rhodecode-enterprise-ce Commit - r1676:40da1231

user-groups: moved get_user_groups from RepoModel to UserGroupModel.

marcink -

r1676:40da1231 default

parent child

rhodecode/apps/admin/views/users.py

0 +2 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             import datetime
             from pyramid.httpexceptions import HTTPFound
             from pyramid.view import view_config
             from sqlalchemy.sql.functions import coalesce
             from rhodecode.lib.helpers import Page
             from rhodecode_tools.lib.ext_json import json
             from rhodecode.apps._base import BaseAppView, DataGridAppView
             from rhodecode.lib.auth import (
                 LoginRequired, HasPermissionAllDecorator, CSRFRequired)
             from rhodecode.lib import helpers as h
             from rhodecode.lib.utils import PartialRenderer
             from rhodecode.lib.utils2 import safe_int, safe_unicode
             from rhodecode.model.auth_token import AuthTokenModel
             from rhodecode.model.user import UserModel
             from rhodecode.model.user_group import UserGroupModel
             from rhodecode.model.db import User, or_
             from rhodecode.model.meta import Session
             log = logging.getLogger(__name__)
             class AdminUsersView(BaseAppView, DataGridAppView):
                 ALLOW_SCOPED_TOKENS = False
                 """
                 This view has alternative version inside EE, if modified please take a look
                 in there as well.
                 """
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     c.allow_scoped_tokens = self.ALLOW_SCOPED_TOKENS
                     self._register_global_c(c)
                     return c
                 def _redirect_for_default_user(self, username):
                     _ = self.request.translate
                     if username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user"), category='warning')
                         # TODO(marcink): redirect to 'users' admin panel once this
                         # is a pyramid view
                         raise HTTPFound('/')
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='users', request_method='GET',
                     renderer='rhodecode:templates/admin/users/users.mako')
                 def users_list(self):
                     c = self.load_default_context()
                     return self._get_template_context(c)
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     # renderer defined below
                     route_name='users_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 def users_list_data(self):
                     draw, start, limit = self._extract_chunk(self.request)
                     search_q, order_by, order_dir = self._extract_ordering(self.request)
                     _render = PartialRenderer('data_table/_dt_elements.mako')
                     def user_actions(user_id, username):
                         return _render("user_actions", user_id, username)
                     users_data_total_count = User.query()\
                         .filter(User.username != User.DEFAULT_USER) \
                         .count()
                     # json generate
                     base_q = User.query().filter(User.username != User.DEFAULT_USER)
                     if search_q:
                         like_expression = u'%{}%'.format(safe_unicode(search_q))
                         base_q = base_q.filter(or_(
                             User.username.ilike(like_expression),
                             User._email.ilike(like_expression),
                             User.name.ilike(like_expression),
                             User.lastname.ilike(like_expression),
                         ))
                     users_data_total_filtered_count = base_q.count()
                     sort_col = getattr(User, order_by, None)
                     if sort_col:
                         if order_dir == 'asc':
                             # handle null values properly to order by NULL last
                             if order_by in ['last_activity']:
                                 sort_col = coalesce(sort_col, datetime.date.max)
                             sort_col = sort_col.asc()
                         else:
                             # handle null values properly to order by NULL last
                             if order_by in ['last_activity']:
                                 sort_col = coalesce(sort_col, datetime.date.min)
                             sort_col = sort_col.desc()
                     base_q = base_q.order_by(sort_col)
                     base_q = base_q.offset(start).limit(limit)
                     users_list = base_q.all()
                     users_data = []
                     for user in users_list:
                         users_data.append({
                             "username": h.gravatar_with_user(user.username),
                             "email": user.email,
                             "first_name": h.escape(user.name),
                             "last_name": h.escape(user.lastname),
                             "last_login": h.format_date(user.last_login),
                             "last_activity": h.format_date(user.last_activity),
                             "active": h.bool2icon(user.active),
                             "active_raw": user.active,
                             "admin": h.bool2icon(user.admin),
                             "extern_type": user.extern_type,
                             "extern_name": user.extern_name,
                             "action": user_actions(user.user_id, user.username),
                         })
                     data = ({
                         'draw': draw,
                         'data': users_data,
                         'recordsTotal': users_data_total_count,
                         'recordsFiltered': users_data_total_filtered_count,
                     })
                     return data
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='edit_user_auth_tokens', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 def auth_tokens(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id, pyramid_exc=True)
                     self._redirect_for_default_user(c.user.username)
                     c.active = 'auth_tokens'
                     c.lifetime_values = [
                         (str(-1), _('forever')),
                         (str(5), _('5 minutes')),
                         (str(60), _('1 hour')),
                         (str(60 * 24), _('1 day')),
                         (str(60 * 24 * 30), _('1 month')),
                     ]
                     c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
                     c.role_values = [
                         (x, AuthTokenModel.cls._get_role_name(x))
                         for x in AuthTokenModel.cls.ROLES]
                     c.role_options = [(c.role_values, _("Role"))]
                     c.user_auth_tokens = AuthTokenModel().get_auth_tokens(
                         c.user.user_id, show_expired=True)
                     return self._get_template_context(c)
                 def maybe_attach_token_scope(self, token):
                     # implemented in EE edition
                     pass
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='edit_user_auth_tokens_add', request_method='POST')
                 def auth_tokens_add(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id, pyramid_exc=True)
                     self._redirect_for_default_user(c.user.username)
                     lifetime = safe_int(self.request.POST.get('lifetime'), -1)
                     description = self.request.POST.get('description')
                     role = self.request.POST.get('role')
                     token = AuthTokenModel().create(
                         c.user.user_id, description, lifetime, role)
                     self.maybe_attach_token_scope(token)
                     Session().commit()
                     h.flash(_("Auth token successfully created"), category='success')
                     return HTTPFound(h.route_path('edit_user_auth_tokens', user_id=user_id))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='edit_user_auth_tokens_delete', request_method='POST')
                 def auth_tokens_delete(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id, pyramid_exc=True)
                     self._redirect_for_default_user(c.user.username)
                     del_auth_token = self.request.POST.get('del_auth_token')
                     if del_auth_token:
                         AuthTokenModel().delete(del_auth_token, c.user.user_id)
                         Session().commit()
                         h.flash(_("Auth token successfully deleted"), category='success')
                     return HTTPFound(h.route_path('edit_user_auth_tokens', user_id=user_id))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='edit_user_groups_management', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 def groups_management(self):
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id, pyramid_exc=True)
                     c.data = c.user.group_member
                     self._redirect_for_default_user(c.user.username)
-                    groups = [UserGroupModel.get_user_groups_as_dict(group.users_group) for group in c.user.group_member]
+                    groups = [UserGroupModel.get_user_groups_as_dict(group.users_group)
+                              for group in c.user.group_member]
                     c.groups = json.dumps(groups)
                     c.active = 'groups'
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='edit_user_groups_management_updates', request_method='POST')
                 def groups_management_updates(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id, pyramid_exc=True)
                     self._redirect_for_default_user(c.user.username)
                     users_groups = set(self.request.POST.getall('users_group_id'))
                     users_groups_model = []
                     for ugid in users_groups:
                         users_groups_model.append(UserGroupModel().get_group(safe_int(ugid)))
                     user_group_model = UserGroupModel()
                     user_group_model.change_groups(c.user, users_groups_model)
                     Session().commit()
                     c.active = 'user_groups_management'
                     h.flash(_("Groups successfully changed"), category='success')
                     return HTTPFound(h.route_path(
                         'edit_user_groups_management', user_id=user_id))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @view_config(
                     route_name='edit_user_audit_logs', request_method='GET',
                     renderer='rhodecode:templates/admin/users/user_edit.mako')
                 def user_audit_logs(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     user_id = self.request.matchdict.get('user_id')
                     c.user = User.get_or_404(user_id, pyramid_exc=True)
                     self._redirect_for_default_user(c.user.username)
                     c.active = 'audit'
                     p = safe_int(self.request.GET.get('page', 1), 1)
                     filter_term = self.request.GET.get('filter')
                     c.user_log = UserModel().get_user_log(c.user, filter_term)
                     def url_generator(**kw):
                         if filter_term:
                             kw['filter'] = filter_term
                         return self.request.current_route_path(_query=kw)
                     c.user_log = Page(c.user_log, page=p, items_per_page=10,
                                       url=url_generator)
                     c.filter_term = filter_term
                     return self._get_template_context(c)

rhodecode/apps/home/views.py

0 +3 -4

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import re
             import logging
             from pyramid.view import view_config
             from rhodecode.apps._base import BaseAppView
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import LoginRequired, NotAnonymous
             from rhodecode.lib.index import searcher_from_config
             from rhodecode.lib.utils2 import safe_unicode, str2bool
             from rhodecode.model.db import func, Repository, RepoGroup
             from rhodecode.model.repo import RepoModel
             from rhodecode.model.scm import ScmModel
+            from rhodecode.model.user_group import UserGroupModel
             log = logging.getLogger(__name__)
             class HomeView(BaseAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     c.user = c.auth_user.get_instance()
                     self._register_global_c(c)
                     return c
                 @LoginRequired()
                 @view_config(
                     route_name='user_autocomplete_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 def user_autocomplete_data(self):
                     query = self.request.GET.get('query')
                     active = str2bool(self.request.GET.get('active') or True)
                     include_groups = str2bool(self.request.GET.get('user_groups'))
                     log.debug('generating user list, query:%s, active:%s, with_groups:%s',
                               query, active, include_groups)
                     repo_model = RepoModel()
                     _users = repo_model.get_users(
                         name_contains=query, only_active=active)
                     if include_groups:
                         # extend with user groups
-                        _user_groups = repo_model.get_user_groups(
+                        _user_groups = UserGroupModel().get_user_groups(
                             name_contains=query, only_active=active)
                         _users = _users + _user_groups
                     return {'suggestions': _users}
                 @LoginRequired()
                 @NotAnonymous()
                 @view_config(
                     route_name='user_group_autocomplete_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 def user_group_autocomplete_data(self):
                     query = self.request.GET.get('query')
                     active = str2bool(self.request.GET.get('active') or True)
                     log.debug('generating user group list, query:%s, active:%s',
                               query, active)
-                    repo_model = RepoModel()
+                    _user_groups = UserGroupModel().get_user_groups(
-                    _user_groups = repo_model.get_user_groups(
                         name_contains=query, only_active=active)
                     _user_groups = _user_groups
                     return {'suggestions': _user_groups}
                 def _get_repo_list(self, name_contains=None, repo_type=None, limit=20):
                     query = Repository.query()\
                         .order_by(func.length(Repository.repo_name))\
                         .order_by(Repository.repo_name)
                     if repo_type:
                         query = query.filter(Repository.repo_type == repo_type)
                     if name_contains:
                         ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
                         query = query.filter(
                             Repository.repo_name.ilike(ilike_expression))
                         query = query.limit(limit)
                     all_repos = query.all()
                     # permission checks are inside this function
                     repo_iter = ScmModel().get_repos(all_repos)
                     return [
                         {
                             'id': obj['name'],
                             'text': obj['name'],
                             'type': 'repo',
                             'obj': obj['dbrepo'],
                             'url': h.url('summary_home', repo_name=obj['name'])
                         }
                         for obj in repo_iter]
                 def _get_repo_group_list(self, name_contains=None, limit=20):
                     query = RepoGroup.query()\
                         .order_by(func.length(RepoGroup.group_name))\
                         .order_by(RepoGroup.group_name)
                     if name_contains:
                         ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
                         query = query.filter(
                             RepoGroup.group_name.ilike(ilike_expression))
                         query = query.limit(limit)
                     all_groups = query.all()
                     repo_groups_iter = ScmModel().get_repo_groups(all_groups)
                     return [
                         {
                             'id': obj.group_name,
                             'text': obj.group_name,
                             'type': 'group',
                             'obj': {},
                             'url': h.url('repo_group_home', group_name=obj.group_name)
                         }
                         for obj in repo_groups_iter]
                 def _get_hash_commit_list(self, auth_user, hash_starts_with=None):
                     if not hash_starts_with or len(hash_starts_with) < 3:
                         return []
                     commit_hashes = re.compile('([0-9a-f]{2,40})').findall(hash_starts_with)
                     if len(commit_hashes) != 1:
                         return []
                     commit_hash_prefix = commit_hashes[0]
                     searcher = searcher_from_config(self.request.registry.settings)
                     result = searcher.search(
                         'commit_id:%s*' % commit_hash_prefix, 'commit', auth_user,
                         raise_on_exc=False)
                     return [
                         {
                             'id': entry['commit_id'],
                             'text': entry['commit_id'],
                             'type': 'commit',
                             'obj': {'repo': entry['repository']},
                             'url': h.url('changeset_home',
                                          repo_name=entry['repository'],
                                          revision=entry['commit_id'])
                         }
                         for entry in result['results']]
                 @LoginRequired()
                 @view_config(
                     route_name='repo_list_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 def repo_list_data(self):
                     _ = self.request.translate
                     query = self.request.GET.get('query')
                     repo_type = self.request.GET.get('repo_type')
                     log.debug('generating repo list, query:%s, repo_type:%s',
                               query, repo_type)
                     res = []
                     repos = self._get_repo_list(query, repo_type=repo_type)
                     if repos:
                         res.append({
                             'text': _('Repositories'),
                             'children': repos
                         })
                     data = {
                         'more': False,
                         'results': res
                     }
                     return data
                 @LoginRequired()
                 @view_config(
                     route_name='goto_switcher_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 def goto_switcher_data(self):
                     c = self.load_default_context()
                     _ = self.request.translate
                     query = self.request.GET.get('query')
                     log.debug('generating goto switcher list, query %s', query)
                     res = []
                     repo_groups = self._get_repo_group_list(query)
                     if repo_groups:
                         res.append({
                             'text': _('Groups'),
                             'children': repo_groups
                         })
                     repos = self._get_repo_list(query)
                     if repos:
                         res.append({
                             'text': _('Repositories'),
                             'children': repos
                         })
                     commits = self._get_hash_commit_list(c.auth_user, query)
                     if commits:
                         unique_repos = {}
                         for commit in commits:
                             unique_repos.setdefault(commit['obj']['repo'], []
                                 ).append(commit)
                         for repo in unique_repos:
                             res.append({
                                 'text': _('Commits in %(repo)s') % {'repo': repo},
                                 'children': unique_repos[repo]
                             })
                     data = {
                         'more': False,
                         'results': res
                     }
                     return data

rhodecode/model/repo.py

0 +1 -45

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Repository model for rhodecode
             """
             import logging
             import os
             import re
             import shutil
             import time
             import traceback
             from datetime import datetime, timedelta
-            from sqlalchemy.sql import func
             from sqlalchemy.sql.expression import true, or_
             from zope.cachedescriptors.property import Lazy as LazyProperty
             from rhodecode import events
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import HasUserGroupPermissionAny
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.lib.exceptions import AttachedForksError
             from rhodecode.lib.hooks_base import log_delete_repository
-            from rhodecode.lib.markup_renderer import MarkupRenderer
             from rhodecode.lib.utils import make_db_config
             from rhodecode.lib.utils2 import (
                 safe_str, safe_unicode, remove_prefix, obfuscate_url_pw,
                 get_current_rhodecode_user, safe_int, datetime_to_time, action_logger_generic)
             from rhodecode.lib.vcs.backends import get_backend
-            from rhodecode.lib.vcs.exceptions import NodeDoesNotExistError
             from rhodecode.model import BaseModel
             from rhodecode.model.db import (
                 Repository, UserRepoToPerm, UserGroupRepoToPerm, UserRepoGroupToPerm,
                 UserGroupRepoGroupToPerm, User, Permission, Statistics, UserGroup,
                 RepoGroup, RepositoryField)
-            from rhodecode.model.scm import UserGroupList
             from rhodecode.model.settings import VcsSettingsModel
             log = logging.getLogger(__name__)
             class RepoModel(BaseModel):
                 cls = Repository
                 def _get_user_group(self, users_group):
                     return self._get_instance(UserGroup, users_group,
                                               callback=UserGroup.get_by_group_name)
                 def _get_repo_group(self, repo_group):
                     return self._get_instance(RepoGroup, repo_group,
                                               callback=RepoGroup.get_by_group_name)
                 def _create_default_perms(self, repository, private):
                     # create default permission
                     default = 'repository.read'
                     def_user = User.get_default_user()
                     for p in def_user.user_perms:
                         if p.permission.permission_name.startswith('repository.'):
                             default = p.permission.permission_name
                             break
                     default_perm = 'repository.none' if private else default
                     repo_to_perm = UserRepoToPerm()
                     repo_to_perm.permission = Permission.get_by_key(default_perm)
                     repo_to_perm.repository = repository
                     repo_to_perm.user_id = def_user.user_id
                     return repo_to_perm
                 @LazyProperty
                 def repos_path(self):
                     """
                     Gets the repositories root path from database
                     """
                     settings_model = VcsSettingsModel(sa=self.sa)
                     return settings_model.get_repos_location()
                 def get(self, repo_id, cache=False):
                     repo = self.sa.query(Repository) \
                         .filter(Repository.repo_id == repo_id)
                     if cache:
                         repo = repo.options(FromCache("sql_cache_short",
                                                       "get_repo_%s" % repo_id))
                     return repo.scalar()
                 def get_repo(self, repository):
                     return self._get_repo(repository)
                 def get_by_repo_name(self, repo_name, cache=False):
                     repo = self.sa.query(Repository) \
                         .filter(Repository.repo_name == repo_name)
                     if cache:
                         repo = repo.options(FromCache("sql_cache_short",
                                                       "get_repo_%s" % repo_name))
                     return repo.scalar()
                 def _extract_id_from_repo_name(self, repo_name):
                     if repo_name.startswith('/'):
                         repo_name = repo_name.lstrip('/')
                     by_id_match = re.match(r'^_(\d{1,})', repo_name)
                     if by_id_match:
                         return by_id_match.groups()[0]
                 def get_repo_by_id(self, repo_name):
                     """
                     Extracts repo_name by id from special urls.
                     Example url is _11/repo_name
                     :param repo_name:
                     :return: repo object if matched else None
                     """
                     try:
                         _repo_id = self._extract_id_from_repo_name(repo_name)
                         if _repo_id:
                             return self.get(_repo_id)
                     except Exception:
                         log.exception('Failed to extract repo_name from URL')
                     return None
                 def get_repos_for_root(self, root, traverse=False):
                     if traverse:
                         like_expression = u'{}%'.format(safe_unicode(root))
                         repos = Repository.query().filter(
                             Repository.repo_name.like(like_expression)).all()
                     else:
                         if root and not isinstance(root, RepoGroup):
                             raise ValueError(
                                 'Root must be an instance '
                                 'of RepoGroup, got:{} instead'.format(type(root)))
                         repos = Repository.query().filter(Repository.group == root).all()
                     return repos
                 def get_url(self, repo):
                     return h.url('summary_home', repo_name=safe_str(repo.repo_name),
                         qualified=True)
                 def get_users(self, name_contains=None, limit=20, only_active=True):
                     # TODO: mikhail: move this method to the UserModel.
                     query = self.sa.query(User)
                     if only_active:
                         query = query.filter(User.active == true())
                     if name_contains:
                         ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
                         query = query.filter(
                             or_(
                                 User.name.ilike(ilike_expression),
                                 User.lastname.ilike(ilike_expression),
                                 User.username.ilike(ilike_expression)
                             )
                         )
                         query = query.limit(limit)
                     users = query.all()
                     _users = [
                         {
                             'id': user.user_id,
                             'first_name': user.name,
                             'last_name': user.lastname,
                             'username': user.username,
                             'email': user.email,
                             'icon_link': h.gravatar_url(user.email, 30),
                             'value_display': h.person(user),
                             'value': user.username,
                             'value_type': 'user',
                             'active': user.active,
                         }
                         for user in users
                     ]
                     return _users
-                def get_user_groups(self, name_contains=None, limit=20, only_active=True):
-                    # TODO: mikhail: move this method to the UserGroupModel.
-                    query = self.sa.query(UserGroup)
-                    if only_active:
-                        query = query.filter(UserGroup.users_group_active == true())
-                    if name_contains:
-                        ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
-                        query = query.filter(
-                            UserGroup.users_group_name.ilike(ilike_expression))\
-                            .order_by(func.length(UserGroup.users_group_name))\
-                            .order_by(UserGroup.users_group_name)
-                        query = query.limit(limit)
-                    user_groups = query.all()
-                    perm_set = ['usergroup.read', 'usergroup.write', 'usergroup.admin']
-                    user_groups = UserGroupList(user_groups, perm_set=perm_set)
-                    _groups = [
-                            'id': group.users_group_id,
-                            # TODO: marcink figure out a way to generate the url for the
-                            # icon
-                            'icon_link': '',
-                            'value_display': 'Group: %s (%d members)' % (
-                                group.users_group_name, len(group.members),),
-                            'value': group.users_group_name,
-                            'description': group.user_group_description,
-                            'owner': group.user.username,
-                            'owner_icon': h.gravatar_url(group.user.email, 30),
-                            'value_display_owner': h.person(group.user.email),
-                            'value_type': 'user_group',
-                            'active': group.users_group_active,
-                        for group in user_groups
-                    return _groups
                 @classmethod
                 def update_repoinfo(cls, repositories=None):
                     if not repositories:
                         repositories = Repository.getAll()
                     for repo in repositories:
                         repo.update_commit_cache()
                 def get_repos_as_dict(self, repo_list=None, admin=False,
                                       super_user_actions=False):
                     from rhodecode.lib.utils import PartialRenderer
                     _render = PartialRenderer('data_table/_dt_elements.mako')
                     c = _render.c
                     def quick_menu(repo_name):
                         return _render('quick_menu', repo_name)
                     def repo_lnk(name, rtype, rstate, private, fork_of):
                         return _render('repo_name', name, rtype, rstate, private, fork_of,
                                        short_name=not admin, admin=False)
                     def last_change(last_change):
                         if admin and isinstance(last_change, datetime) and not last_change.tzinfo:
                             last_change = last_change + timedelta(seconds=
                                 (datetime.now() - datetime.utcnow()).seconds)
                         return _render("last_change", last_change)
                     def rss_lnk(repo_name):
                         return _render("rss", repo_name)
                     def atom_lnk(repo_name):
                         return _render("atom", repo_name)
                     def last_rev(repo_name, cs_cache):
                         return _render('revision', repo_name, cs_cache.get('revision'),
                                        cs_cache.get('raw_id'), cs_cache.get('author'),
                                        cs_cache.get('message'))
                     def desc(desc):
                         if c.visual.stylify_metatags:
                             desc = h.urlify_text(h.escaped_stylize(desc))
                         else:
                             desc = h.urlify_text(h.html_escape(desc))
                         return _render('repo_desc', desc)
                     def state(repo_state):
                         return _render("repo_state", repo_state)
                     def repo_actions(repo_name):
                         return _render('repo_actions', repo_name, super_user_actions)
                     def user_profile(username):
                         return _render('user_profile', username)
                     repos_data = []
                     for repo in repo_list:
                         cs_cache = repo.changeset_cache
                         row = {
                             "menu": quick_menu(repo.repo_name),
                             "name": repo_lnk(repo.repo_name, repo.repo_type,
                                              repo.repo_state, repo.private, repo.fork),
                             "name_raw": repo.repo_name.lower(),
                             "last_change": last_change(repo.last_db_change),
                             "last_change_raw": datetime_to_time(repo.last_db_change),
                             "last_changeset": last_rev(repo.repo_name, cs_cache),
                             "last_changeset_raw": cs_cache.get('revision'),
                             "desc": desc(repo.description),
                             "owner": user_profile(repo.user.username),
                             "state": state(repo.repo_state),
                             "rss": rss_lnk(repo.repo_name),
                             "atom": atom_lnk(repo.repo_name),
                         }
                         if admin:
                             row.update({
                                 "action": repo_actions(repo.repo_name),
                             })
                         repos_data.append(row)
                     return repos_data
                 def _get_defaults(self, repo_name):
                     """
                     Gets information about repository, and returns a dict for
                     usage in forms
                     :param repo_name:
                     """
                     repo_info = Repository.get_by_repo_name(repo_name)
                     if repo_info is None:
                         return None
                     defaults = repo_info.get_dict()
                     defaults['repo_name'] = repo_info.just_name
                     groups  = repo_info.groups_with_parents
                     parent_group = groups[-1] if groups else None
                     # we use -1 as this is how in HTML, we mark an empty group
                     defaults['repo_group'] = getattr(parent_group, 'group_id', -1)
                     keys_to_process = (
                         {'k': 'repo_type', 'strip': False},
                         {'k': 'repo_enable_downloads', 'strip': True},
                         {'k': 'repo_description', 'strip': True},
                         {'k': 'repo_enable_locking', 'strip': True},
                         {'k': 'repo_landing_rev', 'strip': True},
                         {'k': 'clone_uri', 'strip': False},
                         {'k': 'repo_private', 'strip': True},
                         {'k': 'repo_enable_statistics', 'strip': True}
                     )
                     for item in keys_to_process:
                         attr = item['k']
                         if item['strip']:
                             attr = remove_prefix(item['k'], 'repo_')
                         val = defaults[attr]
                         if item['k'] == 'repo_landing_rev':
                             val = ':'.join(defaults[attr])
                         defaults[item['k']] = val
                         if item['k'] == 'clone_uri':
                             defaults['clone_uri_hidden'] = repo_info.clone_uri_hidden
                     # fill owner
                     if repo_info.user:
                         defaults.update({'user': repo_info.user.username})
                     else:
                         replacement_user = User.get_first_super_admin().username
                         defaults.update({'user': replacement_user})
                     # fill repository users
                     for p in repo_info.repo_to_perm:
                         defaults.update({'u_perm_%s' % p.user.user_id:
                                         p.permission.permission_name})
                     # fill repository groups
                     for p in repo_info.users_group_to_perm:
                         defaults.update({'g_perm_%s' % p.users_group.users_group_id:
                                         p.permission.permission_name})
                     return defaults
                 def update(self, repo, **kwargs):
                     try:
                         cur_repo = self._get_repo(repo)
                         source_repo_name = cur_repo.repo_name
                         if 'user' in kwargs:
                             cur_repo.user = User.get_by_username(kwargs['user'])
                         if 'repo_group' in kwargs:
                             cur_repo.group = RepoGroup.get(kwargs['repo_group'])
                         log.debug('Updating repo %s with params:%s', cur_repo, kwargs)
                         update_keys = [
                             (1, 'repo_description'),
                             (1, 'repo_landing_rev'),
                             (1, 'repo_private'),
                             (1, 'repo_enable_downloads'),
                             (1, 'repo_enable_locking'),
                             (1, 'repo_enable_statistics'),
                             (0, 'clone_uri'),
                             (0, 'fork_id')
                         ]
                         for strip, k in update_keys:
                             if k in kwargs:
                                 val = kwargs[k]
                                 if strip:
                                     k = remove_prefix(k, 'repo_')
                                 if k == 'clone_uri':
                                     from rhodecode.model.validators import Missing
                                     _change = kwargs.get('clone_uri_change')
                                     if _change in [Missing, 'OLD']:
                                         # we don't change the value, so use original one
                                         val = cur_repo.clone_uri
                                 setattr(cur_repo, k, val)
                         new_name = cur_repo.get_new_name(kwargs['repo_name'])
                         cur_repo.repo_name = new_name
                         # if private flag is set, reset default permission to NONE
                         if kwargs.get('repo_private'):
                             EMPTY_PERM = 'repository.none'
                             RepoModel().grant_user_permission(
                                 repo=cur_repo, user=User.DEFAULT_USER, perm=EMPTY_PERM
                             )
                         # handle extra fields
                         for field in filter(lambda k: k.startswith(RepositoryField.PREFIX),
                                             kwargs):
                             k = RepositoryField.un_prefix_key(field)
                             ex_field = RepositoryField.get_by_key_name(
                                 key=k, repo=cur_repo)
                             if ex_field:
                                 ex_field.field_value = kwargs[field]
                                 self.sa.add(ex_field)
                         self.sa.add(cur_repo)
                         if source_repo_name != new_name:
                             # rename repository
                             self._rename_filesystem_repo(
                                 old=source_repo_name, new=new_name)
                         return cur_repo
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def _create_repo(self, repo_name, repo_type, description, owner,
                                  private=False, clone_uri=None, repo_group=None,
                                  landing_rev='rev:tip', fork_of=None,
                                  copy_fork_permissions=False, enable_statistics=False,
                                  enable_locking=False, enable_downloads=False,
                                  copy_group_permissions=False,
                                  state=Repository.STATE_PENDING):
                     """
                     Create repository inside database with PENDING state, this should be
                     only executed by create() repo. With exception of importing existing
                     repos
                     """
                     from rhodecode.model.scm import ScmModel
                     owner = self._get_user(owner)
                     fork_of = self._get_repo(fork_of)
                     repo_group = self._get_repo_group(safe_int(repo_group))
                     try:
                         repo_name = safe_unicode(repo_name)
                         description = safe_unicode(description)
                         # repo name is just a name of repository
                         # while repo_name_full is a full qualified name that is combined
                         # with name and path of group
                         repo_name_full = repo_name
                         repo_name = repo_name.split(Repository.NAME_SEP)[-1]
                         new_repo = Repository()
                         new_repo.repo_state = state
                         new_repo.enable_statistics = False
                         new_repo.repo_name = repo_name_full
                         new_repo.repo_type = repo_type
                         new_repo.user = owner
                         new_repo.group = repo_group
                         new_repo.description = description or repo_name
                         new_repo.private = private
                         new_repo.clone_uri = clone_uri
                         new_repo.landing_rev = landing_rev
                         new_repo.enable_statistics = enable_statistics
                         new_repo.enable_locking = enable_locking
                         new_repo.enable_downloads = enable_downloads
                         if repo_group:
                             new_repo.enable_locking = repo_group.enable_locking
                         if fork_of:
                             parent_repo = fork_of
                             new_repo.fork = parent_repo
                         events.trigger(events.RepoPreCreateEvent(new_repo))
                         self.sa.add(new_repo)
                         EMPTY_PERM = 'repository.none'
                         if fork_of and copy_fork_permissions:
                             repo = fork_of
                             user_perms = UserRepoToPerm.query() \
                                 .filter(UserRepoToPerm.repository == repo).all()
                             group_perms = UserGroupRepoToPerm.query() \
                                 .filter(UserGroupRepoToPerm.repository == repo).all()
                             for perm in user_perms:
                                 UserRepoToPerm.create(
                                     perm.user, new_repo, perm.permission)
                             for perm in group_perms:
                                 UserGroupRepoToPerm.create(
                                     perm.users_group, new_repo, perm.permission)
                             # in case we copy permissions and also set this repo to private
                             # override the default user permission to make it a private
                             # repo
                             if private:
                                 RepoModel(self.sa).grant_user_permission(
                                     repo=new_repo, user=User.DEFAULT_USER, perm=EMPTY_PERM)
                         elif repo_group and copy_group_permissions:
                             user_perms = UserRepoGroupToPerm.query() \
                                 .filter(UserRepoGroupToPerm.group == repo_group).all()
                             group_perms = UserGroupRepoGroupToPerm.query() \
                                 .filter(UserGroupRepoGroupToPerm.group == repo_group).all()
                             for perm in user_perms:
                                 perm_name = perm.permission.permission_name.replace(
                                     'group.', 'repository.')
                                 perm_obj = Permission.get_by_key(perm_name)
                                 UserRepoToPerm.create(perm.user, new_repo, perm_obj)
                             for perm in group_perms:
                                 perm_name = perm.permission.permission_name.replace(
                                     'group.', 'repository.')
                                 perm_obj = Permission.get_by_key(perm_name)
                                 UserGroupRepoToPerm.create(
                                     perm.users_group, new_repo, perm_obj)
                             if private:
                                 RepoModel(self.sa).grant_user_permission(
                                     repo=new_repo, user=User.DEFAULT_USER, perm=EMPTY_PERM)
                         else:
                             perm_obj = self._create_default_perms(new_repo, private)
                             self.sa.add(perm_obj)
                         # now automatically start following this repository as owner
                         ScmModel(self.sa).toggle_following_repo(new_repo.repo_id,
                                                                 owner.user_id)
                         # we need to flush here, in order to check if database won't
                         # throw any exceptions, create filesystem dirs at the very end
                         self.sa.flush()
                         events.trigger(events.RepoCreateEvent(new_repo))
                         return new_repo
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def create(self, form_data, cur_user):
                     """
                     Create repository using celery tasks
                     :param form_data:
                     :param cur_user:
                     """
                     from rhodecode.lib.celerylib import tasks, run_task
                     return run_task(tasks.create_repo, form_data, cur_user)
                 def update_permissions(self, repo, perm_additions=None, perm_updates=None,
                                        perm_deletions=None, check_perms=True,
                                        cur_user=None):
                     if not perm_additions:
                         perm_additions = []
                     if not perm_updates:
                         perm_updates = []
                     if not perm_deletions:
                         perm_deletions = []
                     req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin')
                     # update permissions
                     for member_id, perm, member_type in perm_updates:
                         member_id = int(member_id)
                         if member_type == 'user':
                             # this updates also current one if found
                             self.grant_user_permission(
                                 repo=repo, user=member_id, perm=perm)
                         else:  # set for user group
                             # check if we have permissions to alter this usergroup
                             member_name = UserGroup.get(member_id).users_group_name
                             if not check_perms or HasUserGroupPermissionAny(
                                     *req_perms)(member_name, user=cur_user):
                                 self.grant_user_group_permission(
                                     repo=repo, group_name=member_id, perm=perm)
                     # set new permissions
                     for member_id, perm, member_type in perm_additions:
                         member_id = int(member_id)
                         if member_type == 'user':
                             self.grant_user_permission(
                                 repo=repo, user=member_id, perm=perm)
                         else:  # set for user group
                             # check if we have permissions to alter this usergroup
                             member_name = UserGroup.get(member_id).users_group_name
                             if not check_perms or HasUserGroupPermissionAny(
                                     *req_perms)(member_name, user=cur_user):
                                 self.grant_user_group_permission(
                                     repo=repo, group_name=member_id, perm=perm)
                     # delete permissions
                     for member_id, perm, member_type in perm_deletions:
                         member_id = int(member_id)
                         if member_type == 'user':
                             self.revoke_user_permission(repo=repo, user=member_id)
                         else:  # set for user group
                             # check if we have permissions to alter this usergroup
                             member_name = UserGroup.get(member_id).users_group_name
                             if not check_perms or HasUserGroupPermissionAny(
                                     *req_perms)(member_name, user=cur_user):
                                 self.revoke_user_group_permission(
                                     repo=repo, group_name=member_id)
                 def create_fork(self, form_data, cur_user):
                     """
                     Simple wrapper into executing celery task for fork creation
                     :param form_data:
                     :param cur_user:
                     """
                     from rhodecode.lib.celerylib import tasks, run_task
                     return run_task(tasks.create_repo_fork, form_data, cur_user)
                 def delete(self, repo, forks=None, fs_remove=True, cur_user=None):
                     """
                     Delete given repository, forks parameter defines what do do with
                     attached forks. Throws AttachedForksError if deleted repo has attached
                     forks
                     :param repo:
                     :param forks: str 'delete' or 'detach'
                     :param fs_remove: remove(archive) repo from filesystem
                     """
                     if not cur_user:
                         cur_user = getattr(get_current_rhodecode_user(), 'username', None)
                     repo = self._get_repo(repo)
                     if repo:
                         if forks == 'detach':
                             for r in repo.forks:
                                 r.fork = None
                                 self.sa.add(r)
                         elif forks == 'delete':
                             for r in repo.forks:
                                 self.delete(r, forks='delete')
                         elif [f for f in repo.forks]:
                             raise AttachedForksError()
                         old_repo_dict = repo.get_dict()
                         events.trigger(events.RepoPreDeleteEvent(repo))
                         try:
                             self.sa.delete(repo)
                             if fs_remove:
                                 self._delete_filesystem_repo(repo)
                             else:
                                 log.debug('skipping removal from filesystem')
                             old_repo_dict.update({
                                 'deleted_by': cur_user,
                                 'deleted_on': time.time(),
                             })
                             log_delete_repository(**old_repo_dict)
                             events.trigger(events.RepoDeleteEvent(repo))
                         except Exception:
                             log.error(traceback.format_exc())
                             raise
                 def grant_user_permission(self, repo, user, perm):
                     """
                     Grant permission for user on given repository, or update existing one
                     if found
                     :param repo: Instance of Repository, repository_id, or repository name
                     :param user: Instance of User, user_id or username
                     :param perm: Instance of Permission, or permission_name
                     """
                     user = self._get_user(user)
                     repo = self._get_repo(repo)
                     permission = self._get_perm(perm)
                     # check if we have that permission already
                     obj = self.sa.query(UserRepoToPerm) \
                         .filter(UserRepoToPerm.user == user) \
                         .filter(UserRepoToPerm.repository == repo) \
                         .scalar()
                     if obj is None:
                         # create new !
                         obj = UserRepoToPerm()
                     obj.repository = repo
                     obj.user = user
                     obj.permission = permission
                     self.sa.add(obj)
                     log.debug('Granted perm %s to %s on %s', perm, user, repo)
                     action_logger_generic(
                         'granted permission: {} to user: {} on repo: {}'.format(
                             perm, user, repo), namespace='security.repo')
                     return obj
                 def revoke_user_permission(self, repo, user):
                     """
                     Revoke permission for user on given repository
                     :param repo: Instance of Repository, repository_id, or repository name
                     :param user: Instance of User, user_id or username
                     """
                     user = self._get_user(user)
                     repo = self._get_repo(repo)
                     obj = self.sa.query(UserRepoToPerm) \
                         .filter(UserRepoToPerm.repository == repo) \
                         .filter(UserRepoToPerm.user == user) \
                         .scalar()
                     if obj:
                         self.sa.delete(obj)
                         log.debug('Revoked perm on %s on %s', repo, user)
                         action_logger_generic(
                             'revoked permission from user: {} on repo: {}'.format(
                                 user, repo), namespace='security.repo')
                 def grant_user_group_permission(self, repo, group_name, perm):
                     """
                     Grant permission for user group on given repository, or update
                     existing one if found
                     :param repo: Instance of Repository, repository_id, or repository name
                     :param group_name: Instance of UserGroup, users_group_id,
                         or user group name
                     :param perm: Instance of Permission, or permission_name
                     """
                     repo = self._get_repo(repo)
                     group_name = self._get_user_group(group_name)
                     permission = self._get_perm(perm)
                     # check if we have that permission already
                     obj = self.sa.query(UserGroupRepoToPerm) \
                         .filter(UserGroupRepoToPerm.users_group == group_name) \
                         .filter(UserGroupRepoToPerm.repository == repo) \
                         .scalar()
                     if obj is None:
                         # create new
                         obj = UserGroupRepoToPerm()
                     obj.repository = repo
                     obj.users_group = group_name
                     obj.permission = permission
                     self.sa.add(obj)
                     log.debug('Granted perm %s to %s on %s', perm, group_name, repo)
                     action_logger_generic(
                         'granted permission: {} to usergroup: {} on repo: {}'.format(
                             perm, group_name, repo), namespace='security.repo')
                     return obj
                 def revoke_user_group_permission(self, repo, group_name):
                     """
                     Revoke permission for user group on given repository
                     :param repo: Instance of Repository, repository_id, or repository name
                     :param group_name: Instance of UserGroup, users_group_id,
                         or user group name
                     """
                     repo = self._get_repo(repo)
                     group_name = self._get_user_group(group_name)
                     obj = self.sa.query(UserGroupRepoToPerm) \
                         .filter(UserGroupRepoToPerm.repository == repo) \
                         .filter(UserGroupRepoToPerm.users_group == group_name) \
                         .scalar()
                     if obj:
                         self.sa.delete(obj)
                         log.debug('Revoked perm to %s on %s', repo, group_name)
                         action_logger_generic(
                             'revoked permission from usergroup: {} on repo: {}'.format(
                                 group_name, repo), namespace='security.repo')
                 def delete_stats(self, repo_name):
                     """
                     removes stats for given repo
                     :param repo_name:
                     """
                     repo = self._get_repo(repo_name)
                     try:
                         obj = self.sa.query(Statistics) \
                             .filter(Statistics.repository == repo).scalar()
                         if obj:
                             self.sa.delete(obj)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def add_repo_field(self, repo_name, field_key, field_label, field_value='',
                                    field_type='str', field_desc=''):
                     repo = self._get_repo(repo_name)
                     new_field = RepositoryField()
                     new_field.repository = repo
                     new_field.field_key = field_key
                     new_field.field_type = field_type  # python type
                     new_field.field_value = field_value
                     new_field.field_desc = field_desc
                     new_field.field_label = field_label
                     self.sa.add(new_field)
                     return new_field
                 def delete_repo_field(self, repo_name, field_key):
                     repo = self._get_repo(repo_name)
                     field = RepositoryField.get_by_key_name(field_key, repo)
                     if field:
                         self.sa.delete(field)
                 def _create_filesystem_repo(self, repo_name, repo_type, repo_group,
                                             clone_uri=None, repo_store_location=None,
                                             use_global_config=False):
                     """
                     makes repository on filesystem. It's group aware means it'll create
                     a repository within a group, and alter the paths accordingly of
                     group location
                     :param repo_name:
                     :param alias:
                     :param parent:
                     :param clone_uri:
                     :param repo_store_location:
                     """
                     from rhodecode.lib.utils import is_valid_repo, is_valid_repo_group
                     from rhodecode.model.scm import ScmModel
                     if Repository.NAME_SEP in repo_name:
                         raise ValueError(
                             'repo_name must not contain groups got `%s`' % repo_name)
                     if isinstance(repo_group, RepoGroup):
                         new_parent_path = os.sep.join(repo_group.full_path_splitted)
                     else:
                         new_parent_path = repo_group or ''
                     if repo_store_location:
                         _paths = [repo_store_location]
                     else:
                         _paths = [self.repos_path, new_parent_path, repo_name]
                         # we need to make it str for mercurial
                     repo_path = os.path.join(*map(lambda x: safe_str(x), _paths))
                     # check if this path is not a repository
                     if is_valid_repo(repo_path, self.repos_path):
                         raise Exception('This path %s is a valid repository' % repo_path)
                     # check if this path is a group
                     if is_valid_repo_group(repo_path, self.repos_path):
                         raise Exception('This path %s is a valid group' % repo_path)
                     log.info('creating repo %s in %s from url: `%s`',
                              repo_name, safe_unicode(repo_path),
                              obfuscate_url_pw(clone_uri))
                     backend = get_backend(repo_type)
                     config_repo = None if use_global_config else repo_name
                     if config_repo and new_parent_path:
                         config_repo = Repository.NAME_SEP.join(
                             (new_parent_path, config_repo))
                     config = make_db_config(clear_session=False, repo=config_repo)
                     config.set('extensions', 'largefiles', '')
                     # patch and reset hooks section of UI config to not run any
                     # hooks on creating remote repo
                     config.clear_section('hooks')
                     # TODO: johbo: Unify this, hardcoded "bare=True" does not look nice
                     if repo_type == 'git':
                         repo = backend(
                             repo_path, config=config, create=True, src_url=clone_uri,
                             bare=True)
                     else:
                         repo = backend(
                             repo_path, config=config, create=True, src_url=clone_uri)
                     ScmModel().install_hooks(repo, repo_type=repo_type)
                     log.debug('Created repo %s with %s backend',
                               safe_unicode(repo_name), safe_unicode(repo_type))
                     return repo
                 def _rename_filesystem_repo(self, old, new):
                     """
                     renames repository on filesystem
                     :param old: old name
                     :param new: new name
                     """
                     log.info('renaming repo from %s to %s', old, new)
                     old_path = os.path.join(self.repos_path, old)
                     new_path = os.path.join(self.repos_path, new)
                     if os.path.isdir(new_path):
                         raise Exception(
                             'Was trying to rename to already existing dir %s' % new_path
                         )
                     shutil.move(old_path, new_path)
                 def _delete_filesystem_repo(self, repo):
                     """
                     removes repo from filesystem, the removal is acctually made by
                     added rm__ prefix into dir, and rename internat .hg/.git dirs so this
                     repository is no longer valid for rhodecode, can be undeleted later on
                     by reverting the renames on this repository
                     :param repo: repo object
                     """
                     rm_path = os.path.join(self.repos_path, repo.repo_name)
                     repo_group = repo.group
                     log.info("Removing repository %s", rm_path)
                     # disable hg/git internal that it doesn't get detected as repo
                     alias = repo.repo_type
                     config = make_db_config(clear_session=False)
                     config.set('extensions', 'largefiles', '')
                     bare = getattr(repo.scm_instance(config=config), 'bare', False)
                     # skip this for bare git repos
                     if not bare:
                         # disable VCS repo
                         vcs_path = os.path.join(rm_path, '.%s' % alias)
                         if os.path.exists(vcs_path):
                             shutil.move(vcs_path, os.path.join(rm_path, 'rm__.%s' % alias))
                     _now = datetime.now()
                     _ms = str(_now.microsecond).rjust(6, '0')
                     _d = 'rm__%s__%s' % (_now.strftime('%Y%m%d_%H%M%S_' + _ms),
                                          repo.just_name)
                     if repo_group:
                         # if repository is in group, prefix the removal path with the group
                         args = repo_group.full_path_splitted + [_d]
                         _d = os.path.join(*args)
                     if os.path.isdir(rm_path):
                         shutil.move(rm_path, os.path.join(self.repos_path, _d))
             class ReadmeFinder:
                 """
                 Utility which knows how to find a readme for a specific commit.
                 The main idea is that this is a configurable algorithm. When creating an
                 instance you can define parameters, currently only the `default_renderer`.
                 Based on this configuration the method :meth:`search` behaves slightly
                 different.
                 """
                 readme_re = re.compile(r'^readme(\.[^\.]+)?$', re.IGNORECASE)
                 path_re = re.compile(r'^docs?', re.IGNORECASE)
                 default_priorities = {
                     None: 0,
                     '.text': 2,
                     '.txt': 3,
                     '.rst': 1,
                     '.rest': 2,
                     '.md': 1,
                     '.mkdn': 2,
                     '.mdown': 3,
                     '.markdown': 4,
                 }
                 path_priority = {
                     'doc': 0,
                     'docs': 1,
                 }
                 FALLBACK_PRIORITY = 99
                 RENDERER_TO_EXTENSION = {
                     'rst': ['.rst', '.rest'],
                     'markdown': ['.md', 'mkdn', '.mdown', '.markdown'],
                 }
                 def __init__(self, default_renderer=None):
                     self._default_renderer = default_renderer
                     self._renderer_extensions = self.RENDERER_TO_EXTENSION.get(
                         default_renderer, [])
                 def search(self, commit, path='/'):
                     """
                     Find a readme in the given `commit`.
                     """
                     nodes = commit.get_nodes(path)
                     matches = self._match_readmes(nodes)
                     matches = self._sort_according_to_priority(matches)
                     if matches:
                         return matches[0].node
                     paths = self._match_paths(nodes)
                     paths = self._sort_paths_according_to_priority(paths)
                     for path in paths:
                         match = self.search(commit, path=path)
                         if match:
                             return match
                     return None
                 def _match_readmes(self, nodes):
                     for node in nodes:
                         if not node.is_file():
                             continue
                         path = node.path.rsplit('/', 1)[-1]
                         match = self.readme_re.match(path)
                         if match:
                             extension = match.group(1)
                             yield ReadmeMatch(node, match, self._priority(extension))
                 def _match_paths(self, nodes):
                     for node in nodes:
                         if not node.is_dir():
                             continue
                         match = self.path_re.match(node.path)
                         if match:
                             yield node.path
                 def _priority(self, extension):
                     renderer_priority = (
 if extension in self._renderer_extensions else 1)
                     extension_priority = self.default_priorities.get(
                         extension, self.FALLBACK_PRIORITY)
                     return (renderer_priority, extension_priority)
                 def _sort_according_to_priority(self, matches):
                     def priority_and_path(match):
                         return (match.priority, match.path)
                     return sorted(matches, key=priority_and_path)
                 def _sort_paths_according_to_priority(self, paths):
                     def priority_and_path(path):
                         return (self.path_priority.get(path, self.FALLBACK_PRIORITY), path)
                     return sorted(paths, key=priority_and_path)
             class ReadmeMatch:
                 def __init__(self, node, match, priority):
                     self.node = node
                     self._match = match
                     self.priority = priority
                 @property
                 def path(self):
                     return self.node.path
                 def __repr__(self):
                     return '<ReadmeMatch {} priority={}'.format(self.path, self.priority)

rhodecode/model/user_group.py

0 +48 -3

             # -*- coding: utf-8 -*-
             # Copyright (C) 2011-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             user group model for RhodeCode
             """
             import logging
             import traceback
-            from rhodecode.lib.utils2 import safe_str
+            from rhodecode.lib.utils2 import safe_str, safe_unicode
             from rhodecode.model import BaseModel
-            from rhodecode.model.db import UserGroupMember, UserGroup,\
+            from rhodecode.model.scm import UserGroupList
+            from rhodecode.model.db import true, func, UserGroupMember, UserGroup,\
                 UserGroupRepoToPerm, Permission, UserGroupToPerm, User, UserUserGroupToPerm,\
                 UserGroupUserGroupToPerm, UserGroupRepoGroupToPerm
             from rhodecode.lib.exceptions import UserGroupAssignedException,\
                 RepoGroupAssignmentError
             from rhodecode.lib.utils2 import get_current_rhodecode_user, action_logger_generic
             log = logging.getLogger(__name__)
             class UserGroupModel(BaseModel):
                 cls = UserGroup
                 def _get_user_group(self, user_group):
                     return self._get_instance(UserGroup, user_group,
                                               callback=UserGroup.get_by_group_name)
                 def _create_default_perms(self, user_group):
                     # create default permission
                     default_perm = 'usergroup.read'
                     def_user = User.get_default_user()
                     for p in def_user.user_perms:
                         if p.permission.permission_name.startswith('usergroup.'):
                             default_perm = p.permission.permission_name
                             break
                     user_group_to_perm = UserUserGroupToPerm()
                     user_group_to_perm.permission = Permission.get_by_key(default_perm)
                     user_group_to_perm.user_group = user_group
                     user_group_to_perm.user_id = def_user.user_id
                     return user_group_to_perm
                 def update_permissions(self, user_group, perm_additions=None, perm_updates=None,
                                        perm_deletions=None, check_perms=True, cur_user=None):
                     from rhodecode.lib.auth import HasUserGroupPermissionAny
                     if not perm_additions:
                         perm_additions = []
                     if not perm_updates:
                         perm_updates = []
                     if not perm_deletions:
                         perm_deletions = []
                     req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin')
                     # update permissions
                     for member_id, perm, member_type in perm_updates:
                         member_id = int(member_id)
                         if member_type == 'user':
                             # this updates existing one
                             self.grant_user_permission(
                                 user_group=user_group, user=member_id, perm=perm
                             )
                         else:
                             # check if we have permissions to alter this usergroup
                             member_name = UserGroup.get(member_id).users_group_name
                             if not check_perms or HasUserGroupPermissionAny(*req_perms)(member_name, user=cur_user):
                                 self.grant_user_group_permission(
                                     target_user_group=user_group, user_group=member_id, perm=perm
                                 )
                     # set new permissions
                     for member_id, perm, member_type in perm_additions:
                         member_id = int(member_id)
                         if member_type == 'user':
                             self.grant_user_permission(
                                 user_group=user_group, user=member_id, perm=perm
                             )
                         else:
                             # check if we have permissions to alter this usergroup
                             member_name = UserGroup.get(member_id).users_group_name
                             if not check_perms or HasUserGroupPermissionAny(*req_perms)(member_name, user=cur_user):
                                 self.grant_user_group_permission(
                                     target_user_group=user_group, user_group=member_id, perm=perm
                                 )
                     # delete permissions
                     for member_id, perm, member_type in perm_deletions:
                         member_id = int(member_id)
                         if member_type == 'user':
                             self.revoke_user_permission(user_group=user_group, user=member_id)
                         else:
                             #check if we have permissions to alter this usergroup
                             member_name = UserGroup.get(member_id).users_group_name
                             if not check_perms or HasUserGroupPermissionAny(*req_perms)(member_name, user=cur_user):
                                 self.revoke_user_group_permission(
                                     target_user_group=user_group, user_group=member_id
                                 )
                 def get(self, user_group_id, cache=False):
                     return UserGroup.get(user_group_id)
                 def get_group(self, user_group):
                     return self._get_user_group(user_group)
                 def get_by_name(self, name, cache=False, case_insensitive=False):
                     return UserGroup.get_by_group_name(name, cache, case_insensitive)
                 def create(self, name, description, owner, active=True, group_data=None):
                     try:
                         new_user_group = UserGroup()
                         new_user_group.user = self._get_user(owner)
                         new_user_group.users_group_name = name
                         new_user_group.user_group_description = description
                         new_user_group.users_group_active = active
                         if group_data:
                             new_user_group.group_data = group_data
                         self.sa.add(new_user_group)
                         perm_obj = self._create_default_perms(new_user_group)
                         self.sa.add(perm_obj)
                         self.grant_user_permission(user_group=new_user_group,
                                                    user=owner, perm='usergroup.admin')
                         return new_user_group
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def _get_memberships_for_user_ids(self, user_group, user_id_list):
                     members = []
                     for user_id in user_id_list:
                         member = self._get_membership(user_group.users_group_id, user_id)
                         members.append(member)
                     return members
                 def _get_added_and_removed_user_ids(self, user_group, user_id_list):
                     current_members = user_group.members or []
                     current_members_ids = [m.user.user_id for m in current_members]
                     added_members = [
                         user_id for user_id in user_id_list
                         if user_id not in current_members_ids]
                     if user_id_list == []:
                         # all members were deleted
                         deleted_members = current_members_ids
                     else:
                         deleted_members = [
                             user_id for user_id in current_members_ids
                             if user_id not in user_id_list]
                     return (added_members, deleted_members)
                 def _set_users_as_members(self, user_group, user_ids):
                     user_group.members = []
                     self.sa.flush()
                     members = self._get_memberships_for_user_ids(
                         user_group, user_ids)
                     user_group.members = members
                     self.sa.add(user_group)
                 def _update_members_from_user_ids(self, user_group, user_ids):
                     added, removed = self._get_added_and_removed_user_ids(
                         user_group, user_ids)
                     self._set_users_as_members(user_group, user_ids)
                     self._log_user_changes('added to', user_group, added)
                     self._log_user_changes('removed from', user_group, removed)
                 def _clean_members_data(self, members_data):
                     if not members_data:
                         members_data = []
                     members = []
                     for user in members_data:
                         uid = int(user['member_user_id'])
                         if uid not in members and user['type'] in ['new', 'existing']:
                             members.append(uid)
                     return members
                 def update(self, user_group, form_data):
                     user_group = self._get_user_group(user_group)
                     if 'users_group_name' in form_data:
                         user_group.users_group_name = form_data['users_group_name']
                     if 'users_group_active' in form_data:
                         user_group.users_group_active = form_data['users_group_active']
                     if 'user_group_description' in form_data:
                         user_group.user_group_description = form_data[
                             'user_group_description']
                     # handle owner change
                     if 'user' in form_data:
                         owner = form_data['user']
                         if isinstance(owner, basestring):
                             owner = User.get_by_username(form_data['user'])
                         if not isinstance(owner, User):
                             raise ValueError(
                                 'invalid owner for user group: %s' % form_data['user'])
                         user_group.user = owner
                     if 'users_group_members' in form_data:
                         members_id_list = self._clean_members_data(
                             form_data['users_group_members'])
                         self._update_members_from_user_ids(user_group, members_id_list)
                     self.sa.add(user_group)
                 def delete(self, user_group, force=False):
                     """
                     Deletes repository group, unless force flag is used
                     raises exception if there are members in that group, else deletes
                     group and users
                     :param user_group:
                     :param force:
                     """
                     user_group = self._get_user_group(user_group)
                     try:
                         # check if this group is not assigned to repo
                         assigned_to_repo = [x.repository for x in UserGroupRepoToPerm.query()\
                             .filter(UserGroupRepoToPerm.users_group == user_group).all()]
                         # check if this group is not assigned to repo
                         assigned_to_repo_group = [x.group for x in UserGroupRepoGroupToPerm.query()\
                             .filter(UserGroupRepoGroupToPerm.users_group == user_group).all()]
                         if (assigned_to_repo or assigned_to_repo_group) and not force:
                             assigned = ','.join(map(safe_str,
                                                 assigned_to_repo+assigned_to_repo_group))
                             raise UserGroupAssignedException(
                                 'UserGroup assigned to %s' % (assigned,))
                         self.sa.delete(user_group)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def _log_user_changes(self, action, user_group, user_or_users):
                     users = user_or_users
                     if not isinstance(users, (list, tuple)):
                         users = [users]
                     rhodecode_user = get_current_rhodecode_user()
                     ipaddr = getattr(rhodecode_user, 'ip_addr', '')
                     group_name = user_group.users_group_name
                     for user_or_user_id in users:
                         user = self._get_user(user_or_user_id)
                         log_text = 'User {user} {action} {group}'.format(
                             action=action, user=user.username, group=group_name)
                         log.info('Logging action: {0} by {1} ip:{2}'.format(
                                  log_text, rhodecode_user, ipaddr))
                 def _find_user_in_group(self, user, user_group):
                     user_group_member = None
                     for m in user_group.members:
                         if m.user_id == user.user_id:
                             # Found this user's membership row
                             user_group_member = m
                             break
                     return user_group_member
                 def _get_membership(self, user_group_id, user_id):
                     user_group_member = UserGroupMember(user_group_id, user_id)
                     return user_group_member
                 def add_user_to_group(self, user_group, user):
                     user_group = self._get_user_group(user_group)
                     user = self._get_user(user)
                     user_member = self._find_user_in_group(user, user_group)
                     if user_member:
                         # user already in the group, skip
                         return True
                     member = self._get_membership(
                         user_group.users_group_id, user.user_id)
                     user_group.members.append(member)
                     try:
                         self.sa.add(member)
                     except Exception:
                         # what could go wrong here?
                         log.error(traceback.format_exc())
                         raise
                     self._log_user_changes('added to', user_group, user)
                     return member
                 def remove_user_from_group(self, user_group, user):
                     user_group = self._get_user_group(user_group)
                     user = self._get_user(user)
                     user_group_member = self._find_user_in_group(user, user_group)
                     if not user_group_member:
                         # User isn't in that group
                         return False
                     try:
                         self.sa.delete(user_group_member)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                     self._log_user_changes('removed from', user_group, user)
                     return True
                 def has_perm(self, user_group, perm):
                     user_group = self._get_user_group(user_group)
                     perm = self._get_perm(perm)
                     return UserGroupToPerm.query()\
                         .filter(UserGroupToPerm.users_group == user_group)\
                         .filter(UserGroupToPerm.permission == perm).scalar() is not None
                 def grant_perm(self, user_group, perm):
                     user_group = self._get_user_group(user_group)
                     perm = self._get_perm(perm)
                     # if this permission is already granted skip it
                     _perm = UserGroupToPerm.query()\
                         .filter(UserGroupToPerm.users_group == user_group)\
                         .filter(UserGroupToPerm.permission == perm)\
                         .scalar()
                     if _perm:
                         return
                     new = UserGroupToPerm()
                     new.users_group = user_group
                     new.permission = perm
                     self.sa.add(new)
                     return new
                 def revoke_perm(self, user_group, perm):
                     user_group = self._get_user_group(user_group)
                     perm = self._get_perm(perm)
                     obj = UserGroupToPerm.query()\
                         .filter(UserGroupToPerm.users_group == user_group)\
                         .filter(UserGroupToPerm.permission == perm).scalar()
                     if obj:
                         self.sa.delete(obj)
                 def grant_user_permission(self, user_group, user, perm):
                     """
                     Grant permission for user on given user group, or update
                     existing one if found
                     :param user_group: Instance of UserGroup, users_group_id,
                         or users_group_name
                     :param user: Instance of User, user_id or username
                     :param perm: Instance of Permission, or permission_name
                     """
                     user_group = self._get_user_group(user_group)
                     user = self._get_user(user)
                     permission = self._get_perm(perm)
                     # check if we have that permission already
                     obj = self.sa.query(UserUserGroupToPerm)\
                         .filter(UserUserGroupToPerm.user == user)\
                         .filter(UserUserGroupToPerm.user_group == user_group)\
                         .scalar()
                     if obj is None:
                         # create new !
                         obj = UserUserGroupToPerm()
                     obj.user_group = user_group
                     obj.user = user
                     obj.permission = permission
                     self.sa.add(obj)
                     log.debug('Granted perm %s to %s on %s', perm, user, user_group)
                     action_logger_generic(
                         'granted permission: {} to user: {} on usergroup: {}'.format(
                             perm, user, user_group), namespace='security.usergroup')
                     return obj
                 def revoke_user_permission(self, user_group, user):
                     """
                     Revoke permission for user on given user group
                     :param user_group: Instance of UserGroup, users_group_id,
                         or users_group name
                     :param user: Instance of User, user_id or username
                     """
                     user_group = self._get_user_group(user_group)
                     user = self._get_user(user)
                     obj = self.sa.query(UserUserGroupToPerm)\
                         .filter(UserUserGroupToPerm.user == user)\
                         .filter(UserUserGroupToPerm.user_group == user_group)\
                         .scalar()
                     if obj:
                         self.sa.delete(obj)
                         log.debug('Revoked perm on %s on %s', user_group, user)
                         action_logger_generic(
                             'revoked permission from user: {} on usergroup: {}'.format(
                                 user, user_group), namespace='security.usergroup')
                 def grant_user_group_permission(self, target_user_group, user_group, perm):
                     """
                     Grant user group permission for given target_user_group
                     :param target_user_group:
                     :param user_group:
                     :param perm:
                     """
                     target_user_group = self._get_user_group(target_user_group)
                     user_group = self._get_user_group(user_group)
                     permission = self._get_perm(perm)
                     # forbid assigning same user group to itself
                     if target_user_group == user_group:
                         raise RepoGroupAssignmentError('target repo:%s cannot be '
                                                        'assigned to itself' % target_user_group)
                     # check if we have that permission already
                     obj = self.sa.query(UserGroupUserGroupToPerm)\
                         .filter(UserGroupUserGroupToPerm.target_user_group == target_user_group)\
                         .filter(UserGroupUserGroupToPerm.user_group == user_group)\
                         .scalar()
                     if obj is None:
                         # create new !
                         obj = UserGroupUserGroupToPerm()
                     obj.user_group = user_group
                     obj.target_user_group = target_user_group
                     obj.permission = permission
                     self.sa.add(obj)
                     log.debug(
                         'Granted perm %s to %s on %s', perm, target_user_group, user_group)
                     action_logger_generic(
                         'granted permission: {} to usergroup: {} on usergroup: {}'.format(
                             perm, user_group, target_user_group),
                         namespace='security.usergroup')
                     return obj
                 def revoke_user_group_permission(self, target_user_group, user_group):
                     """
                     Revoke user group permission for given target_user_group
                     :param target_user_group:
                     :param user_group:
                     """
                     target_user_group = self._get_user_group(target_user_group)
                     user_group = self._get_user_group(user_group)
                     obj = self.sa.query(UserGroupUserGroupToPerm)\
                         .filter(UserGroupUserGroupToPerm.target_user_group == target_user_group)\
                         .filter(UserGroupUserGroupToPerm.user_group == user_group)\
                         .scalar()
                     if obj:
                         self.sa.delete(obj)
                         log.debug(
                             'Revoked perm on %s on %s', target_user_group, user_group)
                         action_logger_generic(
                             'revoked permission from usergroup: {} on usergroup: {}'.format(
                                 user_group, target_user_group),
                             namespace='security.repogroup')
                 def enforce_groups(self, user, groups, extern_type=None):
                     user = self._get_user(user)
                     log.debug('Enforcing groups %s on user %s', groups, user)
                     current_groups = user.group_member
                     # find the external created groups
                     externals = [x.users_group for x in current_groups
                                  if 'extern_type' in x.users_group.group_data]
                     # calculate from what groups user should be removed
                     # externals that are not in groups
                     for gr in externals:
                         if gr.users_group_name not in groups:
                             log.debug('Removing user %s from user group %s', user, gr)
                             self.remove_user_from_group(gr, user)
                     # now we calculate in which groups user should be == groups params
                     owner = User.get_first_super_admin().username
                     for gr in set(groups):
                         existing_group = UserGroup.get_by_group_name(gr)
                         if not existing_group:
                             desc = 'Automatically created from plugin:%s' % extern_type
                             # we use first admin account to set the owner of the group
                             existing_group = UserGroupModel().create(
                                 gr, desc, owner, group_data={'extern_type': extern_type})
                         # we can only add users to special groups created via plugins
                         managed = 'extern_type' in existing_group.group_data
                         if managed:
                             log.debug('Adding user %s to user group %s', user, gr)
                             UserGroupModel().add_user_to_group(existing_group, user)
                         else:
                             log.debug('Skipping addition to group %s since it is '
                                       'not set to be automatically synchronized' % gr)
                 def change_groups(self, user, groups):
                     """
                     This method changes user group assignment
                     :param user:  User
                     :param groups: array of UserGroupModel
                     :return:
                     """
                     user = self._get_user(user)
                     log.debug('Changing user(%s) assignment to groups(%s)', user, groups)
                     current_groups = user.group_member
                     current_groups = [x.users_group for x in current_groups]
                     # calculate from what groups user should be removed/add
                     groups = set(groups)
                     current_groups = set(current_groups)
                     groups_to_remove = current_groups - groups
                     groups_to_add = groups - current_groups
                     for gr in groups_to_remove:
                         log.debug('Removing user %s from user group %s', user.username, gr.users_group_name)
                         self.remove_user_from_group(gr.users_group_name, user.username)
                     for gr in groups_to_add:
                         log.debug('Adding user %s to user group %s', user.username, gr.users_group_name)
                         UserGroupModel().add_user_to_group(gr.users_group_name, user.username)
+                def get_user_groups(self, name_contains=None, limit=20, only_active=True,
+                                    expand_groups=False):
+                    import rhodecode.lib.helpers as h
+                    query = self.sa.query(UserGroup)
+                    if only_active:
+                        query = query.filter(UserGroup.users_group_active == true())
+                    if name_contains:
+                        ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
+                        query = query.filter(
+                            UserGroup.users_group_name.ilike(ilike_expression))\
+                            .order_by(func.length(UserGroup.users_group_name))\
+                            .order_by(UserGroup.users_group_name)
+                        query = query.limit(limit)
+                    user_groups = query.all()
+                    perm_set = ['usergroup.read', 'usergroup.write', 'usergroup.admin']
+                    user_groups = UserGroupList(user_groups, perm_set=perm_set)
+                    _groups = [
+                        {
+                            'id': group.users_group_id,
+                            # TODO: marcink figure out a way to generate the url for the
+                            # icon
+                            'icon_link': '',
+                            'value_display': 'Group: %s (%d members)' % (
+                                group.users_group_name, len(group.members),),
+                            'value': group.users_group_name,
+                            'description': group.user_group_description,
+                            'owner': group.user.username,
+                            'owner_icon': h.gravatar_url(group.user.email, 30),
+                            'value_display_owner': h.person(group.user.email),
+                            'value_type': 'user_group',
+                            'active': group.users_group_active,
+                        }
+                        for group in user_groups
+                    ]
+                    return _groups
                 @staticmethod
                 def get_user_groups_as_dict(user_group):
                     import rhodecode.lib.helpers as h
                     data = {
                         'users_group_id': user_group.users_group_id,
                         'group_name': user_group.users_group_name,
                         'group_description': user_group.user_group_description,
                         'active': user_group.users_group_active,
                         "owner": user_group.user.username,
                         'owner_icon': h.gravatar_url(user_group.user.email, 30),
-                        "owner_data": {'owner': user_group.user.username, 'owner_icon': h.gravatar_url(user_group.user.email, 30)}
+                        "owner_data": {
+                            'owner': user_group.user.username,
+                            'owner_icon': h.gravatar_url(user_group.user.email, 30)}
                         }
                     return data

rhodecode/tests/models/test_repos.py

0 +1 -59

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import tempfile
             import mock
             import pytest
             from rhodecode.lib.exceptions import AttachedForksError
             from rhodecode.lib.utils import make_db_config
             from rhodecode.model.db import Repository
             from rhodecode.model.meta import Session
             from rhodecode.model.repo import RepoModel
             from rhodecode.model.scm import ScmModel
-            from rhodecode.lib.utils2 import safe_unicode
-            class TestRepoModel:
+            class TestRepoModel(object):
                 def test_remove_repo(self, backend):
                     repo = backend.create_repo()
                     Session().commit()
                     RepoModel().delete(repo=repo)
                     Session().commit()
                     repos = ScmModel().repo_scan()
                     assert Repository.get_by_repo_name(repo_name=backend.repo_name) is None
                     assert repo.repo_name not in repos
                 def test_remove_repo_raises_exc_when_attached_forks(self, backend):
                     repo = backend.create_repo()
                     Session().commit()
                     backend.create_fork()
                     Session().commit()
                     with pytest.raises(AttachedForksError):
                         RepoModel().delete(repo=repo)
                 def test_remove_repo_delete_forks(self, backend):
                     repo = backend.create_repo()
                     Session().commit()
                     fork = backend.create_fork()
                     Session().commit()
                     fork_of_fork = backend.create_fork()
                     Session().commit()
                     RepoModel().delete(repo=repo, forks='delete')
                     Session().commit()
                     assert Repository.get_by_repo_name(repo_name=repo.repo_name) is None
                     assert Repository.get_by_repo_name(repo_name=fork.repo_name) is None
                     assert (
                         Repository.get_by_repo_name(repo_name=fork_of_fork.repo_name)
                         is None)
                 def test_remove_repo_detach_forks(self, backend):
                     repo = backend.create_repo()
                     Session().commit()
                     fork = backend.create_fork()
                     Session().commit()
                     fork_of_fork = backend.create_fork()
                     Session().commit()
                     RepoModel().delete(repo=repo, forks='detach')
                     Session().commit()
                     assert Repository.get_by_repo_name(repo_name=repo.repo_name) is None
                     assert (
                         Repository.get_by_repo_name(repo_name=fork.repo_name) is not None)
                     assert (
                         Repository.get_by_repo_name(repo_name=fork_of_fork.repo_name)
                         is not None)
                 @pytest.mark.parametrize("filename, expected", [
                     ("README", True),
                     ("README.rst", False),
                 ])
                 def test_filenode_is_link(self, vcsbackend, filename, expected):
                     repo = vcsbackend.repo
                     assert repo.get_commit().is_link(filename) is expected
                 def test_get_commit(self, backend):
                     backend.repo.get_commit()
                 def test_get_changeset_is_deprecated(self, backend):
                     repo = backend.repo
                     pytest.deprecated_call(repo.get_changeset)
                 def test_clone_url_encrypted_value(self, backend):
                     repo = backend.create_repo()
                     Session().commit()
                     repo.clone_url = 'https://marcink:qweqwe@code.rhodecode.com'
                     Session().add(repo)
                     Session().commit()
                     assert repo.clone_url == 'https://marcink:qweqwe@code.rhodecode.com'
                 @pytest.mark.backends("git", "svn")
                 def test_create_filesystem_repo_installs_hooks(self, tmpdir, backend):
                     hook_methods = {
                         'git': 'install_git_hook',
                         'svn': 'install_svn_hooks'
                     }
                     repo = backend.create_repo()
                     repo_name = repo.repo_name
                     model = RepoModel()
                     repo_location = tempfile.mkdtemp()
                     model.repos_path = repo_location
                     method = hook_methods[backend.alias]
                     with mock.patch.object(ScmModel, method) as hooks_mock:
                         model._create_filesystem_repo(
                             repo_name, backend.alias, repo_group='', clone_uri=None)
                     assert hooks_mock.call_count == 1
                     hook_args, hook_kwargs = hooks_mock.call_args
                     assert hook_args[0].name == repo_name
                 @pytest.mark.parametrize("use_global_config, repo_name_passed", [
                     (True, False),
                     (False, True)
                 ])
                 def test_per_repo_config_is_generated_during_filesystem_repo_creation(
                         self, tmpdir, backend, use_global_config, repo_name_passed):
                     repo_name = 'test-{}-repo-{}'.format(backend.alias, use_global_config)
                     config = make_db_config()
                     model = RepoModel()
                     with mock.patch('rhodecode.model.repo.make_db_config') as config_mock:
                         config_mock.return_value = config
                         model._create_filesystem_repo(
                             repo_name, backend.alias, repo_group='', clone_uri=None,
                             use_global_config=use_global_config)
                     expected_repo_name = repo_name if repo_name_passed else None
                     expected_call = mock.call(clear_session=False, repo=expected_repo_name)
                     assert expected_call in config_mock.call_args_list
                 def test_update_commit_cache_with_config(serf, backend):
                     repo = backend.create_repo()
                     with mock.patch('rhodecode.model.db.Repository.scm_instance') as scm:
                         scm_instance = mock.Mock()
                         scm_instance.get_commit.return_value = {
                             'raw_id': 40*'0',
                             'revision': 1
                         }
                         scm.return_value = scm_instance
                         repo.update_commit_cache()
                         scm.assert_called_with(cache=False, config=None)
                         config = {'test': 'config'}
                         repo.update_commit_cache(config=config)
                         scm.assert_called_with(
                             cache=False, config=config)
             class TestGetUsers(object):
                 def test_returns_active_users(self, backend, user_util):
                     for i in range(4):
                         is_active = i % 2 == 0
                         user_util.create_user(active=is_active, lastname='Fake user')
                     with mock.patch('rhodecode.lib.helpers.gravatar_url'):
                         users = RepoModel().get_users()
                     fake_users = [u for u in users if u['last_name'] == 'Fake user']
                     assert len(fake_users) == 2
                     expected_keys = (
                         'id', 'first_name', 'last_name', 'username', 'icon_link',
                         'value_display', 'value', 'value_type')
                     for user in users:
                         assert user['value_type'] is 'user'
                         for key in expected_keys:
                             assert key in user
                 def test_returns_user_filtered_by_last_name(self, backend, user_util):
                     keywords = ('aBc', u'ünicode')
                     for keyword in keywords:
                         for i in range(2):
                             user_util.create_user(
                                 active=True, lastname=u'Fake {} user'.format(keyword))
                     with mock.patch('rhodecode.lib.helpers.gravatar_url'):
                         keyword = keywords[1].lower()
                         users = RepoModel().get_users(name_contains=keyword)
                     fake_users = [u for u in users if u['last_name'].startswith('Fake')]
                     assert len(fake_users) == 2
                     for user in fake_users:
                         assert user['last_name'] == safe_unicode('Fake ünicode user')
                 def test_returns_user_filtered_by_first_name(self, backend, user_util):
                     created_users = []
                     keywords = ('aBc', u'ünicode')
                     for keyword in keywords:
                         for i in range(2):
                             created_users.append(user_util.create_user(
                                 active=True, lastname='Fake user',
                                 firstname=u'Fake {} user'.format(keyword)))
                     keyword = keywords[1].lower()
                     with mock.patch('rhodecode.lib.helpers.gravatar_url'):
                         users = RepoModel().get_users(name_contains=keyword)
                     fake_users = [u for u in users if u['last_name'].startswith('Fake')]
                     assert len(fake_users) == 2
                     for user in fake_users:
                         assert user['first_name'] == safe_unicode('Fake ünicode user')
                 def test_returns_user_filtered_by_username(self, backend, user_util):
                     created_users = []
                     for i in range(5):
                         created_users.append(user_util.create_user(
                             active=True, lastname='Fake user'))
                     user_filter = created_users[-1].username[-2:]
                     with mock.patch('rhodecode.lib.helpers.gravatar_url'):
                         users = RepoModel().get_users(name_contains=user_filter)
                     fake_users = [u for u in users if u['last_name'].startswith('Fake')]
                     assert len(fake_users) == 1
                     assert fake_users[0]['username'] == created_users[-1].username
                 def test_returns_limited_user_list(self, backend, user_util):
                     created_users = []
                     for i in range(5):
                         created_users.append(user_util.create_user(
                             active=True, lastname='Fake user'))
                     with mock.patch('rhodecode.lib.helpers.gravatar_url'):
                         users = RepoModel().get_users(name_contains='Fake', limit=3)
                     fake_users = [u for u in users if u['last_name'].startswith('Fake')]
                     assert len(fake_users) == 3
-            class TestGetUserGroups(object):
-                def test_returns_filtered_list(self, backend, user_util):
-                    created_groups = []
-                    for i in range(4):
-                        created_groups.append(
-                            user_util.create_user_group(users_group_active=True))
-                    group_filter = created_groups[-1].users_group_name[-2:]
-                    with mock.patch('rhodecode.lib.helpers.gravatar_url'):
-                        with self._patch_user_group_list():
-                            groups = RepoModel().get_user_groups(group_filter)
-                    fake_groups = [
-                        u for u in groups if u['value'].startswith('test_returns')]
-                    assert len(fake_groups) == 1
-                    assert fake_groups[0]['value'] == created_groups[-1].users_group_name
-                    assert fake_groups[0]['value_display'].startswith(
-                        'Group: test_returns')
-                def test_returns_limited_list(self, backend, user_util):
-                    created_groups = []
-                    for i in range(3):
-                        created_groups.append(
-                            user_util.create_user_group(users_group_active=True))
-                    with mock.patch('rhodecode.lib.helpers.gravatar_url'):
-                        with self._patch_user_group_list():
-                            groups = RepoModel().get_user_groups('test_returns')
-                    fake_groups = [
-                        u for u in groups if u['value'].startswith('test_returns')]
-                    assert len(fake_groups) == 3
-                def test_returns_active_user_groups(self, backend, user_util):
-                    for i in range(4):
-                        is_active = i % 2 == 0
-                        user_util.create_user_group(users_group_active=is_active)
-                    with mock.patch('rhodecode.lib.helpers.gravatar_url'):
-                        with self._patch_user_group_list():
-                            groups = RepoModel().get_user_groups()
-                    expected = ('id', 'icon_link', 'value_display', 'value', 'value_type')
-                    for group in groups:
-                        assert group['value_type'] is 'user_group'
-                        for key in expected:
-                            assert key in group
-                    fake_groups = [
-                        u for u in groups if u['value'].startswith('test_returns')]
-                    assert len(fake_groups) == 2
-                    for user in fake_groups:
-                        assert user['value_display'].startswith('Group: test_returns')
-                def _patch_user_group_list(self):
-                    def side_effect(group_list, perm_set):
-                        return group_list
-                    return mock.patch(
-                        'rhodecode.model.repo.UserGroupList', side_effect=side_effect)

rhodecode/tests/models/test_user_groups.py

0 +58 0

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import mock
             import pytest
             from rhodecode.model.db import User
             from rhodecode.tests import TEST_USER_REGULAR_LOGIN
             from rhodecode.tests.fixture import Fixture
             from rhodecode.model.user_group import UserGroupModel
             from rhodecode.model.meta import Session
             fixture = Fixture()
             def teardown_module(self):
                 _delete_all_user_groups()
+            class TestGetUserGroups(object):
+                def test_returns_filtered_list(self, backend, user_util):
+                    created_groups = []
+                    for i in range(4):
+                        created_groups.append(
+                            user_util.create_user_group(users_group_active=True))
+                    group_filter = created_groups[-1].users_group_name[-2:]
+                    with mock.patch('rhodecode.lib.helpers.gravatar_url'):
+                        with self._patch_user_group_list():
+                            groups = UserGroupModel().get_user_groups(group_filter)
+                    fake_groups = [
+                        u for u in groups if u['value'].startswith('test_returns')]
+                    assert len(fake_groups) == 1
+                    assert fake_groups[0]['value'] == created_groups[-1].users_group_name
+                    assert fake_groups[0]['value_display'].startswith(
+                        'Group: test_returns')
+                def test_returns_limited_list(self, backend, user_util):
+                    created_groups = []
+                    for i in range(3):
+                        created_groups.append(
+                            user_util.create_user_group(users_group_active=True))
+                    with mock.patch('rhodecode.lib.helpers.gravatar_url'):
+                        with self._patch_user_group_list():
+                            groups = UserGroupModel().get_user_groups('test_returns')
+                    fake_groups = [
+                        u for u in groups if u['value'].startswith('test_returns')]
+                    assert len(fake_groups) == 3
+                def test_returns_active_user_groups(self, backend, user_util):
+                    for i in range(4):
+                        is_active = i % 2 == 0
+                        user_util.create_user_group(users_group_active=is_active)
+                    with mock.patch('rhodecode.lib.helpers.gravatar_url'):
+                        with self._patch_user_group_list():
+                            groups = UserGroupModel().get_user_groups()
+                    expected = ('id', 'icon_link', 'value_display', 'value', 'value_type')
+                    for group in groups:
+                        assert group['value_type'] is 'user_group'
+                        for key in expected:
+                            assert key in group
+                    fake_groups = [
+                        u for u in groups if u['value'].startswith('test_returns')]
+                    assert len(fake_groups) == 2
+                    for user in fake_groups:
+                        assert user['value_display'].startswith('Group: test_returns')
+                def _patch_user_group_list(self):
+                    def side_effect(group_list, perm_set):
+                        return group_list
+                    return mock.patch(
+                        'rhodecode.model.user_group.UserGroupList', side_effect=side_effect)
             @pytest.mark.parametrize(
                 "pre_existing, regular_should_be, external_should_be, groups, "
                 "expected", [
                     ([], [], [], [], []),
                     # no changes of regular
                     ([], ['regular'], [], [], ['regular']),
                     # not added to regular group
                     (['some_other'], [], [], ['some_other'], []),
                     (
                         [], ['regular'], ['container'], ['container'],
                         ['regular', 'container']
                     ),
                     (
                         [], ['regular'], [], ['container', 'container2'],
                         ['regular', 'container', 'container2']
                     ),
                     # remove not used
                     ([], ['regular'], ['other'], [], ['regular']),
                     (
                         ['some_other'], ['regular'], ['other', 'container'],
                         ['container', 'container2'],
                         ['regular', 'container', 'container2']
                     ),
                 ])
             def test_enforce_groups(pre_existing, regular_should_be,
                                     external_should_be, groups, expected, backend_hg):
                 # TODO: anderson: adding backend_hg fixture so it sets up the database
                 # for when running this file alone
                 _delete_all_user_groups()
                 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
                 for gr in pre_existing:
                     gr = fixture.create_user_group(gr)
                 Session().commit()
                 # make sure use is just in those groups
                 for gr in regular_should_be:
                     gr = fixture.create_user_group(gr)
                     Session().commit()
                     UserGroupModel().add_user_to_group(gr, user)
                     Session().commit()
                 # now special external groups created by auth plugins
                 for gr in external_should_be:
                     gr = fixture.create_user_group(
                         gr, user_group_data={'extern_type': 'container'})
                     Session().commit()
                     UserGroupModel().add_user_to_group(gr, user)
                     Session().commit()
                 UserGroupModel().enforce_groups(user, groups, 'container')
                 Session().commit()
                 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
                 in_groups = user.group_member
                 expected.sort()
                 assert (
                     expected == sorted(x.users_group.users_group_name for x in in_groups))
             def _delete_all_user_groups():
                 for gr in UserGroupModel.get_all():
                     fixture.destroy_user_group(gr)
                 Session().commit()
             def test_add_and_remove_user_from_group(user_regular, user_util):
                 user_group = user_util.create_user_group()
                 assert user_group.members == []
                 UserGroupModel().add_user_to_group(user_group, user_regular)
                 Session().commit()
                 assert user_group.members[0].user == user_regular
                 UserGroupModel().remove_user_from_group(user_group, user_regular)
                 Session().commit()
                 assert user_group.members == []
             @pytest.mark.parametrize('data, expected', [
                 ([], []),
                 ([{"member_user_id": 1, "type": "new"}], [1]),
                 ([{"member_user_id": 1, "type": "new"},
                   {"member_user_id": 1, "type": "existing"}], [1]),
                 ([{"member_user_id": 1, "type": "new"},
                   {"member_user_id": 2, "type": "new"},
                   {"member_user_id": 3, "type": "remove"}], [1, 2])
             ])
             def test_clean_members_data(data, expected):
                 cleaned = UserGroupModel()._clean_members_data(data)
                 assert cleaned == expected
             def _create_test_members():
                 members = []
                 for member_number in range(3):
                     member = mock.Mock()
                     member.user_id = member_number + 1
                     member.user.user_id = member_number + 1
                     members.append(member)
                 return members
             def test_get_added_and_removed_users():
                 members = _create_test_members()
                 mock_user_group = mock.Mock()
                 mock_user_group.members = [members[0], members[1]]
                 new_users_list = [members[1].user.user_id, members[2].user.user_id]
                 model = UserGroupModel()
                 added, removed = model._get_added_and_removed_user_ids(
                     mock_user_group, new_users_list)
                 assert added == [members[2].user.user_id]
                 assert removed == [members[0].user.user_id]
             def test_set_users_as_members_and_find_user_in_group(
                     user_util, user_regular, user_admin):
                 user_group = user_util.create_user_group()
                 assert len(user_group.members) == 0
                 user_list = [user_regular.user_id, user_admin.user_id]
                 UserGroupModel()._set_users_as_members(user_group, user_list)
                 assert len(user_group.members) == 2
                 assert UserGroupModel()._find_user_in_group(user_regular, user_group)

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages