218 def test_cached_perms_data_repository_permissions_from_user_group(
213 219 user_util, backend_random):
214 220 user, user_group = user_util.create_user_with_group()
215 221
216 222 # Needs a second user group to make sure that we select the right
217 223 # permissions.
218 224 user_group2 = user_util.create_user_group()
219 225 UserGroupModel().add_user_to_group(user_group2, user)
220 226
221 227 repo = backend_random.create_repo()
222 228
223 229 RepoModel().grant_user_group_permission(
224 230 repo, user_group.users_group_name, 'repository.read')
225 231 RepoModel().grant_user_group_permission(
226 232 repo, user_group2.users_group_name, 'repository.write')
233 Session().commit()
227 234
228 235 permissions = get_permissions(user)
229 236 assert permissions['repositories'][repo.repo_name] == 'repository.write'
230 237
231 238
232 239 def test_cached_perms_data_repository_permissions_from_user_group_owner(
233 240 user_util, backend_random):
234 241 user, user_group = user_util.create_user_with_group()
235 242
236 243 repo = backend_random.create_repo()
237 244 repo.user_id = user.user_id
238 245
239 246 RepoModel().grant_user_group_permission(
240 247 repo, user_group.users_group_name, 'repository.write')
248 Session().commit()
241 249
242 250 permissions = get_permissions(user)
243 251 assert permissions['repositories'][repo.repo_name] == 'repository.admin'
244 252
245 253
246 254 def test_cached_perms_data_user_repository_permissions(
247 255 user_util, backend_random):
248 256 user = user_util.create_user()
249 257 repo = backend_random.create_repo()
250 258 granted_permission = 'repository.write'
251 259 RepoModel().grant_user_permission(repo, user, granted_permission)
260 Session().commit()
252 261
253 262 permissions = get_permissions(user)
254 263 assert permissions['repositories'][repo.repo_name] == granted_permission
255 264
256 265
257 266 def test_cached_perms_data_user_repository_permissions_explicit(
258 267 user_util, backend_random):
259 268 user = user_util.create_user()
260 269 repo = backend_random.create_repo()
261 270 granted_permission = 'repository.none'
262 271 RepoModel().grant_user_permission(repo, user, granted_permission)
272 Session().commit()
263 273
264 274 permissions = get_permissions(user, explicit=True)
265 275 assert permissions['repositories'][repo.repo_name] == granted_permission
266 276
267 277
268 278 def test_cached_perms_data_user_repository_permissions_owner(
269 279 user_util, backend_random):
270 280 user = user_util.create_user()
271 281 repo = backend_random.create_repo()
272 282 repo.user_id = user.user_id
273 283 RepoModel().grant_user_permission(repo, user, 'repository.write')
284 Session().commit()
274 285
275 286 permissions = get_permissions(user)
276 287 assert permissions['repositories'][repo.repo_name] == 'repository.admin'
277 288
278 289
279 290 def test_cached_perms_data_repository_groups_permissions_inherited(
280 291 user_util, backend_random):
281 292 user, user_group = user_util.create_user_with_group()
282 293
283 294 # Needs a second group to hit the last condition
284 295 user_group2 = user_util.create_user_group()
285 296 UserGroupModel().add_user_to_group(user_group2, user)
286 297
287 298 repo_group = user_util.create_repo_group()
288 299
289 300 user_util.grant_user_group_permission_to_repo_group(
290 301 repo_group, user_group, 'group.read')
291 302 user_util.grant_user_group_permission_to_repo_group(
292 303 repo_group, user_group2, 'group.write')
293 304
294 305 permissions = get_permissions(user)
295 306 assert permissions['repositories_groups'][repo_group.group_name] == \
296 307 'group.write'
297 308
298 309
299 310 def test_cached_perms_data_repository_groups_permissions_inherited_owner(
300 311 user_util, backend_random):
301 312 user, user_group = user_util.create_user_with_group()
302 313 repo_group = user_util.create_repo_group()
303 314 repo_group.user_id = user.user_id
304 315
305 316 granted_permission = 'group.write'
306 317 user_util.grant_user_group_permission_to_repo_group(
307 318 repo_group, user_group, granted_permission)
308 319
309 320 permissions = get_permissions(user)
310 321 assert permissions['repositories_groups'][repo_group.group_name] == \
311 322 'group.admin'
312 323
313 324
314 325 def test_cached_perms_data_repository_groups_permissions(
315 326 user_util, backend_random):
316 327 user = user_util.create_user()
317 328
318 329 repo_group = user_util.create_repo_group()
319 330
320 331 granted_permission = 'group.write'
321 332 user_util.grant_user_permission_to_repo_group(
322 333 repo_group, user, granted_permission)
323 334
324 335 permissions = get_permissions(user)
325 336 assert permissions['repositories_groups'][repo_group.group_name] == \
326 337 'group.write'
327 338
328 339
329 340 def test_cached_perms_data_repository_groups_permissions_explicit(
330 341 user_util, backend_random):
331 342 user = user_util.create_user()
332 343
333 344 repo_group = user_util.create_repo_group()
334 345
335 346 granted_permission = 'group.none'
336 347 user_util.grant_user_permission_to_repo_group(
337 348 repo_group, user, granted_permission)
338 349
339 350 permissions = get_permissions(user, explicit=True)
340 351 assert permissions['repositories_groups'][repo_group.group_name] == \
341 352 'group.none'
342 353
343 354
344 355 def test_cached_perms_data_repository_groups_permissions_owner(
345 356 user_util, backend_random):
346 357 user = user_util.create_user()
347 358
348 359 repo_group = user_util.create_repo_group()
349 360 repo_group.user_id = user.user_id
350 361
351 362 granted_permission = 'group.write'
352 363 user_util.grant_user_permission_to_repo_group(
353 364 repo_group, user, granted_permission)
354 365
355 366 permissions = get_permissions(user)
356 367 assert permissions['repositories_groups'][repo_group.group_name] == \
357 368 'group.admin'
358 369
359 370
360 371 def test_cached_perms_data_user_group_permissions_inherited(
361 372 user_util, backend_random):
362 373 user, user_group = user_util.create_user_with_group()
363 374 user_group2 = user_util.create_user_group()
364 375 UserGroupModel().add_user_to_group(user_group2, user)
365 376
366 377 target_user_group = user_util.create_user_group()
367 378
368 379 user_util.grant_user_group_permission_to_user_group(
369 380 target_user_group, user_group, 'usergroup.read')
370 381 user_util.grant_user_group_permission_to_user_group(
371 382 target_user_group, user_group2, 'usergroup.write')
372 383
373 384 permissions = get_permissions(user)
374 385 assert permissions['user_groups'][target_user_group.users_group_name] == \
375 386 'usergroup.write'
376 387
377 388
378 389 def test_cached_perms_data_user_group_permissions(
379 390 user_util, backend_random):
380 391 user = user_util.create_user()
381 392 user_group = user_util.create_user_group()
382 393 UserGroupModel().grant_user_permission(user_group, user, 'usergroup.write')
394 Session().commit()
383 395
384 396 permissions = get_permissions(user)
385 397 assert permissions['user_groups'][user_group.users_group_name] == \
386 398 'usergroup.write'
387 399
388 400
389 401 def test_cached_perms_data_user_group_permissions_explicit(
390 402 user_util, backend_random):
391 403 user = user_util.create_user()
392 404 user_group = user_util.create_user_group()
393 405 UserGroupModel().grant_user_permission(user_group, user, 'usergroup.none')
406 Session().commit()
394 407
395 408 permissions = get_permissions(user, explicit=True)
396 409 assert permissions['user_groups'][user_group.users_group_name] == \
397 410 'usergroup.none'
398 411
399 412
400 413 def test_cached_perms_data_user_group_permissions_not_inheriting_defaults(
401 414 user_util, backend_random):
402 415 user = user_util.create_user()
403 416 user_group = user_util.create_user_group()
404 417
405 418 # Don't inherit default object permissions
406 419 UserModel().grant_perm(user, 'hg.inherit_default_perms.false')
420 Session().commit()
407 421
408 422 permissions = get_permissions(user)
409 423 assert permissions['user_groups'][user_group.users_group_name] == \
410 424 'usergroup.none'
411 425
412 426
413 427 def test_permission_calculator_admin_permissions(
414 428 user_util, backend_random):
415 429 user = user_util.create_user()
416 430 user_group = user_util.create_user_group()
417 431 repo = backend_random.repo
418 432 repo_group = user_util.create_repo_group()
419 433
420 434 calculator = auth.PermissionCalculator(
421 435 user.user_id, {}, False, False, True, 'higherwin')
422 436 permissions = calculator._calculate_admin_permissions()
423 437
424 438 assert permissions['repositories_groups'][repo_group.group_name] == \
425 439 'group.admin'
426 440 assert permissions['user_groups'][user_group.users_group_name] == \
427 441 'usergroup.admin'
428 442 assert permissions['repositories'][repo.repo_name] == 'repository.admin'
429 443 assert 'hg.admin' in permissions['global']
430 444
431 445
432 446 def test_permission_calculator_repository_permissions_robustness_from_group(
433 447 user_util, backend_random):
434 448 user, user_group = user_util.create_user_with_group()
435 449
436 450 RepoModel().grant_user_group_permission(
437 451 backend_random.repo, user_group.users_group_name, 'repository.write')
438 452
439 453 calculator = auth.PermissionCalculator(
440 454 user.user_id, {}, False, False, False, 'higherwin')
441 455 calculator._calculate_repository_permissions()
442 456
443 457
444 458 def test_permission_calculator_repository_permissions_robustness_from_user(
445 459 user_util, backend_random):
446 460 user = user_util.create_user()
447 461
448 462 RepoModel().grant_user_permission(
449 463 backend_random.repo, user, 'repository.write')
464 Session().commit()
450 465
451 466 calculator = auth.PermissionCalculator(
452 467 user.user_id, {}, False, False, False, 'higherwin')
453 468 calculator._calculate_repository_permissions()
454 469
455 470
456 471 def test_permission_calculator_repo_group_permissions_robustness_from_group(
457 472 user_util, backend_random):
458 473 user, user_group = user_util.create_user_with_group()
459 474 repo_group = user_util.create_repo_group()
460 475
461 476 user_util.grant_user_group_permission_to_repo_group(
462 477 repo_group, user_group, 'group.write')
463 478
464 479 calculator = auth.PermissionCalculator(
465 480 user.user_id, {}, False, False, False, 'higherwin')
466 481 calculator._calculate_repository_group_permissions()
467 482
468 483
469 484 def test_permission_calculator_repo_group_permissions_robustness_from_user(
470 485 user_util, backend_random):
471 486 user = user_util.create_user()
472 487 repo_group = user_util.create_repo_group()
473 488
474 489 user_util.grant_user_permission_to_repo_group(
475 490 repo_group, user, 'group.write')
476 491
477 492 calculator = auth.PermissionCalculator(
478 493 user.user_id, {}, False, False, False, 'higherwin')
479 494 calculator._calculate_repository_group_permissions()
480 495
481 496
482 497 def test_permission_calculator_user_group_permissions_robustness_from_group(
483 498 user_util, backend_random):
484 499 user, user_group = user_util.create_user_with_group()
485 500 target_user_group = user_util.create_user_group()
486 501
487 502 user_util.grant_user_group_permission_to_user_group(
488 503 target_user_group, user_group, 'usergroup.write')
489 504
490 505 calculator = auth.PermissionCalculator(
491 506 user.user_id, {}, False, False, False, 'higherwin')
492 507 calculator._calculate_user_group_permissions()
493 508
494 509
495 510 def test_permission_calculator_user_group_permissions_robustness_from_user(
496 511 user_util, backend_random):
497 512 user = user_util.create_user()
498 513 target_user_group = user_util.create_user_group()
499 514
500 515 user_util.grant_user_permission_to_user_group(
501 516 target_user_group, user, 'usergroup.write')
502 517
503 518 calculator = auth.PermissionCalculator(
504 519 user.user_id, {}, False, False, False, 'higherwin')
505 520 calculator._calculate_user_group_permissions()
506 521
507 522
508 523 @pytest.mark.parametrize("algo, new_permission, old_permission, expected", [
509 524 ('higherwin', 'repository.none', 'repository.none', 'repository.none'),
510 525 ('higherwin', 'repository.read', 'repository.none', 'repository.read'),
511 526 ('lowerwin', 'repository.write', 'repository.write', 'repository.write'),
512 527 ('lowerwin', 'repository.read', 'repository.write', 'repository.read'),
513 528 ])
514 529 def test_permission_calculator_choose_permission(
515 530 user_regular, algo, new_permission, old_permission, expected):
516 531 calculator = auth.PermissionCalculator(
517 532 user_regular.user_id, {}, False, False, False, algo)
518 533 result = calculator._choose_permission(new_permission, old_permission)
519 534 assert result == expected
520 535
521 536
522 537 def test_permission_calculator_choose_permission_raises_on_wrong_algo(
523 538 user_regular):
524 539 calculator = auth.PermissionCalculator(
525 540 user_regular.user_id, {}, False, False, False, 'invalid')
526 541 result = calculator._choose_permission(
527 542 'repository.read', 'repository.read')
528 543 # TODO: johbo: This documents the existing behavior. Think of an
529 544 # improvement.
530 545 assert result is None
531 546
532 547
533 548 def test_auth_user_get_cookie_store_for_normal_user(user_util):
534 549 user = user_util.create_user()
535 550 auth_user = auth.AuthUser(user_id=user.user_id)
536 551 expected_data = {
537 552 'username': user.username,
538 553 'user_id': user.user_id,
539 554 'password': md5(user.password),
540 555 'is_authenticated': False
541 556 }
542 557 assert auth_user.get_cookie_store() == expected_data
543 558
544 559
545 560 def test_auth_user_get_cookie_store_for_default_user():
546 561 default_user = User.get_default_user()
547 562 auth_user = auth.AuthUser()
548 563 expected_data = {
549 564 'username': User.DEFAULT_USER,
550 565 'user_id': default_user.user_id,
551 566 'password': md5(default_user.password),
552 567 'is_authenticated': True
553 568 }
554 569 assert auth_user.get_cookie_store() == expected_data
555 570
556 571
557 572 def get_permissions(user, **kwargs):
558 573 """
559 574 Utility filling in useful defaults into the call to `_cached_perms_data`.
560 575
561 576 Fill in `**kwargs` if specific values are needed for a test.
562 577 """
563 578 call_args = {
564 579 'user_id': user.user_id,
565 580 'scope': {},
566 581 'user_is_admin': False,
567 582 'user_inherit_default_permissions': False,
568 583 'explicit': False,
569 584 'algo': 'higherwin',
570 585 'calculate_super_admin': False,
571 586 }
572 587 call_args.update(kwargs)
573 588 permissions = auth._cached_perms_data(**call_args)
574 589 return permissions
575 590
576 591
577 592 class TestGenerateAuthToken(object):
578 593 def test_salt_is_used_when_specified(self):
579 594 salt = 'abcde'
580 595 user_name = 'test_user'
581 596 result = auth.generate_auth_token(user_name, salt)
582 597 expected_result = sha1(user_name + salt).hexdigest()
583 598 assert result == expected_result
584 599
585 600 def test_salt_is_geneated_when_not_specified(self):
586 601 user_name = 'test_user'
587 602 random_salt = os.urandom(16)
588 603 with patch.object(auth, 'os') as os_mock:
589 604 os_mock.urandom.return_value = random_salt
590 605 result = auth.generate_auth_token(user_name)
591 606 expected_result = sha1(user_name + random_salt).hexdigest()
592 607 assert result == expected_result
593 608
594 609
595 610 @pytest.mark.parametrize("test_token, test_roles, auth_result, expected_tokens", [
596 611 ('', None, False,
597 612 []),
598 613 ('wrongtoken', None, False,
599 614 []),
600 615 ('abracadabra_vcs', [AuthTokenModel.cls.ROLE_API], False,
601 616 [('abracadabra_api', AuthTokenModel.cls.ROLE_API, -1)]),
602 617 ('abracadabra_api', [AuthTokenModel.cls.ROLE_API], True,
603 618 [('abracadabra_api', AuthTokenModel.cls.ROLE_API, -1)]),
604 619 ('abracadabra_api', [AuthTokenModel.cls.ROLE_API], True,
605 620 [('abracadabra_api', AuthTokenModel.cls.ROLE_API, -1),
606 621 ('abracadabra_http', AuthTokenModel.cls.ROLE_HTTP, -1)]),
607 622 ])
608 623 def test_auth_by_token(test_token, test_roles, auth_result, expected_tokens,
609 624 user_util):
610 625 user = user_util.create_user()
611 626 user_id = user.user_id
612 627 for token, role, expires in expected_tokens:
613 new_token = AuthTokenModel().create(user_id, 'test-token', expires, role)
628 new_token = AuthTokenModel().create(user_id, u'test-token', expires, role)
614 629 new_token.api_key = token # inject known name for testing...
615 630
616 631 assert auth_result == user.authenticate_by_token(
617 632 test_token, roles=test_roles)
Show file before | Show file after | Hide comments
@@ -1,1080 +1,1143 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import mock
22 22 import pytest
23 23
24 24 from rhodecode.lib.utils2 import str2bool
25 25 from rhodecode.model.meta import Session
26 26 from rhodecode.model.settings import VcsSettingsModel, UiSetting
27 27
28 28
29 29 HOOKS_FORM_DATA = {
30 30 'hooks_changegroup_repo_size': True,
31 31 'hooks_changegroup_push_logger': True,
32 32 'hooks_outgoing_pull_logger': True
33 33 }
34 34
35 35 SVN_FORM_DATA = {
36 36 'new_svn_branch': 'test-branch',
37 37 'new_svn_tag': 'test-tag'
38 38 }
39 39
40 40 GENERAL_FORM_DATA = {
41 41 'rhodecode_pr_merge_enabled': True,
42 42 'rhodecode_use_outdated_comments': True,
43 43 'rhodecode_hg_use_rebase_for_merging': True,
44 44 'rhodecode_hg_close_branch_before_merging': True,
45 45 'rhodecode_git_use_rebase_for_merging': True,
46 46 'rhodecode_git_close_branch_before_merging': True,
47 47 'rhodecode_diff_cache': True,
48 48 }
49 49
50 50
51 51 class TestInheritGlobalSettingsProperty(object):
52 52 def test_get_raises_exception_when_repository_not_specified(self):
53 53 model = VcsSettingsModel()
54 54 with pytest.raises(Exception) as exc_info:
55 55 model.inherit_global_settings
56 56 assert str(exc_info.value) == 'Repository is not specified'
57 57
58 58 def test_true_is_returned_when_value_is_not_found(self, repo_stub):
59 59 model = VcsSettingsModel(repo=repo_stub.repo_name)
60 60 assert model.inherit_global_settings is True
61 61
62 62 def test_value_is_returned(self, repo_stub, settings_util):
63 63 model = VcsSettingsModel(repo=repo_stub.repo_name)
64 64 settings_util.create_repo_rhodecode_setting(
65 65 repo_stub, VcsSettingsModel.INHERIT_SETTINGS, False, 'bool')
66 66 assert model.inherit_global_settings is False
67 67
68 68 def test_value_is_set(self, repo_stub):
69 69 model = VcsSettingsModel(repo=repo_stub.repo_name)
70 70 model.inherit_global_settings = False
71 71 setting = model.repo_settings.get_setting_by_name(
72 72 VcsSettingsModel.INHERIT_SETTINGS)
73 73 try:
74 74 assert setting.app_settings_type == 'bool'
75 75 assert setting.app_settings_value is False
76 76 finally:
77 77 Session().delete(setting)
78 78 Session().commit()
79 79
80 80 def test_set_raises_exception_when_repository_not_specified(self):
81 81 model = VcsSettingsModel()
82 82 with pytest.raises(Exception) as exc_info:
83 83 model.inherit_global_settings = False
84 84 assert str(exc_info.value) == 'Repository is not specified'
85 85
86 86
87 87 class TestVcsSettingsModel(object):
88 88 def test_global_svn_branch_patterns(self):
89 89 model = VcsSettingsModel()
90 90 expected_result = {'test': 'test'}
91 91 with mock.patch.object(model, 'global_settings') as settings_mock:
92 92 get_settings = settings_mock.get_ui_by_section
93 93 get_settings.return_value = expected_result
94 94 settings_mock.return_value = expected_result
95 95 result = model.get_global_svn_branch_patterns()
96 96
97 97 get_settings.assert_called_once_with(model.SVN_BRANCH_SECTION)
98 98 assert expected_result == result
99 99
100 100 def test_repo_svn_branch_patterns(self):
101 101 model = VcsSettingsModel()
102 102 expected_result = {'test': 'test'}
103 103 with mock.patch.object(model, 'repo_settings') as settings_mock:
104 104 get_settings = settings_mock.get_ui_by_section
105 105 get_settings.return_value = expected_result
106 106 settings_mock.return_value = expected_result
107 107 result = model.get_repo_svn_branch_patterns()
108 108
109 109 get_settings.assert_called_once_with(model.SVN_BRANCH_SECTION)
110 110 assert expected_result == result
111 111
112 112 def test_repo_svn_branch_patterns_raises_exception_when_repo_is_not_set(
113 113 self):
114 114 model = VcsSettingsModel()
115 115 with pytest.raises(Exception) as exc_info:
116 116 model.get_repo_svn_branch_patterns()
117 117 assert str(exc_info.value) == 'Repository is not specified'
118 118
119 119 def test_global_svn_tag_patterns(self):
120 120 model = VcsSettingsModel()
121 121 expected_result = {'test': 'test'}
122 122 with mock.patch.object(model, 'global_settings') as settings_mock:
123 123 get_settings = settings_mock.get_ui_by_section
124 124 get_settings.return_value = expected_result
125 125 settings_mock.return_value = expected_result
126 126 result = model.get_global_svn_tag_patterns()
127 127
128 128 get_settings.assert_called_once_with(model.SVN_TAG_SECTION)
129 129 assert expected_result == result
130 130
131 131 def test_repo_svn_tag_patterns(self):
132 132 model = VcsSettingsModel()
133 133 expected_result = {'test': 'test'}
134 134 with mock.patch.object(model, 'repo_settings') as settings_mock:
135 135 get_settings = settings_mock.get_ui_by_section
136 136 get_settings.return_value = expected_result
137 137 settings_mock.return_value = expected_result
138 138 result = model.get_repo_svn_tag_patterns()
139 139
140 140 get_settings.assert_called_once_with(model.SVN_TAG_SECTION)
141 141 assert expected_result == result
142 142
143 143 def test_repo_svn_tag_patterns_raises_exception_when_repo_is_not_set(self):
144 144 model = VcsSettingsModel()
145 145 with pytest.raises(Exception) as exc_info:
146 146 model.get_repo_svn_tag_patterns()
147 147 assert str(exc_info.value) == 'Repository is not specified'
148 148
149 149 def test_get_global_settings(self):
150 150 expected_result = {'test': 'test'}
151 151 model = VcsSettingsModel()
152 152 with mock.patch.object(model, '_collect_all_settings') as collect_mock:
153 153 collect_mock.return_value = expected_result
154 154 result = model.get_global_settings()
155 155
156 156 collect_mock.assert_called_once_with(global_=True)
157 157 assert result == expected_result
158 158
159 159 def test_get_repo_settings(self, repo_stub):
160 160 model = VcsSettingsModel(repo=repo_stub.repo_name)
161 161 expected_result = {'test': 'test'}
162 162 with mock.patch.object(model, '_collect_all_settings') as collect_mock:
163 163 collect_mock.return_value = expected_result
164 164 result = model.get_repo_settings()
165 165
166 166 collect_mock.assert_called_once_with(global_=False)
167 167 assert result == expected_result
168 168
169 169 @pytest.mark.parametrize('settings, global_', [
170 170 ('global_settings', True),
171 171 ('repo_settings', False)
172 172 ])
173 173 def test_collect_all_settings(self, settings, global_):
174 174 model = VcsSettingsModel()
175 175 result_mock = self._mock_result()
176 176
177 177 settings_patch = mock.patch.object(model, settings)
178 178 with settings_patch as settings_mock:
179 179 settings_mock.get_ui_by_section_and_key.return_value = result_mock
180 180 settings_mock.get_setting_by_name.return_value = result_mock
181 181 result = model._collect_all_settings(global_=global_)
182 182
183 183 ui_settings = model.HG_SETTINGS + model.GIT_SETTINGS + model.HOOKS_SETTINGS
184 184 self._assert_get_settings_calls(
185 185 settings_mock, ui_settings, model.GENERAL_SETTINGS)
186 186 self._assert_collect_all_settings_result(
187 187 ui_settings, model.GENERAL_SETTINGS, result)
188 188
189 189 @pytest.mark.parametrize('settings, global_', [
190 190 ('global_settings', True),
191 191 ('repo_settings', False)
192 192 ])
193 193 def test_collect_all_settings_without_empty_value(self, settings, global_):
194 194 model = VcsSettingsModel()
195 195
196 196 settings_patch = mock.patch.object(model, settings)
197 197 with settings_patch as settings_mock:
198 198 settings_mock.get_ui_by_section_and_key.return_value = None
199 199 settings_mock.get_setting_by_name.return_value = None
200 200 result = model._collect_all_settings(global_=global_)
201 201
202 202 assert result == {}
203 203
204 204 def _mock_result(self):
205 205 result_mock = mock.Mock()
206 206 result_mock.ui_value = 'ui_value'
207 207 result_mock.ui_active = True
208 208 result_mock.app_settings_value = 'setting_value'
209 209 return result_mock
210 210
211 211 def _assert_get_settings_calls(
212 212 self, settings_mock, ui_settings, general_settings):
213 213 assert (
214 214 settings_mock.get_ui_by_section_and_key.call_count ==
215 215 len(ui_settings))
216 216 assert (
217 217 settings_mock.get_setting_by_name.call_count ==
218 218 len(general_settings))
219 219
220 220 for section, key in ui_settings:
221 221 expected_call = mock.call(section, key)
222 222 assert (
223 223 expected_call in
224 224 settings_mock.get_ui_by_section_and_key.call_args_list)
225 225
226 226 for name in general_settings:
227 227 expected_call = mock.call(name)
228 228 assert (
229 229 expected_call in
230 230 settings_mock.get_setting_by_name.call_args_list)
231 231
232 232 def _assert_collect_all_settings_result(
233 233 self, ui_settings, general_settings, result):
234 234 expected_result = {}
235 235 for section, key in ui_settings:
236 236 key = '{}_{}'.format(section, key.replace('.', '_'))
237 237
238 238 if section in ('extensions', 'hooks'):
239 239 value = True
240 240 elif key in ['vcs_git_lfs_enabled']:
241 241 value = True
242 242 else:
243 243 value = 'ui_value'
244 244 expected_result[key] = value
245 245
246 246 for name in general_settings:
247 247 key = 'rhodecode_' + name
248 248 expected_result[key] = 'setting_value'
249 249
250 250 assert expected_result == result
251 251
252 252
253 253 class TestCreateOrUpdateRepoHookSettings(object):
254 254 def test_create_when_no_repo_object_found(self, repo_stub):
255 255 model = VcsSettingsModel(repo=repo_stub.repo_name)
256 256
257 257 self._create_settings(model, HOOKS_FORM_DATA)
258 258
259 259 cleanup = []
260 260 try:
261 261 for section, key in model.HOOKS_SETTINGS:
262 262 ui = model.repo_settings.get_ui_by_section_and_key(
263 263 section, key)
264 264 assert ui.ui_active is True
265 265 cleanup.append(ui)
266 266 finally:
267 267 for ui in cleanup:
268 268 Session().delete(ui)
269 269 Session().commit()
270 270
271 271 def test_create_raises_exception_when_data_incomplete(self, repo_stub):
272 272 model = VcsSettingsModel(repo=repo_stub.repo_name)
273 273
274 274 deleted_key = 'hooks_changegroup_repo_size'
275 275 data = HOOKS_FORM_DATA.copy()
276 276 data.pop(deleted_key)
277 277
278 278 with pytest.raises(ValueError) as exc_info:
279 279 model.create_or_update_repo_hook_settings(data)
280 Session().commit()
281
280 282 msg = 'The given data does not contain {} key'.format(deleted_key)
281 283 assert str(exc_info.value) == msg
282 284
283 285 def test_update_when_repo_object_found(self, repo_stub, settings_util):
284 286 model = VcsSettingsModel(repo=repo_stub.repo_name)
285 287 for section, key in model.HOOKS_SETTINGS:
286 288 settings_util.create_repo_rhodecode_ui(
287 289 repo_stub, section, None, key=key, active=False)
288 290 model.create_or_update_repo_hook_settings(HOOKS_FORM_DATA)
291 Session().commit()
292
289 293 for section, key in model.HOOKS_SETTINGS:
290 294 ui = model.repo_settings.get_ui_by_section_and_key(section, key)
291 295 assert ui.ui_active is True
292 296
293 297 def _create_settings(self, model, data):
294 298 global_patch = mock.patch.object(model, 'global_settings')
295 299 global_setting = mock.Mock()
296 300 global_setting.ui_value = 'Test value'
297 301 with global_patch as global_mock:
298 302 global_mock.get_ui_by_section_and_key.return_value = global_setting
299 303 model.create_or_update_repo_hook_settings(HOOKS_FORM_DATA)
304 Session().commit()
300 305
301 306
302 307 class TestUpdateGlobalHookSettings(object):
303 308 def test_update_raises_exception_when_data_incomplete(self):
304 309 model = VcsSettingsModel()
305 310
306 311 deleted_key = 'hooks_changegroup_repo_size'
307 312 data = HOOKS_FORM_DATA.copy()
308 313 data.pop(deleted_key)
309 314
310 315 with pytest.raises(ValueError) as exc_info:
311 316 model.update_global_hook_settings(data)
317 Session().commit()
318
312 319 msg = 'The given data does not contain {} key'.format(deleted_key)
313 320 assert str(exc_info.value) == msg
314 321
315 322 def test_update_global_hook_settings(self, settings_util):
316 323 model = VcsSettingsModel()
317 324 setting_mock = mock.MagicMock()
318 325 setting_mock.ui_active = False
319 326 get_settings_patcher = mock.patch.object(
320 327 model.global_settings, 'get_ui_by_section_and_key',
321 328 return_value=setting_mock)
322 329 session_patcher = mock.patch('rhodecode.model.settings.Session')
323 330 with get_settings_patcher as get_settings_mock, session_patcher:
324 331 model.update_global_hook_settings(HOOKS_FORM_DATA)
332 Session().commit()
333
325 334 assert setting_mock.ui_active is True
326 335 assert get_settings_mock.call_count == 3
327 336
328 337
329 338 class TestCreateOrUpdateRepoGeneralSettings(object):
330 339 def test_calls_create_or_update_general_settings(self, repo_stub):
331 340 model = VcsSettingsModel(repo=repo_stub.repo_name)
332 341 create_patch = mock.patch.object(
333 342 model, '_create_or_update_general_settings')
334 343 with create_patch as create_mock:
335 344 model.create_or_update_repo_pr_settings(GENERAL_FORM_DATA)
345 Session().commit()
346
336 347 create_mock.assert_called_once_with(
337 348 model.repo_settings, GENERAL_FORM_DATA)
338 349
339 350 def test_raises_exception_when_repository_is_not_specified(self):
340 351 model = VcsSettingsModel()
341 352 with pytest.raises(Exception) as exc_info:
342 353 model.create_or_update_repo_pr_settings(GENERAL_FORM_DATA)
343 354 assert str(exc_info.value) == 'Repository is not specified'
344 355
345 356
346 357 class TestCreateOrUpdatGlobalGeneralSettings(object):
347 358 def test_calls_create_or_update_general_settings(self):
348 359 model = VcsSettingsModel()
349 360 create_patch = mock.patch.object(
350 361 model, '_create_or_update_general_settings')
351 362 with create_patch as create_mock:
352 363 model.create_or_update_global_pr_settings(GENERAL_FORM_DATA)
353 364 create_mock.assert_called_once_with(
354 365 model.global_settings, GENERAL_FORM_DATA)
355 366
356 367
357 368 class TestCreateOrUpdateGeneralSettings(object):
358 369 def test_create_when_no_repo_settings_found(self, repo_stub):
359 370 model = VcsSettingsModel(repo=repo_stub.repo_name)
360 371 model._create_or_update_general_settings(
361 372 model.repo_settings, GENERAL_FORM_DATA)
362 373
363 374 cleanup = []
364 375 try:
365 376 for name in model.GENERAL_SETTINGS:
366 377 setting = model.repo_settings.get_setting_by_name(name)
367 378 assert setting.app_settings_value is True
368 379 cleanup.append(setting)
369 380 finally:
370 381 for setting in cleanup:
371 382 Session().delete(setting)
372 383 Session().commit()
373 384
374 385 def test_create_raises_exception_when_data_incomplete(self, repo_stub):
375 386 model = VcsSettingsModel(repo=repo_stub.repo_name)
376 387
377 388 deleted_key = 'rhodecode_pr_merge_enabled'
378 389 data = GENERAL_FORM_DATA.copy()
379 390 data.pop(deleted_key)
380 391
381 392 with pytest.raises(ValueError) as exc_info:
382 393 model._create_or_update_general_settings(model.repo_settings, data)
394 Session().commit()
383 395
384 396 msg = 'The given data does not contain {} key'.format(deleted_key)
385 397 assert str(exc_info.value) == msg
386 398
387 399 def test_update_when_repo_setting_found(self, repo_stub, settings_util):
388 400 model = VcsSettingsModel(repo=repo_stub.repo_name)
389 401 for name in model.GENERAL_SETTINGS:
390 402 settings_util.create_repo_rhodecode_setting(
391 403 repo_stub, name, False, 'bool')
392 404
393 405 model._create_or_update_general_settings(
394 406 model.repo_settings, GENERAL_FORM_DATA)
407 Session().commit()
395 408
396 409 for name in model.GENERAL_SETTINGS:
397 410 setting = model.repo_settings.get_setting_by_name(name)
398 411 assert setting.app_settings_value is True
399 412
400 413
401 414 class TestCreateRepoSvnSettings(object):
402 415 def test_calls_create_svn_settings(self, repo_stub):
403 416 model = VcsSettingsModel(repo=repo_stub.repo_name)
404 417 with mock.patch.object(model, '_create_svn_settings') as create_mock:
405 418 model.create_repo_svn_settings(SVN_FORM_DATA)
419 Session().commit()
420
406 421 create_mock.assert_called_once_with(model.repo_settings, SVN_FORM_DATA)
407 422
408 423 def test_raises_exception_when_repository_is_not_specified(self):
409 424 model = VcsSettingsModel()
410 425 with pytest.raises(Exception) as exc_info:
411 426 model.create_repo_svn_settings(SVN_FORM_DATA)
427 Session().commit()
428
412 429 assert str(exc_info.value) == 'Repository is not specified'
413 430
414 431
415 432 class TestCreateSvnSettings(object):
416 433 def test_create(self, repo_stub):
417 434 model = VcsSettingsModel(repo=repo_stub.repo_name)
418 435 model._create_svn_settings(model.repo_settings, SVN_FORM_DATA)
419 436 Session().commit()
420 437
421 438 branch_ui = model.repo_settings.get_ui_by_section(
422 439 model.SVN_BRANCH_SECTION)
423 440 tag_ui = model.repo_settings.get_ui_by_section(
424 441 model.SVN_TAG_SECTION)
425 442
426 443 try:
427 444 assert len(branch_ui) == 1
428 445 assert len(tag_ui) == 1
429 446 finally:
430 447 Session().delete(branch_ui[0])
431 448 Session().delete(tag_ui[0])
432 449 Session().commit()
433 450
434 451 def test_create_tag(self, repo_stub):
435 452 model = VcsSettingsModel(repo=repo_stub.repo_name)
436 453 data = SVN_FORM_DATA.copy()
437 454 data.pop('new_svn_branch')
438 455 model._create_svn_settings(model.repo_settings, data)
439 456 Session().commit()
440 457
441 458 branch_ui = model.repo_settings.get_ui_by_section(
442 459 model.SVN_BRANCH_SECTION)
443 460 tag_ui = model.repo_settings.get_ui_by_section(
444 461 model.SVN_TAG_SECTION)
445 462
446 463 try:
447 464 assert len(branch_ui) == 0
448 465 assert len(tag_ui) == 1
449 466 finally:
450 467 Session().delete(tag_ui[0])
451 468 Session().commit()
452 469
453 470 def test_create_nothing_when_no_svn_settings_specified(self, repo_stub):
454 471 model = VcsSettingsModel(repo=repo_stub.repo_name)
455 472 model._create_svn_settings(model.repo_settings, {})
456 473 Session().commit()
457 474
458 475 branch_ui = model.repo_settings.get_ui_by_section(
459 476 model.SVN_BRANCH_SECTION)
460 477 tag_ui = model.repo_settings.get_ui_by_section(
461 478 model.SVN_TAG_SECTION)
462 479
463 480 assert len(branch_ui) == 0
464 481 assert len(tag_ui) == 0
465 482
466 483 def test_create_nothing_when_empty_settings_specified(self, repo_stub):
467 484 model = VcsSettingsModel(repo=repo_stub.repo_name)
468 485 data = {
469 486 'new_svn_branch': '',
470 487 'new_svn_tag': ''
471 488 }
472 489 model._create_svn_settings(model.repo_settings, data)
473 490 Session().commit()
474 491
475 492 branch_ui = model.repo_settings.get_ui_by_section(
476 493 model.SVN_BRANCH_SECTION)
477 494 tag_ui = model.repo_settings.get_ui_by_section(
478 495 model.SVN_TAG_SECTION)
479 496
480 497 assert len(branch_ui) == 0
481 498 assert len(tag_ui) == 0
482 499
483 500
484 501 class TestCreateOrUpdateUi(object):
485 502 def test_create(self, repo_stub):
486 503 model = VcsSettingsModel(repo=repo_stub.repo_name)
487 504 model._create_or_update_ui(
488 505 model.repo_settings, 'test-section', 'test-key', active=False,
489 506 value='False')
490 507 Session().commit()
491 508
492 509 created_ui = model.repo_settings.get_ui_by_section_and_key(
493 510 'test-section', 'test-key')
494 511
495 512 try:
496 513 assert created_ui.ui_active is False
497 514 assert str2bool(created_ui.ui_value) is False
498 515 finally:
499 516 Session().delete(created_ui)
500 517 Session().commit()
501 518
502 519 def test_update(self, repo_stub, settings_util):
503 520 model = VcsSettingsModel(repo=repo_stub.repo_name)
504 521 # care about only 3 first settings
505 522 largefiles, phases, evolve = model.HG_SETTINGS[:3]
506 523
507 524 section = 'test-section'
508 525 key = 'test-key'
509 526 settings_util.create_repo_rhodecode_ui(
510 527 repo_stub, section, 'True', key=key, active=True)
511 528
512 529 model._create_or_update_ui(
513 530 model.repo_settings, section, key, active=False, value='False')
514 531 Session().commit()
515 532
516 533 created_ui = model.repo_settings.get_ui_by_section_and_key(
517 534 section, key)
518 535 assert created_ui.ui_active is False
519 536 assert str2bool(created_ui.ui_value) is False
520 537
521 538
522 539 class TestCreateOrUpdateRepoHgSettings(object):
523 540 FORM_DATA = {
524 541 'extensions_largefiles': False,
525 542 'extensions_evolve': False,
526 543 'phases_publish': False
527 544 }
528 545
529 546 def test_creates_repo_hg_settings_when_data_is_correct(self, repo_stub):
530 547 model = VcsSettingsModel(repo=repo_stub.repo_name)
531 548 with mock.patch.object(model, '_create_or_update_ui') as create_mock:
532 549 model.create_or_update_repo_hg_settings(self.FORM_DATA)
533 550 expected_calls = [
534 551 mock.call(model.repo_settings, 'extensions', 'largefiles', active=False, value=''),
535 552 mock.call(model.repo_settings, 'extensions', 'evolve', active=False, value=''),
536 553 mock.call(model.repo_settings, 'experimental', 'evolution', active=False, value=''),
537 554 mock.call(model.repo_settings, 'experimental', 'evolution.exchange', active=False, value='no'),
538 555 mock.call(model.repo_settings, 'extensions', 'topic', active=False, value=''),
539 556 mock.call(model.repo_settings, 'phases', 'publish', value='False'),
540 557 ]
541 558 assert expected_calls == create_mock.call_args_list
542 559
543 560 @pytest.mark.parametrize('field_to_remove', FORM_DATA.keys())
544 561 def test_key_is_not_found(self, repo_stub, field_to_remove):
545 562 model = VcsSettingsModel(repo=repo_stub.repo_name)
546 563 data = self.FORM_DATA.copy()
547 564 data.pop(field_to_remove)
548 565 with pytest.raises(ValueError) as exc_info:
549 566 model.create_or_update_repo_hg_settings(data)
567 Session().commit()
568
550 569 expected_message = 'The given data does not contain {} key'.format(
551 570 field_to_remove)
552 571 assert str(exc_info.value) == expected_message
553 572
554 573 def test_create_raises_exception_when_repository_not_specified(self):
555 574 model = VcsSettingsModel()
556 575 with pytest.raises(Exception) as exc_info:
557 576 model.create_or_update_repo_hg_settings(self.FORM_DATA)
577 Session().commit()
578
558 579 assert str(exc_info.value) == 'Repository is not specified'
559 580
560 581
561 582 class TestUpdateGlobalSslSetting(object):
562 583 def test_updates_global_hg_settings(self):
563 584 model = VcsSettingsModel()
564 585 with mock.patch.object(model, '_create_or_update_ui') as create_mock:
565 586 model.update_global_ssl_setting('False')
587 Session().commit()
588
566 589 create_mock.assert_called_once_with(
567 590 model.global_settings, 'web', 'push_ssl', value='False')
568 591
569 592
570 593 class TestUpdateGlobalPathSetting(object):
571 594 def test_updates_global_path_settings(self):
572 595 model = VcsSettingsModel()
573 596 with mock.patch.object(model, '_create_or_update_ui') as create_mock:
574 597 model.update_global_path_setting('False')
598 Session().commit()
599
575 600 create_mock.assert_called_once_with(
576 601 model.global_settings, 'paths', '/', value='False')
577 602
578 603
579 604 class TestCreateOrUpdateGlobalHgSettings(object):
580 605 FORM_DATA = {
581 606 'extensions_largefiles': False,
582 607 'largefiles_usercache': '/example/largefiles-store',
583 608 'phases_publish': False,
584 609 'extensions_hgsubversion': False,
585 610 'extensions_evolve': False
586 611 }
587 612
588 613 def test_creates_repo_hg_settings_when_data_is_correct(self):
589 614 model = VcsSettingsModel()
590 615 with mock.patch.object(model, '_create_or_update_ui') as create_mock:
591 616 model.create_or_update_global_hg_settings(self.FORM_DATA)
617 Session().commit()
618
592 619 expected_calls = [
593 620 mock.call(model.global_settings, 'extensions', 'largefiles', active=False, value=''),
594 621 mock.call(model.global_settings, 'largefiles', 'usercache', value='/example/largefiles-store'),
595 622 mock.call(model.global_settings, 'phases', 'publish', value='False'),
596 623 mock.call(model.global_settings, 'extensions', 'hgsubversion', active=False),
597 624 mock.call(model.global_settings, 'extensions', 'evolve', active=False, value=''),
598 625 mock.call(model.global_settings, 'experimental', 'evolution', active=False, value=''),
599 626 mock.call(model.global_settings, 'experimental', 'evolution.exchange', active=False, value='no'),
600 627 mock.call(model.global_settings, 'extensions', 'topic', active=False, value=''),
601 628 ]
602 629
603 630 assert expected_calls == create_mock.call_args_list
604 631
605 632 @pytest.mark.parametrize('field_to_remove', FORM_DATA.keys())
606 633 def test_key_is_not_found(self, repo_stub, field_to_remove):
607 634 model = VcsSettingsModel(repo=repo_stub.repo_name)
608 635 data = self.FORM_DATA.copy()
609 636 data.pop(field_to_remove)
610 637 with pytest.raises(Exception) as exc_info:
611 638 model.create_or_update_global_hg_settings(data)
639 Session().commit()
640
612 641 expected_message = 'The given data does not contain {} key'.format(
613 642 field_to_remove)
614 643 assert str(exc_info.value) == expected_message
615 644
616 645
617 646 class TestCreateOrUpdateGlobalGitSettings(object):
618 647 FORM_DATA = {
619 648 'vcs_git_lfs_enabled': False,
620 649 'vcs_git_lfs_store_location': '/example/lfs-store',
621 650 }
622 651
623 652 def test_creates_repo_hg_settings_when_data_is_correct(self):
624 653 model = VcsSettingsModel()
625 654 with mock.patch.object(model, '_create_or_update_ui') as create_mock:
626 655 model.create_or_update_global_git_settings(self.FORM_DATA)
656 Session().commit()
657
627 658 expected_calls = [
628 659 mock.call(model.global_settings, 'vcs_git_lfs', 'enabled', active=False, value=False),
629 660 mock.call(model.global_settings, 'vcs_git_lfs', 'store_location', value='/example/lfs-store'),
630 661 ]
631 662 assert expected_calls == create_mock.call_args_list
632 663
633 664
634 665 class TestDeleteRepoSvnPattern(object):
635 666 def test_success_when_repo_is_set(self, backend_svn, settings_util):
636 667 repo = backend_svn.create_repo()
637 668 repo_name = repo.repo_name
638 669
639 670 model = VcsSettingsModel(repo=repo_name)
640 671 entry = settings_util.create_repo_rhodecode_ui(
641 672 repo, VcsSettingsModel.SVN_BRANCH_SECTION, 'svn-branch')
642 673 Session().commit()
643 674
644 675 model.delete_repo_svn_pattern(entry.ui_id)
645 676
646 677 def test_fail_when_delete_id_from_other_repo(self, backend_svn):
647 678 repo_name = backend_svn.repo_name
648 679 model = VcsSettingsModel(repo=repo_name)
649 680 delete_ui_patch = mock.patch.object(model.repo_settings, 'delete_ui')
650 681 with delete_ui_patch as delete_ui_mock:
651 682 model.delete_repo_svn_pattern(123)
683 Session().commit()
684
652 685 delete_ui_mock.assert_called_once_with(-1)
653 686
654 687 def test_raises_exception_when_repository_is_not_specified(self):
655 688 model = VcsSettingsModel()
656 689 with pytest.raises(Exception) as exc_info:
657 690 model.delete_repo_svn_pattern(123)
658 691 assert str(exc_info.value) == 'Repository is not specified'
659 692
660 693
661 694 class TestDeleteGlobalSvnPattern(object):
662 695 def test_delete_global_svn_pattern_calls_delete_ui(self):
663 696 model = VcsSettingsModel()
664 697 delete_ui_patch = mock.patch.object(model.global_settings, 'delete_ui')
665 698 with delete_ui_patch as delete_ui_mock:
666 699 model.delete_global_svn_pattern(123)
667 700 delete_ui_mock.assert_called_once_with(123)
668 701
669 702
670 703 class TestFilterUiSettings(object):
671 704 def test_settings_are_filtered(self):
672 705 model = VcsSettingsModel()
673 706 repo_settings = [
674 707 UiSetting('extensions', 'largefiles', '', True),
675 708 UiSetting('phases', 'publish', 'True', True),
676 709 UiSetting('hooks', 'changegroup.repo_size', 'hook', True),
677 710 UiSetting('hooks', 'changegroup.push_logger', 'hook', True),
678 711 UiSetting('hooks', 'outgoing.pull_logger', 'hook', True),
679 712 UiSetting(
680 713 'vcs_svn_branch', '84223c972204fa545ca1b22dac7bef5b68d7442d',
681 714 'test_branch', True),
682 715 UiSetting(
683 716 'vcs_svn_tag', '84229c972204fa545ca1b22dac7bef5b68d7442d',
684 717 'test_tag', True),
685 718 ]
686 719 non_repo_settings = [
687 720 UiSetting('largefiles', 'usercache', '/example/largefiles-store', True),
688 721 UiSetting('test', 'outgoing.pull_logger', 'hook', True),
689 722 UiSetting('hooks', 'test2', 'hook', True),
690 723 UiSetting(
691 724 'vcs_svn_repo', '84229c972204fa545ca1b22dac7bef5b68d7442d',
692 725 'test_tag', True),
693 726 ]
694 727 settings = repo_settings + non_repo_settings
695 728 filtered_settings = model._filter_ui_settings(settings)
696 729 assert sorted(filtered_settings) == sorted(repo_settings)
697 730
698 731
699 732 class TestFilterGeneralSettings(object):
700 733 def test_settings_are_filtered(self):
701 734 model = VcsSettingsModel()
702 735 settings = {
703 736 'rhodecode_abcde': 'value1',
704 737 'rhodecode_vwxyz': 'value2',
705 738 }
706 739 general_settings = {
707 740 'rhodecode_{}'.format(key): 'value'
708 741 for key in VcsSettingsModel.GENERAL_SETTINGS
709 742 }
710 743 settings.update(general_settings)
711 744
712 745 filtered_settings = model._filter_general_settings(general_settings)
713 746 assert sorted(filtered_settings) == sorted(general_settings)
714 747
715 748
716 749 class TestGetRepoUiSettings(object):
717 750 def test_global_uis_are_returned_when_no_repo_uis_found(
718 751 self, repo_stub):
719 752 model = VcsSettingsModel(repo=repo_stub.repo_name)
720 753 result = model.get_repo_ui_settings()
721 754 svn_sections = (
722 755 VcsSettingsModel.SVN_TAG_SECTION,
723 756 VcsSettingsModel.SVN_BRANCH_SECTION)
724 757 expected_result = [
725 758 s for s in model.global_settings.get_ui()
726 759 if s.section not in svn_sections]
727 760 assert sorted(result) == sorted(expected_result)
728 761
729 762 def test_repo_uis_are_overriding_global_uis(
730 763 self, repo_stub, settings_util):
731 764 for section, key in VcsSettingsModel.HOOKS_SETTINGS:
732 765 settings_util.create_repo_rhodecode_ui(
733 766 repo_stub, section, 'repo', key=key, active=False)
734 767 model = VcsSettingsModel(repo=repo_stub.repo_name)
735 768 result = model.get_repo_ui_settings()
736 769 for setting in result:
737 770 locator = (setting.section, setting.key)
738 771 if locator in VcsSettingsModel.HOOKS_SETTINGS:
739 772 assert setting.value == 'repo'
740 773
741 774 assert setting.active is False
742 775
743 776 def test_global_svn_patterns_are_not_in_list(
744 777 self, repo_stub, settings_util):
745 778 svn_sections = (
746 779 VcsSettingsModel.SVN_TAG_SECTION,
747 780 VcsSettingsModel.SVN_BRANCH_SECTION)
748 781 for section in svn_sections:
749 782 settings_util.create_rhodecode_ui(
750 783 section, 'repo', key='deadbeef' + section, active=False)
784 Session().commit()
785
751 786 model = VcsSettingsModel(repo=repo_stub.repo_name)
752 787 result = model.get_repo_ui_settings()
753 788 for setting in result:
754 789 assert setting.section not in svn_sections
755 790
756 791 def test_repo_uis_filtered_by_section_are_returned(
757 792 self, repo_stub, settings_util):
758 793 for section, key in VcsSettingsModel.HOOKS_SETTINGS:
759 794 settings_util.create_repo_rhodecode_ui(
760 795 repo_stub, section, 'repo', key=key, active=False)
761 796 model = VcsSettingsModel(repo=repo_stub.repo_name)
762 797 section, key = VcsSettingsModel.HOOKS_SETTINGS[0]
763 798 result = model.get_repo_ui_settings(section=section)
764 799 for setting in result:
765 800 assert setting.section == section
766 801
767 802 def test_repo_uis_filtered_by_key_are_returned(
768 803 self, repo_stub, settings_util):
769 804 for section, key in VcsSettingsModel.HOOKS_SETTINGS:
770 805 settings_util.create_repo_rhodecode_ui(
771 806 repo_stub, section, 'repo', key=key, active=False)
772 807 model = VcsSettingsModel(repo=repo_stub.repo_name)
773 808 section, key = VcsSettingsModel.HOOKS_SETTINGS[0]
774 809 result = model.get_repo_ui_settings(key=key)
775 810 for setting in result:
776 811 assert setting.key == key
777 812
778 813 def test_raises_exception_when_repository_is_not_specified(self):
779 814 model = VcsSettingsModel()
780 815 with pytest.raises(Exception) as exc_info:
781 816 model.get_repo_ui_settings()
782 817 assert str(exc_info.value) == 'Repository is not specified'
783 818
784 819
785 820 class TestGetRepoGeneralSettings(object):
786 821 def test_global_settings_are_returned_when_no_repo_settings_found(
787 822 self, repo_stub):
788 823 model = VcsSettingsModel(repo=repo_stub.repo_name)
789 824 result = model.get_repo_general_settings()
790 825 expected_result = model.global_settings.get_all_settings()
791 826 assert sorted(result) == sorted(expected_result)
792 827
793 828 def test_repo_uis_are_overriding_global_uis(
794 829 self, repo_stub, settings_util):
795 830 for key in VcsSettingsModel.GENERAL_SETTINGS:
796 831 settings_util.create_repo_rhodecode_setting(
797 832 repo_stub, key, 'abcde', type_='unicode')
833 Session().commit()
834
798 835 model = VcsSettingsModel(repo=repo_stub.repo_name)
799 836 result = model.get_repo_ui_settings()
800 837 for key in result:
801 838 if key in VcsSettingsModel.GENERAL_SETTINGS:
802 839 assert result[key] == 'abcde'
803 840
804 841 def test_raises_exception_when_repository_is_not_specified(self):
805 842 model = VcsSettingsModel()
806 843 with pytest.raises(Exception) as exc_info:
807 844 model.get_repo_general_settings()
808 845 assert str(exc_info.value) == 'Repository is not specified'
809 846
810 847
811 848 class TestGetGlobalGeneralSettings(object):
812 849 def test_global_settings_are_returned(self, repo_stub):
813 850 model = VcsSettingsModel()
814 851 result = model.get_global_general_settings()
815 852 expected_result = model.global_settings.get_all_settings()
816 853 assert sorted(result) == sorted(expected_result)
817 854
818 855 def test_repo_uis_are_not_overriding_global_uis(
819 856 self, repo_stub, settings_util):
820 857 for key in VcsSettingsModel.GENERAL_SETTINGS:
821 858 settings_util.create_repo_rhodecode_setting(
822 859 repo_stub, key, 'abcde', type_='unicode')
860 Session().commit()
861
823 862 model = VcsSettingsModel(repo=repo_stub.repo_name)
824 863 result = model.get_global_general_settings()
825 864 expected_result = model.global_settings.get_all_settings()
826 865 assert sorted(result) == sorted(expected_result)
827 866
828 867
829 868 class TestGetGlobalUiSettings(object):
830 869 def test_global_uis_are_returned(self, repo_stub):
831 870 model = VcsSettingsModel()
832 871 result = model.get_global_ui_settings()
833 872 expected_result = model.global_settings.get_ui()
834 873 assert sorted(result) == sorted(expected_result)
835 874
836 875 def test_repo_uis_are_not_overriding_global_uis(
837 876 self, repo_stub, settings_util):
838 877 for section, key in VcsSettingsModel.HOOKS_SETTINGS:
839 878 settings_util.create_repo_rhodecode_ui(
840 879 repo_stub, section, 'repo', key=key, active=False)
880 Session().commit()
881
841 882 model = VcsSettingsModel(repo=repo_stub.repo_name)
842 883 result = model.get_global_ui_settings()
843 884 expected_result = model.global_settings.get_ui()
844 885 assert sorted(result) == sorted(expected_result)
845 886
846 887 def test_ui_settings_filtered_by_section(
847 888 self, repo_stub, settings_util):
848 889 model = VcsSettingsModel(repo=repo_stub.repo_name)
849 890 section, key = VcsSettingsModel.HOOKS_SETTINGS[0]
850 891 result = model.get_global_ui_settings(section=section)
851 892 expected_result = model.global_settings.get_ui(section=section)
852 893 assert sorted(result) == sorted(expected_result)
853 894
854 895 def test_ui_settings_filtered_by_key(
855 896 self, repo_stub, settings_util):
856 897 model = VcsSettingsModel(repo=repo_stub.repo_name)
857 898 section, key = VcsSettingsModel.HOOKS_SETTINGS[0]
858 899 result = model.get_global_ui_settings(key=key)
859 900 expected_result = model.global_settings.get_ui(key=key)
860 901 assert sorted(result) == sorted(expected_result)
861 902
862 903
863 904 class TestGetGeneralSettings(object):
864 905 def test_global_settings_are_returned_when_inherited_is_true(
865 906 self, repo_stub, settings_util):
866 907 model = VcsSettingsModel(repo=repo_stub.repo_name)
867 908 model.inherit_global_settings = True
868 909 for key in VcsSettingsModel.GENERAL_SETTINGS:
869 910 settings_util.create_repo_rhodecode_setting(
870 911 repo_stub, key, 'abcde', type_='unicode')
912 Session().commit()
913
871 914 result = model.get_general_settings()
872 915 expected_result = model.get_global_general_settings()
873 916 assert sorted(result) == sorted(expected_result)
874 917
875 918 def test_repo_settings_are_returned_when_inherited_is_false(
876 919 self, repo_stub, settings_util):
877 920 model = VcsSettingsModel(repo=repo_stub.repo_name)
878 921 model.inherit_global_settings = False
879 922 for key in VcsSettingsModel.GENERAL_SETTINGS:
880 923 settings_util.create_repo_rhodecode_setting(
881 924 repo_stub, key, 'abcde', type_='unicode')
925 Session().commit()
926
882 927 result = model.get_general_settings()
883 928 expected_result = model.get_repo_general_settings()
884 929 assert sorted(result) == sorted(expected_result)
885 930
886 931 def test_global_settings_are_returned_when_no_repository_specified(self):
887 932 model = VcsSettingsModel()
888 933 result = model.get_general_settings()
889 934 expected_result = model.get_global_general_settings()
890 935 assert sorted(result) == sorted(expected_result)
891 936
892 937
893 938 class TestGetUiSettings(object):
894 939 def test_global_settings_are_returned_when_inherited_is_true(
895 940 self, repo_stub, settings_util):
896 941 model = VcsSettingsModel(repo=repo_stub.repo_name)
897 942 model.inherit_global_settings = True
898 943 for section, key in VcsSettingsModel.HOOKS_SETTINGS:
899 944 settings_util.create_repo_rhodecode_ui(
900 945 repo_stub, section, 'repo', key=key, active=True)
946 Session().commit()
947
901 948 result = model.get_ui_settings()
902 949 expected_result = model.get_global_ui_settings()
903 950 assert sorted(result) == sorted(expected_result)
904 951
905 952 def test_repo_settings_are_returned_when_inherited_is_false(
906 953 self, repo_stub, settings_util):
907 954 model = VcsSettingsModel(repo=repo_stub.repo_name)
908 955 model.inherit_global_settings = False
909 956 for section, key in VcsSettingsModel.HOOKS_SETTINGS:
910 957 settings_util.create_repo_rhodecode_ui(
911 958 repo_stub, section, 'repo', key=key, active=True)
959 Session().commit()
960
912 961 result = model.get_ui_settings()
913 962 expected_result = model.get_repo_ui_settings()
914 963 assert sorted(result) == sorted(expected_result)
915 964
916 965 def test_repo_settings_filtered_by_section_and_key(self, repo_stub):
917 966 model = VcsSettingsModel(repo=repo_stub.repo_name)
918 967 model.inherit_global_settings = False
968
919 969 args = ('section', 'key')
920 970 with mock.patch.object(model, 'get_repo_ui_settings') as settings_mock:
921 971 model.get_ui_settings(*args)
972 Session().commit()
973
922 974 settings_mock.assert_called_once_with(*args)
923 975
924 976 def test_global_settings_filtered_by_section_and_key(self):
925 977 model = VcsSettingsModel()
926 978 args = ('section', 'key')
927 979 with mock.patch.object(model, 'get_global_ui_settings') as (
928 980 settings_mock):
929 981 model.get_ui_settings(*args)
930 982 settings_mock.assert_called_once_with(*args)
931 983
932 984 def test_global_settings_are_returned_when_no_repository_specified(self):
933 985 model = VcsSettingsModel()
934 986 result = model.get_ui_settings()
935 987 expected_result = model.get_global_ui_settings()
936 988 assert sorted(result) == sorted(expected_result)
937 989
938 990
939 991 class TestGetSvnPatterns(object):
940 992 def test_repo_settings_filtered_by_section_and_key(self, repo_stub):
941 993 model = VcsSettingsModel(repo=repo_stub.repo_name)
942 994 args = ('section', )
943 995 with mock.patch.object(model, 'get_repo_ui_settings') as settings_mock:
944 996 model.get_svn_patterns(*args)
997
998 Session().commit()
945 999 settings_mock.assert_called_once_with(*args)
946 1000
947 1001 def test_global_settings_filtered_by_section_and_key(self):
948 1002 model = VcsSettingsModel()
949 1003 args = ('section', )
950 1004 with mock.patch.object(model, 'get_global_ui_settings') as (
951 1005 settings_mock):
952 1006 model.get_svn_patterns(*args)
953 1007 settings_mock.assert_called_once_with(*args)
954 1008
955 1009
956 1010 class TestGetReposLocation(object):
957 1011 def test_returns_repos_location(self, repo_stub):
958 1012 model = VcsSettingsModel()
959 1013
960 1014 result_mock = mock.Mock()
961 1015 result_mock.ui_value = '/tmp'
962 1016
963 1017 with mock.patch.object(model, 'global_settings') as settings_mock:
964 1018 settings_mock.get_ui_by_key.return_value = result_mock
965 1019 result = model.get_repos_location()
966 1020
967 1021 settings_mock.get_ui_by_key.assert_called_once_with('/')
968 1022 assert result == '/tmp'
969 1023
970 1024
971 1025 class TestCreateOrUpdateRepoSettings(object):
972 1026 FORM_DATA = {
973 1027 'inherit_global_settings': False,
974 1028 'hooks_changegroup_repo_size': False,
975 1029 'hooks_changegroup_push_logger': False,
976 1030 'hooks_outgoing_pull_logger': False,
977 1031 'extensions_largefiles': False,
978 1032 'extensions_evolve': False,
979 1033 'largefiles_usercache': '/example/largefiles-store',
980 1034 'vcs_git_lfs_enabled': False,
981 1035 'vcs_git_lfs_store_location': '/',
982 1036 'phases_publish': 'False',
983 1037 'rhodecode_pr_merge_enabled': False,
984 1038 'rhodecode_use_outdated_comments': False,
985 1039 'new_svn_branch': '',
986 1040 'new_svn_tag': ''
987 1041 }
988 1042
989 1043 def test_get_raises_exception_when_repository_not_specified(self):
990 1044 model = VcsSettingsModel()
991 1045 with pytest.raises(Exception) as exc_info:
992 1046 model.create_or_update_repo_settings(data=self.FORM_DATA)
1047 Session().commit()
1048
993 1049 assert str(exc_info.value) == 'Repository is not specified'
994 1050
995 1051 def test_only_svn_settings_are_updated_when_type_is_svn(self, backend_svn):
996 1052 repo = backend_svn.create_repo()
997 1053 model = VcsSettingsModel(repo=repo)
998 1054 with self._patch_model(model) as mocks:
999 1055 model.create_or_update_repo_settings(
1000 1056 data=self.FORM_DATA, inherit_global_settings=False)
1057 Session().commit()
1058
1001 1059 mocks['create_repo_svn_settings'].assert_called_once_with(
1002 1060 self.FORM_DATA)
1003 1061 non_called_methods = (
1004 1062 'create_or_update_repo_hook_settings',
1005 1063 'create_or_update_repo_pr_settings',
1006 1064 'create_or_update_repo_hg_settings')
1007 1065 for method in non_called_methods:
1008 1066 assert mocks[method].call_count == 0
1009 1067
1010 1068 def test_non_svn_settings_are_updated_when_type_is_hg(self, backend_hg):
1011 1069 repo = backend_hg.create_repo()
1012 1070 model = VcsSettingsModel(repo=repo)
1013 1071 with self._patch_model(model) as mocks:
1014 1072 model.create_or_update_repo_settings(
1015 1073 data=self.FORM_DATA, inherit_global_settings=False)
1074 Session().commit()
1016 1075
1017 1076 assert mocks['create_repo_svn_settings'].call_count == 0
1018 1077 called_methods = (
1019 1078 'create_or_update_repo_hook_settings',
1020 1079 'create_or_update_repo_pr_settings',
1021 1080 'create_or_update_repo_hg_settings')
1022 1081 for method in called_methods:
1023 1082 mocks[method].assert_called_once_with(self.FORM_DATA)
1024 1083
1025 1084 def test_non_svn_and_hg_settings_are_updated_when_type_is_git(
1026 1085 self, backend_git):
1027 1086 repo = backend_git.create_repo()
1028 1087 model = VcsSettingsModel(repo=repo)
1029 1088 with self._patch_model(model) as mocks:
1030 1089 model.create_or_update_repo_settings(
1031 1090 data=self.FORM_DATA, inherit_global_settings=False)
1032 1091
1033 1092 assert mocks['create_repo_svn_settings'].call_count == 0
1034 1093 called_methods = (
1035 1094 'create_or_update_repo_hook_settings',
1036 1095 'create_or_update_repo_pr_settings')
1037 1096 non_called_methods = (
1038 1097 'create_repo_svn_settings',
1039 1098 'create_or_update_repo_hg_settings'
1040 1099 )
1041 1100 for method in called_methods:
1042 1101 mocks[method].assert_called_once_with(self.FORM_DATA)
1043 1102 for method in non_called_methods:
1044 1103 assert mocks[method].call_count == 0
1045 1104
1046 1105 def test_no_methods_are_called_when_settings_are_inherited(
1047 1106 self, backend):
1048 1107 repo = backend.create_repo()
1049 1108 model = VcsSettingsModel(repo=repo)
1050 1109 with self._patch_model(model) as mocks:
1051 1110 model.create_or_update_repo_settings(
1052 1111 data=self.FORM_DATA, inherit_global_settings=True)
1053 1112 for method_name in mocks:
1054 1113 assert mocks[method_name].call_count == 0
1055 1114
1056 1115 def test_cache_is_marked_for_invalidation(self, repo_stub):
1057 1116 model = VcsSettingsModel(repo=repo_stub)
1058 1117 invalidation_patcher = mock.patch(
1059 1118 'rhodecode.model.scm.ScmModel.mark_for_invalidation')
1060 1119 with invalidation_patcher as invalidation_mock:
1061 1120 model.create_or_update_repo_settings(
1062 1121 data=self.FORM_DATA, inherit_global_settings=True)
1122 Session().commit()
1123
1063 1124 invalidation_mock.assert_called_once_with(
1064 1125 repo_stub.repo_name, delete=True)
1065 1126
1066 1127 def test_inherit_flag_is_saved(self, repo_stub):
1067 1128 model = VcsSettingsModel(repo=repo_stub)
1068 1129 model.inherit_global_settings = True
1069 1130 with self._patch_model(model):
1070 1131 model.create_or_update_repo_settings(
1071 1132 data=self.FORM_DATA, inherit_global_settings=False)
1133 Session().commit()
1134
1072 1135 assert model.inherit_global_settings is False
1073 1136
1074 1137 def _patch_model(self, model):
1075 1138 return mock.patch.multiple(
1076 1139 model,
1077 1140 create_repo_svn_settings=mock.DEFAULT,
1078 1141 create_or_update_repo_hook_settings=mock.DEFAULT,
1079 1142 create_or_update_repo_pr_settings=mock.DEFAULT,
1080 1143 create_or_update_repo_hg_settings=mock.DEFAULT)
Show file before | Show file after | Hide comments
@@ -1,735 +1,744 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import pytest
22 22
23 23 from rhodecode.lib.auth import AuthUser
24 24 from rhodecode.model.db import (
25 25 RepoGroup, User, UserGroupRepoGroupToPerm, Permission, UserToPerm,
26 26 UserGroupToPerm)
27 27 from rhodecode.model.meta import Session
28 28 from rhodecode.model.permission import PermissionModel
29 29 from rhodecode.model.repo import RepoModel
30 30 from rhodecode.model.repo_group import RepoGroupModel
31 31 from rhodecode.model.user import UserModel
32 32 from rhodecode.model.user_group import UserGroupModel
33 33 from rhodecode.tests.fixture import Fixture
34 34
35 35
36 36 fixture = Fixture()
37 37
38 38
39 39 @pytest.fixture()
40 40 def repo_name(backend_hg):
41 41 return backend_hg.repo_name
42 42
43 43
44 44 class TestPermissions(object):
45 45
46 46 @pytest.fixture(scope='class', autouse=True)
47 47 def default_permissions(self, request, baseapp):
48 48 # recreate default user to get a clean start
49 49 PermissionModel().create_default_user_permissions(
50 50 user=User.DEFAULT_USER, force=True)
51 51 Session().commit()
52 52
53 53 @pytest.fixture(autouse=True)
54 54 def prepare_users(self, request):
55 55 # TODO: User creation is a duplicate of test_nofitications, check
56 56 # if that can be unified
57 57 self.u1 = UserModel().create_or_update(
58 58 username=u'u1', password=u'qweqwe',
59 59 email=u'u1@rhodecode.org', firstname=u'u1', lastname=u'u1'
60 60 )
61 61 self.u2 = UserModel().create_or_update(
62 62 username=u'u2', password=u'qweqwe',
63 63 email=u'u2@rhodecode.org', firstname=u'u2', lastname=u'u2'
64 64 )
65 65 self.u3 = UserModel().create_or_update(
66 66 username=u'u3', password=u'qweqwe',
67 67 email=u'u3@rhodecode.org', firstname=u'u3', lastname=u'u3'
68 68 )
69 69 self.anon = User.get_default_user()
70 70 self.a1 = UserModel().create_or_update(
71 71 username=u'a1', password=u'qweqwe',
72 72 email=u'a1@rhodecode.org', firstname=u'a1', lastname=u'a1',
73 73 admin=True
74 74 )
75 75 Session().commit()
76 76
77 77 request.addfinalizer(self.cleanup)
78 78
79 79 def cleanup(self):
80 80 if hasattr(self, 'test_repo'):
81 81 RepoModel().delete(repo=self.test_repo)
82 Session().commit()
82 83
83 84 if hasattr(self, 'g1'):
84 85 RepoGroupModel().delete(self.g1.group_id)
85 86 if hasattr(self, 'g2'):
86 87 RepoGroupModel().delete(self.g2.group_id)
88 Session().commit()
87 89
88 UserModel().delete(self.u1)
89 UserModel().delete(self.u2)
90 UserModel().delete(self.u3)
91 UserModel().delete(self.a1)
90 UserModel().delete(self.u1, handle_repos='delete', handle_repo_groups='delete')
91 UserModel().delete(self.u2, handle_repos='delete', handle_repo_groups='delete')
92 UserModel().delete(self.u3, handle_repos='delete', handle_repo_groups='delete')
93 UserModel().delete(self.a1, handle_repos='delete', handle_repo_groups='delete')
94 Session().commit()
92 95
93 96 if hasattr(self, 'ug1'):
94 97 UserGroupModel().delete(self.ug1, force=True)
95
96 98 Session().commit()
97 99
98 100 def test_default_perms_set(self, repo_name):
99 101 assert repo_perms(self.u1)[repo_name] == 'repository.read'
100 102 new_perm = 'repository.write'
101 103 RepoModel().grant_user_permission(repo=repo_name, user=self.u1,
102 104 perm=new_perm)
103 105 Session().commit()
104 106 assert repo_perms(self.u1)[repo_name] == new_perm
105 107
106 108 def test_default_admin_perms_set(self, repo_name):
107 109 assert repo_perms(self.a1)[repo_name] == 'repository.admin'
108 110 RepoModel().grant_user_permission(repo=repo_name, user=self.a1,
109 111 perm='repository.write')
110 112 Session().commit()
111 113 # cannot really downgrade admins permissions !? they still gets set as
112 114 # admin !
113 115 assert repo_perms(self.a1)[repo_name] == 'repository.admin'
114 116
115 117 def test_default_group_perms(self, repo_name):
116 118 self.g1 = fixture.create_repo_group('test1', skip_if_exists=True)
117 119 self.g2 = fixture.create_repo_group('test2', skip_if_exists=True)
118 120
119 121 assert repo_perms(self.u1)[repo_name] == 'repository.read'
120 122 assert group_perms(self.u1) == {
121 123 'test1': 'group.read', 'test2': 'group.read'}
122 124 assert global_perms(self.u1) == set(
123 125 Permission.DEFAULT_USER_PERMISSIONS)
124 126
125 127 def test_default_admin_group_perms(self, repo_name):
126 128 self.g1 = fixture.create_repo_group('test1', skip_if_exists=True)
127 129 self.g2 = fixture.create_repo_group('test2', skip_if_exists=True)
128 130
129 131 assert repo_perms(self.a1)[repo_name] == 'repository.admin'
130 132 assert group_perms(self.a1) == {
131 133 'test1': 'group.admin', 'test2': 'group.admin'}
132 134
133 135 def test_default_owner_repo_perms(self, backend, user_util, test_repo):
134 136 user = user_util.create_user()
135 137 repo = test_repo('minimal', backend.alias)
136 138 org_owner = repo.user
137 139 assert repo_perms(user)[repo.repo_name] == 'repository.read'
138 140
139 141 repo.user = user
140 142 assert repo_perms(user)[repo.repo_name] == 'repository.admin'
141 143 repo.user = org_owner
142 144
143 145 def test_default_owner_branch_perms(self, user_util, test_user_group):
144 146 user = user_util.create_user()
145 147 assert branch_perms(user) == {}
146 148
147 149 def test_default_owner_repo_group_perms(self, user_util, test_repo_group):
148 150 user = user_util.create_user()
149 151 org_owner = test_repo_group.user
150 152
151 153 assert group_perms(user)[test_repo_group.group_name] == 'group.read'
152 154
153 155 test_repo_group.user = user
154 156 assert group_perms(user)[test_repo_group.group_name] == 'group.admin'
155 157 test_repo_group.user = org_owner
156 158
157 159 def test_default_owner_user_group_perms(self, user_util, test_user_group):
158 160 user = user_util.create_user()
159 161 org_owner = test_user_group.user
160 162
161 163 assert user_group_perms(user)[test_user_group.users_group_name] == 'usergroup.read'
162 164
163 165 test_user_group.user = user
164 166 assert user_group_perms(user)[test_user_group.users_group_name] == 'usergroup.admin'
165 167
166 168 test_user_group.user = org_owner
167 169
168 170 def test_propagated_permission_from_users_group_by_explicit_perms_exist(
169 171 self, repo_name):
170 172 # make group
171 173 self.ug1 = fixture.create_user_group('G1')
172 174 UserGroupModel().add_user_to_group(self.ug1, self.u1)
173 175
174 176 # set permission to lower
175 177 new_perm = 'repository.none'
176 178 RepoModel().grant_user_permission(
177 179 repo=repo_name, user=self.u1, perm=new_perm)
178 180 Session().commit()
179 181 assert repo_perms(self.u1)[repo_name] == new_perm
180 182
181 183 # grant perm for group this should not override permission from user
182 184 # since it has explicitly set
183 185 new_perm_gr = 'repository.write'
184 186 RepoModel().grant_user_group_permission(
185 187 repo=repo_name, group_name=self.ug1, perm=new_perm_gr)
188 Session().commit()
186 189
187 190 assert repo_perms(self.u1)[repo_name] == new_perm
188 191 assert group_perms(self.u1) == {}
189 192
190 193 def test_propagated_permission_from_users_group(self, repo_name):
191 194 # make group
192 195 self.ug1 = fixture.create_user_group('G1')
193 196 UserGroupModel().add_user_to_group(self.ug1, self.u3)
194 197
195 198 # grant perm for group
196 199 # this should override default permission from user
197 200 new_perm_gr = 'repository.write'
198 201 RepoModel().grant_user_group_permission(
199 202 repo=repo_name, group_name=self.ug1, perm=new_perm_gr)
203 Session().commit()
200 204
201 205 assert repo_perms(self.u3)[repo_name] == new_perm_gr
202 206 assert group_perms(self.u3) == {}
203 207
204 208 def test_propagated_permission_from_users_group_lower_weight(
205 209 self, repo_name):
206 210 # make group with user
207 211 self.ug1 = fixture.create_user_group('G1')
208 212 UserGroupModel().add_user_to_group(self.ug1, self.u1)
209 213
210 214 # set permission to lower
211 215 new_perm_h = 'repository.write'
212 216 RepoModel().grant_user_permission(
213 217 repo=repo_name, user=self.u1, perm=new_perm_h)
214 218 Session().commit()
215 219
216 220 assert repo_perms(self.u1)[repo_name] == new_perm_h
217 221
218 222 # grant perm for group this should NOT override permission from user
219 223 # since it's lower than granted
220 224 new_perm_l = 'repository.read'
221 225 RepoModel().grant_user_group_permission(
222 226 repo=repo_name, group_name=self.ug1, perm=new_perm_l)
227 Session().commit()
223 228
224 229 assert repo_perms(self.u1)[repo_name] == new_perm_h
225 230 assert group_perms(self.u1) == {}
226 231
227 232 def test_repo_in_group_permissions(self):
228 233 self.g1 = fixture.create_repo_group('group1', skip_if_exists=True)
229 234 self.g2 = fixture.create_repo_group('group2', skip_if_exists=True)
230 235 # both perms should be read !
231 236 assert group_perms(self.u1) == \
232 237 {u'group1': u'group.read', u'group2': u'group.read'}
233 238
234 239 assert group_perms(self.anon) == \
235 240 {u'group1': u'group.read', u'group2': u'group.read'}
236 241
237 242 # Change perms to none for both groups
238 243 RepoGroupModel().grant_user_permission(
239 244 repo_group=self.g1, user=self.anon, perm='group.none')
240 245 RepoGroupModel().grant_user_permission(
241 246 repo_group=self.g2, user=self.anon, perm='group.none')
242 247
243 248 assert group_perms(self.u1) == \
244 249 {u'group1': u'group.none', u'group2': u'group.none'}
245 250 assert group_perms(self.anon) == \
246 251 {u'group1': u'group.none', u'group2': u'group.none'}
247 252
248 253 # add repo to group
249 254 name = RepoGroup.url_sep().join([self.g1.group_name, 'test_perm'])
250 255 self.test_repo = fixture.create_repo(name=name,
251 256 repo_type='hg',
252 257 repo_group=self.g1,
253 258 cur_user=self.u1,)
254 259
255 260 assert group_perms(self.u1) == \
256 261 {u'group1': u'group.none', u'group2': u'group.none'}
257 262 assert group_perms(self.anon) == \
258 263 {u'group1': u'group.none', u'group2': u'group.none'}
259 264
260 265 # grant permission for u2 !
261 266 RepoGroupModel().grant_user_permission(
262 267 repo_group=self.g1, user=self.u2, perm='group.read')
263 268 RepoGroupModel().grant_user_permission(
264 269 repo_group=self.g2, user=self.u2, perm='group.read')
265 270 Session().commit()
266 271 assert self.u1 != self.u2
267 272
268 273 # u1 and anon should have not change perms while u2 should !
269 274 assert group_perms(self.u1) == \
270 275 {u'group1': u'group.none', u'group2': u'group.none'}
271 276 assert group_perms(self.u2) == \
272 277 {u'group1': u'group.read', u'group2': u'group.read'}
273 278 assert group_perms(self.anon) == \
274 279 {u'group1': u'group.none', u'group2': u'group.none'}
275 280
276 281 def test_repo_group_user_as_user_group_member(self):
277 282 # create Group1
278 283 self.g1 = fixture.create_repo_group('group1', skip_if_exists=True)
279 284 assert group_perms(self.anon) == {u'group1': u'group.read'}
280 285
281 286 # set default permission to none
282 287 RepoGroupModel().grant_user_permission(
283 288 repo_group=self.g1, user=self.anon, perm='group.none')
289 Session().commit()
290
284 291 # make group
285 292 self.ug1 = fixture.create_user_group('G1')
286 293 # add user to group
287 294 UserGroupModel().add_user_to_group(self.ug1, self.u1)
288 295 Session().commit()
289 296
290 297 # check if user is in the group
291 298 ug1 = UserGroupModel().get(self.ug1.users_group_id)
292 299 members = [x.user_id for x in ug1.members]
293 300 assert members == [self.u1.user_id]
294 301 # add some user to that group
295 302
296 303 # check his permissions
297 304 assert group_perms(self.anon) == {u'group1': u'group.none'}
298 305 assert group_perms(self.u1) == {u'group1': u'group.none'}
299 306
300 307 # grant ug1 read permissions for
301 308 RepoGroupModel().grant_user_group_permission(
302 309 repo_group=self.g1, group_name=self.ug1, perm='group.read')
303 310 Session().commit()
304 311
305 312 # check if the
306 313 obj = Session().query(UserGroupRepoGroupToPerm)\
307 314 .filter(UserGroupRepoGroupToPerm.group == self.g1)\
308 315 .filter(UserGroupRepoGroupToPerm.users_group == self.ug1)\
309 316 .scalar()
310 317 assert obj.permission.permission_name == 'group.read'
311 318
312 319 assert group_perms(self.anon) == {u'group1': u'group.none'}
313 320 assert group_perms(self.u1) == {u'group1': u'group.read'}
314 321
315 322 def test_inherited_permissions_from_default_on_user_enabled(self):
316 323 # enable fork and create on default user
317 324 _form_result = {
318 325 'default_repo_create': 'hg.create.repository',
319 326 'default_fork_create': 'hg.fork.repository'
320 327 }
321 328 PermissionModel().set_new_user_perms(
322 329 User.get_default_user(), _form_result)
323 330 Session().commit()
324 331
325 332 # make sure inherit flag is turned on
326 333 self.u1.inherit_default_permissions = True
327 334 Session().commit()
328 335
329 336 # this user will have inherited permissions from default user
330 337 assert global_perms(self.u1) == default_perms()
331 338
332 339 def test_inherited_permissions_from_default_on_user_disabled(self):
333 340 # disable fork and create on default user
334 341 _form_result = {
335 342 'default_repo_create': 'hg.create.none',
336 343 'default_fork_create': 'hg.fork.none'
337 344 }
338 345 PermissionModel().set_new_user_perms(
339 346 User.get_default_user(), _form_result)
340 347 Session().commit()
341 348
342 349 # make sure inherit flag is turned on
343 350 self.u1.inherit_default_permissions = True
344 351 Session().commit()
345 352
346 353 # this user will have inherited permissions from default user
347 354 expected_perms = default_perms(
348 355 added=['hg.create.none', 'hg.fork.none'],
349 356 removed=['hg.create.repository', 'hg.fork.repository'])
350 357 assert global_perms(self.u1) == expected_perms
351 358
352 359 def test_non_inherited_permissions_from_default_on_user_enabled(self):
353 360 user_model = UserModel()
354 361 # enable fork and create on default user
355 362 usr = User.DEFAULT_USER
356 363 user_model.revoke_perm(usr, 'hg.create.none')
357 364 user_model.grant_perm(usr, 'hg.create.repository')
358 365 user_model.revoke_perm(usr, 'hg.fork.none')
359 366 user_model.grant_perm(usr, 'hg.fork.repository')
360 367
361 368 # disable global perms on specific user
362 369 user_model.revoke_perm(self.u1, 'hg.create.repository')
363 370 user_model.grant_perm(self.u1, 'hg.create.none')
364 371 user_model.revoke_perm(self.u1, 'hg.fork.repository')
365 372 user_model.grant_perm(self.u1, 'hg.fork.none')
366 373
367 374 # TODO(marcink): check branch permissions now ?
368 375
369 376 # make sure inherit flag is turned off
370 377 self.u1.inherit_default_permissions = False
371 378 Session().commit()
372 379
373 380 # this user will have non inherited permissions from he's
374 381 # explicitly set permissions
375 382 assert global_perms(self.u1) == {
376 383 'hg.create.none',
377 384 'hg.fork.none',
378 385 'hg.register.manual_activate',
379 386 'hg.password_reset.enabled',
380 387 'hg.extern_activate.auto',
381 388 'repository.read',
382 389 'group.read',
383 390 'usergroup.read',
384 391 'branch.push_force',
385 392 }
386 393
387 394 def test_non_inherited_permissions_from_default_on_user_disabled(self):
388 395 user_model = UserModel()
389 396 # disable fork and create on default user
390 397 usr = User.DEFAULT_USER
391 398 user_model.revoke_perm(usr, 'hg.create.repository')
392 399 user_model.grant_perm(usr, 'hg.create.none')
393 400 user_model.revoke_perm(usr, 'hg.fork.repository')
394 401 user_model.grant_perm(usr, 'hg.fork.none')
395 402
396 403 # enable global perms on specific user
397 404 user_model.revoke_perm(self.u1, 'hg.create.none')
398 405 user_model.grant_perm(self.u1, 'hg.create.repository')
399 406 user_model.revoke_perm(self.u1, 'hg.fork.none')
400 407 user_model.grant_perm(self.u1, 'hg.fork.repository')
401 408
402 409 # make sure inherit flag is turned off
403 410 self.u1.inherit_default_permissions = False
404 411 Session().commit()
405 412
406 413 # TODO(marcink): check branch perms
407 414
408 415 # this user will have non inherited permissions from he's
409 416 # explicitly set permissions
410 417 assert global_perms(self.u1) == {
411 418 'hg.create.repository',
412 419 'hg.fork.repository',
413 420 'hg.register.manual_activate',
414 421 'hg.password_reset.enabled',
415 422 'hg.extern_activate.auto',
416 423 'repository.read',
417 424 'group.read',
418 425 'usergroup.read',
419 426 'branch.push_force',
420 427 }
421 428
422 429 @pytest.mark.parametrize('perm, expected_perm', [
423 430 ('hg.inherit_default_perms.false', 'repository.none', ),
424 431 ('hg.inherit_default_perms.true', 'repository.read', ),
425 432 ])
426 433 def test_inherited_permissions_on_objects(self, perm, expected_perm):
427 434 _form_result = {
428 435 'default_inherit_default_permissions': perm,
429 436 }
430 437 PermissionModel().set_new_user_perms(
431 438 User.get_default_user(), _form_result)
432 439 Session().commit()
433 440
434 441 # make sure inherit flag is turned on
435 442 self.u1.inherit_default_permissions = True
436 443 Session().commit()
437 444
438 445 # TODO(marcink): check branch perms
439 446
440 447 # this user will have inherited permissions from default user
441 448 assert global_perms(self.u1) == {
442 449 'hg.create.none',
443 450 'hg.fork.none',
444 451 'hg.register.manual_activate',
445 452 'hg.password_reset.enabled',
446 453 'hg.extern_activate.auto',
447 454 'repository.read',
448 455 'group.read',
449 456 'usergroup.read',
450 457 'branch.push_force',
451 458 'hg.create.write_on_repogroup.true',
452 459 'hg.usergroup.create.false',
453 460 'hg.repogroup.create.false',
454 461 perm
455 462 }
456 463
457 464 assert set(repo_perms(self.u1).values()) == set([expected_perm])
458 465
459 466 def test_repo_owner_permissions_not_overwritten_by_group(self):
460 467 # create repo as USER,
461 468 self.test_repo = fixture.create_repo(name='myownrepo',
462 469 repo_type='hg',
463 470 cur_user=self.u1)
464 471
465 472 # he has permissions of admin as owner
466 473 assert repo_perms(self.u1)['myownrepo'] == 'repository.admin'
467 474
468 475 # set his permission as user group, he should still be admin
469 476 self.ug1 = fixture.create_user_group('G1')
470 477 UserGroupModel().add_user_to_group(self.ug1, self.u1)
471 478 RepoModel().grant_user_group_permission(
472 479 self.test_repo,
473 480 group_name=self.ug1,
474 481 perm='repository.none')
475 482 Session().commit()
476 483
477 484 assert repo_perms(self.u1)['myownrepo'] == 'repository.admin'
478 485
479 486 def test_repo_owner_permissions_not_overwritten_by_others(self):
480 487 # create repo as USER,
481 488 self.test_repo = fixture.create_repo(name='myownrepo',
482 489 repo_type='hg',
483 490 cur_user=self.u1)
484 491
485 492 # he has permissions of admin as owner
486 493 assert repo_perms(self.u1)['myownrepo'] == 'repository.admin'
487 494
488 495 # set his permission as user, he should still be admin
489 496 RepoModel().grant_user_permission(
490 497 self.test_repo, user=self.u1, perm='repository.none')
491 498 Session().commit()
492 499
493 500 assert repo_perms(self.u1)['myownrepo'] == 'repository.admin'
494 501
495 502 def test_repo_group_owner_permissions_not_overwritten_by_group(self):
496 503 # "u1" shall be owner without any special permission assigned
497 504 self.g1 = fixture.create_repo_group('test1')
498 505
499 506 # Make user group and grant a permission to user group
500 507 self.ug1 = fixture.create_user_group('G1')
501 508 UserGroupModel().add_user_to_group(self.ug1, self.u1)
502 509 RepoGroupModel().grant_user_group_permission(
503 510 repo_group=self.g1, group_name=self.ug1, perm='group.write')
511 Session().commit()
504 512
505 513 # Verify that user does not get any special permission if he is not
506 514 # owner
507 515 assert group_perms(self.u1) == {'test1': 'group.write'}
508 516
509 517 # Make him owner of the repo group
510 518 self.g1.user = self.u1
511 519 assert group_perms(self.u1) == {'test1': 'group.admin'}
512 520
513 521 def test_repo_group_owner_permissions_not_overwritten_by_others(self):
514 522 # "u1" shall be owner without any special permission assigned
515 523 self.g1 = fixture.create_repo_group('test1')
516 524 RepoGroupModel().grant_user_permission(
517 525 repo_group=self.g1, user=self.u1, perm='group.write')
526 Session().commit()
518 527
519 528 # Verify that user does not get any special permission if he is not
520 529 # owner
521 530 assert group_perms(self.u1) == {'test1': 'group.write'}
522 531
523 532 # Make him owner of the repo group
524 533 self.g1.user = self.u1
525 534 assert group_perms(self.u1) == {u'test1': 'group.admin'}
526 535
527 def _test_def_user_perm_equal(
536 def assert_user_perm_equal(
528 537 self, user, change_factor=0, compare_keys=None):
529 538 perms = UserToPerm.query().filter(UserToPerm.user == user).all()
530 539 assert len(perms) == \
531 540 len(Permission.DEFAULT_USER_PERMISSIONS) + change_factor
532 541 if compare_keys:
533 542 assert set(
534 543 x.permissions.permission_name for x in perms) == compare_keys
535 544
536 def _test_def_user_group_perm_equal(
545 def assert_def_user_group_perm_equal(
537 546 self, user_group, change_factor=0, compare_keys=None):
538 547 perms = UserGroupToPerm.query().filter(
539 548 UserGroupToPerm.users_group == user_group).all()
540 549 assert len(perms) == \
541 550 len(Permission.DEFAULT_USER_PERMISSIONS) + change_factor
542 551 if compare_keys:
543 552 assert set(
544 553 x.permissions.permission_name for x in perms) == compare_keys
545 554
546 555 def test_set_default_permissions(self):
547 556 PermissionModel().create_default_user_permissions(user=self.u1)
548 self._test_def_user_perm_equal(user=self.u1)
557 self.assert_user_perm_equal(user=self.u1)
549 558
550 559 def test_set_default_permissions_after_one_is_missing(self):
551 560 PermissionModel().create_default_user_permissions(user=self.u1)
552 self._test_def_user_perm_equal(user=self.u1)
561 self.assert_user_perm_equal(user=self.u1)
553 562 # now we delete one, it should be re-created after another call
554 563 perms = UserToPerm.query().filter(UserToPerm.user == self.u1).all()
555 564 Session().delete(perms[0])
556 565 Session().commit()
557 566
558 self._test_def_user_perm_equal(user=self.u1, change_factor=-1)
567 self.assert_user_perm_equal(user=self.u1, change_factor=-1)
559 568
560 569 # create missing one !
561 570 PermissionModel().create_default_user_permissions(user=self.u1)
562 self._test_def_user_perm_equal(user=self.u1)
571 self.assert_user_perm_equal(user=self.u1)
563 572
564 573 @pytest.mark.parametrize("perm, modify_to", [
565 574 ('repository.read', 'repository.none'),
566 575 ('group.read', 'group.none'),
567 576 ('usergroup.read', 'usergroup.none'),
568 577 ('hg.create.repository', 'hg.create.none'),
569 578 ('hg.fork.repository', 'hg.fork.none'),
570 579 ('hg.register.manual_activate', 'hg.register.auto_activate',)
571 580 ])
572 581 def test_set_default_permissions_after_modification(self, perm, modify_to):
573 582 PermissionModel().create_default_user_permissions(user=self.u1)
574 self._test_def_user_perm_equal(user=self.u1)
583 self.assert_user_perm_equal(user=self.u1)
575 584
576 585 old = Permission.get_by_key(perm)
577 586 new = Permission.get_by_key(modify_to)
578 587 assert old is not None
579 588 assert new is not None
580 589
581 590 # now modify permissions
582 591 p = UserToPerm.query().filter(
583 592 UserToPerm.user == self.u1).filter(
584 593 UserToPerm.permission == old).one()
585 594 p.permission = new
586 595 Session().add(p)
587 596 Session().commit()
588 597
589 598 PermissionModel().create_default_user_permissions(user=self.u1)
590 self._test_def_user_perm_equal(user=self.u1)
599 self.assert_user_perm_equal(user=self.u1)
591 600
592 601 def test_clear_user_perms(self):
593 602 PermissionModel().create_default_user_permissions(user=self.u1)
594 self._test_def_user_perm_equal(user=self.u1)
603 self.assert_user_perm_equal(user=self.u1)
595 604
596 605 # now clear permissions
597 606 cleared = PermissionModel()._clear_user_perms(self.u1.user_id)
598 self._test_def_user_perm_equal(user=self.u1,
607 self.assert_user_perm_equal(user=self.u1,
599 608 change_factor=len(cleared)*-1)
600 609
601 610 def test_clear_user_group_perms(self):
602 611 self.ug1 = fixture.create_user_group('G1')
603 612 PermissionModel().create_default_user_group_permissions(
604 613 user_group=self.ug1)
605 self._test_def_user_group_perm_equal(user_group=self.ug1)
614 self.assert_def_user_group_perm_equal(user_group=self.ug1)
606 615
607 616 # now clear permissions
608 617 cleared = PermissionModel()._clear_user_group_perms(
609 618 self.ug1.users_group_id)
610 self._test_def_user_group_perm_equal(user_group=self.ug1,
619 self.assert_def_user_group_perm_equal(user_group=self.ug1,
611 620 change_factor=len(cleared)*-1)
612 621
613 622 @pytest.mark.parametrize("form_result", [
614 623 {},
615 624 {'default_repo_create': 'hg.create.repository'},
616 625 {'default_repo_create': 'hg.create.repository',
617 626 'default_repo_perm': 'repository.read'},
618 627 {'default_repo_create': 'hg.create.none',
619 628 'default_repo_perm': 'repository.write',
620 629 'default_fork_create': 'hg.fork.none'},
621 630 ])
622 631 def test_set_new_user_permissions(self, form_result):
623 632 _form_result = {}
624 633 _form_result.update(form_result)
625 634 PermissionModel().set_new_user_perms(self.u1, _form_result)
626 635 Session().commit()
627 636 change_factor = -1 * (len(Permission.DEFAULT_USER_PERMISSIONS)
628 637 - len(form_result.keys()))
629 self._test_def_user_perm_equal(
638 self.assert_user_perm_equal(
630 639 self.u1, change_factor=change_factor)
631 640
632 641 @pytest.mark.parametrize("form_result", [
633 642 {},
634 643 {'default_repo_create': 'hg.create.repository'},
635 644 {'default_repo_create': 'hg.create.repository',
636 645 'default_repo_perm': 'repository.read'},
637 646 {'default_repo_create': 'hg.create.none',
638 647 'default_repo_perm': 'repository.write',
639 648 'default_fork_create': 'hg.fork.none'},
640 649 ])
641 650 def test_set_new_user_group_permissions(self, form_result):
642 651 _form_result = {}
643 652 _form_result.update(form_result)
644 653 self.ug1 = fixture.create_user_group('G1')
645 654 PermissionModel().set_new_user_group_perms(self.ug1, _form_result)
646 655 Session().commit()
647 656 change_factor = -1 * (len(Permission.DEFAULT_USER_PERMISSIONS)
648 657 - len(form_result.keys()))
649 self._test_def_user_group_perm_equal(
658 self.assert_def_user_group_perm_equal(
650 659 self.ug1, change_factor=change_factor)
651 660
652 661 @pytest.mark.parametrize("group_active, expected_perm", [
653 662 (True, 'repository.admin'),
654 663 (False, 'repository.read'),
655 664 ])
656 665 def test_get_default_repo_perms_from_user_group_with_active_group(
657 666 self, backend, user_util, group_active, expected_perm):
658 667 repo = backend.create_repo()
659 668 user = user_util.create_user()
660 669 user_group = user_util.create_user_group(
661 670 members=[user], users_group_active=group_active)
662 671
663 672 user_util.grant_user_group_permission_to_repo(
664 673 repo, user_group, 'repository.admin')
665 674 permissions = repo_perms(user)
666 675 repo_permission = permissions.get(repo.repo_name)
667 676 assert repo_permission == expected_perm
668 677
669 678 @pytest.mark.parametrize("group_active, expected_perm", [
670 679 (True, 'group.admin'),
671 680 (False, 'group.read')
672 681 ])
673 682 def test_get_default_group_perms_from_user_group_with_active_group(
674 683 self, user_util, group_active, expected_perm):
675 684 user = user_util.create_user()
676 685 repo_group = user_util.create_repo_group()
677 686 user_group = user_util.create_user_group(
678 687 members=[user], users_group_active=group_active)
679 688
680 689 user_util.grant_user_group_permission_to_repo_group(
681 690 repo_group, user_group, 'group.admin')
682 691 permissions = group_perms(user)
683 692 group_permission = permissions.get(repo_group.name)
684 693 assert group_permission == expected_perm
685 694
686 695 @pytest.mark.parametrize("group_active, expected_perm", [
687 696 (True, 'usergroup.admin'),
688 697 (False, 'usergroup.read')
689 698 ])
690 699 def test_get_default_user_group_perms_from_user_group_with_active_group(
691 700 self, user_util, group_active, expected_perm):
692 701 user = user_util.create_user()
693 702 user_group = user_util.create_user_group(
694 703 members=[user], users_group_active=group_active)
695 704 target_user_group = user_util.create_user_group()
696 705
697 706 user_util.grant_user_group_permission_to_user_group(
698 707 target_user_group, user_group, 'usergroup.admin')
699 708 permissions = user_group_perms(user)
700 709 group_permission = permissions.get(target_user_group.users_group_name)
701 710 assert group_permission == expected_perm
702 711
703 712
704 713 def repo_perms(user):
705 714 auth_user = AuthUser(user_id=user.user_id)
706 715 return auth_user.permissions['repositories']
707 716
708 717
709 718 def branch_perms(user):
710 719 auth_user = AuthUser(user_id=user.user_id)
711 720 return auth_user.permissions['repository_branches']
712 721
713 722
714 723 def group_perms(user):
715 724 auth_user = AuthUser(user_id=user.user_id)
716 725 return auth_user.permissions['repositories_groups']
717 726
718 727
719 728 def user_group_perms(user):
720 729 auth_user = AuthUser(user_id=user.user_id)
721 730 return auth_user.permissions['user_groups']
722 731
723 732
724 733 def global_perms(user):
725 734 auth_user = AuthUser(user_id=user.user_id)
726 735 return auth_user.permissions['global']
727 736
728 737
729 738 def default_perms(added=None, removed=None):
730 739 expected_perms = set(Permission.DEFAULT_USER_PERMISSIONS)
731 740 if removed:
732 741 expected_perms.difference_update(removed)
733 742 if added:
734 743 expected_perms.update(added)
735 744 return expected_perms
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
General Comments 0
You need to be logged in to leave comments. Login now