rhodecode-enterprise-ce Commit - r4445:5a5c90c0

comments: added rcextensions hoooks for comment editing, and renamed methods to remove odd log_ prefix which...

marcink -

r4445:5a5c90c0 default

parent child

rhodecode/config/rcextensions/__init__.py

0 +4 0

             # Copyright (C) 2016-2020 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             rcextensions module, please edit `hooks.py` to over write hooks logic
             """
             from .hooks import (
                 _create_repo_hook,
                 _create_repo_group_hook,
                 _pre_create_user_hook,
                 _create_user_hook,
                 _comment_commit_repo_hook,
+                _comment_edit_commit_repo_hook,
                 _delete_repo_hook,
                 _delete_user_hook,
                 _pre_push_hook,
                 _push_hook,
                 _pre_pull_hook,
                 _pull_hook,
                 _create_pull_request_hook,
                 _review_pull_request_hook,
                 _comment_pull_request_hook,
+                _comment_edit_pull_request_hook,
                 _update_pull_request_hook,
                 _merge_pull_request_hook,
                 _close_pull_request_hook,
             )
             # set as module attributes, we use those to call hooks. *do not change this*
             CREATE_REPO_HOOK = _create_repo_hook
             COMMENT_COMMIT_REPO_HOOK = _comment_commit_repo_hook
+            COMMENT_EDIT_COMMIT_REPO_HOOK = _comment_edit_commit_repo_hook
             CREATE_REPO_GROUP_HOOK = _create_repo_group_hook
             PRE_CREATE_USER_HOOK = _pre_create_user_hook
             CREATE_USER_HOOK = _create_user_hook
             DELETE_REPO_HOOK = _delete_repo_hook
             DELETE_USER_HOOK = _delete_user_hook
             PRE_PUSH_HOOK = _pre_push_hook
             PUSH_HOOK = _push_hook
             PRE_PULL_HOOK = _pre_pull_hook
             PULL_HOOK = _pull_hook
             CREATE_PULL_REQUEST = _create_pull_request_hook
             REVIEW_PULL_REQUEST = _review_pull_request_hook
             COMMENT_PULL_REQUEST = _comment_pull_request_hook
+            COMMENT_EDIT_PULL_REQUEST = _comment_edit_pull_request_hook
             UPDATE_PULL_REQUEST = _update_pull_request_hook
             MERGE_PULL_REQUEST = _merge_pull_request_hook
             CLOSE_PULL_REQUEST = _close_pull_request_hook

rhodecode/config/rcextensions/hooks.py

0 +59 0

             # Copyright (C) 2016-2020 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             from .utils import DotDict, HookResponse, has_kwargs
             log = logging.getLogger('rhodecode.' + __name__)
             # Config shortcut to keep, all configuration in one place
             # Example:  api_key = CONFIG.my_config.api_key
             CONFIG = DotDict(
                 my_config=DotDict(
                     api_key='<secret>',
                 ),
             )
             @has_kwargs({
                 'repo_name': '',
                 'repo_type': '',
                 'description': '',
                 'private': '',
                 'created_on': '',
                 'enable_downloads': '',
                 'repo_id': '',
                 'user_id': '',
                 'enable_statistics': '',
                 'clone_uri': '',
                 'fork_id': '',
                 'group_id': '',
                 'created_by': ''
             })
             def _create_repo_hook(*args, **kwargs):
                 """
                 POST CREATE REPOSITORY HOOK. This function will be executed after
                 each repository is created. kwargs available:
                 """
                 return HookResponse(0, '')
             @has_kwargs({
                 'repo_name': '',
                 'repo_type': '',
                 'description': '',
                 'private': '',
                 'created_on': '',
                 'enable_downloads': '',
                 'repo_id': '',
                 'user_id': '',
                 'enable_statistics': '',
                 'clone_uri': '',
                 'fork_id': '',
                 'group_id': '',
                 'created_by': '',
                 'repository': '',
                 'comment': '',
                 'commit': ''
             })
             def _comment_commit_repo_hook(*args, **kwargs):
                 """
                 POST CREATE REPOSITORY COMMENT ON COMMIT HOOK. This function will be executed after
                 a comment is made on this repository commit.
                 """
                 return HookResponse(0, '')
             @has_kwargs({
+                'repo_name': '',
+                'repo_type': '',
+                'description': '',
+                'private': '',
+                'created_on': '',
+                'enable_downloads': '',
+                'repo_id': '',
+                'user_id': '',
+                'enable_statistics': '',
+                'clone_uri': '',
+                'fork_id': '',
+                'group_id': '',
+                'created_by': '',
+                'repository': '',
+                'comment': '',
+                'commit': ''
+            })
+            def _comment_edit_commit_repo_hook(*args, **kwargs):
+                """
+                POST CREATE REPOSITORY COMMENT ON COMMIT HOOK. This function will be executed after
+                a comment is made on this repository commit.
+                """
+                return HookResponse(0, '')
+            @has_kwargs({
                 'group_name': '',
                 'group_parent_id': '',
                 'group_description': '',
                 'group_id': '',
                 'user_id': '',
                 'created_by': '',
                 'created_on': '',
                 'enable_locking': ''
             })
             def _create_repo_group_hook(*args, **kwargs):
                 """
                 POST CREATE REPOSITORY GROUP HOOK, this function will be
                 executed after each repository group is created. kwargs available:
                 """
                 return HookResponse(0, '')
             @has_kwargs({
                 'username': '',
                 'password': '',
                 'email': '',
                 'firstname': '',
                 'lastname': '',
                 'active': '',
                 'admin': '',
                 'created_by': '',
             })
             def _pre_create_user_hook(*args, **kwargs):
                 """
                 PRE CREATE USER HOOK, this function will be executed before each
                 user is created, it returns a tuple of bool, reason.
                 If bool is False the user creation will be stopped and reason
                 will be displayed to the user.
                 Return HookResponse(1, reason) to block user creation
                 """
                 reason = 'allowed'
                 return HookResponse(0, reason)
             @has_kwargs({
                 'username': '',
                 'full_name_or_username': '',
                 'full_contact': '',
                 'user_id': '',
                 'name': '',
                 'firstname': '',
                 'short_contact': '',
                 'admin': '',
                 'lastname': '',
                 'ip_addresses': '',
                 'extern_type': '',
                 'extern_name': '',
                 'email': '',
                 'api_key': '',
                 'api_keys': '',
                 'last_login': '',
                 'full_name': '',
                 'active': '',
                 'password': '',
                 'emails': '',
                 'inherit_default_permissions': '',
                 'created_by': '',
                 'created_on': '',
             })
             def _create_user_hook(*args, **kwargs):
                 """
                 POST CREATE USER HOOK, this function will be executed after each user is created
                 """
                 return HookResponse(0, '')
             @has_kwargs({
                 'repo_name': '',
                 'repo_type': '',
                 'description': '',
                 'private': '',
                 'created_on': '',
                 'enable_downloads': '',
                 'repo_id': '',
                 'user_id': '',
                 'enable_statistics': '',
                 'clone_uri': '',
                 'fork_id': '',
                 'group_id': '',
                 'deleted_by': '',
                 'deleted_on': '',
             })
             def _delete_repo_hook(*args, **kwargs):
                 """
                 POST DELETE REPOSITORY HOOK, this function will be executed after
                 each repository deletion
                 """
                 return HookResponse(0, '')
             @has_kwargs({
                 'username': '',
                 'full_name_or_username': '',
                 'full_contact': '',
                 'user_id': '',
                 'name': '',
                 'short_contact': '',
                 'admin': '',
                 'firstname': '',
                 'lastname': '',
                 'ip_addresses': '',
                 'email': '',
                 'api_key': '',
                 'last_login': '',
                 'full_name': '',
                 'active': '',
                 'password': '',
                 'emails': '',
                 'inherit_default_permissions': '',
                 'deleted_by': '',
             })
             def _delete_user_hook(*args, **kwargs):
                 """
                 POST DELETE USER HOOK, this function will be executed after each
                 user is deleted kwargs available:
                 """
                 return HookResponse(0, '')
             # =============================================================================
             # PUSH/PULL RELATED HOOKS
             # =============================================================================
             @has_kwargs({
                 'server_url': 'url of instance that triggered this hook',
                 'config': 'path to .ini config used',
                 'scm': 'type of version control "git", "hg", "svn"',
                 'username': 'username of actor who triggered this event',
                 'ip': 'ip address of actor who triggered this hook',
                 'action': '',
                 'repository': 'repository name',
                 'repo_store_path': 'full path to where repositories are stored',
                 'commit_ids': 'pre transaction metadata for commit ids',
                 'hook_type': '',
                 'user_agent': 'Client user agent, e.g git or mercurial CLI version',
             })
             def _pre_push_hook(*args, **kwargs):
                 """
                 Post push hook
                 To stop version control from storing the transaction and send a message to user
                 use non-zero HookResponse with a message, e.g return HookResponse(1, 'Not allowed')
                 This message will be shown back to client during PUSH operation
                 Commit ids might look like that::
                 [{u'hg_env|git_env': ...,
                   u'multiple_heads': [],
                   u'name': u'default',
                   u'new_rev': u'd0befe0692e722e01d5677f27a104631cf798b69',
                   u'old_rev': u'd0befe0692e722e01d5677f27a104631cf798b69',
                   u'ref': u'',
                   u'total_commits': 2,
                   u'type': u'branch'}]
                 """
                 return HookResponse(0, '')
             @has_kwargs({
                 'server_url': 'url of instance that triggered this hook',
                 'config': 'path to .ini config used',
                 'scm': 'type of version control "git", "hg", "svn"',
                 'username': 'username of actor who triggered this event',
                 'ip': 'ip address of actor who triggered this hook',
                 'action': '',
                 'repository': 'repository name',
                 'repo_store_path': 'full path to where repositories are stored',
                 'commit_ids': 'list of pushed commit_ids (sha1)',
                 'hook_type': '',
                 'user_agent': 'Client user agent, e.g git or mercurial CLI version',
             })
             def _push_hook(*args, **kwargs):
                 """
                 POST PUSH HOOK, this function will be executed after each push it's
                 executed after the build-in hook that RhodeCode uses for logging pushes
                 """
                 return HookResponse(0, '')
             @has_kwargs({
                 'server_url': 'url of instance that triggered this hook',
                 'repo_store_path': 'full path to where repositories are stored',
                 'config': 'path to .ini config used',
                 'scm': 'type of version control "git", "hg", "svn"',
                 'username': 'username of actor who triggered this event',
                 'ip': 'ip address of actor who triggered this hook',
                 'action': '',
                 'repository': 'repository name',
                 'hook_type': '',
                 'user_agent': 'Client user agent, e.g git or mercurial CLI version',
             })
             def _pre_pull_hook(*args, **kwargs):
                 """
                 Post pull hook
                 """
                 return HookResponse(0, '')
             @has_kwargs({
                 'server_url': 'url of instance that triggered this hook',
                 'repo_store_path': 'full path to where repositories are stored',
                 'config': 'path to .ini config used',
                 'scm': 'type of version control "git", "hg", "svn"',
                 'username': 'username of actor who triggered this event',
                 'ip': 'ip address of actor who triggered this hook',
                 'action': '',
                 'repository': 'repository name',
                 'hook_type': '',
                 'user_agent': 'Client user agent, e.g git or mercurial CLI version',
             })
             def _pull_hook(*args, **kwargs):
                 """
                 This hook will be executed after each code pull.
                 """
                 return HookResponse(0, '')
             # =============================================================================
             #  PULL REQUEST RELATED HOOKS
             # =============================================================================
             @has_kwargs({
                 'server_url': 'url of instance that triggered this hook',
                 'config': 'path to .ini config used',
                 'scm': 'type of version control "git", "hg", "svn"',
                 'username': 'username of actor who triggered this event',
                 'ip': 'ip address of actor who triggered this hook',
                 'action': '',
                 'repository': 'repository name',
                 'pull_request_id': '',
                 'url': '',
                 'title': '',
                 'description': '',
                 'status': '',
                 'created_on': '',
                 'updated_on': '',
                 'commit_ids': '',
                 'review_status': '',
                 'mergeable': '',
                 'source': '',
                 'target': '',
                 'author': '',
                 'reviewers': '',
             })
             def _create_pull_request_hook(*args, **kwargs):
                 """
                 This hook will be executed after creation of a pull request.
                 """
                 return HookResponse(0, '')
             @has_kwargs({
                 'server_url': 'url of instance that triggered this hook',
                 'config': 'path to .ini config used',
                 'scm': 'type of version control "git", "hg", "svn"',
                 'username': 'username of actor who triggered this event',
                 'ip': 'ip address of actor who triggered this hook',
                 'action': '',
                 'repository': 'repository name',
                 'pull_request_id': '',
                 'url': '',
                 'title': '',
                 'description': '',
                 'status': '',
                 'created_on': '',
                 'updated_on': '',
                 'commit_ids': '',
                 'review_status': '',
                 'mergeable': '',
                 'source': '',
                 'target': '',
                 'author': '',
                 'reviewers': '',
             })
             def _review_pull_request_hook(*args, **kwargs):
                 """
                 This hook will be executed after review action was made on a pull request.
                 """
                 return HookResponse(0, '')
             @has_kwargs({
                 'server_url': 'url of instance that triggered this hook',
                 'config': 'path to .ini config used',
                 'scm': 'type of version control "git", "hg", "svn"',
                 'username': 'username of actor who triggered this event',
                 'ip': 'ip address of actor who triggered this hook',
                 'action': '',
                 'repository': 'repository name',
                 'pull_request_id': '',
                 'url': '',
                 'title': '',
                 'description': '',
                 'status': '',
                 'comment': '',
                 'created_on': '',
                 'updated_on': '',
                 'commit_ids': '',
                 'review_status': '',
                 'mergeable': '',
                 'source': '',
                 'target': '',
                 'author': '',
                 'reviewers': '',
             })
             def _comment_pull_request_hook(*args, **kwargs):
                 """
                 This hook will be executed after comment is made on a pull request
                 """
                 return HookResponse(0, '')
             @has_kwargs({
                 'server_url': 'url of instance that triggered this hook',
                 'config': 'path to .ini config used',
                 'scm': 'type of version control "git", "hg", "svn"',
                 'username': 'username of actor who triggered this event',
                 'ip': 'ip address of actor who triggered this hook',
+                'action': '',
+                'repository': 'repository name',
+                'pull_request_id': '',
+                'url': '',
+                'title': '',
+                'description': '',
+                'status': '',
+                'comment': '',
+                'created_on': '',
+                'updated_on': '',
+                'commit_ids': '',
+                'review_status': '',
+                'mergeable': '',
+                'source': '',
+                'target': '',
+                'author': '',
+                'reviewers': '',
+            })
+            def _comment_edit_pull_request_hook(*args, **kwargs):
+                """
+                This hook will be executed after comment is made on a pull request
+                """
+                return HookResponse(0, '')
+            @has_kwargs({
+                'server_url': 'url of instance that triggered this hook',
+                'config': 'path to .ini config used',
+                'scm': 'type of version control "git", "hg", "svn"',
+                'username': 'username of actor who triggered this event',
+                'ip': 'ip address of actor who triggered this hook',
                 'action': '',
                 'repository': 'repository name',
                 'pull_request_id': '',
                 'url': '',
                 'title': '',
                 'description': '',
                 'status': '',
                 'created_on': '',
                 'updated_on': '',
                 'commit_ids': '',
                 'review_status': '',
                 'mergeable': '',
                 'source': '',
                 'target': '',
                 'author': '',
                 'reviewers': '',
             })
             def _update_pull_request_hook(*args, **kwargs):
                 """
                 This hook will be executed after pull requests has been updated with new commits.
                 """
                 return HookResponse(0, '')
             @has_kwargs({
                 'server_url': 'url of instance that triggered this hook',
                 'config': 'path to .ini config used',
                 'scm': 'type of version control "git", "hg", "svn"',
                 'username': 'username of actor who triggered this event',
                 'ip': 'ip address of actor who triggered this hook',
                 'action': '',
                 'repository': 'repository name',
                 'pull_request_id': '',
                 'url': '',
                 'title': '',
                 'description': '',
                 'status': '',
                 'created_on': '',
                 'updated_on': '',
                 'commit_ids': '',
                 'review_status': '',
                 'mergeable': '',
                 'source': '',
                 'target': '',
                 'author': '',
                 'reviewers': '',
             })
             def _merge_pull_request_hook(*args, **kwargs):
                 """
                 This hook will be executed after merge of a pull request.
                 """
                 return HookResponse(0, '')
             @has_kwargs({
                 'server_url': 'url of instance that triggered this hook',
                 'config': 'path to .ini config used',
                 'scm': 'type of version control "git", "hg", "svn"',
                 'username': 'username of actor who triggered this event',
                 'ip': 'ip address of actor who triggered this hook',
                 'action': '',
                 'repository': 'repository name',
                 'pull_request_id': '',
                 'url': '',
                 'title': '',
                 'description': '',
                 'status': '',
                 'created_on': '',
                 'updated_on': '',
                 'commit_ids': '',
                 'review_status': '',
                 'mergeable': '',
                 'source': '',
                 'target': '',
                 'author': '',
                 'reviewers': '',
             })
             def _close_pull_request_hook(*args, **kwargs):
                 """
                 This hook will be executed after close of a pull request.
                 """
                 return HookResponse(0, '')

rhodecode/lib/celerylib/tasks.py

0 +3 -3

             # -*- coding: utf-8 -*-
             # Copyright (C) 2012-2020 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             RhodeCode task modules, containing all task that suppose to be run
             by celery daemon
             """
             import os
             import time
             from pyramid import compat
             from pyramid_mailer.mailer import Mailer
             from pyramid_mailer.message import Message
             import rhodecode
             from rhodecode.lib import audit_logger
             from rhodecode.lib.celerylib import get_logger, async_task, RequestContextTask
-            from rhodecode.lib.hooks_base import log_create_repository
+            from rhodecode.lib import hooks_base
             from rhodecode.lib.utils2 import safe_int, str2bool
             from rhodecode.model.db import (
                 Session, IntegrityError, true, Repository, RepoGroup, User)
             @async_task(ignore_result=True, base=RequestContextTask)
             def send_email(recipients, subject, body='', html_body='', email_config=None):
                 """
                 Sends an email with defined parameters from the .ini files.
                 :param recipients: list of recipients, it this is empty the defined email
                     address from field 'email_to' is used instead
                 :param subject: subject of the mail
                 :param body: body of the mail
                 :param html_body: html version of body
                 :param email_config: specify custom configuration for mailer
                 """
                 log = get_logger(send_email)
                 email_config = email_config or rhodecode.CONFIG
                 mail_server = email_config.get('smtp_server') or None
                 if mail_server is None:
                     log.error("SMTP server information missing. Sending email failed. "
                               "Make sure that `smtp_server` variable is configured "
                               "inside the .ini file")
                     return False
                 subject = "%s %s" % (email_config.get('email_prefix', ''), subject)
                 if recipients:
                     if isinstance(recipients, compat.string_types):
                         recipients = recipients.split(',')
                 else:
                     # if recipients are not defined we send to email_config + all admins
                     admins = []
                     for u in User.query().filter(User.admin == true()).all():
                         if u.email:
                             admins.append(u.email)
                     recipients = []
                     config_email = email_config.get('email_to')
                     if config_email:
                         recipients += [config_email]
                     recipients += admins
                 # translate our LEGACY config into the one that pyramid_mailer supports
                 email_conf = dict(
                     host=mail_server,
                     port=email_config.get('smtp_port', 25),
                     username=email_config.get('smtp_username'),
                     password=email_config.get('smtp_password'),
                     tls=str2bool(email_config.get('smtp_use_tls')),
                     ssl=str2bool(email_config.get('smtp_use_ssl')),
                     # SSL key file
                     # keyfile='',
                     # SSL certificate file
                     # certfile='',
                     # Location of maildir
                     # queue_path='',
                     default_sender=email_config.get('app_email_from', 'RhodeCode'),
                     debug=str2bool(email_config.get('smtp_debug')),
                     # /usr/sbin/sendmail	Sendmail executable
                     # sendmail_app='',
                     # {sendmail_app} -t -i -f {sender}	Template for sendmail execution
                     # sendmail_template='',
                 )
                 try:
                     mailer = Mailer(**email_conf)
                     message = Message(subject=subject,
                                       sender=email_conf['default_sender'],
                                       recipients=recipients,
                                       body=body, html=html_body)
                     mailer.send_immediately(message)
                 except Exception:
                     log.exception('Mail sending failed')
                     return False
                 return True
             @async_task(ignore_result=True, base=RequestContextTask)
             def create_repo(form_data, cur_user):
                 from rhodecode.model.repo import RepoModel
                 from rhodecode.model.user import UserModel
                 from rhodecode.model.scm import ScmModel
                 from rhodecode.model.settings import SettingsModel
                 log = get_logger(create_repo)
                 cur_user = UserModel()._get_user(cur_user)
                 owner = cur_user
                 repo_name = form_data['repo_name']
                 repo_name_full = form_data['repo_name_full']
                 repo_type = form_data['repo_type']
                 description = form_data['repo_description']
                 private = form_data['repo_private']
                 clone_uri = form_data.get('clone_uri')
                 repo_group = safe_int(form_data['repo_group'])
                 copy_fork_permissions = form_data.get('copy_permissions')
                 copy_group_permissions = form_data.get('repo_copy_permissions')
                 fork_of = form_data.get('fork_parent_id')
                 state = form_data.get('repo_state', Repository.STATE_PENDING)
                 # repo creation defaults, private and repo_type are filled in form
                 defs = SettingsModel().get_default_repo_settings(strip_prefix=True)
                 enable_statistics = form_data.get(
                     'enable_statistics', defs.get('repo_enable_statistics'))
                 enable_locking = form_data.get(
                     'enable_locking', defs.get('repo_enable_locking'))
                 enable_downloads = form_data.get(
                     'enable_downloads', defs.get('repo_enable_downloads'))
                 # set landing rev based on default branches for SCM
                 landing_ref, _label = ScmModel.backend_landing_ref(repo_type)
                 try:
                     RepoModel()._create_repo(
                         repo_name=repo_name_full,
                         repo_type=repo_type,
                         description=description,
                         owner=owner,
                         private=private,
                         clone_uri=clone_uri,
                         repo_group=repo_group,
                         landing_rev=landing_ref,
                         fork_of=fork_of,
                         copy_fork_permissions=copy_fork_permissions,
                         copy_group_permissions=copy_group_permissions,
                         enable_statistics=enable_statistics,
                         enable_locking=enable_locking,
                         enable_downloads=enable_downloads,
                         state=state
                     )
                     Session().commit()
                     # now create this repo on Filesystem
                     RepoModel()._create_filesystem_repo(
                         repo_name=repo_name,
                         repo_type=repo_type,
                         repo_group=RepoModel()._get_repo_group(repo_group),
                         clone_uri=clone_uri,
                     )
                     repo = Repository.get_by_repo_name(repo_name_full)
-                    log_create_repository(created_by=owner.username, **repo.get_dict())
+                    hooks_base.create_repository(created_by=owner.username, **repo.get_dict())
                     # update repo commit caches initially
                     repo.update_commit_cache()
                     # set new created state
                     repo.set_state(Repository.STATE_CREATED)
                     repo_id = repo.repo_id
                     repo_data = repo.get_api_data()
                     audit_logger.store(
                         'repo.create', action_data={'data': repo_data},
                         user=cur_user,
                         repo=audit_logger.RepoWrap(repo_name=repo_name, repo_id=repo_id))
                     Session().commit()
                 except Exception as e:
                     log.warning('Exception occurred when creating repository, '
                                 'doing cleanup...', exc_info=True)
                     if isinstance(e, IntegrityError):
                         Session().rollback()
                     # rollback things manually !
                     repo = Repository.get_by_repo_name(repo_name_full)
                     if repo:
                         Repository.delete(repo.repo_id)
                         Session().commit()
                         RepoModel()._delete_filesystem_repo(repo)
                     log.info('Cleanup of repo %s finished', repo_name_full)
                     raise
                 return True
             @async_task(ignore_result=True, base=RequestContextTask)
             def create_repo_fork(form_data, cur_user):
                 """
                 Creates a fork of repository using internal VCS methods
                 """
                 from rhodecode.model.repo import RepoModel
                 from rhodecode.model.user import UserModel
                 log = get_logger(create_repo_fork)
                 cur_user = UserModel()._get_user(cur_user)
                 owner = cur_user
                 repo_name = form_data['repo_name']  # fork in this case
                 repo_name_full = form_data['repo_name_full']
                 repo_type = form_data['repo_type']
                 description = form_data['description']
                 private = form_data['private']
                 clone_uri = form_data.get('clone_uri')
                 repo_group = safe_int(form_data['repo_group'])
                 landing_ref = form_data['landing_rev']
                 copy_fork_permissions = form_data.get('copy_permissions')
                 fork_id = safe_int(form_data.get('fork_parent_id'))
                 try:
                     fork_of = RepoModel()._get_repo(fork_id)
                     RepoModel()._create_repo(
                         repo_name=repo_name_full,
                         repo_type=repo_type,
                         description=description,
                         owner=owner,
                         private=private,
                         clone_uri=clone_uri,
                         repo_group=repo_group,
                         landing_rev=landing_ref,
                         fork_of=fork_of,
                         copy_fork_permissions=copy_fork_permissions
                     )
                     Session().commit()
                     base_path = Repository.base_path()
                     source_repo_path = os.path.join(base_path, fork_of.repo_name)
                     # now create this repo on Filesystem
                     RepoModel()._create_filesystem_repo(
                         repo_name=repo_name,
                         repo_type=repo_type,
                         repo_group=RepoModel()._get_repo_group(repo_group),
                         clone_uri=source_repo_path,
                     )
                     repo = Repository.get_by_repo_name(repo_name_full)
-                    log_create_repository(created_by=owner.username, **repo.get_dict())
+                    hooks_base.create_repository(created_by=owner.username, **repo.get_dict())
                     # update repo commit caches initially
                     config = repo._config
                     config.set('extensions', 'largefiles', '')
                     repo.update_commit_cache(config=config)
                     # set new created state
                     repo.set_state(Repository.STATE_CREATED)
                     repo_id = repo.repo_id
                     repo_data = repo.get_api_data()
                     audit_logger.store(
                         'repo.fork', action_data={'data': repo_data},
                         user=cur_user,
                         repo=audit_logger.RepoWrap(repo_name=repo_name, repo_id=repo_id))
                     Session().commit()
                 except Exception as e:
                     log.warning('Exception occurred when forking repository, '
                                 'doing cleanup...', exc_info=True)
                     if isinstance(e, IntegrityError):
                         Session().rollback()
                     # rollback things manually !
                     repo = Repository.get_by_repo_name(repo_name_full)
                     if repo:
                         Repository.delete(repo.repo_id)
                         Session().commit()
                         RepoModel()._delete_filesystem_repo(repo)
                     log.info('Cleanup of repo %s finished', repo_name_full)
                     raise
                 return True
             @async_task(ignore_result=True)
             def repo_maintenance(repoid):
                 from rhodecode.lib import repo_maintenance as repo_maintenance_lib
                 log = get_logger(repo_maintenance)
                 repo = Repository.get_by_id_or_repo_name(repoid)
                 if repo:
                     maintenance = repo_maintenance_lib.RepoMaintenance()
                     tasks = maintenance.get_tasks_for_repo(repo)
                     log.debug('Executing %s tasks on repo `%s`', tasks, repoid)
                     executed_types = maintenance.execute(repo)
                     log.debug('Got execution results %s', executed_types)
                 else:
                     log.debug('Repo `%s` not found or without a clone_url', repoid)
             @async_task(ignore_result=True)
             def check_for_update():
                 from rhodecode.model.update import UpdateModel
                 update_url = UpdateModel().get_update_url()
                 cur_ver = rhodecode.__version__
                 try:
                     data = UpdateModel().get_update_data(update_url)
                     latest = data['versions'][0]
                     UpdateModel().store_version(latest['version'])
                 except Exception:
                     pass
             @async_task(ignore_result=False)
             def beat_check(*args, **kwargs):
                 log = get_logger(beat_check)
                 log.info('Got args: %r and kwargs %r', args, kwargs)
                 return time.time()
             @async_task(ignore_result=True)
             def sync_last_update(*args, **kwargs):
                 skip_repos = kwargs.get('skip_repos')
                 if not skip_repos:
                     repos = Repository.query() \
                         .order_by(Repository.group_id.asc())
                     for repo in repos:
                         repo.update_commit_cache()
                 skip_groups = kwargs.get('skip_groups')
                 if not skip_groups:
                     repo_groups = RepoGroup.query() \
                         .filter(RepoGroup.group_parent_id == None)
                     for root_gr in repo_groups:
                         for repo_gr in reversed(root_gr.recursive_groups()):
                             repo_gr.update_commit_cache()

rhodecode/lib/hooks_base.py

0 +29 -12

             # -*- coding: utf-8 -*-
             # Copyright (C) 2013-2020 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Set of hooks run by RhodeCode Enterprise
             """
             import os
             import logging
             import rhodecode
             from rhodecode import events
             from rhodecode.lib import helpers as h
             from rhodecode.lib import audit_logger
             from rhodecode.lib.utils2 import safe_str
             from rhodecode.lib.exceptions import (
                 HTTPLockedRC, HTTPBranchProtected, UserCreationError)
             from rhodecode.model.db import Repository, User
             log = logging.getLogger(__name__)
             class HookResponse(object):
                 def __init__(self, status, output):
                     self.status = status
                     self.output = output
                 def __add__(self, other):
                     other_status = getattr(other, 'status', 0)
                     new_status = max(self.status, other_status)
                     other_output = getattr(other, 'output', '')
                     new_output = self.output + other_output
                     return HookResponse(new_status, new_output)
                 def __bool__(self):
                     return self.status == 0
             def is_shadow_repo(extras):
                 """
                 Returns ``True`` if this is an action executed against a shadow repository.
                 """
                 return extras['is_shadow_repo']
             def _get_scm_size(alias, root_path):
                 if not alias.startswith('.'):
                     alias += '.'
                 size_scm, size_root = 0, 0
                 for path, unused_dirs, files in os.walk(safe_str(root_path)):
                     if path.find(alias) != -1:
                         for f in files:
                             try:
                                 size_scm += os.path.getsize(os.path.join(path, f))
                             except OSError:
                                 pass
                     else:
                         for f in files:
                             try:
                                 size_root += os.path.getsize(os.path.join(path, f))
                             except OSError:
                                 pass
                 size_scm_f = h.format_byte_size_binary(size_scm)
                 size_root_f = h.format_byte_size_binary(size_root)
                 size_total_f = h.format_byte_size_binary(size_root + size_scm)
                 return size_scm_f, size_root_f, size_total_f
             # actual hooks called by Mercurial internally, and GIT by our Python Hooks
             def repo_size(extras):
                 """Present size of repository after push."""
                 repo = Repository.get_by_repo_name(extras.repository)
                 vcs_part = safe_str(u'.%s' % repo.repo_type)
                 size_vcs, size_root, size_total = _get_scm_size(vcs_part,
                                                                 repo.repo_full_path)
                 msg = ('Repository `%s` size summary %s:%s repo:%s total:%s\n'
                        % (repo.repo_name, vcs_part, size_vcs, size_root, size_total))
                 return HookResponse(0, msg)
             def pre_push(extras):
                 """
                 Hook executed before pushing code.
                 It bans pushing when the repository is locked.
                 """
                 user = User.get_by_username(extras.username)
                 output = ''
                 if extras.locked_by[0] and user.user_id != int(extras.locked_by[0]):
                     locked_by = User.get(extras.locked_by[0]).username
                     reason = extras.locked_by[2]
                     # this exception is interpreted in git/hg middlewares and based
                     # on that proper return code is server to client
                     _http_ret = HTTPLockedRC(
                         _locked_by_explanation(extras.repository, locked_by, reason))
                     if str(_http_ret.code).startswith('2'):
                         # 2xx Codes don't raise exceptions
                         output = _http_ret.title
                     else:
                         raise _http_ret
                 hook_response = ''
                 if not is_shadow_repo(extras):
                     if extras.commit_ids and extras.check_branch_perms:
                         auth_user = user.AuthUser()
                         repo = Repository.get_by_repo_name(extras.repository)
                         affected_branches = []
                         if repo.repo_type == 'hg':
                             for entry in extras.commit_ids:
                                 if entry['type'] == 'branch':
                                     is_forced = bool(entry['multiple_heads'])
                                     affected_branches.append([entry['name'], is_forced])
                         elif repo.repo_type == 'git':
                             for entry in extras.commit_ids:
                                 if entry['type'] == 'heads':
                                     is_forced = bool(entry['pruned_sha'])
                                     affected_branches.append([entry['name'], is_forced])
                         for branch_name, is_forced in affected_branches:
                             rule, branch_perm = auth_user.get_rule_and_branch_permission(
                                 extras.repository, branch_name)
                             if not branch_perm:
                                 # no branch permission found for this branch, just keep checking
                                 continue
                             if branch_perm == 'branch.push_force':
                                 continue
                             elif branch_perm == 'branch.push' and is_forced is False:
                                 continue
                             elif branch_perm == 'branch.push' and is_forced is True:
                                 halt_message = 'Branch `{}` changes rejected by rule {}. ' \
                                                'FORCE PUSH FORBIDDEN.'.format(branch_name, rule)
                             else:
                                 halt_message = 'Branch `{}` changes rejected by rule {}.'.format(
                                     branch_name, rule)
                             if halt_message:
                                 _http_ret = HTTPBranchProtected(halt_message)
                                 raise _http_ret
                     # Propagate to external components. This is done after checking the
                     # lock, for consistent behavior.
                     hook_response = pre_push_extension(
                         repo_store_path=Repository.base_path(), **extras)
                     events.trigger(events.RepoPrePushEvent(
                         repo_name=extras.repository, extras=extras))
                 return HookResponse(0, output) + hook_response
             def pre_pull(extras):
                 """
                 Hook executed before pulling the code.
                 It bans pulling when the repository is locked.
                 """
                 output = ''
                 if extras.locked_by[0]:
                     locked_by = User.get(extras.locked_by[0]).username
                     reason = extras.locked_by[2]
                     # this exception is interpreted in git/hg middlewares and based
                     # on that proper return code is server to client
                     _http_ret = HTTPLockedRC(
                         _locked_by_explanation(extras.repository, locked_by, reason))
                     if str(_http_ret.code).startswith('2'):
                         # 2xx Codes don't raise exceptions
                         output = _http_ret.title
                     else:
                         raise _http_ret
                 # Propagate to external components. This is done after checking the
                 # lock, for consistent behavior.
                 hook_response = ''
                 if not is_shadow_repo(extras):
                     extras.hook_type = extras.hook_type or 'pre_pull'
                     hook_response = pre_pull_extension(
                         repo_store_path=Repository.base_path(), **extras)
                     events.trigger(events.RepoPrePullEvent(
                         repo_name=extras.repository, extras=extras))
                 return HookResponse(0, output) + hook_response
             def post_pull(extras):
                 """Hook executed after client pulls the code."""
                 audit_user = audit_logger.UserWrap(
                     username=extras.username,
                     ip_addr=extras.ip)
                 repo = audit_logger.RepoWrap(repo_name=extras.repository)
                 audit_logger.store(
                     'user.pull', action_data={'user_agent': extras.user_agent},
                     user=audit_user, repo=repo, commit=True)
                 output = ''
                 # make lock is a tri state False, True, None. We only make lock on True
                 if extras.make_lock is True and not is_shadow_repo(extras):
                     user = User.get_by_username(extras.username)
                     Repository.lock(Repository.get_by_repo_name(extras.repository),
                                     user.user_id,
                                     lock_reason=Repository.LOCK_PULL)
                     msg = 'Made lock on repo `%s`' % (extras.repository,)
                     output += msg
                 if extras.locked_by[0]:
                     locked_by = User.get(extras.locked_by[0]).username
                     reason = extras.locked_by[2]
                     _http_ret = HTTPLockedRC(
                         _locked_by_explanation(extras.repository, locked_by, reason))
                     if str(_http_ret.code).startswith('2'):
                         # 2xx Codes don't raise exceptions
                         output += _http_ret.title
                 # Propagate to external components.
                 hook_response = ''
                 if not is_shadow_repo(extras):
                     extras.hook_type = extras.hook_type or 'post_pull'
                     hook_response = post_pull_extension(
                         repo_store_path=Repository.base_path(), **extras)
                     events.trigger(events.RepoPullEvent(
                         repo_name=extras.repository, extras=extras))
                 return HookResponse(0, output) + hook_response
             def post_push(extras):
                 """Hook executed after user pushes to the repository."""
                 commit_ids = extras.commit_ids
                 # log the push call
                 audit_user = audit_logger.UserWrap(
                     username=extras.username, ip_addr=extras.ip)
                 repo = audit_logger.RepoWrap(repo_name=extras.repository)
                 audit_logger.store(
                     'user.push', action_data={
                         'user_agent': extras.user_agent,
                         'commit_ids': commit_ids[:400]},
                     user=audit_user, repo=repo, commit=True)
                 # Propagate to external components.
                 output = ''
                 # make lock is a tri state False, True, None. We only release lock on False
                 if extras.make_lock is False and not is_shadow_repo(extras):
                     Repository.unlock(Repository.get_by_repo_name(extras.repository))
                     msg = 'Released lock on repo `{}`\n'.format(safe_str(extras.repository))
                     output += msg
                 if extras.locked_by[0]:
                     locked_by = User.get(extras.locked_by[0]).username
                     reason = extras.locked_by[2]
                     _http_ret = HTTPLockedRC(
                         _locked_by_explanation(extras.repository, locked_by, reason))
                     # TODO: johbo: if not?
                     if str(_http_ret.code).startswith('2'):
                         # 2xx Codes don't raise exceptions
                         output += _http_ret.title
                 if extras.new_refs:
                     tmpl = '{}/{}/pull-request/new?{{ref_type}}={{ref_name}}'.format(
                         safe_str(extras.server_url), safe_str(extras.repository))
                     for branch_name in extras.new_refs['branches']:
                         output += 'RhodeCode: open pull request link: {}\n'.format(
                             tmpl.format(ref_type='branch', ref_name=safe_str(branch_name)))
                     for book_name in extras.new_refs['bookmarks']:
                         output += 'RhodeCode: open pull request link: {}\n'.format(
                             tmpl.format(ref_type='bookmark', ref_name=safe_str(book_name)))
                 hook_response = ''
                 if not is_shadow_repo(extras):
                     hook_response = post_push_extension(
                         repo_store_path=Repository.base_path(),
                         **extras)
                     events.trigger(events.RepoPushEvent(
                         repo_name=extras.repository, pushed_commit_ids=commit_ids, extras=extras))
                 output += 'RhodeCode: push completed\n'
                 return HookResponse(0, output) + hook_response
             def _locked_by_explanation(repo_name, user_name, reason):
                 message = (
                     'Repository `%s` locked by user `%s`. Reason:`%s`'
                     % (repo_name, user_name, reason))
                 return message
             def check_allowed_create_user(user_dict, created_by, **kwargs):
                 # pre create hooks
                 if pre_create_user.is_active():
                     hook_result = pre_create_user(created_by=created_by, **user_dict)
                     allowed = hook_result.status == 0
                     if not allowed:
                         reason = hook_result.output
                         raise UserCreationError(reason)
             class ExtensionCallback(object):
                 """
                 Forwards a given call to rcextensions, sanitizes keyword arguments.
                 Does check if there is an extension active for that hook. If it is
                 there, it will forward all `kwargs_keys` keyword arguments to the
                 extension callback.
                 """
                 def __init__(self, hook_name, kwargs_keys):
                     self._hook_name = hook_name
                     self._kwargs_keys = set(kwargs_keys)
                 def __call__(self, *args, **kwargs):
                     log.debug('Calling extension callback for `%s`', self._hook_name)
                     callback = self._get_callback()
                     if not callback:
                         log.debug('extension callback `%s` not found, skipping...', self._hook_name)
                         return
                     kwargs_to_pass = {}
                     for key in self._kwargs_keys:
                         try:
                             kwargs_to_pass[key] = kwargs[key]
                         except KeyError:
                             log.error('Failed to fetch %s key from given kwargs. '
                                       'Expected keys: %s', key, self._kwargs_keys)
                             raise
                     # backward compat for removed api_key for old hooks. This was it works
                     # with older rcextensions that require api_key present
                     if self._hook_name in ['CREATE_USER_HOOK', 'DELETE_USER_HOOK']:
                         kwargs_to_pass['api_key'] = '_DEPRECATED_'
                     return callback(**kwargs_to_pass)
                 def is_active(self):
                     return hasattr(rhodecode.EXTENSIONS, self._hook_name)
                 def _get_callback(self):
                     return getattr(rhodecode.EXTENSIONS, self._hook_name, None)
             pre_pull_extension = ExtensionCallback(
                 hook_name='PRE_PULL_HOOK',
                 kwargs_keys=(
                     'server_url', 'config', 'scm', 'username', 'ip', 'action',
                     'repository', 'hook_type', 'user_agent', 'repo_store_path',))
             post_pull_extension = ExtensionCallback(
                 hook_name='PULL_HOOK',
                 kwargs_keys=(
                     'server_url', 'config', 'scm', 'username', 'ip', 'action',
                     'repository', 'hook_type', 'user_agent', 'repo_store_path',))
             pre_push_extension = ExtensionCallback(
                 hook_name='PRE_PUSH_HOOK',
                 kwargs_keys=(
                     'server_url', 'config', 'scm', 'username', 'ip', 'action',
                     'repository', 'repo_store_path', 'commit_ids', 'hook_type', 'user_agent',))
             post_push_extension = ExtensionCallback(
                 hook_name='PUSH_HOOK',
                 kwargs_keys=(
                     'server_url', 'config', 'scm', 'username', 'ip', 'action',
                     'repository', 'repo_store_path', 'commit_ids', 'hook_type', 'user_agent',))
             pre_create_user = ExtensionCallback(
                 hook_name='PRE_CREATE_USER_HOOK',
                 kwargs_keys=(
                     'username', 'password', 'email', 'firstname', 'lastname', 'active',
                     'admin', 'created_by'))
-            log_create_pull_request = ExtensionCallback(
+            create_pull_request = ExtensionCallback(
                 hook_name='CREATE_PULL_REQUEST',
                 kwargs_keys=(
                     'server_url', 'config', 'scm', 'username', 'ip', 'action',
                     'repository', 'pull_request_id', 'url', 'title', 'description',
                     'status', 'created_on', 'updated_on', 'commit_ids', 'review_status',
                     'mergeable', 'source', 'target', 'author', 'reviewers'))
-            log_merge_pull_request = ExtensionCallback(
+            merge_pull_request = ExtensionCallback(
                 hook_name='MERGE_PULL_REQUEST',
                 kwargs_keys=(
                     'server_url', 'config', 'scm', 'username', 'ip', 'action',
                     'repository', 'pull_request_id', 'url', 'title', 'description',
                     'status', 'created_on', 'updated_on', 'commit_ids', 'review_status',
                     'mergeable', 'source', 'target', 'author', 'reviewers'))
-            log_close_pull_request = ExtensionCallback(
+            close_pull_request = ExtensionCallback(
                 hook_name='CLOSE_PULL_REQUEST',
                 kwargs_keys=(
                     'server_url', 'config', 'scm', 'username', 'ip', 'action',
                     'repository', 'pull_request_id', 'url', 'title', 'description',
                     'status', 'created_on', 'updated_on', 'commit_ids', 'review_status',
                     'mergeable', 'source', 'target', 'author', 'reviewers'))
-            log_review_pull_request = ExtensionCallback(
+            review_pull_request = ExtensionCallback(
                 hook_name='REVIEW_PULL_REQUEST',
                 kwargs_keys=(
                     'server_url', 'config', 'scm', 'username', 'ip', 'action',
                     'repository', 'pull_request_id', 'url', 'title', 'description',
                     'status', 'created_on', 'updated_on', 'commit_ids', 'review_status',
                     'mergeable', 'source', 'target', 'author', 'reviewers'))
-            log_comment_pull_request = ExtensionCallback(
+            comment_pull_request = ExtensionCallback(
                 hook_name='COMMENT_PULL_REQUEST',
                 kwargs_keys=(
                     'server_url', 'config', 'scm', 'username', 'ip', 'action',
                     'repository', 'pull_request_id', 'url', 'title', 'description',
                     'status', 'comment', 'created_on', 'updated_on', 'commit_ids', 'review_status',
                     'mergeable', 'source', 'target', 'author', 'reviewers'))
-            log_update_pull_request = ExtensionCallback(
+            comment_edit_pull_request = ExtensionCallback(
+                hook_name='COMMENT_EDIT_PULL_REQUEST',
+                kwargs_keys=(
+                    'server_url', 'config', 'scm', 'username', 'ip', 'action',
+                    'repository', 'pull_request_id', 'url', 'title', 'description',
+                    'status', 'comment', 'created_on', 'updated_on', 'commit_ids', 'review_status',
+                    'mergeable', 'source', 'target', 'author', 'reviewers'))
+            update_pull_request = ExtensionCallback(
                 hook_name='UPDATE_PULL_REQUEST',
                 kwargs_keys=(
                     'server_url', 'config', 'scm', 'username', 'ip', 'action',
                     'repository', 'pull_request_id', 'url', 'title', 'description',
                     'status', 'created_on', 'updated_on', 'commit_ids', 'review_status',
                     'mergeable', 'source', 'target', 'author', 'reviewers'))
-            log_create_user = ExtensionCallback(
+            create_user = ExtensionCallback(
                 hook_name='CREATE_USER_HOOK',
                 kwargs_keys=(
                     'username', 'full_name_or_username', 'full_contact', 'user_id',
                     'name', 'firstname', 'short_contact', 'admin', 'lastname',
                     'ip_addresses', 'extern_type', 'extern_name',
                     'email', 'api_keys', 'last_login',
                     'full_name', 'active', 'password', 'emails',
                     'inherit_default_permissions', 'created_by', 'created_on'))
-            log_delete_user = ExtensionCallback(
+            delete_user = ExtensionCallback(
                 hook_name='DELETE_USER_HOOK',
                 kwargs_keys=(
                     'username', 'full_name_or_username', 'full_contact', 'user_id',
                     'name', 'firstname', 'short_contact', 'admin', 'lastname',
                     'ip_addresses',
                     'email', 'last_login',
                     'full_name', 'active', 'password', 'emails',
                     'inherit_default_permissions', 'deleted_by'))
-            log_create_repository = ExtensionCallback(
+            create_repository = ExtensionCallback(
                 hook_name='CREATE_REPO_HOOK',
                 kwargs_keys=(
                     'repo_name', 'repo_type', 'description', 'private', 'created_on',
                     'enable_downloads', 'repo_id', 'user_id', 'enable_statistics',
                     'clone_uri', 'fork_id', 'group_id', 'created_by'))
-            log_delete_repository = ExtensionCallback(
+            delete_repository = ExtensionCallback(
                 hook_name='DELETE_REPO_HOOK',
                 kwargs_keys=(
                     'repo_name', 'repo_type', 'description', 'private', 'created_on',
                     'enable_downloads', 'repo_id', 'user_id', 'enable_statistics',
                     'clone_uri', 'fork_id', 'group_id', 'deleted_by', 'deleted_on'))
-            log_comment_commit_repository = ExtensionCallback(
+            comment_commit_repository = ExtensionCallback(
                 hook_name='COMMENT_COMMIT_REPO_HOOK',
                 kwargs_keys=(
                     'repo_name', 'repo_type', 'description', 'private', 'created_on',
                     'enable_downloads', 'repo_id', 'user_id', 'enable_statistics',
                     'clone_uri', 'fork_id', 'group_id',
                     'repository', 'created_by', 'comment', 'commit'))
+            comment_edit_commit_repository = ExtensionCallback(
+                hook_name='COMMENT_EDIT_COMMIT_REPO_HOOK',
+                kwargs_keys=(
+                    'repo_name', 'repo_type', 'description', 'private', 'created_on',
+                    'enable_downloads', 'repo_id', 'user_id', 'enable_statistics',
+                    'clone_uri', 'fork_id', 'group_id',
+                    'repository', 'created_by', 'comment', 'commit'))
-            log_create_repository_group = ExtensionCallback(
+            create_repository_group = ExtensionCallback(
                 hook_name='CREATE_REPO_GROUP_HOOK',
                 kwargs_keys=(
                     'group_name', 'group_parent_id', 'group_description',
                     'group_id', 'user_id', 'created_by', 'created_on',
                     'enable_locking'))

rhodecode/lib/hooks_utils.py

0 +9 -11

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2020 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import webob
             from pyramid.threadlocal import get_current_request
             from rhodecode import events
             from rhodecode.lib import hooks_base
             from rhodecode.lib import utils2
             def _supports_repo_type(repo_type):
                 if repo_type in ('hg', 'git'):
                     return True
                 return False
             def _get_vcs_operation_context(username, repo_name, repo_type, action):
                 # NOTE(dan): import loop
                 from rhodecode.lib.base import vcs_operation_context
                 check_locking = action in ('pull', 'push')
                 request = get_current_request()
                 try:
                     environ = request.environ
                 except TypeError:
                     # we might use this outside of request context
                     environ = {}
                 if not environ:
                     environ = webob.Request.blank('').environ
                 extras = vcs_operation_context(environ, repo_name, username, action, repo_type, check_locking)
                 return utils2.AttributeDict(extras)
             def trigger_post_push_hook(username, action, hook_type, repo_name, repo_type, commit_ids):
                 """
                 Triggers push action hooks
                 :param username: username who pushes
                 :param action: push/push_local/push_remote
                 :param hook_type: type of hook executed
                 :param repo_name: name of repo
                 :param repo_type: the type of SCM repo
                 :param commit_ids: list of commit ids that we pushed
                 """
                 extras = _get_vcs_operation_context(username, repo_name, repo_type, action)
                 extras.commit_ids = commit_ids
                 extras.hook_type = hook_type
                 hooks_base.post_push(extras)
             def trigger_comment_commit_hooks(username, repo_name, repo_type, repo, data=None):
                 """
                 Triggers when a comment is made on a commit
                 :param username: username who creates the comment
                 :param repo_name: name of target repo
                 :param repo_type: the type of SCM target repo
                 :param repo: the repo object we trigger the event for
                 :param data: extra data for specific events e.g {'comment': comment_obj, 'commit': commit_obj}
                 """
                 if not _supports_repo_type(repo_type):
                     return
                 extras = _get_vcs_operation_context(username, repo_name, repo_type, 'comment_commit')
                 comment = data['comment']
                 commit = data['commit']
                 events.trigger(events.RepoCommitCommentEvent(repo, commit, comment))
                 extras.update(repo.get_dict())
                 extras.commit = commit.serialize()
                 extras.comment = comment.get_api_data()
                 extras.created_by = username
-                hooks_base.log_comment_commit_repository(**extras)
+                hooks_base.comment_commit_repository(**extras)
             def trigger_comment_commit_edit_hooks(username, repo_name, repo_type, repo, data=None):
                 """
                 Triggers when a comment is edited on a commit
                 :param username: username who edits the comment
                 :param repo_name: name of target repo
                 :param repo_type: the type of SCM target repo
                 :param repo: the repo object we trigger the event for
                 :param data: extra data for specific events e.g {'comment': comment_obj, 'commit': commit_obj}
                 """
                 if not _supports_repo_type(repo_type):
                     return
                 extras = _get_vcs_operation_context(username, repo_name, repo_type, 'comment_commit')
                 comment = data['comment']
                 commit = data['commit']
                 events.trigger(events.RepoCommitCommentEditEvent(repo, commit, comment))
                 extras.update(repo.get_dict())
                 extras.commit = commit.serialize()
                 extras.comment = comment.get_api_data()
                 extras.created_by = username
-                # TODO(marcink): rcextensions handlers ??
+                hooks_base.comment_edit_commit_repository(**extras)
-                hooks_base.log_comment_commit_repository(**extras)
             def trigger_create_pull_request_hook(username, repo_name, repo_type, pull_request, data=None):
                 """
                 Triggers create pull request action hooks
                 :param username: username who creates the pull request
                 :param repo_name: name of target repo
                 :param repo_type: the type of SCM target repo
                 :param pull_request: the pull request that was created
                 :param data: extra data for specific events e.g {'comment': comment_obj}
                 """
                 if not _supports_repo_type(repo_type):
                     return
                 extras = _get_vcs_operation_context(username, repo_name, repo_type, 'create_pull_request')
                 events.trigger(events.PullRequestCreateEvent(pull_request))
                 extras.update(pull_request.get_api_data(with_merge_state=False))
-                hooks_base.log_create_pull_request(**extras)
+                hooks_base.create_pull_request(**extras)
             def trigger_merge_pull_request_hook(username, repo_name, repo_type, pull_request, data=None):
                 """
                 Triggers merge pull request action hooks
                 :param username: username who creates the pull request
                 :param repo_name: name of target repo
                 :param repo_type: the type of SCM target repo
                 :param pull_request: the pull request that was merged
                 :param data: extra data for specific events e.g {'comment': comment_obj}
                 """
                 if not _supports_repo_type(repo_type):
                     return
                 extras = _get_vcs_operation_context(username, repo_name, repo_type, 'merge_pull_request')
                 events.trigger(events.PullRequestMergeEvent(pull_request))
                 extras.update(pull_request.get_api_data())
-                hooks_base.log_merge_pull_request(**extras)
+                hooks_base.merge_pull_request(**extras)
             def trigger_close_pull_request_hook(username, repo_name, repo_type, pull_request, data=None):
                 """
                 Triggers close pull request action hooks
                 :param username: username who creates the pull request
                 :param repo_name: name of target repo
                 :param repo_type: the type of SCM target repo
                 :param pull_request: the pull request that was closed
                 :param data: extra data for specific events e.g {'comment': comment_obj}
                 """
                 if not _supports_repo_type(repo_type):
                     return
                 extras = _get_vcs_operation_context(username, repo_name, repo_type, 'close_pull_request')
                 events.trigger(events.PullRequestCloseEvent(pull_request))
                 extras.update(pull_request.get_api_data())
-                hooks_base.log_close_pull_request(**extras)
+                hooks_base.close_pull_request(**extras)
             def trigger_review_pull_request_hook(username, repo_name, repo_type, pull_request, data=None):
                 """
                 Triggers review status change pull request action hooks
                 :param username: username who creates the pull request
                 :param repo_name: name of target repo
                 :param repo_type: the type of SCM target repo
                 :param pull_request: the pull request that review status changed
                 :param data: extra data for specific events e.g {'comment': comment_obj}
                 """
                 if not _supports_repo_type(repo_type):
                     return
                 extras = _get_vcs_operation_context(username, repo_name, repo_type, 'review_pull_request')
                 status = data.get('status')
                 events.trigger(events.PullRequestReviewEvent(pull_request, status))
                 extras.update(pull_request.get_api_data())
-                hooks_base.log_review_pull_request(**extras)
+                hooks_base.review_pull_request(**extras)
             def trigger_comment_pull_request_hook(username, repo_name, repo_type, pull_request, data=None):
                 """
                 Triggers when a comment is made on a pull request
                 :param username: username who creates the pull request
                 :param repo_name: name of target repo
                 :param repo_type: the type of SCM target repo
                 :param pull_request: the pull request that comment was made on
                 :param data: extra data for specific events e.g {'comment': comment_obj}
                 """
                 if not _supports_repo_type(repo_type):
                     return
                 extras = _get_vcs_operation_context(username, repo_name, repo_type, 'comment_pull_request')
                 comment = data['comment']
                 events.trigger(events.PullRequestCommentEvent(pull_request, comment))
                 extras.update(pull_request.get_api_data())
                 extras.comment = comment.get_api_data()
-                hooks_base.log_comment_pull_request(**extras)
+                hooks_base.comment_pull_request(**extras)
             def trigger_comment_pull_request_edit_hook(username, repo_name, repo_type, pull_request, data=None):
                 """
                 Triggers when a comment was edited on a pull request
                 :param username: username who made the edit
                 :param repo_name: name of target repo
                 :param repo_type: the type of SCM target repo
                 :param pull_request: the pull request that comment was made on
                 :param data: extra data for specific events e.g {'comment': comment_obj}
                 """
                 if not _supports_repo_type(repo_type):
                     return
                 extras = _get_vcs_operation_context(username, repo_name, repo_type, 'comment_pull_request')
                 comment = data['comment']
                 events.trigger(events.PullRequestCommentEditEvent(pull_request, comment))
                 extras.update(pull_request.get_api_data())
                 extras.comment = comment.get_api_data()
-                # TODO(marcink): handle rcextensions...
+                hooks_base.comment_edit_pull_request(**extras)
-                hooks_base.log_comment_pull_request(**extras)
             def trigger_update_pull_request_hook(username, repo_name, repo_type, pull_request, data=None):
                 """
                 Triggers update pull request action hooks
                 :param username: username who creates the pull request
                 :param repo_name: name of target repo
                 :param repo_type: the type of SCM target repo
                 :param pull_request: the pull request that was updated
                 :param data: extra data for specific events e.g {'comment': comment_obj}
                 """
                 if not _supports_repo_type(repo_type):
                     return
                 extras = _get_vcs_operation_context(username, repo_name, repo_type, 'update_pull_request')
                 events.trigger(events.PullRequestUpdateEvent(pull_request))
                 extras.update(pull_request.get_api_data())
-                hooks_base.log_update_pull_request(**extras)
+                hooks_base.update_pull_request(**extras)

rhodecode/model/repo.py

0 +2 -2

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2020 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import re
             import shutil
             import time
             import logging
             import traceback
             import datetime
             from pyramid.threadlocal import get_current_request
             from zope.cachedescriptors.property import Lazy as LazyProperty
             from rhodecode import events
             from rhodecode.lib.auth import HasUserGroupPermissionAny
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.lib.exceptions import AttachedForksError, AttachedPullRequestsError
-            from rhodecode.lib.hooks_base import log_delete_repository
+            from rhodecode.lib import hooks_base
             from rhodecode.lib.user_log_filter import user_log_filter
             from rhodecode.lib.utils import make_db_config
             from rhodecode.lib.utils2 import (
                 safe_str, safe_unicode, remove_prefix, obfuscate_url_pw,
                 get_current_rhodecode_user, safe_int, action_logger_generic)
             from rhodecode.lib.vcs.backends import get_backend
             from rhodecode.model import BaseModel
             from rhodecode.model.db import (
                 _hash_key, func, case, joinedload, or_, in_filter_generator,
                 Session, Repository, UserRepoToPerm, UserGroupRepoToPerm,
                 UserRepoGroupToPerm, UserGroupRepoGroupToPerm, User, Permission,
                 Statistics, UserGroup, RepoGroup, RepositoryField, UserLog)
             from rhodecode.model.settings import VcsSettingsModel
             log = logging.getLogger(__name__)
             class RepoModel(BaseModel):
                 cls = Repository
                 def _get_user_group(self, users_group):
                     return self._get_instance(UserGroup, users_group,
                                               callback=UserGroup.get_by_group_name)
                 def _get_repo_group(self, repo_group):
                     return self._get_instance(RepoGroup, repo_group,
                                               callback=RepoGroup.get_by_group_name)
                 def _create_default_perms(self, repository, private):
                     # create default permission
                     default = 'repository.read'
                     def_user = User.get_default_user()
                     for p in def_user.user_perms:
                         if p.permission.permission_name.startswith('repository.'):
                             default = p.permission.permission_name
                             break
                     default_perm = 'repository.none' if private else default
                     repo_to_perm = UserRepoToPerm()
                     repo_to_perm.permission = Permission.get_by_key(default_perm)
                     repo_to_perm.repository = repository
                     repo_to_perm.user_id = def_user.user_id
                     return repo_to_perm
                 @LazyProperty
                 def repos_path(self):
                     """
                     Gets the repositories root path from database
                     """
                     settings_model = VcsSettingsModel(sa=self.sa)
                     return settings_model.get_repos_location()
                 def get(self, repo_id):
                     repo = self.sa.query(Repository) \
                         .filter(Repository.repo_id == repo_id)
                     return repo.scalar()
                 def get_repo(self, repository):
                     return self._get_repo(repository)
                 def get_by_repo_name(self, repo_name, cache=False):
                     repo = self.sa.query(Repository) \
                         .filter(Repository.repo_name == repo_name)
                     if cache:
                         name_key = _hash_key(repo_name)
                         repo = repo.options(
                             FromCache("sql_cache_short", "get_repo_%s" % name_key))
                     return repo.scalar()
                 def _extract_id_from_repo_name(self, repo_name):
                     if repo_name.startswith('/'):
                         repo_name = repo_name.lstrip('/')
                     by_id_match = re.match(r'^_(\d{1,})', repo_name)
                     if by_id_match:
                         return by_id_match.groups()[0]
                 def get_repo_by_id(self, repo_name):
                     """
                     Extracts repo_name by id from special urls.
                     Example url is _11/repo_name
                     :param repo_name:
                     :return: repo object if matched else None
                     """
                     try:
                         _repo_id = self._extract_id_from_repo_name(repo_name)
                         if _repo_id:
                             return self.get(_repo_id)
                     except Exception:
                         log.exception('Failed to extract repo_name from URL')
                     return None
                 def get_repos_for_root(self, root, traverse=False):
                     if traverse:
                         like_expression = u'{}%'.format(safe_unicode(root))
                         repos = Repository.query().filter(
                             Repository.repo_name.like(like_expression)).all()
                     else:
                         if root and not isinstance(root, RepoGroup):
                             raise ValueError(
                                 'Root must be an instance '
                                 'of RepoGroup, got:{} instead'.format(type(root)))
                         repos = Repository.query().filter(Repository.group == root).all()
                     return repos
                 def get_url(self, repo, request=None, permalink=False):
                     if not request:
                         request = get_current_request()
                     if not request:
                         return
                     if permalink:
                         return request.route_url(
                             'repo_summary', repo_name='_{}'.format(safe_str(repo.repo_id)))
                     else:
                         return request.route_url(
                             'repo_summary', repo_name=safe_str(repo.repo_name))
                 def get_commit_url(self, repo, commit_id, request=None, permalink=False):
                     if not request:
                         request = get_current_request()
                     if not request:
                         return
                     if permalink:
                         return request.route_url(
                             'repo_commit', repo_name=safe_str(repo.repo_id),
                             commit_id=commit_id)
                     else:
                         return request.route_url(
                             'repo_commit', repo_name=safe_str(repo.repo_name),
                             commit_id=commit_id)
                 def get_repo_log(self, repo, filter_term):
                     repo_log = UserLog.query()\
                         .filter(or_(UserLog.repository_id == repo.repo_id,
                                     UserLog.repository_name == repo.repo_name))\
                         .options(joinedload(UserLog.user))\
                         .options(joinedload(UserLog.repository))\
                         .order_by(UserLog.action_date.desc())
                     repo_log = user_log_filter(repo_log, filter_term)
                     return repo_log
                 @classmethod
                 def update_commit_cache(cls, repositories=None):
                     if not repositories:
                         repositories = Repository.getAll()
                     for repo in repositories:
                         repo.update_commit_cache()
                 def get_repos_as_dict(self, repo_list=None, admin=False,
                                       super_user_actions=False, short_name=None):
                     _render = get_current_request().get_partial_renderer(
                         'rhodecode:templates/data_table/_dt_elements.mako')
                     c = _render.get_call_context()
                     h = _render.get_helpers()
                     def quick_menu(repo_name):
                         return _render('quick_menu', repo_name)
                     def repo_lnk(name, rtype, rstate, private, archived, fork_of):
                         if short_name is not None:
                             short_name_var = short_name
                         else:
                             short_name_var = not admin
                         return _render('repo_name', name, rtype, rstate, private, archived, fork_of,
                                        short_name=short_name_var, admin=False)
                     def last_change(last_change):
                         if admin and isinstance(last_change, datetime.datetime) and not last_change.tzinfo:
                             ts = time.time()
                             utc_offset = (datetime.datetime.fromtimestamp(ts)
                                           - datetime.datetime.utcfromtimestamp(ts)).total_seconds()
                             last_change = last_change + datetime.timedelta(seconds=utc_offset)
                         return _render("last_change", last_change)
                     def rss_lnk(repo_name):
                         return _render("rss", repo_name)
                     def atom_lnk(repo_name):
                         return _render("atom", repo_name)
                     def last_rev(repo_name, cs_cache):
                         return _render('revision', repo_name, cs_cache.get('revision'),
                                        cs_cache.get('raw_id'), cs_cache.get('author'),
                                        cs_cache.get('message'), cs_cache.get('date'))
                     def desc(desc):
                         return _render('repo_desc', desc, c.visual.stylify_metatags)
                     def state(repo_state):
                         return _render("repo_state", repo_state)
                     def repo_actions(repo_name):
                         return _render('repo_actions', repo_name, super_user_actions)
                     def user_profile(username):
                         return _render('user_profile', username)
                     repos_data = []
                     for repo in repo_list:
                         # NOTE(marcink): because we use only raw column we need to load it like that
                         changeset_cache = Repository._load_changeset_cache(
                             repo.repo_id, repo._changeset_cache)
                         row = {
                             "menu": quick_menu(repo.repo_name),
                             "name": repo_lnk(repo.repo_name, repo.repo_type, repo.repo_state,
                                              repo.private, repo.archived, repo.fork),
                             "desc": desc(h.escape(repo.description)),
                             "last_change": last_change(repo.updated_on),
                             "last_changeset": last_rev(repo.repo_name, changeset_cache),
                             "last_changeset_raw": changeset_cache.get('revision'),
                             "owner": user_profile(repo.User.username),
                             "state": state(repo.repo_state),
                             "rss": rss_lnk(repo.repo_name),
                             "atom": atom_lnk(repo.repo_name),
                         }
                         if admin:
                             row.update({
                                 "action": repo_actions(repo.repo_name),
                             })
                         repos_data.append(row)
                     return repos_data
                 def get_repos_data_table(
                         self, draw, start, limit,
                         search_q, order_by, order_dir,
                         auth_user, repo_group_id):
                     from rhodecode.model.scm import RepoList
                     _perms = ['repository.read', 'repository.write', 'repository.admin']
                     repos = Repository.query() \
                         .filter(Repository.group_id == repo_group_id) \
                         .all()
                     auth_repo_list = RepoList(
                         repos, perm_set=_perms,
                         extra_kwargs=dict(user=auth_user))
                     allowed_ids = [-1]
                     for repo in auth_repo_list:
                         allowed_ids.append(repo.repo_id)
                     repos_data_total_count = Repository.query() \
                         .filter(Repository.group_id == repo_group_id) \
                         .filter(or_(
                             # generate multiple IN to fix limitation problems
                             *in_filter_generator(Repository.repo_id, allowed_ids))
                         ) \
                         .count()
                     base_q = Session.query(
                         Repository.repo_id,
                         Repository.repo_name,
                         Repository.description,
                         Repository.repo_type,
                         Repository.repo_state,
                         Repository.private,
                         Repository.archived,
                         Repository.fork,
                         Repository.updated_on,
                         Repository._changeset_cache,
                         User,
                         ) \
                         .filter(Repository.group_id == repo_group_id) \
                         .filter(or_(
                             # generate multiple IN to fix limitation problems
                             *in_filter_generator(Repository.repo_id, allowed_ids))
                         ) \
                         .join(User, User.user_id == Repository.user_id) \
                         .group_by(Repository, User)
                     repos_data_total_filtered_count = base_q.count()
                     sort_defined = False
                     if order_by == 'repo_name':
                         sort_col = func.lower(Repository.repo_name)
                         sort_defined = True
                     elif order_by == 'user_username':
                         sort_col = User.username
                     else:
                         sort_col = getattr(Repository, order_by, None)
                     if sort_defined or sort_col:
                         if order_dir == 'asc':
                             sort_col = sort_col.asc()
                         else:
                             sort_col = sort_col.desc()
                     base_q = base_q.order_by(sort_col)
                     base_q = base_q.offset(start).limit(limit)
                     repos_list = base_q.all()
                     repos_data = RepoModel().get_repos_as_dict(
                         repo_list=repos_list, admin=False)
                     data = ({
                         'draw': draw,
                         'data': repos_data,
                         'recordsTotal': repos_data_total_count,
                         'recordsFiltered': repos_data_total_filtered_count,
                     })
                     return data
                 def _get_defaults(self, repo_name):
                     """
                     Gets information about repository, and returns a dict for
                     usage in forms
                     :param repo_name:
                     """
                     repo_info = Repository.get_by_repo_name(repo_name)
                     if repo_info is None:
                         return None
                     defaults = repo_info.get_dict()
                     defaults['repo_name'] = repo_info.just_name
                     groups = repo_info.groups_with_parents
                     parent_group = groups[-1] if groups else None
                     # we use -1 as this is how in HTML, we mark an empty group
                     defaults['repo_group'] = getattr(parent_group, 'group_id', -1)
                     keys_to_process = (
                         {'k': 'repo_type', 'strip': False},
                         {'k': 'repo_enable_downloads', 'strip': True},
                         {'k': 'repo_description', 'strip': True},
                         {'k': 'repo_enable_locking', 'strip': True},
                         {'k': 'repo_landing_rev', 'strip': True},
                         {'k': 'clone_uri', 'strip': False},
                         {'k': 'push_uri', 'strip': False},
                         {'k': 'repo_private', 'strip': True},
                         {'k': 'repo_enable_statistics', 'strip': True}
                     )
                     for item in keys_to_process:
                         attr = item['k']
                         if item['strip']:
                             attr = remove_prefix(item['k'], 'repo_')
                         val = defaults[attr]
                         if item['k'] == 'repo_landing_rev':
                             val = ':'.join(defaults[attr])
                         defaults[item['k']] = val
                         if item['k'] == 'clone_uri':
                             defaults['clone_uri_hidden'] = repo_info.clone_uri_hidden
                         if item['k'] == 'push_uri':
                             defaults['push_uri_hidden'] = repo_info.push_uri_hidden
                     # fill owner
                     if repo_info.user:
                         defaults.update({'user': repo_info.user.username})
                     else:
                         replacement_user = User.get_first_super_admin().username
                         defaults.update({'user': replacement_user})
                     return defaults
                 def update(self, repo, **kwargs):
                     try:
                         cur_repo = self._get_repo(repo)
                         source_repo_name = cur_repo.repo_name
                         if 'user' in kwargs:
                             cur_repo.user = User.get_by_username(kwargs['user'])
                         if 'repo_group' in kwargs:
                             cur_repo.group = RepoGroup.get(kwargs['repo_group'])
                         log.debug('Updating repo %s with params:%s', cur_repo, kwargs)
                         update_keys = [
                             (1, 'repo_description'),
                             (1, 'repo_landing_rev'),
                             (1, 'repo_private'),
                             (1, 'repo_enable_downloads'),
                             (1, 'repo_enable_locking'),
                             (1, 'repo_enable_statistics'),
                             (0, 'clone_uri'),
                             (0, 'push_uri'),
                             (0, 'fork_id')
                         ]
                         for strip, k in update_keys:
                             if k in kwargs:
                                 val = kwargs[k]
                                 if strip:
                                     k = remove_prefix(k, 'repo_')
                                 setattr(cur_repo, k, val)
                         new_name = cur_repo.get_new_name(kwargs['repo_name'])
                         cur_repo.repo_name = new_name
                         # if private flag is set, reset default permission to NONE
                         if kwargs.get('repo_private'):
                             EMPTY_PERM = 'repository.none'
                             RepoModel().grant_user_permission(
                                 repo=cur_repo, user=User.DEFAULT_USER, perm=EMPTY_PERM
                             )
                         # handle extra fields
                         for field in filter(lambda k: k.startswith(RepositoryField.PREFIX), kwargs):
                             k = RepositoryField.un_prefix_key(field)
                             ex_field = RepositoryField.get_by_key_name(
                                 key=k, repo=cur_repo)
                             if ex_field:
                                 ex_field.field_value = kwargs[field]
                                 self.sa.add(ex_field)
                         self.sa.add(cur_repo)
                         if source_repo_name != new_name:
                             # rename repository
                             self._rename_filesystem_repo(
                                 old=source_repo_name, new=new_name)
                         return cur_repo
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def _create_repo(self, repo_name, repo_type, description, owner,
                                  private=False, clone_uri=None, repo_group=None,
                                  landing_rev='rev:tip', fork_of=None,
                                  copy_fork_permissions=False, enable_statistics=False,
                                  enable_locking=False, enable_downloads=False,
                                  copy_group_permissions=False,
                                  state=Repository.STATE_PENDING):
                     """
                     Create repository inside database with PENDING state, this should be
                     only executed by create() repo. With exception of importing existing
                     repos
                     """
                     from rhodecode.model.scm import ScmModel
                     owner = self._get_user(owner)
                     fork_of = self._get_repo(fork_of)
                     repo_group = self._get_repo_group(safe_int(repo_group))
                     try:
                         repo_name = safe_unicode(repo_name)
                         description = safe_unicode(description)
                         # repo name is just a name of repository
                         # while repo_name_full is a full qualified name that is combined
                         # with name and path of group
                         repo_name_full = repo_name
                         repo_name = repo_name.split(Repository.NAME_SEP)[-1]
                         new_repo = Repository()
                         new_repo.repo_state = state
                         new_repo.enable_statistics = False
                         new_repo.repo_name = repo_name_full
                         new_repo.repo_type = repo_type
                         new_repo.user = owner
                         new_repo.group = repo_group
                         new_repo.description = description or repo_name
                         new_repo.private = private
                         new_repo.archived = False
                         new_repo.clone_uri = clone_uri
                         new_repo.landing_rev = landing_rev
                         new_repo.enable_statistics = enable_statistics
                         new_repo.enable_locking = enable_locking
                         new_repo.enable_downloads = enable_downloads
                         if repo_group:
                             new_repo.enable_locking = repo_group.enable_locking
                         if fork_of:
                             parent_repo = fork_of
                             new_repo.fork = parent_repo
                         events.trigger(events.RepoPreCreateEvent(new_repo))
                         self.sa.add(new_repo)
                         EMPTY_PERM = 'repository.none'
                         if fork_of and copy_fork_permissions:
                             repo = fork_of
                             user_perms = UserRepoToPerm.query() \
                                 .filter(UserRepoToPerm.repository == repo).all()
                             group_perms = UserGroupRepoToPerm.query() \
                                 .filter(UserGroupRepoToPerm.repository == repo).all()
                             for perm in user_perms:
                                 UserRepoToPerm.create(
                                     perm.user, new_repo, perm.permission)
                             for perm in group_perms:
                                 UserGroupRepoToPerm.create(
                                     perm.users_group, new_repo, perm.permission)
                             # in case we copy permissions and also set this repo to private
                             # override the default user permission to make it a private repo
                             if private:
                                 RepoModel(self.sa).grant_user_permission(
                                     repo=new_repo, user=User.DEFAULT_USER, perm=EMPTY_PERM)
                         elif repo_group and copy_group_permissions:
                             user_perms = UserRepoGroupToPerm.query() \
                                 .filter(UserRepoGroupToPerm.group == repo_group).all()
                             group_perms = UserGroupRepoGroupToPerm.query() \
                                 .filter(UserGroupRepoGroupToPerm.group == repo_group).all()
                             for perm in user_perms:
                                 perm_name = perm.permission.permission_name.replace(
                                     'group.', 'repository.')
                                 perm_obj = Permission.get_by_key(perm_name)
                                 UserRepoToPerm.create(perm.user, new_repo, perm_obj)
                             for perm in group_perms:
                                 perm_name = perm.permission.permission_name.replace(
                                     'group.', 'repository.')
                                 perm_obj = Permission.get_by_key(perm_name)
                                 UserGroupRepoToPerm.create(perm.users_group, new_repo, perm_obj)
                             if private:
                                 RepoModel(self.sa).grant_user_permission(
                                     repo=new_repo, user=User.DEFAULT_USER, perm=EMPTY_PERM)
                         else:
                             perm_obj = self._create_default_perms(new_repo, private)
                             self.sa.add(perm_obj)
                         # now automatically start following this repository as owner
                         ScmModel(self.sa).toggle_following_repo(new_repo.repo_id, owner.user_id)
                         # we need to flush here, in order to check if database won't
                         # throw any exceptions, create filesystem dirs at the very end
                         self.sa.flush()
                         events.trigger(events.RepoCreateEvent(new_repo))
                         return new_repo
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def create(self, form_data, cur_user):
                     """
                     Create repository using celery tasks
                     :param form_data:
                     :param cur_user:
                     """
                     from rhodecode.lib.celerylib import tasks, run_task
                     return run_task(tasks.create_repo, form_data, cur_user)
                 def update_permissions(self, repo, perm_additions=None, perm_updates=None,
                                        perm_deletions=None, check_perms=True,
                                        cur_user=None):
                     if not perm_additions:
                         perm_additions = []
                     if not perm_updates:
                         perm_updates = []
                     if not perm_deletions:
                         perm_deletions = []
                     req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin')
                     changes = {
                         'added': [],
                         'updated': [],
                         'deleted': [],
                         'default_user_changed': None
                     }
                     repo = self._get_repo(repo)
                     # update permissions
                     for member_id, perm, member_type in perm_updates:
                         member_id = int(member_id)
                         if member_type == 'user':
                             member_name = User.get(member_id).username
                             if member_name == User.DEFAULT_USER:
                                 # NOTE(dan): detect if we changed permissions for default user
                                 perm_obj = self.sa.query(UserRepoToPerm) \
                                     .filter(UserRepoToPerm.user_id == member_id) \
                                     .filter(UserRepoToPerm.repository == repo) \
                                     .scalar()
                                 if perm_obj and perm_obj.permission.permission_name != perm:
                                     changes['default_user_changed'] = True
                             # this updates also current one if found
                             self.grant_user_permission(
                                 repo=repo, user=member_id, perm=perm)
                         elif member_type == 'user_group':
                             # check if we have permissions to alter this usergroup
                             member_name = UserGroup.get(member_id).users_group_name
                             if not check_perms or HasUserGroupPermissionAny(
                                     *req_perms)(member_name, user=cur_user):
                                 self.grant_user_group_permission(
                                     repo=repo, group_name=member_id, perm=perm)
                         else:
                             raise ValueError("member_type must be 'user' or 'user_group' "
                                              "got {} instead".format(member_type))
                         changes['updated'].append({'type': member_type, 'id': member_id,
                                                    'name': member_name, 'new_perm': perm})
                     # set new permissions
                     for member_id, perm, member_type in perm_additions:
                         member_id = int(member_id)
                         if member_type == 'user':
                             member_name = User.get(member_id).username
                             self.grant_user_permission(
                                 repo=repo, user=member_id, perm=perm)
                         elif member_type == 'user_group':
                             # check if we have permissions to alter this usergroup
                             member_name = UserGroup.get(member_id).users_group_name
                             if not check_perms or HasUserGroupPermissionAny(
                                     *req_perms)(member_name, user=cur_user):
                                 self.grant_user_group_permission(
                                     repo=repo, group_name=member_id, perm=perm)
                         else:
                             raise ValueError("member_type must be 'user' or 'user_group' "
                                              "got {} instead".format(member_type))
                         changes['added'].append({'type': member_type, 'id': member_id,
                                                  'name': member_name, 'new_perm': perm})
                     # delete permissions
                     for member_id, perm, member_type in perm_deletions:
                         member_id = int(member_id)
                         if member_type == 'user':
                             member_name = User.get(member_id).username
                             self.revoke_user_permission(repo=repo, user=member_id)
                         elif member_type == 'user_group':
                             # check if we have permissions to alter this usergroup
                             member_name = UserGroup.get(member_id).users_group_name
                             if not check_perms or HasUserGroupPermissionAny(
                                     *req_perms)(member_name, user=cur_user):
                                 self.revoke_user_group_permission(
                                     repo=repo, group_name=member_id)
                         else:
                             raise ValueError("member_type must be 'user' or 'user_group' "
                                              "got {} instead".format(member_type))
                         changes['deleted'].append({'type': member_type, 'id': member_id,
                                                    'name': member_name, 'new_perm': perm})
                     return changes
                 def create_fork(self, form_data, cur_user):
                     """
                     Simple wrapper into executing celery task for fork creation
                     :param form_data:
                     :param cur_user:
                     """
                     from rhodecode.lib.celerylib import tasks, run_task
                     return run_task(tasks.create_repo_fork, form_data, cur_user)
                 def archive(self, repo):
                     """
                     Archive given repository. Set archive flag.
                     :param repo:
                     """
                     repo = self._get_repo(repo)
                     if repo:
                         try:
                             repo.archived = True
                             self.sa.add(repo)
                             self.sa.commit()
                         except Exception:
                             log.error(traceback.format_exc())
                             raise
                 def delete(self, repo, forks=None, pull_requests=None, fs_remove=True, cur_user=None):
                     """
                     Delete given repository, forks parameter defines what do do with
                     attached forks. Throws AttachedForksError if deleted repo has attached
                     forks
                     :param repo:
                     :param forks: str 'delete' or 'detach'
                     :param pull_requests: str 'delete' or None
                     :param fs_remove: remove(archive) repo from filesystem
                     """
                     if not cur_user:
                         cur_user = getattr(get_current_rhodecode_user(), 'username', None)
                     repo = self._get_repo(repo)
                     if repo:
                         if forks == 'detach':
                             for r in repo.forks:
                                 r.fork = None
                                 self.sa.add(r)
                         elif forks == 'delete':
                             for r in repo.forks:
                                 self.delete(r, forks='delete')
                         elif [f for f in repo.forks]:
                             raise AttachedForksError()
                         # check for pull requests
                         pr_sources = repo.pull_requests_source
                         pr_targets = repo.pull_requests_target
                         if pull_requests != 'delete' and (pr_sources or pr_targets):
                             raise AttachedPullRequestsError()
                         old_repo_dict = repo.get_dict()
                         events.trigger(events.RepoPreDeleteEvent(repo))
                         try:
                             self.sa.delete(repo)
                             if fs_remove:
                                 self._delete_filesystem_repo(repo)
                             else:
                                 log.debug('skipping removal from filesystem')
                             old_repo_dict.update({
                                 'deleted_by': cur_user,
                                 'deleted_on': time.time(),
                             })
-                            log_delete_repository(**old_repo_dict)
+                            hooks_base.delete_repository(**old_repo_dict)
                             events.trigger(events.RepoDeleteEvent(repo))
                         except Exception:
                             log.error(traceback.format_exc())
                             raise
                 def grant_user_permission(self, repo, user, perm):
                     """
                     Grant permission for user on given repository, or update existing one
                     if found
                     :param repo: Instance of Repository, repository_id, or repository name
                     :param user: Instance of User, user_id or username
                     :param perm: Instance of Permission, or permission_name
                     """
                     user = self._get_user(user)
                     repo = self._get_repo(repo)
                     permission = self._get_perm(perm)
                     # check if we have that permission already
                     obj = self.sa.query(UserRepoToPerm) \
                         .filter(UserRepoToPerm.user == user) \
                         .filter(UserRepoToPerm.repository == repo) \
                         .scalar()
                     if obj is None:
                         # create new !
                         obj = UserRepoToPerm()
                     obj.repository = repo
                     obj.user = user
                     obj.permission = permission
                     self.sa.add(obj)
                     log.debug('Granted perm %s to %s on %s', perm, user, repo)
                     action_logger_generic(
                         'granted permission: {} to user: {} on repo: {}'.format(
                             perm, user, repo), namespace='security.repo')
                     return obj
                 def revoke_user_permission(self, repo, user):
                     """
                     Revoke permission for user on given repository
                     :param repo: Instance of Repository, repository_id, or repository name
                     :param user: Instance of User, user_id or username
                     """
                     user = self._get_user(user)
                     repo = self._get_repo(repo)
                     obj = self.sa.query(UserRepoToPerm) \
                         .filter(UserRepoToPerm.repository == repo) \
                         .filter(UserRepoToPerm.user == user) \
                         .scalar()
                     if obj:
                         self.sa.delete(obj)
                         log.debug('Revoked perm on %s on %s', repo, user)
                         action_logger_generic(
                             'revoked permission from user: {} on repo: {}'.format(
                                 user, repo), namespace='security.repo')
                 def grant_user_group_permission(self, repo, group_name, perm):
                     """
                     Grant permission for user group on given repository, or update
                     existing one if found
                     :param repo: Instance of Repository, repository_id, or repository name
                     :param group_name: Instance of UserGroup, users_group_id,
                         or user group name
                     :param perm: Instance of Permission, or permission_name
                     """
                     repo = self._get_repo(repo)
                     group_name = self._get_user_group(group_name)
                     permission = self._get_perm(perm)
                     # check if we have that permission already
                     obj = self.sa.query(UserGroupRepoToPerm) \
                         .filter(UserGroupRepoToPerm.users_group == group_name) \
                         .filter(UserGroupRepoToPerm.repository == repo) \
                         .scalar()
                     if obj is None:
                         # create new
                         obj = UserGroupRepoToPerm()
                     obj.repository = repo
                     obj.users_group = group_name
                     obj.permission = permission
                     self.sa.add(obj)
                     log.debug('Granted perm %s to %s on %s', perm, group_name, repo)
                     action_logger_generic(
                         'granted permission: {} to usergroup: {} on repo: {}'.format(
                             perm, group_name, repo), namespace='security.repo')
                     return obj
                 def revoke_user_group_permission(self, repo, group_name):
                     """
                     Revoke permission for user group on given repository
                     :param repo: Instance of Repository, repository_id, or repository name
                     :param group_name: Instance of UserGroup, users_group_id,
                         or user group name
                     """
                     repo = self._get_repo(repo)
                     group_name = self._get_user_group(group_name)
                     obj = self.sa.query(UserGroupRepoToPerm) \
                         .filter(UserGroupRepoToPerm.repository == repo) \
                         .filter(UserGroupRepoToPerm.users_group == group_name) \
                         .scalar()
                     if obj:
                         self.sa.delete(obj)
                         log.debug('Revoked perm to %s on %s', repo, group_name)
                         action_logger_generic(
                             'revoked permission from usergroup: {} on repo: {}'.format(
                                 group_name, repo), namespace='security.repo')
                 def delete_stats(self, repo_name):
                     """
                     removes stats for given repo
                     :param repo_name:
                     """
                     repo = self._get_repo(repo_name)
                     try:
                         obj = self.sa.query(Statistics) \
                             .filter(Statistics.repository == repo).scalar()
                         if obj:
                             self.sa.delete(obj)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def add_repo_field(self, repo_name, field_key, field_label, field_value='',
                                    field_type='str', field_desc=''):
                     repo = self._get_repo(repo_name)
                     new_field = RepositoryField()
                     new_field.repository = repo
                     new_field.field_key = field_key
                     new_field.field_type = field_type  # python type
                     new_field.field_value = field_value
                     new_field.field_desc = field_desc
                     new_field.field_label = field_label
                     self.sa.add(new_field)
                     return new_field
                 def delete_repo_field(self, repo_name, field_key):
                     repo = self._get_repo(repo_name)
                     field = RepositoryField.get_by_key_name(field_key, repo)
                     if field:
                         self.sa.delete(field)
                 def _create_filesystem_repo(self, repo_name, repo_type, repo_group,
                                             clone_uri=None, repo_store_location=None,
                                             use_global_config=False, install_hooks=True):
                     """
                     makes repository on filesystem. It's group aware means it'll create
                     a repository within a group, and alter the paths accordingly of
                     group location
                     :param repo_name:
                     :param alias:
                     :param parent:
                     :param clone_uri:
                     :param repo_store_location:
                     """
                     from rhodecode.lib.utils import is_valid_repo, is_valid_repo_group
                     from rhodecode.model.scm import ScmModel
                     if Repository.NAME_SEP in repo_name:
                         raise ValueError(
                             'repo_name must not contain groups got `%s`' % repo_name)
                     if isinstance(repo_group, RepoGroup):
                         new_parent_path = os.sep.join(repo_group.full_path_splitted)
                     else:
                         new_parent_path = repo_group or ''
                     if repo_store_location:
                         _paths = [repo_store_location]
                     else:
                         _paths = [self.repos_path, new_parent_path, repo_name]
                         # we need to make it str for mercurial
                     repo_path = os.path.join(*map(lambda x: safe_str(x), _paths))
                     # check if this path is not a repository
                     if is_valid_repo(repo_path, self.repos_path):
                         raise Exception('This path %s is a valid repository' % repo_path)
                     # check if this path is a group
                     if is_valid_repo_group(repo_path, self.repos_path):
                         raise Exception('This path %s is a valid group' % repo_path)
                     log.info('creating repo %s in %s from url: `%s`',
                              repo_name, safe_unicode(repo_path),
                              obfuscate_url_pw(clone_uri))
                     backend = get_backend(repo_type)
                     config_repo = None if use_global_config else repo_name
                     if config_repo and new_parent_path:
                         config_repo = Repository.NAME_SEP.join(
                             (new_parent_path, config_repo))
                     config = make_db_config(clear_session=False, repo=config_repo)
                     config.set('extensions', 'largefiles', '')
                     # patch and reset hooks section of UI config to not run any
                     # hooks on creating remote repo
                     config.clear_section('hooks')
                     # TODO: johbo: Unify this, hardcoded "bare=True" does not look nice
                     if repo_type == 'git':
                         repo = backend(
                             repo_path, config=config, create=True, src_url=clone_uri, bare=True,
                             with_wire={"cache": False})
                     else:
                         repo = backend(
                             repo_path, config=config, create=True, src_url=clone_uri,
                             with_wire={"cache": False})
                     if install_hooks:
                         repo.install_hooks()
                     log.debug('Created repo %s with %s backend',
                               safe_unicode(repo_name), safe_unicode(repo_type))
                     return repo
                 def _rename_filesystem_repo(self, old, new):
                     """
                     renames repository on filesystem
                     :param old: old name
                     :param new: new name
                     """
                     log.info('renaming repo from %s to %s', old, new)
                     old_path = os.path.join(self.repos_path, old)
                     new_path = os.path.join(self.repos_path, new)
                     if os.path.isdir(new_path):
                         raise Exception(
                             'Was trying to rename to already existing dir %s' % new_path
                         )
                     shutil.move(old_path, new_path)
                 def _delete_filesystem_repo(self, repo):
                     """
                     removes repo from filesystem, the removal is acctually made by
                     added rm__ prefix into dir, and rename internat .hg/.git dirs so this
                     repository is no longer valid for rhodecode, can be undeleted later on
                     by reverting the renames on this repository
                     :param repo: repo object
                     """
                     rm_path = os.path.join(self.repos_path, repo.repo_name)
                     repo_group = repo.group
                     log.info("Removing repository %s", rm_path)
                     # disable hg/git internal that it doesn't get detected as repo
                     alias = repo.repo_type
                     config = make_db_config(clear_session=False)
                     config.set('extensions', 'largefiles', '')
                     bare = getattr(repo.scm_instance(config=config), 'bare', False)
                     # skip this for bare git repos
                     if not bare:
                         # disable VCS repo
                         vcs_path = os.path.join(rm_path, '.%s' % alias)
                         if os.path.exists(vcs_path):
                             shutil.move(vcs_path, os.path.join(rm_path, 'rm__.%s' % alias))
                     _now = datetime.datetime.now()
                     _ms = str(_now.microsecond).rjust(6, '0')
                     _d = 'rm__%s__%s' % (_now.strftime('%Y%m%d_%H%M%S_' + _ms),
                                          repo.just_name)
                     if repo_group:
                         # if repository is in group, prefix the removal path with the group
                         args = repo_group.full_path_splitted + [_d]
                         _d = os.path.join(*args)
                     if os.path.isdir(rm_path):
                         shutil.move(rm_path, os.path.join(self.repos_path, _d))
                     # finally cleanup diff-cache if it exists
                     cached_diffs_dir = repo.cached_diffs_dir
                     if os.path.isdir(cached_diffs_dir):
                         shutil.rmtree(cached_diffs_dir)
             class ReadmeFinder:
                 """
                 Utility which knows how to find a readme for a specific commit.
                 The main idea is that this is a configurable algorithm. When creating an
                 instance you can define parameters, currently only the `default_renderer`.
                 Based on this configuration the method :meth:`search` behaves slightly
                 different.
                 """
                 readme_re = re.compile(r'^readme(\.[^\.]+)?$', re.IGNORECASE)
                 path_re = re.compile(r'^docs?', re.IGNORECASE)
                 default_priorities = {
                     None: 0,
                     '.text': 2,
                     '.txt': 3,
                     '.rst': 1,
                     '.rest': 2,
                     '.md': 1,
                     '.mkdn': 2,
                     '.mdown': 3,
                     '.markdown': 4,
                 }
                 path_priority = {
                     'doc': 0,
                     'docs': 1,
                 }
                 FALLBACK_PRIORITY = 99
                 RENDERER_TO_EXTENSION = {
                     'rst': ['.rst', '.rest'],
                     'markdown': ['.md', 'mkdn', '.mdown', '.markdown'],
                 }
                 def __init__(self, default_renderer=None):
                     self._default_renderer = default_renderer
                     self._renderer_extensions = self.RENDERER_TO_EXTENSION.get(
                         default_renderer, [])
                 def search(self, commit, path=u'/'):
                     """
                     Find a readme in the given `commit`.
                     """
                     nodes = commit.get_nodes(path)
                     matches = self._match_readmes(nodes)
                     matches = self._sort_according_to_priority(matches)
                     if matches:
                         return matches[0].node
                     paths = self._match_paths(nodes)
                     paths = self._sort_paths_according_to_priority(paths)
                     for path in paths:
                         match = self.search(commit, path=path)
                         if match:
                             return match
                     return None
                 def _match_readmes(self, nodes):
                     for node in nodes:
                         if not node.is_file():
                             continue
                         path = node.path.rsplit('/', 1)[-1]
                         match = self.readme_re.match(path)
                         if match:
                             extension = match.group(1)
                             yield ReadmeMatch(node, match, self._priority(extension))
                 def _match_paths(self, nodes):
                     for node in nodes:
                         if not node.is_dir():
                             continue
                         match = self.path_re.match(node.path)
                         if match:
                             yield node.path
                 def _priority(self, extension):
                     renderer_priority = (
 if extension in self._renderer_extensions else 1)
                     extension_priority = self.default_priorities.get(
                         extension, self.FALLBACK_PRIORITY)
                     return (renderer_priority, extension_priority)
                 def _sort_according_to_priority(self, matches):
                     def priority_and_path(match):
                         return (match.priority, match.path)
                     return sorted(matches, key=priority_and_path)
                 def _sort_paths_according_to_priority(self, paths):
                     def priority_and_path(path):
                         return (self.path_priority.get(path, self.FALLBACK_PRIORITY), path)
                     return sorted(paths, key=priority_and_path)
             class ReadmeMatch:
                 def __init__(self, node, match, priority):
                     self.node = node
                     self._match = match
                     self.priority = priority
                 @property
                 def path(self):
                     return self.node.path
                 def __repr__(self):
                     return '<ReadmeMatch {} priority={}'.format(self.path, self.priority)

rhodecode/model/repo_group.py

0 +2 -2

             # -*- coding: utf-8 -*-
             # Copyright (C) 2011-2020 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             repo group model for RhodeCode
             """
             import os
             import datetime
             import itertools
             import logging
             import shutil
             import time
             import traceback
             import string
             from zope.cachedescriptors.property import Lazy as LazyProperty
             from rhodecode import events
             from rhodecode.model import BaseModel
             from rhodecode.model.db import (_hash_key, func, or_, in_filter_generator,
                 Session, RepoGroup, UserRepoGroupToPerm, User, Permission, UserGroupRepoGroupToPerm,
                 UserGroup, Repository)
             from rhodecode.model.settings import VcsSettingsModel, SettingsModel
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.lib.utils2 import action_logger_generic
             log = logging.getLogger(__name__)
             class RepoGroupModel(BaseModel):
                 cls = RepoGroup
                 PERSONAL_GROUP_DESC = 'personal repo group of user `%(username)s`'
                 PERSONAL_GROUP_PATTERN = '${username}'  # default
                 def _get_user_group(self, users_group):
                     return self._get_instance(UserGroup, users_group,
                                               callback=UserGroup.get_by_group_name)
                 def _get_repo_group(self, repo_group):
                     return self._get_instance(RepoGroup, repo_group,
                                               callback=RepoGroup.get_by_group_name)
                 @LazyProperty
                 def repos_path(self):
                     """
                     Gets the repositories root path from database
                     """
                     settings_model = VcsSettingsModel(sa=self.sa)
                     return settings_model.get_repos_location()
                 def get_by_group_name(self, repo_group_name, cache=None):
                     repo = self.sa.query(RepoGroup) \
                         .filter(RepoGroup.group_name == repo_group_name)
                     if cache:
                         name_key = _hash_key(repo_group_name)
                         repo = repo.options(
                             FromCache("sql_cache_short", "get_repo_group_%s" % name_key))
                     return repo.scalar()
                 def get_default_create_personal_repo_group(self):
                     value = SettingsModel().get_setting_by_name(
                         'create_personal_repo_group')
                     return value.app_settings_value if value else None or False
                 def get_personal_group_name_pattern(self):
                     value = SettingsModel().get_setting_by_name(
                         'personal_repo_group_pattern')
                     val = value.app_settings_value if value else None
                     group_template = val or self.PERSONAL_GROUP_PATTERN
                     group_template = group_template.lstrip('/')
                     return group_template
                 def get_personal_group_name(self, user):
                     template = self.get_personal_group_name_pattern()
                     return string.Template(template).safe_substitute(
                         username=user.username,
                         user_id=user.user_id,
                         first_name=user.first_name,
                         last_name=user.last_name,
                     )
                 def create_personal_repo_group(self, user, commit_early=True):
                     desc = self.PERSONAL_GROUP_DESC % {'username': user.username}
                     personal_repo_group_name = self.get_personal_group_name(user)
                     # create a new one
                     RepoGroupModel().create(
                         group_name=personal_repo_group_name,
                         group_description=desc,
                         owner=user.username,
                         personal=True,
                         commit_early=commit_early)
                 def _create_default_perms(self, new_group):
                     # create default permission
                     default_perm = 'group.read'
                     def_user = User.get_default_user()
                     for p in def_user.user_perms:
                         if p.permission.permission_name.startswith('group.'):
                             default_perm = p.permission.permission_name
                             break
                     repo_group_to_perm = UserRepoGroupToPerm()
                     repo_group_to_perm.permission = Permission.get_by_key(default_perm)
                     repo_group_to_perm.group = new_group
                     repo_group_to_perm.user_id = def_user.user_id
                     return repo_group_to_perm
                 def _get_group_name_and_parent(self, group_name_full, repo_in_path=False,
                                                get_object=False):
                     """
                     Get's the group name and a parent group name from given group name.
                     If repo_in_path is set to truth, we asume the full path also includes
                     repo name, in such case we clean the last element.
                     :param group_name_full:
                     """
                     split_paths = 1
                     if repo_in_path:
                         split_paths = 2
                     _parts = group_name_full.rsplit(RepoGroup.url_sep(), split_paths)
                     if repo_in_path and len(_parts) > 1:
                         # such case last element is the repo_name
                         _parts.pop(-1)
                     group_name_cleaned = _parts[-1]  # just the group name
                     parent_repo_group_name = None
                     if len(_parts) > 1:
                         parent_repo_group_name = _parts[0]
                     parent_group = None
                     if parent_repo_group_name:
                         parent_group = RepoGroup.get_by_group_name(parent_repo_group_name)
                     if get_object:
                         return group_name_cleaned, parent_repo_group_name, parent_group
                     return group_name_cleaned, parent_repo_group_name
                 def check_exist_filesystem(self, group_name, exc_on_failure=True):
                     create_path = os.path.join(self.repos_path, group_name)
                     log.debug('creating new group in %s', create_path)
                     if os.path.isdir(create_path):
                         if exc_on_failure:
                             abs_create_path = os.path.abspath(create_path)
                             raise Exception('Directory `{}` already exists !'.format(abs_create_path))
                         return False
                     return True
                 def _create_group(self, group_name):
                     """
                     makes repository group on filesystem
                     :param repo_name:
                     :param parent_id:
                     """
                     self.check_exist_filesystem(group_name)
                     create_path = os.path.join(self.repos_path, group_name)
                     log.debug('creating new group in %s', create_path)
                     os.makedirs(create_path, mode=0o755)
                     log.debug('created group in %s', create_path)
                 def _rename_group(self, old, new):
                     """
                     Renames a group on filesystem
                     :param group_name:
                     """
                     if old == new:
                         log.debug('skipping group rename')
                         return
                     log.debug('renaming repository group from %s to %s', old, new)
                     old_path = os.path.join(self.repos_path, old)
                     new_path = os.path.join(self.repos_path, new)
                     log.debug('renaming repos paths from %s to %s', old_path, new_path)
                     if os.path.isdir(new_path):
                         raise Exception('Was trying to rename to already '
                                         'existing dir %s' % new_path)
                     shutil.move(old_path, new_path)
                 def _delete_filesystem_group(self, group, force_delete=False):
                     """
                     Deletes a group from a filesystem
                     :param group: instance of group from database
                     :param force_delete: use shutil rmtree to remove all objects
                     """
                     paths = group.full_path.split(RepoGroup.url_sep())
                     paths = os.sep.join(paths)
                     rm_path = os.path.join(self.repos_path, paths)
                     log.info("Removing group %s", rm_path)
                     # delete only if that path really exists
                     if os.path.isdir(rm_path):
                         if force_delete:
                             shutil.rmtree(rm_path)
                         else:
                             # archive that group`
                             _now = datetime.datetime.now()
                             _ms = str(_now.microsecond).rjust(6, '0')
                             _d = 'rm__%s_GROUP_%s' % (
                                 _now.strftime('%Y%m%d_%H%M%S_' + _ms), group.name)
                             shutil.move(rm_path, os.path.join(self.repos_path, _d))
                 def create(self, group_name, group_description, owner, just_db=False,
                            copy_permissions=False, personal=None, commit_early=True):
                     (group_name_cleaned,
                      parent_group_name) = RepoGroupModel()._get_group_name_and_parent(group_name)
                     parent_group = None
                     if parent_group_name:
                         parent_group = self._get_repo_group(parent_group_name)
                         if not parent_group:
                             # we tried to create a nested group, but the parent is not
                             # existing
                             raise ValueError(
                                 'Parent group `%s` given in `%s` group name '
                                 'is not yet existing.' % (parent_group_name, group_name))
                     # because we are doing a cleanup, we need to check if such directory
                     # already exists. If we don't do that we can accidentally delete
                     # existing directory via cleanup that can cause data issues, since
                     # delete does a folder rename to special syntax later cleanup
                     # functions can delete this
                     cleanup_group = self.check_exist_filesystem(group_name,
                                                                 exc_on_failure=False)
                     user = self._get_user(owner)
                     if not user:
                         raise ValueError('Owner %s not found as rhodecode user', owner)
                     try:
                         new_repo_group = RepoGroup()
                         new_repo_group.user = user
                         new_repo_group.group_description = group_description or group_name
                         new_repo_group.parent_group = parent_group
                         new_repo_group.group_name = group_name
                         new_repo_group.personal = personal
                         self.sa.add(new_repo_group)
                         # create an ADMIN permission for owner except if we're super admin,
                         # later owner should go into the owner field of groups
                         if not user.is_admin:
                             self.grant_user_permission(repo_group=new_repo_group,
                                                        user=owner, perm='group.admin')
                         if parent_group and copy_permissions:
                             # copy permissions from parent
                             user_perms = UserRepoGroupToPerm.query() \
                                 .filter(UserRepoGroupToPerm.group == parent_group).all()
                             group_perms = UserGroupRepoGroupToPerm.query() \
                                 .filter(UserGroupRepoGroupToPerm.group == parent_group).all()
                             for perm in user_perms:
                                 # don't copy over the permission for user who is creating
                                 # this group, if he is not super admin he get's admin
                                 # permission set above
                                 if perm.user != user or user.is_admin:
                                     UserRepoGroupToPerm.create(
                                         perm.user, new_repo_group, perm.permission)
                             for perm in group_perms:
                                 UserGroupRepoGroupToPerm.create(
                                     perm.users_group, new_repo_group, perm.permission)
                         else:
                             perm_obj = self._create_default_perms(new_repo_group)
                             self.sa.add(perm_obj)
                         # now commit the changes, earlier so we are sure everything is in
                         # the database.
                         if commit_early:
                             self.sa.commit()
                         if not just_db:
                             self._create_group(new_repo_group.group_name)
                         # trigger the post hook
-                        from rhodecode.lib.hooks_base import log_create_repository_group
+                        from rhodecode.lib import hooks_base
                         repo_group = RepoGroup.get_by_group_name(group_name)
                         # update repo group commit caches initially
                         repo_group.update_commit_cache()
-                        log_create_repository_group(
+                        hooks_base.create_repository_group(
                             created_by=user.username, **repo_group.get_dict())
                         # Trigger create event.
                         events.trigger(events.RepoGroupCreateEvent(repo_group))
                         return new_repo_group
                     except Exception:
                         self.sa.rollback()
                         log.exception('Exception occurred when creating repository group, '
                                       'doing cleanup...')
                         # rollback things manually !
                         repo_group = RepoGroup.get_by_group_name(group_name)
                         if repo_group:
                             RepoGroup.delete(repo_group.group_id)
                             self.sa.commit()
                             if cleanup_group:
                                 RepoGroupModel()._delete_filesystem_group(repo_group)
                         raise
                 def update_permissions(
                         self, repo_group, perm_additions=None, perm_updates=None,
                         perm_deletions=None, recursive=None, check_perms=True,
                         cur_user=None):
                     from rhodecode.model.repo import RepoModel
                     from rhodecode.lib.auth import HasUserGroupPermissionAny
                     if not perm_additions:
                         perm_additions = []
                     if not perm_updates:
                         perm_updates = []
                     if not perm_deletions:
                         perm_deletions = []
                     req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin')
                     changes = {
                         'added': [],
                         'updated': [],
                         'deleted': [],
                         'default_user_changed': None
                     }
                     def _set_perm_user(obj, user, perm):
                         if isinstance(obj, RepoGroup):
                             self.grant_user_permission(
                                 repo_group=obj, user=user, perm=perm)
                         elif isinstance(obj, Repository):
                             # private repos will not allow to change the default
                             # permissions using recursive mode
                             if obj.private and user == User.DEFAULT_USER:
                                 return
                             # we set group permission but we have to switch to repo
                             # permission
                             perm = perm.replace('group.', 'repository.')
                             RepoModel().grant_user_permission(
                                 repo=obj, user=user, perm=perm)
                     def _set_perm_group(obj, users_group, perm):
                         if isinstance(obj, RepoGroup):
                             self.grant_user_group_permission(
                                 repo_group=obj, group_name=users_group, perm=perm)
                         elif isinstance(obj, Repository):
                             # we set group permission but we have to switch to repo
                             # permission
                             perm = perm.replace('group.', 'repository.')
                             RepoModel().grant_user_group_permission(
                                 repo=obj, group_name=users_group, perm=perm)
                     def _revoke_perm_user(obj, user):
                         if isinstance(obj, RepoGroup):
                             self.revoke_user_permission(repo_group=obj, user=user)
                         elif isinstance(obj, Repository):
                             RepoModel().revoke_user_permission(repo=obj, user=user)
                     def _revoke_perm_group(obj, user_group):
                         if isinstance(obj, RepoGroup):
                             self.revoke_user_group_permission(
                                 repo_group=obj, group_name=user_group)
                         elif isinstance(obj, Repository):
                             RepoModel().revoke_user_group_permission(
                                 repo=obj, group_name=user_group)
                     # start updates
                     log.debug('Now updating permissions for %s in recursive mode:%s',
                               repo_group, recursive)
                     # initialize check function, we'll call that multiple times
                     has_group_perm = HasUserGroupPermissionAny(*req_perms)
                     for obj in repo_group.recursive_groups_and_repos():
                         # iterated obj is an instance of a repos group or repository in
                         # that group, recursive option can be: none, repos, groups, all
                         if recursive == 'all':
                             obj = obj
                         elif recursive == 'repos':
                             # skip groups, other than this one
                             if isinstance(obj, RepoGroup) and not obj == repo_group:
                                 continue
                         elif recursive == 'groups':
                             # skip repos
                             if isinstance(obj, Repository):
                                 continue
                         else:  # recursive == 'none':
                             #  DEFAULT option - don't apply to iterated objects
                             # also we do a break at the end of this loop. if we are not
                             # in recursive mode
                             obj = repo_group
                         change_obj = obj.get_api_data()
                         # update permissions
                         for member_id, perm, member_type in perm_updates:
                             member_id = int(member_id)
                             if member_type == 'user':
                                 member_name = User.get(member_id).username
                                 if isinstance(obj, RepoGroup) and obj == repo_group and member_name == User.DEFAULT_USER:
                                     # NOTE(dan): detect if we changed permissions for default user
                                     perm_obj = self.sa.query(UserRepoGroupToPerm) \
                                         .filter(UserRepoGroupToPerm.user_id == member_id) \
                                         .filter(UserRepoGroupToPerm.group == repo_group) \
                                         .scalar()
                                     if perm_obj and perm_obj.permission.permission_name != perm:
                                         changes['default_user_changed'] = True
                                 # this updates also current one if found
                                 _set_perm_user(obj, user=member_id, perm=perm)
                             elif member_type == 'user_group':
                                 member_name = UserGroup.get(member_id).users_group_name
                                 if not check_perms or has_group_perm(member_name,
                                                                      user=cur_user):
                                     _set_perm_group(obj, users_group=member_id, perm=perm)
                             else:
                                 raise ValueError("member_type must be 'user' or 'user_group' "
                                                  "got {} instead".format(member_type))
                             changes['updated'].append(
                                 {'change_obj': change_obj, 'type': member_type,
                                  'id': member_id, 'name': member_name, 'new_perm': perm})
                         # set new permissions
                         for member_id, perm, member_type in perm_additions:
                             member_id = int(member_id)
                             if member_type == 'user':
                                 member_name = User.get(member_id).username
                                 _set_perm_user(obj, user=member_id, perm=perm)
                             elif member_type == 'user_group':
                                 # check if we have permissions to alter this usergroup
                                 member_name = UserGroup.get(member_id).users_group_name
                                 if not check_perms or has_group_perm(member_name,
                                                                      user=cur_user):
                                     _set_perm_group(obj, users_group=member_id, perm=perm)
                             else:
                                 raise ValueError("member_type must be 'user' or 'user_group' "
                                                  "got {} instead".format(member_type))
                             changes['added'].append(
                                 {'change_obj': change_obj, 'type': member_type,
                                  'id': member_id, 'name': member_name, 'new_perm': perm})
                         # delete permissions
                         for member_id, perm, member_type in perm_deletions:
                             member_id = int(member_id)
                             if member_type == 'user':
                                 member_name = User.get(member_id).username
                                 _revoke_perm_user(obj, user=member_id)
                             elif member_type == 'user_group':
                                 # check if we have permissions to alter this usergroup
                                 member_name = UserGroup.get(member_id).users_group_name
                                 if not check_perms or has_group_perm(member_name,
                                                                      user=cur_user):
                                     _revoke_perm_group(obj, user_group=member_id)
                             else:
                                 raise ValueError("member_type must be 'user' or 'user_group' "
                                                  "got {} instead".format(member_type))
                             changes['deleted'].append(
                                 {'change_obj': change_obj, 'type': member_type,
                                  'id': member_id, 'name': member_name, 'new_perm': perm})
                         # if it's not recursive call for all,repos,groups
                         # break the loop and don't proceed with other changes
                         if recursive not in ['all', 'repos', 'groups']:
                             break
                     return changes
                 def update(self, repo_group, form_data):
                     try:
                         repo_group = self._get_repo_group(repo_group)
                         old_path = repo_group.full_path
                         # change properties
                         if 'group_description' in form_data:
                             repo_group.group_description = form_data['group_description']
                         if 'enable_locking' in form_data:
                             repo_group.enable_locking = form_data['enable_locking']
                         if 'group_parent_id' in form_data:
                             parent_group = (
                                 self._get_repo_group(form_data['group_parent_id']))
                             repo_group.group_parent_id = (
                                 parent_group.group_id if parent_group else None)
                             repo_group.parent_group = parent_group
                         # mikhail: to update the full_path, we have to explicitly
                         # update group_name
                         group_name = form_data.get('group_name', repo_group.name)
                         repo_group.group_name = repo_group.get_new_name(group_name)
                         new_path = repo_group.full_path
                         if 'user' in form_data:
                             repo_group.user = User.get_by_username(form_data['user'])
                         self.sa.add(repo_group)
                         # iterate over all members of this groups and do fixes
                         # set locking if given
                         # if obj is a repoGroup also fix the name of the group according
                         # to the parent
                         # if obj is a Repo fix it's name
                         # this can be potentially heavy operation
                         for obj in repo_group.recursive_groups_and_repos():
                             # set the value from it's parent
                             obj.enable_locking = repo_group.enable_locking
                             if isinstance(obj, RepoGroup):
                                 new_name = obj.get_new_name(obj.name)
                                 log.debug('Fixing group %s to new name %s',
                                           obj.group_name, new_name)
                                 obj.group_name = new_name
                             elif isinstance(obj, Repository):
                                 # we need to get all repositories from this new group and
                                 # rename them accordingly to new group path
                                 new_name = obj.get_new_name(obj.just_name)
                                 log.debug('Fixing repo %s to new name %s',
                                           obj.repo_name, new_name)
                                 obj.repo_name = new_name
                             self.sa.add(obj)
                         self._rename_group(old_path, new_path)
                         # Trigger update event.
                         events.trigger(events.RepoGroupUpdateEvent(repo_group))
                         return repo_group
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def delete(self, repo_group, force_delete=False, fs_remove=True):
                     repo_group = self._get_repo_group(repo_group)
                     if not repo_group:
                         return False
                     try:
                         self.sa.delete(repo_group)
                         if fs_remove:
                             self._delete_filesystem_group(repo_group, force_delete)
                         else:
                             log.debug('skipping removal from filesystem')
                         # Trigger delete event.
                         events.trigger(events.RepoGroupDeleteEvent(repo_group))
                         return True
                     except Exception:
                         log.error('Error removing repo_group %s', repo_group)
                         raise
                 def grant_user_permission(self, repo_group, user, perm):
                     """
                     Grant permission for user on given repository group, or update
                     existing one if found
                     :param repo_group: Instance of RepoGroup, repositories_group_id,
                         or repositories_group name
                     :param user: Instance of User, user_id or username
                     :param perm: Instance of Permission, or permission_name
                     """
                     repo_group = self._get_repo_group(repo_group)
                     user = self._get_user(user)
                     permission = self._get_perm(perm)
                     # check if we have that permission already
                     obj = self.sa.query(UserRepoGroupToPerm)\
                         .filter(UserRepoGroupToPerm.user == user)\
                         .filter(UserRepoGroupToPerm.group == repo_group)\
                         .scalar()
                     if obj is None:
                         # create new !
                         obj = UserRepoGroupToPerm()
                     obj.group = repo_group
                     obj.user = user
                     obj.permission = permission
                     self.sa.add(obj)
                     log.debug('Granted perm %s to %s on %s', perm, user, repo_group)
                     action_logger_generic(
                         'granted permission: {} to user: {} on repogroup: {}'.format(
                             perm, user, repo_group), namespace='security.repogroup')
                     return obj
                 def revoke_user_permission(self, repo_group, user):
                     """
                     Revoke permission for user on given repository group
                     :param repo_group: Instance of RepoGroup, repositories_group_id,
                         or repositories_group name
                     :param user: Instance of User, user_id or username
                     """
                     repo_group = self._get_repo_group(repo_group)
                     user = self._get_user(user)
                     obj = self.sa.query(UserRepoGroupToPerm)\
                         .filter(UserRepoGroupToPerm.user == user)\
                         .filter(UserRepoGroupToPerm.group == repo_group)\
                         .scalar()
                     if obj:
                         self.sa.delete(obj)
                         log.debug('Revoked perm on %s on %s', repo_group, user)
                         action_logger_generic(
                             'revoked permission from user: {} on repogroup: {}'.format(
                                 user, repo_group), namespace='security.repogroup')
                 def grant_user_group_permission(self, repo_group, group_name, perm):
                     """
                     Grant permission for user group on given repository group, or update
                     existing one if found
                     :param repo_group: Instance of RepoGroup, repositories_group_id,
                         or repositories_group name
                     :param group_name: Instance of UserGroup, users_group_id,
                         or user group name
                     :param perm: Instance of Permission, or permission_name
                     """
                     repo_group = self._get_repo_group(repo_group)
                     group_name = self._get_user_group(group_name)
                     permission = self._get_perm(perm)
                     # check if we have that permission already
                     obj = self.sa.query(UserGroupRepoGroupToPerm)\
                         .filter(UserGroupRepoGroupToPerm.group == repo_group)\
                         .filter(UserGroupRepoGroupToPerm.users_group == group_name)\
                         .scalar()
                     if obj is None:
                         # create new
                         obj = UserGroupRepoGroupToPerm()
                     obj.group = repo_group
                     obj.users_group = group_name
                     obj.permission = permission
                     self.sa.add(obj)
                     log.debug('Granted perm %s to %s on %s', perm, group_name, repo_group)
                     action_logger_generic(
                         'granted permission: {} to usergroup: {} on repogroup: {}'.format(
                             perm, group_name, repo_group), namespace='security.repogroup')
                     return obj
                 def revoke_user_group_permission(self, repo_group, group_name):
                     """
                     Revoke permission for user group on given repository group
                     :param repo_group: Instance of RepoGroup, repositories_group_id,
                         or repositories_group name
                     :param group_name: Instance of UserGroup, users_group_id,
                         or user group name
                     """
                     repo_group = self._get_repo_group(repo_group)
                     group_name = self._get_user_group(group_name)
                     obj = self.sa.query(UserGroupRepoGroupToPerm)\
                         .filter(UserGroupRepoGroupToPerm.group == repo_group)\
                         .filter(UserGroupRepoGroupToPerm.users_group == group_name)\
                         .scalar()
                     if obj:
                         self.sa.delete(obj)
                         log.debug('Revoked perm to %s on %s', repo_group, group_name)
                         action_logger_generic(
                             'revoked permission from usergroup: {} on repogroup: {}'.format(
                                 group_name, repo_group), namespace='security.repogroup')
                 @classmethod
                 def update_commit_cache(cls, repo_groups=None):
                     if not repo_groups:
                         repo_groups = RepoGroup.getAll()
                     for repo_group in repo_groups:
                         repo_group.update_commit_cache()
                 def get_repo_groups_as_dict(self, repo_group_list=None, admin=False,
                                             super_user_actions=False):
                     from pyramid.threadlocal import get_current_request
                     _render = get_current_request().get_partial_renderer(
                         'rhodecode:templates/data_table/_dt_elements.mako')
                     c = _render.get_call_context()
                     h = _render.get_helpers()
                     def quick_menu(repo_group_name):
                         return _render('quick_repo_group_menu', repo_group_name)
                     def repo_group_lnk(repo_group_name):
                         return _render('repo_group_name', repo_group_name)
                     def last_change(last_change):
                         if admin and isinstance(last_change, datetime.datetime) and not last_change.tzinfo:
                             ts = time.time()
                             utc_offset = (datetime.datetime.fromtimestamp(ts)
                                           - datetime.datetime.utcfromtimestamp(ts)).total_seconds()
                             last_change = last_change + datetime.timedelta(seconds=utc_offset)
                         return _render("last_change", last_change)
                     def desc(desc, personal):
                         return _render(
                             'repo_group_desc', desc, personal, c.visual.stylify_metatags)
                     def repo_group_actions(repo_group_id, repo_group_name, gr_count):
                         return _render(
                             'repo_group_actions', repo_group_id, repo_group_name, gr_count)
                     def repo_group_name(repo_group_name, children_groups):
                         return _render("repo_group_name", repo_group_name, children_groups)
                     def user_profile(username):
                         return _render('user_profile', username)
                     repo_group_data = []
                     for group in repo_group_list:
                         # NOTE(marcink): because we use only raw column we need to load it like that
                         changeset_cache = RepoGroup._load_changeset_cache(
                             '', group._changeset_cache)
                         last_commit_change = RepoGroup._load_commit_change(changeset_cache)
                         row = {
                             "menu": quick_menu(group.group_name),
                             "name": repo_group_lnk(group.group_name),
                             "name_raw": group.group_name,
                             "last_change": last_change(last_commit_change),
                             "last_changeset": "",
                             "last_changeset_raw": "",
                             "desc": desc(h.escape(group.group_description), group.personal),
                             "top_level_repos": 0,
                             "owner": user_profile(group.User.username)
                         }
                         if admin:
                             repo_count = group.repositories.count()
                             children_groups = map(
                                 h.safe_unicode,
                                 itertools.chain((g.name for g in group.parents),
                                                 (x.name for x in [group])))
                             row.update({
                                 "action": repo_group_actions(
                                     group.group_id, group.group_name, repo_count),
                                 "top_level_repos": repo_count,
                                 "name": repo_group_name(group.group_name, children_groups),
                             })
                         repo_group_data.append(row)
                     return repo_group_data
                 def get_repo_groups_data_table(
                         self, draw, start, limit,
                         search_q, order_by, order_dir,
                         auth_user, repo_group_id):
                     from rhodecode.model.scm import RepoGroupList
                     _perms = ['group.read', 'group.write', 'group.admin']
                     repo_groups = RepoGroup.query() \
                         .filter(RepoGroup.group_parent_id == repo_group_id) \
                         .all()
                     auth_repo_group_list = RepoGroupList(
                         repo_groups, perm_set=_perms,
                         extra_kwargs=dict(user=auth_user))
                     allowed_ids = [-1]
                     for repo_group in auth_repo_group_list:
                         allowed_ids.append(repo_group.group_id)
                     repo_groups_data_total_count = RepoGroup.query() \
                         .filter(RepoGroup.group_parent_id == repo_group_id) \
                         .filter(or_(
                             # generate multiple IN to fix limitation problems
                             *in_filter_generator(RepoGroup.group_id, allowed_ids))
                         ) \
                         .count()
                     base_q = Session.query(
                         RepoGroup.group_name,
                         RepoGroup.group_name_hash,
                         RepoGroup.group_description,
                         RepoGroup.group_id,
                         RepoGroup.personal,
                         RepoGroup.updated_on,
                         RepoGroup._changeset_cache,
                         User,
                         ) \
                         .filter(RepoGroup.group_parent_id == repo_group_id) \
                         .filter(or_(
                             # generate multiple IN to fix limitation problems
                             *in_filter_generator(RepoGroup.group_id, allowed_ids))
                         ) \
                         .join(User, User.user_id == RepoGroup.user_id) \
                         .group_by(RepoGroup, User)
                     repo_groups_data_total_filtered_count = base_q.count()
                     sort_defined = False
                     if order_by == 'group_name':
                         sort_col = func.lower(RepoGroup.group_name)
                         sort_defined = True
                     elif order_by == 'user_username':
                         sort_col = User.username
                     else:
                         sort_col = getattr(RepoGroup, order_by, None)
                     if sort_defined or sort_col:
                         if order_dir == 'asc':
                             sort_col = sort_col.asc()
                         else:
                             sort_col = sort_col.desc()
                     base_q = base_q.order_by(sort_col)
                     base_q = base_q.offset(start).limit(limit)
                     repo_group_list = base_q.all()
                     repo_groups_data = RepoGroupModel().get_repo_groups_as_dict(
                         repo_group_list=repo_group_list, admin=False)
                     data = ({
                         'draw': draw,
                         'data': repo_groups_data,
                         'recordsTotal': repo_groups_data_total_count,
                         'recordsFiltered': repo_groups_data_total_filtered_count,
                     })
                     return data
                 def _get_defaults(self, repo_group_name):
                     repo_group = RepoGroup.get_by_group_name(repo_group_name)
                     if repo_group is None:
                         return None
                     defaults = repo_group.get_dict()
                     defaults['repo_group_name'] = repo_group.name
                     defaults['repo_group_description'] = repo_group.group_description
                     defaults['repo_group_enable_locking'] = repo_group.enable_locking
                     # we use -1 as this is how in HTML, we mark an empty group
                     defaults['repo_group'] = defaults['group_parent_id'] or -1
                     # fill owner
                     if repo_group.user:
                         defaults.update({'user': repo_group.user.username})
                     else:
                         replacement_user = User.get_first_super_admin().username
                         defaults.update({'user': replacement_user})
                     return defaults

rhodecode/model/user.py

0 +5 -6

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2020 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             users model for RhodeCode
             """
             import logging
             import traceback
             import datetime
             import ipaddress
             from pyramid.threadlocal import get_current_request
             from sqlalchemy.exc import DatabaseError
             from rhodecode import events
             from rhodecode.lib.user_log_filter import user_log_filter
             from rhodecode.lib.utils2 import (
                 safe_unicode, get_current_rhodecode_user, action_logger_generic,
                 AttributeDict, str2bool)
             from rhodecode.lib.exceptions import (
                 DefaultUserException, UserOwnsReposException, UserOwnsRepoGroupsException,
                 UserOwnsUserGroupsException, NotAllowedToCreateUserError,
                 UserOwnsPullRequestsException, UserOwnsArtifactsException)
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.model import BaseModel
             from rhodecode.model.db import (
                 _hash_key, true, false, or_, joinedload, User, UserToPerm,
                 UserEmailMap, UserIpMap, UserLog)
             from rhodecode.model.meta import Session
             from rhodecode.model.auth_token import AuthTokenModel
             from rhodecode.model.repo_group import RepoGroupModel
             log = logging.getLogger(__name__)
             class UserModel(BaseModel):
                 cls = User
                 def get(self, user_id, cache=False):
                     user = self.sa.query(User)
                     if cache:
                         user = user.options(
                             FromCache("sql_cache_short", "get_user_%s" % user_id))
                     return user.get(user_id)
                 def get_user(self, user):
                     return self._get_user(user)
                 def _serialize_user(self, user):
                     import rhodecode.lib.helpers as h
                     return {
                         'id': user.user_id,
                         'first_name': user.first_name,
                         'last_name': user.last_name,
                         'username': user.username,
                         'email': user.email,
                         'icon_link': h.gravatar_url(user.email, 30),
                         'profile_link':  h.link_to_user(user),
                         'value_display': h.escape(h.person(user)),
                         'value': user.username,
                         'value_type': 'user',
                         'active': user.active,
                     }
                 def get_users(self, name_contains=None, limit=20, only_active=True):
                     query = self.sa.query(User)
                     if only_active:
                         query = query.filter(User.active == true())
                     if name_contains:
                         ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
                         query = query.filter(
                             or_(
                                 User.name.ilike(ilike_expression),
                                 User.lastname.ilike(ilike_expression),
                                 User.username.ilike(ilike_expression)
                             )
                         )
                         query = query.limit(limit)
                     users = query.all()
                     _users = [
                         self._serialize_user(user) for user in users
                     ]
                     return _users
                 def get_by_username(self, username, cache=False, case_insensitive=False):
                     if case_insensitive:
                         user = self.sa.query(User).filter(User.username.ilike(username))
                     else:
                         user = self.sa.query(User)\
                             .filter(User.username == username)
                     if cache:
                         name_key = _hash_key(username)
                         user = user.options(
                             FromCache("sql_cache_short", "get_user_%s" % name_key))
                     return user.scalar()
                 def get_by_email(self, email, cache=False, case_insensitive=False):
                     return User.get_by_email(email, case_insensitive, cache)
                 def get_by_auth_token(self, auth_token, cache=False):
                     return User.get_by_auth_token(auth_token, cache)
                 def get_active_user_count(self, cache=False):
                     qry = User.query().filter(
                         User.active == true()).filter(
                             User.username != User.DEFAULT_USER)
                     if cache:
                         qry = qry.options(
                             FromCache("sql_cache_short", "get_active_users"))
                     return qry.count()
                 def create(self, form_data, cur_user=None):
                     if not cur_user:
                         cur_user = getattr(get_current_rhodecode_user(), 'username', None)
                     user_data = {
                         'username': form_data['username'],
                         'password': form_data['password'],
                         'email': form_data['email'],
                         'firstname': form_data['firstname'],
                         'lastname': form_data['lastname'],
                         'active': form_data['active'],
                         'extern_type': form_data['extern_type'],
                         'extern_name': form_data['extern_name'],
                         'admin': False,
                         'cur_user': cur_user
                     }
                     if 'create_repo_group' in form_data:
                         user_data['create_repo_group'] = str2bool(
                             form_data.get('create_repo_group'))
                     try:
                         if form_data.get('password_change'):
                             user_data['force_password_change'] = True
                         return UserModel().create_or_update(**user_data)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def update_user(self, user, skip_attrs=None, **kwargs):
                     from rhodecode.lib.auth import get_crypt_password
                     user = self._get_user(user)
                     if user.username == User.DEFAULT_USER:
                         raise DefaultUserException(
                             "You can't edit this user (`%(username)s`) since it's "
                             "crucial for entire application" % {
                             'username': user.username})
                     # first store only defaults
                     user_attrs = {
                         'updating_user_id': user.user_id,
                         'username': user.username,
                         'password': user.password,
                         'email': user.email,
                         'firstname': user.name,
                         'lastname': user.lastname,
                         'description': user.description,
                         'active': user.active,
                         'admin': user.admin,
                         'extern_name': user.extern_name,
                         'extern_type': user.extern_type,
                         'language': user.user_data.get('language')
                     }
                     # in case there's new_password, that comes from form, use it to
                     # store password
                     if kwargs.get('new_password'):
                         kwargs['password'] = kwargs['new_password']
                     # cleanups, my_account password change form
                     kwargs.pop('current_password', None)
                     kwargs.pop('new_password', None)
                     # cleanups, user edit password change form
                     kwargs.pop('password_confirmation', None)
                     kwargs.pop('password_change', None)
                     # create repo group on user creation
                     kwargs.pop('create_repo_group', None)
                     # legacy forms send name, which is the firstname
                     firstname = kwargs.pop('name', None)
                     if firstname:
                         kwargs['firstname'] = firstname
                     for k, v in kwargs.items():
                         # skip if we don't want to update this
                         if skip_attrs and k in skip_attrs:
                             continue
                         user_attrs[k] = v
                     try:
                         return self.create_or_update(**user_attrs)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def create_or_update(
                         self, username, password, email, firstname='', lastname='',
                         active=True, admin=False, extern_type=None, extern_name=None,
                         cur_user=None, plugin=None, force_password_change=False,
                         allow_to_create_user=True, create_repo_group=None,
                         updating_user_id=None, language=None, description='',
                         strict_creation_check=True):
                     """
                     Creates a new instance if not found, or updates current one
                     :param username:
                     :param password:
                     :param email:
                     :param firstname:
                     :param lastname:
                     :param active:
                     :param admin:
                     :param extern_type:
                     :param extern_name:
                     :param cur_user:
                     :param plugin: optional plugin this method was called from
                     :param force_password_change: toggles new or existing user flag
                         for password change
                     :param allow_to_create_user: Defines if the method can actually create
                         new users
                     :param create_repo_group: Defines if the method should also
                         create an repo group with user name, and owner
                     :param updating_user_id: if we set it up this is the user we want to
                         update this allows to editing username.
                     :param language: language of user from interface.
                     :param description: user description
                     :param strict_creation_check: checks for allowed creation license wise etc.
                     :returns: new User object with injected `is_new_user` attribute.
                     """
                     if not cur_user:
                         cur_user = getattr(get_current_rhodecode_user(), 'username', None)
                     from rhodecode.lib.auth import (
                         get_crypt_password, check_password)
-                    from rhodecode.lib.hooks_base import (
+                    from rhodecode.lib import hooks_base
-                        log_create_user, check_allowed_create_user)
                     def _password_change(new_user, password):
                         old_password = new_user.password or ''
                         # empty password
                         if not old_password:
                             return False
                         # password check is only needed for RhodeCode internal auth calls
                         # in case it's a plugin we don't care
                         if not plugin:
                             # first check if we gave crypted password back, and if it
                             # matches it's not password change
                             if new_user.password == password:
                                 return False
                             password_match = check_password(password, old_password)
                             if not password_match:
                                 return True
                         return False
                     # read settings on default personal repo group creation
                     if create_repo_group is None:
                         default_create_repo_group = RepoGroupModel()\
                             .get_default_create_personal_repo_group()
                         create_repo_group = default_create_repo_group
                     user_data = {
                         'username': username,
                         'password': password,
                         'email': email,
                         'firstname': firstname,
                         'lastname': lastname,
                         'active': active,
                         'admin': admin
                     }
                     if updating_user_id:
                         log.debug('Checking for existing account in RhodeCode '
                                   'database with user_id `%s` ', updating_user_id)
                         user = User.get(updating_user_id)
                     else:
                         log.debug('Checking for existing account in RhodeCode '
                                   'database with username `%s` ', username)
                         user = User.get_by_username(username, case_insensitive=True)
                     if user is None:
                         # we check internal flag if this method is actually allowed to
                         # create new user
                         if not allow_to_create_user:
                             msg = ('Method wants to create new user, but it is not '
                                    'allowed to do so')
                             log.warning(msg)
                             raise NotAllowedToCreateUserError(msg)
                         log.debug('Creating new user %s', username)
                         # only if we create user that is active
                         new_active_user = active
                         if new_active_user and strict_creation_check:
                             # raises UserCreationError if it's not allowed for any reason to
                             # create new active user, this also executes pre-create hooks
-                            check_allowed_create_user(user_data, cur_user, strict_check=True)
+                            hooks_base.check_allowed_create_user(user_data, cur_user, strict_check=True)
                         events.trigger(events.UserPreCreate(user_data))
                         new_user = User()
                         edit = False
                     else:
                         log.debug('updating user `%s`', username)
                         events.trigger(events.UserPreUpdate(user, user_data))
                         new_user = user
                         edit = True
                         # we're not allowed to edit default user
                         if user.username == User.DEFAULT_USER:
                             raise DefaultUserException(
                                 "You can't edit this user (`%(username)s`) since it's "
                                 "crucial for entire application"
                                 % {'username': user.username})
                     # inject special attribute that will tell us if User is new or old
                     new_user.is_new_user = not edit
                     # for users that didn's specify auth type, we use RhodeCode built in
                     from rhodecode.authentication.plugins import auth_rhodecode
                     extern_name = extern_name or auth_rhodecode.RhodeCodeAuthPlugin.uid
                     extern_type = extern_type or auth_rhodecode.RhodeCodeAuthPlugin.uid
                     try:
                         new_user.username = username
                         new_user.admin = admin
                         new_user.email = email
                         new_user.active = active
                         new_user.extern_name = safe_unicode(extern_name)
                         new_user.extern_type = safe_unicode(extern_type)
                         new_user.name = firstname
                         new_user.lastname = lastname
                         new_user.description = description
                         # set password only if creating an user or password is changed
                         if not edit or _password_change(new_user, password):
                             reason = 'new password' if edit else 'new user'
                             log.debug('Updating password reason=>%s', reason)
                             new_user.password = get_crypt_password(password) if password else None
                         if force_password_change:
                             new_user.update_userdata(force_password_change=True)
                         if language:
                             new_user.update_userdata(language=language)
                         new_user.update_userdata(notification_status=True)
                         self.sa.add(new_user)
                         if not edit and create_repo_group:
                             RepoGroupModel().create_personal_repo_group(
                                 new_user, commit_early=False)
                         if not edit:
                             # add the RSS token
                             self.add_auth_token(
                                 user=username, lifetime_minutes=-1,
                                 role=self.auth_token_role.ROLE_FEED,
                                 description=u'Generated feed token')
                             kwargs = new_user.get_dict()
                             # backward compat, require api_keys present
                             kwargs['api_keys'] = kwargs['auth_tokens']
-                            log_create_user(created_by=cur_user, **kwargs)
+                            hooks_base.create_user(created_by=cur_user, **kwargs)
                             events.trigger(events.UserPostCreate(user_data))
                         return new_user
                     except (DatabaseError,):
                         log.error(traceback.format_exc())
                         raise
                 def create_registration(self, form_data,
                                         extern_name='rhodecode', extern_type='rhodecode'):
                     from rhodecode.model.notification import NotificationModel
                     from rhodecode.model.notification import EmailNotificationModel
                     try:
                         form_data['admin'] = False
                         form_data['extern_name'] = extern_name
                         form_data['extern_type'] = extern_type
                         new_user = self.create(form_data)
                         self.sa.add(new_user)
                         self.sa.flush()
                         user_data = new_user.get_dict()
                         user_data.update({
                             'first_name': user_data.get('firstname'),
                             'last_name': user_data.get('lastname'),
                         })
                         kwargs = {
                             # use SQLALCHEMY safe dump of user data
                             'user': AttributeDict(user_data),
                             'date': datetime.datetime.now()
                         }
                         notification_type = EmailNotificationModel.TYPE_REGISTRATION
                         # pre-generate the subject for notification itself
                         (subject,
                          _h, _e,  # we don't care about those
                          body_plaintext) = EmailNotificationModel().render_email(
                             notification_type, **kwargs)
                         # create notification objects, and emails
                         NotificationModel().create(
                             created_by=new_user,
                             notification_subject=subject,
                             notification_body=body_plaintext,
                             notification_type=notification_type,
                             recipients=None,  # all admins
                             email_kwargs=kwargs,
                         )
                         return new_user
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def _handle_user_repos(self, username, repositories, handle_user,
                                        handle_mode=None):
                     left_overs = True
                     from rhodecode.model.repo import RepoModel
                     if handle_mode == 'detach':
                         for obj in repositories:
                             obj.user = handle_user
                             # set description we know why we super admin now owns
                             # additional repositories that were orphaned !
                             obj.description += '  \n::detached repository from deleted user: %s' % (username,)
                             self.sa.add(obj)
                         left_overs = False
                     elif handle_mode == 'delete':
                         for obj in repositories:
                             RepoModel().delete(obj, forks='detach')
                         left_overs = False
                     # if nothing is done we have left overs left
                     return left_overs
                 def _handle_user_repo_groups(self, username, repository_groups, handle_user,
                                              handle_mode=None):
                     left_overs = True
                     from rhodecode.model.repo_group import RepoGroupModel
                     if handle_mode == 'detach':
                         for r in repository_groups:
                             r.user = handle_user
                             # set description we know why we super admin now owns
                             # additional repositories that were orphaned !
                             r.group_description += '  \n::detached repository group from deleted user: %s' % (username,)
                             r.personal = False
                             self.sa.add(r)
                         left_overs = False
                     elif handle_mode == 'delete':
                         for r in repository_groups:
                             RepoGroupModel().delete(r)
                         left_overs = False
                     # if nothing is done we have left overs left
                     return left_overs
                 def _handle_user_user_groups(self, username, user_groups, handle_user,
                                              handle_mode=None):
                     left_overs = True
                     from rhodecode.model.user_group import UserGroupModel
                     if handle_mode == 'detach':
                         for r in user_groups:
                             for user_user_group_to_perm in r.user_user_group_to_perm:
                                 if user_user_group_to_perm.user.username == username:
                                     user_user_group_to_perm.user = handle_user
                             r.user = handle_user
                             # set description we know why we super admin now owns
                             # additional repositories that were orphaned !
                             r.user_group_description += '  \n::detached user group from deleted user: %s' % (username,)
                             self.sa.add(r)
                         left_overs = False
                     elif handle_mode == 'delete':
                         for r in user_groups:
                             UserGroupModel().delete(r)
                         left_overs = False
                     # if nothing is done we have left overs left
                     return left_overs
                 def _handle_user_pull_requests(self, username, pull_requests, handle_user,
                                                handle_mode=None):
                     left_overs = True
                     from rhodecode.model.pull_request import PullRequestModel
                     if handle_mode == 'detach':
                         for pr in pull_requests:
                             pr.user_id = handle_user.user_id
                             # set description we know why we super admin now owns
                             # additional repositories that were orphaned !
                             pr.description += '  \n::detached pull requests from deleted user: %s' % (username,)
                             self.sa.add(pr)
                         left_overs = False
                     elif handle_mode == 'delete':
                         for pr in pull_requests:
                             PullRequestModel().delete(pr)
                         left_overs = False
                     # if nothing is done we have left overs left
                     return left_overs
                 def _handle_user_artifacts(self, username, artifacts, handle_user,
                                            handle_mode=None):
                     left_overs = True
                     if handle_mode == 'detach':
                         for a in artifacts:
                             a.upload_user = handle_user
                             # set description we know why we super admin now owns
                             # additional artifacts that were orphaned !
                             a.file_description += '  \n::detached artifact from deleted user: %s' % (username,)
                             self.sa.add(a)
                         left_overs = False
                     elif handle_mode == 'delete':
                         from rhodecode.apps.file_store import utils as store_utils
                         request = get_current_request()
                         storage = store_utils.get_file_storage(request.registry.settings)
                         for a in artifacts:
                             file_uid = a.file_uid
                             storage.delete(file_uid)
                             self.sa.delete(a)
                         left_overs = False
                     # if nothing is done we have left overs left
                     return left_overs
                 def delete(self, user, cur_user=None, handle_repos=None,
                            handle_repo_groups=None, handle_user_groups=None,
                            handle_pull_requests=None, handle_artifacts=None, handle_new_owner=None):
-                    from rhodecode.lib.hooks_base import log_delete_user
+                    from rhodecode.lib import hooks_base
                     if not cur_user:
                         cur_user = getattr(get_current_rhodecode_user(), 'username', None)
                     user = self._get_user(user)
                     try:
                         if user.username == User.DEFAULT_USER:
                             raise DefaultUserException(
                                 u"You can't remove this user since it's"
                                 u" crucial for entire application")
                         handle_user = handle_new_owner or self.cls.get_first_super_admin()
                         log.debug('New detached objects owner %s', handle_user)
                         left_overs = self._handle_user_repos(
                             user.username, user.repositories, handle_user, handle_repos)
                         if left_overs and user.repositories:
                             repos = [x.repo_name for x in user.repositories]
                             raise UserOwnsReposException(
                                 u'user "%(username)s" still owns %(len_repos)s repositories and cannot be '
                                 u'removed. Switch owners or remove those repositories:%(list_repos)s'
                                 % {'username': user.username, 'len_repos': len(repos),
                                    'list_repos': ', '.join(repos)})
                         left_overs = self._handle_user_repo_groups(
                             user.username, user.repository_groups, handle_user, handle_repo_groups)
                         if left_overs and user.repository_groups:
                             repo_groups = [x.group_name for x in user.repository_groups]
                             raise UserOwnsRepoGroupsException(
                                 u'user "%(username)s" still owns %(len_repo_groups)s repository groups and cannot be '
                                 u'removed. Switch owners or remove those repository groups:%(list_repo_groups)s'
                                 % {'username': user.username, 'len_repo_groups': len(repo_groups),
                                    'list_repo_groups': ', '.join(repo_groups)})
                         left_overs = self._handle_user_user_groups(
                             user.username, user.user_groups, handle_user, handle_user_groups)
                         if left_overs and user.user_groups:
                             user_groups = [x.users_group_name for x in user.user_groups]
                             raise UserOwnsUserGroupsException(
                                 u'user "%s" still owns %s user groups and cannot be '
                                 u'removed. Switch owners or remove those user groups:%s'
                                 % (user.username, len(user_groups), ', '.join(user_groups)))
                         left_overs = self._handle_user_pull_requests(
                             user.username, user.user_pull_requests, handle_user, handle_pull_requests)
                         if left_overs and user.user_pull_requests:
                             pull_requests = ['!{}'.format(x.pull_request_id) for x in user.user_pull_requests]
                             raise UserOwnsPullRequestsException(
                                 u'user "%s" still owns %s pull requests and cannot be '
                                 u'removed. Switch owners or remove those pull requests:%s'
                                 % (user.username, len(pull_requests), ', '.join(pull_requests)))
                         left_overs = self._handle_user_artifacts(
                             user.username, user.artifacts, handle_user, handle_artifacts)
                         if left_overs and user.artifacts:
                             artifacts = [x.file_uid for x in user.artifacts]
                             raise UserOwnsArtifactsException(
                                 u'user "%s" still owns %s artifacts and cannot be '
                                 u'removed. Switch owners or remove those artifacts:%s'
                                 % (user.username, len(artifacts), ', '.join(artifacts)))
                         user_data = user.get_dict()  # fetch user data before expire
                         # we might change the user data with detach/delete, make sure
                         # the object is marked as expired before actually deleting !
                         self.sa.expire(user)
                         self.sa.delete(user)
-                        log_delete_user(deleted_by=cur_user, **user_data)
+                        hooks_base.delete_user(deleted_by=cur_user, **user_data)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def reset_password_link(self, data, pwd_reset_url):
                     from rhodecode.lib.celerylib import tasks, run_task
                     from rhodecode.model.notification import EmailNotificationModel
                     user_email = data['email']
                     try:
                         user = User.get_by_email(user_email)
                         if user:
                             log.debug('password reset user found %s', user)
                             email_kwargs = {
                                 'password_reset_url': pwd_reset_url,
                                 'user': user,
                                 'email': user_email,
                                 'date': datetime.datetime.now(),
                                 'first_admin_email': User.get_first_super_admin().email
                             }
                             (subject, headers, email_body,
                              email_body_plaintext) = EmailNotificationModel().render_email(
                                 EmailNotificationModel.TYPE_PASSWORD_RESET, **email_kwargs)
                             recipients = [user_email]
                             action_logger_generic(
                                 'sending password reset email to user: {}'.format(
                                     user), namespace='security.password_reset')
                             run_task(tasks.send_email, recipients, subject,
                                      email_body_plaintext, email_body)
                         else:
                             log.debug("password reset email %s not found", user_email)
                     except Exception:
                         log.error(traceback.format_exc())
                         return False
                     return True
                 def reset_password(self, data):
                     from rhodecode.lib.celerylib import tasks, run_task
                     from rhodecode.model.notification import EmailNotificationModel
                     from rhodecode.lib import auth
                     user_email = data['email']
                     pre_db = True
                     try:
                         user = User.get_by_email(user_email)
                         new_passwd = auth.PasswordGenerator().gen_password(
 , auth.PasswordGenerator.ALPHABETS_BIG_SMALL)
                         if user:
                             user.password = auth.get_crypt_password(new_passwd)
                             # also force this user to reset his password !
                             user.update_userdata(force_password_change=True)
                             Session().add(user)
                             # now delete the token in question
                             UserApiKeys = AuthTokenModel.cls
                             UserApiKeys().query().filter(
                                 UserApiKeys.api_key == data['token']).delete()
                             Session().commit()
                             log.info('successfully reset password for `%s`', user_email)
                         if new_passwd is None:
                             raise Exception('unable to generate new password')
                         pre_db = False
                         email_kwargs = {
                             'new_password': new_passwd,
                             'user': user,
                             'email': user_email,
                             'date': datetime.datetime.now(),
                             'first_admin_email': User.get_first_super_admin().email
                         }
                         (subject, headers, email_body,
                          email_body_plaintext) = EmailNotificationModel().render_email(
                             EmailNotificationModel.TYPE_PASSWORD_RESET_CONFIRMATION,
                             **email_kwargs)
                         recipients = [user_email]
                         action_logger_generic(
                             'sent new password to user: {} with email: {}'.format(
                                 user, user_email), namespace='security.password_reset')
                         run_task(tasks.send_email, recipients, subject,
                                  email_body_plaintext, email_body)
                     except Exception:
                         log.error('Failed to update user password')
                         log.error(traceback.format_exc())
                         if pre_db:
                             # we rollback only if local db stuff fails. If it goes into
                             # run_task, we're pass rollback state this wouldn't work then
                             Session().rollback()
                     return True
                 def fill_data(self, auth_user, user_id=None, api_key=None, username=None):
                     """
                     Fetches auth_user by user_id,or api_key if present.
                     Fills auth_user attributes with those taken from database.
                     Additionally set's is_authenitated if lookup fails
                     present in database
                     :param auth_user: instance of user to set attributes
                     :param user_id: user id to fetch by
                     :param api_key: api key to fetch by
                     :param username: username to fetch by
                     """
                     def token_obfuscate(token):
                         if token:
                             return token[:4] + "****"
                     if user_id is None and api_key is None and username is None:
                         raise Exception('You need to pass user_id, api_key or username')
                     log.debug(
                         'AuthUser: fill data execution based on: '
                         'user_id:%s api_key:%s username:%s', user_id, api_key, username)
                     try:
                         dbuser = None
                         if user_id:
                             dbuser = self.get(user_id)
                         elif api_key:
                             dbuser = self.get_by_auth_token(api_key)
                         elif username:
                             dbuser = self.get_by_username(username)
                         if not dbuser:
                             log.warning(
                                 'Unable to lookup user by id:%s api_key:%s username:%s',
                                 user_id, token_obfuscate(api_key), username)
                             return False
                         if not dbuser.active:
                             log.debug('User `%s:%s` is inactive, skipping fill data',
                                       username, user_id)
                             return False
                         log.debug('AuthUser: filling found user:%s data', dbuser)
                         attrs = {
                             'user_id': dbuser.user_id,
                             'username': dbuser.username,
                             'name': dbuser.name,
                             'first_name': dbuser.first_name,
                             'firstname': dbuser.firstname,
                             'last_name': dbuser.last_name,
                             'lastname': dbuser.lastname,
                             'admin': dbuser.admin,
                             'active': dbuser.active,
                             'email': dbuser.email,
                             'emails': dbuser.emails_cached(),
                             'short_contact': dbuser.short_contact,
                             'full_contact': dbuser.full_contact,
                             'full_name': dbuser.full_name,
                             'full_name_or_username': dbuser.full_name_or_username,
                             '_api_key': dbuser._api_key,
                             '_user_data': dbuser._user_data,
                             'created_on': dbuser.created_on,
                             'extern_name': dbuser.extern_name,
                             'extern_type': dbuser.extern_type,
                             'inherit_default_permissions': dbuser.inherit_default_permissions,
                             'language': dbuser.language,
                             'last_activity': dbuser.last_activity,
                             'last_login': dbuser.last_login,
                             'password': dbuser.password,
                         }
                         auth_user.__dict__.update(attrs)
                     except Exception:
                         log.error(traceback.format_exc())
                         auth_user.is_authenticated = False
                         return False
                     return True
                 def has_perm(self, user, perm):
                     perm = self._get_perm(perm)
                     user = self._get_user(user)
                     return UserToPerm.query().filter(UserToPerm.user == user)\
                         .filter(UserToPerm.permission == perm).scalar() is not None
                 def grant_perm(self, user, perm):
                     """
                     Grant user global permissions
                     :param user:
                     :param perm:
                     """
                     user = self._get_user(user)
                     perm = self._get_perm(perm)
                     # if this permission is already granted skip it
                     _perm = UserToPerm.query()\
                         .filter(UserToPerm.user == user)\
                         .filter(UserToPerm.permission == perm)\
                         .scalar()
                     if _perm:
                         return
                     new = UserToPerm()
                     new.user = user
                     new.permission = perm
                     self.sa.add(new)
                     return new
                 def revoke_perm(self, user, perm):
                     """
                     Revoke users global permissions
                     :param user:
                     :param perm:
                     """
                     user = self._get_user(user)
                     perm = self._get_perm(perm)
                     obj = UserToPerm.query()\
                             .filter(UserToPerm.user == user)\
                             .filter(UserToPerm.permission == perm)\
                             .scalar()
                     if obj:
                         self.sa.delete(obj)
                 def add_extra_email(self, user, email):
                     """
                     Adds email address to UserEmailMap
                     :param user:
                     :param email:
                     """
                     user = self._get_user(user)
                     obj = UserEmailMap()
                     obj.user = user
                     obj.email = email
                     self.sa.add(obj)
                     return obj
                 def delete_extra_email(self, user, email_id):
                     """
                     Removes email address from UserEmailMap
                     :param user:
                     :param email_id:
                     """
                     user = self._get_user(user)
                     obj = UserEmailMap.query().get(email_id)
                     if obj and obj.user_id == user.user_id:
                         self.sa.delete(obj)
                 def parse_ip_range(self, ip_range):
                     ip_list = []
                     def make_unique(value):
                         seen = []
                         return [c for c in value if not (c in seen or seen.append(c))]
                     # firsts split by commas
                     for ip_range in ip_range.split(','):
                         if not ip_range:
                             continue
                         ip_range = ip_range.strip()
                         if '-' in ip_range:
                             start_ip, end_ip = ip_range.split('-', 1)
                             start_ip = ipaddress.ip_address(safe_unicode(start_ip.strip()))
                             end_ip = ipaddress.ip_address(safe_unicode(end_ip.strip()))
                             parsed_ip_range = []
                             for index in range(int(start_ip), int(end_ip) + 1):
                                 new_ip = ipaddress.ip_address(index)
                                 parsed_ip_range.append(str(new_ip))
                             ip_list.extend(parsed_ip_range)
                         else:
                             ip_list.append(ip_range)
                     return make_unique(ip_list)
                 def add_extra_ip(self, user, ip, description=None):
                     """
                     Adds ip address to UserIpMap
                     :param user:
                     :param ip:
                     """
                     user = self._get_user(user)
                     obj = UserIpMap()
                     obj.user = user
                     obj.ip_addr = ip
                     obj.description = description
                     self.sa.add(obj)
                     return obj
                 auth_token_role = AuthTokenModel.cls
                 def add_auth_token(self, user, lifetime_minutes, role, description=u'',
                                    scope_callback=None):
                     """
                     Add AuthToken for user.
                     :param user: username/user_id
                     :param lifetime_minutes: in minutes the lifetime for token, -1 equals no limit
                     :param role: one of AuthTokenModel.cls.ROLE_*
                     :param description: optional string description
                     """
                     token = AuthTokenModel().create(
                         user, description, lifetime_minutes, role)
                     if scope_callback and callable(scope_callback):
                         # call the callback if we provide, used to attach scope for EE edition
                         scope_callback(token)
                     return token
                 def delete_extra_ip(self, user, ip_id):
                     """
                     Removes ip address from UserIpMap
                     :param user:
                     :param ip_id:
                     """
                     user = self._get_user(user)
                     obj = UserIpMap.query().get(ip_id)
                     if obj and obj.user_id == user.user_id:
                         self.sa.delete(obj)
                 def get_accounts_in_creation_order(self, current_user=None):
                     """
                     Get accounts in order of creation for deactivation for license limits
                     pick currently logged in user, and append to the list in position 0
                     pick all super-admins in order of creation date and add it to the list
                     pick all other accounts in order of creation and add it to the list.
                     Based on that list, the last accounts can be disabled as they are
                     created at the end and don't include any of the super admins as well
                     as the current user.
                     :param current_user: optionally current user running this operation
                     """
                     if not current_user:
                         current_user = get_current_rhodecode_user()
                     active_super_admins = [
                         x.user_id for x in User.query()
                         .filter(User.user_id != current_user.user_id)
                         .filter(User.active == true())
                         .filter(User.admin == true())
                         .order_by(User.created_on.asc())]
                     active_regular_users = [
                         x.user_id for x in User.query()
                         .filter(User.user_id != current_user.user_id)
                         .filter(User.active == true())
                         .filter(User.admin == false())
                         .order_by(User.created_on.asc())]
                     list_of_accounts = [current_user.user_id]
                     list_of_accounts += active_super_admins
                     list_of_accounts += active_regular_users
                     return list_of_accounts
                 def deactivate_last_users(self, expected_users, current_user=None):
                     """
                     Deactivate accounts that are over the license limits.
                     Algorithm of which accounts to disabled is based on the formula:
                     Get current user, then super admins in creation order, then regular
                     active users in creation order.
                     Using that list we mark all accounts from the end of it as inactive.
                     This way we block only latest created accounts.
                     :param expected_users: list of users in special order, we deactivate
                         the end N amount of users from that list
                     """
                     list_of_accounts = self.get_accounts_in_creation_order(
                         current_user=current_user)
                     for acc_id in list_of_accounts[expected_users + 1:]:
                         user = User.get(acc_id)
                         log.info('Deactivating account %s for license unlock', user)
                         user.active = False
                         Session().add(user)
                         Session().commit()
                     return
                 def get_user_log(self, user, filter_term):
                     user_log = UserLog.query()\
                         .filter(or_(UserLog.user_id == user.user_id,
                                     UserLog.username == user.username))\
                         .options(joinedload(UserLog.user))\
                         .options(joinedload(UserLog.repository))\
                         .order_by(UserLog.action_date.desc())
                     user_log = user_log_filter(user_log, filter_term)
                     return user_log

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages