rhodecode-enterprise-ce Commit - r5357:947712ef

Updated with a latest changes.

ilin.s -

r5357:947712ef default

parent child

configs/development.ini

0 +2 -2

             ; #########################################
             ; RHODECODE COMMUNITY EDITION CONFIGURATION
             ; #########################################
             [DEFAULT]
             ; Debug flag sets all loggers to debug, and enables request tracking
             debug = true
             ; ########################################################################
             ; EMAIL CONFIGURATION
             ; These settings will be used by the RhodeCode mailing system
             ; ########################################################################
             ; prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ; email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
             ; COMMON HOST/IP CONFIG, This applies mostly to develop setup,
             ; Host port for gunicorn are controlled by gunicorn_conf.py
             host = 127.0.0.1
             port = 10020
             ; ##################################################
             ; WAITRESS WSGI SERVER - Recommended for Development
             ; ##################################################
             ; use server type
             use = egg:waitress#main
             ; number of worker threads
             threads = 5
             ; MAX BODY SIZE 100GB
             max_request_body_size = 107374182400
             ; Use poll instead of select, fixes file descriptors limits problems.
             ; May not work on old windows systems.
             asyncore_use_poll = true
             ; ###########################
             ; GUNICORN APPLICATION SERVER
             ; ###########################
             ; run with gunicorn --paste rhodecode.ini --config gunicorn_conf.py
             ; Module to use, this setting shouldn't be changed
             #use = egg:gunicorn#main
             ; Prefix middleware for RhodeCode.
             ; recommended when using proxy setup.
             ; allows to set RhodeCode under a prefix in server.
             ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ; And set your prefix like: `prefix = /custom_prefix`
             ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ; to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ; The %(here)s variable will be replaced with the absolute path of parent directory
             ; of this file
             ; Each option in the app:main can be override by an environmental variable
             ;
             ;To override an option:
             ;
             ;RC_<KeyName>
             ;Everything should be uppercase, . and - should be replaced by _.
             ;For example, if you have these configuration settings:
             ;rc_cache.repo_object.backend = foo
             ;can be overridden by
             ;export RC_CACHE_REPO_OBJECT_BACKEND=foo
             use = egg:rhodecode-enterprise-ce
             ; enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ; #############
             ; DEBUG OPTIONS
             ; #############
             pyramid.reload_templates = true
             # During development the we want to have the debug toolbar enabled
             pyramid.includes =
                 pyramid_debugtoolbar
             debugtoolbar.hosts = 0.0.0.0/0
             debugtoolbar.exclude_prefixes =
                 /css
                 /fonts
                 /images
                 /js
             ## RHODECODE PLUGINS ##
             rhodecode.includes =
                 rhodecode.api
             # api prefix url
             rhodecode.api.url = /_admin/api
             ; enable debug style page
             debug_style = true
             ; #################
             ; END DEBUG OPTIONS
             ; #################
             ; encryption key used to encrypt social plugin tokens,
             ; remote_urls with credentials etc, if not set it defaults to
             ; `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ; decryption strict mode (enabled by default). It controls if decryption raises
             ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ; fernet is safer, and we strongly recommend switching to it.
             ; Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ; Return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ; Auto-generate javascript routes file on startup
             generate_js_files = false
             ; System global default language.
             ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ; Perform a full repository scan and import on each server start.
             ; Settings this to true could lead to very long startup time.
             startup.import_repos = false
             ; URL at which the application is running. This is used for Bootstrapping
             ; requests in context when no web request is available. Used in ishell, or
             ; SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ; Host at which the Service API is running.
             app.service_api.host = http://rhodecode.local:10020
             ; Secret for Service API authentication.
             app.service_api.token =
             ; Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ; Cut off limit for large diffs (size in bytes). If overall diff size on
             ; commit, or pull request exceeds this limit this diff will be displayed
             ; partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 512000
             ; Cut off limit for large files inside diffs (size in bytes). Each individual
             ; file inside diff which exceeds this limit will be displayed partially.
             ;  E.g 128000 == 128Kb
             cut_off_limit_file = 128000
             ; Use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = true
             ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
             force_https = false
             ; use Strict-Transport-Security headers
             use_htsts = false
             ; Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ; RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ; gist URL alias, used to create nicer urls for gist. This should be an
             ; url that does rewrites to _admin/gists/{gistid}.
             ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ; List of views (using glob pattern syntax) that AUTH TOKENS could be
             ; used for access.
             ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ; came from the the logged in user who own this authentication token.
             ; Additionally @TOKEN syntax can be used to bound the view to specific
             ; authentication token. Such view would be only accessible when used together
             ; with this authentication token
             ; list of all views can be found under `/_admin/permissions/auth_token_access`
             ; The list should be "," separated and on a single line.
             ; Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ; Default encoding used to convert from and to unicode
             ; can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ; instance-id prefix
             ; a prefix key for this instance used for cache invalidation when running
             ; multiple instances of RhodeCode, make sure it's globally unique for
             ; all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ; Fallback authentication plugin. Set this to a plugin ID to force the usage
             ; of an authentication plugin also if it is disabled by it's settings.
             ; This could be useful if you are unable to log in to the system due to broken
             ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ; module to log in again and fix the settings.
             ; Available builtin plugin IDs (hash is part of the ID):
             ; egg:rhodecode-enterprise-ce#rhodecode
             ; egg:rhodecode-enterprise-ce#pam
             ; egg:rhodecode-enterprise-ce#ldap
             ; egg:rhodecode-enterprise-ce#jasig_cas
             ; egg:rhodecode-enterprise-ce#headers
             ; egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ; Flag to control loading of legacy plugins in py:/path format
             auth_plugin.import_legacy_plugins = true
             ; alternative return HTTP header for failed authentication. Default HTTP
             ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ; handling that causing a series of failed authentication calls.
             ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ; This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ; use special detection method when serving auth_ret_code, instead of serving
             ; ret_code directly, use 401 initially (Which triggers credentials prompt)
             ; and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ; locking return code. When repository is locked return this HTTP code. 2XX
             ; codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
-            ; allows to change the repository location in settings page
+            ; Filesystem location were repositories should be stored
-            allow_repo_location_change = true
+            repo_store.path = /var/opt/rhodecode_repo_store
             ; allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ; Generated license token required for EE edition license.
             ; New generated token value can be found in Admin > settings > license page.
             license_token =
             ; This flag hides sensitive information on the license page such as token, and license data
             license.hide_license_info = false
             ; supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ; supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = dev
             ; Display extended labs settings
             labs_settings_active = true
             ; Custom exception store path, defaults to TMPDIR
             ; This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ; Send email with exception details when it happens
             #exception_tracker.send_email = false
             ; Comma separated list of recipients for exception emails,
             ; e.g admin@rhodecode.com,devops@rhodecode.com
             ; Can be left empty, then emails will be sent to ALL super-admins
             #exception_tracker.send_email_recipients =
             ; optional prefix to Add to email Subject
             #exception_tracker.email_prefix = [RHODECODE ERROR]
             ; File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ; Storage backend, available options are: local
             file_store.backend = local
             ; path to store the uploaded binaries
             file_store.storage_path = /var/opt/rhodecode_data/file_store
             ; Uncomment and set this path to control settings for archive download cache.
             ; Generated repo archives will be cached at this location
             ; and served from the cache during subsequent requests for the same archive of
             ; the repository. This path is important to be shared across filesystems and with
             ; RhodeCode and vcsserver
             ; Default is $cache_dir/archive_cache if not set
             archive_cache.store_dir = /var/opt/rhodecode_data/tarballcache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
             archive_cache.cache_size_gb = 10
             ; By default cache uses sharding technique, this specifies how many shards are there
             archive_cache.cache_shards = 10
             ; #############
             ; CELERY CONFIG
             ; #############
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = true
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; connection url to the message broker (default redis)
             celery.broker_url = redis://redis:6379/8
             ; results backend to get results for (default redis)
             celery.result_backend = redis://redis:6379/8
             ; rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ; maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 20
             ; tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             ; #############
             ; DOGPILE CACHE
             ; #############
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
             cache_dir = /var/opt/rhodecode_data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; Only supported backend is `memory_lru`
             ; *********************************************
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 30
             ; *****************************************************
             ; `cache_repo_longterm` cache for repo object instances
             ; Only supported backend is `memory_lru`
             ; *****************************************************
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ; by default we use 30 Days, cache is still invalidated on push
             rc_cache.cache_repo_longterm.expiration_time = 2592000
             ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
             rc_cache.cache_repo_longterm.max_size = 10000
             ; *********************************************
             ; `cache_general` cache for general purpose use
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *********************************************
             rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_general.expiration_time = 43200
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_general.arguments.filename = /tmp/cache_general_db
             ; alternative `cache_general` redis backend with distributed lock
             #rc_cache.cache_general.backend = dogpile.cache.rc.redis
             #rc_cache.cache_general.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_general.arguments.redis_expiration_time = 7200
             #rc_cache.cache_general.arguments.host = localhost
             #rc_cache.cache_general.arguments.port = 6379
             #rc_cache.cache_general.arguments.db = 0
             #rc_cache.cache_general.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_general.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_general.arguments.lock_auto_renewal = true
             ; *************************************************
             ; `cache_perms` cache for permission tree, auth TTL
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *************************************************
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 3600
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_perms.arguments.filename = /tmp/cache_perms_db
             ; alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_perms.arguments.lock_auto_renewal = true
             ; ***************************************************
             ; `cache_repo` cache for file tree, Readme, RSS FEEDS
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; ***************************************************
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_repo.arguments.filename = /tmp/cache_repo_db
             ; alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_repo.arguments.lock_auto_renewal = true
             ; ##############
             ; BEAKER SESSION
             ; ##############
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached
             ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
             #beaker.session.type = file
             #beaker.session.data_dir = %(here)s/data/sessions
             ; Redis based sessions
             beaker.session.type = ext:redis
             beaker.session.url = redis://redis:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = develop-rc-uytcxaz
             beaker.session.lock_dir = /data_ramdisk/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ; Sets session as invalid (also logging out user) if it haven not been
             ; accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ; Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ; Set https secure cookie
             beaker.session.secure = false
             ; default cookie expiration time in seconds, set to `true` to set expire
             ; at browser close
             #beaker.session.cookie_expires = 3600
             ; #############################
             ; SEARCH INDEXING CONFIGURATION
             ; #############################
             ; Full text search indexer is available in rhodecode-tools under
             ; `rhodecode-tools index` command
             ; WHOOSH Backend, doesn't require additional services to run
             ; it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ; ####################
             ; CHANNELSTREAM CONFIG
             ; ####################
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
             channelstream.enabled = true
             ; server address for channelstream server on the backend
             channelstream.server = channelstream:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = ENV_GENERATED
             channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ; ##############################
             ; MAIN RHODECODE DATABASE CONFIG
             ; ##############################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             ; pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             ; see sqlalchemy docs for other advanced settings
             ; print the sql statements to output
             sqlalchemy.db1.echo = false
             ; recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ; the number of connections to keep open inside the connection pool.
             ; 0 indicates no limit
             ; the general calculus with gevent is:
             ; if your system allows 500 concurrent greenlets (max_connections) that all do database access,
             ; then increase pool size + max overflow so that they add up to 500.
             #sqlalchemy.db1.pool_size = 5
             ; The number of connections to allow in connection pool "overflow", that is
             ; connections that can be opened above and beyond the pool_size setting,
             ; which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ; Connection check ping, used to detect broken database connections
             ; could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ; ##########
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
             vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ; Push/Pull operations protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ; Push/Pull operations hooks protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.hooks.protocol = http
             ; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be
             ; accessible via network.
             ; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)
             vcs.hooks.host = *
             ; Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ; List of enabled VCS backends, available options are:
             ; `hg`  - mercurial
             ; `git` - git
             ; `svn` - subversion
             vcs.backends = hg, git, svn
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
             ; Cache flag to cache vcsserver remote calls locally
             ; It uses cache_region `cache_repo`
             vcs.methods.cache = true
             ; ####################################################
             ; Subversion proxy support (mod_dav_svn)
             ; Maps RhodeCode repo groups into SVN paths for Apache
             ; ####################################################
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = 1.8
             ; Enable SVN proxy of requests over HTTP
             vcs.svn.proxy.enabled = true
             ; host to connect to running SVN subsystem
             vcs.svn.proxy.host = http://svn:8090
             ; Enable or disable the config file generation.
             svn.proxy.generate_config = true
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
             svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ; Used as a prefix to the `Location` block in the generated config file.
             ; In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ; Command to reload the mod dav svn configuration on change.
             ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ; Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ; If the timeout expires before the reload command finishes, the command will
             ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ; ####################
             ; SSH Support Settings
             ; ####################
             ; Defines if a custom authorized_keys file should be created and written on
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
             ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
             ; e.g /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Enables logging, and detailed output send back to the client during SSH
             ; operations. Useful for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = true
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
             ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
             ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
             ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
             ; Statsd client config, this is used to send metrics to statsd
             ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false
             #statsd.statsd_host = 0.0.0.0
             #statsd.statsd_port = 8125
             #statsd.statsd_prefix =
             #statsd.statsd_ipv6 = false
             ; configure logging automatically at server startup set to false
             ; to use the below custom logging config.
             ; RC_LOGGING_FORMATTER
             ; RC_LOGGING_LEVEL
             ; env variables can control the settings for logging in case of autoconfigure
             #logging.autoconfigure = true
             ; specify your own custom logging config file to configure logging
             #logging.logging_conf_file = /path/to/custom_logging.ini
             ; Dummy marker to add new entries after.
             ; Add any custom entries below. Please don't remove this marker.
             custom.conf = 1
             ; #####################
             ; LOGGING CONFIGURATION
             ; #####################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, json, color_formatter, color_formatter_sql
             ; #######
             ; LOGGERS
             ; #######
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ; ########
             ; HANDLERS
             ; ########
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = DEBUG
             ; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = color_formatter
             [handler_console_sql]
             ; "level = DEBUG" logs SQL queries and results.
             ; "level = INFO" logs SQL queries.
             ; "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             ; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = color_formatter_sql
             ; ##########
             ; FORMATTERS
             ; ##########
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_json]
             format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s
             class = rhodecode.lib._vendor.jsonlogger.JsonFormatter

configs/production.ini

0 +2 -2

             ; #########################################
             ; RHODECODE COMMUNITY EDITION CONFIGURATION
             ; #########################################
             [DEFAULT]
             ; Debug flag sets all loggers to debug, and enables request tracking
             debug = false
             ; ########################################################################
             ; EMAIL CONFIGURATION
             ; These settings will be used by the RhodeCode mailing system
             ; ########################################################################
             ; prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ; email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
             ; COMMON HOST/IP CONFIG, This applies mostly to develop setup,
             ; Host port for gunicorn are controlled by gunicorn_conf.py
             host = 127.0.0.1
             port = 10020
             ; ###########################
             ; GUNICORN APPLICATION SERVER
             ; ###########################
             ; run with gunicorn --paste rhodecode.ini --config gunicorn_conf.py
             ; Module to use, this setting shouldn't be changed
             use = egg:gunicorn#main
             ; Prefix middleware for RhodeCode.
             ; recommended when using proxy setup.
             ; allows to set RhodeCode under a prefix in server.
             ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ; And set your prefix like: `prefix = /custom_prefix`
             ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ; to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ; The %(here)s variable will be replaced with the absolute path of parent directory
             ; of this file
             ; Each option in the app:main can be override by an environmental variable
             ;
             ;To override an option:
             ;
             ;RC_<KeyName>
             ;Everything should be uppercase, . and - should be replaced by _.
             ;For example, if you have these configuration settings:
             ;rc_cache.repo_object.backend = foo
             ;can be overridden by
             ;export RC_CACHE_REPO_OBJECT_BACKEND=foo
             use = egg:rhodecode-enterprise-ce
             ; enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ; encryption key used to encrypt social plugin tokens,
             ; remote_urls with credentials etc, if not set it defaults to
             ; `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ; decryption strict mode (enabled by default). It controls if decryption raises
             ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ; fernet is safer, and we strongly recommend switching to it.
             ; Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ; Return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ; Auto-generate javascript routes file on startup
             generate_js_files = false
             ; System global default language.
             ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ; Perform a full repository scan and import on each server start.
             ; Settings this to true could lead to very long startup time.
             startup.import_repos = false
             ; URL at which the application is running. This is used for Bootstrapping
             ; requests in context when no web request is available. Used in ishell, or
             ; SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ; Host at which the Service API is running.
             app.service_api.host = http://rhodecode.local:10020
             ; Secret for Service API authentication.
             app.service_api.token =
             ; Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ; Cut off limit for large diffs (size in bytes). If overall diff size on
             ; commit, or pull request exceeds this limit this diff will be displayed
             ; partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 512000
             ; Cut off limit for large files inside diffs (size in bytes). Each individual
             ; file inside diff which exceeds this limit will be displayed partially.
             ;  E.g 128000 == 128Kb
             cut_off_limit_file = 128000
             ; Use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = true
             ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
             force_https = false
             ; use Strict-Transport-Security headers
             use_htsts = false
             ; Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ; RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ; gist URL alias, used to create nicer urls for gist. This should be an
             ; url that does rewrites to _admin/gists/{gistid}.
             ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ; List of views (using glob pattern syntax) that AUTH TOKENS could be
             ; used for access.
             ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ; came from the the logged in user who own this authentication token.
             ; Additionally @TOKEN syntax can be used to bound the view to specific
             ; authentication token. Such view would be only accessible when used together
             ; with this authentication token
             ; list of all views can be found under `/_admin/permissions/auth_token_access`
             ; The list should be "," separated and on a single line.
             ; Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ; Default encoding used to convert from and to unicode
             ; can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ; instance-id prefix
             ; a prefix key for this instance used for cache invalidation when running
             ; multiple instances of RhodeCode, make sure it's globally unique for
             ; all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ; Fallback authentication plugin. Set this to a plugin ID to force the usage
             ; of an authentication plugin also if it is disabled by it's settings.
             ; This could be useful if you are unable to log in to the system due to broken
             ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ; module to log in again and fix the settings.
             ; Available builtin plugin IDs (hash is part of the ID):
             ; egg:rhodecode-enterprise-ce#rhodecode
             ; egg:rhodecode-enterprise-ce#pam
             ; egg:rhodecode-enterprise-ce#ldap
             ; egg:rhodecode-enterprise-ce#jasig_cas
             ; egg:rhodecode-enterprise-ce#headers
             ; egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ; Flag to control loading of legacy plugins in py:/path format
             auth_plugin.import_legacy_plugins = true
             ; alternative return HTTP header for failed authentication. Default HTTP
             ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ; handling that causing a series of failed authentication calls.
             ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ; This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ; use special detection method when serving auth_ret_code, instead of serving
             ; ret_code directly, use 401 initially (Which triggers credentials prompt)
             ; and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ; locking return code. When repository is locked return this HTTP code. 2XX
             ; codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
-            ; allows to change the repository location in settings page
+            ; Filesystem location were repositories should be stored
-            allow_repo_location_change = true
+            repo_store.path = /var/opt/rhodecode_repo_store
             ; allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ; Generated license token required for EE edition license.
             ; New generated token value can be found in Admin > settings > license page.
             license_token =
             ; This flag hides sensitive information on the license page such as token, and license data
             license.hide_license_info = false
             ; supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ; supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = prod
             ; Display extended labs settings
             labs_settings_active = true
             ; Custom exception store path, defaults to TMPDIR
             ; This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ; Send email with exception details when it happens
             #exception_tracker.send_email = false
             ; Comma separated list of recipients for exception emails,
             ; e.g admin@rhodecode.com,devops@rhodecode.com
             ; Can be left empty, then emails will be sent to ALL super-admins
             #exception_tracker.send_email_recipients =
             ; optional prefix to Add to email Subject
             #exception_tracker.email_prefix = [RHODECODE ERROR]
             ; File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ; Storage backend, available options are: local
             file_store.backend = local
             ; path to store the uploaded binaries
             file_store.storage_path = /var/opt/rhodecode_data/file_store
             ; Uncomment and set this path to control settings for archive download cache.
             ; Generated repo archives will be cached at this location
             ; and served from the cache during subsequent requests for the same archive of
             ; the repository. This path is important to be shared across filesystems and with
             ; RhodeCode and vcsserver
             ; Default is $cache_dir/archive_cache if not set
             archive_cache.store_dir = /var/opt/rhodecode_data/tarballcache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
             archive_cache.cache_size_gb = 40
             ; By default cache uses sharding technique, this specifies how many shards are there
             archive_cache.cache_shards = 4
             ; #############
             ; CELERY CONFIG
             ; #############
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = true
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; connection url to the message broker (default redis)
             celery.broker_url = redis://redis:6379/8
             ; results backend to get results for (default redis)
             celery.result_backend = redis://redis:6379/8
             ; rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ; maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 20
             ; tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             ; #############
             ; DOGPILE CACHE
             ; #############
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
             cache_dir = /var/opt/rhodecode_data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; Only supported backend is `memory_lru`
             ; *********************************************
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 30
             ; *****************************************************
             ; `cache_repo_longterm` cache for repo object instances
             ; Only supported backend is `memory_lru`
             ; *****************************************************
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ; by default we use 30 Days, cache is still invalidated on push
             rc_cache.cache_repo_longterm.expiration_time = 2592000
             ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
             rc_cache.cache_repo_longterm.max_size = 10000
             ; *********************************************
             ; `cache_general` cache for general purpose use
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *********************************************
             rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_general.expiration_time = 43200
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_general.arguments.filename = /tmp/cache_general_db
             ; alternative `cache_general` redis backend with distributed lock
             #rc_cache.cache_general.backend = dogpile.cache.rc.redis
             #rc_cache.cache_general.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_general.arguments.redis_expiration_time = 7200
             #rc_cache.cache_general.arguments.host = localhost
             #rc_cache.cache_general.arguments.port = 6379
             #rc_cache.cache_general.arguments.db = 0
             #rc_cache.cache_general.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_general.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_general.arguments.lock_auto_renewal = true
             ; *************************************************
             ; `cache_perms` cache for permission tree, auth TTL
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *************************************************
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 3600
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_perms.arguments.filename = /tmp/cache_perms_db
             ; alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_perms.arguments.lock_auto_renewal = true
             ; ***************************************************
             ; `cache_repo` cache for file tree, Readme, RSS FEEDS
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; ***************************************************
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_repo.arguments.filename = /tmp/cache_repo_db
             ; alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_repo.arguments.lock_auto_renewal = true
             ; ##############
             ; BEAKER SESSION
             ; ##############
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached
             ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
             #beaker.session.type = file
             #beaker.session.data_dir = %(here)s/data/sessions
             ; Redis based sessions
             beaker.session.type = ext:redis
             beaker.session.url = redis://redis:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = production-rc-uytcxaz
             beaker.session.lock_dir = /data_ramdisk/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ; Sets session as invalid (also logging out user) if it haven not been
             ; accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ; Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ; Set https secure cookie
             beaker.session.secure = false
             ; default cookie expiration time in seconds, set to `true` to set expire
             ; at browser close
             #beaker.session.cookie_expires = 3600
             ; #############################
             ; SEARCH INDEXING CONFIGURATION
             ; #############################
             ; Full text search indexer is available in rhodecode-tools under
             ; `rhodecode-tools index` command
             ; WHOOSH Backend, doesn't require additional services to run
             ; it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ; ####################
             ; CHANNELSTREAM CONFIG
             ; ####################
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
             channelstream.enabled = true
             ; server address for channelstream server on the backend
             channelstream.server = channelstream:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = ENV_GENERATED
             channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ; ##############################
             ; MAIN RHODECODE DATABASE CONFIG
             ; ##############################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             ; pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             ; see sqlalchemy docs for other advanced settings
             ; print the sql statements to output
             sqlalchemy.db1.echo = false
             ; recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ; the number of connections to keep open inside the connection pool.
             ; 0 indicates no limit
             ; the general calculus with gevent is:
             ; if your system allows 500 concurrent greenlets (max_connections) that all do database access,
             ; then increase pool size + max overflow so that they add up to 500.
             #sqlalchemy.db1.pool_size = 5
             ; The number of connections to allow in connection pool "overflow", that is
             ; connections that can be opened above and beyond the pool_size setting,
             ; which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ; Connection check ping, used to detect broken database connections
             ; could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ; ##########
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
             vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ; Push/Pull operations protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ; Push/Pull operations hooks protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.hooks.protocol = http
             ; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be
             ; accessible via network.
             ; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)
             vcs.hooks.host = *
             ; Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ; List of enabled VCS backends, available options are:
             ; `hg`  - mercurial
             ; `git` - git
             ; `svn` - subversion
             vcs.backends = hg, git, svn
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
             ; Cache flag to cache vcsserver remote calls locally
             ; It uses cache_region `cache_repo`
             vcs.methods.cache = true
             ; ####################################################
             ; Subversion proxy support (mod_dav_svn)
             ; Maps RhodeCode repo groups into SVN paths for Apache
             ; ####################################################
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = 1.8
             ; Enable SVN proxy of requests over HTTP
             vcs.svn.proxy.enabled = true
             ; host to connect to running SVN subsystem
             vcs.svn.proxy.host = http://svn:8090
             ; Enable or disable the config file generation.
             svn.proxy.generate_config = true
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
             svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ; Used as a prefix to the `Location` block in the generated config file.
             ; In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ; Command to reload the mod dav svn configuration on change.
             ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ; Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ; If the timeout expires before the reload command finishes, the command will
             ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ; ####################
             ; SSH Support Settings
             ; ####################
             ; Defines if a custom authorized_keys file should be created and written on
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
             ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
             ; e.g /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Enables logging, and detailed output send back to the client during SSH
             ; operations. Useful for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = false
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
             ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
             ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
             ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
             ; Statsd client config, this is used to send metrics to statsd
             ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false
             #statsd.statsd_host = 0.0.0.0
             #statsd.statsd_port = 8125
             #statsd.statsd_prefix =
             #statsd.statsd_ipv6 = false
             ; configure logging automatically at server startup set to false
             ; to use the below custom logging config.
             ; RC_LOGGING_FORMATTER
             ; RC_LOGGING_LEVEL
             ; env variables can control the settings for logging in case of autoconfigure
             #logging.autoconfigure = true
             ; specify your own custom logging config file to configure logging
             #logging.logging_conf_file = /path/to/custom_logging.ini
             ; Dummy marker to add new entries after.
             ; Add any custom entries below. Please don't remove this marker.
             custom.conf = 1
             ; #####################
             ; LOGGING CONFIGURATION
             ; #####################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, json, color_formatter, color_formatter_sql
             ; #######
             ; LOGGERS
             ; #######
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ; ########
             ; HANDLERS
             ; ########
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = INFO
             ; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             [handler_console_sql]
             ; "level = DEBUG" logs SQL queries and results.
             ; "level = INFO" logs SQL queries.
             ; "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             ; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             ; ##########
             ; FORMATTERS
             ; ##########
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_json]
             format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s
             class = rhodecode.lib._vendor.jsonlogger.JsonFormatter

rhodecode/api/views/server_api.py

0 +2 -3

             # Copyright (C) 2011-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             import itertools
             import base64
             from rhodecode.api import (
                 jsonrpc_method, JSONRPCError, JSONRPCForbidden, find_methods)
             from rhodecode.api.utils import (
                 Optional, OAttr, has_superadmin_permission, get_user_or_error)
-            from rhodecode.lib.utils import repo2db_mapper
+            from rhodecode.lib.utils import repo2db_mapper, get_rhodecode_repo_store_path
             from rhodecode.lib import system_info
             from rhodecode.lib import user_sessions
             from rhodecode.lib import exc_tracking
             from rhodecode.lib.ext_json import json
             from rhodecode.lib.utils2 import safe_int
             from rhodecode.model.db import UserIpMap
             from rhodecode.model.scm import ScmModel
-            from rhodecode.model.settings import VcsSettingsModel
             from rhodecode.apps.file_store import utils
             from rhodecode.apps.file_store.exceptions import FileNotAllowedException, \
                 FileOverSizeException
             log = logging.getLogger(__name__)
             @jsonrpc_method()
             def get_server_info(request, apiuser):
                 """
                 Returns the |RCE| server information.
                 This includes the running version of |RCE| and all installed
                 packages. This command takes the following options:
                 :param apiuser: This is filled automatically from the |authtoken|.
                 :type apiuser: AuthUser
                 Example output:
                 .. code-block:: bash
                   id : <id_given_in_input>
                   result : {
                     'modules': [<module name>,...]
                     'py_version': <python version>,
                     'platform': <platform type>,
                     'rhodecode_version': <rhodecode version>
                   }
                   error :  null
                 """
                 if not has_superadmin_permission(apiuser):
                     raise JSONRPCForbidden()
                 server_info = ScmModel().get_server_info(request.environ)
                 # rhodecode-index requires those
                 server_info['index_storage'] = server_info['search']['value']['location']
                 server_info['storage'] = server_info['storage']['value']['path']
                 return server_info
             @jsonrpc_method()
             def get_repo_store(request, apiuser):
                 """
                 Returns the |RCE| repository storage information.
                 :param apiuser: This is filled automatically from the |authtoken|.
                 :type apiuser: AuthUser
                 Example output:
                 .. code-block:: bash
                   id : <id_given_in_input>
                   result : {
                     'modules': [<module name>,...]
                     'py_version': <python version>,
                     'platform': <platform type>,
                     'rhodecode_version': <rhodecode version>
                   }
                   error :  null
                 """
                 if not has_superadmin_permission(apiuser):
                     raise JSONRPCForbidden()
-                path = VcsSettingsModel().get_repos_location()
+                path = get_rhodecode_repo_store_path()
                 return {"path": path}
             @jsonrpc_method()
             def get_ip(request, apiuser, userid=Optional(OAttr('apiuser'))):
                 """
                 Displays the IP Address as seen from the |RCE| server.
                 * This command displays the IP Address, as well as all the defined IP
                   addresses for the specified user. If the ``userid`` is not set, the
                   data returned is for the user calling the method.
                 This command can only be run using an |authtoken| with admin rights to
                 the specified repository.
                 This command takes the following options:
                 :param apiuser: This is filled automatically from |authtoken|.
                 :type apiuser: AuthUser
                 :param userid: Sets the userid for which associated IP Address data
                     is returned.
                 :type userid: Optional(str or int)
                 Example output:
                 .. code-block:: bash
                     id : <id_given_in_input>
                     result : {
                                  "server_ip_addr": "<ip_from_clien>",
                                  "user_ips": [
                                                 {
                                                    "ip_addr": "<ip_with_mask>",
                                                    "ip_range": ["<start_ip>", "<end_ip>"],
                                                 },
                                                 ...
                                              ]
                     }
                 """
                 if not has_superadmin_permission(apiuser):
                     raise JSONRPCForbidden()
                 userid = Optional.extract(userid, evaluate_locals=locals())
                 userid = getattr(userid, 'user_id', userid)
                 user = get_user_or_error(userid)
                 ips = UserIpMap.query().filter(UserIpMap.user == user).all()
                 return {
                     'server_ip_addr': request.rpc_ip_addr,
                     'user_ips': ips
                 }
             @jsonrpc_method()
             def rescan_repos(request, apiuser, remove_obsolete=Optional(False)):
                 """
                 Triggers a rescan of the specified repositories.
                 * If the ``remove_obsolete`` option is set, it also deletes repositories
                   that are found in the database but not on the file system, so called
                   "clean zombies".
                 This command can only be run using an |authtoken| with admin rights to
                 the specified repository.
                 This command takes the following options:
                 :param apiuser: This is filled automatically from the |authtoken|.
                 :type apiuser: AuthUser
                 :param remove_obsolete: Deletes repositories from the database that
                     are not found on the filesystem.
                 :type remove_obsolete: Optional(``True`` | ``False``)
                 Example output:
                 .. code-block:: bash
                   id : <id_given_in_input>
                   result : {
                     'added': [<added repository name>,...]
                     'removed': [<removed repository name>,...]
                   }
                   error :  null
                 Example error output:
                 .. code-block:: bash
                   id : <id_given_in_input>
                   result : null
                   error :  {
                     'Error occurred during rescan repositories action'
                   }
                 """
                 if not has_superadmin_permission(apiuser):
                     raise JSONRPCForbidden()
                 try:
                     rm_obsolete = Optional.extract(remove_obsolete)
                     added, removed = repo2db_mapper(ScmModel().repo_scan(),
                                                     remove_obsolete=rm_obsolete, force_hooks_rebuild=True)
                     return {'added': added, 'removed': removed}
                 except Exception:
                     log.exception('Failed to run repo rescann')
                     raise JSONRPCError(
                         'Error occurred during rescan repositories action'
                     )
             @jsonrpc_method()
             def cleanup_sessions(request, apiuser, older_then=Optional(60)):
                 """
                 Triggers a session cleanup action.
                 If the ``older_then`` option is set, only sessions that hasn't been
                 accessed in the given number of days will be removed.
                 This command can only be run using an |authtoken| with admin rights to
                 the specified repository.
                 This command takes the following options:
                 :param apiuser: This is filled automatically from the |authtoken|.
                 :type apiuser: AuthUser
                 :param older_then: Deletes session that hasn't been accessed
                     in given number of days.
                 :type older_then: Optional(int)
                 Example output:
                 .. code-block:: bash
                   id : <id_given_in_input>
                   result: {
                     "backend": "<type of backend>",
                     "sessions_removed": <number_of_removed_sessions>
                   }
                   error :  null
                 Example error output:
                 .. code-block:: bash
                   id : <id_given_in_input>
                   result : null
                   error :  {
                     'Error occurred during session cleanup'
                   }
                 """
                 if not has_superadmin_permission(apiuser):
                     raise JSONRPCForbidden()
                 older_then = safe_int(Optional.extract(older_then)) or 60
                 older_than_seconds = 60 * 60 * 24 * older_then
                 config = system_info.rhodecode_config().get_value()['value']['config']
                 session_model = user_sessions.get_session_handler(
                     config.get('beaker.session.type', 'memory'))(config)
                 backend = session_model.SESSION_TYPE
                 try:
                     cleaned = session_model.clean_sessions(
                         older_than_seconds=older_than_seconds)
                     return {'sessions_removed': cleaned, 'backend': backend}
                 except user_sessions.CleanupCommand as msg:
                     return {'cleanup_command': str(msg), 'backend': backend}
                 except Exception as e:
                     log.exception('Failed session cleanup')
                     raise JSONRPCError(
                         'Error occurred during session cleanup'
                     )
             @jsonrpc_method()
             def get_method(request, apiuser, pattern=Optional('*')):
                 """
                 Returns list of all available API methods. By default match pattern
                 os "*" but any other pattern can be specified. eg *comment* will return
                 all methods with comment inside them. If just single method is matched
                 returned data will also include method specification
                 This command can only be run using an |authtoken| with admin rights to
                 the specified repository.
                 This command takes the following options:
                 :param apiuser: This is filled automatically from the |authtoken|.
                 :type apiuser: AuthUser
                 :param pattern: pattern to match method names against
                 :type pattern: Optional("*")
                 Example output:
                 .. code-block:: bash
                   id : <id_given_in_input>
                   "result": [
                     "changeset_comment",
                     "comment_pull_request",
                     "comment_commit"
                   ]
                   error :  null
                 .. code-block:: bash
                   id : <id_given_in_input>
                   "result": [
                     "comment_commit",
                     {
                       "apiuser": "<RequiredType>",
                       "comment_type": "<Optional:u'note'>",
                       "commit_id": "<RequiredType>",
                       "message": "<RequiredType>",
                       "repoid": "<RequiredType>",
                       "request": "<RequiredType>",
                       "resolves_comment_id": "<Optional:None>",
                       "status": "<Optional:None>",
                       "userid": "<Optional:<OptionalAttr:apiuser>>"
                     }
                   ]
                   error :  null
                 """
                 from rhodecode.config.patches import inspect_getargspec
                 inspect = inspect_getargspec()
                 if not has_superadmin_permission(apiuser):
                     raise JSONRPCForbidden()
                 pattern = Optional.extract(pattern)
                 matches = find_methods(request.registry.jsonrpc_methods, pattern)
                 args_desc = []
                 matches_keys = list(matches.keys())
                 if len(matches_keys) == 1:
                     func = matches[matches_keys[0]]
                     argspec = inspect.getargspec(func)
                     arglist = argspec[0]
                     defaults = list(map(repr, argspec[3] or []))
                     default_empty = '<RequiredType>'
                     # kw arguments required by this method
                     func_kwargs = dict(itertools.zip_longest(
                         reversed(arglist), reversed(defaults), fillvalue=default_empty))
                     args_desc.append(func_kwargs)
                 return matches_keys + args_desc
             @jsonrpc_method()
             def store_exception(request, apiuser, exc_data_json, prefix=Optional('rhodecode')):
                 """
                 Stores sent exception inside the built-in exception tracker in |RCE| server.
                 This command can only be run using an |authtoken| with admin rights to
                 the specified repository.
                 This command takes the following options:
                 :param apiuser: This is filled automatically from the |authtoken|.
                 :type apiuser: AuthUser
                 :param exc_data_json: JSON data with exception e.g
                     {"exc_traceback": "Value `1` is not allowed", "exc_type_name": "ValueError"}
                 :type exc_data_json: JSON data
                 :param prefix: prefix for error type, e.g 'rhodecode', 'vcsserver', 'rhodecode-tools'
                 :type prefix: Optional("rhodecode")
                 Example output:
                 .. code-block:: bash
                   id : <id_given_in_input>
                   "result": {
                     "exc_id": 139718459226384,
                     "exc_url": "http://localhost:8080/_admin/settings/exceptions/139718459226384"
                   }
                   error :  null
                 """
                 if not has_superadmin_permission(apiuser):
                     raise JSONRPCForbidden()
                 prefix = Optional.extract(prefix)
                 exc_id = exc_tracking.generate_id()
                 try:
                     exc_data = json.loads(exc_data_json)
                 except Exception:
                     log.error('Failed to parse JSON: %r', exc_data_json)
                     raise JSONRPCError('Failed to parse JSON data from exc_data_json field. '
                                        'Please make sure it contains a valid JSON.')
                 try:
                     exc_traceback = exc_data['exc_traceback']
                     exc_type_name = exc_data['exc_type_name']
                     exc_value = ''
                 except KeyError as err:
                     raise JSONRPCError(
                         f'Missing exc_traceback, or exc_type_name '
                         f'in exc_data_json field. Missing: {err}')
                 class ExcType:
                     __name__ = exc_type_name
                 exc_info = (ExcType(), exc_value, exc_traceback)
                 exc_tracking._store_exception(
                     exc_id=exc_id, exc_info=exc_info, prefix=prefix)
                 exc_url = request.route_url(
                     'admin_settings_exception_tracker_show', exception_id=exc_id)
                 return {'exc_id': exc_id, 'exc_url': exc_url}

rhodecode/apps/admin/views/settings.py

0 +2 -5

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             import collections
             import datetime
             import formencode
             import formencode.htmlfill
             import rhodecode
             from pyramid.httpexceptions import HTTPFound, HTTPNotFound
             from pyramid.renderers import render
             from pyramid.response import Response
             from rhodecode.apps._base import BaseAppView
             from rhodecode.apps._base.navigation import navigation_list
             from rhodecode.apps.svn_support.config_keys import generate_config
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import (
                 LoginRequired, HasPermissionAllDecorator, CSRFRequired)
             from rhodecode.lib.celerylib import tasks, run_task
             from rhodecode.lib.str_utils import safe_str
-            from rhodecode.lib.utils import repo2db_mapper
+            from rhodecode.lib.utils import repo2db_mapper, get_rhodecode_repo_store_path
             from rhodecode.lib.utils2 import str2bool, AttributeDict
             from rhodecode.lib.index import searcher_from_config
             from rhodecode.model.db import RhodeCodeUi, Repository
             from rhodecode.model.forms import (ApplicationSettingsForm,
                 ApplicationUiSettingsForm, ApplicationVisualisationForm,
                 LabsSettingsForm, IssueTrackerPatternsForm)
             from rhodecode.model.permission import PermissionModel
             from rhodecode.model.repo_group import RepoGroupModel
             from rhodecode.model.scm import ScmModel
             from rhodecode.model.notification import EmailNotificationModel
             from rhodecode.model.meta import Session
             from rhodecode.model.settings import (
                 IssueTrackerSettingsModel, VcsSettingsModel, SettingNotFound,
                 SettingsModel)
             log = logging.getLogger(__name__)
             class AdminSettingsView(BaseAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     c.labs_active = str2bool(
                         rhodecode.CONFIG.get('labs_settings_active', 'true'))
                     c.navlist = navigation_list(self.request)
                     return c
                 @classmethod
                 def _get_ui_settings(cls):
                     ret = RhodeCodeUi.query().all()
                     if not ret:
                         raise Exception('Could not get application ui settings !')
                     settings = {}
                     for each in ret:
                         k = each.ui_key
                         v = each.ui_value
                         if k == '/':
                             k = 'root_path'
                         if k in ['push_ssl', 'publish', 'enabled']:
                             v = str2bool(v)
                         if k.find('.') != -1:
                             k = k.replace('.', '_')
                         if each.ui_section in ['hooks', 'extensions']:
                             v = each.ui_active
                         settings[each.ui_section + '_' + k] = v
                     return settings
                 @classmethod
                 def _form_defaults(cls):
                     defaults = SettingsModel().get_all_settings()
                     defaults.update(cls._get_ui_settings())
                     defaults.update({
                         'new_svn_branch': '',
                         'new_svn_tag': '',
                     })
                     return defaults
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_vcs(self):
                     c = self.load_default_context()
                     c.active = 'vcs'
                     model = VcsSettingsModel()
                     c.svn_branch_patterns = model.get_global_svn_branch_patterns()
                     c.svn_tag_patterns = model.get_global_svn_tag_patterns()
                     settings = self.request.registry.settings
                     c.svn_proxy_generate_config = settings[generate_config]
                     defaults = self._form_defaults()
                     model.create_largeobjects_dirs_if_needed(defaults['paths_root_path'])
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_vcs_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'vcs'
                     model = VcsSettingsModel()
                     c.svn_branch_patterns = model.get_global_svn_branch_patterns()
                     c.svn_tag_patterns = model.get_global_svn_tag_patterns()
                     settings = self.request.registry.settings
                     c.svn_proxy_generate_config = settings[generate_config]
                     application_form = ApplicationUiSettingsForm(self.request.translate)()
                     try:
                         form_result = application_form.to_python(dict(self.request.POST))
                     except formencode.Invalid as errors:
                         h.flash(
                             _("Some form inputs contain invalid data."),
                             category='error')
                         data = render('rhodecode:templates/admin/settings/settings.mako',
                                       self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=errors.value,
                             errors=errors.unpack_errors() or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     try:
-                        if c.visual.allow_repo_location_change:
-                            model.update_global_path_setting(form_result['paths_root_path'])
                         model.update_global_ssl_setting(form_result['web_push_ssl'])
                         model.update_global_hook_settings(form_result)
                         model.create_or_update_global_svn_settings(form_result)
                         model.create_or_update_global_hg_settings(form_result)
                         model.create_or_update_global_git_settings(form_result)
                         model.create_or_update_global_pr_settings(form_result)
                     except Exception:
                         log.exception("Exception while updating settings")
                         h.flash(_('Error occurred during updating '
                                   'application settings'), category='error')
                     else:
                         Session().commit()
                         h.flash(_('Updated VCS settings'), category='success')
                         raise HTTPFound(h.route_path('admin_settings_vcs'))
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_vcs_delete_svn_pattern(self):
                     delete_pattern_id = self.request.POST.get('delete_svn_pattern')
                     model = VcsSettingsModel()
                     try:
                         model.delete_global_svn_pattern(delete_pattern_id)
                     except SettingNotFound:
                         log.exception(
                             'Failed to delete svn_pattern with id %s', delete_pattern_id)
                         raise HTTPNotFound()
                     Session().commit()
                     return True
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_mapping(self):
                     c = self.load_default_context()
                     c.active = 'mapping'
-                    c.storage_path = VcsSettingsModel().get_repos_location()
+                    c.storage_path = get_rhodecode_repo_store_path()
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_mapping_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'mapping'
                     rm_obsolete = self.request.POST.get('destroy', False)
                     invalidate_cache = self.request.POST.get('invalidate', False)
                     log.debug('rescanning repo location with destroy obsolete=%s', rm_obsolete)
                     if invalidate_cache:
                         log.debug('invalidating all repositories cache')
                         for repo in Repository.get_all():
                             ScmModel().mark_for_invalidation(repo.repo_name, delete=True)
                     filesystem_repos = ScmModel().repo_scan()
                     added, removed = repo2db_mapper(filesystem_repos, rm_obsolete, force_hooks_rebuild=True)
                     PermissionModel().trigger_permission_flush()
                     def _repr(rm_repo):
                         return ', '.join(map(safe_str, rm_repo)) or '-'
                     h.flash(_('Repositories successfully '
                               'rescanned added: %s ; removed: %s') %
                             (_repr(added), _repr(removed)),
                             category='success')
                     raise HTTPFound(h.route_path('admin_settings_mapping'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_global(self):
                     c = self.load_default_context()
                     c.active = 'global'
                     c.personal_repo_group_default_pattern = RepoGroupModel()\
                         .get_personal_group_name_pattern()
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_global_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'global'
                     c.personal_repo_group_default_pattern = RepoGroupModel()\
                         .get_personal_group_name_pattern()
                     application_form = ApplicationSettingsForm(self.request.translate)()
                     try:
                         form_result = application_form.to_python(dict(self.request.POST))
                     except formencode.Invalid as errors:
                         h.flash(
                             _("Some form inputs contain invalid data."),
                             category='error')
                         data = render('rhodecode:templates/admin/settings/settings.mako',
                                       self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=errors.value,
                             errors=errors.unpack_errors() or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     settings = [
                         ('title', 'rhodecode_title', 'unicode'),
                         ('realm', 'rhodecode_realm', 'unicode'),
                         ('pre_code', 'rhodecode_pre_code', 'unicode'),
                         ('post_code', 'rhodecode_post_code', 'unicode'),
                         ('captcha_public_key', 'rhodecode_captcha_public_key', 'unicode'),
                         ('captcha_private_key', 'rhodecode_captcha_private_key', 'unicode'),
                         ('create_personal_repo_group', 'rhodecode_create_personal_repo_group', 'bool'),
                         ('personal_repo_group_pattern', 'rhodecode_personal_repo_group_pattern', 'unicode'),
                     ]
                     try:
                         for setting, form_key, type_ in settings:
                             sett = SettingsModel().create_or_update_setting(
                                 setting, form_result[form_key], type_)
                             Session().add(sett)
                         Session().commit()
                         SettingsModel().invalidate_settings_cache()
                         h.flash(_('Updated application settings'), category='success')
                     except Exception:
                         log.exception("Exception while updating application settings")
                         h.flash(
                             _('Error occurred during updating application settings'),
                             category='error')
                     raise HTTPFound(h.route_path('admin_settings_global'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_visual(self):
                     c = self.load_default_context()
                     c.active = 'visual'
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_visual_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'visual'
                     application_form = ApplicationVisualisationForm(self.request.translate)()
                     try:
                         form_result = application_form.to_python(dict(self.request.POST))
                     except formencode.Invalid as errors:
                         h.flash(
                             _("Some form inputs contain invalid data."),
                             category='error')
                         data = render('rhodecode:templates/admin/settings/settings.mako',
                                       self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=errors.value,
                             errors=errors.unpack_errors() or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     try:
                         settings = [
                             ('show_public_icon', 'rhodecode_show_public_icon', 'bool'),
                             ('show_private_icon', 'rhodecode_show_private_icon', 'bool'),
                             ('stylify_metatags', 'rhodecode_stylify_metatags', 'bool'),
                             ('repository_fields', 'rhodecode_repository_fields', 'bool'),
                             ('dashboard_items', 'rhodecode_dashboard_items', 'int'),
                             ('admin_grid_items', 'rhodecode_admin_grid_items', 'int'),
                             ('show_version', 'rhodecode_show_version', 'bool'),
                             ('use_gravatar', 'rhodecode_use_gravatar', 'bool'),
                             ('markup_renderer', 'rhodecode_markup_renderer', 'unicode'),
                             ('gravatar_url', 'rhodecode_gravatar_url', 'unicode'),
                             ('clone_uri_tmpl', 'rhodecode_clone_uri_tmpl', 'unicode'),
                             ('clone_uri_id_tmpl', 'rhodecode_clone_uri_id_tmpl', 'unicode'),
                             ('clone_uri_ssh_tmpl', 'rhodecode_clone_uri_ssh_tmpl', 'unicode'),
                             ('support_url', 'rhodecode_support_url', 'unicode'),
                             ('show_revision_number', 'rhodecode_show_revision_number', 'bool'),
                             ('show_sha_length', 'rhodecode_show_sha_length', 'int'),
                         ]
                         for setting, form_key, type_ in settings:
                             sett = SettingsModel().create_or_update_setting(
                                 setting, form_result[form_key], type_)
                             Session().add(sett)
                         Session().commit()
                         SettingsModel().invalidate_settings_cache()
                         h.flash(_('Updated visualisation settings'), category='success')
                     except Exception:
                         log.exception("Exception updating visualization settings")
                         h.flash(_('Error occurred during updating '
                                   'visualisation settings'),
                                 category='error')
                     raise HTTPFound(h.route_path('admin_settings_visual'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_issuetracker(self):
                     c = self.load_default_context()
                     c.active = 'issuetracker'
                     defaults = c.rc_config
                     entry_key = 'rhodecode_issuetracker_pat_'
                     c.issuetracker_entries = {}
                     for k, v in defaults.items():
                         if k.startswith(entry_key):
                             uid = k[len(entry_key):]
                             c.issuetracker_entries[uid] = None
                     for uid in c.issuetracker_entries:
                         c.issuetracker_entries[uid] = AttributeDict({
                             'pat': defaults.get('rhodecode_issuetracker_pat_' + uid),
                             'url': defaults.get('rhodecode_issuetracker_url_' + uid),
                             'pref': defaults.get('rhodecode_issuetracker_pref_' + uid),
                             'desc': defaults.get('rhodecode_issuetracker_desc_' + uid),
                         })
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_issuetracker_test(self):
                     error_container = []
                     urlified_commit = h.urlify_commit_message(
                         self.request.POST.get('test_text', ''),
                         'repo_group/test_repo1', error_container=error_container)
                     if error_container:
                         def converter(inp):
                             return h.html_escape(inp)
                         return 'ERRORS: ' + '\n'.join(map(converter, error_container))
                     return urlified_commit
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_issuetracker_update(self):
                     _ = self.request.translate
                     self.load_default_context()
                     settings_model = IssueTrackerSettingsModel()
                     try:
                         form = IssueTrackerPatternsForm(self.request.translate)()
                         data = form.to_python(self.request.POST)
                     except formencode.Invalid as errors:
                         log.exception('Failed to add new pattern')
                         error = errors
                         h.flash(_(f'Invalid issue tracker pattern: {error}'),
                                 category='error')
                         raise HTTPFound(h.route_path('admin_settings_issuetracker'))
                     if data:
                         for uid in data.get('delete_patterns', []):
                             settings_model.delete_entries(uid)
                         for pattern in data.get('patterns', []):
                             for setting, value, type_ in pattern:
                                 sett = settings_model.create_or_update_setting(
                                     setting, value, type_)
                                 Session().add(sett)
                             Session().commit()
                         SettingsModel().invalidate_settings_cache()
                         h.flash(_('Updated issue tracker entries'), category='success')
                     raise HTTPFound(h.route_path('admin_settings_issuetracker'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_issuetracker_delete(self):
                     _ = self.request.translate
                     self.load_default_context()
                     uid = self.request.POST.get('uid')
                     try:
                         IssueTrackerSettingsModel().delete_entries(uid)
                     except Exception:
                         log.exception('Failed to delete issue tracker setting %s', uid)
                         raise HTTPNotFound()
                     SettingsModel().invalidate_settings_cache()
                     h.flash(_('Removed issue tracker entry.'), category='success')
                     return {'deleted': uid}
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_email(self):
                     c = self.load_default_context()
                     c.active = 'email'
                     c.rhodecode_ini = rhodecode.CONFIG
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_email_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'email'
                     test_email = self.request.POST.get('test_email')
                     if not test_email:
                         h.flash(_('Please enter email address'), category='error')
                         raise HTTPFound(h.route_path('admin_settings_email'))
                     email_kwargs = {
                         'date': datetime.datetime.now(),
                         'user': self._rhodecode_db_user
                     }
                     (subject, email_body, email_body_plaintext) = EmailNotificationModel().render_email(
                         EmailNotificationModel.TYPE_EMAIL_TEST, **email_kwargs)
                     recipients = [test_email] if test_email else None
                     run_task(tasks.send_email, recipients, subject,
                              email_body_plaintext, email_body)
                     h.flash(_('Send email task created'), category='success')
                     raise HTTPFound(h.route_path('admin_settings_email'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_hooks(self):
                     c = self.load_default_context()
                     c.active = 'hooks'
                     model = SettingsModel()
                     c.hooks = model.get_builtin_hooks()
                     c.custom_hooks = model.get_custom_hooks()
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_hooks_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'hooks'
                     if c.visual.allow_custom_hooks_settings:
                         ui_key = self.request.POST.get('new_hook_ui_key')
                         ui_value = self.request.POST.get('new_hook_ui_value')
                         hook_id = self.request.POST.get('hook_id')
                         new_hook = False
                         model = SettingsModel()
                         try:
                             if ui_value and ui_key:
                                 model.create_or_update_hook(ui_key, ui_value)
                                 h.flash(_('Added new hook'), category='success')
                                 new_hook = True
                             elif hook_id:
                                 RhodeCodeUi.delete(hook_id)
                                 Session().commit()
                             # check for edits
                             update = False
                             _d = self.request.POST.dict_of_lists()
                             for k, v in zip(_d.get('hook_ui_key', []),
                                             _d.get('hook_ui_value_new', [])):
                                 model.create_or_update_hook(k, v)
                                 update = True
                             if update and not new_hook:
                                 h.flash(_('Updated hooks'), category='success')
                             Session().commit()
                         except Exception:
                             log.exception("Exception during hook creation")
                             h.flash(_('Error occurred during hook creation'),
                                     category='error')
                     raise HTTPFound(h.route_path('admin_settings_hooks'))
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_search(self):
                     c = self.load_default_context()
                     c.active = 'search'
                     c.searcher = searcher_from_config(self.request.registry.settings)
                     c.statistics = c.searcher.statistics(self.request.translate)
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_labs(self):
                     c = self.load_default_context()
                     if not c.labs_active:
                         raise HTTPFound(h.route_path('admin_settings'))
                     c.active = 'labs'
                     c.lab_settings = _LAB_SETTINGS
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 @CSRFRequired()
                 def settings_labs_update(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     c.active = 'labs'
                     application_form = LabsSettingsForm(self.request.translate)()
                     try:
                         form_result = application_form.to_python(dict(self.request.POST))
                     except formencode.Invalid as errors:
                         h.flash(
                             _("Some form inputs contain invalid data."),
                             category='error')
                         data = render('rhodecode:templates/admin/settings/settings.mako',
                                       self._get_template_context(c), self.request)
                         html = formencode.htmlfill.render(
                             data,
                             defaults=errors.value,
                             errors=errors.unpack_errors() or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                         return Response(html)
                     try:
                         session = Session()
                         for setting in _LAB_SETTINGS:
                             setting_name = setting.key[len('rhodecode_'):]
                             sett = SettingsModel().create_or_update_setting(
                                 setting_name, form_result[setting.key], setting.type)
                             session.add(sett)
                     except Exception:
                         log.exception('Exception while updating lab settings')
                         h.flash(_('Error occurred during updating labs settings'),
                                 category='error')
                     else:
                         Session().commit()
                         SettingsModel().invalidate_settings_cache()
                         h.flash(_('Updated Labs settings'), category='success')
                         raise HTTPFound(h.route_path('admin_settings_labs'))
                     data = render('rhodecode:templates/admin/settings/settings.mako',
                                   self._get_template_context(c), self.request)
                     html = formencode.htmlfill.render(
                         data,
                         defaults=self._form_defaults(),
                         encoding="UTF-8",
                         force_defaults=False
                     )
                     return Response(html)
             # :param key: name of the setting including the 'rhodecode_' prefix
             # :param type: the RhodeCodeSetting type to use.
             # :param group: the i18ned group in which we should dispaly this setting
             # :param label: the i18ned label we should display for this setting
             # :param help: the i18ned help we should dispaly for this setting
             LabSetting = collections.namedtuple(
                 'LabSetting', ('key', 'type', 'group', 'label', 'help'))
             # This list has to be kept in sync with the form
             # rhodecode.model.forms.LabsSettingsForm.
             _LAB_SETTINGS = [
             ]

rhodecode/apps/svn_support/utils.py

0 +2 -2

             # Copyright (C) 2016-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import codecs
             import logging
             import os
             from pyramid.renderers import render
             from rhodecode.events import trigger
-            from rhodecode.lib.utils import get_rhodecode_realm, get_rhodecode_base_path
+            from rhodecode.lib.utils import get_rhodecode_realm, get_rhodecode_repo_store_path
             from rhodecode.lib.utils2 import str2bool
             from rhodecode.model.db import RepoGroup
             from . import config_keys
             from .events import ModDavSvnConfigChange
             log = logging.getLogger(__name__)
             def write_mod_dav_svn_config(settings):
                 use_ssl = str2bool(settings['force_https'])
                 file_path = settings[config_keys.config_file_path]
                 config = _render_mod_dav_svn_config(
                     use_ssl=use_ssl,
-                    parent_path_root=get_rhodecode_base_path(),
+                    parent_path_root=get_rhodecode_repo_store_path(),
                     list_parent_path=settings[config_keys.list_parent_path],
                     location_root=settings[config_keys.location_root],
                     repo_groups=RepoGroup.get_all_repo_groups(),
                     realm=get_rhodecode_realm(), template=settings[config_keys.template])
                 _write_mod_dav_svn_config(config, file_path)
                 return file_path
             def generate_mod_dav_svn_config(registry):
                 """
                 Generate the configuration file for use with subversion's mod_dav_svn
                 module. The configuration has to contain a <Location> block for each
                 available repository group because the mod_dav_svn module does not support
                 repositories organized in sub folders.
                 """
                 settings = registry.settings
                 file_path = write_mod_dav_svn_config(settings)
                 # Trigger an event on mod dav svn configuration change.
                 trigger(ModDavSvnConfigChange(), registry)
                 return file_path
             def _render_mod_dav_svn_config(
                     parent_path_root, list_parent_path, location_root, repo_groups, realm,
                     use_ssl, template):
                 """
                 Render mod_dav_svn configuration to string.
                 """
                 repo_group_paths = []
                 for repo_group in repo_groups:
                     group_path = repo_group.full_path_splitted
                     location = os.path.join(location_root, *group_path)
                     parent_path = os.path.join(parent_path_root, *group_path)
                     repo_group_paths.append((location, parent_path))
                 context = {
                     'location_root': location_root,
                     'parent_path_root': parent_path_root,
                     'repo_group_paths': repo_group_paths,
                     'svn_list_parent_path': list_parent_path,
                     'rhodecode_realm': realm,
                     'use_https': use_ssl,
                 }
                 template = template or \
                            'rhodecode:apps/svn_support/templates/mod-dav-svn.conf.mako'
                 # Render the configuration template to string.
                 return render(template, context)
             def _write_mod_dav_svn_config(config, filepath):
                 """
                 Write mod_dav_svn config to file.
                 """
                 with codecs.open(filepath, 'w', encoding='utf-8') as f:
                     f.write(config)

rhodecode/config/config_maker.py

0 +2 0

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import tempfile
             import logging
             from pyramid.settings import asbool
             from rhodecode.config.settings_maker import SettingsMaker
             from rhodecode.config import utils as config_utils
             log = logging.getLogger(__name__)
             def sanitize_settings_and_apply_defaults(global_config, settings):
                 """
                 Applies settings defaults and does all type conversion.
                 We would move all settings parsing and preparation into this place, so that
                 we have only one place left which deals with this part. The remaining parts
                 of the application would start to rely fully on well-prepared settings.
                 This piece would later be split up per topic to avoid a big fat monster
                 function.
                 """
                 jn = os.path.join
                 global_settings_maker = SettingsMaker(global_config)
                 global_settings_maker.make_setting('debug', default=False, parser='bool')
                 debug_enabled = asbool(global_config.get('debug'))
                 settings_maker = SettingsMaker(settings)
                 settings_maker.make_setting(
                     'logging.autoconfigure',
                     default=False,
                     parser='bool')
                 logging_conf = jn(os.path.dirname(global_config.get('__file__')), 'logging.ini')
                 settings_maker.enable_logging(logging_conf, level='INFO' if debug_enabled else 'DEBUG')
                 # Default includes, possible to change as a user
                 pyramid_includes = settings_maker.make_setting('pyramid.includes', [], parser='list:newline')
                 log.debug(
                     "Using the following pyramid.includes: %s",
                     pyramid_includes)
                 settings_maker.make_setting('rhodecode.edition', 'Community Edition')
                 settings_maker.make_setting('rhodecode.edition_id', 'CE')
                 if 'mako.default_filters' not in settings:
                     # set custom default filters if we don't have it defined
                     settings['mako.imports'] = 'from rhodecode.lib.base import h_filter'
                     settings['mako.default_filters'] = 'h_filter'
                 if 'mako.directories' not in settings:
                     mako_directories = settings.setdefault('mako.directories', [
                         # Base templates of the original application
                         'rhodecode:templates',
                     ])
                     log.debug(
                         "Using the following Mako template directories: %s",
                         mako_directories)
                 # NOTE(marcink): fix redis requirement for schema of connection since 3.X
                 if 'beaker.session.type' in settings and settings['beaker.session.type'] == 'ext:redis':
                     raw_url = settings['beaker.session.url']
                     if not raw_url.startswith(('redis://', 'rediss://', 'unix://')):
                         settings['beaker.session.url'] = 'redis://' + raw_url
                 settings_maker.make_setting('__file__', global_config.get('__file__'))
                 # TODO: johbo: Re-think this, usually the call to config.include
                 # should allow to pass in a prefix.
                 settings_maker.make_setting('rhodecode.api.url', '/_admin/api')
                 # Sanitize generic settings.
                 settings_maker.make_setting('default_encoding', 'UTF-8', parser='list')
                 settings_maker.make_setting('gzip_responses', False, parser='bool')
                 settings_maker.make_setting('startup.import_repos', 'false', parser='bool')
                 # statsd
                 settings_maker.make_setting('statsd.enabled', False, parser='bool')
                 settings_maker.make_setting('statsd.statsd_host', 'statsd-exporter', parser='string')
                 settings_maker.make_setting('statsd.statsd_port', 9125, parser='int')
                 settings_maker.make_setting('statsd.statsd_prefix', '')
                 settings_maker.make_setting('statsd.statsd_ipv6', False, parser='bool')
                 settings_maker.make_setting('vcs.svn.compatible_version', '')
                 settings_maker.make_setting('vcs.svn.proxy.enabled', True, parser='bool')
                 settings_maker.make_setting('vcs.svn.proxy.host', 'http://svn:8090', parser='string')
                 settings_maker.make_setting('vcs.hooks.protocol', 'http')
                 settings_maker.make_setting('vcs.hooks.host', '*')
                 settings_maker.make_setting('vcs.scm_app_implementation', 'http')
                 settings_maker.make_setting('vcs.server', '')
                 settings_maker.make_setting('vcs.server.protocol', 'http')
                 settings_maker.make_setting('vcs.server.enable', 'true', parser='bool')
                 settings_maker.make_setting('vcs.hooks.direct_calls', 'false', parser='bool')
                 settings_maker.make_setting('vcs.start_server', 'false', parser='bool')
                 settings_maker.make_setting('vcs.backends', 'hg, git, svn', parser='list')
                 settings_maker.make_setting('vcs.connection_timeout', 3600, parser='int')
                 settings_maker.make_setting('vcs.methods.cache', True, parser='bool')
+                # repo_store path
+                settings_maker.make_setting('repo_store.path', '/var/opt/rhodecode_repo_store')
                 # Support legacy values of vcs.scm_app_implementation. Legacy
                 # configurations may use 'rhodecode.lib.middleware.utils.scm_app_http', or
                 # disabled since 4.13 'vcsserver.scm_app' which is now mapped to 'http'.
                 scm_app_impl = settings['vcs.scm_app_implementation']
                 if scm_app_impl in ['rhodecode.lib.middleware.utils.scm_app_http', 'vcsserver.scm_app']:
                     settings['vcs.scm_app_implementation'] = 'http'
                 settings_maker.make_setting('appenlight', False, parser='bool')
                 temp_store = tempfile.gettempdir()
                 tmp_cache_dir = jn(temp_store, 'rc_cache')
                 # save default, cache dir, and use it for all backends later.
                 default_cache_dir = settings_maker.make_setting(
                     'cache_dir',
                     default=tmp_cache_dir, default_when_empty=True,
                     parser='dir:ensured')
                 # exception store cache
                 settings_maker.make_setting(
                     'exception_tracker.store_path',
                     default=jn(default_cache_dir, 'exc_store'), default_when_empty=True,
                     parser='dir:ensured'
                 )
                 settings_maker.make_setting(
                     'celerybeat-schedule.path',
                     default=jn(default_cache_dir, 'celerybeat_schedule', 'celerybeat-schedule.db'), default_when_empty=True,
                     parser='file:ensured'
                 )
                 settings_maker.make_setting('exception_tracker.send_email', False, parser='bool')
                 settings_maker.make_setting('exception_tracker.email_prefix', '[RHODECODE ERROR]', default_when_empty=True)
                 # sessions, ensure file since no-value is memory
                 settings_maker.make_setting('beaker.session.type', 'file')
                 settings_maker.make_setting('beaker.session.data_dir',  jn(default_cache_dir, 'session_data'))
                 # cache_general
                 settings_maker.make_setting('rc_cache.cache_general.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_general.expiration_time', 60 * 60 * 12, parser='int')
                 settings_maker.make_setting('rc_cache.cache_general.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_general.db'))
                 # cache_perms
                 settings_maker.make_setting('rc_cache.cache_perms.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_perms.expiration_time', 60 * 60, parser='int')
                 settings_maker.make_setting('rc_cache.cache_perms.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_perms_db'))
                 # cache_repo
                 settings_maker.make_setting('rc_cache.cache_repo.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_repo.expiration_time', 60 * 60 * 24 * 30, parser='int')
                 settings_maker.make_setting('rc_cache.cache_repo.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_repo_db'))
                 # cache_license
                 settings_maker.make_setting('rc_cache.cache_license.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_license.expiration_time', 60 * 5, parser='int')
                 settings_maker.make_setting('rc_cache.cache_license.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_license_db'))
                 # cache_repo_longterm memory, 96H
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.backend', 'dogpile.cache.rc.memory_lru')
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.expiration_time', 345600, parser='int')
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.max_size', 10000, parser='int')
                 # sql_cache_short
                 settings_maker.make_setting('rc_cache.sql_cache_short.backend', 'dogpile.cache.rc.memory_lru')
                 settings_maker.make_setting('rc_cache.sql_cache_short.expiration_time', 30, parser='int')
                 settings_maker.make_setting('rc_cache.sql_cache_short.max_size', 10000, parser='int')
                 # archive_cache
                 settings_maker.make_setting('archive_cache.store_dir', jn(default_cache_dir, 'archive_cache'), default_when_empty=True,)
                 settings_maker.make_setting('archive_cache.cache_size_gb', 10, parser='float')
                 settings_maker.make_setting('archive_cache.cache_shards', 10, parser='int')
                 settings_maker.env_expand()
                 # configure instance id
                 config_utils.set_instance_id(settings)
                 return settings

rhodecode/config/environment.py

0 0 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import logging
             import rhodecode
             import collections
             from rhodecode.config import utils
             from rhodecode.lib.utils import load_rcextensions
             from rhodecode.lib.utils2 import str2bool
             from rhodecode.lib.vcs import connect_vcs
             log = logging.getLogger(__name__)
             def load_pyramid_environment(global_config, settings):
                 # Some parts of the code expect a merge of global and app settings.
                 settings_merged = global_config.copy()
                 settings_merged.update(settings)
                 # TODO(marcink): probably not required anymore
                 # configure channelstream,
                 settings_merged['channelstream_config'] = {
                     'enabled': str2bool(settings_merged.get('channelstream.enabled', False)),
                     'server': settings_merged.get('channelstream.server'),
                     'secret': settings_merged.get('channelstream.secret')
                 }
                 # If this is a test run we prepare the test environment like
                 # creating a test database, test search index and test repositories.
                 # This has to be done before the database connection is initialized.
                 if rhodecode.is_test:
                     rhodecode.disable_error_handler = True
                     from rhodecode import authentication
                     authentication.plugin_default_auth_ttl = 0
                     utils.initialize_test_environment(settings_merged)
                 # Initialize the database connection.
                 utils.initialize_database(settings_merged)
                 load_rcextensions(root_path=settings_merged['here'])
                 # Limit backends to `vcs.backends` from configuration, and preserve the order
                 for alias in rhodecode.BACKENDS.keys():
                     if alias not in settings['vcs.backends']:
                         del rhodecode.BACKENDS[alias]
                 _sorted_backend = sorted(rhodecode.BACKENDS.items(),
                                          key=lambda item: settings['vcs.backends'].index(item[0]))
                 rhodecode.BACKENDS = collections.OrderedDict(_sorted_backend)
                 log.info('Enabled VCS backends: %s', rhodecode.BACKENDS.keys())
                 # initialize vcs client and optionally run the server if enabled
                 vcs_server_uri = settings['vcs.server']
                 vcs_server_enabled = settings['vcs.server.enable']
                 utils.configure_vcs(settings)
                 # Store the settings to make them available to other modules.
                 rhodecode.PYRAMID_SETTINGS = settings_merged
                 rhodecode.CONFIG = settings_merged
                 rhodecode.CONFIG['default_user_id'] = utils.get_default_user_id()
-                rhodecode.CONFIG['default_base_path'] = utils.get_default_base_path()
                 if vcs_server_enabled:
                     connect_vcs(vcs_server_uri, utils.get_vcs_server_protocol(settings))
                 else:
                     log.warning('vcs-server not enabled, vcs connection unavailable')

rhodecode/config/utils.py

0 0 -12

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import platform
             def configure_vcs(config):
                 """
                 Patch VCS config with some RhodeCode specific stuff
                 """
                 from rhodecode.lib.vcs import conf
                 import rhodecode.lib.vcs.conf.settings
                 conf.settings.BACKENDS = {
                     'hg': 'rhodecode.lib.vcs.backends.hg.MercurialRepository',
                     'git': 'rhodecode.lib.vcs.backends.git.GitRepository',
                     'svn': 'rhodecode.lib.vcs.backends.svn.SubversionRepository',
                 }
                 conf.settings.HOOKS_PROTOCOL = config['vcs.hooks.protocol']
                 conf.settings.HOOKS_HOST = config['vcs.hooks.host']
                 conf.settings.DEFAULT_ENCODINGS = config['default_encoding']
                 conf.settings.ALIASES[:] = config['vcs.backends']
                 conf.settings.SVN_COMPATIBLE_VERSION = config['vcs.svn.compatible_version']
             def initialize_database(config):
                 from rhodecode.lib.utils2 import engine_from_config, get_encryption_key
                 from rhodecode.model import init_model
                 engine = engine_from_config(config, 'sqlalchemy.db1.')
                 init_model(engine, encryption_key=get_encryption_key(config))
             def initialize_test_environment(settings, test_env=None):
                 if test_env is None:
                     test_env = not int(os.environ.get('RC_NO_TMP_PATH', 0))
                 from rhodecode.lib.utils import (
                     create_test_directory, create_test_database, create_test_repositories,
                     create_test_index)
                 from rhodecode.tests import TESTS_TMP_PATH
                 from rhodecode.lib.vcs.backends.hg import largefiles_store
                 from rhodecode.lib.vcs.backends.git import lfs_store
                 # test repos
                 if test_env:
                     create_test_directory(TESTS_TMP_PATH)
                     # large object stores
                     create_test_directory(largefiles_store(TESTS_TMP_PATH))
                     create_test_directory(lfs_store(TESTS_TMP_PATH))
                     create_test_database(TESTS_TMP_PATH, settings)
                     create_test_repositories(TESTS_TMP_PATH, settings)
                     create_test_index(TESTS_TMP_PATH, settings)
             def get_vcs_server_protocol(config):
                 return config['vcs.server.protocol']
             def set_instance_id(config):
                 """
                 Sets a dynamic generated config['instance_id'] if missing or '*'
                 E.g instance_id = *cluster-1 or instance_id = *
                 """
                 config['instance_id'] = config.get('instance_id') or ''
                 instance_id = config['instance_id']
                 if instance_id.startswith('*') or not instance_id:
                     prefix = instance_id.lstrip('*')
                     _platform_id = platform.uname()[1] or 'instance'
                     config['instance_id'] = '{prefix}uname:{platform}-pid:{pid}'.format(
                         prefix=prefix,
                         platform=_platform_id,
                         pid=os.getpid())
             def get_default_user_id():
                 DEFAULT_USER = 'default'
                 from sqlalchemy import text
                 from rhodecode.model import meta
                 engine = meta.get_engine()
                 with meta.SA_Session(engine) as session:
                     result = session.execute(text("SELECT user_id from users where username = :uname"), {'uname': DEFAULT_USER})
                     user_id = result.first()[0]
                 return user_id
-            def get_default_base_path():
-                from sqlalchemy import text
-                from rhodecode.model import meta
-                engine = meta.get_engine()
-                with meta.SA_Session(engine) as session:
-                    result = session.execute(text("SELECT ui_value from rhodecode_ui where ui_key = '/'"))
-                    base_path = result.first()[0]
-                return base_path

rhodecode/lib/base.py

0 0 -2

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             The base Controller API
             Provides the BaseController class for subclassing. And usage in different
             controllers
             """
             import logging
             import socket
             import base64
             import markupsafe
             import ipaddress
             import paste.httpheaders
             from paste.auth.basic import AuthBasicAuthenticator
             from paste.httpexceptions import HTTPUnauthorized, HTTPForbidden, get_exception
             import rhodecode
             from rhodecode.authentication.base import VCS_TYPE
             from rhodecode.lib import auth, utils2
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import AuthUser, CookieStoreWrapper
             from rhodecode.lib.exceptions import UserCreationError
             from rhodecode.lib.utils import (password_changed, get_enabled_hook_classes)
             from rhodecode.lib.utils2 import AttributeDict
             from rhodecode.lib.str_utils import ascii_bytes, safe_int, safe_str
             from rhodecode.lib.type_utils import aslist, str2bool
             from rhodecode.lib.hash_utils import sha1
             from rhodecode.model.db import Repository, User, ChangesetComment, UserBookmark
             from rhodecode.model.notification import NotificationModel
             from rhodecode.model.settings import VcsSettingsModel, SettingsModel
             log = logging.getLogger(__name__)
             def _filter_proxy(ip):
                 """
                 Passed in IP addresses in HEADERS can be in a special format of multiple
                 ips. Those comma separated IPs are passed from various proxies in the
                 chain of request processing. The left-most being the original client.
                 We only care about the first IP which came from the org. client.
                 :param ip: ip string from headers
                 """
                 if ',' in ip:
                     _ips = ip.split(',')
                     _first_ip = _ips[0].strip()
                     log.debug('Got multiple IPs %s, using %s', ','.join(_ips), _first_ip)
                     return _first_ip
                 return ip
             def _filter_port(ip):
                 """
                 Removes a port from ip, there are 4 main cases to handle here.
                 - ipv4 eg. 127.0.0.1
                 - ipv6 eg. ::1
                 - ipv4+port eg. 127.0.0.1:8080
                 - ipv6+port eg. [::1]:8080
                 :param ip:
                 """
                 def is_ipv6(ip_addr):
                     if hasattr(socket, 'inet_pton'):
                         try:
                             socket.inet_pton(socket.AF_INET6, ip_addr)
                         except socket.error:
                             return False
                     else:
                         # fallback to ipaddress
                         try:
                             ipaddress.IPv6Address(safe_str(ip_addr))
                         except Exception:
                             return False
                     return True
                 if ':' not in ip:  # must be ipv4 pure ip
                     return ip
                 if '[' in ip and ']' in ip:  # ipv6 with port
                     return ip.split(']')[0][1:].lower()
                 # must be ipv6 or ipv4 with port
                 if is_ipv6(ip):
                     return ip
                 else:
                     ip, _port = ip.split(':')[:2]  # means ipv4+port
                     return ip
             def get_ip_addr(environ):
                 proxy_key = 'HTTP_X_REAL_IP'
                 proxy_key2 = 'HTTP_X_FORWARDED_FOR'
                 def_key = 'REMOTE_ADDR'
                 def ip_filters(ip_):
                     return _filter_port(_filter_proxy(ip_))
                 ip = environ.get(proxy_key)
                 if ip:
                     return ip_filters(ip)
                 ip = environ.get(proxy_key2)
                 if ip:
                     return ip_filters(ip)
                 ip = environ.get(def_key, '0.0.0.0')
                 return ip_filters(ip)
             def get_server_ip_addr(environ, log_errors=True):
                 hostname = environ.get('SERVER_NAME')
                 try:
                     return socket.gethostbyname(hostname)
                 except Exception as e:
                     if log_errors:
                         # in some cases this lookup is not possible, and we don't want to
                         # make it an exception in logs
                         log.exception('Could not retrieve server ip address: %s', e)
                     return hostname
             def get_server_port(environ):
                 return environ.get('SERVER_PORT')
             def get_user_agent(environ):
                 return environ.get('HTTP_USER_AGENT')
             def vcs_operation_context(
                     environ, repo_name, username, action, scm, check_locking=True,
                     is_shadow_repo=False, check_branch_perms=False, detect_force_push=False):
                 """
                 Generate the context for a vcs operation, e.g. push or pull.
                 This context is passed over the layers so that hooks triggered by the
                 vcs operation know details like the user, the user's IP address etc.
                 :param check_locking: Allows to switch of the computation of the locking
                     data. This serves mainly the need of the simplevcs middleware to be
                     able to disable this for certain operations.
                 """
                 # Tri-state value: False: unlock, None: nothing, True: lock
                 make_lock = None
                 locked_by = [None, None, None]
                 is_anonymous = username == User.DEFAULT_USER
                 user = User.get_by_username(username)
                 if not is_anonymous and check_locking:
                     log.debug('Checking locking on repository "%s"', repo_name)
                     repo = Repository.get_by_repo_name(repo_name)
                     make_lock, __, locked_by = repo.get_locking_state(
                         action, user.user_id)
                 user_id = user.user_id
                 settings_model = VcsSettingsModel(repo=repo_name)
                 ui_settings = settings_model.get_ui_settings()
                 # NOTE(marcink): This should be also in sync with
                 # rhodecode/apps/ssh_support/lib/backends/base.py:update_environment scm_data
                 store = [x for x in ui_settings if x.key == '/']
                 repo_store = ''
                 if store:
                     repo_store = store[0].value
                 scm_data = {
                     'ip': get_ip_addr(environ),
                     'username': username,
                     'user_id': user_id,
                     'action': action,
                     'repository': repo_name,
                     'scm': scm,
                     'config': rhodecode.CONFIG['__file__'],
                     'repo_store': repo_store,
                     'make_lock': make_lock,
                     'locked_by': locked_by,
                     'server_url': utils2.get_server_url(environ),
                     'user_agent': get_user_agent(environ),
                     'hooks': get_enabled_hook_classes(ui_settings),
                     'is_shadow_repo': is_shadow_repo,
                     'detect_force_push': detect_force_push,
                     'check_branch_perms': check_branch_perms,
                 }
                 return scm_data
             class BasicAuth(AuthBasicAuthenticator):
                 def __init__(self, realm, authfunc, registry, auth_http_code=None,
                              initial_call_detection=False, acl_repo_name=None, rc_realm=''):
                     super().__init__(realm=realm, authfunc=authfunc)
                     self.realm = realm
                     self.rc_realm = rc_realm
                     self.initial_call = initial_call_detection
                     self.authfunc = authfunc
                     self.registry = registry
                     self.acl_repo_name = acl_repo_name
                     self._rc_auth_http_code = auth_http_code
                 def _get_response_from_code(self, http_code, fallback):
                     try:
                         return get_exception(safe_int(http_code))
                     except Exception:
                         log.exception('Failed to fetch response class for code %s, using fallback: %s', http_code, fallback)
                         return fallback
                 def get_rc_realm(self):
                     return safe_str(self.rc_realm)
                 def build_authentication(self):
                     header = [('WWW-Authenticate', f'Basic realm="{self.realm}"')]
                     # NOTE: the initial_Call detection seems to be not working/not needed witg latest Mercurial
                     # investigate if we still need it.
                     if self._rc_auth_http_code and not self.initial_call:
                         # return alternative HTTP code if alternative http return code
                         # is specified in RhodeCode config, but ONLY if it's not the
                         # FIRST call
                         custom_response_klass = self._get_response_from_code(self._rc_auth_http_code, fallback=HTTPUnauthorized)
                         log.debug('Using custom response class: %s', custom_response_klass)
                         return custom_response_klass(headers=header)
                     return HTTPUnauthorized(headers=header)
                 def authenticate(self, environ):
                     authorization = paste.httpheaders.AUTHORIZATION(environ)
                     if not authorization:
                         return self.build_authentication()
                     (auth_meth, auth_creds_b64) = authorization.split(' ', 1)
                     if 'basic' != auth_meth.lower():
                         return self.build_authentication()
                     credentials = safe_str(base64.b64decode(auth_creds_b64.strip()))
                     _parts = credentials.split(':', 1)
                     if len(_parts) == 2:
                         username, password = _parts
                         auth_data = self.authfunc(
                                 username, password, environ, VCS_TYPE,
                                 registry=self.registry, acl_repo_name=self.acl_repo_name)
                         if auth_data:
                             return {'username': username, 'auth_data': auth_data}
                         if username and password:
                             # we mark that we actually executed authentication once, at
                             # that point we can use the alternative auth code
                             self.initial_call = False
                     return self.build_authentication()
                 __call__ = authenticate
             def calculate_version_hash(config):
                 return sha1(
                     config.get(b'beaker.session.secret', b'') + ascii_bytes(rhodecode.__version__)
                 )[:8]
             def get_current_lang(request):
                 return getattr(request, '_LOCALE_', request.locale_name)
             def attach_context_attributes(context, request, user_id=None, is_api=None):
                 """
                 Attach variables into template context called `c`.
                 """
                 config = request.registry.settings
                 rc_config = SettingsModel().get_all_settings(cache=True, from_request=False)
                 context.rc_config = rc_config
                 context.rhodecode_version = rhodecode.__version__
                 context.rhodecode_edition = config.get('rhodecode.edition')
                 context.rhodecode_edition_id = config.get('rhodecode.edition_id')
                 # unique secret + version does not leak the version but keep consistency
                 context.rhodecode_version_hash = calculate_version_hash(config)
                 # Default language set for the incoming request
                 context.language = get_current_lang(request)
                 # Visual options
                 context.visual = AttributeDict({})
                 # DB stored Visual Items
                 context.visual.show_public_icon = str2bool(
                     rc_config.get('rhodecode_show_public_icon'))
                 context.visual.show_private_icon = str2bool(
                     rc_config.get('rhodecode_show_private_icon'))
                 context.visual.stylify_metatags = str2bool(
                     rc_config.get('rhodecode_stylify_metatags'))
                 context.visual.dashboard_items = safe_int(
                     rc_config.get('rhodecode_dashboard_items', 100))
                 context.visual.admin_grid_items = safe_int(
                     rc_config.get('rhodecode_admin_grid_items', 100))
                 context.visual.show_revision_number = str2bool(
                     rc_config.get('rhodecode_show_revision_number', True))
                 context.visual.show_sha_length = safe_int(
                     rc_config.get('rhodecode_show_sha_length', 100))
                 context.visual.repository_fields = str2bool(
                     rc_config.get('rhodecode_repository_fields'))
                 context.visual.show_version = str2bool(
                     rc_config.get('rhodecode_show_version'))
                 context.visual.use_gravatar = str2bool(
                     rc_config.get('rhodecode_use_gravatar'))
                 context.visual.gravatar_url = rc_config.get('rhodecode_gravatar_url')
                 context.visual.default_renderer = rc_config.get(
                     'rhodecode_markup_renderer', 'rst')
                 context.visual.comment_types = ChangesetComment.COMMENT_TYPES
                 context.visual.rhodecode_support_url = \
                     rc_config.get('rhodecode_support_url') or h.route_url('rhodecode_support')
                 context.visual.affected_files_cut_off = 60
                 context.pre_code = rc_config.get('rhodecode_pre_code')
                 context.post_code = rc_config.get('rhodecode_post_code')
                 context.rhodecode_name = rc_config.get('rhodecode_title')
                 context.default_encodings = aslist(config.get('default_encoding'), sep=',')
                 # if we have specified default_encoding in the request, it has more
                 # priority
                 if request.GET.get('default_encoding'):
                     context.default_encodings.insert(0, request.GET.get('default_encoding'))
                 context.clone_uri_tmpl = rc_config.get('rhodecode_clone_uri_tmpl')
                 context.clone_uri_id_tmpl = rc_config.get('rhodecode_clone_uri_id_tmpl')
                 context.clone_uri_ssh_tmpl = rc_config.get('rhodecode_clone_uri_ssh_tmpl')
                 # INI stored
                 context.labs_active = str2bool(
                     config.get('labs_settings_active', 'false'))
                 context.ssh_enabled = str2bool(
                     config.get('ssh.generate_authorized_keyfile', 'false'))
                 context.ssh_key_generator_enabled = str2bool(
                     config.get('ssh.enable_ui_key_generator', 'true'))
-                context.visual.allow_repo_location_change = str2bool(
-                    config.get('allow_repo_location_change', True))
                 context.visual.allow_custom_hooks_settings = str2bool(
                     config.get('allow_custom_hooks_settings', True))
                 context.debug_style = str2bool(config.get('debug_style', False))
                 context.rhodecode_instanceid = config.get('instance_id')
                 context.visual.cut_off_limit_diff = safe_int(
                     config.get('cut_off_limit_diff'), default=0)
                 context.visual.cut_off_limit_file = safe_int(
                     config.get('cut_off_limit_file'), default=0)
                 context.license = AttributeDict({})
                 context.license.hide_license_info = str2bool(
                     config.get('license.hide_license_info', False))
                 # AppEnlight
                 context.appenlight_enabled = config.get('appenlight', False)
                 context.appenlight_api_public_key = config.get(
                     'appenlight.api_public_key', '')
                 context.appenlight_server_url = config.get('appenlight.server_url', '')
                 diffmode = {
                     "unified": "unified",
                     "sideside": "sideside"
                 }.get(request.GET.get('diffmode'))
                 if is_api is not None:
                     is_api = hasattr(request, 'rpc_user')
                 session_attrs = {
                     # defaults
                     "clone_url_format": "http",
                     "diffmode": "sideside",
                     "license_fingerprint": request.session.get('license_fingerprint')
                 }
                 if not is_api:
                     # don't access pyramid session for API calls
                     if diffmode and diffmode != request.session.get('rc_user_session_attr.diffmode'):
                         request.session['rc_user_session_attr.diffmode'] = diffmode
                     # session settings per user
                     for k, v in list(request.session.items()):
                         pref = 'rc_user_session_attr.'
                         if k and k.startswith(pref):
                             k = k[len(pref):]
                             session_attrs[k] = v
                 context.user_session_attrs = session_attrs
                 # JS template context
                 context.template_context = {
                     'repo_name': None,
                     'repo_type': None,
                     'repo_landing_commit': None,
                     'rhodecode_user': {
                         'username': None,
                         'email': None,
                         'notification_status': False
                     },
                     'session_attrs': session_attrs,
                     'visual': {
                         'default_renderer': None
                     },
                     'commit_data': {
                         'commit_id': None
                     },
                     'pull_request_data': {'pull_request_id': None},
                     'timeago': {
                         'refresh_time': 120 * 1000,
                         'cutoff_limit': 1000 * 60 * 60 * 24 * 7
                     },
                     'pyramid_dispatch': {
                     },
                     'extra': {'plugins': {}}
                 }
                 # END CONFIG VARS
                 if is_api:
                     csrf_token = None
                 else:
                     csrf_token = auth.get_csrf_token(session=request.session)
                 context.csrf_token = csrf_token
                 context.backends = list(rhodecode.BACKENDS.keys())
                 unread_count = 0
                 user_bookmark_list = []
                 if user_id:
                     unread_count = NotificationModel().get_unread_cnt_for_user(user_id)
                     user_bookmark_list = UserBookmark.get_bookmarks_for_user(user_id)
                 context.unread_notifications = unread_count
                 context.bookmark_items = user_bookmark_list
                 # web case
                 if hasattr(request, 'user'):
                     context.auth_user = request.user
                     context.rhodecode_user = request.user
                 # api case
                 if hasattr(request, 'rpc_user'):
                     context.auth_user = request.rpc_user
                     context.rhodecode_user = request.rpc_user
                 # attach the whole call context to the request
                 request.set_call_context(context)
             def get_auth_user(request):
                 environ = request.environ
                 session = request.session
                 ip_addr = get_ip_addr(environ)
                 # make sure that we update permissions each time we call controller
                 _auth_token = (
                         # ?auth_token=XXX
                         request.GET.get('auth_token', '')
                         # ?api_key=XXX !LEGACY
                         or request.GET.get('api_key', '')
                         # or headers....
                         or request.headers.get('X-Rc-Auth-Token', '')
                 )
                 if not _auth_token and request.matchdict:
                     url_auth_token = request.matchdict.get('_auth_token')
                     _auth_token = url_auth_token
                     if _auth_token:
                         log.debug('Using URL extracted auth token `...%s`', _auth_token[-4:])
                 if _auth_token:
                     # when using API_KEY we assume user exists, and
                     # doesn't need auth based on cookies.
                     auth_user = AuthUser(api_key=_auth_token, ip_addr=ip_addr)
                     authenticated = False
                 else:
                     cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
                     try:
                         auth_user = AuthUser(user_id=cookie_store.get('user_id', None),
                                              ip_addr=ip_addr)
                     except UserCreationError as e:
                         h.flash(e, 'error')
                         # container auth or other auth functions that create users
                         # on the fly can throw this exception signaling that there's
                         # issue with user creation, explanation should be provided
                         # in Exception itself. We then create a simple blank
                         # AuthUser
                         auth_user = AuthUser(ip_addr=ip_addr)
                     # in case someone changes a password for user it triggers session
                     # flush and forces a re-login
                     if password_changed(auth_user, session):
                         session.invalidate()
                         cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
                         auth_user = AuthUser(ip_addr=ip_addr)
                     authenticated = cookie_store.get('is_authenticated')
                 if not auth_user.is_authenticated and auth_user.is_user_object:
                     # user is not authenticated and not empty
                     auth_user.set_authenticated(authenticated)
                 return auth_user, _auth_token
             def h_filter(s):
                 """
                 Custom filter for Mako templates. Mako by standard uses `markupsafe.escape`
                 we wrap this with additional functionality that converts None to empty
                 strings
                 """
                 if s is None:
                     return markupsafe.Markup()
                 return markupsafe.escape(s)
             def add_events_routes(config):
                 """
                 Adds routing that can be used in events. Because some events are triggered
                 outside of pyramid context, we need to bootstrap request with some
                 routing registered
                 """
                 from rhodecode.apps._base import ADMIN_PREFIX
                 config.add_route(name='home', pattern='/')
                 config.add_route(name='main_page_repos_data', pattern='/_home_repos')
                 config.add_route(name='main_page_repo_groups_data', pattern='/_home_repo_groups')
                 config.add_route(name='login', pattern=ADMIN_PREFIX + '/login')
                 config.add_route(name='logout', pattern=ADMIN_PREFIX + '/logout')
                 config.add_route(name='repo_summary', pattern='/{repo_name}')
                 config.add_route(name='repo_summary_explicit', pattern='/{repo_name}/summary')
                 config.add_route(name='repo_group_home', pattern='/{repo_group_name}')
                 config.add_route(name='pullrequest_show',
                                  pattern='/{repo_name}/pull-request/{pull_request_id}')
                 config.add_route(name='pull_requests_global',
                                  pattern='/pull-request/{pull_request_id}')
                 config.add_route(name='repo_commit',
                                  pattern='/{repo_name}/changeset/{commit_id}')
                 config.add_route(name='repo_files',
                                  pattern='/{repo_name}/files/{commit_id}/{f_path}')
                 config.add_route(name='hovercard_user',
                                  pattern='/_hovercard/user/{user_id}')
                 config.add_route(name='hovercard_user_group',
                                  pattern='/_hovercard/user_group/{user_group_id}')
                 config.add_route(name='hovercard_pull_request',
                                  pattern='/_hovercard/pull_request/{pull_request_id}')
                 config.add_route(name='hovercard_repo_commit',
                                  pattern='/_hovercard/commit/{repo_name}/{commit_id}')
             def bootstrap_config(request, registry_name='RcTestRegistry'):
                 from rhodecode.config.config_maker import sanitize_settings_and_apply_defaults
                 import pyramid.testing
                 registry = pyramid.testing.Registry(registry_name)
                 global_config = {'__file__': ''}
                 config = pyramid.testing.setUp(registry=registry, request=request)
                 sanitize_settings_and_apply_defaults(global_config, config.registry.settings)
                 # allow pyramid lookup in testing
                 config.include('pyramid_mako')
                 config.include('rhodecode.lib.rc_beaker')
                 config.include('rhodecode.lib.rc_cache')
                 config.include('rhodecode.lib.rc_cache.archive_cache')
                 add_events_routes(config)
                 return config
             def bootstrap_request(**kwargs):
                 """
                 Returns a thin version of Request Object that is used in non-web context like testing/celery
                 """
                 import pyramid.testing
                 from rhodecode.lib.request import ThinRequest as _ThinRequest
                 class ThinRequest(_ThinRequest):
                     application_url = kwargs.pop('application_url', 'http://example.com')
                     host = kwargs.pop('host', 'example.com:80')
                     domain = kwargs.pop('domain', 'example.com')
                 class ThinSession(pyramid.testing.DummySession):
                     def save(*arg, **kw):
                         pass
                 request = ThinRequest(**kwargs)
                 request.session = ThinSession()
                 return request

rhodecode/lib/middleware/simplevcs.py

0 +2 -9

             # Copyright (C) 2014-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             SimpleVCS middleware for handling protocol request (push/clone etc.)
             It's implemented with basic auth function
             """
             import os
             import re
             import io
             import logging
             import importlib
             from functools import wraps
             from lxml import etree
             import time
             from paste.httpheaders import REMOTE_USER, AUTH_TYPE
             from pyramid.httpexceptions import (
                 HTTPNotFound, HTTPForbidden, HTTPNotAcceptable, HTTPInternalServerError)
             from zope.cachedescriptors.property import Lazy as LazyProperty
             import rhodecode
             from rhodecode.authentication.base import authenticate, VCS_TYPE, loadplugin
             from rhodecode.lib import rc_cache
             from rhodecode.lib.auth import AuthUser, HasPermissionAnyMiddleware
             from rhodecode.lib.base import (
                 BasicAuth, get_ip_addr, get_user_agent, vcs_operation_context)
             from rhodecode.lib.exceptions import (UserCreationError, NotAllowedToCreateUserError)
             from rhodecode.lib.hook_daemon.base import prepare_callback_daemon
             from rhodecode.lib.middleware import appenlight
             from rhodecode.lib.middleware.utils import scm_app_http
             from rhodecode.lib.str_utils import safe_bytes
             from rhodecode.lib.utils import is_valid_repo, SLUG_RE
             from rhodecode.lib.utils2 import safe_str, fix_PATH, str2bool
             from rhodecode.lib.vcs.conf import settings as vcs_settings
             from rhodecode.lib.vcs.backends import base
             from rhodecode.model import meta
             from rhodecode.model.db import User, Repository, PullRequest
             from rhodecode.model.scm import ScmModel
             from rhodecode.model.pull_request import PullRequestModel
             from rhodecode.model.settings import SettingsModel, VcsSettingsModel
             log = logging.getLogger(__name__)
             def extract_svn_txn_id(acl_repo_name, data: bytes):
                 """
                 Helper method for extraction of svn txn_id from submitted XML data during
                 POST operations
                 """
                 try:
                     root = etree.fromstring(data)
                     pat = re.compile(r'/txn/(?P<txn_id>.*)')
                     for el in root:
                         if el.tag == '{DAV:}source':
                             for sub_el in el:
                                 if sub_el.tag == '{DAV:}href':
                                     match = pat.search(sub_el.text)
                                     if match:
                                         svn_tx_id = match.groupdict()['txn_id']
                                         txn_id = rc_cache.utils.compute_key_from_params(
                                             acl_repo_name, svn_tx_id)
                                         return txn_id
                 except Exception:
                     log.exception('Failed to extract txn_id')
             def initialize_generator(factory):
                 """
                 Initializes the returned generator by draining its first element.
                 This can be used to give a generator an initializer, which is the code
                 up to the first yield statement. This decorator enforces that the first
                 produced element has the value ``"__init__"`` to make its special
                 purpose very explicit in the using code.
                 """
                 @wraps(factory)
                 def wrapper(*args, **kwargs):
                     gen = factory(*args, **kwargs)
                     try:
                         init = next(gen)
                     except StopIteration:
                         raise ValueError('Generator must yield at least one element.')
                     if init != "__init__":
                         raise ValueError('First yielded element must be "__init__".')
                     return gen
                 return wrapper
             class SimpleVCS(object):
                 """Common functionality for SCM HTTP handlers."""
                 SCM = 'unknown'
                 acl_repo_name = None
                 url_repo_name = None
                 vcs_repo_name = None
                 rc_extras = {}
                 # We have to handle requests to shadow repositories different than requests
                 # to normal repositories. Therefore we have to distinguish them. To do this
                 # we use this regex which will match only on URLs pointing to shadow
                 # repositories.
                 shadow_repo_re = re.compile(
                     '(?P<groups>(?:{slug_pat}/)*)'   # repo groups
                     '(?P<target>{slug_pat})/'        # target repo
                     'pull-request/(?P<pr_id>\\d+)/'  # pull request
                     'repository$'                    # shadow repo
                     .format(slug_pat=SLUG_RE.pattern))
                 def __init__(self, config, registry):
                     self.registry = registry
                     self.config = config
                     # re-populated by specialized middleware
                     self.repo_vcs_config = base.Config()
                     rc_settings = SettingsModel().get_all_settings(cache=True, from_request=False)
                     realm = rc_settings.get('rhodecode_realm') or 'RhodeCode AUTH'
                     # authenticate this VCS request using authfunc
                     auth_ret_code_detection = \
                         str2bool(self.config.get('auth_ret_code_detection', False))
                     self.authenticate = BasicAuth(
                         '', authenticate, registry, config.get('auth_ret_code'),
                         auth_ret_code_detection, rc_realm=realm)
                     self.ip_addr = '0.0.0.0'
                 @LazyProperty
                 def global_vcs_config(self):
                     try:
                         return VcsSettingsModel().get_ui_settings_as_config_obj()
                     except Exception:
                         return base.Config()
                 @property
                 def base_path(self):
-                    settings_path = self.repo_vcs_config.get(*VcsSettingsModel.PATH_SETTING)
+                    settings_path = self.config.get('repo_store.path')
-                    if not settings_path:
-                        settings_path = self.global_vcs_config.get(*VcsSettingsModel.PATH_SETTING)
                     if not settings_path:
-                        # try, maybe we passed in explicitly as config option
+                        raise ValueError('FATAL: repo_store.path is empty')
-                        settings_path = self.config.get('base_path')
-                    if not settings_path:
-                        raise ValueError('FATAL: base_path is empty')
                     return settings_path
                 def set_repo_names(self, environ):
                     """
                     This will populate the attributes acl_repo_name, url_repo_name,
                     vcs_repo_name and is_shadow_repo. In case of requests to normal (non
                     shadow) repositories all names are equal. In case of requests to a
                     shadow repository the acl-name points to the target repo of the pull
                     request and the vcs-name points to the shadow repo file system path.
                     The url-name is always the URL used by the vcs client program.
                     Example in case of a shadow repo:
                         acl_repo_name = RepoGroup/MyRepo
                         url_repo_name = RepoGroup/MyRepo/pull-request/3/repository
                         vcs_repo_name = /repo/base/path/RepoGroup/.__shadow_MyRepo_pr-3'
                     """
                     # First we set the repo name from URL for all attributes. This is the
                     # default if handling normal (non shadow) repo requests.
                     self.url_repo_name = self._get_repository_name(environ)
                     self.acl_repo_name = self.vcs_repo_name = self.url_repo_name
                     self.is_shadow_repo = False
                     # Check if this is a request to a shadow repository.
                     match = self.shadow_repo_re.match(self.url_repo_name)
                     if match:
                         match_dict = match.groupdict()
                         # Build acl repo name from regex match.
                         acl_repo_name = safe_str('{groups}{target}'.format(
                             groups=match_dict['groups'] or '',
                             target=match_dict['target']))
                         # Retrieve pull request instance by ID from regex match.
                         pull_request = PullRequest.get(match_dict['pr_id'])
                         # Only proceed if we got a pull request and if acl repo name from
                         # URL equals the target repo name of the pull request.
                         if pull_request and (acl_repo_name == pull_request.target_repo.repo_name):
                             # Get file system path to shadow repository.
                             workspace_id = PullRequestModel()._workspace_id(pull_request)
                             vcs_repo_name = pull_request.target_repo.get_shadow_repository_path(workspace_id)
                             # Store names for later usage.
                             self.vcs_repo_name = vcs_repo_name
                             self.acl_repo_name = acl_repo_name
                             self.is_shadow_repo = True
                     log.debug('Setting all VCS repository names: %s', {
                         'acl_repo_name': self.acl_repo_name,
                         'url_repo_name': self.url_repo_name,
                         'vcs_repo_name': self.vcs_repo_name,
                     })
                 @property
                 def scm_app(self):
                     custom_implementation = self.config['vcs.scm_app_implementation']
                     if custom_implementation == 'http':
                         log.debug('Using HTTP implementation of scm app.')
                         scm_app_impl = scm_app_http
                     else:
                         log.debug('Using custom implementation of scm_app: "{}"'.format(
                             custom_implementation))
                         scm_app_impl = importlib.import_module(custom_implementation)
                     return scm_app_impl
                 def _get_by_id(self, repo_name):
                     """
                     Gets a special pattern _<ID> from clone url and tries to replace it
                     with a repository_name for support of _<ID> non changeable urls
                     """
                     data = repo_name.split('/')
                     if len(data) >= 2:
                         from rhodecode.model.repo import RepoModel
                         by_id_match = RepoModel().get_repo_by_id(repo_name)
                         if by_id_match:
                             data[1] = by_id_match.repo_name
                     # Because PEP-3333-WSGI uses bytes-tunneled-in-latin-1 as PATH_INFO
                     # and we use this data
                     maybe_new_path = '/'.join(data)
                     return safe_bytes(maybe_new_path).decode('latin1')
                 def _invalidate_cache(self, repo_name):
                     """
                     Set's cache for this repository for invalidation on next access
                     :param repo_name: full repo name, also a cache key
                     """
                     ScmModel().mark_for_invalidation(repo_name)
                 def is_valid_and_existing_repo(self, repo_name, base_path, scm_type):
                     db_repo = Repository.get_by_repo_name(repo_name)
                     if not db_repo:
                         log.debug('Repository `%s` not found inside the database.',
                                   repo_name)
                         return False
                     if db_repo.repo_type != scm_type:
                         log.warning(
                             'Repository `%s` have incorrect scm_type, expected %s got %s',
                             repo_name, db_repo.repo_type, scm_type)
                         return False
                     config = db_repo._config
                     config.set('extensions', 'largefiles', '')
                     return is_valid_repo(
                         repo_name, base_path,
                         explicit_scm=scm_type, expect_scm=scm_type, config=config)
                 def valid_and_active_user(self, user):
                     """
                     Checks if that user is not empty, and if it's actually object it checks
                     if he's active.
                     :param user: user object or None
                     :return: boolean
                     """
                     if user is None:
                         return False
                     elif user.active:
                         return True
                     return False
                 @property
                 def is_shadow_repo_dir(self):
                     return os.path.isdir(self.vcs_repo_name)
                 def _check_permission(self, action, user, auth_user, repo_name, ip_addr=None,
                                       plugin_id='', plugin_cache_active=False, cache_ttl=0):
                     """
                     Checks permissions using action (push/pull) user and repository
                     name. If plugin_cache and ttl is set it will use the plugin which
                     authenticated the user to store the cached permissions result for N
                     amount of seconds as in cache_ttl
                     :param action: push or pull action
                     :param user: user instance
                     :param repo_name: repository name
                     """
                     log.debug('AUTH_CACHE_TTL for permissions `%s` active: %s (TTL: %s)',
                               plugin_id, plugin_cache_active, cache_ttl)
                     user_id = user.user_id
                     cache_namespace_uid = f'cache_user_auth.{rc_cache.PERMISSIONS_CACHE_VER}.{user_id}'
                     region = rc_cache.get_or_create_region('cache_perms', cache_namespace_uid)
                     @region.conditional_cache_on_arguments(namespace=cache_namespace_uid,
                                                            expiration_time=cache_ttl,
                                                            condition=plugin_cache_active)
                     def compute_perm_vcs(
                             cache_name, plugin_id, action, user_id, repo_name, ip_addr):
                         log.debug('auth: calculating permission access now...')
                         # check IP
                         inherit = user.inherit_default_permissions
                         ip_allowed = AuthUser.check_ip_allowed(
                             user_id, ip_addr, inherit_from_default=inherit)
                         if ip_allowed:
                             log.info('Access for IP:%s allowed', ip_addr)
                         else:
                             return False
                         if action == 'push':
                             perms = ('repository.write', 'repository.admin')
                             if not HasPermissionAnyMiddleware(*perms)(auth_user, repo_name):
                                 return False
                         else:
                             # any other action need at least read permission
                             perms = (
                                 'repository.read', 'repository.write', 'repository.admin')
                             if not HasPermissionAnyMiddleware(*perms)(auth_user, repo_name):
                                 return False
                         return True
                     start = time.time()
                     log.debug('Running plugin `%s` permissions check', plugin_id)
                     # for environ based auth, password can be empty, but then the validation is
                     # on the server that fills in the env data needed for authentication
                     perm_result = compute_perm_vcs(
                         'vcs_permissions', plugin_id, action, user.user_id, repo_name, ip_addr)
                     auth_time = time.time() - start
                     log.debug('Permissions for plugin `%s` completed in %.4fs, '
                               'expiration time of fetched cache %.1fs.',
                               plugin_id, auth_time, cache_ttl)
                     return perm_result
                 def _get_http_scheme(self, environ):
                     try:
                         return environ['wsgi.url_scheme']
                     except Exception:
                         log.exception('Failed to read http scheme')
                         return 'http'
                 def _check_ssl(self, environ, start_response):
                     """
                     Checks the SSL check flag and returns False if SSL is not present
                     and required True otherwise
                     """
                     org_proto = environ['wsgi._org_proto']
                     # check if we have SSL required  ! if not it's a bad request !
                     require_ssl = str2bool(self.repo_vcs_config.get('web', 'push_ssl'))
                     if require_ssl and org_proto == 'http':
                         log.debug(
                             'Bad request: detected protocol is `%s` and '
                             'SSL/HTTPS is required.', org_proto)
                         return False
                     return True
                 def _get_default_cache_ttl(self):
                     # take AUTH_CACHE_TTL from the `rhodecode` auth plugin
                     plugin = loadplugin('egg:rhodecode-enterprise-ce#rhodecode')
                     plugin_settings = plugin.get_settings()
                     plugin_cache_active, cache_ttl = plugin.get_ttl_cache(
                         plugin_settings) or (False, 0)
                     return plugin_cache_active, cache_ttl
                 def __call__(self, environ, start_response):
                     try:
                         return self._handle_request(environ, start_response)
                     except Exception:
                         log.exception("Exception while handling request")
                         appenlight.track_exception(environ)
                         return HTTPInternalServerError()(environ, start_response)
                     finally:
                         meta.Session.remove()
                 def _handle_request(self, environ, start_response):
                     if not self._check_ssl(environ, start_response):
                         reason = ('SSL required, while RhodeCode was unable '
                                   'to detect this as SSL request')
                         log.debug('User not allowed to proceed, %s', reason)
                         return HTTPNotAcceptable(reason)(environ, start_response)
                     if not self.url_repo_name:
                         log.warning('Repository name is empty: %s', self.url_repo_name)
                         # failed to get repo name, we fail now
                         return HTTPNotFound()(environ, start_response)
                     log.debug('Extracted repo name is %s', self.url_repo_name)
                     ip_addr = get_ip_addr(environ)
                     user_agent = get_user_agent(environ)
                     username = None
                     # skip passing error to error controller
                     environ['pylons.status_code_redirect'] = True
                     # ======================================================================
                     # GET ACTION PULL or PUSH
                     # ======================================================================
                     action = self._get_action(environ)
                     # ======================================================================
                     # Check if this is a request to a shadow repository of a pull request.
                     # In this case only pull action is allowed.
                     # ======================================================================
                     if self.is_shadow_repo and action != 'pull':
                         reason = 'Only pull action is allowed for shadow repositories.'
                         log.debug('User not allowed to proceed, %s', reason)
                         return HTTPNotAcceptable(reason)(environ, start_response)
                     # Check if the shadow repo actually exists, in case someone refers
                     # to it, and it has been deleted because of successful merge.
                     if self.is_shadow_repo and not self.is_shadow_repo_dir:
                         log.debug(
                             'Shadow repo detected, and shadow repo dir `%s` is missing',
                             self.is_shadow_repo_dir)
                         return HTTPNotFound()(environ, start_response)
                     # ======================================================================
                     # CHECK ANONYMOUS PERMISSION
                     # ======================================================================
                     detect_force_push = False
                     check_branch_perms = False
                     if action in ['pull', 'push']:
                         user_obj = anonymous_user = User.get_default_user()
                         auth_user = user_obj.AuthUser()
                         username = anonymous_user.username
                         if anonymous_user.active:
                             plugin_cache_active, cache_ttl = self._get_default_cache_ttl()
                             # ONLY check permissions if the user is activated
                             anonymous_perm = self._check_permission(
                                 action, anonymous_user, auth_user, self.acl_repo_name, ip_addr,
                                 plugin_id='anonymous_access',
                                 plugin_cache_active=plugin_cache_active,
                                 cache_ttl=cache_ttl,
                             )
                         else:
                             anonymous_perm = False
                         if not anonymous_user.active or not anonymous_perm:
                             if not anonymous_user.active:
                                 log.debug('Anonymous access is disabled, running '
                                           'authentication')
                             if not anonymous_perm:
                                 log.debug('Not enough credentials to access repo: `%s` '
                                           'repository as anonymous user', self.acl_repo_name)
                             username = None
                             # ==============================================================
                             # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE
                             # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS
                             # ==============================================================
                             # try to auth based on environ, container auth methods
                             log.debug('Running PRE-AUTH for container|headers based authentication')
                             # headers auth, by just reading special headers and bypass the auth with user/passwd
                             pre_auth = authenticate(
                                 '', '', environ, VCS_TYPE, registry=self.registry,
                                 acl_repo_name=self.acl_repo_name)
                             if pre_auth and pre_auth.get('username'):
                                 username = pre_auth['username']
                             log.debug('PRE-AUTH got `%s` as username', username)
                             if pre_auth:
                                 log.debug('PRE-AUTH successful from %s',
                                           pre_auth.get('auth_data', {}).get('_plugin'))
                             # If not authenticated by the container, running basic auth
                             # before inject the calling repo_name for special scope checks
                             self.authenticate.acl_repo_name = self.acl_repo_name
                             plugin_cache_active, cache_ttl = False, 0
                             plugin = None
                             # regular auth chain
                             if not username:
                                 self.authenticate.realm = self.authenticate.get_rc_realm()
                                 try:
                                     auth_result = self.authenticate(environ)
                                 except (UserCreationError, NotAllowedToCreateUserError) as e:
                                     log.error(e)
                                     reason = safe_str(e)
                                     return HTTPNotAcceptable(reason)(environ, start_response)
                                 if isinstance(auth_result, dict):
                                     AUTH_TYPE.update(environ, 'basic')
                                     REMOTE_USER.update(environ, auth_result['username'])
                                     username = auth_result['username']
                                     plugin = auth_result.get('auth_data', {}).get('_plugin')
                                     log.info(
                                         'MAIN-AUTH successful for user `%s` from %s plugin',
                                         username, plugin)
                                     plugin_cache_active, cache_ttl = auth_result.get(
                                         'auth_data', {}).get('_ttl_cache') or (False, 0)
                                 else:
                                     return auth_result.wsgi_application(environ, start_response)
                             # ==============================================================
                             # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME
                             # ==============================================================
                             user = User.get_by_username(username)
                             if not self.valid_and_active_user(user):
                                 return HTTPForbidden()(environ, start_response)
                             username = user.username
                             user_id = user.user_id
                             # check user attributes for password change flag
                             user_obj = user
                             auth_user = user_obj.AuthUser()
                             if user_obj and user_obj.username != User.DEFAULT_USER and \
                                     user_obj.user_data.get('force_password_change'):
                                 reason = 'password change required'
                                 log.debug('User not allowed to authenticate, %s', reason)
                                 return HTTPNotAcceptable(reason)(environ, start_response)
                             # check permissions for this repository
                             perm = self._check_permission(
                                 action, user, auth_user, self.acl_repo_name, ip_addr,
                                 plugin, plugin_cache_active, cache_ttl)
                             if not perm:
                                 return HTTPForbidden()(environ, start_response)
                             environ['rc_auth_user_id'] = str(user_id)
                         if action == 'push':
                             perms = auth_user.get_branch_permissions(self.acl_repo_name)
                             if perms:
                                 check_branch_perms = True
                                 detect_force_push = True
                     # extras are injected into UI object and later available
                     # in hooks executed by RhodeCode
                     check_locking = _should_check_locking(environ.get('QUERY_STRING'))
                     extras = vcs_operation_context(
                         environ, repo_name=self.acl_repo_name, username=username,
                         action=action, scm=self.SCM, check_locking=check_locking,
                         is_shadow_repo=self.is_shadow_repo, check_branch_perms=check_branch_perms,
                         detect_force_push=detect_force_push
                     )
                     # ======================================================================
                     # REQUEST HANDLING
                     # ======================================================================
                     repo_path = os.path.join(
                         safe_str(self.base_path), safe_str(self.vcs_repo_name))
                     log.debug('Repository path is %s', repo_path)
                     fix_PATH()
                     log.info(
                         '%s action on %s repo "%s" by "%s" from %s %s',
                         action, self.SCM, safe_str(self.url_repo_name),
                         safe_str(username), ip_addr, user_agent)
                     return self._generate_vcs_response(
                         environ, start_response, repo_path, extras, action)
                 @initialize_generator
                 def _generate_vcs_response(
                         self, environ, start_response, repo_path, extras, action):
                     """
                     Returns a generator for the response content.
                     This method is implemented as a generator, so that it can trigger
                     the cache validation after all content sent back to the client. It
                     also handles the locking exceptions which will be triggered when
                     the first chunk is produced by the underlying WSGI application.
                     """
                     txn_id = ''
                     if 'CONTENT_LENGTH' in environ and environ['REQUEST_METHOD'] == 'MERGE':
                         # case for SVN, we want to re-use the callback daemon port
                         # so we use the txn_id, for this we peek the body, and still save
                         # it as wsgi.input
                         stream = environ['wsgi.input']
                         if isinstance(stream, io.BytesIO):
                             data: bytes = stream.getvalue()
                         elif hasattr(stream, 'buf'):  # most likely gunicorn.http.body.Body
                             data: bytes = stream.buf.getvalue()
                         else:
                             # fallback to the crudest way, copy the iterator
                             data = safe_bytes(stream.read())
                             environ['wsgi.input'] = io.BytesIO(data)
                         txn_id = extract_svn_txn_id(self.acl_repo_name, data)
                     callback_daemon, extras = self._prepare_callback_daemon(
                         extras, environ, action, txn_id=txn_id)
                     log.debug('HOOKS extras is %s', extras)
                     http_scheme = self._get_http_scheme(environ)
                     config = self._create_config(extras, self.acl_repo_name, scheme=http_scheme)
                     app = self._create_wsgi_app(repo_path, self.url_repo_name, config)
                     with callback_daemon:
                         app.rc_extras = extras
                         try:
                             response = app(environ, start_response)
                         finally:
                             # This statement works together with the decorator
                             # "initialize_generator" above. The decorator ensures that
                             # we hit the first yield statement before the generator is
                             # returned back to the WSGI server. This is needed to
                             # ensure that the call to "app" above triggers the
                             # needed callback to "start_response" before the
                             # generator is actually used.
                             yield "__init__"
                         # iter content
                         for chunk in response:
                             yield chunk
                         try:
                             # invalidate cache on push
                             if action == 'push':
                                 self._invalidate_cache(self.url_repo_name)
                         finally:
                             meta.Session.remove()
                 def _get_repository_name(self, environ):
                     """Get repository name out of the environmnent
                     :param environ: WSGI environment
                     """
                     raise NotImplementedError()
                 def _get_action(self, environ):
                     """Map request commands into a pull or push command.
                     :param environ: WSGI environment
                     """
                     raise NotImplementedError()
                 def _create_wsgi_app(self, repo_path, repo_name, config):
                     """Return the WSGI app that will finally handle the request."""
                     raise NotImplementedError()
                 def _create_config(self, extras, repo_name, scheme='http'):
                     """Create a safe config representation."""
                     raise NotImplementedError()
                 def _should_use_callback_daemon(self, extras, environ, action):
                     if extras.get('is_shadow_repo'):
                         # we don't want to execute hooks, and callback daemon for shadow repos
                         return False
                     return True
                 def _prepare_callback_daemon(self, extras, environ, action, txn_id=None):
                     protocol = vcs_settings.HOOKS_PROTOCOL
                     if not self._should_use_callback_daemon(extras, environ, action):
                         # disable callback daemon for actions that don't require it
                         protocol = 'local'
                     return prepare_callback_daemon(
                         extras, protocol=protocol,
                         host=vcs_settings.HOOKS_HOST, txn_id=txn_id)
             def _should_check_locking(query_string):
                 # this is kind of hacky, but due to how mercurial handles client-server
                 # server see all operation on commit; bookmarks, phases and
                 # obsolescence marker in different transaction, we don't want to check
                 # locking on those
                 return query_string not in ['cmd=listkeys']

rhodecode/lib/system_info.py

0 +6 -7

             # Copyright (C) 2017-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import sys
             import time
             import platform
             import collections
             import psutil
             from functools import wraps
             import pkg_resources
             import logging
             import resource
             import configparser
             from rc_license.models import LicenseModel
             from rhodecode.lib.str_utils import safe_str
             log = logging.getLogger(__name__)
             _NA = 'NOT AVAILABLE'
             _NA_FLOAT = 0.0
             STATE_OK = 'ok'
             STATE_ERR = 'error'
             STATE_WARN = 'warning'
             STATE_OK_DEFAULT = {'message': '', 'type': STATE_OK}
             registered_helpers = {}
             def register_sysinfo(func):
                 """
                 @register_helper
                 def db_check():
                     pass
                 db_check == registered_helpers['db_check']
                 """
                 global registered_helpers
                 registered_helpers[func.__name__] = func
                 @wraps(func)
                 def _wrapper(*args, **kwargs):
                     return func(*args, **kwargs)
                 return _wrapper
             # HELPERS
             def percentage(part: (int, float), whole: (int, float)):
                 whole = float(whole)
                 if whole > 0:
                     return round(100 * float(part) / whole, 1)
                 return 0.0
             def get_storage_size(storage_path):
                 sizes = []
                 for file_ in os.listdir(storage_path):
                     storage_file = os.path.join(storage_path, file_)
                     if os.path.isfile(storage_file):
                         try:
                             sizes.append(os.path.getsize(storage_file))
                         except OSError:
                             log.exception('Failed to get size of storage file %s', storage_file)
                             pass
                 return sum(sizes)
             def get_resource(resource_type):
                 try:
                     return resource.getrlimit(resource_type)
                 except Exception:
                     return 'NOT_SUPPORTED'
             def get_cert_path(ini_path):
                 default = '/etc/ssl/certs/ca-certificates.crt'
                 control_ca_bundle = os.path.join(
                     os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(ini_path)))),
                     '.rccontrol-profile/etc/ca-bundle.crt')
                 if os.path.isfile(control_ca_bundle):
                     default = control_ca_bundle
                 return default
             class SysInfoRes(object):
                 def __init__(self, value, state=None, human_value=None):
                     self.value = value
                     self.state = state or STATE_OK_DEFAULT
                     self.human_value = human_value or value
                 def __json__(self):
                     return {
                         'value': self.value,
                         'state': self.state,
                         'human_value': self.human_value,
                     }
                 def get_value(self):
                     return self.__json__()
                 def __str__(self):
                     return f'<SysInfoRes({self.__json__()})>'
             class SysInfo(object):
                 def __init__(self, func_name, **kwargs):
                     self.function_name = func_name
                     self.value = _NA
                     self.state = None
                     self.kwargs = kwargs or {}
                 def __call__(self):
                     computed = self.compute(**self.kwargs)
                     if not isinstance(computed, SysInfoRes):
                         raise ValueError(
                             'computed value for {} is not instance of '
                             '{}, got {} instead'.format(
                                 self.function_name, SysInfoRes, type(computed)))
                     return computed.__json__()
                 def __str__(self):
                     return f'<SysInfo({self.function_name})>'
                 def compute(self, **kwargs):
                     return self.function_name(**kwargs)
             # SysInfo functions
             @register_sysinfo
             def python_info():
                 value = dict(version=f'{platform.python_version()}:{platform.python_implementation()}',
                              executable=sys.executable)
                 return SysInfoRes(value=value)
             @register_sysinfo
             def py_modules():
                 mods = dict([(p.project_name, {'version': p.version, 'location': p.location})
                              for p in pkg_resources.working_set])
                 value = sorted(mods.items(), key=lambda k: k[0].lower())
                 return SysInfoRes(value=value)
             @register_sysinfo
             def platform_type():
                 from rhodecode.lib.utils import generate_platform_uuid
                 value = dict(
                     name=safe_str(platform.platform()),
                     uuid=generate_platform_uuid()
                 )
                 return SysInfoRes(value=value)
             @register_sysinfo
             def locale_info():
                 import locale
                 def safe_get_locale(locale_name):
                     try:
                         locale.getlocale(locale_name)
                     except TypeError:
                         return f'FAILED_LOCALE_GET:{locale_name}'
                 value = dict(
                     locale_default=locale.getlocale(),
                     locale_lc_all=safe_get_locale(locale.LC_ALL),
                     locale_lc_ctype=safe_get_locale(locale.LC_CTYPE),
                     lang_env=os.environ.get('LANG'),
                     lc_all_env=os.environ.get('LC_ALL'),
                     local_archive_env=os.environ.get('LOCALE_ARCHIVE'),
                 )
                 human_value = \
                     f"LANG: {value['lang_env']}, \
                       locale LC_ALL: {value['locale_lc_all']},  \
                       locale LC_CTYPE: {value['locale_lc_ctype']},  \
                       Default locales: {value['locale_default']}"
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def ulimit_info():
                 data = collections.OrderedDict([
                     ('cpu time (seconds)', get_resource(resource.RLIMIT_CPU)),
                     ('file size', get_resource(resource.RLIMIT_FSIZE)),
                     ('stack size', get_resource(resource.RLIMIT_STACK)),
                     ('core file size', get_resource(resource.RLIMIT_CORE)),
                     ('address space size', get_resource(resource.RLIMIT_AS)),
                     ('locked in mem size', get_resource(resource.RLIMIT_MEMLOCK)),
                     ('heap size', get_resource(resource.RLIMIT_DATA)),
                     ('rss size', get_resource(resource.RLIMIT_RSS)),
                     ('number of processes', get_resource(resource.RLIMIT_NPROC)),
                     ('open files', get_resource(resource.RLIMIT_NOFILE)),
                 ])
                 text = ', '.join(f'{k}:{v}' for k, v in data.items())
                 value = {
                     'limits': data,
                     'text': text,
                 }
                 return SysInfoRes(value=value)
             @register_sysinfo
             def uptime():
                 from rhodecode.lib.helpers import age, time_to_datetime
                 from rhodecode.translation import TranslationString
                 value = dict(boot_time=0, uptime=0, text='')
                 state = STATE_OK_DEFAULT
                 boot_time = psutil.boot_time()
                 value['boot_time'] = boot_time
                 value['uptime'] = time.time() - boot_time
                 date_or_age = age(time_to_datetime(boot_time))
                 if isinstance(date_or_age, TranslationString):
                     date_or_age = date_or_age.interpolate()
                 human_value = value.copy()
                 human_value['boot_time'] = time_to_datetime(boot_time)
                 human_value['uptime'] = age(time_to_datetime(boot_time), show_suffix=False)
                 human_value['text'] = f'Server started {date_or_age}'
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def memory():
                 from rhodecode.lib.helpers import format_byte_size_binary
                 value = dict(available=0, used=0, used_real=0, cached=0, percent=0,
                              percent_used=0, free=0, inactive=0, active=0, shared=0,
                              total=0, buffers=0, text='')
                 state = STATE_OK_DEFAULT
                 value.update(dict(psutil.virtual_memory()._asdict()))
                 value['used_real'] = value['total'] - value['available']
                 value['percent_used'] = psutil._common.usage_percent(value['used_real'], value['total'], 1)
                 human_value = value.copy()
                 human_value['text'] = '{}/{}, {}% used'.format(
                     format_byte_size_binary(value['used_real']),
                     format_byte_size_binary(value['total']),
                     value['percent_used'])
                 keys = list(value.keys())[::]
                 keys.pop(keys.index('percent'))
                 keys.pop(keys.index('percent_used'))
                 keys.pop(keys.index('text'))
                 for k in keys:
                     human_value[k] = format_byte_size_binary(value[k])
                 if state['type'] == STATE_OK and value['percent_used'] > 90:
                     msg = 'Critical: your available RAM memory is very low.'
                     state = {'message': msg, 'type': STATE_ERR}
                 elif state['type'] == STATE_OK and value['percent_used'] > 70:
                     msg = 'Warning: your available RAM memory is running low.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def machine_load():
                 value = {'1_min': _NA_FLOAT, '5_min': _NA_FLOAT, '15_min': _NA_FLOAT, 'text': ''}
                 state = STATE_OK_DEFAULT
                 # load averages
                 if hasattr(psutil.os, 'getloadavg'):
                     value.update(dict(
                         list(zip(['1_min', '5_min', '15_min'], psutil.os.getloadavg()))
                     ))
                 human_value = value.copy()
                 human_value['text'] = '1min: {}, 5min: {}, 15min: {}'.format(
                     value['1_min'], value['5_min'], value['15_min'])
                 if state['type'] == STATE_OK and value['15_min'] > 5.0:
                     msg = 'Warning: your machine load is very high.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def cpu():
                 value = {'cpu': 0, 'cpu_count': 0, 'cpu_usage': []}
                 state = STATE_OK_DEFAULT
                 value['cpu'] = psutil.cpu_percent(0.5)
                 value['cpu_usage'] = psutil.cpu_percent(0.5, percpu=True)
                 value['cpu_count'] = psutil.cpu_count()
                 human_value = value.copy()
                 human_value['text'] = '{} cores at {} %'.format(value['cpu_count'], value['cpu'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage():
                 from rhodecode.lib.helpers import format_byte_size_binary
-                from rhodecode.model.settings import VcsSettingsModel
+                from rhodecode.lib.utils import get_rhodecode_repo_store_path
-                path = VcsSettingsModel().get_repos_location()
+                path = get_rhodecode_repo_store_path()
                 value = dict(percent=0, used=0, total=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     value.update(dict(psutil.disk_usage(path)._asdict()))
                 except Exception as e:
                     log.exception('Failed to fetch disk info')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{}/{}, {}% used".format(
                     format_byte_size_binary(value['used']),
                     format_byte_size_binary(value['total']),
                     value['percent'])
                 if state['type'] == STATE_OK and value['percent'] > 90:
                     msg = 'Critical: your disk space is very low.'
                     state = {'message': msg, 'type': STATE_ERR}
                 elif state['type'] == STATE_OK and value['percent'] > 70:
                     msg = 'Warning: your disk space is running low.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_inodes():
-                from rhodecode.model.settings import VcsSettingsModel
+                from rhodecode.lib.utils import get_rhodecode_repo_store_path
-                path = VcsSettingsModel().get_repos_location()
+                path = get_rhodecode_repo_store_path()
                 value = dict(percent=0.0, free=0, used=0, total=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     i_stat = os.statvfs(path)
                     value['free'] = i_stat.f_ffree
                     value['used'] = i_stat.f_files-i_stat.f_favail
                     value['total'] = i_stat.f_files
                     value['percent'] = percentage(value['used'], value['total'])
                 except Exception as e:
                     log.exception('Failed to fetch disk inodes info')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['text'] = "{}/{}, {}% used".format(
                     value['used'], value['total'], value['percent'])
                 if state['type'] == STATE_OK and value['percent'] > 90:
                     msg = 'Critical: your disk free inodes are very low.'
                     state = {'message': msg, 'type': STATE_ERR}
                 elif state['type'] == STATE_OK and value['percent'] > 70:
                     msg = 'Warning: your disk free inodes are running low.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_archives():
                 import rhodecode
                 from rhodecode.lib.utils import safe_str
                 from rhodecode.lib.helpers import format_byte_size_binary
                 msg = 'Archive cache storage is controlled by ' \
                       'archive_cache.store_dir=/path/to/cache option in the .ini file'
                 path = safe_str(rhodecode.CONFIG.get('archive_cache.store_dir', msg))
                 value = dict(percent=0, used=0, total=0, items=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     items_count = 0
                     used = 0
                     for root, dirs, files in os.walk(path):
                         if root == path:
                             items_count = len(dirs)
                         for f in files:
                             try:
                                 used += os.path.getsize(os.path.join(root, f))
                             except OSError:
                                 pass
                     value.update({
                         'percent': 100,
                         'used': used,
                         'total': used,
                         'items': items_count
                     })
                 except Exception as e:
                     log.exception('failed to fetch archive cache storage')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{} ({} items)".format(
                     human_value['used'], value['items'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_gist():
                 from rhodecode.model.gist import GIST_STORE_LOC
-                from rhodecode.model.settings import VcsSettingsModel
+                from rhodecode.lib.utils import safe_str, get_rhodecode_repo_store_path
-                from rhodecode.lib.utils import safe_str
                 from rhodecode.lib.helpers import format_byte_size_binary
                 path = safe_str(os.path.join(
-                    VcsSettingsModel().get_repos_location(), GIST_STORE_LOC))
+                    get_rhodecode_repo_store_path(), GIST_STORE_LOC))
                 # gist storage
                 value = dict(percent=0, used=0, total=0, items=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     items_count = 0
                     used = 0
                     for root, dirs, files in os.walk(path):
                         if root == path:
                             items_count = len(dirs)
                         for f in files:
                             try:
                                 used += os.path.getsize(os.path.join(root, f))
                             except OSError:
                                 pass
                     value.update({
                         'percent': 100,
                         'used': used,
                         'total': used,
                         'items': items_count
                     })
                 except Exception as e:
                     log.exception('failed to fetch gist storage items')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{} ({} items)".format(
                     human_value['used'], value['items'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_temp():
                 import tempfile
                 from rhodecode.lib.helpers import format_byte_size_binary
                 path = tempfile.gettempdir()
                 value = dict(percent=0, used=0, total=0, items=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 if not psutil:
                     return SysInfoRes(value=value, state=state)
                 try:
                     value.update(dict(psutil.disk_usage(path)._asdict()))
                 except Exception as e:
                     log.exception('Failed to fetch temp dir info')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{}/{}, {}% used".format(
                     format_byte_size_binary(value['used']),
                     format_byte_size_binary(value['total']),
                     value['percent'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def search_info():
                 import rhodecode
                 from rhodecode.lib.index import searcher_from_config
                 backend = rhodecode.CONFIG.get('search.module', '')
                 location = rhodecode.CONFIG.get('search.location', '')
                 try:
                     searcher = searcher_from_config(rhodecode.CONFIG)
                     searcher = searcher.__class__.__name__
                 except Exception:
                     searcher = None
                 value = dict(
                     backend=backend, searcher=searcher, location=location, text='')
                 state = STATE_OK_DEFAULT
                 human_value = value.copy()
                 human_value['text'] = "backend:`{}`".format(human_value['backend'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def git_info():
                 from rhodecode.lib.vcs.backends import git
                 state = STATE_OK_DEFAULT
                 value = human_value = ''
                 try:
                     value = git.discover_git_version(raise_on_exc=True)
                     human_value = f'version reported from VCSServer: {value}'
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def hg_info():
                 from rhodecode.lib.vcs.backends import hg
                 state = STATE_OK_DEFAULT
                 value = human_value = ''
                 try:
                     value = hg.discover_hg_version(raise_on_exc=True)
                     human_value = f'version reported from VCSServer: {value}'
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def svn_info():
                 from rhodecode.lib.vcs.backends import svn
                 state = STATE_OK_DEFAULT
                 value = human_value = ''
                 try:
                     value = svn.discover_svn_version(raise_on_exc=True)
                     human_value = f'version reported from VCSServer: {value}'
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def vcs_backends():
                 import rhodecode
                 value = rhodecode.CONFIG.get('vcs.backends')
                 human_value = 'Enabled backends in order: {}'.format(','.join(value))
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def vcs_server():
                 import rhodecode
                 from rhodecode.lib.vcs.backends import get_vcsserver_service_data
                 server_url = rhodecode.CONFIG.get('vcs.server')
                 enabled = rhodecode.CONFIG.get('vcs.server.enable')
                 protocol = rhodecode.CONFIG.get('vcs.server.protocol') or 'http'
                 state = STATE_OK_DEFAULT
                 version = None
                 workers = 0
                 try:
                     data = get_vcsserver_service_data()
                     if data and 'version' in data:
                         version = data['version']
                     if data and 'config' in data:
                         conf = data['config']
                         workers = conf.get('workers', 'NOT AVAILABLE')
                     connection = 'connected'
                 except Exception as e:
                     connection = 'failed'
                     state = {'message': str(e), 'type': STATE_ERR}
                 value = dict(
                     url=server_url,
                     enabled=enabled,
                     protocol=protocol,
                     connection=connection,
                     version=version,
                     text='',
                 )
                 human_value = value.copy()
                 human_value['text'] = \
                     '{url}@ver:{ver} via {mode} mode[workers:{workers}], connection:{conn}'.format(
                         url=server_url, ver=version, workers=workers, mode=protocol,
                         conn=connection)
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def vcs_server_config():
                 from rhodecode.lib.vcs.backends import get_vcsserver_service_data
                 state = STATE_OK_DEFAULT
                 value = {}
                 try:
                     data = get_vcsserver_service_data()
                     value = data['app_config']
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['text'] = 'VCS Server config'
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def rhodecode_app_info():
                 import rhodecode
                 edition = rhodecode.CONFIG.get('rhodecode.edition')
                 value = dict(
                     rhodecode_version=rhodecode.__version__,
                     rhodecode_lib_path=os.path.abspath(rhodecode.__file__),
                     text=''
                 )
                 human_value = value.copy()
                 human_value['text'] = 'RhodeCode {edition}, version {ver}'.format(
                     edition=edition, ver=value['rhodecode_version']
                 )
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def rhodecode_config():
                 import rhodecode
                 path = rhodecode.CONFIG.get('__file__')
                 rhodecode_ini_safe = rhodecode.CONFIG.copy()
                 cert_path = get_cert_path(path)
                 try:
                     config = configparser.ConfigParser()
                     config.read(path)
                     parsed_ini = config
                     if parsed_ini.has_section('server:main'):
                         parsed_ini = dict(parsed_ini.items('server:main'))
                 except Exception:
                     log.exception('Failed to read .ini file for display')
                     parsed_ini = {}
                 rhodecode_ini_safe['server:main'] = parsed_ini
                 blacklist = [
                     f'rhodecode_{LicenseModel.LICENSE_DB_KEY}',
                     'routes.map',
                     'sqlalchemy.db1.url',
                     'channelstream.secret',
                     'beaker.session.secret',
                     'rhodecode.encrypted_values.secret',
                     'rhodecode_auth_github_consumer_key',
                     'rhodecode_auth_github_consumer_secret',
                     'rhodecode_auth_google_consumer_key',
                     'rhodecode_auth_google_consumer_secret',
                     'rhodecode_auth_bitbucket_consumer_secret',
                     'rhodecode_auth_bitbucket_consumer_key',
                     'rhodecode_auth_twitter_consumer_secret',
                     'rhodecode_auth_twitter_consumer_key',
                     'rhodecode_auth_twitter_secret',
                     'rhodecode_auth_github_secret',
                     'rhodecode_auth_google_secret',
                     'rhodecode_auth_bitbucket_secret',
                     'appenlight.api_key',
                     ('app_conf', 'sqlalchemy.db1.url')
                 ]
                 for k in blacklist:
                     if isinstance(k, tuple):
                         section, key = k
                         if section in rhodecode_ini_safe:
                             rhodecode_ini_safe[section] = '**OBFUSCATED**'
                     else:
                         rhodecode_ini_safe.pop(k, None)
                 # TODO: maybe put some CONFIG checks here ?
                 return SysInfoRes(value={'config': rhodecode_ini_safe,
                                          'path': path, 'cert_path': cert_path})
             @register_sysinfo
             def database_info():
                 import rhodecode
                 from sqlalchemy.engine import url as engine_url
                 from rhodecode.model import meta
                 from rhodecode.model.meta import Session
                 from rhodecode.model.db import DbMigrateVersion
                 state = STATE_OK_DEFAULT
                 db_migrate = DbMigrateVersion.query().filter(
                     DbMigrateVersion.repository_id == 'rhodecode_db_migrations').one()
                 db_url_obj = engine_url.make_url(rhodecode.CONFIG['sqlalchemy.db1.url'])
                 try:
                     engine = meta.get_engine()
                     db_server_info = engine.dialect._get_server_version_info(
                         Session.connection(bind=engine))
                     db_version = '.'.join(map(str, db_server_info))
                 except Exception:
                     log.exception('failed to fetch db version')
                     db_version = 'UNKNOWN'
                 db_info = dict(
                     migrate_version=db_migrate.version,
                     type=db_url_obj.get_backend_name(),
                     version=db_version,
                     url=repr(db_url_obj)
                 )
                 current_version = db_migrate.version
                 expected_version = rhodecode.__dbversion__
                 if state['type'] == STATE_OK and current_version != expected_version:
                     msg = 'Critical: database schema mismatch, ' \
                           'expected version {}, got {}. ' \
                           'Please run migrations on your database.'.format(
                         expected_version, current_version)
                     state = {'message': msg, 'type': STATE_ERR}
                 human_value = db_info.copy()
                 human_value['url'] = "{} @ migration version: {}".format(
                     db_info['url'], db_info['migrate_version'])
                 human_value['version'] = "{} {}".format(db_info['type'], db_info['version'])
                 return SysInfoRes(value=db_info, state=state, human_value=human_value)
             @register_sysinfo
             def server_info(environ):
                 import rhodecode
                 from rhodecode.lib.base import get_server_ip_addr, get_server_port
                 value = {
                     'server_ip': '{}:{}'.format(
                         get_server_ip_addr(environ, log_errors=False),
                         get_server_port(environ)
                     ),
                     'server_id': rhodecode.CONFIG.get('instance_id'),
                 }
                 return SysInfoRes(value=value)
             @register_sysinfo
             def usage_info():
                 from rhodecode.model.db import User, Repository, true
                 value = {
                     'users': User.query().count(),
                     'users_active': User.query().filter(User.active == true()).count(),
                     'repositories': Repository.query().count(),
                     'repository_types': {
                         'hg': Repository.query().filter(
                             Repository.repo_type == 'hg').count(),
                         'git': Repository.query().filter(
                             Repository.repo_type == 'git').count(),
                         'svn': Repository.query().filter(
                             Repository.repo_type == 'svn').count(),
                     },
                 }
                 return SysInfoRes(value=value)
             def get_system_info(environ):
                 environ = environ or {}
                 return {
                     'rhodecode_app': SysInfo(rhodecode_app_info)(),
                     'rhodecode_config': SysInfo(rhodecode_config)(),
                     'rhodecode_usage': SysInfo(usage_info)(),
                     'python': SysInfo(python_info)(),
                     'py_modules': SysInfo(py_modules)(),
                     'platform': SysInfo(platform_type)(),
                     'locale': SysInfo(locale_info)(),
                     'server': SysInfo(server_info, environ=environ)(),
                     'database': SysInfo(database_info)(),
                     'ulimit': SysInfo(ulimit_info)(),
                     'storage': SysInfo(storage)(),
                     'storage_inodes': SysInfo(storage_inodes)(),
                     'storage_archive': SysInfo(storage_archives)(),
                     'storage_gist': SysInfo(storage_gist)(),
                     'storage_temp': SysInfo(storage_temp)(),
                     'search': SysInfo(search_info)(),
                     'uptime': SysInfo(uptime)(),
                     'load': SysInfo(machine_load)(),
                     'cpu': SysInfo(cpu)(),
                     'memory': SysInfo(memory)(),
                     'vcs_backends': SysInfo(vcs_backends)(),
                     'vcs_server': SysInfo(vcs_server)(),
                     'vcs_server_config': SysInfo(vcs_server_config)(),
                     'git': SysInfo(git_info)(),
                     'hg': SysInfo(hg_info)(),
                     'svn': SysInfo(svn_info)(),
                 }
             def load_system_info(key):
                 """
                 get_sys_info('vcs_server')
                 get_sys_info('database')
                 """
                 return SysInfo(registered_helpers[key])()

rhodecode/lib/utils.py

0 +2 -2

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Utilities library for RhodeCode
             """
             import datetime
             import decorator
             import logging
             import os
             import re
             import sys
             import shutil
             import socket
             import tempfile
             import traceback
             import tarfile
             from functools import wraps
             from os.path import join as jn
             import paste
             import pkg_resources
             from webhelpers2.text import collapse, strip_tags, convert_accented_entities, convert_misc_entities
             from mako import exceptions
             from rhodecode.lib.hash_utils import sha256_safe, md5, sha1
             from rhodecode.lib.type_utils import AttributeDict
             from rhodecode.lib.str_utils import safe_bytes, safe_str
             from rhodecode.lib.vcs.backends.base import Config
             from rhodecode.lib.vcs.exceptions import VCSError
             from rhodecode.lib.vcs.utils.helpers import get_scm, get_scm_backend
             from rhodecode.lib.ext_json import sjson as json
             from rhodecode.model import meta
             from rhodecode.model.db import (
                 Repository, User, RhodeCodeUi, UserLog, RepoGroup, UserGroup)
             from rhodecode.model.meta import Session
             log = logging.getLogger(__name__)
             REMOVED_REPO_PAT = re.compile(r'rm__\d{8}_\d{6}_\d{6}__.*')
             # String which contains characters that are not allowed in slug names for
             # repositories or repository groups. It is properly escaped to use it in
             # regular expressions.
             SLUG_BAD_CHARS = re.escape(r'`?=[]\;\'"<>,/~!@#$%^&*()+{}|:')
             # Regex that matches forbidden characters in repo/group slugs.
             SLUG_BAD_CHAR_RE = re.compile(r'[{}\x00-\x08\x0b-\x0c\x0e-\x1f]'.format(SLUG_BAD_CHARS))
             # Regex that matches allowed characters in repo/group slugs.
             SLUG_GOOD_CHAR_RE = re.compile(r'[^{}]'.format(SLUG_BAD_CHARS))
             # Regex that matches whole repo/group slugs.
             SLUG_RE = re.compile(r'[^{}]+'.format(SLUG_BAD_CHARS))
             _license_cache = None
             def adopt_for_celery(func):
                 """
                 Decorator designed to adopt hooks (from rhodecode.lib.hooks_base)
                 for further usage as a celery tasks.
                 """
                 @wraps(func)
                 def wrapper(extras):
                     extras = AttributeDict(extras)
                     # HooksResponse implements to_json method which must be used there.
                     return func(extras).to_json()
                 return wrapper
             def repo_name_slug(value):
                 """
                 Return slug of name of repository
                 This function is called on each creation/modification
                 of repository to prevent bad names in repo
                 """
                 replacement_char = '-'
                 slug = strip_tags(value)
                 slug = convert_accented_entities(slug)
                 slug = convert_misc_entities(slug)
                 slug = SLUG_BAD_CHAR_RE.sub('', slug)
                 slug = re.sub(r'[\s]+', '-', slug)
                 slug = collapse(slug, replacement_char)
                 return slug
             #==============================================================================
             # PERM DECORATOR HELPERS FOR EXTRACTING NAMES FOR PERM CHECKS
             #==============================================================================
             def get_repo_slug(request):
                 _repo = ''
                 if hasattr(request, 'db_repo_name'):
                     # if our requests has set db reference use it for name, this
                     # translates the example.com/_<id> into proper repo names
                     _repo = request.db_repo_name
                 elif getattr(request, 'matchdict', None):
                     # pyramid
                     _repo = request.matchdict.get('repo_name')
                 if _repo:
                     _repo = _repo.rstrip('/')
                 return _repo
             def get_repo_group_slug(request):
                 _group = ''
                 if hasattr(request, 'db_repo_group'):
                     # if our requests has set db reference use it for name, this
                     # translates the example.com/_<id> into proper repo group names
                     _group = request.db_repo_group.group_name
                 elif getattr(request, 'matchdict', None):
                     # pyramid
                     _group = request.matchdict.get('repo_group_name')
                 if _group:
                     _group = _group.rstrip('/')
                 return _group
             def get_user_group_slug(request):
                 _user_group = ''
                 if hasattr(request, 'db_user_group'):
                     _user_group = request.db_user_group.users_group_name
                 elif getattr(request, 'matchdict', None):
                     # pyramid
                     _user_group = request.matchdict.get('user_group_id')
                     _user_group_name = request.matchdict.get('user_group_name')
                     try:
                         if _user_group:
                             _user_group = UserGroup.get(_user_group)
                         elif _user_group_name:
                             _user_group = UserGroup.get_by_group_name(_user_group_name)
                         if _user_group:
                             _user_group = _user_group.users_group_name
                     except Exception:
                         log.exception('Failed to get user group by id and name')
                         # catch all failures here
                         return None
                 return _user_group
             def get_filesystem_repos(path, recursive=False, skip_removed_repos=True):
                 """
                 Scans given path for repos and return (name,(type,path)) tuple
                 :param path: path to scan for repositories
                 :param recursive: recursive search and return names with subdirs in front
                 """
                 # remove ending slash for better results
                 path = path.rstrip(os.sep)
                 log.debug('now scanning in %s location recursive:%s...', path, recursive)
                 def _get_repos(p):
                     dirpaths = get_dirpaths(p)
                     if not _is_dir_writable(p):
                         log.warning('repo path without write access: %s', p)
                     for dirpath in dirpaths:
                         if os.path.isfile(os.path.join(p, dirpath)):
                             continue
                         cur_path = os.path.join(p, dirpath)
                         # skip removed repos
                         if skip_removed_repos and REMOVED_REPO_PAT.match(dirpath):
                             continue
                         #skip .<somethin> dirs
                         if dirpath.startswith('.'):
                             continue
                         try:
                             scm_info = get_scm(cur_path)
                             yield scm_info[1].split(path, 1)[-1].lstrip(os.sep), scm_info
                         except VCSError:
                             if not recursive:
                                 continue
                             #check if this dir containts other repos for recursive scan
                             rec_path = os.path.join(p, dirpath)
                             if os.path.isdir(rec_path):
                                 yield from _get_repos(rec_path)
                 return _get_repos(path)
             def get_dirpaths(p: str) -> list:
                 try:
                     # OS-independable way of checking if we have at least read-only
                     # access or not.
                     dirpaths = os.listdir(p)
                 except OSError:
                     log.warning('ignoring repo path without read access: %s', p)
                     return []
                 # os.listpath has a tweak: If a unicode is passed into it, then it tries to
                 # decode paths and suddenly returns unicode objects itself. The items it
                 # cannot decode are returned as strings and cause issues.
                 #
                 # Those paths are ignored here until a solid solution for path handling has
                 # been built.
                 expected_type = type(p)
                 def _has_correct_type(item):
                     if type(item) is not expected_type:
                         log.error(
                             "Ignoring path %s since it cannot be decoded into str.",
                             # Using "repr" to make sure that we see the byte value in case
                             # of support.
                             repr(item))
                         return False
                     return True
                 dirpaths = [item for item in dirpaths if _has_correct_type(item)]
                 return dirpaths
             def _is_dir_writable(path):
                 """
                 Probe if `path` is writable.
                 Due to trouble on Cygwin / Windows, this is actually probing if it is
                 possible to create a file inside of `path`, stat does not produce reliable
                 results in this case.
                 """
                 try:
                     with tempfile.TemporaryFile(dir=path):
                         pass
                 except OSError:
                     return False
                 return True
             def is_valid_repo(repo_name, base_path, expect_scm=None, explicit_scm=None, config=None):
                 """
                 Returns True if given path is a valid repository False otherwise.
                 If expect_scm param is given also, compare if given scm is the same
                 as expected from scm parameter. If explicit_scm is given don't try to
                 detect the scm, just use the given one to check if repo is valid
                 :param repo_name:
                 :param base_path:
                 :param expect_scm:
                 :param explicit_scm:
                 :param config:
                 :return True: if given path is a valid repository
                 """
                 full_path = os.path.join(safe_str(base_path), safe_str(repo_name))
                 log.debug('Checking if `%s` is a valid path for repository. '
                           'Explicit type: %s', repo_name, explicit_scm)
                 try:
                     if explicit_scm:
                         detected_scms = [get_scm_backend(explicit_scm)(
                             full_path, config=config).alias]
                     else:
                         detected_scms = get_scm(full_path)
                     if expect_scm:
                         return detected_scms[0] == expect_scm
                     log.debug('path: %s is an vcs object:%s', full_path, detected_scms)
                     return True
                 except VCSError:
                     log.debug('path: %s is not a valid repo !', full_path)
                     return False
             def is_valid_repo_group(repo_group_name, base_path, skip_path_check=False):
                 """
                 Returns True if a given path is a repository group, False otherwise
                 :param repo_group_name:
                 :param base_path:
                 """
                 full_path = os.path.join(safe_str(base_path), safe_str(repo_group_name))
                 log.debug('Checking if `%s` is a valid path for repository group',
                           repo_group_name)
                 # check if it's not a repo
                 if is_valid_repo(repo_group_name, base_path):
                     log.debug('Repo called %s exist, it is not a valid repo group', repo_group_name)
                     return False
                 try:
                     # we need to check bare git repos at higher level
                     # since we might match branches/hooks/info/objects or possible
                     # other things inside bare git repo
                     maybe_repo = os.path.dirname(full_path)
                     if maybe_repo == base_path:
                         # skip root level repo check; we know root location CANNOT BE a repo group
                         return False
                     scm_ = get_scm(maybe_repo)
                     log.debug('path: %s is a vcs object:%s, not valid repo group', full_path, scm_)
                     return False
                 except VCSError:
                     pass
                 # check if it's a valid path
                 if skip_path_check or os.path.isdir(full_path):
                     log.debug('path: %s is a valid repo group !', full_path)
                     return True
                 log.debug('path: %s is not a valid repo group !', full_path)
                 return False
             def ask_ok(prompt, retries=4, complaint='[y]es or [n]o please!'):
                 while True:
                     ok = input(prompt)
                     if ok.lower() in ('y', 'ye', 'yes'):
                         return True
                     if ok.lower() in ('n', 'no', 'nop', 'nope'):
                         return False
                     retries = retries - 1
                     if retries < 0:
                         raise OSError
                     print(complaint)
             # propagated from mercurial documentation
             ui_sections = [
                 'alias', 'auth',
                 'decode/encode', 'defaults',
                 'diff', 'email',
                 'extensions', 'format',
                 'merge-patterns', 'merge-tools',
                 'hooks', 'http_proxy',
                 'smtp', 'patch',
                 'paths', 'profiling',
                 'server', 'trusted',
                 'ui', 'web', ]
             def config_data_from_db(clear_session=True, repo=None):
                 """
                 Read the configuration data from the database and return configuration
                 tuples.
                 """
                 from rhodecode.model.settings import VcsSettingsModel
                 config = []
                 sa = meta.Session()
                 settings_model = VcsSettingsModel(repo=repo, sa=sa)
                 ui_settings = settings_model.get_ui_settings()
                 ui_data = []
                 for setting in ui_settings:
                     if setting.active:
                         ui_data.append((setting.section, setting.key, setting.value))
                         config.append((
                             safe_str(setting.section), safe_str(setting.key),
                             safe_str(setting.value)))
                     if setting.key == 'push_ssl':
                         # force set push_ssl requirement to False, rhodecode
                         # handles that
                         config.append((
                             safe_str(setting.section), safe_str(setting.key), False))
                 log.debug(
                     'settings ui from db@repo[%s]: %s',
                     repo,
                     ','.join(['[{}] {}={}'.format(*s) for s in ui_data]))
                 if clear_session:
                     meta.Session.remove()
                 # TODO: mikhail: probably it makes no sense to re-read hooks information.
                 # It's already there and activated/deactivated
                 skip_entries = []
                 enabled_hook_classes = get_enabled_hook_classes(ui_settings)
                 if 'pull' not in enabled_hook_classes:
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PRE_PULL))
                 if 'push' not in enabled_hook_classes:
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PRE_PUSH))
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PRETX_PUSH))
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PUSH_KEY))
                 config = [entry for entry in config if entry[:2] not in skip_entries]
                 return config
             def make_db_config(clear_session=True, repo=None):
                 """
                 Create a :class:`Config` instance based on the values in the database.
                 """
                 config = Config()
                 config_data = config_data_from_db(clear_session=clear_session, repo=repo)
                 for section, option, value in config_data:
                     config.set(section, option, value)
                 return config
             def get_enabled_hook_classes(ui_settings):
                 """
                 Return the enabled hook classes.
                 :param ui_settings: List of ui_settings as returned
                     by :meth:`VcsSettingsModel.get_ui_settings`
                 :return: a list with the enabled hook classes. The order is not guaranteed.
                 :rtype: list
                 """
                 enabled_hooks = []
                 active_hook_keys = [
                     key for section, key, value, active in ui_settings
                     if section == 'hooks' and active]
                 hook_names = {
                     RhodeCodeUi.HOOK_PUSH: 'push',
                     RhodeCodeUi.HOOK_PULL: 'pull',
                     RhodeCodeUi.HOOK_REPO_SIZE: 'repo_size'
                 }
                 for key in active_hook_keys:
                     hook = hook_names.get(key)
                     if hook:
                         enabled_hooks.append(hook)
                 return enabled_hooks
             def set_rhodecode_config(config):
                 """
                 Updates pyramid config with new settings from database
                 :param config:
                 """
                 from rhodecode.model.settings import SettingsModel
                 app_settings = SettingsModel().get_all_settings()
                 for k, v in list(app_settings.items()):
                     config[k] = v
             def get_rhodecode_realm():
                 """
                 Return the rhodecode realm from database.
                 """
                 from rhodecode.model.settings import SettingsModel
                 realm = SettingsModel().get_setting_by_name('realm')
                 return safe_str(realm.app_settings_value)
-            def get_rhodecode_base_path():
+            def get_rhodecode_repo_store_path():
                 """
                 Returns the base path. The base path is the filesystem path which points
                 to the repository store.
                 """
                 import rhodecode
-                return rhodecode.CONFIG['default_base_path']
+                return rhodecode.CONFIG['repo_store.path']
             def map_groups(path):
                 """
                 Given a full path to a repository, create all nested groups that this
                 repo is inside. This function creates parent-child relationships between
                 groups and creates default perms for all new groups.
                 :param paths: full path to repository
                 """
                 from rhodecode.model.repo_group import RepoGroupModel
                 sa = meta.Session()
                 groups = path.split(Repository.NAME_SEP)
                 parent = None
                 group = None
                 # last element is repo in nested groups structure
                 groups = groups[:-1]
                 rgm = RepoGroupModel(sa)
                 owner = User.get_first_super_admin()
                 for lvl, group_name in enumerate(groups):
                     group_name = '/'.join(groups[:lvl] + [group_name])
                     group = RepoGroup.get_by_group_name(group_name)
                     desc = '%s group' % group_name
                     # skip folders that are now removed repos
                     if REMOVED_REPO_PAT.match(group_name):
                         break
                     if group is None:
                         log.debug('creating group level: %s group_name: %s',
                                    lvl, group_name)
                         group = RepoGroup(group_name, parent)
                         group.group_description = desc
                         group.user = owner
                         sa.add(group)
                         perm_obj = rgm._create_default_perms(group)
                         sa.add(perm_obj)
                         sa.flush()
                     parent = group
                 return group
             def repo2db_mapper(initial_repo_list, remove_obsolete=False, force_hooks_rebuild=False):
                 """
                 maps all repos given in initial_repo_list, non existing repositories
                 are created, if remove_obsolete is True it also checks for db entries
                 that are not in initial_repo_list and removes them.
                 :param initial_repo_list: list of repositories found by scanning methods
                 :param remove_obsolete: check for obsolete entries in database
                 """
                 from rhodecode.model.repo import RepoModel
                 from rhodecode.model.repo_group import RepoGroupModel
                 from rhodecode.model.settings import SettingsModel
                 sa = meta.Session()
                 repo_model = RepoModel()
                 user = User.get_first_super_admin()
                 added = []
                 # creation defaults
                 defs = SettingsModel().get_default_repo_settings(strip_prefix=True)
                 enable_statistics = defs.get('repo_enable_statistics')
                 enable_locking = defs.get('repo_enable_locking')
                 enable_downloads = defs.get('repo_enable_downloads')
                 private = defs.get('repo_private')
                 for name, repo in list(initial_repo_list.items()):
                     group = map_groups(name)
                     str_name = safe_str(name)
                     db_repo = repo_model.get_by_repo_name(str_name)
                     # found repo that is on filesystem not in RhodeCode database
                     if not db_repo:
                         log.info('repository `%s` not found in the database, creating now', name)
                         added.append(name)
                         desc = (repo.description
                                 if repo.description != 'unknown'
                                 else '%s repository' % name)
                         db_repo = repo_model._create_repo(
                             repo_name=name,
                             repo_type=repo.alias,
                             description=desc,
                             repo_group=getattr(group, 'group_id', None),
                             owner=user,
                             enable_locking=enable_locking,
                             enable_downloads=enable_downloads,
                             enable_statistics=enable_statistics,
                             private=private,
                             state=Repository.STATE_CREATED
                         )
                         sa.commit()
                         # we added that repo just now, and make sure we updated server info
                         if db_repo.repo_type == 'git':
                             git_repo = db_repo.scm_instance()
                             # update repository server-info
                             log.debug('Running update server info')
                             git_repo._update_server_info(force=True)
                         db_repo.update_commit_cache()
                     config = db_repo._config
                     config.set('extensions', 'largefiles', '')
                     repo = db_repo.scm_instance(config=config)
                     repo.install_hooks(force=force_hooks_rebuild)
                 removed = []
                 if remove_obsolete:
                     # remove from database those repositories that are not in the filesystem
                     for repo in sa.query(Repository).all():
                         if repo.repo_name not in list(initial_repo_list.keys()):
                             log.debug("Removing non-existing repository found in db `%s`",
                                       repo.repo_name)
                             try:
                                 RepoModel(sa).delete(repo, forks='detach', fs_remove=False)
                                 sa.commit()
                                 removed.append(repo.repo_name)
                             except Exception:
                                 # don't hold further removals on error
                                 log.error(traceback.format_exc())
                                 sa.rollback()
                     def splitter(full_repo_name):
                         _parts = full_repo_name.rsplit(RepoGroup.url_sep(), 1)
                         gr_name = None
                         if len(_parts) == 2:
                             gr_name = _parts[0]
                         return gr_name
                     initial_repo_group_list = [splitter(x) for x in
                                                list(initial_repo_list.keys()) if splitter(x)]
                     # remove from database those repository groups that are not in the
                     # filesystem due to parent child relationships we need to delete them
                     # in a specific order of most nested first
                     all_groups = [x.group_name for x in sa.query(RepoGroup).all()]
                     def nested_sort(gr):
                         return len(gr.split('/'))
                     for group_name in sorted(all_groups, key=nested_sort, reverse=True):
                         if group_name not in initial_repo_group_list:
                             repo_group = RepoGroup.get_by_group_name(group_name)
                             if (repo_group.children.all() or
                                 not RepoGroupModel().check_exist_filesystem(
                                     group_name=group_name, exc_on_failure=False)):
                                 continue
                             log.info(
                                 'Removing non-existing repository group found in db `%s`',
                                 group_name)
                             try:
                                 RepoGroupModel(sa).delete(group_name, fs_remove=False)
                                 sa.commit()
                                 removed.append(group_name)
                             except Exception:
                                 # don't hold further removals on error
                                 log.exception(
                                     'Unable to remove repository group `%s`',
                                     group_name)
                                 sa.rollback()
                                 raise
                 return added, removed
             def load_rcextensions(root_path):
                 import rhodecode
                 from rhodecode.config import conf
                 path = os.path.join(root_path)
                 sys.path.append(path)
                 try:
                     rcextensions = __import__('rcextensions')
                 except ImportError:
                     if os.path.isdir(os.path.join(path, 'rcextensions')):
                         log.warning('Unable to load rcextensions from %s', path)
                     rcextensions = None
                 if rcextensions:
                     log.info('Loaded rcextensions from %s...', rcextensions)
                     rhodecode.EXTENSIONS = rcextensions
                     # Additional mappings that are not present in the pygments lexers
                     conf.LANGUAGES_EXTENSIONS_MAP.update(
                         getattr(rhodecode.EXTENSIONS, 'EXTRA_MAPPINGS', {}))
             def get_custom_lexer(extension):
                 """
                 returns a custom lexer if it is defined in rcextensions module, or None
                 if there's no custom lexer defined
                 """
                 import rhodecode
                 from pygments import lexers
                 # custom override made by RhodeCode
                 if extension in ['mako']:
                     return lexers.get_lexer_by_name('html+mako')
                 # check if we didn't define this extension as other lexer
                 extensions = rhodecode.EXTENSIONS and getattr(rhodecode.EXTENSIONS, 'EXTRA_LEXERS', None)
                 if extensions and extension in rhodecode.EXTENSIONS.EXTRA_LEXERS:
                     _lexer_name = rhodecode.EXTENSIONS.EXTRA_LEXERS[extension]
                     return lexers.get_lexer_by_name(_lexer_name)
             #==============================================================================
             # TEST FUNCTIONS AND CREATORS
             #==============================================================================
             def create_test_index(repo_location, config):
                 """
                 Makes default test index.
                 """
                 try:
                     import rc_testdata
                 except ImportError:
                     raise ImportError('Failed to import rc_testdata, '
                                       'please make sure this package is installed from requirements_test.txt')
                 rc_testdata.extract_search_index(
                     'vcs_search_index', os.path.dirname(config['search.location']))
             def create_test_directory(test_path):
                 """
                 Create test directory if it doesn't exist.
                 """
                 if not os.path.isdir(test_path):
                     log.debug('Creating testdir %s', test_path)
                     os.makedirs(test_path)
             def create_test_database(test_path, config):
                 """
                 Makes a fresh database.
                 """
                 from rhodecode.lib.db_manage import DbManage
                 from rhodecode.lib.utils2 import get_encryption_key
                 # PART ONE create db
                 dbconf = config['sqlalchemy.db1.url']
                 enc_key = get_encryption_key(config)
                 log.debug('making test db %s', dbconf)
                 dbmanage = DbManage(log_sql=False, dbconf=dbconf, root=config['here'],
                                     tests=True, cli_args={'force_ask': True}, enc_key=enc_key)
                 dbmanage.create_tables(override=True)
                 dbmanage.set_db_version()
                 # for tests dynamically set new root paths based on generated content
                 dbmanage.create_settings(dbmanage.config_prompt(test_path))
                 dbmanage.create_default_user()
                 dbmanage.create_test_admin_and_users()
                 dbmanage.create_permissions()
                 dbmanage.populate_default_permissions()
                 Session().commit()
             def create_test_repositories(test_path, config):
                 """
                 Creates test repositories in the temporary directory. Repositories are
                 extracted from archives within the rc_testdata package.
                 """
                 import rc_testdata
                 from rhodecode.tests import HG_REPO, GIT_REPO, SVN_REPO
                 log.debug('making test vcs repositories')
                 idx_path = config['search.location']
                 data_path = config['cache_dir']
                 # clean index and data
                 if idx_path and os.path.exists(idx_path):
                     log.debug('remove %s', idx_path)
                     shutil.rmtree(idx_path)
                 if data_path and os.path.exists(data_path):
                     log.debug('remove %s', data_path)
                     shutil.rmtree(data_path)
                 rc_testdata.extract_hg_dump('vcs_test_hg', jn(test_path, HG_REPO))
                 rc_testdata.extract_git_dump('vcs_test_git', jn(test_path, GIT_REPO))
                 # Note: Subversion is in the process of being integrated with the system,
                 # until we have a properly packed version of the test svn repository, this
                 # tries to copy over the repo from a package "rc_testdata"
                 svn_repo_path = rc_testdata.get_svn_repo_archive()
                 with tarfile.open(svn_repo_path) as tar:
                     tar.extractall(jn(test_path, SVN_REPO))
             def password_changed(auth_user, session):
                 # Never report password change in case of default user or anonymous user.
                 if auth_user.username == User.DEFAULT_USER or auth_user.user_id is None:
                     return False
                 password_hash = md5(safe_bytes(auth_user.password)) if auth_user.password else None
                 rhodecode_user = session.get('rhodecode_user', {})
                 session_password_hash = rhodecode_user.get('password', '')
                 return password_hash != session_password_hash
             def read_opensource_licenses():
                 global _license_cache
                 if not _license_cache:
                     licenses = pkg_resources.resource_string(
                         'rhodecode', 'config/licenses.json')
                     _license_cache = json.loads(licenses)
                 return _license_cache
             def generate_platform_uuid():
                 """
                 Generates platform UUID based on it's name
                 """
                 import platform
                 try:
                     uuid_list = [platform.platform()]
                     return sha256_safe(':'.join(uuid_list))
                 except Exception as e:
                     log.error('Failed to generate host uuid: %s', e)
                     return 'UNDEFINED'
             def send_test_email(recipients, email_body='TEST EMAIL'):
                 """
                 Simple code for generating test emails.
                 Usage::
                     from rhodecode.lib import utils
                     utils.send_test_email()
                 """
                 from rhodecode.lib.celerylib import tasks, run_task
                 email_body = email_body_plaintext = email_body
                 subject = f'SUBJECT FROM: {socket.gethostname()}'
                 tasks.send_email(recipients, subject, email_body_plaintext, email_body)

rhodecode/model/__init__.py

0 +9 0

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             import rhodecode
             from rhodecode.model import meta, db
+            from rhodecode.lib.utils import get_rhodecode_repo_store_path
             from rhodecode.lib.utils2 import obfuscate_url_pw, get_encryption_key
             log = logging.getLogger(__name__)
             def init_model(engine, encryption_key: bytes = b''):
                 """
                 Initializes db session, bind the engine with the metadata,
                 Call this before using any of the tables or classes in the model,
                 preferably once in application start
                 :param engine: engine to bind to
                 :param encryption_key: key used for encryption
                 """
                 engine_str = obfuscate_url_pw(str(engine.url))
                 log.info("RhodeCode %s initializing db for %s", rhodecode.__version__, engine_str)
                 meta.bind_engine_to_session(engine)
                 init_model_encryption(db, enc_key=encryption_key)
             def init_model_encryption(*db_models, enc_key: bytes = b'', config=None):
                 if not enc_key:
                     from pyramid.threadlocal import get_current_registry
                     config = config or get_current_registry().settings
                     enc_key = get_encryption_key(config)
                 for db_model in db_models:
                     log.debug('setting encryption key for model %s', db_model)
                     db_model.ENCRYPTION_KEY = enc_key
             class BaseModel(object):
                 """
                 Base Model for all RhodeCode models, it adds sql alchemy session
                 into instance of model
                 :param sa: If passed it reuses this session instead of creating a new one
                 """
                 cls = None  # override in child class
                 def __init__(self, sa=None):
                     if sa is not None:
                         self.sa = sa
                     else:
                         self.sa = meta.Session()
                 def _get_instance(self, cls, instance, callback=None):
                     """
                     Gets instance of given cls using some simple lookup mechanism.
                     :param cls: classes to fetch
                     :param instance: int or Instance
                     :param callback: callback to call if all lookups failed
                     """
                     if isinstance(instance, cls):
                         return instance
                     elif isinstance(instance, int):
                         if isinstance(cls, tuple):
                             # if we pass multi instances we pick first to .get()
                             cls = cls[0]
                         return cls.get(instance)
                     else:
                         if instance:
                             if callback is None:
                                 raise Exception(
                                     'given object must be int or Instance of %s '
                                     'got %s, no callback provided' % (cls, type(instance))
                                 )
                             else:
                                 return callback(instance)
                 def _get_user(self, user):
                     """
                     Helper method to get user by ID, or username fallback
                     :param user: UserID, username, or User instance
                     """
                     return self._get_instance(
                         db.User, user, callback=db.User.get_by_username)
                 def _get_user_group(self, user_group):
                     """
                     Helper method to get user by ID, or username fallback
                     :param user_group: UserGroupID, user_group_name, or UserGroup instance
                     """
                     return self._get_instance(
                         db.UserGroup, user_group, callback=db.UserGroup.get_by_group_name)
                 def _get_repo(self, repository):
                     """
                     Helper method to get repository by ID, or repository name
                     :param repository: RepoID, repository name or Repository Instance
                     """
                     return self._get_instance(
                         db.Repository, repository, callback=db.Repository.get_by_repo_name)
                 def _get_perm(self, permission):
                     """
                     Helper method to get permission by ID, or permission name
                     :param permission: PermissionID, permission_name or Permission instance
                     """
                     return self._get_instance(
                         db.Permission, permission, callback=db.Permission.get_by_key)
                 @classmethod
                 def get_all(cls):
                     """
                     Returns all instances of what is defined in `cls` class variable
                     """
                     return cls.cls.getAll()
+                @property
+                def repos_path(self):
+                    """
+                    Gets the repositories root path from *ini file
+                    """
+                    return get_rhodecode_repo_store_path()

rhodecode/model/db.py

0 +4 -7

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Database Models for RhodeCode Enterprise
             """
             import re
             import os
             import time
             import string
             import logging
             import datetime
             import uuid
             import warnings
             import ipaddress
             import functools
             import traceback
             import collections
             from sqlalchemy import (
                 or_, and_, not_, func, cast, TypeDecorator, event, select,
                 true, false, null,
                 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
                 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
                 Text, Float, PickleType, BigInteger)
             from sqlalchemy.sql.expression import case
             from sqlalchemy.sql.functions import coalesce, count  # pragma: no cover
             from sqlalchemy.orm import (
                 relationship, lazyload, joinedload, class_mapper, validates, aliased, load_only)
             from sqlalchemy.ext.declarative import declared_attr
             from sqlalchemy.ext.hybrid import hybrid_property
             from sqlalchemy.exc import IntegrityError  # pragma: no cover
             from sqlalchemy.dialects.mysql import LONGTEXT
             from zope.cachedescriptors.property import Lazy as LazyProperty
             from pyramid.threadlocal import get_current_request
             from webhelpers2.text import remove_formatting
             from rhodecode.lib.str_utils import safe_bytes
             from rhodecode.translation import _
             from rhodecode.lib.vcs import get_vcs_instance, VCSError
             from rhodecode.lib.vcs.backends.base import (
                 EmptyCommit, Reference, unicode_to_reference, reference_to_unicode)
             from rhodecode.lib.utils2 import (
                 str2bool, safe_str, get_commit_safe, sha1_safe,
                 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
                 glob2re, StrictAttributeDict, cleaned_uri, datetime_to_time)
             from rhodecode.lib.jsonalchemy import (
                 MutationObj, MutationList, JsonType, JsonRaw)
             from rhodecode.lib.hash_utils import sha1
             from rhodecode.lib import ext_json
             from rhodecode.lib import enc_utils
             from rhodecode.lib.ext_json import json, str_json
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.lib.exceptions import (
                 ArtifactMetadataDuplicate, ArtifactMetadataBadValueType)
             from rhodecode.model.meta import Base, Session
             URL_SEP = '/'
             log = logging.getLogger(__name__)
             # =============================================================================
             # BASE CLASSES
             # =============================================================================
             # this is propagated from .ini file rhodecode.encrypted_values.secret or
             # beaker.session.secret if first is not set.
             # and initialized at environment.py
             ENCRYPTION_KEY: bytes = b''
             # used to sort permissions by types, '#' used here is not allowed to be in
             # usernames, and it's very early in sorted string.printable table.
             PERMISSION_TYPE_SORT = {
                 'admin': '####',
                 'write': '###',
                 'read':  '##',
                 'none':  '#',
             }
             def display_user_sort(obj):
                 """
                 Sort function used to sort permissions in .permissions() function of
                 Repository, RepoGroup, UserGroup. Also it put the default user in front
                 of all other resources
                 """
                 if obj.username == User.DEFAULT_USER:
                     return '#####'
                 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
                 extra_sort_num = '1'  # default
                 # NOTE(dan): inactive duplicates goes last
                 if getattr(obj, 'duplicate_perm', None):
                     extra_sort_num = '9'
                 return prefix + extra_sort_num + obj.username
             def display_user_group_sort(obj):
                 """
                 Sort function used to sort permissions in .permissions() function of
                 Repository, RepoGroup, UserGroup. Also it put the default user in front
                 of all other resources
                 """
                 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
                 return prefix + obj.users_group_name
             def _hash_key(k):
                 return sha1_safe(k)
             def in_filter_generator(qry, items, limit=500):
                 """
                 Splits IN() into multiple with OR
                 e.g.::
                 cnt = Repository.query().filter(
                     or_(
                         *in_filter_generator(Repository.repo_id, range(100000))
                     )).count()
                 """
                 if not items:
                     # empty list will cause empty query which might cause security issues
                     # this can lead to hidden unpleasant results
                     items = [-1]
                 parts = []
                 for chunk in range(0, len(items), limit):
                     parts.append(
                         qry.in_(items[chunk: chunk + limit])
                     )
                 return parts
             base_table_args = {
                 'extend_existing': True,
                 'mysql_engine': 'InnoDB',
                 'mysql_charset': 'utf8',
                 'sqlite_autoincrement': True
             }
             class EncryptedTextValue(TypeDecorator):
                 """
                 Special column for encrypted long text data, use like::
                     value = Column("encrypted_value", EncryptedValue(), nullable=False)
                 This column is intelligent so if value is in unencrypted form it return
                 unencrypted form, but on save it always encrypts
                 """
                 cache_ok = True
                 impl = Text
                 def process_bind_param(self, value, dialect):
                     """
                     Setter for storing value
                     """
                     import rhodecode
                     if not value:
                         return value
                     # protect against double encrypting if values is already encrypted
                     if value.startswith('enc$aes$') \
                             or value.startswith('enc$aes_hmac$') \
                             or value.startswith('enc2$'):
                         raise ValueError('value needs to be in unencrypted format, '
                                          'ie. not starting with enc$ or enc2$')
                     algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
                     bytes_val = enc_utils.encrypt_value(value, enc_key=ENCRYPTION_KEY, algo=algo)
                     return safe_str(bytes_val)
                 def process_result_value(self, value, dialect):
                     """
                     Getter for retrieving value
                     """
                     import rhodecode
                     if not value:
                         return value
                     enc_strict_mode = rhodecode.ConfigGet().get_bool('rhodecode.encrypted_values.strict', missing=True)
                     bytes_val = enc_utils.decrypt_value(value, enc_key=ENCRYPTION_KEY, strict_mode=enc_strict_mode)
                     return safe_str(bytes_val)
             class BaseModel(object):
                 """
                 Base Model for all classes
                 """
                 @classmethod
                 def _get_keys(cls):
                     """return column names for this model """
                     return class_mapper(cls).c.keys()
                 def get_dict(self):
                     """
                     return dict with keys and values corresponding
                     to this model data """
                     d = {}
                     for k in self._get_keys():
                         d[k] = getattr(self, k)
                     # also use __json__() if present to get additional fields
                     _json_attr = getattr(self, '__json__', None)
                     if _json_attr:
                         # update with attributes from __json__
                         if callable(_json_attr):
                             _json_attr = _json_attr()
                         for k, val in _json_attr.items():
                             d[k] = val
                     return d
                 def get_appstruct(self):
                     """return list with keys and values tuples corresponding
                     to this model data """
                     lst = []
                     for k in self._get_keys():
                         lst.append((k, getattr(self, k),))
                     return lst
                 def populate_obj(self, populate_dict):
                     """populate model with data from given populate_dict"""
                     for k in self._get_keys():
                         if k in populate_dict:
                             setattr(self, k, populate_dict[k])
                 @classmethod
                 def query(cls):
                     return Session().query(cls)
                 @classmethod
                 def select(cls, custom_cls=None):
                     """
                     stmt = cls.select().where(cls.user_id==1)
                     # optionally
                     stmt = cls.select(User.user_id).where(cls.user_id==1)
                     result = cls.execute(stmt) | cls.scalars(stmt)
                     """
                     if custom_cls:
                         stmt = select(custom_cls)
                     else:
                         stmt = select(cls)
                     return stmt
                 @classmethod
                 def execute(cls, stmt):
                     return Session().execute(stmt)
                 @classmethod
                 def scalars(cls, stmt):
                     return Session().scalars(stmt)
                 @classmethod
                 def get(cls, id_):
                     if id_:
                         return cls.query().get(id_)
                 @classmethod
                 def get_or_404(cls, id_):
                     from pyramid.httpexceptions import HTTPNotFound
                     try:
                         id_ = int(id_)
                     except (TypeError, ValueError):
                         raise HTTPNotFound()
                     res = cls.query().get(id_)
                     if not res:
                         raise HTTPNotFound()
                     return res
                 @classmethod
                 def getAll(cls):
                     # deprecated and left for backward compatibility
                     return cls.get_all()
                 @classmethod
                 def get_all(cls):
                     return cls.query().all()
                 @classmethod
                 def delete(cls, id_):
                     obj = cls.query().get(id_)
                     Session().delete(obj)
                 @classmethod
                 def identity_cache(cls, session, attr_name, value):
                     exist_in_session = []
                     for (item_cls, pkey), instance in session.identity_map.items():
                         if cls == item_cls and getattr(instance, attr_name) == value:
                             exist_in_session.append(instance)
                     if exist_in_session:
                         if len(exist_in_session) == 1:
                             return exist_in_session[0]
                         log.exception(
                             'multiple objects with attr %s and '
                             'value %s found with same name: %r',
                             attr_name, value, exist_in_session)
                 @property
                 def cls_name(self):
                     return self.__class__.__name__
                 def __repr__(self):
                     return f'<DB:{self.cls_name}>'
             class RhodeCodeSetting(Base, BaseModel):
                 __tablename__ = 'rhodecode_settings'
                 __table_args__ = (
                     UniqueConstraint('app_settings_name'),
                     base_table_args
                 )
                 SETTINGS_TYPES = {
                     'str': safe_str,
                     'int': safe_int,
                     'unicode': safe_str,
                     'bool': str2bool,
                     'list': functools.partial(aslist, sep=',')
                 }
                 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
                 GLOBAL_CONF_KEY = 'app_settings'
                 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
                 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
                 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
                 def __init__(self, key='', val='', type='unicode'):
                     self.app_settings_name = key
                     self.app_settings_type = type
                     self.app_settings_value = val
                 @validates('_app_settings_value')
                 def validate_settings_value(self, key, val):
                     assert type(val) == str
                     return val
                 @hybrid_property
                 def app_settings_value(self):
                     v = self._app_settings_value
                     _type = self.app_settings_type
                     if _type:
                         _type = self.app_settings_type.split('.')[0]
                         # decode the encrypted value
                         if 'encrypted' in self.app_settings_type:
                             cipher = EncryptedTextValue()
                             v = safe_str(cipher.process_result_value(v, None))
                     converter = self.SETTINGS_TYPES.get(_type) or \
                         self.SETTINGS_TYPES['unicode']
                     return converter(v)
                 @app_settings_value.setter
                 def app_settings_value(self, val):
                     """
                     Setter that will always make sure we use unicode in app_settings_value
                     :param val:
                     """
                     val = safe_str(val)
                     # encode the encrypted value
                     if 'encrypted' in self.app_settings_type:
                         cipher = EncryptedTextValue()
                         val = safe_str(cipher.process_bind_param(val, None))
                     self._app_settings_value = val
                 @hybrid_property
                 def app_settings_type(self):
                     return self._app_settings_type
                 @app_settings_type.setter
                 def app_settings_type(self, val):
                     if val.split('.')[0] not in self.SETTINGS_TYPES:
                         raise Exception('type must be one of %s got %s'
                                         % (self.SETTINGS_TYPES.keys(), val))
                     self._app_settings_type = val
                 @classmethod
                 def get_by_prefix(cls, prefix):
                     return RhodeCodeSetting.query()\
                         .filter(RhodeCodeSetting.app_settings_name.startswith(prefix))\
                         .all()
                 def __repr__(self):
                     return "<%s('%s:%s[%s]')>" % (
                         self.cls_name,
                         self.app_settings_name, self.app_settings_value,
                         self.app_settings_type
                     )
             class RhodeCodeUi(Base, BaseModel):
                 __tablename__ = 'rhodecode_ui'
                 __table_args__ = (
                     UniqueConstraint('ui_key'),
                     base_table_args
                 )
                 # Sync those values with vcsserver.config.hooks
                 HOOK_REPO_SIZE = 'changegroup.repo_size'
                 # HG
                 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
                 HOOK_PULL = 'outgoing.pull_logger'
                 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
                 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
                 HOOK_PUSH = 'changegroup.push_logger'
                 HOOK_PUSH_KEY = 'pushkey.key_push'
                 HOOKS_BUILTIN = [
                     HOOK_PRE_PULL,
                     HOOK_PULL,
                     HOOK_PRE_PUSH,
                     HOOK_PRETX_PUSH,
                     HOOK_PUSH,
                     HOOK_PUSH_KEY,
                 ]
                 # TODO: johbo: Unify way how hooks are configured for git and hg,
                 # git part is currently hardcoded.
                 # SVN PATTERNS
                 SVN_BRANCH_ID = 'vcs_svn_branch'
                 SVN_TAG_ID = 'vcs_svn_tag'
                 ui_id = Column(
                     "ui_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 ui_section = Column(
                     "ui_section", String(255), nullable=True, unique=None, default=None)
                 ui_key = Column(
                     "ui_key", String(255), nullable=True, unique=None, default=None)
                 ui_value = Column(
                     "ui_value", String(255), nullable=True, unique=None, default=None)
                 ui_active = Column(
                     "ui_active", Boolean(), nullable=True, unique=None, default=True)
                 def __repr__(self):
                     return '<%s[%s]%s=>%s]>' % (self.cls_name, self.ui_section,
                                                 self.ui_key, self.ui_value)
             class RepoRhodeCodeSetting(Base, BaseModel):
                 __tablename__ = 'repo_rhodecode_settings'
                 __table_args__ = (
                     UniqueConstraint(
                         'app_settings_name', 'repository_id',
                         name='uq_repo_rhodecode_setting_name_repo_id'),
                     base_table_args
                 )
                 repository_id = Column(
                     "repository_id", Integer(), ForeignKey('repositories.repo_id'),
                     nullable=False)
                 app_settings_id = Column(
                     "app_settings_id", Integer(), nullable=False, unique=True,
                     default=None, primary_key=True)
                 app_settings_name = Column(
                     "app_settings_name", String(255), nullable=True, unique=None,
                     default=None)
                 _app_settings_value = Column(
                     "app_settings_value", String(4096), nullable=True, unique=None,
                     default=None)
                 _app_settings_type = Column(
                     "app_settings_type", String(255), nullable=True, unique=None,
                     default=None)
                 repository = relationship('Repository', viewonly=True)
                 def __init__(self, repository_id, key='', val='', type='unicode'):
                     self.repository_id = repository_id
                     self.app_settings_name = key
                     self.app_settings_type = type
                     self.app_settings_value = val
                 @validates('_app_settings_value')
                 def validate_settings_value(self, key, val):
                     assert type(val) == str
                     return val
                 @hybrid_property
                 def app_settings_value(self):
                     v = self._app_settings_value
                     type_ = self.app_settings_type
                     SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
                     converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
                     return converter(v)
                 @app_settings_value.setter
                 def app_settings_value(self, val):
                     """
                     Setter that will always make sure we use unicode in app_settings_value
                     :param val:
                     """
                     self._app_settings_value = safe_str(val)
                 @hybrid_property
                 def app_settings_type(self):
                     return self._app_settings_type
                 @app_settings_type.setter
                 def app_settings_type(self, val):
                     SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
                     if val not in SETTINGS_TYPES:
                         raise Exception('type must be one of %s got %s'
                                         % (SETTINGS_TYPES.keys(), val))
                     self._app_settings_type = val
                 def __repr__(self):
                     return "<%s('%s:%s:%s[%s]')>" % (
                         self.cls_name, self.repository.repo_name,
                         self.app_settings_name, self.app_settings_value,
                         self.app_settings_type
                     )
             class RepoRhodeCodeUi(Base, BaseModel):
                 __tablename__ = 'repo_rhodecode_ui'
                 __table_args__ = (
                     UniqueConstraint(
                         'repository_id', 'ui_section', 'ui_key',
                         name='uq_repo_rhodecode_ui_repository_id_section_key'),
                     base_table_args
                 )
                 repository_id = Column(
                     "repository_id", Integer(), ForeignKey('repositories.repo_id'),
                     nullable=False)
                 ui_id = Column(
                     "ui_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 ui_section = Column(
                     "ui_section", String(255), nullable=True, unique=None, default=None)
                 ui_key = Column(
                     "ui_key", String(255), nullable=True, unique=None, default=None)
                 ui_value = Column(
                     "ui_value", String(255), nullable=True, unique=None, default=None)
                 ui_active = Column(
                     "ui_active", Boolean(), nullable=True, unique=None, default=True)
                 repository = relationship('Repository', viewonly=True)
                 def __repr__(self):
                     return '<%s[%s:%s]%s=>%s]>' % (
                         self.cls_name, self.repository.repo_name,
                         self.ui_section, self.ui_key, self.ui_value)
             class User(Base, BaseModel):
                 __tablename__ = 'users'
                 __table_args__ = (
                     UniqueConstraint('username'), UniqueConstraint('email'),
                     Index('u_username_idx', 'username'),
                     Index('u_email_idx', 'email'),
                     base_table_args
                 )
                 DEFAULT_USER = 'default'
                 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
                 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
                 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 username = Column("username", String(255), nullable=True, unique=None, default=None)
                 password = Column("password", String(255), nullable=True, unique=None, default=None)
                 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
                 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
                 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
                 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
                 _email = Column("email", String(255), nullable=True, unique=None, default=None)
                 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
                 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
                 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
                 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
                 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 _user_data = Column("user_data", LargeBinary(), nullable=True)  # JSON data
                 user_log = relationship('UserLog', back_populates='user')
                 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all, delete-orphan')
                 repositories = relationship('Repository', back_populates='user')
                 repository_groups = relationship('RepoGroup', back_populates='user')
                 user_groups = relationship('UserGroup', back_populates='user')
                 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all', back_populates='follows_user')
                 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all', back_populates='user')
                 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all, delete-orphan')
                 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan', back_populates='user')
                 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan', back_populates='user')
                 group_member = relationship('UserGroupMember', cascade='all', back_populates='user')
                 notifications = relationship('UserNotification', cascade='all', back_populates='user')
                 # notifications assigned to this user
                 user_created_notifications = relationship('Notification', cascade='all', back_populates='created_by_user')
                 # comments created by this user
                 user_comments = relationship('ChangesetComment', cascade='all', back_populates='author')
                 # user profile extra info
                 user_emails = relationship('UserEmailMap', cascade='all', back_populates='user')
                 user_ip_map = relationship('UserIpMap', cascade='all', back_populates='user')
                 user_auth_tokens = relationship('UserApiKeys', cascade='all', back_populates='user')
                 user_ssh_keys = relationship('UserSshKeys', cascade='all', back_populates='user')
                 # gists
                 user_gists = relationship('Gist', cascade='all', back_populates='owner')
                 # user pull requests
                 user_pull_requests = relationship('PullRequest', cascade='all', back_populates='author')
                 # external identities
                 external_identities = relationship('ExternalIdentity', primaryjoin="User.user_id==ExternalIdentity.local_user_id", cascade='all')
                 # review rules
                 user_review_rules = relationship('RepoReviewRuleUser', cascade='all', back_populates='user')
                 # artifacts owned
                 artifacts = relationship('FileStore', primaryjoin='FileStore.user_id==User.user_id', back_populates='upload_user')
                 # no cascade, set NULL
                 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_user_id==User.user_id', cascade='', back_populates='user')
                 def __repr__(self):
                     return f"<{self.cls_name}('id={self.user_id}, username={self.username}')>"
                 @hybrid_property
                 def email(self):
                     return self._email
                 @email.setter
                 def email(self, val):
                     self._email = val.lower() if val else None
                 @hybrid_property
                 def first_name(self):
                     from rhodecode.lib import helpers as h
                     if self.name:
                         return h.escape(self.name)
                     return self.name
                 @hybrid_property
                 def last_name(self):
                     from rhodecode.lib import helpers as h
                     if self.lastname:
                         return h.escape(self.lastname)
                     return self.lastname
                 @hybrid_property
                 def api_key(self):
                     """
                     Fetch if exist an auth-token with role ALL connected to this user
                     """
                     user_auth_token = UserApiKeys.query()\
                         .filter(UserApiKeys.user_id == self.user_id)\
                         .filter(or_(UserApiKeys.expires == -1,
                                         UserApiKeys.expires >= time.time()))\
                         .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
                     if user_auth_token:
                         user_auth_token = user_auth_token.api_key
                     return user_auth_token
                 @api_key.setter
                 def api_key(self, val):
                     # don't allow to set API key this is deprecated for now
                     self._api_key = None
                 @property
                 def reviewer_pull_requests(self):
                     return PullRequestReviewers.query() \
                         .options(joinedload(PullRequestReviewers.pull_request)) \
                         .filter(PullRequestReviewers.user_id == self.user_id) \
                         .all()
                 @property
                 def firstname(self):
                     # alias for future
                     return self.name
                 @property
                 def emails(self):
                     other = UserEmailMap.query()\
                         .filter(UserEmailMap.user == self) \
                         .order_by(UserEmailMap.email_id.asc()) \
                         .all()
                     return [self.email] + [x.email for x in other]
                 def emails_cached(self):
                     emails = []
                     if self.user_id != self.get_default_user_id():
                         emails = UserEmailMap.query()\
                             .filter(UserEmailMap.user == self) \
                             .order_by(UserEmailMap.email_id.asc())
                         emails = emails.options(
                             FromCache("sql_cache_short", f"get_user_{self.user_id}_emails")
                         )
                     return [self.email] + [x.email for x in emails]
                 @property
                 def auth_tokens(self):
                     auth_tokens = self.get_auth_tokens()
                     return [x.api_key for x in auth_tokens]
                 def get_auth_tokens(self):
                     return UserApiKeys.query()\
                         .filter(UserApiKeys.user == self)\
                         .order_by(UserApiKeys.user_api_key_id.asc())\
                         .all()
                 @LazyProperty
                 def feed_token(self):
                     return self.get_feed_token()
                 def get_feed_token(self, cache=True):
                     feed_tokens = UserApiKeys.query()\
                         .filter(UserApiKeys.user == self)\
                         .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
                     if cache:
                         feed_tokens = feed_tokens.options(
                             FromCache("sql_cache_short", f"get_user_feed_token_{self.user_id}"))
                     feed_tokens = feed_tokens.all()
                     if feed_tokens:
                         return feed_tokens[0].api_key
                     return 'NO_FEED_TOKEN_AVAILABLE'
                 @LazyProperty
                 def artifact_token(self):
                     return self.get_artifact_token()
                 def get_artifact_token(self, cache=True):
                     artifacts_tokens = UserApiKeys.query()\
                         .filter(UserApiKeys.user == self) \
                         .filter(or_(UserApiKeys.expires == -1,
                                     UserApiKeys.expires >= time.time())) \
                         .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
                     if cache:
                         artifacts_tokens = artifacts_tokens.options(
                             FromCache("sql_cache_short", f"get_user_artifact_token_{self.user_id}"))
                     artifacts_tokens = artifacts_tokens.all()
                     if artifacts_tokens:
                         return artifacts_tokens[0].api_key
                     return 'NO_ARTIFACT_TOKEN_AVAILABLE'
                 def get_or_create_artifact_token(self):
                     artifacts_tokens = UserApiKeys.query()\
                         .filter(UserApiKeys.user == self) \
                         .filter(or_(UserApiKeys.expires == -1,
                                     UserApiKeys.expires >= time.time())) \
                         .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
                     artifacts_tokens = artifacts_tokens.all()
                     if artifacts_tokens:
                         return artifacts_tokens[0].api_key
                     else:
                         from rhodecode.model.auth_token import AuthTokenModel
                         artifact_token = AuthTokenModel().create(
                             self, 'auto-generated-artifact-token',
                             lifetime=-1, role=UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
                         Session.commit()
                         return artifact_token.api_key
                 @classmethod
                 def get(cls, user_id, cache=False):
                     if not user_id:
                         return
                     user = cls.query()
                     if cache:
                         user = user.options(
                             FromCache("sql_cache_short", f"get_users_{user_id}"))
                     return user.get(user_id)
                 @classmethod
                 def extra_valid_auth_tokens(cls, user, role=None):
                     tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
                             .filter(or_(UserApiKeys.expires == -1,
                                         UserApiKeys.expires >= time.time()))
                     if role:
                         tokens = tokens.filter(or_(UserApiKeys.role == role,
                                                    UserApiKeys.role == UserApiKeys.ROLE_ALL))
                     return tokens.all()
                 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
                     from rhodecode.lib import auth
                     log.debug('Trying to authenticate user: %s via auth-token, '
                               'and roles: %s', self, roles)
                     if not auth_token:
                         return False
                     roles = (roles or []) + [UserApiKeys.ROLE_ALL]
                     tokens_q = UserApiKeys.query()\
                         .filter(UserApiKeys.user_id == self.user_id)\
                         .filter(or_(UserApiKeys.expires == -1,
                                     UserApiKeys.expires >= time.time()))
                     tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
                     crypto_backend = auth.crypto_backend()
                     enc_token_map = {}
                     plain_token_map = {}
                     for token in tokens_q:
                         if token.api_key.startswith(crypto_backend.ENC_PREF):
                             enc_token_map[token.api_key] = token
                         else:
                             plain_token_map[token.api_key] = token
                     log.debug(
                         'Found %s plain and %s encrypted tokens to check for authentication for this user',
                         len(plain_token_map), len(enc_token_map))
                     # plain token match comes first
                     match = plain_token_map.get(auth_token)
                     # check encrypted tokens now
                     if not match:
                         for token_hash, token in enc_token_map.items():
                             # NOTE(marcink): this is expensive to calculate, but most secure
                             if crypto_backend.hash_check(auth_token, token_hash):
                                 match = token
                                 break
                     if match:
                         log.debug('Found matching token %s', match)
                         if match.repo_id:
                             log.debug('Found scope, checking for scope match of token %s', match)
                             if match.repo_id == scope_repo_id:
                                 return True
                             else:
                                 log.debug(
                                     'AUTH_TOKEN: scope mismatch, token has a set repo scope: %s, '
                                     'and calling scope is:%s, skipping further checks',
                                      match.repo, scope_repo_id)
                                 return False
                         else:
                             return True
                     return False
                 @property
                 def ip_addresses(self):
                     ret = UserIpMap.query().filter(UserIpMap.user == self).all()
                     return [x.ip_addr for x in ret]
                 @property
                 def username_and_name(self):
                     return f'{self.username} ({self.first_name} {self.last_name})'
                 @property
                 def username_or_name_or_email(self):
                     full_name = self.full_name if self.full_name != ' ' else None
                     return self.username or full_name or self.email
                 @property
                 def full_name(self):
                     return f'{self.first_name} {self.last_name}'
                 @property
                 def full_name_or_username(self):
                     return (f'{self.first_name} {self.last_name}'
                             if (self.first_name and self.last_name) else self.username)
                 @property
                 def full_contact(self):
                     return f'{self.first_name} {self.last_name} <{self.email}>'
                 @property
                 def short_contact(self):
                     return f'{self.first_name} {self.last_name}'
                 @property
                 def is_admin(self):
                     return self.admin
                 @property
                 def language(self):
                     return self.user_data.get('language')
                 def AuthUser(self, **kwargs):
                     """
                     Returns instance of AuthUser for this user
                     """
                     from rhodecode.lib.auth import AuthUser
                     return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
                 @hybrid_property
                 def user_data(self):
                     if not self._user_data:
                         return {}
                     try:
                         return json.loads(self._user_data) or {}
                     except TypeError:
                         return {}
                 @user_data.setter
                 def user_data(self, val):
                     if not isinstance(val, dict):
                         raise Exception('user_data must be dict, got %s' % type(val))
                     try:
                         self._user_data = safe_bytes(json.dumps(val))
                     except Exception:
                         log.error(traceback.format_exc())
                 @classmethod
                 def get_by_username(cls, username, case_insensitive=False,
                                     cache=False):
                     if case_insensitive:
                         q = cls.select().where(
                             func.lower(cls.username) == func.lower(username))
                     else:
                         q = cls.select().where(cls.username == username)
                     if cache:
                         hash_key = _hash_key(username)
                         q = q.options(
                             FromCache("sql_cache_short", f"get_user_by_name_{hash_key}"))
                     return cls.execute(q).scalar_one_or_none()
                 @classmethod
                 def get_by_auth_token(cls, auth_token, cache=False):
                     q = cls.select(User)\
                         .join(UserApiKeys)\
                         .where(UserApiKeys.api_key == auth_token)\
                         .where(or_(UserApiKeys.expires == -1,
                                    UserApiKeys.expires >= time.time()))
                     if cache:
                         q = q.options(
                             FromCache("sql_cache_short", f"get_auth_token_{auth_token}"))
                     matched_user = cls.execute(q).scalar_one_or_none()
                     return matched_user
                 @classmethod
                 def get_by_email(cls, email, case_insensitive=False, cache=False):
                     if case_insensitive:
                         q = cls.select().where(func.lower(cls.email) == func.lower(email))
                     else:
                         q = cls.select().where(cls.email == email)
                     if cache:
                         email_key = _hash_key(email)
                         q = q.options(
                             FromCache("sql_cache_short", f"get_email_key_{email_key}"))
                     ret = cls.execute(q).scalar_one_or_none()
                     if ret is None:
                         q = cls.select(UserEmailMap)
                         # try fetching in alternate email map
                         if case_insensitive:
                             q = q.where(func.lower(UserEmailMap.email) == func.lower(email))
                         else:
                             q = q.where(UserEmailMap.email == email)
                         q = q.options(joinedload(UserEmailMap.user))
                         if cache:
                             q = q.options(
                                 FromCache("sql_cache_short", f"get_email_map_key_{email_key}"))
                         result = cls.execute(q).scalar_one_or_none()
                         ret = getattr(result, 'user', None)
                     return ret
                 @classmethod
                 def get_from_cs_author(cls, author):
                     """
                     Tries to get User objects out of commit author string
                     :param author:
                     """
                     from rhodecode.lib.helpers import email, author_name
                     # Valid email in the attribute passed, see if they're in the system
                     _email = email(author)
                     if _email:
                         user = cls.get_by_email(_email, case_insensitive=True)
                         if user:
                             return user
                     # Maybe we can match by username?
                     _author = author_name(author)
                     user = cls.get_by_username(_author, case_insensitive=True)
                     if user:
                         return user
                 def update_userdata(self, **kwargs):
                     usr = self
                     old = usr.user_data
                     old.update(**kwargs)
                     usr.user_data = old
                     Session().add(usr)
                     log.debug('updated userdata with %s', kwargs)
                 def update_lastlogin(self):
                     """Update user lastlogin"""
                     self.last_login = datetime.datetime.now()
                     Session().add(self)
                     log.debug('updated user %s lastlogin', self.username)
                 def update_password(self, new_password):
                     from rhodecode.lib.auth import get_crypt_password
                     self.password = get_crypt_password(new_password)
                     Session().add(self)
                 @classmethod
                 def get_first_super_admin(cls):
                     stmt = cls.select().where(User.admin == true()).order_by(User.user_id.asc())
                     user = cls.scalars(stmt).first()
                     if user is None:
                         raise Exception('FATAL: Missing administrative account!')
                     return user
                 @classmethod
                 def get_all_super_admins(cls, only_active=False):
                     """
                     Returns all admin accounts sorted by username
                     """
                     qry = User.query().filter(User.admin == true()).order_by(User.username.asc())
                     if only_active:
                         qry = qry.filter(User.active == true())
                     return qry.all()
                 @classmethod
                 def get_all_user_ids(cls, only_active=True):
                     """
                     Returns all users IDs
                     """
                     qry = Session().query(User.user_id)
                     if only_active:
                         qry = qry.filter(User.active == true())
                     return [x.user_id for x in qry]
                 @classmethod
                 def get_default_user(cls, cache=False, refresh=False):
                     user = User.get_by_username(User.DEFAULT_USER, cache=cache)
                     if user is None:
                         raise Exception('FATAL: Missing default account!')
                     if refresh:
                         # The default user might be based on outdated state which
                         # has been loaded from the cache.
                         # A call to refresh() ensures that the
                         # latest state from the database is used.
                         Session().refresh(user)
                     return user
                 @classmethod
                 def get_default_user_id(cls):
                     import rhodecode
                     return rhodecode.CONFIG['default_user_id']
                 def _get_default_perms(self, user, suffix=''):
                     from rhodecode.model.permission import PermissionModel
                     return PermissionModel().get_default_perms(user.user_perms, suffix)
                 def get_default_perms(self, suffix=''):
                     return self._get_default_perms(self, suffix)
                 def get_api_data(self, include_secrets=False, details='full'):
                     """
                     Common function for generating user related data for API
                     :param include_secrets: By default secrets in the API data will be replaced
                        by a placeholder value to prevent exposing this data by accident. In case
                        this data shall be exposed, set this flag to ``True``.
                     :param details: details can be 'basic|full' basic gives only a subset of
                        the available user information that includes user_id, name and emails.
                     """
                     user = self
                     user_data = self.user_data
                     data = {
                         'user_id': user.user_id,
                         'username': user.username,
                         'firstname': user.name,
                         'lastname': user.lastname,
                         'description': user.description,
                         'email': user.email,
                         'emails': user.emails,
                     }
                     if details == 'basic':
                         return data
                     auth_token_length = 40
                     auth_token_replacement = '*' * auth_token_length
                     extras = {
                         'auth_tokens': [auth_token_replacement],
                         'active': user.active,
                         'admin': user.admin,
                         'extern_type': user.extern_type,
                         'extern_name': user.extern_name,
                         'last_login': user.last_login,
                         'last_activity': user.last_activity,
                         'ip_addresses': user.ip_addresses,
                         'language': user_data.get('language')
                     }
                     data.update(extras)
                     if include_secrets:
                         data['auth_tokens'] = user.auth_tokens
                     return data
                 def __json__(self):
                     data = {
                         'full_name': self.full_name,
                         'full_name_or_username': self.full_name_or_username,
                         'short_contact': self.short_contact,
                         'full_contact': self.full_contact,
                     }
                     data.update(self.get_api_data())
                     return data
             class UserApiKeys(Base, BaseModel):
                 __tablename__ = 'user_api_keys'
                 __table_args__ = (
                     Index('uak_api_key_idx', 'api_key'),
                     Index('uak_api_key_expires_idx', 'api_key', 'expires'),
                     base_table_args
                 )
                 # ApiKey role
                 ROLE_ALL = 'token_role_all'
                 ROLE_VCS = 'token_role_vcs'
                 ROLE_API = 'token_role_api'
                 ROLE_HTTP = 'token_role_http'
                 ROLE_FEED = 'token_role_feed'
                 ROLE_ARTIFACT_DOWNLOAD = 'role_artifact_download'
                 # The last one is ignored in the list as we only
                 # use it for one action, and cannot be created by users
                 ROLE_PASSWORD_RESET = 'token_password_reset'
                 ROLES = [ROLE_ALL, ROLE_VCS, ROLE_API, ROLE_HTTP, ROLE_FEED, ROLE_ARTIFACT_DOWNLOAD]
                 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 api_key = Column("api_key", String(255), nullable=False, unique=True)
                 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                 expires = Column('expires', Float(53), nullable=False)
                 role = Column('role', String(255), nullable=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 # scope columns
                 repo_id = Column(
                     'repo_id', Integer(), ForeignKey('repositories.repo_id'),
                     nullable=True, unique=None, default=None)
                 repo = relationship('Repository', lazy='joined', back_populates='scoped_tokens')
                 repo_group_id = Column(
                     'repo_group_id', Integer(), ForeignKey('groups.group_id'),
                     nullable=True, unique=None, default=None)
                 repo_group = relationship('RepoGroup', lazy='joined')
                 user = relationship('User', lazy='joined', back_populates='user_auth_tokens')
                 def __repr__(self):
                     return f"<{self.cls_name}('{self.role}')>"
                 def __json__(self):
                     data = {
                         'auth_token': self.api_key,
                         'role': self.role,
                         'scope': self.scope_humanized,
                         'expired': self.expired
                     }
                     return data
                 def get_api_data(self, include_secrets=False):
                     data = self.__json__()
                     if include_secrets:
                         return data
                     else:
                         data['auth_token'] = self.token_obfuscated
                         return data
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @property
                 def expired(self):
                     if self.expires == -1:
                         return False
                     return time.time() > self.expires
                 @classmethod
                 def _get_role_name(cls, role):
                     return {
                         cls.ROLE_ALL: _('all'),
                         cls.ROLE_HTTP: _('http/web interface'),
                         cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
                         cls.ROLE_API: _('api calls'),
                         cls.ROLE_FEED: _('feed access'),
                         cls.ROLE_ARTIFACT_DOWNLOAD: _('artifacts downloads'),
                     }.get(role, role)
                 @classmethod
                 def _get_role_description(cls, role):
                     return {
                         cls.ROLE_ALL: _('Token for all actions.'),
                         cls.ROLE_HTTP: _('Token to access RhodeCode pages via web interface without '
                                          'login using `api_access_controllers_whitelist` functionality.'),
                         cls.ROLE_VCS: _('Token to interact over git/hg/svn protocols. '
                                         'Requires auth_token authentication plugin to be active. <br/>'
                                         'Such Token should be used then instead of a password to '
                                         'interact with a repository, and additionally can be '
                                         'limited to single repository using repo scope.'),
                         cls.ROLE_API: _('Token limited to api calls.'),
                         cls.ROLE_FEED: _('Token to read RSS/ATOM feed.'),
                         cls.ROLE_ARTIFACT_DOWNLOAD: _('Token for artifacts downloads.'),
                     }.get(role, role)
                 @property
                 def role_humanized(self):
                     return self._get_role_name(self.role)
                 def _get_scope(self):
                     if self.repo:
                         return 'Repository: {}'.format(self.repo.repo_name)
                     if self.repo_group:
                         return 'RepositoryGroup: {} (recursive)'.format(self.repo_group.group_name)
                     return 'Global'
                 @property
                 def scope_humanized(self):
                     return self._get_scope()
                 @property
                 def token_obfuscated(self):
                     if self.api_key:
                         return self.api_key[:4] + "****"
             class UserEmailMap(Base, BaseModel):
                 __tablename__ = 'user_email_map'
                 __table_args__ = (
                     Index('uem_email_idx', 'email'),
                     Index('uem_user_id_idx', 'user_id'),
                     UniqueConstraint('email'),
                     base_table_args
                 )
                 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 _email = Column("email", String(255), nullable=True, unique=False, default=None)
                 user = relationship('User', lazy='joined', back_populates='user_emails')
                 @validates('_email')
                 def validate_email(self, key, email):
                     # check if this email is not main one
                     main_email = Session().query(User).filter(User.email == email).scalar()
                     if main_email is not None:
                         raise AttributeError('email %s is present is user table' % email)
                     return email
                 @hybrid_property
                 def email(self):
                     return self._email
                 @email.setter
                 def email(self, val):
                     self._email = val.lower() if val else None
             class UserIpMap(Base, BaseModel):
                 __tablename__ = 'user_ip_map'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'ip_addr'),
                     base_table_args
                 )
                 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
                 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
                 description = Column("description", String(10000), nullable=True, unique=None, default=None)
                 user = relationship('User', lazy='joined', back_populates='user_ip_map')
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @classmethod
                 def _get_ip_range(cls, ip_addr):
                     net = ipaddress.ip_network(safe_str(ip_addr), strict=False)
                     return [str(net.network_address), str(net.broadcast_address)]
                 def __json__(self):
                     return {
                       'ip_addr': self.ip_addr,
                       'ip_range': self._get_ip_range(self.ip_addr),
                     }
                 def __repr__(self):
                     return f"<{self.cls_name}('user_id={self.user_id} => ip={self.ip_addr}')>"
             class UserSshKeys(Base, BaseModel):
                 __tablename__ = 'user_ssh_keys'
                 __table_args__ = (
                     Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
                     UniqueConstraint('ssh_key_fingerprint'),
                     base_table_args
                 )
                 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
                 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
                 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 user = relationship('User', lazy='joined', back_populates='user_ssh_keys')
                 def __json__(self):
                     data = {
                         'ssh_fingerprint': self.ssh_key_fingerprint,
                         'description': self.description,
                         'created_on': self.created_on
                     }
                     return data
                 def get_api_data(self):
                     data = self.__json__()
                     return data
             class UserLog(Base, BaseModel):
                 __tablename__ = 'user_logs'
                 __table_args__ = (
                     base_table_args,
                 )
                 VERSION_1 = 'v1'
                 VERSION_2 = 'v2'
                 VERSIONS = [VERSION_1, VERSION_2]
                 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
                 username = Column("username", String(255), nullable=True, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
                 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
                 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
                 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
                 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 version = Column("version", String(255), nullable=True, default=VERSION_1)
                 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
                 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
                 user = relationship('User', cascade='', back_populates='user_log')
                 repository = relationship('Repository', cascade='', back_populates='logs')
                 def __repr__(self):
                     return f"<{self.cls_name}('id:{self.repository_name}:{self.action}')>"
                 def __json__(self):
                     return {
                         'user_id': self.user_id,
                         'username': self.username,
                         'repository_id': self.repository_id,
                         'repository_name': self.repository_name,
                         'user_ip': self.user_ip,
                         'action_date': self.action_date,
                         'action': self.action,
                     }
                 @hybrid_property
                 def entry_id(self):
                     return self.user_log_id
                 @property
                 def action_as_day(self):
                     return datetime.date(*self.action_date.timetuple()[:3])
             class UserGroup(Base, BaseModel):
                 __tablename__ = 'users_groups'
                 __table_args__ = (
                     base_table_args,
                 )
                 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
                 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
                 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
                 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 _group_data = Column("group_data", LargeBinary(), nullable=True)  # JSON data
                 members = relationship('UserGroupMember', cascade="all, delete-orphan", lazy="joined", back_populates='users_group')
                 users_group_to_perm = relationship('UserGroupToPerm', cascade='all', back_populates='users_group')
                 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all', back_populates='users_group')
                 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all', back_populates='users_group')
                 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all', back_populates='user_group')
                 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all', back_populates='target_user_group')
                 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all', back_populates='users_group')
                 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id", back_populates='user_groups')
                 @classmethod
                 def _load_group_data(cls, column):
                     if not column:
                         return {}
                     try:
                         return json.loads(column) or {}
                     except TypeError:
                         return {}
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.user_group_description)
                 @hybrid_property
                 def group_data(self):
                     return self._load_group_data(self._group_data)
                 @group_data.expression
                 def group_data(self, **kwargs):
                     return self._group_data
                 @group_data.setter
                 def group_data(self, val):
                     try:
                         self._group_data = json.dumps(val)
                     except Exception:
                         log.error(traceback.format_exc())
                 @classmethod
                 def _load_sync(cls, group_data):
                     if group_data:
                         return group_data.get('extern_type')
                 @property
                 def sync(self):
                     return self._load_sync(self.group_data)
                 def __repr__(self):
                     return f"<{self.cls_name}('id:{self.users_group_id}:{self.users_group_name}')>"
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False,
                                       case_insensitive=False):
                     if case_insensitive:
                         q = cls.query().filter(func.lower(cls.users_group_name) ==
                                                func.lower(group_name))
                     else:
                         q = cls.query().filter(cls.users_group_name == group_name)
                     if cache:
                         name_key = _hash_key(group_name)
                         q = q.options(
                             FromCache("sql_cache_short", f"get_group_{name_key}"))
                     return q.scalar()
                 @classmethod
                 def get(cls, user_group_id, cache=False):
                     if not user_group_id:
                         return
                     user_group = cls.query()
                     if cache:
                         user_group = user_group.options(
                             FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
                     return user_group.get(user_group_id)
                 def permissions(self, with_admins=True, with_owner=True,
                                 expand_from_user_groups=False):
                     """
                     Permissions for user groups
                     """
                     _admin_perm = 'usergroup.admin'
                     owner_row = []
                     if with_owner:
                         usr = AttributeDict(self.user.get_dict())
                         usr.owner_row = True
                         usr.permission = _admin_perm
                         owner_row.append(usr)
                     super_admin_ids = []
                     super_admin_rows = []
                     if with_admins:
                         for usr in User.get_all_super_admins():
                             super_admin_ids.append(usr.user_id)
                             # if this admin is also owner, don't double the record
                             if usr.user_id == owner_row[0].user_id:
                                 owner_row[0].admin_row = True
                             else:
                                 usr = AttributeDict(usr.get_dict())
                                 usr.admin_row = True
                                 usr.permission = _admin_perm
                                 super_admin_rows.append(usr)
                     q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
                     q = q.options(joinedload(UserUserGroupToPerm.user_group),
                                   joinedload(UserUserGroupToPerm.user),
                                   joinedload(UserUserGroupToPerm.permission),)
                     # get owners and admins and permissions. We do a trick of re-writing
                     # objects from sqlalchemy to named-tuples due to sqlalchemy session
                     # has a global reference and changing one object propagates to all
                     # others. This means if admin is also an owner admin_row that change
                     # would propagate to both objects
                     perm_rows = []
                     for _usr in q.all():
                         usr = AttributeDict(_usr.user.get_dict())
                         # if this user is also owner/admin, mark as duplicate record
                         if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
                             usr.duplicate_perm = True
                         usr.permission = _usr.permission.permission_name
                         perm_rows.append(usr)
                     # filter the perm rows by 'default' first and then sort them by
                     # admin,write,read,none permissions sorted again alphabetically in
                     # each group
                     perm_rows = sorted(perm_rows, key=display_user_sort)
                     user_groups_rows = []
                     if expand_from_user_groups:
                         for ug in self.permission_user_groups(with_members=True):
                             for user_data in ug.members:
                                 user_groups_rows.append(user_data)
                     return super_admin_rows + owner_row + perm_rows + user_groups_rows
                 def permission_user_groups(self, with_members=False):
                     q = UserGroupUserGroupToPerm.query()\
                         .filter(UserGroupUserGroupToPerm.target_user_group == self)
                     q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
                                   joinedload(UserGroupUserGroupToPerm.target_user_group),
                                   joinedload(UserGroupUserGroupToPerm.permission),)
                     perm_rows = []
                     for _user_group in q.all():
                         entry = AttributeDict(_user_group.user_group.get_dict())
                         entry.permission = _user_group.permission.permission_name
                         if with_members:
                             entry.members = [x.user.get_dict()
                                              for x in _user_group.user_group.members]
                         perm_rows.append(entry)
                     perm_rows = sorted(perm_rows, key=display_user_group_sort)
                     return perm_rows
                 def _get_default_perms(self, user_group, suffix=''):
                     from rhodecode.model.permission import PermissionModel
                     return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
                 def get_default_perms(self, suffix=''):
                     return self._get_default_perms(self, suffix)
                 def get_api_data(self, with_group_members=True, include_secrets=False):
                     """
                     :param include_secrets: See :meth:`User.get_api_data`, this parameter is
                        basically forwarded.
                     """
                     user_group = self
                     data = {
                         'users_group_id': user_group.users_group_id,
                         'group_name': user_group.users_group_name,
                         'group_description': user_group.user_group_description,
                         'active': user_group.users_group_active,
                         'owner': user_group.user.username,
                         'sync': user_group.sync,
                         'owner_email': user_group.user.email,
                     }
                     if with_group_members:
                         users = []
                         for user in user_group.members:
                             user = user.user
                             users.append(user.get_api_data(include_secrets=include_secrets))
                         data['users'] = users
                     return data
             class UserGroupMember(Base, BaseModel):
                 __tablename__ = 'users_groups_members'
                 __table_args__ = (
                     base_table_args,
                 )
                 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 user = relationship('User', lazy='joined', back_populates='group_member')
                 users_group = relationship('UserGroup', back_populates='members')
                 def __init__(self, gr_id='', u_id=''):
                     self.users_group_id = gr_id
                     self.user_id = u_id
             class RepositoryField(Base, BaseModel):
                 __tablename__ = 'repositories_fields'
                 __table_args__ = (
                     UniqueConstraint('repository_id', 'field_key'),  # no-multi field
                     base_table_args,
                 )
                 PREFIX = 'ex_'  # prefix used in form to not conflict with already existing fields
                 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 field_key = Column("field_key", String(250))
                 field_label = Column("field_label", String(1024), nullable=False)
                 field_value = Column("field_value", String(10000), nullable=False)
                 field_desc = Column("field_desc", String(1024), nullable=False)
                 field_type = Column("field_type", String(255), nullable=False, unique=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 repository = relationship('Repository', back_populates='extra_fields')
                 @property
                 def field_key_prefixed(self):
                     return 'ex_%s' % self.field_key
                 @classmethod
                 def un_prefix_key(cls, key):
                     if key.startswith(cls.PREFIX):
                         return key[len(cls.PREFIX):]
                     return key
                 @classmethod
                 def get_by_key_name(cls, key, repo):
                     row = cls.query()\
                             .filter(cls.repository == repo)\
                             .filter(cls.field_key == key).scalar()
                     return row
             class Repository(Base, BaseModel):
                 __tablename__ = 'repositories'
                 __table_args__ = (
                     Index('r_repo_name_idx', 'repo_name', mysql_length=255),
                     base_table_args,
                 )
                 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
                 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
                 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
                 STATE_CREATED = 'repo_state_created'
                 STATE_PENDING = 'repo_state_pending'
                 STATE_ERROR = 'repo_state_error'
                 LOCK_AUTOMATIC = 'lock_auto'
                 LOCK_API = 'lock_api'
                 LOCK_WEB = 'lock_web'
                 LOCK_PULL = 'lock_pull'
                 NAME_SEP = URL_SEP
                 repo_id = Column(
                     "repo_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 _repo_name = Column(
                     "repo_name", Text(), nullable=False, default=None)
                 repo_name_hash = Column(
                     "repo_name_hash", String(255), nullable=False, unique=True)
                 repo_state = Column("repo_state", String(255), nullable=True)
                 clone_uri = Column(
                     "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
                     default=None)
                 push_uri = Column(
                     "push_uri", EncryptedTextValue(), nullable=True, unique=False,
                     default=None)
                 repo_type = Column(
                     "repo_type", String(255), nullable=False, unique=False, default=None)
                 user_id = Column(
                     "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
                     unique=False, default=None)
                 private = Column(
                     "private", Boolean(), nullable=True, unique=None, default=None)
                 archived = Column(
                     "archived", Boolean(), nullable=True, unique=None, default=None)
                 enable_statistics = Column(
                     "statistics", Boolean(), nullable=True, unique=None, default=True)
                 enable_downloads = Column(
                     "downloads", Boolean(), nullable=True, unique=None, default=True)
                 description = Column(
                     "description", String(10000), nullable=True, unique=None, default=None)
                 created_on = Column(
                     'created_on', DateTime(timezone=False), nullable=True, unique=None,
                     default=datetime.datetime.now)
                 updated_on = Column(
                     'updated_on', DateTime(timezone=False), nullable=True, unique=None,
                     default=datetime.datetime.now)
                 _landing_revision = Column(
                     "landing_revision", String(255), nullable=False, unique=False,
                     default=None)
                 enable_locking = Column(
                     "enable_locking", Boolean(), nullable=False, unique=None,
                     default=False)
                 _locked = Column(
                     "locked", String(255), nullable=True, unique=False, default=None)
                 _changeset_cache = Column(
                     "changeset_cache", LargeBinary(), nullable=True)  # JSON data
                 fork_id = Column(
                     "fork_id", Integer(), ForeignKey('repositories.repo_id'),
                     nullable=True, unique=False, default=None)
                 group_id = Column(
                     "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
                     unique=False, default=None)
                 user = relationship('User', lazy='joined', back_populates='repositories')
                 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
                 group = relationship('RepoGroup', lazy='joined')
                 repo_to_perm = relationship('UserRepoToPerm', cascade='all', order_by='UserRepoToPerm.repo_to_perm_id')
                 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all', back_populates='repository')
                 stats = relationship('Statistics', cascade='all', uselist=False)
                 followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', cascade='all', back_populates='follows_repository')
                 extra_fields = relationship('RepositoryField', cascade="all, delete-orphan", back_populates='repository')
                 logs = relationship('UserLog', back_populates='repository')
                 comments = relationship('ChangesetComment', cascade="all, delete-orphan", back_populates='repo')
                 pull_requests_source = relationship(
                     'PullRequest',
                     primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
                     cascade="all, delete-orphan",
                     overlaps="source_repo"
                 )
                 pull_requests_target = relationship(
                     'PullRequest',
                     primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
                     cascade="all, delete-orphan",
                     overlaps="target_repo"
                 )
                 ui = relationship('RepoRhodeCodeUi', cascade="all")
                 settings = relationship('RepoRhodeCodeSetting', cascade="all")
                 integrations = relationship('Integration', cascade="all, delete-orphan", back_populates='repo')
                 scoped_tokens = relationship('UserApiKeys', cascade="all", back_populates='repo')
                 # no cascade, set NULL
                 artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_id==Repository.repo_id', viewonly=True)
                 review_rules = relationship('RepoReviewRule')
                 user_branch_perms = relationship('UserToRepoBranchPermission')
                 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission')
                 def __repr__(self):
                     return "<%s('%s:%s')>" % (self.cls_name, self.repo_id, self.repo_name)
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @hybrid_property
                 def landing_rev(self):
                     # always should return [rev_type, rev], e.g ['branch', 'master']
                     if self._landing_revision:
                         _rev_info = self._landing_revision.split(':')
                         if len(_rev_info) < 2:
                             _rev_info.insert(0, 'rev')
                         return [_rev_info[0], _rev_info[1]]
                     return [None, None]
                 @property
                 def landing_ref_type(self):
                     return self.landing_rev[0]
                 @property
                 def landing_ref_name(self):
                     return self.landing_rev[1]
                 @landing_rev.setter
                 def landing_rev(self, val):
                     if ':' not in val:
                         raise ValueError('value must be delimited with `:` and consist '
                                          'of <rev_type>:<rev>, got %s instead' % val)
                     self._landing_revision = val
                 @hybrid_property
                 def locked(self):
                     if self._locked:
                         user_id, timelocked, reason = self._locked.split(':')
                         lock_values = int(user_id), timelocked, reason
                     else:
                         lock_values = [None, None, None]
                     return lock_values
                 @locked.setter
                 def locked(self, val):
                     if val and isinstance(val, (list, tuple)):
                         self._locked = ':'.join(map(str, val))
                     else:
                         self._locked = None
                 @classmethod
                 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
                     from rhodecode.lib.vcs.backends.base import EmptyCommit
                     dummy = EmptyCommit().__json__()
                     if not changeset_cache_raw:
                         dummy['source_repo_id'] = repo_id
                         return json.loads(json.dumps(dummy))
                     try:
                         return json.loads(changeset_cache_raw)
                     except TypeError:
                         return dummy
                     except Exception:
                         log.error(traceback.format_exc())
                         return dummy
                 @hybrid_property
                 def changeset_cache(self):
                     return self._load_changeset_cache(self.repo_id, self._changeset_cache)
                 @changeset_cache.setter
                 def changeset_cache(self, val):
                     try:
                         self._changeset_cache = json.dumps(val)
                     except Exception:
                         log.error(traceback.format_exc())
                 @hybrid_property
                 def repo_name(self):
                     return self._repo_name
                 @repo_name.setter
                 def repo_name(self, value):
                     self._repo_name = value
                     self.repo_name_hash = sha1(safe_bytes(value))
                 @classmethod
                 def normalize_repo_name(cls, repo_name):
                     """
                     Normalizes os specific repo_name to the format internally stored inside
                     database using URL_SEP
                     :param cls:
                     :param repo_name:
                     """
                     return cls.NAME_SEP.join(repo_name.split(os.sep))
                 @classmethod
                 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
                     session = Session()
                     q = session.query(cls).filter(cls.repo_name == repo_name)
                     if cache:
                         if identity_cache:
                             val = cls.identity_cache(session, 'repo_name', repo_name)
                             if val:
                                 return val
                         else:
                             cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
                             q = q.options(
                                 FromCache("sql_cache_short", cache_key))
                     return q.scalar()
                 @classmethod
                 def get_by_id_or_repo_name(cls, repoid):
                     if isinstance(repoid, int):
                         try:
                             repo = cls.get(repoid)
                         except ValueError:
                             repo = None
                     else:
                         repo = cls.get_by_repo_name(repoid)
                     return repo
                 @classmethod
                 def get_by_full_path(cls, repo_full_path):
                     repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
                     repo_name = cls.normalize_repo_name(repo_name)
                     return cls.get_by_repo_name(repo_name.strip(URL_SEP))
                 @classmethod
                 def get_repo_forks(cls, repo_id):
                     return cls.query().filter(Repository.fork_id == repo_id)
                 @classmethod
                 def base_path(cls):
                     """
                     Returns base path when all repos are stored
                     :param cls:
                     """
-                    from rhodecode.lib.utils import get_rhodecode_base_path
+                    from rhodecode.lib.utils import get_rhodecode_repo_store_path
-                    return get_rhodecode_base_path()
+                    return get_rhodecode_repo_store_path()
                 @classmethod
                 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
                                   case_insensitive=True, archived=False):
                     q = Repository.query()
                     if not archived:
                         q = q.filter(Repository.archived.isnot(true()))
                     if not isinstance(user_id, Optional):
                         q = q.filter(Repository.user_id == user_id)
                     if not isinstance(group_id, Optional):
                         q = q.filter(Repository.group_id == group_id)
                     if case_insensitive:
                         q = q.order_by(func.lower(Repository.repo_name))
                     else:
                         q = q.order_by(Repository.repo_name)
                     return q.all()
                 @property
                 def repo_uid(self):
                     return '_{}'.format(self.repo_id)
                 @property
                 def forks(self):
                     """
                     Return forks of this repo
                     """
                     return Repository.get_repo_forks(self.repo_id)
                 @property
                 def parent(self):
                     """
                     Returns fork parent
                     """
                     return self.fork
                 @property
                 def just_name(self):
                     return self.repo_name.split(self.NAME_SEP)[-1]
                 @property
                 def groups_with_parents(self):
                     groups = []
                     if self.group is None:
                         return groups
                     cur_gr = self.group
                     groups.insert(0, cur_gr)
                     while 1:
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def groups_and_repo(self):
                     return self.groups_with_parents, self
-                @LazyProperty
+                @property
                 def repo_path(self):
                     """
                     Returns base full path for that repository means where it actually
                     exists on a filesystem
                     """
-                    q = Session().query(RhodeCodeUi).filter(
+                    return self.base_path()
-                        RhodeCodeUi.ui_key == self.NAME_SEP)
-                    q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
-                    return q.one().ui_value
                 @property
                 def repo_full_path(self):
                     p = [self.repo_path]
                     # we need to split the name by / since this is how we store the
                     # names in the database, but that eventually needs to be converted
                     # into a valid system path
                     p += self.repo_name.split(self.NAME_SEP)
                     return os.path.join(*map(safe_str, p))
                 @property
                 def cache_keys(self):
                     """
                     Returns associated cache keys for that repo
                     """
                     repo_namespace_key = CacheKey.REPO_INVALIDATION_NAMESPACE.format(repo_id=self.repo_id)
                     return CacheKey.query()\
                         .filter(CacheKey.cache_key == repo_namespace_key)\
                         .order_by(CacheKey.cache_key)\
                         .all()
                 @property
                 def cached_diffs_relative_dir(self):
                     """
                     Return a relative to the repository store path of cached diffs
                     used for safe display for users, who shouldn't know the absolute store
                     path
                     """
                     return os.path.join(
                         os.path.dirname(self.repo_name),
                         self.cached_diffs_dir.split(os.path.sep)[-1])
                 @property
                 def cached_diffs_dir(self):
                     path = self.repo_full_path
                     return os.path.join(
                         os.path.dirname(path),
                         f'.__shadow_diff_cache_repo_{self.repo_id}')
                 def cached_diffs(self):
                     diff_cache_dir = self.cached_diffs_dir
                     if os.path.isdir(diff_cache_dir):
                         return os.listdir(diff_cache_dir)
                     return []
                 def shadow_repos(self):
                     shadow_repos_pattern = f'.__shadow_repo_{self.repo_id}'
                     return [
                         x for x in os.listdir(os.path.dirname(self.repo_full_path))
                         if x.startswith(shadow_repos_pattern)
                     ]
                 def get_new_name(self, repo_name):
                     """
                     returns new full repository name based on assigned group and new new
                     :param repo_name:
                     """
                     path_prefix = self.group.full_path_splitted if self.group else []
                     return self.NAME_SEP.join(path_prefix + [repo_name])
                 @property
                 def _config(self):
                     """
                     Returns db based config object.
                     """
                     from rhodecode.lib.utils import make_db_config
                     return make_db_config(clear_session=False, repo=self)
                 def permissions(self, with_admins=True, with_owner=True,
                                 expand_from_user_groups=False):
                     """
                     Permissions for repositories
                     """
                     _admin_perm = 'repository.admin'
                     owner_row = []
                     if with_owner:
                         usr = AttributeDict(self.user.get_dict())
                         usr.owner_row = True
                         usr.permission = _admin_perm
                         usr.permission_id = None
                         owner_row.append(usr)
                     super_admin_ids = []
                     super_admin_rows = []
                     if with_admins:
                         for usr in User.get_all_super_admins():
                             super_admin_ids.append(usr.user_id)
                             # if this admin is also owner, don't double the record
                             if usr.user_id == owner_row[0].user_id:
                                 owner_row[0].admin_row = True
                             else:
                                 usr = AttributeDict(usr.get_dict())
                                 usr.admin_row = True
                                 usr.permission = _admin_perm
                                 usr.permission_id = None
                                 super_admin_rows.append(usr)
                     q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
                     q = q.options(joinedload(UserRepoToPerm.repository),
                                   joinedload(UserRepoToPerm.user),
                                   joinedload(UserRepoToPerm.permission),)
                     # get owners and admins and permissions. We do a trick of re-writing
                     # objects from sqlalchemy to named-tuples due to sqlalchemy session
                     # has a global reference and changing one object propagates to all
                     # others. This means if admin is also an owner admin_row that change
                     # would propagate to both objects
                     perm_rows = []
                     for _usr in q.all():
                         usr = AttributeDict(_usr.user.get_dict())
                         # if this user is also owner/admin, mark as duplicate record
                         if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
                             usr.duplicate_perm = True
                         # also check if this permission is maybe used by branch_permissions
                         if _usr.branch_perm_entry:
                             usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]
                         usr.permission = _usr.permission.permission_name
                         usr.permission_id = _usr.repo_to_perm_id
                         perm_rows.append(usr)
                     # filter the perm rows by 'default' first and then sort them by
                     # admin,write,read,none permissions sorted again alphabetically in
                     # each group
                     perm_rows = sorted(perm_rows, key=display_user_sort)
                     user_groups_rows = []
                     if expand_from_user_groups:
                         for ug in self.permission_user_groups(with_members=True):
                             for user_data in ug.members:
                                 user_groups_rows.append(user_data)
                     return super_admin_rows + owner_row + perm_rows + user_groups_rows
                 def permission_user_groups(self, with_members=True):
                     q = UserGroupRepoToPerm.query()\
                         .filter(UserGroupRepoToPerm.repository == self)
                     q = q.options(joinedload(UserGroupRepoToPerm.repository),
                                   joinedload(UserGroupRepoToPerm.users_group),
                                   joinedload(UserGroupRepoToPerm.permission),)
                     perm_rows = []
                     for _user_group in q.all():
                         entry = AttributeDict(_user_group.users_group.get_dict())
                         entry.permission = _user_group.permission.permission_name
                         if with_members:
                             entry.members = [x.user.get_dict()
                                              for x in _user_group.users_group.members]
                         perm_rows.append(entry)
                     perm_rows = sorted(perm_rows, key=display_user_group_sort)
                     return perm_rows
                 def get_api_data(self, include_secrets=False):
                     """
                     Common function for generating repo api data
                     :param include_secrets: See :meth:`User.get_api_data`.
                     """
                     # TODO: mikhail: Here there is an anti-pattern, we probably need to
                     # move this methods on models level.
                     from rhodecode.model.settings import SettingsModel
                     from rhodecode.model.repo import RepoModel
                     repo = self
                     _user_id, _time, _reason = self.locked
                     data = {
                         'repo_id': repo.repo_id,
                         'repo_name': repo.repo_name,
                         'repo_type': repo.repo_type,
                         'clone_uri': repo.clone_uri or '',
                         'push_uri': repo.push_uri or '',
                         'url': RepoModel().get_url(self),
                         'private': repo.private,
                         'created_on': repo.created_on,
                         'description': repo.description_safe,
                         'landing_rev': repo.landing_rev,
                         'owner': repo.user.username,
                         'fork_of': repo.fork.repo_name if repo.fork else None,
                         'fork_of_id': repo.fork.repo_id if repo.fork else None,
                         'enable_statistics': repo.enable_statistics,
                         'enable_locking': repo.enable_locking,
                         'enable_downloads': repo.enable_downloads,
                         'last_changeset': repo.changeset_cache,
                         'locked_by': User.get(_user_id).get_api_data(
                             include_secrets=include_secrets) if _user_id else None,
                         'locked_date': time_to_datetime(_time) if _time else None,
                         'lock_reason': _reason if _reason else None,
                     }
                     # TODO: mikhail: should be per-repo settings here
                     rc_config = SettingsModel().get_all_settings()
                     repository_fields = str2bool(
                         rc_config.get('rhodecode_repository_fields'))
                     if repository_fields:
                         for f in self.extra_fields:
                             data[f.field_key_prefixed] = f.field_value
                     return data
                 @classmethod
                 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
                     if not lock_time:
                         lock_time = time.time()
                     if not lock_reason:
                         lock_reason = cls.LOCK_AUTOMATIC
                     repo.locked = [user_id, lock_time, lock_reason]
                     Session().add(repo)
                     Session().commit()
                 @classmethod
                 def unlock(cls, repo):
                     repo.locked = None
                     Session().add(repo)
                     Session().commit()
                 @classmethod
                 def getlock(cls, repo):
                     return repo.locked
                 def get_locking_state(self, action, user_id, only_when_enabled=True):
                     """
                     Checks locking on this repository, if locking is enabled and lock is
                     present returns a tuple of make_lock, locked, locked_by.
                     make_lock can have 3 states None (do nothing) True, make lock
                     False release lock, This value is later propagated to hooks, which
                     do the locking. Think about this as signals passed to hooks what to do.
                     """
                     # TODO: johbo: This is part of the business logic and should be moved
                     # into the RepositoryModel.
                     if action not in ('push', 'pull'):
                         raise ValueError("Invalid action value: %s" % repr(action))
                     # defines if locked error should be thrown to user
                     currently_locked = False
                     # defines if new lock should be made, tri-state
                     make_lock = None
                     repo = self
                     user = User.get(user_id)
                     lock_info = repo.locked
                     if repo and (repo.enable_locking or not only_when_enabled):
                         if action == 'push':
                             # check if it's already locked !, if it is compare users
                             locked_by_user_id = lock_info[0]
                             if user.user_id == locked_by_user_id:
                                 log.debug(
                                     'Got `push` action from user %s, now unlocking', user)
                                 # unlock if we have push from user who locked
                                 make_lock = False
                             else:
                                 # we're not the same user who locked, ban with
                                 # code defined in settings (default is 423 HTTP Locked) !
                                 log.debug('Repo %s is currently locked by %s', repo, user)
                                 currently_locked = True
                         elif action == 'pull':
                             # [0] user [1] date
                             if lock_info[0] and lock_info[1]:
                                 log.debug('Repo %s is currently locked by %s', repo, user)
                                 currently_locked = True
                             else:
                                 log.debug('Setting lock on repo %s by %s', repo, user)
                                 make_lock = True
                     else:
                         log.debug('Repository %s do not have locking enabled', repo)
                     log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
                               make_lock, currently_locked, lock_info)
                     from rhodecode.lib.auth import HasRepoPermissionAny
                     perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
                     if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
                         # if we don't have at least write permission we cannot make a lock
                         log.debug('lock state reset back to FALSE due to lack '
                                   'of at least read permission')
                         make_lock = False
                     return make_lock, currently_locked, lock_info
                 @property
                 def last_commit_cache_update_diff(self):
                     return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
                 @classmethod
                 def _load_commit_change(cls, last_commit_cache):
                     from rhodecode.lib.vcs.utils.helpers import parse_datetime
                     empty_date = datetime.datetime.fromtimestamp(0)
                     date_latest = last_commit_cache.get('date', empty_date)
                     try:
                         return parse_datetime(date_latest)
                     except Exception:
                         return empty_date
                 @property
                 def last_commit_change(self):
                     return self._load_commit_change(self.changeset_cache)
                 @property
                 def last_db_change(self):
                     return self.updated_on
                 @property
                 def clone_uri_hidden(self):
                     clone_uri = self.clone_uri
                     if clone_uri:
                         import urlobject
                         url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
                         if url_obj.password:
                             clone_uri = url_obj.with_password('*****')
                     return clone_uri
                 @property
                 def push_uri_hidden(self):
                     push_uri = self.push_uri
                     if push_uri:
                         import urlobject
                         url_obj = urlobject.URLObject(cleaned_uri(push_uri))
                         if url_obj.password:
                             push_uri = url_obj.with_password('*****')
                     return push_uri
                 def clone_url(self, **override):
                     from rhodecode.model.settings import SettingsModel
                     uri_tmpl = None
                     if 'with_id' in override:
                         uri_tmpl = self.DEFAULT_CLONE_URI_ID
                         del override['with_id']
                     if 'uri_tmpl' in override:
                         uri_tmpl = override['uri_tmpl']
                         del override['uri_tmpl']
                     ssh = False
                     if 'ssh' in override:
                         ssh = True
                         del override['ssh']
                     # we didn't override our tmpl from **overrides
                     request = get_current_request()
                     if not uri_tmpl:
                         if hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):
                             rc_config = request.call_context.rc_config
                         else:
                             rc_config = SettingsModel().get_all_settings(cache=True)
                         if ssh:
                             uri_tmpl = rc_config.get(
                                 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
                         else:
                             uri_tmpl = rc_config.get(
                                 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
                     return get_clone_url(request=request,
                                          uri_tmpl=uri_tmpl,
                                          repo_name=self.repo_name,
                                          repo_id=self.repo_id,
                                          repo_type=self.repo_type,
                                          **override)
                 def set_state(self, state):
                     self.repo_state = state
                     Session().add(self)
                 #==========================================================================
                 # SCM PROPERTIES
                 #==========================================================================
                 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None, maybe_unreachable=False, reference_obj=None):
                     return get_commit_safe(
                         self.scm_instance(), commit_id, commit_idx, pre_load=pre_load,
                         maybe_unreachable=maybe_unreachable, reference_obj=reference_obj)
                 def get_changeset(self, rev=None, pre_load=None):
                     warnings.warn("Use get_commit", DeprecationWarning)
                     commit_id = None
                     commit_idx = None
                     if isinstance(rev, str):
                         commit_id = rev
                     else:
                         commit_idx = rev
                     return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
                                            pre_load=pre_load)
                 def get_landing_commit(self):
                     """
                     Returns landing commit, or if that doesn't exist returns the tip
                     """
                     _rev_type, _rev = self.landing_rev
                     commit = self.get_commit(_rev)
                     if isinstance(commit, EmptyCommit):
                         return self.get_commit()
                     return commit
                 def flush_commit_cache(self):
                     self.update_commit_cache(cs_cache={'raw_id':'0'})
                     self.update_commit_cache()
                 def update_commit_cache(self, cs_cache=None, config=None):
                     """
                     Update cache of last commit for repository
                     cache_keys should be::
                         source_repo_id
                         short_id
                         raw_id
                         revision
                         parents
                         message
                         date
                         author
                         updated_on
                     """
                     from rhodecode.lib.vcs.backends.base import BaseCommit
                     from rhodecode.lib.vcs.utils.helpers import parse_datetime
                     empty_date = datetime.datetime.fromtimestamp(0)
                     repo_commit_count = 0
                     if cs_cache is None:
                         # use no-cache version here
                         try:
                             scm_repo = self.scm_instance(cache=False, config=config)
                         except VCSError:
                             scm_repo = None
                         empty = scm_repo is None or scm_repo.is_empty()
                         if not empty:
                             cs_cache = scm_repo.get_commit(
                                 pre_load=["author", "date", "message", "parents", "branch"])
                             repo_commit_count = scm_repo.count()
                         else:
                             cs_cache = EmptyCommit()
                     if isinstance(cs_cache, BaseCommit):
                         cs_cache = cs_cache.__json__()
                     def is_outdated(new_cs_cache):
                         if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
                             new_cs_cache['revision'] != self.changeset_cache['revision']):
                             return True
                         return False
                     # check if we have maybe already latest cached revision
                     if is_outdated(cs_cache) or not self.changeset_cache:
                         _current_datetime = datetime.datetime.utcnow()
                         last_change = cs_cache.get('date') or _current_datetime
                         # we check if last update is newer than the new value
                         # if yes, we use the current timestamp instead. Imagine you get
                         # old commit pushed 1y ago, we'd set last update 1y to ago.
                         last_change_timestamp = datetime_to_time(last_change)
                         current_timestamp = datetime_to_time(last_change)
                         if last_change_timestamp > current_timestamp and not empty:
                             cs_cache['date'] = _current_datetime
                         # also store size of repo
                         cs_cache['repo_commit_count'] = repo_commit_count
                         _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
                         cs_cache['updated_on'] = time.time()
                         self.changeset_cache = cs_cache
                         self.updated_on = last_change
                         Session().add(self)
                         Session().commit()
                     else:
                         if empty:
                             cs_cache = EmptyCommit().__json__()
                         else:
                             cs_cache = self.changeset_cache
                         _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
                         cs_cache['updated_on'] = time.time()
                         self.changeset_cache = cs_cache
                         self.updated_on = _date_latest
                         Session().add(self)
                         Session().commit()
                     log.debug('updated repo `%s` with new commit cache %s, and last update_date: %s',
                               self.repo_name, cs_cache, _date_latest)
                 @property
                 def tip(self):
                     return self.get_commit('tip')
                 @property
                 def author(self):
                     return self.tip.author
                 @property
                 def last_change(self):
                     return self.scm_instance().last_change
                 def get_comments(self, revisions=None):
                     """
                     Returns comments for this repository grouped by revisions
                     :param revisions: filter query by revisions only
                     """
                     cmts = ChangesetComment.query()\
                         .filter(ChangesetComment.repo == self)
                     if revisions:
                         cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
                     grouped = collections.defaultdict(list)
                     for cmt in cmts.all():
                         grouped[cmt.revision].append(cmt)
                     return grouped
                 def statuses(self, revisions=None):
                     """
                     Returns statuses for this repository
                     :param revisions: list of revisions to get statuses for
                     """
                     statuses = ChangesetStatus.query()\
                         .filter(ChangesetStatus.repo == self)\
                         .filter(ChangesetStatus.version == 0)
                     if revisions:
                         # Try doing the filtering in chunks to avoid hitting limits
                         size = 500
                         status_results = []
                         for chunk in range(0, len(revisions), size):
                             status_results += statuses.filter(
                                 ChangesetStatus.revision.in_(
                                     revisions[chunk: chunk+size])
                             ).all()
                     else:
                         status_results = statuses.all()
                     grouped = {}
                     # maybe we have open new pullrequest without a status?
                     stat = ChangesetStatus.STATUS_UNDER_REVIEW
                     status_lbl = ChangesetStatus.get_status_lbl(stat)
                     for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
                         for rev in pr.revisions:
                             pr_id = pr.pull_request_id
                             pr_repo = pr.target_repo.repo_name
                             grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
                     for stat in status_results:
                         pr_id = pr_repo = None
                         if stat.pull_request:
                             pr_id = stat.pull_request.pull_request_id
                             pr_repo = stat.pull_request.target_repo.repo_name
                         grouped[stat.revision] = [str(stat.status), stat.status_lbl,
                                                   pr_id, pr_repo]
                     return grouped
                 # ==========================================================================
                 # SCM CACHE INSTANCE
                 # ==========================================================================
                 def scm_instance(self, **kwargs):
                     import rhodecode
                     # Passing a config will not hit the cache currently only used
                     # for repo2dbmapper
                     config = kwargs.pop('config', None)
                     cache = kwargs.pop('cache', None)
                     vcs_full_cache = kwargs.pop('vcs_full_cache', None)
                     if vcs_full_cache is not None:
                         # allows override global config
                         full_cache = vcs_full_cache
                     else:
                         full_cache = rhodecode.ConfigGet().get_bool('vcs_full_cache')
                     # if cache is NOT defined use default global, else we have a full
                     # control over cache behaviour
                     if cache is None and full_cache and not config:
                         log.debug('Initializing pure cached instance for %s', self.repo_path)
                         return self._get_instance_cached()
                     # cache here is sent to the "vcs server"
                     return self._get_instance(cache=bool(cache), config=config)
                 def _get_instance_cached(self):
                     from rhodecode.lib import rc_cache
                     cache_namespace_uid = f'repo_instance.{self.repo_id}'
                     region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
                     # we must use thread scoped cache here,
                     # because each thread of gevent needs it's own not shared connection and cache
                     # we also alter `args` so the cache key is individual for every green thread.
                     repo_namespace_key = CacheKey.REPO_INVALIDATION_NAMESPACE.format(repo_id=self.repo_id)
                     inv_context_manager = rc_cache.InvalidationContext(key=repo_namespace_key, thread_scoped=True)
                     # our wrapped caching function that takes state_uid to save the previous state in
                     def cache_generator(_state_uid):
                         @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
                         def get_instance_cached(_repo_id, _process_context_id):
                             # we save in cached func the generation state so we can detect a change and invalidate caches
                             return _state_uid, self._get_instance(repo_state_uid=_state_uid)
                         return get_instance_cached
                     with inv_context_manager as invalidation_context:
                         cache_state_uid = invalidation_context.state_uid
                         cache_func = cache_generator(cache_state_uid)
                         args = self.repo_id, inv_context_manager.proc_key
                         previous_state_uid, instance = cache_func(*args)
                         # now compare keys, the "cache" state vs expected state.
                         if previous_state_uid != cache_state_uid:
                             log.warning('Cached state uid %s is different than current state uid %s',
                                         previous_state_uid, cache_state_uid)
                             _, instance = cache_func.refresh(*args)
                         log.debug('Repo instance fetched in %.4fs', inv_context_manager.compute_time)
                         return instance
                 def _get_instance(self, cache=True, config=None, repo_state_uid=None):
                     log.debug('Initializing %s instance `%s` with cache flag set to: %s',
                               self.repo_type, self.repo_path, cache)
                     config = config or self._config
                     custom_wire = {
                         'cache': cache,  # controls the vcs.remote cache
                         'repo_state_uid': repo_state_uid
                     }
                     repo = get_vcs_instance(
                         repo_path=safe_str(self.repo_full_path),
                         config=config,
                         with_wire=custom_wire,
                         create=False,
                         _vcs_alias=self.repo_type)
                     if repo is not None:
                         repo.count()  # cache rebuild
                     return repo
                 def get_shadow_repository_path(self, workspace_id):
                     from rhodecode.lib.vcs.backends.base import BaseRepository
                     shadow_repo_path = BaseRepository._get_shadow_repository_path(
                         self.repo_full_path, self.repo_id, workspace_id)
                     return shadow_repo_path
                 def __json__(self):
                     return {'landing_rev': self.landing_rev}
                 def get_dict(self):
                     # Since we transformed `repo_name` to a hybrid property, we need to
                     # keep compatibility with the code which uses `repo_name` field.
                     result = super(Repository, self).get_dict()
                     result['repo_name'] = result.pop('_repo_name', None)
                     result.pop('_changeset_cache', '')
                     return result
             class RepoGroup(Base, BaseModel):
                 __tablename__ = 'groups'
                 __table_args__ = (
                     UniqueConstraint('group_name', 'group_parent_id'),
                     base_table_args,
                 )
                 CHOICES_SEPARATOR = '/'  # used to generate select2 choices for nested groups
                 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 _group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
                 group_name_hash = Column("repo_group_name_hash", String(1024), nullable=False, unique=False)
                 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
                 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
                 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
                 _changeset_cache = Column("changeset_cache", LargeBinary(), nullable=True)  # JSON data
                 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id', back_populates='group')
                 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all', back_populates='group')
                 parent_group = relationship('RepoGroup', remote_side=group_id)
                 user = relationship('User', back_populates='repository_groups')
                 integrations = relationship('Integration', cascade="all, delete-orphan", back_populates='repo_group')
                 # no cascade, set NULL
                 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_group_id==RepoGroup.group_id', viewonly=True)
                 def __init__(self, group_name='', parent_group=None):
                     self.group_name = group_name
                     self.parent_group = parent_group
                 def __repr__(self):
                     return f"<{self.cls_name}('id:{self.group_id}:{self.group_name}')>"
                 @hybrid_property
                 def group_name(self):
                     return self._group_name
                 @group_name.setter
                 def group_name(self, value):
                     self._group_name = value
                     self.group_name_hash = self.hash_repo_group_name(value)
                 @classmethod
                 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
                     from rhodecode.lib.vcs.backends.base import EmptyCommit
                     dummy = EmptyCommit().__json__()
                     if not changeset_cache_raw:
                         dummy['source_repo_id'] = repo_id
                         return json.loads(json.dumps(dummy))
                     try:
                         return json.loads(changeset_cache_raw)
                     except TypeError:
                         return dummy
                     except Exception:
                         log.error(traceback.format_exc())
                         return dummy
                 @hybrid_property
                 def changeset_cache(self):
                     return self._load_changeset_cache('', self._changeset_cache)
                 @changeset_cache.setter
                 def changeset_cache(self, val):
                     try:
                         self._changeset_cache = json.dumps(val)
                     except Exception:
                         log.error(traceback.format_exc())
                 @validates('group_parent_id')
                 def validate_group_parent_id(self, key, val):
                     """
                     Check cycle references for a parent group to self
                     """
                     if self.group_id and val:
                         assert val != self.group_id
                     return val
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.group_description)
                 @classmethod
                 def hash_repo_group_name(cls, repo_group_name):
                     val = remove_formatting(repo_group_name)
                     val = safe_str(val).lower()
                     chars = []
                     for c in val:
                         if c not in string.ascii_letters:
                             c = str(ord(c))
                         chars.append(c)
                     return ''.join(chars)
                 @classmethod
                 def _generate_choice(cls, repo_group):
                     from webhelpers2.html import literal as _literal
                     def _name(k):
                         return _literal(cls.CHOICES_SEPARATOR.join(k))
                     return repo_group.group_id, _name(repo_group.full_path_splitted)
                 @classmethod
                 def groups_choices(cls, groups=None, show_empty_group=True):
                     if not groups:
                         groups = cls.query().all()
                     repo_groups = []
                     if show_empty_group:
                         repo_groups = [(-1, '-- %s --' % _('No parent'))]
                     repo_groups.extend([cls._generate_choice(x) for x in groups])
                     repo_groups = sorted(
                         repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
                     return repo_groups
                 @classmethod
                 def url_sep(cls):
                     return URL_SEP
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
                     if case_insensitive:
                         gr = cls.query().filter(func.lower(cls.group_name)
                                                 == func.lower(group_name))
                     else:
                         gr = cls.query().filter(cls.group_name == group_name)
                     if cache:
                         name_key = _hash_key(group_name)
                         gr = gr.options(
                             FromCache("sql_cache_short", f"get_group_{name_key}"))
                     return gr.scalar()
                 @classmethod
                 def get_user_personal_repo_group(cls, user_id):
                     user = User.get(user_id)
                     if user.username == User.DEFAULT_USER:
                         return None
                     return cls.query()\
                         .filter(cls.personal == true()) \
                         .filter(cls.user == user) \
                         .order_by(cls.group_id.asc()) \
                         .first()
                 @classmethod
                 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
                                         case_insensitive=True):
                     q = RepoGroup.query()
                     if not isinstance(user_id, Optional):
                         q = q.filter(RepoGroup.user_id == user_id)
                     if not isinstance(group_id, Optional):
                         q = q.filter(RepoGroup.group_parent_id == group_id)
                     if case_insensitive:
                         q = q.order_by(func.lower(RepoGroup.group_name))
                     else:
                         q = q.order_by(RepoGroup.group_name)
                     return q.all()
                 @property
                 def parents(self, parents_recursion_limit=10):
                     groups = []
                     if self.parent_group is None:
                         return groups
                     cur_gr = self.parent_group
                     groups.insert(0, cur_gr)
                     cnt = 0
                     while 1:
                         cnt += 1
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         if cnt == parents_recursion_limit:
                             # this will prevent accidental infinit loops
                             log.error('more than %s parents found for group %s, stopping '
                                       'recursive parent fetching', parents_recursion_limit, self)
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def last_commit_cache_update_diff(self):
                     return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
                 @classmethod
                 def _load_commit_change(cls, last_commit_cache):
                     from rhodecode.lib.vcs.utils.helpers import parse_datetime
                     empty_date = datetime.datetime.fromtimestamp(0)
                     date_latest = last_commit_cache.get('date', empty_date)
                     try:
                         return parse_datetime(date_latest)
                     except Exception:
                         return empty_date
                 @property
                 def last_commit_change(self):
                     return self._load_commit_change(self.changeset_cache)
                 @property
                 def last_db_change(self):
                     return self.updated_on
                 @property
                 def children(self):
                     return RepoGroup.query().filter(RepoGroup.parent_group == self)
                 @property
                 def name(self):
                     return self.group_name.split(RepoGroup.url_sep())[-1]
                 @property
                 def full_path(self):
                     return self.group_name
                 @property
                 def full_path_splitted(self):
                     return self.group_name.split(RepoGroup.url_sep())
                 @property
                 def repositories(self):
                     return Repository.query()\
                             .filter(Repository.group == self)\
                             .order_by(Repository.repo_name)
                 @property
                 def repositories_recursive_count(self):
                     cnt = self.repositories.count()
                     def children_count(group):
                         cnt = 0
                         for child in group.children:
                             cnt += child.repositories.count()
                             cnt += children_count(child)
                         return cnt
                     return cnt + children_count(self)
                 def _recursive_objects(self, include_repos=True, include_groups=True):
                     all_ = []
                     def _get_members(root_gr):
                         if include_repos:
                             for r in root_gr.repositories:
                                 all_.append(r)
                         childs = root_gr.children.all()
                         if childs:
                             for gr in childs:
                                 if include_groups:
                                     all_.append(gr)
                                 _get_members(gr)
                     root_group = []
                     if include_groups:
                         root_group = [self]
                     _get_members(self)
                     return root_group + all_
                 def recursive_groups_and_repos(self):
                     """
                     Recursive return all groups, with repositories in those groups
                     """
                     return self._recursive_objects()
                 def recursive_groups(self):
                     """
                     Returns all children groups for this group including children of children
                     """
                     return self._recursive_objects(include_repos=False)
                 def recursive_repos(self):
                     """
                     Returns all children repositories for this group
                     """
                     return self._recursive_objects(include_groups=False)
                 def get_new_name(self, group_name):
                     """
                     returns new full group name based on parent and new name
                     :param group_name:
                     """
                     path_prefix = (self.parent_group.full_path_splitted if
                                    self.parent_group else [])
                     return RepoGroup.url_sep().join(path_prefix + [group_name])
                 def update_commit_cache(self, config=None):
                     """
                     Update cache of last commit for newest repository inside this repository group.
                     cache_keys should be::
                         source_repo_id
                         short_id
                         raw_id
                         revision
                         parents
                         message
                         date
                         author
                     """
                     from rhodecode.lib.vcs.utils.helpers import parse_datetime
                     empty_date = datetime.datetime.fromtimestamp(0)
                     def repo_groups_and_repos(root_gr):
                         for _repo in root_gr.repositories:
                             yield _repo
                         for child_group in root_gr.children.all():
                             yield child_group
                     latest_repo_cs_cache = {}
                     for obj in repo_groups_and_repos(self):
                         repo_cs_cache = obj.changeset_cache
                         date_latest = latest_repo_cs_cache.get('date', empty_date)
                         date_current = repo_cs_cache.get('date', empty_date)
                         current_timestamp = datetime_to_time(parse_datetime(date_latest))
                         if current_timestamp < datetime_to_time(parse_datetime(date_current)):
                             latest_repo_cs_cache = repo_cs_cache
                             if hasattr(obj, 'repo_id'):
                                 latest_repo_cs_cache['source_repo_id'] = obj.repo_id
                             else:
                                 latest_repo_cs_cache['source_repo_id'] = repo_cs_cache.get('source_repo_id')
                     _date_latest = parse_datetime(latest_repo_cs_cache.get('date') or empty_date)
                     latest_repo_cs_cache['updated_on'] = time.time()
                     self.changeset_cache = latest_repo_cs_cache
                     self.updated_on = _date_latest
                     Session().add(self)
                     Session().commit()
                     log.debug('updated repo group `%s` with new commit cache %s, and last update_date: %s',
                               self.group_name, latest_repo_cs_cache, _date_latest)
                 def permissions(self, with_admins=True, with_owner=True,
                                 expand_from_user_groups=False):
                     """
                     Permissions for repository groups
                     """
                     _admin_perm = 'group.admin'
                     owner_row = []
                     if with_owner:
                         usr = AttributeDict(self.user.get_dict())
                         usr.owner_row = True
                         usr.permission = _admin_perm
                         owner_row.append(usr)
                     super_admin_ids = []
                     super_admin_rows = []
                     if with_admins:
                         for usr in User.get_all_super_admins():
                             super_admin_ids.append(usr.user_id)
                             # if this admin is also owner, don't double the record
                             if usr.user_id == owner_row[0].user_id:
                                 owner_row[0].admin_row = True
                             else:
                                 usr = AttributeDict(usr.get_dict())
                                 usr.admin_row = True
                                 usr.permission = _admin_perm
                                 super_admin_rows.append(usr)
                     q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
                     q = q.options(joinedload(UserRepoGroupToPerm.group),
                                   joinedload(UserRepoGroupToPerm.user),
                                   joinedload(UserRepoGroupToPerm.permission),)
                     # get owners and admins and permissions. We do a trick of re-writing
                     # objects from sqlalchemy to named-tuples due to sqlalchemy session
                     # has a global reference and changing one object propagates to all
                     # others. This means if admin is also an owner admin_row that change
                     # would propagate to both objects
                     perm_rows = []
                     for _usr in q.all():
                         usr = AttributeDict(_usr.user.get_dict())
                         # if this user is also owner/admin, mark as duplicate record
                         if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
                             usr.duplicate_perm = True
                         usr.permission = _usr.permission.permission_name
                         perm_rows.append(usr)
                     # filter the perm rows by 'default' first and then sort them by
                     # admin,write,read,none permissions sorted again alphabetically in
                     # each group
                     perm_rows = sorted(perm_rows, key=display_user_sort)
                     user_groups_rows = []
                     if expand_from_user_groups:
                         for ug in self.permission_user_groups(with_members=True):
                             for user_data in ug.members:
                                 user_groups_rows.append(user_data)
                     return super_admin_rows + owner_row + perm_rows + user_groups_rows
                 def permission_user_groups(self, with_members=False):
                     q = UserGroupRepoGroupToPerm.query()\
                         .filter(UserGroupRepoGroupToPerm.group == self)
                     q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
                                   joinedload(UserGroupRepoGroupToPerm.users_group),
                                   joinedload(UserGroupRepoGroupToPerm.permission),)
                     perm_rows = []
                     for _user_group in q.all():
                         entry = AttributeDict(_user_group.users_group.get_dict())
                         entry.permission = _user_group.permission.permission_name
                         if with_members:
                             entry.members = [x.user.get_dict()
                                              for x in _user_group.users_group.members]
                         perm_rows.append(entry)
                     perm_rows = sorted(perm_rows, key=display_user_group_sort)
                     return perm_rows
                 def get_api_data(self):
                     """
                     Common function for generating api data
                     """
                     group = self
                     data = {
                         'group_id': group.group_id,
                         'group_name': group.group_name,
                         'group_description': group.description_safe,
                         'parent_group': group.parent_group.group_name if group.parent_group else None,
                         'repositories': [x.repo_name for x in group.repositories],
                         'owner': group.user.username,
                     }
                     return data
                 def get_dict(self):
                     # Since we transformed `group_name` to a hybrid property, we need to
                     # keep compatibility with the code which uses `group_name` field.
                     result = super(RepoGroup, self).get_dict()
                     result['group_name'] = result.pop('_group_name', None)
                     result.pop('_changeset_cache', '')
                     return result
             class Permission(Base, BaseModel):
                 __tablename__ = 'permissions'
                 __table_args__ = (
                     Index('p_perm_name_idx', 'permission_name'),
                     base_table_args,
                 )
                 PERMS = [
                     ('hg.admin', _('RhodeCode Super Administrator')),
                     ('repository.none', _('Repository no access')),
                     ('repository.read', _('Repository read access')),
                     ('repository.write', _('Repository write access')),
                     ('repository.admin', _('Repository admin access')),
                     ('group.none', _('Repository group no access')),
                     ('group.read', _('Repository group read access')),
                     ('group.write', _('Repository group write access')),
                     ('group.admin', _('Repository group admin access')),
                     ('usergroup.none', _('User group no access')),
                     ('usergroup.read', _('User group read access')),
                     ('usergroup.write', _('User group write access')),
                     ('usergroup.admin', _('User group admin access')),
                     ('branch.none', _('Branch no permissions')),
                     ('branch.merge', _('Branch access by web merge')),
                     ('branch.push', _('Branch access by push')),
                     ('branch.push_force', _('Branch access by push with force')),
                     ('hg.repogroup.create.false', _('Repository Group creation disabled')),
                     ('hg.repogroup.create.true', _('Repository Group creation enabled')),
                     ('hg.usergroup.create.false', _('User Group creation disabled')),
                     ('hg.usergroup.create.true', _('User Group creation enabled')),
                     ('hg.create.none', _('Repository creation disabled')),
                     ('hg.create.repository', _('Repository creation enabled')),
                     ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
                     ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
                     ('hg.fork.none', _('Repository forking disabled')),
                     ('hg.fork.repository', _('Repository forking enabled')),
                     ('hg.register.none', _('Registration disabled')),
                     ('hg.register.manual_activate', _('User Registration with manual account activation')),
                     ('hg.register.auto_activate', _('User Registration with automatic account activation')),
                     ('hg.password_reset.enabled', _('Password reset enabled')),
                     ('hg.password_reset.hidden', _('Password reset hidden')),
                     ('hg.password_reset.disabled', _('Password reset disabled')),
                     ('hg.extern_activate.manual', _('Manual activation of external account')),
                     ('hg.extern_activate.auto', _('Automatic activation of external account')),
                     ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
                     ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
                 ]
                 # definition of system default permissions for DEFAULT user, created on
                 # system setup
                 DEFAULT_USER_PERMISSIONS = [
                     # object perms
                     'repository.read',
                     'group.read',
                     'usergroup.read',
                     # branch, for backward compat we need same value as before so forced pushed
                     'branch.push_force',
                     # global
                     'hg.create.repository',
                     'hg.repogroup.create.false',
                     'hg.usergroup.create.false',
                     'hg.create.write_on_repogroup.true',
                     'hg.fork.repository',
                     'hg.register.manual_activate',
                     'hg.password_reset.enabled',
                     'hg.extern_activate.auto',
                     'hg.inherit_default_perms.true',
                 ]
                 # defines which permissions are more important higher the more important
                 # Weight defines which permissions are more important.
                 # The higher number the more important.
                 PERM_WEIGHTS = {
                     'repository.none': 0,
                     'repository.read': 1,
                     'repository.write': 3,
                     'repository.admin': 4,
                     'group.none': 0,
                     'group.read': 1,
                     'group.write': 3,
                     'group.admin': 4,
                     'usergroup.none': 0,
                     'usergroup.read': 1,
                     'usergroup.write': 3,
                     'usergroup.admin': 4,
                     'branch.none': 0,
                     'branch.merge': 1,
                     'branch.push': 3,
                     'branch.push_force': 4,
                     'hg.repogroup.create.false': 0,
                     'hg.repogroup.create.true': 1,
                     'hg.usergroup.create.false': 0,
                     'hg.usergroup.create.true': 1,
                     'hg.fork.none': 0,
                     'hg.fork.repository': 1,
                     'hg.create.none': 0,
                     'hg.create.repository': 1
                 }
                 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
                 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
                 def __repr__(self):
                     return "<%s('%s:%s')>" % (
                         self.cls_name, self.permission_id, self.permission_name
                     )
                 @classmethod
                 def get_by_key(cls, key):
                     return cls.query().filter(cls.permission_name == key).scalar()
                 @classmethod
                 def get_default_repo_perms(cls, user_id, repo_id=None):
                     q = Session().query(UserRepoToPerm, Repository, Permission)\
                         .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
                         .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
                         .filter(UserRepoToPerm.user_id == user_id)
                     if repo_id:
                         q = q.filter(UserRepoToPerm.repository_id == repo_id)
                     return q.all()
                 @classmethod
                 def get_default_repo_branch_perms(cls, user_id, repo_id=None):
                     q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \
                         .join(
                             Permission,
                             UserToRepoBranchPermission.permission_id == Permission.permission_id) \
                         .join(
                             UserRepoToPerm,
                             UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \
                         .filter(UserRepoToPerm.user_id == user_id)
                     if repo_id:
                         q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)
                     return q.order_by(UserToRepoBranchPermission.rule_order).all()
                 @classmethod
                 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
                     q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
                         .join(
                             Permission,
                             UserGroupRepoToPerm.permission_id == Permission.permission_id)\
                         .join(
                             Repository,
                             UserGroupRepoToPerm.repository_id == Repository.repo_id)\
                         .join(
                             UserGroup,
                             UserGroupRepoToPerm.users_group_id ==
                             UserGroup.users_group_id)\
                         .join(
                             UserGroupMember,
                             UserGroupRepoToPerm.users_group_id ==
                             UserGroupMember.users_group_id)\
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if repo_id:
                         q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
                     return q.all()
                 @classmethod
                 def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):
                     q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \
                         .join(
                             Permission,
                             UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \
                         .join(
                             UserGroupRepoToPerm,
                             UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \
                         .join(
                             UserGroup,
                             UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \
                         .join(
                             UserGroupMember,
                             UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if repo_id:
                         q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)
                     return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()
                 @classmethod
                 def get_default_group_perms(cls, user_id, repo_group_id=None):
                     q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
                         .join(
                             Permission,
                             UserRepoGroupToPerm.permission_id == Permission.permission_id)\
                         .join(
                             RepoGroup,
                             UserRepoGroupToPerm.group_id == RepoGroup.group_id)\
                         .filter(UserRepoGroupToPerm.user_id == user_id)
                     if repo_group_id:
                         q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
                     return q.all()
                 @classmethod
                 def get_default_group_perms_from_user_group(
                         cls, user_id, repo_group_id=None):
                     q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
                         .join(
                             Permission,
                             UserGroupRepoGroupToPerm.permission_id ==
                             Permission.permission_id)\
                         .join(
                             RepoGroup,
                             UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
                         .join(
                             UserGroup,
                             UserGroupRepoGroupToPerm.users_group_id ==
                             UserGroup.users_group_id)\
                         .join(
                             UserGroupMember,
                             UserGroupRepoGroupToPerm.users_group_id ==
                             UserGroupMember.users_group_id)\
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if repo_group_id:
                         q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
                     return q.all()
                 @classmethod
                 def get_default_user_group_perms(cls, user_id, user_group_id=None):
                     q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
                         .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
                         .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
                         .filter(UserUserGroupToPerm.user_id == user_id)
                     if user_group_id:
                         q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
                     return q.all()
                 @classmethod
                 def get_default_user_group_perms_from_user_group(
                         cls, user_id, user_group_id=None):
                     TargetUserGroup = aliased(UserGroup, name='target_user_group')
                     q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
                         .join(
                             Permission,
                             UserGroupUserGroupToPerm.permission_id ==
                             Permission.permission_id)\
                         .join(
                             TargetUserGroup,
                             UserGroupUserGroupToPerm.target_user_group_id ==
                             TargetUserGroup.users_group_id)\
                         .join(
                             UserGroup,
                             UserGroupUserGroupToPerm.user_group_id ==
                             UserGroup.users_group_id)\
                         .join(
                             UserGroupMember,
                             UserGroupUserGroupToPerm.user_group_id ==
                             UserGroupMember.users_group_id)\
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if user_group_id:
                         q = q.filter(
                             UserGroupUserGroupToPerm.user_group_id == user_group_id)
                     return q.all()
             class UserRepoToPerm(Base, BaseModel):
                 __tablename__ = 'repo_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'repository_id', 'permission_id'),
                     base_table_args
                 )
                 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 user = relationship('User', back_populates="repo_to_perm")
                 repository = relationship('Repository', back_populates="repo_to_perm")
                 permission = relationship('Permission')
                 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete-orphan", lazy='joined', back_populates='user_repo_to_perm')
                 @classmethod
                 def create(cls, user, repository, permission):
                     n = cls()
                     n.user = user
                     n.repository = repository
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __repr__(self):
                     return f'<{self.user} => {self.repository} >'
             class UserUserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_user_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
                     base_table_args
                 )
                 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 user = relationship('User', back_populates='user_group_to_perm')
                 user_group = relationship('UserGroup', back_populates='user_user_group_to_perm')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, user, user_group, permission):
                     n = cls()
                     n.user = user
                     n.user_group = user_group
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __repr__(self):
                     return f'<{self.user} => {self.user_group} >'
             class UserToPerm(Base, BaseModel):
                 __tablename__ = 'user_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'permission_id'),
                     base_table_args
                 )
                 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user = relationship('User', back_populates='user_perms')
                 permission = relationship('Permission', lazy='joined')
                 def __repr__(self):
                     return f'<{self.user} => {self.permission} >'
             class UserGroupRepoToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_repo_to_perm'
                 __table_args__ = (
                     UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
                     base_table_args
                 )
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup', back_populates='users_group_repo_to_perm')
                 permission = relationship('Permission')
                 repository = relationship('Repository', back_populates='users_group_to_perm')
                 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission', cascade='all', back_populates='user_group_repo_to_perm')
                 @classmethod
                 def create(cls, users_group, repository, permission):
                     n = cls()
                     n.users_group = users_group
                     n.repository = repository
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __repr__(self):
                     return f'<UserGroupRepoToPerm:{self.users_group} => {self.repository} >'
             class UserGroupUserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_group_user_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
                     CheckConstraint('target_user_group_id != user_group_id'),
                     base_table_args
                 )
                 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id', back_populates='user_group_user_group_to_perm')
                 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, target_user_group, user_group, permission):
                     n = cls()
                     n.target_user_group = target_user_group
                     n.user_group = user_group
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __repr__(self):
                     return f'<UserGroupUserGroup:{self.target_user_group} => {self.user_group} >'
             class UserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('users_group_id', 'permission_id',),
                     base_table_args
                 )
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup', back_populates='users_group_to_perm')
                 permission = relationship('Permission')
             class UserRepoGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_repo_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'group_id', 'permission_id'),
                     base_table_args
                 )
                 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user = relationship('User', back_populates='repo_group_to_perm')
                 group = relationship('RepoGroup', back_populates='repo_group_to_perm')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, user, repository_group, permission):
                     n = cls()
                     n.user = user
                     n.group = repository_group
                     n.permission = permission
                     Session().add(n)
                     return n
             class UserGroupRepoGroupToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_repo_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('users_group_id', 'group_id'),
                     base_table_args
                 )
                 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup', back_populates='users_group_repo_group_to_perm')
                 permission = relationship('Permission')
                 group = relationship('RepoGroup', back_populates='users_group_to_perm')
                 @classmethod
                 def create(cls, user_group, repository_group, permission):
                     n = cls()
                     n.users_group = user_group
                     n.group = repository_group
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __repr__(self):
                     return '<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
             class Statistics(Base, BaseModel):
                 __tablename__ = 'statistics'
                 __table_args__ = (
                      base_table_args
                 )
                 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
                 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
                 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)  #JSON data
                 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)  #JSON data
                 languages = Column("languages", LargeBinary(1000000), nullable=False)  #JSON data
                 repository = relationship('Repository', single_parent=True, viewonly=True)
             class UserFollowing(Base, BaseModel):
                 __tablename__ = 'user_followings'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'follows_repository_id'),
                     UniqueConstraint('user_id', 'follows_user_id'),
                     base_table_args
                 )
                 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
                 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id', back_populates='followings')
                 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
                 follows_repository = relationship('Repository', order_by='Repository.repo_name', back_populates='followers')
                 @classmethod
                 def get_repo_followers(cls, repo_id):
                     return cls.query().filter(cls.follows_repo_id == repo_id)
             class CacheKey(Base, BaseModel):
                 __tablename__ = 'cache_invalidation'
                 __table_args__ = (
                     UniqueConstraint('cache_key'),
                     Index('key_idx', 'cache_key'),
                     Index('cache_args_idx', 'cache_args'),
                     base_table_args,
                 )
                 CACHE_TYPE_FEED = 'FEED'
                 # namespaces used to register process/thread aware caches
                 REPO_INVALIDATION_NAMESPACE = 'repo_cache.v1:{repo_id}'
                 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
                 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
                 cache_state_uid = Column("cache_state_uid", String(255), nullable=True, unique=None, default=None)
                 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
                 def __init__(self, cache_key, cache_args='', cache_state_uid=None, cache_active=False):
                     self.cache_key = cache_key
                     self.cache_args = cache_args
                     self.cache_active = cache_active
                     # first key should be same for all entries, since all workers should share it
                     self.cache_state_uid = cache_state_uid or self.generate_new_state_uid()
                 def __repr__(self):
                     return "<%s('%s:%s[%s]')>" % (
                         self.cls_name,
                         self.cache_id, self.cache_key, self.cache_active)
                 def _cache_key_partition(self):
                     prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
                     return prefix, repo_name, suffix
                 def get_prefix(self):
                     """
                     Try to extract prefix from existing cache key. The key could consist
                     of prefix, repo_name, suffix
                     """
                     # this returns prefix, repo_name, suffix
                     return self._cache_key_partition()[0]
                 def get_suffix(self):
                     """
                     get suffix that might have been used in _get_cache_key to
                     generate self.cache_key. Only used for informational purposes
                     in repo_edit.mako.
                     """
                     # prefix, repo_name, suffix
                     return self._cache_key_partition()[2]
                 @classmethod
                 def generate_new_state_uid(cls, based_on=None):
                     if based_on:
                         return str(uuid.uuid5(uuid.NAMESPACE_URL, safe_str(based_on)))
                     else:
                         return str(uuid.uuid4())
                 @classmethod
                 def delete_all_cache(cls):
                     """
                     Delete all cache keys from database.
                     Should only be run when all instances are down and all entries
                     thus stale.
                     """
                     cls.query().delete()
                     Session().commit()
                 @classmethod
                 def set_invalidate(cls, cache_uid, delete=False):
                     """
                     Mark all caches of a repo as invalid in the database.
                     """
                     try:
                         qry = Session().query(cls).filter(cls.cache_key == cache_uid)
                         if delete:
                             qry.delete()
                             log.debug('cache objects deleted for cache args %s',
                                       safe_str(cache_uid))
                         else:
                             new_uid = cls.generate_new_state_uid()
                             qry.update({"cache_state_uid": new_uid,
                                         "cache_args": f"repo_state:{time.time()}"})
                             log.debug('cache object %s set new UID %s',
                                       safe_str(cache_uid), new_uid)
                         Session().commit()
                     except Exception:
                         log.exception(
                             'Cache key invalidation failed for cache args %s',
                             safe_str(cache_uid))
                         Session().rollback()
                 @classmethod
                 def get_active_cache(cls, cache_key):
                     inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
                     if inv_obj:
                         return inv_obj
                     return None
                 @classmethod
                 def get_namespace_map(cls, namespace):
                     return {
                         x.cache_key: x
                         for x in cls.query().filter(cls.cache_args == namespace)}
             class ChangesetComment(Base, BaseModel):
                 __tablename__ = 'changeset_comments'
                 __table_args__ = (
                     Index('cc_revision_idx', 'revision'),
                     base_table_args,
                 )
                 COMMENT_OUTDATED = 'comment_outdated'
                 COMMENT_TYPE_NOTE = 'note'
                 COMMENT_TYPE_TODO = 'todo'
                 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
                 OP_IMMUTABLE = 'immutable'
                 OP_CHANGEABLE = 'changeable'
                 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
                 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 revision = Column('revision', String(40), nullable=True)
                 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
                 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
                 line_no = Column('line_no', Unicode(10), nullable=True)
                 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
                 f_path = Column('f_path', Unicode(1000), nullable=True)
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
                 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 renderer = Column('renderer', Unicode(64), nullable=True)
                 display_state = Column('display_state',  Unicode(128), nullable=True)
                 immutable_state = Column('immutable_state', Unicode(128), nullable=True, default=OP_CHANGEABLE)
                 draft = Column('draft', Boolean(), nullable=True, default=False)
                 comment_type = Column('comment_type',  Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
                 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
                 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, back_populates='resolved_by')
                 resolved_by = relationship('ChangesetComment', back_populates='resolved_comment')
                 author = relationship('User', lazy='select', back_populates='user_comments')
                 repo = relationship('Repository', back_populates='comments')
                 status_change = relationship('ChangesetStatus', cascade="all, delete-orphan", lazy='select', back_populates='comment')
                 pull_request = relationship('PullRequest', lazy='select', back_populates='comments')
                 pull_request_version = relationship('PullRequestVersion', lazy='select')
                 history = relationship('ChangesetCommentHistory', cascade='all, delete-orphan', lazy='select', order_by='ChangesetCommentHistory.version', back_populates="comment")
                 @classmethod
                 def get_users(cls, revision=None, pull_request_id=None):
                     """
                     Returns user associated with this ChangesetComment. ie those
                     who actually commented
                     :param cls:
                     :param revision:
                     """
                     q = Session().query(User).join(ChangesetComment.author)
                     if revision:
                         q = q.filter(cls.revision == revision)
                     elif pull_request_id:
                         q = q.filter(cls.pull_request_id == pull_request_id)
                     return q.all()
                 @classmethod
                 def get_index_from_version(cls, pr_version, versions=None, num_versions=None) -> int:
                     if pr_version is None:
                         return 0
                     if versions is not None:
                         num_versions = [x.pull_request_version_id for x in versions]
                     num_versions = num_versions or []
                     try:
                         return num_versions.index(pr_version) + 1
                     except (IndexError, ValueError):
                         return 0
                 @property
                 def outdated(self):
                     return self.display_state == self.COMMENT_OUTDATED
                 @property
                 def outdated_js(self):
                     return str_json(self.display_state == self.COMMENT_OUTDATED)
                 @property
                 def immutable(self):
                     return self.immutable_state == self.OP_IMMUTABLE
                 def outdated_at_version(self, version: int) -> bool:
                     """
                     Checks if comment is outdated for given pull request version
                     """
                     def version_check():
                         return self.pull_request_version_id and self.pull_request_version_id != version
                     if self.is_inline:
                         return self.outdated and version_check()
                     else:
                         # general comments don't have .outdated set, also latest don't have a version
                         return version_check()
                 def outdated_at_version_js(self, version):
                     """
                     Checks if comment is outdated for given pull request version
                     """
                     return str_json(self.outdated_at_version(version))
                 def older_than_version(self, version: int) -> bool:
                     """
                     Checks if comment is made from a previous version than given.
                     Assumes self.pull_request_version.pull_request_version_id is an integer if not None.
                     """
                     # If version is None, return False as the current version cannot be less than None
                     if version is None:
                         return False
                     # Ensure that the version is an integer to prevent TypeError on comparison
                     if not isinstance(version, int):
                         raise ValueError("The provided version must be an integer.")
                     # Initialize current version to 0 or pull_request_version_id if it's available
                     cur_ver = 0
                     if self.pull_request_version and self.pull_request_version.pull_request_version_id is not None:
                         cur_ver = self.pull_request_version.pull_request_version_id
                     # Return True if the current version is less than the given version
                     return cur_ver < version
                 def older_than_version_js(self, version):
                     """
                     Checks if comment is made from previous version than given
                     """
                     return str_json(self.older_than_version(version))
                 @property
                 def commit_id(self):
                     """New style naming to stop using .revision"""
                     return self.revision
                 @property
                 def resolved(self):
                     return self.resolved_by[0] if self.resolved_by else None
                 @property
                 def is_todo(self):
                     return self.comment_type == self.COMMENT_TYPE_TODO
                 @property
                 def is_inline(self):
                     if self.line_no and self.f_path:
                         return True
                     return False
                 @property
                 def last_version(self):
                     version = 0
                     if self.history:
                         version = self.history[-1].version
                     return version
                 def get_index_version(self, versions):
                     return self.get_index_from_version(
                         self.pull_request_version_id, versions)
                 @property
                 def review_status(self):
                     if self.status_change:
                         return self.status_change[0].status
                 @property
                 def review_status_lbl(self):
                     if self.status_change:
                         return self.status_change[0].status_lbl
                 def __repr__(self):
                     if self.comment_id:
                         return f'<DB:Comment #{self.comment_id}>'
                     else:
                         return f'<DB:Comment at {id(self)!r}>'
                 def get_api_data(self):
                     comment = self
                     data = {
                         'comment_id': comment.comment_id,
                         'comment_type': comment.comment_type,
                         'comment_text': comment.text,
                         'comment_status': comment.status_change,
                         'comment_f_path': comment.f_path,
                         'comment_lineno': comment.line_no,
                         'comment_author': comment.author,
                         'comment_created_on': comment.created_on,
                         'comment_resolved_by': self.resolved,
                         'comment_commit_id': comment.revision,
                         'comment_pull_request_id': comment.pull_request_id,
                         'comment_last_version': self.last_version
                     }
                     return data
                 def __json__(self):
                     data = dict()
                     data.update(self.get_api_data())
                     return data
             class ChangesetCommentHistory(Base, BaseModel):
                 __tablename__ = 'changeset_comments_history'
                 __table_args__ = (
                     Index('cch_comment_id_idx', 'comment_id'),
                     base_table_args,
                 )
                 comment_history_id = Column('comment_history_id', Integer(), nullable=False, primary_key=True)
                 comment_id = Column('comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=False)
                 version = Column("version", Integer(), nullable=False, default=0)
                 created_by_user_id = Column('created_by_user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
                 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 deleted = Column('deleted', Boolean(), default=False)
                 author = relationship('User', lazy='joined')
                 comment = relationship('ChangesetComment', cascade="all, delete", back_populates="history")
                 @classmethod
                 def get_version(cls, comment_id):
                     q = Session().query(ChangesetCommentHistory).filter(
                         ChangesetCommentHistory.comment_id == comment_id).order_by(ChangesetCommentHistory.version.desc())
                     if q.count() == 0:
                         return 1
                     elif q.count() >= q[0].version:
                         return q.count() + 1
                     else:
                         return q[0].version + 1
             class ChangesetStatus(Base, BaseModel):
                 __tablename__ = 'changeset_statuses'
                 __table_args__ = (
                     Index('cs_revision_idx', 'revision'),
                     Index('cs_version_idx', 'version'),
                     UniqueConstraint('repo_id', 'revision', 'version'),
                     base_table_args
                 )
                 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
                 STATUS_APPROVED = 'approved'
                 STATUS_REJECTED = 'rejected'
                 STATUS_UNDER_REVIEW = 'under_review'
                 STATUSES = [
                     (STATUS_NOT_REVIEWED, _("Not Reviewed")),  # (no icon) and default
                     (STATUS_APPROVED, _("Approved")),
                     (STATUS_REJECTED, _("Rejected")),
                     (STATUS_UNDER_REVIEW, _("Under Review")),
                 ]
                 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
                 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
                 revision = Column('revision', String(40), nullable=False)
                 status = Column('status', String(128), nullable=False, default=DEFAULT)
                 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
                 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
                 version = Column('version', Integer(), nullable=False, default=0)
                 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
                 author = relationship('User', lazy='select')
                 repo = relationship('Repository', lazy='select')
                 comment = relationship('ChangesetComment', lazy='select', back_populates='status_change')
                 pull_request = relationship('PullRequest', lazy='select', back_populates='statuses')
                 def __repr__(self):
                     return f"<{self.cls_name}('{self.status}[v{self.version}]:{self.author}')>"
                 @classmethod
                 def get_status_lbl(cls, value):
                     return dict(cls.STATUSES).get(value)
                 @property
                 def status_lbl(self):
                     return ChangesetStatus.get_status_lbl(self.status)
                 def get_api_data(self):
                     status = self
                     data = {
                         'status_id': status.changeset_status_id,
                         'status': status.status,
                     }
                     return data
                 def __json__(self):
                     data = dict()
                     data.update(self.get_api_data())
                     return data
             class _SetState(object):
                 """
                 Context processor allowing changing state for sensitive operation such as
                 pull request update or merge
                 """
                 def __init__(self, pull_request, pr_state, back_state=None):
                     self._pr = pull_request
                     self._org_state = back_state or pull_request.pull_request_state
                     self._pr_state = pr_state
                     self._current_state = None
                 def __enter__(self):
                     log.debug('StateLock: entering set state context of pr %s, setting state to: `%s`',
                               self._pr, self._pr_state)
                     self.set_pr_state(self._pr_state)
                     return self
                 def __exit__(self, exc_type, exc_val, exc_tb):
                     if exc_val is not None or exc_type is not None:
                         log.error(traceback.format_tb(exc_tb))
                         return None
                     self.set_pr_state(self._org_state)
                     log.debug('StateLock: exiting set state context of pr %s, setting state to: `%s`',
                               self._pr, self._org_state)
                 @property
                 def state(self):
                     return self._current_state
                 def set_pr_state(self, pr_state):
                     try:
                         self._pr.pull_request_state = pr_state
                         Session().add(self._pr)
                         Session().commit()
                         self._current_state = pr_state
                     except Exception:
                         log.exception('Failed to set PullRequest %s state to %s', self._pr, pr_state)
                         raise
             class _PullRequestBase(BaseModel):
                 """
                 Common attributes of pull request and version entries.
                 """
                 # .status values
                 STATUS_NEW = 'new'
                 STATUS_OPEN = 'open'
                 STATUS_CLOSED = 'closed'
                 # available states
                 STATE_CREATING = 'creating'
                 STATE_UPDATING = 'updating'
                 STATE_MERGING = 'merging'
                 STATE_CREATED = 'created'
                 title = Column('title', Unicode(255), nullable=True)
                 description = Column(
                     'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
                     nullable=True)
                 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
                 # new/open/closed status of pull request (not approve/reject/etc)
                 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
                 created_on = Column(
                     'created_on', DateTime(timezone=False), nullable=False,
                     default=datetime.datetime.now)
                 updated_on = Column(
                     'updated_on', DateTime(timezone=False), nullable=False,
                     default=datetime.datetime.now)
                 pull_request_state = Column("pull_request_state", String(255), nullable=True)
                 @declared_attr
                 def user_id(cls):
                     return Column(
                         "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
                         unique=None)
                 # 500 revisions max
                 _revisions = Column(
                     'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
                 common_ancestor_id = Column('common_ancestor_id', Unicode(255), nullable=True)
                 @declared_attr
                 def source_repo_id(cls):
                     # TODO: dan: rename column to source_repo_id
                     return Column(
                         'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
                         nullable=False)
                 @declared_attr
                 def pr_source(cls):
                     return relationship(
                         'Repository',
                         primaryjoin=f'{cls.__name__}.source_repo_id==Repository.repo_id',
                         overlaps="pull_requests_source"
                     )
                 _source_ref = Column('org_ref', Unicode(255), nullable=False)
                 @hybrid_property
                 def source_ref(self):
                     return self._source_ref
                 @source_ref.setter
                 def source_ref(self, val):
                     parts = (val or '').split(':')
                     if len(parts) != 3:
                         raise ValueError(
                             'Invalid reference format given: {}, expected X:Y:Z'.format(val))
                     self._source_ref = safe_str(val)
                 _target_ref = Column('other_ref', Unicode(255), nullable=False)
                 @hybrid_property
                 def target_ref(self):
                     return self._target_ref
                 @target_ref.setter
                 def target_ref(self, val):
                     parts = (val or '').split(':')
                     if len(parts) != 3:
                         raise ValueError(
                             'Invalid reference format given: {}, expected X:Y:Z'.format(val))
                     self._target_ref = safe_str(val)
                 @declared_attr
                 def target_repo_id(cls):
                     # TODO: dan: rename column to target_repo_id
                     return Column(
                         'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
                         nullable=False)
                 @declared_attr
                 def pr_target(cls):
                     return relationship(
                         'Repository',
                         primaryjoin=f'{cls.__name__}.target_repo_id==Repository.repo_id',
                         overlaps="pull_requests_target"
                     )
                 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
                 # TODO: dan: rename column to last_merge_source_rev
                 _last_merge_source_rev = Column(
                     'last_merge_org_rev', String(40), nullable=True)
                 # TODO: dan: rename column to last_merge_target_rev
                 _last_merge_target_rev = Column(
                     'last_merge_other_rev', String(40), nullable=True)
                 _last_merge_status = Column('merge_status', Integer(), nullable=True)
                 last_merge_metadata = Column(
                     'last_merge_metadata', MutationObj.as_mutable(
                         JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                 merge_rev = Column('merge_rev', String(40), nullable=True)
                 reviewer_data = Column(
                     'reviewer_data_json', MutationObj.as_mutable(
                         JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                 @property
                 def reviewer_data_json(self):
                     return str_json(self.reviewer_data)
                 @property
                 def last_merge_metadata_parsed(self):
                     metadata = {}
                     if not self.last_merge_metadata:
                         return metadata
                     if hasattr(self.last_merge_metadata, 'de_coerce'):
                         for k, v in self.last_merge_metadata.de_coerce().items():
                             if k in ['target_ref', 'source_ref']:
                                 metadata[k] = Reference(v['type'], v['name'], v['commit_id'])
                             else:
                                 if hasattr(v, 'de_coerce'):
                                     metadata[k] = v.de_coerce()
                                 else:
                                     metadata[k] = v
                     return metadata
                 @property
                 def work_in_progress(self):
                     """checks if pull request is work in progress by checking the title"""
                     title = self.title.upper()
                     if re.match(r'^(\[WIP\]\s*|WIP:\s*|WIP\s+)', title):
                         return True
                     return False
                 @property
                 def title_safe(self):
                     return self.title\
                         .replace('{', '{{')\
                         .replace('}', '}}')
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @hybrid_property
                 def revisions(self):
                     return self._revisions.split(':') if self._revisions else []
                 @revisions.setter
                 def revisions(self, val):
                     self._revisions = ':'.join(val)
                 @hybrid_property
                 def last_merge_status(self):
                     return safe_int(self._last_merge_status)
                 @last_merge_status.setter
                 def last_merge_status(self, val):
                     self._last_merge_status = val
                 @declared_attr
                 def author(cls):
                     return relationship(
                         'User', lazy='joined',
                         #TODO, problem that is somehow :?
                         #back_populates='user_pull_requests'
                         )
                 @declared_attr
                 def source_repo(cls):
                     return relationship(
                         'Repository',
                         primaryjoin=f'{cls.__name__}.source_repo_id==Repository.repo_id',
                         overlaps="pr_source"
                     )
                 @property
                 def source_ref_parts(self):
                     return self.unicode_to_reference(self.source_ref)
                 @declared_attr
                 def target_repo(cls):
                     return relationship(
                         'Repository',
                         primaryjoin=f'{cls.__name__}.target_repo_id==Repository.repo_id',
                         overlaps="pr_target"
                     )
                 @property
                 def target_ref_parts(self):
                     return self.unicode_to_reference(self.target_ref)
                 @property
                 def shadow_merge_ref(self):
                     return self.unicode_to_reference(self._shadow_merge_ref)
                 @shadow_merge_ref.setter
                 def shadow_merge_ref(self, ref):
                     self._shadow_merge_ref = self.reference_to_unicode(ref)
                 @staticmethod
                 def unicode_to_reference(raw):
                     return unicode_to_reference(raw)
                 @staticmethod
                 def reference_to_unicode(ref):
                     return reference_to_unicode(ref)
                 def get_api_data(self, with_merge_state=True):
                     from rhodecode.model.pull_request import PullRequestModel
                     pull_request = self
                     if with_merge_state:
                         merge_response, merge_status, msg = \
                             PullRequestModel().merge_status(pull_request)
                         merge_state = {
                             'status': merge_status,
                             'message': safe_str(msg),
                         }
                     else:
                         merge_state = {'status': 'not_available',
                                        'message': 'not_available'}
                     merge_data = {
                         'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
                         'reference': (
                             pull_request.shadow_merge_ref.asdict()
                             if pull_request.shadow_merge_ref else None),
                     }
                     data = {
                         'pull_request_id': pull_request.pull_request_id,
                         'url': PullRequestModel().get_url(pull_request),
                         'title': pull_request.title,
                         'description': pull_request.description,
                         'status': pull_request.status,
                         'state': pull_request.pull_request_state,
                         'created_on': pull_request.created_on,
                         'updated_on': pull_request.updated_on,
                         'commit_ids': pull_request.revisions,
                         'review_status': pull_request.calculated_review_status(),
                         'mergeable': merge_state,
                         'source': {
                             'clone_url': pull_request.source_repo.clone_url(),
                             'repository': pull_request.source_repo.repo_name,
                             'reference': {
                                 'name': pull_request.source_ref_parts.name,
                                 'type': pull_request.source_ref_parts.type,
                                 'commit_id': pull_request.source_ref_parts.commit_id,
                             },
                         },
                         'target': {
                             'clone_url': pull_request.target_repo.clone_url(),
                             'repository': pull_request.target_repo.repo_name,
                             'reference': {
                                 'name': pull_request.target_ref_parts.name,
                                 'type': pull_request.target_ref_parts.type,
                                 'commit_id': pull_request.target_ref_parts.commit_id,
                             },
                         },
                         'merge': merge_data,
                         'author': pull_request.author.get_api_data(include_secrets=False,
                                                                    details='basic'),
                         'reviewers': [
                             {
                                 'user': reviewer.get_api_data(include_secrets=False,
                                                               details='basic'),
                                 'reasons': reasons,
                                 'review_status': st[0][1].status if st else 'not_reviewed',
                             }
                             for obj, reviewer, reasons, mandatory, st in
                             pull_request.reviewers_statuses()
                         ]
                     }
                     return data
                 def set_state(self, pull_request_state, final_state=None):
                     """
                     # goes from initial state to updating to initial state.
                     # initial state can be changed by specifying back_state=
                     with pull_request_obj.set_state(PullRequest.STATE_UPDATING):
                        pull_request.merge()
                     :param pull_request_state:
                     :param final_state:
                     """
                     return _SetState(self, pull_request_state, back_state=final_state)
             class PullRequest(Base, _PullRequestBase):
                 __tablename__ = 'pull_requests'
                 __table_args__ = (
                     base_table_args,
                 )
                 LATEST_VER = 'latest'
                 pull_request_id = Column(
                     'pull_request_id', Integer(), nullable=False, primary_key=True)
                 def __repr__(self):
                     if self.pull_request_id:
                         return f'<DB:PullRequest #{self.pull_request_id}>'
                     else:
                         return f'<DB:PullRequest at {id(self)!r}>'
                 reviewers = relationship('PullRequestReviewers', cascade="all, delete-orphan", back_populates='pull_request')
                 statuses = relationship('ChangesetStatus', cascade="all, delete-orphan", back_populates='pull_request')
                 comments = relationship('ChangesetComment', cascade="all, delete-orphan", back_populates='pull_request')
                 versions = relationship('PullRequestVersion', cascade="all, delete-orphan", lazy='dynamic', back_populates='pull_request')
                 @classmethod
                 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
                                           internal_methods=None):
                     class PullRequestDisplay(object):
                         """
                         Special object wrapper for showing PullRequest data via Versions
                         It mimics PR object as close as possible. This is read only object
                         just for display
                         """
                         def __init__(self, attrs, internal=None):
                             self.attrs = attrs
                             # internal have priority over the given ones via attrs
                             self.internal = internal or ['versions']
                         def __getattr__(self, item):
                             if item in self.internal:
                                 return getattr(self, item)
                             try:
                                 return self.attrs[item]
                             except KeyError:
                                 raise AttributeError(
                                     '%s object has no attribute %s' % (self, item))
                         def __repr__(self):
                             pr_id = self.attrs.get('pull_request_id')
                             return f'<DB:PullRequestDisplay #{pr_id}>'
                         def versions(self):
                             return pull_request_obj.versions.order_by(
                                 PullRequestVersion.pull_request_version_id).all()
                         def is_closed(self):
                             return pull_request_obj.is_closed()
                         def is_state_changing(self):
                             return pull_request_obj.is_state_changing()
                         @property
                         def pull_request_version_id(self):
                             return getattr(pull_request_obj, 'pull_request_version_id', None)
                         @property
                         def pull_request_last_version(self):
                             return pull_request_obj.pull_request_last_version
                     attrs = StrictAttributeDict(pull_request_obj.get_api_data(with_merge_state=False))
                     attrs.author = StrictAttributeDict(
                         pull_request_obj.author.get_api_data())
                     if pull_request_obj.target_repo:
                         attrs.target_repo = StrictAttributeDict(
                             pull_request_obj.target_repo.get_api_data())
                         attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
                     if pull_request_obj.source_repo:
                         attrs.source_repo = StrictAttributeDict(
                             pull_request_obj.source_repo.get_api_data())
                         attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
                     attrs.source_ref_parts = pull_request_obj.source_ref_parts
                     attrs.target_ref_parts = pull_request_obj.target_ref_parts
                     attrs.revisions = pull_request_obj.revisions
                     attrs.common_ancestor_id = pull_request_obj.common_ancestor_id
                     attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
                     attrs.reviewer_data = org_pull_request_obj.reviewer_data
                     attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
                     return PullRequestDisplay(attrs, internal=internal_methods)
                 def is_closed(self):
                     return self.status == self.STATUS_CLOSED
                 def is_state_changing(self):
                     return self.pull_request_state != PullRequest.STATE_CREATED
                 def __json__(self):
                     return {
                         'revisions': self.revisions,
                         'versions': self.versions_count
                     }
                 def calculated_review_status(self):
                     from rhodecode.model.changeset_status import ChangesetStatusModel
                     return ChangesetStatusModel().calculated_review_status(self)
                 def reviewers_statuses(self, user=None):
                     from rhodecode.model.changeset_status import ChangesetStatusModel
                     return ChangesetStatusModel().reviewers_statuses(self, user=user)
                 def get_pull_request_reviewers(self, role=None):
                     qry = PullRequestReviewers.query()\
                         .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)
                     if role:
                         qry = qry.filter(PullRequestReviewers.role == role)
                     return qry.all()
                 @property
                 def reviewers_count(self):
                     qry = PullRequestReviewers.query()\
                         .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
                         .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_REVIEWER)
                     return qry.count()
                 @property
                 def observers_count(self):
                     qry = PullRequestReviewers.query()\
                         .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
                         .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_OBSERVER)
                     return qry.count()
                 def observers(self):
                     qry = PullRequestReviewers.query()\
                         .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
                         .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_OBSERVER)\
                         .all()
                     for entry in qry:
                         yield entry, entry.user
                 @property
                 def workspace_id(self):
                     from rhodecode.model.pull_request import PullRequestModel
                     return PullRequestModel()._workspace_id(self)
                 def get_shadow_repo(self):
                     workspace_id = self.workspace_id
                     shadow_repository_path = self.target_repo.get_shadow_repository_path(workspace_id)
                     if os.path.isdir(shadow_repository_path):
                         vcs_obj = self.target_repo.scm_instance()
                         return vcs_obj.get_shadow_instance(shadow_repository_path)
                 @property
                 def versions_count(self):
                     """
                     return number of versions this PR have, e.g a PR that once been
                     updated will have 2 versions
                     """
                     return self.versions.count() + 1
                 @property
                 def pull_request_last_version(self):
                     return self.versions_count
             class PullRequestVersion(Base, _PullRequestBase):
                 __tablename__ = 'pull_request_versions'
                 __table_args__ = (
                     base_table_args,
                 )
                 pull_request_version_id = Column('pull_request_version_id', Integer(), nullable=False, primary_key=True)
                 pull_request_id = Column('pull_request_id', Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=False)
                 pull_request = relationship('PullRequest',  back_populates='versions')
                 def __repr__(self):
                     if self.pull_request_version_id:
                         return f'<DB:PullRequestVersion #{self.pull_request_version_id}>'
                     else:
                         return f'<DB:PullRequestVersion at {id(self)!r}>'
                 @property
                 def reviewers(self):
                     return self.pull_request.reviewers
                 @property
                 def versions(self):
                     return self.pull_request.versions
                 def is_closed(self):
                     # calculate from original
                     return self.pull_request.status == self.STATUS_CLOSED
                 def is_state_changing(self):
                     return self.pull_request.pull_request_state != PullRequest.STATE_CREATED
                 def calculated_review_status(self):
                     return self.pull_request.calculated_review_status()
                 def reviewers_statuses(self):
                     return self.pull_request.reviewers_statuses()
                 def observers(self):
                     return self.pull_request.observers()
             class PullRequestReviewers(Base, BaseModel):
                 __tablename__ = 'pull_request_reviewers'
                 __table_args__ = (
                     base_table_args,
                 )
                 ROLE_REVIEWER = 'reviewer'
                 ROLE_OBSERVER = 'observer'
                 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
                 @hybrid_property
                 def reasons(self):
                     if not self._reasons:
                         return []
                     return self._reasons
                 @reasons.setter
                 def reasons(self, val):
                     val = val or []
                     if any(not isinstance(x, str) for x in val):
                         raise Exception('invalid reasons type, must be list of strings')
                     self._reasons = val
                 pull_requests_reviewers_id = Column(
                     'pull_requests_reviewers_id', Integer(), nullable=False,
                     primary_key=True)
                 pull_request_id = Column(
                     "pull_request_id", Integer(),
                     ForeignKey('pull_requests.pull_request_id'), nullable=False)
                 user_id = Column(
                     "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
                 _reasons = Column(
                     'reason', MutationList.as_mutable(
                         JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
                 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
                 user = relationship('User')
                 pull_request = relationship('PullRequest', back_populates='reviewers')
                 rule_data = Column(
                     'rule_data_json',
                     JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
                 def rule_user_group_data(self):
                     """
                     Returns the voting user group rule data for this reviewer
                     """
                     if self.rule_data and 'vote_rule' in self.rule_data:
                         user_group_data = {}
                         if 'rule_user_group_entry_id' in self.rule_data:
                             # means a group with voting rules !
                             user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
                             user_group_data['name'] = self.rule_data['rule_name']
                             user_group_data['vote_rule'] = self.rule_data['vote_rule']
                         return user_group_data
                 @classmethod
                 def get_pull_request_reviewers(cls, pull_request_id, role=None):
                     qry = PullRequestReviewers.query()\
                         .filter(PullRequestReviewers.pull_request_id == pull_request_id)
                     if role:
                         qry = qry.filter(PullRequestReviewers.role == role)
                     return qry.all()
                 def __repr__(self):
                     return f"<{self.cls_name}('id:{self.pull_requests_reviewers_id}')>"
             class Notification(Base, BaseModel):
                 __tablename__ = 'notifications'
                 __table_args__ = (
                     Index('notification_type_idx', 'type'),
                     base_table_args,
                 )
                 TYPE_CHANGESET_COMMENT = 'cs_comment'
                 TYPE_MESSAGE = 'message'
                 TYPE_MENTION = 'mention'
                 TYPE_REGISTRATION = 'registration'
                 TYPE_PULL_REQUEST = 'pull_request'
                 TYPE_PULL_REQUEST_COMMENT = 'pull_request_comment'
                 TYPE_PULL_REQUEST_UPDATE = 'pull_request_update'
                 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
                 subject = Column('subject', Unicode(512), nullable=True)
                 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
                 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 type_ = Column('type', Unicode(255))
                 created_by_user = relationship('User', back_populates='user_created_notifications')
                 notifications_to_users = relationship('UserNotification', lazy='joined', cascade="all, delete-orphan", back_populates='notification')
                 @property
                 def recipients(self):
                     return [x.user for x in UserNotification.query()\
                             .filter(UserNotification.notification == self)\
                             .order_by(UserNotification.user_id.asc()).all()]
                 @classmethod
                 def create(cls, created_by, subject, body, recipients, type_=None):
                     if type_ is None:
                         type_ = Notification.TYPE_MESSAGE
                     notification = cls()
                     notification.created_by_user = created_by
                     notification.subject = subject
                     notification.body = body
                     notification.type_ = type_
                     notification.created_on = datetime.datetime.now()
                     # For each recipient link the created notification to his account
                     for u in recipients:
                         assoc = UserNotification()
                         assoc.user_id = u.user_id
                         assoc.notification = notification
                         # if created_by is inside recipients mark his notification
                         # as read
                         if u.user_id == created_by.user_id:
                             assoc.read = True
                         Session().add(assoc)
                     Session().add(notification)
                     return notification
             class UserNotification(Base, BaseModel):
                 __tablename__ = 'user_to_notification'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'notification_id'),
                     base_table_args
                 )
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
                 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
                 read = Column('read', Boolean, default=False)
                 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
                 user = relationship('User', lazy="joined", back_populates='notifications')
                 notification = relationship('Notification', lazy="joined", order_by=lambda: Notification.created_on.desc(), back_populates='notifications_to_users')
                 def mark_as_read(self):
                     self.read = True
                     Session().add(self)
             class UserNotice(Base, BaseModel):
                 __tablename__ = 'user_notices'
                 __table_args__ = (
                     base_table_args
                 )
                 NOTIFICATION_TYPE_MESSAGE = 'message'
                 NOTIFICATION_TYPE_NOTICE = 'notice'
                 NOTIFICATION_LEVEL_INFO = 'info'
                 NOTIFICATION_LEVEL_WARNING = 'warning'
                 NOTIFICATION_LEVEL_ERROR = 'error'
                 user_notice_id = Column('gist_id', Integer(), primary_key=True)
                 notice_subject = Column('notice_subject', Unicode(512), nullable=True)
                 notice_body = Column('notice_body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
                 notice_read = Column('notice_read', Boolean, default=False)
                 notification_level = Column('notification_level', String(1024), default=NOTIFICATION_LEVEL_INFO)
                 notification_type = Column('notification_type', String(1024), default=NOTIFICATION_TYPE_NOTICE)
                 notice_created_by = Column('notice_created_by', Integer(), ForeignKey('users.user_id'), nullable=True)
                 notice_created_on = Column('notice_created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'))
                 user = relationship('User', lazy="joined", primaryjoin='User.user_id==UserNotice.user_id')
                 @classmethod
                 def create_for_user(cls, user, subject, body, notice_level=NOTIFICATION_LEVEL_INFO, allow_duplicate=False):
                     if notice_level not in [cls.NOTIFICATION_LEVEL_ERROR,
                                             cls.NOTIFICATION_LEVEL_WARNING,
                                             cls.NOTIFICATION_LEVEL_INFO]:
                         return
                     from rhodecode.model.user import UserModel
                     user = UserModel().get_user(user)
                     new_notice = UserNotice()
                     if not allow_duplicate:
                         existing_msg = UserNotice().query() \
                             .filter(UserNotice.user == user) \
                             .filter(UserNotice.notice_body == body) \
                             .filter(UserNotice.notice_read == false()) \
                             .scalar()
                         if existing_msg:
                             log.warning('Ignoring duplicate notice for user %s', user)
                             return
                     new_notice.user = user
                     new_notice.notice_subject = subject
                     new_notice.notice_body = body
                     new_notice.notification_level = notice_level
                     Session().add(new_notice)
                     Session().commit()
             class Gist(Base, BaseModel):
                 __tablename__ = 'gists'
                 __table_args__ = (
                     Index('g_gist_access_id_idx', 'gist_access_id'),
                     Index('g_created_on_idx', 'created_on'),
                     base_table_args
                 )
                 GIST_PUBLIC = 'public'
                 GIST_PRIVATE = 'private'
                 DEFAULT_FILENAME = 'gistfile1.txt'
                 ACL_LEVEL_PUBLIC = 'acl_public'
                 ACL_LEVEL_PRIVATE = 'acl_private'
                 gist_id = Column('gist_id', Integer(), primary_key=True)
                 gist_access_id = Column('gist_access_id', Unicode(250))
                 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
                 gist_expires = Column('gist_expires', Float(53), nullable=False)
                 gist_type = Column('gist_type', Unicode(128), nullable=False)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 acl_level = Column('acl_level', Unicode(128), nullable=True)
                 owner = relationship('User', back_populates='user_gists')
                 def __repr__(self):
                     return f'<Gist:[{self.gist_type}]{self.gist_access_id}>'
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.gist_description)
                 @classmethod
                 def get_or_404(cls, id_):
                     from pyramid.httpexceptions import HTTPNotFound
                     res = cls.query().filter(cls.gist_access_id == id_).scalar()
                     if not res:
                         log.debug('WARN: No DB entry with id %s', id_)
                         raise HTTPNotFound()
                     return res
                 @classmethod
                 def get_by_access_id(cls, gist_access_id):
                     return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
                 def gist_url(self):
                     from rhodecode.model.gist import GistModel
                     return GistModel().get_url(self)
                 @classmethod
                 def base_path(cls):
                     """
                     Returns base path when all gists are stored
                     :param cls:
                     """
                     from rhodecode.model.gist import GIST_STORE_LOC
                     q = Session().query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == URL_SEP)
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return os.path.join(q.one().ui_value, GIST_STORE_LOC)
                 def get_api_data(self):
                     """
                     Common function for generating gist related data for API
                     """
                     gist = self
                     data = {
                         'gist_id': gist.gist_id,
                         'type': gist.gist_type,
                         'access_id': gist.gist_access_id,
                         'description': gist.gist_description,
                         'url': gist.gist_url(),
                         'expires': gist.gist_expires,
                         'created_on': gist.created_on,
                         'modified_at': gist.modified_at,
                         'content': None,
                         'acl_level': gist.acl_level,
                     }
                     return data
                 def __json__(self):
                     data = dict(
                     )
                     data.update(self.get_api_data())
                     return data
                 # SCM functions
                 def scm_instance(self, **kwargs):
                     """
                     Get an instance of VCS Repository
                     :param kwargs:
                     """
                     from rhodecode.model.gist import GistModel
                     full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
                     return get_vcs_instance(
                         repo_path=safe_str(full_repo_path), create=False,
                         _vcs_alias=GistModel.vcs_backend)
             class ExternalIdentity(Base, BaseModel):
                 __tablename__ = 'external_identities'
                 __table_args__ = (
                     Index('local_user_id_idx', 'local_user_id'),
                     Index('external_id_idx', 'external_id'),
                     base_table_args
                 )
                 external_id = Column('external_id', Unicode(255), default='', primary_key=True)
                 external_username = Column('external_username', Unicode(1024), default='')
                 local_user_id = Column('local_user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
                 provider_name = Column('provider_name', Unicode(255), default='', primary_key=True)
                 access_token = Column('access_token', String(1024), default='')
                 alt_token = Column('alt_token', String(1024), default='')
                 token_secret = Column('token_secret', String(1024), default='')
                 @classmethod
                 def by_external_id_and_provider(cls, external_id, provider_name, local_user_id=None):
                     """
                     Returns ExternalIdentity instance based on search params
                     :param external_id:
                     :param provider_name:
                     :return: ExternalIdentity
                     """
                     query = cls.query()
                     query = query.filter(cls.external_id == external_id)
                     query = query.filter(cls.provider_name == provider_name)
                     if local_user_id:
                         query = query.filter(cls.local_user_id == local_user_id)
                     return query.first()
                 @classmethod
                 def user_by_external_id_and_provider(cls, external_id, provider_name):
                     """
                     Returns User instance based on search params
                     :param external_id:
                     :param provider_name:
                     :return: User
                     """
                     query = User.query()
                     query = query.filter(cls.external_id == external_id)
                     query = query.filter(cls.provider_name == provider_name)
                     query = query.filter(User.user_id == cls.local_user_id)
                     return query.first()
                 @classmethod
                 def by_local_user_id(cls, local_user_id):
                     """
                     Returns all tokens for user
                     :param local_user_id:
                     :return: ExternalIdentity
                     """
                     query = cls.query()
                     query = query.filter(cls.local_user_id == local_user_id)
                     return query
                 @classmethod
                 def load_provider_plugin(cls, plugin_id):
                     from rhodecode.authentication.base import loadplugin
                     _plugin_id = 'egg:rhodecode-enterprise-ee#{}'.format(plugin_id)
                     auth_plugin = loadplugin(_plugin_id)
                     return auth_plugin
             class Integration(Base, BaseModel):
                 __tablename__ = 'integrations'
                 __table_args__ = (
                     base_table_args
                 )
                 integration_id = Column('integration_id', Integer(), primary_key=True)
                 integration_type = Column('integration_type', String(255))
                 enabled = Column('enabled', Boolean(), nullable=False)
                 name = Column('name', String(255), nullable=False)
                 child_repos_only = Column('child_repos_only', Boolean(), nullable=False, default=False)
                 settings = Column(
                     'settings_json', MutationObj.as_mutable(
                         JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
                 repo = relationship('Repository', lazy='joined', back_populates='integrations')
                 repo_group_id = Column('repo_group_id', Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
                 repo_group = relationship('RepoGroup', lazy='joined', back_populates='integrations')
                 @property
                 def scope(self):
                     if self.repo:
                         return repr(self.repo)
                     if self.repo_group:
                         if self.child_repos_only:
                             return repr(self.repo_group) + ' (child repos only)'
                         else:
                             return repr(self.repo_group) + ' (recursive)'
                     if self.child_repos_only:
                         return 'root_repos'
                     return 'global'
                 def __repr__(self):
                     return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
             class RepoReviewRuleUser(Base, BaseModel):
                 __tablename__ = 'repo_review_rules_users'
                 __table_args__ = (
                     base_table_args
                 )
                 ROLE_REVIEWER = 'reviewer'
                 ROLE_OBSERVER = 'observer'
                 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
                 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
                 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
                 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
                 user = relationship('User', back_populates='user_review_rules')
                 def rule_data(self):
                     return {
                         'mandatory': self.mandatory,
                         'role': self.role,
                     }
             class RepoReviewRuleUserGroup(Base, BaseModel):
                 __tablename__ = 'repo_review_rules_users_groups'
                 __table_args__ = (
                     base_table_args
                 )
                 VOTE_RULE_ALL = -1
                 ROLE_REVIEWER = 'reviewer'
                 ROLE_OBSERVER = 'observer'
                 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
                 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
                 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False)
                 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
                 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
                 users_group = relationship('UserGroup')
                 def rule_data(self):
                     return {
                         'mandatory': self.mandatory,
                         'role': self.role,
                         'vote_rule': self.vote_rule
                     }
                 @property
                 def vote_rule_label(self):
                     if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
                         return 'all must vote'
                     else:
                         return 'min. vote {}'.format(self.vote_rule)
             class RepoReviewRule(Base, BaseModel):
                 __tablename__ = 'repo_review_rules'
                 __table_args__ = (
                     base_table_args
                 )
                 repo_review_rule_id = Column(
                     'repo_review_rule_id', Integer(), primary_key=True)
                 repo_id = Column(
                     "repo_id", Integer(), ForeignKey('repositories.repo_id'))
                 repo = relationship('Repository', back_populates='review_rules')
                 review_rule_name = Column('review_rule_name', String(255))
                 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*')  # glob
                 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*')  # glob
                 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*')  # glob
                 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
                 # Legacy fields, just for backward compat
                 _forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
                 _forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
                 pr_author = Column("pr_author", UnicodeText().with_variant(UnicodeText(255), 'mysql'), nullable=True)
                 commit_author = Column("commit_author", UnicodeText().with_variant(UnicodeText(255), 'mysql'), nullable=True)
                 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
                 rule_users = relationship('RepoReviewRuleUser')
                 rule_user_groups = relationship('RepoReviewRuleUserGroup')
                 def _validate_pattern(self, value):
                     re.compile('^' + glob2re(value) + '$')
                 @hybrid_property
                 def source_branch_pattern(self):
                     return self._branch_pattern or '*'
                 @source_branch_pattern.setter
                 def source_branch_pattern(self, value):
                     self._validate_pattern(value)
                     self._branch_pattern = value or '*'
                 @hybrid_property
                 def target_branch_pattern(self):
                     return self._target_branch_pattern or '*'
                 @target_branch_pattern.setter
                 def target_branch_pattern(self, value):
                     self._validate_pattern(value)
                     self._target_branch_pattern = value or '*'
                 @hybrid_property
                 def file_pattern(self):
                     return self._file_pattern or '*'
                 @file_pattern.setter
                 def file_pattern(self, value):
                     self._validate_pattern(value)
                     self._file_pattern = value or '*'
                 @hybrid_property
                 def forbid_pr_author_to_review(self):
                     return self.pr_author == 'forbid_pr_author'
                 @hybrid_property
                 def include_pr_author_to_review(self):
                     return self.pr_author == 'include_pr_author'
                 @hybrid_property
                 def forbid_commit_author_to_review(self):
                     return self.commit_author == 'forbid_commit_author'
                 @hybrid_property
                 def include_commit_author_to_review(self):
                     return self.commit_author == 'include_commit_author'
                 def matches(self, source_branch, target_branch, files_changed):
                     """
                     Check if this review rule matches a branch/files in a pull request
                     :param source_branch: source branch name for the commit
                     :param target_branch: target branch name for the commit
                     :param files_changed: list of file paths changed in the pull request
                     """
                     source_branch = source_branch or ''
                     target_branch = target_branch or ''
                     files_changed = files_changed or []
                     branch_matches = True
                     if source_branch or target_branch:
                         if self.source_branch_pattern == '*':
                             source_branch_match = True
                         else:
                             if self.source_branch_pattern.startswith('re:'):
                                 source_pattern = self.source_branch_pattern[3:]
                             else:
                                 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
                             source_branch_regex = re.compile(source_pattern)
                             source_branch_match = bool(source_branch_regex.search(source_branch))
                         if self.target_branch_pattern == '*':
                             target_branch_match = True
                         else:
                             if self.target_branch_pattern.startswith('re:'):
                                 target_pattern = self.target_branch_pattern[3:]
                             else:
                                 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
                             target_branch_regex = re.compile(target_pattern)
                             target_branch_match = bool(target_branch_regex.search(target_branch))
                         branch_matches = source_branch_match and target_branch_match
                     files_matches = True
                     if self.file_pattern != '*':
                         files_matches = False
                         if self.file_pattern.startswith('re:'):
                             file_pattern = self.file_pattern[3:]
                         else:
                             file_pattern = glob2re(self.file_pattern)
                         file_regex = re.compile(file_pattern)
                         for file_data in files_changed:
                             filename = file_data.get('filename')
                             if file_regex.search(filename):
                                 files_matches = True
                                 break
                     return branch_matches and files_matches
                 @property
                 def review_users(self):
                     """ Returns the users which this rule applies to """
                     users = collections.OrderedDict()
                     for rule_user in self.rule_users:
                         if rule_user.user.active:
                             if rule_user.user not in users:
                                 users[rule_user.user.username] = {
                                     'user': rule_user.user,
                                     'source': 'user',
                                     'source_data': {},
                                     'data': rule_user.rule_data()
                                 }
                     for rule_user_group in self.rule_user_groups:
                         source_data = {
                             'user_group_id': rule_user_group.users_group.users_group_id,
                             'name': rule_user_group.users_group.users_group_name,
                             'members': len(rule_user_group.users_group.members)
                         }
                         for member in rule_user_group.users_group.members:
                             if member.user.active:
                                 key = member.user.username
                                 if key in users:
                                     # skip this member as we have him already
                                     # this prevents from override the "first" matched
                                     # users with duplicates in multiple groups
                                     continue
                                 users[key] = {
                                     'user': member.user,
                                     'source': 'user_group',
                                     'source_data': source_data,
                                     'data': rule_user_group.rule_data()
                                 }
                     return users
                 def user_group_vote_rule(self, user_id):
                     rules = []
                     if not self.rule_user_groups:
                         return rules
                     for user_group in self.rule_user_groups:
                         user_group_members = [x.user_id for x in user_group.users_group.members]
                         if user_id in user_group_members:
                             rules.append(user_group)
                     return rules
                 def __repr__(self):
                     return f'<RepoReviewerRule(id={self.repo_review_rule_id}, repo={self.repo!r})>'
             class ScheduleEntry(Base, BaseModel):
                 __tablename__ = 'schedule_entries'
                 __table_args__ = (
                     UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
                     UniqueConstraint('task_uid', name='s_task_uid_idx'),
                     base_table_args,
                 )
                 SCHEDULE_TYPE_INTEGER = "integer"
                 SCHEDULE_TYPE_CRONTAB = "crontab"
                 schedule_types = [SCHEDULE_TYPE_CRONTAB, SCHEDULE_TYPE_INTEGER]
                 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
                 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
                 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
                 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
                 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
                 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
                 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
                 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
                 # task
                 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
                 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
                 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
                 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
                 @hybrid_property
                 def schedule_type(self):
                     return self._schedule_type
                 @schedule_type.setter
                 def schedule_type(self, val):
                     if val not in self.schedule_types:
                         raise ValueError('Value must be on of `{}` and got `{}`'.format(
                             val, self.schedule_type))
                     self._schedule_type = val
                 @classmethod
                 def get_uid(cls, obj):
                     args = obj.task_args
                     kwargs = obj.task_kwargs
                     if isinstance(args, JsonRaw):
                         try:
                             args = json.loads(args)
                         except ValueError:
                             args = tuple()
                     if isinstance(kwargs, JsonRaw):
                         try:
                             kwargs = json.loads(kwargs)
                         except ValueError:
                             kwargs = dict()
                     dot_notation = obj.task_dot_notation
                     val = '.'.join(map(safe_str, [
                         sorted(dot_notation), args, sorted(kwargs.items())]))
                     return sha1(safe_bytes(val))
                 @classmethod
                 def get_by_schedule_name(cls, schedule_name):
                     return cls.query().filter(cls.schedule_name == schedule_name).scalar()
                 @classmethod
                 def get_by_schedule_id(cls, schedule_id):
                     return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
                 @property
                 def task(self):
                     return self.task_dot_notation
                 @property
                 def schedule(self):
                     from rhodecode.lib.celerylib.utils import raw_2_schedule
                     schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
                     return schedule
                 @property
                 def args(self):
                     try:
                         return list(self.task_args or [])
                     except ValueError:
                         return list()
                 @property
                 def kwargs(self):
                     try:
                         return dict(self.task_kwargs or {})
                     except ValueError:
                         return dict()
                 def _as_raw(self, val, indent=False):
                     if hasattr(val, 'de_coerce'):
                         val = val.de_coerce()
                         if val:
                             if indent:
                                 val = ext_json.formatted_str_json(val)
                             else:
                                 val = ext_json.str_json(val)
                     return val
                 @property
                 def schedule_definition_raw(self):
                     return self._as_raw(self.schedule_definition)
                 def args_raw(self, indent=False):
                     return self._as_raw(self.task_args, indent)
                 def kwargs_raw(self, indent=False):
                     return self._as_raw(self.task_kwargs, indent)
                 def __repr__(self):
                     return f'<DB:ScheduleEntry({self.schedule_entry_id}:{self.schedule_name})>'
             @event.listens_for(ScheduleEntry, 'before_update')
             def update_task_uid(mapper, connection, target):
                 target.task_uid = ScheduleEntry.get_uid(target)
             @event.listens_for(ScheduleEntry, 'before_insert')
             def set_task_uid(mapper, connection, target):
                 target.task_uid = ScheduleEntry.get_uid(target)
             class _BaseBranchPerms(BaseModel):
                 @classmethod
                 def compute_hash(cls, value):
                     return sha1_safe(value)
                 @hybrid_property
                 def branch_pattern(self):
                     return self._branch_pattern or '*'
                 @hybrid_property
                 def branch_hash(self):
                     return self._branch_hash
                 def _validate_glob(self, value):
                     re.compile('^' + glob2re(value) + '$')
                 @branch_pattern.setter
                 def branch_pattern(self, value):
                     self._validate_glob(value)
                     self._branch_pattern = value or '*'
                     # set the Hash when setting the branch pattern
                     self._branch_hash = self.compute_hash(self._branch_pattern)
                 def matches(self, branch):
                     """
                     Check if this the branch matches entry
                     :param branch: branch name for the commit
                     """
                     branch = branch or ''
                     branch_matches = True
                     if branch:
                         branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
                         branch_matches = bool(branch_regex.search(branch))
                     return branch_matches
             class UserToRepoBranchPermission(Base, _BaseBranchPerms):
                 __tablename__ = 'user_to_repo_branch_permissions'
                 __table_args__ = (
                     base_table_args
                 )
                 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
                 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 repo = relationship('Repository', back_populates='user_branch_perms')
                 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 permission = relationship('Permission')
                 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
                 user_repo_to_perm = relationship('UserRepoToPerm', back_populates='branch_perm_entry')
                 rule_order = Column('rule_order', Integer(), nullable=False)
                 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default='*')  # glob
                 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
                 def __repr__(self):
                     return f'<UserBranchPermission({self.user_repo_to_perm} => {self.branch_pattern!r})>'
             class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
                 __tablename__ = 'user_group_to_repo_branch_permissions'
                 __table_args__ = (
                     base_table_args
                 )
                 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
                 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 repo = relationship('Repository', back_populates='user_group_branch_perms')
                 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 permission = relationship('Permission')
                 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
                 user_group_repo_to_perm = relationship('UserGroupRepoToPerm', back_populates='user_group_branch_perms')
                 rule_order = Column('rule_order', Integer(), nullable=False)
                 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default='*')  # glob
                 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
                 def __repr__(self):
                     return f'<UserBranchPermission({self.user_group_repo_to_perm} => {self.branch_pattern!r})>'
             class UserBookmark(Base, BaseModel):
                 __tablename__ = 'user_bookmarks'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'bookmark_repo_id'),
                     UniqueConstraint('user_id', 'bookmark_repo_group_id'),
                     UniqueConstraint('user_id', 'bookmark_position'),
                     base_table_args
                 )
                 user_bookmark_id = Column("user_bookmark_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 position = Column("bookmark_position", Integer(), nullable=False)
                 title = Column("bookmark_title", String(255), nullable=True, unique=None, default=None)
                 redirect_url = Column("bookmark_redirect_url", String(10240), nullable=True, unique=None, default=None)
                 created_on = Column("created_on", DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 bookmark_repo_id = Column("bookmark_repo_id", Integer(), ForeignKey("repositories.repo_id"), nullable=True, unique=None, default=None)
                 bookmark_repo_group_id = Column("bookmark_repo_group_id", Integer(), ForeignKey("groups.group_id"), nullable=True, unique=None, default=None)
                 user = relationship("User")
                 repository = relationship("Repository")
                 repository_group = relationship("RepoGroup")
                 @classmethod
                 def get_by_position_for_user(cls, position, user_id):
                     return cls.query() \
                         .filter(UserBookmark.user_id == user_id) \
                         .filter(UserBookmark.position == position).scalar()
                 @classmethod
                 def get_bookmarks_for_user(cls, user_id, cache=True):
                     bookmarks = cls.query() \
                         .filter(UserBookmark.user_id == user_id) \
                         .options(joinedload(UserBookmark.repository)) \
                         .options(joinedload(UserBookmark.repository_group)) \
                         .order_by(UserBookmark.position.asc())
                     if cache:
                         bookmarks = bookmarks.options(
                             FromCache("sql_cache_short", "get_user_{}_bookmarks".format(user_id))
                         )
                     return bookmarks.all()
                 def __repr__(self):
                     return f'<UserBookmark({self.position} @ {self.redirect_url!r})>'
             class FileStore(Base, BaseModel):
                 __tablename__ = 'file_store'
                 __table_args__ = (
                     base_table_args
                 )
                 file_store_id = Column('file_store_id', Integer(), primary_key=True)
                 file_uid = Column('file_uid', String(1024), nullable=False)
                 file_display_name = Column('file_display_name', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), nullable=True)
                 file_description = Column('file_description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=True)
                 file_org_name = Column('file_org_name', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=False)
                 # sha256 hash
                 file_hash = Column('file_hash', String(512), nullable=False)
                 file_size = Column('file_size', BigInteger(), nullable=False)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True)
                 accessed_count = Column('accessed_count', Integer(), default=0)
                 enabled = Column('enabled', Boolean(), nullable=False, default=True)
                 # if repo/repo_group reference is set, check for permissions
                 check_acl = Column('check_acl', Boolean(), nullable=False, default=True)
                 # hidden defines an attachment that should be hidden from showing in artifact listing
                 hidden = Column('hidden', Boolean(), nullable=False, default=False)
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
                 upload_user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.user_id', back_populates='artifacts')
                 file_metadata = relationship('FileStoreMetadata', lazy='joined')
                 # scope limited to user, which requester have access to
                 scope_user_id = Column(
                     'scope_user_id', Integer(), ForeignKey('users.user_id'),
                     nullable=True, unique=None, default=None)
                 user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.scope_user_id', back_populates='scope_artifacts')
                 # scope limited to user group, which requester have access to
                 scope_user_group_id = Column(
                     'scope_user_group_id', Integer(), ForeignKey('users_groups.users_group_id'),
                     nullable=True, unique=None, default=None)
                 user_group = relationship('UserGroup', lazy='joined')
                 # scope limited to repo, which requester have access to
                 scope_repo_id = Column(
                     'scope_repo_id', Integer(), ForeignKey('repositories.repo_id'),
                     nullable=True, unique=None, default=None)
                 repo = relationship('Repository', lazy='joined')
                 # scope limited to repo group, which requester have access to
                 scope_repo_group_id = Column(
                     'scope_repo_group_id', Integer(), ForeignKey('groups.group_id'),
                     nullable=True, unique=None, default=None)
                 repo_group = relationship('RepoGroup', lazy='joined')
                 @classmethod
                 def get_scope(cls, scope_type, scope_id):
                     if scope_type == 'repo':
                         return f'repo:{scope_id}'
                     elif scope_type == 'repo-group':
                         return f'repo-group:{scope_id}'
                     elif scope_type == 'user':
                         return f'user:{scope_id}'
                     elif scope_type == 'user-group':
                         return f'user-group:{scope_id}'
                     else:
                         return scope_type
                 @classmethod
                 def get_by_store_uid(cls, file_store_uid, safe=False):
                     if safe:
                         return FileStore.query().filter(FileStore.file_uid == file_store_uid).first()
                     else:
                         return FileStore.query().filter(FileStore.file_uid == file_store_uid).scalar()
                 @classmethod
                 def create(cls, file_uid, filename, file_hash, file_size, file_display_name='',
                            file_description='', enabled=True, hidden=False, check_acl=True,
                            user_id=None, scope_user_id=None, scope_repo_id=None, scope_repo_group_id=None):
                     store_entry = FileStore()
                     store_entry.file_uid = file_uid
                     store_entry.file_display_name = file_display_name
                     store_entry.file_org_name = filename
                     store_entry.file_size = file_size
                     store_entry.file_hash = file_hash
                     store_entry.file_description = file_description
                     store_entry.check_acl = check_acl
                     store_entry.enabled = enabled
                     store_entry.hidden = hidden
                     store_entry.user_id = user_id
                     store_entry.scope_user_id = scope_user_id
                     store_entry.scope_repo_id = scope_repo_id
                     store_entry.scope_repo_group_id = scope_repo_group_id
                     return store_entry
                 @classmethod
                 def store_metadata(cls, file_store_id, args, commit=True):
                     file_store = FileStore.get(file_store_id)
                     if file_store is None:
                         return
                     for section, key, value, value_type in args:
                         has_key = FileStoreMetadata().query() \
                             .filter(FileStoreMetadata.file_store_id == file_store.file_store_id) \
                             .filter(FileStoreMetadata.file_store_meta_section == section) \
                             .filter(FileStoreMetadata.file_store_meta_key == key) \
                             .scalar()
                         if has_key:
                             msg = 'key `{}` already defined under section `{}` for this file.'\
                                 .format(key, section)
                             raise ArtifactMetadataDuplicate(msg, err_section=section, err_key=key)
                         # NOTE(marcink): raises ArtifactMetadataBadValueType
                         FileStoreMetadata.valid_value_type(value_type)
                         meta_entry = FileStoreMetadata()
                         meta_entry.file_store = file_store
                         meta_entry.file_store_meta_section = section
                         meta_entry.file_store_meta_key = key
                         meta_entry.file_store_meta_value_type = value_type
                         meta_entry.file_store_meta_value = value
                         Session().add(meta_entry)
                     try:
                         if commit:
                             Session().commit()
                     except IntegrityError:
                         Session().rollback()
                         raise ArtifactMetadataDuplicate('Duplicate section/key found for this file.')
                 @classmethod
                 def bump_access_counter(cls, file_uid, commit=True):
                     FileStore().query()\
                         .filter(FileStore.file_uid == file_uid)\
                         .update({FileStore.accessed_count: (FileStore.accessed_count + 1),
                                  FileStore.accessed_on: datetime.datetime.now()})
                     if commit:
                         Session().commit()
                 def __json__(self):
                     data = {
                         'filename': self.file_display_name,
                         'filename_org': self.file_org_name,
                         'file_uid': self.file_uid,
                         'description': self.file_description,
                         'hidden': self.hidden,
                         'size': self.file_size,
                         'created_on': self.created_on,
                         'uploaded_by': self.upload_user.get_api_data(details='basic'),
                         'downloaded_times': self.accessed_count,
                         'sha256': self.file_hash,
                         'metadata': self.file_metadata,
                     }
                     return data
                 def __repr__(self):
                     return f'<FileStore({self.file_store_id})>'
             class FileStoreMetadata(Base, BaseModel):
                 __tablename__ = 'file_store_metadata'
                 __table_args__ = (
                     UniqueConstraint('file_store_id', 'file_store_meta_section_hash', 'file_store_meta_key_hash'),
                     Index('file_store_meta_section_idx', 'file_store_meta_section', mysql_length=255),
                     Index('file_store_meta_key_idx', 'file_store_meta_key', mysql_length=255),
                     base_table_args
                 )
                 SETTINGS_TYPES = {
                     'str': safe_str,
                     'int': safe_int,
                     'unicode': safe_str,
                     'bool': str2bool,
                     'list': functools.partial(aslist, sep=',')
                 }
                 file_store_meta_id = Column(
                     "file_store_meta_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 _file_store_meta_section = Column(
                     "file_store_meta_section", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
                     nullable=True, unique=None, default=None)
                 _file_store_meta_section_hash = Column(
                     "file_store_meta_section_hash", String(255),
                     nullable=True, unique=None, default=None)
                 _file_store_meta_key = Column(
                     "file_store_meta_key", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
                     nullable=True, unique=None, default=None)
                 _file_store_meta_key_hash = Column(
                     "file_store_meta_key_hash", String(255), nullable=True, unique=None, default=None)
                 _file_store_meta_value = Column(
                     "file_store_meta_value", UnicodeText().with_variant(UnicodeText(20480), 'mysql'),
                     nullable=True, unique=None, default=None)
                 _file_store_meta_value_type = Column(
                     "file_store_meta_value_type", String(255), nullable=True, unique=None,
                     default='unicode')
                 file_store_id = Column(
                     'file_store_id', Integer(), ForeignKey('file_store.file_store_id'),
                     nullable=True, unique=None, default=None)
                 file_store = relationship('FileStore', lazy='joined', viewonly=True)
                 @classmethod
                 def valid_value_type(cls, value):
                     if value.split('.')[0] not in cls.SETTINGS_TYPES:
                         raise ArtifactMetadataBadValueType(
                             'value_type must be one of %s got %s' % (cls.SETTINGS_TYPES.keys(), value))
                 @hybrid_property
                 def file_store_meta_section(self):
                     return self._file_store_meta_section
                 @file_store_meta_section.setter
                 def file_store_meta_section(self, value):
                     self._file_store_meta_section = value
                     self._file_store_meta_section_hash = _hash_key(value)
                 @hybrid_property
                 def file_store_meta_key(self):
                     return self._file_store_meta_key
                 @file_store_meta_key.setter
                 def file_store_meta_key(self, value):
                     self._file_store_meta_key = value
                     self._file_store_meta_key_hash = _hash_key(value)
                 @hybrid_property
                 def file_store_meta_value(self):
                     val = self._file_store_meta_value
                     if self._file_store_meta_value_type:
                         # e.g unicode.encrypted == unicode
                         _type = self._file_store_meta_value_type.split('.')[0]
                         # decode the encrypted value if it's encrypted field type
                         if '.encrypted' in self._file_store_meta_value_type:
                             cipher = EncryptedTextValue()
                             val = safe_str(cipher.process_result_value(val, None))
                         # do final type conversion
                         converter = self.SETTINGS_TYPES.get(_type) or self.SETTINGS_TYPES['unicode']
                         val = converter(val)
                     return val
                 @file_store_meta_value.setter
                 def file_store_meta_value(self, val):
                     val = safe_str(val)
                     # encode the encrypted value
                     if '.encrypted' in self.file_store_meta_value_type:
                         cipher = EncryptedTextValue()
                         val = safe_str(cipher.process_bind_param(val, None))
                     self._file_store_meta_value = val
                 @hybrid_property
                 def file_store_meta_value_type(self):
                     return self._file_store_meta_value_type
                 @file_store_meta_value_type.setter
                 def file_store_meta_value_type(self, val):
                     # e.g unicode.encrypted
                     self.valid_value_type(val)
                     self._file_store_meta_value_type = val
                 def __json__(self):
                     data = {
                         'artifact': self.file_store.file_uid,
                         'section': self.file_store_meta_section,
                         'key': self.file_store_meta_key,
                         'value': self.file_store_meta_value,
                     }
                     return data
                 def __repr__(self):
                     return '<%s[%s]%s=>%s]>' % (self.cls_name, self.file_store_meta_section,
                                                 self.file_store_meta_key, self.file_store_meta_value)
             class DbMigrateVersion(Base, BaseModel):
                 __tablename__ = 'db_migrate_version'
                 __table_args__ = (
                     base_table_args,
                 )
                 repository_id = Column('repository_id', String(250), primary_key=True)
                 repository_path = Column('repository_path', Text)
                 version = Column('version', Integer)
                 @classmethod
                 def set_version(cls, version):
                     """
                     Helper for forcing a different version, usually for debugging purposes via ishell.
                     """
                     ver = DbMigrateVersion.query().first()
                     ver.version = version
                     Session().commit()
             class DbSession(Base, BaseModel):
                 __tablename__ = 'db_session'
                 __table_args__ = (
                     base_table_args,
                 )
                 def __repr__(self):
                     return f'<DB:DbSession({self.id})>'
                 id = Column('id', Integer())
                 namespace = Column('namespace', String(255), primary_key=True)
                 accessed = Column('accessed', DateTime, nullable=False)
                 created = Column('created', DateTime, nullable=False)
                 data = Column('data', PickleType, nullable=False)

rhodecode/model/forms.py

0 0 -4

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             this is forms validation classes
             http://formencode.org/module-formencode.validators.html
             for list off all availible validators
             we can create our own validators
             The table below outlines the options which can be used in a schema in addition to the validators themselves
             pre_validators          []     These validators will be applied before the schema
             chained_validators      []     These validators will be applied after the schema
             allow_extra_fields      False     If True, then it is not an error when keys that aren't associated with a validator are present
             filter_extra_fields     False     If True, then keys that aren't associated with a validator are removed
             if_key_missing          NoDefault If this is given, then any keys that aren't available but are expected will be replaced with this value (and then validated). This does not override a present .if_missing attribute on validators. NoDefault is a special FormEncode class to mean that no default values has been specified and therefore missing keys shouldn't take a default value.
             ignore_key_missing      False     If True, then missing keys will be missing in the result, if the validator doesn't have .if_missing on it already
             <name> = formencode.validators.<name of validator>
             <name> must equal form name
             list=[1,2,3,4,5]
             for SELECT use formencode.All(OneOf(list), Int())
             """
             import deform
             import logging
             import formencode
             from pkg_resources import resource_filename
             from formencode import All, Pipe
             from pyramid.threadlocal import get_current_request
             from rhodecode import BACKENDS
             from rhodecode.lib import helpers
             from rhodecode.model import validators as v
             log = logging.getLogger(__name__)
             deform_templates = resource_filename('deform', 'templates')
             rhodecode_templates = resource_filename('rhodecode', 'templates/forms')
             search_path = (rhodecode_templates, deform_templates)
             class RhodecodeFormZPTRendererFactory(deform.ZPTRendererFactory):
                 """ Subclass of ZPTRendererFactory to add rhodecode context variables """
                 def __call__(self, template_name, **kw):
                     kw['h'] = helpers
                     kw['request'] = get_current_request()
                     return self.load(template_name)(**kw)
             form_renderer = RhodecodeFormZPTRendererFactory(search_path)
             deform.Form.set_default_renderer(form_renderer)
             def LoginForm(localizer):
                 _ = localizer
                 class _LoginForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     username = v.UnicodeString(
                         strip=True,
                         min=1,
                         not_empty=True,
                         messages={
                             'empty': _('Please enter a login'),
                             'tooShort': _('Enter a value %(min)i characters long or more')
                         }
                     )
                     password = v.UnicodeString(
                         strip=False,
                         min=3,
                         max=72,
                         not_empty=True,
                         messages={
                             'empty': _('Please enter a password'),
                             'tooShort': _('Enter %(min)i characters or more')}
                     )
                     remember = v.StringBoolean(if_missing=False)
                     chained_validators = [v.ValidAuth(localizer)]
                 return _LoginForm
             def UserForm(localizer, edit=False, available_languages=None, old_data=None):
                 old_data = old_data or {}
                 available_languages = available_languages or []
                 _ = localizer
                 class _UserForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     username = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                    v.ValidUsername(localizer, edit, old_data))
                     if edit:
                         new_password = All(
                             v.ValidPassword(localizer),
                             v.UnicodeString(strip=False, min=6, max=72, not_empty=False)
                         )
                         password_confirmation = All(
                             v.ValidPassword(localizer),
                             v.UnicodeString(strip=False, min=6, max=72, not_empty=False),
                         )
                         admin = v.StringBoolean(if_missing=False)
                     else:
                         password = All(
                             v.ValidPassword(localizer),
                             v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
                         )
                         password_confirmation = All(
                             v.ValidPassword(localizer),
                             v.UnicodeString(strip=False, min=6, max=72, not_empty=False)
                         )
                     password_change = v.StringBoolean(if_missing=False)
                     create_repo_group = v.StringBoolean(if_missing=False)
                     active = v.StringBoolean(if_missing=False)
                     firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     email = All(v.UniqSystemEmail(localizer, old_data), v.Email(not_empty=True))
                     description = v.UnicodeString(strip=True, min=1, max=250, not_empty=False,
                                                   if_missing='')
                     extern_name = v.UnicodeString(strip=True)
                     extern_type = v.UnicodeString(strip=True)
                     language = v.OneOf(available_languages, hideList=False,
                                        testValueList=True, if_missing=None)
                     chained_validators = [v.ValidPasswordsMatch(localizer)]
                 return _UserForm
             def UserGroupForm(localizer, edit=False, old_data=None, allow_disabled=False):
                 old_data = old_data or {}
                 _ = localizer
                 class _UserGroupForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     users_group_name = All(
                         v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.ValidUserGroup(localizer, edit, old_data)
                     )
                     user_group_description = v.UnicodeString(strip=True, min=1,
                                                              not_empty=False)
                     users_group_active = v.StringBoolean(if_missing=False)
                     if edit:
                         # this is user group owner
                         user = All(
                             v.UnicodeString(not_empty=True),
                             v.ValidRepoUser(localizer, allow_disabled))
                 return _UserGroupForm
             def RepoGroupForm(localizer, edit=False, old_data=None, available_groups=None,
                               can_create_in_root=False, allow_disabled=False):
                 _ = localizer
                 old_data = old_data or {}
                 available_groups = available_groups or []
                 class _RepoGroupForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     group_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                      v.SlugifyName(localizer),)
                     group_description = v.UnicodeString(strip=True, min=1,
                                                         not_empty=False)
                     group_copy_permissions = v.StringBoolean(if_missing=False)
                     group_parent_id = v.OneOf(available_groups, hideList=False,
                                               testValueList=True, not_empty=True)
                     enable_locking = v.StringBoolean(if_missing=False)
                     chained_validators = [
                         v.ValidRepoGroup(localizer, edit, old_data, can_create_in_root)]
                     if edit:
                         # this is repo group owner
                         user = All(
                             v.UnicodeString(not_empty=True),
                             v.ValidRepoUser(localizer, allow_disabled))
                 return _RepoGroupForm
             def RegisterForm(localizer, edit=False, old_data=None):
                 _ = localizer
                 old_data = old_data or {}
                 class _RegisterForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     username = All(
                         v.ValidUsername(localizer, edit, old_data),
                         v.UnicodeString(strip=True, min=1, not_empty=True)
                     )
                     password = All(
                         v.ValidPassword(localizer),
                         v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
                     )
                     password_confirmation = All(
                         v.ValidPassword(localizer),
                         v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
                     )
                     active = v.StringBoolean(if_missing=False)
                     firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     email = All(v.UniqSystemEmail(localizer, old_data), v.Email(not_empty=True))
                     chained_validators = [v.ValidPasswordsMatch(localizer)]
                 return _RegisterForm
             def PasswordResetForm(localizer):
                 _ = localizer
                 class _PasswordResetForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     email = All(v.ValidSystemEmail(localizer), v.Email(not_empty=True))
                 return _PasswordResetForm
             def RepoForm(localizer, edit=False, old_data=None, repo_groups=None, allow_disabled=False):
                 _ = localizer
                 old_data = old_data or {}
                 repo_groups = repo_groups or []
                 supported_backends = BACKENDS.keys()
                 class _RepoForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                     v.SlugifyName(localizer), v.CannotHaveGitSuffix(localizer))
                     repo_group = All(v.CanWriteGroup(localizer, old_data),
                                      v.OneOf(repo_groups, hideList=True))
                     repo_type = v.OneOf(supported_backends, required=False,
                                         if_missing=old_data.get('repo_type'))
                     repo_description = v.UnicodeString(strip=True, min=1, not_empty=False)
                     repo_private = v.StringBoolean(if_missing=False)
                     repo_copy_permissions = v.StringBoolean(if_missing=False)
                     clone_uri = All(v.UnicodeString(strip=True, min=1, not_empty=False))
                     repo_enable_statistics = v.StringBoolean(if_missing=False)
                     repo_enable_downloads = v.StringBoolean(if_missing=False)
                     repo_enable_locking = v.StringBoolean(if_missing=False)
                     if edit:
                         # this is repo owner
                         user = All(
                             v.UnicodeString(not_empty=True),
                             v.ValidRepoUser(localizer, allow_disabled))
                         clone_uri_change = v.UnicodeString(
                             not_empty=False, if_missing=v.Missing)
                     chained_validators = [v.ValidCloneUri(localizer),
                                           v.ValidRepoName(localizer, edit, old_data)]
                 return _RepoForm
             def RepoPermsForm(localizer):
                 _ = localizer
                 class _RepoPermsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     chained_validators = [v.ValidPerms(localizer, type_='repo')]
                 return _RepoPermsForm
             def RepoGroupPermsForm(localizer, valid_recursive_choices):
                 _ = localizer
                 class _RepoGroupPermsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     recursive = v.OneOf(valid_recursive_choices)
                     chained_validators = [v.ValidPerms(localizer, type_='repo_group')]
                 return _RepoGroupPermsForm
             def UserGroupPermsForm(localizer):
                 _ = localizer
                 class _UserPermsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     chained_validators = [v.ValidPerms(localizer, type_='user_group')]
                 return _UserPermsForm
             def RepoFieldForm(localizer):
                 _ = localizer
                 class _RepoFieldForm(formencode.Schema):
                     filter_extra_fields = True
                     allow_extra_fields = True
                     new_field_key = All(v.FieldKey(localizer),
                                         v.UnicodeString(strip=True, min=3, not_empty=True))
                     new_field_value = v.UnicodeString(not_empty=False, if_missing='')
                     new_field_type = v.OneOf(['str', 'unicode', 'list', 'tuple'],
                                              if_missing='str')
                     new_field_label = v.UnicodeString(not_empty=False)
                     new_field_desc = v.UnicodeString(not_empty=False)
                 return _RepoFieldForm
             def RepoForkForm(localizer, edit=False, old_data=None,
                              supported_backends=BACKENDS.keys(), repo_groups=None):
                 _ = localizer
                 old_data = old_data or {}
                 repo_groups = repo_groups or []
                 class _RepoForkForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                     v.SlugifyName(localizer))
                     repo_group = All(v.CanWriteGroup(localizer, ),
                                      v.OneOf(repo_groups, hideList=True))
                     repo_type = All(v.ValidForkType(localizer, old_data), v.OneOf(supported_backends))
                     description = v.UnicodeString(strip=True, min=1, not_empty=True)
                     private = v.StringBoolean(if_missing=False)
                     copy_permissions = v.StringBoolean(if_missing=False)
                     fork_parent_id = v.UnicodeString()
                     chained_validators = [v.ValidForkName(localizer, edit, old_data)]
                 return _RepoForkForm
             def ApplicationSettingsForm(localizer):
                 _ = localizer
                 class _ApplicationSettingsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     rhodecode_title = v.UnicodeString(strip=True, max=40, not_empty=False)
                     rhodecode_realm = v.UnicodeString(strip=True, min=1, not_empty=True)
                     rhodecode_pre_code = v.UnicodeString(strip=True, min=1, not_empty=False)
                     rhodecode_post_code = v.UnicodeString(strip=True, min=1, not_empty=False)
                     rhodecode_captcha_public_key = v.UnicodeString(strip=True, min=1, not_empty=False)
                     rhodecode_captcha_private_key = v.UnicodeString(strip=True, min=1, not_empty=False)
                     rhodecode_create_personal_repo_group = v.StringBoolean(if_missing=False)
                     rhodecode_personal_repo_group_pattern = v.UnicodeString(strip=True, min=1, not_empty=False)
                 return _ApplicationSettingsForm
             def ApplicationVisualisationForm(localizer):
                 from rhodecode.model.db import Repository
                 _ = localizer
                 class _ApplicationVisualisationForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     rhodecode_show_public_icon = v.StringBoolean(if_missing=False)
                     rhodecode_show_private_icon = v.StringBoolean(if_missing=False)
                     rhodecode_stylify_metatags = v.StringBoolean(if_missing=False)
                     rhodecode_repository_fields = v.StringBoolean(if_missing=False)
                     rhodecode_lightweight_journal = v.StringBoolean(if_missing=False)
                     rhodecode_dashboard_items = v.Int(min=5, not_empty=True)
                     rhodecode_admin_grid_items = v.Int(min=5, not_empty=True)
                     rhodecode_show_version = v.StringBoolean(if_missing=False)
                     rhodecode_use_gravatar = v.StringBoolean(if_missing=False)
                     rhodecode_markup_renderer = v.OneOf(['markdown', 'rst'])
                     rhodecode_gravatar_url = v.UnicodeString(min=3)
                     rhodecode_clone_uri_tmpl = v.UnicodeString(not_empty=False, if_empty=Repository.DEFAULT_CLONE_URI)
                     rhodecode_clone_uri_id_tmpl = v.UnicodeString(not_empty=False, if_empty=Repository.DEFAULT_CLONE_URI_ID)
                     rhodecode_clone_uri_ssh_tmpl = v.UnicodeString(not_empty=False, if_empty=Repository.DEFAULT_CLONE_URI_SSH)
                     rhodecode_support_url = v.UnicodeString()
                     rhodecode_show_revision_number = v.StringBoolean(if_missing=False)
                     rhodecode_show_sha_length = v.Int(min=4, not_empty=True)
                 return _ApplicationVisualisationForm
             class _BaseVcsSettingsForm(formencode.Schema):
                 allow_extra_fields = True
                 filter_extra_fields = False
                 hooks_changegroup_repo_size = v.StringBoolean(if_missing=False)
                 hooks_changegroup_push_logger = v.StringBoolean(if_missing=False)
                 hooks_outgoing_pull_logger = v.StringBoolean(if_missing=False)
                 # PR/Code-review
                 rhodecode_pr_merge_enabled = v.StringBoolean(if_missing=False)
                 rhodecode_use_outdated_comments = v.StringBoolean(if_missing=False)
                 # hg
                 extensions_largefiles = v.StringBoolean(if_missing=False)
                 extensions_evolve = v.StringBoolean(if_missing=False)
                 phases_publish = v.StringBoolean(if_missing=False)
                 rhodecode_hg_use_rebase_for_merging = v.StringBoolean(if_missing=False)
                 rhodecode_hg_close_branch_before_merging = v.StringBoolean(if_missing=False)
                 # git
                 vcs_git_lfs_enabled = v.StringBoolean(if_missing=False)
                 rhodecode_git_use_rebase_for_merging = v.StringBoolean(if_missing=False)
                 rhodecode_git_close_branch_before_merging = v.StringBoolean(if_missing=False)
                 # cache
                 rhodecode_diff_cache = v.StringBoolean(if_missing=False)
             def ApplicationUiSettingsForm(localizer):
                 _ = localizer
                 class _ApplicationUiSettingsForm(_BaseVcsSettingsForm):
                     web_push_ssl = v.StringBoolean(if_missing=False)
-                    paths_root_path = All(
-                        v.ValidPath(localizer),
-                        v.UnicodeString(strip=True, min=1, not_empty=True)
                     largefiles_usercache = All(
                         v.ValidPath(localizer),
                         v.UnicodeString(strip=True, min=2, not_empty=True))
                     vcs_git_lfs_store_location = All(
                         v.ValidPath(localizer),
                         v.UnicodeString(strip=True, min=2, not_empty=True))
                     extensions_hggit = v.StringBoolean(if_missing=False)
                     new_svn_branch = v.ValidSvnPattern(localizer, section='vcs_svn_branch')
                     new_svn_tag = v.ValidSvnPattern(localizer, section='vcs_svn_tag')
                 return _ApplicationUiSettingsForm
             def RepoVcsSettingsForm(localizer, repo_name):
                 _ = localizer
                 class _RepoVcsSettingsForm(_BaseVcsSettingsForm):
                     inherit_global_settings = v.StringBoolean(if_missing=False)
                     new_svn_branch = v.ValidSvnPattern(localizer,
                         section='vcs_svn_branch', repo_name=repo_name)
                     new_svn_tag = v.ValidSvnPattern(localizer,
                         section='vcs_svn_tag', repo_name=repo_name)
                 return _RepoVcsSettingsForm
             def LabsSettingsForm(localizer):
                 _ = localizer
                 class _LabSettingsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                 return _LabSettingsForm
             def ApplicationPermissionsForm(
                     localizer, register_choices, password_reset_choices,
                     extern_activate_choices):
                 _ = localizer
                 class _DefaultPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     anonymous = v.StringBoolean(if_missing=False)
                     default_register = v.OneOf(register_choices)
                     default_register_message = v.UnicodeString()
                     default_password_reset = v.OneOf(password_reset_choices)
                     default_extern_activate = v.OneOf(extern_activate_choices)
                 return _DefaultPermissionsForm
             def ObjectPermissionsForm(localizer, repo_perms_choices, group_perms_choices,
                                       user_group_perms_choices):
                 _ = localizer
                 class _ObjectPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     overwrite_default_repo = v.StringBoolean(if_missing=False)
                     overwrite_default_group = v.StringBoolean(if_missing=False)
                     overwrite_default_user_group = v.StringBoolean(if_missing=False)
                     default_repo_perm = v.OneOf(repo_perms_choices)
                     default_group_perm = v.OneOf(group_perms_choices)
                     default_user_group_perm = v.OneOf(user_group_perms_choices)
                 return _ObjectPermissionsForm
             def BranchPermissionsForm(localizer, branch_perms_choices):
                 _ = localizer
                 class _BranchPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     overwrite_default_branch = v.StringBoolean(if_missing=False)
                     default_branch_perm = v.OneOf(branch_perms_choices)
                 return _BranchPermissionsForm
             def UserPermissionsForm(localizer, create_choices, create_on_write_choices,
                                     repo_group_create_choices, user_group_create_choices,
                                     fork_choices, inherit_default_permissions_choices):
                 _ = localizer
                 class _DefaultPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     anonymous = v.StringBoolean(if_missing=False)
                     default_repo_create = v.OneOf(create_choices)
                     default_repo_create_on_write = v.OneOf(create_on_write_choices)
                     default_user_group_create = v.OneOf(user_group_create_choices)
                     default_repo_group_create = v.OneOf(repo_group_create_choices)
                     default_fork_create = v.OneOf(fork_choices)
                     default_inherit_default_permissions = v.OneOf(inherit_default_permissions_choices)
                 return _DefaultPermissionsForm
             def UserIndividualPermissionsForm(localizer):
                 _ = localizer
                 class _DefaultPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     inherit_default_permissions = v.StringBoolean(if_missing=False)
                 return _DefaultPermissionsForm
             def DefaultsForm(localizer, edit=False, old_data=None, supported_backends=BACKENDS.keys()):
                 _ = localizer
                 old_data = old_data or {}
                 class _DefaultsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     default_repo_type = v.OneOf(supported_backends)
                     default_repo_private = v.StringBoolean(if_missing=False)
                     default_repo_enable_statistics = v.StringBoolean(if_missing=False)
                     default_repo_enable_downloads = v.StringBoolean(if_missing=False)
                     default_repo_enable_locking = v.StringBoolean(if_missing=False)
                 return _DefaultsForm
             def AuthSettingsForm(localizer):
                 _ = localizer
                 class _AuthSettingsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     auth_plugins = All(v.ValidAuthPlugins(localizer),
                                        v.UniqueListFromString(localizer)(not_empty=True))
                 return _AuthSettingsForm
             def UserExtraEmailForm(localizer):
                 _ = localizer
                 class _UserExtraEmailForm(formencode.Schema):
                     email = All(v.UniqSystemEmail(localizer), v.Email(not_empty=True))
                 return _UserExtraEmailForm
             def UserExtraIpForm(localizer):
                 _ = localizer
                 class _UserExtraIpForm(formencode.Schema):
                     ip = v.ValidIp(localizer)(not_empty=True)
                 return _UserExtraIpForm
             def PullRequestForm(localizer, repo_id):
                 _ = localizer
                 class ReviewerForm(formencode.Schema):
                     user_id = v.Int(not_empty=True)
                     reasons = All()
                     rules = All(v.UniqueList(localizer, convert=int)())
                     mandatory = v.StringBoolean()
                     role = v.String(if_missing='reviewer')
                 class ObserverForm(formencode.Schema):
                     user_id = v.Int(not_empty=True)
                     reasons = All()
                     rules = All(v.UniqueList(localizer, convert=int)())
                     mandatory = v.StringBoolean()
                     role = v.String(if_missing='observer')
                 class _PullRequestForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     common_ancestor = v.UnicodeString(strip=True, required=True)
                     source_repo = v.UnicodeString(strip=True, required=True)
                     source_ref = v.UnicodeString(strip=True, required=True)
                     target_repo = v.UnicodeString(strip=True, required=True)
                     target_ref = v.UnicodeString(strip=True, required=True)
                     revisions = All(#v.NotReviewedRevisions(localizer, repo_id)(),
                                     v.UniqueList(localizer)(not_empty=True))
                     review_members = formencode.ForEach(ReviewerForm())
                     observer_members = formencode.ForEach(ObserverForm())
                     pullrequest_title = v.UnicodeString(strip=True, required=True, min=1, max=255)
                     pullrequest_desc = v.UnicodeString(strip=True, required=False)
                     description_renderer = v.UnicodeString(strip=True, required=False)
                 return _PullRequestForm
             def IssueTrackerPatternsForm(localizer):
                 _ = localizer
                 class _IssueTrackerPatternsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     chained_validators = [v.ValidPattern(localizer)]
                 return _IssueTrackerPatternsForm

rhodecode/model/repo.py

0 0 -8

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import re
             import shutil
             import time
             import logging
             import traceback
             import datetime
             from pyramid.threadlocal import get_current_request
             from sqlalchemy.orm import aliased
             from zope.cachedescriptors.property import Lazy as LazyProperty
             from rhodecode import events
             from rhodecode.lib.auth import HasUserGroupPermissionAny
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.lib.exceptions import AttachedForksError, AttachedPullRequestsError
             from rhodecode.lib import hooks_base
             from rhodecode.lib.user_log_filter import user_log_filter
             from rhodecode.lib.utils import make_db_config
             from rhodecode.lib.utils2 import (
                 safe_str, remove_prefix, obfuscate_url_pw,
                 get_current_rhodecode_user, safe_int, action_logger_generic)
             from rhodecode.lib.vcs.backends import get_backend
             from rhodecode.lib.vcs.nodes import NodeKind
             from rhodecode.model import BaseModel
             from rhodecode.model.db import (
                 _hash_key, func, case, joinedload, or_, in_filter_generator,
                 Session, Repository, UserRepoToPerm, UserGroupRepoToPerm,
                 UserRepoGroupToPerm, UserGroupRepoGroupToPerm, User, Permission,
                 Statistics, UserGroup, RepoGroup, RepositoryField, UserLog)
             from rhodecode.model.permission import PermissionModel
             from rhodecode.model.settings import VcsSettingsModel
             log = logging.getLogger(__name__)
             class RepoModel(BaseModel):
                 cls = Repository
                 def _get_user_group(self, users_group):
                     return self._get_instance(UserGroup, users_group,
                                               callback=UserGroup.get_by_group_name)
                 def _get_repo_group(self, repo_group):
                     return self._get_instance(RepoGroup, repo_group,
                                               callback=RepoGroup.get_by_group_name)
                 def _create_default_perms(self, repository, private):
                     # create default permission
                     default = 'repository.read'
                     def_user = User.get_default_user()
                     for p in def_user.user_perms:
                         if p.permission.permission_name.startswith('repository.'):
                             default = p.permission.permission_name
                             break
                     default_perm = 'repository.none' if private else default
                     repo_to_perm = UserRepoToPerm()
                     repo_to_perm.permission = Permission.get_by_key(default_perm)
                     repo_to_perm.repository = repository
                     repo_to_perm.user = def_user
                     return repo_to_perm
-                @LazyProperty
-                def repos_path(self):
-                    """
-                    Gets the repositories root path from database
-                    """
-                    settings_model = VcsSettingsModel(sa=self.sa)
-                    return settings_model.get_repos_location()
                 def get(self, repo_id):
                     repo = self.sa.query(Repository) \
                         .filter(Repository.repo_id == repo_id)
                     return repo.scalar()
                 def get_repo(self, repository):
                     return self._get_repo(repository)
                 def get_by_repo_name(self, repo_name, cache=False):
                     repo = self.sa.query(Repository) \
                         .filter(Repository.repo_name == repo_name)
                     if cache:
                         name_key = _hash_key(repo_name)
                         repo = repo.options(
                             FromCache("sql_cache_short", f"get_repo_{name_key}"))
                     return repo.scalar()
                 def _extract_id_from_repo_name(self, repo_name):
                     if repo_name.startswith('/'):
                         repo_name = repo_name.lstrip('/')
                     by_id_match = re.match(r'^_(\d+)', repo_name)
                     if by_id_match:
                         return by_id_match.groups()[0]
                 def get_repo_by_id(self, repo_name):
                     """
                     Extracts repo_name by id from special urls.
                     Example url is _11/repo_name
                     :param repo_name:
                     :return: repo object if matched else None
                     """
                     _repo_id = None
                     try:
                         _repo_id = self._extract_id_from_repo_name(repo_name)
                         if _repo_id:
                             return self.get(_repo_id)
                     except Exception:
                         log.exception('Failed to extract repo_name from URL')
                         if _repo_id:
                             Session().rollback()
                     return None
                 def get_repos_for_root(self, root, traverse=False):
                     if traverse:
                         like_expression = u'{}%'.format(safe_str(root))
                         repos = Repository.query().filter(
                             Repository.repo_name.like(like_expression)).all()
                     else:
                         if root and not isinstance(root, RepoGroup):
                             raise ValueError(
                                 'Root must be an instance '
                                 'of RepoGroup, got:{} instead'.format(type(root)))
                         repos = Repository.query().filter(Repository.group == root).all()
                     return repos
                 def get_url(self, repo, request=None, permalink=False):
                     if not request:
                         request = get_current_request()
                     if not request:
                         return
                     if permalink:
                         return request.route_url(
                             'repo_summary', repo_name='_{}'.format(safe_str(repo.repo_id)))
                     else:
                         return request.route_url(
                             'repo_summary', repo_name=safe_str(repo.repo_name))
                 def get_commit_url(self, repo, commit_id, request=None, permalink=False):
                     if not request:
                         request = get_current_request()
                     if not request:
                         return
                     if permalink:
                         return request.route_url(
                             'repo_commit', repo_name=safe_str(repo.repo_id),
                             commit_id=commit_id)
                     else:
                         return request.route_url(
                             'repo_commit', repo_name=safe_str(repo.repo_name),
                             commit_id=commit_id)
                 def get_repo_log(self, repo, filter_term):
                     repo_log = UserLog.query()\
                         .filter(or_(UserLog.repository_id == repo.repo_id,
                                     UserLog.repository_name == repo.repo_name))\
                         .options(joinedload(UserLog.user))\
                         .options(joinedload(UserLog.repository))\
                         .order_by(UserLog.action_date.desc())
                     repo_log = user_log_filter(repo_log, filter_term)
                     return repo_log
                 @classmethod
                 def update_commit_cache(cls, repositories=None):
                     if not repositories:
                         repositories = Repository.getAll()
                     for repo in repositories:
                         repo.update_commit_cache()
                 def get_repos_as_dict(self, repo_list=None, admin=False,
                                       super_user_actions=False, short_name=None):
                     _render = get_current_request().get_partial_renderer(
                         'rhodecode:templates/data_table/_dt_elements.mako')
                     c = _render.get_call_context()
                     h = _render.get_helpers()
                     def quick_menu(repo_name):
                         return _render('quick_menu', repo_name)
                     def repo_lnk(name, rtype, rstate, private, archived, fork_repo_name):
                         if short_name is not None:
                             short_name_var = short_name
                         else:
                             short_name_var = not admin
                         return _render('repo_name', name, rtype, rstate, private, archived, fork_repo_name,
                                        short_name=short_name_var, admin=False)
                     def last_change(last_change):
                         if admin and isinstance(last_change, datetime.datetime) and not last_change.tzinfo:
                             ts = time.time()
                             utc_offset = (datetime.datetime.fromtimestamp(ts)
                                           - datetime.datetime.utcfromtimestamp(ts)).total_seconds()
                             last_change = last_change + datetime.timedelta(seconds=utc_offset)
                         return _render("last_change", last_change)
                     def rss_lnk(repo_name):
                         return _render("rss", repo_name)
                     def atom_lnk(repo_name):
                         return _render("atom", repo_name)
                     def last_rev(repo_name, cs_cache):
                         return _render('revision', repo_name, cs_cache.get('revision'),
                                        cs_cache.get('raw_id'), cs_cache.get('author'),
                                        cs_cache.get('message'), cs_cache.get('date'))
                     def desc(desc):
                         return _render('repo_desc', desc, c.visual.stylify_metatags)
                     def state(repo_state):
                         return _render("repo_state", repo_state)
                     def repo_actions(repo_name):
                         return _render('repo_actions', repo_name, super_user_actions)
                     def user_profile(username):
                         return _render('user_profile', username)
                     repos_data = []
                     for repo in repo_list:
                         # NOTE(marcink): because we use only raw column we need to load it like that
                         changeset_cache = Repository._load_changeset_cache(
                             repo.repo_id, repo._changeset_cache)
                         row = {
                             "menu": quick_menu(repo.repo_name),
                             "name": repo_lnk(repo.repo_name, repo.repo_type, repo.repo_state,
                                              repo.private, repo.archived, repo.fork_repo_name),
                             "desc": desc(h.escape(repo.description)),
                             "last_change": last_change(repo.updated_on),
                             "last_changeset": last_rev(repo.repo_name, changeset_cache),
                             "last_changeset_raw": changeset_cache.get('revision'),
                             "owner": user_profile(repo.owner_username),
                             "state": state(repo.repo_state),
                             "rss": rss_lnk(repo.repo_name),
                             "atom": atom_lnk(repo.repo_name),
                         }
                         if admin:
                             row.update({
                                 "action": repo_actions(repo.repo_name),
                             })
                         repos_data.append(row)
                     return repos_data
                 def get_repos_data_table(
                         self, draw, start, limit,
                         search_q, order_by, order_dir,
                         auth_user, repo_group_id):
                     from rhodecode.model.scm import RepoList
                     _perms = ['repository.read', 'repository.write', 'repository.admin']
                     repos = Repository.query() \
                         .filter(Repository.group_id == repo_group_id) \
                         .all()
                     auth_repo_list = RepoList(
                         repos, perm_set=_perms,
                         extra_kwargs=dict(user=auth_user))
                     allowed_ids = [-1]
                     for repo in auth_repo_list:
                         allowed_ids.append(repo.repo_id)
                     repos_data_total_count = Repository.query() \
                         .filter(Repository.group_id == repo_group_id) \
                         .filter(or_(
                             # generate multiple IN to fix limitation problems
                             *in_filter_generator(Repository.repo_id, allowed_ids))
                         ) \
                         .count()
                     RepoFork = aliased(Repository)
                     OwnerUser = aliased(User)
                     base_q = Session.query(
                         Repository.repo_id,
                         Repository.repo_name,
                         Repository.description,
                         Repository.repo_type,
                         Repository.repo_state,
                         Repository.private,
                         Repository.archived,
                         Repository.updated_on,
                         Repository._changeset_cache,
                         RepoFork.repo_name.label('fork_repo_name'),
                         OwnerUser.username.label('owner_username'),
                         ) \
                         .filter(Repository.group_id == repo_group_id) \
                         .filter(or_(
                             # generate multiple IN to fix limitation problems
                             *in_filter_generator(Repository.repo_id, allowed_ids))
                         ) \
                         .outerjoin(RepoFork, Repository.fork_id == RepoFork.repo_id) \
                         .join(OwnerUser, Repository.user_id == OwnerUser.user_id)
                     repos_data_total_filtered_count = base_q.count()
                     sort_defined = False
                     if order_by == 'repo_name':
                         sort_col = func.lower(Repository.repo_name)
                         sort_defined = True
                     elif order_by == 'user_username':
                         sort_col = User.username
                     else:
                         sort_col = getattr(Repository, order_by, None)
                     if sort_defined or sort_col:
                         if order_dir == 'asc':
                             sort_col = sort_col.asc()
                         else:
                             sort_col = sort_col.desc()
                     base_q = base_q.order_by(sort_col)
                     base_q = base_q.offset(start).limit(limit)
                     repos_list = base_q.all()
                     repos_data = RepoModel().get_repos_as_dict(
                         repo_list=repos_list, admin=False)
                     data = ({
                         'draw': draw,
                         'data': repos_data,
                         'recordsTotal': repos_data_total_count,
                         'recordsFiltered': repos_data_total_filtered_count,
                     })
                     return data
                 def _get_defaults(self, repo_name):
                     """
                     Gets information about repository, and returns a dict for
                     usage in forms
                     :param repo_name:
                     """
                     repo_info = Repository.get_by_repo_name(repo_name)
                     if repo_info is None:
                         return None
                     defaults = repo_info.get_dict()
                     defaults['repo_name'] = repo_info.just_name
                     groups = repo_info.groups_with_parents
                     parent_group = groups[-1] if groups else None
                     # we use -1 as this is how in HTML, we mark an empty group
                     defaults['repo_group'] = getattr(parent_group, 'group_id', -1)
                     keys_to_process = (
                         {'k': 'repo_type', 'strip': False},
                         {'k': 'repo_enable_downloads', 'strip': True},
                         {'k': 'repo_description', 'strip': True},
                         {'k': 'repo_enable_locking', 'strip': True},
                         {'k': 'repo_landing_rev', 'strip': True},
                         {'k': 'clone_uri', 'strip': False},
                         {'k': 'push_uri', 'strip': False},
                         {'k': 'repo_private', 'strip': True},
                         {'k': 'repo_enable_statistics', 'strip': True}
                     )
                     for item in keys_to_process:
                         attr = item['k']
                         if item['strip']:
                             attr = remove_prefix(item['k'], 'repo_')
                         val = defaults[attr]
                         if item['k'] == 'repo_landing_rev':
                             val = ':'.join(defaults[attr])
                         defaults[item['k']] = val
                         if item['k'] == 'clone_uri':
                             defaults['clone_uri_hidden'] = repo_info.clone_uri_hidden
                         if item['k'] == 'push_uri':
                             defaults['push_uri_hidden'] = repo_info.push_uri_hidden
                     # fill owner
                     if repo_info.user:
                         defaults.update({'user': repo_info.user.username})
                     else:
                         replacement_user = User.get_first_super_admin().username
                         defaults.update({'user': replacement_user})
                     return defaults
                 def update(self, repo, **kwargs):
                     try:
                         cur_repo = self._get_repo(repo)
                         source_repo_name = cur_repo.repo_name
                         affected_user_ids = []
                         if 'user' in kwargs:
                             old_owner_id = cur_repo.user.user_id
                             new_owner = User.get_by_username(kwargs['user'])
                             cur_repo.user = new_owner
                             if old_owner_id != new_owner.user_id:
                                 affected_user_ids = [new_owner.user_id, old_owner_id]
                         if 'repo_group' in kwargs:
                             cur_repo.group = RepoGroup.get(kwargs['repo_group'])
                         log.debug('Updating repo %s with params:%s', cur_repo, kwargs)
                         update_keys = [
                             (1, 'repo_description'),
                             (1, 'repo_landing_rev'),
                             (1, 'repo_private'),
                             (1, 'repo_enable_downloads'),
                             (1, 'repo_enable_locking'),
                             (1, 'repo_enable_statistics'),
                             (0, 'clone_uri'),
                             (0, 'push_uri'),
                             (0, 'fork_id')
                         ]
                         for strip, k in update_keys:
                             if k in kwargs:
                                 val = kwargs[k]
                                 if strip:
                                     k = remove_prefix(k, 'repo_')
                                 setattr(cur_repo, k, val)
                         new_name = cur_repo.get_new_name(kwargs['repo_name'])
                         cur_repo.repo_name = new_name
                         # if private flag is set, reset default permission to NONE
                         if kwargs.get('repo_private'):
                             EMPTY_PERM = 'repository.none'
                             RepoModel().grant_user_permission(
                                 repo=cur_repo, user=User.DEFAULT_USER, perm=EMPTY_PERM
                             )
                         if kwargs.get('repo_landing_rev'):
                             landing_rev_val = kwargs['repo_landing_rev']
                             RepoModel().set_landing_rev(cur_repo, landing_rev_val)
                         # handle extra fields
                         for field in filter(lambda k: k.startswith(RepositoryField.PREFIX), kwargs):
                             k = RepositoryField.un_prefix_key(field)
                             ex_field = RepositoryField.get_by_key_name(
                                 key=k, repo=cur_repo)
                             if ex_field:
                                 ex_field.field_value = kwargs[field]
                                 self.sa.add(ex_field)
                         self.sa.add(cur_repo)
                         if source_repo_name != new_name:
                             # rename repository
                             self._rename_filesystem_repo(
                                 old=source_repo_name, new=new_name)
                         if affected_user_ids:
                             PermissionModel().trigger_permission_flush(affected_user_ids)
                         return cur_repo
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def _create_repo(self, repo_name, repo_type, description, owner,
                                  private=False, clone_uri=None, repo_group=None,
                                  landing_rev=None, fork_of=None,
                                  copy_fork_permissions=False, enable_statistics=False,
                                  enable_locking=False, enable_downloads=False,
                                  copy_group_permissions=False,
                                  state=Repository.STATE_PENDING):
                     """
                     Create repository inside database with PENDING state, this should be
                     only executed by create() repo. With exception of importing existing
                     repos
                     """
                     from rhodecode.model.scm import ScmModel
                     owner = self._get_user(owner)
                     fork_of = self._get_repo(fork_of)
                     repo_group = self._get_repo_group(safe_int(repo_group))
                     default_landing_ref, _lbl = ScmModel.backend_landing_ref(repo_type)
                     landing_rev = landing_rev or default_landing_ref
                     try:
                         repo_name = safe_str(repo_name)
                         description = safe_str(description)
                         # repo name is just a name of repository
                         # while repo_name_full is a full qualified name that is combined
                         # with name and path of group
                         repo_name_full = repo_name
                         repo_name = repo_name.split(Repository.NAME_SEP)[-1]
                         new_repo = Repository()
                         new_repo.repo_state = state
                         new_repo.enable_statistics = False
                         new_repo.repo_name = repo_name_full
                         new_repo.repo_type = repo_type
                         new_repo.user = owner
                         new_repo.group = repo_group
                         new_repo.description = description or repo_name
                         new_repo.private = private
                         new_repo.archived = False
                         new_repo.clone_uri = clone_uri
                         new_repo.landing_rev = landing_rev
                         new_repo.enable_statistics = enable_statistics
                         new_repo.enable_locking = enable_locking
                         new_repo.enable_downloads = enable_downloads
                         if repo_group:
                             new_repo.enable_locking = repo_group.enable_locking
                         if fork_of:
                             parent_repo = fork_of
                             new_repo.fork = parent_repo
                         events.trigger(events.RepoPreCreateEvent(new_repo))
                         self.sa.add(new_repo)
                         EMPTY_PERM = 'repository.none'
                         if fork_of and copy_fork_permissions:
                             repo = fork_of
                             user_perms = UserRepoToPerm.query() \
                                 .filter(UserRepoToPerm.repository == repo).all()
                             group_perms = UserGroupRepoToPerm.query() \
                                 .filter(UserGroupRepoToPerm.repository == repo).all()
                             for perm in user_perms:
                                 UserRepoToPerm.create(
                                     perm.user, new_repo, perm.permission)
                             for perm in group_perms:
                                 UserGroupRepoToPerm.create(
                                     perm.users_group, new_repo, perm.permission)
                             # in case we copy permissions and also set this repo to private
                             # override the default user permission to make it a private repo
                             if private:
                                 RepoModel(self.sa).grant_user_permission(
                                     repo=new_repo, user=User.DEFAULT_USER, perm=EMPTY_PERM)
                         elif repo_group and copy_group_permissions:
                             user_perms = UserRepoGroupToPerm.query() \
                                 .filter(UserRepoGroupToPerm.group == repo_group).all()
                             group_perms = UserGroupRepoGroupToPerm.query() \
                                 .filter(UserGroupRepoGroupToPerm.group == repo_group).all()
                             for perm in user_perms:
                                 perm_name = perm.permission.permission_name.replace(
                                     'group.', 'repository.')
                                 perm_obj = Permission.get_by_key(perm_name)
                                 UserRepoToPerm.create(perm.user, new_repo, perm_obj)
                             for perm in group_perms:
                                 perm_name = perm.permission.permission_name.replace(
                                     'group.', 'repository.')
                                 perm_obj = Permission.get_by_key(perm_name)
                                 UserGroupRepoToPerm.create(perm.users_group, new_repo, perm_obj)
                             if private:
                                 RepoModel(self.sa).grant_user_permission(
                                     repo=new_repo, user=User.DEFAULT_USER, perm=EMPTY_PERM)
                         else:
                             perm_obj = self._create_default_perms(new_repo, private)
                             self.sa.add(perm_obj)
                         # now automatically start following this repository as owner
                         ScmModel(self.sa).toggle_following_repo(new_repo.repo_id, owner.user_id)
                         # we need to flush here, in order to check if database won't
                         # throw any exceptions, create filesystem dirs at the very end
                         self.sa.flush()
                         events.trigger(events.RepoCreateEvent(new_repo, actor=owner))
                         return new_repo
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def create(self, form_data, cur_user):
                     """
                     Create repository using celery tasks
                     :param form_data:
                     :param cur_user:
                     """
                     from rhodecode.lib.celerylib import tasks, run_task
                     return run_task(tasks.create_repo, form_data, cur_user)
                 def update_permissions(self, repo, perm_additions=None, perm_updates=None,
                                        perm_deletions=None, check_perms=True,
                                        cur_user=None):
                     if not perm_additions:
                         perm_additions = []
                     if not perm_updates:
                         perm_updates = []
                     if not perm_deletions:
                         perm_deletions = []
                     req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin')
                     changes = {
                         'added': [],
                         'updated': [],
                         'deleted': [],
                         'default_user_changed': None
                     }
                     repo = self._get_repo(repo)
                     # update permissions
                     for member_id, perm, member_type in perm_updates:
                         member_id = int(member_id)
                         if member_type == 'user':
                             member_name = User.get(member_id).username
                             if member_name == User.DEFAULT_USER:
                                 # NOTE(dan): detect if we changed permissions for default user
                                 perm_obj = self.sa.query(UserRepoToPerm) \
                                     .filter(UserRepoToPerm.user_id == member_id) \
                                     .filter(UserRepoToPerm.repository == repo) \
                                     .scalar()
                                 if perm_obj and perm_obj.permission.permission_name != perm:
                                     changes['default_user_changed'] = True
                             # this updates also current one if found
                             self.grant_user_permission(
                                 repo=repo, user=member_id, perm=perm)
                         elif member_type == 'user_group':
                             # check if we have permissions to alter this usergroup
                             member_name = UserGroup.get(member_id).users_group_name
                             if not check_perms or HasUserGroupPermissionAny(
                                     *req_perms)(member_name, user=cur_user):
                                 self.grant_user_group_permission(
                                     repo=repo, group_name=member_id, perm=perm)
                         else:
                             raise ValueError("member_type must be 'user' or 'user_group' "
                                              "got {} instead".format(member_type))
                         changes['updated'].append({'type': member_type, 'id': member_id,
                                                    'name': member_name, 'new_perm': perm})
                     # set new permissions
                     for member_id, perm, member_type in perm_additions:
                         member_id = int(member_id)
                         if member_type == 'user':
                             member_name = User.get(member_id).username
                             self.grant_user_permission(
                                 repo=repo, user=member_id, perm=perm)
                         elif member_type == 'user_group':
                             # check if we have permissions to alter this usergroup
                             member_name = UserGroup.get(member_id).users_group_name
                             if not check_perms or HasUserGroupPermissionAny(
                                     *req_perms)(member_name, user=cur_user):
                                 self.grant_user_group_permission(
                                     repo=repo, group_name=member_id, perm=perm)
                         else:
                             raise ValueError("member_type must be 'user' or 'user_group' "
                                              "got {} instead".format(member_type))
                         changes['added'].append({'type': member_type, 'id': member_id,
                                                  'name': member_name, 'new_perm': perm})
                     # delete permissions
                     for member_id, perm, member_type in perm_deletions:
                         member_id = int(member_id)
                         if member_type == 'user':
                             member_name = User.get(member_id).username
                             self.revoke_user_permission(repo=repo, user=member_id)
                         elif member_type == 'user_group':
                             # check if we have permissions to alter this usergroup
                             member_name = UserGroup.get(member_id).users_group_name
                             if not check_perms or HasUserGroupPermissionAny(
                                     *req_perms)(member_name, user=cur_user):
                                 self.revoke_user_group_permission(
                                     repo=repo, group_name=member_id)
                         else:
                             raise ValueError("member_type must be 'user' or 'user_group' "
                                              "got {} instead".format(member_type))
                         changes['deleted'].append({'type': member_type, 'id': member_id,
                                                    'name': member_name, 'new_perm': perm})
                     return changes
                 def create_fork(self, form_data, cur_user):
                     """
                     Simple wrapper into executing celery task for fork creation
                     :param form_data:
                     :param cur_user:
                     """
                     from rhodecode.lib.celerylib import tasks, run_task
                     return run_task(tasks.create_repo_fork, form_data, cur_user)
                 def archive(self, repo):
                     """
                     Archive given repository. Set archive flag.
                     :param repo:
                     """
                     repo = self._get_repo(repo)
                     if repo:
                         try:
                             repo.archived = True
                             self.sa.add(repo)
                             self.sa.commit()
                         except Exception:
                             log.error(traceback.format_exc())
                             raise
                 def delete(self, repo, forks=None, pull_requests=None, fs_remove=True, cur_user=None):
                     """
                     Delete given repository, forks parameter defines what do do with
                     attached forks. Throws AttachedForksError if deleted repo has attached
                     forks
                     :param repo:
                     :param forks: str 'delete' or 'detach'
                     :param pull_requests: str 'delete' or None
                     :param fs_remove: remove(archive) repo from filesystem
                     """
                     if not cur_user:
                         cur_user = getattr(get_current_rhodecode_user(), 'username', None)
                     repo = self._get_repo(repo)
                     if repo:
                         if forks == 'detach':
                             for r in repo.forks:
                                 r.fork = None
                                 self.sa.add(r)
                         elif forks == 'delete':
                             for r in repo.forks:
                                 self.delete(r, forks='delete')
                         elif [f for f in repo.forks]:
                             raise AttachedForksError()
                         # check for pull requests
                         pr_sources = repo.pull_requests_source
                         pr_targets = repo.pull_requests_target
                         if pull_requests != 'delete' and (pr_sources or pr_targets):
                             raise AttachedPullRequestsError()
                         old_repo_dict = repo.get_dict()
                         events.trigger(events.RepoPreDeleteEvent(repo))
                         try:
                             self.sa.delete(repo)
                             if fs_remove:
                                 self._delete_filesystem_repo(repo)
                             else:
                                 log.debug('skipping removal from filesystem')
                             old_repo_dict.update({
                                 'deleted_by': cur_user,
                                 'deleted_on': time.time(),
                             })
                             hooks_base.delete_repository(**old_repo_dict)
                             events.trigger(events.RepoDeleteEvent(repo))
                         except Exception:
                             log.error(traceback.format_exc())
                             raise
                 def grant_user_permission(self, repo, user, perm):
                     """
                     Grant permission for user on given repository, or update existing one
                     if found
                     :param repo: Instance of Repository, repository_id, or repository name
                     :param user: Instance of User, user_id or username
                     :param perm: Instance of Permission, or permission_name
                     """
                     user = self._get_user(user)
                     repo = self._get_repo(repo)
                     permission = self._get_perm(perm)
                     # check if we have that permission already
                     obj = self.sa.query(UserRepoToPerm) \
                         .filter(UserRepoToPerm.user == user) \
                         .filter(UserRepoToPerm.repository == repo) \
                         .scalar()
                     if obj is None:
                         # create new !
                         obj = UserRepoToPerm()
                     obj.repository = repo
                     obj.user = user
                     obj.permission = permission
                     self.sa.add(obj)
                     log.debug('Granted perm %s to %s on %s', perm, user, repo)
                     action_logger_generic(
                         'granted permission: {} to user: {} on repo: {}'.format(
                             perm, user, repo), namespace='security.repo')
                     return obj
                 def revoke_user_permission(self, repo, user):
                     """
                     Revoke permission for user on given repository
                     :param repo: Instance of Repository, repository_id, or repository name
                     :param user: Instance of User, user_id or username
                     """
                     user = self._get_user(user)
                     repo = self._get_repo(repo)
                     obj = self.sa.query(UserRepoToPerm) \
                         .filter(UserRepoToPerm.repository == repo) \
                         .filter(UserRepoToPerm.user == user) \
                         .scalar()
                     if obj:
                         self.sa.delete(obj)
                         log.debug('Revoked perm on %s on %s', repo, user)
                         action_logger_generic(
                             'revoked permission from user: {} on repo: {}'.format(
                                 user, repo), namespace='security.repo')
                 def grant_user_group_permission(self, repo, group_name, perm):
                     """
                     Grant permission for user group on given repository, or update
                     existing one if found
                     :param repo: Instance of Repository, repository_id, or repository name
                     :param group_name: Instance of UserGroup, users_group_id,
                         or user group name
                     :param perm: Instance of Permission, or permission_name
                     """
                     repo = self._get_repo(repo)
                     group_name = self._get_user_group(group_name)
                     permission = self._get_perm(perm)
                     # check if we have that permission already
                     obj = self.sa.query(UserGroupRepoToPerm) \
                         .filter(UserGroupRepoToPerm.users_group == group_name) \
                         .filter(UserGroupRepoToPerm.repository == repo) \
                         .scalar()
                     if obj is None:
                         # create new
                         obj = UserGroupRepoToPerm()
                     obj.repository = repo
                     obj.users_group = group_name
                     obj.permission = permission
                     self.sa.add(obj)
                     log.debug('Granted perm %s to %s on %s', perm, group_name, repo)
                     action_logger_generic(
                         'granted permission: {} to usergroup: {} on repo: {}'.format(
                             perm, group_name, repo), namespace='security.repo')
                     return obj
                 def revoke_user_group_permission(self, repo, group_name):
                     """
                     Revoke permission for user group on given repository
                     :param repo: Instance of Repository, repository_id, or repository name
                     :param group_name: Instance of UserGroup, users_group_id,
                         or user group name
                     """
                     repo = self._get_repo(repo)
                     group_name = self._get_user_group(group_name)
                     obj = self.sa.query(UserGroupRepoToPerm) \
                         .filter(UserGroupRepoToPerm.repository == repo) \
                         .filter(UserGroupRepoToPerm.users_group == group_name) \
                         .scalar()
                     if obj:
                         self.sa.delete(obj)
                         log.debug('Revoked perm to %s on %s', repo, group_name)
                         action_logger_generic(
                             'revoked permission from usergroup: {} on repo: {}'.format(
                                 group_name, repo), namespace='security.repo')
                 def delete_stats(self, repo_name):
                     """
                     removes stats for given repo
                     :param repo_name:
                     """
                     repo = self._get_repo(repo_name)
                     try:
                         obj = self.sa.query(Statistics) \
                             .filter(Statistics.repository == repo).scalar()
                         if obj:
                             self.sa.delete(obj)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def add_repo_field(self, repo_name, field_key, field_label, field_value='',
                                    field_type='str', field_desc=''):
                     repo = self._get_repo(repo_name)
                     new_field = RepositoryField()
                     new_field.repository = repo
                     new_field.field_key = field_key
                     new_field.field_type = field_type  # python type
                     new_field.field_value = field_value
                     new_field.field_desc = field_desc
                     new_field.field_label = field_label
                     self.sa.add(new_field)
                     return new_field
                 def delete_repo_field(self, repo_name, field_key):
                     repo = self._get_repo(repo_name)
                     field = RepositoryField.get_by_key_name(field_key, repo)
                     if field:
                         self.sa.delete(field)
                 def set_landing_rev(self, repo, landing_rev_name):
                     if landing_rev_name.startswith('branch:'):
                         landing_rev_name = landing_rev_name.split('branch:')[-1]
                     scm_instance = repo.scm_instance()
                     if scm_instance:
                         return scm_instance._remote.set_head_ref(landing_rev_name)
                 def _create_filesystem_repo(self, repo_name, repo_type, repo_group,
                                             clone_uri=None, repo_store_location=None,
                                             use_global_config=False, install_hooks=True):
                     """
                     makes repository on filesystem. It's group aware means it'll create
                     a repository within a group, and alter the paths accordingly of
                     group location
                     :param repo_name:
                     :param alias:
                     :param parent:
                     :param clone_uri:
                     :param repo_store_location:
                     """
                     from rhodecode.lib.utils import is_valid_repo, is_valid_repo_group
                     from rhodecode.model.scm import ScmModel
                     if Repository.NAME_SEP in repo_name:
                         raise ValueError(
                             'repo_name must not contain groups got `%s`' % repo_name)
                     if isinstance(repo_group, RepoGroup):
                         new_parent_path = os.sep.join(repo_group.full_path_splitted)
                     else:
                         new_parent_path = repo_group or ''
                     if repo_store_location:
                         _paths = [repo_store_location]
                     else:
                         _paths = [self.repos_path, new_parent_path, repo_name]
                         # we need to make it str for mercurial
                     repo_path = os.path.join(*map(lambda x: safe_str(x), _paths))
                     # check if this path is not a repository
                     if is_valid_repo(repo_path, self.repos_path):
                         raise Exception(f'This path {repo_path} is a valid repository')
                     # check if this path is a group
                     if is_valid_repo_group(repo_path, self.repos_path):
                         raise Exception(f'This path {repo_path} is a valid group')
                     log.info('creating repo %s in %s from url: `%s`',
                              repo_name, safe_str(repo_path),
                              obfuscate_url_pw(clone_uri))
                     backend = get_backend(repo_type)
                     config_repo = None if use_global_config else repo_name
                     if config_repo and new_parent_path:
                         config_repo = Repository.NAME_SEP.join(
                             (new_parent_path, config_repo))
                     config = make_db_config(clear_session=False, repo=config_repo)
                     config.set('extensions', 'largefiles', '')
                     # patch and reset hooks section of UI config to not run any
                     # hooks on creating remote repo
                     config.clear_section('hooks')
                     # TODO: johbo: Unify this, hardcoded "bare=True" does not look nice
                     if repo_type == 'git':
                         repo = backend(
                             repo_path, config=config, create=True, src_url=clone_uri, bare=True,
                             with_wire={"cache": False})
                     else:
                         repo = backend(
                             repo_path, config=config, create=True, src_url=clone_uri,
                             with_wire={"cache": False})
                     if install_hooks:
                         repo.install_hooks()
                     log.debug('Created repo %s with %s backend',
                               safe_str(repo_name), safe_str(repo_type))
                     return repo
                 def _rename_filesystem_repo(self, old, new):
                     """
                     renames repository on filesystem
                     :param old: old name
                     :param new: new name
                     """
                     log.info('renaming repo from %s to %s', old, new)
                     old_path = os.path.join(self.repos_path, old)
                     new_path = os.path.join(self.repos_path, new)
                     if os.path.isdir(new_path):
                         raise Exception(
                             'Was trying to rename to already existing dir %s' % new_path
                         )
                     shutil.move(old_path, new_path)
                 def _delete_filesystem_repo(self, repo):
                     """
                     removes repo from filesystem, the removal is actually made by
                     added rm__ prefix into dir, and rename internal .hg/.git dirs so this
                     repository is no longer valid for rhodecode, can be undeleted later on
                     by reverting the renames on this repository
                     :param repo: repo object
                     """
                     rm_path = os.path.join(self.repos_path, repo.repo_name)
                     repo_group = repo.group
                     log.info("delete_filesystem_repo: removing repository %s", rm_path)
                     # disable hg/git internal that it doesn't get detected as repo
                     alias = repo.repo_type
                     config = make_db_config(clear_session=False)
                     config.set('extensions', 'largefiles', '')
                     bare = getattr(repo.scm_instance(config=config), 'bare', False)
                     # skip this for bare git repos
                     if not bare:
                         # disable VCS repo
                         vcs_path = os.path.join(rm_path, '.%s' % alias)
                         if os.path.exists(vcs_path):
                             shutil.move(vcs_path, os.path.join(rm_path, 'rm__.%s' % alias))
                     _now = datetime.datetime.now()
                     _ms = str(_now.microsecond).rjust(6, '0')
                     _d = 'rm__{}__{}'.format(_now.strftime('%Y%m%d_%H%M%S_' + _ms),
                                          repo.just_name)
                     if repo_group:
                         # if repository is in group, prefix the removal path with the group
                         args = repo_group.full_path_splitted + [_d]
                         _d = os.path.join(*args)
                     if os.path.isdir(rm_path):
                         shutil.move(rm_path, os.path.join(self.repos_path, _d))
                     # finally cleanup diff-cache if it exists
                     cached_diffs_dir = repo.cached_diffs_dir
                     if os.path.isdir(cached_diffs_dir):
                         shutil.rmtree(cached_diffs_dir)
             class ReadmeFinder:
                 """
                 Utility which knows how to find a readme for a specific commit.
                 The main idea is that this is a configurable algorithm. When creating an
                 instance you can define parameters, currently only the `default_renderer`.
                 Based on this configuration the method :meth:`search` behaves slightly
                 different.
                 """
                 readme_re = re.compile(r'^readme(\.[^\.]+)?$', re.IGNORECASE)
                 path_re = re.compile(r'^docs?', re.IGNORECASE)
                 default_priorities = {
                     None:        0,
                     '.rst':      1,
                     '.md':       1,
                     '.rest':     2,
                     '.mkdn':     2,
                     '.text':     2,
                     '.txt':      3,
                     '.mdown':    3,
                     '.markdown': 4,
                 }
                 path_priority = {
                     'doc':  0,
                     'docs': 1,
                 }
                 FALLBACK_PRIORITY = 99
                 RENDERER_TO_EXTENSION = {
                     'rst': ['.rst', '.rest'],
                     'markdown': ['.md', 'mkdn', '.mdown', '.markdown'],
                 }
                 def __init__(self, default_renderer=None):
                     self._default_renderer = default_renderer
                     self._renderer_extensions = self.RENDERER_TO_EXTENSION.get(
                         default_renderer, [])
                 def search(self, commit, path='/'):
                     """
                     Find a readme in the given `commit`.
                     """
                     # firstly, check the PATH type if it is actually a DIR
                     if commit.get_node(path).kind != NodeKind.DIR:
                         return None
                     nodes = commit.get_nodes(path)
                     matches = self._match_readmes(nodes)
                     matches = self._sort_according_to_priority(matches)
                     if matches:
                         return matches[0].node
                     paths = self._match_paths(nodes)
                     paths = self._sort_paths_according_to_priority(paths)
                     for path in paths:
                         match = self.search(commit, path=path)
                         if match:
                             return match
                     return None
                 def _match_readmes(self, nodes):
                     for node in nodes:
                         if not node.is_file():
                             continue
                         path = node.path.rsplit('/', 1)[-1]
                         match = self.readme_re.match(path)
                         if match:
                             extension = match.group(1)
                             yield ReadmeMatch(node, match, self._priority(extension))
                 def _match_paths(self, nodes):
                     for node in nodes:
                         if not node.is_dir():
                             continue
                         match = self.path_re.match(node.path)
                         if match:
                             yield node.path
                 def _priority(self, extension):
                     renderer_priority = (
 if extension in self._renderer_extensions else 1)
                     extension_priority = self.default_priorities.get(
                         extension, self.FALLBACK_PRIORITY)
                     return (renderer_priority, extension_priority)
                 def _sort_according_to_priority(self, matches):
                     def priority_and_path(match):
                         return (match.priority, match.path)
                     return sorted(matches, key=priority_and_path)
                 def _sort_paths_according_to_priority(self, paths):
                     def priority_and_path(path):
                         return (self.path_priority.get(path, self.FALLBACK_PRIORITY), path)
                     return sorted(paths, key=priority_and_path)
             class ReadmeMatch:
                 def __init__(self, node, match, priority):
                     self.node = node
                     self._match = match
                     self.priority = priority
                 @property
                 def path(self):
                     return self.node.path
                 def __repr__(self):
                     return f'<ReadmeMatch {self.path} priority={self.priority}'

rhodecode/model/repo_group.py

0 0 -9

             # Copyright (C) 2011-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             repo group model for RhodeCode
             """
             import os
             import datetime
             import itertools
             import logging
             import shutil
             import time
             import traceback
             import string
             from zope.cachedescriptors.property import Lazy as LazyProperty
             from rhodecode import events
             from rhodecode.model import BaseModel
             from rhodecode.model.db import (_hash_key, func, or_, in_filter_generator,
                 Session, RepoGroup, UserRepoGroupToPerm, User, Permission, UserGroupRepoGroupToPerm,
                 UserGroup, Repository)
             from rhodecode.model.permission import PermissionModel
             from rhodecode.model.settings import VcsSettingsModel, SettingsModel
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.lib.utils2 import action_logger_generic
             log = logging.getLogger(__name__)
             class RepoGroupModel(BaseModel):
                 cls = RepoGroup
                 PERSONAL_GROUP_DESC = 'personal repo group of user `%(username)s`'
                 PERSONAL_GROUP_PATTERN = '${username}'  # default
                 def _get_user_group(self, users_group):
                     return self._get_instance(UserGroup, users_group,
                                               callback=UserGroup.get_by_group_name)
                 def _get_repo_group(self, repo_group):
                     return self._get_instance(RepoGroup, repo_group,
                                               callback=RepoGroup.get_by_group_name)
                 def get_repo_group(self, repo_group):
                     return self._get_repo_group(repo_group)
-                @LazyProperty
-                def repos_path(self):
-                    """
-                    Gets the repositories root path from database
-                    """
-                    settings_model = VcsSettingsModel(sa=self.sa)
-                    return settings_model.get_repos_location()
                 def get_by_group_name(self, repo_group_name, cache=None):
                     repo = self.sa.query(RepoGroup) \
                         .filter(RepoGroup.group_name == repo_group_name)
                     if cache:
                         name_key = _hash_key(repo_group_name)
                         repo = repo.options(
                             FromCache("sql_cache_short", f"get_repo_group_{name_key}"))
                     return repo.scalar()
                 def get_default_create_personal_repo_group(self):
                     value = SettingsModel().get_setting_by_name(
                         'create_personal_repo_group')
                     return value.app_settings_value if value else None or False
                 def get_personal_group_name_pattern(self):
                     value = SettingsModel().get_setting_by_name(
                         'personal_repo_group_pattern')
                     val = value.app_settings_value if value else None
                     group_template = val or self.PERSONAL_GROUP_PATTERN
                     group_template = group_template.lstrip('/')
                     return group_template
                 def get_personal_group_name(self, user):
                     template = self.get_personal_group_name_pattern()
                     return string.Template(template).safe_substitute(
                         username=user.username,
                         user_id=user.user_id,
                         first_name=user.first_name,
                         last_name=user.last_name,
                     )
                 def create_personal_repo_group(self, user, commit_early=True):
                     desc = self.PERSONAL_GROUP_DESC % {'username': user.username}
                     personal_repo_group_name = self.get_personal_group_name(user)
                     # create a new one
                     RepoGroupModel().create(
                         group_name=personal_repo_group_name,
                         group_description=desc,
                         owner=user.username,
                         personal=True,
                         commit_early=commit_early)
                 def _create_default_perms(self, new_group):
                     # create default permission
                     default_perm = 'group.read'
                     def_user = User.get_default_user()
                     for p in def_user.user_perms:
                         if p.permission.permission_name.startswith('group.'):
                             default_perm = p.permission.permission_name
                             break
                     repo_group_to_perm = UserRepoGroupToPerm()
                     repo_group_to_perm.permission = Permission.get_by_key(default_perm)
                     repo_group_to_perm.group = new_group
                     repo_group_to_perm.user = def_user
                     return repo_group_to_perm
                 def _get_group_name_and_parent(self, group_name_full, repo_in_path=False,
                                                get_object=False):
                     """
                     Get's the group name and a parent group name from given group name.
                     If repo_in_path is set to truth, we asume the full path also includes
                     repo name, in such case we clean the last element.
                     :param group_name_full:
                     """
                     split_paths = 1
                     if repo_in_path:
                         split_paths = 2
                     _parts = group_name_full.rsplit(RepoGroup.url_sep(), split_paths)
                     if repo_in_path and len(_parts) > 1:
                         # such case last element is the repo_name
                         _parts.pop(-1)
                     group_name_cleaned = _parts[-1]  # just the group name
                     parent_repo_group_name = None
                     if len(_parts) > 1:
                         parent_repo_group_name = _parts[0]
                     parent_group = None
                     if parent_repo_group_name:
                         parent_group = RepoGroup.get_by_group_name(parent_repo_group_name)
                     if get_object:
                         return group_name_cleaned, parent_repo_group_name, parent_group
                     return group_name_cleaned, parent_repo_group_name
                 def check_exist_filesystem(self, group_name, exc_on_failure=True):
                     create_path = os.path.join(self.repos_path, group_name)
                     log.debug('creating new group in %s', create_path)
                     if os.path.isdir(create_path):
                         if exc_on_failure:
                             abs_create_path = os.path.abspath(create_path)
                             raise Exception(f'Directory `{abs_create_path}` already exists !')
                         return False
                     return True
                 def _create_group(self, group_name):
                     """
                     makes repository group on filesystem
                     :param repo_name:
                     :param parent_id:
                     """
                     self.check_exist_filesystem(group_name)
                     create_path = os.path.join(self.repos_path, group_name)
                     log.debug('creating new group in %s', create_path)
                     os.makedirs(create_path, mode=0o755)
                     log.debug('created group in %s', create_path)
                 def _rename_group(self, old, new):
                     """
                     Renames a group on filesystem
                     :param group_name:
                     """
                     if old == new:
                         log.debug('skipping group rename')
                         return
                     log.debug('renaming repository group from %s to %s', old, new)
                     old_path = os.path.join(self.repos_path, old)
                     new_path = os.path.join(self.repos_path, new)
                     log.debug('renaming repos paths from %s to %s', old_path, new_path)
                     if os.path.isdir(new_path):
                         raise Exception('Was trying to rename to already '
                                         'existing dir %s' % new_path)
                     shutil.move(old_path, new_path)
                 def _delete_filesystem_group(self, group, force_delete=False):
                     """
                     Deletes a group from a filesystem
                     :param group: instance of group from database
                     :param force_delete: use shutil rmtree to remove all objects
                     """
                     paths = group.full_path.split(RepoGroup.url_sep())
                     paths = os.sep.join(paths)
                     rm_path = os.path.join(self.repos_path, paths)
                     log.info("Removing group %s", rm_path)
                     # delete only if that path really exists
                     if os.path.isdir(rm_path):
                         if force_delete:
                             shutil.rmtree(rm_path)
                         else:
                             # archive that group`
                             _now = datetime.datetime.now()
                             _ms = str(_now.microsecond).rjust(6, '0')
                             _d = 'rm__{}_GROUP_{}'.format(
                                 _now.strftime('%Y%m%d_%H%M%S_' + _ms), group.name)
                             shutil.move(rm_path, os.path.join(self.repos_path, _d))
                 def create(self, group_name, group_description, owner, just_db=False,
                            copy_permissions=False, personal=None, commit_early=True):
                     (group_name_cleaned,
                      parent_group_name) = RepoGroupModel()._get_group_name_and_parent(group_name)
                     parent_group = None
                     if parent_group_name:
                         parent_group = self._get_repo_group(parent_group_name)
                         if not parent_group:
                             # we tried to create a nested group, but the parent is not
                             # existing
                             raise ValueError(
                                 'Parent group `%s` given in `%s` group name '
                                 'is not yet existing.' % (parent_group_name, group_name))
                     # because we are doing a cleanup, we need to check if such directory
                     # already exists. If we don't do that we can accidentally delete
                     # existing directory via cleanup that can cause data issues, since
                     # delete does a folder rename to special syntax later cleanup
                     # functions can delete this
                     cleanup_group = self.check_exist_filesystem(group_name,
                                                                 exc_on_failure=False)
                     user = self._get_user(owner)
                     if not user:
                         raise ValueError('Owner %s not found as rhodecode user', owner)
                     try:
                         new_repo_group = RepoGroup()
                         new_repo_group.user = user
                         new_repo_group.group_description = group_description or group_name
                         new_repo_group.parent_group = parent_group
                         new_repo_group.group_name = group_name
                         new_repo_group.personal = personal
                         self.sa.add(new_repo_group)
                         # create an ADMIN permission for owner except if we're super admin,
                         # later owner should go into the owner field of groups
                         if not user.is_admin:
                             self.grant_user_permission(repo_group=new_repo_group,
                                                        user=owner, perm='group.admin')
                         if parent_group and copy_permissions:
                             # copy permissions from parent
                             user_perms = UserRepoGroupToPerm.query() \
                                 .filter(UserRepoGroupToPerm.group == parent_group).all()
                             group_perms = UserGroupRepoGroupToPerm.query() \
                                 .filter(UserGroupRepoGroupToPerm.group == parent_group).all()
                             for perm in user_perms:
                                 # don't copy over the permission for user who is creating
                                 # this group, if he is not super admin he get's admin
                                 # permission set above
                                 if perm.user != user or user.is_admin:
                                     UserRepoGroupToPerm.create(
                                         perm.user, new_repo_group, perm.permission)
                             for perm in group_perms:
                                 UserGroupRepoGroupToPerm.create(
                                     perm.users_group, new_repo_group, perm.permission)
                         else:
                             perm_obj = self._create_default_perms(new_repo_group)
                             self.sa.add(perm_obj)
                         # now commit the changes, earlier so we are sure everything is in
                         # the database.
                         if commit_early:
                             self.sa.commit()
                         if not just_db:
                             self._create_group(new_repo_group.group_name)
                         # trigger the post hook
                         from rhodecode.lib import hooks_base
                         repo_group = RepoGroup.get_by_group_name(group_name)
                         # update repo group commit caches initially
                         repo_group.update_commit_cache()
                         hooks_base.create_repository_group(
                             created_by=user.username, **repo_group.get_dict())
                         # Trigger create event.
                         events.trigger(events.RepoGroupCreateEvent(repo_group))
                         return new_repo_group
                     except Exception:
                         self.sa.rollback()
                         log.exception('Exception occurred when creating repository group, '
                                       'doing cleanup...')
                         # rollback things manually !
                         repo_group = RepoGroup.get_by_group_name(group_name)
                         if repo_group:
                             RepoGroup.delete(repo_group.group_id)
                             self.sa.commit()
                             if cleanup_group:
                                 RepoGroupModel()._delete_filesystem_group(repo_group)
                         raise
                 def update_permissions(
                         self, repo_group, perm_additions=None, perm_updates=None,
                         perm_deletions=None, recursive=None, check_perms=True,
                         cur_user=None):
                     from rhodecode.model.repo import RepoModel
                     from rhodecode.lib.auth import HasUserGroupPermissionAny
                     if not perm_additions:
                         perm_additions = []
                     if not perm_updates:
                         perm_updates = []
                     if not perm_deletions:
                         perm_deletions = []
                     req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin')
                     changes = {
                         'added': [],
                         'updated': [],
                         'deleted': [],
                         'default_user_changed': None
                     }
                     def _set_perm_user(obj, user, perm):
                         if isinstance(obj, RepoGroup):
                             self.grant_user_permission(
                                 repo_group=obj, user=user, perm=perm)
                         elif isinstance(obj, Repository):
                             # private repos will not allow to change the default
                             # permissions using recursive mode
                             if obj.private and user == User.DEFAULT_USER:
                                 return
                             # we set group permission but we have to switch to repo
                             # permission
                             perm = perm.replace('group.', 'repository.')
                             RepoModel().grant_user_permission(
                                 repo=obj, user=user, perm=perm)
                     def _set_perm_group(obj, users_group, perm):
                         if isinstance(obj, RepoGroup):
                             self.grant_user_group_permission(
                                 repo_group=obj, group_name=users_group, perm=perm)
                         elif isinstance(obj, Repository):
                             # we set group permission but we have to switch to repo
                             # permission
                             perm = perm.replace('group.', 'repository.')
                             RepoModel().grant_user_group_permission(
                                 repo=obj, group_name=users_group, perm=perm)
                     def _revoke_perm_user(obj, user):
                         if isinstance(obj, RepoGroup):
                             self.revoke_user_permission(repo_group=obj, user=user)
                         elif isinstance(obj, Repository):
                             RepoModel().revoke_user_permission(repo=obj, user=user)
                     def _revoke_perm_group(obj, user_group):
                         if isinstance(obj, RepoGroup):
                             self.revoke_user_group_permission(
                                 repo_group=obj, group_name=user_group)
                         elif isinstance(obj, Repository):
                             RepoModel().revoke_user_group_permission(
                                 repo=obj, group_name=user_group)
                     # start updates
                     log.debug('Now updating permissions for %s in recursive mode:%s',
                               repo_group, recursive)
                     # initialize check function, we'll call that multiple times
                     has_group_perm = HasUserGroupPermissionAny(*req_perms)
                     for obj in repo_group.recursive_groups_and_repos():
                         # iterated obj is an instance of a repos group or repository in
                         # that group, recursive option can be: none, repos, groups, all
                         if recursive == 'all':
                             obj = obj
                         elif recursive == 'repos':
                             # skip groups, other than this one
                             if isinstance(obj, RepoGroup) and not obj == repo_group:
                                 continue
                         elif recursive == 'groups':
                             # skip repos
                             if isinstance(obj, Repository):
                                 continue
                         else:  # recursive == 'none':
                             #  DEFAULT option - don't apply to iterated objects
                             # also we do a break at the end of this loop. if we are not
                             # in recursive mode
                             obj = repo_group
                         change_obj = obj.get_api_data()
                         # update permissions
                         for member_id, perm, member_type in perm_updates:
                             member_id = int(member_id)
                             if member_type == 'user':
                                 member_name = User.get(member_id).username
                                 if isinstance(obj, RepoGroup) and obj == repo_group and member_name == User.DEFAULT_USER:
                                     # NOTE(dan): detect if we changed permissions for default user
                                     perm_obj = self.sa.query(UserRepoGroupToPerm) \
                                         .filter(UserRepoGroupToPerm.user_id == member_id) \
                                         .filter(UserRepoGroupToPerm.group == repo_group) \
                                         .scalar()
                                     if perm_obj and perm_obj.permission.permission_name != perm:
                                         changes['default_user_changed'] = True
                                 # this updates also current one if found
                                 _set_perm_user(obj, user=member_id, perm=perm)
                             elif member_type == 'user_group':
                                 member_name = UserGroup.get(member_id).users_group_name
                                 if not check_perms or has_group_perm(member_name,
                                                                      user=cur_user):
                                     _set_perm_group(obj, users_group=member_id, perm=perm)
                             else:
                                 raise ValueError("member_type must be 'user' or 'user_group' "
                                                  "got {} instead".format(member_type))
                             changes['updated'].append(
                                 {'change_obj': change_obj, 'type': member_type,
                                  'id': member_id, 'name': member_name, 'new_perm': perm})
                         # set new permissions
                         for member_id, perm, member_type in perm_additions:
                             member_id = int(member_id)
                             if member_type == 'user':
                                 member_name = User.get(member_id).username
                                 _set_perm_user(obj, user=member_id, perm=perm)
                             elif member_type == 'user_group':
                                 # check if we have permissions to alter this usergroup
                                 member_name = UserGroup.get(member_id).users_group_name
                                 if not check_perms or has_group_perm(member_name,
                                                                      user=cur_user):
                                     _set_perm_group(obj, users_group=member_id, perm=perm)
                             else:
                                 raise ValueError("member_type must be 'user' or 'user_group' "
                                                  "got {} instead".format(member_type))
                             changes['added'].append(
                                 {'change_obj': change_obj, 'type': member_type,
                                  'id': member_id, 'name': member_name, 'new_perm': perm})
                         # delete permissions
                         for member_id, perm, member_type in perm_deletions:
                             member_id = int(member_id)
                             if member_type == 'user':
                                 member_name = User.get(member_id).username
                                 _revoke_perm_user(obj, user=member_id)
                             elif member_type == 'user_group':
                                 # check if we have permissions to alter this usergroup
                                 member_name = UserGroup.get(member_id).users_group_name
                                 if not check_perms or has_group_perm(member_name,
                                                                      user=cur_user):
                                     _revoke_perm_group(obj, user_group=member_id)
                             else:
                                 raise ValueError("member_type must be 'user' or 'user_group' "
                                                  "got {} instead".format(member_type))
                             changes['deleted'].append(
                                 {'change_obj': change_obj, 'type': member_type,
                                  'id': member_id, 'name': member_name, 'new_perm': perm})
                         # if it's not recursive call for all,repos,groups
                         # break the loop and don't proceed with other changes
                         if recursive not in ['all', 'repos', 'groups']:
                             break
                     return changes
                 def update(self, repo_group, form_data):
                     try:
                         repo_group = self._get_repo_group(repo_group)
                         old_path = repo_group.full_path
                         # change properties
                         if 'group_description' in form_data:
                             repo_group.group_description = form_data['group_description']
                         if 'enable_locking' in form_data:
                             repo_group.enable_locking = form_data['enable_locking']
                         if 'group_parent_id' in form_data:
                             parent_group = (
                                 self._get_repo_group(form_data['group_parent_id']))
                             repo_group.group_parent_id = (
                                 parent_group.group_id if parent_group else None)
                             repo_group.parent_group = parent_group
                         # mikhail: to update the full_path, we have to explicitly
                         # update group_name
                         group_name = form_data.get('group_name', repo_group.name)
                         repo_group.group_name = repo_group.get_new_name(group_name)
                         new_path = repo_group.full_path
                         affected_user_ids = []
                         if 'user' in form_data:
                             old_owner_id = repo_group.user.user_id
                             new_owner = User.get_by_username(form_data['user'])
                             repo_group.user = new_owner
                             if old_owner_id != new_owner.user_id:
                                 affected_user_ids = [new_owner.user_id, old_owner_id]
                         self.sa.add(repo_group)
                         # iterate over all members of this groups and do fixes
                         # set locking if given
                         # if obj is a repoGroup also fix the name of the group according
                         # to the parent
                         # if obj is a Repo fix it's name
                         # this can be potentially heavy operation
                         for obj in repo_group.recursive_groups_and_repos():
                             # set the value from it's parent
                             obj.enable_locking = repo_group.enable_locking
                             if isinstance(obj, RepoGroup):
                                 new_name = obj.get_new_name(obj.name)
                                 log.debug('Fixing group %s to new name %s',
                                           obj.group_name, new_name)
                                 obj.group_name = new_name
                             elif isinstance(obj, Repository):
                                 # we need to get all repositories from this new group and
                                 # rename them accordingly to new group path
                                 new_name = obj.get_new_name(obj.just_name)
                                 log.debug('Fixing repo %s to new name %s',
                                           obj.repo_name, new_name)
                                 obj.repo_name = new_name
                             self.sa.add(obj)
                         self._rename_group(old_path, new_path)
                         # Trigger update event.
                         events.trigger(events.RepoGroupUpdateEvent(repo_group))
                         if affected_user_ids:
                             PermissionModel().trigger_permission_flush(affected_user_ids)
                         return repo_group
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def delete(self, repo_group, force_delete=False, fs_remove=True):
                     repo_group = self._get_repo_group(repo_group)
                     if not repo_group:
                         return False
                     try:
                         self.sa.delete(repo_group)
                         if fs_remove:
                             self._delete_filesystem_group(repo_group, force_delete)
                         else:
                             log.debug('skipping removal from filesystem')
                         # Trigger delete event.
                         events.trigger(events.RepoGroupDeleteEvent(repo_group))
                         return True
                     except Exception:
                         log.error('Error removing repo_group %s', repo_group)
                         raise
                 def grant_user_permission(self, repo_group, user, perm):
                     """
                     Grant permission for user on given repository group, or update
                     existing one if found
                     :param repo_group: Instance of RepoGroup, repositories_group_id,
                         or repositories_group name
                     :param user: Instance of User, user_id or username
                     :param perm: Instance of Permission, or permission_name
                     """
                     repo_group = self._get_repo_group(repo_group)
                     user = self._get_user(user)
                     permission = self._get_perm(perm)
                     # check if we have that permission already
                     obj = self.sa.query(UserRepoGroupToPerm)\
                         .filter(UserRepoGroupToPerm.user == user)\
                         .filter(UserRepoGroupToPerm.group == repo_group)\
                         .scalar()
                     if obj is None:
                         # create new !
                         obj = UserRepoGroupToPerm()
                     obj.group = repo_group
                     obj.user = user
                     obj.permission = permission
                     self.sa.add(obj)
                     log.debug('Granted perm %s to %s on %s', perm, user, repo_group)
                     action_logger_generic(
                         'granted permission: {} to user: {} on repogroup: {}'.format(
                             perm, user, repo_group), namespace='security.repogroup')
                     return obj
                 def revoke_user_permission(self, repo_group, user):
                     """
                     Revoke permission for user on given repository group
                     :param repo_group: Instance of RepoGroup, repositories_group_id,
                         or repositories_group name
                     :param user: Instance of User, user_id or username
                     """
                     repo_group = self._get_repo_group(repo_group)
                     user = self._get_user(user)
                     obj = self.sa.query(UserRepoGroupToPerm)\
                         .filter(UserRepoGroupToPerm.user == user)\
                         .filter(UserRepoGroupToPerm.group == repo_group)\
                         .scalar()
                     if obj:
                         self.sa.delete(obj)
                         log.debug('Revoked perm on %s on %s', repo_group, user)
                         action_logger_generic(
                             'revoked permission from user: {} on repogroup: {}'.format(
                                 user, repo_group), namespace='security.repogroup')
                 def grant_user_group_permission(self, repo_group, group_name, perm):
                     """
                     Grant permission for user group on given repository group, or update
                     existing one if found
                     :param repo_group: Instance of RepoGroup, repositories_group_id,
                         or repositories_group name
                     :param group_name: Instance of UserGroup, users_group_id,
                         or user group name
                     :param perm: Instance of Permission, or permission_name
                     """
                     repo_group = self._get_repo_group(repo_group)
                     group_name = self._get_user_group(group_name)
                     permission = self._get_perm(perm)
                     # check if we have that permission already
                     obj = self.sa.query(UserGroupRepoGroupToPerm)\
                         .filter(UserGroupRepoGroupToPerm.group == repo_group)\
                         .filter(UserGroupRepoGroupToPerm.users_group == group_name)\
                         .scalar()
                     if obj is None:
                         # create new
                         obj = UserGroupRepoGroupToPerm()
                     obj.group = repo_group
                     obj.users_group = group_name
                     obj.permission = permission
                     self.sa.add(obj)
                     log.debug('Granted perm %s to %s on %s', perm, group_name, repo_group)
                     action_logger_generic(
                         'granted permission: {} to usergroup: {} on repogroup: {}'.format(
                             perm, group_name, repo_group), namespace='security.repogroup')
                     return obj
                 def revoke_user_group_permission(self, repo_group, group_name):
                     """
                     Revoke permission for user group on given repository group
                     :param repo_group: Instance of RepoGroup, repositories_group_id,
                         or repositories_group name
                     :param group_name: Instance of UserGroup, users_group_id,
                         or user group name
                     """
                     repo_group = self._get_repo_group(repo_group)
                     group_name = self._get_user_group(group_name)
                     obj = self.sa.query(UserGroupRepoGroupToPerm)\
                         .filter(UserGroupRepoGroupToPerm.group == repo_group)\
                         .filter(UserGroupRepoGroupToPerm.users_group == group_name)\
                         .scalar()
                     if obj:
                         self.sa.delete(obj)
                         log.debug('Revoked perm to %s on %s', repo_group, group_name)
                         action_logger_generic(
                             'revoked permission from usergroup: {} on repogroup: {}'.format(
                                 group_name, repo_group), namespace='security.repogroup')
                 @classmethod
                 def update_commit_cache(cls, repo_groups=None):
                     if not repo_groups:
                         repo_groups = RepoGroup.getAll()
                     for repo_group in repo_groups:
                         repo_group.update_commit_cache()
                 def get_repo_groups_as_dict(self, repo_group_list=None, admin=False,
                                             super_user_actions=False):
                     from pyramid.threadlocal import get_current_request
                     _render = get_current_request().get_partial_renderer(
                         'rhodecode:templates/data_table/_dt_elements.mako')
                     c = _render.get_call_context()
                     h = _render.get_helpers()
                     def quick_menu(repo_group_name):
                         return _render('quick_repo_group_menu', repo_group_name)
                     def repo_group_lnk(repo_group_name):
                         return _render('repo_group_name', repo_group_name)
                     def last_change(last_change):
                         if admin and isinstance(last_change, datetime.datetime) and not last_change.tzinfo:
                             ts = time.time()
                             utc_offset = (datetime.datetime.fromtimestamp(ts)
                                           - datetime.datetime.utcfromtimestamp(ts)).total_seconds()
                             last_change = last_change + datetime.timedelta(seconds=utc_offset)
                         return _render("last_change", last_change)
                     def desc(desc, personal):
                         return _render(
                             'repo_group_desc', desc, personal, c.visual.stylify_metatags)
                     def repo_group_actions(repo_group_id, repo_group_name, gr_count):
                         return _render(
                             'repo_group_actions', repo_group_id, repo_group_name, gr_count)
                     def repo_group_name(repo_group_name, children_groups):
                         return _render("repo_group_name", repo_group_name, children_groups)
                     def user_profile(username):
                         return _render('user_profile', username)
                     repo_group_data = []
                     for group in repo_group_list:
                         # NOTE(marcink): because we use only raw column we need to load it like that
                         changeset_cache = RepoGroup._load_changeset_cache(
                             '', group._changeset_cache)
                         last_commit_change = RepoGroup._load_commit_change(changeset_cache)
                         row = {
                             "menu": quick_menu(group.group_name),
                             "name": repo_group_lnk(group.group_name),
                             "name_raw": group.group_name,
                             "last_change": last_change(last_commit_change),
                             "last_changeset": "",
                             "last_changeset_raw": "",
                             "desc": desc(h.escape(group.group_description), group.personal),
                             "top_level_repos": 0,
                             "owner": user_profile(group.User.username)
                         }
                         if admin:
                             repo_count = group.repositories.count()
                             children_groups = list(map(
                                 h.safe_str,
                                 itertools.chain((g.name for g in group.parents),
                                                 (x.name for x in [group]))))
                             row.update({
                                 "action": repo_group_actions(
                                     group.group_id, group.group_name, repo_count),
                                 "top_level_repos": repo_count,
                                 "name": repo_group_name(group.group_name, children_groups),
                             })
                         repo_group_data.append(row)
                     return repo_group_data
                 def get_repo_groups_data_table(
                         self, draw, start, limit,
                         search_q, order_by, order_dir,
                         auth_user, repo_group_id):
                     from rhodecode.model.scm import RepoGroupList
                     _perms = ['group.read', 'group.write', 'group.admin']
                     repo_groups = RepoGroup.query() \
                         .filter(RepoGroup.group_parent_id == repo_group_id) \
                         .all()
                     auth_repo_group_list = RepoGroupList(
                         repo_groups, perm_set=_perms,
                         extra_kwargs=dict(user=auth_user))
                     allowed_ids = [-1]
                     for repo_group in auth_repo_group_list:
                         allowed_ids.append(repo_group.group_id)
                     repo_groups_data_total_count = RepoGroup.query() \
                         .filter(RepoGroup.group_parent_id == repo_group_id) \
                         .filter(or_(
                             # generate multiple IN to fix limitation problems
                             *in_filter_generator(RepoGroup.group_id, allowed_ids))
                         ) \
                         .count()
                     base_q = Session.query(
                         RepoGroup.group_name,
                         RepoGroup.group_name_hash,
                         RepoGroup.group_description,
                         RepoGroup.group_id,
                         RepoGroup.personal,
                         RepoGroup.updated_on,
                         RepoGroup._changeset_cache,
                         User,
                         ) \
                         .filter(RepoGroup.group_parent_id == repo_group_id) \
                         .filter(or_(
                             # generate multiple IN to fix limitation problems
                             *in_filter_generator(RepoGroup.group_id, allowed_ids))
                         ) \
                         .join(User, User.user_id == RepoGroup.user_id) \
                         .group_by(RepoGroup, User)
                     repo_groups_data_total_filtered_count = base_q.count()
                     sort_defined = False
                     if order_by == 'group_name':
                         sort_col = func.lower(RepoGroup.group_name)
                         sort_defined = True
                     elif order_by == 'user_username':
                         sort_col = User.username
                     else:
                         sort_col = getattr(RepoGroup, order_by, None)
                     if sort_defined or sort_col:
                         if order_dir == 'asc':
                             sort_col = sort_col.asc()
                         else:
                             sort_col = sort_col.desc()
                     base_q = base_q.order_by(sort_col)
                     base_q = base_q.offset(start).limit(limit)
                     repo_group_list = base_q.all()
                     repo_groups_data = RepoGroupModel().get_repo_groups_as_dict(
                         repo_group_list=repo_group_list, admin=False)
                     data = ({
                         'draw': draw,
                         'data': repo_groups_data,
                         'recordsTotal': repo_groups_data_total_count,
                         'recordsFiltered': repo_groups_data_total_filtered_count,
                     })
                     return data
                 def _get_defaults(self, repo_group_name):
                     repo_group = RepoGroup.get_by_group_name(repo_group_name)
                     if repo_group is None:
                         return None
                     defaults = repo_group.get_dict()
                     defaults['repo_group_name'] = repo_group.name
                     defaults['repo_group_description'] = repo_group.group_description
                     defaults['repo_group_enable_locking'] = repo_group.enable_locking
                     # we use -1 as this is how in HTML, we mark an empty group
                     defaults['repo_group'] = defaults['group_parent_id'] or -1
                     # fill owner
                     if repo_group.user:
                         defaults.update({'user': repo_group.user.username})
                     else:
                         replacement_user = User.get_first_super_admin().username
                         defaults.update({'user': replacement_user})
                     return defaults

rhodecode/model/scm.py

0 0 -9

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Scm model for RhodeCode
             """
             import os.path
             import traceback
             import logging
             import io
             from sqlalchemy import func
             from zope.cachedescriptors.property import Lazy as LazyProperty
             import rhodecode
             from rhodecode.lib.str_utils import safe_bytes
             from rhodecode.lib.vcs import get_backend
             from rhodecode.lib.vcs.exceptions import RepositoryError, NodeNotChangedError
             from rhodecode.lib.vcs.nodes import FileNode
             from rhodecode.lib.vcs.backends.base import EmptyCommit
             from rhodecode.lib import helpers as h, rc_cache
             from rhodecode.lib.auth import (
                 HasRepoPermissionAny, HasRepoGroupPermissionAny,
                 HasUserGroupPermissionAny)
             from rhodecode.lib.exceptions import NonRelativePathError, IMCCommitError
             from rhodecode.lib import hooks_utils
             from rhodecode.lib.utils import (
                 get_filesystem_repos, make_db_config)
             from rhodecode.lib.str_utils import safe_str
             from rhodecode.lib.system_info import get_system_info
             from rhodecode.model import BaseModel
             from rhodecode.model.db import (
                 or_, false, null,
                 Repository, CacheKey, UserFollowing, UserLog, User, RepoGroup,
                 PullRequest, FileStore)
             from rhodecode.model.settings import VcsSettingsModel
             from rhodecode.model.validation_schema.validators import url_validator, InvalidCloneUrl
             log = logging.getLogger(__name__)
             class UserTemp(object):
                 def __init__(self, user_id):
                     self.user_id = user_id
                 def __repr__(self):
                     return "<{}('id:{}')>".format(self.__class__.__name__, self.user_id)
             class RepoTemp(object):
                 def __init__(self, repo_id):
                     self.repo_id = repo_id
                 def __repr__(self):
                     return "<{}('id:{}')>".format(self.__class__.__name__, self.repo_id)
             class SimpleCachedRepoList(object):
                 """
                 Lighter version of of iteration of repos without the scm initialisation,
                 and with cache usage
                 """
                 def __init__(self, db_repo_list, repos_path, order_by=None, perm_set=None):
                     self.db_repo_list = db_repo_list
                     self.repos_path = repos_path
                     self.order_by = order_by
                     self.reversed = (order_by or '').startswith('-')
                     if not perm_set:
                         perm_set = ['repository.read', 'repository.write',
                                     'repository.admin']
                     self.perm_set = perm_set
                 def __len__(self):
                     return len(self.db_repo_list)
                 def __repr__(self):
                     return '<{} ({})>'.format(self.__class__.__name__, self.__len__())
                 def __iter__(self):
                     for dbr in self.db_repo_list:
                         # check permission at this level
                         has_perm = HasRepoPermissionAny(*self.perm_set)(
                             dbr.repo_name, 'SimpleCachedRepoList check')
                         if not has_perm:
                             continue
                         tmp_d = {
                             'name': dbr.repo_name,
                             'dbrepo': dbr.get_dict(),
                             'dbrepo_fork': dbr.fork.get_dict() if dbr.fork else {}
                         }
                         yield tmp_d
             class _PermCheckIterator(object):
                 def __init__(
                         self, obj_list, obj_attr, perm_set, perm_checker,
                         extra_kwargs=None):
                     """
                     Creates iterator from given list of objects, additionally
                     checking permission for them from perm_set var
                     :param obj_list: list of db objects
                     :param obj_attr: attribute of object to pass into perm_checker
                     :param perm_set: list of permissions to check
                     :param perm_checker: callable to check permissions against
                     """
                     self.obj_list = obj_list
                     self.obj_attr = obj_attr
                     self.perm_set = perm_set
                     self.perm_checker = perm_checker(*self.perm_set)
                     self.extra_kwargs = extra_kwargs or {}
                 def __len__(self):
                     return len(self.obj_list)
                 def __repr__(self):
                     return '<{} ({})>'.format(self.__class__.__name__, self.__len__())
                 def __iter__(self):
                     for db_obj in self.obj_list:
                         # check permission at this level
                         # NOTE(marcink): the __dict__.get() is ~4x faster then getattr()
                         name = db_obj.__dict__.get(self.obj_attr, None)
                         if not self.perm_checker(name, self.__class__.__name__, **self.extra_kwargs):
                             continue
                         yield db_obj
             class RepoList(_PermCheckIterator):
                 def __init__(self, db_repo_list, perm_set=None, extra_kwargs=None):
                     if not perm_set:
                         perm_set = ['repository.read', 'repository.write', 'repository.admin']
                     super().__init__(
                         obj_list=db_repo_list,
                         obj_attr='_repo_name', perm_set=perm_set,
                         perm_checker=HasRepoPermissionAny,
                         extra_kwargs=extra_kwargs)
             class RepoGroupList(_PermCheckIterator):
                 def __init__(self, db_repo_group_list, perm_set=None, extra_kwargs=None):
                     if not perm_set:
                         perm_set = ['group.read', 'group.write', 'group.admin']
                     super().__init__(
                         obj_list=db_repo_group_list,
                         obj_attr='_group_name', perm_set=perm_set,
                         perm_checker=HasRepoGroupPermissionAny,
                         extra_kwargs=extra_kwargs)
             class UserGroupList(_PermCheckIterator):
                 def __init__(self, db_user_group_list, perm_set=None, extra_kwargs=None):
                     if not perm_set:
                         perm_set = ['usergroup.read', 'usergroup.write', 'usergroup.admin']
                     super().__init__(
                         obj_list=db_user_group_list,
                         obj_attr='users_group_name', perm_set=perm_set,
                         perm_checker=HasUserGroupPermissionAny,
                         extra_kwargs=extra_kwargs)
             class ScmModel(BaseModel):
                 """
                 Generic Scm Model
                 """
-                @LazyProperty
-                def repos_path(self):
-                    """
-                    Gets the repositories root path from database
-                    """
-                    settings_model = VcsSettingsModel(sa=self.sa)
-                    return settings_model.get_repos_location()
                 def repo_scan(self, repos_path=None):
                     """
                     Listing of repositories in given path. This path should not be a
                     repository itself. Return a dictionary of repository objects
                     :param repos_path: path to directory containing repositories
                     """
                     if repos_path is None:
                         repos_path = self.repos_path
                     log.info('scanning for repositories in %s', repos_path)
                     config = make_db_config()
                     config.set('extensions', 'largefiles', '')
                     repos = {}
                     for name, path in get_filesystem_repos(repos_path, recursive=True):
                         # name need to be decomposed and put back together using the /
                         # since this is internal storage separator for rhodecode
                         name = Repository.normalize_repo_name(name)
                         try:
                             if name in repos:
                                 raise RepositoryError('Duplicate repository name %s '
                                                       'found in %s' % (name, path))
                             elif path[0] in rhodecode.BACKENDS:
                                 backend = get_backend(path[0])
                                 repos[name] = backend(path[1], config=config,
                                                       with_wire={"cache": False})
                         except OSError:
                             continue
                         except RepositoryError:
                             log.exception('Failed to create a repo')
                             continue
                     log.debug('found %s paths with repositories', len(repos))
                     return repos
                 def get_repos(self, all_repos=None, sort_key=None):
                     """
                     Get all repositories from db and for each repo create it's
                     backend instance and fill that backed with information from database
                     :param all_repos: list of repository names as strings
                         give specific repositories list, good for filtering
                     :param sort_key: initial sorting of repositories
                     """
                     if all_repos is None:
                         all_repos = self.sa.query(Repository)\
                             .filter(Repository.group_id == null())\
                             .order_by(func.lower(Repository.repo_name)).all()
                     repo_iter = SimpleCachedRepoList(
                         all_repos, repos_path=self.repos_path, order_by=sort_key)
                     return repo_iter
                 @staticmethod
                 def get_parent_commits(parent_commit, scm_instance):
                     if not parent_commit:
                         parent_commit = EmptyCommit(alias=scm_instance.alias)
                     if isinstance(parent_commit, EmptyCommit):
                         # EmptyCommit means we're editing empty repository
                         parents = None
                     else:
                         parents = [parent_commit]
                     return parent_commit, parents
                 def initialize_inmemory_vars(self, user, repo, message, author):
                     """
                     Initialize node specific objects for further usage
                     """
                     user = self._get_user(user)
                     scm_instance = repo.scm_instance(cache=False)
                     message = safe_str(message)
                     commiter = user.full_contact
                     author = safe_str(author) if author else commiter
                     imc = scm_instance.in_memory_commit
                     return user, scm_instance, message, commiter, author, imc
                 def get_repo_groups(self, all_groups=None):
                     if all_groups is None:
                         all_groups = RepoGroup.query()\
                             .filter(RepoGroup.group_parent_id == null()).all()
                     return [x for x in RepoGroupList(all_groups)]
                 def mark_for_invalidation(self, repo_name, delete=False):
                     """
                     Mark caches of this repo invalid in the database. `delete` flag
                     removes the cache entries
                     :param repo_name: the repo_name for which caches should be marked
                         invalid, or deleted
                     :param delete: delete the entry keys instead of setting bool
                         flag on them, and also purge caches used by the dogpile
                     """
                     repo = Repository.get_by_repo_name(repo_name)
                     if repo:
                         repo_namespace_key = CacheKey.REPO_INVALIDATION_NAMESPACE.format(repo_id=repo.repo_id)
                         CacheKey.set_invalidate(repo_namespace_key, delete=delete)
                         repo_id = repo.repo_id
                         config = repo._config
                         config.set('extensions', 'largefiles', '')
                         repo.update_commit_cache(config=config, cs_cache=None)
                         if delete:
                             cache_namespace_uid = f'cache_repo.{repo_id}'
                             rc_cache.clear_cache_namespace('cache_repo', cache_namespace_uid, method=rc_cache.CLEAR_INVALIDATE)
                 def toggle_following_repo(self, follow_repo_id, user_id):
                     f = self.sa.query(UserFollowing)\
                         .filter(UserFollowing.follows_repo_id == follow_repo_id)\
                         .filter(UserFollowing.user_id == user_id).scalar()
                     if f is not None:
                         try:
                             self.sa.delete(f)
                             return
                         except Exception:
                             log.error(traceback.format_exc())
                             raise
                     try:
                         f = UserFollowing()
                         f.user_id = user_id
                         f.follows_repo_id = follow_repo_id
                         self.sa.add(f)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def toggle_following_user(self, follow_user_id, user_id):
                     f = self.sa.query(UserFollowing)\
                         .filter(UserFollowing.follows_user_id == follow_user_id)\
                         .filter(UserFollowing.user_id == user_id).scalar()
                     if f is not None:
                         try:
                             self.sa.delete(f)
                             return
                         except Exception:
                             log.error(traceback.format_exc())
                             raise
                     try:
                         f = UserFollowing()
                         f.user_id = user_id
                         f.follows_user_id = follow_user_id
                         self.sa.add(f)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def is_following_repo(self, repo_name, user_id, cache=False):
                     r = self.sa.query(Repository)\
                         .filter(Repository.repo_name == repo_name).scalar()
                     f = self.sa.query(UserFollowing)\
                         .filter(UserFollowing.follows_repository == r)\
                         .filter(UserFollowing.user_id == user_id).scalar()
                     return f is not None
                 def is_following_user(self, username, user_id, cache=False):
                     u = User.get_by_username(username)
                     f = self.sa.query(UserFollowing)\
                         .filter(UserFollowing.follows_user == u)\
                         .filter(UserFollowing.user_id == user_id).scalar()
                     return f is not None
                 def get_followers(self, repo):
                     repo = self._get_repo(repo)
                     return self.sa.query(UserFollowing)\
                         .filter(UserFollowing.follows_repository == repo).count()
                 def get_forks(self, repo):
                     repo = self._get_repo(repo)
                     return self.sa.query(Repository)\
                         .filter(Repository.fork == repo).count()
                 def get_pull_requests(self, repo):
                     repo = self._get_repo(repo)
                     return self.sa.query(PullRequest)\
                         .filter(PullRequest.target_repo == repo)\
                         .filter(PullRequest.status != PullRequest.STATUS_CLOSED).count()
                 def get_artifacts(self, repo):
                     repo = self._get_repo(repo)
                     return self.sa.query(FileStore)\
                         .filter(FileStore.repo == repo)\
                         .filter(or_(FileStore.hidden == null(), FileStore.hidden == false())).count()
                 def mark_as_fork(self, repo, fork, user):
                     repo = self._get_repo(repo)
                     fork = self._get_repo(fork)
                     if fork and repo.repo_id == fork.repo_id:
                         raise Exception("Cannot set repository as fork of itself")
                     if fork and repo.repo_type != fork.repo_type:
                         raise RepositoryError(
                             "Cannot set repository as fork of repository with other type")
                     repo.fork = fork
                     self.sa.add(repo)
                     return repo
                 def pull_changes(self, repo, username, remote_uri=None, validate_uri=True, **kwargs):
                     dbrepo = self._get_repo(repo)
                     remote_uri = remote_uri or dbrepo.clone_uri
                     if not remote_uri:
                         raise Exception("This repository doesn't have a clone uri")
                     repo = dbrepo.scm_instance(cache=False)
                     repo.config.clear_section('hooks')
                     try:
                         # NOTE(marcink): add extra validation so we skip invalid urls
                         # this is due this tasks can be executed via scheduler without
                         # proper validation of remote_uri
                         if validate_uri:
                             config = make_db_config(clear_session=False)
                             url_validator(remote_uri, dbrepo.repo_type, config)
                     except InvalidCloneUrl:
                         raise
                     repo_name = dbrepo.repo_name
                     try:
                         # TODO: we need to make sure those operations call proper hooks !
                         repo.fetch(remote_uri, **kwargs)
                         self.mark_for_invalidation(repo_name)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def push_changes(self, repo, username, remote_uri=None, validate_uri=True, **kwargs):
                     dbrepo = self._get_repo(repo)
                     remote_uri = remote_uri or dbrepo.push_uri
                     if not remote_uri:
                         raise Exception("This repository doesn't have a clone uri")
                     repo = dbrepo.scm_instance(cache=False)
                     repo.config.clear_section('hooks')
                     try:
                         # NOTE(marcink): add extra validation so we skip invalid urls
                         # this is due this tasks can be executed via scheduler without
                         # proper validation of remote_uri
                         if validate_uri:
                             config = make_db_config(clear_session=False)
                             url_validator(remote_uri, dbrepo.repo_type, config)
                     except InvalidCloneUrl:
                         raise
                     try:
                         repo.push(remote_uri, **kwargs)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise
                 def commit_change(self, repo, repo_name, commit, user, author, message,
                                   content: bytes, f_path: bytes, branch: str = None):
                     """
                     Commits changes
                     """
                     user = self._get_user(user)
                     # message and author needs to be unicode
                     # proper backend should then translate that into required type
                     message = safe_str(message)
                     author = safe_str(author)
                     imc = repo.in_memory_commit
                     imc.change(FileNode(f_path, content, mode=commit.get_file_mode(f_path)))
                     try:
                         # TODO: handle pre-push action !
                         tip = imc.commit(
                             message=message, author=author, parents=[commit],
                             branch=branch or commit.branch)
                     except Exception as e:
                         log.error(traceback.format_exc())
                         raise IMCCommitError(str(e))
                     finally:
                         # always clear caches, if commit fails we want fresh object also
                         self.mark_for_invalidation(repo_name)
                     # We trigger the post-push action
                     hooks_utils.trigger_post_push_hook(
                         username=user.username, action='push_local', hook_type='post_push',
                         repo_name=repo_name, repo_type=repo.alias, commit_ids=[tip.raw_id])
                     return tip
                 def _sanitize_path(self, f_path: bytes):
                     if f_path.startswith(b'/') or f_path.startswith(b'./') or b'../' in f_path:
                         raise NonRelativePathError(b'%b is not an relative path' % f_path)
                     if f_path:
                         f_path = os.path.normpath(f_path)
                     return f_path
                 def get_dirnode_metadata(self, request, commit, dir_node):
                     if not dir_node.is_dir():
                         return []
                     data = []
                     for node in dir_node:
                         if not node.is_file():
                             # we skip file-nodes
                             continue
                         last_commit = node.last_commit
                         last_commit_date = last_commit.date
                         data.append({
                             'name': node.name,
                             'size': h.format_byte_size_binary(node.size),
                             'modified_at': h.format_date(last_commit_date),
                             'modified_ts': last_commit_date.isoformat(),
                             'revision': last_commit.revision,
                             'short_id': last_commit.short_id,
                             'message': h.escape(last_commit.message),
                             'author': h.escape(last_commit.author),
                             'user_profile': h.gravatar_with_user(
                                 request, last_commit.author),
                         })
                     return data
                 def get_nodes(self, repo_name, commit_id, root_path='/', flat=True,
                               extended_info=False, content=False, max_file_bytes=None):
                     """
                     recursive walk in root dir and return a set of all path in that dir
                     based on repository walk function
                     :param repo_name: name of repository
                     :param commit_id: commit id for which to list nodes
                     :param root_path: root path to list
                     :param flat: return as a list, if False returns a dict with description
                     :param extended_info: show additional info such as md5, binary, size etc
                     :param content: add nodes content to the return data
                     :param max_file_bytes: will not return file contents over this limit
                     """
                     _files = list()
                     _dirs = list()
                     try:
                         _repo = self._get_repo(repo_name)
                         commit = _repo.scm_instance().get_commit(commit_id=commit_id)
                         root_path = root_path.lstrip('/')
                         # get RootNode, inject pre-load options before walking
                         top_node = commit.get_node(root_path)
                         extended_info_pre_load = []
                         if extended_info:
                             extended_info_pre_load += ['md5']
                         top_node.default_pre_load = ['is_binary', 'size'] + extended_info_pre_load
                         for __, dirs, files in commit.walk(top_node):
                             for f in files:
                                 _content = None
                                 _data = f_name = f.str_path
                                 if not flat:
                                     _data = {
                                         "name": h.escape(f_name),
                                         "type": "file",
                                         }
                                     if extended_info:
                                         _data.update({
                                             "md5": f.md5,
                                             "binary": f.is_binary,
                                             "size": f.size,
                                             "extension": f.extension,
                                             "mimetype": f.mimetype,
                                             "lines": f.lines()[0]
                                         })
                                     if content:
                                         over_size_limit = (max_file_bytes is not None
                                                            and f.size > max_file_bytes)
                                         full_content = None
                                         if not f.is_binary and not over_size_limit:
                                             full_content = f.str_content
                                         _data.update({
                                             "content": full_content,
                                         })
                                 _files.append(_data)
                             for d in dirs:
                                 _data = d_name = d.str_path
                                 if not flat:
                                     _data = {
                                         "name": h.escape(d_name),
                                         "type": "dir",
                                         }
                                 if extended_info:
                                     _data.update({
                                         "md5": "",
                                         "binary": False,
                                         "size": 0,
                                         "extension": "",
                                     })
                                 if content:
                                     _data.update({
                                         "content": None
                                     })
                                 _dirs.append(_data)
                     except RepositoryError:
                         log.exception("Exception in get_nodes")
                         raise
                     return _dirs, _files
                 def get_quick_filter_nodes(self, repo_name, commit_id, root_path='/'):
                     """
                     Generate files for quick filter in files view
                     """
                     _files = list()
                     _dirs = list()
                     try:
                         _repo = self._get_repo(repo_name)
                         commit = _repo.scm_instance().get_commit(commit_id=commit_id)
                         root_path = root_path.lstrip('/')
                         top_node = commit.get_node(root_path)
                         top_node.default_pre_load = []
                         for __, dirs, files in commit.walk(top_node):
                             for f in files:
                                 _data = {
                                     "name": h.escape(f.str_path),
                                     "type": "file",
                                     }
                                 _files.append(_data)
                             for d in dirs:
                                 _data = {
                                     "name": h.escape(d.str_path),
                                     "type": "dir",
                                     }
                                 _dirs.append(_data)
                     except RepositoryError:
                         log.exception("Exception in get_quick_filter_nodes")
                         raise
                     return _dirs, _files
                 def get_node(self, repo_name, commit_id, file_path,
                              extended_info=False, content=False, max_file_bytes=None, cache=True):
                     """
                     retrieve single node from commit
                     """
                     try:
                         _repo = self._get_repo(repo_name)
                         commit = _repo.scm_instance().get_commit(commit_id=commit_id)
                         file_node = commit.get_node(file_path)
                         if file_node.is_dir():
                             raise RepositoryError('The given path is a directory')
                         _content = None
                         f_name = file_node.str_path
                         file_data = {
                             "name": h.escape(f_name),
                             "type": "file",
                         }
                         if extended_info:
                             file_data.update({
                                 "extension": file_node.extension,
                                 "mimetype": file_node.mimetype,
                             })
                             if cache:
                                 md5 = file_node.md5
                                 is_binary = file_node.is_binary
                                 size = file_node.size
                             else:
                                 is_binary, md5, size, _content = file_node.metadata_uncached()
                             file_data.update({
                                 "md5": md5,
                                 "binary": is_binary,
                                 "size": size,
                             })
                         if content and cache:
                             # get content + cache
                             size = file_node.size
                             over_size_limit = (max_file_bytes is not None and size > max_file_bytes)
                             full_content = None
                             all_lines = 0
                             if not file_node.is_binary and not over_size_limit:
                                 full_content = safe_str(file_node.content)
                                 all_lines, empty_lines = file_node.count_lines(full_content)
                             file_data.update({
                                 "content": full_content,
                                 "lines": all_lines
                             })
                         elif content:
                             # get content *without* cache
                             if _content is None:
                                 is_binary, md5, size, _content = file_node.metadata_uncached()
                             over_size_limit = (max_file_bytes is not None and size > max_file_bytes)
                             full_content = None
                             all_lines = 0
                             if not is_binary and not over_size_limit:
                                 full_content = safe_str(_content)
                                 all_lines, empty_lines = file_node.count_lines(full_content)
                             file_data.update({
                                 "content": full_content,
                                 "lines": all_lines
                             })
                     except RepositoryError:
                         log.exception("Exception in get_node")
                         raise
                     return file_data
                 def get_fts_data(self, repo_name, commit_id, root_path='/'):
                     """
                     Fetch node tree for usage in full text search
                     """
                     tree_info = list()
                     try:
                         _repo = self._get_repo(repo_name)
                         commit = _repo.scm_instance().get_commit(commit_id=commit_id)
                         root_path = root_path.lstrip('/')
                         top_node = commit.get_node(root_path)
                         top_node.default_pre_load = []
                         for __, dirs, files in commit.walk(top_node):
                             for f in files:
                                 is_binary, md5, size, _content = f.metadata_uncached()
                                 _data = {
                                     "name": f.str_path,
                                     "md5": md5,
                                     "extension": f.extension,
                                     "binary": is_binary,
                                     "size": size
                                 }
                                 tree_info.append(_data)
                     except RepositoryError:
                         log.exception("Exception in get_nodes")
                         raise
                     return tree_info
                 def create_nodes(self, user, repo, message, nodes, parent_commit=None,
                                  author=None, trigger_push_hook=True):
                     """
                     Commits given multiple nodes into repo
                     :param user: RhodeCode User object or user_id, the commiter
                     :param repo: RhodeCode Repository object
                     :param message: commit message
                     :param nodes: mapping {filename:{'content':content},...}
                     :param parent_commit: parent commit, can be empty than it's
                        initial commit
                     :param author: author of commit, cna be different that commiter
                        only for git
                     :param trigger_push_hook: trigger push hooks
                     :returns: new committed commit
                     """
                     user, scm_instance, message, commiter, author, imc = self.initialize_inmemory_vars(
                         user, repo, message, author)
                     parent_commit, parents = self.get_parent_commits(parent_commit, scm_instance)
                     upload_file_types = (io.BytesIO, io.BufferedRandom)
                     processed_nodes = []
                     for filename, content_dict in nodes.items():
                         if not isinstance(filename, bytes):
                             raise ValueError(f'filename key in nodes needs to be bytes , or {upload_file_types}')
                         content = content_dict['content']
                         if not isinstance(content, upload_file_types + (bytes,)):
                             raise ValueError('content key value in nodes needs to be bytes')
                     for f_path in nodes:
                         f_path = self._sanitize_path(f_path)
                         content = nodes[f_path]['content']
                         # decoding here will force that we have proper encoded values
                         # in any other case this will throw exceptions and deny commit
                         if isinstance(content, bytes):
                             pass
                         elif isinstance(content, upload_file_types):
                             content = content.read()
                         else:
                             raise Exception(f'Content is of unrecognized type {type(content)}, expected {upload_file_types}')
                         processed_nodes.append((f_path, content))
                     # add multiple nodes
                     for path, content in processed_nodes:
                         imc.add(FileNode(path, content=content))
                     # TODO: handle pre push scenario
                     tip = imc.commit(message=message,
                                      author=author,
                                      parents=parents,
                                      branch=parent_commit.branch)
                     self.mark_for_invalidation(repo.repo_name)
                     if trigger_push_hook:
                         hooks_utils.trigger_post_push_hook(
                             username=user.username, action='push_local',
                             repo_name=repo.repo_name, repo_type=scm_instance.alias,
                             hook_type='post_push',
                             commit_ids=[tip.raw_id])
                     return tip
                 def update_nodes(self, user, repo, message, nodes, parent_commit=None,
                                  author=None, trigger_push_hook=True):
                     user, scm_instance, message, commiter, author, imc = self.initialize_inmemory_vars(
                         user, repo, message, author)
                     parent_commit, parents = self.get_parent_commits(parent_commit, scm_instance)
                     # add multiple nodes
                     for _filename, data in nodes.items():
                         # new filename, can be renamed from the old one, also sanitaze
                         # the path for any hack around relative paths like ../../ etc.
                         filename = self._sanitize_path(data['filename'])
                         old_filename = self._sanitize_path(_filename)
                         content = data['content']
                         file_mode = data.get('mode')
                         filenode = FileNode(old_filename, content=content, mode=file_mode)
                         op = data['op']
                         if op == 'add':
                             imc.add(filenode)
                         elif op == 'del':
                             imc.remove(filenode)
                         elif op == 'mod':
                             if filename != old_filename:
                                 # TODO: handle renames more efficient, needs vcs lib changes
                                 imc.remove(filenode)
                                 imc.add(FileNode(filename, content=content, mode=file_mode))
                             else:
                                 imc.change(filenode)
                     try:
                         # TODO: handle pre push scenario commit changes
                         tip = imc.commit(message=message,
                                          author=author,
                                          parents=parents,
                                          branch=parent_commit.branch)
                     except NodeNotChangedError:
                         raise
                     except Exception as e:
                         log.exception("Unexpected exception during call to imc.commit")
                         raise IMCCommitError(str(e))
                     finally:
                         # always clear caches, if commit fails we want fresh object also
                         self.mark_for_invalidation(repo.repo_name)
                     if trigger_push_hook:
                         hooks_utils.trigger_post_push_hook(
                             username=user.username, action='push_local', hook_type='post_push',
                             repo_name=repo.repo_name, repo_type=scm_instance.alias,
                             commit_ids=[tip.raw_id])
                     return tip
                 def update_binary_node(self, user, repo, message, node, parent_commit=None, author=None):
                     user, scm_instance, message, commiter, author, imc = self.initialize_inmemory_vars(
                         user, repo, message, author)
                     parent_commit, parents = self.get_parent_commits(parent_commit, scm_instance)
                     file_path = node.get('file_path')
                     if isinstance(raw_content := node.get('content'), (io.BytesIO, io.BufferedRandom)):
                         content = raw_content.read()
                     else:
                         raise Exception("Wrong content was provided")
                     file_node = FileNode(file_path, content=content)
                     imc.change(file_node)
                     try:
                         tip = imc.commit(message=message,
                                          author=author,
                                          parents=parents,
                                          branch=parent_commit.branch)
                     except NodeNotChangedError:
                         raise
                     except Exception as e:
                         log.exception("Unexpected exception during call to imc.commit")
                         raise IMCCommitError(str(e))
                     finally:
                         self.mark_for_invalidation(repo.repo_name)
                     hooks_utils.trigger_post_push_hook(
                         username=user.username, action='push_local', hook_type='post_push',
                         repo_name=repo.repo_name, repo_type=scm_instance.alias,
                         commit_ids=[tip.raw_id])
                     return tip
                 def delete_nodes(self, user, repo, message, nodes, parent_commit=None,
                                  author=None, trigger_push_hook=True):
                     """
                     Deletes given multiple nodes into `repo`
                     :param user: RhodeCode User object or user_id, the committer
                     :param repo: RhodeCode Repository object
                     :param message: commit message
                     :param nodes: mapping {filename:{'content':content},...}
                     :param parent_commit: parent commit, can be empty than it's initial
                        commit
                     :param author: author of commit, cna be different that commiter only
                        for git
                     :param trigger_push_hook: trigger push hooks
                     :returns: new commit after deletion
                     """
                     user, scm_instance, message, commiter, author, imc = self.initialize_inmemory_vars(
                         user, repo, message, author)
                     processed_nodes = []
                     for f_path in nodes:
                         f_path = self._sanitize_path(f_path)
                         # content can be empty but for compatibility it allows same dicts
                         # structure as add_nodes
                         content = nodes[f_path].get('content')
                         processed_nodes.append((safe_bytes(f_path), content))
                     parent_commit, parents = self.get_parent_commits(parent_commit, scm_instance)
                     # add multiple nodes
                     for path, content in processed_nodes:
                         imc.remove(FileNode(path, content=content))
                     # TODO: handle pre push scenario
                     tip = imc.commit(message=message,
                                      author=author,
                                      parents=parents,
                                      branch=parent_commit.branch)
                     self.mark_for_invalidation(repo.repo_name)
                     if trigger_push_hook:
                         hooks_utils.trigger_post_push_hook(
                             username=user.username, action='push_local', hook_type='post_push',
                             repo_name=repo.repo_name, repo_type=scm_instance.alias,
                             commit_ids=[tip.raw_id])
                     return tip
                 def strip(self, repo, commit_id, branch):
                     scm_instance = repo.scm_instance(cache=False)
                     scm_instance.config.clear_section('hooks')
                     scm_instance.strip(commit_id, branch)
                     self.mark_for_invalidation(repo.repo_name)
                 def get_unread_journal(self):
                     return self.sa.query(UserLog).count()
                 @classmethod
                 def backend_landing_ref(cls, repo_type):
                     """
                     Return a default landing ref based on a repository type.
                     """
                     landing_ref = {
                         'hg': ('branch:default', 'default'),
                         'git': ('branch:master', 'master'),
                         'svn': ('rev:tip', 'latest tip'),
                         'default': ('rev:tip', 'latest tip'),
                     }
                     return landing_ref.get(repo_type) or landing_ref['default']
                 def get_repo_landing_revs(self, translator, repo=None):
                     """
                     Generates select option with tags branches and bookmarks (for hg only)
                     grouped by type
                     :param repo:
                     """
                     from rhodecode.lib.vcs.backends.git import GitRepository
                     _ = translator
                     repo = self._get_repo(repo)
                     if repo:
                         repo_type = repo.repo_type
                     else:
                         repo_type = 'default'
                     default_landing_ref, landing_ref_lbl = self.backend_landing_ref(repo_type)
                     default_ref_options = [
                         [default_landing_ref, landing_ref_lbl]
                     ]
                     default_choices = [
                         default_landing_ref
                     ]
                     if not repo:
                         # presented at NEW repo creation
                         return default_choices, default_ref_options
                     repo = repo.scm_instance()
                     ref_options = [(default_landing_ref, landing_ref_lbl)]
                     choices = [default_landing_ref]
                     # branches
                     branch_group = [(f'branch:{safe_str(b)}', safe_str(b)) for b in repo.branches]
                     if not branch_group:
                         # new repo, or without maybe a branch?
                         branch_group = default_ref_options
                     branches_group = (branch_group, _("Branches"))
                     ref_options.append(branches_group)
                     choices.extend([x[0] for x in branches_group[0]])
                     # bookmarks for HG
                     if repo.alias == 'hg':
                         bookmarks_group = (
                             [(f'book:{safe_str(b)}', safe_str(b))
                                 for b in repo.bookmarks],
                             _("Bookmarks"))
                         ref_options.append(bookmarks_group)
                         choices.extend([x[0] for x in bookmarks_group[0]])
                     # tags
                     tags_group = (
                         [(f'tag:{safe_str(t)}', safe_str(t))
                             for t in repo.tags],
                         _("Tags"))
                     ref_options.append(tags_group)
                     choices.extend([x[0] for x in tags_group[0]])
                     return choices, ref_options
                 def get_server_info(self, environ=None):
                     server_info = get_system_info(environ)
                     return server_info

rhodecode/model/settings.py

0 0 -7

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import re
             import logging
             import time
             import functools
             from collections import namedtuple
             from pyramid.threadlocal import get_current_request
             from rhodecode.lib import rc_cache
             from rhodecode.lib.hash_utils import sha1_safe
             from rhodecode.lib.html_filters import sanitize_html
             from rhodecode.lib.utils2 import (
                 Optional, AttributeDict, safe_str, remove_prefix, str2bool)
             from rhodecode.lib.vcs.backends import base
             from rhodecode.lib.statsd_client import StatsdClient
             from rhodecode.model import BaseModel
             from rhodecode.model.db import (
                 RepoRhodeCodeUi, RepoRhodeCodeSetting, RhodeCodeUi, RhodeCodeSetting)
             from rhodecode.model.meta import Session
             log = logging.getLogger(__name__)
             UiSetting = namedtuple(
                 'UiSetting', ['section', 'key', 'value', 'active'])
             SOCIAL_PLUGINS_LIST = ['github', 'bitbucket', 'twitter', 'google']
             class SettingNotFound(Exception):
                 def __init__(self, setting_id):
                     msg = f'Setting `{setting_id}` is not found'
                     super().__init__(msg)
             class SettingsModel(BaseModel):
                 BUILTIN_HOOKS = (
                     RhodeCodeUi.HOOK_REPO_SIZE, RhodeCodeUi.HOOK_PUSH,
                     RhodeCodeUi.HOOK_PRE_PUSH, RhodeCodeUi.HOOK_PRETX_PUSH,
                     RhodeCodeUi.HOOK_PULL, RhodeCodeUi.HOOK_PRE_PULL,
                     RhodeCodeUi.HOOK_PUSH_KEY,)
                 HOOKS_SECTION = 'hooks'
                 def __init__(self, sa=None, repo=None):
                     self.repo = repo
                     self.UiDbModel = RepoRhodeCodeUi if repo else RhodeCodeUi
                     self.SettingsDbModel = (
                         RepoRhodeCodeSetting if repo else RhodeCodeSetting)
                     super().__init__(sa)
                 def get_keyname(self, key_name, prefix='rhodecode_'):
                     return f'{prefix}{key_name}'
                 def get_ui_by_key(self, key):
                     q = self.UiDbModel.query()
                     q = q.filter(self.UiDbModel.ui_key == key)
                     q = self._filter_by_repo(RepoRhodeCodeUi, q)
                     return q.scalar()
                 def get_ui_by_section(self, section):
                     q = self.UiDbModel.query()
                     q = q.filter(self.UiDbModel.ui_section == section)
                     q = self._filter_by_repo(RepoRhodeCodeUi, q)
                     return q.all()
                 def get_ui_by_section_and_key(self, section, key):
                     q = self.UiDbModel.query()
                     q = q.filter(self.UiDbModel.ui_section == section)
                     q = q.filter(self.UiDbModel.ui_key == key)
                     q = self._filter_by_repo(RepoRhodeCodeUi, q)
                     return q.scalar()
                 def get_ui(self, section=None, key=None):
                     q = self.UiDbModel.query()
                     q = self._filter_by_repo(RepoRhodeCodeUi, q)
                     if section:
                         q = q.filter(self.UiDbModel.ui_section == section)
                     if key:
                         q = q.filter(self.UiDbModel.ui_key == key)
                     # TODO: mikhail: add caching
                     result = [
                         UiSetting(
                             section=safe_str(r.ui_section), key=safe_str(r.ui_key),
                             value=safe_str(r.ui_value), active=r.ui_active
                         )
                         for r in q.all()
                     ]
                     return result
                 def get_builtin_hooks(self):
                     q = self.UiDbModel.query()
                     q = q.filter(self.UiDbModel.ui_key.in_(self.BUILTIN_HOOKS))
                     return self._get_hooks(q)
                 def get_custom_hooks(self):
                     q = self.UiDbModel.query()
                     q = q.filter(~self.UiDbModel.ui_key.in_(self.BUILTIN_HOOKS))
                     return self._get_hooks(q)
                 def create_ui_section_value(self, section, val, key=None, active=True):
                     new_ui = self.UiDbModel()
                     new_ui.ui_section = section
                     new_ui.ui_value = val
                     new_ui.ui_active = active
                     repository_id = ''
                     if self.repo:
                         repo = self._get_repo(self.repo)
                         repository_id = repo.repo_id
                         new_ui.repository_id = repository_id
                     if not key:
                         # keys are unique so they need appended info
                         if self.repo:
                             key = sha1_safe(f'{section}{val}{repository_id}')
                         else:
                             key = sha1_safe(f'{section}{val}')
                     new_ui.ui_key = key
                     Session().add(new_ui)
                     return new_ui
                 def create_or_update_hook(self, key, value):
                     ui = (
                         self.get_ui_by_section_and_key(self.HOOKS_SECTION, key) or
                         self.UiDbModel())
                     ui.ui_section = self.HOOKS_SECTION
                     ui.ui_active = True
                     ui.ui_key = key
                     ui.ui_value = value
                     if self.repo:
                         repo = self._get_repo(self.repo)
                         repository_id = repo.repo_id
                         ui.repository_id = repository_id
                     Session().add(ui)
                     return ui
                 def delete_ui(self, id_):
                     ui = self.UiDbModel.get(id_)
                     if not ui:
                         raise SettingNotFound(id_)
                     Session().delete(ui)
                 def get_setting_by_name(self, name):
                     q = self._get_settings_query()
                     q = q.filter(self.SettingsDbModel.app_settings_name == name)
                     return q.scalar()
                 def create_or_update_setting(
                         self, name, val: Optional | str = Optional(''), type_: Optional | str = Optional('unicode')):
                     """
                     Creates or updates RhodeCode setting. If updates are triggered, it will
                     only update parameters that are explicitly set Optional instance will
                     be skipped
                     :param name:
                     :param val:
                     :param type_:
                     :return:
                     """
                     res = self.get_setting_by_name(name)
                     repo = self._get_repo(self.repo) if self.repo else None
                     if not res:
                         val = Optional.extract(val)
                         type_ = Optional.extract(type_)
                         args = (
                             (repo.repo_id, name, val, type_)
                             if repo else (name, val, type_))
                         res = self.SettingsDbModel(*args)
                     else:
                         if self.repo:
                             res.repository_id = repo.repo_id
                         res.app_settings_name = name
                         if not isinstance(type_, Optional):
                             # update if set
                             res.app_settings_type = type_
                         if not isinstance(val, Optional):
                             # update if set
                             res.app_settings_value = val
                     Session().add(res)
                     return res
                 def get_cache_region(self):
                     repo = self._get_repo(self.repo) if self.repo else None
                     cache_key = f"repo.v1.{repo.repo_id}" if repo else "repo.v1.ALL"
                     cache_namespace_uid = f'cache_settings.{cache_key}'
                     region = rc_cache.get_or_create_region('cache_general', cache_namespace_uid)
                     return region, cache_namespace_uid
                 def invalidate_settings_cache(self, hard=False):
                     region, namespace_key = self.get_cache_region()
                     log.debug('Invalidation cache [%s] region %s for cache_key: %s',
                               'invalidate_settings_cache', region, namespace_key)
                     # we use hard cleanup if invalidation is sent
                     rc_cache.clear_cache_namespace(region, namespace_key, method=rc_cache.CLEAR_DELETE)
                 def get_cache_call_method(self, cache=True):
                     region, cache_key = self.get_cache_region()
                     @region.conditional_cache_on_arguments(condition=cache)
                     def _get_all_settings(name, key):
                         q = self._get_settings_query()
                         if not q:
                             raise Exception('Could not get application settings !')
                         settings = {
                             self.get_keyname(res.app_settings_name): res.app_settings_value
                             for res in q
                         }
                         return settings
                     return _get_all_settings
                 def get_all_settings(self, cache=False, from_request=True):
                     # defines if we use GLOBAL, or PER_REPO
                     repo = self._get_repo(self.repo) if self.repo else None
                     # initially try the request context; this is the fastest
                     # we only fetch global config, NOT for repo-specific
                     if from_request and not repo:
                         request = get_current_request()
                         if request and hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):
                             rc_config = request.call_context.rc_config
                             if rc_config:
                                 return rc_config
                     _region, cache_key = self.get_cache_region()
                     _get_all_settings = self.get_cache_call_method(cache=cache)
                     start = time.time()
                     result = _get_all_settings('rhodecode_settings', cache_key)
                     compute_time = time.time() - start
                     log.debug('cached method:%s took %.4fs', _get_all_settings.__name__, compute_time)
                     statsd = StatsdClient.statsd
                     if statsd:
                         elapsed_time_ms = round(1000.0 * compute_time)  # use ms only
                         statsd.timing("rhodecode_settings_timing.histogram", elapsed_time_ms,
                                       use_decimals=False)
                     log.debug('Fetching app settings for key: %s took: %.4fs: cache: %s', cache_key, compute_time, cache)
                     return result
                 def get_auth_settings(self):
                     q = self._get_settings_query()
                     q = q.filter(
                         self.SettingsDbModel.app_settings_name.startswith('auth_'))
                     rows = q.all()
                     auth_settings = {
                         row.app_settings_name: row.app_settings_value for row in rows}
                     return auth_settings
                 def get_auth_plugins(self):
                     auth_plugins = self.get_setting_by_name("auth_plugins")
                     return auth_plugins.app_settings_value
                 def get_default_repo_settings(self, strip_prefix=False):
                     q = self._get_settings_query()
                     q = q.filter(
                         self.SettingsDbModel.app_settings_name.startswith('default_'))
                     rows = q.all()
                     result = {}
                     for row in rows:
                         key = row.app_settings_name
                         if strip_prefix:
                             key = remove_prefix(key, prefix='default_')
                         result.update({key: row.app_settings_value})
                     return result
                 def get_repo(self):
                     repo = self._get_repo(self.repo)
                     if not repo:
                         raise Exception(
                             f'Repository `{self.repo}` cannot be found inside the database')
                     return repo
                 def _filter_by_repo(self, model, query):
                     if self.repo:
                         repo = self.get_repo()
                         query = query.filter(model.repository_id == repo.repo_id)
                     return query
                 def _get_hooks(self, query):
                     query = query.filter(self.UiDbModel.ui_section == self.HOOKS_SECTION)
                     query = self._filter_by_repo(RepoRhodeCodeUi, query)
                     return query.all()
                 def _get_settings_query(self):
                     q = self.SettingsDbModel.query()
                     return self._filter_by_repo(RepoRhodeCodeSetting, q)
                 def list_enabled_social_plugins(self, settings):
                     enabled = []
                     for plug in SOCIAL_PLUGINS_LIST:
                         if str2bool(settings.get(f'rhodecode_auth_{plug}_enabled')):
                             enabled.append(plug)
                     return enabled
             def assert_repo_settings(func):
                 @functools.wraps(func)
                 def _wrapper(self, *args, **kwargs):
                     if not self.repo_settings:
                         raise Exception('Repository is not specified')
                     return func(self, *args, **kwargs)
                 return _wrapper
             class IssueTrackerSettingsModel(object):
                 INHERIT_SETTINGS = 'inherit_issue_tracker_settings'
                 SETTINGS_PREFIX = 'issuetracker_'
                 def __init__(self, sa=None, repo=None):
                     self.global_settings = SettingsModel(sa=sa)
                     self.repo_settings = SettingsModel(sa=sa, repo=repo) if repo else None
                 @property
                 def inherit_global_settings(self):
                     if not self.repo_settings:
                         return True
                     setting = self.repo_settings.get_setting_by_name(self.INHERIT_SETTINGS)
                     return setting.app_settings_value if setting else True
                 @inherit_global_settings.setter
                 def inherit_global_settings(self, value):
                     if self.repo_settings:
                         settings = self.repo_settings.create_or_update_setting(
                             self.INHERIT_SETTINGS, value, type_='bool')
                         Session().add(settings)
                 def _get_keyname(self, key, uid, prefix='rhodecode_'):
                     return f'{prefix}{self.SETTINGS_PREFIX}{key}_{uid}'
                 def _make_dict_for_settings(self, qs):
                     prefix_match = self._get_keyname('pat', '',)
                     issuetracker_entries = {}
                     # create keys
                     for k, v in qs.items():
                         if k.startswith(prefix_match):
                             uid = k[len(prefix_match):]
                             issuetracker_entries[uid] = None
                     def url_cleaner(input_str):
                         input_str = input_str.replace('"', '').replace("'", '')
                         input_str = sanitize_html(input_str, strip=True)
                         return input_str
                     # populate
                     for uid in issuetracker_entries:
                         url_data = qs.get(self._get_keyname('url', uid))
                         pat = qs.get(self._get_keyname('pat', uid))
                         try:
                             pat_compiled = re.compile(r'%s' % pat)
                         except re.error:
                             pat_compiled = None
                         issuetracker_entries[uid] = AttributeDict({
                             'pat': pat,
                             'pat_compiled': pat_compiled,
                             'url': url_cleaner(
                                 qs.get(self._get_keyname('url', uid)) or ''),
                             'pref': sanitize_html(
                                 qs.get(self._get_keyname('pref', uid)) or ''),
                             'desc': qs.get(
                                 self._get_keyname('desc', uid)),
                         })
                     return issuetracker_entries
                 def get_global_settings(self, cache=False):
                     """
                     Returns list of global issue tracker settings
                     """
                     defaults = self.global_settings.get_all_settings(cache=cache)
                     settings = self._make_dict_for_settings(defaults)
                     return settings
                 def get_repo_settings(self, cache=False):
                     """
                     Returns list of issue tracker settings per repository
                     """
                     if not self.repo_settings:
                         raise Exception('Repository is not specified')
                     all_settings = self.repo_settings.get_all_settings(cache=cache)
                     settings = self._make_dict_for_settings(all_settings)
                     return settings
                 def get_settings(self, cache=False):
                     if self.inherit_global_settings:
                         return self.get_global_settings(cache=cache)
                     else:
                         return self.get_repo_settings(cache=cache)
                 def delete_entries(self, uid):
                     if self.repo_settings:
                         all_patterns = self.get_repo_settings()
                         settings_model = self.repo_settings
                     else:
                         all_patterns = self.get_global_settings()
                         settings_model = self.global_settings
                     entries = all_patterns.get(uid, [])
                     for del_key in entries:
                         setting_name = self._get_keyname(del_key, uid, prefix='')
                         entry = settings_model.get_setting_by_name(setting_name)
                         if entry:
                             Session().delete(entry)
                     Session().commit()
                 def create_or_update_setting(
                         self, name, val=Optional(''), type_=Optional('unicode')):
                     if self.repo_settings:
                         setting = self.repo_settings.create_or_update_setting(
                             name, val, type_)
                     else:
                         setting = self.global_settings.create_or_update_setting(
                             name, val, type_)
                     return setting
             class VcsSettingsModel(object):
                 INHERIT_SETTINGS = 'inherit_vcs_settings'
                 GENERAL_SETTINGS = (
                     'use_outdated_comments',
                     'pr_merge_enabled',
                     'hg_use_rebase_for_merging',
                     'hg_close_branch_before_merging',
                     'git_use_rebase_for_merging',
                     'git_close_branch_before_merging',
                     'diff_cache',
                 )
                 HOOKS_SETTINGS = (
                     ('hooks', 'changegroup.repo_size'),
                     ('hooks', 'changegroup.push_logger'),
                     ('hooks', 'outgoing.pull_logger'),
                 )
                 HG_SETTINGS = (
                     ('extensions', 'largefiles'),
                     ('phases', 'publish'),
                     ('extensions', 'evolve'),
                     ('extensions', 'topic'),
                     ('experimental', 'evolution'),
                     ('experimental', 'evolution.exchange'),
                 )
                 GIT_SETTINGS = (
                     ('vcs_git_lfs', 'enabled'),
                 )
                 GLOBAL_HG_SETTINGS = (
                     ('extensions', 'largefiles'),
                     ('largefiles', 'usercache'),
                     ('phases', 'publish'),
                     ('extensions', 'evolve'),
                     ('extensions', 'topic'),
                     ('experimental', 'evolution'),
                     ('experimental', 'evolution.exchange'),
                 )
                 GLOBAL_GIT_SETTINGS = (
                     ('vcs_git_lfs', 'enabled'),
                     ('vcs_git_lfs', 'store_location')
                 )
                 SVN_BRANCH_SECTION = 'vcs_svn_branch'
                 SVN_TAG_SECTION = 'vcs_svn_tag'
                 SSL_SETTING = ('web', 'push_ssl')
                 PATH_SETTING = ('paths', '/')
                 def __init__(self, sa=None, repo=None):
                     self.global_settings = SettingsModel(sa=sa)
                     self.repo_settings = SettingsModel(sa=sa, repo=repo) if repo else None
                     self._ui_settings = (
                         self.HG_SETTINGS + self.GIT_SETTINGS + self.HOOKS_SETTINGS)
                     self._svn_sections = (self.SVN_BRANCH_SECTION, self.SVN_TAG_SECTION)
                 @property
                 @assert_repo_settings
                 def inherit_global_settings(self):
                     setting = self.repo_settings.get_setting_by_name(self.INHERIT_SETTINGS)
                     return setting.app_settings_value if setting else True
                 @inherit_global_settings.setter
                 @assert_repo_settings
                 def inherit_global_settings(self, value):
                     self.repo_settings.create_or_update_setting(
                         self.INHERIT_SETTINGS, value, type_='bool')
                 def get_keyname(self, key_name, prefix='rhodecode_'):
                     return f'{prefix}{key_name}'
                 def get_global_svn_branch_patterns(self):
                     return self.global_settings.get_ui_by_section(self.SVN_BRANCH_SECTION)
                 @assert_repo_settings
                 def get_repo_svn_branch_patterns(self):
                     return self.repo_settings.get_ui_by_section(self.SVN_BRANCH_SECTION)
                 def get_global_svn_tag_patterns(self):
                     return self.global_settings.get_ui_by_section(self.SVN_TAG_SECTION)
                 @assert_repo_settings
                 def get_repo_svn_tag_patterns(self):
                     return self.repo_settings.get_ui_by_section(self.SVN_TAG_SECTION)
                 def get_global_settings(self):
                     return self._collect_all_settings(global_=True)
                 @assert_repo_settings
                 def get_repo_settings(self):
                     return self._collect_all_settings(global_=False)
                 @assert_repo_settings
                 def get_repo_settings_inherited(self):
                     global_settings = self.get_global_settings()
                     global_settings.update(self.get_repo_settings())
                     return global_settings
                 @assert_repo_settings
                 def create_or_update_repo_settings(
                         self, data, inherit_global_settings=False):
                     from rhodecode.model.scm import ScmModel
                     self.inherit_global_settings = inherit_global_settings
                     repo = self.repo_settings.get_repo()
                     if not inherit_global_settings:
                         if repo.repo_type == 'svn':
                             self.create_repo_svn_settings(data)
                         else:
                             self.create_or_update_repo_hook_settings(data)
                             self.create_or_update_repo_pr_settings(data)
                         if repo.repo_type == 'hg':
                             self.create_or_update_repo_hg_settings(data)
                         if repo.repo_type == 'git':
                             self.create_or_update_repo_git_settings(data)
                     ScmModel().mark_for_invalidation(repo.repo_name, delete=True)
                 @assert_repo_settings
                 def create_or_update_repo_hook_settings(self, data):
                     for section, key in self.HOOKS_SETTINGS:
                         data_key = self._get_form_ui_key(section, key)
                         if data_key not in data:
                             raise ValueError(
                                 f'The given data does not contain {data_key} key')
                         active = data.get(data_key)
                         repo_setting = self.repo_settings.get_ui_by_section_and_key(
                             section, key)
                         if not repo_setting:
                             global_setting = self.global_settings.\
                                 get_ui_by_section_and_key(section, key)
                             self.repo_settings.create_ui_section_value(
                                 section, global_setting.ui_value, key=key, active=active)
                         else:
                             repo_setting.ui_active = active
                             Session().add(repo_setting)
                 def update_global_hook_settings(self, data):
                     for section, key in self.HOOKS_SETTINGS:
                         data_key = self._get_form_ui_key(section, key)
                         if data_key not in data:
                             raise ValueError(
                                 f'The given data does not contain {data_key} key')
                         active = data.get(data_key)
                         repo_setting = self.global_settings.get_ui_by_section_and_key(
                             section, key)
                         repo_setting.ui_active = active
                         Session().add(repo_setting)
                 @assert_repo_settings
                 def create_or_update_repo_pr_settings(self, data):
                     return self._create_or_update_general_settings(
                         self.repo_settings, data)
                 def create_or_update_global_pr_settings(self, data):
                     return self._create_or_update_general_settings(
                         self.global_settings, data)
                 @assert_repo_settings
                 def create_repo_svn_settings(self, data):
                     return self._create_svn_settings(self.repo_settings, data)
                 def _set_evolution(self, settings, is_enabled):
                     if is_enabled:
                         # if evolve is active set evolution=all
                         self._create_or_update_ui(
                             settings, *('experimental', 'evolution'), value='all',
                             active=True)
                         self._create_or_update_ui(
                             settings, *('experimental', 'evolution.exchange'), value='yes',
                             active=True)
                         # if evolve is active set topics server support
                         self._create_or_update_ui(
                             settings, *('extensions', 'topic'), value='',
                             active=True)
                     else:
                         self._create_or_update_ui(
                             settings, *('experimental', 'evolution'), value='',
                             active=False)
                         self._create_or_update_ui(
                             settings, *('experimental', 'evolution.exchange'), value='no',
                             active=False)
                         self._create_or_update_ui(
                             settings, *('extensions', 'topic'), value='',
                             active=False)
                 @assert_repo_settings
                 def create_or_update_repo_hg_settings(self, data):
                     largefiles, phases, evolve = \
                         self.HG_SETTINGS[:3]
                     largefiles_key, phases_key, evolve_key = \
                         self._get_settings_keys(self.HG_SETTINGS[:3], data)
                     self._create_or_update_ui(
                         self.repo_settings, *largefiles, value='',
                         active=data[largefiles_key])
                     self._create_or_update_ui(
                         self.repo_settings, *evolve, value='',
                         active=data[evolve_key])
                     self._set_evolution(self.repo_settings, is_enabled=data[evolve_key])
                     self._create_or_update_ui(
                         self.repo_settings, *phases, value=safe_str(data[phases_key]))
                 def create_or_update_global_hg_settings(self, data):
                     opts_len = 4
                     largefiles, largefiles_store, phases, evolve \
                         = self.GLOBAL_HG_SETTINGS[:opts_len]
                     largefiles_key, largefiles_store_key, phases_key, evolve_key \
                         = self._get_settings_keys(self.GLOBAL_HG_SETTINGS[:opts_len], data)
                     self._create_or_update_ui(
                         self.global_settings, *largefiles, value='',
                         active=data[largefiles_key])
                     self._create_or_update_ui(
                         self.global_settings, *largefiles_store, value=data[largefiles_store_key])
                     self._create_or_update_ui(
                         self.global_settings, *phases, value=safe_str(data[phases_key]))
                     self._create_or_update_ui(
                         self.global_settings, *evolve, value='',
                         active=data[evolve_key])
                     self._set_evolution(self.global_settings, is_enabled=data[evolve_key])
                 def create_or_update_repo_git_settings(self, data):
                     # NOTE(marcink): # comma makes unpack work properly
                     lfs_enabled, \
                         = self.GIT_SETTINGS
                     lfs_enabled_key, \
                         = self._get_settings_keys(self.GIT_SETTINGS, data)
                     self._create_or_update_ui(
                         self.repo_settings, *lfs_enabled, value=data[lfs_enabled_key],
                         active=data[lfs_enabled_key])
                 def create_or_update_global_git_settings(self, data):
                     lfs_enabled, lfs_store_location \
                         = self.GLOBAL_GIT_SETTINGS
                     lfs_enabled_key, lfs_store_location_key \
                         = self._get_settings_keys(self.GLOBAL_GIT_SETTINGS, data)
                     self._create_or_update_ui(
                         self.global_settings, *lfs_enabled, value=data[lfs_enabled_key],
                         active=data[lfs_enabled_key])
                     self._create_or_update_ui(
                         self.global_settings, *lfs_store_location,
                         value=data[lfs_store_location_key])
                 def create_or_update_global_svn_settings(self, data):
                     # branch/tags patterns
                     self._create_svn_settings(self.global_settings, data)
                 def update_global_ssl_setting(self, value):
                     self._create_or_update_ui(
                         self.global_settings, *self.SSL_SETTING, value=value)
-                def update_global_path_setting(self, value):
-                    self._create_or_update_ui(
-                        self.global_settings, *self.PATH_SETTING, value=value)
                 @assert_repo_settings
                 def delete_repo_svn_pattern(self, id_):
                     ui = self.repo_settings.UiDbModel.get(id_)
                     if ui and ui.repository.repo_name == self.repo_settings.repo:
                         # only delete if it's the same repo as initialized settings
                         self.repo_settings.delete_ui(id_)
                     else:
                         # raise error as if we wouldn't find this option
                         self.repo_settings.delete_ui(-1)
                 def delete_global_svn_pattern(self, id_):
                     self.global_settings.delete_ui(id_)
                 @assert_repo_settings
                 def get_repo_ui_settings(self, section=None, key=None):
                     global_uis = self.global_settings.get_ui(section, key)
                     repo_uis = self.repo_settings.get_ui(section, key)
                     filtered_repo_uis = self._filter_ui_settings(repo_uis)
                     filtered_repo_uis_keys = [
                         (s.section, s.key) for s in filtered_repo_uis]
                     def _is_global_ui_filtered(ui):
                         return (
                             (ui.section, ui.key) in filtered_repo_uis_keys
                             or ui.section in self._svn_sections)
                     filtered_global_uis = [
                         ui for ui in global_uis if not _is_global_ui_filtered(ui)]
                     return filtered_global_uis + filtered_repo_uis
                 def get_global_ui_settings(self, section=None, key=None):
                     return self.global_settings.get_ui(section, key)
                 def get_ui_settings_as_config_obj(self, section=None, key=None):
                     config = base.Config()
                     ui_settings = self.get_ui_settings(section=section, key=key)
                     for entry in ui_settings:
                         config.set(entry.section, entry.key, entry.value)
                     return config
                 def get_ui_settings(self, section=None, key=None):
                     if not self.repo_settings or self.inherit_global_settings:
                         return self.get_global_ui_settings(section, key)
                     else:
                         return self.get_repo_ui_settings(section, key)
                 def get_svn_patterns(self, section=None):
                     if not self.repo_settings:
                         return self.get_global_ui_settings(section)
                     else:
                         return self.get_repo_ui_settings(section)
                 @assert_repo_settings
                 def get_repo_general_settings(self):
                     global_settings = self.global_settings.get_all_settings()
                     repo_settings = self.repo_settings.get_all_settings()
                     filtered_repo_settings = self._filter_general_settings(repo_settings)
                     global_settings.update(filtered_repo_settings)
                     return global_settings
                 def get_global_general_settings(self):
                     return self.global_settings.get_all_settings()
                 def get_general_settings(self):
                     if not self.repo_settings or self.inherit_global_settings:
                         return self.get_global_general_settings()
                     else:
                         return self.get_repo_general_settings()
-                def get_repos_location(self):
-                    return self.global_settings.get_ui_by_key('/').ui_value
                 def _filter_ui_settings(self, settings):
                     filtered_settings = [
                         s for s in settings if self._should_keep_setting(s)]
                     return filtered_settings
                 def _should_keep_setting(self, setting):
                     keep = (
                         (setting.section, setting.key) in self._ui_settings or
                         setting.section in self._svn_sections)
                     return keep
                 def _filter_general_settings(self, settings):
                     keys = [self.get_keyname(key) for key in self.GENERAL_SETTINGS]
                     return {
                         k: settings[k]
                         for k in settings if k in keys}
                 def _collect_all_settings(self, global_=False):
                     settings = self.global_settings if global_ else self.repo_settings
                     result = {}
                     for section, key in self._ui_settings:
                         ui = settings.get_ui_by_section_and_key(section, key)
                         result_key = self._get_form_ui_key(section, key)
                         if ui:
                             if section in ('hooks', 'extensions'):
                                 result[result_key] = ui.ui_active
                             elif result_key in ['vcs_git_lfs_enabled']:
                                 result[result_key] = ui.ui_active
                             else:
                                 result[result_key] = ui.ui_value
                     for name in self.GENERAL_SETTINGS:
                         setting = settings.get_setting_by_name(name)
                         if setting:
                             result_key = self.get_keyname(name)
                             result[result_key] = setting.app_settings_value
                     return result
                 def _get_form_ui_key(self, section, key):
                     return '{section}_{key}'.format(
                         section=section, key=key.replace('.', '_'))
                 def _create_or_update_ui(
                         self, settings, section, key, value=None, active=None):
                     ui = settings.get_ui_by_section_and_key(section, key)
                     if not ui:
                         active = True if active is None else active
                         settings.create_ui_section_value(
                             section, value, key=key, active=active)
                     else:
                         if active is not None:
                             ui.ui_active = active
                         if value is not None:
                             ui.ui_value = value
                         Session().add(ui)
                 def _create_svn_settings(self, settings, data):
                     svn_settings = {
                         'new_svn_branch': self.SVN_BRANCH_SECTION,
                         'new_svn_tag': self.SVN_TAG_SECTION
                     }
                     for key in svn_settings:
                         if data.get(key):
                             settings.create_ui_section_value(svn_settings[key], data[key])
                 def _create_or_update_general_settings(self, settings, data):
                     for name in self.GENERAL_SETTINGS:
                         data_key = self.get_keyname(name)
                         if data_key not in data:
                             raise ValueError(
                                 f'The given data does not contain {data_key} key')
                         setting = settings.create_or_update_setting(
                             name, data[data_key], 'bool')
                         Session().add(setting)
                 def _get_settings_keys(self, settings, data):
                     data_keys = [self._get_form_ui_key(*s) for s in settings]
                     for data_key in data_keys:
                         if data_key not in data:
                             raise ValueError(
                                 f'The given data does not contain {data_key} key')
                     return data_keys
                 def create_largeobjects_dirs_if_needed(self, repo_store_path):
                     """
                     This is subscribed to the `pyramid.events.ApplicationCreated` event. It
                     does a repository scan if enabled in the settings.
                     """
                     from rhodecode.lib.vcs.backends.hg import largefiles_store
                     from rhodecode.lib.vcs.backends.git import lfs_store
                     paths = [
                         largefiles_store(repo_store_path),
                         lfs_store(repo_store_path)]
                     for path in paths:
                         if os.path.isdir(path):
                             continue
                         if os.path.isfile(path):
                             continue
                         # not a file nor dir, we try to create it
                         try:
                             os.makedirs(path)
                         except Exception:
                             log.warning('Failed to create largefiles dir:%s', path)

rhodecode/subscribers.py

0 +3 -2

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import io
             import shlex
             import math
             import re
             import os
             import datetime
             import logging
             import queue
             import subprocess
             from dateutil.parser import parse
             from pyramid.interfaces import IRoutesMapper
             from pyramid.settings import asbool
             from pyramid.path import AssetResolver
             from threading import Thread
             from rhodecode.config.jsroutes import generate_jsroutes_content
             from rhodecode.lib.base import get_auth_user
             from rhodecode.lib.celerylib.loader import set_celery_conf
             import rhodecode
             log = logging.getLogger(__name__)
             def add_renderer_globals(event):
                 from rhodecode.lib import helpers
                 # TODO: When executed in pyramid view context the request is not available
                 # in the event. Find a better solution to get the request.
                 from pyramid.threadlocal import get_current_request
                 request = event['request'] or get_current_request()
                 # Add Pyramid translation as '_' to context
                 event['_'] = request.translate
                 event['_ungettext'] = request.plularize
                 event['h'] = helpers
             def set_user_lang(event):
                 request = event.request
                 cur_user = getattr(request, 'user', None)
                 if cur_user:
                     user_lang = cur_user.get_instance().user_data.get('language')
                     if user_lang:
                         log.debug('lang: setting current user:%s language to: %s', cur_user, user_lang)
                         event.request._LOCALE_ = user_lang
             def update_celery_conf(event):
                 log.debug('Setting celery config from new request')
                 set_celery_conf(request=event.request, registry=event.request.registry)
             def add_request_user_context(event):
                 """
                 Adds auth user into request context
                 """
                 request = event.request
                 # access req_id as soon as possible
                 req_id = request.req_id
                 if hasattr(request, 'vcs_call'):
                     # skip vcs calls
                     return
                 if hasattr(request, 'rpc_method'):
                     # skip api calls
                     return
                 auth_user, auth_token = get_auth_user(request)
                 request.user = auth_user
                 request.user_auth_token = auth_token
                 request.environ['rc_auth_user'] = auth_user
                 request.environ['rc_auth_user_id'] = str(auth_user.user_id)
                 request.environ['rc_req_id'] = req_id
             def reset_log_bucket(event):
                 """
                 reset the log bucket on new request
                 """
                 request = event.request
                 request.req_id_records_init()
             def scan_repositories_if_enabled(event):
                 """
                 This is subscribed to the `pyramid.events.ApplicationCreated` event. It
                 does a repository scan if enabled in the settings.
                 """
                 settings = event.app.registry.settings
                 vcs_server_enabled = settings['vcs.server.enable']
                 import_on_startup = settings['startup.import_repos']
                 if vcs_server_enabled and import_on_startup:
                     from rhodecode.model.scm import ScmModel
-                    from rhodecode.lib.utils import repo2db_mapper, get_rhodecode_base_path
+                    from rhodecode.lib.utils import repo2db_mapper
-                    repositories = ScmModel().repo_scan(get_rhodecode_base_path())
+                    scm = ScmModel()
+                    repositories = scm.repo_scan(scm.repos_path)
                     repo2db_mapper(repositories, remove_obsolete=False)
             def write_metadata_if_needed(event):
                 """
                 Writes upgrade metadata
                 """
                 import rhodecode
                 from rhodecode.lib import system_info
                 from rhodecode.lib import ext_json
                 fname = '.rcmetadata.json'
                 ini_loc = os.path.dirname(rhodecode.CONFIG.get('__file__'))
                 metadata_destination = os.path.join(ini_loc, fname)
                 def get_update_age():
                     now = datetime.datetime.utcnow()
                     with open(metadata_destination, 'rb') as f:
                         data = ext_json.json.loads(f.read())
                         if 'created_on' in data:
                             update_date = parse(data['created_on'])
                             diff = now - update_date
                             return diff.total_seconds() / 60.0
                     return 0
                 def write():
                     configuration = system_info.SysInfo(
                         system_info.rhodecode_config)()['value']
                     license_token = configuration['config']['license_token']
                     setup = dict(
                         workers=configuration['config']['server:main'].get(
                             'workers', '?'),
                         worker_type=configuration['config']['server:main'].get(
                             'worker_class', 'sync'),
                     )
                     dbinfo = system_info.SysInfo(system_info.database_info)()['value']
                     del dbinfo['url']
                     metadata = dict(
                         desc='upgrade metadata info',
                         license_token=license_token,
                         created_on=datetime.datetime.utcnow().isoformat(),
                         usage=system_info.SysInfo(system_info.usage_info)()['value'],
                         platform=system_info.SysInfo(system_info.platform_type)()['value'],
                         database=dbinfo,
                         cpu=system_info.SysInfo(system_info.cpu)()['value'],
                         memory=system_info.SysInfo(system_info.memory)()['value'],
                         setup=setup
                     )
                     with open(metadata_destination, 'wb') as f:
                         f.write(ext_json.json.dumps(metadata))
                 settings = event.app.registry.settings
                 if settings.get('metadata.skip'):
                     return
                 # only write this every 24h, workers restart caused unwanted delays
                 try:
                     age_in_min = get_update_age()
                 except Exception:
                     age_in_min = 0
                 if age_in_min > 60 * 60 * 24:
                     return
                 try:
                     write()
                 except Exception:
                     pass
             def write_usage_data(event):
                 import rhodecode
                 from rhodecode.lib import system_info
                 from rhodecode.lib import ext_json
                 settings = event.app.registry.settings
                 instance_tag = settings.get('metadata.write_usage_tag')
                 if not settings.get('metadata.write_usage'):
                     return
                 def get_update_age(dest_file):
                     now = datetime.datetime.utcnow()
                     with open(dest_file, 'rb') as f:
                         data = ext_json.json.loads(f.read())
                         if 'created_on' in data:
                             update_date = parse(data['created_on'])
                             diff = now - update_date
                             return math.ceil(diff.total_seconds() / 60.0)
                     return 0
                 utc_date = datetime.datetime.utcnow()
                 hour_quarter = int(math.ceil((utc_date.hour + utc_date.minute/60.0) / 6.))
                 fname = '.rc_usage_{date.year}{date.month:02d}{date.day:02d}_{hour}.json'.format(
                     date=utc_date, hour=hour_quarter)
                 ini_loc = os.path.dirname(rhodecode.CONFIG.get('__file__'))
                 usage_dir = os.path.join(ini_loc, '.rcusage')
                 if not os.path.isdir(usage_dir):
                     os.makedirs(usage_dir)
                 usage_metadata_destination = os.path.join(usage_dir, fname)
                 try:
                     age_in_min = get_update_age(usage_metadata_destination)
                 except Exception:
                     age_in_min = 0
                 # write every 6th hour
                 if age_in_min and age_in_min < 60 * 6:
                     log.debug('Usage file created %s minutes ago, skipping (threshold: %s minutes)...',
                               age_in_min, 60 * 6)
                     return
                 def write(dest_file):
                     configuration = system_info.SysInfo(system_info.rhodecode_config)()['value']
                     license_token = configuration['config']['license_token']
                     metadata = dict(
                         desc='Usage data',
                         instance_tag=instance_tag,
                         license_token=license_token,
                         created_on=datetime.datetime.utcnow().isoformat(),
                         usage=system_info.SysInfo(system_info.usage_info)()['value'],
                     )
                     with open(dest_file, 'wb') as f:
                         f.write(ext_json.formatted_json(metadata))
                 try:
                     log.debug('Writing usage file at: %s', usage_metadata_destination)
                     write(usage_metadata_destination)
                 except Exception:
                     pass
             def write_js_routes_if_enabled(event):
                 registry = event.app.registry
                 mapper = registry.queryUtility(IRoutesMapper)
                 _argument_prog = re.compile(r'\{(.*?)\}|:\((.*)\)')
                 def _extract_route_information(route):
                     """
                     Convert a route into tuple(name, path, args), eg:
                         ('show_user', '/profile/%(username)s', ['username'])
                     """
                     route_path = route.pattern
                     pattern = route.pattern
                     def replace(matchobj):
                         if matchobj.group(1):
                             return "%%(%s)s" % matchobj.group(1).split(':')[0]
                         else:
                             return "%%(%s)s" % matchobj.group(2)
                     route_path = _argument_prog.sub(replace, route_path)
                     if not route_path.startswith('/'):
                         route_path = f'/{route_path}'
                     return (
                         route.name,
                         route_path,
                         [(arg[0].split(':')[0] if arg[0] != '' else arg[1])
                          for arg in _argument_prog.findall(pattern)]
                     )
                 def get_routes():
                     # pyramid routes
                     for route in mapper.get_routes():
                         if not route.name.startswith('__'):
                             yield _extract_route_information(route)
                 if asbool(registry.settings.get('generate_js_files', 'false')):
                     static_path = AssetResolver().resolve('rhodecode:public').abspath()
                     jsroutes = get_routes()
                     jsroutes_file_content = generate_jsroutes_content(jsroutes)
                     jsroutes_file_path = os.path.join(
                         static_path, 'js', 'rhodecode', 'routes.js')
                     try:
                         with open(jsroutes_file_path, 'w', encoding='utf-8') as f:
                             f.write(jsroutes_file_content)
                         log.debug('generated JS files in %s', jsroutes_file_path)
                     except Exception:
                         log.exception('Failed to write routes.js into %s', jsroutes_file_path)
             class Subscriber(object):
                 """
                 Base class for subscribers to the pyramid event system.
                 """
                 def __call__(self, event):
                     self.run(event)
                 def run(self, event):
                     raise NotImplementedError('Subclass has to implement this.')
             class AsyncSubscriber(Subscriber):
                 """
                 Subscriber that handles the execution of events in a separate task to not
                 block the execution of the code which triggers the event. It puts the
                 received events into a queue from which the worker process takes them in
                 order.
                 """
                 def __init__(self):
                     self._stop = False
                     self._eventq = queue.Queue()
                     self._worker = self.create_worker()
                     self._worker.start()
                 def __call__(self, event):
                     self._eventq.put(event)
                 def create_worker(self):
                     worker = Thread(target=self.do_work)
                     worker.daemon = True
                     return worker
                 def stop_worker(self):
                     self._stop = False
                     self._eventq.put(None)
                     self._worker.join()
                 def do_work(self):
                     while not self._stop:
                         event = self._eventq.get()
                         if event is not None:
                             self.run(event)
             class AsyncSubprocessSubscriber(AsyncSubscriber):
                 """
                 Subscriber that uses the subprocess module to execute a command if an
                 event is received. Events are handled asynchronously::
                     subscriber = AsyncSubprocessSubscriber('ls -la', timeout=10)
                     subscriber(dummyEvent) # running __call__(event)
                 """
                 def __init__(self, cmd, timeout=None):
                     if not isinstance(cmd, (list, tuple)):
                         cmd = shlex.split(cmd)
                     super().__init__()
                     self._cmd = cmd
                     self._timeout = timeout
                 def run(self, event):
                     cmd = self._cmd
                     timeout = self._timeout
                     log.debug('Executing command %s.', cmd)
                     try:
                         output = subprocess.check_output(
                             cmd, timeout=timeout, stderr=subprocess.STDOUT)
                         log.debug('Command finished %s', cmd)
                         if output:
                             log.debug('Command output: %s', output)
                     except subprocess.TimeoutExpired as e:
                         log.exception('Timeout while executing command.')
                         if e.output:
                             log.error('Command output: %s', e.output)
                     except subprocess.CalledProcessError as e:
                         log.exception('Error while executing command.')
                         if e.output:
                             log.error('Command output: %s', e.output)
                     except Exception:
                         log.exception(
                             'Exception while executing command %s.', cmd)

rhodecode/templates/admin/settings/settings_vcs.mako

0 +1 -2

             <%namespace name="vcss" file="/base/vcs_settings.mako"/>
             ${h.secure_form(h.route_path('admin_settings_vcs_update'), request=request)}
                 <div>
                     ${vcss.vcs_settings_fields(
                         suffix='',
                         svn_tag_patterns=c.svn_tag_patterns,
                         svn_branch_patterns=c.svn_branch_patterns,
-                        display_globals=True,
+                        display_globals=True
-                        allow_repo_location_change=c.visual.allow_repo_location_change
                     )}
                     <div class="buttons">
                         ${h.submit('save',_('Save settings'),class_="btn")}
                         ${h.reset('reset',_('Reset'),class_="btn")}
                    </div>
                 </div>
             ${h.end_form()}
             <script type="text/javascript">
                 function ajaxDeletePattern(pattern_id, field_id) {
                     var sUrl = "${h.route_path('admin_settings_vcs_svn_pattern_delete')}";
                     var callback =  function (o) {
                         var elem = $("#"+field_id);
                         elem.remove();
                     };
                     var postData = {
                         'delete_svn_pattern': pattern_id,
                         'csrf_token': CSRF_TOKEN
                     };
                     var request = $.post(sUrl, postData)
                             .done(callback)
                             .fail(function (data, textStatus, errorThrown) {
                                 alert("Error while deleting hooks.\nError code {0} ({1}). URL: {2}".format(data.status,data.statusText,$(this)[0].url));
                         });
                 };
                 $(document).ready(function() {
                     var unlockpath = function() {
                         $('#path_unlock_icon').removeClass('icon-lock').addClass('icon-unlock');
                         $('#paths_root_path').removeAttr('readonly').removeClass('disabled');
                     };
                     $('#path_unlock').on('click', function(e) {
                         unlockpath();
                     });
                     if ($('.locked_input').children().hasClass('error-message')) {
                         unlockpath();
                     }
                     /* On click handler for the `Generate Apache Config` button. It sends a
                     POST request to trigger the (re)generation of the mod_dav_svn config. */
                     $('#vcs_svn_generate_cfg').on('click', function(event) {
                         event.preventDefault();
                         var url = "${h.route_path('admin_settings_vcs_svn_generate_cfg')}";
                         var jqxhr = $.post(url, {'csrf_token': CSRF_TOKEN});
                         jqxhr.done(function(data) {
                             $.Topic('/notifications').publish(data);
                         });
                     });
                 });
             </script>

rhodecode/templates/base/vcs_settings.mako

0 +1 -29

             ## snippet for displaying vcs settings
             ## usage:
             ##    <%namespace name="vcss" file="/base/vcssettings.mako"/>
             ##    ${vcss.vcs_settings_fields()}
-            <%def name="vcs_settings_fields(suffix='', svn_branch_patterns=None, svn_tag_patterns=None, repo_type=None, display_globals=False, allow_repo_location_change=False, **kwargs)">
+            <%def name="vcs_settings_fields(suffix='', svn_branch_patterns=None, svn_tag_patterns=None, repo_type=None, display_globals=False, **kwargs)">
                 % if display_globals:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="general">
                             <h3 class="panel-title">${_('General')}<a class="permalink" href="#general"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             <div class="field">
                                 <div class="checkbox">
                                     ${h.checkbox('web_push_ssl' + suffix, 'True')}
                                     <label for="web_push_ssl${suffix}">${_('Require SSL for vcs operations')}</label>
                                 </div>
                                 <div class="label">
                                     <span class="help-block">${_('Activate to set RhodeCode to require SSL for pushing or pulling. If SSL certificate is missing it will return a HTTP Error 406: Not Acceptable.')}</span>
                                 </div>
                              </div>
                         </div>
                     </div>
                 % endif
-                % if display_globals:
-                    <div class="panel panel-default">
-                        <div class="panel-heading" id="vcs-storage-options">
-                            <h3 class="panel-title">${_('Main Storage Location')}<a class="permalink" href="#vcs-storage-options"> ¶</a></h3>
-                        </div>
-                        <div class="panel-body">
-                            <div class="field">
-                                <div class="inputx locked_input">
-                                    %if allow_repo_location_change:
-                                        ${h.text('paths_root_path',size=59,readonly="readonly", class_="disabled")}
-                                        <span id="path_unlock" class="tooltip"
-                                                title="${h.tooltip(_('Click to unlock. You must restart RhodeCode in order to make this setting take effect.'))}">
-                                            <div class="btn btn-default lock_input_button"><i id="path_unlock_icon" class="icon-lock"></i></div>
-                                        </span>
-                                    %else:
-                                        ${_('Repository location change is disabled. You can enable this by changing the `allow_repo_location_change` inside .ini file.')}
-                                        ## form still requires this but we cannot internally change it anyway
-                                        ${h.hidden('paths_root_path',size=30,readonly="readonly", class_="disabled")}
-                                    %endif
-                                </div>
-                            </div>
-                            <div class="label">
-                                <span class="help-block">${_('Filesystem location where repositories should be stored. After changing this value a restart and rescan of the repository folder are required.')}</span>
-                            </div>
-                        </div>
-                    </div>
-                % endif
                 % if display_globals or repo_type in ['git', 'hg']:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-hooks-options">
                             <h3 class="panel-title">${_('Internal Hooks')}<a class="permalink" href="#vcs-hooks-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             <div class="field">
                                 <div class="checkbox">
                                     ${h.checkbox('hooks_changegroup_repo_size' + suffix, 'True', **kwargs)}
                                     <label for="hooks_changegroup_repo_size${suffix}">${_('Show repository size after push')}</label>
                                 </div>
                                 <div class="label">
                                     <span class="help-block">${_('Trigger a hook that calculates repository size after each push.')}</span>
                                 </div>
                                 <div class="checkbox">
                                     ${h.checkbox('hooks_changegroup_push_logger' + suffix, 'True', **kwargs)}
                                     <label for="hooks_changegroup_push_logger${suffix}">${_('Execute pre/post push hooks')}</label>
                                 </div>
                                 <div class="label">
                                     <span class="help-block">${_('Execute Built in pre/post push hooks. This also executes rcextensions hooks.')}</span>
                                 </div>
                                 <div class="checkbox">
                                     ${h.checkbox('hooks_outgoing_pull_logger' + suffix, 'True', **kwargs)}
                                     <label for="hooks_outgoing_pull_logger${suffix}">${_('Execute pre/post pull hooks')}</label>
                                 </div>
                                 <div class="label">
                                     <span class="help-block">${_('Execute Built in pre/post pull hooks. This also executes rcextensions hooks.')}</span>
                                 </div>
                             </div>
                         </div>
                     </div>
                 % endif
                 % if display_globals or repo_type in ['hg']:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-hg-options">
                             <h3 class="panel-title">${_('Mercurial Settings')}<a class="permalink" href="#vcs-hg-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             <div class="checkbox">
                                 ${h.checkbox('extensions_largefiles' + suffix, 'True', **kwargs)}
                                 <label for="extensions_largefiles${suffix}">${_('Enable largefiles extension')}</label>
                             </div>
                             <div class="label">
                                 % if display_globals:
                                     <span class="help-block">${_('Enable Largefiles extensions for all repositories.')}</span>
                                 % else:
                                     <span class="help-block">${_('Enable Largefiles extensions for this repository.')}</span>
                                 % endif
                             </div>
                             % if display_globals:
                             <div class="field">
                                 <div class="input">
                                     ${h.text('largefiles_usercache' + suffix, size=59)}
                                 </div>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('Filesystem location where Mercurial largefile objects should be stored.')}</span>
                             </div>
                             % endif
                             <div class="checkbox">
                                 ${h.checkbox('phases_publish' + suffix, 'True', **kwargs)}
                                 <label for="phases_publish${suffix}">${_('Set repositories as publishing') if display_globals else _('Set repository as publishing')}</label>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('When this is enabled all commits in the repository are seen as public commits by clients.')}</span>
                             </div>
                             <div class="checkbox">
                                 ${h.checkbox('extensions_evolve' + suffix, 'True', **kwargs)}
                                 <label for="extensions_evolve${suffix}">${_('Enable Evolve and Topic extension')}</label>
                             </div>
                             <div class="label">
                                 % if display_globals:
                                     <span class="help-block">${_('Enable Evolve and Topic extensions for all repositories.')}</span>
                                 % else:
                                     <span class="help-block">${_('Enable Evolve and Topic extensions for this repository.')}</span>
                                 % endif
                             </div>
                         </div>
                     </div>
                 % endif
                 % if display_globals or repo_type in ['git']:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-git-options">
                             <h3 class="panel-title">${_('Git Settings')}<a class="permalink" href="#vcs-git-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             <div class="checkbox">
                                 ${h.checkbox('vcs_git_lfs_enabled' + suffix, 'True', **kwargs)}
                                 <label for="vcs_git_lfs_enabled${suffix}">${_('Enable lfs extension')}</label>
                             </div>
                             <div class="label">
                                 % if display_globals:
                                     <span class="help-block">${_('Enable lfs extensions for all repositories.')}</span>
                                 % else:
                                     <span class="help-block">${_('Enable lfs extensions for this repository.')}</span>
                                 % endif
                             </div>
                             % if display_globals:
                             <div class="field">
                                 <div class="input">
                                     ${h.text('vcs_git_lfs_store_location' + suffix, size=59)}
                                 </div>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('Filesystem location where Git lfs objects should be stored.')}</span>
                             </div>
                             % endif
                         </div>
                     </div>
                 % endif
                 % if display_globals or repo_type in ['svn']:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-svn-options">
                             <h3 class="panel-title">${_('Subversion Settings')}<a class="permalink" href="#vcs-svn-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             <div class="field">
                                 <div class="content" >
                                     <label>${_('Repository patterns')}</label><br/>
                                 </div>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('Patterns for identifying SVN branches and tags. For recursive search, use "*". Eg.: "/branches/*"')}</span>
                             </div>
                             <div class="field branch_patterns">
                                 <div class="input" >
                                     <label>${_('Branches')}:</label><br/>
                                 </div>
                                 % if svn_branch_patterns:
                                     % for branch in svn_branch_patterns:
                                     <div class="input adjacent"   id="${'id%s' % branch.ui_id}">
                                         ${h.hidden('branch_ui_key' + suffix, branch.ui_key)}
                                         ${h.text('branch_value_%d' % branch.ui_id + suffix, branch.ui_value, size=59, readonly="readonly", class_='disabled')}
                                         % if kwargs.get('disabled') != 'disabled':
                                             <span class="btn btn-x" onclick="ajaxDeletePattern(${branch.ui_id},'${'id%s' % branch.ui_id}')">
                                                 ${_('Delete')}
                                             </span>
                                         % endif
                                     </div>
                                     % endfor
                                 %endif
                             </div>
                             % if kwargs.get('disabled') != 'disabled':
                                 <div class="field branch_patterns">
                                     <div class="input" >
                                         ${h.text('new_svn_branch',size=59,placeholder='New branch pattern')}
                                     </div>
                                 </div>
                             % endif
                             <div class="field tag_patterns">
                                 <div class="input" >
                                     <label>${_('Tags')}:</label><br/>
                                 </div>
                                 % if svn_tag_patterns:
                                     % for tag in svn_tag_patterns:
                                     <div class="input"  id="${'id%s' % tag.ui_id + suffix}">
                                         ${h.hidden('tag_ui_key' + suffix, tag.ui_key)}
                                         ${h.text('tag_ui_value_new_%d' % tag.ui_id + suffix, tag.ui_value, size=59, readonly="readonly", class_='disabled tag_input')}
                                         % if kwargs.get('disabled') != 'disabled':
                                             <span class="btn btn-x" onclick="ajaxDeletePattern(${tag.ui_id},'${'id%s' % tag.ui_id}')">
                                                 ${_('Delete')}
                                             </span>
                                         %endif
                                     </div>
                                     % endfor
                                 % endif
                             </div>
                             % if kwargs.get('disabled') != 'disabled':
                                 <div class="field tag_patterns">
                                     <div class="input" >
                                         ${h.text('new_svn_tag' + suffix, size=59, placeholder='New tag pattern')}
                                     </div>
                                 </div>
                             %endif
                         </div>
                     </div>
                 % else:
                     ${h.hidden('new_svn_branch' + suffix, '')}
                     ${h.hidden('new_svn_tag' + suffix, '')}
                 % endif
                 % if display_globals or repo_type in ['hg', 'git']:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-pull-requests-options">
                             <h3 class="panel-title">${_('Pull Request Settings')}<a class="permalink" href="#vcs-pull-requests-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             <div class="checkbox">
                                 ${h.checkbox('rhodecode_pr_merge_enabled' + suffix, 'True', **kwargs)}
                                 <label for="rhodecode_pr_merge_enabled${suffix}">${_('Enable server-side merge for pull requests')}</label>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('Note: when this feature is enabled, it only runs hooks defined in the rcextension package. Custom hooks added on the Admin -> Settings -> Hooks page will not be run when pull requests are automatically merged from the web interface.')}</span>
                             </div>
                             <div class="checkbox">
                                 ${h.checkbox('rhodecode_use_outdated_comments' + suffix, 'True', **kwargs)}
                                 <label for="rhodecode_use_outdated_comments${suffix}">${_('Invalidate and relocate inline comments during update')}</label>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('During the update of a pull request, the position of inline comments will be updated and outdated inline comments will be hidden.')}</span>
                             </div>
                         </div>
                     </div>
                 % endif
                 % if display_globals or repo_type in ['hg', 'git', 'svn']:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-pull-requests-options">
                             <h3 class="panel-title">${_('Diff cache')}<a class="permalink" href="#vcs-pull-requests-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             <div class="checkbox">
                                 ${h.checkbox('rhodecode_diff_cache' + suffix, 'True', **kwargs)}
                                 <label for="rhodecode_diff_cache${suffix}">${_('Enable caching diffs for pull requests cache and commits')}</label>
                             </div>
                         </div>
                     </div>
                 % endif
                 % if display_globals or repo_type in ['hg',]:
                     <div class="panel panel-default">
                         <div class="panel-heading" id="vcs-pull-requests-options">
                             <h3 class="panel-title">${_('Mercurial Pull Request Settings')}<a class="permalink" href="#vcs-hg-pull-requests-options"> ¶</a></h3>
                         </div>
                         <div class="panel-body">
                             ## Specific HG settings
                             <div class="checkbox">
                                 ${h.checkbox('rhodecode_hg_use_rebase_for_merging' + suffix, 'True', **kwargs)}
                                 <label for="rhodecode_hg_use_rebase_for_merging${suffix}">${_('Use rebase as merge strategy')}</label>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('Use rebase instead of creating a merge commit when merging via web interface.')}</span>
                             </div>
                             <div class="checkbox">
                                 ${h.checkbox('rhodecode_hg_close_branch_before_merging' + suffix, 'True', **kwargs)}
                                 <label for="rhodecode_hg_close_branch_before_merging{suffix}">${_('Close branch before merging it')}</label>
                             </div>
                             <div class="label">
                                 <span class="help-block">${_('Close branch before merging it into destination branch. No effect when rebase strategy is use.')}</span>
                             </div>
                         </div>
                     </div>
                 % endif
             ## DISABLED FOR GIT FOR NOW as the rebase/close is not supported yet
             ##     % if display_globals or repo_type in ['git']:
             ##         <div class="panel panel-default">
             ##             <div class="panel-heading" id="vcs-pull-requests-options">
             ##                 <h3 class="panel-title">${_('Git Pull Request Settings')}<a class="permalink" href="#vcs-git-pull-requests-options"> ¶</a></h3>
             ##             </div>
             ##             <div class="panel-body">
             ##                 <div class="checkbox">
             ##                     ${h.checkbox('rhodecode_git_use_rebase_for_merging' + suffix, 'True', **kwargs)}
             ##                     <label for="rhodecode_git_use_rebase_for_merging${suffix}">${_('Use rebase as merge strategy')}</label>
             ##                 </div>
             ##                 <div class="label">
             ##                     <span class="help-block">${_('Use rebase instead of creating a merge commit when merging via web interface.')}</span>
             ##                 </div>
             ##
             ##                 <div class="checkbox">
             ##                     ${h.checkbox('rhodecode_git_close_branch_before_merging' + suffix, 'True', **kwargs)}
             ##                     <label for="rhodecode_git_close_branch_before_merging{suffix}">${_('Delete branch after merging it')}</label>
             ##                 </div>
             ##                 <div class="label">
             ##                     <span class="help-block">${_('Delete branch after merging it into destination branch. No effect when rebase strategy is use.')}</span>
             ##                 </div>
             ##             </div>
             ##         </div>
             ##     % endif
             </%def>

rhodecode/tests/__init__.py

0 +4 -2

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import time
             import logging
             import datetime
             import tempfile
             from os.path import join as jn
             import urllib.parse
             import pytest
+            import rhodecode
             from rhodecode.model.db import User
             from rhodecode.lib import auth
             from rhodecode.lib import helpers as h
             from rhodecode.lib.helpers import flash
             from rhodecode.lib.str_utils import safe_str
             from rhodecode.lib.hash_utils import sha1_safe
             log = logging.getLogger(__name__)
             __all__ = [
                 'get_new_dir', 'TestController',
                 'clear_cache_regions',
                 'assert_session_flash', 'login_user', 'no_newline_id_generator',
                 'TESTS_TMP_PATH', 'HG_REPO', 'GIT_REPO', 'SVN_REPO',
                 'NEW_HG_REPO', 'NEW_GIT_REPO',
                 'HG_FORK', 'GIT_FORK', 'TEST_USER_ADMIN_LOGIN', 'TEST_USER_ADMIN_PASS',
                 'TEST_USER_REGULAR_LOGIN', 'TEST_USER_REGULAR_PASS',
                 'TEST_USER_REGULAR_EMAIL', 'TEST_USER_REGULAR2_LOGIN',
                 'TEST_USER_REGULAR2_PASS', 'TEST_USER_REGULAR2_EMAIL', 'TEST_HG_REPO',
                 'TEST_HG_REPO_CLONE', 'TEST_HG_REPO_PULL', 'TEST_GIT_REPO',
                 'TEST_GIT_REPO_CLONE', 'TEST_GIT_REPO_PULL', 'SCM_TESTS',
             ]
             # SOME GLOBALS FOR TESTS
             TEST_DIR = tempfile.gettempdir()
-            TESTS_TMP_PATH = jn(TEST_DIR, 'rc_test_{}'.format(next(tempfile._RandomNameSequence())))
             TEST_USER_ADMIN_LOGIN = 'test_admin'
             TEST_USER_ADMIN_PASS = 'test12'
             TEST_USER_ADMIN_EMAIL = 'test_admin@mail.com'
             TEST_USER_REGULAR_LOGIN = 'test_regular'
             TEST_USER_REGULAR_PASS = 'test12'
             TEST_USER_REGULAR_EMAIL = 'test_regular@mail.com'
             TEST_USER_REGULAR2_LOGIN = 'test_regular2'
             TEST_USER_REGULAR2_PASS = 'test12'
             TEST_USER_REGULAR2_EMAIL = 'test_regular2@mail.com'
             HG_REPO = 'vcs_test_hg'
             GIT_REPO = 'vcs_test_git'
             SVN_REPO = 'vcs_test_svn'
             NEW_HG_REPO = 'vcs_test_hg_new'
             NEW_GIT_REPO = 'vcs_test_git_new'
             HG_FORK = 'vcs_test_hg_fork'
             GIT_FORK = 'vcs_test_git_fork'
             ## VCS
             SCM_TESTS = ['hg', 'git']
             uniq_suffix = str(int(time.mktime(datetime.datetime.now().timetuple())))
+            TESTS_TMP_PATH = tempfile.mkdtemp(prefix='rc_test_', dir=TEST_DIR)
             TEST_GIT_REPO = jn(TESTS_TMP_PATH, GIT_REPO)
             TEST_GIT_REPO_CLONE = jn(TESTS_TMP_PATH, f'vcsgitclone{uniq_suffix}')
             TEST_GIT_REPO_PULL = jn(TESTS_TMP_PATH, f'vcsgitpull{uniq_suffix}')
             TEST_HG_REPO = jn(TESTS_TMP_PATH, HG_REPO)
             TEST_HG_REPO_CLONE = jn(TESTS_TMP_PATH, f'vcshgclone{uniq_suffix}')
             TEST_HG_REPO_PULL = jn(TESTS_TMP_PATH, f'vcshgpull{uniq_suffix}')
             TEST_REPO_PREFIX = 'vcs-test'
             def clear_cache_regions(regions=None):
                 # dogpile
                 from rhodecode.lib.rc_cache import region_meta
                 for region_name, region in region_meta.dogpile_cache_regions.items():
                     if not regions or region_name in regions:
                         region.invalidate()
             def get_new_dir(title):
                 """
                 Returns always new directory path.
                 """
                 from rhodecode.tests.vcs.utils import get_normalized_path
                 name_parts = [TEST_REPO_PREFIX]
                 if title:
                     name_parts.append(title)
                 hex_str = sha1_safe(f'{os.getpid()} {time.time()}')
                 name_parts.append(hex_str)
                 name = '-'.join(name_parts)
-                path = os.path.join(TEST_DIR, name)
+                path = jn(TEST_DIR, name)
                 return get_normalized_path(path)
             def repo_id_generator(name):
                 numeric_hash = 0
                 for char in name:
                     numeric_hash += (ord(char))
                 return numeric_hash
             @pytest.mark.usefixtures('app', 'index_location')
             class TestController(object):
                 maxDiff = None
                 def log_user(self, username=TEST_USER_ADMIN_LOGIN,
                              password=TEST_USER_ADMIN_PASS):
                     self._logged_username = username
                     self._session = login_user_session(self.app, username, password)
                     self.csrf_token = auth.get_csrf_token(self._session)
                     return self._session['rhodecode_user']
                 def logout_user(self):
                     logout_user_session(self.app, auth.get_csrf_token(self._session))
                     self.csrf_token = None
                     self._logged_username = None
                     self._session = None
                 def _get_logged_user(self):
                     return User.get_by_username(self._logged_username)
             def login_user_session(
                     app, username=TEST_USER_ADMIN_LOGIN, password=TEST_USER_ADMIN_PASS):
                 response = app.post(
                     h.route_path('login'),
                     {'username': username, 'password': password})
                 if 'invalid user name' in response.text:
                     pytest.fail(f'could not login using {username} {password}')
                 assert response.status == '302 Found'
                 response = response.follow()
                 assert response.status == '200 OK'
                 session = response.get_session_from_response()
                 assert 'rhodecode_user' in session
                 rc_user = session['rhodecode_user']
                 assert rc_user.get('username') == username
                 assert rc_user.get('is_authenticated')
                 return session
             def logout_user_session(app, csrf_token):
                 app.post(h.route_path('logout'), {'csrf_token': csrf_token}, status=302)
             def login_user(app, username=TEST_USER_ADMIN_LOGIN,
                            password=TEST_USER_ADMIN_PASS):
                 return login_user_session(app, username, password)['rhodecode_user']
             def assert_session_flash(response, msg=None, category=None, no_=None):
                 """
                 Assert on a flash message in the current session.
                 :param response: Response from give calll, it will contain flash
                     messages or bound session with them.
                 :param msg: The expected message. Will be evaluated if a
                     :class:`LazyString` is passed in.
                 :param category: Optional. If passed, the message category will be
                     checked as well.
                 :param no_: Optional. If passed, the message will be checked to NOT
                     be in the flash session
                 """
                 if msg is None and no_ is None:
                     raise ValueError("Parameter msg or no_ is required.")
                 if msg and no_:
                     raise ValueError("Please specify either msg or no_, but not both")
                 session = response.get_session_from_response()
                 messages = flash.pop_messages(session=session)
                 msg = _eval_if_lazy(msg)
                 if no_:
                     error_msg = f'unable to detect no_ message `{no_}` in empty flash list'
                 else:
                     error_msg = f'unable to find message `{msg}` in empty flash list'
                 assert messages, error_msg
                 message = messages[0]
                 message_text = _eval_if_lazy(message.message) or ''
                 if no_:
                     if no_ in message_text:
                         msg = f'msg `{no_}` found in session flash.'
                         pytest.fail(safe_str(msg))
                 else:
                     if msg not in message_text:
                         fail_msg = f'msg `{msg}` not found in ' \
                                    f'session flash: got `{message_text}` (type:{type(message_text)}) instead'
                         pytest.fail(safe_str(fail_msg))
                     if category:
                         assert category == message.category
             def _eval_if_lazy(value):
                 return value.eval() if hasattr(value, 'eval') else value
             def no_newline_id_generator(test_name):
                 """
                 Generates a test name without spaces or newlines characters. Used for
                 nicer output of progress of test
                 """
                 test_name = safe_str(test_name)\
                     .replace('\n', '_N') \
                     .replace('\r', '_N') \
                     .replace('\t', '_T') \
                     .replace(' ', '_S')
                 return test_name or 'test-with-empty-name'

rhodecode/tests/fixture_mods/fixture_pyramid.py

0 +2 0

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import pytest
             from rhodecode.lib.config_utils import get_app_config
             from rhodecode.tests.fixture import TestINI
+            from rhodecode.tests import TESTS_TMP_PATH
             from rhodecode.tests.server_utils import RcVCSServer
             @pytest.fixture(scope='session')
             def vcsserver(request, vcsserver_port, vcsserver_factory):
                 """
                 Session scope VCSServer.
                 Tests which need the VCSServer have to rely on this fixture in order
                 to ensure it will be running.
                 For specific needs, the fixture vcsserver_factory can be used. It allows to
                 adjust the configuration file for the test run.
                 Command line args:
                 --without-vcsserver: Allows to switch this fixture off. You have to
                 manually start the server.
                 --vcsserver-port: Will expect the VCSServer to listen on this port.
                 """
                 if not request.config.getoption('with_vcsserver'):
                     return None
                 return vcsserver_factory(
                     request, vcsserver_port=vcsserver_port)
             @pytest.fixture(scope='session')
             def vcsserver_factory(tmpdir_factory):
                 """
                 Use this if you need a running vcsserver with a special configuration.
                 """
                 def factory(request, overrides=(), vcsserver_port=None,
                             log_file=None, workers='2'):
                     if vcsserver_port is None:
                         vcsserver_port = get_available_port()
                     overrides = list(overrides)
                     overrides.append({'server:main': {'port': vcsserver_port}})
                     option_name = 'vcsserver_config_http'
                     override_option_name = 'vcsserver_config_override'
                     config_file = get_config(
                         request.config, option_name=option_name,
                         override_option_name=override_option_name, overrides=overrides,
                         basetemp=tmpdir_factory.getbasetemp().strpath,
                         prefix='test_vcs_')
                     server = RcVCSServer(config_file, log_file, workers)
                     server.start()
                     @request.addfinalizer
                     def cleanup():
                         server.shutdown()
                     server.wait_until_ready()
                     return server
                 return factory
             def _use_log_level(config):
                 level = config.getoption('test_loglevel') or 'critical'
                 return level.upper()
             @pytest.fixture(scope='session')
             def ini_config(request, tmpdir_factory, rcserver_port, vcsserver_port):
                 option_name = 'pyramid_config'
                 log_level = _use_log_level(request.config)
                 overrides = [
                     {'server:main': {'port': rcserver_port}},
                     {'app:main': {
                         'cache_dir': '%(here)s/rc_data',
                         'vcs.server': f'localhost:{vcsserver_port}',
                         # johbo: We will always start the VCSServer on our own based on the
                         # fixtures of the test cases. For the test run it must always be
                         # off in the INI file.
                         'vcs.start_server': 'false',
                         'vcs.server.protocol': 'http',
                         'vcs.scm_app_implementation': 'http',
                         'vcs.svn.proxy.enabled': 'true',
                         'vcs.hooks.protocol': 'http',
                         'vcs.hooks.host': '*',
+                        'repo_store.path': TESTS_TMP_PATH,
                         'app.service_api.token': 'service_secret_token',
                     }},
                     {'handler_console': {
                         'class': 'StreamHandler',
                         'args': '(sys.stderr,)',
                         'level': log_level,
                     }},
                 ]
                 filename = get_config(
                     request.config, option_name=option_name,
                     override_option_name='{}_override'.format(option_name),
                     overrides=overrides,
                     basetemp=tmpdir_factory.getbasetemp().strpath,
                     prefix='test_rce_')
                 return filename
             @pytest.fixture(scope='session')
             def ini_settings(ini_config):
                 ini_path = ini_config
                 return get_app_config(ini_path)
             def get_available_port(min_port=40000, max_port=55555):
                 from rhodecode.lib.utils2 import get_available_port as _get_port
                 return _get_port(min_port, max_port)
             @pytest.fixture(scope='session')
             def rcserver_port(request):
                 port = get_available_port()
                 print(f'Using rhodecode port {port}')
                 return port
             @pytest.fixture(scope='session')
             def vcsserver_port(request):
                 port = request.config.getoption('--vcsserver-port')
                 if port is None:
                     port = get_available_port()
                     print(f'Using vcsserver port {port}')
                 return port
             @pytest.fixture(scope='session')
             def available_port_factory():
                 """
                 Returns a callable which returns free port numbers.
                 """
                 return get_available_port
             @pytest.fixture()
             def available_port(available_port_factory):
                 """
                 Gives you one free port for the current test.
                 Uses "available_port_factory" to retrieve the port.
                 """
                 return available_port_factory()
             @pytest.fixture(scope='session')
             def testini_factory(tmpdir_factory, ini_config):
                 """
                 Factory to create an INI file based on TestINI.
                 It will make sure to place the INI file in the correct directory.
                 """
                 basetemp = tmpdir_factory.getbasetemp().strpath
                 return TestIniFactory(basetemp, ini_config)
             class TestIniFactory(object):
                 def __init__(self, basetemp, template_ini):
                     self._basetemp = basetemp
                     self._template_ini = template_ini
                 def __call__(self, ini_params, new_file_prefix='test'):
                     ini_file = TestINI(
                         self._template_ini, ini_params=ini_params,
                         new_file_prefix=new_file_prefix, dir=self._basetemp)
                     result = ini_file.create()
                     return result
             def get_config(
                     config, option_name, override_option_name, overrides=None,
                     basetemp=None, prefix='test'):
                 """
                 Find a configuration file and apply overrides for the given `prefix`.
                 """
                 config_file = (
                     config.getoption(option_name) or config.getini(option_name))
                 if not config_file:
                     pytest.exit(
                         "Configuration error, could not extract {}.".format(option_name))
                 overrides = overrides or []
                 config_override = config.getoption(override_option_name)
                 if config_override:
                     overrides.append(config_override)
                 temp_ini_file = TestINI(
                     config_file, ini_params=overrides, new_file_prefix=prefix,
                     dir=basetemp)
                 return temp_ini_file.create()

rhodecode/tests/lib/middleware/test_simplesvn.py

0 +4 -4

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import io
             from base64 import b64encode
             import pytest
             from unittest.mock import patch, Mock, MagicMock
             from rhodecode.lib.middleware.simplesvn import SimpleSvn, SimpleSvnApp
-            from rhodecode.lib.utils import get_rhodecode_base_path
+            from rhodecode.lib.utils import get_rhodecode_repo_store_path
             from rhodecode.tests import SVN_REPO, TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS
             class TestSimpleSvn(object):
                 @pytest.fixture(autouse=True)
                 def simple_svn(self, baseapp, request_stub):
-                    base_path = get_rhodecode_base_path()
+                    base_path = get_rhodecode_repo_store_path()
                     self.app = SimpleSvn(
-                        config={'auth_ret_code': '', 'base_path': base_path},
+                        config={'auth_ret_code': '', 'repo_store.path': base_path},
                         registry=request_stub.registry)
                 def test_get_config(self):
                     extras = {'foo': 'FOO', 'bar': 'BAR'}
                     config = self.app._create_config(extras, repo_name='test-repo')
                     assert config == extras
                 @pytest.mark.parametrize(
                     'method', ['OPTIONS', 'PROPFIND', 'GET', 'REPORT'])
                 def test_get_action_returns_pull(self, method):
                     environment = {'REQUEST_METHOD': method}
                     action = self.app._get_action(environment)
                     assert action == 'pull'
                 @pytest.mark.parametrize(
                     'method', [
                         'MKACTIVITY', 'PROPPATCH', 'PUT', 'CHECKOUT', 'MKCOL', 'MOVE',
                         'COPY', 'DELETE', 'LOCK', 'UNLOCK', 'MERGE'
                     ])
                 def test_get_action_returns_push(self, method):
                     environment = {'REQUEST_METHOD': method}
                     action = self.app._get_action(environment)
                     assert action == 'push'
                 @pytest.mark.parametrize(
                     'path, expected_name', [
                         ('/hello-svn', 'hello-svn'),
                         ('/hello-svn/', 'hello-svn'),
                         ('/group/hello-svn/', 'group/hello-svn'),
                         ('/group/hello-svn/!svn/vcc/default', 'group/hello-svn'),
                     ])
                 def test_get_repository_name(self, path, expected_name):
                     environment = {'PATH_INFO': path}
                     name = self.app._get_repository_name(environment)
                     assert name == expected_name
                 def test_get_repository_name_subfolder(self, backend_svn):
                     repo = backend_svn.repo
                     environment = {
                         'PATH_INFO': '/{}/path/with/subfolders'.format(repo.repo_name)}
                     name = self.app._get_repository_name(environment)
                     assert name == repo.repo_name
                 def test_create_wsgi_app(self):
                     with patch.object(SimpleSvn, '_is_svn_enabled') as mock_method:
                         mock_method.return_value = False
                         with patch('rhodecode.lib.middleware.simplesvn.DisabledSimpleSvnApp') as (
                                 wsgi_app_mock):
                             config = Mock()
                             wsgi_app = self.app._create_wsgi_app(
                                 repo_path='', repo_name='', config=config)
                         wsgi_app_mock.assert_called_once_with(config)
                         assert wsgi_app == wsgi_app_mock()
                 def test_create_wsgi_app_when_enabled(self):
                     with patch.object(SimpleSvn, '_is_svn_enabled') as mock_method:
                         mock_method.return_value = True
                         with patch('rhodecode.lib.middleware.simplesvn.SimpleSvnApp') as (
                                 wsgi_app_mock):
                             config = Mock()
                             wsgi_app = self.app._create_wsgi_app(
                                 repo_path='', repo_name='', config=config)
                         wsgi_app_mock.assert_called_once_with(config)
                         assert wsgi_app == wsgi_app_mock()
             def basic_auth(username, password):
                 token = b64encode(f"{username}:{password}".encode('utf-8')).decode("ascii")
                 return f'Basic {token}'
             class TestSimpleSvnApp(object):
                 data = b'<xml></xml>'
                 path = SVN_REPO
                 wsgi_input = io.BytesIO(data)
                 environment = {
                     'HTTP_DAV': (
                         'http://subversion.tigris.org/xmlns/dav/svn/depth, '
                         'http://subversion.tigris.org/xmlns/dav/svn/mergeinfo'),
                     'HTTP_USER_AGENT': 'SVN/1.14.1 (x86_64-linux) serf/1.3.8',
                     'REQUEST_METHOD': 'OPTIONS',
                     'PATH_INFO': path,
                     'wsgi.input': wsgi_input,
                     'CONTENT_TYPE': 'text/xml',
                     'CONTENT_LENGTH': '130',
                     'Authorization': basic_auth(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS)
                 }
                 def setup_method(self, method):
                     # note(marcink): this is hostname from docker compose used for testing...
                     self.host = 'http://svn:8090'
-                    base_path = get_rhodecode_base_path()
+                    base_path = get_rhodecode_repo_store_path()
                     self.app = SimpleSvnApp(
                         config={'subversion_http_server_url': self.host,
                                 'base_path': base_path})
                 def test_get_request_headers_with_content_type(self):
                     expected_headers = {
                         'Dav': self.environment['HTTP_DAV'],
                         'User-Agent': self.environment['HTTP_USER_AGENT'],
                         'Content-Type': self.environment['CONTENT_TYPE'],
                         'Content-Length': self.environment['CONTENT_LENGTH'],
                         'Authorization': self.environment['Authorization']
                     }
                     headers = self.app._get_request_headers(self.environment)
                     assert headers == expected_headers
                 def test_get_request_headers_without_content_type(self):
                     environment = self.environment.copy()
                     environment.pop('CONTENT_TYPE')
                     expected_headers = {
                         'Dav': environment['HTTP_DAV'],
                         'Content-Length': self.environment['CONTENT_LENGTH'],
                         'User-Agent': environment['HTTP_USER_AGENT'],
                         'Authorization': self.environment['Authorization']
                     }
                     request_headers = self.app._get_request_headers(environment)
                     assert request_headers == expected_headers
                 def test_get_response_headers(self):
                     headers = {
                         'Connection': 'keep-alive',
                         'Keep-Alive': 'timeout=5, max=100',
                         'Transfer-Encoding': 'chunked',
                         'Content-Encoding': 'gzip',
                         'MS-Author-Via': 'DAV',
                         'SVN-Supported-Posts': 'create-txn-with-props'
                     }
                     expected_headers = [
                         ('MS-Author-Via', 'DAV'),
                         ('SVN-Supported-Posts', 'create-txn-with-props'),
                     ]
                     response_headers = self.app._get_response_headers(headers)
                     assert sorted(response_headers) == sorted(expected_headers)
                 @pytest.mark.parametrize('svn_http_url, path_info, expected_url', [
                     ('http://localhost:8200', '/repo_name', 'http://localhost:8200/repo_name'),
                     ('http://localhost:8200///', '/repo_name', 'http://localhost:8200/repo_name'),
                     ('http://localhost:8200', '/group/repo_name', 'http://localhost:8200/group/repo_name'),
                     ('http://localhost:8200/', '/group/repo_name', 'http://localhost:8200/group/repo_name'),
                     ('http://localhost:8200/prefix', '/repo_name', 'http://localhost:8200/prefix/repo_name'),
                     ('http://localhost:8200/prefix', 'repo_name', 'http://localhost:8200/prefix/repo_name'),
                     ('http://localhost:8200/prefix', '/group/repo_name', 'http://localhost:8200/prefix/group/repo_name')
                 ])
                 def test_get_url(self, svn_http_url, path_info, expected_url):
                     url = self.app._get_url(svn_http_url, path_info)
                     assert url == expected_url
                 def test_call(self):
                     start_response = Mock()
                     response_mock = Mock()
                     response_mock.headers = {
                         'Content-Encoding': 'gzip',
                         'MS-Author-Via': 'DAV',
                         'SVN-Supported-Posts': 'create-txn-with-props'
                     }
                     from rhodecode.lib.middleware.simplesvn import requests
                     original_request = requests.Session.request
                     with patch('rhodecode.lib.middleware.simplesvn.requests.Session.request', autospec=True) as request_mock:
                         # Use side_effect to call the original method
                         request_mock.side_effect = original_request
                         self.app(self.environment, start_response)
                     expected_url = f'{self.host.strip("/")}/{self.path}'
                     expected_request_headers = {
                         'Dav': self.environment['HTTP_DAV'],
                         'User-Agent': self.environment['HTTP_USER_AGENT'],
                         'Authorization': self.environment['Authorization'],
                         'Content-Type': self.environment['CONTENT_TYPE'],
                         'Content-Length': self.environment['CONTENT_LENGTH'],
                     }
                     # Check if the method was called
                     assert request_mock.called
                     assert request_mock.call_count == 1
                     # Extract the session instance from the first call
                     called_with_session = request_mock.call_args[0][0]
                     request_mock.assert_called_once_with(
                         called_with_session,
                         self.environment['REQUEST_METHOD'], expected_url,
                         data=self.data, headers=expected_request_headers, stream=False)
                     expected_response_headers = [
                         ('SVN-Supported-Posts', 'create-txn-with-props'),
                         ('MS-Author-Via', 'DAV'),
                     ]
                     # TODO: the svn doesn't have a repo for testing
                     #args, _ = start_response.call_args
                     #assert args[0] == '200 OK'
                     #assert sorted(args[1]) == sorted(expected_response_headers)

rhodecode/tests/models/settings/test_vcs_settings.py

0 0 -26

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import mock
             import pytest
             from rhodecode.lib.utils2 import str2bool
             from rhodecode.model.meta import Session
             from rhodecode.model.settings import VcsSettingsModel, UiSetting
             HOOKS_FORM_DATA = {
                 'hooks_changegroup_repo_size': True,
                 'hooks_changegroup_push_logger': True,
                 'hooks_outgoing_pull_logger': True
             }
             SVN_FORM_DATA = {
                 'new_svn_branch': 'test-branch',
                 'new_svn_tag': 'test-tag'
             }
             GENERAL_FORM_DATA = {
                 'rhodecode_pr_merge_enabled': True,
                 'rhodecode_use_outdated_comments': True,
                 'rhodecode_hg_use_rebase_for_merging': True,
                 'rhodecode_hg_close_branch_before_merging': True,
                 'rhodecode_git_use_rebase_for_merging': True,
                 'rhodecode_git_close_branch_before_merging': True,
                 'rhodecode_diff_cache': True,
             }
             class TestInheritGlobalSettingsProperty(object):
                 def test_get_raises_exception_when_repository_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.inherit_global_settings
                     assert str(exc_info.value) == 'Repository is not specified'
                 def test_true_is_returned_when_value_is_not_found(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     assert model.inherit_global_settings is True
                 def test_value_is_returned(self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     settings_util.create_repo_rhodecode_setting(
                         repo_stub, VcsSettingsModel.INHERIT_SETTINGS, False, 'bool')
                     assert model.inherit_global_settings is False
                 def test_value_is_set(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model.inherit_global_settings = False
                     setting = model.repo_settings.get_setting_by_name(
                         VcsSettingsModel.INHERIT_SETTINGS)
                     try:
                         assert setting.app_settings_type == 'bool'
                         assert setting.app_settings_value is False
                     finally:
                         Session().delete(setting)
                         Session().commit()
                 def test_set_raises_exception_when_repository_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.inherit_global_settings = False
                     assert str(exc_info.value) == 'Repository is not specified'
             class TestVcsSettingsModel(object):
                 def test_global_svn_branch_patterns(self):
                     model = VcsSettingsModel()
                     expected_result = {'test': 'test'}
                     with mock.patch.object(model, 'global_settings') as settings_mock:
                         get_settings = settings_mock.get_ui_by_section
                         get_settings.return_value = expected_result
                         settings_mock.return_value = expected_result
                         result = model.get_global_svn_branch_patterns()
                     get_settings.assert_called_once_with(model.SVN_BRANCH_SECTION)
                     assert expected_result == result
                 def test_repo_svn_branch_patterns(self):
                     model = VcsSettingsModel()
                     expected_result = {'test': 'test'}
                     with mock.patch.object(model, 'repo_settings') as settings_mock:
                         get_settings = settings_mock.get_ui_by_section
                         get_settings.return_value = expected_result
                         settings_mock.return_value = expected_result
                         result = model.get_repo_svn_branch_patterns()
                     get_settings.assert_called_once_with(model.SVN_BRANCH_SECTION)
                     assert expected_result == result
                 def test_repo_svn_branch_patterns_raises_exception_when_repo_is_not_set(
                         self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.get_repo_svn_branch_patterns()
                     assert str(exc_info.value) == 'Repository is not specified'
                 def test_global_svn_tag_patterns(self):
                     model = VcsSettingsModel()
                     expected_result = {'test': 'test'}
                     with mock.patch.object(model, 'global_settings') as settings_mock:
                         get_settings = settings_mock.get_ui_by_section
                         get_settings.return_value = expected_result
                         settings_mock.return_value = expected_result
                         result = model.get_global_svn_tag_patterns()
                     get_settings.assert_called_once_with(model.SVN_TAG_SECTION)
                     assert expected_result == result
                 def test_repo_svn_tag_patterns(self):
                     model = VcsSettingsModel()
                     expected_result = {'test': 'test'}
                     with mock.patch.object(model, 'repo_settings') as settings_mock:
                         get_settings = settings_mock.get_ui_by_section
                         get_settings.return_value = expected_result
                         settings_mock.return_value = expected_result
                         result = model.get_repo_svn_tag_patterns()
                     get_settings.assert_called_once_with(model.SVN_TAG_SECTION)
                     assert expected_result == result
                 def test_repo_svn_tag_patterns_raises_exception_when_repo_is_not_set(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.get_repo_svn_tag_patterns()
                     assert str(exc_info.value) == 'Repository is not specified'
                 def test_get_global_settings(self):
                     expected_result = {'test': 'test'}
                     model = VcsSettingsModel()
                     with mock.patch.object(model, '_collect_all_settings') as collect_mock:
                         collect_mock.return_value = expected_result
                         result = model.get_global_settings()
                     collect_mock.assert_called_once_with(global_=True)
                     assert result == expected_result
                 def test_get_repo_settings(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     expected_result = {'test': 'test'}
                     with mock.patch.object(model, '_collect_all_settings') as collect_mock:
                         collect_mock.return_value = expected_result
                         result = model.get_repo_settings()
                     collect_mock.assert_called_once_with(global_=False)
                     assert result == expected_result
                 @pytest.mark.parametrize('settings, global_', [
                     ('global_settings', True),
                     ('repo_settings', False)
                 ])
                 def test_collect_all_settings(self, settings, global_):
                     model = VcsSettingsModel()
                     result_mock = self._mock_result()
                     settings_patch = mock.patch.object(model, settings)
                     with settings_patch as settings_mock:
                         settings_mock.get_ui_by_section_and_key.return_value = result_mock
                         settings_mock.get_setting_by_name.return_value = result_mock
                         result = model._collect_all_settings(global_=global_)
                     ui_settings = model.HG_SETTINGS + model.GIT_SETTINGS + model.HOOKS_SETTINGS
                     self._assert_get_settings_calls(
                         settings_mock, ui_settings, model.GENERAL_SETTINGS)
                     self._assert_collect_all_settings_result(
                         ui_settings, model.GENERAL_SETTINGS, result)
                 @pytest.mark.parametrize('settings, global_', [
                     ('global_settings', True),
                     ('repo_settings', False)
                 ])
                 def test_collect_all_settings_without_empty_value(self, settings, global_):
                     model = VcsSettingsModel()
                     settings_patch = mock.patch.object(model, settings)
                     with settings_patch as settings_mock:
                         settings_mock.get_ui_by_section_and_key.return_value = None
                         settings_mock.get_setting_by_name.return_value = None
                         result = model._collect_all_settings(global_=global_)
                     assert result == {}
                 def _mock_result(self):
                     result_mock = mock.Mock()
                     result_mock.ui_value = 'ui_value'
                     result_mock.ui_active = True
                     result_mock.app_settings_value = 'setting_value'
                     return result_mock
                 def _assert_get_settings_calls(
                         self, settings_mock, ui_settings, general_settings):
                     assert (
                         settings_mock.get_ui_by_section_and_key.call_count ==
                         len(ui_settings))
                     assert (
                         settings_mock.get_setting_by_name.call_count ==
                         len(general_settings))
                     for section, key in ui_settings:
                         expected_call = mock.call(section, key)
                         assert (
                             expected_call in
                             settings_mock.get_ui_by_section_and_key.call_args_list)
                     for name in general_settings:
                         expected_call = mock.call(name)
                         assert (
                             expected_call in
                             settings_mock.get_setting_by_name.call_args_list)
                 def _assert_collect_all_settings_result(
                         self, ui_settings, general_settings, result):
                     expected_result = {}
                     for section, key in ui_settings:
                         key = '{}_{}'.format(section, key.replace('.', '_'))
                         if section in ('extensions', 'hooks'):
                             value = True
                         elif key in ['vcs_git_lfs_enabled']:
                             value = True
                         else:
                             value = 'ui_value'
                         expected_result[key] = value
                     for name in general_settings:
                         key = 'rhodecode_' + name
                         expected_result[key] = 'setting_value'
                     assert expected_result == result
             class TestCreateOrUpdateRepoHookSettings(object):
                 def test_create_when_no_repo_object_found(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     self._create_settings(model, HOOKS_FORM_DATA)
                     cleanup = []
                     try:
                         for section, key in model.HOOKS_SETTINGS:
                             ui = model.repo_settings.get_ui_by_section_and_key(
                                 section, key)
                             assert ui.ui_active is True
                             cleanup.append(ui)
                     finally:
                         for ui in cleanup:
                             Session().delete(ui)
                         Session().commit()
                 def test_create_raises_exception_when_data_incomplete(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     deleted_key = 'hooks_changegroup_repo_size'
                     data = HOOKS_FORM_DATA.copy()
                     data.pop(deleted_key)
                     with pytest.raises(ValueError) as exc_info:
                         model.create_or_update_repo_hook_settings(data)
                         Session().commit()
                     msg = 'The given data does not contain {} key'.format(deleted_key)
                     assert str(exc_info.value) == msg
                 def test_update_when_repo_object_found(self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     for section, key in model.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, None, key=key, active=False)
                     model.create_or_update_repo_hook_settings(HOOKS_FORM_DATA)
                     Session().commit()
                     for section, key in model.HOOKS_SETTINGS:
                         ui = model.repo_settings.get_ui_by_section_and_key(section, key)
                         assert ui.ui_active is True
                 def _create_settings(self, model, data):
                     global_patch = mock.patch.object(model, 'global_settings')
                     global_setting = mock.Mock()
                     global_setting.ui_value = 'Test value'
                     with global_patch as global_mock:
                         global_mock.get_ui_by_section_and_key.return_value = global_setting
                         model.create_or_update_repo_hook_settings(HOOKS_FORM_DATA)
                         Session().commit()
             class TestUpdateGlobalHookSettings(object):
                 def test_update_raises_exception_when_data_incomplete(self):
                     model = VcsSettingsModel()
                     deleted_key = 'hooks_changegroup_repo_size'
                     data = HOOKS_FORM_DATA.copy()
                     data.pop(deleted_key)
                     with pytest.raises(ValueError) as exc_info:
                         model.update_global_hook_settings(data)
                         Session().commit()
                     msg = 'The given data does not contain {} key'.format(deleted_key)
                     assert str(exc_info.value) == msg
                 def test_update_global_hook_settings(self, settings_util):
                     model = VcsSettingsModel()
                     setting_mock = mock.MagicMock()
                     setting_mock.ui_active = False
                     get_settings_patcher = mock.patch.object(
                         model.global_settings, 'get_ui_by_section_and_key',
                         return_value=setting_mock)
                     session_patcher = mock.patch('rhodecode.model.settings.Session')
                     with get_settings_patcher as get_settings_mock, session_patcher:
                         model.update_global_hook_settings(HOOKS_FORM_DATA)
                         Session().commit()
                     assert setting_mock.ui_active is True
                     assert get_settings_mock.call_count == 3
             class TestCreateOrUpdateRepoGeneralSettings(object):
                 def test_calls_create_or_update_general_settings(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     create_patch = mock.patch.object(
                         model, '_create_or_update_general_settings')
                     with create_patch as create_mock:
                         model.create_or_update_repo_pr_settings(GENERAL_FORM_DATA)
                         Session().commit()
                     create_mock.assert_called_once_with(
                         model.repo_settings, GENERAL_FORM_DATA)
                 def test_raises_exception_when_repository_is_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.create_or_update_repo_pr_settings(GENERAL_FORM_DATA)
                     assert str(exc_info.value) == 'Repository is not specified'
             class TestCreateOrUpdatGlobalGeneralSettings(object):
                 def test_calls_create_or_update_general_settings(self):
                     model = VcsSettingsModel()
                     create_patch = mock.patch.object(
                         model, '_create_or_update_general_settings')
                     with create_patch as create_mock:
                         model.create_or_update_global_pr_settings(GENERAL_FORM_DATA)
                     create_mock.assert_called_once_with(
                         model.global_settings, GENERAL_FORM_DATA)
             class TestCreateOrUpdateGeneralSettings(object):
                 def test_create_when_no_repo_settings_found(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model._create_or_update_general_settings(
                         model.repo_settings, GENERAL_FORM_DATA)
                     cleanup = []
                     try:
                         for name in model.GENERAL_SETTINGS:
                             setting = model.repo_settings.get_setting_by_name(name)
                             assert setting.app_settings_value is True
                             cleanup.append(setting)
                     finally:
                         for setting in cleanup:
                             Session().delete(setting)
                         Session().commit()
                 def test_create_raises_exception_when_data_incomplete(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     deleted_key = 'rhodecode_pr_merge_enabled'
                     data = GENERAL_FORM_DATA.copy()
                     data.pop(deleted_key)
                     with pytest.raises(ValueError) as exc_info:
                         model._create_or_update_general_settings(model.repo_settings, data)
                     Session().commit()
                     msg = 'The given data does not contain {} key'.format(deleted_key)
                     assert str(exc_info.value) == msg
                 def test_update_when_repo_setting_found(self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     for name in model.GENERAL_SETTINGS:
                         settings_util.create_repo_rhodecode_setting(
                             repo_stub, name, False, 'bool')
                     model._create_or_update_general_settings(
                         model.repo_settings, GENERAL_FORM_DATA)
                     Session().commit()
                     for name in model.GENERAL_SETTINGS:
                         setting = model.repo_settings.get_setting_by_name(name)
                         assert setting.app_settings_value is True
             class TestCreateRepoSvnSettings(object):
                 def test_calls_create_svn_settings(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     with mock.patch.object(model, '_create_svn_settings') as create_mock:
                         model.create_repo_svn_settings(SVN_FORM_DATA)
                         Session().commit()
                     create_mock.assert_called_once_with(model.repo_settings, SVN_FORM_DATA)
                 def test_raises_exception_when_repository_is_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.create_repo_svn_settings(SVN_FORM_DATA)
                         Session().commit()
                     assert str(exc_info.value) == 'Repository is not specified'
             class TestCreateSvnSettings(object):
                 def test_create(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model._create_svn_settings(model.repo_settings, SVN_FORM_DATA)
                     Session().commit()
                     branch_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_BRANCH_SECTION)
                     tag_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_TAG_SECTION)
                     try:
                         assert len(branch_ui) == 1
                         assert len(tag_ui) == 1
                     finally:
                         Session().delete(branch_ui[0])
                         Session().delete(tag_ui[0])
                         Session().commit()
                 def test_create_tag(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     data = SVN_FORM_DATA.copy()
                     data.pop('new_svn_branch')
                     model._create_svn_settings(model.repo_settings, data)
                     Session().commit()
                     branch_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_BRANCH_SECTION)
                     tag_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_TAG_SECTION)
                     try:
                         assert len(branch_ui) == 0
                         assert len(tag_ui) == 1
                     finally:
                         Session().delete(tag_ui[0])
                         Session().commit()
                 def test_create_nothing_when_no_svn_settings_specified(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model._create_svn_settings(model.repo_settings, {})
                     Session().commit()
                     branch_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_BRANCH_SECTION)
                     tag_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_TAG_SECTION)
                     assert len(branch_ui) == 0
                     assert len(tag_ui) == 0
                 def test_create_nothing_when_empty_settings_specified(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     data = {
                         'new_svn_branch': '',
                         'new_svn_tag': ''
                     }
                     model._create_svn_settings(model.repo_settings, data)
                     Session().commit()
                     branch_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_BRANCH_SECTION)
                     tag_ui = model.repo_settings.get_ui_by_section(
                         model.SVN_TAG_SECTION)
                     assert len(branch_ui) == 0
                     assert len(tag_ui) == 0
             class TestCreateOrUpdateUi(object):
                 def test_create(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model._create_or_update_ui(
                         model.repo_settings, 'test-section', 'test-key', active=False,
                         value='False')
                     Session().commit()
                     created_ui = model.repo_settings.get_ui_by_section_and_key(
                         'test-section', 'test-key')
                     try:
                         assert created_ui.ui_active is False
                         assert str2bool(created_ui.ui_value) is False
                     finally:
                         Session().delete(created_ui)
                         Session().commit()
                 def test_update(self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     # care about only 3 first settings
                     largefiles, phases, evolve = model.HG_SETTINGS[:3]
                     section = 'test-section'
                     key = 'test-key'
                     settings_util.create_repo_rhodecode_ui(
                         repo_stub, section, 'True', key=key, active=True)
                     model._create_or_update_ui(
                         model.repo_settings, section, key, active=False, value='False')
                     Session().commit()
                     created_ui = model.repo_settings.get_ui_by_section_and_key(
                         section, key)
                     assert created_ui.ui_active is False
                     assert str2bool(created_ui.ui_value) is False
             class TestCreateOrUpdateRepoHgSettings(object):
                 FORM_DATA = {
                     'extensions_largefiles': False,
                     'extensions_evolve': False,
                     'phases_publish': False
                 }
                 def test_creates_repo_hg_settings_when_data_is_correct(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     with mock.patch.object(model, '_create_or_update_ui') as create_mock:
                         model.create_or_update_repo_hg_settings(self.FORM_DATA)
                     expected_calls = [
                         mock.call(model.repo_settings, 'extensions', 'largefiles', active=False, value=''),
                         mock.call(model.repo_settings, 'extensions', 'evolve', active=False, value=''),
                         mock.call(model.repo_settings, 'experimental', 'evolution', active=False, value=''),
                         mock.call(model.repo_settings, 'experimental', 'evolution.exchange', active=False, value='no'),
                         mock.call(model.repo_settings, 'extensions', 'topic', active=False, value=''),
                         mock.call(model.repo_settings, 'phases', 'publish', value='False'),
                     ]
                     assert expected_calls == create_mock.call_args_list
                 @pytest.mark.parametrize('field_to_remove', FORM_DATA.keys())
                 def test_key_is_not_found(self, repo_stub, field_to_remove):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     data = self.FORM_DATA.copy()
                     data.pop(field_to_remove)
                     with pytest.raises(ValueError) as exc_info:
                         model.create_or_update_repo_hg_settings(data)
                         Session().commit()
                     expected_message = 'The given data does not contain {} key'.format(
                         field_to_remove)
                     assert str(exc_info.value) == expected_message
                 def test_create_raises_exception_when_repository_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.create_or_update_repo_hg_settings(self.FORM_DATA)
                         Session().commit()
                     assert str(exc_info.value) == 'Repository is not specified'
             class TestUpdateGlobalSslSetting(object):
                 def test_updates_global_hg_settings(self):
                     model = VcsSettingsModel()
                     with mock.patch.object(model, '_create_or_update_ui') as create_mock:
                         model.update_global_ssl_setting('False')
                         Session().commit()
                     create_mock.assert_called_once_with(
                         model.global_settings, 'web', 'push_ssl', value='False')
-            class TestUpdateGlobalPathSetting(object):
-                def test_updates_global_path_settings(self):
-                    model = VcsSettingsModel()
-                    with mock.patch.object(model, '_create_or_update_ui') as create_mock:
-                        model.update_global_path_setting('False')
-                        Session().commit()
-                    create_mock.assert_called_once_with(
-                        model.global_settings, 'paths', '/', value='False')
             class TestCreateOrUpdateGlobalHgSettings(object):
                 FORM_DATA = {
                     'extensions_largefiles': False,
                     'largefiles_usercache': '/example/largefiles-store',
                     'phases_publish': False,
                     'extensions_evolve': False
                 }
                 def test_creates_repo_hg_settings_when_data_is_correct(self):
                     model = VcsSettingsModel()
                     with mock.patch.object(model, '_create_or_update_ui') as create_mock:
                         model.create_or_update_global_hg_settings(self.FORM_DATA)
                         Session().commit()
                     expected_calls = [
                         mock.call(model.global_settings, 'extensions', 'largefiles', active=False, value=''),
                         mock.call(model.global_settings, 'largefiles', 'usercache', value='/example/largefiles-store'),
                         mock.call(model.global_settings, 'phases', 'publish', value='False'),
                         mock.call(model.global_settings, 'extensions', 'evolve', active=False, value=''),
                         mock.call(model.global_settings, 'experimental', 'evolution', active=False, value=''),
                         mock.call(model.global_settings, 'experimental', 'evolution.exchange', active=False, value='no'),
                         mock.call(model.global_settings, 'extensions', 'topic', active=False, value=''),
                     ]
                     assert expected_calls == create_mock.call_args_list
                 @pytest.mark.parametrize('field_to_remove', FORM_DATA.keys())
                 def test_key_is_not_found(self, repo_stub, field_to_remove):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     data = self.FORM_DATA.copy()
                     data.pop(field_to_remove)
                     with pytest.raises(Exception) as exc_info:
                         model.create_or_update_global_hg_settings(data)
                         Session().commit()
                     expected_message = 'The given data does not contain {} key'.format(
                         field_to_remove)
                     assert str(exc_info.value) == expected_message
             class TestCreateOrUpdateGlobalGitSettings(object):
                 FORM_DATA = {
                     'vcs_git_lfs_enabled': False,
                     'vcs_git_lfs_store_location': '/example/lfs-store',
                 }
                 def test_creates_repo_hg_settings_when_data_is_correct(self):
                     model = VcsSettingsModel()
                     with mock.patch.object(model, '_create_or_update_ui') as create_mock:
                         model.create_or_update_global_git_settings(self.FORM_DATA)
                         Session().commit()
                     expected_calls = [
                         mock.call(model.global_settings, 'vcs_git_lfs', 'enabled', active=False, value=False),
                         mock.call(model.global_settings, 'vcs_git_lfs', 'store_location', value='/example/lfs-store'),
                     ]
                     assert expected_calls == create_mock.call_args_list
             class TestDeleteRepoSvnPattern(object):
                 def test_success_when_repo_is_set(self, backend_svn, settings_util):
                     repo = backend_svn.create_repo()
                     repo_name = repo.repo_name
                     model = VcsSettingsModel(repo=repo_name)
                     entry = settings_util.create_repo_rhodecode_ui(
                         repo, VcsSettingsModel.SVN_BRANCH_SECTION, 'svn-branch')
                     Session().commit()
                     model.delete_repo_svn_pattern(entry.ui_id)
                 def test_fail_when_delete_id_from_other_repo(self, backend_svn):
                     repo_name = backend_svn.repo_name
                     model = VcsSettingsModel(repo=repo_name)
                     delete_ui_patch = mock.patch.object(model.repo_settings, 'delete_ui')
                     with delete_ui_patch as delete_ui_mock:
                         model.delete_repo_svn_pattern(123)
                         Session().commit()
                     delete_ui_mock.assert_called_once_with(-1)
                 def test_raises_exception_when_repository_is_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.delete_repo_svn_pattern(123)
                     assert str(exc_info.value) == 'Repository is not specified'
             class TestDeleteGlobalSvnPattern(object):
                 def test_delete_global_svn_pattern_calls_delete_ui(self):
                     model = VcsSettingsModel()
                     delete_ui_patch = mock.patch.object(model.global_settings, 'delete_ui')
                     with delete_ui_patch as delete_ui_mock:
                         model.delete_global_svn_pattern(123)
                     delete_ui_mock.assert_called_once_with(123)
             class TestFilterUiSettings(object):
                 def test_settings_are_filtered(self):
                     model = VcsSettingsModel()
                     repo_settings = [
                         UiSetting('extensions', 'largefiles', '', True),
                         UiSetting('phases', 'publish', 'True', True),
                         UiSetting('hooks', 'changegroup.repo_size', 'hook', True),
                         UiSetting('hooks', 'changegroup.push_logger', 'hook', True),
                         UiSetting('hooks', 'outgoing.pull_logger', 'hook', True),
                         UiSetting(
                             'vcs_svn_branch', '84223c972204fa545ca1b22dac7bef5b68d7442d',
                             'test_branch', True),
                         UiSetting(
                             'vcs_svn_tag', '84229c972204fa545ca1b22dac7bef5b68d7442d',
                             'test_tag', True),
                     ]
                     non_repo_settings = [
                         UiSetting('largefiles', 'usercache', '/example/largefiles-store', True),
                         UiSetting('test', 'outgoing.pull_logger', 'hook', True),
                         UiSetting('hooks', 'test2', 'hook', True),
                         UiSetting(
                             'vcs_svn_repo', '84229c972204fa545ca1b22dac7bef5b68d7442d',
                             'test_tag', True),
                     ]
                     settings = repo_settings + non_repo_settings
                     filtered_settings = model._filter_ui_settings(settings)
                     assert sorted(filtered_settings) == sorted(repo_settings)
             class TestFilterGeneralSettings(object):
                 def test_settings_are_filtered(self):
                     model = VcsSettingsModel()
                     settings = {
                         'rhodecode_abcde': 'value1',
                         'rhodecode_vwxyz': 'value2',
                     }
                     general_settings = {
                         'rhodecode_{}'.format(key): 'value'
                         for key in VcsSettingsModel.GENERAL_SETTINGS
                     }
                     settings.update(general_settings)
                     filtered_settings = model._filter_general_settings(general_settings)
                     assert sorted(filtered_settings) == sorted(general_settings)
             class TestGetRepoUiSettings(object):
                 def test_global_uis_are_returned_when_no_repo_uis_found(
                         self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_repo_ui_settings()
                     svn_sections = (
                         VcsSettingsModel.SVN_TAG_SECTION,
                         VcsSettingsModel.SVN_BRANCH_SECTION)
                     expected_result = [
                         s for s in model.global_settings.get_ui()
                         if s.section not in svn_sections]
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_uis_are_overriding_global_uis(
                         self, repo_stub, settings_util):
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, 'repo', key=key, active=False)
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_repo_ui_settings()
                     for setting in result:
                         locator = (setting.section, setting.key)
                         if locator in VcsSettingsModel.HOOKS_SETTINGS:
                             assert setting.value == 'repo'
                             assert setting.active is False
                 def test_global_svn_patterns_are_not_in_list(
                         self, repo_stub, settings_util):
                     svn_sections = (
                         VcsSettingsModel.SVN_TAG_SECTION,
                         VcsSettingsModel.SVN_BRANCH_SECTION)
                     for section in svn_sections:
                         settings_util.create_rhodecode_ui(
                             section, 'repo', key='deadbeef' + section, active=False)
                         Session().commit()
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_repo_ui_settings()
                     for setting in result:
                         assert setting.section not in svn_sections
                 def test_repo_uis_filtered_by_section_are_returned(
                         self, repo_stub, settings_util):
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, 'repo', key=key, active=False)
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     section, key = VcsSettingsModel.HOOKS_SETTINGS[0]
                     result = model.get_repo_ui_settings(section=section)
                     for setting in result:
                         assert setting.section == section
                 def test_repo_uis_filtered_by_key_are_returned(
                         self, repo_stub, settings_util):
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, 'repo', key=key, active=False)
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     section, key = VcsSettingsModel.HOOKS_SETTINGS[0]
                     result = model.get_repo_ui_settings(key=key)
                     for setting in result:
                         assert setting.key == key
                 def test_raises_exception_when_repository_is_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.get_repo_ui_settings()
                     assert str(exc_info.value) == 'Repository is not specified'
             class TestGetRepoGeneralSettings(object):
                 def test_global_settings_are_returned_when_no_repo_settings_found(
                         self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_repo_general_settings()
                     expected_result = model.global_settings.get_all_settings()
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_uis_are_overriding_global_uis(
                         self, repo_stub, settings_util):
                     for key in VcsSettingsModel.GENERAL_SETTINGS:
                         settings_util.create_repo_rhodecode_setting(
                             repo_stub, key, 'abcde', type_='unicode')
                         Session().commit()
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_repo_ui_settings()
                     for key in result:
                         if key in VcsSettingsModel.GENERAL_SETTINGS:
                             assert result[key] == 'abcde'
                 def test_raises_exception_when_repository_is_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.get_repo_general_settings()
                     assert str(exc_info.value) == 'Repository is not specified'
             class TestGetGlobalGeneralSettings(object):
                 def test_global_settings_are_returned(self, repo_stub):
                     model = VcsSettingsModel()
                     result = model.get_global_general_settings()
                     expected_result = model.global_settings.get_all_settings()
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_uis_are_not_overriding_global_uis(
                         self, repo_stub, settings_util):
                     for key in VcsSettingsModel.GENERAL_SETTINGS:
                         settings_util.create_repo_rhodecode_setting(
                             repo_stub, key, 'abcde', type_='unicode')
                         Session().commit()
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_global_general_settings()
                     expected_result = model.global_settings.get_all_settings()
                     assert sorted(result) == sorted(expected_result)
             class TestGetGlobalUiSettings(object):
                 def test_global_uis_are_returned(self, repo_stub):
                     model = VcsSettingsModel()
                     result = model.get_global_ui_settings()
                     expected_result = model.global_settings.get_ui()
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_uis_are_not_overriding_global_uis(
                         self, repo_stub, settings_util):
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, 'repo', key=key, active=False)
                         Session().commit()
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     result = model.get_global_ui_settings()
                     expected_result = model.global_settings.get_ui()
                     assert sorted(result) == sorted(expected_result)
                 def test_ui_settings_filtered_by_section(
                         self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     section, key = VcsSettingsModel.HOOKS_SETTINGS[0]
                     result = model.get_global_ui_settings(section=section)
                     expected_result = model.global_settings.get_ui(section=section)
                     assert sorted(result) == sorted(expected_result)
                 def test_ui_settings_filtered_by_key(
                         self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     section, key = VcsSettingsModel.HOOKS_SETTINGS[0]
                     result = model.get_global_ui_settings(key=key)
                     expected_result = model.global_settings.get_ui(key=key)
                     assert sorted(result) == sorted(expected_result)
             class TestGetGeneralSettings(object):
                 def test_global_settings_are_returned_when_inherited_is_true(
                         self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model.inherit_global_settings = True
                     for key in VcsSettingsModel.GENERAL_SETTINGS:
                         settings_util.create_repo_rhodecode_setting(
                             repo_stub, key, 'abcde', type_='unicode')
                         Session().commit()
                     result = model.get_general_settings()
                     expected_result = model.get_global_general_settings()
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_settings_are_returned_when_inherited_is_false(
                         self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model.inherit_global_settings = False
                     for key in VcsSettingsModel.GENERAL_SETTINGS:
                         settings_util.create_repo_rhodecode_setting(
                             repo_stub, key, 'abcde', type_='unicode')
                         Session().commit()
                     result = model.get_general_settings()
                     expected_result = model.get_repo_general_settings()
                     assert sorted(result) == sorted(expected_result)
                 def test_global_settings_are_returned_when_no_repository_specified(self):
                     model = VcsSettingsModel()
                     result = model.get_general_settings()
                     expected_result = model.get_global_general_settings()
                     assert sorted(result) == sorted(expected_result)
             class TestGetUiSettings(object):
                 def test_global_settings_are_returned_when_inherited_is_true(
                         self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model.inherit_global_settings = True
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, 'repo', key=key, active=True)
                         Session().commit()
                     result = model.get_ui_settings()
                     expected_result = model.get_global_ui_settings()
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_settings_are_returned_when_inherited_is_false(
                         self, repo_stub, settings_util):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model.inherit_global_settings = False
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings_util.create_repo_rhodecode_ui(
                             repo_stub, section, 'repo', key=key, active=True)
                         Session().commit()
                     result = model.get_ui_settings()
                     expected_result = model.get_repo_ui_settings()
                     assert sorted(result) == sorted(expected_result)
                 def test_repo_settings_filtered_by_section_and_key(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     model.inherit_global_settings = False
                     args = ('section', 'key')
                     with mock.patch.object(model, 'get_repo_ui_settings') as settings_mock:
                         model.get_ui_settings(*args)
                     Session().commit()
                     settings_mock.assert_called_once_with(*args)
                 def test_global_settings_filtered_by_section_and_key(self):
                     model = VcsSettingsModel()
                     args = ('section', 'key')
                     with mock.patch.object(model, 'get_global_ui_settings') as (
                             settings_mock):
                         model.get_ui_settings(*args)
                     settings_mock.assert_called_once_with(*args)
                 def test_global_settings_are_returned_when_no_repository_specified(self):
                     model = VcsSettingsModel()
                     result = model.get_ui_settings()
                     expected_result = model.get_global_ui_settings()
                     assert sorted(result) == sorted(expected_result)
             class TestGetSvnPatterns(object):
                 def test_repo_settings_filtered_by_section_and_key(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub.repo_name)
                     args = ('section', )
                     with mock.patch.object(model, 'get_repo_ui_settings') as settings_mock:
                         model.get_svn_patterns(*args)
                     Session().commit()
                     settings_mock.assert_called_once_with(*args)
                 def test_global_settings_filtered_by_section_and_key(self):
                     model = VcsSettingsModel()
                     args = ('section', )
                     with mock.patch.object(model, 'get_global_ui_settings') as (
                             settings_mock):
                         model.get_svn_patterns(*args)
                     settings_mock.assert_called_once_with(*args)
-            class TestGetReposLocation(object):
-                def test_returns_repos_location(self, repo_stub):
-                    model = VcsSettingsModel()
-                    result_mock = mock.Mock()
-                    result_mock.ui_value = '/tmp'
-                    with mock.patch.object(model, 'global_settings') as settings_mock:
-                        settings_mock.get_ui_by_key.return_value = result_mock
-                        result = model.get_repos_location()
-                    settings_mock.get_ui_by_key.assert_called_once_with('/')
-                    assert result == '/tmp'
             class TestCreateOrUpdateRepoSettings(object):
                 FORM_DATA = {
                     'inherit_global_settings': False,
                     'hooks_changegroup_repo_size': False,
                     'hooks_changegroup_push_logger': False,
                     'hooks_outgoing_pull_logger': False,
                     'extensions_largefiles': False,
                     'extensions_evolve': False,
                     'largefiles_usercache': '/example/largefiles-store',
                     'vcs_git_lfs_enabled': False,
                     'vcs_git_lfs_store_location': '/',
                     'phases_publish': 'False',
                     'rhodecode_pr_merge_enabled': False,
                     'rhodecode_use_outdated_comments': False,
                     'new_svn_branch': '',
                     'new_svn_tag': ''
                 }
                 def test_get_raises_exception_when_repository_not_specified(self):
                     model = VcsSettingsModel()
                     with pytest.raises(Exception) as exc_info:
                         model.create_or_update_repo_settings(data=self.FORM_DATA)
                         Session().commit()
                     assert str(exc_info.value) == 'Repository is not specified'
                 def test_only_svn_settings_are_updated_when_type_is_svn(self, backend_svn):
                     repo = backend_svn.create_repo()
                     model = VcsSettingsModel(repo=repo)
                     with self._patch_model(model) as mocks:
                         model.create_or_update_repo_settings(
                             data=self.FORM_DATA, inherit_global_settings=False)
                         Session().commit()
                     mocks['create_repo_svn_settings'].assert_called_once_with(
                         self.FORM_DATA)
                     non_called_methods = (
                         'create_or_update_repo_hook_settings',
                         'create_or_update_repo_pr_settings',
                         'create_or_update_repo_hg_settings')
                     for method in non_called_methods:
                         assert mocks[method].call_count == 0
                 def test_non_svn_settings_are_updated_when_type_is_hg(self, backend_hg):
                     repo = backend_hg.create_repo()
                     model = VcsSettingsModel(repo=repo)
                     with self._patch_model(model) as mocks:
                         model.create_or_update_repo_settings(
                             data=self.FORM_DATA, inherit_global_settings=False)
                         Session().commit()
                     assert mocks['create_repo_svn_settings'].call_count == 0
                     called_methods = (
                         'create_or_update_repo_hook_settings',
                         'create_or_update_repo_pr_settings',
                         'create_or_update_repo_hg_settings')
                     for method in called_methods:
                         mocks[method].assert_called_once_with(self.FORM_DATA)
                 def test_non_svn_and_hg_settings_are_updated_when_type_is_git(
                         self, backend_git):
                     repo = backend_git.create_repo()
                     model = VcsSettingsModel(repo=repo)
                     with self._patch_model(model) as mocks:
                         model.create_or_update_repo_settings(
                             data=self.FORM_DATA, inherit_global_settings=False)
                     assert mocks['create_repo_svn_settings'].call_count == 0
                     called_methods = (
                         'create_or_update_repo_hook_settings',
                         'create_or_update_repo_pr_settings')
                     non_called_methods = (
                         'create_repo_svn_settings',
                         'create_or_update_repo_hg_settings'
                     )
                     for method in called_methods:
                         mocks[method].assert_called_once_with(self.FORM_DATA)
                     for method in non_called_methods:
                         assert mocks[method].call_count == 0
                 def test_no_methods_are_called_when_settings_are_inherited(
                         self, backend):
                     repo = backend.create_repo()
                     model = VcsSettingsModel(repo=repo)
                     with self._patch_model(model) as mocks:
                         model.create_or_update_repo_settings(
                             data=self.FORM_DATA, inherit_global_settings=True)
                     for method_name in mocks:
                         assert mocks[method_name].call_count == 0
                 def test_cache_is_marked_for_invalidation(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub)
                     invalidation_patcher = mock.patch(
                         'rhodecode.model.scm.ScmModel.mark_for_invalidation')
                     with invalidation_patcher as invalidation_mock:
                         model.create_or_update_repo_settings(
                             data=self.FORM_DATA, inherit_global_settings=True)
                     Session().commit()
                     invalidation_mock.assert_called_once_with(
                         repo_stub.repo_name, delete=True)
                 def test_inherit_flag_is_saved(self, repo_stub):
                     model = VcsSettingsModel(repo=repo_stub)
                     model.inherit_global_settings = True
                     with self._patch_model(model):
                         model.create_or_update_repo_settings(
                             data=self.FORM_DATA, inherit_global_settings=False)
                         Session().commit()
                     assert model.inherit_global_settings is False
                 def _patch_model(self, model):
                     return mock.patch.multiple(
                         model,
                         create_repo_svn_settings=mock.DEFAULT,
                         create_or_update_repo_hook_settings=mock.DEFAULT,
                         create_or_update_repo_pr_settings=mock.DEFAULT,
                         create_or_update_repo_hg_settings=mock.DEFAULT)

rhodecode/tests/models/test_repos.py

0 +13 -13

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import mock
             import pytest
             import tempfile
             from rhodecode.lib.exceptions import AttachedForksError
             from rhodecode.lib.utils import make_db_config
             from rhodecode.model.db import Repository
             from rhodecode.model.meta import Session
             from rhodecode.model.repo import RepoModel
             from rhodecode.model.scm import ScmModel
             class TestRepoModel(object):
                 def test_remove_repo(self, backend):
                     repo = backend.create_repo()
                     Session().commit()
                     RepoModel().delete(repo=repo)
                     Session().commit()
                     repos = ScmModel().repo_scan()
                     assert Repository.get_by_repo_name(repo_name=backend.repo_name) is None
                     assert repo.repo_name not in repos
                 def test_remove_repo_raises_exc_when_attached_forks(self, backend):
                     repo = backend.create_repo()
                     Session().commit()
                     backend.create_fork()
                     Session().commit()
                     with pytest.raises(AttachedForksError):
                         RepoModel().delete(repo=repo)
                 def test_remove_repo_delete_forks(self, backend):
                     repo = backend.create_repo()
                     Session().commit()
                     fork = backend.create_fork()
                     Session().commit()
                     fork_of_fork = backend.create_fork()
                     Session().commit()
                     RepoModel().delete(repo=repo, forks='delete')
                     Session().commit()
                     assert Repository.get_by_repo_name(repo_name=repo.repo_name) is None
                     assert Repository.get_by_repo_name(repo_name=fork.repo_name) is None
                     assert (
                         Repository.get_by_repo_name(repo_name=fork_of_fork.repo_name)
                         is None)
                 def test_remove_repo_detach_forks(self, backend):
                     repo = backend.create_repo()
                     Session().commit()
                     fork = backend.create_fork()
                     Session().commit()
                     fork_of_fork = backend.create_fork()
                     Session().commit()
                     RepoModel().delete(repo=repo, forks='detach')
                     Session().commit()
                     assert Repository.get_by_repo_name(repo_name=repo.repo_name) is None
                     assert (
                         Repository.get_by_repo_name(repo_name=fork.repo_name) is not None)
                     assert (
                         Repository.get_by_repo_name(repo_name=fork_of_fork.repo_name)
                         is not None)
                 @pytest.mark.parametrize("filename, expected", [
                     ("README", True),
                     ("README.rst", False),
                 ])
                 def test_filenode_is_link(self, vcsbackend, filename, expected):
                     repo = vcsbackend.repo
                     assert repo.get_commit().is_link(filename) is expected
                 def test_get_commit(self, backend):
                     backend.repo.get_commit()
                 def test_get_changeset_is_deprecated(self, backend):
                     repo = backend.repo
                     pytest.deprecated_call(repo.get_changeset)
                 def test_clone_url_encrypted_value(self, backend):
                     repo = backend.create_repo()
                     Session().commit()
                     repo.clone_url = 'https://marcink:qweqwe@code.rhodecode.com'
                     Session().add(repo)
                     Session().commit()
                     assert repo.clone_url == 'https://marcink:qweqwe@code.rhodecode.com'
                 @pytest.mark.backends("git", "svn")
                 def test_create_filesystem_repo_installs_hooks(self, tmpdir, backend):
                     repo = backend.create_repo()
                     repo_name = repo.repo_name
-                    model = RepoModel()
+                    with mock.patch('rhodecode.model.repo.RepoModel.repos_path',
-                    repo_location = tempfile.mkdtemp()
+                                    new_callable=mock.PropertyMock) as mocked_models_property:
-                    model.repos_path = repo_location
+                        mocked_models_property.return_value = tempfile.mkdtemp()
-                    repo = model._create_filesystem_repo(
+                        repo = RepoModel()._create_filesystem_repo(
-                        repo_name, backend.alias, repo_group='', clone_uri=None)
+                            repo_name, backend.alias, repo_group='', clone_uri=None)
-                    hooks = {
+                        hooks = {
-                        'svn': ('pre-commit', 'post-commit'),
+                            'svn': ('pre-commit', 'post-commit'),
-                        'git': ('pre-receive', 'post-receive'),
+                            'git': ('pre-receive', 'post-receive'),
+                        }
-                    for hook in hooks[backend.alias]:
+                        for hook in hooks[backend.alias]:
-                        with open(os.path.join(repo.path, 'hooks', hook)) as f:
+                            with open(os.path.join(repo.path, 'hooks', hook)) as f:
-                            data = f.read()
+                                data = f.read()
-                            assert 'RC_HOOK_VER' in data
+                                assert 'RC_HOOK_VER' in data
                 @pytest.mark.parametrize("use_global_config, repo_name_passed", [
                     (True, False),
                     (False, True)
                 ])
                 def test_per_repo_config_is_generated_during_filesystem_repo_creation(
                         self, tmpdir, backend, use_global_config, repo_name_passed):
                     repo_name = 'test-{}-repo-{}'.format(backend.alias, use_global_config)
                     config = make_db_config()
                     model = RepoModel()
                     with mock.patch('rhodecode.model.repo.make_db_config') as config_mock:
                         config_mock.return_value = config
                         model._create_filesystem_repo(
                             repo_name, backend.alias, repo_group='', clone_uri=None,
                             use_global_config=use_global_config)
                     expected_repo_name = repo_name if repo_name_passed else None
                     expected_call = mock.call(clear_session=False, repo=expected_repo_name)
                     assert expected_call in config_mock.call_args_list
                 def test_update_commit_cache_with_config(serf, backend):
                     repo = backend.create_repo()
                     with mock.patch('rhodecode.model.db.Repository.scm_instance') as scm:
                         scm_instance = mock.Mock()
                         scm_instance.get_commit.return_value = {
                             'raw_id': 40*'0',
                             'revision': 1
                         }
                         scm.return_value = scm_instance
                         repo.update_commit_cache()
                         scm.assert_called_with(cache=False, config=None)
                         config = {'test': 'config'}
                         repo.update_commit_cache(config=config)
                         scm.assert_called_with(
                             cache=False, config=config)

rhodecode/tests/rhodecode.ini

0 0 -3

             ; #########################################
             ; RHODECODE COMMUNITY EDITION CONFIGURATION
             ; #########################################
             [DEFAULT]
             ; Debug flag sets all loggers to debug, and enables request tracking
             debug = true
             ; ########################################################################
             ; EMAIL CONFIGURATION
             ; These settings will be used by the RhodeCode mailing system
             ; ########################################################################
             ; prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ; email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
             ; COMMON HOST/IP CONFIG, This applies mostly to develop setup,
             ; Host port for gunicorn are controlled by gunicorn_conf.py
             host = 127.0.0.1
             port = 10020
             ; ###########################
             ; GUNICORN APPLICATION SERVER
             ; ###########################
             ; run with gunicorn --paste rhodecode.ini --config gunicorn_conf.py
             ; Module to use, this setting shouldn't be changed
             use = egg:gunicorn#main
             ; Prefix middleware for RhodeCode.
             ; recommended when using proxy setup.
             ; allows to set RhodeCode under a prefix in server.
             ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ; And set your prefix like: `prefix = /custom_prefix`
             ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ; to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ; The %(here)s variable will be replaced with the absolute path of parent directory
             ; of this file
             ; Each option in the app:main can be override by an environmental variable
             ;
             ;To override an option:
             ;
             ;RC_<KeyName>
             ;Everything should be uppercase, . and - should be replaced by _.
             ;For example, if you have these configuration settings:
             ;rc_cache.repo_object.backend = foo
             ;can be overridden by
             ;export RC_CACHE_REPO_OBJECT_BACKEND=foo
             use = egg:rhodecode-enterprise-ce
             ; enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ; encryption key used to encrypt social plugin tokens,
             ; remote_urls with credentials etc, if not set it defaults to
             ; `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ; decryption strict mode (enabled by default). It controls if decryption raises
             ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ; fernet is safer, and we strongly recommend switching to it.
             ; Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ; Return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ; Auto-generate javascript routes file on startup
             generate_js_files = false
             ; System global default language.
             ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ; Perform a full repository scan and import on each server start.
             ; Settings this to true could lead to very long startup time.
             startup.import_repos = true
             ; URL at which the application is running. This is used for Bootstrapping
             ; requests in context when no web request is available. Used in ishell, or
             ; SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ; Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ; Cut off limit for large diffs (size in bytes). If overall diff size on
             ; commit, or pull request exceeds this limit this diff will be displayed
             ; partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 1024000
             ; Cut off limit for large files inside diffs (size in bytes). Each individual
             ; file inside diff which exceeds this limit will be displayed partially.
             ;  E.g 128000 == 128Kb
             cut_off_limit_file = 256000
             ; Use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = false
             ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
             force_https = false
             ; use Strict-Transport-Security headers
             use_htsts = false
             ; Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ; RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ; gist URL alias, used to create nicer urls for gist. This should be an
             ; url that does rewrites to _admin/gists/{gistid}.
             ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ; List of views (using glob pattern syntax) that AUTH TOKENS could be
             ; used for access.
             ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ; came from the the logged in user who own this authentication token.
             ; Additionally @TOKEN syntax can be used to bound the view to specific
             ; authentication token. Such view would be only accessible when used together
             ; with this authentication token
             ; list of all views can be found under `/_admin/permissions/auth_token_access`
             ; The list should be "," separated and on a single line.
             ; Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ; Default encoding used to convert from and to unicode
             ; can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ; instance-id prefix
             ; a prefix key for this instance used for cache invalidation when running
             ; multiple instances of RhodeCode, make sure it's globally unique for
             ; all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ; Fallback authentication plugin. Set this to a plugin ID to force the usage
             ; of an authentication plugin also if it is disabled by it's settings.
             ; This could be useful if you are unable to log in to the system due to broken
             ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ; module to log in again and fix the settings.
             ; Available builtin plugin IDs (hash is part of the ID):
             ; egg:rhodecode-enterprise-ce#rhodecode
             ; egg:rhodecode-enterprise-ce#pam
             ; egg:rhodecode-enterprise-ce#ldap
             ; egg:rhodecode-enterprise-ce#jasig_cas
             ; egg:rhodecode-enterprise-ce#headers
             ; egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ; Flag to control loading of legacy plugins in py:/path format
             auth_plugin.import_legacy_plugins = true
             ; alternative return HTTP header for failed authentication. Default HTTP
             ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ; handling that causing a series of failed authentication calls.
             ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ; This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ; use special detection method when serving auth_ret_code, instead of serving
             ; ret_code directly, use 401 initially (Which triggers credentials prompt)
             ; and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ; locking return code. When repository is locked return this HTTP code. 2XX
             ; codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
-            ; allows to change the repository location in settings page
-            allow_repo_location_change = true
             ; allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ; Generated license token required for EE edition license.
             ; New generated token value can be found in Admin > settings > license page.
             license_token = abra-cada-bra1-rce3
             ; This flag hides sensitive information on the license page such as token, and license data
             license.hide_license_info = false
             ; supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ; supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = dev
             ; Display extended labs settings
             labs_settings_active = true
             ; Custom exception store path, defaults to TMPDIR
             ; This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ; Send email with exception details when it happens
             #exception_tracker.send_email = false
             ; Comma separated list of recipients for exception emails,
             ; e.g admin@rhodecode.com,devops@rhodecode.com
             ; Can be left empty, then emails will be sent to ALL super-admins
             #exception_tracker.send_email_recipients =
             ; optional prefix to Add to email Subject
             #exception_tracker.email_prefix = [RHODECODE ERROR]
             ; File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ; Storage backend, available options are: local
             file_store.backend = local
             ; path to store the uploaded binaries
             file_store.storage_path = %(here)s/data/file_store
             ; Uncomment and set this path to control settings for archive download cache.
             ; Generated repo archives will be cached at this location
             ; and served from the cache during subsequent requests for the same archive of
             ; the repository. This path is important to be shared across filesystems and with
             ; RhodeCode and vcsserver
             ; Default is $cache_dir/archive_cache if not set
             archive_cache.store_dir = /tmp/rc-test-data/archive_cache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
             archive_cache.cache_size_gb = 10
             ; By default cache uses sharding technique, this specifies how many shards are there
             archive_cache.cache_shards = 10
             ; #############
             ; CELERY CONFIG
             ; #############
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = false
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; connection url to the message broker (default redis)
             celery.broker_url = redis://localhost:6379/8
             ; rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ; maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 20
             ; tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             ; #############
             ; DOGPILE CACHE
             ; #############
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
             cache_dir = %(here)s/rc-test-data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; Only supported backend is `memory_lru`
             ; *********************************************
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 0
             ; *****************************************************
             ; `cache_repo_longterm` cache for repo object instances
             ; Only supported backend is `memory_lru`
             ; *****************************************************
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ; by default we use 30 Days, cache is still invalidated on push
             rc_cache.cache_repo_longterm.expiration_time = 2592000
             ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
             rc_cache.cache_repo_longterm.max_size = 10000
             ; *********************************************
             ; `cache_general` cache for general purpose use
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *********************************************
             rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_general.expiration_time = 43200
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             rc_cache.cache_general.arguments.filename = %(here)s/cache-backend/cache_general_db
             ; alternative `cache_general` redis backend with distributed lock
             #rc_cache.cache_general.backend = dogpile.cache.rc.redis
             #rc_cache.cache_general.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_general.arguments.redis_expiration_time = 7200
             #rc_cache.cache_general.arguments.host = localhost
             #rc_cache.cache_general.arguments.port = 6379
             #rc_cache.cache_general.arguments.db = 0
             #rc_cache.cache_general.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_general.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_general.arguments.lock_auto_renewal = true
             ; *************************************************
             ; `cache_perms` cache for permission tree, auth TTL
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *************************************************
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 0
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             rc_cache.cache_perms.arguments.filename = %(here)s/cache-backend/cache_perms_db
             ; alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_perms.arguments.lock_auto_renewal = true
             ; ***************************************************
             ; `cache_repo` cache for file tree, Readme, RSS FEEDS
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; ***************************************************
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             rc_cache.cache_repo.arguments.filename = %(here)s/cache-backend/cache_repo_db
             ; alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_repo.arguments.lock_auto_renewal = true
             ; ##############
             ; BEAKER SESSION
             ; ##############
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached, and memory (default if not specified).
             ; Fastest ones are Redis and ext:database
             beaker.session.type = file
             beaker.session.data_dir = %(here)s/rc-tests/data/sessions
             ; Redis based sessions
             #beaker.session.type = ext:redis
             #beaker.session.url = redis://127.0.0.1:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = test-rc-uytcxaz
             beaker.session.lock_dir = %(here)s/data/sessions/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ; Sets session as invalid (also logging out user) if it haven not been
             ; accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ; Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ; Set https secure cookie
             beaker.session.secure = false
             ## auto save the session to not to use .save()
             beaker.session.auto = false
             ; default cookie expiration time in seconds, set to `true` to set expire
             ; at browser close
             #beaker.session.cookie_expires = 3600
             ; #############################
             ; SEARCH INDEXING CONFIGURATION
             ; #############################
             ; Full text search indexer is available in rhodecode-tools under
             ; `rhodecode-tools index` command
             ; WHOOSH Backend, doesn't require additional services to run
             ; it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ; ####################
             ; CHANNELSTREAM CONFIG
             ; ####################
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
             channelstream.enabled = false
             ; server address for channelstream server on the backend
             channelstream.server = 127.0.0.1:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = secret
             channelstream.history.location = %(here)s/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ; ##############################
             ; MAIN RHODECODE DATABASE CONFIG
             ; ##############################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             ; pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode_test.db?timeout=30
             ; see sqlalchemy docs for other advanced settings
             ; print the sql statements to output
             sqlalchemy.db1.echo = false
             ; recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ; the number of connections to keep open inside the connection pool.
             ; 0 indicates no limit
             ; the general calculus with gevent is:
             ; if your system allows 500 concurrent greenlets (max_connections) that all do database access,
             ; then increase pool size + max overflow so that they add up to 500.
             #sqlalchemy.db1.pool_size = 5
             ; The number of connections to allow in connection pool "overflow", that is
             ; connections that can be opened above and beyond the pool_size setting,
             ; which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ; Connection check ping, used to detect broken database connections
             ; could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ; ##########
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
             vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ; Push/Pull operations protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ; Push/Pull operations hooks protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.hooks.protocol = http
             ; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be
             ; accessible via network.
             ; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)
             vcs.hooks.host = *
             ; Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ; List of enabled VCS backends, available options are:
             ; `hg`  - mercurial
             ; `git` - git
             ; `svn` - subversion
             vcs.backends = hg, git, svn
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = 1.8
             ; Cache flag to cache vcsserver remote calls locally
             ; It uses cache_region `cache_repo`
             vcs.methods.cache = false
             ; ####################################################
             ; Subversion proxy support (mod_dav_svn)
             ; Maps RhodeCode repo groups into SVN paths for Apache
             ; ####################################################
             ; Enable or disable the config file generation.
             svn.proxy.generate_config = false
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
             svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ; Used as a prefix to the `Location` block in the generated config file.
             ; In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ; Command to reload the mod dav svn configuration on change.
             ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ; Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ; If the timeout expires before the reload command finishes, the command will
             ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ; ####################
             ; SSH Support Settings
             ; ####################
             ; Defines if a custom authorized_keys file should be created and written on
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
             ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = %(here)s/rc/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
             ; e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
             ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Enables logging, and detailed output send back to the client during SSH
             ; operations. Useful for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = false
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
             ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
             ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
             ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
             ; Statsd client config, this is used to send metrics to statsd
             ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false
             #statsd.statsd_host = 0.0.0.0
             #statsd.statsd_port = 8125
             #statsd.statsd_prefix =
             #statsd.statsd_ipv6 = false
             ; configure logging automatically at server startup set to false
             ; to use the below custom logging config.
             ; RC_LOGGING_FORMATTER
             ; RC_LOGGING_LEVEL
             ; env variables can control the settings for logging in case of autoconfigure
             logging.autoconfigure = false
             ; specify your own custom logging config file to configure logging
             #logging.logging_conf_file = /path/to/custom_logging.ini
             ; Dummy marker to add new entries after.
             ; Add any custom entries below. Please don't remove this marker.
             custom.conf = 1
             ; #####################
             ; LOGGING CONFIGURATION
             ; #####################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper, dogpile
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, json, color_formatter, color_formatter_sql
             ; #######
             ; LOGGERS
             ; #######
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_routes]
             level = DEBUG
             handlers =
             qualname = routes.middleware
             ## "level = DEBUG" logs the route matched and routing variables.
             propagate = 1
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_dogpile]
             level = INFO
             handlers = console
             qualname = dogpile
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ; ########
             ; HANDLERS
             ; ########
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = DEBUG
             ; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             [handler_console_sql]
             ; "level = DEBUG" logs SQL queries and results.
             ; "level = INFO" logs SQL queries.
             ; "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             ; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             ; ##########
             ; FORMATTERS
             ; ##########
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_json]
             format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s
             class = rhodecode.lib._vendor.jsonlogger.JsonFormatter

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages