##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
db: fixed unique constraints for mysql with it's size limits.
marcink -
r4010:852f3c73 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,5355 +1,5378 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 Database Models for RhodeCode Enterprise
23 23 """
24 24
25 25 import re
26 26 import os
27 27 import time
28 28 import string
29 29 import hashlib
30 30 import logging
31 31 import datetime
32 32 import uuid
33 33 import warnings
34 34 import ipaddress
35 35 import functools
36 36 import traceback
37 37 import collections
38 38
39 39 from sqlalchemy import (
40 40 or_, and_, not_, func, TypeDecorator, event,
41 41 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
42 42 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
43 43 Text, Float, PickleType)
44 44 from sqlalchemy.sql.expression import true, false, case
45 45 from sqlalchemy.sql.functions import coalesce, count # pragma: no cover
46 46 from sqlalchemy.orm import (
47 47 relationship, joinedload, class_mapper, validates, aliased)
48 48 from sqlalchemy.ext.declarative import declared_attr
49 49 from sqlalchemy.ext.hybrid import hybrid_property
50 50 from sqlalchemy.exc import IntegrityError # pragma: no cover
51 51 from sqlalchemy.dialects.mysql import LONGTEXT
52 52 from zope.cachedescriptors.property import Lazy as LazyProperty
53 53 from pyramid import compat
54 54 from pyramid.threadlocal import get_current_request
55 55 from webhelpers.text import collapse, remove_formatting
56 56
57 57 from rhodecode.translation import _
58 58 from rhodecode.lib.vcs import get_vcs_instance
59 59 from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
60 60 from rhodecode.lib.utils2 import (
61 61 str2bool, safe_str, get_commit_safe, safe_unicode, sha1_safe,
62 62 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
63 63 glob2re, StrictAttributeDict, cleaned_uri, datetime_to_time, OrderedDefaultDict)
64 64 from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \
65 65 JsonRaw
66 66 from rhodecode.lib.ext_json import json
67 67 from rhodecode.lib.caching_query import FromCache
68 68 from rhodecode.lib.encrypt import AESCipher, validate_and_get_enc_data
69 69 from rhodecode.lib.encrypt2 import Encryptor
70 70 from rhodecode.lib.exceptions import (
71 71 ArtifactMetadataDuplicate, ArtifactMetadataBadValueType)
72 72 from rhodecode.model.meta import Base, Session
73 73
74 74 URL_SEP = '/'
75 75 log = logging.getLogger(__name__)
76 76
77 77 # =============================================================================
78 78 # BASE CLASSES
79 79 # =============================================================================
80 80
81 81 # this is propagated from .ini file rhodecode.encrypted_values.secret or
82 82 # beaker.session.secret if first is not set.
83 83 # and initialized at environment.py
84 84 ENCRYPTION_KEY = None
85 85
86 86 # used to sort permissions by types, '#' used here is not allowed to be in
87 87 # usernames, and it's very early in sorted string.printable table.
88 88 PERMISSION_TYPE_SORT = {
89 89 'admin': '####',
90 90 'write': '###',
91 91 'read': '##',
92 92 'none': '#',
93 93 }
94 94
95 95
96 96 def display_user_sort(obj):
97 97 """
98 98 Sort function used to sort permissions in .permissions() function of
99 99 Repository, RepoGroup, UserGroup. Also it put the default user in front
100 100 of all other resources
101 101 """
102 102
103 103 if obj.username == User.DEFAULT_USER:
104 104 return '#####'
105 105 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
106 106 return prefix + obj.username
107 107
108 108
109 109 def display_user_group_sort(obj):
110 110 """
111 111 Sort function used to sort permissions in .permissions() function of
112 112 Repository, RepoGroup, UserGroup. Also it put the default user in front
113 113 of all other resources
114 114 """
115 115
116 116 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
117 117 return prefix + obj.users_group_name
118 118
119 119
120 120 def _hash_key(k):
121 121 return sha1_safe(k)
122 122
123 123
124 124 def in_filter_generator(qry, items, limit=500):
125 125 """
126 126 Splits IN() into multiple with OR
127 127 e.g.::
128 128 cnt = Repository.query().filter(
129 129 or_(
130 130 *in_filter_generator(Repository.repo_id, range(100000))
131 131 )).count()
132 132 """
133 133 if not items:
134 134 # empty list will cause empty query which might cause security issues
135 135 # this can lead to hidden unpleasant results
136 136 items = [-1]
137 137
138 138 parts = []
139 139 for chunk in xrange(0, len(items), limit):
140 140 parts.append(
141 141 qry.in_(items[chunk: chunk + limit])
142 142 )
143 143
144 144 return parts
145 145
146 146
147 147 base_table_args = {
148 148 'extend_existing': True,
149 149 'mysql_engine': 'InnoDB',
150 150 'mysql_charset': 'utf8',
151 151 'sqlite_autoincrement': True
152 152 }
153 153
154 154
155 155 class EncryptedTextValue(TypeDecorator):
156 156 """
157 157 Special column for encrypted long text data, use like::
158 158
159 159 value = Column("encrypted_value", EncryptedValue(), nullable=False)
160 160
161 161 This column is intelligent so if value is in unencrypted form it return
162 162 unencrypted form, but on save it always encrypts
163 163 """
164 164 impl = Text
165 165
166 166 def process_bind_param(self, value, dialect):
167 167 """
168 168 Setter for storing value
169 169 """
170 170 import rhodecode
171 171 if not value:
172 172 return value
173 173
174 174 # protect against double encrypting if values is already encrypted
175 175 if value.startswith('enc$aes$') \
176 176 or value.startswith('enc$aes_hmac$') \
177 177 or value.startswith('enc2$'):
178 178 raise ValueError('value needs to be in unencrypted format, '
179 179 'ie. not starting with enc$ or enc2$')
180 180
181 181 algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
182 182 if algo == 'aes':
183 183 return 'enc$aes_hmac$%s' % AESCipher(ENCRYPTION_KEY, hmac=True).encrypt(value)
184 184 elif algo == 'fernet':
185 185 return Encryptor(ENCRYPTION_KEY).encrypt(value)
186 186 else:
187 187 ValueError('Bad encryption algorithm, should be fernet or aes, got: {}'.format(algo))
188 188
189 189 def process_result_value(self, value, dialect):
190 190 """
191 191 Getter for retrieving value
192 192 """
193 193
194 194 import rhodecode
195 195 if not value:
196 196 return value
197 197
198 198 algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
199 199 enc_strict_mode = str2bool(rhodecode.CONFIG.get('rhodecode.encrypted_values.strict') or True)
200 200 if algo == 'aes':
201 201 decrypted_data = validate_and_get_enc_data(value, ENCRYPTION_KEY, enc_strict_mode)
202 202 elif algo == 'fernet':
203 203 return Encryptor(ENCRYPTION_KEY).decrypt(value)
204 204 else:
205 205 ValueError('Bad encryption algorithm, should be fernet or aes, got: {}'.format(algo))
206 206 return decrypted_data
207 207
208 208
209 209 class BaseModel(object):
210 210 """
211 211 Base Model for all classes
212 212 """
213 213
214 214 @classmethod
215 215 def _get_keys(cls):
216 216 """return column names for this model """
217 217 return class_mapper(cls).c.keys()
218 218
219 219 def get_dict(self):
220 220 """
221 221 return dict with keys and values corresponding
222 222 to this model data """
223 223
224 224 d = {}
225 225 for k in self._get_keys():
226 226 d[k] = getattr(self, k)
227 227
228 228 # also use __json__() if present to get additional fields
229 229 _json_attr = getattr(self, '__json__', None)
230 230 if _json_attr:
231 231 # update with attributes from __json__
232 232 if callable(_json_attr):
233 233 _json_attr = _json_attr()
234 234 for k, val in _json_attr.iteritems():
235 235 d[k] = val
236 236 return d
237 237
238 238 def get_appstruct(self):
239 239 """return list with keys and values tuples corresponding
240 240 to this model data """
241 241
242 242 lst = []
243 243 for k in self._get_keys():
244 244 lst.append((k, getattr(self, k),))
245 245 return lst
246 246
247 247 def populate_obj(self, populate_dict):
248 248 """populate model with data from given populate_dict"""
249 249
250 250 for k in self._get_keys():
251 251 if k in populate_dict:
252 252 setattr(self, k, populate_dict[k])
253 253
254 254 @classmethod
255 255 def query(cls):
256 256 return Session().query(cls)
257 257
258 258 @classmethod
259 259 def get(cls, id_):
260 260 if id_:
261 261 return cls.query().get(id_)
262 262
263 263 @classmethod
264 264 def get_or_404(cls, id_):
265 265 from pyramid.httpexceptions import HTTPNotFound
266 266
267 267 try:
268 268 id_ = int(id_)
269 269 except (TypeError, ValueError):
270 270 raise HTTPNotFound()
271 271
272 272 res = cls.query().get(id_)
273 273 if not res:
274 274 raise HTTPNotFound()
275 275 return res
276 276
277 277 @classmethod
278 278 def getAll(cls):
279 279 # deprecated and left for backward compatibility
280 280 return cls.get_all()
281 281
282 282 @classmethod
283 283 def get_all(cls):
284 284 return cls.query().all()
285 285
286 286 @classmethod
287 287 def delete(cls, id_):
288 288 obj = cls.query().get(id_)
289 289 Session().delete(obj)
290 290
291 291 @classmethod
292 292 def identity_cache(cls, session, attr_name, value):
293 293 exist_in_session = []
294 294 for (item_cls, pkey), instance in session.identity_map.items():
295 295 if cls == item_cls and getattr(instance, attr_name) == value:
296 296 exist_in_session.append(instance)
297 297 if exist_in_session:
298 298 if len(exist_in_session) == 1:
299 299 return exist_in_session[0]
300 300 log.exception(
301 301 'multiple objects with attr %s and '
302 302 'value %s found with same name: %r',
303 303 attr_name, value, exist_in_session)
304 304
305 305 def __repr__(self):
306 306 if hasattr(self, '__unicode__'):
307 307 # python repr needs to return str
308 308 try:
309 309 return safe_str(self.__unicode__())
310 310 except UnicodeDecodeError:
311 311 pass
312 312 return '<DB:%s>' % (self.__class__.__name__)
313 313
314 314
315 315 class RhodeCodeSetting(Base, BaseModel):
316 316 __tablename__ = 'rhodecode_settings'
317 317 __table_args__ = (
318 318 UniqueConstraint('app_settings_name'),
319 319 base_table_args
320 320 )
321 321
322 322 SETTINGS_TYPES = {
323 323 'str': safe_str,
324 324 'int': safe_int,
325 325 'unicode': safe_unicode,
326 326 'bool': str2bool,
327 327 'list': functools.partial(aslist, sep=',')
328 328 }
329 329 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
330 330 GLOBAL_CONF_KEY = 'app_settings'
331 331
332 332 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
333 333 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
334 334 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
335 335 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
336 336
337 337 def __init__(self, key='', val='', type='unicode'):
338 338 self.app_settings_name = key
339 339 self.app_settings_type = type
340 340 self.app_settings_value = val
341 341
342 342 @validates('_app_settings_value')
343 343 def validate_settings_value(self, key, val):
344 344 assert type(val) == unicode
345 345 return val
346 346
347 347 @hybrid_property
348 348 def app_settings_value(self):
349 349 v = self._app_settings_value
350 350 _type = self.app_settings_type
351 351 if _type:
352 352 _type = self.app_settings_type.split('.')[0]
353 353 # decode the encrypted value
354 354 if 'encrypted' in self.app_settings_type:
355 355 cipher = EncryptedTextValue()
356 356 v = safe_unicode(cipher.process_result_value(v, None))
357 357
358 358 converter = self.SETTINGS_TYPES.get(_type) or \
359 359 self.SETTINGS_TYPES['unicode']
360 360 return converter(v)
361 361
362 362 @app_settings_value.setter
363 363 def app_settings_value(self, val):
364 364 """
365 365 Setter that will always make sure we use unicode in app_settings_value
366 366
367 367 :param val:
368 368 """
369 369 val = safe_unicode(val)
370 370 # encode the encrypted value
371 371 if 'encrypted' in self.app_settings_type:
372 372 cipher = EncryptedTextValue()
373 373 val = safe_unicode(cipher.process_bind_param(val, None))
374 374 self._app_settings_value = val
375 375
376 376 @hybrid_property
377 377 def app_settings_type(self):
378 378 return self._app_settings_type
379 379
380 380 @app_settings_type.setter
381 381 def app_settings_type(self, val):
382 382 if val.split('.')[0] not in self.SETTINGS_TYPES:
383 383 raise Exception('type must be one of %s got %s'
384 384 % (self.SETTINGS_TYPES.keys(), val))
385 385 self._app_settings_type = val
386 386
387 387 @classmethod
388 388 def get_by_prefix(cls, prefix):
389 389 return RhodeCodeSetting.query()\
390 390 .filter(RhodeCodeSetting.app_settings_name.startswith(prefix))\
391 391 .all()
392 392
393 393 def __unicode__(self):
394 394 return u"<%s('%s:%s[%s]')>" % (
395 395 self.__class__.__name__,
396 396 self.app_settings_name, self.app_settings_value,
397 397 self.app_settings_type
398 398 )
399 399
400 400
401 401 class RhodeCodeUi(Base, BaseModel):
402 402 __tablename__ = 'rhodecode_ui'
403 403 __table_args__ = (
404 404 UniqueConstraint('ui_key'),
405 405 base_table_args
406 406 )
407 407
408 408 HOOK_REPO_SIZE = 'changegroup.repo_size'
409 409 # HG
410 410 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
411 411 HOOK_PULL = 'outgoing.pull_logger'
412 412 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
413 413 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
414 414 HOOK_PUSH = 'changegroup.push_logger'
415 415 HOOK_PUSH_KEY = 'pushkey.key_push'
416 416
417 417 HOOKS_BUILTIN = [
418 418 HOOK_PRE_PULL,
419 419 HOOK_PULL,
420 420 HOOK_PRE_PUSH,
421 421 HOOK_PRETX_PUSH,
422 422 HOOK_PUSH,
423 423 HOOK_PUSH_KEY,
424 424 ]
425 425
426 426 # TODO: johbo: Unify way how hooks are configured for git and hg,
427 427 # git part is currently hardcoded.
428 428
429 429 # SVN PATTERNS
430 430 SVN_BRANCH_ID = 'vcs_svn_branch'
431 431 SVN_TAG_ID = 'vcs_svn_tag'
432 432
433 433 ui_id = Column(
434 434 "ui_id", Integer(), nullable=False, unique=True, default=None,
435 435 primary_key=True)
436 436 ui_section = Column(
437 437 "ui_section", String(255), nullable=True, unique=None, default=None)
438 438 ui_key = Column(
439 439 "ui_key", String(255), nullable=True, unique=None, default=None)
440 440 ui_value = Column(
441 441 "ui_value", String(255), nullable=True, unique=None, default=None)
442 442 ui_active = Column(
443 443 "ui_active", Boolean(), nullable=True, unique=None, default=True)
444 444
445 445 def __repr__(self):
446 446 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
447 447 self.ui_key, self.ui_value)
448 448
449 449
450 450 class RepoRhodeCodeSetting(Base, BaseModel):
451 451 __tablename__ = 'repo_rhodecode_settings'
452 452 __table_args__ = (
453 453 UniqueConstraint(
454 454 'app_settings_name', 'repository_id',
455 455 name='uq_repo_rhodecode_setting_name_repo_id'),
456 456 base_table_args
457 457 )
458 458
459 459 repository_id = Column(
460 460 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
461 461 nullable=False)
462 462 app_settings_id = Column(
463 463 "app_settings_id", Integer(), nullable=False, unique=True,
464 464 default=None, primary_key=True)
465 465 app_settings_name = Column(
466 466 "app_settings_name", String(255), nullable=True, unique=None,
467 467 default=None)
468 468 _app_settings_value = Column(
469 469 "app_settings_value", String(4096), nullable=True, unique=None,
470 470 default=None)
471 471 _app_settings_type = Column(
472 472 "app_settings_type", String(255), nullable=True, unique=None,
473 473 default=None)
474 474
475 475 repository = relationship('Repository')
476 476
477 477 def __init__(self, repository_id, key='', val='', type='unicode'):
478 478 self.repository_id = repository_id
479 479 self.app_settings_name = key
480 480 self.app_settings_type = type
481 481 self.app_settings_value = val
482 482
483 483 @validates('_app_settings_value')
484 484 def validate_settings_value(self, key, val):
485 485 assert type(val) == unicode
486 486 return val
487 487
488 488 @hybrid_property
489 489 def app_settings_value(self):
490 490 v = self._app_settings_value
491 491 type_ = self.app_settings_type
492 492 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
493 493 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
494 494 return converter(v)
495 495
496 496 @app_settings_value.setter
497 497 def app_settings_value(self, val):
498 498 """
499 499 Setter that will always make sure we use unicode in app_settings_value
500 500
501 501 :param val:
502 502 """
503 503 self._app_settings_value = safe_unicode(val)
504 504
505 505 @hybrid_property
506 506 def app_settings_type(self):
507 507 return self._app_settings_type
508 508
509 509 @app_settings_type.setter
510 510 def app_settings_type(self, val):
511 511 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
512 512 if val not in SETTINGS_TYPES:
513 513 raise Exception('type must be one of %s got %s'
514 514 % (SETTINGS_TYPES.keys(), val))
515 515 self._app_settings_type = val
516 516
517 517 def __unicode__(self):
518 518 return u"<%s('%s:%s:%s[%s]')>" % (
519 519 self.__class__.__name__, self.repository.repo_name,
520 520 self.app_settings_name, self.app_settings_value,
521 521 self.app_settings_type
522 522 )
523 523
524 524
525 525 class RepoRhodeCodeUi(Base, BaseModel):
526 526 __tablename__ = 'repo_rhodecode_ui'
527 527 __table_args__ = (
528 528 UniqueConstraint(
529 529 'repository_id', 'ui_section', 'ui_key',
530 530 name='uq_repo_rhodecode_ui_repository_id_section_key'),
531 531 base_table_args
532 532 )
533 533
534 534 repository_id = Column(
535 535 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
536 536 nullable=False)
537 537 ui_id = Column(
538 538 "ui_id", Integer(), nullable=False, unique=True, default=None,
539 539 primary_key=True)
540 540 ui_section = Column(
541 541 "ui_section", String(255), nullable=True, unique=None, default=None)
542 542 ui_key = Column(
543 543 "ui_key", String(255), nullable=True, unique=None, default=None)
544 544 ui_value = Column(
545 545 "ui_value", String(255), nullable=True, unique=None, default=None)
546 546 ui_active = Column(
547 547 "ui_active", Boolean(), nullable=True, unique=None, default=True)
548 548
549 549 repository = relationship('Repository')
550 550
551 551 def __repr__(self):
552 552 return '<%s[%s:%s]%s=>%s]>' % (
553 553 self.__class__.__name__, self.repository.repo_name,
554 554 self.ui_section, self.ui_key, self.ui_value)
555 555
556 556
557 557 class User(Base, BaseModel):
558 558 __tablename__ = 'users'
559 559 __table_args__ = (
560 560 UniqueConstraint('username'), UniqueConstraint('email'),
561 561 Index('u_username_idx', 'username'),
562 562 Index('u_email_idx', 'email'),
563 563 base_table_args
564 564 )
565 565
566 566 DEFAULT_USER = 'default'
567 567 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
568 568 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
569 569
570 570 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
571 571 username = Column("username", String(255), nullable=True, unique=None, default=None)
572 572 password = Column("password", String(255), nullable=True, unique=None, default=None)
573 573 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
574 574 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
575 575 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
576 576 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
577 577 _email = Column("email", String(255), nullable=True, unique=None, default=None)
578 578 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
579 579 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
580 580
581 581 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
582 582 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
583 583 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
584 584 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
585 585 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
586 586 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
587 587
588 588 user_log = relationship('UserLog')
589 589 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all, delete-orphan')
590 590
591 591 repositories = relationship('Repository')
592 592 repository_groups = relationship('RepoGroup')
593 593 user_groups = relationship('UserGroup')
594 594
595 595 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
596 596 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
597 597
598 598 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all, delete-orphan')
599 599 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan')
600 600 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan')
601 601
602 602 group_member = relationship('UserGroupMember', cascade='all')
603 603
604 604 notifications = relationship('UserNotification', cascade='all')
605 605 # notifications assigned to this user
606 606 user_created_notifications = relationship('Notification', cascade='all')
607 607 # comments created by this user
608 608 user_comments = relationship('ChangesetComment', cascade='all')
609 609 # user profile extra info
610 610 user_emails = relationship('UserEmailMap', cascade='all')
611 611 user_ip_map = relationship('UserIpMap', cascade='all')
612 612 user_auth_tokens = relationship('UserApiKeys', cascade='all')
613 613 user_ssh_keys = relationship('UserSshKeys', cascade='all')
614 614
615 615 # gists
616 616 user_gists = relationship('Gist', cascade='all')
617 617 # user pull requests
618 618 user_pull_requests = relationship('PullRequest', cascade='all')
619 619 # external identities
620 620 extenal_identities = relationship(
621 621 'ExternalIdentity',
622 622 primaryjoin="User.user_id==ExternalIdentity.local_user_id",
623 623 cascade='all')
624 624 # review rules
625 625 user_review_rules = relationship('RepoReviewRuleUser', cascade='all')
626 626
627 627 def __unicode__(self):
628 628 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
629 629 self.user_id, self.username)
630 630
631 631 @hybrid_property
632 632 def email(self):
633 633 return self._email
634 634
635 635 @email.setter
636 636 def email(self, val):
637 637 self._email = val.lower() if val else None
638 638
639 639 @hybrid_property
640 640 def first_name(self):
641 641 from rhodecode.lib import helpers as h
642 642 if self.name:
643 643 return h.escape(self.name)
644 644 return self.name
645 645
646 646 @hybrid_property
647 647 def last_name(self):
648 648 from rhodecode.lib import helpers as h
649 649 if self.lastname:
650 650 return h.escape(self.lastname)
651 651 return self.lastname
652 652
653 653 @hybrid_property
654 654 def api_key(self):
655 655 """
656 656 Fetch if exist an auth-token with role ALL connected to this user
657 657 """
658 658 user_auth_token = UserApiKeys.query()\
659 659 .filter(UserApiKeys.user_id == self.user_id)\
660 660 .filter(or_(UserApiKeys.expires == -1,
661 661 UserApiKeys.expires >= time.time()))\
662 662 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
663 663 if user_auth_token:
664 664 user_auth_token = user_auth_token.api_key
665 665
666 666 return user_auth_token
667 667
668 668 @api_key.setter
669 669 def api_key(self, val):
670 670 # don't allow to set API key this is deprecated for now
671 671 self._api_key = None
672 672
673 673 @property
674 674 def reviewer_pull_requests(self):
675 675 return PullRequestReviewers.query() \
676 676 .options(joinedload(PullRequestReviewers.pull_request)) \
677 677 .filter(PullRequestReviewers.user_id == self.user_id) \
678 678 .all()
679 679
680 680 @property
681 681 def firstname(self):
682 682 # alias for future
683 683 return self.name
684 684
685 685 @property
686 686 def emails(self):
687 687 other = UserEmailMap.query()\
688 688 .filter(UserEmailMap.user == self) \
689 689 .order_by(UserEmailMap.email_id.asc()) \
690 690 .all()
691 691 return [self.email] + [x.email for x in other]
692 692
693 693 @property
694 694 def auth_tokens(self):
695 695 auth_tokens = self.get_auth_tokens()
696 696 return [x.api_key for x in auth_tokens]
697 697
698 698 def get_auth_tokens(self):
699 699 return UserApiKeys.query()\
700 700 .filter(UserApiKeys.user == self)\
701 701 .order_by(UserApiKeys.user_api_key_id.asc())\
702 702 .all()
703 703
704 704 @LazyProperty
705 705 def feed_token(self):
706 706 return self.get_feed_token()
707 707
708 708 def get_feed_token(self, cache=True):
709 709 feed_tokens = UserApiKeys.query()\
710 710 .filter(UserApiKeys.user == self)\
711 711 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
712 712 if cache:
713 713 feed_tokens = feed_tokens.options(
714 714 FromCache("sql_cache_short", "get_user_feed_token_%s" % self.user_id))
715 715
716 716 feed_tokens = feed_tokens.all()
717 717 if feed_tokens:
718 718 return feed_tokens[0].api_key
719 719 return 'NO_FEED_TOKEN_AVAILABLE'
720 720
721 721 @classmethod
722 722 def get(cls, user_id, cache=False):
723 723 if not user_id:
724 724 return
725 725
726 726 user = cls.query()
727 727 if cache:
728 728 user = user.options(
729 729 FromCache("sql_cache_short", "get_users_%s" % user_id))
730 730 return user.get(user_id)
731 731
732 732 @classmethod
733 733 def extra_valid_auth_tokens(cls, user, role=None):
734 734 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
735 735 .filter(or_(UserApiKeys.expires == -1,
736 736 UserApiKeys.expires >= time.time()))
737 737 if role:
738 738 tokens = tokens.filter(or_(UserApiKeys.role == role,
739 739 UserApiKeys.role == UserApiKeys.ROLE_ALL))
740 740 return tokens.all()
741 741
742 742 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
743 743 from rhodecode.lib import auth
744 744
745 745 log.debug('Trying to authenticate user: %s via auth-token, '
746 746 'and roles: %s', self, roles)
747 747
748 748 if not auth_token:
749 749 return False
750 750
751 751 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
752 752 tokens_q = UserApiKeys.query()\
753 753 .filter(UserApiKeys.user_id == self.user_id)\
754 754 .filter(or_(UserApiKeys.expires == -1,
755 755 UserApiKeys.expires >= time.time()))
756 756
757 757 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
758 758
759 759 crypto_backend = auth.crypto_backend()
760 760 enc_token_map = {}
761 761 plain_token_map = {}
762 762 for token in tokens_q:
763 763 if token.api_key.startswith(crypto_backend.ENC_PREF):
764 764 enc_token_map[token.api_key] = token
765 765 else:
766 766 plain_token_map[token.api_key] = token
767 767 log.debug(
768 768 'Found %s plain and %s encrypted user tokens to check for authentication',
769 769 len(plain_token_map), len(enc_token_map))
770 770
771 771 # plain token match comes first
772 772 match = plain_token_map.get(auth_token)
773 773
774 774 # check encrypted tokens now
775 775 if not match:
776 776 for token_hash, token in enc_token_map.items():
777 777 # NOTE(marcink): this is expensive to calculate, but most secure
778 778 if crypto_backend.hash_check(auth_token, token_hash):
779 779 match = token
780 780 break
781 781
782 782 if match:
783 783 log.debug('Found matching token %s', match)
784 784 if match.repo_id:
785 785 log.debug('Found scope, checking for scope match of token %s', match)
786 786 if match.repo_id == scope_repo_id:
787 787 return True
788 788 else:
789 789 log.debug(
790 790 'AUTH_TOKEN: scope mismatch, token has a set repo scope: %s, '
791 791 'and calling scope is:%s, skipping further checks',
792 792 match.repo, scope_repo_id)
793 793 return False
794 794 else:
795 795 return True
796 796
797 797 return False
798 798
799 799 @property
800 800 def ip_addresses(self):
801 801 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
802 802 return [x.ip_addr for x in ret]
803 803
804 804 @property
805 805 def username_and_name(self):
806 806 return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
807 807
808 808 @property
809 809 def username_or_name_or_email(self):
810 810 full_name = self.full_name if self.full_name is not ' ' else None
811 811 return self.username or full_name or self.email
812 812
813 813 @property
814 814 def full_name(self):
815 815 return '%s %s' % (self.first_name, self.last_name)
816 816
817 817 @property
818 818 def full_name_or_username(self):
819 819 return ('%s %s' % (self.first_name, self.last_name)
820 820 if (self.first_name and self.last_name) else self.username)
821 821
822 822 @property
823 823 def full_contact(self):
824 824 return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
825 825
826 826 @property
827 827 def short_contact(self):
828 828 return '%s %s' % (self.first_name, self.last_name)
829 829
830 830 @property
831 831 def is_admin(self):
832 832 return self.admin
833 833
834 834 def AuthUser(self, **kwargs):
835 835 """
836 836 Returns instance of AuthUser for this user
837 837 """
838 838 from rhodecode.lib.auth import AuthUser
839 839 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
840 840
841 841 @hybrid_property
842 842 def user_data(self):
843 843 if not self._user_data:
844 844 return {}
845 845
846 846 try:
847 847 return json.loads(self._user_data)
848 848 except TypeError:
849 849 return {}
850 850
851 851 @user_data.setter
852 852 def user_data(self, val):
853 853 if not isinstance(val, dict):
854 854 raise Exception('user_data must be dict, got %s' % type(val))
855 855 try:
856 856 self._user_data = json.dumps(val)
857 857 except Exception:
858 858 log.error(traceback.format_exc())
859 859
860 860 @classmethod
861 861 def get_by_username(cls, username, case_insensitive=False,
862 862 cache=False, identity_cache=False):
863 863 session = Session()
864 864
865 865 if case_insensitive:
866 866 q = cls.query().filter(
867 867 func.lower(cls.username) == func.lower(username))
868 868 else:
869 869 q = cls.query().filter(cls.username == username)
870 870
871 871 if cache:
872 872 if identity_cache:
873 873 val = cls.identity_cache(session, 'username', username)
874 874 if val:
875 875 return val
876 876 else:
877 877 cache_key = "get_user_by_name_%s" % _hash_key(username)
878 878 q = q.options(
879 879 FromCache("sql_cache_short", cache_key))
880 880
881 881 return q.scalar()
882 882
883 883 @classmethod
884 884 def get_by_auth_token(cls, auth_token, cache=False):
885 885 q = UserApiKeys.query()\
886 886 .filter(UserApiKeys.api_key == auth_token)\
887 887 .filter(or_(UserApiKeys.expires == -1,
888 888 UserApiKeys.expires >= time.time()))
889 889 if cache:
890 890 q = q.options(
891 891 FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
892 892
893 893 match = q.first()
894 894 if match:
895 895 return match.user
896 896
897 897 @classmethod
898 898 def get_by_email(cls, email, case_insensitive=False, cache=False):
899 899
900 900 if case_insensitive:
901 901 q = cls.query().filter(func.lower(cls.email) == func.lower(email))
902 902
903 903 else:
904 904 q = cls.query().filter(cls.email == email)
905 905
906 906 email_key = _hash_key(email)
907 907 if cache:
908 908 q = q.options(
909 909 FromCache("sql_cache_short", "get_email_key_%s" % email_key))
910 910
911 911 ret = q.scalar()
912 912 if ret is None:
913 913 q = UserEmailMap.query()
914 914 # try fetching in alternate email map
915 915 if case_insensitive:
916 916 q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
917 917 else:
918 918 q = q.filter(UserEmailMap.email == email)
919 919 q = q.options(joinedload(UserEmailMap.user))
920 920 if cache:
921 921 q = q.options(
922 922 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
923 923 ret = getattr(q.scalar(), 'user', None)
924 924
925 925 return ret
926 926
927 927 @classmethod
928 928 def get_from_cs_author(cls, author):
929 929 """
930 930 Tries to get User objects out of commit author string
931 931
932 932 :param author:
933 933 """
934 934 from rhodecode.lib.helpers import email, author_name
935 935 # Valid email in the attribute passed, see if they're in the system
936 936 _email = email(author)
937 937 if _email:
938 938 user = cls.get_by_email(_email, case_insensitive=True)
939 939 if user:
940 940 return user
941 941 # Maybe we can match by username?
942 942 _author = author_name(author)
943 943 user = cls.get_by_username(_author, case_insensitive=True)
944 944 if user:
945 945 return user
946 946
947 947 def update_userdata(self, **kwargs):
948 948 usr = self
949 949 old = usr.user_data
950 950 old.update(**kwargs)
951 951 usr.user_data = old
952 952 Session().add(usr)
953 953 log.debug('updated userdata with %s', kwargs)
954 954
955 955 def update_lastlogin(self):
956 956 """Update user lastlogin"""
957 957 self.last_login = datetime.datetime.now()
958 958 Session().add(self)
959 959 log.debug('updated user %s lastlogin', self.username)
960 960
961 961 def update_password(self, new_password):
962 962 from rhodecode.lib.auth import get_crypt_password
963 963
964 964 self.password = get_crypt_password(new_password)
965 965 Session().add(self)
966 966
967 967 @classmethod
968 968 def get_first_super_admin(cls):
969 969 user = User.query()\
970 970 .filter(User.admin == true()) \
971 971 .order_by(User.user_id.asc()) \
972 972 .first()
973 973
974 974 if user is None:
975 975 raise Exception('FATAL: Missing administrative account!')
976 976 return user
977 977
978 978 @classmethod
979 979 def get_all_super_admins(cls, only_active=False):
980 980 """
981 981 Returns all admin accounts sorted by username
982 982 """
983 983 qry = User.query().filter(User.admin == true()).order_by(User.username.asc())
984 984 if only_active:
985 985 qry = qry.filter(User.active == true())
986 986 return qry.all()
987 987
988 988 @classmethod
989 989 def get_default_user(cls, cache=False, refresh=False):
990 990 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
991 991 if user is None:
992 992 raise Exception('FATAL: Missing default account!')
993 993 if refresh:
994 994 # The default user might be based on outdated state which
995 995 # has been loaded from the cache.
996 996 # A call to refresh() ensures that the
997 997 # latest state from the database is used.
998 998 Session().refresh(user)
999 999 return user
1000 1000
1001 1001 def _get_default_perms(self, user, suffix=''):
1002 1002 from rhodecode.model.permission import PermissionModel
1003 1003 return PermissionModel().get_default_perms(user.user_perms, suffix)
1004 1004
1005 1005 def get_default_perms(self, suffix=''):
1006 1006 return self._get_default_perms(self, suffix)
1007 1007
1008 1008 def get_api_data(self, include_secrets=False, details='full'):
1009 1009 """
1010 1010 Common function for generating user related data for API
1011 1011
1012 1012 :param include_secrets: By default secrets in the API data will be replaced
1013 1013 by a placeholder value to prevent exposing this data by accident. In case
1014 1014 this data shall be exposed, set this flag to ``True``.
1015 1015
1016 1016 :param details: details can be 'basic|full' basic gives only a subset of
1017 1017 the available user information that includes user_id, name and emails.
1018 1018 """
1019 1019 user = self
1020 1020 user_data = self.user_data
1021 1021 data = {
1022 1022 'user_id': user.user_id,
1023 1023 'username': user.username,
1024 1024 'firstname': user.name,
1025 1025 'lastname': user.lastname,
1026 1026 'email': user.email,
1027 1027 'emails': user.emails,
1028 1028 }
1029 1029 if details == 'basic':
1030 1030 return data
1031 1031
1032 1032 auth_token_length = 40
1033 1033 auth_token_replacement = '*' * auth_token_length
1034 1034
1035 1035 extras = {
1036 1036 'auth_tokens': [auth_token_replacement],
1037 1037 'active': user.active,
1038 1038 'admin': user.admin,
1039 1039 'extern_type': user.extern_type,
1040 1040 'extern_name': user.extern_name,
1041 1041 'last_login': user.last_login,
1042 1042 'last_activity': user.last_activity,
1043 1043 'ip_addresses': user.ip_addresses,
1044 1044 'language': user_data.get('language')
1045 1045 }
1046 1046 data.update(extras)
1047 1047
1048 1048 if include_secrets:
1049 1049 data['auth_tokens'] = user.auth_tokens
1050 1050 return data
1051 1051
1052 1052 def __json__(self):
1053 1053 data = {
1054 1054 'full_name': self.full_name,
1055 1055 'full_name_or_username': self.full_name_or_username,
1056 1056 'short_contact': self.short_contact,
1057 1057 'full_contact': self.full_contact,
1058 1058 }
1059 1059 data.update(self.get_api_data())
1060 1060 return data
1061 1061
1062 1062
1063 1063 class UserApiKeys(Base, BaseModel):
1064 1064 __tablename__ = 'user_api_keys'
1065 1065 __table_args__ = (
1066 1066 Index('uak_api_key_idx', 'api_key'),
1067 1067 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1068 1068 base_table_args
1069 1069 )
1070 1070 __mapper_args__ = {}
1071 1071
1072 1072 # ApiKey role
1073 1073 ROLE_ALL = 'token_role_all'
1074 1074 ROLE_HTTP = 'token_role_http'
1075 1075 ROLE_VCS = 'token_role_vcs'
1076 1076 ROLE_API = 'token_role_api'
1077 1077 ROLE_FEED = 'token_role_feed'
1078 1078 ROLE_PASSWORD_RESET = 'token_password_reset'
1079 1079
1080 1080 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
1081 1081
1082 1082 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1083 1083 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1084 1084 api_key = Column("api_key", String(255), nullable=False, unique=True)
1085 1085 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1086 1086 expires = Column('expires', Float(53), nullable=False)
1087 1087 role = Column('role', String(255), nullable=True)
1088 1088 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1089 1089
1090 1090 # scope columns
1091 1091 repo_id = Column(
1092 1092 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1093 1093 nullable=True, unique=None, default=None)
1094 1094 repo = relationship('Repository', lazy='joined')
1095 1095
1096 1096 repo_group_id = Column(
1097 1097 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1098 1098 nullable=True, unique=None, default=None)
1099 1099 repo_group = relationship('RepoGroup', lazy='joined')
1100 1100
1101 1101 user = relationship('User', lazy='joined')
1102 1102
1103 1103 def __unicode__(self):
1104 1104 return u"<%s('%s')>" % (self.__class__.__name__, self.role)
1105 1105
1106 1106 def __json__(self):
1107 1107 data = {
1108 1108 'auth_token': self.api_key,
1109 1109 'role': self.role,
1110 1110 'scope': self.scope_humanized,
1111 1111 'expired': self.expired
1112 1112 }
1113 1113 return data
1114 1114
1115 1115 def get_api_data(self, include_secrets=False):
1116 1116 data = self.__json__()
1117 1117 if include_secrets:
1118 1118 return data
1119 1119 else:
1120 1120 data['auth_token'] = self.token_obfuscated
1121 1121 return data
1122 1122
1123 1123 @hybrid_property
1124 1124 def description_safe(self):
1125 1125 from rhodecode.lib import helpers as h
1126 1126 return h.escape(self.description)
1127 1127
1128 1128 @property
1129 1129 def expired(self):
1130 1130 if self.expires == -1:
1131 1131 return False
1132 1132 return time.time() > self.expires
1133 1133
1134 1134 @classmethod
1135 1135 def _get_role_name(cls, role):
1136 1136 return {
1137 1137 cls.ROLE_ALL: _('all'),
1138 1138 cls.ROLE_HTTP: _('http/web interface'),
1139 1139 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1140 1140 cls.ROLE_API: _('api calls'),
1141 1141 cls.ROLE_FEED: _('feed access'),
1142 1142 }.get(role, role)
1143 1143
1144 1144 @property
1145 1145 def role_humanized(self):
1146 1146 return self._get_role_name(self.role)
1147 1147
1148 1148 def _get_scope(self):
1149 1149 if self.repo:
1150 1150 return 'Repository: {}'.format(self.repo.repo_name)
1151 1151 if self.repo_group:
1152 1152 return 'RepositoryGroup: {} (recursive)'.format(self.repo_group.group_name)
1153 1153 return 'Global'
1154 1154
1155 1155 @property
1156 1156 def scope_humanized(self):
1157 1157 return self._get_scope()
1158 1158
1159 1159 @property
1160 1160 def token_obfuscated(self):
1161 1161 if self.api_key:
1162 1162 return self.api_key[:4] + "****"
1163 1163
1164 1164
1165 1165 class UserEmailMap(Base, BaseModel):
1166 1166 __tablename__ = 'user_email_map'
1167 1167 __table_args__ = (
1168 1168 Index('uem_email_idx', 'email'),
1169 1169 UniqueConstraint('email'),
1170 1170 base_table_args
1171 1171 )
1172 1172 __mapper_args__ = {}
1173 1173
1174 1174 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1175 1175 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1176 1176 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1177 1177 user = relationship('User', lazy='joined')
1178 1178
1179 1179 @validates('_email')
1180 1180 def validate_email(self, key, email):
1181 1181 # check if this email is not main one
1182 1182 main_email = Session().query(User).filter(User.email == email).scalar()
1183 1183 if main_email is not None:
1184 1184 raise AttributeError('email %s is present is user table' % email)
1185 1185 return email
1186 1186
1187 1187 @hybrid_property
1188 1188 def email(self):
1189 1189 return self._email
1190 1190
1191 1191 @email.setter
1192 1192 def email(self, val):
1193 1193 self._email = val.lower() if val else None
1194 1194
1195 1195
1196 1196 class UserIpMap(Base, BaseModel):
1197 1197 __tablename__ = 'user_ip_map'
1198 1198 __table_args__ = (
1199 1199 UniqueConstraint('user_id', 'ip_addr'),
1200 1200 base_table_args
1201 1201 )
1202 1202 __mapper_args__ = {}
1203 1203
1204 1204 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1205 1205 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1206 1206 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1207 1207 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1208 1208 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1209 1209 user = relationship('User', lazy='joined')
1210 1210
1211 1211 @hybrid_property
1212 1212 def description_safe(self):
1213 1213 from rhodecode.lib import helpers as h
1214 1214 return h.escape(self.description)
1215 1215
1216 1216 @classmethod
1217 1217 def _get_ip_range(cls, ip_addr):
1218 1218 net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)
1219 1219 return [str(net.network_address), str(net.broadcast_address)]
1220 1220
1221 1221 def __json__(self):
1222 1222 return {
1223 1223 'ip_addr': self.ip_addr,
1224 1224 'ip_range': self._get_ip_range(self.ip_addr),
1225 1225 }
1226 1226
1227 1227 def __unicode__(self):
1228 1228 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1229 1229 self.user_id, self.ip_addr)
1230 1230
1231 1231
1232 1232 class UserSshKeys(Base, BaseModel):
1233 1233 __tablename__ = 'user_ssh_keys'
1234 1234 __table_args__ = (
1235 1235 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1236 1236
1237 1237 UniqueConstraint('ssh_key_fingerprint'),
1238 1238
1239 1239 base_table_args
1240 1240 )
1241 1241 __mapper_args__ = {}
1242 1242
1243 1243 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1244 1244 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1245 1245 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1246 1246
1247 1247 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1248 1248
1249 1249 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1250 1250 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1251 1251 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1252 1252
1253 1253 user = relationship('User', lazy='joined')
1254 1254
1255 1255 def __json__(self):
1256 1256 data = {
1257 1257 'ssh_fingerprint': self.ssh_key_fingerprint,
1258 1258 'description': self.description,
1259 1259 'created_on': self.created_on
1260 1260 }
1261 1261 return data
1262 1262
1263 1263 def get_api_data(self):
1264 1264 data = self.__json__()
1265 1265 return data
1266 1266
1267 1267
1268 1268 class UserLog(Base, BaseModel):
1269 1269 __tablename__ = 'user_logs'
1270 1270 __table_args__ = (
1271 1271 base_table_args,
1272 1272 )
1273 1273
1274 1274 VERSION_1 = 'v1'
1275 1275 VERSION_2 = 'v2'
1276 1276 VERSIONS = [VERSION_1, VERSION_2]
1277 1277
1278 1278 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1279 1279 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1280 1280 username = Column("username", String(255), nullable=True, unique=None, default=None)
1281 1281 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1282 1282 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1283 1283 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1284 1284 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1285 1285 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1286 1286
1287 1287 version = Column("version", String(255), nullable=True, default=VERSION_1)
1288 1288 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1289 1289 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1290 1290
1291 1291 def __unicode__(self):
1292 1292 return u"<%s('id:%s:%s')>" % (
1293 1293 self.__class__.__name__, self.repository_name, self.action)
1294 1294
1295 1295 def __json__(self):
1296 1296 return {
1297 1297 'user_id': self.user_id,
1298 1298 'username': self.username,
1299 1299 'repository_id': self.repository_id,
1300 1300 'repository_name': self.repository_name,
1301 1301 'user_ip': self.user_ip,
1302 1302 'action_date': self.action_date,
1303 1303 'action': self.action,
1304 1304 }
1305 1305
1306 1306 @hybrid_property
1307 1307 def entry_id(self):
1308 1308 return self.user_log_id
1309 1309
1310 1310 @property
1311 1311 def action_as_day(self):
1312 1312 return datetime.date(*self.action_date.timetuple()[:3])
1313 1313
1314 1314 user = relationship('User')
1315 1315 repository = relationship('Repository', cascade='')
1316 1316
1317 1317
1318 1318 class UserGroup(Base, BaseModel):
1319 1319 __tablename__ = 'users_groups'
1320 1320 __table_args__ = (
1321 1321 base_table_args,
1322 1322 )
1323 1323
1324 1324 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1325 1325 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1326 1326 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1327 1327 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1328 1328 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1329 1329 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1330 1330 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1331 1331 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1332 1332
1333 1333 members = relationship('UserGroupMember', cascade="all, delete-orphan", lazy="joined")
1334 1334 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
1335 1335 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1336 1336 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
1337 1337 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
1338 1338 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
1339 1339
1340 1340 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')
1341 1341 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")
1342 1342
1343 1343 @classmethod
1344 1344 def _load_group_data(cls, column):
1345 1345 if not column:
1346 1346 return {}
1347 1347
1348 1348 try:
1349 1349 return json.loads(column) or {}
1350 1350 except TypeError:
1351 1351 return {}
1352 1352
1353 1353 @hybrid_property
1354 1354 def description_safe(self):
1355 1355 from rhodecode.lib import helpers as h
1356 1356 return h.escape(self.user_group_description)
1357 1357
1358 1358 @hybrid_property
1359 1359 def group_data(self):
1360 1360 return self._load_group_data(self._group_data)
1361 1361
1362 1362 @group_data.expression
1363 1363 def group_data(self, **kwargs):
1364 1364 return self._group_data
1365 1365
1366 1366 @group_data.setter
1367 1367 def group_data(self, val):
1368 1368 try:
1369 1369 self._group_data = json.dumps(val)
1370 1370 except Exception:
1371 1371 log.error(traceback.format_exc())
1372 1372
1373 1373 @classmethod
1374 1374 def _load_sync(cls, group_data):
1375 1375 if group_data:
1376 1376 return group_data.get('extern_type')
1377 1377
1378 1378 @property
1379 1379 def sync(self):
1380 1380 return self._load_sync(self.group_data)
1381 1381
1382 1382 def __unicode__(self):
1383 1383 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
1384 1384 self.users_group_id,
1385 1385 self.users_group_name)
1386 1386
1387 1387 @classmethod
1388 1388 def get_by_group_name(cls, group_name, cache=False,
1389 1389 case_insensitive=False):
1390 1390 if case_insensitive:
1391 1391 q = cls.query().filter(func.lower(cls.users_group_name) ==
1392 1392 func.lower(group_name))
1393 1393
1394 1394 else:
1395 1395 q = cls.query().filter(cls.users_group_name == group_name)
1396 1396 if cache:
1397 1397 q = q.options(
1398 1398 FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
1399 1399 return q.scalar()
1400 1400
1401 1401 @classmethod
1402 1402 def get(cls, user_group_id, cache=False):
1403 1403 if not user_group_id:
1404 1404 return
1405 1405
1406 1406 user_group = cls.query()
1407 1407 if cache:
1408 1408 user_group = user_group.options(
1409 1409 FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
1410 1410 return user_group.get(user_group_id)
1411 1411
1412 1412 def permissions(self, with_admins=True, with_owner=True,
1413 1413 expand_from_user_groups=False):
1414 1414 """
1415 1415 Permissions for user groups
1416 1416 """
1417 1417 _admin_perm = 'usergroup.admin'
1418 1418
1419 1419 owner_row = []
1420 1420 if with_owner:
1421 1421 usr = AttributeDict(self.user.get_dict())
1422 1422 usr.owner_row = True
1423 1423 usr.permission = _admin_perm
1424 1424 owner_row.append(usr)
1425 1425
1426 1426 super_admin_ids = []
1427 1427 super_admin_rows = []
1428 1428 if with_admins:
1429 1429 for usr in User.get_all_super_admins():
1430 1430 super_admin_ids.append(usr.user_id)
1431 1431 # if this admin is also owner, don't double the record
1432 1432 if usr.user_id == owner_row[0].user_id:
1433 1433 owner_row[0].admin_row = True
1434 1434 else:
1435 1435 usr = AttributeDict(usr.get_dict())
1436 1436 usr.admin_row = True
1437 1437 usr.permission = _admin_perm
1438 1438 super_admin_rows.append(usr)
1439 1439
1440 1440 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1441 1441 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1442 1442 joinedload(UserUserGroupToPerm.user),
1443 1443 joinedload(UserUserGroupToPerm.permission),)
1444 1444
1445 1445 # get owners and admins and permissions. We do a trick of re-writing
1446 1446 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1447 1447 # has a global reference and changing one object propagates to all
1448 1448 # others. This means if admin is also an owner admin_row that change
1449 1449 # would propagate to both objects
1450 1450 perm_rows = []
1451 1451 for _usr in q.all():
1452 1452 usr = AttributeDict(_usr.user.get_dict())
1453 1453 # if this user is also owner/admin, mark as duplicate record
1454 1454 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1455 1455 usr.duplicate_perm = True
1456 1456 usr.permission = _usr.permission.permission_name
1457 1457 perm_rows.append(usr)
1458 1458
1459 1459 # filter the perm rows by 'default' first and then sort them by
1460 1460 # admin,write,read,none permissions sorted again alphabetically in
1461 1461 # each group
1462 1462 perm_rows = sorted(perm_rows, key=display_user_sort)
1463 1463
1464 1464 user_groups_rows = []
1465 1465 if expand_from_user_groups:
1466 1466 for ug in self.permission_user_groups(with_members=True):
1467 1467 for user_data in ug.members:
1468 1468 user_groups_rows.append(user_data)
1469 1469
1470 1470 return super_admin_rows + owner_row + perm_rows + user_groups_rows
1471 1471
1472 1472 def permission_user_groups(self, with_members=False):
1473 1473 q = UserGroupUserGroupToPerm.query()\
1474 1474 .filter(UserGroupUserGroupToPerm.target_user_group == self)
1475 1475 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1476 1476 joinedload(UserGroupUserGroupToPerm.target_user_group),
1477 1477 joinedload(UserGroupUserGroupToPerm.permission),)
1478 1478
1479 1479 perm_rows = []
1480 1480 for _user_group in q.all():
1481 1481 entry = AttributeDict(_user_group.user_group.get_dict())
1482 1482 entry.permission = _user_group.permission.permission_name
1483 1483 if with_members:
1484 1484 entry.members = [x.user.get_dict()
1485 1485 for x in _user_group.user_group.members]
1486 1486 perm_rows.append(entry)
1487 1487
1488 1488 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1489 1489 return perm_rows
1490 1490
1491 1491 def _get_default_perms(self, user_group, suffix=''):
1492 1492 from rhodecode.model.permission import PermissionModel
1493 1493 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1494 1494
1495 1495 def get_default_perms(self, suffix=''):
1496 1496 return self._get_default_perms(self, suffix)
1497 1497
1498 1498 def get_api_data(self, with_group_members=True, include_secrets=False):
1499 1499 """
1500 1500 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1501 1501 basically forwarded.
1502 1502
1503 1503 """
1504 1504 user_group = self
1505 1505 data = {
1506 1506 'users_group_id': user_group.users_group_id,
1507 1507 'group_name': user_group.users_group_name,
1508 1508 'group_description': user_group.user_group_description,
1509 1509 'active': user_group.users_group_active,
1510 1510 'owner': user_group.user.username,
1511 1511 'sync': user_group.sync,
1512 1512 'owner_email': user_group.user.email,
1513 1513 }
1514 1514
1515 1515 if with_group_members:
1516 1516 users = []
1517 1517 for user in user_group.members:
1518 1518 user = user.user
1519 1519 users.append(user.get_api_data(include_secrets=include_secrets))
1520 1520 data['users'] = users
1521 1521
1522 1522 return data
1523 1523
1524 1524
1525 1525 class UserGroupMember(Base, BaseModel):
1526 1526 __tablename__ = 'users_groups_members'
1527 1527 __table_args__ = (
1528 1528 base_table_args,
1529 1529 )
1530 1530
1531 1531 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1532 1532 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1533 1533 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1534 1534
1535 1535 user = relationship('User', lazy='joined')
1536 1536 users_group = relationship('UserGroup')
1537 1537
1538 1538 def __init__(self, gr_id='', u_id=''):
1539 1539 self.users_group_id = gr_id
1540 1540 self.user_id = u_id
1541 1541
1542 1542
1543 1543 class RepositoryField(Base, BaseModel):
1544 1544 __tablename__ = 'repositories_fields'
1545 1545 __table_args__ = (
1546 1546 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1547 1547 base_table_args,
1548 1548 )
1549 1549
1550 1550 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1551 1551
1552 1552 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1553 1553 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1554 1554 field_key = Column("field_key", String(250))
1555 1555 field_label = Column("field_label", String(1024), nullable=False)
1556 1556 field_value = Column("field_value", String(10000), nullable=False)
1557 1557 field_desc = Column("field_desc", String(1024), nullable=False)
1558 1558 field_type = Column("field_type", String(255), nullable=False, unique=None)
1559 1559 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1560 1560
1561 1561 repository = relationship('Repository')
1562 1562
1563 1563 @property
1564 1564 def field_key_prefixed(self):
1565 1565 return 'ex_%s' % self.field_key
1566 1566
1567 1567 @classmethod
1568 1568 def un_prefix_key(cls, key):
1569 1569 if key.startswith(cls.PREFIX):
1570 1570 return key[len(cls.PREFIX):]
1571 1571 return key
1572 1572
1573 1573 @classmethod
1574 1574 def get_by_key_name(cls, key, repo):
1575 1575 row = cls.query()\
1576 1576 .filter(cls.repository == repo)\
1577 1577 .filter(cls.field_key == key).scalar()
1578 1578 return row
1579 1579
1580 1580
1581 1581 class Repository(Base, BaseModel):
1582 1582 __tablename__ = 'repositories'
1583 1583 __table_args__ = (
1584 1584 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1585 1585 base_table_args,
1586 1586 )
1587 1587 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1588 1588 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1589 1589 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1590 1590
1591 1591 STATE_CREATED = 'repo_state_created'
1592 1592 STATE_PENDING = 'repo_state_pending'
1593 1593 STATE_ERROR = 'repo_state_error'
1594 1594
1595 1595 LOCK_AUTOMATIC = 'lock_auto'
1596 1596 LOCK_API = 'lock_api'
1597 1597 LOCK_WEB = 'lock_web'
1598 1598 LOCK_PULL = 'lock_pull'
1599 1599
1600 1600 NAME_SEP = URL_SEP
1601 1601
1602 1602 repo_id = Column(
1603 1603 "repo_id", Integer(), nullable=False, unique=True, default=None,
1604 1604 primary_key=True)
1605 1605 _repo_name = Column(
1606 1606 "repo_name", Text(), nullable=False, default=None)
1607 1607 _repo_name_hash = Column(
1608 1608 "repo_name_hash", String(255), nullable=False, unique=True)
1609 1609 repo_state = Column("repo_state", String(255), nullable=True)
1610 1610
1611 1611 clone_uri = Column(
1612 1612 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1613 1613 default=None)
1614 1614 push_uri = Column(
1615 1615 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1616 1616 default=None)
1617 1617 repo_type = Column(
1618 1618 "repo_type", String(255), nullable=False, unique=False, default=None)
1619 1619 user_id = Column(
1620 1620 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1621 1621 unique=False, default=None)
1622 1622 private = Column(
1623 1623 "private", Boolean(), nullable=True, unique=None, default=None)
1624 1624 archived = Column(
1625 1625 "archived", Boolean(), nullable=True, unique=None, default=None)
1626 1626 enable_statistics = Column(
1627 1627 "statistics", Boolean(), nullable=True, unique=None, default=True)
1628 1628 enable_downloads = Column(
1629 1629 "downloads", Boolean(), nullable=True, unique=None, default=True)
1630 1630 description = Column(
1631 1631 "description", String(10000), nullable=True, unique=None, default=None)
1632 1632 created_on = Column(
1633 1633 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1634 1634 default=datetime.datetime.now)
1635 1635 updated_on = Column(
1636 1636 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1637 1637 default=datetime.datetime.now)
1638 1638 _landing_revision = Column(
1639 1639 "landing_revision", String(255), nullable=False, unique=False,
1640 1640 default=None)
1641 1641 enable_locking = Column(
1642 1642 "enable_locking", Boolean(), nullable=False, unique=None,
1643 1643 default=False)
1644 1644 _locked = Column(
1645 1645 "locked", String(255), nullable=True, unique=False, default=None)
1646 1646 _changeset_cache = Column(
1647 1647 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1648 1648
1649 1649 fork_id = Column(
1650 1650 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1651 1651 nullable=True, unique=False, default=None)
1652 1652 group_id = Column(
1653 1653 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1654 1654 unique=False, default=None)
1655 1655
1656 1656 user = relationship('User', lazy='joined')
1657 1657 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1658 1658 group = relationship('RepoGroup', lazy='joined')
1659 1659 repo_to_perm = relationship(
1660 1660 'UserRepoToPerm', cascade='all',
1661 1661 order_by='UserRepoToPerm.repo_to_perm_id')
1662 1662 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1663 1663 stats = relationship('Statistics', cascade='all', uselist=False)
1664 1664
1665 1665 followers = relationship(
1666 1666 'UserFollowing',
1667 1667 primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
1668 1668 cascade='all')
1669 1669 extra_fields = relationship(
1670 1670 'RepositoryField', cascade="all, delete-orphan")
1671 1671 logs = relationship('UserLog')
1672 1672 comments = relationship(
1673 1673 'ChangesetComment', cascade="all, delete-orphan")
1674 1674 pull_requests_source = relationship(
1675 1675 'PullRequest',
1676 1676 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1677 1677 cascade="all, delete-orphan")
1678 1678 pull_requests_target = relationship(
1679 1679 'PullRequest',
1680 1680 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1681 1681 cascade="all, delete-orphan")
1682 1682 ui = relationship('RepoRhodeCodeUi', cascade="all")
1683 1683 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1684 1684 integrations = relationship('Integration', cascade="all, delete-orphan")
1685 1685
1686 1686 scoped_tokens = relationship('UserApiKeys', cascade="all")
1687 1687
1688 1688 artifacts = relationship('FileStore', cascade="all")
1689 1689
1690 1690 def __unicode__(self):
1691 1691 return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
1692 1692 safe_unicode(self.repo_name))
1693 1693
1694 1694 @hybrid_property
1695 1695 def description_safe(self):
1696 1696 from rhodecode.lib import helpers as h
1697 1697 return h.escape(self.description)
1698 1698
1699 1699 @hybrid_property
1700 1700 def landing_rev(self):
1701 1701 # always should return [rev_type, rev]
1702 1702 if self._landing_revision:
1703 1703 _rev_info = self._landing_revision.split(':')
1704 1704 if len(_rev_info) < 2:
1705 1705 _rev_info.insert(0, 'rev')
1706 1706 return [_rev_info[0], _rev_info[1]]
1707 1707 return [None, None]
1708 1708
1709 1709 @landing_rev.setter
1710 1710 def landing_rev(self, val):
1711 1711 if ':' not in val:
1712 1712 raise ValueError('value must be delimited with `:` and consist '
1713 1713 'of <rev_type>:<rev>, got %s instead' % val)
1714 1714 self._landing_revision = val
1715 1715
1716 1716 @hybrid_property
1717 1717 def locked(self):
1718 1718 if self._locked:
1719 1719 user_id, timelocked, reason = self._locked.split(':')
1720 1720 lock_values = int(user_id), timelocked, reason
1721 1721 else:
1722 1722 lock_values = [None, None, None]
1723 1723 return lock_values
1724 1724
1725 1725 @locked.setter
1726 1726 def locked(self, val):
1727 1727 if val and isinstance(val, (list, tuple)):
1728 1728 self._locked = ':'.join(map(str, val))
1729 1729 else:
1730 1730 self._locked = None
1731 1731
1732 1732 @hybrid_property
1733 1733 def changeset_cache(self):
1734 1734 from rhodecode.lib.vcs.backends.base import EmptyCommit
1735 1735 dummy = EmptyCommit().__json__()
1736 1736 if not self._changeset_cache:
1737 1737 dummy['source_repo_id'] = self.repo_id
1738 1738 return json.loads(json.dumps(dummy))
1739 1739
1740 1740 try:
1741 1741 return json.loads(self._changeset_cache)
1742 1742 except TypeError:
1743 1743 return dummy
1744 1744 except Exception:
1745 1745 log.error(traceback.format_exc())
1746 1746 return dummy
1747 1747
1748 1748 @changeset_cache.setter
1749 1749 def changeset_cache(self, val):
1750 1750 try:
1751 1751 self._changeset_cache = json.dumps(val)
1752 1752 except Exception:
1753 1753 log.error(traceback.format_exc())
1754 1754
1755 1755 @hybrid_property
1756 1756 def repo_name(self):
1757 1757 return self._repo_name
1758 1758
1759 1759 @repo_name.setter
1760 1760 def repo_name(self, value):
1761 1761 self._repo_name = value
1762 1762 self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
1763 1763
1764 1764 @classmethod
1765 1765 def normalize_repo_name(cls, repo_name):
1766 1766 """
1767 1767 Normalizes os specific repo_name to the format internally stored inside
1768 1768 database using URL_SEP
1769 1769
1770 1770 :param cls:
1771 1771 :param repo_name:
1772 1772 """
1773 1773 return cls.NAME_SEP.join(repo_name.split(os.sep))
1774 1774
1775 1775 @classmethod
1776 1776 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1777 1777 session = Session()
1778 1778 q = session.query(cls).filter(cls.repo_name == repo_name)
1779 1779
1780 1780 if cache:
1781 1781 if identity_cache:
1782 1782 val = cls.identity_cache(session, 'repo_name', repo_name)
1783 1783 if val:
1784 1784 return val
1785 1785 else:
1786 1786 cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
1787 1787 q = q.options(
1788 1788 FromCache("sql_cache_short", cache_key))
1789 1789
1790 1790 return q.scalar()
1791 1791
1792 1792 @classmethod
1793 1793 def get_by_id_or_repo_name(cls, repoid):
1794 1794 if isinstance(repoid, (int, long)):
1795 1795 try:
1796 1796 repo = cls.get(repoid)
1797 1797 except ValueError:
1798 1798 repo = None
1799 1799 else:
1800 1800 repo = cls.get_by_repo_name(repoid)
1801 1801 return repo
1802 1802
1803 1803 @classmethod
1804 1804 def get_by_full_path(cls, repo_full_path):
1805 1805 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1806 1806 repo_name = cls.normalize_repo_name(repo_name)
1807 1807 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1808 1808
1809 1809 @classmethod
1810 1810 def get_repo_forks(cls, repo_id):
1811 1811 return cls.query().filter(Repository.fork_id == repo_id)
1812 1812
1813 1813 @classmethod
1814 1814 def base_path(cls):
1815 1815 """
1816 1816 Returns base path when all repos are stored
1817 1817
1818 1818 :param cls:
1819 1819 """
1820 1820 q = Session().query(RhodeCodeUi)\
1821 1821 .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
1822 1822 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1823 1823 return q.one().ui_value
1824 1824
1825 1825 @classmethod
1826 1826 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1827 1827 case_insensitive=True, archived=False):
1828 1828 q = Repository.query()
1829 1829
1830 1830 if not archived:
1831 1831 q = q.filter(Repository.archived.isnot(true()))
1832 1832
1833 1833 if not isinstance(user_id, Optional):
1834 1834 q = q.filter(Repository.user_id == user_id)
1835 1835
1836 1836 if not isinstance(group_id, Optional):
1837 1837 q = q.filter(Repository.group_id == group_id)
1838 1838
1839 1839 if case_insensitive:
1840 1840 q = q.order_by(func.lower(Repository.repo_name))
1841 1841 else:
1842 1842 q = q.order_by(Repository.repo_name)
1843 1843
1844 1844 return q.all()
1845 1845
1846 1846 @property
1847 1847 def repo_uid(self):
1848 1848 return '_{}'.format(self.repo_id)
1849 1849
1850 1850 @property
1851 1851 def forks(self):
1852 1852 """
1853 1853 Return forks of this repo
1854 1854 """
1855 1855 return Repository.get_repo_forks(self.repo_id)
1856 1856
1857 1857 @property
1858 1858 def parent(self):
1859 1859 """
1860 1860 Returns fork parent
1861 1861 """
1862 1862 return self.fork
1863 1863
1864 1864 @property
1865 1865 def just_name(self):
1866 1866 return self.repo_name.split(self.NAME_SEP)[-1]
1867 1867
1868 1868 @property
1869 1869 def groups_with_parents(self):
1870 1870 groups = []
1871 1871 if self.group is None:
1872 1872 return groups
1873 1873
1874 1874 cur_gr = self.group
1875 1875 groups.insert(0, cur_gr)
1876 1876 while 1:
1877 1877 gr = getattr(cur_gr, 'parent_group', None)
1878 1878 cur_gr = cur_gr.parent_group
1879 1879 if gr is None:
1880 1880 break
1881 1881 groups.insert(0, gr)
1882 1882
1883 1883 return groups
1884 1884
1885 1885 @property
1886 1886 def groups_and_repo(self):
1887 1887 return self.groups_with_parents, self
1888 1888
1889 1889 @LazyProperty
1890 1890 def repo_path(self):
1891 1891 """
1892 1892 Returns base full path for that repository means where it actually
1893 1893 exists on a filesystem
1894 1894 """
1895 1895 q = Session().query(RhodeCodeUi).filter(
1896 1896 RhodeCodeUi.ui_key == self.NAME_SEP)
1897 1897 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1898 1898 return q.one().ui_value
1899 1899
1900 1900 @property
1901 1901 def repo_full_path(self):
1902 1902 p = [self.repo_path]
1903 1903 # we need to split the name by / since this is how we store the
1904 1904 # names in the database, but that eventually needs to be converted
1905 1905 # into a valid system path
1906 1906 p += self.repo_name.split(self.NAME_SEP)
1907 1907 return os.path.join(*map(safe_unicode, p))
1908 1908
1909 1909 @property
1910 1910 def cache_keys(self):
1911 1911 """
1912 1912 Returns associated cache keys for that repo
1913 1913 """
1914 1914 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
1915 1915 repo_id=self.repo_id)
1916 1916 return CacheKey.query()\
1917 1917 .filter(CacheKey.cache_args == invalidation_namespace)\
1918 1918 .order_by(CacheKey.cache_key)\
1919 1919 .all()
1920 1920
1921 1921 @property
1922 1922 def cached_diffs_relative_dir(self):
1923 1923 """
1924 1924 Return a relative to the repository store path of cached diffs
1925 1925 used for safe display for users, who shouldn't know the absolute store
1926 1926 path
1927 1927 """
1928 1928 return os.path.join(
1929 1929 os.path.dirname(self.repo_name),
1930 1930 self.cached_diffs_dir.split(os.path.sep)[-1])
1931 1931
1932 1932 @property
1933 1933 def cached_diffs_dir(self):
1934 1934 path = self.repo_full_path
1935 1935 return os.path.join(
1936 1936 os.path.dirname(path),
1937 1937 '.__shadow_diff_cache_repo_{}'.format(self.repo_id))
1938 1938
1939 1939 def cached_diffs(self):
1940 1940 diff_cache_dir = self.cached_diffs_dir
1941 1941 if os.path.isdir(diff_cache_dir):
1942 1942 return os.listdir(diff_cache_dir)
1943 1943 return []
1944 1944
1945 1945 def shadow_repos(self):
1946 1946 shadow_repos_pattern = '.__shadow_repo_{}'.format(self.repo_id)
1947 1947 return [
1948 1948 x for x in os.listdir(os.path.dirname(self.repo_full_path))
1949 1949 if x.startswith(shadow_repos_pattern)]
1950 1950
1951 1951 def get_new_name(self, repo_name):
1952 1952 """
1953 1953 returns new full repository name based on assigned group and new new
1954 1954
1955 1955 :param group_name:
1956 1956 """
1957 1957 path_prefix = self.group.full_path_splitted if self.group else []
1958 1958 return self.NAME_SEP.join(path_prefix + [repo_name])
1959 1959
1960 1960 @property
1961 1961 def _config(self):
1962 1962 """
1963 1963 Returns db based config object.
1964 1964 """
1965 1965 from rhodecode.lib.utils import make_db_config
1966 1966 return make_db_config(clear_session=False, repo=self)
1967 1967
1968 1968 def permissions(self, with_admins=True, with_owner=True,
1969 1969 expand_from_user_groups=False):
1970 1970 """
1971 1971 Permissions for repositories
1972 1972 """
1973 1973 _admin_perm = 'repository.admin'
1974 1974
1975 1975 owner_row = []
1976 1976 if with_owner:
1977 1977 usr = AttributeDict(self.user.get_dict())
1978 1978 usr.owner_row = True
1979 1979 usr.permission = _admin_perm
1980 1980 usr.permission_id = None
1981 1981 owner_row.append(usr)
1982 1982
1983 1983 super_admin_ids = []
1984 1984 super_admin_rows = []
1985 1985 if with_admins:
1986 1986 for usr in User.get_all_super_admins():
1987 1987 super_admin_ids.append(usr.user_id)
1988 1988 # if this admin is also owner, don't double the record
1989 1989 if usr.user_id == owner_row[0].user_id:
1990 1990 owner_row[0].admin_row = True
1991 1991 else:
1992 1992 usr = AttributeDict(usr.get_dict())
1993 1993 usr.admin_row = True
1994 1994 usr.permission = _admin_perm
1995 1995 usr.permission_id = None
1996 1996 super_admin_rows.append(usr)
1997 1997
1998 1998 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
1999 1999 q = q.options(joinedload(UserRepoToPerm.repository),
2000 2000 joinedload(UserRepoToPerm.user),
2001 2001 joinedload(UserRepoToPerm.permission),)
2002 2002
2003 2003 # get owners and admins and permissions. We do a trick of re-writing
2004 2004 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2005 2005 # has a global reference and changing one object propagates to all
2006 2006 # others. This means if admin is also an owner admin_row that change
2007 2007 # would propagate to both objects
2008 2008 perm_rows = []
2009 2009 for _usr in q.all():
2010 2010 usr = AttributeDict(_usr.user.get_dict())
2011 2011 # if this user is also owner/admin, mark as duplicate record
2012 2012 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2013 2013 usr.duplicate_perm = True
2014 2014 # also check if this permission is maybe used by branch_permissions
2015 2015 if _usr.branch_perm_entry:
2016 2016 usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]
2017 2017
2018 2018 usr.permission = _usr.permission.permission_name
2019 2019 usr.permission_id = _usr.repo_to_perm_id
2020 2020 perm_rows.append(usr)
2021 2021
2022 2022 # filter the perm rows by 'default' first and then sort them by
2023 2023 # admin,write,read,none permissions sorted again alphabetically in
2024 2024 # each group
2025 2025 perm_rows = sorted(perm_rows, key=display_user_sort)
2026 2026
2027 2027 user_groups_rows = []
2028 2028 if expand_from_user_groups:
2029 2029 for ug in self.permission_user_groups(with_members=True):
2030 2030 for user_data in ug.members:
2031 2031 user_groups_rows.append(user_data)
2032 2032
2033 2033 return super_admin_rows + owner_row + perm_rows + user_groups_rows
2034 2034
2035 2035 def permission_user_groups(self, with_members=True):
2036 2036 q = UserGroupRepoToPerm.query()\
2037 2037 .filter(UserGroupRepoToPerm.repository == self)
2038 2038 q = q.options(joinedload(UserGroupRepoToPerm.repository),
2039 2039 joinedload(UserGroupRepoToPerm.users_group),
2040 2040 joinedload(UserGroupRepoToPerm.permission),)
2041 2041
2042 2042 perm_rows = []
2043 2043 for _user_group in q.all():
2044 2044 entry = AttributeDict(_user_group.users_group.get_dict())
2045 2045 entry.permission = _user_group.permission.permission_name
2046 2046 if with_members:
2047 2047 entry.members = [x.user.get_dict()
2048 2048 for x in _user_group.users_group.members]
2049 2049 perm_rows.append(entry)
2050 2050
2051 2051 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2052 2052 return perm_rows
2053 2053
2054 2054 def get_api_data(self, include_secrets=False):
2055 2055 """
2056 2056 Common function for generating repo api data
2057 2057
2058 2058 :param include_secrets: See :meth:`User.get_api_data`.
2059 2059
2060 2060 """
2061 2061 # TODO: mikhail: Here there is an anti-pattern, we probably need to
2062 2062 # move this methods on models level.
2063 2063 from rhodecode.model.settings import SettingsModel
2064 2064 from rhodecode.model.repo import RepoModel
2065 2065
2066 2066 repo = self
2067 2067 _user_id, _time, _reason = self.locked
2068 2068
2069 2069 data = {
2070 2070 'repo_id': repo.repo_id,
2071 2071 'repo_name': repo.repo_name,
2072 2072 'repo_type': repo.repo_type,
2073 2073 'clone_uri': repo.clone_uri or '',
2074 2074 'push_uri': repo.push_uri or '',
2075 2075 'url': RepoModel().get_url(self),
2076 2076 'private': repo.private,
2077 2077 'created_on': repo.created_on,
2078 2078 'description': repo.description_safe,
2079 2079 'landing_rev': repo.landing_rev,
2080 2080 'owner': repo.user.username,
2081 2081 'fork_of': repo.fork.repo_name if repo.fork else None,
2082 2082 'fork_of_id': repo.fork.repo_id if repo.fork else None,
2083 2083 'enable_statistics': repo.enable_statistics,
2084 2084 'enable_locking': repo.enable_locking,
2085 2085 'enable_downloads': repo.enable_downloads,
2086 2086 'last_changeset': repo.changeset_cache,
2087 2087 'locked_by': User.get(_user_id).get_api_data(
2088 2088 include_secrets=include_secrets) if _user_id else None,
2089 2089 'locked_date': time_to_datetime(_time) if _time else None,
2090 2090 'lock_reason': _reason if _reason else None,
2091 2091 }
2092 2092
2093 2093 # TODO: mikhail: should be per-repo settings here
2094 2094 rc_config = SettingsModel().get_all_settings()
2095 2095 repository_fields = str2bool(
2096 2096 rc_config.get('rhodecode_repository_fields'))
2097 2097 if repository_fields:
2098 2098 for f in self.extra_fields:
2099 2099 data[f.field_key_prefixed] = f.field_value
2100 2100
2101 2101 return data
2102 2102
2103 2103 @classmethod
2104 2104 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2105 2105 if not lock_time:
2106 2106 lock_time = time.time()
2107 2107 if not lock_reason:
2108 2108 lock_reason = cls.LOCK_AUTOMATIC
2109 2109 repo.locked = [user_id, lock_time, lock_reason]
2110 2110 Session().add(repo)
2111 2111 Session().commit()
2112 2112
2113 2113 @classmethod
2114 2114 def unlock(cls, repo):
2115 2115 repo.locked = None
2116 2116 Session().add(repo)
2117 2117 Session().commit()
2118 2118
2119 2119 @classmethod
2120 2120 def getlock(cls, repo):
2121 2121 return repo.locked
2122 2122
2123 2123 def is_user_lock(self, user_id):
2124 2124 if self.lock[0]:
2125 2125 lock_user_id = safe_int(self.lock[0])
2126 2126 user_id = safe_int(user_id)
2127 2127 # both are ints, and they are equal
2128 2128 return all([lock_user_id, user_id]) and lock_user_id == user_id
2129 2129
2130 2130 return False
2131 2131
2132 2132 def get_locking_state(self, action, user_id, only_when_enabled=True):
2133 2133 """
2134 2134 Checks locking on this repository, if locking is enabled and lock is
2135 2135 present returns a tuple of make_lock, locked, locked_by.
2136 2136 make_lock can have 3 states None (do nothing) True, make lock
2137 2137 False release lock, This value is later propagated to hooks, which
2138 2138 do the locking. Think about this as signals passed to hooks what to do.
2139 2139
2140 2140 """
2141 2141 # TODO: johbo: This is part of the business logic and should be moved
2142 2142 # into the RepositoryModel.
2143 2143
2144 2144 if action not in ('push', 'pull'):
2145 2145 raise ValueError("Invalid action value: %s" % repr(action))
2146 2146
2147 2147 # defines if locked error should be thrown to user
2148 2148 currently_locked = False
2149 2149 # defines if new lock should be made, tri-state
2150 2150 make_lock = None
2151 2151 repo = self
2152 2152 user = User.get(user_id)
2153 2153
2154 2154 lock_info = repo.locked
2155 2155
2156 2156 if repo and (repo.enable_locking or not only_when_enabled):
2157 2157 if action == 'push':
2158 2158 # check if it's already locked !, if it is compare users
2159 2159 locked_by_user_id = lock_info[0]
2160 2160 if user.user_id == locked_by_user_id:
2161 2161 log.debug(
2162 2162 'Got `push` action from user %s, now unlocking', user)
2163 2163 # unlock if we have push from user who locked
2164 2164 make_lock = False
2165 2165 else:
2166 2166 # we're not the same user who locked, ban with
2167 2167 # code defined in settings (default is 423 HTTP Locked) !
2168 2168 log.debug('Repo %s is currently locked by %s', repo, user)
2169 2169 currently_locked = True
2170 2170 elif action == 'pull':
2171 2171 # [0] user [1] date
2172 2172 if lock_info[0] and lock_info[1]:
2173 2173 log.debug('Repo %s is currently locked by %s', repo, user)
2174 2174 currently_locked = True
2175 2175 else:
2176 2176 log.debug('Setting lock on repo %s by %s', repo, user)
2177 2177 make_lock = True
2178 2178
2179 2179 else:
2180 2180 log.debug('Repository %s do not have locking enabled', repo)
2181 2181
2182 2182 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2183 2183 make_lock, currently_locked, lock_info)
2184 2184
2185 2185 from rhodecode.lib.auth import HasRepoPermissionAny
2186 2186 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2187 2187 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2188 2188 # if we don't have at least write permission we cannot make a lock
2189 2189 log.debug('lock state reset back to FALSE due to lack '
2190 2190 'of at least read permission')
2191 2191 make_lock = False
2192 2192
2193 2193 return make_lock, currently_locked, lock_info
2194 2194
2195 2195 @property
2196 2196 def last_commit_cache_update_diff(self):
2197 2197 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
2198 2198
2199 2199 @property
2200 2200 def last_commit_change(self):
2201 2201 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2202 2202 empty_date = datetime.datetime.fromtimestamp(0)
2203 2203 date_latest = self.changeset_cache.get('date', empty_date)
2204 2204 try:
2205 2205 return parse_datetime(date_latest)
2206 2206 except Exception:
2207 2207 return empty_date
2208 2208
2209 2209 @property
2210 2210 def last_db_change(self):
2211 2211 return self.updated_on
2212 2212
2213 2213 @property
2214 2214 def clone_uri_hidden(self):
2215 2215 clone_uri = self.clone_uri
2216 2216 if clone_uri:
2217 2217 import urlobject
2218 2218 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2219 2219 if url_obj.password:
2220 2220 clone_uri = url_obj.with_password('*****')
2221 2221 return clone_uri
2222 2222
2223 2223 @property
2224 2224 def push_uri_hidden(self):
2225 2225 push_uri = self.push_uri
2226 2226 if push_uri:
2227 2227 import urlobject
2228 2228 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2229 2229 if url_obj.password:
2230 2230 push_uri = url_obj.with_password('*****')
2231 2231 return push_uri
2232 2232
2233 2233 def clone_url(self, **override):
2234 2234 from rhodecode.model.settings import SettingsModel
2235 2235
2236 2236 uri_tmpl = None
2237 2237 if 'with_id' in override:
2238 2238 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2239 2239 del override['with_id']
2240 2240
2241 2241 if 'uri_tmpl' in override:
2242 2242 uri_tmpl = override['uri_tmpl']
2243 2243 del override['uri_tmpl']
2244 2244
2245 2245 ssh = False
2246 2246 if 'ssh' in override:
2247 2247 ssh = True
2248 2248 del override['ssh']
2249 2249
2250 2250 # we didn't override our tmpl from **overrides
2251 2251 request = get_current_request()
2252 2252 if not uri_tmpl:
2253 2253 if hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):
2254 2254 rc_config = request.call_context.rc_config
2255 2255 else:
2256 2256 rc_config = SettingsModel().get_all_settings(cache=True)
2257 2257 if ssh:
2258 2258 uri_tmpl = rc_config.get(
2259 2259 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2260 2260 else:
2261 2261 uri_tmpl = rc_config.get(
2262 2262 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2263 2263
2264 2264 return get_clone_url(request=request,
2265 2265 uri_tmpl=uri_tmpl,
2266 2266 repo_name=self.repo_name,
2267 2267 repo_id=self.repo_id, **override)
2268 2268
2269 2269 def set_state(self, state):
2270 2270 self.repo_state = state
2271 2271 Session().add(self)
2272 2272 #==========================================================================
2273 2273 # SCM PROPERTIES
2274 2274 #==========================================================================
2275 2275
2276 2276 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
2277 2277 return get_commit_safe(
2278 2278 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
2279 2279
2280 2280 def get_changeset(self, rev=None, pre_load=None):
2281 2281 warnings.warn("Use get_commit", DeprecationWarning)
2282 2282 commit_id = None
2283 2283 commit_idx = None
2284 2284 if isinstance(rev, compat.string_types):
2285 2285 commit_id = rev
2286 2286 else:
2287 2287 commit_idx = rev
2288 2288 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2289 2289 pre_load=pre_load)
2290 2290
2291 2291 def get_landing_commit(self):
2292 2292 """
2293 2293 Returns landing commit, or if that doesn't exist returns the tip
2294 2294 """
2295 2295 _rev_type, _rev = self.landing_rev
2296 2296 commit = self.get_commit(_rev)
2297 2297 if isinstance(commit, EmptyCommit):
2298 2298 return self.get_commit()
2299 2299 return commit
2300 2300
2301 2301 def update_commit_cache(self, cs_cache=None, config=None):
2302 2302 """
2303 2303 Update cache of last commit for repository, keys should be::
2304 2304
2305 2305 source_repo_id
2306 2306 short_id
2307 2307 raw_id
2308 2308 revision
2309 2309 parents
2310 2310 message
2311 2311 date
2312 2312 author
2313 2313 updated_on
2314 2314
2315 2315 """
2316 2316 from rhodecode.lib.vcs.backends.base import BaseChangeset
2317 2317 if cs_cache is None:
2318 2318 # use no-cache version here
2319 2319 scm_repo = self.scm_instance(cache=False, config=config)
2320 2320
2321 2321 empty = scm_repo is None or scm_repo.is_empty()
2322 2322 if not empty:
2323 2323 cs_cache = scm_repo.get_commit(
2324 2324 pre_load=["author", "date", "message", "parents", "branch"])
2325 2325 else:
2326 2326 cs_cache = EmptyCommit()
2327 2327
2328 2328 if isinstance(cs_cache, BaseChangeset):
2329 2329 cs_cache = cs_cache.__json__()
2330 2330
2331 2331 def is_outdated(new_cs_cache):
2332 2332 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2333 2333 new_cs_cache['revision'] != self.changeset_cache['revision']):
2334 2334 return True
2335 2335 return False
2336 2336
2337 2337 # check if we have maybe already latest cached revision
2338 2338 if is_outdated(cs_cache) or not self.changeset_cache:
2339 2339 _default = datetime.datetime.utcnow()
2340 2340 last_change = cs_cache.get('date') or _default
2341 2341 # we check if last update is newer than the new value
2342 2342 # if yes, we use the current timestamp instead. Imagine you get
2343 2343 # old commit pushed 1y ago, we'd set last update 1y to ago.
2344 2344 last_change_timestamp = datetime_to_time(last_change)
2345 2345 current_timestamp = datetime_to_time(last_change)
2346 2346 if last_change_timestamp > current_timestamp:
2347 2347 cs_cache['date'] = _default
2348 2348
2349 2349 cs_cache['updated_on'] = time.time()
2350 2350 self.changeset_cache = cs_cache
2351 2351 Session().add(self)
2352 2352 Session().commit()
2353 2353
2354 2354 log.debug('updated repo %s with new commit cache %s',
2355 2355 self.repo_name, cs_cache)
2356 2356 else:
2357 2357 cs_cache = self.changeset_cache
2358 2358 cs_cache['updated_on'] = time.time()
2359 2359 self.changeset_cache = cs_cache
2360 2360 Session().add(self)
2361 2361 Session().commit()
2362 2362
2363 2363 log.debug('Skipping update_commit_cache for repo:`%s` '
2364 2364 'commit already with latest changes', self.repo_name)
2365 2365
2366 2366 @property
2367 2367 def tip(self):
2368 2368 return self.get_commit('tip')
2369 2369
2370 2370 @property
2371 2371 def author(self):
2372 2372 return self.tip.author
2373 2373
2374 2374 @property
2375 2375 def last_change(self):
2376 2376 return self.scm_instance().last_change
2377 2377
2378 2378 def get_comments(self, revisions=None):
2379 2379 """
2380 2380 Returns comments for this repository grouped by revisions
2381 2381
2382 2382 :param revisions: filter query by revisions only
2383 2383 """
2384 2384 cmts = ChangesetComment.query()\
2385 2385 .filter(ChangesetComment.repo == self)
2386 2386 if revisions:
2387 2387 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2388 2388 grouped = collections.defaultdict(list)
2389 2389 for cmt in cmts.all():
2390 2390 grouped[cmt.revision].append(cmt)
2391 2391 return grouped
2392 2392
2393 2393 def statuses(self, revisions=None):
2394 2394 """
2395 2395 Returns statuses for this repository
2396 2396
2397 2397 :param revisions: list of revisions to get statuses for
2398 2398 """
2399 2399 statuses = ChangesetStatus.query()\
2400 2400 .filter(ChangesetStatus.repo == self)\
2401 2401 .filter(ChangesetStatus.version == 0)
2402 2402
2403 2403 if revisions:
2404 2404 # Try doing the filtering in chunks to avoid hitting limits
2405 2405 size = 500
2406 2406 status_results = []
2407 2407 for chunk in xrange(0, len(revisions), size):
2408 2408 status_results += statuses.filter(
2409 2409 ChangesetStatus.revision.in_(
2410 2410 revisions[chunk: chunk+size])
2411 2411 ).all()
2412 2412 else:
2413 2413 status_results = statuses.all()
2414 2414
2415 2415 grouped = {}
2416 2416
2417 2417 # maybe we have open new pullrequest without a status?
2418 2418 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2419 2419 status_lbl = ChangesetStatus.get_status_lbl(stat)
2420 2420 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2421 2421 for rev in pr.revisions:
2422 2422 pr_id = pr.pull_request_id
2423 2423 pr_repo = pr.target_repo.repo_name
2424 2424 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2425 2425
2426 2426 for stat in status_results:
2427 2427 pr_id = pr_repo = None
2428 2428 if stat.pull_request:
2429 2429 pr_id = stat.pull_request.pull_request_id
2430 2430 pr_repo = stat.pull_request.target_repo.repo_name
2431 2431 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2432 2432 pr_id, pr_repo]
2433 2433 return grouped
2434 2434
2435 2435 # ==========================================================================
2436 2436 # SCM CACHE INSTANCE
2437 2437 # ==========================================================================
2438 2438
2439 2439 def scm_instance(self, **kwargs):
2440 2440 import rhodecode
2441 2441
2442 2442 # Passing a config will not hit the cache currently only used
2443 2443 # for repo2dbmapper
2444 2444 config = kwargs.pop('config', None)
2445 2445 cache = kwargs.pop('cache', None)
2446 2446 vcs_full_cache = kwargs.pop('vcs_full_cache', None)
2447 2447 if vcs_full_cache is not None:
2448 2448 # allows override global config
2449 2449 full_cache = vcs_full_cache
2450 2450 else:
2451 2451 full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
2452 2452 # if cache is NOT defined use default global, else we have a full
2453 2453 # control over cache behaviour
2454 2454 if cache is None and full_cache and not config:
2455 2455 log.debug('Initializing pure cached instance for %s', self.repo_path)
2456 2456 return self._get_instance_cached()
2457 2457
2458 2458 # cache here is sent to the "vcs server"
2459 2459 return self._get_instance(cache=bool(cache), config=config)
2460 2460
2461 2461 def _get_instance_cached(self):
2462 2462 from rhodecode.lib import rc_cache
2463 2463
2464 2464 cache_namespace_uid = 'cache_repo_instance.{}'.format(self.repo_id)
2465 2465 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
2466 2466 repo_id=self.repo_id)
2467 2467 region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
2468 2468
2469 2469 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
2470 2470 def get_instance_cached(repo_id, context_id, _cache_state_uid):
2471 2471 return self._get_instance(repo_state_uid=_cache_state_uid)
2472 2472
2473 2473 # we must use thread scoped cache here,
2474 2474 # because each thread of gevent needs it's own not shared connection and cache
2475 2475 # we also alter `args` so the cache key is individual for every green thread.
2476 2476 inv_context_manager = rc_cache.InvalidationContext(
2477 2477 uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace,
2478 2478 thread_scoped=True)
2479 2479 with inv_context_manager as invalidation_context:
2480 2480 cache_state_uid = invalidation_context.cache_data['cache_state_uid']
2481 2481 args = (self.repo_id, inv_context_manager.cache_key, cache_state_uid)
2482 2482
2483 2483 # re-compute and store cache if we get invalidate signal
2484 2484 if invalidation_context.should_invalidate():
2485 2485 instance = get_instance_cached.refresh(*args)
2486 2486 else:
2487 2487 instance = get_instance_cached(*args)
2488 2488
2489 2489 log.debug('Repo instance fetched in %.4fs', inv_context_manager.compute_time)
2490 2490 return instance
2491 2491
2492 2492 def _get_instance(self, cache=True, config=None, repo_state_uid=None):
2493 2493 log.debug('Initializing %s instance `%s` with cache flag set to: %s',
2494 2494 self.repo_type, self.repo_path, cache)
2495 2495 config = config or self._config
2496 2496 custom_wire = {
2497 2497 'cache': cache, # controls the vcs.remote cache
2498 2498 'repo_state_uid': repo_state_uid
2499 2499 }
2500 2500 repo = get_vcs_instance(
2501 2501 repo_path=safe_str(self.repo_full_path),
2502 2502 config=config,
2503 2503 with_wire=custom_wire,
2504 2504 create=False,
2505 2505 _vcs_alias=self.repo_type)
2506 2506 if repo is not None:
2507 2507 repo.count() # cache rebuild
2508 2508 return repo
2509 2509
2510 2510 def get_shadow_repository_path(self, workspace_id):
2511 2511 from rhodecode.lib.vcs.backends.base import BaseRepository
2512 2512 shadow_repo_path = BaseRepository._get_shadow_repository_path(
2513 2513 self.repo_full_path, self.repo_id, workspace_id)
2514 2514 return shadow_repo_path
2515 2515
2516 2516 def __json__(self):
2517 2517 return {'landing_rev': self.landing_rev}
2518 2518
2519 2519 def get_dict(self):
2520 2520
2521 2521 # Since we transformed `repo_name` to a hybrid property, we need to
2522 2522 # keep compatibility with the code which uses `repo_name` field.
2523 2523
2524 2524 result = super(Repository, self).get_dict()
2525 2525 result['repo_name'] = result.pop('_repo_name', None)
2526 2526 return result
2527 2527
2528 2528
2529 2529 class RepoGroup(Base, BaseModel):
2530 2530 __tablename__ = 'groups'
2531 2531 __table_args__ = (
2532 2532 UniqueConstraint('group_name', 'group_parent_id'),
2533 2533 base_table_args,
2534 2534 )
2535 2535 __mapper_args__ = {'order_by': 'group_name'}
2536 2536
2537 2537 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2538 2538
2539 2539 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2540 2540 _group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2541 2541 group_name_hash = Column("repo_group_name_hash", String(1024), nullable=False, unique=False)
2542 2542 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2543 2543 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2544 2544 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2545 2545 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2546 2546 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2547 2547 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2548 2548 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2549 2549 _changeset_cache = Column(
2550 2550 "changeset_cache", LargeBinary(), nullable=True) # JSON data
2551 2551
2552 2552 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
2553 2553 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
2554 2554 parent_group = relationship('RepoGroup', remote_side=group_id)
2555 2555 user = relationship('User')
2556 2556 integrations = relationship('Integration', cascade="all, delete-orphan")
2557 2557
2558 2558 def __init__(self, group_name='', parent_group=None):
2559 2559 self.group_name = group_name
2560 2560 self.parent_group = parent_group
2561 2561
2562 2562 def __unicode__(self):
2563 2563 return u"<%s('id:%s:%s')>" % (
2564 2564 self.__class__.__name__, self.group_id, self.group_name)
2565 2565
2566 2566 @hybrid_property
2567 2567 def group_name(self):
2568 2568 return self._group_name
2569 2569
2570 2570 @group_name.setter
2571 2571 def group_name(self, value):
2572 2572 self._group_name = value
2573 2573 self.group_name_hash = self.hash_repo_group_name(value)
2574 2574
2575 2575 @hybrid_property
2576 2576 def changeset_cache(self):
2577 2577 from rhodecode.lib.vcs.backends.base import EmptyCommit
2578 2578 dummy = EmptyCommit().__json__()
2579 2579 if not self._changeset_cache:
2580 2580 dummy['source_repo_id'] = ''
2581 2581 return json.loads(json.dumps(dummy))
2582 2582
2583 2583 try:
2584 2584 return json.loads(self._changeset_cache)
2585 2585 except TypeError:
2586 2586 return dummy
2587 2587 except Exception:
2588 2588 log.error(traceback.format_exc())
2589 2589 return dummy
2590 2590
2591 2591 @changeset_cache.setter
2592 2592 def changeset_cache(self, val):
2593 2593 try:
2594 2594 self._changeset_cache = json.dumps(val)
2595 2595 except Exception:
2596 2596 log.error(traceback.format_exc())
2597 2597
2598 2598 @validates('group_parent_id')
2599 2599 def validate_group_parent_id(self, key, val):
2600 2600 """
2601 2601 Check cycle references for a parent group to self
2602 2602 """
2603 2603 if self.group_id and val:
2604 2604 assert val != self.group_id
2605 2605
2606 2606 return val
2607 2607
2608 2608 @hybrid_property
2609 2609 def description_safe(self):
2610 2610 from rhodecode.lib import helpers as h
2611 2611 return h.escape(self.group_description)
2612 2612
2613 2613 @classmethod
2614 2614 def hash_repo_group_name(cls, repo_group_name):
2615 2615 val = remove_formatting(repo_group_name)
2616 2616 val = safe_str(val).lower()
2617 2617 chars = []
2618 2618 for c in val:
2619 2619 if c not in string.ascii_letters:
2620 2620 c = str(ord(c))
2621 2621 chars.append(c)
2622 2622
2623 2623 return ''.join(chars)
2624 2624
2625 2625 @classmethod
2626 2626 def _generate_choice(cls, repo_group):
2627 2627 from webhelpers.html import literal as _literal
2628 2628 _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
2629 2629 return repo_group.group_id, _name(repo_group.full_path_splitted)
2630 2630
2631 2631 @classmethod
2632 2632 def groups_choices(cls, groups=None, show_empty_group=True):
2633 2633 if not groups:
2634 2634 groups = cls.query().all()
2635 2635
2636 2636 repo_groups = []
2637 2637 if show_empty_group:
2638 2638 repo_groups = [(-1, u'-- %s --' % _('No parent'))]
2639 2639
2640 2640 repo_groups.extend([cls._generate_choice(x) for x in groups])
2641 2641
2642 2642 repo_groups = sorted(
2643 2643 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2644 2644 return repo_groups
2645 2645
2646 2646 @classmethod
2647 2647 def url_sep(cls):
2648 2648 return URL_SEP
2649 2649
2650 2650 @classmethod
2651 2651 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2652 2652 if case_insensitive:
2653 2653 gr = cls.query().filter(func.lower(cls.group_name)
2654 2654 == func.lower(group_name))
2655 2655 else:
2656 2656 gr = cls.query().filter(cls.group_name == group_name)
2657 2657 if cache:
2658 2658 name_key = _hash_key(group_name)
2659 2659 gr = gr.options(
2660 2660 FromCache("sql_cache_short", "get_group_%s" % name_key))
2661 2661 return gr.scalar()
2662 2662
2663 2663 @classmethod
2664 2664 def get_user_personal_repo_group(cls, user_id):
2665 2665 user = User.get(user_id)
2666 2666 if user.username == User.DEFAULT_USER:
2667 2667 return None
2668 2668
2669 2669 return cls.query()\
2670 2670 .filter(cls.personal == true()) \
2671 2671 .filter(cls.user == user) \
2672 2672 .order_by(cls.group_id.asc()) \
2673 2673 .first()
2674 2674
2675 2675 @classmethod
2676 2676 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2677 2677 case_insensitive=True):
2678 2678 q = RepoGroup.query()
2679 2679
2680 2680 if not isinstance(user_id, Optional):
2681 2681 q = q.filter(RepoGroup.user_id == user_id)
2682 2682
2683 2683 if not isinstance(group_id, Optional):
2684 2684 q = q.filter(RepoGroup.group_parent_id == group_id)
2685 2685
2686 2686 if case_insensitive:
2687 2687 q = q.order_by(func.lower(RepoGroup.group_name))
2688 2688 else:
2689 2689 q = q.order_by(RepoGroup.group_name)
2690 2690 return q.all()
2691 2691
2692 2692 @property
2693 2693 def parents(self, parents_recursion_limit = 10):
2694 2694 groups = []
2695 2695 if self.parent_group is None:
2696 2696 return groups
2697 2697 cur_gr = self.parent_group
2698 2698 groups.insert(0, cur_gr)
2699 2699 cnt = 0
2700 2700 while 1:
2701 2701 cnt += 1
2702 2702 gr = getattr(cur_gr, 'parent_group', None)
2703 2703 cur_gr = cur_gr.parent_group
2704 2704 if gr is None:
2705 2705 break
2706 2706 if cnt == parents_recursion_limit:
2707 2707 # this will prevent accidental infinit loops
2708 2708 log.error('more than %s parents found for group %s, stopping '
2709 2709 'recursive parent fetching', parents_recursion_limit, self)
2710 2710 break
2711 2711
2712 2712 groups.insert(0, gr)
2713 2713 return groups
2714 2714
2715 2715 @property
2716 2716 def last_commit_cache_update_diff(self):
2717 2717 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
2718 2718
2719 2719 @property
2720 2720 def last_commit_change(self):
2721 2721 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2722 2722 empty_date = datetime.datetime.fromtimestamp(0)
2723 2723 date_latest = self.changeset_cache.get('date', empty_date)
2724 2724 try:
2725 2725 return parse_datetime(date_latest)
2726 2726 except Exception:
2727 2727 return empty_date
2728 2728
2729 2729 @property
2730 2730 def last_db_change(self):
2731 2731 return self.updated_on
2732 2732
2733 2733 @property
2734 2734 def children(self):
2735 2735 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2736 2736
2737 2737 @property
2738 2738 def name(self):
2739 2739 return self.group_name.split(RepoGroup.url_sep())[-1]
2740 2740
2741 2741 @property
2742 2742 def full_path(self):
2743 2743 return self.group_name
2744 2744
2745 2745 @property
2746 2746 def full_path_splitted(self):
2747 2747 return self.group_name.split(RepoGroup.url_sep())
2748 2748
2749 2749 @property
2750 2750 def repositories(self):
2751 2751 return Repository.query()\
2752 2752 .filter(Repository.group == self)\
2753 2753 .order_by(Repository.repo_name)
2754 2754
2755 2755 @property
2756 2756 def repositories_recursive_count(self):
2757 2757 cnt = self.repositories.count()
2758 2758
2759 2759 def children_count(group):
2760 2760 cnt = 0
2761 2761 for child in group.children:
2762 2762 cnt += child.repositories.count()
2763 2763 cnt += children_count(child)
2764 2764 return cnt
2765 2765
2766 2766 return cnt + children_count(self)
2767 2767
2768 2768 def _recursive_objects(self, include_repos=True, include_groups=True):
2769 2769 all_ = []
2770 2770
2771 2771 def _get_members(root_gr):
2772 2772 if include_repos:
2773 2773 for r in root_gr.repositories:
2774 2774 all_.append(r)
2775 2775 childs = root_gr.children.all()
2776 2776 if childs:
2777 2777 for gr in childs:
2778 2778 if include_groups:
2779 2779 all_.append(gr)
2780 2780 _get_members(gr)
2781 2781
2782 2782 root_group = []
2783 2783 if include_groups:
2784 2784 root_group = [self]
2785 2785
2786 2786 _get_members(self)
2787 2787 return root_group + all_
2788 2788
2789 2789 def recursive_groups_and_repos(self):
2790 2790 """
2791 2791 Recursive return all groups, with repositories in those groups
2792 2792 """
2793 2793 return self._recursive_objects()
2794 2794
2795 2795 def recursive_groups(self):
2796 2796 """
2797 2797 Returns all children groups for this group including children of children
2798 2798 """
2799 2799 return self._recursive_objects(include_repos=False)
2800 2800
2801 2801 def recursive_repos(self):
2802 2802 """
2803 2803 Returns all children repositories for this group
2804 2804 """
2805 2805 return self._recursive_objects(include_groups=False)
2806 2806
2807 2807 def get_new_name(self, group_name):
2808 2808 """
2809 2809 returns new full group name based on parent and new name
2810 2810
2811 2811 :param group_name:
2812 2812 """
2813 2813 path_prefix = (self.parent_group.full_path_splitted if
2814 2814 self.parent_group else [])
2815 2815 return RepoGroup.url_sep().join(path_prefix + [group_name])
2816 2816
2817 2817 def update_commit_cache(self, config=None):
2818 2818 """
2819 2819 Update cache of last changeset for newest repository inside this group, keys should be::
2820 2820
2821 2821 source_repo_id
2822 2822 short_id
2823 2823 raw_id
2824 2824 revision
2825 2825 parents
2826 2826 message
2827 2827 date
2828 2828 author
2829 2829
2830 2830 """
2831 2831 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2832 2832
2833 2833 def repo_groups_and_repos():
2834 2834 all_entries = OrderedDefaultDict(list)
2835 2835
2836 2836 def _get_members(root_gr, pos=0):
2837 2837
2838 2838 for repo in root_gr.repositories:
2839 2839 all_entries[root_gr].append(repo)
2840 2840
2841 2841 # fill in all parent positions
2842 2842 for parent_group in root_gr.parents:
2843 2843 all_entries[parent_group].extend(all_entries[root_gr])
2844 2844
2845 2845 children_groups = root_gr.children.all()
2846 2846 if children_groups:
2847 2847 for cnt, gr in enumerate(children_groups, 1):
2848 2848 _get_members(gr, pos=pos+cnt)
2849 2849
2850 2850 _get_members(root_gr=self)
2851 2851 return all_entries
2852 2852
2853 2853 empty_date = datetime.datetime.fromtimestamp(0)
2854 2854 for repo_group, repos in repo_groups_and_repos().items():
2855 2855
2856 2856 latest_repo_cs_cache = {}
2857 2857 for repo in repos:
2858 2858 repo_cs_cache = repo.changeset_cache
2859 2859 date_latest = latest_repo_cs_cache.get('date', empty_date)
2860 2860 date_current = repo_cs_cache.get('date', empty_date)
2861 2861 current_timestamp = datetime_to_time(parse_datetime(date_latest))
2862 2862 if current_timestamp < datetime_to_time(parse_datetime(date_current)):
2863 2863 latest_repo_cs_cache = repo_cs_cache
2864 2864 latest_repo_cs_cache['source_repo_id'] = repo.repo_id
2865 2865
2866 2866 latest_repo_cs_cache['updated_on'] = time.time()
2867 2867 repo_group.changeset_cache = latest_repo_cs_cache
2868 2868 Session().add(repo_group)
2869 2869 Session().commit()
2870 2870
2871 2871 log.debug('updated repo group %s with new commit cache %s',
2872 2872 repo_group.group_name, latest_repo_cs_cache)
2873 2873
2874 2874 def permissions(self, with_admins=True, with_owner=True,
2875 2875 expand_from_user_groups=False):
2876 2876 """
2877 2877 Permissions for repository groups
2878 2878 """
2879 2879 _admin_perm = 'group.admin'
2880 2880
2881 2881 owner_row = []
2882 2882 if with_owner:
2883 2883 usr = AttributeDict(self.user.get_dict())
2884 2884 usr.owner_row = True
2885 2885 usr.permission = _admin_perm
2886 2886 owner_row.append(usr)
2887 2887
2888 2888 super_admin_ids = []
2889 2889 super_admin_rows = []
2890 2890 if with_admins:
2891 2891 for usr in User.get_all_super_admins():
2892 2892 super_admin_ids.append(usr.user_id)
2893 2893 # if this admin is also owner, don't double the record
2894 2894 if usr.user_id == owner_row[0].user_id:
2895 2895 owner_row[0].admin_row = True
2896 2896 else:
2897 2897 usr = AttributeDict(usr.get_dict())
2898 2898 usr.admin_row = True
2899 2899 usr.permission = _admin_perm
2900 2900 super_admin_rows.append(usr)
2901 2901
2902 2902 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
2903 2903 q = q.options(joinedload(UserRepoGroupToPerm.group),
2904 2904 joinedload(UserRepoGroupToPerm.user),
2905 2905 joinedload(UserRepoGroupToPerm.permission),)
2906 2906
2907 2907 # get owners and admins and permissions. We do a trick of re-writing
2908 2908 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2909 2909 # has a global reference and changing one object propagates to all
2910 2910 # others. This means if admin is also an owner admin_row that change
2911 2911 # would propagate to both objects
2912 2912 perm_rows = []
2913 2913 for _usr in q.all():
2914 2914 usr = AttributeDict(_usr.user.get_dict())
2915 2915 # if this user is also owner/admin, mark as duplicate record
2916 2916 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2917 2917 usr.duplicate_perm = True
2918 2918 usr.permission = _usr.permission.permission_name
2919 2919 perm_rows.append(usr)
2920 2920
2921 2921 # filter the perm rows by 'default' first and then sort them by
2922 2922 # admin,write,read,none permissions sorted again alphabetically in
2923 2923 # each group
2924 2924 perm_rows = sorted(perm_rows, key=display_user_sort)
2925 2925
2926 2926 user_groups_rows = []
2927 2927 if expand_from_user_groups:
2928 2928 for ug in self.permission_user_groups(with_members=True):
2929 2929 for user_data in ug.members:
2930 2930 user_groups_rows.append(user_data)
2931 2931
2932 2932 return super_admin_rows + owner_row + perm_rows + user_groups_rows
2933 2933
2934 2934 def permission_user_groups(self, with_members=False):
2935 2935 q = UserGroupRepoGroupToPerm.query()\
2936 2936 .filter(UserGroupRepoGroupToPerm.group == self)
2937 2937 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
2938 2938 joinedload(UserGroupRepoGroupToPerm.users_group),
2939 2939 joinedload(UserGroupRepoGroupToPerm.permission),)
2940 2940
2941 2941 perm_rows = []
2942 2942 for _user_group in q.all():
2943 2943 entry = AttributeDict(_user_group.users_group.get_dict())
2944 2944 entry.permission = _user_group.permission.permission_name
2945 2945 if with_members:
2946 2946 entry.members = [x.user.get_dict()
2947 2947 for x in _user_group.users_group.members]
2948 2948 perm_rows.append(entry)
2949 2949
2950 2950 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2951 2951 return perm_rows
2952 2952
2953 2953 def get_api_data(self):
2954 2954 """
2955 2955 Common function for generating api data
2956 2956
2957 2957 """
2958 2958 group = self
2959 2959 data = {
2960 2960 'group_id': group.group_id,
2961 2961 'group_name': group.group_name,
2962 2962 'group_description': group.description_safe,
2963 2963 'parent_group': group.parent_group.group_name if group.parent_group else None,
2964 2964 'repositories': [x.repo_name for x in group.repositories],
2965 2965 'owner': group.user.username,
2966 2966 }
2967 2967 return data
2968 2968
2969 2969 def get_dict(self):
2970 2970 # Since we transformed `group_name` to a hybrid property, we need to
2971 2971 # keep compatibility with the code which uses `group_name` field.
2972 2972 result = super(RepoGroup, self).get_dict()
2973 2973 result['group_name'] = result.pop('_group_name', None)
2974 2974 return result
2975 2975
2976 2976
2977 2977 class Permission(Base, BaseModel):
2978 2978 __tablename__ = 'permissions'
2979 2979 __table_args__ = (
2980 2980 Index('p_perm_name_idx', 'permission_name'),
2981 2981 base_table_args,
2982 2982 )
2983 2983
2984 2984 PERMS = [
2985 2985 ('hg.admin', _('RhodeCode Super Administrator')),
2986 2986
2987 2987 ('repository.none', _('Repository no access')),
2988 2988 ('repository.read', _('Repository read access')),
2989 2989 ('repository.write', _('Repository write access')),
2990 2990 ('repository.admin', _('Repository admin access')),
2991 2991
2992 2992 ('group.none', _('Repository group no access')),
2993 2993 ('group.read', _('Repository group read access')),
2994 2994 ('group.write', _('Repository group write access')),
2995 2995 ('group.admin', _('Repository group admin access')),
2996 2996
2997 2997 ('usergroup.none', _('User group no access')),
2998 2998 ('usergroup.read', _('User group read access')),
2999 2999 ('usergroup.write', _('User group write access')),
3000 3000 ('usergroup.admin', _('User group admin access')),
3001 3001
3002 3002 ('branch.none', _('Branch no permissions')),
3003 3003 ('branch.merge', _('Branch access by web merge')),
3004 3004 ('branch.push', _('Branch access by push')),
3005 3005 ('branch.push_force', _('Branch access by push with force')),
3006 3006
3007 3007 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
3008 3008 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
3009 3009
3010 3010 ('hg.usergroup.create.false', _('User Group creation disabled')),
3011 3011 ('hg.usergroup.create.true', _('User Group creation enabled')),
3012 3012
3013 3013 ('hg.create.none', _('Repository creation disabled')),
3014 3014 ('hg.create.repository', _('Repository creation enabled')),
3015 3015 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
3016 3016 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
3017 3017
3018 3018 ('hg.fork.none', _('Repository forking disabled')),
3019 3019 ('hg.fork.repository', _('Repository forking enabled')),
3020 3020
3021 3021 ('hg.register.none', _('Registration disabled')),
3022 3022 ('hg.register.manual_activate', _('User Registration with manual account activation')),
3023 3023 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
3024 3024
3025 3025 ('hg.password_reset.enabled', _('Password reset enabled')),
3026 3026 ('hg.password_reset.hidden', _('Password reset hidden')),
3027 3027 ('hg.password_reset.disabled', _('Password reset disabled')),
3028 3028
3029 3029 ('hg.extern_activate.manual', _('Manual activation of external account')),
3030 3030 ('hg.extern_activate.auto', _('Automatic activation of external account')),
3031 3031
3032 3032 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
3033 3033 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
3034 3034 ]
3035 3035
3036 3036 # definition of system default permissions for DEFAULT user, created on
3037 3037 # system setup
3038 3038 DEFAULT_USER_PERMISSIONS = [
3039 3039 # object perms
3040 3040 'repository.read',
3041 3041 'group.read',
3042 3042 'usergroup.read',
3043 3043 # branch, for backward compat we need same value as before so forced pushed
3044 3044 'branch.push_force',
3045 3045 # global
3046 3046 'hg.create.repository',
3047 3047 'hg.repogroup.create.false',
3048 3048 'hg.usergroup.create.false',
3049 3049 'hg.create.write_on_repogroup.true',
3050 3050 'hg.fork.repository',
3051 3051 'hg.register.manual_activate',
3052 3052 'hg.password_reset.enabled',
3053 3053 'hg.extern_activate.auto',
3054 3054 'hg.inherit_default_perms.true',
3055 3055 ]
3056 3056
3057 3057 # defines which permissions are more important higher the more important
3058 3058 # Weight defines which permissions are more important.
3059 3059 # The higher number the more important.
3060 3060 PERM_WEIGHTS = {
3061 3061 'repository.none': 0,
3062 3062 'repository.read': 1,
3063 3063 'repository.write': 3,
3064 3064 'repository.admin': 4,
3065 3065
3066 3066 'group.none': 0,
3067 3067 'group.read': 1,
3068 3068 'group.write': 3,
3069 3069 'group.admin': 4,
3070 3070
3071 3071 'usergroup.none': 0,
3072 3072 'usergroup.read': 1,
3073 3073 'usergroup.write': 3,
3074 3074 'usergroup.admin': 4,
3075 3075
3076 3076 'branch.none': 0,
3077 3077 'branch.merge': 1,
3078 3078 'branch.push': 3,
3079 3079 'branch.push_force': 4,
3080 3080
3081 3081 'hg.repogroup.create.false': 0,
3082 3082 'hg.repogroup.create.true': 1,
3083 3083
3084 3084 'hg.usergroup.create.false': 0,
3085 3085 'hg.usergroup.create.true': 1,
3086 3086
3087 3087 'hg.fork.none': 0,
3088 3088 'hg.fork.repository': 1,
3089 3089 'hg.create.none': 0,
3090 3090 'hg.create.repository': 1
3091 3091 }
3092 3092
3093 3093 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3094 3094 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
3095 3095 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
3096 3096
3097 3097 def __unicode__(self):
3098 3098 return u"<%s('%s:%s')>" % (
3099 3099 self.__class__.__name__, self.permission_id, self.permission_name
3100 3100 )
3101 3101
3102 3102 @classmethod
3103 3103 def get_by_key(cls, key):
3104 3104 return cls.query().filter(cls.permission_name == key).scalar()
3105 3105
3106 3106 @classmethod
3107 3107 def get_default_repo_perms(cls, user_id, repo_id=None):
3108 3108 q = Session().query(UserRepoToPerm, Repository, Permission)\
3109 3109 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
3110 3110 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
3111 3111 .filter(UserRepoToPerm.user_id == user_id)
3112 3112 if repo_id:
3113 3113 q = q.filter(UserRepoToPerm.repository_id == repo_id)
3114 3114 return q.all()
3115 3115
3116 3116 @classmethod
3117 3117 def get_default_repo_branch_perms(cls, user_id, repo_id=None):
3118 3118 q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \
3119 3119 .join(
3120 3120 Permission,
3121 3121 UserToRepoBranchPermission.permission_id == Permission.permission_id) \
3122 3122 .join(
3123 3123 UserRepoToPerm,
3124 3124 UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \
3125 3125 .filter(UserRepoToPerm.user_id == user_id)
3126 3126
3127 3127 if repo_id:
3128 3128 q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)
3129 3129 return q.order_by(UserToRepoBranchPermission.rule_order).all()
3130 3130
3131 3131 @classmethod
3132 3132 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
3133 3133 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
3134 3134 .join(
3135 3135 Permission,
3136 3136 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
3137 3137 .join(
3138 3138 Repository,
3139 3139 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
3140 3140 .join(
3141 3141 UserGroup,
3142 3142 UserGroupRepoToPerm.users_group_id ==
3143 3143 UserGroup.users_group_id)\
3144 3144 .join(
3145 3145 UserGroupMember,
3146 3146 UserGroupRepoToPerm.users_group_id ==
3147 3147 UserGroupMember.users_group_id)\
3148 3148 .filter(
3149 3149 UserGroupMember.user_id == user_id,
3150 3150 UserGroup.users_group_active == true())
3151 3151 if repo_id:
3152 3152 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
3153 3153 return q.all()
3154 3154
3155 3155 @classmethod
3156 3156 def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):
3157 3157 q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \
3158 3158 .join(
3159 3159 Permission,
3160 3160 UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \
3161 3161 .join(
3162 3162 UserGroupRepoToPerm,
3163 3163 UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \
3164 3164 .join(
3165 3165 UserGroup,
3166 3166 UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \
3167 3167 .join(
3168 3168 UserGroupMember,
3169 3169 UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \
3170 3170 .filter(
3171 3171 UserGroupMember.user_id == user_id,
3172 3172 UserGroup.users_group_active == true())
3173 3173
3174 3174 if repo_id:
3175 3175 q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)
3176 3176 return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()
3177 3177
3178 3178 @classmethod
3179 3179 def get_default_group_perms(cls, user_id, repo_group_id=None):
3180 3180 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
3181 3181 .join(
3182 3182 Permission,
3183 3183 UserRepoGroupToPerm.permission_id == Permission.permission_id)\
3184 3184 .join(
3185 3185 RepoGroup,
3186 3186 UserRepoGroupToPerm.group_id == RepoGroup.group_id)\
3187 3187 .filter(UserRepoGroupToPerm.user_id == user_id)
3188 3188 if repo_group_id:
3189 3189 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
3190 3190 return q.all()
3191 3191
3192 3192 @classmethod
3193 3193 def get_default_group_perms_from_user_group(
3194 3194 cls, user_id, repo_group_id=None):
3195 3195 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
3196 3196 .join(
3197 3197 Permission,
3198 3198 UserGroupRepoGroupToPerm.permission_id ==
3199 3199 Permission.permission_id)\
3200 3200 .join(
3201 3201 RepoGroup,
3202 3202 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
3203 3203 .join(
3204 3204 UserGroup,
3205 3205 UserGroupRepoGroupToPerm.users_group_id ==
3206 3206 UserGroup.users_group_id)\
3207 3207 .join(
3208 3208 UserGroupMember,
3209 3209 UserGroupRepoGroupToPerm.users_group_id ==
3210 3210 UserGroupMember.users_group_id)\
3211 3211 .filter(
3212 3212 UserGroupMember.user_id == user_id,
3213 3213 UserGroup.users_group_active == true())
3214 3214 if repo_group_id:
3215 3215 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
3216 3216 return q.all()
3217 3217
3218 3218 @classmethod
3219 3219 def get_default_user_group_perms(cls, user_id, user_group_id=None):
3220 3220 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
3221 3221 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
3222 3222 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
3223 3223 .filter(UserUserGroupToPerm.user_id == user_id)
3224 3224 if user_group_id:
3225 3225 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
3226 3226 return q.all()
3227 3227
3228 3228 @classmethod
3229 3229 def get_default_user_group_perms_from_user_group(
3230 3230 cls, user_id, user_group_id=None):
3231 3231 TargetUserGroup = aliased(UserGroup, name='target_user_group')
3232 3232 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
3233 3233 .join(
3234 3234 Permission,
3235 3235 UserGroupUserGroupToPerm.permission_id ==
3236 3236 Permission.permission_id)\
3237 3237 .join(
3238 3238 TargetUserGroup,
3239 3239 UserGroupUserGroupToPerm.target_user_group_id ==
3240 3240 TargetUserGroup.users_group_id)\
3241 3241 .join(
3242 3242 UserGroup,
3243 3243 UserGroupUserGroupToPerm.user_group_id ==
3244 3244 UserGroup.users_group_id)\
3245 3245 .join(
3246 3246 UserGroupMember,
3247 3247 UserGroupUserGroupToPerm.user_group_id ==
3248 3248 UserGroupMember.users_group_id)\
3249 3249 .filter(
3250 3250 UserGroupMember.user_id == user_id,
3251 3251 UserGroup.users_group_active == true())
3252 3252 if user_group_id:
3253 3253 q = q.filter(
3254 3254 UserGroupUserGroupToPerm.user_group_id == user_group_id)
3255 3255
3256 3256 return q.all()
3257 3257
3258 3258
3259 3259 class UserRepoToPerm(Base, BaseModel):
3260 3260 __tablename__ = 'repo_to_perm'
3261 3261 __table_args__ = (
3262 3262 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
3263 3263 base_table_args
3264 3264 )
3265 3265
3266 3266 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3267 3267 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3268 3268 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3269 3269 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3270 3270
3271 3271 user = relationship('User')
3272 3272 repository = relationship('Repository')
3273 3273 permission = relationship('Permission')
3274 3274
3275 3275 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete-orphan", lazy='joined')
3276 3276
3277 3277 @classmethod
3278 3278 def create(cls, user, repository, permission):
3279 3279 n = cls()
3280 3280 n.user = user
3281 3281 n.repository = repository
3282 3282 n.permission = permission
3283 3283 Session().add(n)
3284 3284 return n
3285 3285
3286 3286 def __unicode__(self):
3287 3287 return u'<%s => %s >' % (self.user, self.repository)
3288 3288
3289 3289
3290 3290 class UserUserGroupToPerm(Base, BaseModel):
3291 3291 __tablename__ = 'user_user_group_to_perm'
3292 3292 __table_args__ = (
3293 3293 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
3294 3294 base_table_args
3295 3295 )
3296 3296
3297 3297 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3298 3298 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3299 3299 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3300 3300 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3301 3301
3302 3302 user = relationship('User')
3303 3303 user_group = relationship('UserGroup')
3304 3304 permission = relationship('Permission')
3305 3305
3306 3306 @classmethod
3307 3307 def create(cls, user, user_group, permission):
3308 3308 n = cls()
3309 3309 n.user = user
3310 3310 n.user_group = user_group
3311 3311 n.permission = permission
3312 3312 Session().add(n)
3313 3313 return n
3314 3314
3315 3315 def __unicode__(self):
3316 3316 return u'<%s => %s >' % (self.user, self.user_group)
3317 3317
3318 3318
3319 3319 class UserToPerm(Base, BaseModel):
3320 3320 __tablename__ = 'user_to_perm'
3321 3321 __table_args__ = (
3322 3322 UniqueConstraint('user_id', 'permission_id'),
3323 3323 base_table_args
3324 3324 )
3325 3325
3326 3326 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3327 3327 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3328 3328 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3329 3329
3330 3330 user = relationship('User')
3331 3331 permission = relationship('Permission', lazy='joined')
3332 3332
3333 3333 def __unicode__(self):
3334 3334 return u'<%s => %s >' % (self.user, self.permission)
3335 3335
3336 3336
3337 3337 class UserGroupRepoToPerm(Base, BaseModel):
3338 3338 __tablename__ = 'users_group_repo_to_perm'
3339 3339 __table_args__ = (
3340 3340 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
3341 3341 base_table_args
3342 3342 )
3343 3343
3344 3344 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3345 3345 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3346 3346 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3347 3347 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3348 3348
3349 3349 users_group = relationship('UserGroup')
3350 3350 permission = relationship('Permission')
3351 3351 repository = relationship('Repository')
3352 3352 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission', cascade='all')
3353 3353
3354 3354 @classmethod
3355 3355 def create(cls, users_group, repository, permission):
3356 3356 n = cls()
3357 3357 n.users_group = users_group
3358 3358 n.repository = repository
3359 3359 n.permission = permission
3360 3360 Session().add(n)
3361 3361 return n
3362 3362
3363 3363 def __unicode__(self):
3364 3364 return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
3365 3365
3366 3366
3367 3367 class UserGroupUserGroupToPerm(Base, BaseModel):
3368 3368 __tablename__ = 'user_group_user_group_to_perm'
3369 3369 __table_args__ = (
3370 3370 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
3371 3371 CheckConstraint('target_user_group_id != user_group_id'),
3372 3372 base_table_args
3373 3373 )
3374 3374
3375 3375 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3376 3376 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3377 3377 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3378 3378 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3379 3379
3380 3380 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
3381 3381 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3382 3382 permission = relationship('Permission')
3383 3383
3384 3384 @classmethod
3385 3385 def create(cls, target_user_group, user_group, permission):
3386 3386 n = cls()
3387 3387 n.target_user_group = target_user_group
3388 3388 n.user_group = user_group
3389 3389 n.permission = permission
3390 3390 Session().add(n)
3391 3391 return n
3392 3392
3393 3393 def __unicode__(self):
3394 3394 return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
3395 3395
3396 3396
3397 3397 class UserGroupToPerm(Base, BaseModel):
3398 3398 __tablename__ = 'users_group_to_perm'
3399 3399 __table_args__ = (
3400 3400 UniqueConstraint('users_group_id', 'permission_id',),
3401 3401 base_table_args
3402 3402 )
3403 3403
3404 3404 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3405 3405 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3406 3406 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3407 3407
3408 3408 users_group = relationship('UserGroup')
3409 3409 permission = relationship('Permission')
3410 3410
3411 3411
3412 3412 class UserRepoGroupToPerm(Base, BaseModel):
3413 3413 __tablename__ = 'user_repo_group_to_perm'
3414 3414 __table_args__ = (
3415 3415 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3416 3416 base_table_args
3417 3417 )
3418 3418
3419 3419 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3420 3420 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3421 3421 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3422 3422 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3423 3423
3424 3424 user = relationship('User')
3425 3425 group = relationship('RepoGroup')
3426 3426 permission = relationship('Permission')
3427 3427
3428 3428 @classmethod
3429 3429 def create(cls, user, repository_group, permission):
3430 3430 n = cls()
3431 3431 n.user = user
3432 3432 n.group = repository_group
3433 3433 n.permission = permission
3434 3434 Session().add(n)
3435 3435 return n
3436 3436
3437 3437
3438 3438 class UserGroupRepoGroupToPerm(Base, BaseModel):
3439 3439 __tablename__ = 'users_group_repo_group_to_perm'
3440 3440 __table_args__ = (
3441 3441 UniqueConstraint('users_group_id', 'group_id'),
3442 3442 base_table_args
3443 3443 )
3444 3444
3445 3445 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3446 3446 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3447 3447 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3448 3448 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3449 3449
3450 3450 users_group = relationship('UserGroup')
3451 3451 permission = relationship('Permission')
3452 3452 group = relationship('RepoGroup')
3453 3453
3454 3454 @classmethod
3455 3455 def create(cls, user_group, repository_group, permission):
3456 3456 n = cls()
3457 3457 n.users_group = user_group
3458 3458 n.group = repository_group
3459 3459 n.permission = permission
3460 3460 Session().add(n)
3461 3461 return n
3462 3462
3463 3463 def __unicode__(self):
3464 3464 return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3465 3465
3466 3466
3467 3467 class Statistics(Base, BaseModel):
3468 3468 __tablename__ = 'statistics'
3469 3469 __table_args__ = (
3470 3470 base_table_args
3471 3471 )
3472 3472
3473 3473 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3474 3474 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3475 3475 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3476 3476 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
3477 3477 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
3478 3478 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
3479 3479
3480 3480 repository = relationship('Repository', single_parent=True)
3481 3481
3482 3482
3483 3483 class UserFollowing(Base, BaseModel):
3484 3484 __tablename__ = 'user_followings'
3485 3485 __table_args__ = (
3486 3486 UniqueConstraint('user_id', 'follows_repository_id'),
3487 3487 UniqueConstraint('user_id', 'follows_user_id'),
3488 3488 base_table_args
3489 3489 )
3490 3490
3491 3491 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3492 3492 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3493 3493 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3494 3494 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3495 3495 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3496 3496
3497 3497 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
3498 3498
3499 3499 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3500 3500 follows_repository = relationship('Repository', order_by='Repository.repo_name')
3501 3501
3502 3502 @classmethod
3503 3503 def get_repo_followers(cls, repo_id):
3504 3504 return cls.query().filter(cls.follows_repo_id == repo_id)
3505 3505
3506 3506
3507 3507 class CacheKey(Base, BaseModel):
3508 3508 __tablename__ = 'cache_invalidation'
3509 3509 __table_args__ = (
3510 3510 UniqueConstraint('cache_key'),
3511 3511 Index('key_idx', 'cache_key'),
3512 3512 base_table_args,
3513 3513 )
3514 3514
3515 3515 CACHE_TYPE_FEED = 'FEED'
3516 3516
3517 3517 # namespaces used to register process/thread aware caches
3518 3518 REPO_INVALIDATION_NAMESPACE = 'repo_cache:{repo_id}'
3519 3519 SETTINGS_INVALIDATION_NAMESPACE = 'system_settings'
3520 3520
3521 3521 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3522 3522 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3523 3523 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3524 3524 cache_state_uid = Column("cache_state_uid", String(255), nullable=True, unique=None, default=None)
3525 3525 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3526 3526
3527 3527 def __init__(self, cache_key, cache_args='', cache_state_uid=None):
3528 3528 self.cache_key = cache_key
3529 3529 self.cache_args = cache_args
3530 3530 self.cache_active = False
3531 3531 # first key should be same for all entries, since all workers should share it
3532 3532 self.cache_state_uid = cache_state_uid or self.generate_new_state_uid()
3533 3533
3534 3534 def __unicode__(self):
3535 3535 return u"<%s('%s:%s[%s]')>" % (
3536 3536 self.__class__.__name__,
3537 3537 self.cache_id, self.cache_key, self.cache_active)
3538 3538
3539 3539 def _cache_key_partition(self):
3540 3540 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3541 3541 return prefix, repo_name, suffix
3542 3542
3543 3543 def get_prefix(self):
3544 3544 """
3545 3545 Try to extract prefix from existing cache key. The key could consist
3546 3546 of prefix, repo_name, suffix
3547 3547 """
3548 3548 # this returns prefix, repo_name, suffix
3549 3549 return self._cache_key_partition()[0]
3550 3550
3551 3551 def get_suffix(self):
3552 3552 """
3553 3553 get suffix that might have been used in _get_cache_key to
3554 3554 generate self.cache_key. Only used for informational purposes
3555 3555 in repo_edit.mako.
3556 3556 """
3557 3557 # prefix, repo_name, suffix
3558 3558 return self._cache_key_partition()[2]
3559 3559
3560 3560 @classmethod
3561 3561 def generate_new_state_uid(cls, based_on=None):
3562 3562 if based_on:
3563 3563 return str(uuid.uuid5(uuid.NAMESPACE_URL, safe_str(based_on)))
3564 3564 else:
3565 3565 return str(uuid.uuid4())
3566 3566
3567 3567 @classmethod
3568 3568 def delete_all_cache(cls):
3569 3569 """
3570 3570 Delete all cache keys from database.
3571 3571 Should only be run when all instances are down and all entries
3572 3572 thus stale.
3573 3573 """
3574 3574 cls.query().delete()
3575 3575 Session().commit()
3576 3576
3577 3577 @classmethod
3578 3578 def set_invalidate(cls, cache_uid, delete=False):
3579 3579 """
3580 3580 Mark all caches of a repo as invalid in the database.
3581 3581 """
3582 3582
3583 3583 try:
3584 3584 qry = Session().query(cls).filter(cls.cache_args == cache_uid)
3585 3585 if delete:
3586 3586 qry.delete()
3587 3587 log.debug('cache objects deleted for cache args %s',
3588 3588 safe_str(cache_uid))
3589 3589 else:
3590 3590 qry.update({"cache_active": False,
3591 3591 "cache_state_uid": cls.generate_new_state_uid()})
3592 3592 log.debug('cache objects marked as invalid for cache args %s',
3593 3593 safe_str(cache_uid))
3594 3594
3595 3595 Session().commit()
3596 3596 except Exception:
3597 3597 log.exception(
3598 3598 'Cache key invalidation failed for cache args %s',
3599 3599 safe_str(cache_uid))
3600 3600 Session().rollback()
3601 3601
3602 3602 @classmethod
3603 3603 def get_active_cache(cls, cache_key):
3604 3604 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3605 3605 if inv_obj:
3606 3606 return inv_obj
3607 3607 return None
3608 3608
3609 3609 @classmethod
3610 3610 def get_namespace_map(cls, namespace):
3611 3611 return {
3612 3612 x.cache_key: x
3613 3613 for x in cls.query().filter(cls.cache_args == namespace)}
3614 3614
3615 3615
3616 3616 class ChangesetComment(Base, BaseModel):
3617 3617 __tablename__ = 'changeset_comments'
3618 3618 __table_args__ = (
3619 3619 Index('cc_revision_idx', 'revision'),
3620 3620 base_table_args,
3621 3621 )
3622 3622
3623 3623 COMMENT_OUTDATED = u'comment_outdated'
3624 3624 COMMENT_TYPE_NOTE = u'note'
3625 3625 COMMENT_TYPE_TODO = u'todo'
3626 3626 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3627 3627
3628 3628 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3629 3629 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3630 3630 revision = Column('revision', String(40), nullable=True)
3631 3631 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3632 3632 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3633 3633 line_no = Column('line_no', Unicode(10), nullable=True)
3634 3634 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3635 3635 f_path = Column('f_path', Unicode(1000), nullable=True)
3636 3636 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3637 3637 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3638 3638 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3639 3639 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3640 3640 renderer = Column('renderer', Unicode(64), nullable=True)
3641 3641 display_state = Column('display_state', Unicode(128), nullable=True)
3642 3642
3643 3643 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3644 3644 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3645 3645
3646 3646 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, back_populates='resolved_by')
3647 3647 resolved_by = relationship('ChangesetComment', back_populates='resolved_comment')
3648 3648
3649 3649 author = relationship('User', lazy='joined')
3650 3650 repo = relationship('Repository')
3651 3651 status_change = relationship('ChangesetStatus', cascade="all, delete-orphan", lazy='joined')
3652 3652 pull_request = relationship('PullRequest', lazy='joined')
3653 3653 pull_request_version = relationship('PullRequestVersion')
3654 3654
3655 3655 @classmethod
3656 3656 def get_users(cls, revision=None, pull_request_id=None):
3657 3657 """
3658 3658 Returns user associated with this ChangesetComment. ie those
3659 3659 who actually commented
3660 3660
3661 3661 :param cls:
3662 3662 :param revision:
3663 3663 """
3664 3664 q = Session().query(User)\
3665 3665 .join(ChangesetComment.author)
3666 3666 if revision:
3667 3667 q = q.filter(cls.revision == revision)
3668 3668 elif pull_request_id:
3669 3669 q = q.filter(cls.pull_request_id == pull_request_id)
3670 3670 return q.all()
3671 3671
3672 3672 @classmethod
3673 3673 def get_index_from_version(cls, pr_version, versions):
3674 3674 num_versions = [x.pull_request_version_id for x in versions]
3675 3675 try:
3676 3676 return num_versions.index(pr_version) +1
3677 3677 except (IndexError, ValueError):
3678 3678 return
3679 3679
3680 3680 @property
3681 3681 def outdated(self):
3682 3682 return self.display_state == self.COMMENT_OUTDATED
3683 3683
3684 3684 def outdated_at_version(self, version):
3685 3685 """
3686 3686 Checks if comment is outdated for given pull request version
3687 3687 """
3688 3688 return self.outdated and self.pull_request_version_id != version
3689 3689
3690 3690 def older_than_version(self, version):
3691 3691 """
3692 3692 Checks if comment is made from previous version than given
3693 3693 """
3694 3694 if version is None:
3695 3695 return self.pull_request_version_id is not None
3696 3696
3697 3697 return self.pull_request_version_id < version
3698 3698
3699 3699 @property
3700 3700 def resolved(self):
3701 3701 return self.resolved_by[0] if self.resolved_by else None
3702 3702
3703 3703 @property
3704 3704 def is_todo(self):
3705 3705 return self.comment_type == self.COMMENT_TYPE_TODO
3706 3706
3707 3707 @property
3708 3708 def is_inline(self):
3709 3709 return self.line_no and self.f_path
3710 3710
3711 3711 def get_index_version(self, versions):
3712 3712 return self.get_index_from_version(
3713 3713 self.pull_request_version_id, versions)
3714 3714
3715 3715 def __repr__(self):
3716 3716 if self.comment_id:
3717 3717 return '<DB:Comment #%s>' % self.comment_id
3718 3718 else:
3719 3719 return '<DB:Comment at %#x>' % id(self)
3720 3720
3721 3721 def get_api_data(self):
3722 3722 comment = self
3723 3723 data = {
3724 3724 'comment_id': comment.comment_id,
3725 3725 'comment_type': comment.comment_type,
3726 3726 'comment_text': comment.text,
3727 3727 'comment_status': comment.status_change,
3728 3728 'comment_f_path': comment.f_path,
3729 3729 'comment_lineno': comment.line_no,
3730 3730 'comment_author': comment.author,
3731 3731 'comment_created_on': comment.created_on,
3732 3732 'comment_resolved_by': self.resolved
3733 3733 }
3734 3734 return data
3735 3735
3736 3736 def __json__(self):
3737 3737 data = dict()
3738 3738 data.update(self.get_api_data())
3739 3739 return data
3740 3740
3741 3741
3742 3742 class ChangesetStatus(Base, BaseModel):
3743 3743 __tablename__ = 'changeset_statuses'
3744 3744 __table_args__ = (
3745 3745 Index('cs_revision_idx', 'revision'),
3746 3746 Index('cs_version_idx', 'version'),
3747 3747 UniqueConstraint('repo_id', 'revision', 'version'),
3748 3748 base_table_args
3749 3749 )
3750 3750
3751 3751 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
3752 3752 STATUS_APPROVED = 'approved'
3753 3753 STATUS_REJECTED = 'rejected'
3754 3754 STATUS_UNDER_REVIEW = 'under_review'
3755 3755
3756 3756 STATUSES = [
3757 3757 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
3758 3758 (STATUS_APPROVED, _("Approved")),
3759 3759 (STATUS_REJECTED, _("Rejected")),
3760 3760 (STATUS_UNDER_REVIEW, _("Under Review")),
3761 3761 ]
3762 3762
3763 3763 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
3764 3764 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3765 3765 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
3766 3766 revision = Column('revision', String(40), nullable=False)
3767 3767 status = Column('status', String(128), nullable=False, default=DEFAULT)
3768 3768 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
3769 3769 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
3770 3770 version = Column('version', Integer(), nullable=False, default=0)
3771 3771 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3772 3772
3773 3773 author = relationship('User', lazy='joined')
3774 3774 repo = relationship('Repository')
3775 3775 comment = relationship('ChangesetComment', lazy='joined')
3776 3776 pull_request = relationship('PullRequest', lazy='joined')
3777 3777
3778 3778 def __unicode__(self):
3779 3779 return u"<%s('%s[v%s]:%s')>" % (
3780 3780 self.__class__.__name__,
3781 3781 self.status, self.version, self.author
3782 3782 )
3783 3783
3784 3784 @classmethod
3785 3785 def get_status_lbl(cls, value):
3786 3786 return dict(cls.STATUSES).get(value)
3787 3787
3788 3788 @property
3789 3789 def status_lbl(self):
3790 3790 return ChangesetStatus.get_status_lbl(self.status)
3791 3791
3792 3792 def get_api_data(self):
3793 3793 status = self
3794 3794 data = {
3795 3795 'status_id': status.changeset_status_id,
3796 3796 'status': status.status,
3797 3797 }
3798 3798 return data
3799 3799
3800 3800 def __json__(self):
3801 3801 data = dict()
3802 3802 data.update(self.get_api_data())
3803 3803 return data
3804 3804
3805 3805
3806 3806 class _SetState(object):
3807 3807 """
3808 3808 Context processor allowing changing state for sensitive operation such as
3809 3809 pull request update or merge
3810 3810 """
3811 3811
3812 3812 def __init__(self, pull_request, pr_state, back_state=None):
3813 3813 self._pr = pull_request
3814 3814 self._org_state = back_state or pull_request.pull_request_state
3815 3815 self._pr_state = pr_state
3816 3816 self._current_state = None
3817 3817
3818 3818 def __enter__(self):
3819 3819 log.debug('StateLock: entering set state context, setting state to: `%s`',
3820 3820 self._pr_state)
3821 3821 self.set_pr_state(self._pr_state)
3822 3822 return self
3823 3823
3824 3824 def __exit__(self, exc_type, exc_val, exc_tb):
3825 3825 if exc_val is not None:
3826 3826 log.error(traceback.format_exc(exc_tb))
3827 3827 return None
3828 3828
3829 3829 self.set_pr_state(self._org_state)
3830 3830 log.debug('StateLock: exiting set state context, setting state to: `%s`',
3831 3831 self._org_state)
3832 3832 @property
3833 3833 def state(self):
3834 3834 return self._current_state
3835 3835
3836 3836 def set_pr_state(self, pr_state):
3837 3837 try:
3838 3838 self._pr.pull_request_state = pr_state
3839 3839 Session().add(self._pr)
3840 3840 Session().commit()
3841 3841 self._current_state = pr_state
3842 3842 except Exception:
3843 3843 log.exception('Failed to set PullRequest %s state to %s', self._pr, pr_state)
3844 3844 raise
3845 3845
3846 3846 class _PullRequestBase(BaseModel):
3847 3847 """
3848 3848 Common attributes of pull request and version entries.
3849 3849 """
3850 3850
3851 3851 # .status values
3852 3852 STATUS_NEW = u'new'
3853 3853 STATUS_OPEN = u'open'
3854 3854 STATUS_CLOSED = u'closed'
3855 3855
3856 3856 # available states
3857 3857 STATE_CREATING = u'creating'
3858 3858 STATE_UPDATING = u'updating'
3859 3859 STATE_MERGING = u'merging'
3860 3860 STATE_CREATED = u'created'
3861 3861
3862 3862 title = Column('title', Unicode(255), nullable=True)
3863 3863 description = Column(
3864 3864 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
3865 3865 nullable=True)
3866 3866 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
3867 3867
3868 3868 # new/open/closed status of pull request (not approve/reject/etc)
3869 3869 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
3870 3870 created_on = Column(
3871 3871 'created_on', DateTime(timezone=False), nullable=False,
3872 3872 default=datetime.datetime.now)
3873 3873 updated_on = Column(
3874 3874 'updated_on', DateTime(timezone=False), nullable=False,
3875 3875 default=datetime.datetime.now)
3876 3876
3877 3877 pull_request_state = Column("pull_request_state", String(255), nullable=True)
3878 3878
3879 3879 @declared_attr
3880 3880 def user_id(cls):
3881 3881 return Column(
3882 3882 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
3883 3883 unique=None)
3884 3884
3885 3885 # 500 revisions max
3886 3886 _revisions = Column(
3887 3887 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
3888 3888
3889 3889 @declared_attr
3890 3890 def source_repo_id(cls):
3891 3891 # TODO: dan: rename column to source_repo_id
3892 3892 return Column(
3893 3893 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3894 3894 nullable=False)
3895 3895
3896 3896 _source_ref = Column('org_ref', Unicode(255), nullable=False)
3897 3897
3898 3898 @hybrid_property
3899 3899 def source_ref(self):
3900 3900 return self._source_ref
3901 3901
3902 3902 @source_ref.setter
3903 3903 def source_ref(self, val):
3904 3904 parts = (val or '').split(':')
3905 3905 if len(parts) != 3:
3906 3906 raise ValueError(
3907 3907 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
3908 3908 self._source_ref = safe_unicode(val)
3909 3909
3910 3910 _target_ref = Column('other_ref', Unicode(255), nullable=False)
3911 3911
3912 3912 @hybrid_property
3913 3913 def target_ref(self):
3914 3914 return self._target_ref
3915 3915
3916 3916 @target_ref.setter
3917 3917 def target_ref(self, val):
3918 3918 parts = (val or '').split(':')
3919 3919 if len(parts) != 3:
3920 3920 raise ValueError(
3921 3921 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
3922 3922 self._target_ref = safe_unicode(val)
3923 3923
3924 3924 @declared_attr
3925 3925 def target_repo_id(cls):
3926 3926 # TODO: dan: rename column to target_repo_id
3927 3927 return Column(
3928 3928 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3929 3929 nullable=False)
3930 3930
3931 3931 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
3932 3932
3933 3933 # TODO: dan: rename column to last_merge_source_rev
3934 3934 _last_merge_source_rev = Column(
3935 3935 'last_merge_org_rev', String(40), nullable=True)
3936 3936 # TODO: dan: rename column to last_merge_target_rev
3937 3937 _last_merge_target_rev = Column(
3938 3938 'last_merge_other_rev', String(40), nullable=True)
3939 3939 _last_merge_status = Column('merge_status', Integer(), nullable=True)
3940 3940 merge_rev = Column('merge_rev', String(40), nullable=True)
3941 3941
3942 3942 reviewer_data = Column(
3943 3943 'reviewer_data_json', MutationObj.as_mutable(
3944 3944 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3945 3945
3946 3946 @property
3947 3947 def reviewer_data_json(self):
3948 3948 return json.dumps(self.reviewer_data)
3949 3949
3950 3950 @hybrid_property
3951 3951 def description_safe(self):
3952 3952 from rhodecode.lib import helpers as h
3953 3953 return h.escape(self.description)
3954 3954
3955 3955 @hybrid_property
3956 3956 def revisions(self):
3957 3957 return self._revisions.split(':') if self._revisions else []
3958 3958
3959 3959 @revisions.setter
3960 3960 def revisions(self, val):
3961 3961 self._revisions = u':'.join(val)
3962 3962
3963 3963 @hybrid_property
3964 3964 def last_merge_status(self):
3965 3965 return safe_int(self._last_merge_status)
3966 3966
3967 3967 @last_merge_status.setter
3968 3968 def last_merge_status(self, val):
3969 3969 self._last_merge_status = val
3970 3970
3971 3971 @declared_attr
3972 3972 def author(cls):
3973 3973 return relationship('User', lazy='joined')
3974 3974
3975 3975 @declared_attr
3976 3976 def source_repo(cls):
3977 3977 return relationship(
3978 3978 'Repository',
3979 3979 primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
3980 3980
3981 3981 @property
3982 3982 def source_ref_parts(self):
3983 3983 return self.unicode_to_reference(self.source_ref)
3984 3984
3985 3985 @declared_attr
3986 3986 def target_repo(cls):
3987 3987 return relationship(
3988 3988 'Repository',
3989 3989 primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
3990 3990
3991 3991 @property
3992 3992 def target_ref_parts(self):
3993 3993 return self.unicode_to_reference(self.target_ref)
3994 3994
3995 3995 @property
3996 3996 def shadow_merge_ref(self):
3997 3997 return self.unicode_to_reference(self._shadow_merge_ref)
3998 3998
3999 3999 @shadow_merge_ref.setter
4000 4000 def shadow_merge_ref(self, ref):
4001 4001 self._shadow_merge_ref = self.reference_to_unicode(ref)
4002 4002
4003 4003 @staticmethod
4004 4004 def unicode_to_reference(raw):
4005 4005 """
4006 4006 Convert a unicode (or string) to a reference object.
4007 4007 If unicode evaluates to False it returns None.
4008 4008 """
4009 4009 if raw:
4010 4010 refs = raw.split(':')
4011 4011 return Reference(*refs)
4012 4012 else:
4013 4013 return None
4014 4014
4015 4015 @staticmethod
4016 4016 def reference_to_unicode(ref):
4017 4017 """
4018 4018 Convert a reference object to unicode.
4019 4019 If reference is None it returns None.
4020 4020 """
4021 4021 if ref:
4022 4022 return u':'.join(ref)
4023 4023 else:
4024 4024 return None
4025 4025
4026 4026 def get_api_data(self, with_merge_state=True):
4027 4027 from rhodecode.model.pull_request import PullRequestModel
4028 4028
4029 4029 pull_request = self
4030 4030 if with_merge_state:
4031 4031 merge_status = PullRequestModel().merge_status(pull_request)
4032 4032 merge_state = {
4033 4033 'status': merge_status[0],
4034 4034 'message': safe_unicode(merge_status[1]),
4035 4035 }
4036 4036 else:
4037 4037 merge_state = {'status': 'not_available',
4038 4038 'message': 'not_available'}
4039 4039
4040 4040 merge_data = {
4041 4041 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
4042 4042 'reference': (
4043 4043 pull_request.shadow_merge_ref._asdict()
4044 4044 if pull_request.shadow_merge_ref else None),
4045 4045 }
4046 4046
4047 4047 data = {
4048 4048 'pull_request_id': pull_request.pull_request_id,
4049 4049 'url': PullRequestModel().get_url(pull_request),
4050 4050 'title': pull_request.title,
4051 4051 'description': pull_request.description,
4052 4052 'status': pull_request.status,
4053 4053 'state': pull_request.pull_request_state,
4054 4054 'created_on': pull_request.created_on,
4055 4055 'updated_on': pull_request.updated_on,
4056 4056 'commit_ids': pull_request.revisions,
4057 4057 'review_status': pull_request.calculated_review_status(),
4058 4058 'mergeable': merge_state,
4059 4059 'source': {
4060 4060 'clone_url': pull_request.source_repo.clone_url(),
4061 4061 'repository': pull_request.source_repo.repo_name,
4062 4062 'reference': {
4063 4063 'name': pull_request.source_ref_parts.name,
4064 4064 'type': pull_request.source_ref_parts.type,
4065 4065 'commit_id': pull_request.source_ref_parts.commit_id,
4066 4066 },
4067 4067 },
4068 4068 'target': {
4069 4069 'clone_url': pull_request.target_repo.clone_url(),
4070 4070 'repository': pull_request.target_repo.repo_name,
4071 4071 'reference': {
4072 4072 'name': pull_request.target_ref_parts.name,
4073 4073 'type': pull_request.target_ref_parts.type,
4074 4074 'commit_id': pull_request.target_ref_parts.commit_id,
4075 4075 },
4076 4076 },
4077 4077 'merge': merge_data,
4078 4078 'author': pull_request.author.get_api_data(include_secrets=False,
4079 4079 details='basic'),
4080 4080 'reviewers': [
4081 4081 {
4082 4082 'user': reviewer.get_api_data(include_secrets=False,
4083 4083 details='basic'),
4084 4084 'reasons': reasons,
4085 4085 'review_status': st[0][1].status if st else 'not_reviewed',
4086 4086 }
4087 4087 for obj, reviewer, reasons, mandatory, st in
4088 4088 pull_request.reviewers_statuses()
4089 4089 ]
4090 4090 }
4091 4091
4092 4092 return data
4093 4093
4094 4094 def set_state(self, pull_request_state, final_state=None):
4095 4095 """
4096 4096 # goes from initial state to updating to initial state.
4097 4097 # initial state can be changed by specifying back_state=
4098 4098 with pull_request_obj.set_state(PullRequest.STATE_UPDATING):
4099 4099 pull_request.merge()
4100 4100
4101 4101 :param pull_request_state:
4102 4102 :param final_state:
4103 4103
4104 4104 """
4105 4105
4106 4106 return _SetState(self, pull_request_state, back_state=final_state)
4107 4107
4108 4108
4109 4109 class PullRequest(Base, _PullRequestBase):
4110 4110 __tablename__ = 'pull_requests'
4111 4111 __table_args__ = (
4112 4112 base_table_args,
4113 4113 )
4114 4114
4115 4115 pull_request_id = Column(
4116 4116 'pull_request_id', Integer(), nullable=False, primary_key=True)
4117 4117
4118 4118 def __repr__(self):
4119 4119 if self.pull_request_id:
4120 4120 return '<DB:PullRequest #%s>' % self.pull_request_id
4121 4121 else:
4122 4122 return '<DB:PullRequest at %#x>' % id(self)
4123 4123
4124 4124 reviewers = relationship('PullRequestReviewers',
4125 4125 cascade="all, delete-orphan")
4126 4126 statuses = relationship('ChangesetStatus',
4127 4127 cascade="all, delete-orphan")
4128 4128 comments = relationship('ChangesetComment',
4129 4129 cascade="all, delete-orphan")
4130 4130 versions = relationship('PullRequestVersion',
4131 4131 cascade="all, delete-orphan",
4132 4132 lazy='dynamic')
4133 4133
4134 4134 @classmethod
4135 4135 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
4136 4136 internal_methods=None):
4137 4137
4138 4138 class PullRequestDisplay(object):
4139 4139 """
4140 4140 Special object wrapper for showing PullRequest data via Versions
4141 4141 It mimics PR object as close as possible. This is read only object
4142 4142 just for display
4143 4143 """
4144 4144
4145 4145 def __init__(self, attrs, internal=None):
4146 4146 self.attrs = attrs
4147 4147 # internal have priority over the given ones via attrs
4148 4148 self.internal = internal or ['versions']
4149 4149
4150 4150 def __getattr__(self, item):
4151 4151 if item in self.internal:
4152 4152 return getattr(self, item)
4153 4153 try:
4154 4154 return self.attrs[item]
4155 4155 except KeyError:
4156 4156 raise AttributeError(
4157 4157 '%s object has no attribute %s' % (self, item))
4158 4158
4159 4159 def __repr__(self):
4160 4160 return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
4161 4161
4162 4162 def versions(self):
4163 4163 return pull_request_obj.versions.order_by(
4164 4164 PullRequestVersion.pull_request_version_id).all()
4165 4165
4166 4166 def is_closed(self):
4167 4167 return pull_request_obj.is_closed()
4168 4168
4169 4169 @property
4170 4170 def pull_request_version_id(self):
4171 4171 return getattr(pull_request_obj, 'pull_request_version_id', None)
4172 4172
4173 4173 attrs = StrictAttributeDict(pull_request_obj.get_api_data(with_merge_state=False))
4174 4174
4175 4175 attrs.author = StrictAttributeDict(
4176 4176 pull_request_obj.author.get_api_data())
4177 4177 if pull_request_obj.target_repo:
4178 4178 attrs.target_repo = StrictAttributeDict(
4179 4179 pull_request_obj.target_repo.get_api_data())
4180 4180 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
4181 4181
4182 4182 if pull_request_obj.source_repo:
4183 4183 attrs.source_repo = StrictAttributeDict(
4184 4184 pull_request_obj.source_repo.get_api_data())
4185 4185 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
4186 4186
4187 4187 attrs.source_ref_parts = pull_request_obj.source_ref_parts
4188 4188 attrs.target_ref_parts = pull_request_obj.target_ref_parts
4189 4189 attrs.revisions = pull_request_obj.revisions
4190 4190
4191 4191 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
4192 4192 attrs.reviewer_data = org_pull_request_obj.reviewer_data
4193 4193 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
4194 4194
4195 4195 return PullRequestDisplay(attrs, internal=internal_methods)
4196 4196
4197 4197 def is_closed(self):
4198 4198 return self.status == self.STATUS_CLOSED
4199 4199
4200 4200 def __json__(self):
4201 4201 return {
4202 4202 'revisions': self.revisions,
4203 4203 }
4204 4204
4205 4205 def calculated_review_status(self):
4206 4206 from rhodecode.model.changeset_status import ChangesetStatusModel
4207 4207 return ChangesetStatusModel().calculated_review_status(self)
4208 4208
4209 4209 def reviewers_statuses(self):
4210 4210 from rhodecode.model.changeset_status import ChangesetStatusModel
4211 4211 return ChangesetStatusModel().reviewers_statuses(self)
4212 4212
4213 4213 @property
4214 4214 def workspace_id(self):
4215 4215 from rhodecode.model.pull_request import PullRequestModel
4216 4216 return PullRequestModel()._workspace_id(self)
4217 4217
4218 4218 def get_shadow_repo(self):
4219 4219 workspace_id = self.workspace_id
4220 4220 shadow_repository_path = self.target_repo.get_shadow_repository_path(workspace_id)
4221 4221 if os.path.isdir(shadow_repository_path):
4222 4222 vcs_obj = self.target_repo.scm_instance()
4223 4223 return vcs_obj.get_shadow_instance(shadow_repository_path)
4224 4224
4225 4225
4226 4226 class PullRequestVersion(Base, _PullRequestBase):
4227 4227 __tablename__ = 'pull_request_versions'
4228 4228 __table_args__ = (
4229 4229 base_table_args,
4230 4230 )
4231 4231
4232 4232 pull_request_version_id = Column(
4233 4233 'pull_request_version_id', Integer(), nullable=False, primary_key=True)
4234 4234 pull_request_id = Column(
4235 4235 'pull_request_id', Integer(),
4236 4236 ForeignKey('pull_requests.pull_request_id'), nullable=False)
4237 4237 pull_request = relationship('PullRequest')
4238 4238
4239 4239 def __repr__(self):
4240 4240 if self.pull_request_version_id:
4241 4241 return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
4242 4242 else:
4243 4243 return '<DB:PullRequestVersion at %#x>' % id(self)
4244 4244
4245 4245 @property
4246 4246 def reviewers(self):
4247 4247 return self.pull_request.reviewers
4248 4248
4249 4249 @property
4250 4250 def versions(self):
4251 4251 return self.pull_request.versions
4252 4252
4253 4253 def is_closed(self):
4254 4254 # calculate from original
4255 4255 return self.pull_request.status == self.STATUS_CLOSED
4256 4256
4257 4257 def calculated_review_status(self):
4258 4258 return self.pull_request.calculated_review_status()
4259 4259
4260 4260 def reviewers_statuses(self):
4261 4261 return self.pull_request.reviewers_statuses()
4262 4262
4263 4263
4264 4264 class PullRequestReviewers(Base, BaseModel):
4265 4265 __tablename__ = 'pull_request_reviewers'
4266 4266 __table_args__ = (
4267 4267 base_table_args,
4268 4268 )
4269 4269
4270 4270 @hybrid_property
4271 4271 def reasons(self):
4272 4272 if not self._reasons:
4273 4273 return []
4274 4274 return self._reasons
4275 4275
4276 4276 @reasons.setter
4277 4277 def reasons(self, val):
4278 4278 val = val or []
4279 4279 if any(not isinstance(x, compat.string_types) for x in val):
4280 4280 raise Exception('invalid reasons type, must be list of strings')
4281 4281 self._reasons = val
4282 4282
4283 4283 pull_requests_reviewers_id = Column(
4284 4284 'pull_requests_reviewers_id', Integer(), nullable=False,
4285 4285 primary_key=True)
4286 4286 pull_request_id = Column(
4287 4287 "pull_request_id", Integer(),
4288 4288 ForeignKey('pull_requests.pull_request_id'), nullable=False)
4289 4289 user_id = Column(
4290 4290 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
4291 4291 _reasons = Column(
4292 4292 'reason', MutationList.as_mutable(
4293 4293 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
4294 4294
4295 4295 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4296 4296 user = relationship('User')
4297 4297 pull_request = relationship('PullRequest')
4298 4298
4299 4299 rule_data = Column(
4300 4300 'rule_data_json',
4301 4301 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
4302 4302
4303 4303 def rule_user_group_data(self):
4304 4304 """
4305 4305 Returns the voting user group rule data for this reviewer
4306 4306 """
4307 4307
4308 4308 if self.rule_data and 'vote_rule' in self.rule_data:
4309 4309 user_group_data = {}
4310 4310 if 'rule_user_group_entry_id' in self.rule_data:
4311 4311 # means a group with voting rules !
4312 4312 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
4313 4313 user_group_data['name'] = self.rule_data['rule_name']
4314 4314 user_group_data['vote_rule'] = self.rule_data['vote_rule']
4315 4315
4316 4316 return user_group_data
4317 4317
4318 4318 def __unicode__(self):
4319 4319 return u"<%s('id:%s')>" % (self.__class__.__name__,
4320 4320 self.pull_requests_reviewers_id)
4321 4321
4322 4322
4323 4323 class Notification(Base, BaseModel):
4324 4324 __tablename__ = 'notifications'
4325 4325 __table_args__ = (
4326 4326 Index('notification_type_idx', 'type'),
4327 4327 base_table_args,
4328 4328 )
4329 4329
4330 4330 TYPE_CHANGESET_COMMENT = u'cs_comment'
4331 4331 TYPE_MESSAGE = u'message'
4332 4332 TYPE_MENTION = u'mention'
4333 4333 TYPE_REGISTRATION = u'registration'
4334 4334 TYPE_PULL_REQUEST = u'pull_request'
4335 4335 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
4336 4336
4337 4337 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
4338 4338 subject = Column('subject', Unicode(512), nullable=True)
4339 4339 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4340 4340 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
4341 4341 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4342 4342 type_ = Column('type', Unicode(255))
4343 4343
4344 4344 created_by_user = relationship('User')
4345 4345 notifications_to_users = relationship('UserNotification', lazy='joined',
4346 4346 cascade="all, delete-orphan")
4347 4347
4348 4348 @property
4349 4349 def recipients(self):
4350 4350 return [x.user for x in UserNotification.query()\
4351 4351 .filter(UserNotification.notification == self)\
4352 4352 .order_by(UserNotification.user_id.asc()).all()]
4353 4353
4354 4354 @classmethod
4355 4355 def create(cls, created_by, subject, body, recipients, type_=None):
4356 4356 if type_ is None:
4357 4357 type_ = Notification.TYPE_MESSAGE
4358 4358
4359 4359 notification = cls()
4360 4360 notification.created_by_user = created_by
4361 4361 notification.subject = subject
4362 4362 notification.body = body
4363 4363 notification.type_ = type_
4364 4364 notification.created_on = datetime.datetime.now()
4365 4365
4366 4366 # For each recipient link the created notification to his account
4367 4367 for u in recipients:
4368 4368 assoc = UserNotification()
4369 4369 assoc.user_id = u.user_id
4370 4370 assoc.notification = notification
4371 4371
4372 4372 # if created_by is inside recipients mark his notification
4373 4373 # as read
4374 4374 if u.user_id == created_by.user_id:
4375 4375 assoc.read = True
4376 4376 Session().add(assoc)
4377 4377
4378 4378 Session().add(notification)
4379 4379
4380 4380 return notification
4381 4381
4382 4382
4383 4383 class UserNotification(Base, BaseModel):
4384 4384 __tablename__ = 'user_to_notification'
4385 4385 __table_args__ = (
4386 4386 UniqueConstraint('user_id', 'notification_id'),
4387 4387 base_table_args
4388 4388 )
4389 4389
4390 4390 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4391 4391 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
4392 4392 read = Column('read', Boolean, default=False)
4393 4393 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
4394 4394
4395 4395 user = relationship('User', lazy="joined")
4396 4396 notification = relationship('Notification', lazy="joined",
4397 4397 order_by=lambda: Notification.created_on.desc(),)
4398 4398
4399 4399 def mark_as_read(self):
4400 4400 self.read = True
4401 4401 Session().add(self)
4402 4402
4403 4403
4404 4404 class Gist(Base, BaseModel):
4405 4405 __tablename__ = 'gists'
4406 4406 __table_args__ = (
4407 4407 Index('g_gist_access_id_idx', 'gist_access_id'),
4408 4408 Index('g_created_on_idx', 'created_on'),
4409 4409 base_table_args
4410 4410 )
4411 4411
4412 4412 GIST_PUBLIC = u'public'
4413 4413 GIST_PRIVATE = u'private'
4414 4414 DEFAULT_FILENAME = u'gistfile1.txt'
4415 4415
4416 4416 ACL_LEVEL_PUBLIC = u'acl_public'
4417 4417 ACL_LEVEL_PRIVATE = u'acl_private'
4418 4418
4419 4419 gist_id = Column('gist_id', Integer(), primary_key=True)
4420 4420 gist_access_id = Column('gist_access_id', Unicode(250))
4421 4421 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
4422 4422 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
4423 4423 gist_expires = Column('gist_expires', Float(53), nullable=False)
4424 4424 gist_type = Column('gist_type', Unicode(128), nullable=False)
4425 4425 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4426 4426 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4427 4427 acl_level = Column('acl_level', Unicode(128), nullable=True)
4428 4428
4429 4429 owner = relationship('User')
4430 4430
4431 4431 def __repr__(self):
4432 4432 return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
4433 4433
4434 4434 @hybrid_property
4435 4435 def description_safe(self):
4436 4436 from rhodecode.lib import helpers as h
4437 4437 return h.escape(self.gist_description)
4438 4438
4439 4439 @classmethod
4440 4440 def get_or_404(cls, id_):
4441 4441 from pyramid.httpexceptions import HTTPNotFound
4442 4442
4443 4443 res = cls.query().filter(cls.gist_access_id == id_).scalar()
4444 4444 if not res:
4445 4445 raise HTTPNotFound()
4446 4446 return res
4447 4447
4448 4448 @classmethod
4449 4449 def get_by_access_id(cls, gist_access_id):
4450 4450 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
4451 4451
4452 4452 def gist_url(self):
4453 4453 from rhodecode.model.gist import GistModel
4454 4454 return GistModel().get_url(self)
4455 4455
4456 4456 @classmethod
4457 4457 def base_path(cls):
4458 4458 """
4459 4459 Returns base path when all gists are stored
4460 4460
4461 4461 :param cls:
4462 4462 """
4463 4463 from rhodecode.model.gist import GIST_STORE_LOC
4464 4464 q = Session().query(RhodeCodeUi)\
4465 4465 .filter(RhodeCodeUi.ui_key == URL_SEP)
4466 4466 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
4467 4467 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
4468 4468
4469 4469 def get_api_data(self):
4470 4470 """
4471 4471 Common function for generating gist related data for API
4472 4472 """
4473 4473 gist = self
4474 4474 data = {
4475 4475 'gist_id': gist.gist_id,
4476 4476 'type': gist.gist_type,
4477 4477 'access_id': gist.gist_access_id,
4478 4478 'description': gist.gist_description,
4479 4479 'url': gist.gist_url(),
4480 4480 'expires': gist.gist_expires,
4481 4481 'created_on': gist.created_on,
4482 4482 'modified_at': gist.modified_at,
4483 4483 'content': None,
4484 4484 'acl_level': gist.acl_level,
4485 4485 }
4486 4486 return data
4487 4487
4488 4488 def __json__(self):
4489 4489 data = dict(
4490 4490 )
4491 4491 data.update(self.get_api_data())
4492 4492 return data
4493 4493 # SCM functions
4494 4494
4495 4495 def scm_instance(self, **kwargs):
4496 4496 """
4497 4497 Get an instance of VCS Repository
4498 4498
4499 4499 :param kwargs:
4500 4500 """
4501 4501 from rhodecode.model.gist import GistModel
4502 4502 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
4503 4503 return get_vcs_instance(
4504 4504 repo_path=safe_str(full_repo_path), create=False,
4505 4505 _vcs_alias=GistModel.vcs_backend)
4506 4506
4507 4507
4508 4508 class ExternalIdentity(Base, BaseModel):
4509 4509 __tablename__ = 'external_identities'
4510 4510 __table_args__ = (
4511 4511 Index('local_user_id_idx', 'local_user_id'),
4512 4512 Index('external_id_idx', 'external_id'),
4513 4513 base_table_args
4514 4514 )
4515 4515
4516 4516 external_id = Column('external_id', Unicode(255), default=u'', primary_key=True)
4517 4517 external_username = Column('external_username', Unicode(1024), default=u'')
4518 4518 local_user_id = Column('local_user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4519 4519 provider_name = Column('provider_name', Unicode(255), default=u'', primary_key=True)
4520 4520 access_token = Column('access_token', String(1024), default=u'')
4521 4521 alt_token = Column('alt_token', String(1024), default=u'')
4522 4522 token_secret = Column('token_secret', String(1024), default=u'')
4523 4523
4524 4524 @classmethod
4525 4525 def by_external_id_and_provider(cls, external_id, provider_name, local_user_id=None):
4526 4526 """
4527 4527 Returns ExternalIdentity instance based on search params
4528 4528
4529 4529 :param external_id:
4530 4530 :param provider_name:
4531 4531 :return: ExternalIdentity
4532 4532 """
4533 4533 query = cls.query()
4534 4534 query = query.filter(cls.external_id == external_id)
4535 4535 query = query.filter(cls.provider_name == provider_name)
4536 4536 if local_user_id:
4537 4537 query = query.filter(cls.local_user_id == local_user_id)
4538 4538 return query.first()
4539 4539
4540 4540 @classmethod
4541 4541 def user_by_external_id_and_provider(cls, external_id, provider_name):
4542 4542 """
4543 4543 Returns User instance based on search params
4544 4544
4545 4545 :param external_id:
4546 4546 :param provider_name:
4547 4547 :return: User
4548 4548 """
4549 4549 query = User.query()
4550 4550 query = query.filter(cls.external_id == external_id)
4551 4551 query = query.filter(cls.provider_name == provider_name)
4552 4552 query = query.filter(User.user_id == cls.local_user_id)
4553 4553 return query.first()
4554 4554
4555 4555 @classmethod
4556 4556 def by_local_user_id(cls, local_user_id):
4557 4557 """
4558 4558 Returns all tokens for user
4559 4559
4560 4560 :param local_user_id:
4561 4561 :return: ExternalIdentity
4562 4562 """
4563 4563 query = cls.query()
4564 4564 query = query.filter(cls.local_user_id == local_user_id)
4565 4565 return query
4566 4566
4567 4567 @classmethod
4568 4568 def load_provider_plugin(cls, plugin_id):
4569 4569 from rhodecode.authentication.base import loadplugin
4570 4570 _plugin_id = 'egg:rhodecode-enterprise-ee#{}'.format(plugin_id)
4571 4571 auth_plugin = loadplugin(_plugin_id)
4572 4572 return auth_plugin
4573 4573
4574 4574
4575 4575 class Integration(Base, BaseModel):
4576 4576 __tablename__ = 'integrations'
4577 4577 __table_args__ = (
4578 4578 base_table_args
4579 4579 )
4580 4580
4581 4581 integration_id = Column('integration_id', Integer(), primary_key=True)
4582 4582 integration_type = Column('integration_type', String(255))
4583 4583 enabled = Column('enabled', Boolean(), nullable=False)
4584 4584 name = Column('name', String(255), nullable=False)
4585 4585 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
4586 4586 default=False)
4587 4587
4588 4588 settings = Column(
4589 4589 'settings_json', MutationObj.as_mutable(
4590 4590 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4591 4591 repo_id = Column(
4592 4592 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
4593 4593 nullable=True, unique=None, default=None)
4594 4594 repo = relationship('Repository', lazy='joined')
4595 4595
4596 4596 repo_group_id = Column(
4597 4597 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
4598 4598 nullable=True, unique=None, default=None)
4599 4599 repo_group = relationship('RepoGroup', lazy='joined')
4600 4600
4601 4601 @property
4602 4602 def scope(self):
4603 4603 if self.repo:
4604 4604 return repr(self.repo)
4605 4605 if self.repo_group:
4606 4606 if self.child_repos_only:
4607 4607 return repr(self.repo_group) + ' (child repos only)'
4608 4608 else:
4609 4609 return repr(self.repo_group) + ' (recursive)'
4610 4610 if self.child_repos_only:
4611 4611 return 'root_repos'
4612 4612 return 'global'
4613 4613
4614 4614 def __repr__(self):
4615 4615 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
4616 4616
4617 4617
4618 4618 class RepoReviewRuleUser(Base, BaseModel):
4619 4619 __tablename__ = 'repo_review_rules_users'
4620 4620 __table_args__ = (
4621 4621 base_table_args
4622 4622 )
4623 4623
4624 4624 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
4625 4625 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4626 4626 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
4627 4627 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4628 4628 user = relationship('User')
4629 4629
4630 4630 def rule_data(self):
4631 4631 return {
4632 4632 'mandatory': self.mandatory
4633 4633 }
4634 4634
4635 4635
4636 4636 class RepoReviewRuleUserGroup(Base, BaseModel):
4637 4637 __tablename__ = 'repo_review_rules_users_groups'
4638 4638 __table_args__ = (
4639 4639 base_table_args
4640 4640 )
4641 4641
4642 4642 VOTE_RULE_ALL = -1
4643 4643
4644 4644 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
4645 4645 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4646 4646 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
4647 4647 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4648 4648 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
4649 4649 users_group = relationship('UserGroup')
4650 4650
4651 4651 def rule_data(self):
4652 4652 return {
4653 4653 'mandatory': self.mandatory,
4654 4654 'vote_rule': self.vote_rule
4655 4655 }
4656 4656
4657 4657 @property
4658 4658 def vote_rule_label(self):
4659 4659 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
4660 4660 return 'all must vote'
4661 4661 else:
4662 4662 return 'min. vote {}'.format(self.vote_rule)
4663 4663
4664 4664
4665 4665 class RepoReviewRule(Base, BaseModel):
4666 4666 __tablename__ = 'repo_review_rules'
4667 4667 __table_args__ = (
4668 4668 base_table_args
4669 4669 )
4670 4670
4671 4671 repo_review_rule_id = Column(
4672 4672 'repo_review_rule_id', Integer(), primary_key=True)
4673 4673 repo_id = Column(
4674 4674 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
4675 4675 repo = relationship('Repository', backref='review_rules')
4676 4676
4677 4677 review_rule_name = Column('review_rule_name', String(255))
4678 4678 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4679 4679 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4680 4680 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4681 4681
4682 4682 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
4683 4683 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
4684 4684 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
4685 4685 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
4686 4686
4687 4687 rule_users = relationship('RepoReviewRuleUser')
4688 4688 rule_user_groups = relationship('RepoReviewRuleUserGroup')
4689 4689
4690 4690 def _validate_pattern(self, value):
4691 4691 re.compile('^' + glob2re(value) + '$')
4692 4692
4693 4693 @hybrid_property
4694 4694 def source_branch_pattern(self):
4695 4695 return self._branch_pattern or '*'
4696 4696
4697 4697 @source_branch_pattern.setter
4698 4698 def source_branch_pattern(self, value):
4699 4699 self._validate_pattern(value)
4700 4700 self._branch_pattern = value or '*'
4701 4701
4702 4702 @hybrid_property
4703 4703 def target_branch_pattern(self):
4704 4704 return self._target_branch_pattern or '*'
4705 4705
4706 4706 @target_branch_pattern.setter
4707 4707 def target_branch_pattern(self, value):
4708 4708 self._validate_pattern(value)
4709 4709 self._target_branch_pattern = value or '*'
4710 4710
4711 4711 @hybrid_property
4712 4712 def file_pattern(self):
4713 4713 return self._file_pattern or '*'
4714 4714
4715 4715 @file_pattern.setter
4716 4716 def file_pattern(self, value):
4717 4717 self._validate_pattern(value)
4718 4718 self._file_pattern = value or '*'
4719 4719
4720 4720 def matches(self, source_branch, target_branch, files_changed):
4721 4721 """
4722 4722 Check if this review rule matches a branch/files in a pull request
4723 4723
4724 4724 :param source_branch: source branch name for the commit
4725 4725 :param target_branch: target branch name for the commit
4726 4726 :param files_changed: list of file paths changed in the pull request
4727 4727 """
4728 4728
4729 4729 source_branch = source_branch or ''
4730 4730 target_branch = target_branch or ''
4731 4731 files_changed = files_changed or []
4732 4732
4733 4733 branch_matches = True
4734 4734 if source_branch or target_branch:
4735 4735 if self.source_branch_pattern == '*':
4736 4736 source_branch_match = True
4737 4737 else:
4738 4738 if self.source_branch_pattern.startswith('re:'):
4739 4739 source_pattern = self.source_branch_pattern[3:]
4740 4740 else:
4741 4741 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
4742 4742 source_branch_regex = re.compile(source_pattern)
4743 4743 source_branch_match = bool(source_branch_regex.search(source_branch))
4744 4744 if self.target_branch_pattern == '*':
4745 4745 target_branch_match = True
4746 4746 else:
4747 4747 if self.target_branch_pattern.startswith('re:'):
4748 4748 target_pattern = self.target_branch_pattern[3:]
4749 4749 else:
4750 4750 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
4751 4751 target_branch_regex = re.compile(target_pattern)
4752 4752 target_branch_match = bool(target_branch_regex.search(target_branch))
4753 4753
4754 4754 branch_matches = source_branch_match and target_branch_match
4755 4755
4756 4756 files_matches = True
4757 4757 if self.file_pattern != '*':
4758 4758 files_matches = False
4759 4759 if self.file_pattern.startswith('re:'):
4760 4760 file_pattern = self.file_pattern[3:]
4761 4761 else:
4762 4762 file_pattern = glob2re(self.file_pattern)
4763 4763 file_regex = re.compile(file_pattern)
4764 4764 for filename in files_changed:
4765 4765 if file_regex.search(filename):
4766 4766 files_matches = True
4767 4767 break
4768 4768
4769 4769 return branch_matches and files_matches
4770 4770
4771 4771 @property
4772 4772 def review_users(self):
4773 4773 """ Returns the users which this rule applies to """
4774 4774
4775 4775 users = collections.OrderedDict()
4776 4776
4777 4777 for rule_user in self.rule_users:
4778 4778 if rule_user.user.active:
4779 4779 if rule_user.user not in users:
4780 4780 users[rule_user.user.username] = {
4781 4781 'user': rule_user.user,
4782 4782 'source': 'user',
4783 4783 'source_data': {},
4784 4784 'data': rule_user.rule_data()
4785 4785 }
4786 4786
4787 4787 for rule_user_group in self.rule_user_groups:
4788 4788 source_data = {
4789 4789 'user_group_id': rule_user_group.users_group.users_group_id,
4790 4790 'name': rule_user_group.users_group.users_group_name,
4791 4791 'members': len(rule_user_group.users_group.members)
4792 4792 }
4793 4793 for member in rule_user_group.users_group.members:
4794 4794 if member.user.active:
4795 4795 key = member.user.username
4796 4796 if key in users:
4797 4797 # skip this member as we have him already
4798 4798 # this prevents from override the "first" matched
4799 4799 # users with duplicates in multiple groups
4800 4800 continue
4801 4801
4802 4802 users[key] = {
4803 4803 'user': member.user,
4804 4804 'source': 'user_group',
4805 4805 'source_data': source_data,
4806 4806 'data': rule_user_group.rule_data()
4807 4807 }
4808 4808
4809 4809 return users
4810 4810
4811 4811 def user_group_vote_rule(self, user_id):
4812 4812
4813 4813 rules = []
4814 4814 if not self.rule_user_groups:
4815 4815 return rules
4816 4816
4817 4817 for user_group in self.rule_user_groups:
4818 4818 user_group_members = [x.user_id for x in user_group.users_group.members]
4819 4819 if user_id in user_group_members:
4820 4820 rules.append(user_group)
4821 4821 return rules
4822 4822
4823 4823 def __repr__(self):
4824 4824 return '<RepoReviewerRule(id=%r, repo=%r)>' % (
4825 4825 self.repo_review_rule_id, self.repo)
4826 4826
4827 4827
4828 4828 class ScheduleEntry(Base, BaseModel):
4829 4829 __tablename__ = 'schedule_entries'
4830 4830 __table_args__ = (
4831 4831 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
4832 4832 UniqueConstraint('task_uid', name='s_task_uid_idx'),
4833 4833 base_table_args,
4834 4834 )
4835 4835
4836 4836 schedule_types = ['crontab', 'timedelta', 'integer']
4837 4837 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
4838 4838
4839 4839 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
4840 4840 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
4841 4841 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
4842 4842
4843 4843 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
4844 4844 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
4845 4845
4846 4846 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
4847 4847 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
4848 4848
4849 4849 # task
4850 4850 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
4851 4851 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
4852 4852 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
4853 4853 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
4854 4854
4855 4855 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4856 4856 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
4857 4857
4858 4858 @hybrid_property
4859 4859 def schedule_type(self):
4860 4860 return self._schedule_type
4861 4861
4862 4862 @schedule_type.setter
4863 4863 def schedule_type(self, val):
4864 4864 if val not in self.schedule_types:
4865 4865 raise ValueError('Value must be on of `{}` and got `{}`'.format(
4866 4866 val, self.schedule_type))
4867 4867
4868 4868 self._schedule_type = val
4869 4869
4870 4870 @classmethod
4871 4871 def get_uid(cls, obj):
4872 4872 args = obj.task_args
4873 4873 kwargs = obj.task_kwargs
4874 4874 if isinstance(args, JsonRaw):
4875 4875 try:
4876 4876 args = json.loads(args)
4877 4877 except ValueError:
4878 4878 args = tuple()
4879 4879
4880 4880 if isinstance(kwargs, JsonRaw):
4881 4881 try:
4882 4882 kwargs = json.loads(kwargs)
4883 4883 except ValueError:
4884 4884 kwargs = dict()
4885 4885
4886 4886 dot_notation = obj.task_dot_notation
4887 4887 val = '.'.join(map(safe_str, [
4888 4888 sorted(dot_notation), args, sorted(kwargs.items())]))
4889 4889 return hashlib.sha1(val).hexdigest()
4890 4890
4891 4891 @classmethod
4892 4892 def get_by_schedule_name(cls, schedule_name):
4893 4893 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
4894 4894
4895 4895 @classmethod
4896 4896 def get_by_schedule_id(cls, schedule_id):
4897 4897 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
4898 4898
4899 4899 @property
4900 4900 def task(self):
4901 4901 return self.task_dot_notation
4902 4902
4903 4903 @property
4904 4904 def schedule(self):
4905 4905 from rhodecode.lib.celerylib.utils import raw_2_schedule
4906 4906 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
4907 4907 return schedule
4908 4908
4909 4909 @property
4910 4910 def args(self):
4911 4911 try:
4912 4912 return list(self.task_args or [])
4913 4913 except ValueError:
4914 4914 return list()
4915 4915
4916 4916 @property
4917 4917 def kwargs(self):
4918 4918 try:
4919 4919 return dict(self.task_kwargs or {})
4920 4920 except ValueError:
4921 4921 return dict()
4922 4922
4923 4923 def _as_raw(self, val):
4924 4924 if hasattr(val, 'de_coerce'):
4925 4925 val = val.de_coerce()
4926 4926 if val:
4927 4927 val = json.dumps(val)
4928 4928
4929 4929 return val
4930 4930
4931 4931 @property
4932 4932 def schedule_definition_raw(self):
4933 4933 return self._as_raw(self.schedule_definition)
4934 4934
4935 4935 @property
4936 4936 def args_raw(self):
4937 4937 return self._as_raw(self.task_args)
4938 4938
4939 4939 @property
4940 4940 def kwargs_raw(self):
4941 4941 return self._as_raw(self.task_kwargs)
4942 4942
4943 4943 def __repr__(self):
4944 4944 return '<DB:ScheduleEntry({}:{})>'.format(
4945 4945 self.schedule_entry_id, self.schedule_name)
4946 4946
4947 4947
4948 4948 @event.listens_for(ScheduleEntry, 'before_update')
4949 4949 def update_task_uid(mapper, connection, target):
4950 4950 target.task_uid = ScheduleEntry.get_uid(target)
4951 4951
4952 4952
4953 4953 @event.listens_for(ScheduleEntry, 'before_insert')
4954 4954 def set_task_uid(mapper, connection, target):
4955 4955 target.task_uid = ScheduleEntry.get_uid(target)
4956 4956
4957 4957
4958 4958 class _BaseBranchPerms(BaseModel):
4959 4959 @classmethod
4960 4960 def compute_hash(cls, value):
4961 4961 return sha1_safe(value)
4962 4962
4963 4963 @hybrid_property
4964 4964 def branch_pattern(self):
4965 4965 return self._branch_pattern or '*'
4966 4966
4967 4967 @hybrid_property
4968 4968 def branch_hash(self):
4969 4969 return self._branch_hash
4970 4970
4971 4971 def _validate_glob(self, value):
4972 4972 re.compile('^' + glob2re(value) + '$')
4973 4973
4974 4974 @branch_pattern.setter
4975 4975 def branch_pattern(self, value):
4976 4976 self._validate_glob(value)
4977 4977 self._branch_pattern = value or '*'
4978 4978 # set the Hash when setting the branch pattern
4979 4979 self._branch_hash = self.compute_hash(self._branch_pattern)
4980 4980
4981 4981 def matches(self, branch):
4982 4982 """
4983 4983 Check if this the branch matches entry
4984 4984
4985 4985 :param branch: branch name for the commit
4986 4986 """
4987 4987
4988 4988 branch = branch or ''
4989 4989
4990 4990 branch_matches = True
4991 4991 if branch:
4992 4992 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
4993 4993 branch_matches = bool(branch_regex.search(branch))
4994 4994
4995 4995 return branch_matches
4996 4996
4997 4997
4998 4998 class UserToRepoBranchPermission(Base, _BaseBranchPerms):
4999 4999 __tablename__ = 'user_to_repo_branch_permissions'
5000 5000 __table_args__ = (
5001 5001 base_table_args
5002 5002 )
5003 5003
5004 5004 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5005 5005
5006 5006 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5007 5007 repo = relationship('Repository', backref='user_branch_perms')
5008 5008
5009 5009 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5010 5010 permission = relationship('Permission')
5011 5011
5012 5012 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
5013 5013 user_repo_to_perm = relationship('UserRepoToPerm')
5014 5014
5015 5015 rule_order = Column('rule_order', Integer(), nullable=False)
5016 5016 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
5017 5017 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5018 5018
5019 5019 def __unicode__(self):
5020 5020 return u'<UserBranchPermission(%s => %r)>' % (
5021 5021 self.user_repo_to_perm, self.branch_pattern)
5022 5022
5023 5023
5024 5024 class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
5025 5025 __tablename__ = 'user_group_to_repo_branch_permissions'
5026 5026 __table_args__ = (
5027 5027 base_table_args
5028 5028 )
5029 5029
5030 5030 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5031 5031
5032 5032 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5033 5033 repo = relationship('Repository', backref='user_group_branch_perms')
5034 5034
5035 5035 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5036 5036 permission = relationship('Permission')
5037 5037
5038 5038 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
5039 5039 user_group_repo_to_perm = relationship('UserGroupRepoToPerm')
5040 5040
5041 5041 rule_order = Column('rule_order', Integer(), nullable=False)
5042 5042 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
5043 5043 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5044 5044
5045 5045 def __unicode__(self):
5046 5046 return u'<UserBranchPermission(%s => %r)>' % (
5047 5047 self.user_group_repo_to_perm, self.branch_pattern)
5048 5048
5049 5049
5050 5050 class UserBookmark(Base, BaseModel):
5051 5051 __tablename__ = 'user_bookmarks'
5052 5052 __table_args__ = (
5053 5053 UniqueConstraint('user_id', 'bookmark_repo_id'),
5054 5054 UniqueConstraint('user_id', 'bookmark_repo_group_id'),
5055 5055 UniqueConstraint('user_id', 'bookmark_position'),
5056 5056 base_table_args
5057 5057 )
5058 5058
5059 5059 user_bookmark_id = Column("user_bookmark_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
5060 5060 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
5061 5061 position = Column("bookmark_position", Integer(), nullable=False)
5062 5062 title = Column("bookmark_title", String(255), nullable=True, unique=None, default=None)
5063 5063 redirect_url = Column("bookmark_redirect_url", String(10240), nullable=True, unique=None, default=None)
5064 5064 created_on = Column("created_on", DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5065 5065
5066 5066 bookmark_repo_id = Column("bookmark_repo_id", Integer(), ForeignKey("repositories.repo_id"), nullable=True, unique=None, default=None)
5067 5067 bookmark_repo_group_id = Column("bookmark_repo_group_id", Integer(), ForeignKey("groups.group_id"), nullable=True, unique=None, default=None)
5068 5068
5069 5069 user = relationship("User")
5070 5070
5071 5071 repository = relationship("Repository")
5072 5072 repository_group = relationship("RepoGroup")
5073 5073
5074 5074 @classmethod
5075 5075 def get_by_position_for_user(cls, position, user_id):
5076 5076 return cls.query() \
5077 5077 .filter(UserBookmark.user_id == user_id) \
5078 5078 .filter(UserBookmark.position == position).scalar()
5079 5079
5080 5080 @classmethod
5081 5081 def get_bookmarks_for_user(cls, user_id):
5082 5082 return cls.query() \
5083 5083 .filter(UserBookmark.user_id == user_id) \
5084 5084 .options(joinedload(UserBookmark.repository)) \
5085 5085 .options(joinedload(UserBookmark.repository_group)) \
5086 5086 .order_by(UserBookmark.position.asc()) \
5087 5087 .all()
5088 5088
5089 5089 def __unicode__(self):
5090 5090 return u'<UserBookmark(%s @ %r)>' % (self.position, self.redirect_url)
5091 5091
5092 5092
5093 5093 class FileStore(Base, BaseModel):
5094 5094 __tablename__ = 'file_store'
5095 5095 __table_args__ = (
5096 5096 base_table_args
5097 5097 )
5098 5098
5099 5099 file_store_id = Column('file_store_id', Integer(), primary_key=True)
5100 5100 file_uid = Column('file_uid', String(1024), nullable=False)
5101 5101 file_display_name = Column('file_display_name', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), nullable=True)
5102 5102 file_description = Column('file_description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=True)
5103 5103 file_org_name = Column('file_org_name', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=False)
5104 5104
5105 5105 # sha256 hash
5106 5106 file_hash = Column('file_hash', String(512), nullable=False)
5107 5107 file_size = Column('file_size', Integer(), nullable=False)
5108 5108
5109 5109 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5110 5110 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True)
5111 5111 accessed_count = Column('accessed_count', Integer(), default=0)
5112 5112
5113 5113 enabled = Column('enabled', Boolean(), nullable=False, default=True)
5114 5114
5115 5115 # if repo/repo_group reference is set, check for permissions
5116 5116 check_acl = Column('check_acl', Boolean(), nullable=False, default=True)
5117 5117
5118 5118 # hidden defines an attachment that should be hidden from showing in artifact listing
5119 5119 hidden = Column('hidden', Boolean(), nullable=False, default=False)
5120 5120
5121 5121 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
5122 5122 upload_user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.user_id')
5123 5123
5124 5124 file_metadata = relationship('FileStoreMetadata', lazy='joined')
5125 5125
5126 5126 # scope limited to user, which requester have access to
5127 5127 scope_user_id = Column(
5128 5128 'scope_user_id', Integer(), ForeignKey('users.user_id'),
5129 5129 nullable=True, unique=None, default=None)
5130 5130 user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.scope_user_id')
5131 5131
5132 5132 # scope limited to user group, which requester have access to
5133 5133 scope_user_group_id = Column(
5134 5134 'scope_user_group_id', Integer(), ForeignKey('users_groups.users_group_id'),
5135 5135 nullable=True, unique=None, default=None)
5136 5136 user_group = relationship('UserGroup', lazy='joined')
5137 5137
5138 5138 # scope limited to repo, which requester have access to
5139 5139 scope_repo_id = Column(
5140 5140 'scope_repo_id', Integer(), ForeignKey('repositories.repo_id'),
5141 5141 nullable=True, unique=None, default=None)
5142 5142 repo = relationship('Repository', lazy='joined')
5143 5143
5144 5144 # scope limited to repo group, which requester have access to
5145 5145 scope_repo_group_id = Column(
5146 5146 'scope_repo_group_id', Integer(), ForeignKey('groups.group_id'),
5147 5147 nullable=True, unique=None, default=None)
5148 5148 repo_group = relationship('RepoGroup', lazy='joined')
5149 5149
5150 5150 @classmethod
5151 5151 def get_by_store_uid(cls, file_store_uid):
5152 5152 return FileStore.query().filter(FileStore.file_uid == file_store_uid).scalar()
5153 5153
5154 5154 @classmethod
5155 5155 def create(cls, file_uid, filename, file_hash, file_size, file_display_name='',
5156 5156 file_description='', enabled=True, hidden=False, check_acl=True,
5157 5157 user_id=None, scope_user_id=None, scope_repo_id=None, scope_repo_group_id=None):
5158 5158
5159 5159 store_entry = FileStore()
5160 5160 store_entry.file_uid = file_uid
5161 5161 store_entry.file_display_name = file_display_name
5162 5162 store_entry.file_org_name = filename
5163 5163 store_entry.file_size = file_size
5164 5164 store_entry.file_hash = file_hash
5165 5165 store_entry.file_description = file_description
5166 5166
5167 5167 store_entry.check_acl = check_acl
5168 5168 store_entry.enabled = enabled
5169 5169 store_entry.hidden = hidden
5170 5170
5171 5171 store_entry.user_id = user_id
5172 5172 store_entry.scope_user_id = scope_user_id
5173 5173 store_entry.scope_repo_id = scope_repo_id
5174 5174 store_entry.scope_repo_group_id = scope_repo_group_id
5175 5175
5176 5176 return store_entry
5177 5177
5178 5178 @classmethod
5179 5179 def store_metadata(cls, file_store_id, args, commit=True):
5180 5180 file_store = FileStore.get(file_store_id)
5181 5181 if file_store is None:
5182 5182 return
5183 5183
5184 5184 for section, key, value, value_type in args:
5185 5185 has_key = FileStoreMetadata().query() \
5186 5186 .filter(FileStoreMetadata.file_store_id == file_store.file_store_id) \
5187 5187 .filter(FileStoreMetadata.file_store_meta_section == section) \
5188 5188 .filter(FileStoreMetadata.file_store_meta_key == key) \
5189 5189 .scalar()
5190 5190 if has_key:
5191 5191 msg = 'key `{}` already defined under section `{}` for this file.'\
5192 5192 .format(key, section)
5193 5193 raise ArtifactMetadataDuplicate(msg, err_section=section, err_key=key)
5194 5194
5195 5195 # NOTE(marcink): raises ArtifactMetadataBadValueType
5196 5196 FileStoreMetadata.valid_value_type(value_type)
5197 5197
5198 5198 meta_entry = FileStoreMetadata()
5199 5199 meta_entry.file_store = file_store
5200 5200 meta_entry.file_store_meta_section = section
5201 5201 meta_entry.file_store_meta_key = key
5202 5202 meta_entry.file_store_meta_value_type = value_type
5203 5203 meta_entry.file_store_meta_value = value
5204 5204
5205 5205 Session().add(meta_entry)
5206 5206
5207 5207 try:
5208 5208 if commit:
5209 5209 Session().commit()
5210 5210 except IntegrityError:
5211 5211 Session().rollback()
5212 5212 raise ArtifactMetadataDuplicate('Duplicate section/key found for this file.')
5213 5213
5214 5214 @classmethod
5215 5215 def bump_access_counter(cls, file_uid, commit=True):
5216 5216 FileStore().query()\
5217 5217 .filter(FileStore.file_uid == file_uid)\
5218 5218 .update({FileStore.accessed_count: (FileStore.accessed_count + 1),
5219 5219 FileStore.accessed_on: datetime.datetime.now()})
5220 5220 if commit:
5221 5221 Session().commit()
5222 5222
5223 5223 def __repr__(self):
5224 5224 return '<FileStore({})>'.format(self.file_store_id)
5225 5225
5226 5226
5227 5227 class FileStoreMetadata(Base, BaseModel):
5228 5228 __tablename__ = 'file_store_metadata'
5229 5229 __table_args__ = (
5230 UniqueConstraint('file_store_id', 'file_store_meta_section', 'file_store_meta_key'),
5231 Index('file_store_meta_section_idx', 'file_store_meta_section'),
5232 Index('file_store_meta_key_idx', 'file_store_meta_key'),
5230 UniqueConstraint('file_store_id', 'file_store_meta_section_hash', 'file_store_meta_key_hash'),
5231 Index('file_store_meta_section_idx', 'file_store_meta_section', mysql_length=255),
5232 Index('file_store_meta_key_idx', 'file_store_meta_key', mysql_length=255),
5233 5233 base_table_args
5234 5234 )
5235 5235 SETTINGS_TYPES = {
5236 5236 'str': safe_str,
5237 5237 'int': safe_int,
5238 5238 'unicode': safe_unicode,
5239 5239 'bool': str2bool,
5240 5240 'list': functools.partial(aslist, sep=',')
5241 5241 }
5242 5242
5243 5243 file_store_meta_id = Column(
5244 5244 "file_store_meta_id", Integer(), nullable=False, unique=True, default=None,
5245 5245 primary_key=True)
5246 file_store_meta_section = Column(
5246 _file_store_meta_section = Column(
5247 5247 "file_store_meta_section", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5248 5248 nullable=True, unique=None, default=None)
5249 file_store_meta_key = Column(
5249 _file_store_meta_section_hash = Column(
5250 "file_store_meta_section_hash", String(255),
5251 nullable=True, unique=None, default=None)
5252 _file_store_meta_key = Column(
5250 5253 "file_store_meta_key", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5251 5254 nullable=True, unique=None, default=None)
5255 _file_store_meta_key_hash = Column(
5256 "file_store_meta_key_hash", String(255), nullable=True, unique=None, default=None)
5252 5257 _file_store_meta_value = Column(
5253 5258 "file_store_meta_value", UnicodeText().with_variant(UnicodeText(20480), 'mysql'),
5254 5259 nullable=True, unique=None, default=None)
5255 5260 _file_store_meta_value_type = Column(
5256 5261 "file_store_meta_value_type", String(255), nullable=True, unique=None,
5257 5262 default='unicode')
5258 5263
5259 5264 file_store_id = Column(
5260 5265 'file_store_id', Integer(), ForeignKey('file_store.file_store_id'),
5261 5266 nullable=True, unique=None, default=None)
5262 5267
5263 5268 file_store = relationship('FileStore', lazy='joined')
5264 5269
5265 5270 @classmethod
5266 5271 def valid_value_type(cls, value):
5267 5272 if value.split('.')[0] not in cls.SETTINGS_TYPES:
5268 5273 raise ArtifactMetadataBadValueType(
5269 5274 'value_type must be one of %s got %s' % (cls.SETTINGS_TYPES.keys(), value))
5270 5275
5271 5276 @hybrid_property
5277 def file_store_meta_section(self):
5278 return self._file_store_meta_section
5279
5280 @file_store_meta_section.setter
5281 def file_store_meta_section(self, value):
5282 self._file_store_meta_section = value
5283 self._file_store_meta_section_hash = _hash_key(value)
5284
5285 @hybrid_property
5286 def file_store_meta_key(self):
5287 return self._file_store_meta_key
5288
5289 @file_store_meta_key.setter
5290 def file_store_meta_key(self, value):
5291 self._file_store_meta_key = value
5292 self._file_store_meta_key_hash = _hash_key(value)
5293
5294 @hybrid_property
5272 5295 def file_store_meta_value(self):
5273 5296 val = self._file_store_meta_value
5274 5297
5275 5298 if self._file_store_meta_value_type:
5276 5299 # e.g unicode.encrypted == unicode
5277 5300 _type = self._file_store_meta_value_type.split('.')[0]
5278 5301 # decode the encrypted value if it's encrypted field type
5279 5302 if '.encrypted' in self._file_store_meta_value_type:
5280 5303 cipher = EncryptedTextValue()
5281 5304 val = safe_unicode(cipher.process_result_value(val, None))
5282 5305 # do final type conversion
5283 5306 converter = self.SETTINGS_TYPES.get(_type) or self.SETTINGS_TYPES['unicode']
5284 5307 val = converter(val)
5285 5308
5286 5309 return val
5287 5310
5288 5311 @file_store_meta_value.setter
5289 5312 def file_store_meta_value(self, val):
5290 5313 val = safe_unicode(val)
5291 5314 # encode the encrypted value
5292 5315 if '.encrypted' in self.file_store_meta_value_type:
5293 5316 cipher = EncryptedTextValue()
5294 5317 val = safe_unicode(cipher.process_bind_param(val, None))
5295 5318 self._file_store_meta_value = val
5296 5319
5297 5320 @hybrid_property
5298 5321 def file_store_meta_value_type(self):
5299 5322 return self._file_store_meta_value_type
5300 5323
5301 5324 @file_store_meta_value_type.setter
5302 5325 def file_store_meta_value_type(self, val):
5303 5326 # e.g unicode.encrypted
5304 5327 self.valid_value_type(val)
5305 5328 self._file_store_meta_value_type = val
5306 5329
5307 5330 def __json__(self):
5308 5331 data = {
5309 5332 'artifact': self.file_store.file_uid,
5310 5333 'section': self.file_store_meta_section,
5311 5334 'key': self.file_store_meta_key,
5312 5335 'value': self.file_store_meta_value,
5313 5336 }
5314 5337
5315 5338 return data
5316 5339
5317 5340 def __repr__(self):
5318 5341 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.file_store_meta_section,
5319 5342 self.file_store_meta_key, self.file_store_meta_value)
5320 5343
5321 5344
5322 5345 class DbMigrateVersion(Base, BaseModel):
5323 5346 __tablename__ = 'db_migrate_version'
5324 5347 __table_args__ = (
5325 5348 base_table_args,
5326 5349 )
5327 5350
5328 5351 repository_id = Column('repository_id', String(250), primary_key=True)
5329 5352 repository_path = Column('repository_path', Text)
5330 5353 version = Column('version', Integer)
5331 5354
5332 5355 @classmethod
5333 5356 def set_version(cls, version):
5334 5357 """
5335 5358 Helper for forcing a different version, usually for debugging purposes via ishell.
5336 5359 """
5337 5360 ver = DbMigrateVersion.query().first()
5338 5361 ver.version = version
5339 5362 Session().commit()
5340 5363
5341 5364
5342 5365 class DbSession(Base, BaseModel):
5343 5366 __tablename__ = 'db_session'
5344 5367 __table_args__ = (
5345 5368 base_table_args,
5346 5369 )
5347 5370
5348 5371 def __repr__(self):
5349 5372 return '<DB:DbSession({})>'.format(self.id)
5350 5373
5351 5374 id = Column('id', Integer())
5352 5375 namespace = Column('namespace', String(255), primary_key=True)
5353 5376 accessed = Column('accessed', DateTime, nullable=False)
5354 5377 created = Column('created', DateTime, nullable=False)
5355 5378 data = Column('data', PickleType, nullable=False)
Show file before | Show file after | Hide comments
@@ -1,5399 +1,5422 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 Database Models for RhodeCode Enterprise
23 23 """
24 24
25 25 import re
26 26 import os
27 27 import time
28 28 import string
29 29 import hashlib
30 30 import logging
31 31 import datetime
32 32 import uuid
33 33 import warnings
34 34 import ipaddress
35 35 import functools
36 36 import traceback
37 37 import collections
38 38
39 39 from sqlalchemy import (
40 40 or_, and_, not_, func, TypeDecorator, event,
41 41 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
42 42 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
43 43 Text, Float, PickleType, BigInteger)
44 44 from sqlalchemy.sql.expression import true, false, case
45 45 from sqlalchemy.sql.functions import coalesce, count # pragma: no cover
46 46 from sqlalchemy.orm import (
47 47 relationship, joinedload, class_mapper, validates, aliased)
48 48 from sqlalchemy.ext.declarative import declared_attr
49 49 from sqlalchemy.ext.hybrid import hybrid_property
50 50 from sqlalchemy.exc import IntegrityError # pragma: no cover
51 51 from sqlalchemy.dialects.mysql import LONGTEXT
52 52 from zope.cachedescriptors.property import Lazy as LazyProperty
53 53 from pyramid import compat
54 54 from pyramid.threadlocal import get_current_request
55 55 from webhelpers.text import collapse, remove_formatting
56 56
57 57 from rhodecode.translation import _
58 58 from rhodecode.lib.vcs import get_vcs_instance
59 59 from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
60 60 from rhodecode.lib.utils2 import (
61 61 str2bool, safe_str, get_commit_safe, safe_unicode, sha1_safe,
62 62 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
63 63 glob2re, StrictAttributeDict, cleaned_uri, datetime_to_time, OrderedDefaultDict)
64 64 from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \
65 65 JsonRaw
66 66 from rhodecode.lib.ext_json import json
67 67 from rhodecode.lib.caching_query import FromCache
68 68 from rhodecode.lib.encrypt import AESCipher, validate_and_get_enc_data
69 69 from rhodecode.lib.encrypt2 import Encryptor
70 70 from rhodecode.lib.exceptions import (
71 71 ArtifactMetadataDuplicate, ArtifactMetadataBadValueType)
72 72 from rhodecode.model.meta import Base, Session
73 73
74 74 URL_SEP = '/'
75 75 log = logging.getLogger(__name__)
76 76
77 77 # =============================================================================
78 78 # BASE CLASSES
79 79 # =============================================================================
80 80
81 81 # this is propagated from .ini file rhodecode.encrypted_values.secret or
82 82 # beaker.session.secret if first is not set.
83 83 # and initialized at environment.py
84 84 ENCRYPTION_KEY = None
85 85
86 86 # used to sort permissions by types, '#' used here is not allowed to be in
87 87 # usernames, and it's very early in sorted string.printable table.
88 88 PERMISSION_TYPE_SORT = {
89 89 'admin': '####',
90 90 'write': '###',
91 91 'read': '##',
92 92 'none': '#',
93 93 }
94 94
95 95
96 96 def display_user_sort(obj):
97 97 """
98 98 Sort function used to sort permissions in .permissions() function of
99 99 Repository, RepoGroup, UserGroup. Also it put the default user in front
100 100 of all other resources
101 101 """
102 102
103 103 if obj.username == User.DEFAULT_USER:
104 104 return '#####'
105 105 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
106 106 return prefix + obj.username
107 107
108 108
109 109 def display_user_group_sort(obj):
110 110 """
111 111 Sort function used to sort permissions in .permissions() function of
112 112 Repository, RepoGroup, UserGroup. Also it put the default user in front
113 113 of all other resources
114 114 """
115 115
116 116 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
117 117 return prefix + obj.users_group_name
118 118
119 119
120 120 def _hash_key(k):
121 121 return sha1_safe(k)
122 122
123 123
124 124 def in_filter_generator(qry, items, limit=500):
125 125 """
126 126 Splits IN() into multiple with OR
127 127 e.g.::
128 128 cnt = Repository.query().filter(
129 129 or_(
130 130 *in_filter_generator(Repository.repo_id, range(100000))
131 131 )).count()
132 132 """
133 133 if not items:
134 134 # empty list will cause empty query which might cause security issues
135 135 # this can lead to hidden unpleasant results
136 136 items = [-1]
137 137
138 138 parts = []
139 139 for chunk in xrange(0, len(items), limit):
140 140 parts.append(
141 141 qry.in_(items[chunk: chunk + limit])
142 142 )
143 143
144 144 return parts
145 145
146 146
147 147 base_table_args = {
148 148 'extend_existing': True,
149 149 'mysql_engine': 'InnoDB',
150 150 'mysql_charset': 'utf8',
151 151 'sqlite_autoincrement': True
152 152 }
153 153
154 154
155 155 class EncryptedTextValue(TypeDecorator):
156 156 """
157 157 Special column for encrypted long text data, use like::
158 158
159 159 value = Column("encrypted_value", EncryptedValue(), nullable=False)
160 160
161 161 This column is intelligent so if value is in unencrypted form it return
162 162 unencrypted form, but on save it always encrypts
163 163 """
164 164 impl = Text
165 165
166 166 def process_bind_param(self, value, dialect):
167 167 """
168 168 Setter for storing value
169 169 """
170 170 import rhodecode
171 171 if not value:
172 172 return value
173 173
174 174 # protect against double encrypting if values is already encrypted
175 175 if value.startswith('enc$aes$') \
176 176 or value.startswith('enc$aes_hmac$') \
177 177 or value.startswith('enc2$'):
178 178 raise ValueError('value needs to be in unencrypted format, '
179 179 'ie. not starting with enc$ or enc2$')
180 180
181 181 algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
182 182 if algo == 'aes':
183 183 return 'enc$aes_hmac$%s' % AESCipher(ENCRYPTION_KEY, hmac=True).encrypt(value)
184 184 elif algo == 'fernet':
185 185 return Encryptor(ENCRYPTION_KEY).encrypt(value)
186 186 else:
187 187 ValueError('Bad encryption algorithm, should be fernet or aes, got: {}'.format(algo))
188 188
189 189 def process_result_value(self, value, dialect):
190 190 """
191 191 Getter for retrieving value
192 192 """
193 193
194 194 import rhodecode
195 195 if not value:
196 196 return value
197 197
198 198 algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
199 199 enc_strict_mode = str2bool(rhodecode.CONFIG.get('rhodecode.encrypted_values.strict') or True)
200 200 if algo == 'aes':
201 201 decrypted_data = validate_and_get_enc_data(value, ENCRYPTION_KEY, enc_strict_mode)
202 202 elif algo == 'fernet':
203 203 return Encryptor(ENCRYPTION_KEY).decrypt(value)
204 204 else:
205 205 ValueError('Bad encryption algorithm, should be fernet or aes, got: {}'.format(algo))
206 206 return decrypted_data
207 207
208 208
209 209 class BaseModel(object):
210 210 """
211 211 Base Model for all classes
212 212 """
213 213
214 214 @classmethod
215 215 def _get_keys(cls):
216 216 """return column names for this model """
217 217 return class_mapper(cls).c.keys()
218 218
219 219 def get_dict(self):
220 220 """
221 221 return dict with keys and values corresponding
222 222 to this model data """
223 223
224 224 d = {}
225 225 for k in self._get_keys():
226 226 d[k] = getattr(self, k)
227 227
228 228 # also use __json__() if present to get additional fields
229 229 _json_attr = getattr(self, '__json__', None)
230 230 if _json_attr:
231 231 # update with attributes from __json__
232 232 if callable(_json_attr):
233 233 _json_attr = _json_attr()
234 234 for k, val in _json_attr.iteritems():
235 235 d[k] = val
236 236 return d
237 237
238 238 def get_appstruct(self):
239 239 """return list with keys and values tuples corresponding
240 240 to this model data """
241 241
242 242 lst = []
243 243 for k in self._get_keys():
244 244 lst.append((k, getattr(self, k),))
245 245 return lst
246 246
247 247 def populate_obj(self, populate_dict):
248 248 """populate model with data from given populate_dict"""
249 249
250 250 for k in self._get_keys():
251 251 if k in populate_dict:
252 252 setattr(self, k, populate_dict[k])
253 253
254 254 @classmethod
255 255 def query(cls):
256 256 return Session().query(cls)
257 257
258 258 @classmethod
259 259 def get(cls, id_):
260 260 if id_:
261 261 return cls.query().get(id_)
262 262
263 263 @classmethod
264 264 def get_or_404(cls, id_):
265 265 from pyramid.httpexceptions import HTTPNotFound
266 266
267 267 try:
268 268 id_ = int(id_)
269 269 except (TypeError, ValueError):
270 270 raise HTTPNotFound()
271 271
272 272 res = cls.query().get(id_)
273 273 if not res:
274 274 raise HTTPNotFound()
275 275 return res
276 276
277 277 @classmethod
278 278 def getAll(cls):
279 279 # deprecated and left for backward compatibility
280 280 return cls.get_all()
281 281
282 282 @classmethod
283 283 def get_all(cls):
284 284 return cls.query().all()
285 285
286 286 @classmethod
287 287 def delete(cls, id_):
288 288 obj = cls.query().get(id_)
289 289 Session().delete(obj)
290 290
291 291 @classmethod
292 292 def identity_cache(cls, session, attr_name, value):
293 293 exist_in_session = []
294 294 for (item_cls, pkey), instance in session.identity_map.items():
295 295 if cls == item_cls and getattr(instance, attr_name) == value:
296 296 exist_in_session.append(instance)
297 297 if exist_in_session:
298 298 if len(exist_in_session) == 1:
299 299 return exist_in_session[0]
300 300 log.exception(
301 301 'multiple objects with attr %s and '
302 302 'value %s found with same name: %r',
303 303 attr_name, value, exist_in_session)
304 304
305 305 def __repr__(self):
306 306 if hasattr(self, '__unicode__'):
307 307 # python repr needs to return str
308 308 try:
309 309 return safe_str(self.__unicode__())
310 310 except UnicodeDecodeError:
311 311 pass
312 312 return '<DB:%s>' % (self.__class__.__name__)
313 313
314 314
315 315 class RhodeCodeSetting(Base, BaseModel):
316 316 __tablename__ = 'rhodecode_settings'
317 317 __table_args__ = (
318 318 UniqueConstraint('app_settings_name'),
319 319 base_table_args
320 320 )
321 321
322 322 SETTINGS_TYPES = {
323 323 'str': safe_str,
324 324 'int': safe_int,
325 325 'unicode': safe_unicode,
326 326 'bool': str2bool,
327 327 'list': functools.partial(aslist, sep=',')
328 328 }
329 329 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
330 330 GLOBAL_CONF_KEY = 'app_settings'
331 331
332 332 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
333 333 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
334 334 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
335 335 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
336 336
337 337 def __init__(self, key='', val='', type='unicode'):
338 338 self.app_settings_name = key
339 339 self.app_settings_type = type
340 340 self.app_settings_value = val
341 341
342 342 @validates('_app_settings_value')
343 343 def validate_settings_value(self, key, val):
344 344 assert type(val) == unicode
345 345 return val
346 346
347 347 @hybrid_property
348 348 def app_settings_value(self):
349 349 v = self._app_settings_value
350 350 _type = self.app_settings_type
351 351 if _type:
352 352 _type = self.app_settings_type.split('.')[0]
353 353 # decode the encrypted value
354 354 if 'encrypted' in self.app_settings_type:
355 355 cipher = EncryptedTextValue()
356 356 v = safe_unicode(cipher.process_result_value(v, None))
357 357
358 358 converter = self.SETTINGS_TYPES.get(_type) or \
359 359 self.SETTINGS_TYPES['unicode']
360 360 return converter(v)
361 361
362 362 @app_settings_value.setter
363 363 def app_settings_value(self, val):
364 364 """
365 365 Setter that will always make sure we use unicode in app_settings_value
366 366
367 367 :param val:
368 368 """
369 369 val = safe_unicode(val)
370 370 # encode the encrypted value
371 371 if 'encrypted' in self.app_settings_type:
372 372 cipher = EncryptedTextValue()
373 373 val = safe_unicode(cipher.process_bind_param(val, None))
374 374 self._app_settings_value = val
375 375
376 376 @hybrid_property
377 377 def app_settings_type(self):
378 378 return self._app_settings_type
379 379
380 380 @app_settings_type.setter
381 381 def app_settings_type(self, val):
382 382 if val.split('.')[0] not in self.SETTINGS_TYPES:
383 383 raise Exception('type must be one of %s got %s'
384 384 % (self.SETTINGS_TYPES.keys(), val))
385 385 self._app_settings_type = val
386 386
387 387 @classmethod
388 388 def get_by_prefix(cls, prefix):
389 389 return RhodeCodeSetting.query()\
390 390 .filter(RhodeCodeSetting.app_settings_name.startswith(prefix))\
391 391 .all()
392 392
393 393 def __unicode__(self):
394 394 return u"<%s('%s:%s[%s]')>" % (
395 395 self.__class__.__name__,
396 396 self.app_settings_name, self.app_settings_value,
397 397 self.app_settings_type
398 398 )
399 399
400 400
401 401 class RhodeCodeUi(Base, BaseModel):
402 402 __tablename__ = 'rhodecode_ui'
403 403 __table_args__ = (
404 404 UniqueConstraint('ui_key'),
405 405 base_table_args
406 406 )
407 407
408 408 HOOK_REPO_SIZE = 'changegroup.repo_size'
409 409 # HG
410 410 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
411 411 HOOK_PULL = 'outgoing.pull_logger'
412 412 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
413 413 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
414 414 HOOK_PUSH = 'changegroup.push_logger'
415 415 HOOK_PUSH_KEY = 'pushkey.key_push'
416 416
417 417 HOOKS_BUILTIN = [
418 418 HOOK_PRE_PULL,
419 419 HOOK_PULL,
420 420 HOOK_PRE_PUSH,
421 421 HOOK_PRETX_PUSH,
422 422 HOOK_PUSH,
423 423 HOOK_PUSH_KEY,
424 424 ]
425 425
426 426 # TODO: johbo: Unify way how hooks are configured for git and hg,
427 427 # git part is currently hardcoded.
428 428
429 429 # SVN PATTERNS
430 430 SVN_BRANCH_ID = 'vcs_svn_branch'
431 431 SVN_TAG_ID = 'vcs_svn_tag'
432 432
433 433 ui_id = Column(
434 434 "ui_id", Integer(), nullable=False, unique=True, default=None,
435 435 primary_key=True)
436 436 ui_section = Column(
437 437 "ui_section", String(255), nullable=True, unique=None, default=None)
438 438 ui_key = Column(
439 439 "ui_key", String(255), nullable=True, unique=None, default=None)
440 440 ui_value = Column(
441 441 "ui_value", String(255), nullable=True, unique=None, default=None)
442 442 ui_active = Column(
443 443 "ui_active", Boolean(), nullable=True, unique=None, default=True)
444 444
445 445 def __repr__(self):
446 446 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
447 447 self.ui_key, self.ui_value)
448 448
449 449
450 450 class RepoRhodeCodeSetting(Base, BaseModel):
451 451 __tablename__ = 'repo_rhodecode_settings'
452 452 __table_args__ = (
453 453 UniqueConstraint(
454 454 'app_settings_name', 'repository_id',
455 455 name='uq_repo_rhodecode_setting_name_repo_id'),
456 456 base_table_args
457 457 )
458 458
459 459 repository_id = Column(
460 460 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
461 461 nullable=False)
462 462 app_settings_id = Column(
463 463 "app_settings_id", Integer(), nullable=False, unique=True,
464 464 default=None, primary_key=True)
465 465 app_settings_name = Column(
466 466 "app_settings_name", String(255), nullable=True, unique=None,
467 467 default=None)
468 468 _app_settings_value = Column(
469 469 "app_settings_value", String(4096), nullable=True, unique=None,
470 470 default=None)
471 471 _app_settings_type = Column(
472 472 "app_settings_type", String(255), nullable=True, unique=None,
473 473 default=None)
474 474
475 475 repository = relationship('Repository')
476 476
477 477 def __init__(self, repository_id, key='', val='', type='unicode'):
478 478 self.repository_id = repository_id
479 479 self.app_settings_name = key
480 480 self.app_settings_type = type
481 481 self.app_settings_value = val
482 482
483 483 @validates('_app_settings_value')
484 484 def validate_settings_value(self, key, val):
485 485 assert type(val) == unicode
486 486 return val
487 487
488 488 @hybrid_property
489 489 def app_settings_value(self):
490 490 v = self._app_settings_value
491 491 type_ = self.app_settings_type
492 492 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
493 493 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
494 494 return converter(v)
495 495
496 496 @app_settings_value.setter
497 497 def app_settings_value(self, val):
498 498 """
499 499 Setter that will always make sure we use unicode in app_settings_value
500 500
501 501 :param val:
502 502 """
503 503 self._app_settings_value = safe_unicode(val)
504 504
505 505 @hybrid_property
506 506 def app_settings_type(self):
507 507 return self._app_settings_type
508 508
509 509 @app_settings_type.setter
510 510 def app_settings_type(self, val):
511 511 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
512 512 if val not in SETTINGS_TYPES:
513 513 raise Exception('type must be one of %s got %s'
514 514 % (SETTINGS_TYPES.keys(), val))
515 515 self._app_settings_type = val
516 516
517 517 def __unicode__(self):
518 518 return u"<%s('%s:%s:%s[%s]')>" % (
519 519 self.__class__.__name__, self.repository.repo_name,
520 520 self.app_settings_name, self.app_settings_value,
521 521 self.app_settings_type
522 522 )
523 523
524 524
525 525 class RepoRhodeCodeUi(Base, BaseModel):
526 526 __tablename__ = 'repo_rhodecode_ui'
527 527 __table_args__ = (
528 528 UniqueConstraint(
529 529 'repository_id', 'ui_section', 'ui_key',
530 530 name='uq_repo_rhodecode_ui_repository_id_section_key'),
531 531 base_table_args
532 532 )
533 533
534 534 repository_id = Column(
535 535 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
536 536 nullable=False)
537 537 ui_id = Column(
538 538 "ui_id", Integer(), nullable=False, unique=True, default=None,
539 539 primary_key=True)
540 540 ui_section = Column(
541 541 "ui_section", String(255), nullable=True, unique=None, default=None)
542 542 ui_key = Column(
543 543 "ui_key", String(255), nullable=True, unique=None, default=None)
544 544 ui_value = Column(
545 545 "ui_value", String(255), nullable=True, unique=None, default=None)
546 546 ui_active = Column(
547 547 "ui_active", Boolean(), nullable=True, unique=None, default=True)
548 548
549 549 repository = relationship('Repository')
550 550
551 551 def __repr__(self):
552 552 return '<%s[%s:%s]%s=>%s]>' % (
553 553 self.__class__.__name__, self.repository.repo_name,
554 554 self.ui_section, self.ui_key, self.ui_value)
555 555
556 556
557 557 class User(Base, BaseModel):
558 558 __tablename__ = 'users'
559 559 __table_args__ = (
560 560 UniqueConstraint('username'), UniqueConstraint('email'),
561 561 Index('u_username_idx', 'username'),
562 562 Index('u_email_idx', 'email'),
563 563 base_table_args
564 564 )
565 565
566 566 DEFAULT_USER = 'default'
567 567 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
568 568 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
569 569
570 570 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
571 571 username = Column("username", String(255), nullable=True, unique=None, default=None)
572 572 password = Column("password", String(255), nullable=True, unique=None, default=None)
573 573 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
574 574 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
575 575 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
576 576 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
577 577 _email = Column("email", String(255), nullable=True, unique=None, default=None)
578 578 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
579 579 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
580 580
581 581 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
582 582 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
583 583 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
584 584 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
585 585 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
586 586 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
587 587
588 588 user_log = relationship('UserLog')
589 589 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all, delete-orphan')
590 590
591 591 repositories = relationship('Repository')
592 592 repository_groups = relationship('RepoGroup')
593 593 user_groups = relationship('UserGroup')
594 594
595 595 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
596 596 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
597 597
598 598 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all, delete-orphan')
599 599 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan')
600 600 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan')
601 601
602 602 group_member = relationship('UserGroupMember', cascade='all')
603 603
604 604 notifications = relationship('UserNotification', cascade='all')
605 605 # notifications assigned to this user
606 606 user_created_notifications = relationship('Notification', cascade='all')
607 607 # comments created by this user
608 608 user_comments = relationship('ChangesetComment', cascade='all')
609 609 # user profile extra info
610 610 user_emails = relationship('UserEmailMap', cascade='all')
611 611 user_ip_map = relationship('UserIpMap', cascade='all')
612 612 user_auth_tokens = relationship('UserApiKeys', cascade='all')
613 613 user_ssh_keys = relationship('UserSshKeys', cascade='all')
614 614
615 615 # gists
616 616 user_gists = relationship('Gist', cascade='all')
617 617 # user pull requests
618 618 user_pull_requests = relationship('PullRequest', cascade='all')
619 619 # external identities
620 620 extenal_identities = relationship(
621 621 'ExternalIdentity',
622 622 primaryjoin="User.user_id==ExternalIdentity.local_user_id",
623 623 cascade='all')
624 624 # review rules
625 625 user_review_rules = relationship('RepoReviewRuleUser', cascade='all')
626 626
627 627 def __unicode__(self):
628 628 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
629 629 self.user_id, self.username)
630 630
631 631 @hybrid_property
632 632 def email(self):
633 633 return self._email
634 634
635 635 @email.setter
636 636 def email(self, val):
637 637 self._email = val.lower() if val else None
638 638
639 639 @hybrid_property
640 640 def first_name(self):
641 641 from rhodecode.lib import helpers as h
642 642 if self.name:
643 643 return h.escape(self.name)
644 644 return self.name
645 645
646 646 @hybrid_property
647 647 def last_name(self):
648 648 from rhodecode.lib import helpers as h
649 649 if self.lastname:
650 650 return h.escape(self.lastname)
651 651 return self.lastname
652 652
653 653 @hybrid_property
654 654 def api_key(self):
655 655 """
656 656 Fetch if exist an auth-token with role ALL connected to this user
657 657 """
658 658 user_auth_token = UserApiKeys.query()\
659 659 .filter(UserApiKeys.user_id == self.user_id)\
660 660 .filter(or_(UserApiKeys.expires == -1,
661 661 UserApiKeys.expires >= time.time()))\
662 662 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
663 663 if user_auth_token:
664 664 user_auth_token = user_auth_token.api_key
665 665
666 666 return user_auth_token
667 667
668 668 @api_key.setter
669 669 def api_key(self, val):
670 670 # don't allow to set API key this is deprecated for now
671 671 self._api_key = None
672 672
673 673 @property
674 674 def reviewer_pull_requests(self):
675 675 return PullRequestReviewers.query() \
676 676 .options(joinedload(PullRequestReviewers.pull_request)) \
677 677 .filter(PullRequestReviewers.user_id == self.user_id) \
678 678 .all()
679 679
680 680 @property
681 681 def firstname(self):
682 682 # alias for future
683 683 return self.name
684 684
685 685 @property
686 686 def emails(self):
687 687 other = UserEmailMap.query()\
688 688 .filter(UserEmailMap.user == self) \
689 689 .order_by(UserEmailMap.email_id.asc()) \
690 690 .all()
691 691 return [self.email] + [x.email for x in other]
692 692
693 693 @property
694 694 def auth_tokens(self):
695 695 auth_tokens = self.get_auth_tokens()
696 696 return [x.api_key for x in auth_tokens]
697 697
698 698 def get_auth_tokens(self):
699 699 return UserApiKeys.query()\
700 700 .filter(UserApiKeys.user == self)\
701 701 .order_by(UserApiKeys.user_api_key_id.asc())\
702 702 .all()
703 703
704 704 @LazyProperty
705 705 def feed_token(self):
706 706 return self.get_feed_token()
707 707
708 708 def get_feed_token(self, cache=True):
709 709 feed_tokens = UserApiKeys.query()\
710 710 .filter(UserApiKeys.user == self)\
711 711 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
712 712 if cache:
713 713 feed_tokens = feed_tokens.options(
714 714 FromCache("sql_cache_short", "get_user_feed_token_%s" % self.user_id))
715 715
716 716 feed_tokens = feed_tokens.all()
717 717 if feed_tokens:
718 718 return feed_tokens[0].api_key
719 719 return 'NO_FEED_TOKEN_AVAILABLE'
720 720
721 721 @LazyProperty
722 722 def artifact_token(self):
723 723 return self.get_artifact_token()
724 724
725 725 def get_artifact_token(self, cache=True):
726 726 artifacts_tokens = UserApiKeys.query()\
727 727 .filter(UserApiKeys.user == self)\
728 728 .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
729 729 if cache:
730 730 artifacts_tokens = artifacts_tokens.options(
731 731 FromCache("sql_cache_short", "get_user_artifact_token_%s" % self.user_id))
732 732
733 733 artifacts_tokens = artifacts_tokens.all()
734 734 if artifacts_tokens:
735 735 return artifacts_tokens[0].api_key
736 736 return 'NO_ARTIFACT_TOKEN_AVAILABLE'
737 737
738 738 @classmethod
739 739 def get(cls, user_id, cache=False):
740 740 if not user_id:
741 741 return
742 742
743 743 user = cls.query()
744 744 if cache:
745 745 user = user.options(
746 746 FromCache("sql_cache_short", "get_users_%s" % user_id))
747 747 return user.get(user_id)
748 748
749 749 @classmethod
750 750 def extra_valid_auth_tokens(cls, user, role=None):
751 751 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
752 752 .filter(or_(UserApiKeys.expires == -1,
753 753 UserApiKeys.expires >= time.time()))
754 754 if role:
755 755 tokens = tokens.filter(or_(UserApiKeys.role == role,
756 756 UserApiKeys.role == UserApiKeys.ROLE_ALL))
757 757 return tokens.all()
758 758
759 759 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
760 760 from rhodecode.lib import auth
761 761
762 762 log.debug('Trying to authenticate user: %s via auth-token, '
763 763 'and roles: %s', self, roles)
764 764
765 765 if not auth_token:
766 766 return False
767 767
768 768 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
769 769 tokens_q = UserApiKeys.query()\
770 770 .filter(UserApiKeys.user_id == self.user_id)\
771 771 .filter(or_(UserApiKeys.expires == -1,
772 772 UserApiKeys.expires >= time.time()))
773 773
774 774 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
775 775
776 776 crypto_backend = auth.crypto_backend()
777 777 enc_token_map = {}
778 778 plain_token_map = {}
779 779 for token in tokens_q:
780 780 if token.api_key.startswith(crypto_backend.ENC_PREF):
781 781 enc_token_map[token.api_key] = token
782 782 else:
783 783 plain_token_map[token.api_key] = token
784 784 log.debug(
785 785 'Found %s plain and %s encrypted tokens to check for authentication for this user',
786 786 len(plain_token_map), len(enc_token_map))
787 787
788 788 # plain token match comes first
789 789 match = plain_token_map.get(auth_token)
790 790
791 791 # check encrypted tokens now
792 792 if not match:
793 793 for token_hash, token in enc_token_map.items():
794 794 # NOTE(marcink): this is expensive to calculate, but most secure
795 795 if crypto_backend.hash_check(auth_token, token_hash):
796 796 match = token
797 797 break
798 798
799 799 if match:
800 800 log.debug('Found matching token %s', match)
801 801 if match.repo_id:
802 802 log.debug('Found scope, checking for scope match of token %s', match)
803 803 if match.repo_id == scope_repo_id:
804 804 return True
805 805 else:
806 806 log.debug(
807 807 'AUTH_TOKEN: scope mismatch, token has a set repo scope: %s, '
808 808 'and calling scope is:%s, skipping further checks',
809 809 match.repo, scope_repo_id)
810 810 return False
811 811 else:
812 812 return True
813 813
814 814 return False
815 815
816 816 @property
817 817 def ip_addresses(self):
818 818 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
819 819 return [x.ip_addr for x in ret]
820 820
821 821 @property
822 822 def username_and_name(self):
823 823 return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
824 824
825 825 @property
826 826 def username_or_name_or_email(self):
827 827 full_name = self.full_name if self.full_name is not ' ' else None
828 828 return self.username or full_name or self.email
829 829
830 830 @property
831 831 def full_name(self):
832 832 return '%s %s' % (self.first_name, self.last_name)
833 833
834 834 @property
835 835 def full_name_or_username(self):
836 836 return ('%s %s' % (self.first_name, self.last_name)
837 837 if (self.first_name and self.last_name) else self.username)
838 838
839 839 @property
840 840 def full_contact(self):
841 841 return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
842 842
843 843 @property
844 844 def short_contact(self):
845 845 return '%s %s' % (self.first_name, self.last_name)
846 846
847 847 @property
848 848 def is_admin(self):
849 849 return self.admin
850 850
851 851 def AuthUser(self, **kwargs):
852 852 """
853 853 Returns instance of AuthUser for this user
854 854 """
855 855 from rhodecode.lib.auth import AuthUser
856 856 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
857 857
858 858 @hybrid_property
859 859 def user_data(self):
860 860 if not self._user_data:
861 861 return {}
862 862
863 863 try:
864 864 return json.loads(self._user_data)
865 865 except TypeError:
866 866 return {}
867 867
868 868 @user_data.setter
869 869 def user_data(self, val):
870 870 if not isinstance(val, dict):
871 871 raise Exception('user_data must be dict, got %s' % type(val))
872 872 try:
873 873 self._user_data = json.dumps(val)
874 874 except Exception:
875 875 log.error(traceback.format_exc())
876 876
877 877 @classmethod
878 878 def get_by_username(cls, username, case_insensitive=False,
879 879 cache=False, identity_cache=False):
880 880 session = Session()
881 881
882 882 if case_insensitive:
883 883 q = cls.query().filter(
884 884 func.lower(cls.username) == func.lower(username))
885 885 else:
886 886 q = cls.query().filter(cls.username == username)
887 887
888 888 if cache:
889 889 if identity_cache:
890 890 val = cls.identity_cache(session, 'username', username)
891 891 if val:
892 892 return val
893 893 else:
894 894 cache_key = "get_user_by_name_%s" % _hash_key(username)
895 895 q = q.options(
896 896 FromCache("sql_cache_short", cache_key))
897 897
898 898 return q.scalar()
899 899
900 900 @classmethod
901 901 def get_by_auth_token(cls, auth_token, cache=False):
902 902 q = UserApiKeys.query()\
903 903 .filter(UserApiKeys.api_key == auth_token)\
904 904 .filter(or_(UserApiKeys.expires == -1,
905 905 UserApiKeys.expires >= time.time()))
906 906 if cache:
907 907 q = q.options(
908 908 FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
909 909
910 910 match = q.first()
911 911 if match:
912 912 return match.user
913 913
914 914 @classmethod
915 915 def get_by_email(cls, email, case_insensitive=False, cache=False):
916 916
917 917 if case_insensitive:
918 918 q = cls.query().filter(func.lower(cls.email) == func.lower(email))
919 919
920 920 else:
921 921 q = cls.query().filter(cls.email == email)
922 922
923 923 email_key = _hash_key(email)
924 924 if cache:
925 925 q = q.options(
926 926 FromCache("sql_cache_short", "get_email_key_%s" % email_key))
927 927
928 928 ret = q.scalar()
929 929 if ret is None:
930 930 q = UserEmailMap.query()
931 931 # try fetching in alternate email map
932 932 if case_insensitive:
933 933 q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
934 934 else:
935 935 q = q.filter(UserEmailMap.email == email)
936 936 q = q.options(joinedload(UserEmailMap.user))
937 937 if cache:
938 938 q = q.options(
939 939 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
940 940 ret = getattr(q.scalar(), 'user', None)
941 941
942 942 return ret
943 943
944 944 @classmethod
945 945 def get_from_cs_author(cls, author):
946 946 """
947 947 Tries to get User objects out of commit author string
948 948
949 949 :param author:
950 950 """
951 951 from rhodecode.lib.helpers import email, author_name
952 952 # Valid email in the attribute passed, see if they're in the system
953 953 _email = email(author)
954 954 if _email:
955 955 user = cls.get_by_email(_email, case_insensitive=True)
956 956 if user:
957 957 return user
958 958 # Maybe we can match by username?
959 959 _author = author_name(author)
960 960 user = cls.get_by_username(_author, case_insensitive=True)
961 961 if user:
962 962 return user
963 963
964 964 def update_userdata(self, **kwargs):
965 965 usr = self
966 966 old = usr.user_data
967 967 old.update(**kwargs)
968 968 usr.user_data = old
969 969 Session().add(usr)
970 970 log.debug('updated userdata with %s', kwargs)
971 971
972 972 def update_lastlogin(self):
973 973 """Update user lastlogin"""
974 974 self.last_login = datetime.datetime.now()
975 975 Session().add(self)
976 976 log.debug('updated user %s lastlogin', self.username)
977 977
978 978 def update_password(self, new_password):
979 979 from rhodecode.lib.auth import get_crypt_password
980 980
981 981 self.password = get_crypt_password(new_password)
982 982 Session().add(self)
983 983
984 984 @classmethod
985 985 def get_first_super_admin(cls):
986 986 user = User.query()\
987 987 .filter(User.admin == true()) \
988 988 .order_by(User.user_id.asc()) \
989 989 .first()
990 990
991 991 if user is None:
992 992 raise Exception('FATAL: Missing administrative account!')
993 993 return user
994 994
995 995 @classmethod
996 996 def get_all_super_admins(cls, only_active=False):
997 997 """
998 998 Returns all admin accounts sorted by username
999 999 """
1000 1000 qry = User.query().filter(User.admin == true()).order_by(User.username.asc())
1001 1001 if only_active:
1002 1002 qry = qry.filter(User.active == true())
1003 1003 return qry.all()
1004 1004
1005 1005 @classmethod
1006 1006 def get_default_user(cls, cache=False, refresh=False):
1007 1007 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
1008 1008 if user is None:
1009 1009 raise Exception('FATAL: Missing default account!')
1010 1010 if refresh:
1011 1011 # The default user might be based on outdated state which
1012 1012 # has been loaded from the cache.
1013 1013 # A call to refresh() ensures that the
1014 1014 # latest state from the database is used.
1015 1015 Session().refresh(user)
1016 1016 return user
1017 1017
1018 1018 def _get_default_perms(self, user, suffix=''):
1019 1019 from rhodecode.model.permission import PermissionModel
1020 1020 return PermissionModel().get_default_perms(user.user_perms, suffix)
1021 1021
1022 1022 def get_default_perms(self, suffix=''):
1023 1023 return self._get_default_perms(self, suffix)
1024 1024
1025 1025 def get_api_data(self, include_secrets=False, details='full'):
1026 1026 """
1027 1027 Common function for generating user related data for API
1028 1028
1029 1029 :param include_secrets: By default secrets in the API data will be replaced
1030 1030 by a placeholder value to prevent exposing this data by accident. In case
1031 1031 this data shall be exposed, set this flag to ``True``.
1032 1032
1033 1033 :param details: details can be 'basic|full' basic gives only a subset of
1034 1034 the available user information that includes user_id, name and emails.
1035 1035 """
1036 1036 user = self
1037 1037 user_data = self.user_data
1038 1038 data = {
1039 1039 'user_id': user.user_id,
1040 1040 'username': user.username,
1041 1041 'firstname': user.name,
1042 1042 'lastname': user.lastname,
1043 1043 'email': user.email,
1044 1044 'emails': user.emails,
1045 1045 }
1046 1046 if details == 'basic':
1047 1047 return data
1048 1048
1049 1049 auth_token_length = 40
1050 1050 auth_token_replacement = '*' * auth_token_length
1051 1051
1052 1052 extras = {
1053 1053 'auth_tokens': [auth_token_replacement],
1054 1054 'active': user.active,
1055 1055 'admin': user.admin,
1056 1056 'extern_type': user.extern_type,
1057 1057 'extern_name': user.extern_name,
1058 1058 'last_login': user.last_login,
1059 1059 'last_activity': user.last_activity,
1060 1060 'ip_addresses': user.ip_addresses,
1061 1061 'language': user_data.get('language')
1062 1062 }
1063 1063 data.update(extras)
1064 1064
1065 1065 if include_secrets:
1066 1066 data['auth_tokens'] = user.auth_tokens
1067 1067 return data
1068 1068
1069 1069 def __json__(self):
1070 1070 data = {
1071 1071 'full_name': self.full_name,
1072 1072 'full_name_or_username': self.full_name_or_username,
1073 1073 'short_contact': self.short_contact,
1074 1074 'full_contact': self.full_contact,
1075 1075 }
1076 1076 data.update(self.get_api_data())
1077 1077 return data
1078 1078
1079 1079
1080 1080 class UserApiKeys(Base, BaseModel):
1081 1081 __tablename__ = 'user_api_keys'
1082 1082 __table_args__ = (
1083 1083 Index('uak_api_key_idx', 'api_key'),
1084 1084 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1085 1085 base_table_args
1086 1086 )
1087 1087 __mapper_args__ = {}
1088 1088
1089 1089 # ApiKey role
1090 1090 ROLE_ALL = 'token_role_all'
1091 1091 ROLE_HTTP = 'token_role_http'
1092 1092 ROLE_VCS = 'token_role_vcs'
1093 1093 ROLE_API = 'token_role_api'
1094 1094 ROLE_FEED = 'token_role_feed'
1095 1095 ROLE_ARTIFACT_DOWNLOAD = 'role_artifact_download'
1096 1096 ROLE_PASSWORD_RESET = 'token_password_reset'
1097 1097
1098 1098 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED, ROLE_ARTIFACT_DOWNLOAD]
1099 1099
1100 1100 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1101 1101 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1102 1102 api_key = Column("api_key", String(255), nullable=False, unique=True)
1103 1103 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1104 1104 expires = Column('expires', Float(53), nullable=False)
1105 1105 role = Column('role', String(255), nullable=True)
1106 1106 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1107 1107
1108 1108 # scope columns
1109 1109 repo_id = Column(
1110 1110 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1111 1111 nullable=True, unique=None, default=None)
1112 1112 repo = relationship('Repository', lazy='joined')
1113 1113
1114 1114 repo_group_id = Column(
1115 1115 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1116 1116 nullable=True, unique=None, default=None)
1117 1117 repo_group = relationship('RepoGroup', lazy='joined')
1118 1118
1119 1119 user = relationship('User', lazy='joined')
1120 1120
1121 1121 def __unicode__(self):
1122 1122 return u"<%s('%s')>" % (self.__class__.__name__, self.role)
1123 1123
1124 1124 def __json__(self):
1125 1125 data = {
1126 1126 'auth_token': self.api_key,
1127 1127 'role': self.role,
1128 1128 'scope': self.scope_humanized,
1129 1129 'expired': self.expired
1130 1130 }
1131 1131 return data
1132 1132
1133 1133 def get_api_data(self, include_secrets=False):
1134 1134 data = self.__json__()
1135 1135 if include_secrets:
1136 1136 return data
1137 1137 else:
1138 1138 data['auth_token'] = self.token_obfuscated
1139 1139 return data
1140 1140
1141 1141 @hybrid_property
1142 1142 def description_safe(self):
1143 1143 from rhodecode.lib import helpers as h
1144 1144 return h.escape(self.description)
1145 1145
1146 1146 @property
1147 1147 def expired(self):
1148 1148 if self.expires == -1:
1149 1149 return False
1150 1150 return time.time() > self.expires
1151 1151
1152 1152 @classmethod
1153 1153 def _get_role_name(cls, role):
1154 1154 return {
1155 1155 cls.ROLE_ALL: _('all'),
1156 1156 cls.ROLE_HTTP: _('http/web interface'),
1157 1157 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1158 1158 cls.ROLE_API: _('api calls'),
1159 1159 cls.ROLE_FEED: _('feed access'),
1160 1160 cls.ROLE_ARTIFACT_DOWNLOAD: _('artifacts downloads'),
1161 1161 }.get(role, role)
1162 1162
1163 1163 @property
1164 1164 def role_humanized(self):
1165 1165 return self._get_role_name(self.role)
1166 1166
1167 1167 def _get_scope(self):
1168 1168 if self.repo:
1169 1169 return 'Repository: {}'.format(self.repo.repo_name)
1170 1170 if self.repo_group:
1171 1171 return 'RepositoryGroup: {} (recursive)'.format(self.repo_group.group_name)
1172 1172 return 'Global'
1173 1173
1174 1174 @property
1175 1175 def scope_humanized(self):
1176 1176 return self._get_scope()
1177 1177
1178 1178 @property
1179 1179 def token_obfuscated(self):
1180 1180 if self.api_key:
1181 1181 return self.api_key[:4] + "****"
1182 1182
1183 1183
1184 1184 class UserEmailMap(Base, BaseModel):
1185 1185 __tablename__ = 'user_email_map'
1186 1186 __table_args__ = (
1187 1187 Index('uem_email_idx', 'email'),
1188 1188 UniqueConstraint('email'),
1189 1189 base_table_args
1190 1190 )
1191 1191 __mapper_args__ = {}
1192 1192
1193 1193 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1194 1194 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1195 1195 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1196 1196 user = relationship('User', lazy='joined')
1197 1197
1198 1198 @validates('_email')
1199 1199 def validate_email(self, key, email):
1200 1200 # check if this email is not main one
1201 1201 main_email = Session().query(User).filter(User.email == email).scalar()
1202 1202 if main_email is not None:
1203 1203 raise AttributeError('email %s is present is user table' % email)
1204 1204 return email
1205 1205
1206 1206 @hybrid_property
1207 1207 def email(self):
1208 1208 return self._email
1209 1209
1210 1210 @email.setter
1211 1211 def email(self, val):
1212 1212 self._email = val.lower() if val else None
1213 1213
1214 1214
1215 1215 class UserIpMap(Base, BaseModel):
1216 1216 __tablename__ = 'user_ip_map'
1217 1217 __table_args__ = (
1218 1218 UniqueConstraint('user_id', 'ip_addr'),
1219 1219 base_table_args
1220 1220 )
1221 1221 __mapper_args__ = {}
1222 1222
1223 1223 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1224 1224 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1225 1225 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1226 1226 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1227 1227 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1228 1228 user = relationship('User', lazy='joined')
1229 1229
1230 1230 @hybrid_property
1231 1231 def description_safe(self):
1232 1232 from rhodecode.lib import helpers as h
1233 1233 return h.escape(self.description)
1234 1234
1235 1235 @classmethod
1236 1236 def _get_ip_range(cls, ip_addr):
1237 1237 net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)
1238 1238 return [str(net.network_address), str(net.broadcast_address)]
1239 1239
1240 1240 def __json__(self):
1241 1241 return {
1242 1242 'ip_addr': self.ip_addr,
1243 1243 'ip_range': self._get_ip_range(self.ip_addr),
1244 1244 }
1245 1245
1246 1246 def __unicode__(self):
1247 1247 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1248 1248 self.user_id, self.ip_addr)
1249 1249
1250 1250
1251 1251 class UserSshKeys(Base, BaseModel):
1252 1252 __tablename__ = 'user_ssh_keys'
1253 1253 __table_args__ = (
1254 1254 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1255 1255
1256 1256 UniqueConstraint('ssh_key_fingerprint'),
1257 1257
1258 1258 base_table_args
1259 1259 )
1260 1260 __mapper_args__ = {}
1261 1261
1262 1262 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1263 1263 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1264 1264 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1265 1265
1266 1266 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1267 1267
1268 1268 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1269 1269 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1270 1270 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1271 1271
1272 1272 user = relationship('User', lazy='joined')
1273 1273
1274 1274 def __json__(self):
1275 1275 data = {
1276 1276 'ssh_fingerprint': self.ssh_key_fingerprint,
1277 1277 'description': self.description,
1278 1278 'created_on': self.created_on
1279 1279 }
1280 1280 return data
1281 1281
1282 1282 def get_api_data(self):
1283 1283 data = self.__json__()
1284 1284 return data
1285 1285
1286 1286
1287 1287 class UserLog(Base, BaseModel):
1288 1288 __tablename__ = 'user_logs'
1289 1289 __table_args__ = (
1290 1290 base_table_args,
1291 1291 )
1292 1292
1293 1293 VERSION_1 = 'v1'
1294 1294 VERSION_2 = 'v2'
1295 1295 VERSIONS = [VERSION_1, VERSION_2]
1296 1296
1297 1297 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1298 1298 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1299 1299 username = Column("username", String(255), nullable=True, unique=None, default=None)
1300 1300 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1301 1301 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1302 1302 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1303 1303 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1304 1304 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1305 1305
1306 1306 version = Column("version", String(255), nullable=True, default=VERSION_1)
1307 1307 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1308 1308 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1309 1309
1310 1310 def __unicode__(self):
1311 1311 return u"<%s('id:%s:%s')>" % (
1312 1312 self.__class__.__name__, self.repository_name, self.action)
1313 1313
1314 1314 def __json__(self):
1315 1315 return {
1316 1316 'user_id': self.user_id,
1317 1317 'username': self.username,
1318 1318 'repository_id': self.repository_id,
1319 1319 'repository_name': self.repository_name,
1320 1320 'user_ip': self.user_ip,
1321 1321 'action_date': self.action_date,
1322 1322 'action': self.action,
1323 1323 }
1324 1324
1325 1325 @hybrid_property
1326 1326 def entry_id(self):
1327 1327 return self.user_log_id
1328 1328
1329 1329 @property
1330 1330 def action_as_day(self):
1331 1331 return datetime.date(*self.action_date.timetuple()[:3])
1332 1332
1333 1333 user = relationship('User')
1334 1334 repository = relationship('Repository', cascade='')
1335 1335
1336 1336
1337 1337 class UserGroup(Base, BaseModel):
1338 1338 __tablename__ = 'users_groups'
1339 1339 __table_args__ = (
1340 1340 base_table_args,
1341 1341 )
1342 1342
1343 1343 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1344 1344 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1345 1345 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1346 1346 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1347 1347 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1348 1348 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1349 1349 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1350 1350 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1351 1351
1352 1352 members = relationship('UserGroupMember', cascade="all, delete-orphan", lazy="joined")
1353 1353 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
1354 1354 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1355 1355 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
1356 1356 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
1357 1357 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
1358 1358
1359 1359 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')
1360 1360 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")
1361 1361
1362 1362 @classmethod
1363 1363 def _load_group_data(cls, column):
1364 1364 if not column:
1365 1365 return {}
1366 1366
1367 1367 try:
1368 1368 return json.loads(column) or {}
1369 1369 except TypeError:
1370 1370 return {}
1371 1371
1372 1372 @hybrid_property
1373 1373 def description_safe(self):
1374 1374 from rhodecode.lib import helpers as h
1375 1375 return h.escape(self.user_group_description)
1376 1376
1377 1377 @hybrid_property
1378 1378 def group_data(self):
1379 1379 return self._load_group_data(self._group_data)
1380 1380
1381 1381 @group_data.expression
1382 1382 def group_data(self, **kwargs):
1383 1383 return self._group_data
1384 1384
1385 1385 @group_data.setter
1386 1386 def group_data(self, val):
1387 1387 try:
1388 1388 self._group_data = json.dumps(val)
1389 1389 except Exception:
1390 1390 log.error(traceback.format_exc())
1391 1391
1392 1392 @classmethod
1393 1393 def _load_sync(cls, group_data):
1394 1394 if group_data:
1395 1395 return group_data.get('extern_type')
1396 1396
1397 1397 @property
1398 1398 def sync(self):
1399 1399 return self._load_sync(self.group_data)
1400 1400
1401 1401 def __unicode__(self):
1402 1402 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
1403 1403 self.users_group_id,
1404 1404 self.users_group_name)
1405 1405
1406 1406 @classmethod
1407 1407 def get_by_group_name(cls, group_name, cache=False,
1408 1408 case_insensitive=False):
1409 1409 if case_insensitive:
1410 1410 q = cls.query().filter(func.lower(cls.users_group_name) ==
1411 1411 func.lower(group_name))
1412 1412
1413 1413 else:
1414 1414 q = cls.query().filter(cls.users_group_name == group_name)
1415 1415 if cache:
1416 1416 q = q.options(
1417 1417 FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
1418 1418 return q.scalar()
1419 1419
1420 1420 @classmethod
1421 1421 def get(cls, user_group_id, cache=False):
1422 1422 if not user_group_id:
1423 1423 return
1424 1424
1425 1425 user_group = cls.query()
1426 1426 if cache:
1427 1427 user_group = user_group.options(
1428 1428 FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
1429 1429 return user_group.get(user_group_id)
1430 1430
1431 1431 def permissions(self, with_admins=True, with_owner=True,
1432 1432 expand_from_user_groups=False):
1433 1433 """
1434 1434 Permissions for user groups
1435 1435 """
1436 1436 _admin_perm = 'usergroup.admin'
1437 1437
1438 1438 owner_row = []
1439 1439 if with_owner:
1440 1440 usr = AttributeDict(self.user.get_dict())
1441 1441 usr.owner_row = True
1442 1442 usr.permission = _admin_perm
1443 1443 owner_row.append(usr)
1444 1444
1445 1445 super_admin_ids = []
1446 1446 super_admin_rows = []
1447 1447 if with_admins:
1448 1448 for usr in User.get_all_super_admins():
1449 1449 super_admin_ids.append(usr.user_id)
1450 1450 # if this admin is also owner, don't double the record
1451 1451 if usr.user_id == owner_row[0].user_id:
1452 1452 owner_row[0].admin_row = True
1453 1453 else:
1454 1454 usr = AttributeDict(usr.get_dict())
1455 1455 usr.admin_row = True
1456 1456 usr.permission = _admin_perm
1457 1457 super_admin_rows.append(usr)
1458 1458
1459 1459 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1460 1460 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1461 1461 joinedload(UserUserGroupToPerm.user),
1462 1462 joinedload(UserUserGroupToPerm.permission),)
1463 1463
1464 1464 # get owners and admins and permissions. We do a trick of re-writing
1465 1465 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1466 1466 # has a global reference and changing one object propagates to all
1467 1467 # others. This means if admin is also an owner admin_row that change
1468 1468 # would propagate to both objects
1469 1469 perm_rows = []
1470 1470 for _usr in q.all():
1471 1471 usr = AttributeDict(_usr.user.get_dict())
1472 1472 # if this user is also owner/admin, mark as duplicate record
1473 1473 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1474 1474 usr.duplicate_perm = True
1475 1475 usr.permission = _usr.permission.permission_name
1476 1476 perm_rows.append(usr)
1477 1477
1478 1478 # filter the perm rows by 'default' first and then sort them by
1479 1479 # admin,write,read,none permissions sorted again alphabetically in
1480 1480 # each group
1481 1481 perm_rows = sorted(perm_rows, key=display_user_sort)
1482 1482
1483 1483 user_groups_rows = []
1484 1484 if expand_from_user_groups:
1485 1485 for ug in self.permission_user_groups(with_members=True):
1486 1486 for user_data in ug.members:
1487 1487 user_groups_rows.append(user_data)
1488 1488
1489 1489 return super_admin_rows + owner_row + perm_rows + user_groups_rows
1490 1490
1491 1491 def permission_user_groups(self, with_members=False):
1492 1492 q = UserGroupUserGroupToPerm.query()\
1493 1493 .filter(UserGroupUserGroupToPerm.target_user_group == self)
1494 1494 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1495 1495 joinedload(UserGroupUserGroupToPerm.target_user_group),
1496 1496 joinedload(UserGroupUserGroupToPerm.permission),)
1497 1497
1498 1498 perm_rows = []
1499 1499 for _user_group in q.all():
1500 1500 entry = AttributeDict(_user_group.user_group.get_dict())
1501 1501 entry.permission = _user_group.permission.permission_name
1502 1502 if with_members:
1503 1503 entry.members = [x.user.get_dict()
1504 1504 for x in _user_group.user_group.members]
1505 1505 perm_rows.append(entry)
1506 1506
1507 1507 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1508 1508 return perm_rows
1509 1509
1510 1510 def _get_default_perms(self, user_group, suffix=''):
1511 1511 from rhodecode.model.permission import PermissionModel
1512 1512 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1513 1513
1514 1514 def get_default_perms(self, suffix=''):
1515 1515 return self._get_default_perms(self, suffix)
1516 1516
1517 1517 def get_api_data(self, with_group_members=True, include_secrets=False):
1518 1518 """
1519 1519 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1520 1520 basically forwarded.
1521 1521
1522 1522 """
1523 1523 user_group = self
1524 1524 data = {
1525 1525 'users_group_id': user_group.users_group_id,
1526 1526 'group_name': user_group.users_group_name,
1527 1527 'group_description': user_group.user_group_description,
1528 1528 'active': user_group.users_group_active,
1529 1529 'owner': user_group.user.username,
1530 1530 'sync': user_group.sync,
1531 1531 'owner_email': user_group.user.email,
1532 1532 }
1533 1533
1534 1534 if with_group_members:
1535 1535 users = []
1536 1536 for user in user_group.members:
1537 1537 user = user.user
1538 1538 users.append(user.get_api_data(include_secrets=include_secrets))
1539 1539 data['users'] = users
1540 1540
1541 1541 return data
1542 1542
1543 1543
1544 1544 class UserGroupMember(Base, BaseModel):
1545 1545 __tablename__ = 'users_groups_members'
1546 1546 __table_args__ = (
1547 1547 base_table_args,
1548 1548 )
1549 1549
1550 1550 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1551 1551 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1552 1552 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1553 1553
1554 1554 user = relationship('User', lazy='joined')
1555 1555 users_group = relationship('UserGroup')
1556 1556
1557 1557 def __init__(self, gr_id='', u_id=''):
1558 1558 self.users_group_id = gr_id
1559 1559 self.user_id = u_id
1560 1560
1561 1561
1562 1562 class RepositoryField(Base, BaseModel):
1563 1563 __tablename__ = 'repositories_fields'
1564 1564 __table_args__ = (
1565 1565 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1566 1566 base_table_args,
1567 1567 )
1568 1568
1569 1569 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1570 1570
1571 1571 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1572 1572 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1573 1573 field_key = Column("field_key", String(250))
1574 1574 field_label = Column("field_label", String(1024), nullable=False)
1575 1575 field_value = Column("field_value", String(10000), nullable=False)
1576 1576 field_desc = Column("field_desc", String(1024), nullable=False)
1577 1577 field_type = Column("field_type", String(255), nullable=False, unique=None)
1578 1578 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1579 1579
1580 1580 repository = relationship('Repository')
1581 1581
1582 1582 @property
1583 1583 def field_key_prefixed(self):
1584 1584 return 'ex_%s' % self.field_key
1585 1585
1586 1586 @classmethod
1587 1587 def un_prefix_key(cls, key):
1588 1588 if key.startswith(cls.PREFIX):
1589 1589 return key[len(cls.PREFIX):]
1590 1590 return key
1591 1591
1592 1592 @classmethod
1593 1593 def get_by_key_name(cls, key, repo):
1594 1594 row = cls.query()\
1595 1595 .filter(cls.repository == repo)\
1596 1596 .filter(cls.field_key == key).scalar()
1597 1597 return row
1598 1598
1599 1599
1600 1600 class Repository(Base, BaseModel):
1601 1601 __tablename__ = 'repositories'
1602 1602 __table_args__ = (
1603 1603 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1604 1604 base_table_args,
1605 1605 )
1606 1606 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1607 1607 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1608 1608 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1609 1609
1610 1610 STATE_CREATED = 'repo_state_created'
1611 1611 STATE_PENDING = 'repo_state_pending'
1612 1612 STATE_ERROR = 'repo_state_error'
1613 1613
1614 1614 LOCK_AUTOMATIC = 'lock_auto'
1615 1615 LOCK_API = 'lock_api'
1616 1616 LOCK_WEB = 'lock_web'
1617 1617 LOCK_PULL = 'lock_pull'
1618 1618
1619 1619 NAME_SEP = URL_SEP
1620 1620
1621 1621 repo_id = Column(
1622 1622 "repo_id", Integer(), nullable=False, unique=True, default=None,
1623 1623 primary_key=True)
1624 1624 _repo_name = Column(
1625 1625 "repo_name", Text(), nullable=False, default=None)
1626 1626 _repo_name_hash = Column(
1627 1627 "repo_name_hash", String(255), nullable=False, unique=True)
1628 1628 repo_state = Column("repo_state", String(255), nullable=True)
1629 1629
1630 1630 clone_uri = Column(
1631 1631 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1632 1632 default=None)
1633 1633 push_uri = Column(
1634 1634 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1635 1635 default=None)
1636 1636 repo_type = Column(
1637 1637 "repo_type", String(255), nullable=False, unique=False, default=None)
1638 1638 user_id = Column(
1639 1639 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1640 1640 unique=False, default=None)
1641 1641 private = Column(
1642 1642 "private", Boolean(), nullable=True, unique=None, default=None)
1643 1643 archived = Column(
1644 1644 "archived", Boolean(), nullable=True, unique=None, default=None)
1645 1645 enable_statistics = Column(
1646 1646 "statistics", Boolean(), nullable=True, unique=None, default=True)
1647 1647 enable_downloads = Column(
1648 1648 "downloads", Boolean(), nullable=True, unique=None, default=True)
1649 1649 description = Column(
1650 1650 "description", String(10000), nullable=True, unique=None, default=None)
1651 1651 created_on = Column(
1652 1652 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1653 1653 default=datetime.datetime.now)
1654 1654 updated_on = Column(
1655 1655 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1656 1656 default=datetime.datetime.now)
1657 1657 _landing_revision = Column(
1658 1658 "landing_revision", String(255), nullable=False, unique=False,
1659 1659 default=None)
1660 1660 enable_locking = Column(
1661 1661 "enable_locking", Boolean(), nullable=False, unique=None,
1662 1662 default=False)
1663 1663 _locked = Column(
1664 1664 "locked", String(255), nullable=True, unique=False, default=None)
1665 1665 _changeset_cache = Column(
1666 1666 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1667 1667
1668 1668 fork_id = Column(
1669 1669 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1670 1670 nullable=True, unique=False, default=None)
1671 1671 group_id = Column(
1672 1672 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1673 1673 unique=False, default=None)
1674 1674
1675 1675 user = relationship('User', lazy='joined')
1676 1676 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1677 1677 group = relationship('RepoGroup', lazy='joined')
1678 1678 repo_to_perm = relationship(
1679 1679 'UserRepoToPerm', cascade='all',
1680 1680 order_by='UserRepoToPerm.repo_to_perm_id')
1681 1681 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1682 1682 stats = relationship('Statistics', cascade='all', uselist=False)
1683 1683
1684 1684 followers = relationship(
1685 1685 'UserFollowing',
1686 1686 primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
1687 1687 cascade='all')
1688 1688 extra_fields = relationship(
1689 1689 'RepositoryField', cascade="all, delete-orphan")
1690 1690 logs = relationship('UserLog')
1691 1691 comments = relationship(
1692 1692 'ChangesetComment', cascade="all, delete-orphan")
1693 1693 pull_requests_source = relationship(
1694 1694 'PullRequest',
1695 1695 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1696 1696 cascade="all, delete-orphan")
1697 1697 pull_requests_target = relationship(
1698 1698 'PullRequest',
1699 1699 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1700 1700 cascade="all, delete-orphan")
1701 1701 ui = relationship('RepoRhodeCodeUi', cascade="all")
1702 1702 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1703 1703 integrations = relationship('Integration', cascade="all, delete-orphan")
1704 1704
1705 1705 scoped_tokens = relationship('UserApiKeys', cascade="all")
1706 1706
1707 1707 artifacts = relationship('FileStore', cascade="all")
1708 1708
1709 1709 def __unicode__(self):
1710 1710 return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
1711 1711 safe_unicode(self.repo_name))
1712 1712
1713 1713 @hybrid_property
1714 1714 def description_safe(self):
1715 1715 from rhodecode.lib import helpers as h
1716 1716 return h.escape(self.description)
1717 1717
1718 1718 @hybrid_property
1719 1719 def landing_rev(self):
1720 1720 # always should return [rev_type, rev]
1721 1721 if self._landing_revision:
1722 1722 _rev_info = self._landing_revision.split(':')
1723 1723 if len(_rev_info) < 2:
1724 1724 _rev_info.insert(0, 'rev')
1725 1725 return [_rev_info[0], _rev_info[1]]
1726 1726 return [None, None]
1727 1727
1728 1728 @landing_rev.setter
1729 1729 def landing_rev(self, val):
1730 1730 if ':' not in val:
1731 1731 raise ValueError('value must be delimited with `:` and consist '
1732 1732 'of <rev_type>:<rev>, got %s instead' % val)
1733 1733 self._landing_revision = val
1734 1734
1735 1735 @hybrid_property
1736 1736 def locked(self):
1737 1737 if self._locked:
1738 1738 user_id, timelocked, reason = self._locked.split(':')
1739 1739 lock_values = int(user_id), timelocked, reason
1740 1740 else:
1741 1741 lock_values = [None, None, None]
1742 1742 return lock_values
1743 1743
1744 1744 @locked.setter
1745 1745 def locked(self, val):
1746 1746 if val and isinstance(val, (list, tuple)):
1747 1747 self._locked = ':'.join(map(str, val))
1748 1748 else:
1749 1749 self._locked = None
1750 1750
1751 1751 @hybrid_property
1752 1752 def changeset_cache(self):
1753 1753 from rhodecode.lib.vcs.backends.base import EmptyCommit
1754 1754 dummy = EmptyCommit().__json__()
1755 1755 if not self._changeset_cache:
1756 1756 dummy['source_repo_id'] = self.repo_id
1757 1757 return json.loads(json.dumps(dummy))
1758 1758
1759 1759 try:
1760 1760 return json.loads(self._changeset_cache)
1761 1761 except TypeError:
1762 1762 return dummy
1763 1763 except Exception:
1764 1764 log.error(traceback.format_exc())
1765 1765 return dummy
1766 1766
1767 1767 @changeset_cache.setter
1768 1768 def changeset_cache(self, val):
1769 1769 try:
1770 1770 self._changeset_cache = json.dumps(val)
1771 1771 except Exception:
1772 1772 log.error(traceback.format_exc())
1773 1773
1774 1774 @hybrid_property
1775 1775 def repo_name(self):
1776 1776 return self._repo_name
1777 1777
1778 1778 @repo_name.setter
1779 1779 def repo_name(self, value):
1780 1780 self._repo_name = value
1781 1781 self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
1782 1782
1783 1783 @classmethod
1784 1784 def normalize_repo_name(cls, repo_name):
1785 1785 """
1786 1786 Normalizes os specific repo_name to the format internally stored inside
1787 1787 database using URL_SEP
1788 1788
1789 1789 :param cls:
1790 1790 :param repo_name:
1791 1791 """
1792 1792 return cls.NAME_SEP.join(repo_name.split(os.sep))
1793 1793
1794 1794 @classmethod
1795 1795 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1796 1796 session = Session()
1797 1797 q = session.query(cls).filter(cls.repo_name == repo_name)
1798 1798
1799 1799 if cache:
1800 1800 if identity_cache:
1801 1801 val = cls.identity_cache(session, 'repo_name', repo_name)
1802 1802 if val:
1803 1803 return val
1804 1804 else:
1805 1805 cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
1806 1806 q = q.options(
1807 1807 FromCache("sql_cache_short", cache_key))
1808 1808
1809 1809 return q.scalar()
1810 1810
1811 1811 @classmethod
1812 1812 def get_by_id_or_repo_name(cls, repoid):
1813 1813 if isinstance(repoid, (int, long)):
1814 1814 try:
1815 1815 repo = cls.get(repoid)
1816 1816 except ValueError:
1817 1817 repo = None
1818 1818 else:
1819 1819 repo = cls.get_by_repo_name(repoid)
1820 1820 return repo
1821 1821
1822 1822 @classmethod
1823 1823 def get_by_full_path(cls, repo_full_path):
1824 1824 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1825 1825 repo_name = cls.normalize_repo_name(repo_name)
1826 1826 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1827 1827
1828 1828 @classmethod
1829 1829 def get_repo_forks(cls, repo_id):
1830 1830 return cls.query().filter(Repository.fork_id == repo_id)
1831 1831
1832 1832 @classmethod
1833 1833 def base_path(cls):
1834 1834 """
1835 1835 Returns base path when all repos are stored
1836 1836
1837 1837 :param cls:
1838 1838 """
1839 1839 q = Session().query(RhodeCodeUi)\
1840 1840 .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
1841 1841 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1842 1842 return q.one().ui_value
1843 1843
1844 1844 @classmethod
1845 1845 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1846 1846 case_insensitive=True, archived=False):
1847 1847 q = Repository.query()
1848 1848
1849 1849 if not archived:
1850 1850 q = q.filter(Repository.archived.isnot(true()))
1851 1851
1852 1852 if not isinstance(user_id, Optional):
1853 1853 q = q.filter(Repository.user_id == user_id)
1854 1854
1855 1855 if not isinstance(group_id, Optional):
1856 1856 q = q.filter(Repository.group_id == group_id)
1857 1857
1858 1858 if case_insensitive:
1859 1859 q = q.order_by(func.lower(Repository.repo_name))
1860 1860 else:
1861 1861 q = q.order_by(Repository.repo_name)
1862 1862
1863 1863 return q.all()
1864 1864
1865 1865 @property
1866 1866 def repo_uid(self):
1867 1867 return '_{}'.format(self.repo_id)
1868 1868
1869 1869 @property
1870 1870 def forks(self):
1871 1871 """
1872 1872 Return forks of this repo
1873 1873 """
1874 1874 return Repository.get_repo_forks(self.repo_id)
1875 1875
1876 1876 @property
1877 1877 def parent(self):
1878 1878 """
1879 1879 Returns fork parent
1880 1880 """
1881 1881 return self.fork
1882 1882
1883 1883 @property
1884 1884 def just_name(self):
1885 1885 return self.repo_name.split(self.NAME_SEP)[-1]
1886 1886
1887 1887 @property
1888 1888 def groups_with_parents(self):
1889 1889 groups = []
1890 1890 if self.group is None:
1891 1891 return groups
1892 1892
1893 1893 cur_gr = self.group
1894 1894 groups.insert(0, cur_gr)
1895 1895 while 1:
1896 1896 gr = getattr(cur_gr, 'parent_group', None)
1897 1897 cur_gr = cur_gr.parent_group
1898 1898 if gr is None:
1899 1899 break
1900 1900 groups.insert(0, gr)
1901 1901
1902 1902 return groups
1903 1903
1904 1904 @property
1905 1905 def groups_and_repo(self):
1906 1906 return self.groups_with_parents, self
1907 1907
1908 1908 @LazyProperty
1909 1909 def repo_path(self):
1910 1910 """
1911 1911 Returns base full path for that repository means where it actually
1912 1912 exists on a filesystem
1913 1913 """
1914 1914 q = Session().query(RhodeCodeUi).filter(
1915 1915 RhodeCodeUi.ui_key == self.NAME_SEP)
1916 1916 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1917 1917 return q.one().ui_value
1918 1918
1919 1919 @property
1920 1920 def repo_full_path(self):
1921 1921 p = [self.repo_path]
1922 1922 # we need to split the name by / since this is how we store the
1923 1923 # names in the database, but that eventually needs to be converted
1924 1924 # into a valid system path
1925 1925 p += self.repo_name.split(self.NAME_SEP)
1926 1926 return os.path.join(*map(safe_unicode, p))
1927 1927
1928 1928 @property
1929 1929 def cache_keys(self):
1930 1930 """
1931 1931 Returns associated cache keys for that repo
1932 1932 """
1933 1933 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
1934 1934 repo_id=self.repo_id)
1935 1935 return CacheKey.query()\
1936 1936 .filter(CacheKey.cache_args == invalidation_namespace)\
1937 1937 .order_by(CacheKey.cache_key)\
1938 1938 .all()
1939 1939
1940 1940 @property
1941 1941 def cached_diffs_relative_dir(self):
1942 1942 """
1943 1943 Return a relative to the repository store path of cached diffs
1944 1944 used for safe display for users, who shouldn't know the absolute store
1945 1945 path
1946 1946 """
1947 1947 return os.path.join(
1948 1948 os.path.dirname(self.repo_name),
1949 1949 self.cached_diffs_dir.split(os.path.sep)[-1])
1950 1950
1951 1951 @property
1952 1952 def cached_diffs_dir(self):
1953 1953 path = self.repo_full_path
1954 1954 return os.path.join(
1955 1955 os.path.dirname(path),
1956 1956 '.__shadow_diff_cache_repo_{}'.format(self.repo_id))
1957 1957
1958 1958 def cached_diffs(self):
1959 1959 diff_cache_dir = self.cached_diffs_dir
1960 1960 if os.path.isdir(diff_cache_dir):
1961 1961 return os.listdir(diff_cache_dir)
1962 1962 return []
1963 1963
1964 1964 def shadow_repos(self):
1965 1965 shadow_repos_pattern = '.__shadow_repo_{}'.format(self.repo_id)
1966 1966 return [
1967 1967 x for x in os.listdir(os.path.dirname(self.repo_full_path))
1968 1968 if x.startswith(shadow_repos_pattern)]
1969 1969
1970 1970 def get_new_name(self, repo_name):
1971 1971 """
1972 1972 returns new full repository name based on assigned group and new new
1973 1973
1974 1974 :param group_name:
1975 1975 """
1976 1976 path_prefix = self.group.full_path_splitted if self.group else []
1977 1977 return self.NAME_SEP.join(path_prefix + [repo_name])
1978 1978
1979 1979 @property
1980 1980 def _config(self):
1981 1981 """
1982 1982 Returns db based config object.
1983 1983 """
1984 1984 from rhodecode.lib.utils import make_db_config
1985 1985 return make_db_config(clear_session=False, repo=self)
1986 1986
1987 1987 def permissions(self, with_admins=True, with_owner=True,
1988 1988 expand_from_user_groups=False):
1989 1989 """
1990 1990 Permissions for repositories
1991 1991 """
1992 1992 _admin_perm = 'repository.admin'
1993 1993
1994 1994 owner_row = []
1995 1995 if with_owner:
1996 1996 usr = AttributeDict(self.user.get_dict())
1997 1997 usr.owner_row = True
1998 1998 usr.permission = _admin_perm
1999 1999 usr.permission_id = None
2000 2000 owner_row.append(usr)
2001 2001
2002 2002 super_admin_ids = []
2003 2003 super_admin_rows = []
2004 2004 if with_admins:
2005 2005 for usr in User.get_all_super_admins():
2006 2006 super_admin_ids.append(usr.user_id)
2007 2007 # if this admin is also owner, don't double the record
2008 2008 if usr.user_id == owner_row[0].user_id:
2009 2009 owner_row[0].admin_row = True
2010 2010 else:
2011 2011 usr = AttributeDict(usr.get_dict())
2012 2012 usr.admin_row = True
2013 2013 usr.permission = _admin_perm
2014 2014 usr.permission_id = None
2015 2015 super_admin_rows.append(usr)
2016 2016
2017 2017 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
2018 2018 q = q.options(joinedload(UserRepoToPerm.repository),
2019 2019 joinedload(UserRepoToPerm.user),
2020 2020 joinedload(UserRepoToPerm.permission),)
2021 2021
2022 2022 # get owners and admins and permissions. We do a trick of re-writing
2023 2023 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2024 2024 # has a global reference and changing one object propagates to all
2025 2025 # others. This means if admin is also an owner admin_row that change
2026 2026 # would propagate to both objects
2027 2027 perm_rows = []
2028 2028 for _usr in q.all():
2029 2029 usr = AttributeDict(_usr.user.get_dict())
2030 2030 # if this user is also owner/admin, mark as duplicate record
2031 2031 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2032 2032 usr.duplicate_perm = True
2033 2033 # also check if this permission is maybe used by branch_permissions
2034 2034 if _usr.branch_perm_entry:
2035 2035 usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]
2036 2036
2037 2037 usr.permission = _usr.permission.permission_name
2038 2038 usr.permission_id = _usr.repo_to_perm_id
2039 2039 perm_rows.append(usr)
2040 2040
2041 2041 # filter the perm rows by 'default' first and then sort them by
2042 2042 # admin,write,read,none permissions sorted again alphabetically in
2043 2043 # each group
2044 2044 perm_rows = sorted(perm_rows, key=display_user_sort)
2045 2045
2046 2046 user_groups_rows = []
2047 2047 if expand_from_user_groups:
2048 2048 for ug in self.permission_user_groups(with_members=True):
2049 2049 for user_data in ug.members:
2050 2050 user_groups_rows.append(user_data)
2051 2051
2052 2052 return super_admin_rows + owner_row + perm_rows + user_groups_rows
2053 2053
2054 2054 def permission_user_groups(self, with_members=True):
2055 2055 q = UserGroupRepoToPerm.query()\
2056 2056 .filter(UserGroupRepoToPerm.repository == self)
2057 2057 q = q.options(joinedload(UserGroupRepoToPerm.repository),
2058 2058 joinedload(UserGroupRepoToPerm.users_group),
2059 2059 joinedload(UserGroupRepoToPerm.permission),)
2060 2060
2061 2061 perm_rows = []
2062 2062 for _user_group in q.all():
2063 2063 entry = AttributeDict(_user_group.users_group.get_dict())
2064 2064 entry.permission = _user_group.permission.permission_name
2065 2065 if with_members:
2066 2066 entry.members = [x.user.get_dict()
2067 2067 for x in _user_group.users_group.members]
2068 2068 perm_rows.append(entry)
2069 2069
2070 2070 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2071 2071 return perm_rows
2072 2072
2073 2073 def get_api_data(self, include_secrets=False):
2074 2074 """
2075 2075 Common function for generating repo api data
2076 2076
2077 2077 :param include_secrets: See :meth:`User.get_api_data`.
2078 2078
2079 2079 """
2080 2080 # TODO: mikhail: Here there is an anti-pattern, we probably need to
2081 2081 # move this methods on models level.
2082 2082 from rhodecode.model.settings import SettingsModel
2083 2083 from rhodecode.model.repo import RepoModel
2084 2084
2085 2085 repo = self
2086 2086 _user_id, _time, _reason = self.locked
2087 2087
2088 2088 data = {
2089 2089 'repo_id': repo.repo_id,
2090 2090 'repo_name': repo.repo_name,
2091 2091 'repo_type': repo.repo_type,
2092 2092 'clone_uri': repo.clone_uri or '',
2093 2093 'push_uri': repo.push_uri or '',
2094 2094 'url': RepoModel().get_url(self),
2095 2095 'private': repo.private,
2096 2096 'created_on': repo.created_on,
2097 2097 'description': repo.description_safe,
2098 2098 'landing_rev': repo.landing_rev,
2099 2099 'owner': repo.user.username,
2100 2100 'fork_of': repo.fork.repo_name if repo.fork else None,
2101 2101 'fork_of_id': repo.fork.repo_id if repo.fork else None,
2102 2102 'enable_statistics': repo.enable_statistics,
2103 2103 'enable_locking': repo.enable_locking,
2104 2104 'enable_downloads': repo.enable_downloads,
2105 2105 'last_changeset': repo.changeset_cache,
2106 2106 'locked_by': User.get(_user_id).get_api_data(
2107 2107 include_secrets=include_secrets) if _user_id else None,
2108 2108 'locked_date': time_to_datetime(_time) if _time else None,
2109 2109 'lock_reason': _reason if _reason else None,
2110 2110 }
2111 2111
2112 2112 # TODO: mikhail: should be per-repo settings here
2113 2113 rc_config = SettingsModel().get_all_settings()
2114 2114 repository_fields = str2bool(
2115 2115 rc_config.get('rhodecode_repository_fields'))
2116 2116 if repository_fields:
2117 2117 for f in self.extra_fields:
2118 2118 data[f.field_key_prefixed] = f.field_value
2119 2119
2120 2120 return data
2121 2121
2122 2122 @classmethod
2123 2123 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2124 2124 if not lock_time:
2125 2125 lock_time = time.time()
2126 2126 if not lock_reason:
2127 2127 lock_reason = cls.LOCK_AUTOMATIC
2128 2128 repo.locked = [user_id, lock_time, lock_reason]
2129 2129 Session().add(repo)
2130 2130 Session().commit()
2131 2131
2132 2132 @classmethod
2133 2133 def unlock(cls, repo):
2134 2134 repo.locked = None
2135 2135 Session().add(repo)
2136 2136 Session().commit()
2137 2137
2138 2138 @classmethod
2139 2139 def getlock(cls, repo):
2140 2140 return repo.locked
2141 2141
2142 2142 def is_user_lock(self, user_id):
2143 2143 if self.lock[0]:
2144 2144 lock_user_id = safe_int(self.lock[0])
2145 2145 user_id = safe_int(user_id)
2146 2146 # both are ints, and they are equal
2147 2147 return all([lock_user_id, user_id]) and lock_user_id == user_id
2148 2148
2149 2149 return False
2150 2150
2151 2151 def get_locking_state(self, action, user_id, only_when_enabled=True):
2152 2152 """
2153 2153 Checks locking on this repository, if locking is enabled and lock is
2154 2154 present returns a tuple of make_lock, locked, locked_by.
2155 2155 make_lock can have 3 states None (do nothing) True, make lock
2156 2156 False release lock, This value is later propagated to hooks, which
2157 2157 do the locking. Think about this as signals passed to hooks what to do.
2158 2158
2159 2159 """
2160 2160 # TODO: johbo: This is part of the business logic and should be moved
2161 2161 # into the RepositoryModel.
2162 2162
2163 2163 if action not in ('push', 'pull'):
2164 2164 raise ValueError("Invalid action value: %s" % repr(action))
2165 2165
2166 2166 # defines if locked error should be thrown to user
2167 2167 currently_locked = False
2168 2168 # defines if new lock should be made, tri-state
2169 2169 make_lock = None
2170 2170 repo = self
2171 2171 user = User.get(user_id)
2172 2172
2173 2173 lock_info = repo.locked
2174 2174
2175 2175 if repo and (repo.enable_locking or not only_when_enabled):
2176 2176 if action == 'push':
2177 2177 # check if it's already locked !, if it is compare users
2178 2178 locked_by_user_id = lock_info[0]
2179 2179 if user.user_id == locked_by_user_id:
2180 2180 log.debug(
2181 2181 'Got `push` action from user %s, now unlocking', user)
2182 2182 # unlock if we have push from user who locked
2183 2183 make_lock = False
2184 2184 else:
2185 2185 # we're not the same user who locked, ban with
2186 2186 # code defined in settings (default is 423 HTTP Locked) !
2187 2187 log.debug('Repo %s is currently locked by %s', repo, user)
2188 2188 currently_locked = True
2189 2189 elif action == 'pull':
2190 2190 # [0] user [1] date
2191 2191 if lock_info[0] and lock_info[1]:
2192 2192 log.debug('Repo %s is currently locked by %s', repo, user)
2193 2193 currently_locked = True
2194 2194 else:
2195 2195 log.debug('Setting lock on repo %s by %s', repo, user)
2196 2196 make_lock = True
2197 2197
2198 2198 else:
2199 2199 log.debug('Repository %s do not have locking enabled', repo)
2200 2200
2201 2201 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2202 2202 make_lock, currently_locked, lock_info)
2203 2203
2204 2204 from rhodecode.lib.auth import HasRepoPermissionAny
2205 2205 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2206 2206 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2207 2207 # if we don't have at least write permission we cannot make a lock
2208 2208 log.debug('lock state reset back to FALSE due to lack '
2209 2209 'of at least read permission')
2210 2210 make_lock = False
2211 2211
2212 2212 return make_lock, currently_locked, lock_info
2213 2213
2214 2214 @property
2215 2215 def last_commit_cache_update_diff(self):
2216 2216 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
2217 2217
2218 2218 @property
2219 2219 def last_commit_change(self):
2220 2220 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2221 2221 empty_date = datetime.datetime.fromtimestamp(0)
2222 2222 date_latest = self.changeset_cache.get('date', empty_date)
2223 2223 try:
2224 2224 return parse_datetime(date_latest)
2225 2225 except Exception:
2226 2226 return empty_date
2227 2227
2228 2228 @property
2229 2229 def last_db_change(self):
2230 2230 return self.updated_on
2231 2231
2232 2232 @property
2233 2233 def clone_uri_hidden(self):
2234 2234 clone_uri = self.clone_uri
2235 2235 if clone_uri:
2236 2236 import urlobject
2237 2237 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2238 2238 if url_obj.password:
2239 2239 clone_uri = url_obj.with_password('*****')
2240 2240 return clone_uri
2241 2241
2242 2242 @property
2243 2243 def push_uri_hidden(self):
2244 2244 push_uri = self.push_uri
2245 2245 if push_uri:
2246 2246 import urlobject
2247 2247 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2248 2248 if url_obj.password:
2249 2249 push_uri = url_obj.with_password('*****')
2250 2250 return push_uri
2251 2251
2252 2252 def clone_url(self, **override):
2253 2253 from rhodecode.model.settings import SettingsModel
2254 2254
2255 2255 uri_tmpl = None
2256 2256 if 'with_id' in override:
2257 2257 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2258 2258 del override['with_id']
2259 2259
2260 2260 if 'uri_tmpl' in override:
2261 2261 uri_tmpl = override['uri_tmpl']
2262 2262 del override['uri_tmpl']
2263 2263
2264 2264 ssh = False
2265 2265 if 'ssh' in override:
2266 2266 ssh = True
2267 2267 del override['ssh']
2268 2268
2269 2269 # we didn't override our tmpl from **overrides
2270 2270 request = get_current_request()
2271 2271 if not uri_tmpl:
2272 2272 if hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):
2273 2273 rc_config = request.call_context.rc_config
2274 2274 else:
2275 2275 rc_config = SettingsModel().get_all_settings(cache=True)
2276 2276 if ssh:
2277 2277 uri_tmpl = rc_config.get(
2278 2278 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2279 2279 else:
2280 2280 uri_tmpl = rc_config.get(
2281 2281 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2282 2282
2283 2283 return get_clone_url(request=request,
2284 2284 uri_tmpl=uri_tmpl,
2285 2285 repo_name=self.repo_name,
2286 2286 repo_id=self.repo_id, **override)
2287 2287
2288 2288 def set_state(self, state):
2289 2289 self.repo_state = state
2290 2290 Session().add(self)
2291 2291 #==========================================================================
2292 2292 # SCM PROPERTIES
2293 2293 #==========================================================================
2294 2294
2295 2295 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
2296 2296 return get_commit_safe(
2297 2297 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
2298 2298
2299 2299 def get_changeset(self, rev=None, pre_load=None):
2300 2300 warnings.warn("Use get_commit", DeprecationWarning)
2301 2301 commit_id = None
2302 2302 commit_idx = None
2303 2303 if isinstance(rev, compat.string_types):
2304 2304 commit_id = rev
2305 2305 else:
2306 2306 commit_idx = rev
2307 2307 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2308 2308 pre_load=pre_load)
2309 2309
2310 2310 def get_landing_commit(self):
2311 2311 """
2312 2312 Returns landing commit, or if that doesn't exist returns the tip
2313 2313 """
2314 2314 _rev_type, _rev = self.landing_rev
2315 2315 commit = self.get_commit(_rev)
2316 2316 if isinstance(commit, EmptyCommit):
2317 2317 return self.get_commit()
2318 2318 return commit
2319 2319
2320 2320 def flush_commit_cache(self):
2321 2321 self.update_commit_cache(cs_cache={'raw_id':'0'})
2322 2322 self.update_commit_cache()
2323 2323
2324 2324 def update_commit_cache(self, cs_cache=None, config=None):
2325 2325 """
2326 2326 Update cache of last commit for repository, keys should be::
2327 2327
2328 2328 source_repo_id
2329 2329 short_id
2330 2330 raw_id
2331 2331 revision
2332 2332 parents
2333 2333 message
2334 2334 date
2335 2335 author
2336 2336 updated_on
2337 2337
2338 2338 """
2339 2339 from rhodecode.lib.vcs.backends.base import BaseChangeset
2340 2340 if cs_cache is None:
2341 2341 # use no-cache version here
2342 2342 scm_repo = self.scm_instance(cache=False, config=config)
2343 2343
2344 2344 empty = scm_repo is None or scm_repo.is_empty()
2345 2345 if not empty:
2346 2346 cs_cache = scm_repo.get_commit(
2347 2347 pre_load=["author", "date", "message", "parents", "branch"])
2348 2348 else:
2349 2349 cs_cache = EmptyCommit()
2350 2350
2351 2351 if isinstance(cs_cache, BaseChangeset):
2352 2352 cs_cache = cs_cache.__json__()
2353 2353
2354 2354 def is_outdated(new_cs_cache):
2355 2355 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2356 2356 new_cs_cache['revision'] != self.changeset_cache['revision']):
2357 2357 return True
2358 2358 return False
2359 2359
2360 2360 # check if we have maybe already latest cached revision
2361 2361 if is_outdated(cs_cache) or not self.changeset_cache:
2362 2362 _default = datetime.datetime.utcnow()
2363 2363 last_change = cs_cache.get('date') or _default
2364 2364 # we check if last update is newer than the new value
2365 2365 # if yes, we use the current timestamp instead. Imagine you get
2366 2366 # old commit pushed 1y ago, we'd set last update 1y to ago.
2367 2367 last_change_timestamp = datetime_to_time(last_change)
2368 2368 current_timestamp = datetime_to_time(last_change)
2369 2369 if last_change_timestamp > current_timestamp:
2370 2370 cs_cache['date'] = _default
2371 2371
2372 2372 cs_cache['updated_on'] = time.time()
2373 2373 self.changeset_cache = cs_cache
2374 2374 self.updated_on = last_change
2375 2375 Session().add(self)
2376 2376 Session().commit()
2377 2377
2378 2378 log.debug('updated repo `%s` with new commit cache %s',
2379 2379 self.repo_name, cs_cache)
2380 2380 else:
2381 2381 cs_cache = self.changeset_cache
2382 2382 cs_cache['updated_on'] = time.time()
2383 2383 self.changeset_cache = cs_cache
2384 2384 Session().add(self)
2385 2385 Session().commit()
2386 2386
2387 2387 log.debug('Skipping update_commit_cache for repo:`%s` '
2388 2388 'commit already with latest changes', self.repo_name)
2389 2389
2390 2390 @property
2391 2391 def tip(self):
2392 2392 return self.get_commit('tip')
2393 2393
2394 2394 @property
2395 2395 def author(self):
2396 2396 return self.tip.author
2397 2397
2398 2398 @property
2399 2399 def last_change(self):
2400 2400 return self.scm_instance().last_change
2401 2401
2402 2402 def get_comments(self, revisions=None):
2403 2403 """
2404 2404 Returns comments for this repository grouped by revisions
2405 2405
2406 2406 :param revisions: filter query by revisions only
2407 2407 """
2408 2408 cmts = ChangesetComment.query()\
2409 2409 .filter(ChangesetComment.repo == self)
2410 2410 if revisions:
2411 2411 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2412 2412 grouped = collections.defaultdict(list)
2413 2413 for cmt in cmts.all():
2414 2414 grouped[cmt.revision].append(cmt)
2415 2415 return grouped
2416 2416
2417 2417 def statuses(self, revisions=None):
2418 2418 """
2419 2419 Returns statuses for this repository
2420 2420
2421 2421 :param revisions: list of revisions to get statuses for
2422 2422 """
2423 2423 statuses = ChangesetStatus.query()\
2424 2424 .filter(ChangesetStatus.repo == self)\
2425 2425 .filter(ChangesetStatus.version == 0)
2426 2426
2427 2427 if revisions:
2428 2428 # Try doing the filtering in chunks to avoid hitting limits
2429 2429 size = 500
2430 2430 status_results = []
2431 2431 for chunk in xrange(0, len(revisions), size):
2432 2432 status_results += statuses.filter(
2433 2433 ChangesetStatus.revision.in_(
2434 2434 revisions[chunk: chunk+size])
2435 2435 ).all()
2436 2436 else:
2437 2437 status_results = statuses.all()
2438 2438
2439 2439 grouped = {}
2440 2440
2441 2441 # maybe we have open new pullrequest without a status?
2442 2442 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2443 2443 status_lbl = ChangesetStatus.get_status_lbl(stat)
2444 2444 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2445 2445 for rev in pr.revisions:
2446 2446 pr_id = pr.pull_request_id
2447 2447 pr_repo = pr.target_repo.repo_name
2448 2448 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2449 2449
2450 2450 for stat in status_results:
2451 2451 pr_id = pr_repo = None
2452 2452 if stat.pull_request:
2453 2453 pr_id = stat.pull_request.pull_request_id
2454 2454 pr_repo = stat.pull_request.target_repo.repo_name
2455 2455 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2456 2456 pr_id, pr_repo]
2457 2457 return grouped
2458 2458
2459 2459 # ==========================================================================
2460 2460 # SCM CACHE INSTANCE
2461 2461 # ==========================================================================
2462 2462
2463 2463 def scm_instance(self, **kwargs):
2464 2464 import rhodecode
2465 2465
2466 2466 # Passing a config will not hit the cache currently only used
2467 2467 # for repo2dbmapper
2468 2468 config = kwargs.pop('config', None)
2469 2469 cache = kwargs.pop('cache', None)
2470 2470 vcs_full_cache = kwargs.pop('vcs_full_cache', None)
2471 2471 if vcs_full_cache is not None:
2472 2472 # allows override global config
2473 2473 full_cache = vcs_full_cache
2474 2474 else:
2475 2475 full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
2476 2476 # if cache is NOT defined use default global, else we have a full
2477 2477 # control over cache behaviour
2478 2478 if cache is None and full_cache and not config:
2479 2479 log.debug('Initializing pure cached instance for %s', self.repo_path)
2480 2480 return self._get_instance_cached()
2481 2481
2482 2482 # cache here is sent to the "vcs server"
2483 2483 return self._get_instance(cache=bool(cache), config=config)
2484 2484
2485 2485 def _get_instance_cached(self):
2486 2486 from rhodecode.lib import rc_cache
2487 2487
2488 2488 cache_namespace_uid = 'cache_repo_instance.{}'.format(self.repo_id)
2489 2489 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
2490 2490 repo_id=self.repo_id)
2491 2491 region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
2492 2492
2493 2493 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
2494 2494 def get_instance_cached(repo_id, context_id, _cache_state_uid):
2495 2495 return self._get_instance(repo_state_uid=_cache_state_uid)
2496 2496
2497 2497 # we must use thread scoped cache here,
2498 2498 # because each thread of gevent needs it's own not shared connection and cache
2499 2499 # we also alter `args` so the cache key is individual for every green thread.
2500 2500 inv_context_manager = rc_cache.InvalidationContext(
2501 2501 uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace,
2502 2502 thread_scoped=True)
2503 2503 with inv_context_manager as invalidation_context:
2504 2504 cache_state_uid = invalidation_context.cache_data['cache_state_uid']
2505 2505 args = (self.repo_id, inv_context_manager.cache_key, cache_state_uid)
2506 2506
2507 2507 # re-compute and store cache if we get invalidate signal
2508 2508 if invalidation_context.should_invalidate():
2509 2509 instance = get_instance_cached.refresh(*args)
2510 2510 else:
2511 2511 instance = get_instance_cached(*args)
2512 2512
2513 2513 log.debug('Repo instance fetched in %.4fs', inv_context_manager.compute_time)
2514 2514 return instance
2515 2515
2516 2516 def _get_instance(self, cache=True, config=None, repo_state_uid=None):
2517 2517 log.debug('Initializing %s instance `%s` with cache flag set to: %s',
2518 2518 self.repo_type, self.repo_path, cache)
2519 2519 config = config or self._config
2520 2520 custom_wire = {
2521 2521 'cache': cache, # controls the vcs.remote cache
2522 2522 'repo_state_uid': repo_state_uid
2523 2523 }
2524 2524 repo = get_vcs_instance(
2525 2525 repo_path=safe_str(self.repo_full_path),
2526 2526 config=config,
2527 2527 with_wire=custom_wire,
2528 2528 create=False,
2529 2529 _vcs_alias=self.repo_type)
2530 2530 if repo is not None:
2531 2531 repo.count() # cache rebuild
2532 2532 return repo
2533 2533
2534 2534 def get_shadow_repository_path(self, workspace_id):
2535 2535 from rhodecode.lib.vcs.backends.base import BaseRepository
2536 2536 shadow_repo_path = BaseRepository._get_shadow_repository_path(
2537 2537 self.repo_full_path, self.repo_id, workspace_id)
2538 2538 return shadow_repo_path
2539 2539
2540 2540 def __json__(self):
2541 2541 return {'landing_rev': self.landing_rev}
2542 2542
2543 2543 def get_dict(self):
2544 2544
2545 2545 # Since we transformed `repo_name` to a hybrid property, we need to
2546 2546 # keep compatibility with the code which uses `repo_name` field.
2547 2547
2548 2548 result = super(Repository, self).get_dict()
2549 2549 result['repo_name'] = result.pop('_repo_name', None)
2550 2550 return result
2551 2551
2552 2552
2553 2553 class RepoGroup(Base, BaseModel):
2554 2554 __tablename__ = 'groups'
2555 2555 __table_args__ = (
2556 2556 UniqueConstraint('group_name', 'group_parent_id'),
2557 2557 base_table_args,
2558 2558 )
2559 2559 __mapper_args__ = {'order_by': 'group_name'}
2560 2560
2561 2561 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2562 2562
2563 2563 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2564 2564 _group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2565 2565 group_name_hash = Column("repo_group_name_hash", String(1024), nullable=False, unique=False)
2566 2566 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2567 2567 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2568 2568 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2569 2569 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2570 2570 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2571 2571 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2572 2572 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2573 2573 _changeset_cache = Column(
2574 2574 "changeset_cache", LargeBinary(), nullable=True) # JSON data
2575 2575
2576 2576 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
2577 2577 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
2578 2578 parent_group = relationship('RepoGroup', remote_side=group_id)
2579 2579 user = relationship('User')
2580 2580 integrations = relationship('Integration', cascade="all, delete-orphan")
2581 2581
2582 2582 def __init__(self, group_name='', parent_group=None):
2583 2583 self.group_name = group_name
2584 2584 self.parent_group = parent_group
2585 2585
2586 2586 def __unicode__(self):
2587 2587 return u"<%s('id:%s:%s')>" % (
2588 2588 self.__class__.__name__, self.group_id, self.group_name)
2589 2589
2590 2590 @hybrid_property
2591 2591 def group_name(self):
2592 2592 return self._group_name
2593 2593
2594 2594 @group_name.setter
2595 2595 def group_name(self, value):
2596 2596 self._group_name = value
2597 2597 self.group_name_hash = self.hash_repo_group_name(value)
2598 2598
2599 2599 @hybrid_property
2600 2600 def changeset_cache(self):
2601 2601 from rhodecode.lib.vcs.backends.base import EmptyCommit
2602 2602 dummy = EmptyCommit().__json__()
2603 2603 if not self._changeset_cache:
2604 2604 dummy['source_repo_id'] = ''
2605 2605 return json.loads(json.dumps(dummy))
2606 2606
2607 2607 try:
2608 2608 return json.loads(self._changeset_cache)
2609 2609 except TypeError:
2610 2610 return dummy
2611 2611 except Exception:
2612 2612 log.error(traceback.format_exc())
2613 2613 return dummy
2614 2614
2615 2615 @changeset_cache.setter
2616 2616 def changeset_cache(self, val):
2617 2617 try:
2618 2618 self._changeset_cache = json.dumps(val)
2619 2619 except Exception:
2620 2620 log.error(traceback.format_exc())
2621 2621
2622 2622 @validates('group_parent_id')
2623 2623 def validate_group_parent_id(self, key, val):
2624 2624 """
2625 2625 Check cycle references for a parent group to self
2626 2626 """
2627 2627 if self.group_id and val:
2628 2628 assert val != self.group_id
2629 2629
2630 2630 return val
2631 2631
2632 2632 @hybrid_property
2633 2633 def description_safe(self):
2634 2634 from rhodecode.lib import helpers as h
2635 2635 return h.escape(self.group_description)
2636 2636
2637 2637 @classmethod
2638 2638 def hash_repo_group_name(cls, repo_group_name):
2639 2639 val = remove_formatting(repo_group_name)
2640 2640 val = safe_str(val).lower()
2641 2641 chars = []
2642 2642 for c in val:
2643 2643 if c not in string.ascii_letters:
2644 2644 c = str(ord(c))
2645 2645 chars.append(c)
2646 2646
2647 2647 return ''.join(chars)
2648 2648
2649 2649 @classmethod
2650 2650 def _generate_choice(cls, repo_group):
2651 2651 from webhelpers.html import literal as _literal
2652 2652 _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
2653 2653 return repo_group.group_id, _name(repo_group.full_path_splitted)
2654 2654
2655 2655 @classmethod
2656 2656 def groups_choices(cls, groups=None, show_empty_group=True):
2657 2657 if not groups:
2658 2658 groups = cls.query().all()
2659 2659
2660 2660 repo_groups = []
2661 2661 if show_empty_group:
2662 2662 repo_groups = [(-1, u'-- %s --' % _('No parent'))]
2663 2663
2664 2664 repo_groups.extend([cls._generate_choice(x) for x in groups])
2665 2665
2666 2666 repo_groups = sorted(
2667 2667 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2668 2668 return repo_groups
2669 2669
2670 2670 @classmethod
2671 2671 def url_sep(cls):
2672 2672 return URL_SEP
2673 2673
2674 2674 @classmethod
2675 2675 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2676 2676 if case_insensitive:
2677 2677 gr = cls.query().filter(func.lower(cls.group_name)
2678 2678 == func.lower(group_name))
2679 2679 else:
2680 2680 gr = cls.query().filter(cls.group_name == group_name)
2681 2681 if cache:
2682 2682 name_key = _hash_key(group_name)
2683 2683 gr = gr.options(
2684 2684 FromCache("sql_cache_short", "get_group_%s" % name_key))
2685 2685 return gr.scalar()
2686 2686
2687 2687 @classmethod
2688 2688 def get_user_personal_repo_group(cls, user_id):
2689 2689 user = User.get(user_id)
2690 2690 if user.username == User.DEFAULT_USER:
2691 2691 return None
2692 2692
2693 2693 return cls.query()\
2694 2694 .filter(cls.personal == true()) \
2695 2695 .filter(cls.user == user) \
2696 2696 .order_by(cls.group_id.asc()) \
2697 2697 .first()
2698 2698
2699 2699 @classmethod
2700 2700 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2701 2701 case_insensitive=True):
2702 2702 q = RepoGroup.query()
2703 2703
2704 2704 if not isinstance(user_id, Optional):
2705 2705 q = q.filter(RepoGroup.user_id == user_id)
2706 2706
2707 2707 if not isinstance(group_id, Optional):
2708 2708 q = q.filter(RepoGroup.group_parent_id == group_id)
2709 2709
2710 2710 if case_insensitive:
2711 2711 q = q.order_by(func.lower(RepoGroup.group_name))
2712 2712 else:
2713 2713 q = q.order_by(RepoGroup.group_name)
2714 2714 return q.all()
2715 2715
2716 2716 @property
2717 2717 def parents(self, parents_recursion_limit = 10):
2718 2718 groups = []
2719 2719 if self.parent_group is None:
2720 2720 return groups
2721 2721 cur_gr = self.parent_group
2722 2722 groups.insert(0, cur_gr)
2723 2723 cnt = 0
2724 2724 while 1:
2725 2725 cnt += 1
2726 2726 gr = getattr(cur_gr, 'parent_group', None)
2727 2727 cur_gr = cur_gr.parent_group
2728 2728 if gr is None:
2729 2729 break
2730 2730 if cnt == parents_recursion_limit:
2731 2731 # this will prevent accidental infinit loops
2732 2732 log.error('more than %s parents found for group %s, stopping '
2733 2733 'recursive parent fetching', parents_recursion_limit, self)
2734 2734 break
2735 2735
2736 2736 groups.insert(0, gr)
2737 2737 return groups
2738 2738
2739 2739 @property
2740 2740 def last_commit_cache_update_diff(self):
2741 2741 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
2742 2742
2743 2743 @property
2744 2744 def last_commit_change(self):
2745 2745 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2746 2746 empty_date = datetime.datetime.fromtimestamp(0)
2747 2747 date_latest = self.changeset_cache.get('date', empty_date)
2748 2748 try:
2749 2749 return parse_datetime(date_latest)
2750 2750 except Exception:
2751 2751 return empty_date
2752 2752
2753 2753 @property
2754 2754 def last_db_change(self):
2755 2755 return self.updated_on
2756 2756
2757 2757 @property
2758 2758 def children(self):
2759 2759 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2760 2760
2761 2761 @property
2762 2762 def name(self):
2763 2763 return self.group_name.split(RepoGroup.url_sep())[-1]
2764 2764
2765 2765 @property
2766 2766 def full_path(self):
2767 2767 return self.group_name
2768 2768
2769 2769 @property
2770 2770 def full_path_splitted(self):
2771 2771 return self.group_name.split(RepoGroup.url_sep())
2772 2772
2773 2773 @property
2774 2774 def repositories(self):
2775 2775 return Repository.query()\
2776 2776 .filter(Repository.group == self)\
2777 2777 .order_by(Repository.repo_name)
2778 2778
2779 2779 @property
2780 2780 def repositories_recursive_count(self):
2781 2781 cnt = self.repositories.count()
2782 2782
2783 2783 def children_count(group):
2784 2784 cnt = 0
2785 2785 for child in group.children:
2786 2786 cnt += child.repositories.count()
2787 2787 cnt += children_count(child)
2788 2788 return cnt
2789 2789
2790 2790 return cnt + children_count(self)
2791 2791
2792 2792 def _recursive_objects(self, include_repos=True, include_groups=True):
2793 2793 all_ = []
2794 2794
2795 2795 def _get_members(root_gr):
2796 2796 if include_repos:
2797 2797 for r in root_gr.repositories:
2798 2798 all_.append(r)
2799 2799 childs = root_gr.children.all()
2800 2800 if childs:
2801 2801 for gr in childs:
2802 2802 if include_groups:
2803 2803 all_.append(gr)
2804 2804 _get_members(gr)
2805 2805
2806 2806 root_group = []
2807 2807 if include_groups:
2808 2808 root_group = [self]
2809 2809
2810 2810 _get_members(self)
2811 2811 return root_group + all_
2812 2812
2813 2813 def recursive_groups_and_repos(self):
2814 2814 """
2815 2815 Recursive return all groups, with repositories in those groups
2816 2816 """
2817 2817 return self._recursive_objects()
2818 2818
2819 2819 def recursive_groups(self):
2820 2820 """
2821 2821 Returns all children groups for this group including children of children
2822 2822 """
2823 2823 return self._recursive_objects(include_repos=False)
2824 2824
2825 2825 def recursive_repos(self):
2826 2826 """
2827 2827 Returns all children repositories for this group
2828 2828 """
2829 2829 return self._recursive_objects(include_groups=False)
2830 2830
2831 2831 def get_new_name(self, group_name):
2832 2832 """
2833 2833 returns new full group name based on parent and new name
2834 2834
2835 2835 :param group_name:
2836 2836 """
2837 2837 path_prefix = (self.parent_group.full_path_splitted if
2838 2838 self.parent_group else [])
2839 2839 return RepoGroup.url_sep().join(path_prefix + [group_name])
2840 2840
2841 2841 def update_commit_cache(self, config=None):
2842 2842 """
2843 2843 Update cache of last changeset for newest repository inside this group, keys should be::
2844 2844
2845 2845 source_repo_id
2846 2846 short_id
2847 2847 raw_id
2848 2848 revision
2849 2849 parents
2850 2850 message
2851 2851 date
2852 2852 author
2853 2853
2854 2854 """
2855 2855 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2856 2856
2857 2857 def repo_groups_and_repos():
2858 2858 all_entries = OrderedDefaultDict(list)
2859 2859
2860 2860 def _get_members(root_gr, pos=0):
2861 2861
2862 2862 for repo in root_gr.repositories:
2863 2863 all_entries[root_gr].append(repo)
2864 2864
2865 2865 # fill in all parent positions
2866 2866 for parent_group in root_gr.parents:
2867 2867 all_entries[parent_group].extend(all_entries[root_gr])
2868 2868
2869 2869 children_groups = root_gr.children.all()
2870 2870 if children_groups:
2871 2871 for cnt, gr in enumerate(children_groups, 1):
2872 2872 _get_members(gr, pos=pos+cnt)
2873 2873
2874 2874 _get_members(root_gr=self)
2875 2875 return all_entries
2876 2876
2877 2877 empty_date = datetime.datetime.fromtimestamp(0)
2878 2878 for repo_group, repos in repo_groups_and_repos().items():
2879 2879
2880 2880 latest_repo_cs_cache = {}
2881 2881 _date_latest = empty_date
2882 2882 for repo in repos:
2883 2883 repo_cs_cache = repo.changeset_cache
2884 2884 date_latest = latest_repo_cs_cache.get('date', empty_date)
2885 2885 date_current = repo_cs_cache.get('date', empty_date)
2886 2886 current_timestamp = datetime_to_time(parse_datetime(date_latest))
2887 2887 if current_timestamp < datetime_to_time(parse_datetime(date_current)):
2888 2888 latest_repo_cs_cache = repo_cs_cache
2889 2889 latest_repo_cs_cache['source_repo_id'] = repo.repo_id
2890 2890 _date_latest = parse_datetime(latest_repo_cs_cache['date'])
2891 2891
2892 2892 latest_repo_cs_cache['updated_on'] = time.time()
2893 2893 repo_group.changeset_cache = latest_repo_cs_cache
2894 2894 repo_group.updated_on = _date_latest
2895 2895 Session().add(repo_group)
2896 2896 Session().commit()
2897 2897
2898 2898 log.debug('updated repo group `%s` with new commit cache %s',
2899 2899 repo_group.group_name, latest_repo_cs_cache)
2900 2900
2901 2901 def permissions(self, with_admins=True, with_owner=True,
2902 2902 expand_from_user_groups=False):
2903 2903 """
2904 2904 Permissions for repository groups
2905 2905 """
2906 2906 _admin_perm = 'group.admin'
2907 2907
2908 2908 owner_row = []
2909 2909 if with_owner:
2910 2910 usr = AttributeDict(self.user.get_dict())
2911 2911 usr.owner_row = True
2912 2912 usr.permission = _admin_perm
2913 2913 owner_row.append(usr)
2914 2914
2915 2915 super_admin_ids = []
2916 2916 super_admin_rows = []
2917 2917 if with_admins:
2918 2918 for usr in User.get_all_super_admins():
2919 2919 super_admin_ids.append(usr.user_id)
2920 2920 # if this admin is also owner, don't double the record
2921 2921 if usr.user_id == owner_row[0].user_id:
2922 2922 owner_row[0].admin_row = True
2923 2923 else:
2924 2924 usr = AttributeDict(usr.get_dict())
2925 2925 usr.admin_row = True
2926 2926 usr.permission = _admin_perm
2927 2927 super_admin_rows.append(usr)
2928 2928
2929 2929 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
2930 2930 q = q.options(joinedload(UserRepoGroupToPerm.group),
2931 2931 joinedload(UserRepoGroupToPerm.user),
2932 2932 joinedload(UserRepoGroupToPerm.permission),)
2933 2933
2934 2934 # get owners and admins and permissions. We do a trick of re-writing
2935 2935 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2936 2936 # has a global reference and changing one object propagates to all
2937 2937 # others. This means if admin is also an owner admin_row that change
2938 2938 # would propagate to both objects
2939 2939 perm_rows = []
2940 2940 for _usr in q.all():
2941 2941 usr = AttributeDict(_usr.user.get_dict())
2942 2942 # if this user is also owner/admin, mark as duplicate record
2943 2943 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2944 2944 usr.duplicate_perm = True
2945 2945 usr.permission = _usr.permission.permission_name
2946 2946 perm_rows.append(usr)
2947 2947
2948 2948 # filter the perm rows by 'default' first and then sort them by
2949 2949 # admin,write,read,none permissions sorted again alphabetically in
2950 2950 # each group
2951 2951 perm_rows = sorted(perm_rows, key=display_user_sort)
2952 2952
2953 2953 user_groups_rows = []
2954 2954 if expand_from_user_groups:
2955 2955 for ug in self.permission_user_groups(with_members=True):
2956 2956 for user_data in ug.members:
2957 2957 user_groups_rows.append(user_data)
2958 2958
2959 2959 return super_admin_rows + owner_row + perm_rows + user_groups_rows
2960 2960
2961 2961 def permission_user_groups(self, with_members=False):
2962 2962 q = UserGroupRepoGroupToPerm.query()\
2963 2963 .filter(UserGroupRepoGroupToPerm.group == self)
2964 2964 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
2965 2965 joinedload(UserGroupRepoGroupToPerm.users_group),
2966 2966 joinedload(UserGroupRepoGroupToPerm.permission),)
2967 2967
2968 2968 perm_rows = []
2969 2969 for _user_group in q.all():
2970 2970 entry = AttributeDict(_user_group.users_group.get_dict())
2971 2971 entry.permission = _user_group.permission.permission_name
2972 2972 if with_members:
2973 2973 entry.members = [x.user.get_dict()
2974 2974 for x in _user_group.users_group.members]
2975 2975 perm_rows.append(entry)
2976 2976
2977 2977 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2978 2978 return perm_rows
2979 2979
2980 2980 def get_api_data(self):
2981 2981 """
2982 2982 Common function for generating api data
2983 2983
2984 2984 """
2985 2985 group = self
2986 2986 data = {
2987 2987 'group_id': group.group_id,
2988 2988 'group_name': group.group_name,
2989 2989 'group_description': group.description_safe,
2990 2990 'parent_group': group.parent_group.group_name if group.parent_group else None,
2991 2991 'repositories': [x.repo_name for x in group.repositories],
2992 2992 'owner': group.user.username,
2993 2993 }
2994 2994 return data
2995 2995
2996 2996 def get_dict(self):
2997 2997 # Since we transformed `group_name` to a hybrid property, we need to
2998 2998 # keep compatibility with the code which uses `group_name` field.
2999 2999 result = super(RepoGroup, self).get_dict()
3000 3000 result['group_name'] = result.pop('_group_name', None)
3001 3001 return result
3002 3002
3003 3003
3004 3004 class Permission(Base, BaseModel):
3005 3005 __tablename__ = 'permissions'
3006 3006 __table_args__ = (
3007 3007 Index('p_perm_name_idx', 'permission_name'),
3008 3008 base_table_args,
3009 3009 )
3010 3010
3011 3011 PERMS = [
3012 3012 ('hg.admin', _('RhodeCode Super Administrator')),
3013 3013
3014 3014 ('repository.none', _('Repository no access')),
3015 3015 ('repository.read', _('Repository read access')),
3016 3016 ('repository.write', _('Repository write access')),
3017 3017 ('repository.admin', _('Repository admin access')),
3018 3018
3019 3019 ('group.none', _('Repository group no access')),
3020 3020 ('group.read', _('Repository group read access')),
3021 3021 ('group.write', _('Repository group write access')),
3022 3022 ('group.admin', _('Repository group admin access')),
3023 3023
3024 3024 ('usergroup.none', _('User group no access')),
3025 3025 ('usergroup.read', _('User group read access')),
3026 3026 ('usergroup.write', _('User group write access')),
3027 3027 ('usergroup.admin', _('User group admin access')),
3028 3028
3029 3029 ('branch.none', _('Branch no permissions')),
3030 3030 ('branch.merge', _('Branch access by web merge')),
3031 3031 ('branch.push', _('Branch access by push')),
3032 3032 ('branch.push_force', _('Branch access by push with force')),
3033 3033
3034 3034 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
3035 3035 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
3036 3036
3037 3037 ('hg.usergroup.create.false', _('User Group creation disabled')),
3038 3038 ('hg.usergroup.create.true', _('User Group creation enabled')),
3039 3039
3040 3040 ('hg.create.none', _('Repository creation disabled')),
3041 3041 ('hg.create.repository', _('Repository creation enabled')),
3042 3042 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
3043 3043 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
3044 3044
3045 3045 ('hg.fork.none', _('Repository forking disabled')),
3046 3046 ('hg.fork.repository', _('Repository forking enabled')),
3047 3047
3048 3048 ('hg.register.none', _('Registration disabled')),
3049 3049 ('hg.register.manual_activate', _('User Registration with manual account activation')),
3050 3050 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
3051 3051
3052 3052 ('hg.password_reset.enabled', _('Password reset enabled')),
3053 3053 ('hg.password_reset.hidden', _('Password reset hidden')),
3054 3054 ('hg.password_reset.disabled', _('Password reset disabled')),
3055 3055
3056 3056 ('hg.extern_activate.manual', _('Manual activation of external account')),
3057 3057 ('hg.extern_activate.auto', _('Automatic activation of external account')),
3058 3058
3059 3059 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
3060 3060 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
3061 3061 ]
3062 3062
3063 3063 # definition of system default permissions for DEFAULT user, created on
3064 3064 # system setup
3065 3065 DEFAULT_USER_PERMISSIONS = [
3066 3066 # object perms
3067 3067 'repository.read',
3068 3068 'group.read',
3069 3069 'usergroup.read',
3070 3070 # branch, for backward compat we need same value as before so forced pushed
3071 3071 'branch.push_force',
3072 3072 # global
3073 3073 'hg.create.repository',
3074 3074 'hg.repogroup.create.false',
3075 3075 'hg.usergroup.create.false',
3076 3076 'hg.create.write_on_repogroup.true',
3077 3077 'hg.fork.repository',
3078 3078 'hg.register.manual_activate',
3079 3079 'hg.password_reset.enabled',
3080 3080 'hg.extern_activate.auto',
3081 3081 'hg.inherit_default_perms.true',
3082 3082 ]
3083 3083
3084 3084 # defines which permissions are more important higher the more important
3085 3085 # Weight defines which permissions are more important.
3086 3086 # The higher number the more important.
3087 3087 PERM_WEIGHTS = {
3088 3088 'repository.none': 0,
3089 3089 'repository.read': 1,
3090 3090 'repository.write': 3,
3091 3091 'repository.admin': 4,
3092 3092
3093 3093 'group.none': 0,
3094 3094 'group.read': 1,
3095 3095 'group.write': 3,
3096 3096 'group.admin': 4,
3097 3097
3098 3098 'usergroup.none': 0,
3099 3099 'usergroup.read': 1,
3100 3100 'usergroup.write': 3,
3101 3101 'usergroup.admin': 4,
3102 3102
3103 3103 'branch.none': 0,
3104 3104 'branch.merge': 1,
3105 3105 'branch.push': 3,
3106 3106 'branch.push_force': 4,
3107 3107
3108 3108 'hg.repogroup.create.false': 0,
3109 3109 'hg.repogroup.create.true': 1,
3110 3110
3111 3111 'hg.usergroup.create.false': 0,
3112 3112 'hg.usergroup.create.true': 1,
3113 3113
3114 3114 'hg.fork.none': 0,
3115 3115 'hg.fork.repository': 1,
3116 3116 'hg.create.none': 0,
3117 3117 'hg.create.repository': 1
3118 3118 }
3119 3119
3120 3120 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3121 3121 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
3122 3122 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
3123 3123
3124 3124 def __unicode__(self):
3125 3125 return u"<%s('%s:%s')>" % (
3126 3126 self.__class__.__name__, self.permission_id, self.permission_name
3127 3127 )
3128 3128
3129 3129 @classmethod
3130 3130 def get_by_key(cls, key):
3131 3131 return cls.query().filter(cls.permission_name == key).scalar()
3132 3132
3133 3133 @classmethod
3134 3134 def get_default_repo_perms(cls, user_id, repo_id=None):
3135 3135 q = Session().query(UserRepoToPerm, Repository, Permission)\
3136 3136 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
3137 3137 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
3138 3138 .filter(UserRepoToPerm.user_id == user_id)
3139 3139 if repo_id:
3140 3140 q = q.filter(UserRepoToPerm.repository_id == repo_id)
3141 3141 return q.all()
3142 3142
3143 3143 @classmethod
3144 3144 def get_default_repo_branch_perms(cls, user_id, repo_id=None):
3145 3145 q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \
3146 3146 .join(
3147 3147 Permission,
3148 3148 UserToRepoBranchPermission.permission_id == Permission.permission_id) \
3149 3149 .join(
3150 3150 UserRepoToPerm,
3151 3151 UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \
3152 3152 .filter(UserRepoToPerm.user_id == user_id)
3153 3153
3154 3154 if repo_id:
3155 3155 q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)
3156 3156 return q.order_by(UserToRepoBranchPermission.rule_order).all()
3157 3157
3158 3158 @classmethod
3159 3159 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
3160 3160 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
3161 3161 .join(
3162 3162 Permission,
3163 3163 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
3164 3164 .join(
3165 3165 Repository,
3166 3166 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
3167 3167 .join(
3168 3168 UserGroup,
3169 3169 UserGroupRepoToPerm.users_group_id ==
3170 3170 UserGroup.users_group_id)\
3171 3171 .join(
3172 3172 UserGroupMember,
3173 3173 UserGroupRepoToPerm.users_group_id ==
3174 3174 UserGroupMember.users_group_id)\
3175 3175 .filter(
3176 3176 UserGroupMember.user_id == user_id,
3177 3177 UserGroup.users_group_active == true())
3178 3178 if repo_id:
3179 3179 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
3180 3180 return q.all()
3181 3181
3182 3182 @classmethod
3183 3183 def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):
3184 3184 q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \
3185 3185 .join(
3186 3186 Permission,
3187 3187 UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \
3188 3188 .join(
3189 3189 UserGroupRepoToPerm,
3190 3190 UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \
3191 3191 .join(
3192 3192 UserGroup,
3193 3193 UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \
3194 3194 .join(
3195 3195 UserGroupMember,
3196 3196 UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \
3197 3197 .filter(
3198 3198 UserGroupMember.user_id == user_id,
3199 3199 UserGroup.users_group_active == true())
3200 3200
3201 3201 if repo_id:
3202 3202 q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)
3203 3203 return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()
3204 3204
3205 3205 @classmethod
3206 3206 def get_default_group_perms(cls, user_id, repo_group_id=None):
3207 3207 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
3208 3208 .join(
3209 3209 Permission,
3210 3210 UserRepoGroupToPerm.permission_id == Permission.permission_id)\
3211 3211 .join(
3212 3212 RepoGroup,
3213 3213 UserRepoGroupToPerm.group_id == RepoGroup.group_id)\
3214 3214 .filter(UserRepoGroupToPerm.user_id == user_id)
3215 3215 if repo_group_id:
3216 3216 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
3217 3217 return q.all()
3218 3218
3219 3219 @classmethod
3220 3220 def get_default_group_perms_from_user_group(
3221 3221 cls, user_id, repo_group_id=None):
3222 3222 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
3223 3223 .join(
3224 3224 Permission,
3225 3225 UserGroupRepoGroupToPerm.permission_id ==
3226 3226 Permission.permission_id)\
3227 3227 .join(
3228 3228 RepoGroup,
3229 3229 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
3230 3230 .join(
3231 3231 UserGroup,
3232 3232 UserGroupRepoGroupToPerm.users_group_id ==
3233 3233 UserGroup.users_group_id)\
3234 3234 .join(
3235 3235 UserGroupMember,
3236 3236 UserGroupRepoGroupToPerm.users_group_id ==
3237 3237 UserGroupMember.users_group_id)\
3238 3238 .filter(
3239 3239 UserGroupMember.user_id == user_id,
3240 3240 UserGroup.users_group_active == true())
3241 3241 if repo_group_id:
3242 3242 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
3243 3243 return q.all()
3244 3244
3245 3245 @classmethod
3246 3246 def get_default_user_group_perms(cls, user_id, user_group_id=None):
3247 3247 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
3248 3248 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
3249 3249 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
3250 3250 .filter(UserUserGroupToPerm.user_id == user_id)
3251 3251 if user_group_id:
3252 3252 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
3253 3253 return q.all()
3254 3254
3255 3255 @classmethod
3256 3256 def get_default_user_group_perms_from_user_group(
3257 3257 cls, user_id, user_group_id=None):
3258 3258 TargetUserGroup = aliased(UserGroup, name='target_user_group')
3259 3259 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
3260 3260 .join(
3261 3261 Permission,
3262 3262 UserGroupUserGroupToPerm.permission_id ==
3263 3263 Permission.permission_id)\
3264 3264 .join(
3265 3265 TargetUserGroup,
3266 3266 UserGroupUserGroupToPerm.target_user_group_id ==
3267 3267 TargetUserGroup.users_group_id)\
3268 3268 .join(
3269 3269 UserGroup,
3270 3270 UserGroupUserGroupToPerm.user_group_id ==
3271 3271 UserGroup.users_group_id)\
3272 3272 .join(
3273 3273 UserGroupMember,
3274 3274 UserGroupUserGroupToPerm.user_group_id ==
3275 3275 UserGroupMember.users_group_id)\
3276 3276 .filter(
3277 3277 UserGroupMember.user_id == user_id,
3278 3278 UserGroup.users_group_active == true())
3279 3279 if user_group_id:
3280 3280 q = q.filter(
3281 3281 UserGroupUserGroupToPerm.user_group_id == user_group_id)
3282 3282
3283 3283 return q.all()
3284 3284
3285 3285
3286 3286 class UserRepoToPerm(Base, BaseModel):
3287 3287 __tablename__ = 'repo_to_perm'
3288 3288 __table_args__ = (
3289 3289 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
3290 3290 base_table_args
3291 3291 )
3292 3292
3293 3293 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3294 3294 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3295 3295 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3296 3296 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3297 3297
3298 3298 user = relationship('User')
3299 3299 repository = relationship('Repository')
3300 3300 permission = relationship('Permission')
3301 3301
3302 3302 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete-orphan", lazy='joined')
3303 3303
3304 3304 @classmethod
3305 3305 def create(cls, user, repository, permission):
3306 3306 n = cls()
3307 3307 n.user = user
3308 3308 n.repository = repository
3309 3309 n.permission = permission
3310 3310 Session().add(n)
3311 3311 return n
3312 3312
3313 3313 def __unicode__(self):
3314 3314 return u'<%s => %s >' % (self.user, self.repository)
3315 3315
3316 3316
3317 3317 class UserUserGroupToPerm(Base, BaseModel):
3318 3318 __tablename__ = 'user_user_group_to_perm'
3319 3319 __table_args__ = (
3320 3320 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
3321 3321 base_table_args
3322 3322 )
3323 3323
3324 3324 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3325 3325 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3326 3326 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3327 3327 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3328 3328
3329 3329 user = relationship('User')
3330 3330 user_group = relationship('UserGroup')
3331 3331 permission = relationship('Permission')
3332 3332
3333 3333 @classmethod
3334 3334 def create(cls, user, user_group, permission):
3335 3335 n = cls()
3336 3336 n.user = user
3337 3337 n.user_group = user_group
3338 3338 n.permission = permission
3339 3339 Session().add(n)
3340 3340 return n
3341 3341
3342 3342 def __unicode__(self):
3343 3343 return u'<%s => %s >' % (self.user, self.user_group)
3344 3344
3345 3345
3346 3346 class UserToPerm(Base, BaseModel):
3347 3347 __tablename__ = 'user_to_perm'
3348 3348 __table_args__ = (
3349 3349 UniqueConstraint('user_id', 'permission_id'),
3350 3350 base_table_args
3351 3351 )
3352 3352
3353 3353 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3354 3354 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3355 3355 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3356 3356
3357 3357 user = relationship('User')
3358 3358 permission = relationship('Permission', lazy='joined')
3359 3359
3360 3360 def __unicode__(self):
3361 3361 return u'<%s => %s >' % (self.user, self.permission)
3362 3362
3363 3363
3364 3364 class UserGroupRepoToPerm(Base, BaseModel):
3365 3365 __tablename__ = 'users_group_repo_to_perm'
3366 3366 __table_args__ = (
3367 3367 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
3368 3368 base_table_args
3369 3369 )
3370 3370
3371 3371 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3372 3372 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3373 3373 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3374 3374 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3375 3375
3376 3376 users_group = relationship('UserGroup')
3377 3377 permission = relationship('Permission')
3378 3378 repository = relationship('Repository')
3379 3379 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission', cascade='all')
3380 3380
3381 3381 @classmethod
3382 3382 def create(cls, users_group, repository, permission):
3383 3383 n = cls()
3384 3384 n.users_group = users_group
3385 3385 n.repository = repository
3386 3386 n.permission = permission
3387 3387 Session().add(n)
3388 3388 return n
3389 3389
3390 3390 def __unicode__(self):
3391 3391 return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
3392 3392
3393 3393
3394 3394 class UserGroupUserGroupToPerm(Base, BaseModel):
3395 3395 __tablename__ = 'user_group_user_group_to_perm'
3396 3396 __table_args__ = (
3397 3397 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
3398 3398 CheckConstraint('target_user_group_id != user_group_id'),
3399 3399 base_table_args
3400 3400 )
3401 3401
3402 3402 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3403 3403 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3404 3404 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3405 3405 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3406 3406
3407 3407 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
3408 3408 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3409 3409 permission = relationship('Permission')
3410 3410
3411 3411 @classmethod
3412 3412 def create(cls, target_user_group, user_group, permission):
3413 3413 n = cls()
3414 3414 n.target_user_group = target_user_group
3415 3415 n.user_group = user_group
3416 3416 n.permission = permission
3417 3417 Session().add(n)
3418 3418 return n
3419 3419
3420 3420 def __unicode__(self):
3421 3421 return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
3422 3422
3423 3423
3424 3424 class UserGroupToPerm(Base, BaseModel):
3425 3425 __tablename__ = 'users_group_to_perm'
3426 3426 __table_args__ = (
3427 3427 UniqueConstraint('users_group_id', 'permission_id',),
3428 3428 base_table_args
3429 3429 )
3430 3430
3431 3431 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3432 3432 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3433 3433 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3434 3434
3435 3435 users_group = relationship('UserGroup')
3436 3436 permission = relationship('Permission')
3437 3437
3438 3438
3439 3439 class UserRepoGroupToPerm(Base, BaseModel):
3440 3440 __tablename__ = 'user_repo_group_to_perm'
3441 3441 __table_args__ = (
3442 3442 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3443 3443 base_table_args
3444 3444 )
3445 3445
3446 3446 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3447 3447 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3448 3448 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3449 3449 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3450 3450
3451 3451 user = relationship('User')
3452 3452 group = relationship('RepoGroup')
3453 3453 permission = relationship('Permission')
3454 3454
3455 3455 @classmethod
3456 3456 def create(cls, user, repository_group, permission):
3457 3457 n = cls()
3458 3458 n.user = user
3459 3459 n.group = repository_group
3460 3460 n.permission = permission
3461 3461 Session().add(n)
3462 3462 return n
3463 3463
3464 3464
3465 3465 class UserGroupRepoGroupToPerm(Base, BaseModel):
3466 3466 __tablename__ = 'users_group_repo_group_to_perm'
3467 3467 __table_args__ = (
3468 3468 UniqueConstraint('users_group_id', 'group_id'),
3469 3469 base_table_args
3470 3470 )
3471 3471
3472 3472 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3473 3473 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3474 3474 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3475 3475 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3476 3476
3477 3477 users_group = relationship('UserGroup')
3478 3478 permission = relationship('Permission')
3479 3479 group = relationship('RepoGroup')
3480 3480
3481 3481 @classmethod
3482 3482 def create(cls, user_group, repository_group, permission):
3483 3483 n = cls()
3484 3484 n.users_group = user_group
3485 3485 n.group = repository_group
3486 3486 n.permission = permission
3487 3487 Session().add(n)
3488 3488 return n
3489 3489
3490 3490 def __unicode__(self):
3491 3491 return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3492 3492
3493 3493
3494 3494 class Statistics(Base, BaseModel):
3495 3495 __tablename__ = 'statistics'
3496 3496 __table_args__ = (
3497 3497 base_table_args
3498 3498 )
3499 3499
3500 3500 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3501 3501 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3502 3502 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3503 3503 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
3504 3504 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
3505 3505 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
3506 3506
3507 3507 repository = relationship('Repository', single_parent=True)
3508 3508
3509 3509
3510 3510 class UserFollowing(Base, BaseModel):
3511 3511 __tablename__ = 'user_followings'
3512 3512 __table_args__ = (
3513 3513 UniqueConstraint('user_id', 'follows_repository_id'),
3514 3514 UniqueConstraint('user_id', 'follows_user_id'),
3515 3515 base_table_args
3516 3516 )
3517 3517
3518 3518 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3519 3519 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3520 3520 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3521 3521 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3522 3522 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3523 3523
3524 3524 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
3525 3525
3526 3526 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3527 3527 follows_repository = relationship('Repository', order_by='Repository.repo_name')
3528 3528
3529 3529 @classmethod
3530 3530 def get_repo_followers(cls, repo_id):
3531 3531 return cls.query().filter(cls.follows_repo_id == repo_id)
3532 3532
3533 3533
3534 3534 class CacheKey(Base, BaseModel):
3535 3535 __tablename__ = 'cache_invalidation'
3536 3536 __table_args__ = (
3537 3537 UniqueConstraint('cache_key'),
3538 3538 Index('key_idx', 'cache_key'),
3539 3539 base_table_args,
3540 3540 )
3541 3541
3542 3542 CACHE_TYPE_FEED = 'FEED'
3543 3543
3544 3544 # namespaces used to register process/thread aware caches
3545 3545 REPO_INVALIDATION_NAMESPACE = 'repo_cache:{repo_id}'
3546 3546 SETTINGS_INVALIDATION_NAMESPACE = 'system_settings'
3547 3547
3548 3548 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3549 3549 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3550 3550 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3551 3551 cache_state_uid = Column("cache_state_uid", String(255), nullable=True, unique=None, default=None)
3552 3552 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3553 3553
3554 3554 def __init__(self, cache_key, cache_args='', cache_state_uid=None):
3555 3555 self.cache_key = cache_key
3556 3556 self.cache_args = cache_args
3557 3557 self.cache_active = False
3558 3558 # first key should be same for all entries, since all workers should share it
3559 3559 self.cache_state_uid = cache_state_uid or self.generate_new_state_uid()
3560 3560
3561 3561 def __unicode__(self):
3562 3562 return u"<%s('%s:%s[%s]')>" % (
3563 3563 self.__class__.__name__,
3564 3564 self.cache_id, self.cache_key, self.cache_active)
3565 3565
3566 3566 def _cache_key_partition(self):
3567 3567 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3568 3568 return prefix, repo_name, suffix
3569 3569
3570 3570 def get_prefix(self):
3571 3571 """
3572 3572 Try to extract prefix from existing cache key. The key could consist
3573 3573 of prefix, repo_name, suffix
3574 3574 """
3575 3575 # this returns prefix, repo_name, suffix
3576 3576 return self._cache_key_partition()[0]
3577 3577
3578 3578 def get_suffix(self):
3579 3579 """
3580 3580 get suffix that might have been used in _get_cache_key to
3581 3581 generate self.cache_key. Only used for informational purposes
3582 3582 in repo_edit.mako.
3583 3583 """
3584 3584 # prefix, repo_name, suffix
3585 3585 return self._cache_key_partition()[2]
3586 3586
3587 3587 @classmethod
3588 3588 def generate_new_state_uid(cls, based_on=None):
3589 3589 if based_on:
3590 3590 return str(uuid.uuid5(uuid.NAMESPACE_URL, safe_str(based_on)))
3591 3591 else:
3592 3592 return str(uuid.uuid4())
3593 3593
3594 3594 @classmethod
3595 3595 def delete_all_cache(cls):
3596 3596 """
3597 3597 Delete all cache keys from database.
3598 3598 Should only be run when all instances are down and all entries
3599 3599 thus stale.
3600 3600 """
3601 3601 cls.query().delete()
3602 3602 Session().commit()
3603 3603
3604 3604 @classmethod
3605 3605 def set_invalidate(cls, cache_uid, delete=False):
3606 3606 """
3607 3607 Mark all caches of a repo as invalid in the database.
3608 3608 """
3609 3609
3610 3610 try:
3611 3611 qry = Session().query(cls).filter(cls.cache_args == cache_uid)
3612 3612 if delete:
3613 3613 qry.delete()
3614 3614 log.debug('cache objects deleted for cache args %s',
3615 3615 safe_str(cache_uid))
3616 3616 else:
3617 3617 qry.update({"cache_active": False,
3618 3618 "cache_state_uid": cls.generate_new_state_uid()})
3619 3619 log.debug('cache objects marked as invalid for cache args %s',
3620 3620 safe_str(cache_uid))
3621 3621
3622 3622 Session().commit()
3623 3623 except Exception:
3624 3624 log.exception(
3625 3625 'Cache key invalidation failed for cache args %s',
3626 3626 safe_str(cache_uid))
3627 3627 Session().rollback()
3628 3628
3629 3629 @classmethod
3630 3630 def get_active_cache(cls, cache_key):
3631 3631 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3632 3632 if inv_obj:
3633 3633 return inv_obj
3634 3634 return None
3635 3635
3636 3636 @classmethod
3637 3637 def get_namespace_map(cls, namespace):
3638 3638 return {
3639 3639 x.cache_key: x
3640 3640 for x in cls.query().filter(cls.cache_args == namespace)}
3641 3641
3642 3642
3643 3643 class ChangesetComment(Base, BaseModel):
3644 3644 __tablename__ = 'changeset_comments'
3645 3645 __table_args__ = (
3646 3646 Index('cc_revision_idx', 'revision'),
3647 3647 base_table_args,
3648 3648 )
3649 3649
3650 3650 COMMENT_OUTDATED = u'comment_outdated'
3651 3651 COMMENT_TYPE_NOTE = u'note'
3652 3652 COMMENT_TYPE_TODO = u'todo'
3653 3653 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3654 3654
3655 3655 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3656 3656 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3657 3657 revision = Column('revision', String(40), nullable=True)
3658 3658 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3659 3659 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3660 3660 line_no = Column('line_no', Unicode(10), nullable=True)
3661 3661 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3662 3662 f_path = Column('f_path', Unicode(1000), nullable=True)
3663 3663 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3664 3664 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3665 3665 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3666 3666 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3667 3667 renderer = Column('renderer', Unicode(64), nullable=True)
3668 3668 display_state = Column('display_state', Unicode(128), nullable=True)
3669 3669
3670 3670 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3671 3671 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3672 3672
3673 3673 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, back_populates='resolved_by')
3674 3674 resolved_by = relationship('ChangesetComment', back_populates='resolved_comment')
3675 3675
3676 3676 author = relationship('User', lazy='joined')
3677 3677 repo = relationship('Repository')
3678 3678 status_change = relationship('ChangesetStatus', cascade="all, delete-orphan", lazy='joined')
3679 3679 pull_request = relationship('PullRequest', lazy='joined')
3680 3680 pull_request_version = relationship('PullRequestVersion')
3681 3681
3682 3682 @classmethod
3683 3683 def get_users(cls, revision=None, pull_request_id=None):
3684 3684 """
3685 3685 Returns user associated with this ChangesetComment. ie those
3686 3686 who actually commented
3687 3687
3688 3688 :param cls:
3689 3689 :param revision:
3690 3690 """
3691 3691 q = Session().query(User)\
3692 3692 .join(ChangesetComment.author)
3693 3693 if revision:
3694 3694 q = q.filter(cls.revision == revision)
3695 3695 elif pull_request_id:
3696 3696 q = q.filter(cls.pull_request_id == pull_request_id)
3697 3697 return q.all()
3698 3698
3699 3699 @classmethod
3700 3700 def get_index_from_version(cls, pr_version, versions):
3701 3701 num_versions = [x.pull_request_version_id for x in versions]
3702 3702 try:
3703 3703 return num_versions.index(pr_version) +1
3704 3704 except (IndexError, ValueError):
3705 3705 return
3706 3706
3707 3707 @property
3708 3708 def outdated(self):
3709 3709 return self.display_state == self.COMMENT_OUTDATED
3710 3710
3711 3711 def outdated_at_version(self, version):
3712 3712 """
3713 3713 Checks if comment is outdated for given pull request version
3714 3714 """
3715 3715 return self.outdated and self.pull_request_version_id != version
3716 3716
3717 3717 def older_than_version(self, version):
3718 3718 """
3719 3719 Checks if comment is made from previous version than given
3720 3720 """
3721 3721 if version is None:
3722 3722 return self.pull_request_version_id is not None
3723 3723
3724 3724 return self.pull_request_version_id < version
3725 3725
3726 3726 @property
3727 3727 def resolved(self):
3728 3728 return self.resolved_by[0] if self.resolved_by else None
3729 3729
3730 3730 @property
3731 3731 def is_todo(self):
3732 3732 return self.comment_type == self.COMMENT_TYPE_TODO
3733 3733
3734 3734 @property
3735 3735 def is_inline(self):
3736 3736 return self.line_no and self.f_path
3737 3737
3738 3738 def get_index_version(self, versions):
3739 3739 return self.get_index_from_version(
3740 3740 self.pull_request_version_id, versions)
3741 3741
3742 3742 def __repr__(self):
3743 3743 if self.comment_id:
3744 3744 return '<DB:Comment #%s>' % self.comment_id
3745 3745 else:
3746 3746 return '<DB:Comment at %#x>' % id(self)
3747 3747
3748 3748 def get_api_data(self):
3749 3749 comment = self
3750 3750 data = {
3751 3751 'comment_id': comment.comment_id,
3752 3752 'comment_type': comment.comment_type,
3753 3753 'comment_text': comment.text,
3754 3754 'comment_status': comment.status_change,
3755 3755 'comment_f_path': comment.f_path,
3756 3756 'comment_lineno': comment.line_no,
3757 3757 'comment_author': comment.author,
3758 3758 'comment_created_on': comment.created_on,
3759 3759 'comment_resolved_by': self.resolved
3760 3760 }
3761 3761 return data
3762 3762
3763 3763 def __json__(self):
3764 3764 data = dict()
3765 3765 data.update(self.get_api_data())
3766 3766 return data
3767 3767
3768 3768
3769 3769 class ChangesetStatus(Base, BaseModel):
3770 3770 __tablename__ = 'changeset_statuses'
3771 3771 __table_args__ = (
3772 3772 Index('cs_revision_idx', 'revision'),
3773 3773 Index('cs_version_idx', 'version'),
3774 3774 UniqueConstraint('repo_id', 'revision', 'version'),
3775 3775 base_table_args
3776 3776 )
3777 3777
3778 3778 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
3779 3779 STATUS_APPROVED = 'approved'
3780 3780 STATUS_REJECTED = 'rejected'
3781 3781 STATUS_UNDER_REVIEW = 'under_review'
3782 3782
3783 3783 STATUSES = [
3784 3784 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
3785 3785 (STATUS_APPROVED, _("Approved")),
3786 3786 (STATUS_REJECTED, _("Rejected")),
3787 3787 (STATUS_UNDER_REVIEW, _("Under Review")),
3788 3788 ]
3789 3789
3790 3790 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
3791 3791 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3792 3792 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
3793 3793 revision = Column('revision', String(40), nullable=False)
3794 3794 status = Column('status', String(128), nullable=False, default=DEFAULT)
3795 3795 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
3796 3796 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
3797 3797 version = Column('version', Integer(), nullable=False, default=0)
3798 3798 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3799 3799
3800 3800 author = relationship('User', lazy='joined')
3801 3801 repo = relationship('Repository')
3802 3802 comment = relationship('ChangesetComment', lazy='joined')
3803 3803 pull_request = relationship('PullRequest', lazy='joined')
3804 3804
3805 3805 def __unicode__(self):
3806 3806 return u"<%s('%s[v%s]:%s')>" % (
3807 3807 self.__class__.__name__,
3808 3808 self.status, self.version, self.author
3809 3809 )
3810 3810
3811 3811 @classmethod
3812 3812 def get_status_lbl(cls, value):
3813 3813 return dict(cls.STATUSES).get(value)
3814 3814
3815 3815 @property
3816 3816 def status_lbl(self):
3817 3817 return ChangesetStatus.get_status_lbl(self.status)
3818 3818
3819 3819 def get_api_data(self):
3820 3820 status = self
3821 3821 data = {
3822 3822 'status_id': status.changeset_status_id,
3823 3823 'status': status.status,
3824 3824 }
3825 3825 return data
3826 3826
3827 3827 def __json__(self):
3828 3828 data = dict()
3829 3829 data.update(self.get_api_data())
3830 3830 return data
3831 3831
3832 3832
3833 3833 class _SetState(object):
3834 3834 """
3835 3835 Context processor allowing changing state for sensitive operation such as
3836 3836 pull request update or merge
3837 3837 """
3838 3838
3839 3839 def __init__(self, pull_request, pr_state, back_state=None):
3840 3840 self._pr = pull_request
3841 3841 self._org_state = back_state or pull_request.pull_request_state
3842 3842 self._pr_state = pr_state
3843 3843 self._current_state = None
3844 3844
3845 3845 def __enter__(self):
3846 3846 log.debug('StateLock: entering set state context, setting state to: `%s`',
3847 3847 self._pr_state)
3848 3848 self.set_pr_state(self._pr_state)
3849 3849 return self
3850 3850
3851 3851 def __exit__(self, exc_type, exc_val, exc_tb):
3852 3852 if exc_val is not None:
3853 3853 log.error(traceback.format_exc(exc_tb))
3854 3854 return None
3855 3855
3856 3856 self.set_pr_state(self._org_state)
3857 3857 log.debug('StateLock: exiting set state context, setting state to: `%s`',
3858 3858 self._org_state)
3859 3859 @property
3860 3860 def state(self):
3861 3861 return self._current_state
3862 3862
3863 3863 def set_pr_state(self, pr_state):
3864 3864 try:
3865 3865 self._pr.pull_request_state = pr_state
3866 3866 Session().add(self._pr)
3867 3867 Session().commit()
3868 3868 self._current_state = pr_state
3869 3869 except Exception:
3870 3870 log.exception('Failed to set PullRequest %s state to %s', self._pr, pr_state)
3871 3871 raise
3872 3872
3873 3873 class _PullRequestBase(BaseModel):
3874 3874 """
3875 3875 Common attributes of pull request and version entries.
3876 3876 """
3877 3877
3878 3878 # .status values
3879 3879 STATUS_NEW = u'new'
3880 3880 STATUS_OPEN = u'open'
3881 3881 STATUS_CLOSED = u'closed'
3882 3882
3883 3883 # available states
3884 3884 STATE_CREATING = u'creating'
3885 3885 STATE_UPDATING = u'updating'
3886 3886 STATE_MERGING = u'merging'
3887 3887 STATE_CREATED = u'created'
3888 3888
3889 3889 title = Column('title', Unicode(255), nullable=True)
3890 3890 description = Column(
3891 3891 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
3892 3892 nullable=True)
3893 3893 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
3894 3894
3895 3895 # new/open/closed status of pull request (not approve/reject/etc)
3896 3896 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
3897 3897 created_on = Column(
3898 3898 'created_on', DateTime(timezone=False), nullable=False,
3899 3899 default=datetime.datetime.now)
3900 3900 updated_on = Column(
3901 3901 'updated_on', DateTime(timezone=False), nullable=False,
3902 3902 default=datetime.datetime.now)
3903 3903
3904 3904 pull_request_state = Column("pull_request_state", String(255), nullable=True)
3905 3905
3906 3906 @declared_attr
3907 3907 def user_id(cls):
3908 3908 return Column(
3909 3909 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
3910 3910 unique=None)
3911 3911
3912 3912 # 500 revisions max
3913 3913 _revisions = Column(
3914 3914 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
3915 3915
3916 3916 @declared_attr
3917 3917 def source_repo_id(cls):
3918 3918 # TODO: dan: rename column to source_repo_id
3919 3919 return Column(
3920 3920 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3921 3921 nullable=False)
3922 3922
3923 3923 _source_ref = Column('org_ref', Unicode(255), nullable=False)
3924 3924
3925 3925 @hybrid_property
3926 3926 def source_ref(self):
3927 3927 return self._source_ref
3928 3928
3929 3929 @source_ref.setter
3930 3930 def source_ref(self, val):
3931 3931 parts = (val or '').split(':')
3932 3932 if len(parts) != 3:
3933 3933 raise ValueError(
3934 3934 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
3935 3935 self._source_ref = safe_unicode(val)
3936 3936
3937 3937 _target_ref = Column('other_ref', Unicode(255), nullable=False)
3938 3938
3939 3939 @hybrid_property
3940 3940 def target_ref(self):
3941 3941 return self._target_ref
3942 3942
3943 3943 @target_ref.setter
3944 3944 def target_ref(self, val):
3945 3945 parts = (val or '').split(':')
3946 3946 if len(parts) != 3:
3947 3947 raise ValueError(
3948 3948 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
3949 3949 self._target_ref = safe_unicode(val)
3950 3950
3951 3951 @declared_attr
3952 3952 def target_repo_id(cls):
3953 3953 # TODO: dan: rename column to target_repo_id
3954 3954 return Column(
3955 3955 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3956 3956 nullable=False)
3957 3957
3958 3958 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
3959 3959
3960 3960 # TODO: dan: rename column to last_merge_source_rev
3961 3961 _last_merge_source_rev = Column(
3962 3962 'last_merge_org_rev', String(40), nullable=True)
3963 3963 # TODO: dan: rename column to last_merge_target_rev
3964 3964 _last_merge_target_rev = Column(
3965 3965 'last_merge_other_rev', String(40), nullable=True)
3966 3966 _last_merge_status = Column('merge_status', Integer(), nullable=True)
3967 3967 merge_rev = Column('merge_rev', String(40), nullable=True)
3968 3968
3969 3969 reviewer_data = Column(
3970 3970 'reviewer_data_json', MutationObj.as_mutable(
3971 3971 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3972 3972
3973 3973 @property
3974 3974 def reviewer_data_json(self):
3975 3975 return json.dumps(self.reviewer_data)
3976 3976
3977 3977 @hybrid_property
3978 3978 def description_safe(self):
3979 3979 from rhodecode.lib import helpers as h
3980 3980 return h.escape(self.description)
3981 3981
3982 3982 @hybrid_property
3983 3983 def revisions(self):
3984 3984 return self._revisions.split(':') if self._revisions else []
3985 3985
3986 3986 @revisions.setter
3987 3987 def revisions(self, val):
3988 3988 self._revisions = u':'.join(val)
3989 3989
3990 3990 @hybrid_property
3991 3991 def last_merge_status(self):
3992 3992 return safe_int(self._last_merge_status)
3993 3993
3994 3994 @last_merge_status.setter
3995 3995 def last_merge_status(self, val):
3996 3996 self._last_merge_status = val
3997 3997
3998 3998 @declared_attr
3999 3999 def author(cls):
4000 4000 return relationship('User', lazy='joined')
4001 4001
4002 4002 @declared_attr
4003 4003 def source_repo(cls):
4004 4004 return relationship(
4005 4005 'Repository',
4006 4006 primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
4007 4007
4008 4008 @property
4009 4009 def source_ref_parts(self):
4010 4010 return self.unicode_to_reference(self.source_ref)
4011 4011
4012 4012 @declared_attr
4013 4013 def target_repo(cls):
4014 4014 return relationship(
4015 4015 'Repository',
4016 4016 primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
4017 4017
4018 4018 @property
4019 4019 def target_ref_parts(self):
4020 4020 return self.unicode_to_reference(self.target_ref)
4021 4021
4022 4022 @property
4023 4023 def shadow_merge_ref(self):
4024 4024 return self.unicode_to_reference(self._shadow_merge_ref)
4025 4025
4026 4026 @shadow_merge_ref.setter
4027 4027 def shadow_merge_ref(self, ref):
4028 4028 self._shadow_merge_ref = self.reference_to_unicode(ref)
4029 4029
4030 4030 @staticmethod
4031 4031 def unicode_to_reference(raw):
4032 4032 """
4033 4033 Convert a unicode (or string) to a reference object.
4034 4034 If unicode evaluates to False it returns None.
4035 4035 """
4036 4036 if raw:
4037 4037 refs = raw.split(':')
4038 4038 return Reference(*refs)
4039 4039 else:
4040 4040 return None
4041 4041
4042 4042 @staticmethod
4043 4043 def reference_to_unicode(ref):
4044 4044 """
4045 4045 Convert a reference object to unicode.
4046 4046 If reference is None it returns None.
4047 4047 """
4048 4048 if ref:
4049 4049 return u':'.join(ref)
4050 4050 else:
4051 4051 return None
4052 4052
4053 4053 def get_api_data(self, with_merge_state=True):
4054 4054 from rhodecode.model.pull_request import PullRequestModel
4055 4055
4056 4056 pull_request = self
4057 4057 if with_merge_state:
4058 4058 merge_status = PullRequestModel().merge_status(pull_request)
4059 4059 merge_state = {
4060 4060 'status': merge_status[0],
4061 4061 'message': safe_unicode(merge_status[1]),
4062 4062 }
4063 4063 else:
4064 4064 merge_state = {'status': 'not_available',
4065 4065 'message': 'not_available'}
4066 4066
4067 4067 merge_data = {
4068 4068 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
4069 4069 'reference': (
4070 4070 pull_request.shadow_merge_ref._asdict()
4071 4071 if pull_request.shadow_merge_ref else None),
4072 4072 }
4073 4073
4074 4074 data = {
4075 4075 'pull_request_id': pull_request.pull_request_id,
4076 4076 'url': PullRequestModel().get_url(pull_request),
4077 4077 'title': pull_request.title,
4078 4078 'description': pull_request.description,
4079 4079 'status': pull_request.status,
4080 4080 'state': pull_request.pull_request_state,
4081 4081 'created_on': pull_request.created_on,
4082 4082 'updated_on': pull_request.updated_on,
4083 4083 'commit_ids': pull_request.revisions,
4084 4084 'review_status': pull_request.calculated_review_status(),
4085 4085 'mergeable': merge_state,
4086 4086 'source': {
4087 4087 'clone_url': pull_request.source_repo.clone_url(),
4088 4088 'repository': pull_request.source_repo.repo_name,
4089 4089 'reference': {
4090 4090 'name': pull_request.source_ref_parts.name,
4091 4091 'type': pull_request.source_ref_parts.type,
4092 4092 'commit_id': pull_request.source_ref_parts.commit_id,
4093 4093 },
4094 4094 },
4095 4095 'target': {
4096 4096 'clone_url': pull_request.target_repo.clone_url(),
4097 4097 'repository': pull_request.target_repo.repo_name,
4098 4098 'reference': {
4099 4099 'name': pull_request.target_ref_parts.name,
4100 4100 'type': pull_request.target_ref_parts.type,
4101 4101 'commit_id': pull_request.target_ref_parts.commit_id,
4102 4102 },
4103 4103 },
4104 4104 'merge': merge_data,
4105 4105 'author': pull_request.author.get_api_data(include_secrets=False,
4106 4106 details='basic'),
4107 4107 'reviewers': [
4108 4108 {
4109 4109 'user': reviewer.get_api_data(include_secrets=False,
4110 4110 details='basic'),
4111 4111 'reasons': reasons,
4112 4112 'review_status': st[0][1].status if st else 'not_reviewed',
4113 4113 }
4114 4114 for obj, reviewer, reasons, mandatory, st in
4115 4115 pull_request.reviewers_statuses()
4116 4116 ]
4117 4117 }
4118 4118
4119 4119 return data
4120 4120
4121 4121 def set_state(self, pull_request_state, final_state=None):
4122 4122 """
4123 4123 # goes from initial state to updating to initial state.
4124 4124 # initial state can be changed by specifying back_state=
4125 4125 with pull_request_obj.set_state(PullRequest.STATE_UPDATING):
4126 4126 pull_request.merge()
4127 4127
4128 4128 :param pull_request_state:
4129 4129 :param final_state:
4130 4130
4131 4131 """
4132 4132
4133 4133 return _SetState(self, pull_request_state, back_state=final_state)
4134 4134
4135 4135
4136 4136 class PullRequest(Base, _PullRequestBase):
4137 4137 __tablename__ = 'pull_requests'
4138 4138 __table_args__ = (
4139 4139 base_table_args,
4140 4140 )
4141 4141
4142 4142 pull_request_id = Column(
4143 4143 'pull_request_id', Integer(), nullable=False, primary_key=True)
4144 4144
4145 4145 def __repr__(self):
4146 4146 if self.pull_request_id:
4147 4147 return '<DB:PullRequest #%s>' % self.pull_request_id
4148 4148 else:
4149 4149 return '<DB:PullRequest at %#x>' % id(self)
4150 4150
4151 4151 reviewers = relationship('PullRequestReviewers',
4152 4152 cascade="all, delete-orphan")
4153 4153 statuses = relationship('ChangesetStatus',
4154 4154 cascade="all, delete-orphan")
4155 4155 comments = relationship('ChangesetComment',
4156 4156 cascade="all, delete-orphan")
4157 4157 versions = relationship('PullRequestVersion',
4158 4158 cascade="all, delete-orphan",
4159 4159 lazy='dynamic')
4160 4160
4161 4161 @classmethod
4162 4162 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
4163 4163 internal_methods=None):
4164 4164
4165 4165 class PullRequestDisplay(object):
4166 4166 """
4167 4167 Special object wrapper for showing PullRequest data via Versions
4168 4168 It mimics PR object as close as possible. This is read only object
4169 4169 just for display
4170 4170 """
4171 4171
4172 4172 def __init__(self, attrs, internal=None):
4173 4173 self.attrs = attrs
4174 4174 # internal have priority over the given ones via attrs
4175 4175 self.internal = internal or ['versions']
4176 4176
4177 4177 def __getattr__(self, item):
4178 4178 if item in self.internal:
4179 4179 return getattr(self, item)
4180 4180 try:
4181 4181 return self.attrs[item]
4182 4182 except KeyError:
4183 4183 raise AttributeError(
4184 4184 '%s object has no attribute %s' % (self, item))
4185 4185
4186 4186 def __repr__(self):
4187 4187 return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
4188 4188
4189 4189 def versions(self):
4190 4190 return pull_request_obj.versions.order_by(
4191 4191 PullRequestVersion.pull_request_version_id).all()
4192 4192
4193 4193 def is_closed(self):
4194 4194 return pull_request_obj.is_closed()
4195 4195
4196 4196 @property
4197 4197 def pull_request_version_id(self):
4198 4198 return getattr(pull_request_obj, 'pull_request_version_id', None)
4199 4199
4200 4200 attrs = StrictAttributeDict(pull_request_obj.get_api_data(with_merge_state=False))
4201 4201
4202 4202 attrs.author = StrictAttributeDict(
4203 4203 pull_request_obj.author.get_api_data())
4204 4204 if pull_request_obj.target_repo:
4205 4205 attrs.target_repo = StrictAttributeDict(
4206 4206 pull_request_obj.target_repo.get_api_data())
4207 4207 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
4208 4208
4209 4209 if pull_request_obj.source_repo:
4210 4210 attrs.source_repo = StrictAttributeDict(
4211 4211 pull_request_obj.source_repo.get_api_data())
4212 4212 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
4213 4213
4214 4214 attrs.source_ref_parts = pull_request_obj.source_ref_parts
4215 4215 attrs.target_ref_parts = pull_request_obj.target_ref_parts
4216 4216 attrs.revisions = pull_request_obj.revisions
4217 4217
4218 4218 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
4219 4219 attrs.reviewer_data = org_pull_request_obj.reviewer_data
4220 4220 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
4221 4221
4222 4222 return PullRequestDisplay(attrs, internal=internal_methods)
4223 4223
4224 4224 def is_closed(self):
4225 4225 return self.status == self.STATUS_CLOSED
4226 4226
4227 4227 def __json__(self):
4228 4228 return {
4229 4229 'revisions': self.revisions,
4230 4230 }
4231 4231
4232 4232 def calculated_review_status(self):
4233 4233 from rhodecode.model.changeset_status import ChangesetStatusModel
4234 4234 return ChangesetStatusModel().calculated_review_status(self)
4235 4235
4236 4236 def reviewers_statuses(self):
4237 4237 from rhodecode.model.changeset_status import ChangesetStatusModel
4238 4238 return ChangesetStatusModel().reviewers_statuses(self)
4239 4239
4240 4240 @property
4241 4241 def workspace_id(self):
4242 4242 from rhodecode.model.pull_request import PullRequestModel
4243 4243 return PullRequestModel()._workspace_id(self)
4244 4244
4245 4245 def get_shadow_repo(self):
4246 4246 workspace_id = self.workspace_id
4247 4247 shadow_repository_path = self.target_repo.get_shadow_repository_path(workspace_id)
4248 4248 if os.path.isdir(shadow_repository_path):
4249 4249 vcs_obj = self.target_repo.scm_instance()
4250 4250 return vcs_obj.get_shadow_instance(shadow_repository_path)
4251 4251
4252 4252
4253 4253 class PullRequestVersion(Base, _PullRequestBase):
4254 4254 __tablename__ = 'pull_request_versions'
4255 4255 __table_args__ = (
4256 4256 base_table_args,
4257 4257 )
4258 4258
4259 4259 pull_request_version_id = Column(
4260 4260 'pull_request_version_id', Integer(), nullable=False, primary_key=True)
4261 4261 pull_request_id = Column(
4262 4262 'pull_request_id', Integer(),
4263 4263 ForeignKey('pull_requests.pull_request_id'), nullable=False)
4264 4264 pull_request = relationship('PullRequest')
4265 4265
4266 4266 def __repr__(self):
4267 4267 if self.pull_request_version_id:
4268 4268 return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
4269 4269 else:
4270 4270 return '<DB:PullRequestVersion at %#x>' % id(self)
4271 4271
4272 4272 @property
4273 4273 def reviewers(self):
4274 4274 return self.pull_request.reviewers
4275 4275
4276 4276 @property
4277 4277 def versions(self):
4278 4278 return self.pull_request.versions
4279 4279
4280 4280 def is_closed(self):
4281 4281 # calculate from original
4282 4282 return self.pull_request.status == self.STATUS_CLOSED
4283 4283
4284 4284 def calculated_review_status(self):
4285 4285 return self.pull_request.calculated_review_status()
4286 4286
4287 4287 def reviewers_statuses(self):
4288 4288 return self.pull_request.reviewers_statuses()
4289 4289
4290 4290
4291 4291 class PullRequestReviewers(Base, BaseModel):
4292 4292 __tablename__ = 'pull_request_reviewers'
4293 4293 __table_args__ = (
4294 4294 base_table_args,
4295 4295 )
4296 4296
4297 4297 @hybrid_property
4298 4298 def reasons(self):
4299 4299 if not self._reasons:
4300 4300 return []
4301 4301 return self._reasons
4302 4302
4303 4303 @reasons.setter
4304 4304 def reasons(self, val):
4305 4305 val = val or []
4306 4306 if any(not isinstance(x, compat.string_types) for x in val):
4307 4307 raise Exception('invalid reasons type, must be list of strings')
4308 4308 self._reasons = val
4309 4309
4310 4310 pull_requests_reviewers_id = Column(
4311 4311 'pull_requests_reviewers_id', Integer(), nullable=False,
4312 4312 primary_key=True)
4313 4313 pull_request_id = Column(
4314 4314 "pull_request_id", Integer(),
4315 4315 ForeignKey('pull_requests.pull_request_id'), nullable=False)
4316 4316 user_id = Column(
4317 4317 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
4318 4318 _reasons = Column(
4319 4319 'reason', MutationList.as_mutable(
4320 4320 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
4321 4321
4322 4322 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4323 4323 user = relationship('User')
4324 4324 pull_request = relationship('PullRequest')
4325 4325
4326 4326 rule_data = Column(
4327 4327 'rule_data_json',
4328 4328 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
4329 4329
4330 4330 def rule_user_group_data(self):
4331 4331 """
4332 4332 Returns the voting user group rule data for this reviewer
4333 4333 """
4334 4334
4335 4335 if self.rule_data and 'vote_rule' in self.rule_data:
4336 4336 user_group_data = {}
4337 4337 if 'rule_user_group_entry_id' in self.rule_data:
4338 4338 # means a group with voting rules !
4339 4339 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
4340 4340 user_group_data['name'] = self.rule_data['rule_name']
4341 4341 user_group_data['vote_rule'] = self.rule_data['vote_rule']
4342 4342
4343 4343 return user_group_data
4344 4344
4345 4345 def __unicode__(self):
4346 4346 return u"<%s('id:%s')>" % (self.__class__.__name__,
4347 4347 self.pull_requests_reviewers_id)
4348 4348
4349 4349
4350 4350 class Notification(Base, BaseModel):
4351 4351 __tablename__ = 'notifications'
4352 4352 __table_args__ = (
4353 4353 Index('notification_type_idx', 'type'),
4354 4354 base_table_args,
4355 4355 )
4356 4356
4357 4357 TYPE_CHANGESET_COMMENT = u'cs_comment'
4358 4358 TYPE_MESSAGE = u'message'
4359 4359 TYPE_MENTION = u'mention'
4360 4360 TYPE_REGISTRATION = u'registration'
4361 4361 TYPE_PULL_REQUEST = u'pull_request'
4362 4362 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
4363 4363
4364 4364 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
4365 4365 subject = Column('subject', Unicode(512), nullable=True)
4366 4366 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4367 4367 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
4368 4368 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4369 4369 type_ = Column('type', Unicode(255))
4370 4370
4371 4371 created_by_user = relationship('User')
4372 4372 notifications_to_users = relationship('UserNotification', lazy='joined',
4373 4373 cascade="all, delete-orphan")
4374 4374
4375 4375 @property
4376 4376 def recipients(self):
4377 4377 return [x.user for x in UserNotification.query()\
4378 4378 .filter(UserNotification.notification == self)\
4379 4379 .order_by(UserNotification.user_id.asc()).all()]
4380 4380
4381 4381 @classmethod
4382 4382 def create(cls, created_by, subject, body, recipients, type_=None):
4383 4383 if type_ is None:
4384 4384 type_ = Notification.TYPE_MESSAGE
4385 4385
4386 4386 notification = cls()
4387 4387 notification.created_by_user = created_by
4388 4388 notification.subject = subject
4389 4389 notification.body = body
4390 4390 notification.type_ = type_
4391 4391 notification.created_on = datetime.datetime.now()
4392 4392
4393 4393 # For each recipient link the created notification to his account
4394 4394 for u in recipients:
4395 4395 assoc = UserNotification()
4396 4396 assoc.user_id = u.user_id
4397 4397 assoc.notification = notification
4398 4398
4399 4399 # if created_by is inside recipients mark his notification
4400 4400 # as read
4401 4401 if u.user_id == created_by.user_id:
4402 4402 assoc.read = True
4403 4403 Session().add(assoc)
4404 4404
4405 4405 Session().add(notification)
4406 4406
4407 4407 return notification
4408 4408
4409 4409
4410 4410 class UserNotification(Base, BaseModel):
4411 4411 __tablename__ = 'user_to_notification'
4412 4412 __table_args__ = (
4413 4413 UniqueConstraint('user_id', 'notification_id'),
4414 4414 base_table_args
4415 4415 )
4416 4416
4417 4417 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4418 4418 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
4419 4419 read = Column('read', Boolean, default=False)
4420 4420 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
4421 4421
4422 4422 user = relationship('User', lazy="joined")
4423 4423 notification = relationship('Notification', lazy="joined",
4424 4424 order_by=lambda: Notification.created_on.desc(),)
4425 4425
4426 4426 def mark_as_read(self):
4427 4427 self.read = True
4428 4428 Session().add(self)
4429 4429
4430 4430
4431 4431 class Gist(Base, BaseModel):
4432 4432 __tablename__ = 'gists'
4433 4433 __table_args__ = (
4434 4434 Index('g_gist_access_id_idx', 'gist_access_id'),
4435 4435 Index('g_created_on_idx', 'created_on'),
4436 4436 base_table_args
4437 4437 )
4438 4438
4439 4439 GIST_PUBLIC = u'public'
4440 4440 GIST_PRIVATE = u'private'
4441 4441 DEFAULT_FILENAME = u'gistfile1.txt'
4442 4442
4443 4443 ACL_LEVEL_PUBLIC = u'acl_public'
4444 4444 ACL_LEVEL_PRIVATE = u'acl_private'
4445 4445
4446 4446 gist_id = Column('gist_id', Integer(), primary_key=True)
4447 4447 gist_access_id = Column('gist_access_id', Unicode(250))
4448 4448 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
4449 4449 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
4450 4450 gist_expires = Column('gist_expires', Float(53), nullable=False)
4451 4451 gist_type = Column('gist_type', Unicode(128), nullable=False)
4452 4452 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4453 4453 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4454 4454 acl_level = Column('acl_level', Unicode(128), nullable=True)
4455 4455
4456 4456 owner = relationship('User')
4457 4457
4458 4458 def __repr__(self):
4459 4459 return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
4460 4460
4461 4461 @hybrid_property
4462 4462 def description_safe(self):
4463 4463 from rhodecode.lib import helpers as h
4464 4464 return h.escape(self.gist_description)
4465 4465
4466 4466 @classmethod
4467 4467 def get_or_404(cls, id_):
4468 4468 from pyramid.httpexceptions import HTTPNotFound
4469 4469
4470 4470 res = cls.query().filter(cls.gist_access_id == id_).scalar()
4471 4471 if not res:
4472 4472 raise HTTPNotFound()
4473 4473 return res
4474 4474
4475 4475 @classmethod
4476 4476 def get_by_access_id(cls, gist_access_id):
4477 4477 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
4478 4478
4479 4479 def gist_url(self):
4480 4480 from rhodecode.model.gist import GistModel
4481 4481 return GistModel().get_url(self)
4482 4482
4483 4483 @classmethod
4484 4484 def base_path(cls):
4485 4485 """
4486 4486 Returns base path when all gists are stored
4487 4487
4488 4488 :param cls:
4489 4489 """
4490 4490 from rhodecode.model.gist import GIST_STORE_LOC
4491 4491 q = Session().query(RhodeCodeUi)\
4492 4492 .filter(RhodeCodeUi.ui_key == URL_SEP)
4493 4493 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
4494 4494 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
4495 4495
4496 4496 def get_api_data(self):
4497 4497 """
4498 4498 Common function for generating gist related data for API
4499 4499 """
4500 4500 gist = self
4501 4501 data = {
4502 4502 'gist_id': gist.gist_id,
4503 4503 'type': gist.gist_type,
4504 4504 'access_id': gist.gist_access_id,
4505 4505 'description': gist.gist_description,
4506 4506 'url': gist.gist_url(),
4507 4507 'expires': gist.gist_expires,
4508 4508 'created_on': gist.created_on,
4509 4509 'modified_at': gist.modified_at,
4510 4510 'content': None,
4511 4511 'acl_level': gist.acl_level,
4512 4512 }
4513 4513 return data
4514 4514
4515 4515 def __json__(self):
4516 4516 data = dict(
4517 4517 )
4518 4518 data.update(self.get_api_data())
4519 4519 return data
4520 4520 # SCM functions
4521 4521
4522 4522 def scm_instance(self, **kwargs):
4523 4523 """
4524 4524 Get an instance of VCS Repository
4525 4525
4526 4526 :param kwargs:
4527 4527 """
4528 4528 from rhodecode.model.gist import GistModel
4529 4529 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
4530 4530 return get_vcs_instance(
4531 4531 repo_path=safe_str(full_repo_path), create=False,
4532 4532 _vcs_alias=GistModel.vcs_backend)
4533 4533
4534 4534
4535 4535 class ExternalIdentity(Base, BaseModel):
4536 4536 __tablename__ = 'external_identities'
4537 4537 __table_args__ = (
4538 4538 Index('local_user_id_idx', 'local_user_id'),
4539 4539 Index('external_id_idx', 'external_id'),
4540 4540 base_table_args
4541 4541 )
4542 4542
4543 4543 external_id = Column('external_id', Unicode(255), default=u'', primary_key=True)
4544 4544 external_username = Column('external_username', Unicode(1024), default=u'')
4545 4545 local_user_id = Column('local_user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4546 4546 provider_name = Column('provider_name', Unicode(255), default=u'', primary_key=True)
4547 4547 access_token = Column('access_token', String(1024), default=u'')
4548 4548 alt_token = Column('alt_token', String(1024), default=u'')
4549 4549 token_secret = Column('token_secret', String(1024), default=u'')
4550 4550
4551 4551 @classmethod
4552 4552 def by_external_id_and_provider(cls, external_id, provider_name, local_user_id=None):
4553 4553 """
4554 4554 Returns ExternalIdentity instance based on search params
4555 4555
4556 4556 :param external_id:
4557 4557 :param provider_name:
4558 4558 :return: ExternalIdentity
4559 4559 """
4560 4560 query = cls.query()
4561 4561 query = query.filter(cls.external_id == external_id)
4562 4562 query = query.filter(cls.provider_name == provider_name)
4563 4563 if local_user_id:
4564 4564 query = query.filter(cls.local_user_id == local_user_id)
4565 4565 return query.first()
4566 4566
4567 4567 @classmethod
4568 4568 def user_by_external_id_and_provider(cls, external_id, provider_name):
4569 4569 """
4570 4570 Returns User instance based on search params
4571 4571
4572 4572 :param external_id:
4573 4573 :param provider_name:
4574 4574 :return: User
4575 4575 """
4576 4576 query = User.query()
4577 4577 query = query.filter(cls.external_id == external_id)
4578 4578 query = query.filter(cls.provider_name == provider_name)
4579 4579 query = query.filter(User.user_id == cls.local_user_id)
4580 4580 return query.first()
4581 4581
4582 4582 @classmethod
4583 4583 def by_local_user_id(cls, local_user_id):
4584 4584 """
4585 4585 Returns all tokens for user
4586 4586
4587 4587 :param local_user_id:
4588 4588 :return: ExternalIdentity
4589 4589 """
4590 4590 query = cls.query()
4591 4591 query = query.filter(cls.local_user_id == local_user_id)
4592 4592 return query
4593 4593
4594 4594 @classmethod
4595 4595 def load_provider_plugin(cls, plugin_id):
4596 4596 from rhodecode.authentication.base import loadplugin
4597 4597 _plugin_id = 'egg:rhodecode-enterprise-ee#{}'.format(plugin_id)
4598 4598 auth_plugin = loadplugin(_plugin_id)
4599 4599 return auth_plugin
4600 4600
4601 4601
4602 4602 class Integration(Base, BaseModel):
4603 4603 __tablename__ = 'integrations'
4604 4604 __table_args__ = (
4605 4605 base_table_args
4606 4606 )
4607 4607
4608 4608 integration_id = Column('integration_id', Integer(), primary_key=True)
4609 4609 integration_type = Column('integration_type', String(255))
4610 4610 enabled = Column('enabled', Boolean(), nullable=False)
4611 4611 name = Column('name', String(255), nullable=False)
4612 4612 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
4613 4613 default=False)
4614 4614
4615 4615 settings = Column(
4616 4616 'settings_json', MutationObj.as_mutable(
4617 4617 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4618 4618 repo_id = Column(
4619 4619 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
4620 4620 nullable=True, unique=None, default=None)
4621 4621 repo = relationship('Repository', lazy='joined')
4622 4622
4623 4623 repo_group_id = Column(
4624 4624 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
4625 4625 nullable=True, unique=None, default=None)
4626 4626 repo_group = relationship('RepoGroup', lazy='joined')
4627 4627
4628 4628 @property
4629 4629 def scope(self):
4630 4630 if self.repo:
4631 4631 return repr(self.repo)
4632 4632 if self.repo_group:
4633 4633 if self.child_repos_only:
4634 4634 return repr(self.repo_group) + ' (child repos only)'
4635 4635 else:
4636 4636 return repr(self.repo_group) + ' (recursive)'
4637 4637 if self.child_repos_only:
4638 4638 return 'root_repos'
4639 4639 return 'global'
4640 4640
4641 4641 def __repr__(self):
4642 4642 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
4643 4643
4644 4644
4645 4645 class RepoReviewRuleUser(Base, BaseModel):
4646 4646 __tablename__ = 'repo_review_rules_users'
4647 4647 __table_args__ = (
4648 4648 base_table_args
4649 4649 )
4650 4650
4651 4651 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
4652 4652 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4653 4653 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
4654 4654 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4655 4655 user = relationship('User')
4656 4656
4657 4657 def rule_data(self):
4658 4658 return {
4659 4659 'mandatory': self.mandatory
4660 4660 }
4661 4661
4662 4662
4663 4663 class RepoReviewRuleUserGroup(Base, BaseModel):
4664 4664 __tablename__ = 'repo_review_rules_users_groups'
4665 4665 __table_args__ = (
4666 4666 base_table_args
4667 4667 )
4668 4668
4669 4669 VOTE_RULE_ALL = -1
4670 4670
4671 4671 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
4672 4672 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
4673 4673 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
4674 4674 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4675 4675 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
4676 4676 users_group = relationship('UserGroup')
4677 4677
4678 4678 def rule_data(self):
4679 4679 return {
4680 4680 'mandatory': self.mandatory,
4681 4681 'vote_rule': self.vote_rule
4682 4682 }
4683 4683
4684 4684 @property
4685 4685 def vote_rule_label(self):
4686 4686 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
4687 4687 return 'all must vote'
4688 4688 else:
4689 4689 return 'min. vote {}'.format(self.vote_rule)
4690 4690
4691 4691
4692 4692 class RepoReviewRule(Base, BaseModel):
4693 4693 __tablename__ = 'repo_review_rules'
4694 4694 __table_args__ = (
4695 4695 base_table_args
4696 4696 )
4697 4697
4698 4698 repo_review_rule_id = Column(
4699 4699 'repo_review_rule_id', Integer(), primary_key=True)
4700 4700 repo_id = Column(
4701 4701 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
4702 4702 repo = relationship('Repository', backref='review_rules')
4703 4703
4704 4704 review_rule_name = Column('review_rule_name', String(255))
4705 4705 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4706 4706 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4707 4707 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
4708 4708
4709 4709 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
4710 4710 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
4711 4711 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
4712 4712 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
4713 4713
4714 4714 rule_users = relationship('RepoReviewRuleUser')
4715 4715 rule_user_groups = relationship('RepoReviewRuleUserGroup')
4716 4716
4717 4717 def _validate_pattern(self, value):
4718 4718 re.compile('^' + glob2re(value) + '$')
4719 4719
4720 4720 @hybrid_property
4721 4721 def source_branch_pattern(self):
4722 4722 return self._branch_pattern or '*'
4723 4723
4724 4724 @source_branch_pattern.setter
4725 4725 def source_branch_pattern(self, value):
4726 4726 self._validate_pattern(value)
4727 4727 self._branch_pattern = value or '*'
4728 4728
4729 4729 @hybrid_property
4730 4730 def target_branch_pattern(self):
4731 4731 return self._target_branch_pattern or '*'
4732 4732
4733 4733 @target_branch_pattern.setter
4734 4734 def target_branch_pattern(self, value):
4735 4735 self._validate_pattern(value)
4736 4736 self._target_branch_pattern = value or '*'
4737 4737
4738 4738 @hybrid_property
4739 4739 def file_pattern(self):
4740 4740 return self._file_pattern or '*'
4741 4741
4742 4742 @file_pattern.setter
4743 4743 def file_pattern(self, value):
4744 4744 self._validate_pattern(value)
4745 4745 self._file_pattern = value or '*'
4746 4746
4747 4747 def matches(self, source_branch, target_branch, files_changed):
4748 4748 """
4749 4749 Check if this review rule matches a branch/files in a pull request
4750 4750
4751 4751 :param source_branch: source branch name for the commit
4752 4752 :param target_branch: target branch name for the commit
4753 4753 :param files_changed: list of file paths changed in the pull request
4754 4754 """
4755 4755
4756 4756 source_branch = source_branch or ''
4757 4757 target_branch = target_branch or ''
4758 4758 files_changed = files_changed or []
4759 4759
4760 4760 branch_matches = True
4761 4761 if source_branch or target_branch:
4762 4762 if self.source_branch_pattern == '*':
4763 4763 source_branch_match = True
4764 4764 else:
4765 4765 if self.source_branch_pattern.startswith('re:'):
4766 4766 source_pattern = self.source_branch_pattern[3:]
4767 4767 else:
4768 4768 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
4769 4769 source_branch_regex = re.compile(source_pattern)
4770 4770 source_branch_match = bool(source_branch_regex.search(source_branch))
4771 4771 if self.target_branch_pattern == '*':
4772 4772 target_branch_match = True
4773 4773 else:
4774 4774 if self.target_branch_pattern.startswith('re:'):
4775 4775 target_pattern = self.target_branch_pattern[3:]
4776 4776 else:
4777 4777 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
4778 4778 target_branch_regex = re.compile(target_pattern)
4779 4779 target_branch_match = bool(target_branch_regex.search(target_branch))
4780 4780
4781 4781 branch_matches = source_branch_match and target_branch_match
4782 4782
4783 4783 files_matches = True
4784 4784 if self.file_pattern != '*':
4785 4785 files_matches = False
4786 4786 if self.file_pattern.startswith('re:'):
4787 4787 file_pattern = self.file_pattern[3:]
4788 4788 else:
4789 4789 file_pattern = glob2re(self.file_pattern)
4790 4790 file_regex = re.compile(file_pattern)
4791 4791 for filename in files_changed:
4792 4792 if file_regex.search(filename):
4793 4793 files_matches = True
4794 4794 break
4795 4795
4796 4796 return branch_matches and files_matches
4797 4797
4798 4798 @property
4799 4799 def review_users(self):
4800 4800 """ Returns the users which this rule applies to """
4801 4801
4802 4802 users = collections.OrderedDict()
4803 4803
4804 4804 for rule_user in self.rule_users:
4805 4805 if rule_user.user.active:
4806 4806 if rule_user.user not in users:
4807 4807 users[rule_user.user.username] = {
4808 4808 'user': rule_user.user,
4809 4809 'source': 'user',
4810 4810 'source_data': {},
4811 4811 'data': rule_user.rule_data()
4812 4812 }
4813 4813
4814 4814 for rule_user_group in self.rule_user_groups:
4815 4815 source_data = {
4816 4816 'user_group_id': rule_user_group.users_group.users_group_id,
4817 4817 'name': rule_user_group.users_group.users_group_name,
4818 4818 'members': len(rule_user_group.users_group.members)
4819 4819 }
4820 4820 for member in rule_user_group.users_group.members:
4821 4821 if member.user.active:
4822 4822 key = member.user.username
4823 4823 if key in users:
4824 4824 # skip this member as we have him already
4825 4825 # this prevents from override the "first" matched
4826 4826 # users with duplicates in multiple groups
4827 4827 continue
4828 4828
4829 4829 users[key] = {
4830 4830 'user': member.user,
4831 4831 'source': 'user_group',
4832 4832 'source_data': source_data,
4833 4833 'data': rule_user_group.rule_data()
4834 4834 }
4835 4835
4836 4836 return users
4837 4837
4838 4838 def user_group_vote_rule(self, user_id):
4839 4839
4840 4840 rules = []
4841 4841 if not self.rule_user_groups:
4842 4842 return rules
4843 4843
4844 4844 for user_group in self.rule_user_groups:
4845 4845 user_group_members = [x.user_id for x in user_group.users_group.members]
4846 4846 if user_id in user_group_members:
4847 4847 rules.append(user_group)
4848 4848 return rules
4849 4849
4850 4850 def __repr__(self):
4851 4851 return '<RepoReviewerRule(id=%r, repo=%r)>' % (
4852 4852 self.repo_review_rule_id, self.repo)
4853 4853
4854 4854
4855 4855 class ScheduleEntry(Base, BaseModel):
4856 4856 __tablename__ = 'schedule_entries'
4857 4857 __table_args__ = (
4858 4858 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
4859 4859 UniqueConstraint('task_uid', name='s_task_uid_idx'),
4860 4860 base_table_args,
4861 4861 )
4862 4862
4863 4863 schedule_types = ['crontab', 'timedelta', 'integer']
4864 4864 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
4865 4865
4866 4866 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
4867 4867 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
4868 4868 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
4869 4869
4870 4870 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
4871 4871 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
4872 4872
4873 4873 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
4874 4874 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
4875 4875
4876 4876 # task
4877 4877 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
4878 4878 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
4879 4879 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
4880 4880 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
4881 4881
4882 4882 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4883 4883 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
4884 4884
4885 4885 @hybrid_property
4886 4886 def schedule_type(self):
4887 4887 return self._schedule_type
4888 4888
4889 4889 @schedule_type.setter
4890 4890 def schedule_type(self, val):
4891 4891 if val not in self.schedule_types:
4892 4892 raise ValueError('Value must be on of `{}` and got `{}`'.format(
4893 4893 val, self.schedule_type))
4894 4894
4895 4895 self._schedule_type = val
4896 4896
4897 4897 @classmethod
4898 4898 def get_uid(cls, obj):
4899 4899 args = obj.task_args
4900 4900 kwargs = obj.task_kwargs
4901 4901 if isinstance(args, JsonRaw):
4902 4902 try:
4903 4903 args = json.loads(args)
4904 4904 except ValueError:
4905 4905 args = tuple()
4906 4906
4907 4907 if isinstance(kwargs, JsonRaw):
4908 4908 try:
4909 4909 kwargs = json.loads(kwargs)
4910 4910 except ValueError:
4911 4911 kwargs = dict()
4912 4912
4913 4913 dot_notation = obj.task_dot_notation
4914 4914 val = '.'.join(map(safe_str, [
4915 4915 sorted(dot_notation), args, sorted(kwargs.items())]))
4916 4916 return hashlib.sha1(val).hexdigest()
4917 4917
4918 4918 @classmethod
4919 4919 def get_by_schedule_name(cls, schedule_name):
4920 4920 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
4921 4921
4922 4922 @classmethod
4923 4923 def get_by_schedule_id(cls, schedule_id):
4924 4924 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
4925 4925
4926 4926 @property
4927 4927 def task(self):
4928 4928 return self.task_dot_notation
4929 4929
4930 4930 @property
4931 4931 def schedule(self):
4932 4932 from rhodecode.lib.celerylib.utils import raw_2_schedule
4933 4933 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
4934 4934 return schedule
4935 4935
4936 4936 @property
4937 4937 def args(self):
4938 4938 try:
4939 4939 return list(self.task_args or [])
4940 4940 except ValueError:
4941 4941 return list()
4942 4942
4943 4943 @property
4944 4944 def kwargs(self):
4945 4945 try:
4946 4946 return dict(self.task_kwargs or {})
4947 4947 except ValueError:
4948 4948 return dict()
4949 4949
4950 4950 def _as_raw(self, val):
4951 4951 if hasattr(val, 'de_coerce'):
4952 4952 val = val.de_coerce()
4953 4953 if val:
4954 4954 val = json.dumps(val)
4955 4955
4956 4956 return val
4957 4957
4958 4958 @property
4959 4959 def schedule_definition_raw(self):
4960 4960 return self._as_raw(self.schedule_definition)
4961 4961
4962 4962 @property
4963 4963 def args_raw(self):
4964 4964 return self._as_raw(self.task_args)
4965 4965
4966 4966 @property
4967 4967 def kwargs_raw(self):
4968 4968 return self._as_raw(self.task_kwargs)
4969 4969
4970 4970 def __repr__(self):
4971 4971 return '<DB:ScheduleEntry({}:{})>'.format(
4972 4972 self.schedule_entry_id, self.schedule_name)
4973 4973
4974 4974
4975 4975 @event.listens_for(ScheduleEntry, 'before_update')
4976 4976 def update_task_uid(mapper, connection, target):
4977 4977 target.task_uid = ScheduleEntry.get_uid(target)
4978 4978
4979 4979
4980 4980 @event.listens_for(ScheduleEntry, 'before_insert')
4981 4981 def set_task_uid(mapper, connection, target):
4982 4982 target.task_uid = ScheduleEntry.get_uid(target)
4983 4983
4984 4984
4985 4985 class _BaseBranchPerms(BaseModel):
4986 4986 @classmethod
4987 4987 def compute_hash(cls, value):
4988 4988 return sha1_safe(value)
4989 4989
4990 4990 @hybrid_property
4991 4991 def branch_pattern(self):
4992 4992 return self._branch_pattern or '*'
4993 4993
4994 4994 @hybrid_property
4995 4995 def branch_hash(self):
4996 4996 return self._branch_hash
4997 4997
4998 4998 def _validate_glob(self, value):
4999 4999 re.compile('^' + glob2re(value) + '$')
5000 5000
5001 5001 @branch_pattern.setter
5002 5002 def branch_pattern(self, value):
5003 5003 self._validate_glob(value)
5004 5004 self._branch_pattern = value or '*'
5005 5005 # set the Hash when setting the branch pattern
5006 5006 self._branch_hash = self.compute_hash(self._branch_pattern)
5007 5007
5008 5008 def matches(self, branch):
5009 5009 """
5010 5010 Check if this the branch matches entry
5011 5011
5012 5012 :param branch: branch name for the commit
5013 5013 """
5014 5014
5015 5015 branch = branch or ''
5016 5016
5017 5017 branch_matches = True
5018 5018 if branch:
5019 5019 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
5020 5020 branch_matches = bool(branch_regex.search(branch))
5021 5021
5022 5022 return branch_matches
5023 5023
5024 5024
5025 5025 class UserToRepoBranchPermission(Base, _BaseBranchPerms):
5026 5026 __tablename__ = 'user_to_repo_branch_permissions'
5027 5027 __table_args__ = (
5028 5028 base_table_args
5029 5029 )
5030 5030
5031 5031 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5032 5032
5033 5033 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5034 5034 repo = relationship('Repository', backref='user_branch_perms')
5035 5035
5036 5036 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5037 5037 permission = relationship('Permission')
5038 5038
5039 5039 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
5040 5040 user_repo_to_perm = relationship('UserRepoToPerm')
5041 5041
5042 5042 rule_order = Column('rule_order', Integer(), nullable=False)
5043 5043 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
5044 5044 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5045 5045
5046 5046 def __unicode__(self):
5047 5047 return u'<UserBranchPermission(%s => %r)>' % (
5048 5048 self.user_repo_to_perm, self.branch_pattern)
5049 5049
5050 5050
5051 5051 class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
5052 5052 __tablename__ = 'user_group_to_repo_branch_permissions'
5053 5053 __table_args__ = (
5054 5054 base_table_args
5055 5055 )
5056 5056
5057 5057 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5058 5058
5059 5059 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5060 5060 repo = relationship('Repository', backref='user_group_branch_perms')
5061 5061
5062 5062 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5063 5063 permission = relationship('Permission')
5064 5064
5065 5065 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
5066 5066 user_group_repo_to_perm = relationship('UserGroupRepoToPerm')
5067 5067
5068 5068 rule_order = Column('rule_order', Integer(), nullable=False)
5069 5069 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob
5070 5070 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5071 5071
5072 5072 def __unicode__(self):
5073 5073 return u'<UserBranchPermission(%s => %r)>' % (
5074 5074 self.user_group_repo_to_perm, self.branch_pattern)
5075 5075
5076 5076
5077 5077 class UserBookmark(Base, BaseModel):
5078 5078 __tablename__ = 'user_bookmarks'
5079 5079 __table_args__ = (
5080 5080 UniqueConstraint('user_id', 'bookmark_repo_id'),
5081 5081 UniqueConstraint('user_id', 'bookmark_repo_group_id'),
5082 5082 UniqueConstraint('user_id', 'bookmark_position'),
5083 5083 base_table_args
5084 5084 )
5085 5085
5086 5086 user_bookmark_id = Column("user_bookmark_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
5087 5087 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
5088 5088 position = Column("bookmark_position", Integer(), nullable=False)
5089 5089 title = Column("bookmark_title", String(255), nullable=True, unique=None, default=None)
5090 5090 redirect_url = Column("bookmark_redirect_url", String(10240), nullable=True, unique=None, default=None)
5091 5091 created_on = Column("created_on", DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5092 5092
5093 5093 bookmark_repo_id = Column("bookmark_repo_id", Integer(), ForeignKey("repositories.repo_id"), nullable=True, unique=None, default=None)
5094 5094 bookmark_repo_group_id = Column("bookmark_repo_group_id", Integer(), ForeignKey("groups.group_id"), nullable=True, unique=None, default=None)
5095 5095
5096 5096 user = relationship("User")
5097 5097
5098 5098 repository = relationship("Repository")
5099 5099 repository_group = relationship("RepoGroup")
5100 5100
5101 5101 @classmethod
5102 5102 def get_by_position_for_user(cls, position, user_id):
5103 5103 return cls.query() \
5104 5104 .filter(UserBookmark.user_id == user_id) \
5105 5105 .filter(UserBookmark.position == position).scalar()
5106 5106
5107 5107 @classmethod
5108 5108 def get_bookmarks_for_user(cls, user_id):
5109 5109 return cls.query() \
5110 5110 .filter(UserBookmark.user_id == user_id) \
5111 5111 .options(joinedload(UserBookmark.repository)) \
5112 5112 .options(joinedload(UserBookmark.repository_group)) \
5113 5113 .order_by(UserBookmark.position.asc()) \
5114 5114 .all()
5115 5115
5116 5116 def __unicode__(self):
5117 5117 return u'<UserBookmark(%s @ %r)>' % (self.position, self.redirect_url)
5118 5118
5119 5119
5120 5120 class FileStore(Base, BaseModel):
5121 5121 __tablename__ = 'file_store'
5122 5122 __table_args__ = (
5123 5123 base_table_args
5124 5124 )
5125 5125
5126 5126 file_store_id = Column('file_store_id', Integer(), primary_key=True)
5127 5127 file_uid = Column('file_uid', String(1024), nullable=False)
5128 5128 file_display_name = Column('file_display_name', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), nullable=True)
5129 5129 file_description = Column('file_description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=True)
5130 5130 file_org_name = Column('file_org_name', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=False)
5131 5131
5132 5132 # sha256 hash
5133 5133 file_hash = Column('file_hash', String(512), nullable=False)
5134 5134 file_size = Column('file_size', BigInteger(), nullable=False)
5135 5135
5136 5136 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5137 5137 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True)
5138 5138 accessed_count = Column('accessed_count', Integer(), default=0)
5139 5139
5140 5140 enabled = Column('enabled', Boolean(), nullable=False, default=True)
5141 5141
5142 5142 # if repo/repo_group reference is set, check for permissions
5143 5143 check_acl = Column('check_acl', Boolean(), nullable=False, default=True)
5144 5144
5145 5145 # hidden defines an attachment that should be hidden from showing in artifact listing
5146 5146 hidden = Column('hidden', Boolean(), nullable=False, default=False)
5147 5147
5148 5148 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
5149 5149 upload_user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.user_id')
5150 5150
5151 5151 file_metadata = relationship('FileStoreMetadata', lazy='joined')
5152 5152
5153 5153 # scope limited to user, which requester have access to
5154 5154 scope_user_id = Column(
5155 5155 'scope_user_id', Integer(), ForeignKey('users.user_id'),
5156 5156 nullable=True, unique=None, default=None)
5157 5157 user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.scope_user_id')
5158 5158
5159 5159 # scope limited to user group, which requester have access to
5160 5160 scope_user_group_id = Column(
5161 5161 'scope_user_group_id', Integer(), ForeignKey('users_groups.users_group_id'),
5162 5162 nullable=True, unique=None, default=None)
5163 5163 user_group = relationship('UserGroup', lazy='joined')
5164 5164
5165 5165 # scope limited to repo, which requester have access to
5166 5166 scope_repo_id = Column(
5167 5167 'scope_repo_id', Integer(), ForeignKey('repositories.repo_id'),
5168 5168 nullable=True, unique=None, default=None)
5169 5169 repo = relationship('Repository', lazy='joined')
5170 5170
5171 5171 # scope limited to repo group, which requester have access to
5172 5172 scope_repo_group_id = Column(
5173 5173 'scope_repo_group_id', Integer(), ForeignKey('groups.group_id'),
5174 5174 nullable=True, unique=None, default=None)
5175 5175 repo_group = relationship('RepoGroup', lazy='joined')
5176 5176
5177 5177 @classmethod
5178 5178 def get_by_store_uid(cls, file_store_uid):
5179 5179 return FileStore.query().filter(FileStore.file_uid == file_store_uid).scalar()
5180 5180
5181 5181 @classmethod
5182 5182 def create(cls, file_uid, filename, file_hash, file_size, file_display_name='',
5183 5183 file_description='', enabled=True, hidden=False, check_acl=True,
5184 5184 user_id=None, scope_user_id=None, scope_repo_id=None, scope_repo_group_id=None):
5185 5185
5186 5186 store_entry = FileStore()
5187 5187 store_entry.file_uid = file_uid
5188 5188 store_entry.file_display_name = file_display_name
5189 5189 store_entry.file_org_name = filename
5190 5190 store_entry.file_size = file_size
5191 5191 store_entry.file_hash = file_hash
5192 5192 store_entry.file_description = file_description
5193 5193
5194 5194 store_entry.check_acl = check_acl
5195 5195 store_entry.enabled = enabled
5196 5196 store_entry.hidden = hidden
5197 5197
5198 5198 store_entry.user_id = user_id
5199 5199 store_entry.scope_user_id = scope_user_id
5200 5200 store_entry.scope_repo_id = scope_repo_id
5201 5201 store_entry.scope_repo_group_id = scope_repo_group_id
5202 5202
5203 5203 return store_entry
5204 5204
5205 5205 @classmethod
5206 5206 def store_metadata(cls, file_store_id, args, commit=True):
5207 5207 file_store = FileStore.get(file_store_id)
5208 5208 if file_store is None:
5209 5209 return
5210 5210
5211 5211 for section, key, value, value_type in args:
5212 5212 has_key = FileStoreMetadata().query() \
5213 5213 .filter(FileStoreMetadata.file_store_id == file_store.file_store_id) \
5214 5214 .filter(FileStoreMetadata.file_store_meta_section == section) \
5215 5215 .filter(FileStoreMetadata.file_store_meta_key == key) \
5216 5216 .scalar()
5217 5217 if has_key:
5218 5218 msg = 'key `{}` already defined under section `{}` for this file.'\
5219 5219 .format(key, section)
5220 5220 raise ArtifactMetadataDuplicate(msg, err_section=section, err_key=key)
5221 5221
5222 5222 # NOTE(marcink): raises ArtifactMetadataBadValueType
5223 5223 FileStoreMetadata.valid_value_type(value_type)
5224 5224
5225 5225 meta_entry = FileStoreMetadata()
5226 5226 meta_entry.file_store = file_store
5227 5227 meta_entry.file_store_meta_section = section
5228 5228 meta_entry.file_store_meta_key = key
5229 5229 meta_entry.file_store_meta_value_type = value_type
5230 5230 meta_entry.file_store_meta_value = value
5231 5231
5232 5232 Session().add(meta_entry)
5233 5233
5234 5234 try:
5235 5235 if commit:
5236 5236 Session().commit()
5237 5237 except IntegrityError:
5238 5238 Session().rollback()
5239 5239 raise ArtifactMetadataDuplicate('Duplicate section/key found for this file.')
5240 5240
5241 5241 @classmethod
5242 5242 def bump_access_counter(cls, file_uid, commit=True):
5243 5243 FileStore().query()\
5244 5244 .filter(FileStore.file_uid == file_uid)\
5245 5245 .update({FileStore.accessed_count: (FileStore.accessed_count + 1),
5246 5246 FileStore.accessed_on: datetime.datetime.now()})
5247 5247 if commit:
5248 5248 Session().commit()
5249 5249
5250 5250 def __json__(self):
5251 5251 data = {
5252 5252 'filename': self.file_display_name,
5253 5253 'filename_org': self.file_org_name,
5254 5254 'file_uid': self.file_uid,
5255 5255 'description': self.file_description,
5256 5256 'hidden': self.hidden,
5257 5257 'size': self.file_size,
5258 5258 'created_on': self.created_on,
5259 5259 'uploaded_by': self.upload_user.get_api_data(details='basic'),
5260 5260 'downloaded_times': self.accessed_count,
5261 5261 'sha256': self.file_hash,
5262 5262 'metadata': self.file_metadata,
5263 5263 }
5264 5264
5265 5265 return data
5266 5266
5267 5267 def __repr__(self):
5268 5268 return '<FileStore({})>'.format(self.file_store_id)
5269 5269
5270 5270
5271 5271 class FileStoreMetadata(Base, BaseModel):
5272 5272 __tablename__ = 'file_store_metadata'
5273 5273 __table_args__ = (
5274 UniqueConstraint('file_store_id', 'file_store_meta_section', 'file_store_meta_key'),
5275 Index('file_store_meta_section_idx', 'file_store_meta_section'),
5276 Index('file_store_meta_key_idx', 'file_store_meta_key'),
5274 UniqueConstraint('file_store_id', 'file_store_meta_section_hash', 'file_store_meta_key_hash'),
5275 Index('file_store_meta_section_idx', 'file_store_meta_section', mysql_length=255),
5276 Index('file_store_meta_key_idx', 'file_store_meta_key', mysql_length=255),
5277 5277 base_table_args
5278 5278 )
5279 5279 SETTINGS_TYPES = {
5280 5280 'str': safe_str,
5281 5281 'int': safe_int,
5282 5282 'unicode': safe_unicode,
5283 5283 'bool': str2bool,
5284 5284 'list': functools.partial(aslist, sep=',')
5285 5285 }
5286 5286
5287 5287 file_store_meta_id = Column(
5288 5288 "file_store_meta_id", Integer(), nullable=False, unique=True, default=None,
5289 5289 primary_key=True)
5290 file_store_meta_section = Column(
5290 _file_store_meta_section = Column(
5291 5291 "file_store_meta_section", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5292 5292 nullable=True, unique=None, default=None)
5293 file_store_meta_key = Column(
5293 _file_store_meta_section_hash = Column(
5294 "file_store_meta_section_hash", String(255),
5295 nullable=True, unique=None, default=None)
5296 _file_store_meta_key = Column(
5294 5297 "file_store_meta_key", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5295 5298 nullable=True, unique=None, default=None)
5299 _file_store_meta_key_hash = Column(
5300 "file_store_meta_key_hash", String(255), nullable=True, unique=None, default=None)
5296 5301 _file_store_meta_value = Column(
5297 5302 "file_store_meta_value", UnicodeText().with_variant(UnicodeText(20480), 'mysql'),
5298 5303 nullable=True, unique=None, default=None)
5299 5304 _file_store_meta_value_type = Column(
5300 5305 "file_store_meta_value_type", String(255), nullable=True, unique=None,
5301 5306 default='unicode')
5302 5307
5303 5308 file_store_id = Column(
5304 5309 'file_store_id', Integer(), ForeignKey('file_store.file_store_id'),
5305 5310 nullable=True, unique=None, default=None)
5306 5311
5307 5312 file_store = relationship('FileStore', lazy='joined')
5308 5313
5309 5314 @classmethod
5310 5315 def valid_value_type(cls, value):
5311 5316 if value.split('.')[0] not in cls.SETTINGS_TYPES:
5312 5317 raise ArtifactMetadataBadValueType(
5313 5318 'value_type must be one of %s got %s' % (cls.SETTINGS_TYPES.keys(), value))
5314 5319
5315 5320 @hybrid_property
5321 def file_store_meta_section(self):
5322 return self._file_store_meta_section
5323
5324 @file_store_meta_section.setter
5325 def file_store_meta_section(self, value):
5326 self._file_store_meta_section = value
5327 self._file_store_meta_section_hash = _hash_key(value)
5328
5329 @hybrid_property
5330 def file_store_meta_key(self):
5331 return self._file_store_meta_key
5332
5333 @file_store_meta_key.setter
5334 def file_store_meta_key(self, value):
5335 self._file_store_meta_key = value
5336 self._file_store_meta_key_hash = _hash_key(value)
5337
5338 @hybrid_property
5316 5339 def file_store_meta_value(self):
5317 5340 val = self._file_store_meta_value
5318 5341
5319 5342 if self._file_store_meta_value_type:
5320 5343 # e.g unicode.encrypted == unicode
5321 5344 _type = self._file_store_meta_value_type.split('.')[0]
5322 5345 # decode the encrypted value if it's encrypted field type
5323 5346 if '.encrypted' in self._file_store_meta_value_type:
5324 5347 cipher = EncryptedTextValue()
5325 5348 val = safe_unicode(cipher.process_result_value(val, None))
5326 5349 # do final type conversion
5327 5350 converter = self.SETTINGS_TYPES.get(_type) or self.SETTINGS_TYPES['unicode']
5328 5351 val = converter(val)
5329 5352
5330 5353 return val
5331 5354
5332 5355 @file_store_meta_value.setter
5333 5356 def file_store_meta_value(self, val):
5334 5357 val = safe_unicode(val)
5335 5358 # encode the encrypted value
5336 5359 if '.encrypted' in self.file_store_meta_value_type:
5337 5360 cipher = EncryptedTextValue()
5338 5361 val = safe_unicode(cipher.process_bind_param(val, None))
5339 5362 self._file_store_meta_value = val
5340 5363
5341 5364 @hybrid_property
5342 5365 def file_store_meta_value_type(self):
5343 5366 return self._file_store_meta_value_type
5344 5367
5345 5368 @file_store_meta_value_type.setter
5346 5369 def file_store_meta_value_type(self, val):
5347 5370 # e.g unicode.encrypted
5348 5371 self.valid_value_type(val)
5349 5372 self._file_store_meta_value_type = val
5350 5373
5351 5374 def __json__(self):
5352 5375 data = {
5353 5376 'artifact': self.file_store.file_uid,
5354 5377 'section': self.file_store_meta_section,
5355 5378 'key': self.file_store_meta_key,
5356 5379 'value': self.file_store_meta_value,
5357 5380 }
5358 5381
5359 5382 return data
5360 5383
5361 5384 def __repr__(self):
5362 5385 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.file_store_meta_section,
5363 5386 self.file_store_meta_key, self.file_store_meta_value)
5364 5387
5365 5388
5366 5389 class DbMigrateVersion(Base, BaseModel):
5367 5390 __tablename__ = 'db_migrate_version'
5368 5391 __table_args__ = (
5369 5392 base_table_args,
5370 5393 )
5371 5394
5372 5395 repository_id = Column('repository_id', String(250), primary_key=True)
5373 5396 repository_path = Column('repository_path', Text)
5374 5397 version = Column('version', Integer)
5375 5398
5376 5399 @classmethod
5377 5400 def set_version(cls, version):
5378 5401 """
5379 5402 Helper for forcing a different version, usually for debugging purposes via ishell.
5380 5403 """
5381 5404 ver = DbMigrateVersion.query().first()
5382 5405 ver.version = version
5383 5406 Session().commit()
5384 5407
5385 5408
5386 5409 class DbSession(Base, BaseModel):
5387 5410 __tablename__ = 'db_session'
5388 5411 __table_args__ = (
5389 5412 base_table_args,
5390 5413 )
5391 5414
5392 5415 def __repr__(self):
5393 5416 return '<DB:DbSession({})>'.format(self.id)
5394 5417
5395 5418 id = Column('id', Integer())
5396 5419 namespace = Column('namespace', String(255), primary_key=True)
5397 5420 accessed = Column('accessed', DateTime, nullable=False)
5398 5421 created = Column('created', DateTime, nullable=False)
5399 5422 data = Column('data', PickleType, nullable=False)
General Comments 0
You need to be logged in to leave comments. Login now