rhodecode-enterprise-ce Commit - r1891:485023e6

gists: migrated gists controller to pyramid view.

dan -

r1891:485023e6 default

parent child

rhodecode/apps/gist/__init__.py

0 created 644 +62 0

@@ -0,0 +1,62 b''
	1	# -- coding: utf-8 --
	2
	3	# Copyright (C) 2016-2017 RhodeCode GmbH
	4	#
	5	# This program is free software: you can redistribute it and/or modify
	6	# it under the terms of the GNU Affero General Public License, version 3
	7	# (only), as published by the Free Software Foundation.
	8	#
	9	# This program is distributed in the hope that it will be useful,
	10	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	# GNU General Public License for more details.
	13	#
	14	# You should have received a copy of the GNU Affero General Public License
	15	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	16	#
	17	# This program is dual-licensed. If you wish to learn more about the
	18	# RhodeCode Enterprise Edition, including its added features, Support services,
	19	# and proprietary license terms, please see https://rhodecode.com/licenses/
	20	from rhodecode.apps._base import ADMIN_PREFIX
	21
	22
	23	def admin_routes(config):
	24	config.add_route(
	25	name='gists_show', pattern='/gists')
	26	config.add_route(
	27	name='gists_new', pattern='/gists/new')
	28	config.add_route(
	29	name='gists_create', pattern='/gists/create')
	30
	31	config.add_route(
	32	name='gist_show', pattern='/gists/{gist_id}')
	33
	34	config.add_route(
	35	name='gist_delete', pattern='/gists/{gist_id}/delete')
	36
	37	config.add_route(
	38	name='gist_edit', pattern='/gists/{gist_id}/edit')
	39
	40	config.add_route(
	41	name='gist_edit_check_revision',
	42	pattern='/gists/{gist_id}/edit/check_revision')
	43
	44	config.add_route(
	45	name='gist_update', pattern='/gists/{gist_id}/update')
	46
	47	config.add_route(
	48	name='gist_show_rev',
	49	pattern='/gists/{gist_id}/{revision}')
	50	config.add_route(
	51	name='gist_show_formatted',
	52	pattern='/gists/{gist_id}/{revision}/{format}')
	53
	54	config.add_route(
	55	name='gist_show_formatted_path',
	56	pattern='/gists/{gist_id}/{revision}/{format}/{f_path:.*}')
	57
	58
	59	def includeme(config):
	60	config.include(admin_routes, route_prefix=ADMIN_PREFIX)
	61	# Scan module for configuration decorators.
	62	config.scan()

rhodecode/apps/gist/tests/__init__.py

0 created 644 +20 0

@@ -0,0 +1,20 b''
	1	# -- coding: utf-8 --
	2
	3	# Copyright (C) 2016-2017 RhodeCode GmbH
	4	#
	5	# This program is free software: you can redistribute it and/or modify
	6	# it under the terms of the GNU Affero General Public License, version 3
	7	# (only), as published by the Free Software Foundation.
	8	#
	9	# This program is distributed in the hope that it will be useful,
	10	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	# GNU General Public License for more details.
	13	#
	14	# You should have received a copy of the GNU Affero General Public License
	15	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	16	#
	17	# This program is dual-licensed. If you wish to learn more about the
	18	# RhodeCode Enterprise Edition, including its added features, Support services,
	19	# and proprietary license terms, please see https://rhodecode.com/licenses/
	20

rhodecode/apps/gist/views.py

0 created 644 +412 0

@@ -0,0 +1,412 b''
	1	# -- coding: utf-8 --
	2
	3	# Copyright (C) 2013-2017 RhodeCode GmbH
	4	#
	5	# This program is free software: you can redistribute it and/or modify
	6	# it under the terms of the GNU Affero General Public License, version 3
	7	# (only), as published by the Free Software Foundation.
	8	#
	9	# This program is distributed in the hope that it will be useful,
	10	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	# GNU General Public License for more details.
	13	#
	14	# You should have received a copy of the GNU Affero General Public License
	15	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	16	#
	17	# This program is dual-licensed. If you wish to learn more about the
	18	# RhodeCode Enterprise Edition, including its added features, Support services,
	19	# and proprietary license terms, please see https://rhodecode.com/licenses/
	20
	21	import time
	22	import logging
	23
	24	import formencode
	25	import peppercorn
	26
	27	from pyramid.httpexceptions import HTTPNotFound, HTTPForbidden, HTTPFound
	28	from pyramid.view import view_config
	29	from pyramid.renderers import render
	30	from pyramid.response import Response
	31
	32	from rhodecode.apps._base import BaseAppView
	33	from rhodecode.lib import helpers as h
	34	from rhodecode.lib.auth import LoginRequired, NotAnonymous, CSRFRequired
	35	from rhodecode.lib.utils2 import time_to_datetime
	36	from rhodecode.lib.ext_json import json
	37	from rhodecode.lib.vcs.exceptions import VCSError, NodeNotChangedError
	38	from rhodecode.model.gist import GistModel
	39	from rhodecode.model.meta import Session
	40	from rhodecode.model.db import Gist, User, or_
	41	from rhodecode.model import validation_schema
	42	from rhodecode.model.validation_schema.schemas import gist_schema
	43
	44
	45	log = logging.getLogger(__name__)
	46
	47
	48	class GistView(BaseAppView):
	49
	50	def load_default_context(self):
	51	_ = self.request.translate
	52	c = self._get_local_tmpl_context()
	53	c.user = c.auth_user.get_instance()
	54
	55	c.lifetime_values = [
	56	(-1, _('forever')),
	57	(5, _('5 minutes')),
	58	(60, _('1 hour')),
	59	(60 * 24, _('1 day')),
	60	(60 * 24 * 30, _('1 month')),
	61	]
	62
	63	c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
	64	c.acl_options = [
	65	(Gist.ACL_LEVEL_PRIVATE, _("Requires registered account")),
	66	(Gist.ACL_LEVEL_PUBLIC, _("Can be accessed by anonymous users"))
	67	]
	68
	69	self._register_global_c(c)
	70	return c
	71
	72	@LoginRequired()
	73	@view_config(
	74	route_name='gists_show', request_method='GET',
	75	renderer='rhodecode:templates/admin/gists/index.mako')
	76	def gist_show_all(self):
	77	c = self.load_default_context()
	78
	79	not_default_user = self._rhodecode_user.username != User.DEFAULT_USER
	80	c.show_private = self.request.GET.get('private') and not_default_user
	81	c.show_public = self.request.GET.get('public') and not_default_user
	82	c.show_all = self.request.GET.get('all') and self._rhodecode_user.admin
	83
	84	gists = _gists = Gist().query()\
	85	.filter(or_(Gist.gist_expires == -1, Gist.gist_expires >= time.time()))\
	86	.order_by(Gist.created_on.desc())
	87
	88	c.active = 'public'
	89	# MY private
	90	if c.show_private and not c.show_public:
	91	gists = _gists.filter(Gist.gist_type == Gist.GIST_PRIVATE)\
	92	.filter(Gist.gist_owner == self._rhodecode_user.user_id)
	93	c.active = 'my_private'
	94	# MY public
	95	elif c.show_public and not c.show_private:
	96	gists = _gists.filter(Gist.gist_type == Gist.GIST_PUBLIC)\
	97	.filter(Gist.gist_owner == self._rhodecode_user.user_id)
	98	c.active = 'my_public'
	99	# MY public+private
	100	elif c.show_private and c.show_public:
	101	gists = _gists.filter(or_(Gist.gist_type == Gist.GIST_PUBLIC,
	102	Gist.gist_type == Gist.GIST_PRIVATE))\
	103	.filter(Gist.gist_owner == self._rhodecode_user.user_id)
	104	c.active = 'my_all'
	105	# Show all by super-admin
	106	elif c.show_all:
	107	c.active = 'all'
	108	gists = _gists
	109
	110	# default show ALL public gists
	111	if not c.show_public and not c.show_private and not c.show_all:
	112	gists = _gists.filter(Gist.gist_type == Gist.GIST_PUBLIC)
	113	c.active = 'public'
	114
	115	from rhodecode.lib.utils import PartialRenderer
	116	_render = PartialRenderer('data_table/_dt_elements.mako')
	117
	118	data = []
	119
	120	for gist in gists:
	121	data.append({
	122	'created_on': _render('gist_created', gist.created_on),
	123	'created_on_raw': gist.created_on,
	124	'type': _render('gist_type', gist.gist_type),
	125	'access_id': _render('gist_access_id', gist.gist_access_id, gist.owner.full_contact),
	126	'author': _render('gist_author', gist.owner.full_contact, gist.created_on, gist.gist_expires),
	127	'author_raw': h.escape(gist.owner.full_contact),
	128	'expires': _render('gist_expires', gist.gist_expires),
	129	'description': _render('gist_description', gist.gist_description)
	130	})
	131	c.data = json.dumps(data)
	132
	133	return self._get_template_context(c)
	134
	135	@LoginRequired()
	136	@NotAnonymous()
	137	@view_config(
	138	route_name='gists_new', request_method='GET',
	139	renderer='rhodecode:templates/admin/gists/new.mako')
	140	def gist_new(self):
	141	c = self.load_default_context()
	142	return self._get_template_context(c)
	143
	144	@LoginRequired()
	145	@NotAnonymous()
	146	@CSRFRequired()
	147	@view_config(
	148	route_name='gists_create', request_method='POST',
	149	renderer='rhodecode:templates/admin/gists/new.mako')
	150	def gist_create(self):
	151	_ = self.request.translate
	152	c = self.load_default_context()
	153
	154	data = dict(self.request.POST)
	155	data['filename'] = data.get('filename') or Gist.DEFAULT_FILENAME
	156	data['nodes'] = [{
	157	'filename': data['filename'],
	158	'content': data.get('content'),
	159	'mimetype': data.get('mimetype') # None is autodetect
	160	}]
	161
	162	data['gist_type'] = (
	163	Gist.GIST_PUBLIC if data.get('public') else Gist.GIST_PRIVATE)
	164	data['gist_acl_level'] = (
	165	data.get('gist_acl_level') or Gist.ACL_LEVEL_PRIVATE)
	166
	167	schema = gist_schema.GistSchema().bind(
	168	lifetime_options=[x[0] for x in c.lifetime_values])
	169
	170	try:
	171
	172	schema_data = schema.deserialize(data)
	173	# convert to safer format with just KEYs so we sure no duplicates
	174	schema_data['nodes'] = gist_schema.sequence_to_nodes(
	175	schema_data['nodes'])
	176
	177	gist = GistModel().create(
	178	gist_id=schema_data['gistid'], # custom access id not real ID
	179	description=schema_data['description'],
	180	owner=self._rhodecode_user.user_id,
	181	gist_mapping=schema_data['nodes'],
	182	gist_type=schema_data['gist_type'],
	183	lifetime=schema_data['lifetime'],
	184	gist_acl_level=schema_data['gist_acl_level']
	185	)
	186	Session().commit()
	187	new_gist_id = gist.gist_access_id
	188	except validation_schema.Invalid as errors:
	189	defaults = data
	190	errors = errors.asdict()
	191
	192	if 'nodes.0.content' in errors:
	193	errors['content'] = errors['nodes.0.content']
	194	del errors['nodes.0.content']
	195	if 'nodes.0.filename' in errors:
	196	errors['filename'] = errors['nodes.0.filename']
	197	del errors['nodes.0.filename']
	198
	199	data = render('rhodecode:templates/admin/gists/new.mako',
	200	self._get_template_context(c), self.request)
	201	html = formencode.htmlfill.render(
	202	data,
	203	defaults=defaults,
	204	errors=errors,
	205	prefix_error=False,
	206	encoding="UTF-8",
	207	force_defaults=False
	208	)
	209	return Response(html)
	210
	211	except Exception:
	212	log.exception("Exception while trying to create a gist")
	213	h.flash(_('Error occurred during gist creation'), category='error')
	214	raise HTTPFound(h.route_url('gists_new'))
	215	raise HTTPFound(h.route_url('gist_show', gist_id=new_gist_id))
	216
	217	@LoginRequired()
	218	@NotAnonymous()
	219	@CSRFRequired()
	220	@view_config(
	221	route_name='gist_delete', request_method='POST')
	222	def gist_delete(self):
	223	_ = self.request.translate
	224	gist_id = self.request.matchdict['gist_id']
	225
	226	c = self.load_default_context()
	227	c.gist = Gist.get_or_404(gist_id)
	228
	229	owner = c.gist.gist_owner == self._rhodecode_user.user_id
	230	if not (h.HasPermissionAny('hg.admin')() or owner):
	231	log.warning('Deletion of Gist was forbidden '
	232	'by unauthorized user: `%s`', self._rhodecode_user)
	233	raise HTTPNotFound()
	234
	235	GistModel().delete(c.gist)
	236	Session().commit()
	237	h.flash(_('Deleted gist %s') % c.gist.gist_access_id, category='success')
	238
	239	raise HTTPFound(h.route_url('gists_show'))
	240
	241	def _get_gist(self, gist_id):
	242
	243	gist = Gist.get_or_404(gist_id)
	244
	245	# Check if this gist is expired
	246	if gist.gist_expires != -1:
	247	if time.time() > gist.gist_expires:
	248	log.error(
	249	'Gist expired at %s', time_to_datetime(gist.gist_expires))
	250	raise HTTPNotFound()
	251
	252	# check if this gist requires a login
	253	is_default_user = self._rhodecode_user.username == User.DEFAULT_USER
	254	if gist.acl_level == Gist.ACL_LEVEL_PRIVATE and is_default_user:
	255	log.error("Anonymous user %s tried to access protected gist `%s`",
	256	self._rhodecode_user, gist_id)
	257	raise HTTPNotFound()
	258	return gist
	259
	260	@LoginRequired()
	261	@view_config(
	262	route_name='gist_show', request_method='GET',
	263	renderer='rhodecode:templates/admin/gists/show.mako')
	264	@view_config(
	265	route_name='gist_show_rev', request_method='GET',
	266	renderer='rhodecode:templates/admin/gists/show.mako')
	267	@view_config(
	268	route_name='gist_show_formatted', request_method='GET',
	269	renderer=None)
	270	@view_config(
	271	route_name='gist_show_formatted_path', request_method='GET',
	272	renderer=None)
	273	def show(self):
	274	gist_id = self.request.matchdict['gist_id']
	275
	276	# TODO(marcink): expose those via matching dict
	277	revision = self.request.matchdict.get('revision', 'tip')
	278	f_path = self.request.matchdict.get('f_path', None)
	279	return_format = self.request.matchdict.get('format')
	280
	281	c = self.load_default_context()
	282	c.gist = self._get_gist(gist_id)
	283	c.render = not self.request.GET.get('no-render', False)
	284
	285	try:
	286	c.file_last_commit, c.files = GistModel().get_gist_files(
	287	gist_id, revision=revision)
	288	except VCSError:
	289	log.exception("Exception in gist show")
	290	raise HTTPNotFound()
	291
	292	if return_format == 'raw':
	293	content = '\n\n'.join([f.content for f in c.files
	294	if (f_path is None or f.path == f_path)])
	295	response = Response(content)
	296	response.content_type = 'text/plain'
	297	return response
	298
	299	return self._get_template_context(c)
	300
	301	@LoginRequired()
	302	@NotAnonymous()
	303	@view_config(
	304	route_name='gist_edit', request_method='GET',
	305	renderer='rhodecode:templates/admin/gists/edit.mako')
	306	def gist_edit(self):
	307	_ = self.request.translate
	308	gist_id = self.request.matchdict['gist_id']
	309	c = self.load_default_context()
	310	c.gist = self._get_gist(gist_id)
	311
	312	owner = c.gist.gist_owner == self._rhodecode_user.user_id
	313	if not (h.HasPermissionAny('hg.admin')() or owner):
	314	raise HTTPNotFound()
	315
	316	try:
	317	c.file_last_commit, c.files = GistModel().get_gist_files(gist_id)
	318	except VCSError:
	319	log.exception("Exception in gist edit")
	320	raise HTTPNotFound()
	321
	322	if c.gist.gist_expires == -1:
	323	expiry = _('never')
	324	else:
	325	# this cannot use timeago, since it's used in select2 as a value
	326	expiry = h.age(h.time_to_datetime(c.gist.gist_expires))
	327
	328	c.lifetime_values.append(
	329	(0, _('%(expiry)s - current value') % {'expiry': _(expiry)})
	330	)
	331
	332	return self._get_template_context(c)
	333
	334	@LoginRequired()
	335	@NotAnonymous()
	336	@CSRFRequired()
	337	@view_config(
	338	route_name='gist_update', request_method='POST',
	339	renderer='rhodecode:templates/admin/gists/edit.mako')
	340	def gist_update(self):
	341	_ = self.request.translate
	342	gist_id = self.request.matchdict['gist_id']
	343	c = self.load_default_context()
	344	c.gist = self._get_gist(gist_id)
	345
	346	owner = c.gist.gist_owner == self._rhodecode_user.user_id
	347	if not (h.HasPermissionAny('hg.admin')() or owner):
	348	raise HTTPNotFound()
	349
	350	data = peppercorn.parse(self.request.POST.items())
	351
	352	schema = gist_schema.GistSchema()
	353	schema = schema.bind(
	354	# '0' is special value to leave lifetime untouched
	355	lifetime_options=[x[0] for x in c.lifetime_values] + [0],
	356	)
	357
	358	try:
	359	schema_data = schema.deserialize(data)
	360	# convert to safer format with just KEYs so we sure no duplicates
	361	schema_data['nodes'] = gist_schema.sequence_to_nodes(
	362	schema_data['nodes'])
	363
	364	GistModel().update(
	365	gist=c.gist,
	366	description=schema_data['description'],
	367	owner=c.gist.owner,
	368	gist_mapping=schema_data['nodes'],
	369	lifetime=schema_data['lifetime'],
	370	gist_acl_level=schema_data['gist_acl_level']
	371	)
	372
	373	Session().commit()
	374	h.flash(_('Successfully updated gist content'), category='success')
	375	except NodeNotChangedError:
	376	# raised if nothing was changed in repo itself. We anyway then
	377	# store only DB stuff for gist
	378	Session().commit()
	379	h.flash(_('Successfully updated gist data'), category='success')
	380	except validation_schema.Invalid as errors:
	381	errors = errors.asdict()
	382	h.flash(_('Error occurred during update of gist {}: {}').format(
	383	gist_id, errors), category='error')
	384	except Exception:
	385	log.exception("Exception in gist edit")
	386	h.flash(_('Error occurred during update of gist %s') % gist_id,
	387	category='error')
	388
	389	raise HTTPFound(h.route_url('gist_show', gist_id=gist_id))
	390
	391	@LoginRequired()
	392	@NotAnonymous()
	393	@view_config(
	394	route_name='gist_edit_check_revision', request_method='GET',
	395	renderer='json_ext')
	396	def gist_edit_check_revision(self):
	397	_ = self.request.translate
	398	gist_id = self.request.matchdict['gist_id']
	399	c = self.load_default_context()
	400	c.gist = self._get_gist(gist_id)
	401
	402	last_rev = c.gist.scm_instance().get_commit()
	403	success = True
	404	revision = self.request.GET.get('revision')
	405
	406	if revision != last_rev.raw_id:
	407	log.error('Last revision %s is different then submitted %s'
	408	% (revision, last_rev))
	409	# our gist has newer version than we
	410	success = False
	411
	412	return {'success': success}

rhodecode/api/tests/test_get_gist.py

0 +4 -4

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import pytest
             from rhodecode.model.db import Gist
             from rhodecode.api.tests.utils import (
                 build_data, api_call, assert_error, assert_ok)
             @pytest.mark.usefixtures("testuser_api", "app")
             class TestApiGetGist(object):
-                def test_api_get_gist(self, gist_util, http_host_stub):
+                def test_api_get_gist(self, gist_util, http_host_only_stub):
                     gist = gist_util.create_gist()
                     gist_id = gist.gist_access_id
                     gist_created_on = gist.created_on
                     gist_modified_at = gist.modified_at
                     id_, params = build_data(
                         self.apikey, 'get_gist', gistid=gist_id, )
                     response = api_call(self.app, params)
                     expected = {
                         'access_id': gist_id,
                         'created_on': gist_created_on,
                         'modified_at': gist_modified_at,
                         'description': 'new-gist',
                         'expires': -1.0,
                         'gist_id': int(gist_id),
                         'type': 'public',
-                        'url': 'http://%s/_admin/gists/%s' % (http_host_stub, gist_id,),
+                        'url': 'http://%s/_admin/gists/%s' % (http_host_only_stub, gist_id,),
                         'acl_level': Gist.ACL_LEVEL_PUBLIC,
                         'content': None,
                     }
                     assert_ok(id_, expected, given=response.body)
-                def test_api_get_gist_with_content(self, gist_util, http_host_stub):
+                def test_api_get_gist_with_content(self, gist_util, http_host_only_stub):
                     mapping = {
                         u'filename1.txt': {'content': u'hello world'},
                         u'filename1ą.txt': {'content': u'hello worldę'}
                     }
                     gist = gist_util.create_gist(gist_mapping=mapping)
                     gist_id = gist.gist_access_id
                     gist_created_on = gist.created_on
                     gist_modified_at = gist.modified_at
                     id_, params = build_data(
                         self.apikey, 'get_gist', gistid=gist_id, content=True)
                     response = api_call(self.app, params)
                     expected = {
                         'access_id': gist_id,
                         'created_on': gist_created_on,
                         'modified_at': gist_modified_at,
                         'description': 'new-gist',
                         'expires': -1.0,
                         'gist_id': int(gist_id),
                         'type': 'public',
-                        'url': 'http://%s/_admin/gists/%s' % (http_host_stub, gist_id,),
+                        'url': 'http://%s/_admin/gists/%s' % (http_host_only_stub, gist_id,),
                         'acl_level': Gist.ACL_LEVEL_PUBLIC,
                         'content': {
                             u'filename1.txt': u'hello world',
                             u'filename1ą.txt': u'hello worldę'
                         },
                     }
                     assert_ok(id_, expected, given=response.body)
                 def test_api_get_gist_not_existing(self):
                     id_, params = build_data(
                         self.apikey_regular, 'get_gist', gistid='12345', )
                     response = api_call(self.app, params)
                     expected = 'gist `%s` does not exist' % ('12345',)
                     assert_error(id_, expected, given=response.body)
                 def test_api_get_gist_private_gist_without_permission(self, gist_util):
                     gist = gist_util.create_gist()
                     gist_id = gist.gist_access_id
                     id_, params = build_data(
                         self.apikey_regular, 'get_gist', gistid=gist_id, )
                     response = api_call(self.app, params)
                     expected = 'gist `%s` does not exist' % (gist_id,)
                     assert_error(id_, expected, given=response.body)

rhodecode/apps/gist/tests/test_admin_gists.py ~~rhodecode/tests/functional/test_admin_gists.py~~

0 renamed +73 -37

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import mock
             import pytest
             from rhodecode.lib import helpers as h
             from rhodecode.model.db import User, Gist
             from rhodecode.model.gist import GistModel
             from rhodecode.model.meta import Session
             from rhodecode.tests import (
                 TEST_USER_ADMIN_LOGIN, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,
-                TestController, assert_session_flash, url)
+                TestController, assert_session_flash)
+            def route_path(name, params=None, **kwargs):
+                import urllib
+                from rhodecode.apps._base import ADMIN_PREFIX
+                base_url = {
+                    'gists_show': ADMIN_PREFIX + '/gists',
+                    'gists_new': ADMIN_PREFIX + '/gists/new',
+                    'gists_create': ADMIN_PREFIX + '/gists/create',
+                    'gist_show': ADMIN_PREFIX + '/gists/{gist_id}',
+                    'gist_delete': ADMIN_PREFIX + '/gists/{gist_id}/delete',
+                    'gist_edit': ADMIN_PREFIX + '/gists/{gist_id}/edit',
+                    'gist_edit_check_revision': ADMIN_PREFIX + '/gists/{gist_id}/edit/check_revision',
+                    'gist_update': ADMIN_PREFIX + '/gists/{gist_id}/update',
+                    'gist_show_rev': ADMIN_PREFIX + '/gists/{gist_id}/{revision}',
+                    'gist_show_formatted': ADMIN_PREFIX + '/gists/{gist_id}/{revision}/{format}',
+                    'gist_show_formatted_path': ADMIN_PREFIX + '/gists/{gist_id}/{revision}/{format}/{f_path}',
+                }[name].format(**kwargs)
+                if params:
+                    base_url = '{}?{}'.format(base_url, urllib.urlencode(params))
+                return base_url
             class GistUtility(object):
                 def __init__(self):
                     self._gist_ids = []
                 def __call__(
                         self, f_name, content='some gist', lifetime=-1,
                         description='gist-desc', gist_type='public',
                         acl_level=Gist.GIST_PUBLIC, owner=TEST_USER_ADMIN_LOGIN):
                     gist_mapping = {
                         f_name: {'content': content}
                     }
                     user = User.get_by_username(owner)
                     gist = GistModel().create(
                         description, owner=user, gist_mapping=gist_mapping,
                         gist_type=gist_type, lifetime=lifetime, gist_acl_level=acl_level)
                     Session().commit()
                     self._gist_ids.append(gist.gist_id)
                     return gist
                 def cleanup(self):
                     for gist_id in self._gist_ids:
                         gist = Gist.get(gist_id)
                         if gist:
                             Session().delete(gist)
                     Session().commit()
             @pytest.fixture
             def create_gist(request):
                 gist_utility = GistUtility()
                 request.addfinalizer(gist_utility.cleanup)
                 return gist_utility
             class TestGistsController(TestController):
                 def test_index_empty(self, create_gist):
                     self.log_user()
-                    response = self.app.get(url('gists'))
+                    response = self.app.get(route_path('gists_show'))
                     response.mustcontain('data: [],')
                 def test_index(self, create_gist):
                     self.log_user()
                     g1 = create_gist('gist1')
                     g2 = create_gist('gist2', lifetime=1400)
                     g3 = create_gist('gist3', description='gist3-desc')
                     g4 = create_gist('gist4', gist_type='private').gist_access_id
-                    response = self.app.get(url('gists'))
+                    response = self.app.get(route_path('gists_show'))
                     response.mustcontain('gist: %s' % g1.gist_access_id)
                     response.mustcontain('gist: %s' % g2.gist_access_id)
                     response.mustcontain('gist: %s' % g3.gist_access_id)
                     response.mustcontain('gist3-desc')
                     response.mustcontain(no=['gist: %s' % g4])
                     # Expiration information should be visible
                     expires_tag = '%s' % h.age_component(
                         h.time_to_utcdatetime(g2.gist_expires))
                     response.mustcontain(expires_tag.replace('"', '\\"'))
                 def test_index_private_gists(self, create_gist):
                     self.log_user()
                     gist = create_gist('gist5', gist_type='private')
-                    response = self.app.get(url('gists', private=1))
+                    response = self.app.get(route_path('gists_show', params=dict(private=1)))
                     # and privates
                     response.mustcontain('gist: %s' % gist.gist_access_id)
                 def test_index_show_all(self, create_gist):
                     self.log_user()
                     create_gist('gist1')
                     create_gist('gist2', lifetime=1400)
                     create_gist('gist3', description='gist3-desc')
                     create_gist('gist4', gist_type='private')
-                    response = self.app.get(url('gists', all=1))
+                    response = self.app.get(route_path('gists_show', params=dict(all=1)))
                     assert len(GistModel.get_all()) == 4
                     # and privates
                     for gist in GistModel.get_all():
                         response.mustcontain('gist: %s' % gist.gist_access_id)
                 def test_index_show_all_hidden_from_regular(self, create_gist):
                     self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
                     create_gist('gist2', gist_type='private')
                     create_gist('gist3', gist_type='private')
                     create_gist('gist4', gist_type='private')
-                    response = self.app.get(url('gists', all=1))
+                    response = self.app.get(route_path('gists_show', params=dict(all=1)))
                     assert len(GistModel.get_all()) == 3
                     # since we don't have access to private in this view, we
                     # should see nothing
                     for gist in GistModel.get_all():
                         response.mustcontain(no=['gist: %s' % gist.gist_access_id])
                 def test_create(self):
                     self.log_user()
                     response = self.app.post(
-                        url('gists'),
+                        route_path('gists_create'),
                         params={'lifetime': -1,
                                 'content': 'gist test',
                                 'filename': 'foo',
                                 'public': 'public',
                                 'gist_acl_level': Gist.ACL_LEVEL_PUBLIC,
                                 'csrf_token': self.csrf_token},
                         status=302)
                     response = response.follow()
                     response.mustcontain('added file: foo')
                     response.mustcontain('gist test')
                 def test_create_with_path_with_dirs(self):
                     self.log_user()
                     response = self.app.post(
-                        url('gists'),
+                        route_path('gists_create'),
                         params={'lifetime': -1,
                                 'content': 'gist test',
                                 'filename': '/home/foo',
                                 'public': 'public',
                                 'gist_acl_level': Gist.ACL_LEVEL_PUBLIC,
                                 'csrf_token': self.csrf_token},
                         status=200)
                     response.mustcontain('Filename /home/foo cannot be inside a directory')
                 def test_access_expired_gist(self, create_gist):
                     self.log_user()
                     gist = create_gist('never-see-me')
                     gist.gist_expires = 0  # 1970
                     Session().add(gist)
                     Session().commit()
-                    self.app.get(url('gist', gist_id=gist.gist_access_id), status=404)
+                    self.app.get(route_path('gist_show', gist_id=gist.gist_access_id),
+                                 status=404)
                 def test_create_private(self):
                     self.log_user()
                     response = self.app.post(
-                        url('gists'),
+                        route_path('gists_create'),
                         params={'lifetime': -1,
                                 'content': 'private gist test',
                                 'filename': 'private-foo',
                                 'private': 'private',
                                 'gist_acl_level': Gist.ACL_LEVEL_PUBLIC,
                                 'csrf_token': self.csrf_token},
                         status=302)
                     response = response.follow()
                     response.mustcontain('added file: private-foo<')
                     response.mustcontain('private gist test')
                     response.mustcontain('Private Gist')
                     # Make sure private gists are not indexed by robots
                     response.mustcontain(
                         '<meta name="robots" content="noindex, nofollow">')
                 def test_create_private_acl_private(self):
                     self.log_user()
                     response = self.app.post(
-                        url('gists'),
+                        route_path('gists_create'),
                         params={'lifetime': -1,
                                 'content': 'private gist test',
                                 'filename': 'private-foo',
                                 'private': 'private',
                                 'gist_acl_level': Gist.ACL_LEVEL_PRIVATE,
                                 'csrf_token': self.csrf_token},
                         status=302)
                     response = response.follow()
                     response.mustcontain('added file: private-foo<')
                     response.mustcontain('private gist test')
                     response.mustcontain('Private Gist')
                     # Make sure private gists are not indexed by robots
                     response.mustcontain(
                         '<meta name="robots" content="noindex, nofollow">')
                 def test_create_with_description(self):
                     self.log_user()
                     response = self.app.post(
-                        url('gists'),
+                        route_path('gists_create'),
                         params={'lifetime': -1,
                                 'content': 'gist test',
                                 'filename': 'foo-desc',
                                 'description': 'gist-desc',
                                 'public': 'public',
                                 'gist_acl_level': Gist.ACL_LEVEL_PUBLIC,
                                 'csrf_token': self.csrf_token},
                          status=302)
                     response = response.follow()
                     response.mustcontain('added file: foo-desc')
                     response.mustcontain('gist test')
                     response.mustcontain('gist-desc')
                 def test_create_public_with_anonymous_access(self):
                     self.log_user()
                     params = {
                         'lifetime': -1,
                         'content': 'gist test',
                         'filename': 'foo-desc',
                         'description': 'gist-desc',
                         'public': 'public',
                         'gist_acl_level': Gist.ACL_LEVEL_PUBLIC,
                         'csrf_token': self.csrf_token
                     }
-                    response = self.app.post(url('gists'), params=params, status=302)
+                    response = self.app.post(
+                        route_path('gists_create'), params=params, status=302)
                     self.logout_user()
                     response = response.follow()
                     response.mustcontain('added file: foo-desc')
                     response.mustcontain('gist test')
                     response.mustcontain('gist-desc')
                 def test_new(self):
                     self.log_user()
-                    self.app.get(url('new_gist'))
+                    self.app.get(route_path('gists_new'))
                 def test_delete(self, create_gist):
                     self.log_user()
                     gist = create_gist('delete-me')
                     response = self.app.post(
-                        url('gist', gist_id=gist.gist_id),
+                        route_path('gist_delete', gist_id=gist.gist_id),
-                        params={'_method': 'delete', 'csrf_token': self.csrf_token})
+                        params={'csrf_token': self.csrf_token})
                     assert_session_flash(response, 'Deleted gist %s' % gist.gist_id)
                 def test_delete_normal_user_his_gist(self, create_gist):
                     self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
                     gist = create_gist('delete-me', owner=TEST_USER_REGULAR_LOGIN)
                     response = self.app.post(
-                        url('gist', gist_id=gist.gist_id),
+                        route_path('gist_delete', gist_id=gist.gist_id),
-                        params={'_method': 'delete', 'csrf_token': self.csrf_token})
+                        params={'csrf_token': self.csrf_token})
                     assert_session_flash(response, 'Deleted gist %s' % gist.gist_id)
                 def test_delete_normal_user_not_his_own_gist(self, create_gist):
                     self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
-                    gist = create_gist('delete-me')
+                    gist = create_gist('delete-me-2')
                     self.app.post(
-                        url('gist', gist_id=gist.gist_id),
+                        route_path('gist_delete', gist_id=gist.gist_id),
-                        params={'_method': 'delete', 'csrf_token': self.csrf_token},
+                        params={'csrf_token': self.csrf_token}, status=404)
-                        status=403)
                 def test_show(self, create_gist):
                     gist = create_gist('gist-show-me')
-                    response = self.app.get(url('gist', gist_id=gist.gist_access_id))
+                    response = self.app.get(route_path('gist_show', gist_id=gist.gist_access_id))
                     response.mustcontain('added file: gist-show-me<')
                     assert_response = response.assert_response()
                     assert_response.element_equals_to(
                         'div.rc-user span.user',
                         '<a href="/_profiles/test_admin">test_admin</a></span>')
                     response.mustcontain('gist-desc')
                 def test_show_without_hg(self, create_gist):
                     with mock.patch(
                             'rhodecode.lib.vcs.settings.ALIASES', ['git']):
                         gist = create_gist('gist-show-me-again')
-                        self.app.get(url('gist', gist_id=gist.gist_access_id), status=200)
+                        self.app.get(
+                            route_path('gist_show', gist_id=gist.gist_access_id), status=200)
                 def test_show_acl_private(self, create_gist):
                     gist = create_gist('gist-show-me-only-when-im-logged-in',
                                        acl_level=Gist.ACL_LEVEL_PRIVATE)
-                    self.app.get(url('gist', gist_id=gist.gist_access_id), status=404)
+                    self.app.get(
+                        route_path('gist_show', gist_id=gist.gist_access_id), status=404)
                     # now we log-in we should see thi gist
                     self.log_user()
-                    response = self.app.get(url('gist', gist_id=gist.gist_access_id))
+                    response = self.app.get(
+                        route_path('gist_show', gist_id=gist.gist_access_id))
                     response.mustcontain('added file: gist-show-me-only-when-im-logged-in')
                     assert_response = response.assert_response()
                     assert_response.element_equals_to(
                         'div.rc-user span.user',
                         '<a href="/_profiles/test_admin">test_admin</a></span>')
                     response.mustcontain('gist-desc')
                 def test_show_as_raw(self, create_gist):
                     gist = create_gist('gist-show-me', content='GIST CONTENT')
-                    response = self.app.get(url('formatted_gist',
+                    response = self.app.get(
-                                                gist_id=gist.gist_access_id, format='raw'))
+                        route_path('gist_show_formatted',
+                                   gist_id=gist.gist_access_id, revision='tip',
+                                   format='raw'))
                     assert response.body == 'GIST CONTENT'
                 def test_show_as_raw_individual_file(self, create_gist):
                     gist = create_gist('gist-show-me-raw', content='GIST BODY')
-                    response = self.app.get(url('formatted_gist_file',
+                    response = self.app.get(
-                                                gist_id=gist.gist_access_id, format='raw',
+                        route_path('gist_show_formatted_path',
-                                                revision='tip', f_path='gist-show-me-raw'))
+                                   gist_id=gist.gist_access_id, format='raw',
+                                   revision='tip', f_path='gist-show-me-raw'))
                     assert response.body == 'GIST BODY'
                 def test_edit_page(self, create_gist):
                     self.log_user()
                     gist = create_gist('gist-for-edit', content='GIST EDIT BODY')
-                    response = self.app.get(url('edit_gist', gist_id=gist.gist_access_id))
+                    response = self.app.get(route_path('gist_edit', gist_id=gist.gist_access_id))
                     response.mustcontain('GIST EDIT BODY')
                 def test_edit_page_non_logged_user(self, create_gist):
                     gist = create_gist('gist-for-edit', content='GIST EDIT BODY')
-                    self.app.get(url('edit_gist', gist_id=gist.gist_access_id), status=302)
+                    self.app.get(route_path('gist_edit', gist_id=gist.gist_access_id),
+                                 status=302)
                 def test_edit_normal_user_his_gist(self, create_gist):
                     self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
                     gist = create_gist('gist-for-edit', owner=TEST_USER_REGULAR_LOGIN)
-                    self.app.get(url('edit_gist', gist_id=gist.gist_access_id, status=200))
+                    self.app.get(route_path('gist_edit', gist_id=gist.gist_access_id,
+                                            status=200))
                 def test_edit_normal_user_not_his_own_gist(self, create_gist):
                     self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
                     gist = create_gist('delete-me')
-                    self.app.get(url('edit_gist', gist_id=gist.gist_access_id), status=403)
+                    self.app.get(route_path('gist_edit', gist_id=gist.gist_access_id),
+                                 status=404)
                 def test_user_first_name_is_escaped(self, user_util, create_gist):
                     xss_atack_string = '"><script>alert(\'First Name\')</script>'
                     xss_escaped_string = h.html_escape(h.escape(xss_atack_string))
                     password = 'test'
                     user = user_util.create_user(
                         firstname=xss_atack_string, password=password)
                     create_gist('gist', gist_type='public', owner=user.username)
-                    response = self.app.get(url('gists'))
+                    response = self.app.get(route_path('gists_show'))
                     response.mustcontain(xss_escaped_string)
                 def test_user_last_name_is_escaped(self, user_util, create_gist):
                     xss_atack_string = '"><script>alert(\'Last Name\')</script>'
                     xss_escaped_string = h.html_escape(h.escape(xss_atack_string))
                     password = 'test'
                     user = user_util.create_user(
                         lastname=xss_atack_string, password=password)
                     create_gist('gist', gist_type='public', owner=user.username)
-                    response = self.app.get(url('gists'))
+                    response = self.app.get(route_path('gists_show'))
                     response.mustcontain(xss_escaped_string)

rhodecode/config/middleware.py

0 +1 0

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Pylons middleware initialization
             """
             import logging
             from collections import OrderedDict
             from paste.registry import RegistryManager
             from paste.gzipper import make_gzip_middleware
             from pylons.wsgiapp import PylonsApp
             from pyramid.authorization import ACLAuthorizationPolicy
             from pyramid.config import Configurator
             from pyramid.settings import asbool, aslist
             from pyramid.wsgi import wsgiapp
             from pyramid.httpexceptions import (
                 HTTPException, HTTPError, HTTPInternalServerError, HTTPFound)
             from pyramid.events import ApplicationCreated
             from pyramid.renderers import render_to_response
             from routes.middleware import RoutesMiddleware
             import routes.util
             import rhodecode
             from rhodecode.model import meta
             from rhodecode.config import patches
             from rhodecode.config.routing import STATIC_FILE_PREFIX
             from rhodecode.config.environment import (
                 load_environment, load_pyramid_environment)
             from rhodecode.lib.vcs import VCSCommunicationError
             from rhodecode.lib.exceptions import VCSServerUnavailable
             from rhodecode.lib.middleware import csrf
             from rhodecode.lib.middleware.appenlight import wrap_in_appenlight_if_enabled
             from rhodecode.lib.middleware.error_handling import (
                 PylonsErrorHandlingMiddleware)
             from rhodecode.lib.middleware.https_fixup import HttpsFixup
             from rhodecode.lib.middleware.vcs import VCSMiddleware
             from rhodecode.lib.plugins.utils import register_rhodecode_plugin
             from rhodecode.lib.utils2 import aslist as rhodecode_aslist, AttributeDict
             from rhodecode.subscribers import (
                 scan_repositories_if_enabled, write_js_routes_if_enabled,
                 write_metadata_if_needed)
             log = logging.getLogger(__name__)
             # this is used to avoid avoid the route lookup overhead in routesmiddleware
             # for certain routes which won't go to pylons to - eg. static files, debugger
             # it is only needed for the pylons migration and can be removed once complete
             class SkippableRoutesMiddleware(RoutesMiddleware):
                 """ Routes middleware that allows you to skip prefixes """
                 def __init__(self, *args, **kw):
                     self.skip_prefixes = kw.pop('skip_prefixes', [])
                     super(SkippableRoutesMiddleware, self).__init__(*args, **kw)
                 def __call__(self, environ, start_response):
                     for prefix in self.skip_prefixes:
                         if environ['PATH_INFO'].startswith(prefix):
                             # added to avoid the case when a missing /_static route falls
                             # through to pylons and causes an exception as pylons is
                             # expecting wsgiorg.routingargs to be set in the environ
                             # by RoutesMiddleware.
                             if 'wsgiorg.routing_args' not in environ:
                                 environ['wsgiorg.routing_args'] = (None, {})
                             return self.app(environ, start_response)
                     return super(SkippableRoutesMiddleware, self).__call__(
                         environ, start_response)
             def make_app(global_conf, static_files=True, **app_conf):
                 """Create a Pylons WSGI application and return it
                 ``global_conf``
                     The inherited configuration for this application. Normally from
                     the [DEFAULT] section of the Paste ini file.
                 ``app_conf``
                     The application's local configuration. Normally specified in
                     the [app:<name>] section of the Paste ini file (where <name>
                     defaults to main).
                 """
                 # Apply compatibility patches
                 patches.kombu_1_5_1_python_2_7_11()
                 patches.inspect_getargspec()
                 # Configure the Pylons environment
                 config = load_environment(global_conf, app_conf)
                 # The Pylons WSGI app
                 app = PylonsApp(config=config)
                 if rhodecode.is_test:
                     app = csrf.CSRFDetector(app)
                 expected_origin = config.get('expected_origin')
                 if expected_origin:
                     # The API can be accessed from other Origins.
                     app = csrf.OriginChecker(app, expected_origin,
                                              skip_urls=[routes.util.url_for('api')])
                 # Establish the Registry for this application
                 app = RegistryManager(app)
                 app.config = config
                 return app
             def make_pyramid_app(global_config, **settings):
                 """
                 Constructs the WSGI application based on Pyramid and wraps the Pylons based
                 application.
                 Specials:
                 * We migrate from Pylons to Pyramid. While doing this, we keep both
                   frameworks functional. This involves moving some WSGI middlewares around
                   and providing access to some data internals, so that the old code is
                   still functional.
                 * The application can also be integrated like a plugin via the call to
                   `includeme`. This is accompanied with the other utility functions which
                   are called. Changing this should be done with great care to not break
                   cases when these fragments are assembled from another place.
                 """
                 # The edition string should be available in pylons too, so we add it here
                 # before copying the settings.
                 settings.setdefault('rhodecode.edition', 'Community Edition')
                 # As long as our Pylons application does expect "unprepared" settings, make
                 # sure that we keep an unmodified copy. This avoids unintentional change of
                 # behavior in the old application.
                 settings_pylons = settings.copy()
                 sanitize_settings_and_apply_defaults(settings)
                 config = Configurator(settings=settings)
                 add_pylons_compat_data(config.registry, global_config, settings_pylons)
                 load_pyramid_environment(global_config, settings)
                 includeme_first(config)
                 includeme(config)
                 pyramid_app = config.make_wsgi_app()
                 pyramid_app = wrap_app_in_wsgi_middlewares(pyramid_app, config)
                 pyramid_app.config = config
                 # creating the app uses a connection - return it after we are done
                 meta.Session.remove()
                 return pyramid_app
             def make_not_found_view(config):
                 """
                 This creates the view which should be registered as not-found-view to
                 pyramid. Basically it contains of the old pylons app, converted to a view.
                 Additionally it is wrapped by some other middlewares.
                 """
                 settings = config.registry.settings
                 vcs_server_enabled = settings['vcs.server.enable']
                 # Make pylons app from unprepared settings.
                 pylons_app = make_app(
                     config.registry._pylons_compat_global_config,
                     **config.registry._pylons_compat_settings)
                 config.registry._pylons_compat_config = pylons_app.config
                 # Appenlight monitoring.
                 pylons_app, appenlight_client = wrap_in_appenlight_if_enabled(
                     pylons_app, settings)
                 # The pylons app is executed inside of the pyramid 404 exception handler.
                 # Exceptions which are raised inside of it are not handled by pyramid
                 # again. Therefore we add a middleware that invokes the error handler in
                 # case of an exception or error response. This way we return proper error
                 # HTML pages in case of an error.
                 reraise = (settings.get('debugtoolbar.enabled', False) or
                            rhodecode.disable_error_handler)
                 pylons_app = PylonsErrorHandlingMiddleware(
                     pylons_app, error_handler, reraise)
                 # The VCSMiddleware shall operate like a fallback if pyramid doesn't find a
                 # view to handle the request. Therefore it is wrapped around the pylons
                 # app. It has to be outside of the error handling otherwise error responses
                 # from the vcsserver are converted to HTML error pages. This confuses the
                 # command line tools and the user won't get a meaningful error message.
                 if vcs_server_enabled:
                     pylons_app = VCSMiddleware(
                         pylons_app, settings, appenlight_client, registry=config.registry)
                 # Convert WSGI app to pyramid view and return it.
                 return wsgiapp(pylons_app)
             def add_pylons_compat_data(registry, global_config, settings):
                 """
                 Attach data to the registry to support the Pylons integration.
                 """
                 registry._pylons_compat_global_config = global_config
                 registry._pylons_compat_settings = settings
             def error_handler(exception, request):
                 import rhodecode
                 from rhodecode.lib import helpers
                 rhodecode_title = rhodecode.CONFIG.get('rhodecode_title') or 'RhodeCode'
                 base_response = HTTPInternalServerError()
                 # prefer original exception for the response since it may have headers set
                 if isinstance(exception, HTTPException):
                     base_response = exception
                 elif isinstance(exception, VCSCommunicationError):
                     base_response = VCSServerUnavailable()
                 def is_http_error(response):
                     # error which should have traceback
                     return response.status_code > 499
                 if is_http_error(base_response):
                     log.exception(
                         'error occurred handling this request for path: %s', request.path)
                 c = AttributeDict()
                 c.error_message = base_response.status
                 c.error_explanation = base_response.explanation or str(base_response)
                 c.visual = AttributeDict()
                 c.visual.rhodecode_support_url = (
                     request.registry.settings.get('rhodecode_support_url') or
                     request.route_url('rhodecode_support')
                 )
                 c.redirect_time = 0
                 c.rhodecode_name = rhodecode_title
                 if not c.rhodecode_name:
                     c.rhodecode_name = 'Rhodecode'
                 c.causes = []
                 if hasattr(base_response, 'causes'):
                     c.causes = base_response.causes
                 c.messages = helpers.flash.pop_messages()
                 response = render_to_response(
                     '/errors/error_document.mako', {'c': c, 'h': helpers}, request=request,
                     response=base_response)
                 return response
             def includeme(config):
                 settings = config.registry.settings
                 # plugin information
                 config.registry.rhodecode_plugins = OrderedDict()
                 config.add_directive(
                     'register_rhodecode_plugin', register_rhodecode_plugin)
                 if asbool(settings.get('appenlight', 'false')):
                     config.include('appenlight_client.ext.pyramid_tween')
                 # Includes which are required. The application would fail without them.
                 config.include('pyramid_mako')
                 config.include('pyramid_beaker')
                 config.include('rhodecode.authentication')
                 config.include('rhodecode.integrations')
                 # apps
                 config.include('rhodecode.apps._base')
                 config.include('rhodecode.apps.ops')
                 config.include('rhodecode.apps.admin')
                 config.include('rhodecode.apps.channelstream')
                 config.include('rhodecode.apps.login')
                 config.include('rhodecode.apps.home')
                 config.include('rhodecode.apps.repository')
                 config.include('rhodecode.apps.repo_group')
                 config.include('rhodecode.apps.search')
                 config.include('rhodecode.apps.user_profile')
                 config.include('rhodecode.apps.my_account')
                 config.include('rhodecode.apps.svn_support')
+                config.include('rhodecode.apps.gist')
                 config.include('rhodecode.tweens')
                 config.include('rhodecode.api')
                 config.add_route(
                     'rhodecode_support', 'https://rhodecode.com/help/', static=True)
                 config.add_translation_dirs('rhodecode:i18n/')
                 settings['default_locale_name'] = settings.get('lang', 'en')
                 # Add subscribers.
                 config.add_subscriber(scan_repositories_if_enabled, ApplicationCreated)
                 config.add_subscriber(write_metadata_if_needed, ApplicationCreated)
                 config.add_subscriber(write_js_routes_if_enabled, ApplicationCreated)
                 # events
                 # TODO(marcink): this should be done when pyramid migration is finished
                 # config.add_subscriber(
                 #     'rhodecode.integrations.integrations_event_handler',
                 #     'rhodecode.events.RhodecodeEvent')
                 # Set the authorization policy.
                 authz_policy = ACLAuthorizationPolicy()
                 config.set_authorization_policy(authz_policy)
                 # Set the default renderer for HTML templates to mako.
                 config.add_mako_renderer('.html')
                 config.add_renderer(
                     name='json_ext',
                     factory='rhodecode.lib.ext_json_renderer.pyramid_ext_json')
                 # include RhodeCode plugins
                 includes = aslist(settings.get('rhodecode.includes', []))
                 for inc in includes:
                     config.include(inc)
                 # This is the glue which allows us to migrate in chunks. By registering the
                 # pylons based application as the "Not Found" view in Pyramid, we will
                 # fallback to the old application each time the new one does not yet know
                 # how to handle a request.
                 config.add_notfound_view(make_not_found_view(config))
                 if not settings.get('debugtoolbar.enabled', False):
                     # if no toolbar, then any exception gets caught and rendered
                     config.add_view(error_handler, context=Exception)
                 config.add_view(error_handler, context=HTTPError)
             def includeme_first(config):
                 # redirect automatic browser favicon.ico requests to correct place
                 def favicon_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/images/favicon.ico'))
                 config.add_view(favicon_redirect, route_name='favicon')
                 config.add_route('favicon', '/favicon.ico')
                 def robots_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/robots.txt'))
                 config.add_view(robots_redirect, route_name='robots')
                 config.add_route('robots', '/robots.txt')
                 config.add_static_view(
                     '_static/deform', 'deform:static')
                 config.add_static_view(
                     '_static/rhodecode', path='rhodecode:public', cache_max_age=3600 * 24)
             def wrap_app_in_wsgi_middlewares(pyramid_app, config):
                 """
                 Apply outer WSGI middlewares around the application.
                 Part of this has been moved up from the Pylons layer, so that the
                 data is also available if old Pylons code is hit through an already ported
                 view.
                 """
                 settings = config.registry.settings
                 # enable https redirects based on HTTP_X_URL_SCHEME set by proxy
                 pyramid_app = HttpsFixup(pyramid_app, settings)
                 # Add RoutesMiddleware to support the pylons compatibility tween during
                 # migration to pyramid.
                 pyramid_app = SkippableRoutesMiddleware(
                     pyramid_app, config.registry._pylons_compat_config['routes.map'],
                     skip_prefixes=(STATIC_FILE_PREFIX, '/_debug_toolbar'))
                 pyramid_app, _ = wrap_in_appenlight_if_enabled(pyramid_app, settings)
                 if settings['gzip_responses']:
                     pyramid_app = make_gzip_middleware(
                         pyramid_app, settings, compress_level=1)
                 # this should be the outer most middleware in the wsgi stack since
                 # middleware like Routes make database calls
                 def pyramid_app_with_cleanup(environ, start_response):
                     try:
                         return pyramid_app(environ, start_response)
                     finally:
                         # Dispose current database session and rollback uncommitted
                         # transactions.
                         meta.Session.remove()
                         # In a single threaded mode server, on non sqlite db we should have
                         # '0 Current Checked out connections' at the end of a request,
                         # if not, then something, somewhere is leaving a connection open
                         pool = meta.Base.metadata.bind.engine.pool
                         log.debug('sa pool status: %s', pool.status())
                 return pyramid_app_with_cleanup
             def sanitize_settings_and_apply_defaults(settings):
                 """
                 Applies settings defaults and does all type conversion.
                 We would move all settings parsing and preparation into this place, so that
                 we have only one place left which deals with this part. The remaining parts
                 of the application would start to rely fully on well prepared settings.
                 This piece would later be split up per topic to avoid a big fat monster
                 function.
                 """
                 # Pyramid's mako renderer has to search in the templates folder so that the
                 # old templates still work. Ported and new templates are expected to use
                 # real asset specifications for the includes.
                 mako_directories = settings.setdefault('mako.directories', [
                     # Base templates of the original Pylons application
                     'rhodecode:templates',
                 ])
                 log.debug(
                     "Using the following Mako template directories: %s",
                     mako_directories)
                 # Default includes, possible to change as a user
                 pyramid_includes = settings.setdefault('pyramid.includes', [
                     'rhodecode.lib.middleware.request_wrapper',
                 ])
                 log.debug(
                     "Using the following pyramid.includes: %s",
                     pyramid_includes)
                 # TODO: johbo: Re-think this, usually the call to config.include
                 # should allow to pass in a prefix.
                 settings.setdefault('rhodecode.api.url', '/_admin/api')
                 # Sanitize generic settings.
                 _list_setting(settings, 'default_encoding', 'UTF-8')
                 _bool_setting(settings, 'is_test', 'false')
                 _bool_setting(settings, 'gzip_responses', 'false')
                 # Call split out functions that sanitize settings for each topic.
                 _sanitize_appenlight_settings(settings)
                 _sanitize_vcs_settings(settings)
                 return settings
             def _sanitize_appenlight_settings(settings):
                 _bool_setting(settings, 'appenlight', 'false')
             def _sanitize_vcs_settings(settings):
                 """
                 Applies settings defaults and does type conversion for all VCS related
                 settings.
                 """
                 _string_setting(settings, 'vcs.svn.compatible_version', '')
                 _string_setting(settings, 'git_rev_filter', '--all')
                 _string_setting(settings, 'vcs.hooks.protocol', 'http')
                 _string_setting(settings, 'vcs.scm_app_implementation', 'http')
                 _string_setting(settings, 'vcs.server', '')
                 _string_setting(settings, 'vcs.server.log_level', 'debug')
                 _string_setting(settings, 'vcs.server.protocol', 'http')
                 _bool_setting(settings, 'startup.import_repos', 'false')
                 _bool_setting(settings, 'vcs.hooks.direct_calls', 'false')
                 _bool_setting(settings, 'vcs.server.enable', 'true')
                 _bool_setting(settings, 'vcs.start_server', 'false')
                 _list_setting(settings, 'vcs.backends', 'hg, git, svn')
                 _int_setting(settings, 'vcs.connection_timeout', 3600)
                 # Support legacy values of vcs.scm_app_implementation. Legacy
                 # configurations may use 'rhodecode.lib.middleware.utils.scm_app_http'
                 # which is now mapped to 'http'.
                 scm_app_impl = settings['vcs.scm_app_implementation']
                 if scm_app_impl == 'rhodecode.lib.middleware.utils.scm_app_http':
                     settings['vcs.scm_app_implementation'] = 'http'
             def _int_setting(settings, name, default):
                 settings[name] = int(settings.get(name, default))
             def _bool_setting(settings, name, default):
                 input = settings.get(name, default)
                 if isinstance(input, unicode):
                     input = input.encode('utf8')
                 settings[name] = asbool(input)
             def _list_setting(settings, name, default):
                 raw_value = settings.get(name, default)
                 old_separator = ','
                 if old_separator in raw_value:
                     # If we get a comma separated list, pass it to our own function.
                     settings[name] = rhodecode_aslist(raw_value, sep=old_separator)
                 else:
                     # Otherwise we assume it uses pyramids space/newline separation.
                     settings[name] = aslist(raw_value)
             def _string_setting(settings, name, default, lower=True):
                 value = settings.get(name, default)
                 if lower:
                     value = value.lower()
                 settings[name] = value

rhodecode/config/routing.py

0 0 -33

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Routes configuration
             The more specific and detailed routes should be defined first so they
             may take precedent over the more generic routes. For more information
             refer to the routes manual at http://routes.groovie.org/docs/
             IMPORTANT: if you change any routing here, make sure to take a look at lib/base.py
             and _route_name variable which uses some of stored naming here to do redirects.
             """
             import os
             import re
             from routes import Mapper
             # prefix for non repository related links needs to be prefixed with `/`
             ADMIN_PREFIX = '/_admin'
             STATIC_FILE_PREFIX = '/_static'
             # Default requirements for URL parts
             URL_NAME_REQUIREMENTS = {
                 # group name can have a slash in them, but they must not end with a slash
                 'group_name': r'.*?[^/]',
                 'repo_group_name': r'.*?[^/]',
                 # repo names can have a slash in them, but they must not end with a slash
                 'repo_name': r'.*?[^/]',
                 # file path eats up everything at the end
                 'f_path': r'.*',
                 # reference types
                 'source_ref_type': '(branch|book|tag|rev|\%\(source_ref_type\)s)',
                 'target_ref_type': '(branch|book|tag|rev|\%\(target_ref_type\)s)',
             }
             def add_route_requirements(route_path, requirements):
                 """
                 Adds regex requirements to pyramid routes using a mapping dict
                 >>> add_route_requirements('/{action}/{id}', {'id': r'\d+'})
                 '/{action}/{id:\d+}'
                  """
                 for key, regex in requirements.items():
                     route_path = route_path.replace('{%s}' % key, '{%s:%s}' % (key, regex))
                 return route_path
             class JSRoutesMapper(Mapper):
                 """
                 Wrapper for routes.Mapper to make pyroutes compatible url definitions
                 """
                 _named_route_regex = re.compile(r'^[a-z-_0-9A-Z]+$')
                 _argument_prog = re.compile('\{(.*?)\}|:\((.*)\)')
                 def __init__(self, *args, **kw):
                     super(JSRoutesMapper, self).__init__(*args, **kw)
                     self._jsroutes = []
                 def connect(self, *args, **kw):
                     """
                     Wrapper for connect to take an extra argument jsroute=True
                     :param jsroute: boolean, if True will add the route to the pyroutes list
                     """
                     if kw.pop('jsroute', False):
                         if not self._named_route_regex.match(args[0]):
                             raise Exception('only named routes can be added to pyroutes')
                         self._jsroutes.append(args[0])
                     super(JSRoutesMapper, self).connect(*args, **kw)
                 def _extract_route_information(self, route):
                     """
                     Convert a route into tuple(name, path, args), eg:
                         ('show_user', '/profile/%(username)s', ['username'])
                     """
                     routepath = route.routepath
                     def replace(matchobj):
                         if matchobj.group(1):
                             return "%%(%s)s" % matchobj.group(1).split(':')[0]
                         else:
                             return "%%(%s)s" % matchobj.group(2)
                     routepath = self._argument_prog.sub(replace, routepath)
                     return (
                         route.name,
                         routepath,
                         [(arg[0].split(':')[0] if arg[0] != '' else arg[1])
                           for arg in self._argument_prog.findall(route.routepath)]
                     )
                 def jsroutes(self):
                     """
                     Return a list of pyroutes.js compatible routes
                     """
                     for route_name in self._jsroutes:
                         yield self._extract_route_information(self._routenames[route_name])
             def make_map(config):
                 """Create, configure and return the routes Mapper"""
                 rmap = JSRoutesMapper(
                     directory=config['pylons.paths']['controllers'],
                     always_scan=config['debug'])
                 rmap.minimization = False
                 rmap.explicit = False
                 from rhodecode.lib.utils2 import str2bool
                 from rhodecode.model import repo, repo_group
                 def check_repo(environ, match_dict):
                     """
                     check for valid repository for proper 404 handling
                     :param environ:
                     :param match_dict:
                     """
                     repo_name = match_dict.get('repo_name')
                     if match_dict.get('f_path'):
                         # fix for multiple initial slashes that causes errors
                         match_dict['f_path'] = match_dict['f_path'].lstrip('/')
                     repo_model = repo.RepoModel()
                     by_name_match = repo_model.get_by_repo_name(repo_name)
                     # if we match quickly from database, short circuit the operation,
                     # and validate repo based on the type.
                     if by_name_match:
                         return True
                     by_id_match = repo_model.get_repo_by_id(repo_name)
                     if by_id_match:
                         repo_name = by_id_match.repo_name
                         match_dict['repo_name'] = repo_name
                         return True
                     return False
                 def check_group(environ, match_dict):
                     """
                     check for valid repository group path for proper 404 handling
                     :param environ:
                     :param match_dict:
                     """
                     repo_group_name = match_dict.get('group_name')
                     repo_group_model = repo_group.RepoGroupModel()
                     by_name_match = repo_group_model.get_by_group_name(repo_group_name)
                     if by_name_match:
                         return True
                     return False
                 def check_user_group(environ, match_dict):
                     """
                     check for valid user group for proper 404 handling
                     :param environ:
                     :param match_dict:
                     """
                     return True
                 def check_int(environ, match_dict):
                     return match_dict.get('id').isdigit()
                 #==========================================================================
                 # CUSTOM ROUTES HERE
                 #==========================================================================
                 # ping and pylons error test
                 rmap.connect('ping', '%s/ping' % (ADMIN_PREFIX,), controller='home', action='ping')
                 rmap.connect('error_test', '%s/error_test' % (ADMIN_PREFIX,), controller='home', action='error_test')
                 # ADMIN REPOSITORY ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/repos') as m:
                     m.connect('repos', '/repos',
                               action='create', conditions={'method': ['POST']})
                     m.connect('repos', '/repos',
                               action='index', conditions={'method': ['GET']})
                     m.connect('new_repo', '/create_repository', jsroute=True,
                               action='create_repository', conditions={'method': ['GET']})
                     m.connect('delete_repo', '/repos/{repo_name}',
                               action='delete', conditions={'method': ['DELETE']},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('repo', '/repos/{repo_name}',
                               action='show', conditions={'method': ['GET'],
                                                          'function': check_repo},
                               requirements=URL_NAME_REQUIREMENTS)
                 # ADMIN REPOSITORY GROUPS ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/repo_groups') as m:
                     m.connect('repo_groups', '/repo_groups',
                               action='create', conditions={'method': ['POST']})
                     m.connect('repo_groups', '/repo_groups',
                               action='index', conditions={'method': ['GET']})
                     m.connect('new_repo_group', '/repo_groups/new',
                               action='new', conditions={'method': ['GET']})
                     m.connect('update_repo_group', '/repo_groups/{group_name}',
                               action='update', conditions={'method': ['PUT'],
                                                            'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     # EXTRAS REPO GROUP ROUTES
                     m.connect('edit_repo_group', '/repo_groups/{group_name}/edit',
                               action='edit',
                               conditions={'method': ['GET'], 'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('edit_repo_group', '/repo_groups/{group_name}/edit',
                               action='edit',
                               conditions={'method': ['PUT'], 'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('edit_repo_group_advanced', '/repo_groups/{group_name}/edit/advanced',
                               action='edit_repo_group_advanced',
                               conditions={'method': ['GET'], 'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('edit_repo_group_advanced', '/repo_groups/{group_name}/edit/advanced',
                               action='edit_repo_group_advanced',
                               conditions={'method': ['PUT'], 'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('edit_repo_group_perms', '/repo_groups/{group_name}/edit/permissions',
                               action='edit_repo_group_perms',
                               conditions={'method': ['GET'], 'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('edit_repo_group_perms', '/repo_groups/{group_name}/edit/permissions',
                               action='update_perms',
                               conditions={'method': ['PUT'], 'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('delete_repo_group', '/repo_groups/{group_name}',
                               action='delete', conditions={'method': ['DELETE'],
                                                            'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                 # ADMIN USER ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/users') as m:
                     m.connect('users', '/users',
                               action='create', conditions={'method': ['POST']})
                     m.connect('new_user', '/users/new',
                               action='new', conditions={'method': ['GET']})
                     m.connect('update_user', '/users/{user_id}',
                               action='update', conditions={'method': ['PUT']})
                     m.connect('delete_user', '/users/{user_id}',
                               action='delete', conditions={'method': ['DELETE']})
                     m.connect('edit_user', '/users/{user_id}/edit',
                               action='edit', conditions={'method': ['GET']}, jsroute=True)
                     m.connect('user', '/users/{user_id}',
                               action='show', conditions={'method': ['GET']})
                     m.connect('force_password_reset_user', '/users/{user_id}/password_reset',
                               action='reset_password', conditions={'method': ['POST']})
                     m.connect('create_personal_repo_group', '/users/{user_id}/create_repo_group',
                               action='create_personal_repo_group', conditions={'method': ['POST']})
                     # EXTRAS USER ROUTES
                     m.connect('edit_user_advanced', '/users/{user_id}/edit/advanced',
                               action='edit_advanced', conditions={'method': ['GET']})
                     m.connect('edit_user_advanced', '/users/{user_id}/edit/advanced',
                               action='update_advanced', conditions={'method': ['PUT']})
                     m.connect('edit_user_global_perms', '/users/{user_id}/edit/global_permissions',
                               action='edit_global_perms', conditions={'method': ['GET']})
                     m.connect('edit_user_global_perms', '/users/{user_id}/edit/global_permissions',
                               action='update_global_perms', conditions={'method': ['PUT']})
                     m.connect('edit_user_perms_summary', '/users/{user_id}/edit/permissions_summary',
                               action='edit_perms_summary', conditions={'method': ['GET']})
                 # ADMIN USER GROUPS REST ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/user_groups') as m:
                     m.connect('users_groups', '/user_groups',
                               action='create', conditions={'method': ['POST']})
                     m.connect('users_groups', '/user_groups',
                               action='index', conditions={'method': ['GET']})
                     m.connect('new_users_group', '/user_groups/new',
                               action='new', conditions={'method': ['GET']})
                     m.connect('update_users_group', '/user_groups/{user_group_id}',
                               action='update', conditions={'method': ['PUT']})
                     m.connect('delete_users_group', '/user_groups/{user_group_id}',
                               action='delete', conditions={'method': ['DELETE']})
                     m.connect('edit_users_group', '/user_groups/{user_group_id}/edit',
                               action='edit', conditions={'method': ['GET']},
                               function=check_user_group)
                     # EXTRAS USER GROUP ROUTES
                     m.connect('edit_user_group_global_perms',
                               '/user_groups/{user_group_id}/edit/global_permissions',
                               action='edit_global_perms', conditions={'method': ['GET']})
                     m.connect('edit_user_group_global_perms',
                               '/user_groups/{user_group_id}/edit/global_permissions',
                               action='update_global_perms', conditions={'method': ['PUT']})
                     m.connect('edit_user_group_perms_summary',
                               '/user_groups/{user_group_id}/edit/permissions_summary',
                               action='edit_perms_summary', conditions={'method': ['GET']})
                     m.connect('edit_user_group_perms',
                               '/user_groups/{user_group_id}/edit/permissions',
                               action='edit_perms', conditions={'method': ['GET']})
                     m.connect('edit_user_group_perms',
                               '/user_groups/{user_group_id}/edit/permissions',
                               action='update_perms', conditions={'method': ['PUT']})
                     m.connect('edit_user_group_advanced',
                               '/user_groups/{user_group_id}/edit/advanced',
                               action='edit_advanced', conditions={'method': ['GET']})
                     m.connect('edit_user_group_advanced_sync',
                               '/user_groups/{user_group_id}/edit/advanced/sync',
                               action='edit_advanced_set_synchronization', conditions={'method': ['POST']})
                     m.connect('edit_user_group_members',
                               '/user_groups/{user_group_id}/edit/members', jsroute=True,
                               action='user_group_members', conditions={'method': ['GET']})
                 # ADMIN PERMISSIONS ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/permissions') as m:
                     m.connect('admin_permissions_application', '/permissions/application',
                               action='permission_application_update', conditions={'method': ['POST']})
                     m.connect('admin_permissions_application', '/permissions/application',
                               action='permission_application', conditions={'method': ['GET']})
                     m.connect('admin_permissions_global', '/permissions/global',
                               action='permission_global_update', conditions={'method': ['POST']})
                     m.connect('admin_permissions_global', '/permissions/global',
                               action='permission_global', conditions={'method': ['GET']})
                     m.connect('admin_permissions_object', '/permissions/object',
                               action='permission_objects_update', conditions={'method': ['POST']})
                     m.connect('admin_permissions_object', '/permissions/object',
                               action='permission_objects', conditions={'method': ['GET']})
                     m.connect('admin_permissions_ips', '/permissions/ips',
                               action='permission_ips', conditions={'method': ['POST']})
                     m.connect('admin_permissions_ips', '/permissions/ips',
                               action='permission_ips', conditions={'method': ['GET']})
                     m.connect('admin_permissions_overview', '/permissions/overview',
                               action='permission_perms', conditions={'method': ['GET']})
                 # ADMIN DEFAULTS REST ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/defaults') as m:
                     m.connect('admin_defaults_repositories', '/defaults/repositories',
                               action='update_repository_defaults', conditions={'method': ['POST']})
                     m.connect('admin_defaults_repositories', '/defaults/repositories',
                               action='index', conditions={'method': ['GET']})
                 # ADMIN DEBUG STYLE ROUTES
                 if str2bool(config.get('debug_style')):
                     with rmap.submapper(path_prefix=ADMIN_PREFIX + '/debug_style',
                                         controller='debug_style') as m:
                         m.connect('debug_style_home', '',
                                   action='index', conditions={'method': ['GET']})
                         m.connect('debug_style_template', '/t/{t_path}',
                                   action='template', conditions={'method': ['GET']})
                 # ADMIN SETTINGS ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/settings') as m:
                     # default
                     m.connect('admin_settings', '/settings',
                               action='settings_global_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings', '/settings',
                               action='settings_global', conditions={'method': ['GET']})
                     m.connect('admin_settings_vcs', '/settings/vcs',
                               action='settings_vcs_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings_vcs', '/settings/vcs',
                               action='settings_vcs',
                               conditions={'method': ['GET']})
                     m.connect('admin_settings_vcs', '/settings/vcs',
                               action='delete_svn_pattern',
                               conditions={'method': ['DELETE']})
                     m.connect('admin_settings_mapping', '/settings/mapping',
                               action='settings_mapping_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings_mapping', '/settings/mapping',
                               action='settings_mapping', conditions={'method': ['GET']})
                     m.connect('admin_settings_global', '/settings/global',
                               action='settings_global_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings_global', '/settings/global',
                               action='settings_global', conditions={'method': ['GET']})
                     m.connect('admin_settings_visual', '/settings/visual',
                               action='settings_visual_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings_visual', '/settings/visual',
                               action='settings_visual', conditions={'method': ['GET']})
                     m.connect('admin_settings_issuetracker',
                               '/settings/issue-tracker', action='settings_issuetracker',
                               conditions={'method': ['GET']})
                     m.connect('admin_settings_issuetracker_save',
                               '/settings/issue-tracker/save',
                               action='settings_issuetracker_save',
                               conditions={'method': ['POST']})
                     m.connect('admin_issuetracker_test', '/settings/issue-tracker/test',
                               action='settings_issuetracker_test',
                               conditions={'method': ['POST']})
                     m.connect('admin_issuetracker_delete',
                               '/settings/issue-tracker/delete',
                               action='settings_issuetracker_delete',
                               conditions={'method': ['DELETE']})
                     m.connect('admin_settings_email', '/settings/email',
                               action='settings_email_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings_email', '/settings/email',
                               action='settings_email', conditions={'method': ['GET']})
                     m.connect('admin_settings_hooks', '/settings/hooks',
                               action='settings_hooks_update',
                               conditions={'method': ['POST', 'DELETE']})
                     m.connect('admin_settings_hooks', '/settings/hooks',
                               action='settings_hooks', conditions={'method': ['GET']})
                     m.connect('admin_settings_search', '/settings/search',
                               action='settings_search', conditions={'method': ['GET']})
                     m.connect('admin_settings_supervisor', '/settings/supervisor',
                               action='settings_supervisor', conditions={'method': ['GET']})
                     m.connect('admin_settings_supervisor_log', '/settings/supervisor/{procid}/log',
                               action='settings_supervisor_log', conditions={'method': ['GET']})
                     m.connect('admin_settings_labs', '/settings/labs',
                               action='settings_labs_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings_labs', '/settings/labs',
                               action='settings_labs', conditions={'method': ['GET']})
                 # ADMIN MY ACCOUNT
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/my_account') as m:
                     m.connect('my_account_edit', '/my_account/edit',
                               action='my_account_edit', conditions={'method': ['GET']})
                     m.connect('my_account', '/my_account/update',
                               action='my_account_update', conditions={'method': ['POST']})
                     # NOTE(marcink): this needs to be kept for password force flag to be
                     # handler, remove after migration to pyramid
                     m.connect('my_account_password', '/my_account/password',
                               action='my_account_password', conditions={'method': ['GET']})
                     m.connect('my_account_pullrequests', '/my_account/pull_requests',
                               action='my_account_pullrequests', conditions={'method': ['GET']})
                 # NOTIFICATION REST ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/notifications') as m:
                     m.connect('notifications', '/notifications',
                               action='index', conditions={'method': ['GET']})
                     m.connect('notifications_mark_all_read', '/notifications/mark_all_read',
                               action='mark_all_read', conditions={'method': ['POST']})
                     m.connect('/notifications/{notification_id}',
                               action='update', conditions={'method': ['PUT']})
                     m.connect('/notifications/{notification_id}',
                               action='delete', conditions={'method': ['DELETE']})
                     m.connect('notification', '/notifications/{notification_id}',
                               action='show', conditions={'method': ['GET']})
-                # ADMIN GIST
-                with rmap.submapper(path_prefix=ADMIN_PREFIX,
-                                    controller='admin/gists') as m:
-                    m.connect('gists', '/gists',
-                              action='create', conditions={'method': ['POST']})
-                    m.connect('gists', '/gists', jsroute=True,
-                              action='index', conditions={'method': ['GET']})
-                    m.connect('new_gist', '/gists/new', jsroute=True,
-                              action='new', conditions={'method': ['GET']})
-                    m.connect('/gists/{gist_id}',
-                              action='delete', conditions={'method': ['DELETE']})
-                    m.connect('edit_gist', '/gists/{gist_id}/edit',
-                              action='edit_form', conditions={'method': ['GET']})
-                    m.connect('edit_gist', '/gists/{gist_id}/edit',
-                              action='edit', conditions={'method': ['POST']})
-                    m.connect(
-                        'edit_gist_check_revision', '/gists/{gist_id}/edit/check_revision',
-                        action='check_revision', conditions={'method': ['GET']})
-                    m.connect('gist', '/gists/{gist_id}',
-                              action='show', conditions={'method': ['GET']})
-                    m.connect('gist_rev', '/gists/{gist_id}/{revision}',
-                              revision='tip',
-                              action='show', conditions={'method': ['GET']})
-                    m.connect('formatted_gist', '/gists/{gist_id}/{revision}/{format}',
-                              revision='tip',
-                              action='show', conditions={'method': ['GET']})
-                    m.connect('formatted_gist_file', '/gists/{gist_id}/{revision}/{format}/{f_path}',
-                              revision='tip',
-                              action='show', conditions={'method': ['GET']},
-                              requirements=URL_NAME_REQUIREMENTS)
                 # USER JOURNAL
                 rmap.connect('journal', '%s/journal' % (ADMIN_PREFIX,),
                              controller='journal', action='index')
                 rmap.connect('journal_rss', '%s/journal/rss' % (ADMIN_PREFIX,),
                              controller='journal', action='journal_rss')
                 rmap.connect('journal_atom', '%s/journal/atom' % (ADMIN_PREFIX,),
                              controller='journal', action='journal_atom')
                 rmap.connect('public_journal', '%s/public_journal' % (ADMIN_PREFIX,),
                              controller='journal', action='public_journal')
                 rmap.connect('public_journal_rss', '%s/public_journal/rss' % (ADMIN_PREFIX,),
                              controller='journal', action='public_journal_rss')
                 rmap.connect('public_journal_rss_old', '%s/public_journal_rss' % (ADMIN_PREFIX,),
                              controller='journal', action='public_journal_rss')
                 rmap.connect('public_journal_atom',
                              '%s/public_journal/atom' % (ADMIN_PREFIX,), controller='journal',
                              action='public_journal_atom')
                 rmap.connect('public_journal_atom_old',
                              '%s/public_journal_atom' % (ADMIN_PREFIX,), controller='journal',
                              action='public_journal_atom')
                 rmap.connect('toggle_following', '%s/toggle_following' % (ADMIN_PREFIX,),
                              controller='journal', action='toggle_following', jsroute=True,
                              conditions={'method': ['POST']})
                 # FEEDS
                 rmap.connect('rss_feed_home', '/{repo_name}/feed/rss',
                              controller='feed', action='rss',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('atom_feed_home', '/{repo_name}/feed/atom',
                              controller='feed', action='atom',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 #==========================================================================
                 # REPOSITORY ROUTES
                 #==========================================================================
                 rmap.connect('repo_creating_home', '/{repo_name}/repo_creating',
                              controller='admin/repos', action='repo_creating',
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_check_home', '/{repo_name}/crepo_check',
                              controller='admin/repos', action='repo_check',
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changeset_home', '/{repo_name}/changeset/{revision}',
                              controller='changeset', revision='tip',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('changeset_children', '/{repo_name}/changeset_children/{revision}',
                              controller='changeset', revision='tip', action='changeset_children',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changeset_parents', '/{repo_name}/changeset_parents/{revision}',
                              controller='changeset', revision='tip', action='changeset_parents',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 # repo edit options
                 rmap.connect('edit_repo_fields', '/{repo_name}/settings/fields',
                              controller='admin/repos', action='edit_fields',
                              conditions={'method': ['GET'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('create_repo_fields', '/{repo_name}/settings/fields/new',
                              controller='admin/repos', action='create_repo_field',
                              conditions={'method': ['PUT'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('delete_repo_fields', '/{repo_name}/settings/fields/{field_id}',
                              controller='admin/repos', action='delete_repo_field',
                              conditions={'method': ['DELETE'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('toggle_locking', '/{repo_name}/settings/advanced/locking_toggle',
                              controller='admin/repos', action='toggle_locking',
                              conditions={'method': ['GET'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('edit_repo_remote', '/{repo_name}/settings/remote',
                              controller='admin/repos', action='edit_remote_form',
                              conditions={'method': ['GET'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('edit_repo_remote', '/{repo_name}/settings/remote',
                              controller='admin/repos', action='edit_remote',
                              conditions={'method': ['PUT'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('edit_repo_statistics', '/{repo_name}/settings/statistics',
                              controller='admin/repos', action='edit_statistics_form',
                              conditions={'method': ['GET'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('edit_repo_statistics', '/{repo_name}/settings/statistics',
                              controller='admin/repos', action='edit_statistics',
                              conditions={'method': ['PUT'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_settings_issuetracker',
                              '/{repo_name}/settings/issue-tracker',
                              controller='admin/repos', action='repo_issuetracker',
                              conditions={'method': ['GET'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_issuetracker_test',
                              '/{repo_name}/settings/issue-tracker/test',
                              controller='admin/repos', action='repo_issuetracker_test',
                              conditions={'method': ['POST'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_issuetracker_delete',
                              '/{repo_name}/settings/issue-tracker/delete',
                              controller='admin/repos', action='repo_issuetracker_delete',
                              conditions={'method': ['DELETE'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_issuetracker_save',
                              '/{repo_name}/settings/issue-tracker/save',
                              controller='admin/repos', action='repo_issuetracker_save',
                              conditions={'method': ['POST'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_vcs_settings', '/{repo_name}/settings/vcs',
                              controller='admin/repos', action='repo_settings_vcs_update',
                              conditions={'method': ['POST'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_vcs_settings', '/{repo_name}/settings/vcs',
                              controller='admin/repos', action='repo_settings_vcs',
                              conditions={'method': ['GET'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_vcs_settings', '/{repo_name}/settings/vcs',
                              controller='admin/repos', action='repo_delete_svn_pattern',
                              conditions={'method': ['DELETE'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_pullrequest_settings', '/{repo_name}/settings/pullrequest',
                              controller='admin/repos', action='repo_settings_pullrequest',
                              conditions={'method': ['GET', 'POST'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 # still working url for backward compat.
                 rmap.connect('raw_changeset_home_depraced',
                              '/{repo_name}/raw-changeset/{revision}',
                              controller='changeset', action='changeset_raw',
                              revision='tip', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 # new URLs
                 rmap.connect('changeset_raw_home',
                              '/{repo_name}/changeset-diff/{revision}',
                              controller='changeset', action='changeset_raw',
                              revision='tip', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changeset_patch_home',
                              '/{repo_name}/changeset-patch/{revision}',
                              controller='changeset', action='changeset_patch',
                              revision='tip', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changeset_download_home',
                              '/{repo_name}/changeset-download/{revision}',
                              controller='changeset', action='changeset_download',
                              revision='tip', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changeset_comment',
                              '/{repo_name}/changeset/{revision}/comment', jsroute=True,
                              controller='changeset', revision='tip', action='comment',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changeset_comment_preview',
                              '/{repo_name}/changeset/comment/preview', jsroute=True,
                              controller='changeset', action='preview_comment',
                              conditions={'function': check_repo, 'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changeset_comment_delete',
                              '/{repo_name}/changeset/comment/{comment_id}/delete',
                              controller='changeset', action='delete_comment',
                              conditions={'function': check_repo, 'method': ['DELETE']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('changeset_info', '/{repo_name}/changeset_info/{revision}',
                              controller='changeset', action='changeset_info',
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('compare_home',
                              '/{repo_name}/compare',
                              controller='compare', action='index',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('compare_url',
                              '/{repo_name}/compare/{source_ref_type}@{source_ref:.*?}...{target_ref_type}@{target_ref:.*?}',
                              controller='compare', action='compare',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_home',
                              '/{repo_name}/pull-request/new', controller='pullrequests',
                              action='index', conditions={'function': check_repo,
                                                          'method': ['GET']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest',
                              '/{repo_name}/pull-request/new', controller='pullrequests',
                              action='create', conditions={'function': check_repo,
                                                           'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_repo_refs',
                              '/{repo_name}/pull-request/refs/{target_repo_name:.*?[^/]}',
                              controller='pullrequests',
                              action='get_repo_refs',
                              conditions={'function': check_repo, 'method': ['GET']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_repo_destinations',
                              '/{repo_name}/pull-request/repo-destinations',
                              controller='pullrequests',
                              action='get_repo_destinations',
                              conditions={'function': check_repo, 'method': ['GET']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_show',
                              '/{repo_name}/pull-request/{pull_request_id}',
                              controller='pullrequests',
                              action='show', conditions={'function': check_repo,
                                                         'method': ['GET']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_update',
                              '/{repo_name}/pull-request/{pull_request_id}',
                              controller='pullrequests',
                              action='update', conditions={'function': check_repo,
                                                           'method': ['PUT']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_merge',
                              '/{repo_name}/pull-request/{pull_request_id}',
                              controller='pullrequests',
                              action='merge', conditions={'function': check_repo,
                                                          'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('pullrequest_delete',
                              '/{repo_name}/pull-request/{pull_request_id}',
                              controller='pullrequests',
                              action='delete', conditions={'function': check_repo,
                                                           'method': ['DELETE']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('pullrequest_comment',
                              '/{repo_name}/pull-request-comment/{pull_request_id}',
                              controller='pullrequests',
                              action='comment', conditions={'function': check_repo,
                                                            'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_comment_delete',
                              '/{repo_name}/pull-request-comment/{comment_id}/delete',
                              controller='pullrequests', action='delete_comment',
                              conditions={'function': check_repo, 'method': ['DELETE']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('changelog_home', '/{repo_name}/changelog', jsroute=True,
                              controller='changelog', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changelog_file_home',
                              '/{repo_name}/changelog/{revision}/{f_path}',
                              controller='changelog', f_path=None,
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('changelog_elements', '/{repo_name}/changelog_details',
                              controller='changelog', action='changelog_elements',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_home',  '/{repo_name}/files/{revision}/{f_path}',
                              controller='files', revision='tip', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_home_simple_catchrev',
                              '/{repo_name}/files/{revision}',
                              controller='files', revision='tip', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_home_simple_catchall',
                              '/{repo_name}/files',
                              controller='files', revision='tip', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_history_home',
                              '/{repo_name}/history/{revision}/{f_path}',
                              controller='files', action='history', revision='tip', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_authors_home',
                              '/{repo_name}/authors/{revision}/{f_path}',
                              controller='files', action='authors', revision='tip', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_diff_home', '/{repo_name}/diff/{f_path}',
                              controller='files', action='diff', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_diff_2way_home',
                              '/{repo_name}/diff-2way/{f_path}',
                              controller='files', action='diff_2way', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_rawfile_home',
                              '/{repo_name}/rawfile/{revision}/{f_path}',
                              controller='files', action='rawfile', revision='tip',
                              f_path='', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_raw_home',
                              '/{repo_name}/raw/{revision}/{f_path}',
                              controller='files', action='raw', revision='tip', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_render_home',
                              '/{repo_name}/render/{revision}/{f_path}',
                              controller='files', action='index', revision='tip', f_path='',
                              rendered=True, conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_annotate_home',
                              '/{repo_name}/annotate/{revision}/{f_path}',
                              controller='files', action='index', revision='tip',
                              f_path='', annotate=True, conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_annotate_previous',
                              '/{repo_name}/annotate-previous/{revision}/{f_path}',
                              controller='files', action='annotate_previous', revision='tip',
                              f_path='', annotate=True, conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_edit',
                              '/{repo_name}/edit/{revision}/{f_path}',
                              controller='files', action='edit', revision='tip',
                              f_path='',
                              conditions={'function': check_repo, 'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_edit_home',
                              '/{repo_name}/edit/{revision}/{f_path}',
                              controller='files', action='edit_home', revision='tip',
                              f_path='', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_add',
                              '/{repo_name}/add/{revision}/{f_path}',
                              controller='files', action='add', revision='tip',
                              f_path='',
                              conditions={'function': check_repo, 'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_add_home',
                              '/{repo_name}/add/{revision}/{f_path}',
                              controller='files', action='add_home', revision='tip',
                              f_path='', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_delete',
                              '/{repo_name}/delete/{revision}/{f_path}',
                              controller='files', action='delete', revision='tip',
                              f_path='',
                              conditions={'function': check_repo, 'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_delete_home',
                              '/{repo_name}/delete/{revision}/{f_path}',
                              controller='files', action='delete_home', revision='tip',
                              f_path='', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_archive_home', '/{repo_name}/archive/{fname}',
                              controller='files', action='archivefile',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_nodelist_home',
                              '/{repo_name}/nodelist/{revision}/{f_path}',
                              controller='files', action='nodelist',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_nodetree_full',
                              '/{repo_name}/nodetree_full/{commit_id}/{f_path}',
                              controller='files', action='nodetree_full',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('repo_fork_create_home', '/{repo_name}/fork',
                              controller='forks', action='fork_create',
                              conditions={'function': check_repo, 'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_fork_home', '/{repo_name}/fork',
                              controller='forks', action='fork',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_forks_home', '/{repo_name}/forks',
                              controller='forks', action='forks',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 return rmap

rhodecode/lib/middleware/csrf.py

0 +11 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             import textwrap
             import routes.middleware
             import urlobject
             import webob
             import webob.exc
             import rhodecode.lib.auth
             log = logging.getLogger(__name__)
             class CSRFDetector(object):
                 """
                 Middleware for preventing CSRF.
                 It checks that all requests are either GET or POST.
                 For POST requests, it logs the requests that do not have a CSRF token.
                 Eventually it will raise an error.
                 It special cases some endpoints as they do not really require a token.
                 Note: this middleware is only intended for testing.
                 """
                 _PUT_DELETE_MESSAGE = textwrap.dedent('''
                     Do not call in tests app.delete or app.put, use instead
                     app.post(..., params={'_method': 'delete'}.
                     The reason is twofold. The first is because that's how the browser is
                     calling rhodecode and the second is because it allow us to detect
                     potential CSRF.''').strip()
                 _PATHS_WITHOUT_TOKEN = frozenset((
                     # The password is the token.
                     '/_admin/login',
                     # Captcha may be enabled.
                     '/_admin/password_reset',
                     # Captcha may be enabled.
                     '/_admin/password_reset_confirmation',
                     # Captcha may be enabled.
                     '/_admin/register',
                     # No change in state with this controller.
                     '/error/document',
                 ))
+                _SKIP_PATTERN = frozenset((
+                    '/_admin/gists/',
+                ))
                 def __init__(self, app):
                     self._app = app
                 def __call__(self, environ, start_response):
                     if environ['REQUEST_METHOD'].upper() not in ('GET', 'POST'):
                         raise Exception(self._PUT_DELETE_MESSAGE)
+                    token_expected = environ['PATH_INFO'] not in self._PATHS_WITHOUT_TOKEN
+                    allowed = True
+                    for pattern in self._SKIP_PATTERN:
+                        if environ['PATH_INFO'].startswith(pattern):
+                            allowed = False
+                            break
                     if (environ['REQUEST_METHOD'] == 'POST' and
-                            environ['PATH_INFO'] not in self._PATHS_WITHOUT_TOKEN and
+                            token_expected and allowed and
                             routes.middleware.is_form_post(environ)):
                         body = environ['wsgi.input']
                         if body.seekable():
                             pos = body.tell()
                             content = body.read()
                             body.seek(pos)
                         elif hasattr(body, 'peek'):
                             content = body.peek()
                         else:
                             raise Exception("Cannot check if the request has a CSRF token")
                         if rhodecode.lib.auth.csrf_token_key not in content:
                             raise Exception(
                                 '%s to %s does not have a csrf_token %r' %
                                 (environ['REQUEST_METHOD'], environ['PATH_INFO'], content))
                     return self._app(environ, start_response)
             def _get_scheme_host_port(url):
                 url = urlobject.URLObject(url)
                 if '://' not in url:
                     return None, url, None
                 scheme = url.scheme or 'http'
                 port = url.port
                 if not port:
                     if scheme == 'http':
                         port = 80
                     elif scheme == 'https':
                         port = 443
                 host = url.netloc.without_port()
                 return scheme, host, port
             def _equivalent_urls(url1, url2):
                 """Check if both urls are equivalent."""
                 return _get_scheme_host_port(url1) == _get_scheme_host_port(url2)
             class OriginChecker(object):
                 """
                 Check whether the request has a valid Origin header.
                 See https://wiki.mozilla.org/Security/Origin for details.
                 """
                 def __init__(self, app, expected_origin, skip_urls=None):
                     """
                     :param expected_origin: the value we expect to see for the Origin
                                             header.
                     :param skip_urls: list of urls for which we do not need to check the
                                       Origin header.
                     """
                     self._app = app
                     self._expected_origin = expected_origin
                     self._skip_urls = frozenset(skip_urls or [])
                 def __call__(self, environ, start_response):
                     origin_header = environ.get('HTTP_ORIGIN', '')
                     origin = origin_header.split(' ', 1)[0]
                     if origin == 'null':
                         origin = None
                     if (environ['PATH_INFO'] not in self._skip_urls and origin and
                             not _equivalent_urls(origin, self._expected_origin)):
                         log.warn(
                             'Invalid Origin header detected: got %s, expected %s',
                             origin_header, self._expected_origin)
                         return webob.exc.HTTPForbidden('Origin header mismatch')(
                             environ, start_response)
                     else:
                         return self._app(environ, start_response)

rhodecode/model/db.py

0 +2 -8

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Database Models for RhodeCode Enterprise
             """
             import re
             import os
             import time
             import hashlib
             import logging
             import datetime
             import warnings
             import ipaddress
             import functools
             import traceback
             import collections
             from sqlalchemy import *
             from sqlalchemy.ext.declarative import declared_attr
             from sqlalchemy.ext.hybrid import hybrid_property
             from sqlalchemy.orm import (
                 relationship, joinedload, class_mapper, validates, aliased)
             from sqlalchemy.sql.expression import true
             from beaker.cache import cache_region
             from zope.cachedescriptors.property import Lazy as LazyProperty
             from pylons.i18n.translation import lazy_ugettext as _
             from pyramid.threadlocal import get_current_request
             from rhodecode.lib.vcs import get_vcs_instance
             from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
             from rhodecode.lib.utils2 import (
                 str2bool, safe_str, get_commit_safe, safe_unicode, md5_safe,
                 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
                 glob2re, StrictAttributeDict, cleaned_uri)
             from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType
             from rhodecode.lib.ext_json import json
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.lib.encrypt import AESCipher
             from rhodecode.model.meta import Base, Session
             URL_SEP = '/'
             log = logging.getLogger(__name__)
             # =============================================================================
             # BASE CLASSES
             # =============================================================================
             # this is propagated from .ini file rhodecode.encrypted_values.secret or
             # beaker.session.secret if first is not set.
             # and initialized at environment.py
             ENCRYPTION_KEY = None
             # used to sort permissions by types, '#' used here is not allowed to be in
             # usernames, and it's very early in sorted string.printable table.
             PERMISSION_TYPE_SORT = {
                 'admin': '####',
                 'write': '###',
                 'read':  '##',
                 'none':  '#',
             }
             def display_sort(obj):
                 """
                 Sort function used to sort permissions in .permissions() function of
                 Repository, RepoGroup, UserGroup. Also it put the default user in front
                 of all other resources
                 """
                 if obj.username == User.DEFAULT_USER:
                     return '#####'
                 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
                 return prefix + obj.username
             def _hash_key(k):
                 return md5_safe(k)
             class EncryptedTextValue(TypeDecorator):
                 """
                 Special column for encrypted long text data, use like::
                     value = Column("encrypted_value", EncryptedValue(), nullable=False)
                 This column is intelligent so if value is in unencrypted form it return
                 unencrypted form, but on save it always encrypts
                 """
                 impl = Text
                 def process_bind_param(self, value, dialect):
                     if not value:
                         return value
                     if value.startswith('enc$aes$') or value.startswith('enc$aes_hmac$'):
                         # protect against double encrypting if someone manually starts
                         # doing
                         raise ValueError('value needs to be in unencrypted format, ie. '
                                          'not starting with enc$aes')
                     return 'enc$aes_hmac$%s' % AESCipher(
                         ENCRYPTION_KEY, hmac=True).encrypt(value)
                 def process_result_value(self, value, dialect):
                     import rhodecode
                     if not value:
                         return value
                     parts = value.split('$', 3)
                     if not len(parts) == 3:
                         # probably not encrypted values
                         return value
                     else:
                         if parts[0] != 'enc':
                             # parts ok but without our header ?
                             return value
                         enc_strict_mode = str2bool(rhodecode.CONFIG.get(
                             'rhodecode.encrypted_values.strict') or True)
                         # at that stage we know it's our encryption
                         if parts[1] == 'aes':
                             decrypted_data = AESCipher(ENCRYPTION_KEY).decrypt(parts[2])
                         elif parts[1] == 'aes_hmac':
                             decrypted_data = AESCipher(
                                 ENCRYPTION_KEY, hmac=True,
                                 strict_verification=enc_strict_mode).decrypt(parts[2])
                         else:
                             raise ValueError(
                                 'Encryption type part is wrong, must be `aes` '
                                 'or `aes_hmac`, got `%s` instead' % (parts[1]))
                         return decrypted_data
             class BaseModel(object):
                 """
                 Base Model for all classes
                 """
                 @classmethod
                 def _get_keys(cls):
                     """return column names for this model """
                     return class_mapper(cls).c.keys()
                 def get_dict(self):
                     """
                     return dict with keys and values corresponding
                     to this model data """
                     d = {}
                     for k in self._get_keys():
                         d[k] = getattr(self, k)
                     # also use __json__() if present to get additional fields
                     _json_attr = getattr(self, '__json__', None)
                     if _json_attr:
                         # update with attributes from __json__
                         if callable(_json_attr):
                             _json_attr = _json_attr()
                         for k, val in _json_attr.iteritems():
                             d[k] = val
                     return d
                 def get_appstruct(self):
                     """return list with keys and values tuples corresponding
                     to this model data """
                     l = []
                     for k in self._get_keys():
                         l.append((k, getattr(self, k),))
                     return l
                 def populate_obj(self, populate_dict):
                     """populate model with data from given populate_dict"""
                     for k in self._get_keys():
                         if k in populate_dict:
                             setattr(self, k, populate_dict[k])
                 @classmethod
                 def query(cls):
                     return Session().query(cls)
                 @classmethod
                 def get(cls, id_):
                     if id_:
                         return cls.query().get(id_)
                 @classmethod
                 def get_or_404(cls, id_, pyramid_exc=False):
                     if pyramid_exc:
                         # NOTE(marcink): backward compat, once migration to pyramid
                         # this should only use pyramid exceptions
                         from pyramid.httpexceptions import HTTPNotFound
                     else:
                         from webob.exc import HTTPNotFound
                     try:
                         id_ = int(id_)
                     except (TypeError, ValueError):
                         raise HTTPNotFound
                     res = cls.query().get(id_)
                     if not res:
                         raise HTTPNotFound
                     return res
                 @classmethod
                 def getAll(cls):
                     # deprecated and left for backward compatibility
                     return cls.get_all()
                 @classmethod
                 def get_all(cls):
                     return cls.query().all()
                 @classmethod
                 def delete(cls, id_):
                     obj = cls.query().get(id_)
                     Session().delete(obj)
                 @classmethod
                 def identity_cache(cls, session, attr_name, value):
                     exist_in_session = []
                     for (item_cls, pkey), instance in session.identity_map.items():
                         if cls == item_cls and getattr(instance, attr_name) == value:
                             exist_in_session.append(instance)
                     if exist_in_session:
                         if len(exist_in_session) == 1:
                             return exist_in_session[0]
                         log.exception(
                             'multiple objects with attr %s and '
                             'value %s found with same name: %r',
                             attr_name, value, exist_in_session)
                 def __repr__(self):
                     if hasattr(self, '__unicode__'):
                         # python repr needs to return str
                         try:
                             return safe_str(self.__unicode__())
                         except UnicodeDecodeError:
                             pass
                     return '<DB:%s>' % (self.__class__.__name__)
             class RhodeCodeSetting(Base, BaseModel):
                 __tablename__ = 'rhodecode_settings'
                 __table_args__ = (
                     UniqueConstraint('app_settings_name'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 SETTINGS_TYPES = {
                     'str': safe_str,
                     'int': safe_int,
                     'unicode': safe_unicode,
                     'bool': str2bool,
                     'list': functools.partial(aslist, sep=',')
                 }
                 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
                 GLOBAL_CONF_KEY = 'app_settings'
                 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
                 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
                 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
                 def __init__(self, key='', val='', type='unicode'):
                     self.app_settings_name = key
                     self.app_settings_type = type
                     self.app_settings_value = val
                 @validates('_app_settings_value')
                 def validate_settings_value(self, key, val):
                     assert type(val) == unicode
                     return val
                 @hybrid_property
                 def app_settings_value(self):
                     v = self._app_settings_value
                     _type = self.app_settings_type
                     if _type:
                         _type = self.app_settings_type.split('.')[0]
                         # decode the encrypted value
                         if 'encrypted' in self.app_settings_type:
                             cipher = EncryptedTextValue()
                             v = safe_unicode(cipher.process_result_value(v, None))
                     converter = self.SETTINGS_TYPES.get(_type) or \
                         self.SETTINGS_TYPES['unicode']
                     return converter(v)
                 @app_settings_value.setter
                 def app_settings_value(self, val):
                     """
                     Setter that will always make sure we use unicode in app_settings_value
                     :param val:
                     """
                     val = safe_unicode(val)
                     # encode the encrypted value
                     if 'encrypted' in self.app_settings_type:
                         cipher = EncryptedTextValue()
                         val = safe_unicode(cipher.process_bind_param(val, None))
                     self._app_settings_value = val
                 @hybrid_property
                 def app_settings_type(self):
                     return self._app_settings_type
                 @app_settings_type.setter
                 def app_settings_type(self, val):
                     if val.split('.')[0] not in self.SETTINGS_TYPES:
                         raise Exception('type must be one of %s got %s'
                                         % (self.SETTINGS_TYPES.keys(), val))
                     self._app_settings_type = val
                 def __unicode__(self):
                     return u"<%s('%s:%s[%s]')>" % (
                         self.__class__.__name__,
                         self.app_settings_name, self.app_settings_value,
                         self.app_settings_type
                     )
             class RhodeCodeUi(Base, BaseModel):
                 __tablename__ = 'rhodecode_ui'
                 __table_args__ = (
                     UniqueConstraint('ui_key'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 HOOK_REPO_SIZE = 'changegroup.repo_size'
                 # HG
                 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
                 HOOK_PULL = 'outgoing.pull_logger'
                 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
                 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
                 HOOK_PUSH = 'changegroup.push_logger'
                 HOOK_PUSH_KEY = 'pushkey.key_push'
                 # TODO: johbo: Unify way how hooks are configured for git and hg,
                 # git part is currently hardcoded.
                 # SVN PATTERNS
                 SVN_BRANCH_ID = 'vcs_svn_branch'
                 SVN_TAG_ID = 'vcs_svn_tag'
                 ui_id = Column(
                     "ui_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 ui_section = Column(
                     "ui_section", String(255), nullable=True, unique=None, default=None)
                 ui_key = Column(
                     "ui_key", String(255), nullable=True, unique=None, default=None)
                 ui_value = Column(
                     "ui_value", String(255), nullable=True, unique=None, default=None)
                 ui_active = Column(
                     "ui_active", Boolean(), nullable=True, unique=None, default=True)
                 def __repr__(self):
                     return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
                                                 self.ui_key, self.ui_value)
             class RepoRhodeCodeSetting(Base, BaseModel):
                 __tablename__ = 'repo_rhodecode_settings'
                 __table_args__ = (
                     UniqueConstraint(
                         'app_settings_name', 'repository_id',
                         name='uq_repo_rhodecode_setting_name_repo_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 repository_id = Column(
                     "repository_id", Integer(), ForeignKey('repositories.repo_id'),
                     nullable=False)
                 app_settings_id = Column(
                     "app_settings_id", Integer(), nullable=False, unique=True,
                     default=None, primary_key=True)
                 app_settings_name = Column(
                     "app_settings_name", String(255), nullable=True, unique=None,
                     default=None)
                 _app_settings_value = Column(
                     "app_settings_value", String(4096), nullable=True, unique=None,
                     default=None)
                 _app_settings_type = Column(
                     "app_settings_type", String(255), nullable=True, unique=None,
                     default=None)
                 repository = relationship('Repository')
                 def __init__(self, repository_id, key='', val='', type='unicode'):
                     self.repository_id = repository_id
                     self.app_settings_name = key
                     self.app_settings_type = type
                     self.app_settings_value = val
                 @validates('_app_settings_value')
                 def validate_settings_value(self, key, val):
                     assert type(val) == unicode
                     return val
                 @hybrid_property
                 def app_settings_value(self):
                     v = self._app_settings_value
                     type_ = self.app_settings_type
                     SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
                     converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
                     return converter(v)
                 @app_settings_value.setter
                 def app_settings_value(self, val):
                     """
                     Setter that will always make sure we use unicode in app_settings_value
                     :param val:
                     """
                     self._app_settings_value = safe_unicode(val)
                 @hybrid_property
                 def app_settings_type(self):
                     return self._app_settings_type
                 @app_settings_type.setter
                 def app_settings_type(self, val):
                     SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
                     if val not in SETTINGS_TYPES:
                         raise Exception('type must be one of %s got %s'
                                         % (SETTINGS_TYPES.keys(), val))
                     self._app_settings_type = val
                 def __unicode__(self):
                     return u"<%s('%s:%s:%s[%s]')>" % (
                         self.__class__.__name__, self.repository.repo_name,
                         self.app_settings_name, self.app_settings_value,
                         self.app_settings_type
                     )
             class RepoRhodeCodeUi(Base, BaseModel):
                 __tablename__ = 'repo_rhodecode_ui'
                 __table_args__ = (
                     UniqueConstraint(
                         'repository_id', 'ui_section', 'ui_key',
                         name='uq_repo_rhodecode_ui_repository_id_section_key'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 repository_id = Column(
                     "repository_id", Integer(), ForeignKey('repositories.repo_id'),
                     nullable=False)
                 ui_id = Column(
                     "ui_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 ui_section = Column(
                     "ui_section", String(255), nullable=True, unique=None, default=None)
                 ui_key = Column(
                     "ui_key", String(255), nullable=True, unique=None, default=None)
                 ui_value = Column(
                     "ui_value", String(255), nullable=True, unique=None, default=None)
                 ui_active = Column(
                     "ui_active", Boolean(), nullable=True, unique=None, default=True)
                 repository = relationship('Repository')
                 def __repr__(self):
                     return '<%s[%s:%s]%s=>%s]>' % (
                         self.__class__.__name__, self.repository.repo_name,
                         self.ui_section, self.ui_key, self.ui_value)
             class User(Base, BaseModel):
                 __tablename__ = 'users'
                 __table_args__ = (
                     UniqueConstraint('username'), UniqueConstraint('email'),
                     Index('u_username_idx', 'username'),
                     Index('u_email_idx', 'email'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 DEFAULT_USER = 'default'
                 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
                 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
                 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 username = Column("username", String(255), nullable=True, unique=None, default=None)
                 password = Column("password", String(255), nullable=True, unique=None, default=None)
                 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
                 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
                 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
                 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
                 _email = Column("email", String(255), nullable=True, unique=None, default=None)
                 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
                 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
                 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
                 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
                 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 _user_data = Column("user_data", LargeBinary(), nullable=True)  # JSON data
                 user_log = relationship('UserLog')
                 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
                 repositories = relationship('Repository')
                 repository_groups = relationship('RepoGroup')
                 user_groups = relationship('UserGroup')
                 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
                 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
                 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
                 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
                 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all')
                 group_member = relationship('UserGroupMember', cascade='all')
                 notifications = relationship('UserNotification', cascade='all')
                 # notifications assigned to this user
                 user_created_notifications = relationship('Notification', cascade='all')
                 # comments created by this user
                 user_comments = relationship('ChangesetComment', cascade='all')
                 # user profile extra info
                 user_emails = relationship('UserEmailMap', cascade='all')
                 user_ip_map = relationship('UserIpMap', cascade='all')
                 user_auth_tokens = relationship('UserApiKeys', cascade='all')
                 # gists
                 user_gists = relationship('Gist', cascade='all')
                 # user pull requests
                 user_pull_requests = relationship('PullRequest', cascade='all')
                 # external identities
                 extenal_identities = relationship(
                     'ExternalIdentity',
                     primaryjoin="User.user_id==ExternalIdentity.local_user_id",
                     cascade='all')
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
                                                   self.user_id, self.username)
                 @hybrid_property
                 def email(self):
                     return self._email
                 @email.setter
                 def email(self, val):
                     self._email = val.lower() if val else None
                 @hybrid_property
                 def first_name(self):
                     from rhodecode.lib import helpers as h
                     if self.name:
                         return h.escape(self.name)
                     return self.name
                 @hybrid_property
                 def last_name(self):
                     from rhodecode.lib import helpers as h
                     if self.lastname:
                         return h.escape(self.lastname)
                     return self.lastname
                 @hybrid_property
                 def api_key(self):
                     """
                     Fetch if exist an auth-token with role ALL connected to this user
                     """
                     user_auth_token = UserApiKeys.query()\
                         .filter(UserApiKeys.user_id == self.user_id)\
                         .filter(or_(UserApiKeys.expires == -1,
                                         UserApiKeys.expires >= time.time()))\
                         .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
                     if user_auth_token:
                         user_auth_token = user_auth_token.api_key
                     return user_auth_token
                 @api_key.setter
                 def api_key(self, val):
                     # don't allow to set API key this is deprecated for now
                     self._api_key = None
                 @property
                 def firstname(self):
                     # alias for future
                     return self.name
                 @property
                 def emails(self):
                     other = UserEmailMap.query().filter(UserEmailMap.user==self).all()
                     return [self.email] + [x.email for x in other]
                 @property
                 def auth_tokens(self):
                     return [x.api_key for x in self.extra_auth_tokens]
                 @property
                 def extra_auth_tokens(self):
                     return UserApiKeys.query().filter(UserApiKeys.user == self).all()
                 @property
                 def feed_token(self):
                     return self.get_feed_token()
                 def get_feed_token(self):
                     feed_tokens = UserApiKeys.query()\
                         .filter(UserApiKeys.user == self)\
                         .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)\
                         .all()
                     if feed_tokens:
                         return feed_tokens[0].api_key
                     return 'NO_FEED_TOKEN_AVAILABLE'
                 @classmethod
                 def extra_valid_auth_tokens(cls, user, role=None):
                     tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
                             .filter(or_(UserApiKeys.expires == -1,
                                         UserApiKeys.expires >= time.time()))
                     if role:
                         tokens = tokens.filter(or_(UserApiKeys.role == role,
                                                    UserApiKeys.role == UserApiKeys.ROLE_ALL))
                     return tokens.all()
                 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
                     from rhodecode.lib import auth
                     log.debug('Trying to authenticate user: %s via auth-token, '
                               'and roles: %s', self, roles)
                     if not auth_token:
                         return False
                     crypto_backend = auth.crypto_backend()
                     roles = (roles or []) + [UserApiKeys.ROLE_ALL]
                     tokens_q = UserApiKeys.query()\
                         .filter(UserApiKeys.user_id == self.user_id)\
                         .filter(or_(UserApiKeys.expires == -1,
                                     UserApiKeys.expires >= time.time()))
                     tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
                     plain_tokens = []
                     hash_tokens = []
                     for token in tokens_q.all():
                         # verify scope first
                         if token.repo_id:
                             # token has a scope, we need to verify it
                             if scope_repo_id != token.repo_id:
                                 log.debug(
                                     'Scope mismatch: token has a set repo scope: %s, '
                                     'and calling scope is:%s, skipping further checks',
                                      token.repo, scope_repo_id)
                                 # token has a scope, and it doesn't match, skip token
                                 continue
                         if token.api_key.startswith(crypto_backend.ENC_PREF):
                             hash_tokens.append(token.api_key)
                         else:
                             plain_tokens.append(token.api_key)
                     is_plain_match = auth_token in plain_tokens
                     if is_plain_match:
                         return True
                     for hashed in hash_tokens:
                         # TODO(marcink): this is expensive to calculate, but most secure
                         match = crypto_backend.hash_check(auth_token, hashed)
                         if match:
                             return True
                     return False
                 @property
                 def ip_addresses(self):
                     ret = UserIpMap.query().filter(UserIpMap.user == self).all()
                     return [x.ip_addr for x in ret]
                 @property
                 def username_and_name(self):
                     return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
                 @property
                 def username_or_name_or_email(self):
                     full_name = self.full_name if self.full_name is not ' ' else None
                     return self.username or full_name or self.email
                 @property
                 def full_name(self):
                     return '%s %s' % (self.first_name, self.last_name)
                 @property
                 def full_name_or_username(self):
                     return ('%s %s' % (self.first_name, self.last_name)
                             if (self.first_name and self.last_name) else self.username)
                 @property
                 def full_contact(self):
                     return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
                 @property
                 def short_contact(self):
                     return '%s %s' % (self.first_name, self.last_name)
                 @property
                 def is_admin(self):
                     return self.admin
                 @property
                 def AuthUser(self):
                     """
                     Returns instance of AuthUser for this user
                     """
                     from rhodecode.lib.auth import AuthUser
                     return AuthUser(user_id=self.user_id, username=self.username)
                 @hybrid_property
                 def user_data(self):
                     if not self._user_data:
                         return {}
                     try:
                         return json.loads(self._user_data)
                     except TypeError:
                         return {}
                 @user_data.setter
                 def user_data(self, val):
                     if not isinstance(val, dict):
                         raise Exception('user_data must be dict, got %s' % type(val))
                     try:
                         self._user_data = json.dumps(val)
                     except Exception:
                         log.error(traceback.format_exc())
                 @classmethod
                 def get_by_username(cls, username, case_insensitive=False,
                                     cache=False, identity_cache=False):
                     session = Session()
                     if case_insensitive:
                         q = cls.query().filter(
                             func.lower(cls.username) == func.lower(username))
                     else:
                         q = cls.query().filter(cls.username == username)
                     if cache:
                         if identity_cache:
                             val = cls.identity_cache(session, 'username', username)
                             if val:
                                 return val
                         else:
                             cache_key = "get_user_by_name_%s" % _hash_key(username)
                             q = q.options(
                                 FromCache("sql_cache_short", cache_key))
                     return q.scalar()
                 @classmethod
                 def get_by_auth_token(cls, auth_token, cache=False):
                     q = UserApiKeys.query()\
                         .filter(UserApiKeys.api_key == auth_token)\
                         .filter(or_(UserApiKeys.expires == -1,
                                     UserApiKeys.expires >= time.time()))
                     if cache:
                         q = q.options(
                             FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
                     match = q.first()
                     if match:
                         return match.user
                 @classmethod
                 def get_by_email(cls, email, case_insensitive=False, cache=False):
                     if case_insensitive:
                         q = cls.query().filter(func.lower(cls.email) == func.lower(email))
                     else:
                         q = cls.query().filter(cls.email == email)
                     email_key = _hash_key(email)
                     if cache:
                         q = q.options(
                             FromCache("sql_cache_short", "get_email_key_%s" % email_key))
                     ret = q.scalar()
                     if ret is None:
                         q = UserEmailMap.query()
                         # try fetching in alternate email map
                         if case_insensitive:
                             q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
                         else:
                             q = q.filter(UserEmailMap.email == email)
                         q = q.options(joinedload(UserEmailMap.user))
                         if cache:
                             q = q.options(
                                 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
                         ret = getattr(q.scalar(), 'user', None)
                     return ret
                 @classmethod
                 def get_from_cs_author(cls, author):
                     """
                     Tries to get User objects out of commit author string
                     :param author:
                     """
                     from rhodecode.lib.helpers import email, author_name
                     # Valid email in the attribute passed, see if they're in the system
                     _email = email(author)
                     if _email:
                         user = cls.get_by_email(_email, case_insensitive=True)
                         if user:
                             return user
                     # Maybe we can match by username?
                     _author = author_name(author)
                     user = cls.get_by_username(_author, case_insensitive=True)
                     if user:
                         return user
                 def update_userdata(self, **kwargs):
                     usr = self
                     old = usr.user_data
                     old.update(**kwargs)
                     usr.user_data = old
                     Session().add(usr)
                     log.debug('updated userdata with ', kwargs)
                 def update_lastlogin(self):
                     """Update user lastlogin"""
                     self.last_login = datetime.datetime.now()
                     Session().add(self)
                     log.debug('updated user %s lastlogin', self.username)
                 def update_lastactivity(self):
                     """Update user lastactivity"""
                     self.last_activity = datetime.datetime.now()
                     Session().add(self)
                     log.debug('updated user %s lastactivity', self.username)
                 def update_password(self, new_password):
                     from rhodecode.lib.auth import get_crypt_password
                     self.password = get_crypt_password(new_password)
                     Session().add(self)
                 @classmethod
                 def get_first_super_admin(cls):
                     user = User.query().filter(User.admin == true()).first()
                     if user is None:
                         raise Exception('FATAL: Missing administrative account!')
                     return user
                 @classmethod
                 def get_all_super_admins(cls):
                     """
                     Returns all admin accounts sorted by username
                     """
                     return User.query().filter(User.admin == true())\
                         .order_by(User.username.asc()).all()
                 @classmethod
                 def get_default_user(cls, cache=False, refresh=False):
                     user = User.get_by_username(User.DEFAULT_USER, cache=cache)
                     if user is None:
                         raise Exception('FATAL: Missing default account!')
                     if refresh:
                         # The default user might be based on outdated state which
                         # has been loaded from the cache.
                         # A call to refresh() ensures that the
                         # latest state from the database is used.
                         Session().refresh(user)
                     return user
                 def _get_default_perms(self, user, suffix=''):
                     from rhodecode.model.permission import PermissionModel
                     return PermissionModel().get_default_perms(user.user_perms, suffix)
                 def get_default_perms(self, suffix=''):
                     return self._get_default_perms(self, suffix)
                 def get_api_data(self, include_secrets=False, details='full'):
                     """
                     Common function for generating user related data for API
                     :param include_secrets: By default secrets in the API data will be replaced
                        by a placeholder value to prevent exposing this data by accident. In case
                        this data shall be exposed, set this flag to ``True``.
                     :param details: details can be 'basic|full' basic gives only a subset of
                        the available user information that includes user_id, name and emails.
                     """
                     user = self
                     user_data = self.user_data
                     data = {
                         'user_id': user.user_id,
                         'username': user.username,
                         'firstname': user.name,
                         'lastname': user.lastname,
                         'email': user.email,
                         'emails': user.emails,
                     }
                     if details == 'basic':
                         return data
                     api_key_length = 40
                     api_key_replacement = '*' * api_key_length
                     extras = {
                         'api_keys': [api_key_replacement],
                         'auth_tokens': [api_key_replacement],
                         'active': user.active,
                         'admin': user.admin,
                         'extern_type': user.extern_type,
                         'extern_name': user.extern_name,
                         'last_login': user.last_login,
                         'last_activity': user.last_activity,
                         'ip_addresses': user.ip_addresses,
                         'language': user_data.get('language')
                     }
                     data.update(extras)
                     if include_secrets:
                         data['api_keys'] = user.auth_tokens
                         data['auth_tokens'] = user.extra_auth_tokens
                     return data
                 def __json__(self):
                     data = {
                         'full_name': self.full_name,
                         'full_name_or_username': self.full_name_or_username,
                         'short_contact': self.short_contact,
                         'full_contact': self.full_contact,
                     }
                     data.update(self.get_api_data())
                     return data
             class UserApiKeys(Base, BaseModel):
                 __tablename__ = 'user_api_keys'
                 __table_args__ = (
                     Index('uak_api_key_idx', 'api_key'),
                     Index('uak_api_key_expires_idx', 'api_key', 'expires'),
                     UniqueConstraint('api_key'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 __mapper_args__ = {}
                 # ApiKey role
                 ROLE_ALL = 'token_role_all'
                 ROLE_HTTP = 'token_role_http'
                 ROLE_VCS = 'token_role_vcs'
                 ROLE_API = 'token_role_api'
                 ROLE_FEED = 'token_role_feed'
                 ROLE_PASSWORD_RESET = 'token_password_reset'
                 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
                 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 api_key = Column("api_key", String(255), nullable=False, unique=True)
                 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                 expires = Column('expires', Float(53), nullable=False)
                 role = Column('role', String(255), nullable=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 # scope columns
                 repo_id = Column(
                     'repo_id', Integer(), ForeignKey('repositories.repo_id'),
                     nullable=True, unique=None, default=None)
                 repo = relationship('Repository', lazy='joined')
                 repo_group_id = Column(
                     'repo_group_id', Integer(), ForeignKey('groups.group_id'),
                     nullable=True, unique=None, default=None)
                 repo_group = relationship('RepoGroup', lazy='joined')
                 user = relationship('User', lazy='joined')
                 def __unicode__(self):
                     return u"<%s('%s')>" % (self.__class__.__name__, self.role)
                 def __json__(self):
                     data = {
                         'auth_token': self.api_key,
                         'role': self.role,
                         'scope': self.scope_humanized,
                         'expired': self.expired
                     }
                     return data
                 def get_api_data(self, include_secrets=False):
                     data = self.__json__()
                     if include_secrets:
                         return data
                     else:
                         data['auth_token'] = self.token_obfuscated
                         return data
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @property
                 def expired(self):
                     if self.expires == -1:
                         return False
                     return time.time() > self.expires
                 @classmethod
                 def _get_role_name(cls, role):
                     return {
                         cls.ROLE_ALL: _('all'),
                         cls.ROLE_HTTP: _('http/web interface'),
                         cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
                         cls.ROLE_API: _('api calls'),
                         cls.ROLE_FEED: _('feed access'),
                     }.get(role, role)
                 @property
                 def role_humanized(self):
                     return self._get_role_name(self.role)
                 def _get_scope(self):
                     if self.repo:
                         return repr(self.repo)
                     if self.repo_group:
                         return repr(self.repo_group) + ' (recursive)'
                     return 'global'
                 @property
                 def scope_humanized(self):
                     return self._get_scope()
                 @property
                 def token_obfuscated(self):
                     if self.api_key:
                         return self.api_key[:4] + "****"
             class UserEmailMap(Base, BaseModel):
                 __tablename__ = 'user_email_map'
                 __table_args__ = (
                     Index('uem_email_idx', 'email'),
                     UniqueConstraint('email'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 __mapper_args__ = {}
                 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 _email = Column("email", String(255), nullable=True, unique=False, default=None)
                 user = relationship('User', lazy='joined')
                 @validates('_email')
                 def validate_email(self, key, email):
                     # check if this email is not main one
                     main_email = Session().query(User).filter(User.email == email).scalar()
                     if main_email is not None:
                         raise AttributeError('email %s is present is user table' % email)
                     return email
                 @hybrid_property
                 def email(self):
                     return self._email
                 @email.setter
                 def email(self, val):
                     self._email = val.lower() if val else None
             class UserIpMap(Base, BaseModel):
                 __tablename__ = 'user_ip_map'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'ip_addr'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 __mapper_args__ = {}
                 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
                 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
                 description = Column("description", String(10000), nullable=True, unique=None, default=None)
                 user = relationship('User', lazy='joined')
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @classmethod
                 def _get_ip_range(cls, ip_addr):
                     net = ipaddress.ip_network(ip_addr, strict=False)
                     return [str(net.network_address), str(net.broadcast_address)]
                 def __json__(self):
                     return {
                       'ip_addr': self.ip_addr,
                       'ip_range': self._get_ip_range(self.ip_addr),
                     }
                 def __unicode__(self):
                     return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
                                                         self.user_id, self.ip_addr)
             class UserLog(Base, BaseModel):
                 __tablename__ = 'user_logs'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 VERSION_1 = 'v1'
                 VERSION_2 = 'v2'
                 VERSIONS = [VERSION_1, VERSION_2]
                 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 username = Column("username", String(255), nullable=True, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True)
                 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
                 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
                 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
                 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 version = Column("version", String(255), nullable=True, default=VERSION_1)
                 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (
                         self.__class__.__name__, self.repository_name, self.action)
                 def __json__(self):
                     return {
                         'user_id': self.user_id,
                         'username': self.username,
                         'repository_id': self.repository_id,
                         'repository_name': self.repository_name,
                         'user_ip': self.user_ip,
                         'action_date': self.action_date,
                         'action': self.action,
                     }
                 @property
                 def action_as_day(self):
                     return datetime.date(*self.action_date.timetuple()[:3])
                 user = relationship('User')
                 repository = relationship('Repository', cascade='')
             class UserGroup(Base, BaseModel):
                 __tablename__ = 'users_groups'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
                 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
                 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
                 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 _group_data = Column("group_data", LargeBinary(), nullable=True)  # JSON data
                 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
                 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
                 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
                 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
                 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
                 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
                 user = relationship('User')
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @hybrid_property
                 def group_data(self):
                     if not self._group_data:
                         return {}
                     try:
                         return json.loads(self._group_data)
                     except TypeError:
                         return {}
                 @group_data.setter
                 def group_data(self, val):
                     try:
                         self._group_data = json.dumps(val)
                     except Exception:
                         log.error(traceback.format_exc())
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
                                                   self.users_group_id,
                                                   self.users_group_name)
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False,
                                       case_insensitive=False):
                     if case_insensitive:
                         q = cls.query().filter(func.lower(cls.users_group_name) ==
                                                func.lower(group_name))
                     else:
                         q = cls.query().filter(cls.users_group_name == group_name)
                     if cache:
                         q = q.options(
                             FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
                     return q.scalar()
                 @classmethod
                 def get(cls, user_group_id, cache=False):
                     user_group = cls.query()
                     if cache:
                         user_group = user_group.options(
                             FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
                     return user_group.get(user_group_id)
                 def permissions(self, with_admins=True, with_owner=True):
                     q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
                     q = q.options(joinedload(UserUserGroupToPerm.user_group),
                                   joinedload(UserUserGroupToPerm.user),
                                   joinedload(UserUserGroupToPerm.permission),)
                     # get owners and admins and permissions. We do a trick of re-writing
                     # objects from sqlalchemy to named-tuples due to sqlalchemy session
                     # has a global reference and changing one object propagates to all
                     # others. This means if admin is also an owner admin_row that change
                     # would propagate to both objects
                     perm_rows = []
                     for _usr in q.all():
                         usr = AttributeDict(_usr.user.get_dict())
                         usr.permission = _usr.permission.permission_name
                         perm_rows.append(usr)
                     # filter the perm rows by 'default' first and then sort them by
                     # admin,write,read,none permissions sorted again alphabetically in
                     # each group
                     perm_rows = sorted(perm_rows, key=display_sort)
                     _admin_perm = 'usergroup.admin'
                     owner_row = []
                     if with_owner:
                         usr = AttributeDict(self.user.get_dict())
                         usr.owner_row = True
                         usr.permission = _admin_perm
                         owner_row.append(usr)
                     super_admin_rows = []
                     if with_admins:
                         for usr in User.get_all_super_admins():
                             # if this admin is also owner, don't double the record
                             if usr.user_id == owner_row[0].user_id:
                                 owner_row[0].admin_row = True
                             else:
                                 usr = AttributeDict(usr.get_dict())
                                 usr.admin_row = True
                                 usr.permission = _admin_perm
                                 super_admin_rows.append(usr)
                     return super_admin_rows + owner_row + perm_rows
                 def permission_user_groups(self):
                     q = UserGroupUserGroupToPerm.query().filter(UserGroupUserGroupToPerm.target_user_group == self)
                     q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
                                   joinedload(UserGroupUserGroupToPerm.target_user_group),
                                   joinedload(UserGroupUserGroupToPerm.permission),)
                     perm_rows = []
                     for _user_group in q.all():
                         usr = AttributeDict(_user_group.user_group.get_dict())
                         usr.permission = _user_group.permission.permission_name
                         perm_rows.append(usr)
                     return perm_rows
                 def _get_default_perms(self, user_group, suffix=''):
                     from rhodecode.model.permission import PermissionModel
                     return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
                 def get_default_perms(self, suffix=''):
                     return self._get_default_perms(self, suffix)
                 def get_api_data(self, with_group_members=True, include_secrets=False):
                     """
                     :param include_secrets: See :meth:`User.get_api_data`, this parameter is
                        basically forwarded.
                     """
                     user_group = self
                     data = {
                         'users_group_id': user_group.users_group_id,
                         'group_name': user_group.users_group_name,
                         'group_description': user_group.user_group_description,
                         'active': user_group.users_group_active,
                         'owner': user_group.user.username,
                         'owner_email': user_group.user.email,
                     }
                     if with_group_members:
                         users = []
                         for user in user_group.members:
                             user = user.user
                             users.append(user.get_api_data(include_secrets=include_secrets))
                         data['users'] = users
                     return data
             class UserGroupMember(Base, BaseModel):
                 __tablename__ = 'users_groups_members'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 user = relationship('User', lazy='joined')
                 users_group = relationship('UserGroup')
                 def __init__(self, gr_id='', u_id=''):
                     self.users_group_id = gr_id
                     self.user_id = u_id
             class RepositoryField(Base, BaseModel):
                 __tablename__ = 'repositories_fields'
                 __table_args__ = (
                     UniqueConstraint('repository_id', 'field_key'),  # no-multi field
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 PREFIX = 'ex_'  # prefix used in form to not conflict with already existing fields
                 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 field_key = Column("field_key", String(250))
                 field_label = Column("field_label", String(1024), nullable=False)
                 field_value = Column("field_value", String(10000), nullable=False)
                 field_desc = Column("field_desc", String(1024), nullable=False)
                 field_type = Column("field_type", String(255), nullable=False, unique=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 repository = relationship('Repository')
                 @property
                 def field_key_prefixed(self):
                     return 'ex_%s' % self.field_key
                 @classmethod
                 def un_prefix_key(cls, key):
                     if key.startswith(cls.PREFIX):
                         return key[len(cls.PREFIX):]
                     return key
                 @classmethod
                 def get_by_key_name(cls, key, repo):
                     row = cls.query()\
                             .filter(cls.repository == repo)\
                             .filter(cls.field_key == key).scalar()
                     return row
             class Repository(Base, BaseModel):
                 __tablename__ = 'repositories'
                 __table_args__ = (
                     Index('r_repo_name_idx', 'repo_name', mysql_length=255),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
                 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
                 STATE_CREATED = 'repo_state_created'
                 STATE_PENDING = 'repo_state_pending'
                 STATE_ERROR = 'repo_state_error'
                 LOCK_AUTOMATIC = 'lock_auto'
                 LOCK_API = 'lock_api'
                 LOCK_WEB = 'lock_web'
                 LOCK_PULL = 'lock_pull'
                 NAME_SEP = URL_SEP
                 repo_id = Column(
                     "repo_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 _repo_name = Column(
                     "repo_name", Text(), nullable=False, default=None)
                 _repo_name_hash = Column(
                     "repo_name_hash", String(255), nullable=False, unique=True)
                 repo_state = Column("repo_state", String(255), nullable=True)
                 clone_uri = Column(
                     "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
                     default=None)
                 repo_type = Column(
                     "repo_type", String(255), nullable=False, unique=False, default=None)
                 user_id = Column(
                     "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
                     unique=False, default=None)
                 private = Column(
                     "private", Boolean(), nullable=True, unique=None, default=None)
                 enable_statistics = Column(
                     "statistics", Boolean(), nullable=True, unique=None, default=True)
                 enable_downloads = Column(
                     "downloads", Boolean(), nullable=True, unique=None, default=True)
                 description = Column(
                     "description", String(10000), nullable=True, unique=None, default=None)
                 created_on = Column(
                     'created_on', DateTime(timezone=False), nullable=True, unique=None,
                     default=datetime.datetime.now)
                 updated_on = Column(
                     'updated_on', DateTime(timezone=False), nullable=True, unique=None,
                     default=datetime.datetime.now)
                 _landing_revision = Column(
                     "landing_revision", String(255), nullable=False, unique=False,
                     default=None)
                 enable_locking = Column(
                     "enable_locking", Boolean(), nullable=False, unique=None,
                     default=False)
                 _locked = Column(
                     "locked", String(255), nullable=True, unique=False, default=None)
                 _changeset_cache = Column(
                     "changeset_cache", LargeBinary(), nullable=True)  # JSON data
                 fork_id = Column(
                     "fork_id", Integer(), ForeignKey('repositories.repo_id'),
                     nullable=True, unique=False, default=None)
                 group_id = Column(
                     "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
                     unique=False, default=None)
                 user = relationship('User', lazy='joined')
                 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
                 group = relationship('RepoGroup', lazy='joined')
                 repo_to_perm = relationship(
                     'UserRepoToPerm', cascade='all',
                     order_by='UserRepoToPerm.repo_to_perm_id')
                 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
                 stats = relationship('Statistics', cascade='all', uselist=False)
                 followers = relationship(
                     'UserFollowing',
                     primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
                     cascade='all')
                 extra_fields = relationship(
                     'RepositoryField', cascade="all, delete, delete-orphan")
                 logs = relationship('UserLog')
                 comments = relationship(
                     'ChangesetComment', cascade="all, delete, delete-orphan")
                 pull_requests_source = relationship(
                     'PullRequest',
                     primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
                     cascade="all, delete, delete-orphan")
                 pull_requests_target = relationship(
                     'PullRequest',
                     primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
                     cascade="all, delete, delete-orphan")
                 ui = relationship('RepoRhodeCodeUi', cascade="all")
                 settings = relationship('RepoRhodeCodeSetting', cascade="all")
                 integrations = relationship('Integration',
                                             cascade="all, delete, delete-orphan")
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
                                                safe_unicode(self.repo_name))
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @hybrid_property
                 def landing_rev(self):
                     # always should return [rev_type, rev]
                     if self._landing_revision:
                         _rev_info = self._landing_revision.split(':')
                         if len(_rev_info) < 2:
                             _rev_info.insert(0, 'rev')
                         return [_rev_info[0], _rev_info[1]]
                     return [None, None]
                 @landing_rev.setter
                 def landing_rev(self, val):
                     if ':' not in val:
                         raise ValueError('value must be delimited with `:` and consist '
                                          'of <rev_type>:<rev>, got %s instead' % val)
                     self._landing_revision = val
                 @hybrid_property
                 def locked(self):
                     if self._locked:
                         user_id, timelocked, reason = self._locked.split(':')
                         lock_values = int(user_id), timelocked, reason
                     else:
                         lock_values = [None, None, None]
                     return lock_values
                 @locked.setter
                 def locked(self, val):
                     if val and isinstance(val, (list, tuple)):
                         self._locked = ':'.join(map(str, val))
                     else:
                         self._locked = None
                 @hybrid_property
                 def changeset_cache(self):
                     from rhodecode.lib.vcs.backends.base import EmptyCommit
                     dummy = EmptyCommit().__json__()
                     if not self._changeset_cache:
                         return dummy
                     try:
                         return json.loads(self._changeset_cache)
                     except TypeError:
                         return dummy
                     except Exception:
                         log.error(traceback.format_exc())
                         return dummy
                 @changeset_cache.setter
                 def changeset_cache(self, val):
                     try:
                         self._changeset_cache = json.dumps(val)
                     except Exception:
                         log.error(traceback.format_exc())
                 @hybrid_property
                 def repo_name(self):
                     return self._repo_name
                 @repo_name.setter
                 def repo_name(self, value):
                     self._repo_name = value
                     self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
                 @classmethod
                 def normalize_repo_name(cls, repo_name):
                     """
                     Normalizes os specific repo_name to the format internally stored inside
                     database using URL_SEP
                     :param cls:
                     :param repo_name:
                     """
                     return cls.NAME_SEP.join(repo_name.split(os.sep))
                 @classmethod
                 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
                     session = Session()
                     q = session.query(cls).filter(cls.repo_name == repo_name)
                     if cache:
                         if identity_cache:
                             val = cls.identity_cache(session, 'repo_name', repo_name)
                             if val:
                                 return val
                         else:
                             cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
                             q = q.options(
                                 FromCache("sql_cache_short", cache_key))
                     return q.scalar()
                 @classmethod
                 def get_by_full_path(cls, repo_full_path):
                     repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
                     repo_name = cls.normalize_repo_name(repo_name)
                     return cls.get_by_repo_name(repo_name.strip(URL_SEP))
                 @classmethod
                 def get_repo_forks(cls, repo_id):
                     return cls.query().filter(Repository.fork_id == repo_id)
                 @classmethod
                 def base_path(cls):
                     """
                     Returns base path when all repos are stored
                     :param cls:
                     """
                     q = Session().query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return q.one().ui_value
                 @classmethod
                 def is_valid(cls, repo_name):
                     """
                     returns True if given repo name is a valid filesystem repository
                     :param cls:
                     :param repo_name:
                     """
                     from rhodecode.lib.utils import is_valid_repo
                     return is_valid_repo(repo_name, cls.base_path())
                 @classmethod
                 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
                                   case_insensitive=True):
                     q = Repository.query()
                     if not isinstance(user_id, Optional):
                         q = q.filter(Repository.user_id == user_id)
                     if not isinstance(group_id, Optional):
                         q = q.filter(Repository.group_id == group_id)
                     if case_insensitive:
                         q = q.order_by(func.lower(Repository.repo_name))
                     else:
                         q = q.order_by(Repository.repo_name)
                     return q.all()
                 @property
                 def forks(self):
                     """
                     Return forks of this repo
                     """
                     return Repository.get_repo_forks(self.repo_id)
                 @property
                 def parent(self):
                     """
                     Returns fork parent
                     """
                     return self.fork
                 @property
                 def just_name(self):
                     return self.repo_name.split(self.NAME_SEP)[-1]
                 @property
                 def groups_with_parents(self):
                     groups = []
                     if self.group is None:
                         return groups
                     cur_gr = self.group
                     groups.insert(0, cur_gr)
                     while 1:
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def groups_and_repo(self):
                     return self.groups_with_parents, self
                 @LazyProperty
                 def repo_path(self):
                     """
                     Returns base full path for that repository means where it actually
                     exists on a filesystem
                     """
                     q = Session().query(RhodeCodeUi).filter(
                         RhodeCodeUi.ui_key == self.NAME_SEP)
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return q.one().ui_value
                 @property
                 def repo_full_path(self):
                     p = [self.repo_path]
                     # we need to split the name by / since this is how we store the
                     # names in the database, but that eventually needs to be converted
                     # into a valid system path
                     p += self.repo_name.split(self.NAME_SEP)
                     return os.path.join(*map(safe_unicode, p))
                 @property
                 def cache_keys(self):
                     """
                     Returns associated cache keys for that repo
                     """
                     return CacheKey.query()\
                         .filter(CacheKey.cache_args == self.repo_name)\
                         .order_by(CacheKey.cache_key)\
                         .all()
                 def get_new_name(self, repo_name):
                     """
                     returns new full repository name based on assigned group and new new
                     :param group_name:
                     """
                     path_prefix = self.group.full_path_splitted if self.group else []
                     return self.NAME_SEP.join(path_prefix + [repo_name])
                 @property
                 def _config(self):
                     """
                     Returns db based config object.
                     """
                     from rhodecode.lib.utils import make_db_config
                     return make_db_config(clear_session=False, repo=self)
                 def permissions(self, with_admins=True, with_owner=True):
                     q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
                     q = q.options(joinedload(UserRepoToPerm.repository),
                                   joinedload(UserRepoToPerm.user),
                                   joinedload(UserRepoToPerm.permission),)
                     # get owners and admins and permissions. We do a trick of re-writing
                     # objects from sqlalchemy to named-tuples due to sqlalchemy session
                     # has a global reference and changing one object propagates to all
                     # others. This means if admin is also an owner admin_row that change
                     # would propagate to both objects
                     perm_rows = []
                     for _usr in q.all():
                         usr = AttributeDict(_usr.user.get_dict())
                         usr.permission = _usr.permission.permission_name
                         perm_rows.append(usr)
                     # filter the perm rows by 'default' first and then sort them by
                     # admin,write,read,none permissions sorted again alphabetically in
                     # each group
                     perm_rows = sorted(perm_rows, key=display_sort)
                     _admin_perm = 'repository.admin'
                     owner_row = []
                     if with_owner:
                         usr = AttributeDict(self.user.get_dict())
                         usr.owner_row = True
                         usr.permission = _admin_perm
                         owner_row.append(usr)
                     super_admin_rows = []
                     if with_admins:
                         for usr in User.get_all_super_admins():
                             # if this admin is also owner, don't double the record
                             if usr.user_id == owner_row[0].user_id:
                                 owner_row[0].admin_row = True
                             else:
                                 usr = AttributeDict(usr.get_dict())
                                 usr.admin_row = True
                                 usr.permission = _admin_perm
                                 super_admin_rows.append(usr)
                     return super_admin_rows + owner_row + perm_rows
                 def permission_user_groups(self):
                     q = UserGroupRepoToPerm.query().filter(
                         UserGroupRepoToPerm.repository == self)
                     q = q.options(joinedload(UserGroupRepoToPerm.repository),
                                   joinedload(UserGroupRepoToPerm.users_group),
                                   joinedload(UserGroupRepoToPerm.permission),)
                     perm_rows = []
                     for _user_group in q.all():
                         usr = AttributeDict(_user_group.users_group.get_dict())
                         usr.permission = _user_group.permission.permission_name
                         perm_rows.append(usr)
                     return perm_rows
                 def get_api_data(self, include_secrets=False):
                     """
                     Common function for generating repo api data
                     :param include_secrets: See :meth:`User.get_api_data`.
                     """
                     # TODO: mikhail: Here there is an anti-pattern, we probably need to
                     # move this methods on models level.
                     from rhodecode.model.settings import SettingsModel
                     from rhodecode.model.repo import RepoModel
                     repo = self
                     _user_id, _time, _reason = self.locked
                     data = {
                         'repo_id': repo.repo_id,
                         'repo_name': repo.repo_name,
                         'repo_type': repo.repo_type,
                         'clone_uri': repo.clone_uri or '',
                         'url': RepoModel().get_url(self),
                         'private': repo.private,
                         'created_on': repo.created_on,
                         'description': repo.description_safe,
                         'landing_rev': repo.landing_rev,
                         'owner': repo.user.username,
                         'fork_of': repo.fork.repo_name if repo.fork else None,
                         'fork_of_id': repo.fork.repo_id if repo.fork else None,
                         'enable_statistics': repo.enable_statistics,
                         'enable_locking': repo.enable_locking,
                         'enable_downloads': repo.enable_downloads,
                         'last_changeset': repo.changeset_cache,
                         'locked_by': User.get(_user_id).get_api_data(
                             include_secrets=include_secrets) if _user_id else None,
                         'locked_date': time_to_datetime(_time) if _time else None,
                         'lock_reason': _reason if _reason else None,
                     }
                     # TODO: mikhail: should be per-repo settings here
                     rc_config = SettingsModel().get_all_settings()
                     repository_fields = str2bool(
                         rc_config.get('rhodecode_repository_fields'))
                     if repository_fields:
                         for f in self.extra_fields:
                             data[f.field_key_prefixed] = f.field_value
                     return data
                 @classmethod
                 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
                     if not lock_time:
                         lock_time = time.time()
                     if not lock_reason:
                         lock_reason = cls.LOCK_AUTOMATIC
                     repo.locked = [user_id, lock_time, lock_reason]
                     Session().add(repo)
                     Session().commit()
                 @classmethod
                 def unlock(cls, repo):
                     repo.locked = None
                     Session().add(repo)
                     Session().commit()
                 @classmethod
                 def getlock(cls, repo):
                     return repo.locked
                 def is_user_lock(self, user_id):
                     if self.lock[0]:
                         lock_user_id = safe_int(self.lock[0])
                         user_id = safe_int(user_id)
                         # both are ints, and they are equal
                         return all([lock_user_id, user_id]) and lock_user_id == user_id
                     return False
                 def get_locking_state(self, action, user_id, only_when_enabled=True):
                     """
                     Checks locking on this repository, if locking is enabled and lock is
                     present returns a tuple of make_lock, locked, locked_by.
                     make_lock can have 3 states None (do nothing) True, make lock
                     False release lock, This value is later propagated to hooks, which
                     do the locking. Think about this as signals passed to hooks what to do.
                     """
                     # TODO: johbo: This is part of the business logic and should be moved
                     # into the RepositoryModel.
                     if action not in ('push', 'pull'):
                         raise ValueError("Invalid action value: %s" % repr(action))
                     # defines if locked error should be thrown to user
                     currently_locked = False
                     # defines if new lock should be made, tri-state
                     make_lock = None
                     repo = self
                     user = User.get(user_id)
                     lock_info = repo.locked
                     if repo and (repo.enable_locking or not only_when_enabled):
                         if action == 'push':
                             # check if it's already locked !, if it is compare users
                             locked_by_user_id = lock_info[0]
                             if user.user_id == locked_by_user_id:
                                 log.debug(
                                     'Got `push` action from user %s, now unlocking', user)
                                 # unlock if we have push from user who locked
                                 make_lock = False
                             else:
                                 # we're not the same user who locked, ban with
                                 # code defined in settings (default is 423 HTTP Locked) !
                                 log.debug('Repo %s is currently locked by %s', repo, user)
                                 currently_locked = True
                         elif action == 'pull':
                             # [0] user [1] date
                             if lock_info[0] and lock_info[1]:
                                 log.debug('Repo %s is currently locked by %s', repo, user)
                                 currently_locked = True
                             else:
                                 log.debug('Setting lock on repo %s by %s', repo, user)
                                 make_lock = True
                     else:
                         log.debug('Repository %s do not have locking enabled', repo)
                     log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
                               make_lock, currently_locked, lock_info)
                     from rhodecode.lib.auth import HasRepoPermissionAny
                     perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
                     if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
                         # if we don't have at least write permission we cannot make a lock
                         log.debug('lock state reset back to FALSE due to lack '
                                   'of at least read permission')
                         make_lock = False
                     return make_lock, currently_locked, lock_info
                 @property
                 def last_db_change(self):
                     return self.updated_on
                 @property
                 def clone_uri_hidden(self):
                     clone_uri = self.clone_uri
                     if clone_uri:
                         import urlobject
                         url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
                         if url_obj.password:
                             clone_uri = url_obj.with_password('*****')
                     return clone_uri
                 def clone_url(self, **override):
                     from rhodecode.model.settings import SettingsModel
                     uri_tmpl = None
                     if 'with_id' in override:
                         uri_tmpl = self.DEFAULT_CLONE_URI_ID
                         del override['with_id']
                     if 'uri_tmpl' in override:
                         uri_tmpl = override['uri_tmpl']
                         del override['uri_tmpl']
                     # we didn't override our tmpl from **overrides
                     if not uri_tmpl:
                         rc_config = SettingsModel().get_all_settings(cache=True)
                         uri_tmpl = rc_config.get(
                             'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
                     request = get_current_request()
                     return get_clone_url(request=request,
                                          uri_tmpl=uri_tmpl,
                                          repo_name=self.repo_name,
                                          repo_id=self.repo_id, **override)
                 def set_state(self, state):
                     self.repo_state = state
                     Session().add(self)
                 #==========================================================================
                 # SCM PROPERTIES
                 #==========================================================================
                 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
                     return get_commit_safe(
                         self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
                 def get_changeset(self, rev=None, pre_load=None):
                     warnings.warn("Use get_commit", DeprecationWarning)
                     commit_id = None
                     commit_idx = None
                     if isinstance(rev, basestring):
                         commit_id = rev
                     else:
                         commit_idx = rev
                     return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
                                            pre_load=pre_load)
                 def get_landing_commit(self):
                     """
                     Returns landing commit, or if that doesn't exist returns the tip
                     """
                     _rev_type, _rev = self.landing_rev
                     commit = self.get_commit(_rev)
                     if isinstance(commit, EmptyCommit):
                         return self.get_commit()
                     return commit
                 def update_commit_cache(self, cs_cache=None, config=None):
                     """
                     Update cache of last changeset for repository, keys should be::
                         short_id
                         raw_id
                         revision
                         parents
                         message
                         date
                         author
                     :param cs_cache:
                     """
                     from rhodecode.lib.vcs.backends.base import BaseChangeset
                     if cs_cache is None:
                         # use no-cache version here
                         scm_repo = self.scm_instance(cache=False, config=config)
                         if scm_repo:
                             cs_cache = scm_repo.get_commit(
                                 pre_load=["author", "date", "message", "parents"])
                         else:
                             cs_cache = EmptyCommit()
                     if isinstance(cs_cache, BaseChangeset):
                         cs_cache = cs_cache.__json__()
                     def is_outdated(new_cs_cache):
                         if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
                             new_cs_cache['revision'] != self.changeset_cache['revision']):
                             return True
                         return False
                     # check if we have maybe already latest cached revision
                     if is_outdated(cs_cache) or not self.changeset_cache:
                         _default = datetime.datetime.fromtimestamp(0)
                         last_change = cs_cache.get('date') or _default
                         log.debug('updated repo %s with new cs cache %s',
                                   self.repo_name, cs_cache)
                         self.updated_on = last_change
                         self.changeset_cache = cs_cache
                         Session().add(self)
                         Session().commit()
                     else:
                         log.debug('Skipping update_commit_cache for repo:`%s` '
                                   'commit already with latest changes', self.repo_name)
                 @property
                 def tip(self):
                     return self.get_commit('tip')
                 @property
                 def author(self):
                     return self.tip.author
                 @property
                 def last_change(self):
                     return self.scm_instance().last_change
                 def get_comments(self, revisions=None):
                     """
                     Returns comments for this repository grouped by revisions
                     :param revisions: filter query by revisions only
                     """
                     cmts = ChangesetComment.query()\
                         .filter(ChangesetComment.repo == self)
                     if revisions:
                         cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
                     grouped = collections.defaultdict(list)
                     for cmt in cmts.all():
                         grouped[cmt.revision].append(cmt)
                     return grouped
                 def statuses(self, revisions=None):
                     """
                     Returns statuses for this repository
                     :param revisions: list of revisions to get statuses for
                     """
                     statuses = ChangesetStatus.query()\
                         .filter(ChangesetStatus.repo == self)\
                         .filter(ChangesetStatus.version == 0)
                     if revisions:
                         # Try doing the filtering in chunks to avoid hitting limits
                         size = 500
                         status_results = []
                         for chunk in xrange(0, len(revisions), size):
                             status_results += statuses.filter(
                                 ChangesetStatus.revision.in_(
                                     revisions[chunk: chunk+size])
                             ).all()
                     else:
                         status_results = statuses.all()
                     grouped = {}
                     # maybe we have open new pullrequest without a status?
                     stat = ChangesetStatus.STATUS_UNDER_REVIEW
                     status_lbl = ChangesetStatus.get_status_lbl(stat)
                     for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
                         for rev in pr.revisions:
                             pr_id = pr.pull_request_id
                             pr_repo = pr.target_repo.repo_name
                             grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
                     for stat in status_results:
                         pr_id = pr_repo = None
                         if stat.pull_request:
                             pr_id = stat.pull_request.pull_request_id
                             pr_repo = stat.pull_request.target_repo.repo_name
                         grouped[stat.revision] = [str(stat.status), stat.status_lbl,
                                                   pr_id, pr_repo]
                     return grouped
                 # ==========================================================================
                 # SCM CACHE INSTANCE
                 # ==========================================================================
                 def scm_instance(self, **kwargs):
                     import rhodecode
                     # Passing a config will not hit the cache currently only used
                     # for repo2dbmapper
                     config = kwargs.pop('config', None)
                     cache = kwargs.pop('cache', None)
                     full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
                     # if cache is NOT defined use default global, else we have a full
                     # control over cache behaviour
                     if cache is None and full_cache and not config:
                         return self._get_instance_cached()
                     return self._get_instance(cache=bool(cache), config=config)
                 def _get_instance_cached(self):
                     @cache_region('long_term')
                     def _get_repo(cache_key):
                         return self._get_instance()
                     invalidator_context = CacheKey.repo_context_cache(
                         _get_repo, self.repo_name, None, thread_scoped=True)
                     with invalidator_context as context:
                         context.invalidate()
                         repo = context.compute()
                     return repo
                 def _get_instance(self, cache=True, config=None):
                     config = config or self._config
                     custom_wire = {
                         'cache': cache  # controls the vcs.remote cache
                     }
                     repo = get_vcs_instance(
                         repo_path=safe_str(self.repo_full_path),
                         config=config,
                         with_wire=custom_wire,
                         create=False,
                         _vcs_alias=self.repo_type)
                     return repo
                 def __json__(self):
                     return {'landing_rev': self.landing_rev}
                 def get_dict(self):
                     # Since we transformed `repo_name` to a hybrid property, we need to
                     # keep compatibility with the code which uses `repo_name` field.
                     result = super(Repository, self).get_dict()
                     result['repo_name'] = result.pop('_repo_name', None)
                     return result
             class RepoGroup(Base, BaseModel):
                 __tablename__ = 'groups'
                 __table_args__ = (
                     UniqueConstraint('group_name', 'group_parent_id'),
                     CheckConstraint('group_id != group_parent_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 __mapper_args__ = {'order_by': 'group_name'}
                 CHOICES_SEPARATOR = '/'  # used to generate select2 choices for nested groups
                 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
                 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
                 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
                 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
                 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
                 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
                 parent_group = relationship('RepoGroup', remote_side=group_id)
                 user = relationship('User')
                 integrations = relationship('Integration',
                                             cascade="all, delete, delete-orphan")
                 def __init__(self, group_name='', parent_group=None):
                     self.group_name = group_name
                     self.parent_group = parent_group
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (
                         self.__class__.__name__, self.group_id, self.group_name)
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.group_description)
                 @classmethod
                 def _generate_choice(cls, repo_group):
                     from webhelpers.html import literal as _literal
                     _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
                     return repo_group.group_id, _name(repo_group.full_path_splitted)
                 @classmethod
                 def groups_choices(cls, groups=None, show_empty_group=True):
                     if not groups:
                         groups = cls.query().all()
                     repo_groups = []
                     if show_empty_group:
                         repo_groups = [(-1, u'-- %s --' % _('No parent'))]
                     repo_groups.extend([cls._generate_choice(x) for x in groups])
                     repo_groups = sorted(
                         repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
                     return repo_groups
                 @classmethod
                 def url_sep(cls):
                     return URL_SEP
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
                     if case_insensitive:
                         gr = cls.query().filter(func.lower(cls.group_name)
                                                 == func.lower(group_name))
                     else:
                         gr = cls.query().filter(cls.group_name == group_name)
                     if cache:
                         name_key = _hash_key(group_name)
                         gr = gr.options(
                             FromCache("sql_cache_short", "get_group_%s" % name_key))
                     return gr.scalar()
                 @classmethod
                 def get_user_personal_repo_group(cls, user_id):
                     user = User.get(user_id)
                     if user.username == User.DEFAULT_USER:
                         return None
                     return cls.query()\
                         .filter(cls.personal == true()) \
                         .filter(cls.user == user).scalar()
                 @classmethod
                 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
                                         case_insensitive=True):
                     q = RepoGroup.query()
                     if not isinstance(user_id, Optional):
                         q = q.filter(RepoGroup.user_id == user_id)
                     if not isinstance(group_id, Optional):
                         q = q.filter(RepoGroup.group_parent_id == group_id)
                     if case_insensitive:
                         q = q.order_by(func.lower(RepoGroup.group_name))
                     else:
                         q = q.order_by(RepoGroup.group_name)
                     return q.all()
                 @property
                 def parents(self):
                     parents_recursion_limit = 10
                     groups = []
                     if self.parent_group is None:
                         return groups
                     cur_gr = self.parent_group
                     groups.insert(0, cur_gr)
                     cnt = 0
                     while 1:
                         cnt += 1
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         if cnt == parents_recursion_limit:
                             # this will prevent accidental infinit loops
                             log.error(('more than %s parents found for group %s, stopping '
                                        'recursive parent fetching' % (parents_recursion_limit, self)))
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def children(self):
                     return RepoGroup.query().filter(RepoGroup.parent_group == self)
                 @property
                 def name(self):
                     return self.group_name.split(RepoGroup.url_sep())[-1]
                 @property
                 def full_path(self):
                     return self.group_name
                 @property
                 def full_path_splitted(self):
                     return self.group_name.split(RepoGroup.url_sep())
                 @property
                 def repositories(self):
                     return Repository.query()\
                             .filter(Repository.group == self)\
                             .order_by(Repository.repo_name)
                 @property
                 def repositories_recursive_count(self):
                     cnt = self.repositories.count()
                     def children_count(group):
                         cnt = 0
                         for child in group.children:
                             cnt += child.repositories.count()
                             cnt += children_count(child)
                         return cnt
                     return cnt + children_count(self)
                 def _recursive_objects(self, include_repos=True):
                     all_ = []
                     def _get_members(root_gr):
                         if include_repos:
                             for r in root_gr.repositories:
                                 all_.append(r)
                         childs = root_gr.children.all()
                         if childs:
                             for gr in childs:
                                 all_.append(gr)
                                 _get_members(gr)
                     _get_members(self)
                     return [self] + all_
                 def recursive_groups_and_repos(self):
                     """
                     Recursive return all groups, with repositories in those groups
                     """
                     return self._recursive_objects()
                 def recursive_groups(self):
                     """
                     Returns all children groups for this group including children of children
                     """
                     return self._recursive_objects(include_repos=False)
                 def get_new_name(self, group_name):
                     """
                     returns new full group name based on parent and new name
                     :param group_name:
                     """
                     path_prefix = (self.parent_group.full_path_splitted if
                                    self.parent_group else [])
                     return RepoGroup.url_sep().join(path_prefix + [group_name])
                 def permissions(self, with_admins=True, with_owner=True):
                     q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
                     q = q.options(joinedload(UserRepoGroupToPerm.group),
                                   joinedload(UserRepoGroupToPerm.user),
                                   joinedload(UserRepoGroupToPerm.permission),)
                     # get owners and admins and permissions. We do a trick of re-writing
                     # objects from sqlalchemy to named-tuples due to sqlalchemy session
                     # has a global reference and changing one object propagates to all
                     # others. This means if admin is also an owner admin_row that change
                     # would propagate to both objects
                     perm_rows = []
                     for _usr in q.all():
                         usr = AttributeDict(_usr.user.get_dict())
                         usr.permission = _usr.permission.permission_name
                         perm_rows.append(usr)
                     # filter the perm rows by 'default' first and then sort them by
                     # admin,write,read,none permissions sorted again alphabetically in
                     # each group
                     perm_rows = sorted(perm_rows, key=display_sort)
                     _admin_perm = 'group.admin'
                     owner_row = []
                     if with_owner:
                         usr = AttributeDict(self.user.get_dict())
                         usr.owner_row = True
                         usr.permission = _admin_perm
                         owner_row.append(usr)
                     super_admin_rows = []
                     if with_admins:
                         for usr in User.get_all_super_admins():
                             # if this admin is also owner, don't double the record
                             if usr.user_id == owner_row[0].user_id:
                                 owner_row[0].admin_row = True
                             else:
                                 usr = AttributeDict(usr.get_dict())
                                 usr.admin_row = True
                                 usr.permission = _admin_perm
                                 super_admin_rows.append(usr)
                     return super_admin_rows + owner_row + perm_rows
                 def permission_user_groups(self):
                     q = UserGroupRepoGroupToPerm.query().filter(UserGroupRepoGroupToPerm.group == self)
                     q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
                                   joinedload(UserGroupRepoGroupToPerm.users_group),
                                   joinedload(UserGroupRepoGroupToPerm.permission),)
                     perm_rows = []
                     for _user_group in q.all():
                         usr = AttributeDict(_user_group.users_group.get_dict())
                         usr.permission = _user_group.permission.permission_name
                         perm_rows.append(usr)
                     return perm_rows
                 def get_api_data(self):
                     """
                     Common function for generating api data
                     """
                     group = self
                     data = {
                         'group_id': group.group_id,
                         'group_name': group.group_name,
                         'group_description': group.description_safe,
                         'parent_group': group.parent_group.group_name if group.parent_group else None,
                         'repositories': [x.repo_name for x in group.repositories],
                         'owner': group.user.username,
                     }
                     return data
             class Permission(Base, BaseModel):
                 __tablename__ = 'permissions'
                 __table_args__ = (
                     Index('p_perm_name_idx', 'permission_name'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 PERMS = [
                     ('hg.admin', _('RhodeCode Super Administrator')),
                     ('repository.none', _('Repository no access')),
                     ('repository.read', _('Repository read access')),
                     ('repository.write', _('Repository write access')),
                     ('repository.admin', _('Repository admin access')),
                     ('group.none', _('Repository group no access')),
                     ('group.read', _('Repository group read access')),
                     ('group.write', _('Repository group write access')),
                     ('group.admin', _('Repository group admin access')),
                     ('usergroup.none', _('User group no access')),
                     ('usergroup.read', _('User group read access')),
                     ('usergroup.write', _('User group write access')),
                     ('usergroup.admin', _('User group admin access')),
                     ('hg.repogroup.create.false', _('Repository Group creation disabled')),
                     ('hg.repogroup.create.true', _('Repository Group creation enabled')),
                     ('hg.usergroup.create.false', _('User Group creation disabled')),
                     ('hg.usergroup.create.true', _('User Group creation enabled')),
                     ('hg.create.none', _('Repository creation disabled')),
                     ('hg.create.repository', _('Repository creation enabled')),
                     ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
                     ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
                     ('hg.fork.none', _('Repository forking disabled')),
                     ('hg.fork.repository', _('Repository forking enabled')),
                     ('hg.register.none', _('Registration disabled')),
                     ('hg.register.manual_activate', _('User Registration with manual account activation')),
                     ('hg.register.auto_activate', _('User Registration with automatic account activation')),
                     ('hg.password_reset.enabled', _('Password reset enabled')),
                     ('hg.password_reset.hidden', _('Password reset hidden')),
                     ('hg.password_reset.disabled', _('Password reset disabled')),
                     ('hg.extern_activate.manual', _('Manual activation of external account')),
                     ('hg.extern_activate.auto', _('Automatic activation of external account')),
                     ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
                     ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
                 ]
                 # definition of system default permissions for DEFAULT user
                 DEFAULT_USER_PERMISSIONS = [
                     'repository.read',
                     'group.read',
                     'usergroup.read',
                     'hg.create.repository',
                     'hg.repogroup.create.false',
                     'hg.usergroup.create.false',
                     'hg.create.write_on_repogroup.true',
                     'hg.fork.repository',
                     'hg.register.manual_activate',
                     'hg.password_reset.enabled',
                     'hg.extern_activate.auto',
                     'hg.inherit_default_perms.true',
                 ]
                 # defines which permissions are more important higher the more important
                 # Weight defines which permissions are more important.
                 # The higher number the more important.
                 PERM_WEIGHTS = {
                     'repository.none': 0,
                     'repository.read': 1,
                     'repository.write': 3,
                     'repository.admin': 4,
                     'group.none': 0,
                     'group.read': 1,
                     'group.write': 3,
                     'group.admin': 4,
                     'usergroup.none': 0,
                     'usergroup.read': 1,
                     'usergroup.write': 3,
                     'usergroup.admin': 4,
                     'hg.repogroup.create.false': 0,
                     'hg.repogroup.create.true': 1,
                     'hg.usergroup.create.false': 0,
                     'hg.usergroup.create.true': 1,
                     'hg.fork.none': 0,
                     'hg.fork.repository': 1,
                     'hg.create.none': 0,
                     'hg.create.repository': 1
                 }
                 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
                 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (
                         self.__class__.__name__, self.permission_id, self.permission_name
                     )
                 @classmethod
                 def get_by_key(cls, key):
                     return cls.query().filter(cls.permission_name == key).scalar()
                 @classmethod
                 def get_default_repo_perms(cls, user_id, repo_id=None):
                     q = Session().query(UserRepoToPerm, Repository, Permission)\
                         .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
                         .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
                         .filter(UserRepoToPerm.user_id == user_id)
                     if repo_id:
                         q = q.filter(UserRepoToPerm.repository_id == repo_id)
                     return q.all()
                 @classmethod
                 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
                     q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
                         .join(
                             Permission,
                             UserGroupRepoToPerm.permission_id == Permission.permission_id)\
                         .join(
                             Repository,
                             UserGroupRepoToPerm.repository_id == Repository.repo_id)\
                         .join(
                             UserGroup,
                             UserGroupRepoToPerm.users_group_id ==
                             UserGroup.users_group_id)\
                         .join(
                             UserGroupMember,
                             UserGroupRepoToPerm.users_group_id ==
                             UserGroupMember.users_group_id)\
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if repo_id:
                         q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
                     return q.all()
                 @classmethod
                 def get_default_group_perms(cls, user_id, repo_group_id=None):
                     q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
                         .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\
                         .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
                         .filter(UserRepoGroupToPerm.user_id == user_id)
                     if repo_group_id:
                         q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
                     return q.all()
                 @classmethod
                 def get_default_group_perms_from_user_group(
                         cls, user_id, repo_group_id=None):
                     q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
                         .join(
                             Permission,
                             UserGroupRepoGroupToPerm.permission_id ==
                             Permission.permission_id)\
                         .join(
                             RepoGroup,
                             UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
                         .join(
                             UserGroup,
                             UserGroupRepoGroupToPerm.users_group_id ==
                             UserGroup.users_group_id)\
                         .join(
                             UserGroupMember,
                             UserGroupRepoGroupToPerm.users_group_id ==
                             UserGroupMember.users_group_id)\
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if repo_group_id:
                         q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
                     return q.all()
                 @classmethod
                 def get_default_user_group_perms(cls, user_id, user_group_id=None):
                     q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
                         .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
                         .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
                         .filter(UserUserGroupToPerm.user_id == user_id)
                     if user_group_id:
                         q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
                     return q.all()
                 @classmethod
                 def get_default_user_group_perms_from_user_group(
                         cls, user_id, user_group_id=None):
                     TargetUserGroup = aliased(UserGroup, name='target_user_group')
                     q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
                         .join(
                             Permission,
                             UserGroupUserGroupToPerm.permission_id ==
                             Permission.permission_id)\
                         .join(
                             TargetUserGroup,
                             UserGroupUserGroupToPerm.target_user_group_id ==
                             TargetUserGroup.users_group_id)\
                         .join(
                             UserGroup,
                             UserGroupUserGroupToPerm.user_group_id ==
                             UserGroup.users_group_id)\
                         .join(
                             UserGroupMember,
                             UserGroupUserGroupToPerm.user_group_id ==
                             UserGroupMember.users_group_id)\
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if user_group_id:
                         q = q.filter(
                             UserGroupUserGroupToPerm.user_group_id == user_group_id)
                     return q.all()
             class UserRepoToPerm(Base, BaseModel):
                 __tablename__ = 'repo_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'repository_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 repository = relationship('Repository')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, user, repository, permission):
                     n = cls()
                     n.user = user
                     n.repository = repository
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<%s => %s >' % (self.user, self.repository)
             class UserUserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_user_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 user_group = relationship('UserGroup')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, user, user_group, permission):
                     n = cls()
                     n.user = user
                     n.user_group = user_group
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<%s => %s >' % (self.user, self.user_group)
             class UserToPerm(Base, BaseModel):
                 __tablename__ = 'user_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 permission = relationship('Permission', lazy='joined')
                 def __unicode__(self):
                     return u'<%s => %s >' % (self.user, self.permission)
             class UserGroupRepoToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_repo_to_perm'
                 __table_args__ = (
                     UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
                 repository = relationship('Repository')
                 @classmethod
                 def create(cls, users_group, repository, permission):
                     n = cls()
                     n.users_group = users_group
                     n.repository = repository
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
             class UserGroupUserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_group_user_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
                     CheckConstraint('target_user_group_id != user_group_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
                 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, target_user_group, user_group, permission):
                     n = cls()
                     n.target_user_group = target_user_group
                     n.user_group = user_group
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
             class UserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('users_group_id', 'permission_id',),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
             class UserRepoGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_repo_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'group_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 group = relationship('RepoGroup')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, user, repository_group, permission):
                     n = cls()
                     n.user = user
                     n.group = repository_group
                     n.permission = permission
                     Session().add(n)
                     return n
             class UserGroupRepoGroupToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_repo_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('users_group_id', 'group_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
                 group = relationship('RepoGroup')
                 @classmethod
                 def create(cls, user_group, repository_group, permission):
                     n = cls()
                     n.users_group = user_group
                     n.group = repository_group
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
             class Statistics(Base, BaseModel):
                 __tablename__ = 'statistics'
                 __table_args__ = (
                      UniqueConstraint('repository_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
                 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
                 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
                 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
                 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
                 repository = relationship('Repository', single_parent=True)
             class UserFollowing(Base, BaseModel):
                 __tablename__ = 'user_followings'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'follows_repository_id'),
                     UniqueConstraint('user_id', 'follows_user_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
                 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
                 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
                 follows_repository = relationship('Repository', order_by='Repository.repo_name')
                 @classmethod
                 def get_repo_followers(cls, repo_id):
                     return cls.query().filter(cls.follows_repo_id == repo_id)
             class CacheKey(Base, BaseModel):
                 __tablename__ = 'cache_invalidation'
                 __table_args__ = (
                     UniqueConstraint('cache_key'),
                     Index('key_idx', 'cache_key'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 CACHE_TYPE_ATOM = 'ATOM'
                 CACHE_TYPE_RSS = 'RSS'
                 CACHE_TYPE_README = 'README'
                 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
                 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
                 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
                 def __init__(self, cache_key, cache_args=''):
                     self.cache_key = cache_key
                     self.cache_args = cache_args
                     self.cache_active = False
                 def __unicode__(self):
                     return u"<%s('%s:%s[%s]')>" % (
                         self.__class__.__name__,
                         self.cache_id, self.cache_key, self.cache_active)
                 def _cache_key_partition(self):
                     prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
                     return prefix, repo_name, suffix
                 def get_prefix(self):
                     """
                     Try to extract prefix from existing cache key. The key could consist
                     of prefix, repo_name, suffix
                     """
                     # this returns prefix, repo_name, suffix
                     return self._cache_key_partition()[0]
                 def get_suffix(self):
                     """
                     get suffix that might have been used in _get_cache_key to
                     generate self.cache_key. Only used for informational purposes
                     in repo_edit.mako.
                     """
                     # prefix, repo_name, suffix
                     return self._cache_key_partition()[2]
                 @classmethod
                 def delete_all_cache(cls):
                     """
                     Delete all cache keys from database.
                     Should only be run when all instances are down and all entries
                     thus stale.
                     """
                     cls.query().delete()
                     Session().commit()
                 @classmethod
                 def get_cache_key(cls, repo_name, cache_type):
                     """
                     Generate a cache key for this process of RhodeCode instance.
                     Prefix most likely will be process id or maybe explicitly set
                     instance_id from .ini file.
                     """
                     import rhodecode
                     prefix = safe_unicode(rhodecode.CONFIG.get('instance_id') or '')
                     repo_as_unicode = safe_unicode(repo_name)
                     key = u'{}_{}'.format(repo_as_unicode, cache_type) \
                         if cache_type else repo_as_unicode
                     return u'{}{}'.format(prefix, key)
                 @classmethod
                 def set_invalidate(cls, repo_name, delete=False):
                     """
                     Mark all caches of a repo as invalid in the database.
                     """
                     try:
                         qry = Session().query(cls).filter(cls.cache_args == repo_name)
                         if delete:
                             log.debug('cache objects deleted for repo %s',
                                       safe_str(repo_name))
                             qry.delete()
                         else:
                             log.debug('cache objects marked as invalid for repo %s',
                                       safe_str(repo_name))
                             qry.update({"cache_active": False})
                         Session().commit()
                     except Exception:
                         log.exception(
                             'Cache key invalidation failed for repository %s',
                             safe_str(repo_name))
                         Session().rollback()
                 @classmethod
                 def get_active_cache(cls, cache_key):
                     inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
                     if inv_obj:
                         return inv_obj
                     return None
                 @classmethod
                 def repo_context_cache(cls, compute_func, repo_name, cache_type,
                                        thread_scoped=False):
                     """
                     @cache_region('long_term')
                     def _heavy_calculation(cache_key):
                         return 'result'
                     cache_context = CacheKey.repo_context_cache(
                         _heavy_calculation, repo_name, cache_type)
                     with cache_context as context:
                         context.invalidate()
                         computed = context.compute()
                     assert computed == 'result'
                     """
                     from rhodecode.lib import caches
                     return caches.InvalidationContext(
                         compute_func, repo_name, cache_type, thread_scoped=thread_scoped)
             class ChangesetComment(Base, BaseModel):
                 __tablename__ = 'changeset_comments'
                 __table_args__ = (
                     Index('cc_revision_idx', 'revision'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 COMMENT_OUTDATED = u'comment_outdated'
                 COMMENT_TYPE_NOTE = u'note'
                 COMMENT_TYPE_TODO = u'todo'
                 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
                 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
                 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 revision = Column('revision', String(40), nullable=True)
                 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
                 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
                 line_no = Column('line_no', Unicode(10), nullable=True)
                 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
                 f_path = Column('f_path', Unicode(1000), nullable=True)
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
                 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 renderer = Column('renderer', Unicode(64), nullable=True)
                 display_state = Column('display_state',  Unicode(128), nullable=True)
                 comment_type = Column('comment_type',  Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
                 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
                 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, backref='resolved_by')
                 author = relationship('User', lazy='joined')
                 repo = relationship('Repository')
                 status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan", lazy='joined')
                 pull_request = relationship('PullRequest', lazy='joined')
                 pull_request_version = relationship('PullRequestVersion')
                 @classmethod
                 def get_users(cls, revision=None, pull_request_id=None):
                     """
                     Returns user associated with this ChangesetComment. ie those
                     who actually commented
                     :param cls:
                     :param revision:
                     """
                     q = Session().query(User)\
                             .join(ChangesetComment.author)
                     if revision:
                         q = q.filter(cls.revision == revision)
                     elif pull_request_id:
                         q = q.filter(cls.pull_request_id == pull_request_id)
                     return q.all()
                 @classmethod
                 def get_index_from_version(cls, pr_version, versions):
                     num_versions = [x.pull_request_version_id for x in versions]
                     try:
                         return num_versions.index(pr_version) +1
                     except (IndexError, ValueError):
                         return
                 @property
                 def outdated(self):
                     return self.display_state == self.COMMENT_OUTDATED
                 def outdated_at_version(self, version):
                     """
                     Checks if comment is outdated for given pull request version
                     """
                     return self.outdated and self.pull_request_version_id != version
                 def older_than_version(self, version):
                     """
                     Checks if comment is made from previous version than given
                     """
                     if version is None:
                         return self.pull_request_version_id is not None
                     return self.pull_request_version_id < version
                 @property
                 def resolved(self):
                     return self.resolved_by[0] if self.resolved_by else None
                 @property
                 def is_todo(self):
                     return self.comment_type == self.COMMENT_TYPE_TODO
                 @property
                 def is_inline(self):
                     return self.line_no and self.f_path
                 def get_index_version(self, versions):
                     return self.get_index_from_version(
                         self.pull_request_version_id, versions)
                 def __repr__(self):
                     if self.comment_id:
                         return '<DB:Comment #%s>' % self.comment_id
                     else:
                         return '<DB:Comment at %#x>' % id(self)
                 def get_api_data(self):
                     comment = self
                     data = {
                         'comment_id': comment.comment_id,
                         'comment_type': comment.comment_type,
                         'comment_text': comment.text,
                         'comment_status': comment.status_change,
                         'comment_f_path': comment.f_path,
                         'comment_lineno': comment.line_no,
                         'comment_author': comment.author,
                         'comment_created_on': comment.created_on
                     }
                     return data
                 def __json__(self):
                     data = dict()
                     data.update(self.get_api_data())
                     return data
             class ChangesetStatus(Base, BaseModel):
                 __tablename__ = 'changeset_statuses'
                 __table_args__ = (
                     Index('cs_revision_idx', 'revision'),
                     Index('cs_version_idx', 'version'),
                     UniqueConstraint('repo_id', 'revision', 'version'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
                 STATUS_APPROVED = 'approved'
                 STATUS_REJECTED = 'rejected'
                 STATUS_UNDER_REVIEW = 'under_review'
                 STATUSES = [
                     (STATUS_NOT_REVIEWED, _("Not Reviewed")),  # (no icon) and default
                     (STATUS_APPROVED, _("Approved")),
                     (STATUS_REJECTED, _("Rejected")),
                     (STATUS_UNDER_REVIEW, _("Under Review")),
                 ]
                 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
                 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
                 revision = Column('revision', String(40), nullable=False)
                 status = Column('status', String(128), nullable=False, default=DEFAULT)
                 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
                 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
                 version = Column('version', Integer(), nullable=False, default=0)
                 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
                 author = relationship('User', lazy='joined')
                 repo = relationship('Repository')
                 comment = relationship('ChangesetComment', lazy='joined')
                 pull_request = relationship('PullRequest', lazy='joined')
                 def __unicode__(self):
                     return u"<%s('%s[v%s]:%s')>" % (
                         self.__class__.__name__,
                         self.status, self.version, self.author
                     )
                 @classmethod
                 def get_status_lbl(cls, value):
                     return dict(cls.STATUSES).get(value)
                 @property
                 def status_lbl(self):
                     return ChangesetStatus.get_status_lbl(self.status)
                 def get_api_data(self):
                     status = self
                     data = {
                         'status_id': status.changeset_status_id,
                         'status': status.status,
                     }
                     return data
                 def __json__(self):
                     data = dict()
                     data.update(self.get_api_data())
                     return data
             class _PullRequestBase(BaseModel):
                 """
                 Common attributes of pull request and version entries.
                 """
                 # .status values
                 STATUS_NEW = u'new'
                 STATUS_OPEN = u'open'
                 STATUS_CLOSED = u'closed'
                 title = Column('title', Unicode(255), nullable=True)
                 description = Column(
                     'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
                     nullable=True)
                 # new/open/closed status of pull request (not approve/reject/etc)
                 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
                 created_on = Column(
                     'created_on', DateTime(timezone=False), nullable=False,
                     default=datetime.datetime.now)
                 updated_on = Column(
                     'updated_on', DateTime(timezone=False), nullable=False,
                     default=datetime.datetime.now)
                 @declared_attr
                 def user_id(cls):
                     return Column(
                         "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
                         unique=None)
                 # 500 revisions max
                 _revisions = Column(
                     'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
                 @declared_attr
                 def source_repo_id(cls):
                     # TODO: dan: rename column to source_repo_id
                     return Column(
                         'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
                         nullable=False)
                 source_ref = Column('org_ref', Unicode(255), nullable=False)
                 @declared_attr
                 def target_repo_id(cls):
                     # TODO: dan: rename column to target_repo_id
                     return Column(
                         'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
                         nullable=False)
                 target_ref = Column('other_ref', Unicode(255), nullable=False)
                 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
                 # TODO: dan: rename column to last_merge_source_rev
                 _last_merge_source_rev = Column(
                     'last_merge_org_rev', String(40), nullable=True)
                 # TODO: dan: rename column to last_merge_target_rev
                 _last_merge_target_rev = Column(
                     'last_merge_other_rev', String(40), nullable=True)
                 _last_merge_status = Column('merge_status', Integer(), nullable=True)
                 merge_rev = Column('merge_rev', String(40), nullable=True)
                 reviewer_data = Column(
                     'reviewer_data_json', MutationObj.as_mutable(
                         JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                 @property
                 def reviewer_data_json(self):
                     return json.dumps(self.reviewer_data)
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @hybrid_property
                 def revisions(self):
                     return self._revisions.split(':') if self._revisions else []
                 @revisions.setter
                 def revisions(self, val):
                     self._revisions = ':'.join(val)
                 @declared_attr
                 def author(cls):
                     return relationship('User', lazy='joined')
                 @declared_attr
                 def source_repo(cls):
                     return relationship(
                         'Repository',
                         primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
                 @property
                 def source_ref_parts(self):
                     return self.unicode_to_reference(self.source_ref)
                 @declared_attr
                 def target_repo(cls):
                     return relationship(
                         'Repository',
                         primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
                 @property
                 def target_ref_parts(self):
                     return self.unicode_to_reference(self.target_ref)
                 @property
                 def shadow_merge_ref(self):
                     return self.unicode_to_reference(self._shadow_merge_ref)
                 @shadow_merge_ref.setter
                 def shadow_merge_ref(self, ref):
                     self._shadow_merge_ref = self.reference_to_unicode(ref)
                 def unicode_to_reference(self, raw):
                     """
                     Convert a unicode (or string) to a reference object.
                     If unicode evaluates to False it returns None.
                     """
                     if raw:
                         refs = raw.split(':')
                         return Reference(*refs)
                     else:
                         return None
                 def reference_to_unicode(self, ref):
                     """
                     Convert a reference object to unicode.
                     If reference is None it returns None.
                     """
                     if ref:
                         return u':'.join(ref)
                     else:
                         return None
                 def get_api_data(self, with_merge_state=True):
                     from rhodecode.model.pull_request import PullRequestModel
                     pull_request = self
                     if with_merge_state:
                         merge_status = PullRequestModel().merge_status(pull_request)
                         merge_state = {
                             'status': merge_status[0],
                             'message': safe_unicode(merge_status[1]),
                         }
                     else:
                         merge_state = {'status': 'not_available',
                                        'message': 'not_available'}
                     merge_data = {
                         'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
                         'reference': (
                             pull_request.shadow_merge_ref._asdict()
                             if pull_request.shadow_merge_ref else None),
                     }
                     data = {
                         'pull_request_id': pull_request.pull_request_id,
                         'url': PullRequestModel().get_url(pull_request),
                         'title': pull_request.title,
                         'description': pull_request.description,
                         'status': pull_request.status,
                         'created_on': pull_request.created_on,
                         'updated_on': pull_request.updated_on,
                         'commit_ids': pull_request.revisions,
                         'review_status': pull_request.calculated_review_status(),
                         'mergeable': merge_state,
                         'source': {
                             'clone_url': pull_request.source_repo.clone_url(),
                             'repository': pull_request.source_repo.repo_name,
                             'reference': {
                                 'name': pull_request.source_ref_parts.name,
                                 'type': pull_request.source_ref_parts.type,
                                 'commit_id': pull_request.source_ref_parts.commit_id,
                             },
                         },
                         'target': {
                             'clone_url': pull_request.target_repo.clone_url(),
                             'repository': pull_request.target_repo.repo_name,
                             'reference': {
                                 'name': pull_request.target_ref_parts.name,
                                 'type': pull_request.target_ref_parts.type,
                                 'commit_id': pull_request.target_ref_parts.commit_id,
                             },
                         },
                         'merge': merge_data,
                         'author': pull_request.author.get_api_data(include_secrets=False,
                                                                    details='basic'),
                         'reviewers': [
                             {
                                 'user': reviewer.get_api_data(include_secrets=False,
                                                               details='basic'),
                                 'reasons': reasons,
                                 'review_status': st[0][1].status if st else 'not_reviewed',
                             }
                             for reviewer, reasons, mandatory, st in
                             pull_request.reviewers_statuses()
                         ]
                     }
                     return data
             class PullRequest(Base, _PullRequestBase):
                 __tablename__ = 'pull_requests'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 pull_request_id = Column(
                     'pull_request_id', Integer(), nullable=False, primary_key=True)
                 def __repr__(self):
                     if self.pull_request_id:
                         return '<DB:PullRequest #%s>' % self.pull_request_id
                     else:
                         return '<DB:PullRequest at %#x>' % id(self)
                 reviewers = relationship('PullRequestReviewers',
                                          cascade="all, delete, delete-orphan")
                 statuses = relationship('ChangesetStatus',
                                         cascade="all, delete, delete-orphan")
                 comments = relationship('ChangesetComment',
                                         cascade="all, delete, delete-orphan")
                 versions = relationship('PullRequestVersion',
                                         cascade="all, delete, delete-orphan",
                                         lazy='dynamic')
                 @classmethod
                 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
                                           internal_methods=None):
                     class PullRequestDisplay(object):
                         """
                         Special object wrapper for showing PullRequest data via Versions
                         It mimics PR object as close as possible. This is read only object
                         just for display
                         """
                         def __init__(self, attrs, internal=None):
                             self.attrs = attrs
                             # internal have priority over the given ones via attrs
                             self.internal = internal or ['versions']
                         def __getattr__(self, item):
                             if item in self.internal:
                                 return getattr(self, item)
                             try:
                                 return self.attrs[item]
                             except KeyError:
                                 raise AttributeError(
                                     '%s object has no attribute %s' % (self, item))
                         def __repr__(self):
                             return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
                         def versions(self):
                             return pull_request_obj.versions.order_by(
                                 PullRequestVersion.pull_request_version_id).all()
                         def is_closed(self):
                             return pull_request_obj.is_closed()
                         @property
                         def pull_request_version_id(self):
                             return getattr(pull_request_obj, 'pull_request_version_id', None)
                     attrs = StrictAttributeDict(pull_request_obj.get_api_data())
                     attrs.author = StrictAttributeDict(
                         pull_request_obj.author.get_api_data())
                     if pull_request_obj.target_repo:
                         attrs.target_repo = StrictAttributeDict(
                             pull_request_obj.target_repo.get_api_data())
                         attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
                     if pull_request_obj.source_repo:
                         attrs.source_repo = StrictAttributeDict(
                             pull_request_obj.source_repo.get_api_data())
                         attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
                     attrs.source_ref_parts = pull_request_obj.source_ref_parts
                     attrs.target_ref_parts = pull_request_obj.target_ref_parts
                     attrs.revisions = pull_request_obj.revisions
                     attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
                     attrs.reviewer_data = org_pull_request_obj.reviewer_data
                     attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
                     return PullRequestDisplay(attrs, internal=internal_methods)
                 def is_closed(self):
                     return self.status == self.STATUS_CLOSED
                 def __json__(self):
                     return {
                         'revisions': self.revisions,
                     }
                 def calculated_review_status(self):
                     from rhodecode.model.changeset_status import ChangesetStatusModel
                     return ChangesetStatusModel().calculated_review_status(self)
                 def reviewers_statuses(self):
                     from rhodecode.model.changeset_status import ChangesetStatusModel
                     return ChangesetStatusModel().reviewers_statuses(self)
                 @property
                 def workspace_id(self):
                     from rhodecode.model.pull_request import PullRequestModel
                     return PullRequestModel()._workspace_id(self)
                 def get_shadow_repo(self):
                     workspace_id = self.workspace_id
                     vcs_obj = self.target_repo.scm_instance()
                     shadow_repository_path = vcs_obj._get_shadow_repository_path(
                         workspace_id)
                     return vcs_obj._get_shadow_instance(shadow_repository_path)
             class PullRequestVersion(Base, _PullRequestBase):
                 __tablename__ = 'pull_request_versions'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 pull_request_version_id = Column(
                     'pull_request_version_id', Integer(), nullable=False, primary_key=True)
                 pull_request_id = Column(
                     'pull_request_id', Integer(),
                     ForeignKey('pull_requests.pull_request_id'), nullable=False)
                 pull_request = relationship('PullRequest')
                 def __repr__(self):
                     if self.pull_request_version_id:
                         return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
                     else:
                         return '<DB:PullRequestVersion at %#x>' % id(self)
                 @property
                 def reviewers(self):
                     return self.pull_request.reviewers
                 @property
                 def versions(self):
                     return self.pull_request.versions
                 def is_closed(self):
                     # calculate from original
                     return self.pull_request.status == self.STATUS_CLOSED
                 def calculated_review_status(self):
                     return self.pull_request.calculated_review_status()
                 def reviewers_statuses(self):
                     return self.pull_request.reviewers_statuses()
             class PullRequestReviewers(Base, BaseModel):
                 __tablename__ = 'pull_request_reviewers'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 @hybrid_property
                 def reasons(self):
                     if not self._reasons:
                         return []
                     return self._reasons
                 @reasons.setter
                 def reasons(self, val):
                     val = val or []
                     if any(not isinstance(x, basestring) for x in val):
                         raise Exception('invalid reasons type, must be list of strings')
                     self._reasons = val
                 pull_requests_reviewers_id = Column(
                     'pull_requests_reviewers_id', Integer(), nullable=False,
                     primary_key=True)
                 pull_request_id = Column(
                     "pull_request_id", Integer(),
                     ForeignKey('pull_requests.pull_request_id'), nullable=False)
                 user_id = Column(
                     "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
                 _reasons = Column(
                     'reason', MutationList.as_mutable(
                         JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
                 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                 user = relationship('User')
                 pull_request = relationship('PullRequest')
             class Notification(Base, BaseModel):
                 __tablename__ = 'notifications'
                 __table_args__ = (
                     Index('notification_type_idx', 'type'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 TYPE_CHANGESET_COMMENT = u'cs_comment'
                 TYPE_MESSAGE = u'message'
                 TYPE_MENTION = u'mention'
                 TYPE_REGISTRATION = u'registration'
                 TYPE_PULL_REQUEST = u'pull_request'
                 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
                 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
                 subject = Column('subject', Unicode(512), nullable=True)
                 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
                 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 type_ = Column('type', Unicode(255))
                 created_by_user = relationship('User')
                 notifications_to_users = relationship('UserNotification', lazy='joined',
                                                       cascade="all, delete, delete-orphan")
                 @property
                 def recipients(self):
                     return [x.user for x in UserNotification.query()\
                             .filter(UserNotification.notification == self)\
                             .order_by(UserNotification.user_id.asc()).all()]
                 @classmethod
                 def create(cls, created_by, subject, body, recipients, type_=None):
                     if type_ is None:
                         type_ = Notification.TYPE_MESSAGE
                     notification = cls()
                     notification.created_by_user = created_by
                     notification.subject = subject
                     notification.body = body
                     notification.type_ = type_
                     notification.created_on = datetime.datetime.now()
                     for u in recipients:
                         assoc = UserNotification()
                         assoc.notification = notification
                         # if created_by is inside recipients mark his notification
                         # as read
                         if u.user_id == created_by.user_id:
                             assoc.read = True
                         u.notifications.append(assoc)
                     Session().add(notification)
                     return notification
                 @property
                 def description(self):
                     from rhodecode.model.notification import NotificationModel
                     return NotificationModel().make_description(self)
             class UserNotification(Base, BaseModel):
                 __tablename__ = 'user_to_notification'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'notification_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
                 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
                 read = Column('read', Boolean, default=False)
                 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
                 user = relationship('User', lazy="joined")
                 notification = relationship('Notification', lazy="joined",
                                             order_by=lambda: Notification.created_on.desc(),)
                 def mark_as_read(self):
                     self.read = True
                     Session().add(self)
             class Gist(Base, BaseModel):
                 __tablename__ = 'gists'
                 __table_args__ = (
                     Index('g_gist_access_id_idx', 'gist_access_id'),
                     Index('g_created_on_idx', 'created_on'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 GIST_PUBLIC = u'public'
                 GIST_PRIVATE = u'private'
                 DEFAULT_FILENAME = u'gistfile1.txt'
                 ACL_LEVEL_PUBLIC = u'acl_public'
                 ACL_LEVEL_PRIVATE = u'acl_private'
                 gist_id = Column('gist_id', Integer(), primary_key=True)
                 gist_access_id = Column('gist_access_id', Unicode(250))
                 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
                 gist_expires = Column('gist_expires', Float(53), nullable=False)
                 gist_type = Column('gist_type', Unicode(128), nullable=False)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 acl_level = Column('acl_level', Unicode(128), nullable=True)
                 owner = relationship('User')
                 def __repr__(self):
                     return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.gist_description)
                 @classmethod
                 def get_or_404(cls, id_, pyramid_exc=False):
                     if pyramid_exc:
                         from pyramid.httpexceptions import HTTPNotFound
                     else:
                         from webob.exc import HTTPNotFound
                     res = cls.query().filter(cls.gist_access_id == id_).scalar()
                     if not res:
                         raise HTTPNotFound
                     return res
                 @classmethod
                 def get_by_access_id(cls, gist_access_id):
                     return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
                 def gist_url(self):
-                    import rhodecode
+                    from rhodecode.model.gist import GistModel
-                    from pylons import url
+                    return GistModel().get_url(self)
-                    alias_url = rhodecode.CONFIG.get('gist_alias_url')
-                    if alias_url:
-                        return alias_url.replace('{gistid}', self.gist_access_id)
-                    return url('gist', gist_id=self.gist_access_id, qualified=True)
                 @classmethod
                 def base_path(cls):
                     """
                     Returns base path when all gists are stored
                     :param cls:
                     """
                     from rhodecode.model.gist import GIST_STORE_LOC
                     q = Session().query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == URL_SEP)
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return os.path.join(q.one().ui_value, GIST_STORE_LOC)
                 def get_api_data(self):
                     """
                     Common function for generating gist related data for API
                     """
                     gist = self
                     data = {
                         'gist_id': gist.gist_id,
                         'type': gist.gist_type,
                         'access_id': gist.gist_access_id,
                         'description': gist.gist_description,
                         'url': gist.gist_url(),
                         'expires': gist.gist_expires,
                         'created_on': gist.created_on,
                         'modified_at': gist.modified_at,
                         'content': None,
                         'acl_level': gist.acl_level,
                     }
                     return data
                 def __json__(self):
                     data = dict(
                     )
                     data.update(self.get_api_data())
                     return data
                 # SCM functions
                 def scm_instance(self, **kwargs):
                     full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
                     return get_vcs_instance(
                         repo_path=safe_str(full_repo_path), create=False)
             class ExternalIdentity(Base, BaseModel):
                 __tablename__ = 'external_identities'
                 __table_args__ = (
                     Index('local_user_id_idx', 'local_user_id'),
                     Index('external_id_idx', 'external_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'})
                 external_id = Column('external_id', Unicode(255), default=u'',
                                      primary_key=True)
                 external_username = Column('external_username', Unicode(1024), default=u'')
                 local_user_id = Column('local_user_id', Integer(),
                                        ForeignKey('users.user_id'), primary_key=True)
                 provider_name = Column('provider_name', Unicode(255), default=u'',
                                        primary_key=True)
                 access_token = Column('access_token', String(1024), default=u'')
                 alt_token = Column('alt_token', String(1024), default=u'')
                 token_secret = Column('token_secret', String(1024), default=u'')
                 @classmethod
                 def by_external_id_and_provider(cls, external_id, provider_name,
                                                 local_user_id=None):
                     """
                     Returns ExternalIdentity instance based on search params
                     :param external_id:
                     :param provider_name:
                     :return: ExternalIdentity
                     """
                     query = cls.query()
                     query = query.filter(cls.external_id == external_id)
                     query = query.filter(cls.provider_name == provider_name)
                     if local_user_id:
                         query = query.filter(cls.local_user_id == local_user_id)
                     return query.first()
                 @classmethod
                 def user_by_external_id_and_provider(cls, external_id, provider_name):
                     """
                     Returns User instance based on search params
                     :param external_id:
                     :param provider_name:
                     :return: User
                     """
                     query = User.query()
                     query = query.filter(cls.external_id == external_id)
                     query = query.filter(cls.provider_name == provider_name)
                     query = query.filter(User.user_id == cls.local_user_id)
                     return query.first()
                 @classmethod
                 def by_local_user_id(cls, local_user_id):
                     """
                     Returns all tokens for user
                     :param local_user_id:
                     :return: ExternalIdentity
                     """
                     query = cls.query()
                     query = query.filter(cls.local_user_id == local_user_id)
                     return query
             class Integration(Base, BaseModel):
                 __tablename__ = 'integrations'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 integration_id = Column('integration_id', Integer(), primary_key=True)
                 integration_type = Column('integration_type', String(255))
                 enabled = Column('enabled', Boolean(), nullable=False)
                 name = Column('name', String(255), nullable=False)
                 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
                     default=False)
                 settings = Column(
                     'settings_json', MutationObj.as_mutable(
                         JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                 repo_id = Column(
                     'repo_id', Integer(), ForeignKey('repositories.repo_id'),
                     nullable=True, unique=None, default=None)
                 repo = relationship('Repository', lazy='joined')
                 repo_group_id = Column(
                     'repo_group_id', Integer(), ForeignKey('groups.group_id'),
                     nullable=True, unique=None, default=None)
                 repo_group = relationship('RepoGroup', lazy='joined')
                 @property
                 def scope(self):
                     if self.repo:
                         return repr(self.repo)
                     if self.repo_group:
                         if self.child_repos_only:
                             return repr(self.repo_group) + ' (child repos only)'
                         else:
                             return repr(self.repo_group) + ' (recursive)'
                     if self.child_repos_only:
                         return 'root_repos'
                     return 'global'
                 def __repr__(self):
                     return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
             class RepoReviewRuleUser(Base, BaseModel):
                 __tablename__ = 'repo_review_rules_users'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
                 )
                 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
                 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
                 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                 user = relationship('User')
                 def rule_data(self):
                     return {
                         'mandatory': self.mandatory
                     }
             class RepoReviewRuleUserGroup(Base, BaseModel):
                 __tablename__ = 'repo_review_rules_users_groups'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
                 )
                 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
                 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
                 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
                 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                 users_group = relationship('UserGroup')
                 def rule_data(self):
                     return {
                         'mandatory': self.mandatory
                     }
             class RepoReviewRule(Base, BaseModel):
                 __tablename__ = 'repo_review_rules'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
                 )
                 repo_review_rule_id = Column(
                     'repo_review_rule_id', Integer(), primary_key=True)
                 repo_id = Column(
                     "repo_id", Integer(), ForeignKey('repositories.repo_id'))
                 repo = relationship('Repository', backref='review_rules')
                 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*')  # glob
                 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*')  # glob
                 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
                 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
                 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
                 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
                 rule_users = relationship('RepoReviewRuleUser')
                 rule_user_groups = relationship('RepoReviewRuleUserGroup')
                 @hybrid_property
                 def branch_pattern(self):
                     return self._branch_pattern or '*'
                 def _validate_glob(self, value):
                     re.compile('^' + glob2re(value) + '$')
                 @branch_pattern.setter
                 def branch_pattern(self, value):
                     self._validate_glob(value)
                     self._branch_pattern = value or '*'
                 @hybrid_property
                 def file_pattern(self):
                     return self._file_pattern or '*'
                 @file_pattern.setter
                 def file_pattern(self, value):
                     self._validate_glob(value)
                     self._file_pattern = value or '*'
                 def matches(self, branch, files_changed):
                     """
                     Check if this review rule matches a branch/files in a pull request
                     :param branch: branch name for the commit
                     :param files_changed: list of file paths changed in the pull request
                     """
                     branch = branch or ''
                     files_changed = files_changed or []
                     branch_matches = True
                     if branch:
                         branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
                         branch_matches = bool(branch_regex.search(branch))
                     files_matches = True
                     if self.file_pattern != '*':
                         files_matches = False
                         file_regex = re.compile(glob2re(self.file_pattern))
                         for filename in files_changed:
                             if file_regex.search(filename):
                                 files_matches = True
                                 break
                     return branch_matches and files_matches
                 @property
                 def review_users(self):
                     """ Returns the users which this rule applies to """
                     users = collections.OrderedDict()
                     for rule_user in self.rule_users:
                         if rule_user.user.active:
                             if rule_user.user not in users:
                                 users[rule_user.user.username] = {
                                     'user': rule_user.user,
                                     'source': 'user',
                                     'source_data': {},
                                     'data': rule_user.rule_data()
                                 }
                     for rule_user_group in self.rule_user_groups:
                         source_data = {
                             'name': rule_user_group.users_group.users_group_name,
                             'members': len(rule_user_group.users_group.members)
                         }
                         for member in rule_user_group.users_group.members:
                             if member.user.active:
                                 users[member.user.username] = {
                                     'user': member.user,
                                     'source': 'user_group',
                                     'source_data': source_data,
                                     'data': rule_user_group.rule_data()
                                 }
                     return users
                 def __repr__(self):
                     return '<RepoReviewerRule(id=%r, repo=%r)>' % (
                         self.repo_review_rule_id, self.repo)
             class DbMigrateVersion(Base, BaseModel):
                 __tablename__ = 'db_migrate_version'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 repository_id = Column('repository_id', String(250), primary_key=True)
                 repository_path = Column('repository_path', Text)
                 version = Column('version', Integer)
             class DbSession(Base, BaseModel):
                 __tablename__ = 'db_session'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 def __repr__(self):
                     return '<DB:DbSession({})>'.format(self.id)
                 id = Column('id', Integer())
                 namespace = Column('namespace', String(255), primary_key=True)
                 accessed = Column('accessed', DateTime, nullable=False)
                 created = Column('created', DateTime, nullable=False)
                 data = Column('data', PickleType, nullable=False)

rhodecode/model/gist.py

0 +15 0

             # -*- coding: utf-8 -*-
             # Copyright (C) 2013-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             gist model for RhodeCode
             """
             import os
             import time
             import logging
             import traceback
             import shutil
+            from pyramid.threadlocal import get_current_request
             from rhodecode.lib.utils2 import (
                 safe_unicode, unique_id, safe_int, time_to_datetime, AttributeDict)
             from rhodecode.lib.ext_json import json
             from rhodecode.model import BaseModel
             from rhodecode.model.db import Gist
             from rhodecode.model.repo import RepoModel
             from rhodecode.model.scm import ScmModel
             log = logging.getLogger(__name__)
             GIST_STORE_LOC = '.rc_gist_store'
             GIST_METADATA_FILE = '.rc_gist_metadata'
             class GistModel(BaseModel):
                 cls = Gist
                 def _get_gist(self, gist):
                     """
                     Helper method to get gist by ID, or gist_access_id as a fallback
                     :param gist: GistID, gist_access_id, or Gist instance
                     """
                     return self._get_instance(Gist, gist, callback=Gist.get_by_access_id)
                 def __delete_gist(self, gist):
                     """
                     removes gist from filesystem
                     :param gist: gist object
                     """
                     root_path = RepoModel().repos_path
                     rm_path = os.path.join(root_path, GIST_STORE_LOC, gist.gist_access_id)
                     log.info("Removing %s", rm_path)
                     shutil.rmtree(rm_path)
                 def _store_metadata(self, repo, gist_id, gist_access_id, user_id, username,
                                     gist_type, gist_expires, gist_acl_level):
                     """
                     store metadata inside the gist repo, this can be later used for imports
                     or gist identification. Currently we use this inside RhodeCode tools
                     to do cleanup of gists that are in storage but not in database.
                     """
                     metadata = {
                         'metadata_version': '2',
                         'gist_db_id': gist_id,
                         'gist_access_id': gist_access_id,
                         'gist_owner_id': user_id,
                         'gist_owner_username': username,
                         'gist_type': gist_type,
                         'gist_expires': gist_expires,
                         'gist_updated': time.time(),
                         'gist_acl_level': gist_acl_level,
                     }
                     metadata_file = os.path.join(repo.path, '.hg', GIST_METADATA_FILE)
                     with open(metadata_file, 'wb') as f:
                         f.write(json.dumps(metadata))
                 def get_gist(self, gist):
                     return self._get_gist(gist)
                 def get_gist_files(self, gist_access_id, revision=None):
                     """
                     Get files for given gist
                     :param gist_access_id:
                     """
                     repo = Gist.get_by_access_id(gist_access_id)
                     commit = repo.scm_instance().get_commit(commit_id=revision)
                     return commit, [n for n in commit.get_node('/')]
                 def create(self, description, owner, gist_mapping,
                            gist_type=Gist.GIST_PUBLIC, lifetime=-1, gist_id=None,
                            gist_acl_level=Gist.ACL_LEVEL_PRIVATE):
                     """
                     Create a gist
                     :param description: description of the gist
                     :param owner: user who created this gist
                     :param gist_mapping: mapping [{'filename': 'file1.txt', 'content': content}, ...}]
                     :param gist_type: type of gist private/public
                     :param lifetime: in minutes, -1 == forever
                     :param gist_acl_level: acl level for this gist
                     """
                     owner = self._get_user(owner)
                     gist_id = safe_unicode(gist_id or unique_id(20))
                     lifetime = safe_int(lifetime, -1)
                     gist_expires = time.time() + (lifetime * 60) if lifetime != -1 else -1
                     expiration = (time_to_datetime(gist_expires)
                                   if gist_expires != -1 else 'forever')
                     log.debug('set GIST expiration date to: %s', expiration)
                     # create the Database version
                     gist = Gist()
                     gist.gist_description = description
                     gist.gist_access_id = gist_id
                     gist.gist_owner = owner.user_id
                     gist.gist_expires = gist_expires
                     gist.gist_type = safe_unicode(gist_type)
                     gist.acl_level = gist_acl_level
                     self.sa.add(gist)
                     self.sa.flush()
                     if gist_type == Gist.GIST_PUBLIC:
                         # use DB ID for easy to use GIST ID
                         gist_id = safe_unicode(gist.gist_id)
                         gist.gist_access_id = gist_id
                         self.sa.add(gist)
                     gist_repo_path = os.path.join(GIST_STORE_LOC, gist_id)
                     log.debug('Creating new %s GIST repo in %s', gist_type, gist_repo_path)
                     repo = RepoModel()._create_filesystem_repo(
                         repo_name=gist_id, repo_type='hg', repo_group=GIST_STORE_LOC,
                         use_global_config=True)
                     # now create single multifile commit
                     message = 'added file'
                     message += 's: ' if len(gist_mapping) > 1 else ': '
                     message += ', '.join([x for x in gist_mapping])
                     # fake RhodeCode Repository object
                     fake_repo = AttributeDict({
                         'repo_name': gist_repo_path,
                         'scm_instance': lambda *args, **kwargs: repo,
                     })
                     ScmModel().create_nodes(
                         user=owner.user_id, repo=fake_repo,
                         message=message,
                         nodes=gist_mapping,
                         trigger_push_hook=False
                     )
                     self._store_metadata(repo, gist.gist_id, gist.gist_access_id,
                                          owner.user_id, owner.username, gist.gist_type,
                                          gist.gist_expires, gist_acl_level)
                     return gist
                 def delete(self, gist, fs_remove=True):
                     gist = self._get_gist(gist)
                     try:
                         self.sa.delete(gist)
                         if fs_remove:
                             self.__delete_gist(gist)
                         else:
                             log.debug('skipping removal from filesystem')
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def update(self, gist, description, owner, gist_mapping, lifetime,
                            gist_acl_level):
                     gist = self._get_gist(gist)
                     gist_repo = gist.scm_instance()
                     if lifetime == 0:  # preserve old value
                         gist_expires = gist.gist_expires
                     else:
                         gist_expires = (
                             time.time() + (lifetime * 60) if lifetime != -1 else -1)
                     # calculate operation type based on given data
                     gist_mapping_op = {}
                     for k, v in gist_mapping.items():
                         # add, mod, del
                         if not v['filename_org'] and v['filename']:
                             op = 'add'
                         elif v['filename_org'] and not v['filename']:
                             op = 'del'
                         else:
                             op = 'mod'
                         v['op'] = op
                         gist_mapping_op[k] = v
                     gist.gist_description = description
                     gist.gist_expires = gist_expires
                     gist.owner = owner
                     gist.acl_level = gist_acl_level
                     self.sa.add(gist)
                     self.sa.flush()
                     message = 'updated file'
                     message += 's: ' if len(gist_mapping) > 1 else ': '
                     message += ', '.join([x for x in gist_mapping])
                     # fake RhodeCode Repository object
                     fake_repo = AttributeDict({
                         'repo_name': gist_repo.path,
                         'scm_instance': lambda *args, **kwargs: gist_repo,
                     })
                     self._store_metadata(gist_repo, gist.gist_id, gist.gist_access_id,
                                          owner.user_id, owner.username, gist.gist_type,
                                          gist.gist_expires, gist_acl_level)
                     # this can throw NodeNotChangedError, if changes we're trying to commit
                     # are not actually changes...
                     ScmModel().update_nodes(
                         user=owner.user_id,
                         repo=fake_repo,
                         message=message,
                         nodes=gist_mapping_op,
                         trigger_push_hook=False
                     )
                     return gist
+                def get_url(self, gist, request=None):
+                    import rhodecode
+                    if not request:
+                        request = get_current_request()
+                    alias_url = rhodecode.CONFIG.get('gist_alias_url')
+                    if alias_url:
+                        return alias_url.replace('{gistid}', gist.gist_access_id)
+                    return request.route_url('gist_show', gist_id=gist.gist_access_id)

rhodecode/public/js/rhodecode/base/keyboard-bindings.js

0 +3 -3

             // Global keyboard bindings
             function setRCMouseBindings(repoName, repoLandingRev) {
                 /** custom callback for supressing mousetrap from firing */
                 Mousetrap.stopCallback = function(e, element) {
                     // if the element has the class "mousetrap" then no need to stop
                     if ((' ' + element.className + ' ').indexOf(' mousetrap ') > -1) {
                         return false;
                     }
                     // stop for input, select, and textarea
                     return element.tagName == 'INPUT' || element.tagName == 'SELECT' || element.tagName == 'TEXTAREA' || element.isContentEditable;
                 };
                 // general help "?"
                 Mousetrap.bind(['?'], function(e) {
                     $('#help_kb').modal({});
                 });
                 // / open the quick filter
                 Mousetrap.bind(['/'], function(e) {
                     $('#repo_switcher').select2('open');
                     // return false to prevent default browser behavior
                     // and stop event from bubbling
                     return false;
                 });
                 // ctrl/command+b, show the the main bar
                 Mousetrap.bind(['command+b', 'ctrl+b'], function(e) {
                     var $headerInner = $('#header-inner'),
                         $content = $('#content');
                     if ($headerInner.hasClass('hover') && $content.hasClass('hover')) {
                         $headerInner.removeClass('hover');
                         $content.removeClass('hover');
                     } else {
                         $headerInner.addClass('hover');
                         $content.addClass('hover');
                     }
                     return false;
                 });
                 // general nav g + action
                 Mousetrap.bind(['g h'], function(e) {
                     window.location = pyroutes.url('home');
                 });
                 Mousetrap.bind(['g g'], function(e) {
-                    window.location = pyroutes.url('gists', {'private': 1});
+                    window.location = pyroutes.url('gists_show', {'private': 1});
                 });
                 Mousetrap.bind(['g G'], function(e) {
-                    window.location = pyroutes.url('gists', {'public': 1});
+                    window.location = pyroutes.url('gists_show', {'public': 1});
                 });
                 Mousetrap.bind(['n g'], function(e) {
-                    window.location = pyroutes.url('new_gist');
+                    window.location = pyroutes.url('gists_new');
                 });
                 Mousetrap.bind(['n r'], function(e) {
                     window.location = pyroutes.url('new_repo');
                 });
                 if (repoName && repoName != '') {
                     // nav in repo context
                     Mousetrap.bind(['g s'], function(e) {
                         window.location = pyroutes.url(
                             'repo_summary', {'repo_name': repoName});
                     });
                     Mousetrap.bind(['g c'], function(e) {
                         window.location = pyroutes.url(
                             'changelog_home', {'repo_name': repoName});
                     });
                     Mousetrap.bind(['g F'], function(e) {
                         window.location = pyroutes.url(
                             'files_home',
                             {
                                 'repo_name': repoName,
                                 'revision': repoLandingRev,
                                 'f_path': '',
                                 'search': '1'
                             });
                     });
                     Mousetrap.bind(['g f'], function(e) {
                         window.location = pyroutes.url(
                             'files_home',
                             {
                                 'repo_name': repoName,
                                 'revision': repoLandingRev,
                                 'f_path': ''
                             });
                     });
                     Mousetrap.bind(['g o'], function(e) {
                         window.location = pyroutes.url(
                             'edit_repo', {'repo_name': repoName});
                     });
                     Mousetrap.bind(['g O'], function(e) {
                         window.location = pyroutes.url(
                             'edit_repo_perms', {'repo_name': repoName});
                     });
                 }
             }
             setRCMouseBindings(templateContext.repo_name, templateContext.repo_landing_commit);

rhodecode/public/js/rhodecode/routes.js

0 +11 -2

             /******************************************************************************
              *                                                                            *
              *                      DO NOT CHANGE THIS FILE MANUALLY                      *
              *                                                                            *
              *                                                                            *
              *        This file is automatically generated when the app starts up with    *
              *                         generate_js_files = true                           *
              *                                                                            *
              *  To add a route here pass jsroute=True to the route definition in the app  *
              *                                                                            *
              ******************************************************************************/
             function registerRCRoutes() {
                 // routes registration
                 pyroutes.register('new_repo', '/_admin/create_repository', []);
                 pyroutes.register('edit_user', '/_admin/users/%(user_id)s/edit', ['user_id']);
                 pyroutes.register('edit_user_group_members', '/_admin/user_groups/%(user_group_id)s/edit/members', ['user_group_id']);
-                pyroutes.register('gists', '/_admin/gists', []);
-                pyroutes.register('new_gist', '/_admin/gists/new', []);
                 pyroutes.register('toggle_following', '/_admin/toggle_following', []);
                 pyroutes.register('changeset_home', '/%(repo_name)s/changeset/%(revision)s', ['repo_name', 'revision']);
                 pyroutes.register('changeset_comment', '/%(repo_name)s/changeset/%(revision)s/comment', ['repo_name', 'revision']);
                 pyroutes.register('changeset_comment_preview', '/%(repo_name)s/changeset/comment/preview', ['repo_name']);
                 pyroutes.register('changeset_comment_delete', '/%(repo_name)s/changeset/comment/%(comment_id)s/delete', ['repo_name', 'comment_id']);
                 pyroutes.register('changeset_info', '/%(repo_name)s/changeset_info/%(revision)s', ['repo_name', 'revision']);
                 pyroutes.register('compare_url', '/%(repo_name)s/compare/%(source_ref_type)s@%(source_ref)s...%(target_ref_type)s@%(target_ref)s', ['repo_name', 'source_ref_type', 'source_ref', 'target_ref_type', 'target_ref']);
                 pyroutes.register('pullrequest_home', '/%(repo_name)s/pull-request/new', ['repo_name']);
                 pyroutes.register('pullrequest', '/%(repo_name)s/pull-request/new', ['repo_name']);
                 pyroutes.register('pullrequest_repo_refs', '/%(repo_name)s/pull-request/refs/%(target_repo_name)s', ['repo_name', 'target_repo_name']);
                 pyroutes.register('pullrequest_repo_destinations', '/%(repo_name)s/pull-request/repo-destinations', ['repo_name']);
                 pyroutes.register('pullrequest_show', '/%(repo_name)s/pull-request/%(pull_request_id)s', ['repo_name', 'pull_request_id']);
                 pyroutes.register('pullrequest_update', '/%(repo_name)s/pull-request/%(pull_request_id)s', ['repo_name', 'pull_request_id']);
                 pyroutes.register('pullrequest_comment', '/%(repo_name)s/pull-request-comment/%(pull_request_id)s', ['repo_name', 'pull_request_id']);
                 pyroutes.register('pullrequest_comment_delete', '/%(repo_name)s/pull-request-comment/%(comment_id)s/delete', ['repo_name', 'comment_id']);
                 pyroutes.register('changelog_home', '/%(repo_name)s/changelog', ['repo_name']);
                 pyroutes.register('changelog_file_home', '/%(repo_name)s/changelog/%(revision)s/%(f_path)s', ['repo_name', 'revision', 'f_path']);
                 pyroutes.register('changelog_elements', '/%(repo_name)s/changelog_details', ['repo_name']);
                 pyroutes.register('files_home', '/%(repo_name)s/files/%(revision)s/%(f_path)s', ['repo_name', 'revision', 'f_path']);
                 pyroutes.register('files_history_home', '/%(repo_name)s/history/%(revision)s/%(f_path)s', ['repo_name', 'revision', 'f_path']);
                 pyroutes.register('files_authors_home', '/%(repo_name)s/authors/%(revision)s/%(f_path)s', ['repo_name', 'revision', 'f_path']);
                 pyroutes.register('files_annotate_home', '/%(repo_name)s/annotate/%(revision)s/%(f_path)s', ['repo_name', 'revision', 'f_path']);
                 pyroutes.register('files_annotate_previous', '/%(repo_name)s/annotate-previous/%(revision)s/%(f_path)s', ['repo_name', 'revision', 'f_path']);
                 pyroutes.register('files_archive_home', '/%(repo_name)s/archive/%(fname)s', ['repo_name', 'fname']);
                 pyroutes.register('files_nodelist_home', '/%(repo_name)s/nodelist/%(revision)s/%(f_path)s', ['repo_name', 'revision', 'f_path']);
                 pyroutes.register('files_nodetree_full', '/%(repo_name)s/nodetree_full/%(commit_id)s/%(f_path)s', ['repo_name', 'commit_id', 'f_path']);
                 pyroutes.register('favicon', '/favicon.ico', []);
                 pyroutes.register('robots', '/robots.txt', []);
                 pyroutes.register('auth_home', '/_admin/auth*traverse', []);
                 pyroutes.register('global_integrations_new', '/_admin/integrations/new', []);
                 pyroutes.register('global_integrations_home', '/_admin/integrations', []);
                 pyroutes.register('global_integrations_list', '/_admin/integrations/%(integration)s', ['integration']);
                 pyroutes.register('global_integrations_create', '/_admin/integrations/%(integration)s/new', ['integration']);
                 pyroutes.register('global_integrations_edit', '/_admin/integrations/%(integration)s/%(integration_id)s', ['integration', 'integration_id']);
                 pyroutes.register('repo_group_integrations_home', '/%(repo_group_name)s/settings/integrations', ['repo_group_name']);
                 pyroutes.register('repo_group_integrations_list', '/%(repo_group_name)s/settings/integrations/%(integration)s', ['repo_group_name', 'integration']);
                 pyroutes.register('repo_group_integrations_new', '/%(repo_group_name)s/settings/integrations/new', ['repo_group_name']);
                 pyroutes.register('repo_group_integrations_create', '/%(repo_group_name)s/settings/integrations/%(integration)s/new', ['repo_group_name', 'integration']);
                 pyroutes.register('repo_group_integrations_edit', '/%(repo_group_name)s/settings/integrations/%(integration)s/%(integration_id)s', ['repo_group_name', 'integration', 'integration_id']);
                 pyroutes.register('repo_integrations_home', '/%(repo_name)s/settings/integrations', ['repo_name']);
                 pyroutes.register('repo_integrations_list', '/%(repo_name)s/settings/integrations/%(integration)s', ['repo_name', 'integration']);
                 pyroutes.register('repo_integrations_new', '/%(repo_name)s/settings/integrations/new', ['repo_name']);
                 pyroutes.register('repo_integrations_create', '/%(repo_name)s/settings/integrations/%(integration)s/new', ['repo_name', 'integration']);
                 pyroutes.register('repo_integrations_edit', '/%(repo_name)s/settings/integrations/%(integration)s/%(integration_id)s', ['repo_name', 'integration', 'integration_id']);
                 pyroutes.register('ops_ping', '/_admin/ops/ping', []);
                 pyroutes.register('admin_home', '/_admin', []);
                 pyroutes.register('admin_audit_logs', '/_admin/audit_logs', []);
                 pyroutes.register('pull_requests_global_0', '/_admin/pull_requests/%(pull_request_id)s', ['pull_request_id']);
                 pyroutes.register('pull_requests_global_1', '/_admin/pull-requests/%(pull_request_id)s', ['pull_request_id']);
                 pyroutes.register('pull_requests_global', '/_admin/pull-request/%(pull_request_id)s', ['pull_request_id']);
                 pyroutes.register('admin_settings_open_source', '/_admin/settings/open_source', []);
                 pyroutes.register('admin_settings_vcs_svn_generate_cfg', '/_admin/settings/vcs/svn_generate_cfg', []);
                 pyroutes.register('admin_settings_system', '/_admin/settings/system', []);
                 pyroutes.register('admin_settings_system_update', '/_admin/settings/system/updates', []);
                 pyroutes.register('admin_settings_sessions', '/_admin/settings/sessions', []);
                 pyroutes.register('admin_settings_sessions_cleanup', '/_admin/settings/sessions/cleanup', []);
                 pyroutes.register('admin_settings_process_management', '/_admin/settings/process_management', []);
                 pyroutes.register('admin_settings_process_management_signal', '/_admin/settings/process_management/signal', []);
                 pyroutes.register('admin_permissions_ips', '/_admin/permissions/ips', []);
                 pyroutes.register('users', '/_admin/users', []);
                 pyroutes.register('users_data', '/_admin/users_data', []);
                 pyroutes.register('edit_user_auth_tokens', '/_admin/users/%(user_id)s/edit/auth_tokens', ['user_id']);
                 pyroutes.register('edit_user_auth_tokens_add', '/_admin/users/%(user_id)s/edit/auth_tokens/new', ['user_id']);
                 pyroutes.register('edit_user_auth_tokens_delete', '/_admin/users/%(user_id)s/edit/auth_tokens/delete', ['user_id']);
                 pyroutes.register('edit_user_emails', '/_admin/users/%(user_id)s/edit/emails', ['user_id']);
                 pyroutes.register('edit_user_emails_add', '/_admin/users/%(user_id)s/edit/emails/new', ['user_id']);
                 pyroutes.register('edit_user_emails_delete', '/_admin/users/%(user_id)s/edit/emails/delete', ['user_id']);
                 pyroutes.register('edit_user_ips', '/_admin/users/%(user_id)s/edit/ips', ['user_id']);
                 pyroutes.register('edit_user_ips_add', '/_admin/users/%(user_id)s/edit/ips/new', ['user_id']);
                 pyroutes.register('edit_user_ips_delete', '/_admin/users/%(user_id)s/edit/ips/delete', ['user_id']);
                 pyroutes.register('edit_user_groups_management', '/_admin/users/%(user_id)s/edit/groups_management', ['user_id']);
                 pyroutes.register('edit_user_groups_management_updates', '/_admin/users/%(user_id)s/edit/edit_user_groups_management/updates', ['user_id']);
                 pyroutes.register('edit_user_audit_logs', '/_admin/users/%(user_id)s/edit/audit', ['user_id']);
                 pyroutes.register('channelstream_connect', '/_admin/channelstream/connect', []);
                 pyroutes.register('channelstream_subscribe', '/_admin/channelstream/subscribe', []);
                 pyroutes.register('channelstream_proxy', '/_channelstream', []);
                 pyroutes.register('login', '/_admin/login', []);
                 pyroutes.register('logout', '/_admin/logout', []);
                 pyroutes.register('register', '/_admin/register', []);
                 pyroutes.register('reset_password', '/_admin/password_reset', []);
                 pyroutes.register('reset_password_confirmation', '/_admin/password_reset_confirmation', []);
                 pyroutes.register('home', '/', []);
                 pyroutes.register('user_autocomplete_data', '/_users', []);
                 pyroutes.register('user_group_autocomplete_data', '/_user_groups', []);
                 pyroutes.register('repo_list_data', '/_repos', []);
                 pyroutes.register('goto_switcher_data', '/_goto_data', []);
                 pyroutes.register('repo_summary_explicit', '/%(repo_name)s/summary', ['repo_name']);
                 pyroutes.register('repo_summary_commits', '/%(repo_name)s/summary-commits', ['repo_name']);
                 pyroutes.register('repo_commit', '/%(repo_name)s/changeset/%(commit_id)s', ['repo_name', 'commit_id']);
                 pyroutes.register('repo_refs_data', '/%(repo_name)s/refs-data', ['repo_name']);
                 pyroutes.register('repo_refs_changelog_data', '/%(repo_name)s/refs-data-changelog', ['repo_name']);
                 pyroutes.register('repo_stats', '/%(repo_name)s/repo_stats/%(commit_id)s', ['repo_name', 'commit_id']);
                 pyroutes.register('tags_home', '/%(repo_name)s/tags', ['repo_name']);
                 pyroutes.register('branches_home', '/%(repo_name)s/branches', ['repo_name']);
                 pyroutes.register('bookmarks_home', '/%(repo_name)s/bookmarks', ['repo_name']);
                 pyroutes.register('pullrequest_show', '/%(repo_name)s/pull-request/%(pull_request_id)s', ['repo_name', 'pull_request_id']);
                 pyroutes.register('pullrequest_show_all', '/%(repo_name)s/pull-request', ['repo_name']);
                 pyroutes.register('pullrequest_show_all_data', '/%(repo_name)s/pull-request-data', ['repo_name']);
                 pyroutes.register('edit_repo', '/%(repo_name)s/settings', ['repo_name']);
                 pyroutes.register('edit_repo_advanced', '/%(repo_name)s/settings/advanced', ['repo_name']);
                 pyroutes.register('edit_repo_advanced_delete', '/%(repo_name)s/settings/advanced/delete', ['repo_name']);
                 pyroutes.register('edit_repo_advanced_locking', '/%(repo_name)s/settings/advanced/locking', ['repo_name']);
                 pyroutes.register('edit_repo_advanced_journal', '/%(repo_name)s/settings/advanced/journal', ['repo_name']);
                 pyroutes.register('edit_repo_advanced_fork', '/%(repo_name)s/settings/advanced/fork', ['repo_name']);
                 pyroutes.register('edit_repo_caches', '/%(repo_name)s/settings/caches', ['repo_name']);
                 pyroutes.register('edit_repo_perms', '/%(repo_name)s/settings/permissions', ['repo_name']);
                 pyroutes.register('repo_reviewers', '/%(repo_name)s/settings/review/rules', ['repo_name']);
                 pyroutes.register('repo_default_reviewers_data', '/%(repo_name)s/settings/review/default-reviewers', ['repo_name']);
                 pyroutes.register('repo_maintenance', '/%(repo_name)s/settings/maintenance', ['repo_name']);
                 pyroutes.register('repo_maintenance_execute', '/%(repo_name)s/settings/maintenance/execute', ['repo_name']);
                 pyroutes.register('strip', '/%(repo_name)s/settings/strip', ['repo_name']);
                 pyroutes.register('strip_check', '/%(repo_name)s/settings/strip_check', ['repo_name']);
                 pyroutes.register('strip_execute', '/%(repo_name)s/settings/strip_execute', ['repo_name']);
                 pyroutes.register('repo_summary', '/%(repo_name)s', ['repo_name']);
                 pyroutes.register('repo_summary_slash', '/%(repo_name)s/', ['repo_name']);
                 pyroutes.register('repo_group_home', '/%(repo_group_name)s', ['repo_group_name']);
                 pyroutes.register('repo_group_home_slash', '/%(repo_group_name)s/', ['repo_group_name']);
                 pyroutes.register('search', '/_admin/search', []);
                 pyroutes.register('search_repo', '/%(repo_name)s/search', ['repo_name']);
                 pyroutes.register('user_profile', '/_profiles/%(username)s', ['username']);
                 pyroutes.register('my_account_profile', '/_admin/my_account/profile', []);
                 pyroutes.register('my_account_password', '/_admin/my_account/password', []);
                 pyroutes.register('my_account_password_update', '/_admin/my_account/password', []);
                 pyroutes.register('my_account_auth_tokens', '/_admin/my_account/auth_tokens', []);
                 pyroutes.register('my_account_auth_tokens_add', '/_admin/my_account/auth_tokens/new', []);
                 pyroutes.register('my_account_auth_tokens_delete', '/_admin/my_account/auth_tokens/delete', []);
                 pyroutes.register('my_account_emails', '/_admin/my_account/emails', []);
                 pyroutes.register('my_account_emails_add', '/_admin/my_account/emails/new', []);
                 pyroutes.register('my_account_emails_delete', '/_admin/my_account/emails/delete', []);
                 pyroutes.register('my_account_repos', '/_admin/my_account/repos', []);
                 pyroutes.register('my_account_watched', '/_admin/my_account/watched', []);
                 pyroutes.register('my_account_perms', '/_admin/my_account/perms', []);
                 pyroutes.register('my_account_notifications', '/_admin/my_account/notifications', []);
                 pyroutes.register('my_account_notifications_toggle_visibility', '/_admin/my_account/toggle_visibility', []);
                 pyroutes.register('my_account_notifications_test_channelstream', '/_admin/my_account/test_channelstream', []);
+                pyroutes.register('gists_show', '/_admin/gists', []);
+                pyroutes.register('gists_new', '/_admin/gists/new', []);
+                pyroutes.register('gists_create', '/_admin/gists/create', []);
+                pyroutes.register('gist_show', '/_admin/gists/%(gist_id)s', ['gist_id']);
+                pyroutes.register('gist_delete', '/_admin/gists/%(gist_id)s/delete', ['gist_id']);
+                pyroutes.register('gist_edit', '/_admin/gists/%(gist_id)s/edit', ['gist_id']);
+                pyroutes.register('gist_edit_check_revision', '/_admin/gists/%(gist_id)s/edit/check_revision', ['gist_id']);
+                pyroutes.register('gist_update', '/_admin/gists/%(gist_id)s/update', ['gist_id']);
+                pyroutes.register('gist_show_rev', '/_admin/gists/%(gist_id)s/%(revision)s', ['gist_id', 'revision']);
+                pyroutes.register('gist_show_formatted', '/_admin/gists/%(gist_id)s/%(revision)s/%(format)s', ['gist_id', 'revision', 'format']);
+                pyroutes.register('gist_show_formatted_path', '/_admin/gists/%(gist_id)s/%(revision)s/%(format)s/%(f_path)s', ['gist_id', 'revision', 'format', 'f_path']);
                 pyroutes.register('apiv2', '/_admin/api', []);
             }

rhodecode/templates/admin/gists/edit.mako

0 +7 -4

             ## -*- coding: utf-8 -*-
             <%inherit file="/base/base.mako"/>
             <%def name="title()">
                 ${_('Edit Gist')} &middot; ${c.gist.gist_access_id}
                 %if c.rhodecode_name:
                     &middot; ${h.branding(c.rhodecode_name)}
                 %endif
             </%def>
             <%def name="breadcrumbs_links()">
                 ${_('Edit Gist')} &middot; ${c.gist.gist_access_id}
             </%def>
             <%def name="menu_bar_nav()">
                 ${self.menu_items(active='gists')}
             </%def>
             <%def name="main()">
             <div class="box">
                 <!-- box / title -->
                 <div class="title">
                     ${self.breadcrumbs()}
                 </div>
                 <div class="table">
                     <div id="files_data">
-                      ${h.secure_form(h.url('edit_gist', gist_id=c.gist.gist_access_id), method='post', id='eform')}
+                      ${h.secure_form(h.route_path('gist_update', gist_id=c.gist.gist_access_id), id='eform', method='POST')}
                         <div>
                             <input type="hidden" value="${c.file_last_commit.raw_id}" name="parent_hash">
                             <textarea id="description" name="description"
                                       placeholder="${_('Gist description ...')}">${c.gist.gist_description}</textarea>
                             <div>
                                 <span class="gist-gravatar">
                                   ${self.gravatar(h.email_or_none(c.rhodecode_user.full_contact), 30)}
                                 </span>
                                 <label for='lifetime'>${_('Gist lifetime')}</label>
                                 ${h.dropdownmenu('lifetime', '0', c.lifetime_options)}
                                 <label for='gist_acl_level'>${_('Gist access level')}</label>
                                 ${h.dropdownmenu('gist_acl_level', c.gist.acl_level, c.acl_options)}
                             </div>
                         </div>
                         ## peppercorn schema
                         <input type="hidden" name="__start__" value="nodes:sequence"/>
                         % for cnt, file in enumerate(c.files):
                             <input type="hidden" name="__start__" value="file:mapping"/>
                             <div id="codeblock" class="codeblock" >
                               <div class="code-header">
                                 <div class="form">
                                   <div class="fields">
                                     <input type="hidden" name="filename_org" value="${file.path}" >
                                     <input id="filename_${h.FID('f',file.path)}" name="filename" size="30" type="text" value="${file.path}">
                                       ${h.dropdownmenu('mimetype' ,'plain',[('plain',_('plain'))],enable_filter=True, id='mimetype_'+h.FID('f',file.path))}
                                   </div>
                                 </div>
                               </div>
                               <div class="editor_container">
                                   <pre id="editor_pre"></pre>
                                   <textarea id="editor_${h.FID('f',file.path)}" name="content" >${file.content}</textarea>
                               </div>
                             </div>
                             <input type="hidden" name="__end__" />
                             ## dynamic edit box.
                             <script type="text/javascript">
                             $(document).ready(function(){
                                 var myCodeMirror = initCodeMirror(
                                         "editor_${h.FID('f',file.path)}", '');
                                 var modes_select = $("#mimetype_${h.FID('f',file.path)}");
                                 fillCodeMirrorOptions(modes_select);
                                 // try to detect the mode based on the file we edit
                                 var mimetype = "${file.mimetype}";
                                 var detected_mode = detectCodeMirrorMode(
                                         "${file.path}", mimetype);
                                 if(detected_mode){
                                     $(modes_select).select2("val", mimetype);
                                     $(modes_select).change();
                                     setCodeMirrorMode(myCodeMirror, detected_mode);
                                 }
                                 var filename_selector = "#filename_${h.FID('f',file.path)}";
                                 // on change of select field set mode
                                 setCodeMirrorModeFromSelect(
                                         modes_select, filename_selector, myCodeMirror, null);
                                 // on entering the new filename set mode, from given extension
                                 setCodeMirrorModeFromInput(
                                     modes_select, filename_selector, myCodeMirror, null);
                             });
                             </script>
                         %endfor
                         <input type="hidden" name="__end__" />
                         <div class="pull-right">
                         ${h.submit('update',_('Update Gist'),class_="btn btn-success")}
-                        <a class="btn" href="${h.url('gist', gist_id=c.gist.gist_access_id)}">${_('Cancel')}</a>
+                        <a class="btn" href="${h.route_path('gist_show', gist_id=c.gist.gist_access_id)}">${_('Cancel')}</a>
                         </div>
                       ${h.end_form()}
                     </div>
                 </div>
             </div>
             <script>
               $('#update').on('click', function(e){
                   e.preventDefault();
+                  $(this).val('Updating...');
+                  $(this).attr('disabled', 'disabled');
                   // check for newer version.
                   $.ajax({
-                    url: "${h.url('edit_gist_check_revision', gist_id=c.gist.gist_access_id)}",
+                    url: "${h.route_path('gist_edit_check_revision', gist_id=c.gist.gist_access_id)}",
                     data: {
                         'revision': '${c.file_last_commit.raw_id}'
                     },
                     dataType: 'json',
                     type: 'GET',
                     success: function(data) {
                       if(data.success === false){
                         message = '${h.literal(_('Gist was updated since you started editing. Copy your changes and click %(here)s to reload the new version.')
-                          % {'here': h.link_to('here',h.url('edit_gist', gist_id=c.gist.gist_access_id))})}'
+                          % {'here': h.link_to('here', h.route_path('gist_edit', gist_id=c.gist.gist_access_id))})}'
                         alertMessage = [{"message": {
                           "message": message, "force": "true", "level": "warning"}}];
                         $.Topic('/notifications').publish(alertMessage[0]);
                       }
                       else{
                         $('#eform').submit();
                       }
                     }
                   });
               })
             </script>
             </%def>

rhodecode/templates/admin/gists/index.mako

0 +6 -6

             ## -*- coding: utf-8 -*-
             <%inherit file="/base/base.mako"/>
             <%def name="title()">
                 %if c.show_private:
                     ${_('Private Gists for user %s') % c.rhodecode_user.username}
                 %elif c.show_public:
                     ${_('Public Gists for user %s') % c.rhodecode_user.username}
                 %else:
                     ${_('Public Gists')}
                 %endif
                 %if c.rhodecode_name:
                     &middot; ${h.branding(c.rhodecode_name)}
                 %endif
             </%def>
             <%def name="breadcrumbs_links()">
                 <input class="q_filter_box" id="q_filter" size="15" type="text" name="filter" placeholder="${_('quick filter...')}" value=""/>
                 %if c.show_private and not c.show_public:
                     ${_('Private Gists for user %s') % c.rhodecode_user.username}
                 %elif c.show_public and not c.show_private:
                     ${_('Public Gists for user %s') % c.rhodecode_user.username}
                 %elif c.show_public and c.show_private:
                     ${_('All Gists for user %s') % c.rhodecode_user.username}
                 %else:
                     ${_('All Public Gists')}
                 %endif
                 -  <span id="gists_count">0</span>
             </%def>
             <%def name="menu_bar_nav()">
                 ${self.menu_items(active='gists')}
             </%def>
             <%def name="main()">
             <div class="box">
               <div class="title">
                   ${self.breadcrumbs(class_="breadcrumbs block-left")}
                   %if c.rhodecode_user.username != h.DEFAULT_USER:
                   <ul class="links block-right">
                     <li>
-                       <a href="${h.url('new_gist')}" class="btn btn-primary">${_(u'Create New Gist')}</a>
+                       <a href="${h.route_path('gists_new')}" class="btn btn-primary">${_(u'Create New Gist')}</a>
                     </li>
                   </ul>
                   %endif
               </div>
               <div class="sidebar-col-wrapper scw-small">
                 ##main
                 <div class="sidebar">
                     <ul class="nav nav-pills nav-stacked">
                       % if h.HasPermissionAll('hg.admin')('access admin gists page'):
-                        <li class="${'active' if c.active=='all' else ''}"><a href="${h.url('gists', all=1)}">${_('All gists')}</a></li>
+                        <li class="${'active' if c.active=='all' else ''}"><a href="${h.route_path('gists_show', _query={'all': 1})}">${_('All gists')}</a></li>
                       %endif
-                      <li class="${'active' if c.active=='public' else ''}"><a href="${h.url('gists')}">${_('All public')}</a></li>
+                      <li class="${'active' if c.active=='public' else ''}"><a href="${h.route_path('gists_show')}">${_('All public')}</a></li>
                       %if c.rhodecode_user.username != h.DEFAULT_USER:
-                        <li class="${'active' if c.active=='my_all' else ''}"><a href="${h.url('gists', public=1, private=1)}">${_('My gists')}</a></li>
+                        <li class="${'active' if c.active=='my_all' else ''}"><a href="${h.route_path('gists_show', _query={'public':1, 'private': 1})}">${_('My gists')}</a></li>
-                        <li class="${'active' if c.active=='my_private' else ''}"><a href="${h.url('gists', private=1)}">${_('My private')}</a></li>
+                        <li class="${'active' if c.active=='my_private' else ''}"><a href="${h.route_path('gists_show', _query={'private': 1})}">${_('My private')}</a></li>
-                        <li class="${'active' if c.active=='my_public' else ''}"><a href="${h.url('gists', public=1)}">${_('My public')}</a></li>
+                        <li class="${'active' if c.active=='my_public' else ''}"><a href="${h.route_path('gists_show', _query={'public': 1})}">${_('My public')}</a></li>
                       %endif
                     </ul>
                 </div>
                 <div class="main-content">
                     <div id="repos_list_wrap">
                         <table id="gist_list_table" class="display"></table>
                     </div>
                 </div>
               </div>
             </div>
             <script>
             $(document).ready(function() {
                 var get_datatable_count = function(){
                   var api = $('#gist_list_table').dataTable().api();
                   $('#gists_count').text(api.page.info().recordsDisplay);
                 };
                 // custom filter that filters by access_id, description or author
                 $.fn.dataTable.ext.search.push(
                     function( settings, data, dataIndex ) {
                         var query = $('#q_filter').val();
                         var author = data[0].strip();
                         var access_id = data[2].strip();
                         var description = data[3].strip();
                         var query_str = (access_id + " " + author + " " + description).toLowerCase();
                         if(query_str.indexOf(query.toLowerCase()) !== -1){
                             return true;
                         }
                         return false;
                     }
                 );
                 // gists list
                 $('#gist_list_table').DataTable({
                   data: ${c.data|n},
                   dom: 'rtp',
                   pageLength: ${c.visual.dashboard_items},
                   order: [[ 4, "desc" ]],
                   columns: [
                      { data: {"_": "author",
                               "sort": "author_raw"}, title: "${_("Author")}", width: "250px", className: "td-user" },
                      { data: {"_": "type",
                               "sort": "type"}, title: "${_("Type")}", width: "70px", className: "td-tags" },
                      { data: {"_": "access_id",
                               "sort": "access_id"}, title: "${_("Name")}", width:"150px", className: "td-componentname" },
                      { data: {"_": "description",
                               "sort": "description"}, title: "${_("Description")}", width: "250px", className: "td-description" },
                      { data: {"_": "created_on",
                               "sort": "created_on_raw"}, title: "${_("Created on")}", className: "td-time" },
                      { data: {"_": "expires",
                               "sort": "expires"}, title: "${_("Expires")}", className: "td-exp" }
                   ],
                   language: {
                       paginate: DEFAULT_GRID_PAGINATION,
                       emptyTable: _gettext("No gists available yet.")
                   },
                   "initComplete": function( settings, json ) {
                       timeagoActivate();
                       get_datatable_count();
                   }
                 });
                 // update the counter when things change
                 $('#gist_list_table').on('draw.dt', function() {
                     timeagoActivate();
                     get_datatable_count();
                 });
                 // filter, filter both grids
                 $('#q_filter').on( 'keyup', function () {
                   var repo_api = $('#gist_list_table').dataTable().api();
                   repo_api
                     .draw();
                 });
                 // refilter table if page load via back button
                 $("#q_filter").trigger('keyup');
               });
             </script>
             </%def>

rhodecode/templates/admin/gists/new.mako

0 +1 -1

             ## -*- coding: utf-8 -*-
             <%inherit file="/base/base.mako"/>
             <%def name="title()">
                 ${_('New Gist')}
                 %if c.rhodecode_name:
                     &middot; ${h.branding(c.rhodecode_name)}
                 %endif
             </%def>
             <%def name="breadcrumbs_links()">
                 ${_('New Gist')}
             </%def>
             <%def name="menu_bar_nav()">
                 ${self.menu_items(active='gists')}
             </%def>
             <%def name="main()">
             <div class="box">
                 <!-- box / title -->
                 <div class="title">
                     ${self.breadcrumbs()}
                 </div>
                 <div class="table">
                     <div id="files_data">
-                      ${h.secure_form(h.url('gists'), method='post',id='eform')}
+                      ${h.secure_form(h.route_path('gists_create'), id='eform', method='POST')}
                         <div>
                             <textarea id="description" name="description" placeholder="${_('Gist description ...')}"></textarea>
                             <span class="gist-gravatar">
                                 ${self.gravatar(c.rhodecode_user.email, 30)}
                             </span>
                              <label for='gistid'>${_('Gist id')}</label>
                              ${h.text('gistid', placeholder=_('Auto generated'))}
                              <label for='lifetime'>${_('Gist lifetime')}</label>
                              ${h.dropdownmenu('lifetime', '', c.lifetime_options)}
                              <label for='acl_level'>${_('Gist access level')}</label>
                              ${h.dropdownmenu('gist_acl_level', '', c.acl_options)}
                         </div>
                         <div id="codeblock" class="codeblock">
                             <div class="code-header">
                                 <div class="form">
                                     <div class="fields">
                                         ${h.text('filename', size=30, placeholder=_('name this file...'))}
                                         ${h.dropdownmenu('mimetype','plain',[('plain',_('plain'))],enable_filter=True)}
                                     </div>
                                 </div>
                             </div>
                             <div id="editor_container">
                                 <div id="editor_pre"></div>
                                 <textarea id="editor" name="content" ></textarea>
                             </div>
                         </div>
                         <div class="pull-right">
                         ${h.submit('private',_('Create Private Gist'),class_="btn")}
                         ${h.submit('public',_('Create Public Gist'),class_="btn")}
                         ${h.reset('reset',_('Reset'),class_="btn")}
                         </div>
                         ${h.end_form()}
                     </div>
                 </div>
             </div>
             <script type="text/javascript">
                 var myCodeMirror = initCodeMirror('editor', '');
                 var modes_select = $('#mimetype');
                 fillCodeMirrorOptions(modes_select);
                 var filename_selector = '#filename';
                 // on change of select field set mode
                 setCodeMirrorModeFromSelect(
                         modes_select, filename_selector, myCodeMirror, null);
                 // on entering the new filename set mode, from given extension
                 setCodeMirrorModeFromInput(
                     modes_select, filename_selector, myCodeMirror, null);
             </script>
             </%def>

rhodecode/templates/admin/gists/show.mako

0 +11 -9

             ## -*- coding: utf-8 -*-
             <%inherit file="/base/base.mako"/>
             <%def name="robots()">
                 %if c.gist.gist_type != 'public':
                   <meta name="robots" content="noindex, nofollow">
                 %else:
                   ${parent.robots()}
                 %endif
             </%def>
             <%def name="title()">
                 ${_('Gist')} &middot; ${c.gist.gist_access_id}
                 %if c.rhodecode_name:
                     &middot; ${h.branding(c.rhodecode_name)}
                 %endif
             </%def>
             <%def name="breadcrumbs_links()">
                 ${_('Gist')} &middot; ${c.gist.gist_access_id}
-                / ${_('URL')}: ${c.gist.gist_url()}
             </%def>
             <%def name="menu_bar_nav()">
                 ${self.menu_items(active='gists')}
             </%def>
             <%def name="main()">
             <div class="box">
                 <!-- box / title -->
                 <div class="title">
                     ${self.breadcrumbs()}
                     %if c.rhodecode_user.username != h.DEFAULT_USER:
                     <ul class="links">
                       <li>
-                          <a href="${h.url('new_gist')}" class="btn btn-primary">${_(u'Create New Gist')}</a>
+                          <a href="${h.route_path('gists_new')}" class="btn btn-primary">${_(u'Create New Gist')}</a>
                       </li>
                     </ul>
                     %endif
                 </div>
+                <code>${c.gist.gist_url()}</code>
                 <div class="table">
                     <div id="files_data">
                         <div id="codeblock" class="codeblock">
                             <div class="code-header">
                                 <div class="stats">
                                    %if h.HasPermissionAny('hg.admin')() or c.gist.gist_owner == c.rhodecode_user.user_id:
                                     <div class="remove_gist">
-                                        ${h.secure_form(url('gist', gist_id=c.gist.gist_access_id),method='delete')}
+                                        ${h.secure_form(h.route_path('gist_delete', gist_id=c.gist.gist_access_id), method='POST')}
                                             ${h.submit('remove_gist', _('Delete'),class_="btn btn-mini btn-danger",onclick="return confirm('"+_('Confirm to delete this Gist')+"');")}
                                         ${h.end_form()}
                                     </div>
                                    %endif
                                     <div class="buttons">
                                       ## only owner should see that
                                       %if h.HasPermissionAny('hg.admin')() or c.gist.gist_owner == c.rhodecode_user.user_id:
-                                        ${h.link_to(_('Edit'),h.url('edit_gist', gist_id=c.gist.gist_access_id),class_="btn btn-mini")}
+                                        ${h.link_to(_('Edit'), h.route_path('gist_edit', gist_id=c.gist.gist_access_id), class_="btn btn-mini")}
                                       %endif
-                                      ${h.link_to(_('Show as Raw'),h.url('formatted_gist', gist_id=c.gist.gist_access_id, format='raw'),class_="btn btn-mini")}
+                                      ${h.link_to(_('Show as Raw'), h.route_path('gist_show_formatted', gist_id=c.gist.gist_access_id, revision='tip', format='raw'), class_="btn btn-mini")}
                                     </div>
                                     <div class="left" >
                                       %if c.gist.gist_type != 'public':
                                         <span class="tag tag-ok disabled">${_('Private Gist')}</span>
                                       %endif
                                       <span> ${c.gist.gist_description}</span>
                                        <span>${_('Expires')}:
                                        %if c.gist.gist_expires == -1:
                                          ${_('never')}
                                        %else:
                                           ${h.age_component(h.time_to_utcdatetime(c.gist.gist_expires))}
                                       %endif
                                       </span>
                                    </div>
                                 </div>
                                 <div class="author">
                                     <div title="${h.tooltip(c.file_last_commit.author)}">
                                       ${self.gravatar_with_user(c.file_last_commit.author, 16)} - ${_('created')} ${h.age_component(c.file_last_commit.date)}
                                     </div>
                                 </div>
-                                <div class="commit">${h.urlify_commit_message(c.file_last_commit.message,c.repo_name)}</div>
+                                <div class="commit">${h.urlify_commit_message(c.file_last_commit.message, None)}</div>
                             </div>
                            ## iterate over the files
                            % for file in c.files:
                             <% renderer = c.render and h.renderer_from_filename(file.path, exclude=['.txt', '.TXT'])%>
-            <!--                 <div id="${h.FID('G', file.path)}" class="stats" >
+                            <!--
+                            <div id="${h.FID('G', file.path)}" class="stats" >
                                 <a href="${c.gist.gist_url()}">¶</a>
                                 <b >${file.path}</b>
                                 <div>
-                                   ${h.link_to(_('Show as raw'),h.url('formatted_gist_file', gist_id=c.gist.gist_access_id, format='raw', revision=file.commit.raw_id, f_path=file.path),class_="btn btn-mini")}
+                                   ${h.link_to(_('Show as raw'), h.route_path('gist_show_formatted_path', gist_id=c.gist.gist_access_id, revision=file.commit.raw_id, format='raw', f_path=file.path), class_="btn btn-mini")}
                                 </div>
-                            </div> -->
+                            </div>
+                            -->
                             <div class="code-body textarea text-area editor">
                                 %if renderer:
                                     ${h.render(file.content, renderer=renderer)}
                                 %else:
                                     ${h.pygmentize(file,linenos=True,anchorlinenos=True,lineanchors='L',cssclass="code-highlight")}
                                 %endif
                             </div>
                            %endfor
                         </div>
                     </div>
                 </div>
             </div>
             </%def>

rhodecode/templates/base/base.mako

0 +1 -1

             ## -*- coding: utf-8 -*-
             <%inherit file="root.mako"/>
             <div class="outerwrapper">
               <!-- HEADER -->
               <div class="header">
                   <div id="header-inner" class="wrapper">
                       <div id="logo">
                           <div class="logo-wrapper">
                               <a href="${h.route_path('home')}"><img src="${h.asset('images/rhodecode-logo-white-216x60.png')}" alt="RhodeCode"/></a>
                           </div>
                           %if c.rhodecode_name:
                            <div class="branding">- ${h.branding(c.rhodecode_name)}</div>
                           %endif
                       </div>
                       <!-- MENU BAR NAV -->
                       ${self.menu_bar_nav()}
                       <!-- END MENU BAR NAV -->
                   </div>
               </div>
               ${self.menu_bar_subnav()}
               <!-- END HEADER -->
               <!-- CONTENT -->
               <div id="content" class="wrapper">
                   <rhodecode-toast id="notifications"></rhodecode-toast>
                   <div class="main">
                       ${next.main()}
                   </div>
               </div>
               <!-- END CONTENT -->
             </div>
             <!-- FOOTER -->
             <div id="footer">
                <div id="footer-inner" class="title wrapper">
                    <div>
                        <p class="footer-link-right">
                            % if c.visual.show_version:
                                RhodeCode Enterprise ${c.rhodecode_version} ${c.rhodecode_edition}
                            % endif
                            &copy; 2010-${h.datetime.today().year}, <a href="${h.route_url('rhodecode_official')}" target="_blank">RhodeCode GmbH</a>. All rights reserved.
                            % if c.visual.rhodecode_support_url:
                               <a href="${c.visual.rhodecode_support_url}" target="_blank">${_('Support')}</a>
                            % endif
                        </p>
                        <% sid = 'block' if request.GET.get('showrcid') else 'none' %>
                        <p class="server-instance" style="display:${sid}">
                            ## display hidden instance ID if specially defined
                            % if c.rhodecode_instanceid:
                                ${_('RhodeCode instance id: %s') % c.rhodecode_instanceid}
                            % endif
                        </p>
                    </div>
                </div>
             </div>
             <!-- END FOOTER -->
             ### MAKO DEFS ###
             <%def name="menu_bar_subnav()">
             </%def>
             <%def name="breadcrumbs(class_='breadcrumbs')">
                 <div class="${class_}">
                 ${self.breadcrumbs_links()}
                 </div>
             </%def>
             <%def name="admin_menu()">
               <ul class="admin_menu submenu">
                   <li><a href="${h.route_path('admin_audit_logs')}">${_('Admin audit logs')}</a></li>
                   <li><a href="${h.url('repos')}">${_('Repositories')}</a></li>
                   <li><a href="${h.url('repo_groups')}">${_('Repository groups')}</a></li>
                   <li><a href="${h.route_path('users')}">${_('Users')}</a></li>
                   <li><a href="${h.url('users_groups')}">${_('User groups')}</a></li>
                   <li><a href="${h.url('admin_permissions_application')}">${_('Permissions')}</a></li>
                   <li><a href="${h.route_path('auth_home', traverse='')}">${_('Authentication')}</a></li>
                   <li><a href="${h.route_path('global_integrations_home')}">${_('Integrations')}</a></li>
                   <li><a href="${h.url('admin_defaults_repositories')}">${_('Defaults')}</a></li>
                   <li class="last"><a href="${h.url('admin_settings')}">${_('Settings')}</a></li>
               </ul>
             </%def>
             <%def name="dt_info_panel(elements)">
                 <dl class="dl-horizontal">
                 %for dt, dd, title, show_items in elements:
                   <dt>${dt}:</dt>
                   <dd title="${h.tooltip(title)}">
                   %if callable(dd):
                       ## allow lazy evaluation of elements
                       ${dd()}
                   %else:
                       ${dd}
                   %endif
                   %if show_items:
                       <span class="btn-collapse" data-toggle="item-${h.md5_safe(dt)[:6]}-details">${_('Show More')} </span>
                   %endif
                   </dd>
                   %if show_items:
                       <div class="collapsable-content" data-toggle="item-${h.md5_safe(dt)[:6]}-details" style="display: none">
                       %for item in show_items:
                           <dt></dt>
                           <dd>${item}</dd>
                       %endfor
                       </div>
                   %endif
                 %endfor
                 </dl>
             </%def>
             <%def name="gravatar(email, size=16)">
               <%
                 if (size > 16):
                     gravatar_class = 'gravatar gravatar-large'
                 else:
                     gravatar_class = 'gravatar'
               %>
               <%doc>
                 TODO: johbo: For now we serve double size images to make it smooth
                 for retina. This is how it worked until now. Should be replaced
                 with a better solution at some point.
               </%doc>
               <img class="${gravatar_class}" src="${h.gravatar_url(email, size * 2)}" height="${size}" width="${size}">
             </%def>
             <%def name="gravatar_with_user(contact, size=16, show_disabled=False)">
               <% email = h.email_or_none(contact) %>
               <div class="rc-user tooltip" title="${h.tooltip(h.author_string(email))}">
                 ${self.gravatar(email, size)}
                 <span class="${'user user-disabled' if show_disabled else 'user'}"> ${h.link_to_user(contact)}</span>
               </div>
             </%def>
             ## admin menu used for people that have some admin resources
             <%def name="admin_menu_simple(repositories=None, repository_groups=None, user_groups=None)">
               <ul class="submenu">
                %if repositories:
                   <li class="local-admin-repos"><a href="${h.url('repos')}">${_('Repositories')}</a></li>
                %endif
                %if repository_groups:
                   <li class="local-admin-repo-groups"><a href="${h.url('repo_groups')}">${_('Repository groups')}</a></li>
                %endif
                %if user_groups:
                   <li class="local-admin-user-groups"><a href="${h.url('users_groups')}">${_('User groups')}</a></li>
                %endif
               </ul>
             </%def>
             <%def name="repo_page_title(repo_instance)">
             <div class="title-content">
                 <div class="title-main">
                     ## SVN/HG/GIT icons
                     %if h.is_hg(repo_instance):
                         <i class="icon-hg"></i>
                     %endif
                     %if h.is_git(repo_instance):
                         <i class="icon-git"></i>
                     %endif
                     %if h.is_svn(repo_instance):
                         <i class="icon-svn"></i>
                     %endif
                     ## public/private
                     %if repo_instance.private:
                         <i class="icon-repo-private"></i>
                     %else:
                         <i class="icon-repo-public"></i>
                     %endif
                     ## repo name with group name
                     ${h.breadcrumb_repo_link(c.rhodecode_db_repo)}
                 </div>
                 ## FORKED
                 %if repo_instance.fork:
                 <p>
                     <i class="icon-code-fork"></i> ${_('Fork of')}
                     <a href="${h.route_path('repo_summary',repo_name=repo_instance.fork.repo_name)}">${repo_instance.fork.repo_name}</a>
                 </p>
                 %endif
                 ## IMPORTED FROM REMOTE
                 %if repo_instance.clone_uri:
                 <p>
                    <i class="icon-code-fork"></i> ${_('Clone from')}
                    <a href="${h.url(h.safe_str(h.hide_credentials(repo_instance.clone_uri)))}">${h.hide_credentials(repo_instance.clone_uri)}</a>
                 </p>
                 %endif
                 ## LOCKING STATUS
                  %if repo_instance.locked[0]:
                    <p class="locking_locked">
                        <i class="icon-repo-lock"></i>
                        ${_('Repository locked by %(user)s') % {'user': h.person_by_id(repo_instance.locked[0])}}
                    </p>
                  %elif repo_instance.enable_locking:
                      <p class="locking_unlocked">
                          <i class="icon-repo-unlock"></i>
                          ${_('Repository not locked. Pull repository to lock it.')}
                      </p>
                  %endif
             </div>
             </%def>
             <%def name="repo_menu(active=None)">
                 <%
                 def is_active(selected):
                     if selected == active:
                         return "active"
                 %>
               <!--- CONTEXT BAR -->
               <div id="context-bar">
                 <div class="wrapper">
                   <ul id="context-pages" class="horizontal-list navigation">
                     <li class="${is_active('summary')}"><a class="menulink" href="${h.route_path('repo_summary', repo_name=c.repo_name)}"><div class="menulabel">${_('Summary')}</div></a></li>
                     <li class="${is_active('changelog')}"><a class="menulink" href="${h.url('changelog_home', repo_name=c.repo_name)}"><div class="menulabel">${_('Changelog')}</div></a></li>
                     <li class="${is_active('files')}"><a class="menulink" href="${h.url('files_home', repo_name=c.repo_name, revision=c.rhodecode_db_repo.landing_rev[1])}"><div class="menulabel">${_('Files')}</div></a></li>
                     <li class="${is_active('compare')}">
                         <a class="menulink" href="${h.url('compare_home',repo_name=c.repo_name)}"><div class="menulabel">${_('Compare')}</div></a>
                     </li>
                     ## TODO: anderson: ideally it would have a function on the scm_instance "enable_pullrequest() and enable_fork()"
                     %if c.rhodecode_db_repo.repo_type in ['git','hg']:
                       <li class="${is_active('showpullrequest')}">
                         <a class="menulink" href="${h.route_path('pullrequest_show_all', repo_name=c.repo_name)}" title="${h.tooltip(_('Show Pull Requests for %s') % c.repo_name)}">
                           %if c.repository_pull_requests:
                             <span class="pr_notifications">${c.repository_pull_requests}</span>
                           %endif
                           <div class="menulabel">${_('Pull Requests')}</div>
                         </a>
                       </li>
                     %endif
                     <li class="${is_active('options')}">
                       <a class="menulink dropdown">
                           <div class="menulabel">${_('Options')} <div class="show_more"></div></div>
                       </a>
                       <ul class="submenu">
                          %if h.HasRepoPermissionAll('repository.admin')(c.repo_name):
                                <li><a href="${h.route_path('edit_repo',repo_name=c.repo_name)}">${_('Settings')}</a></li>
                          %endif
                           %if c.rhodecode_db_repo.fork:
                            <li><a href="${h.url('compare_url',repo_name=c.rhodecode_db_repo.fork.repo_name,source_ref_type=c.rhodecode_db_repo.landing_rev[0],source_ref=c.rhodecode_db_repo.landing_rev[1], target_repo=c.repo_name,target_ref_type='branch' if request.GET.get('branch') else c.rhodecode_db_repo.landing_rev[0],target_ref=request.GET.get('branch') or c.rhodecode_db_repo.landing_rev[1], merge=1)}">
                                ${_('Compare fork')}</a></li>
                           %endif
                           <li><a href="${h.route_path('search_repo',repo_name=c.repo_name)}">${_('Search')}</a></li>
                           %if h.HasRepoPermissionAny('repository.write','repository.admin')(c.repo_name) and c.rhodecode_db_repo.enable_locking:
                             %if c.rhodecode_db_repo.locked[0]:
                               <li><a class="locking_del" href="${h.url('toggle_locking',repo_name=c.repo_name)}">${_('Unlock')}</a></li>
                             %else:
                               <li><a class="locking_add" href="${h.url('toggle_locking',repo_name=c.repo_name)}">${_('Lock')}</a></li>
                             %endif
                           %endif
                           %if c.rhodecode_user.username != h.DEFAULT_USER:
                             %if c.rhodecode_db_repo.repo_type in ['git','hg']:
                               <li><a href="${h.url('repo_fork_home',repo_name=c.repo_name)}">${_('Fork')}</a></li>
                               <li><a href="${h.url('pullrequest_home',repo_name=c.repo_name)}">${_('Create Pull Request')}</a></li>
                             %endif
                           %endif
                          </ul>
                     </li>
                   </ul>
                 </div>
                 <div class="clear"></div>
               </div>
               <!--- END CONTEXT BAR -->
             </%def>
             <%def name="usermenu(active=False)">
                 ## USER MENU
                 <li id="quick_login_li" class="${'active' if active else ''}">
                   <a id="quick_login_link" class="menulink childs">
                     ${gravatar(c.rhodecode_user.email, 20)}
                     <span class="user">
                       %if c.rhodecode_user.username != h.DEFAULT_USER:
                         <span class="menu_link_user">${c.rhodecode_user.username}</span><div class="show_more"></div>
                       %else:
                         <span>${_('Sign in')}</span>
                       %endif
                     </span>
                   </a>
               <div class="user-menu submenu">
                   <div id="quick_login">
                     %if c.rhodecode_user.username == h.DEFAULT_USER:
                         <h4>${_('Sign in to your account')}</h4>
                         ${h.form(h.route_path('login', _query={'came_from': h.url.current()}), needs_csrf_token=False)}
                         <div class="form form-vertical">
                             <div class="fields">
                                 <div class="field">
                                     <div class="label">
                                         <label for="username">${_('Username')}:</label>
                                     </div>
                                     <div class="input">
                                         ${h.text('username',class_='focus',tabindex=1)}
                                     </div>
                                 </div>
                                 <div class="field">
                                     <div class="label">
                                         <label for="password">${_('Password')}:</label>
                                         %if h.HasPermissionAny('hg.password_reset.enabled')():
                                           <span class="forgot_password">${h.link_to(_('(Forgot password?)'),h.route_path('reset_password'), class_='pwd_reset')}</span>
                                         %endif
                                     </div>
                                     <div class="input">
                                         ${h.password('password',class_='focus',tabindex=2)}
                                     </div>
                                 </div>
                                 <div class="buttons">
                                     <div class="register">
                                     %if h.HasPermissionAny('hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')():
                                      ${h.link_to(_("Don't have an account?"),h.route_path('register'))} <br/>
                                     %endif
                                     ${h.link_to(_("Using external auth? Sign In here."),h.route_path('login'))}
                                     </div>
                                     <div class="submit">
                                         ${h.submit('sign_in',_('Sign In'),class_="btn btn-small",tabindex=3)}
                                     </div>
                                 </div>
                             </div>
                         </div>
                         ${h.end_form()}
                     %else:
                         <div class="">
                             <div class="big_gravatar">${gravatar(c.rhodecode_user.email, 48)}</div>
                             <div class="full_name">${c.rhodecode_user.full_name_or_username}</div>
                             <div class="email">${c.rhodecode_user.email}</div>
                         </div>
                         <div class="">
                         <ol class="links">
                           <li>${h.link_to(_(u'My account'),h.route_path('my_account_profile'))}</li>
                           % if c.rhodecode_user.personal_repo_group:
                             <li>${h.link_to(_(u'My personal group'), h.route_path('repo_group_home', repo_group_name=c.rhodecode_user.personal_repo_group.group_name))}</li>
                           % endif
                           <li class="logout">
                           ${h.secure_form(h.route_path('logout'))}
                               ${h.submit('log_out', _(u'Sign Out'),class_="btn btn-primary")}
                           ${h.end_form()}
                           </li>
                         </ol>
                         </div>
                     %endif
                   </div>
               </div>
                   %if c.rhodecode_user.username != h.DEFAULT_USER:
                     <div class="pill_container">
                     % if c.unread_notifications == 0:
                       <a class="menu_link_notifications empty" href="${h.url('notifications')}">${c.unread_notifications}</a>
                     % else:
                       <a class="menu_link_notifications" href="${h.url('notifications')}">${c.unread_notifications}</a>
                     % endif
                     </div>
                   % endif
                 </li>
             </%def>
             <%def name="menu_items(active=None)">
                 <%
                 def is_active(selected):
                     if selected == active:
                         return "active"
                     return ""
                 %>
                 <ul id="quick" class="main_nav navigation horizontal-list">
                   <!-- repo switcher -->
                   <li class="${is_active('repositories')} repo_switcher_li has_select2">
                     <input id="repo_switcher" name="repo_switcher" type="hidden">
                   </li>
                   ## ROOT MENU
                   %if c.rhodecode_user.username != h.DEFAULT_USER:
                     <li class="${is_active('journal')}">
                       <a class="menulink" title="${_('Show activity journal')}" href="${h.url('journal')}">
                         <div class="menulabel">${_('Journal')}</div>
                       </a>
                     </li>
                   %else:
                     <li class="${is_active('journal')}">
                       <a class="menulink" title="${_('Show Public activity journal')}" href="${h.url('public_journal')}">
                         <div class="menulabel">${_('Public journal')}</div>
                       </a>
                     </li>
                   %endif
                     <li class="${is_active('gists')}">
-                      <a class="menulink childs" title="${_('Show Gists')}" href="${h.url('gists')}">
+                      <a class="menulink childs" title="${_('Show Gists')}" href="${h.route_path('gists_show')}">
                         <div class="menulabel">${_('Gists')}</div>
                       </a>
                     </li>
                   <li class="${is_active('search')}">
                       <a class="menulink" title="${_('Search in repositories you have access to')}" href="${h.route_path('search')}">
                         <div class="menulabel">${_('Search')}</div>
                       </a>
                   </li>
                   % if h.HasPermissionAll('hg.admin')('access admin main page'):
                     <li class="${is_active('admin')}">
                       <a class="menulink childs" title="${_('Admin settings')}" href="#" onclick="return false;">
                         <div class="menulabel">${_('Admin')} <div class="show_more"></div></div>
                       </a>
                       ${admin_menu()}
                     </li>
                   % elif c.rhodecode_user.repositories_admin or c.rhodecode_user.repository_groups_admin or c.rhodecode_user.user_groups_admin:
                   <li class="${is_active('admin')}">
                       <a class="menulink childs" title="${_('Delegated Admin settings')}">
                         <div class="menulabel">${_('Admin')} <div class="show_more"></div></div>
                       </a>
                       ${admin_menu_simple(c.rhodecode_user.repositories_admin,
                                           c.rhodecode_user.repository_groups_admin,
                                           c.rhodecode_user.user_groups_admin or h.HasPermissionAny('hg.usergroup.create.true')())}
                   </li>
                   % endif
                   % if c.debug_style:
                   <li class="${is_active('debug_style')}">
                       <a class="menulink" title="${_('Style')}" href="${h.url('debug_style_home')}">
                         <div class="menulabel">${_('Style')}</div>
                       </a>
                   </li>
                   % endif
                   ## render extra user menu
                   ${usermenu(active=(active=='my_account'))}
                 </ul>
                 <script type="text/javascript">
                     var visual_show_public_icon = "${c.visual.show_public_icon}" == "True";
                     /*format the look of items in the list*/
                     var format = function(state, escapeMarkup){
                         if (!state.id){
                           return state.text; // optgroup
                         }
                         var obj_dict = state.obj;
                         var tmpl = '';
                         if(obj_dict && state.type == 'repo'){
                             if(obj_dict['repo_type'] === 'hg'){
                                 tmpl += '<i class="icon-hg"></i> ';
                             }
                             else if(obj_dict['repo_type'] === 'git'){
                                 tmpl += '<i class="icon-git"></i> ';
                             }
                             else if(obj_dict['repo_type'] === 'svn'){
                                 tmpl += '<i class="icon-svn"></i> ';
                             }
                             if(obj_dict['private']){
                                 tmpl += '<i class="icon-lock" ></i> ';
                             }
                             else if(visual_show_public_icon){
                                 tmpl += '<i class="icon-unlock-alt"></i> ';
                             }
                         }
                         if(obj_dict && state.type == 'commit') {
                             tmpl += '<i class="icon-tag"></i>';
                         }
                         if(obj_dict && state.type == 'group'){
                             tmpl += '<i class="icon-folder-close"></i> ';
                         }
                         tmpl += escapeMarkup(state.text);
                         return tmpl;
                     };
                     var formatResult = function(result, container, query, escapeMarkup) {
                         return format(result, escapeMarkup);
                     };
                     var formatSelection = function(data, container, escapeMarkup) {
                         return format(data, escapeMarkup);
                     };
                     $("#repo_switcher").select2({
                         cachedDataSource: {},
                         minimumInputLength: 2,
                         placeholder: '<div class="menulabel">${_('Go to')} <div class="show_more"></div></div>',
                         dropdownAutoWidth: true,
                         formatResult: formatResult,
                         formatSelection: formatSelection,
                         containerCssClass: "repo-switcher",
                         dropdownCssClass: "repo-switcher-dropdown",
                         escapeMarkup: function(m){
                             // don't escape our custom placeholder
                             if(m.substr(0,23) == '<div class="menulabel">'){
                                 return m;
                             }
                             return Select2.util.escapeMarkup(m);
                         },
                         query: $.debounce(250, function(query){
                             self = this;
                             var cacheKey = query.term;
                             var cachedData = self.cachedDataSource[cacheKey];
                             if (cachedData) {
                                 query.callback({results: cachedData.results});
                             } else {
                                 $.ajax({
                                     url: pyroutes.url('goto_switcher_data'),
                                     data: {'query': query.term},
                                     dataType: 'json',
                                     type: 'GET',
                                     success: function(data) {
                                         self.cachedDataSource[cacheKey] = data;
                                         query.callback({results: data.results});
                                     },
                                     error: function(data, textStatus, errorThrown) {
                                         alert("Error while fetching entries.\nError code {0} ({1}).".format(data.status, data.statusText));
                                     }
                                 })
                             }
                         })
                     });
                     $("#repo_switcher").on('select2-selecting', function(e){
                         e.preventDefault();
                         window.location = e.choice.url;
                     });
                 </script>
                 <script src="${h.asset('js/rhodecode/base/keyboard-bindings.js', ver=c.rhodecode_version_hash)}"></script>
             </%def>
             <div class="modal" id="help_kb" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
                 <div class="modal-dialog">
                   <div class="modal-content">
                     <div class="modal-header">
                       <button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
                       <h4 class="modal-title" id="myModalLabel">${_('Keyboard shortcuts')}</h4>
                     </div>
                     <div class="modal-body">
                           <div class="block-left">
                             <table class="keyboard-mappings">
                                 <tbody>
                               <tr>
                                 <th></th>
                                 <th>${_('Site-wide shortcuts')}</th>
                               </tr>
                               <%
                                  elems = [
                                      ('/', 'Open quick search box'),
                                      ('g h', 'Goto home page'),
                                      ('g g', 'Goto my private gists page'),
                                      ('g G', 'Goto my public gists page'),
                                      ('n r', 'New repository page'),
                                      ('n g', 'New gist page'),
                                  ]
                               %>
                               %for key, desc in elems:
                               <tr>
                                 <td class="keys">
                                   <span class="key tag">${key}</span>
                                 </td>
                                 <td>${desc}</td>
                               </tr>
                             %endfor
                             </tbody>
                               </table>
                           </div>
                           <div class="block-left">
                             <table class="keyboard-mappings">
                             <tbody>
                               <tr>
                                 <th></th>
                                 <th>${_('Repositories')}</th>
                               </tr>
                               <%
                                  elems = [
                                      ('g s', 'Goto summary page'),
                                      ('g c', 'Goto changelog page'),
                                      ('g f', 'Goto files page'),
                                      ('g F', 'Goto files page with file search activated'),
                                      ('g p', 'Goto pull requests page'),
                                      ('g o', 'Goto repository settings'),
                                      ('g O', 'Goto repository permissions settings'),
                                  ]
                               %>
                               %for key, desc in elems:
                               <tr>
                                 <td class="keys">
                                   <span class="key tag">${key}</span>
                                 </td>
                                 <td>${desc}</td>
                               </tr>
                             %endfor
                             </tbody>
                           </table>
                         </div>
                     </div>
                     <div class="modal-footer">
                     </div>
                   </div><!-- /.modal-content -->
                 </div><!-- /.modal-dialog -->
             </div><!-- /.modal -->

rhodecode/templates/data_table/_dt_elements.mako

0 +1 -1

             ## DATA TABLE RE USABLE ELEMENTS
             ## usage:
             ## <%namespace name="dt" file="/data_table/_dt_elements.mako"/>
             <%namespace name="base" file="/base/base.mako"/>
             ## REPOSITORY RENDERERS
             <%def name="quick_menu(repo_name)">
               <i class="pointer icon-more"></i>
               <div class="menu_items_container hidden">
                 <ul class="menu_items">
                   <li>
                      <a title="${_('Summary')}" href="${h.route_path('repo_summary',repo_name=repo_name)}">
                      <span>${_('Summary')}</span>
                      </a>
                   </li>
                   <li>
                      <a title="${_('Changelog')}" href="${h.url('changelog_home',repo_name=repo_name)}">
                      <span>${_('Changelog')}</span>
                      </a>
                   </li>
                   <li>
                      <a title="${_('Files')}" href="${h.url('files_home',repo_name=repo_name)}">
                      <span>${_('Files')}</span>
                      </a>
                   </li>
                   <li>
                      <a title="${_('Fork')}" href="${h.url('repo_fork_home',repo_name=repo_name)}">
                      <span>${_('Fork')}</span>
                      </a>
                   </li>
                 </ul>
               </div>
             </%def>
             <%def name="repo_name(name,rtype,rstate,private,fork_of,short_name=False,admin=False)">
                 <%
                 def get_name(name,short_name=short_name):
                   if short_name:
                     return name.split('/')[-1]
                   else:
                     return name
                 %>
               <div class="${'repo_state_pending' if rstate == 'repo_state_pending' else ''} truncate">
                 ##NAME
                 <a href="${h.route_path('edit_repo',repo_name=name) if admin else h.route_path('repo_summary',repo_name=name)}">
                 ##TYPE OF REPO
                 %if h.is_hg(rtype):
                     <span title="${_('Mercurial repository')}"><i class="icon-hg"></i></span>
                 %elif h.is_git(rtype):
                     <span title="${_('Git repository')}"><i class="icon-git"></i></span>
                 %elif h.is_svn(rtype):
                     <span title="${_('Subversion repository')}"><i class="icon-svn"></i></span>
                 %endif
                 ##PRIVATE/PUBLIC
                 %if private and c.visual.show_private_icon:
                   <i class="icon-lock" title="${_('Private repository')}"></i>
                 %elif not private and c.visual.show_public_icon:
                   <i class="icon-unlock-alt" title="${_('Public repository')}"></i>
                 %else:
                   <span></span>
                 %endif
                 ${get_name(name)}
                 </a>
                 %if fork_of:
                   <a href="${h.route_path('repo_summary',repo_name=fork_of.repo_name)}"><i class="icon-code-fork"></i></a>
                 %endif
                 %if rstate == 'repo_state_pending':
                   <i class="icon-cogs" title="${_('Repository creating in progress...')}"></i>
                 %endif
               </div>
             </%def>
             <%def name="repo_desc(description)">
                 <div class="truncate-wrap">${description}</div>
             </%def>
             <%def name="last_change(last_change)">
                 ${h.age_component(last_change)}
             </%def>
             <%def name="revision(name,rev,tip,author,last_msg)">
               <div>
               %if rev >= 0:
                   <code><a title="${h.tooltip('%s:\n\n%s' % (author,last_msg))}" class="tooltip" href="${h.url('changeset_home',repo_name=name,revision=tip)}">${'r%s:%s' % (rev,h.short_id(tip))}</a></code>
               %else:
                   ${_('No commits yet')}
               %endif
               </div>
             </%def>
             <%def name="rss(name)">
               %if c.rhodecode_user.username != h.DEFAULT_USER:
                 <a title="${h.tooltip(_('Subscribe to %s rss feed')% name)}" href="${h.url('rss_feed_home',repo_name=name,auth_token=c.rhodecode_user.feed_token)}"><i class="icon-rss-sign"></i></a>
               %else:
                 <a title="${h.tooltip(_('Subscribe to %s rss feed')% name)}" href="${h.url('rss_feed_home',repo_name=name)}"><i class="icon-rss-sign"></i></a>
               %endif
             </%def>
             <%def name="atom(name)">
               %if c.rhodecode_user.username != h.DEFAULT_USER:
                 <a title="${h.tooltip(_('Subscribe to %s atom feed')% name)}" href="${h.url('atom_feed_home',repo_name=name,auth_token=c.rhodecode_user.feed_token)}"><i class="icon-rss-sign"></i></a>
               %else:
                 <a title="${h.tooltip(_('Subscribe to %s atom feed')% name)}" href="${h.url('atom_feed_home',repo_name=name)}"><i class="icon-rss-sign"></i></a>
               %endif
             </%def>
             <%def name="user_gravatar(email, size=16)">
               <div class="rc-user tooltip" title="${h.tooltip(h.author_string(email))}">
                 ${base.gravatar(email, 16)}
               </div>
             </%def>
             <%def name="repo_actions(repo_name, super_user=True)">
               <div>
                 <div class="grid_edit">
                   <a href="${h.route_path('edit_repo',repo_name=repo_name)}" title="${_('Edit')}">
                     <i class="icon-pencil"></i>Edit</a>
                 </div>
                 <div class="grid_delete">
                   ${h.secure_form(h.route_path('edit_repo_advanced_delete', repo_name=repo_name), method='POST')}
                     ${h.submit('remove_%s' % repo_name,_('Delete'),class_="btn btn-link btn-danger",
                     onclick="return confirm('"+_('Confirm to delete this repository: %s') % repo_name+"');")}
                   ${h.end_form()}
                 </div>
               </div>
             </%def>
             <%def name="repo_state(repo_state)">
               <div>
                 %if repo_state == 'repo_state_pending':
                     <div class="tag tag4">${_('Creating')}</div>
                 %elif repo_state == 'repo_state_created':
                     <div class="tag tag1">${_('Created')}</div>
                 %else:
                     <div class="tag alert2" title="${h.tooltip(repo_state)}">invalid</div>
                 %endif
               </div>
             </%def>
             ## REPO GROUP RENDERERS
             <%def name="quick_repo_group_menu(repo_group_name)">
               <i class="pointer icon-more"></i>
               <div class="menu_items_container hidden">
                 <ul class="menu_items">
                   <li>
                      <a href="${h.route_path('repo_group_home', repo_group_name=repo_group_name)}">
                      <span class="icon">
                          <i class="icon-file-text"></i>
                      </span>
                      <span>${_('Summary')}</span>
                      </a>
                   </li>
                 </ul>
               </div>
             </%def>
             <%def name="repo_group_name(repo_group_name, children_groups=None)">
               <div>
                 <a href="${h.route_path('repo_group_home', repo_group_name=repo_group_name)}">
                 <i class="icon-folder-close" title="${_('Repository group')}"></i>
                   %if children_groups:
                       ${h.literal(' &raquo; '.join(children_groups))}
                   %else:
                       ${repo_group_name}
                   %endif
               </a>
               </div>
             </%def>
             <%def name="repo_group_desc(description)">
                 <div class="truncate-wrap">${description}</div>
             </%def>
             <%def name="repo_group_actions(repo_group_id, repo_group_name, gr_count)">
              <div class="grid_edit">
                 <a href="${h.url('edit_repo_group',group_name=repo_group_name)}" title="${_('Edit')}">Edit</a>
              </div>
              <div class="grid_delete">
                 ${h.secure_form(h.url('delete_repo_group', group_name=repo_group_name),method='delete')}
                     ${h.submit('remove_%s' % repo_group_name,_('Delete'),class_="btn btn-link btn-danger",
                     onclick="return confirm('"+ungettext('Confirm to delete this group: %s with %s repository','Confirm to delete this group: %s with %s repositories',gr_count) % (repo_group_name, gr_count)+"');")}
                 ${h.end_form()}
              </div>
             </%def>
             <%def name="user_actions(user_id, username)">
              <div class="grid_edit">
                <a href="${h.url('edit_user',user_id=user_id)}" title="${_('Edit')}">
                  <i class="icon-pencil"></i>Edit</a>
              </div>
              <div class="grid_delete">
               ${h.secure_form(h.url('delete_user', user_id=user_id),method='delete')}
                 ${h.submit('remove_',_('Delete'),id="remove_user_%s" % user_id, class_="btn btn-link btn-danger",
                 onclick="return confirm('"+_('Confirm to delete this user: %s') % username+"');")}
               ${h.end_form()}
              </div>
             </%def>
             <%def name="user_group_actions(user_group_id, user_group_name)">
              <div class="grid_edit">
                 <a href="${h.url('edit_users_group', user_group_id=user_group_id)}" title="${_('Edit')}">Edit</a>
              </div>
              <div class="grid_delete">
                 ${h.secure_form(h.url('delete_users_group', user_group_id=user_group_id),method='delete')}
                   ${h.submit('remove_',_('Delete'),id="remove_group_%s" % user_group_id, class_="btn btn-link btn-danger",
                   onclick="return confirm('"+_('Confirm to delete this user group: %s') % user_group_name+"');")}
                 ${h.end_form()}
              </div>
             </%def>
             <%def name="user_name(user_id, username)">
                 ${h.link_to(h.person(username, 'username_or_name_or_email'), h.url('edit_user', user_id=user_id))}
             </%def>
             <%def name="user_profile(username)">
                 ${base.gravatar_with_user(username, 16)}
             </%def>
             <%def name="user_group_name(user_group_id, user_group_name)">
               <div>
               <a href="${h.url('edit_users_group', user_group_id=user_group_id)}">
                 <i class="icon-group" title="${_('User group')}"></i> ${user_group_name}</a>
               </div>
             </%def>
             ## GISTS
             <%def name="gist_gravatar(full_contact)">
                 <div class="gist_gravatar">
                   ${base.gravatar(full_contact, 30)}
                 </div>
             </%def>
             <%def name="gist_access_id(gist_access_id, full_contact)">
                 <div>
                   <b>
-                    <a href="${h.url('gist',gist_id=gist_access_id)}">gist: ${gist_access_id}</a>
+                    <a href="${h.route_path('gist_show', gist_id=gist_access_id)}">gist: ${gist_access_id}</a>
                   </b>
                 </div>
             </%def>
             <%def name="gist_author(full_contact, created_on, expires)">
                 ${base.gravatar_with_user(full_contact, 16)}
             </%def>
             <%def name="gist_created(created_on)">
                 <div class="created">
                   ${h.age_component(created_on, time_is_local=True)}
                 </div>
             </%def>
             <%def name="gist_expires(expires)">
                 <div class="created">
                       %if expires == -1:
                         ${_('never')}
                       %else:
                         ${h.age_component(h.time_to_utcdatetime(expires))}
                       %endif
                 </div>
             </%def>
             <%def name="gist_type(gist_type)">
                 %if gist_type != 'public':
                   <div class="tag">${_('Private')}</div>
                 %endif
             </%def>
             <%def name="gist_description(gist_description)">
               ${gist_description}
             </%def>
             ## PULL REQUESTS GRID RENDERERS
             <%def name="pullrequest_target_repo(repo_name)">
                 <div class="truncate">
                   ${h.link_to(repo_name,h.route_path('repo_summary',repo_name=repo_name))}
                 </div>
             </%def>
             <%def name="pullrequest_status(status)">
                 <div class="${'flag_status %s' % status} pull-left"></div>
             </%def>
             <%def name="pullrequest_title(title, description)">
                 ${title} <br/>
                 ${h.shorter(description, 40)}
             </%def>
             <%def name="pullrequest_comments(comments_nr)">
                 <i class="icon-comment"></i> ${comments_nr}
             </%def>
             <%def name="pullrequest_name(pull_request_id, target_repo_name, short=False)">
                 <a href="${h.route_path('pullrequest_show',repo_name=target_repo_name,pull_request_id=pull_request_id)}">
                   % if short:
                     #${pull_request_id}
                   % else:
                     ${_('Pull request #%(pr_number)s') % {'pr_number': pull_request_id,}}
                   % endif
                 </a>
             </%def>
             <%def name="pullrequest_updated_on(updated_on)">
                 ${h.age_component(h.time_to_utcdatetime(updated_on))}
             </%def>
             <%def name="pullrequest_author(full_contact)">
                 ${base.gravatar_with_user(full_contact, 16)}
             </%def>

rhodecode/controllers/admin/gists.py

0 removed 0 -369

NO CONTENT: file was removed

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages