##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
admin-users: add view for user groups managment...
Bartłomiej Wołyńczyk -
r1556:9ac012a6 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,108 +1,110 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import mock
22 22 import pytest
23 23
24 24 from rhodecode.model.user import UserModel
25 25 from rhodecode.model.user_group import UserGroupModel
26 from rhodecode.tests import TEST_USER_REGULAR_LOGIN
26 from rhodecode.tests import TEST_USER_ADMIN_EMAIL
27 27 from rhodecode.api.tests.utils import (
28 28 build_data, api_call, assert_error, assert_ok, crash, jsonify)
29 29
30 30
31 31 @pytest.mark.usefixtures("testuser_api", "app")
32 32 class TestUpdateUserGroup(object):
33 33 @pytest.mark.parametrize("changing_attr, updates", [
34 34 ('group_name', {'group_name': 'new_group_name'}),
35 35 ('group_name', {'group_name': 'test_group_for_update'}),
36 ('owner', {'owner': TEST_USER_REGULAR_LOGIN}),
36 # ('owner', {'owner': TEST_USER_REGULAR_LOGIN}),
37 ('owner_email', {'owner_email': TEST_USER_ADMIN_EMAIL}),
37 38 ('active', {'active': False}),
38 39 ('active', {'active': True})
39 40 ])
40 41 def test_api_update_user_group(self, changing_attr, updates, user_util):
41 42 user_group = user_util.create_user_group()
42 43 group_name = user_group.users_group_name
43 44 expected_api_data = user_group.get_api_data()
44 45 expected_api_data.update(updates)
45 46
46 47 id_, params = build_data(
47 48 self.apikey, 'update_user_group', usergroupid=group_name,
48 49 **updates)
49 50 response = api_call(self.app, params)
50 51
51 52 expected = {
52 53 'msg': 'updated user group ID:%s %s' % (
53 54 user_group.users_group_id, user_group.users_group_name),
54 55 'user_group': jsonify(expected_api_data)
55 56 }
56 57 assert_ok(id_, expected, given=response.body)
57 58
58 59 @pytest.mark.parametrize("changing_attr, updates", [
59 60 # TODO: mikhail: decide if we need to test against the commented params
60 61 # ('group_name', {'group_name': 'new_group_name'}),
61 62 # ('group_name', {'group_name': 'test_group_for_update'}),
62 ('owner', {'owner': TEST_USER_REGULAR_LOGIN}),
63 # ('owner', {'owner': TEST_USER_REGULAR_LOGIN}),
64 ('owner_email', {'owner_email': TEST_USER_ADMIN_EMAIL}),
63 65 ('active', {'active': False}),
64 66 ('active', {'active': True})
65 67 ])
66 68 def test_api_update_user_group_regular_user(
67 69 self, changing_attr, updates, user_util):
68 70 user_group = user_util.create_user_group()
69 71 group_name = user_group.users_group_name
70 72 expected_api_data = user_group.get_api_data()
71 73 expected_api_data.update(updates)
72 74
73 75
74 76 # grant permission to this user
75 77 user = UserModel().get_by_username(self.TEST_USER_LOGIN)
76 78
77 79 user_util.grant_user_permission_to_user_group(
78 80 user_group, user, 'usergroup.admin')
79 81 id_, params = build_data(
80 82 self.apikey_regular, 'update_user_group',
81 83 usergroupid=group_name, **updates)
82 84 response = api_call(self.app, params)
83 85 expected = {
84 86 'msg': 'updated user group ID:%s %s' % (
85 87 user_group.users_group_id, user_group.users_group_name),
86 88 'user_group': jsonify(expected_api_data)
87 89 }
88 90 assert_ok(id_, expected, given=response.body)
89 91
90 92 def test_api_update_user_group_regular_user_no_permission(self, user_util):
91 93 user_group = user_util.create_user_group()
92 94 group_name = user_group.users_group_name
93 95 id_, params = build_data(
94 96 self.apikey_regular, 'update_user_group', usergroupid=group_name)
95 97 response = api_call(self.app, params)
96 98
97 99 expected = 'user group `%s` does not exist' % (group_name)
98 100 assert_error(id_, expected, given=response.body)
99 101
100 102 @mock.patch.object(UserGroupModel, 'update', crash)
101 103 def test_api_update_user_group_exception_occurred(self, user_util):
102 104 user_group = user_util.create_user_group()
103 105 group_name = user_group.users_group_name
104 106 id_, params = build_data(
105 107 self.apikey, 'update_user_group', usergroupid=group_name)
106 108 response = api_call(self.app, params)
107 109 expected = 'failed to update user group `%s`' % (group_name,)
108 110 assert_error(id_, expected, given=response.body)
Show file before | Show file after | Hide comments
@@ -1,85 +1,94 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2016-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21
22 22 from rhodecode.apps.admin.navigation import NavigationRegistry
23 23 from rhodecode.config.routing import ADMIN_PREFIX
24 24 from rhodecode.lib.utils2 import str2bool
25 25
26 26
27 27 def admin_routes(config):
28 28 """
29 29 Admin prefixed routes
30 30 """
31 31
32 32 config.add_route(
33 33 name='admin_settings_open_source',
34 34 pattern='/settings/open_source')
35 35 config.add_route(
36 36 name='admin_settings_vcs_svn_generate_cfg',
37 37 pattern='/settings/vcs/svn_generate_cfg')
38 38
39 39 config.add_route(
40 40 name='admin_settings_system',
41 41 pattern='/settings/system')
42 42 config.add_route(
43 43 name='admin_settings_system_update',
44 44 pattern='/settings/system/updates')
45 45
46 46 config.add_route(
47 47 name='admin_settings_sessions',
48 48 pattern='/settings/sessions')
49 49 config.add_route(
50 50 name='admin_settings_sessions_cleanup',
51 51 pattern='/settings/sessions/cleanup')
52 52
53 53 # users admin
54 54 config.add_route(
55 55 name='users',
56 56 pattern='/users')
57 57
58 58 config.add_route(
59 59 name='users_data',
60 60 pattern='/users_data')
61 61
62 62 # user auth tokens
63 63 config.add_route(
64 64 name='edit_user_auth_tokens',
65 65 pattern='/users/{user_id:\d+}/edit/auth_tokens')
66 66 config.add_route(
67 67 name='edit_user_auth_tokens_add',
68 68 pattern='/users/{user_id:\d+}/edit/auth_tokens/new')
69 69 config.add_route(
70 70 name='edit_user_auth_tokens_delete',
71 71 pattern='/users/{user_id:\d+}/edit/auth_tokens/delete')
72 72
73 # user groups management
74 config.add_route(
75 name='edit_user_groups_management',
76 pattern='/users/{user_id:\d+}/edit/groups_management')
77
78 config.add_route(
79 name='edit_user_groups_management_updates',
80 pattern='/users/{user_id:\d+}/edit/edit_user_groups_management/updates')
81
73 82
74 83 def includeme(config):
75 84 settings = config.get_settings()
76 85
77 86 # Create admin navigation registry and add it to the pyramid registry.
78 87 labs_active = str2bool(settings.get('labs_settings_active', False))
79 88 navigation_registry = NavigationRegistry(labs_active=labs_active)
80 89 config.registry.registerUtility(navigation_registry)
81 90
82 91 config.include(admin_routes, route_prefix=ADMIN_PREFIX)
83 92
84 93 # Scan module for configuration decorators.
85 94 config.scan()
Show file before | Show file after | Hide comments
@@ -1,237 +1,285 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2016-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import logging
22 22
23 23 from pyramid.httpexceptions import HTTPFound
24 24 from pyramid.view import view_config
25 from rhodecode_tools.lib.ext_json import json
25 26
26 27 from rhodecode.apps._base import BaseAppView
27 28 from rhodecode.lib.auth import (
28 29 LoginRequired, HasPermissionAllDecorator, CSRFRequired)
29 30 from rhodecode.lib import helpers as h
30 31 from rhodecode.lib.utils import PartialRenderer
31 32 from rhodecode.lib.utils2 import safe_int, safe_unicode
32 33 from rhodecode.model.auth_token import AuthTokenModel
34 from rhodecode.model.user_group import UserGroupModel
33 35 from rhodecode.model.db import User, or_
34 36 from rhodecode.model.meta import Session
35 37
36 38 log = logging.getLogger(__name__)
37 39
38 40
39 41 class AdminUsersView(BaseAppView):
40 42 ALLOW_SCOPED_TOKENS = False
41 43 """
42 44 This view has alternative version inside EE, if modified please take a look
43 45 in there as well.
44 46 """
45 47
46 48 def load_default_context(self):
47 49 c = self._get_local_tmpl_context()
48 50 c.allow_scoped_tokens = self.ALLOW_SCOPED_TOKENS
49 51 self._register_global_c(c)
50 52 return c
51 53
52 54 def _redirect_for_default_user(self, username):
53 55 _ = self.request.translate
54 56 if username == User.DEFAULT_USER:
55 57 h.flash(_("You can't edit this user"), category='warning')
56 58 # TODO(marcink): redirect to 'users' admin panel once this
57 59 # is a pyramid view
58 60 raise HTTPFound('/')
59 61
60 62 def _extract_ordering(self, request):
61 63 column_index = safe_int(request.GET.get('order[0][column]'))
62 64 order_dir = request.GET.get(
63 65 'order[0][dir]', 'desc')
64 66 order_by = request.GET.get(
65 67 'columns[%s][data][sort]' % column_index, 'name_raw')
66 68
67 69 # translate datatable to DB columns
68 70 order_by = {
69 71 'first_name': 'name',
70 72 'last_name': 'lastname',
71 73 }.get(order_by) or order_by
72 74
73 75 search_q = request.GET.get('search[value]')
74 76 return search_q, order_by, order_dir
75 77
76 78 def _extract_chunk(self, request):
77 79 start = safe_int(request.GET.get('start'), 0)
78 80 length = safe_int(request.GET.get('length'), 25)
79 81 draw = safe_int(request.GET.get('draw'))
80 82 return draw, start, length
81 83
82 84 @HasPermissionAllDecorator('hg.admin')
83 85 @view_config(
84 86 route_name='users', request_method='GET',
85 87 renderer='rhodecode:templates/admin/users/users.mako')
86 88 def users_list(self):
87 89 c = self.load_default_context()
88 90 return self._get_template_context(c)
89 91
90 92 @HasPermissionAllDecorator('hg.admin')
91 93 @view_config(
92 94 # renderer defined below
93 95 route_name='users_data', request_method='GET', renderer='json',
94 96 xhr=True)
95 97 def users_list_data(self):
96 98 draw, start, limit = self._extract_chunk(self.request)
97 99 search_q, order_by, order_dir = self._extract_ordering(self.request)
98 100
99 101 _render = PartialRenderer('data_table/_dt_elements.mako')
100 102
101 103 def user_actions(user_id, username):
102 104 return _render("user_actions", user_id, username)
103 105
104 106 users_data_total_count = User.query()\
105 107 .filter(User.username != User.DEFAULT_USER) \
106 108 .count()
107 109
108 110 # json generate
109 111 base_q = User.query().filter(User.username != User.DEFAULT_USER)
110 112
111 113 if search_q:
112 114 like_expression = u'%{}%'.format(safe_unicode(search_q))
113 115 base_q = base_q.filter(or_(
114 116 User.username.ilike(like_expression),
115 117 User._email.ilike(like_expression),
116 118 User.name.ilike(like_expression),
117 119 User.lastname.ilike(like_expression),
118 120 ))
119 121
120 122 users_data_total_filtered_count = base_q.count()
121 123
122 124 sort_col = getattr(User, order_by, None)
123 125 if sort_col and order_dir == 'asc':
124 126 base_q = base_q.order_by(sort_col.asc().nullslast())
125 127 elif sort_col:
126 128 base_q = base_q.order_by(sort_col.desc().nullslast())
127 129
128 130 base_q = base_q.offset(start).limit(limit)
129 131 users_list = base_q.all()
130 132
131 133 users_data = []
132 134 for user in users_list:
133 135 users_data.append({
134 136 "username": h.gravatar_with_user(user.username),
135 137 "email": user.email,
136 138 "first_name": h.escape(user.name),
137 139 "last_name": h.escape(user.lastname),
138 140 "last_login": h.format_date(user.last_login),
139 141 "last_activity": h.format_date(user.last_activity),
140 142 "active": h.bool2icon(user.active),
141 143 "active_raw": user.active,
142 144 "admin": h.bool2icon(user.admin),
143 145 "extern_type": user.extern_type,
144 146 "extern_name": user.extern_name,
145 147 "action": user_actions(user.user_id, user.username),
146 148 })
147 149
148 150 data = ({
149 151 'draw': draw,
150 152 'data': users_data,
151 153 'recordsTotal': users_data_total_count,
152 154 'recordsFiltered': users_data_total_filtered_count,
153 155 })
154 156
155 157 return data
156 158
157 159 @LoginRequired()
158 160 @HasPermissionAllDecorator('hg.admin')
159 161 @view_config(
160 162 route_name='edit_user_auth_tokens', request_method='GET',
161 163 renderer='rhodecode:templates/admin/users/user_edit.mako')
162 164 def auth_tokens(self):
163 165 _ = self.request.translate
164 166 c = self.load_default_context()
165 167
166 168 user_id = self.request.matchdict.get('user_id')
167 169 c.user = User.get_or_404(user_id, pyramid_exc=True)
168 170 self._redirect_for_default_user(c.user.username)
169 171
170 172 c.active = 'auth_tokens'
171 173
172 174 c.lifetime_values = [
173 175 (str(-1), _('forever')),
174 176 (str(5), _('5 minutes')),
175 177 (str(60), _('1 hour')),
176 178 (str(60 * 24), _('1 day')),
177 179 (str(60 * 24 * 30), _('1 month')),
178 180 ]
179 181 c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
180 182 c.role_values = [
181 183 (x, AuthTokenModel.cls._get_role_name(x))
182 184 for x in AuthTokenModel.cls.ROLES]
183 185 c.role_options = [(c.role_values, _("Role"))]
184 186 c.user_auth_tokens = AuthTokenModel().get_auth_tokens(
185 187 c.user.user_id, show_expired=True)
186 188 return self._get_template_context(c)
187 189
188 190 def maybe_attach_token_scope(self, token):
189 191 # implemented in EE edition
190 192 pass
191 193
192 194 @LoginRequired()
193 195 @HasPermissionAllDecorator('hg.admin')
194 196 @CSRFRequired()
195 197 @view_config(
196 198 route_name='edit_user_auth_tokens_add', request_method='POST')
197 199 def auth_tokens_add(self):
198 200 _ = self.request.translate
199 201 c = self.load_default_context()
200 202
201 203 user_id = self.request.matchdict.get('user_id')
202 204 c.user = User.get_or_404(user_id, pyramid_exc=True)
203 205 self._redirect_for_default_user(c.user.username)
204 206
205 207 lifetime = safe_int(self.request.POST.get('lifetime'), -1)
206 208 description = self.request.POST.get('description')
207 209 role = self.request.POST.get('role')
208 210
209 211 token = AuthTokenModel().create(
210 212 c.user.user_id, description, lifetime, role)
211 213 self.maybe_attach_token_scope(token)
212 214 Session().commit()
213 215
214 216 h.flash(_("Auth token successfully created"), category='success')
215 217 return HTTPFound(h.route_path('edit_user_auth_tokens', user_id=user_id))
216 218
217 219 @LoginRequired()
218 220 @HasPermissionAllDecorator('hg.admin')
219 221 @CSRFRequired()
220 222 @view_config(
221 223 route_name='edit_user_auth_tokens_delete', request_method='POST')
222 224 def auth_tokens_delete(self):
223 225 _ = self.request.translate
224 226 c = self.load_default_context()
225 227
226 228 user_id = self.request.matchdict.get('user_id')
227 229 c.user = User.get_or_404(user_id, pyramid_exc=True)
228 230 self._redirect_for_default_user(c.user.username)
229 231
230 232 del_auth_token = self.request.POST.get('del_auth_token')
231 233
232 234 if del_auth_token:
233 235 AuthTokenModel().delete(del_auth_token, c.user.user_id)
234 236 Session().commit()
235 237 h.flash(_("Auth token successfully deleted"), category='success')
236 238
237 239 return HTTPFound(h.route_path('edit_user_auth_tokens', user_id=user_id))
240
241
242 @LoginRequired()
243 @HasPermissionAllDecorator('hg.admin')
244 @view_config(
245 route_name='edit_user_groups_management', request_method='GET',
246 renderer='rhodecode:templates/admin/users/user_edit.mako')
247 def groups_management(self):
248 c = self.load_default_context()
249
250 user_id = self.request.matchdict.get('user_id')
251 c.user = User.get_or_404(user_id, pyramid_exc=True)
252 c.data = c.user.group_member
253 self._redirect_for_default_user(c.user.username)
254 groups = [UserGroupModel.get_user_groups_as_dict(group.users_group) for group in c.user.group_member]
255 c.groups = json.dumps(groups)
256 c.active = 'groups'
257
258 return self._get_template_context(c)
259
260
261 @LoginRequired()
262 @HasPermissionAllDecorator('hg.admin')
263 @view_config(
264 route_name='edit_user_groups_management_updates', request_method='POST')
265 def groups_management_updates(self):
266 _ = self.request.translate
267 c = self.load_default_context()
268
269 user_id = self.request.matchdict.get('user_id')
270 c.user = User.get_or_404(user_id, pyramid_exc=True)
271 self._redirect_for_default_user(c.user.username)
272
273 users_groups = set(self.request.POST.getall('users_group_id'))
274 users_groups_model = []
275
276 for ugid in users_groups:
277 users_groups_model.append(UserGroupModel().get_group(safe_int(ugid)))
278 user_group_model = UserGroupModel()
279 user_group_model.change_groups(c.user, users_groups_model)
280
281 Session().commit()
282 c.active = 'user_groups_management'
283 h.flash(_("Groups successfully changed"), category='success')
284
285 return HTTPFound(h.route_path('edit_user_groups_management', user_id=user_id))
Show file before | Show file after | Hide comments
@@ -1,3967 +1,3968 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 Database Models for RhodeCode Enterprise
23 23 """
24 24
25 25 import re
26 26 import os
27 27 import time
28 28 import hashlib
29 29 import logging
30 30 import datetime
31 31 import warnings
32 32 import ipaddress
33 33 import functools
34 34 import traceback
35 35 import collections
36 36
37 37
38 38 from sqlalchemy import *
39 39 from sqlalchemy.ext.declarative import declared_attr
40 40 from sqlalchemy.ext.hybrid import hybrid_property
41 41 from sqlalchemy.orm import (
42 42 relationship, joinedload, class_mapper, validates, aliased)
43 43 from sqlalchemy.sql.expression import true
44 44 from beaker.cache import cache_region
45 45 from zope.cachedescriptors.property import Lazy as LazyProperty
46 46
47 47 from pylons import url
48 48 from pylons.i18n.translation import lazy_ugettext as _
49 49
50 50 from rhodecode.lib.vcs import get_vcs_instance
51 51 from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
52 52 from rhodecode.lib.utils2 import (
53 53 str2bool, safe_str, get_commit_safe, safe_unicode, md5_safe,
54 54 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
55 55 glob2re, StrictAttributeDict, cleaned_uri)
56 56 from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType
57 57 from rhodecode.lib.ext_json import json
58 58 from rhodecode.lib.caching_query import FromCache
59 59 from rhodecode.lib.encrypt import AESCipher
60 60
61 61 from rhodecode.model.meta import Base, Session
62 62
63 63 URL_SEP = '/'
64 64 log = logging.getLogger(__name__)
65 65
66 66 # =============================================================================
67 67 # BASE CLASSES
68 68 # =============================================================================
69 69
70 70 # this is propagated from .ini file rhodecode.encrypted_values.secret or
71 71 # beaker.session.secret if first is not set.
72 72 # and initialized at environment.py
73 73 ENCRYPTION_KEY = None
74 74
75 75 # used to sort permissions by types, '#' used here is not allowed to be in
76 76 # usernames, and it's very early in sorted string.printable table.
77 77 PERMISSION_TYPE_SORT = {
78 78 'admin': '####',
79 79 'write': '###',
80 80 'read': '##',
81 81 'none': '#',
82 82 }
83 83
84 84
85 85 def display_sort(obj):
86 86 """
87 87 Sort function used to sort permissions in .permissions() function of
88 88 Repository, RepoGroup, UserGroup. Also it put the default user in front
89 89 of all other resources
90 90 """
91 91
92 92 if obj.username == User.DEFAULT_USER:
93 93 return '#####'
94 94 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
95 95 return prefix + obj.username
96 96
97 97
98 98 def _hash_key(k):
99 99 return md5_safe(k)
100 100
101 101
102 102 class EncryptedTextValue(TypeDecorator):
103 103 """
104 104 Special column for encrypted long text data, use like::
105 105
106 106 value = Column("encrypted_value", EncryptedValue(), nullable=False)
107 107
108 108 This column is intelligent so if value is in unencrypted form it return
109 109 unencrypted form, but on save it always encrypts
110 110 """
111 111 impl = Text
112 112
113 113 def process_bind_param(self, value, dialect):
114 114 if not value:
115 115 return value
116 116 if value.startswith('enc$aes$') or value.startswith('enc$aes_hmac$'):
117 117 # protect against double encrypting if someone manually starts
118 118 # doing
119 119 raise ValueError('value needs to be in unencrypted format, ie. '
120 120 'not starting with enc$aes')
121 121 return 'enc$aes_hmac$%s' % AESCipher(
122 122 ENCRYPTION_KEY, hmac=True).encrypt(value)
123 123
124 124 def process_result_value(self, value, dialect):
125 125 import rhodecode
126 126
127 127 if not value:
128 128 return value
129 129
130 130 parts = value.split('$', 3)
131 131 if not len(parts) == 3:
132 132 # probably not encrypted values
133 133 return value
134 134 else:
135 135 if parts[0] != 'enc':
136 136 # parts ok but without our header ?
137 137 return value
138 138 enc_strict_mode = str2bool(rhodecode.CONFIG.get(
139 139 'rhodecode.encrypted_values.strict') or True)
140 140 # at that stage we know it's our encryption
141 141 if parts[1] == 'aes':
142 142 decrypted_data = AESCipher(ENCRYPTION_KEY).decrypt(parts[2])
143 143 elif parts[1] == 'aes_hmac':
144 144 decrypted_data = AESCipher(
145 145 ENCRYPTION_KEY, hmac=True,
146 146 strict_verification=enc_strict_mode).decrypt(parts[2])
147 147 else:
148 148 raise ValueError(
149 149 'Encryption type part is wrong, must be `aes` '
150 150 'or `aes_hmac`, got `%s` instead' % (parts[1]))
151 151 return decrypted_data
152 152
153 153
154 154 class BaseModel(object):
155 155 """
156 156 Base Model for all classes
157 157 """
158 158
159 159 @classmethod
160 160 def _get_keys(cls):
161 161 """return column names for this model """
162 162 return class_mapper(cls).c.keys()
163 163
164 164 def get_dict(self):
165 165 """
166 166 return dict with keys and values corresponding
167 167 to this model data """
168 168
169 169 d = {}
170 170 for k in self._get_keys():
171 171 d[k] = getattr(self, k)
172 172
173 173 # also use __json__() if present to get additional fields
174 174 _json_attr = getattr(self, '__json__', None)
175 175 if _json_attr:
176 176 # update with attributes from __json__
177 177 if callable(_json_attr):
178 178 _json_attr = _json_attr()
179 179 for k, val in _json_attr.iteritems():
180 180 d[k] = val
181 181 return d
182 182
183 183 def get_appstruct(self):
184 184 """return list with keys and values tuples corresponding
185 185 to this model data """
186 186
187 187 l = []
188 188 for k in self._get_keys():
189 189 l.append((k, getattr(self, k),))
190 190 return l
191 191
192 192 def populate_obj(self, populate_dict):
193 193 """populate model with data from given populate_dict"""
194 194
195 195 for k in self._get_keys():
196 196 if k in populate_dict:
197 197 setattr(self, k, populate_dict[k])
198 198
199 199 @classmethod
200 200 def query(cls):
201 201 return Session().query(cls)
202 202
203 203 @classmethod
204 204 def get(cls, id_):
205 205 if id_:
206 206 return cls.query().get(id_)
207 207
208 208 @classmethod
209 209 def get_or_404(cls, id_, pyramid_exc=False):
210 210 if pyramid_exc:
211 211 # NOTE(marcink): backward compat, once migration to pyramid
212 212 # this should only use pyramid exceptions
213 213 from pyramid.httpexceptions import HTTPNotFound
214 214 else:
215 215 from webob.exc import HTTPNotFound
216 216
217 217 try:
218 218 id_ = int(id_)
219 219 except (TypeError, ValueError):
220 220 raise HTTPNotFound
221 221
222 222 res = cls.query().get(id_)
223 223 if not res:
224 224 raise HTTPNotFound
225 225 return res
226 226
227 227 @classmethod
228 228 def getAll(cls):
229 229 # deprecated and left for backward compatibility
230 230 return cls.get_all()
231 231
232 232 @classmethod
233 233 def get_all(cls):
234 234 return cls.query().all()
235 235
236 236 @classmethod
237 237 def delete(cls, id_):
238 238 obj = cls.query().get(id_)
239 239 Session().delete(obj)
240 240
241 241 @classmethod
242 242 def identity_cache(cls, session, attr_name, value):
243 243 exist_in_session = []
244 244 for (item_cls, pkey), instance in session.identity_map.items():
245 245 if cls == item_cls and getattr(instance, attr_name) == value:
246 246 exist_in_session.append(instance)
247 247 if exist_in_session:
248 248 if len(exist_in_session) == 1:
249 249 return exist_in_session[0]
250 250 log.exception(
251 251 'multiple objects with attr %s and '
252 252 'value %s found with same name: %r',
253 253 attr_name, value, exist_in_session)
254 254
255 255 def __repr__(self):
256 256 if hasattr(self, '__unicode__'):
257 257 # python repr needs to return str
258 258 try:
259 259 return safe_str(self.__unicode__())
260 260 except UnicodeDecodeError:
261 261 pass
262 262 return '<DB:%s>' % (self.__class__.__name__)
263 263
264 264
265 265 class RhodeCodeSetting(Base, BaseModel):
266 266 __tablename__ = 'rhodecode_settings'
267 267 __table_args__ = (
268 268 UniqueConstraint('app_settings_name'),
269 269 {'extend_existing': True, 'mysql_engine': 'InnoDB',
270 270 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
271 271 )
272 272
273 273 SETTINGS_TYPES = {
274 274 'str': safe_str,
275 275 'int': safe_int,
276 276 'unicode': safe_unicode,
277 277 'bool': str2bool,
278 278 'list': functools.partial(aslist, sep=',')
279 279 }
280 280 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
281 281 GLOBAL_CONF_KEY = 'app_settings'
282 282
283 283 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
284 284 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
285 285 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
286 286 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
287 287
288 288 def __init__(self, key='', val='', type='unicode'):
289 289 self.app_settings_name = key
290 290 self.app_settings_type = type
291 291 self.app_settings_value = val
292 292
293 293 @validates('_app_settings_value')
294 294 def validate_settings_value(self, key, val):
295 295 assert type(val) == unicode
296 296 return val
297 297
298 298 @hybrid_property
299 299 def app_settings_value(self):
300 300 v = self._app_settings_value
301 301 _type = self.app_settings_type
302 302 if _type:
303 303 _type = self.app_settings_type.split('.')[0]
304 304 # decode the encrypted value
305 305 if 'encrypted' in self.app_settings_type:
306 306 cipher = EncryptedTextValue()
307 307 v = safe_unicode(cipher.process_result_value(v, None))
308 308
309 309 converter = self.SETTINGS_TYPES.get(_type) or \
310 310 self.SETTINGS_TYPES['unicode']
311 311 return converter(v)
312 312
313 313 @app_settings_value.setter
314 314 def app_settings_value(self, val):
315 315 """
316 316 Setter that will always make sure we use unicode in app_settings_value
317 317
318 318 :param val:
319 319 """
320 320 val = safe_unicode(val)
321 321 # encode the encrypted value
322 322 if 'encrypted' in self.app_settings_type:
323 323 cipher = EncryptedTextValue()
324 324 val = safe_unicode(cipher.process_bind_param(val, None))
325 325 self._app_settings_value = val
326 326
327 327 @hybrid_property
328 328 def app_settings_type(self):
329 329 return self._app_settings_type
330 330
331 331 @app_settings_type.setter
332 332 def app_settings_type(self, val):
333 333 if val.split('.')[0] not in self.SETTINGS_TYPES:
334 334 raise Exception('type must be one of %s got %s'
335 335 % (self.SETTINGS_TYPES.keys(), val))
336 336 self._app_settings_type = val
337 337
338 338 def __unicode__(self):
339 339 return u"<%s('%s:%s[%s]')>" % (
340 340 self.__class__.__name__,
341 341 self.app_settings_name, self.app_settings_value,
342 342 self.app_settings_type
343 343 )
344 344
345 345
346 346 class RhodeCodeUi(Base, BaseModel):
347 347 __tablename__ = 'rhodecode_ui'
348 348 __table_args__ = (
349 349 UniqueConstraint('ui_key'),
350 350 {'extend_existing': True, 'mysql_engine': 'InnoDB',
351 351 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
352 352 )
353 353
354 354 HOOK_REPO_SIZE = 'changegroup.repo_size'
355 355 # HG
356 356 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
357 357 HOOK_PULL = 'outgoing.pull_logger'
358 358 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
359 359 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
360 360 HOOK_PUSH = 'changegroup.push_logger'
361 361
362 362 # TODO: johbo: Unify way how hooks are configured for git and hg,
363 363 # git part is currently hardcoded.
364 364
365 365 # SVN PATTERNS
366 366 SVN_BRANCH_ID = 'vcs_svn_branch'
367 367 SVN_TAG_ID = 'vcs_svn_tag'
368 368
369 369 ui_id = Column(
370 370 "ui_id", Integer(), nullable=False, unique=True, default=None,
371 371 primary_key=True)
372 372 ui_section = Column(
373 373 "ui_section", String(255), nullable=True, unique=None, default=None)
374 374 ui_key = Column(
375 375 "ui_key", String(255), nullable=True, unique=None, default=None)
376 376 ui_value = Column(
377 377 "ui_value", String(255), nullable=True, unique=None, default=None)
378 378 ui_active = Column(
379 379 "ui_active", Boolean(), nullable=True, unique=None, default=True)
380 380
381 381 def __repr__(self):
382 382 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
383 383 self.ui_key, self.ui_value)
384 384
385 385
386 386 class RepoRhodeCodeSetting(Base, BaseModel):
387 387 __tablename__ = 'repo_rhodecode_settings'
388 388 __table_args__ = (
389 389 UniqueConstraint(
390 390 'app_settings_name', 'repository_id',
391 391 name='uq_repo_rhodecode_setting_name_repo_id'),
392 392 {'extend_existing': True, 'mysql_engine': 'InnoDB',
393 393 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
394 394 )
395 395
396 396 repository_id = Column(
397 397 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
398 398 nullable=False)
399 399 app_settings_id = Column(
400 400 "app_settings_id", Integer(), nullable=False, unique=True,
401 401 default=None, primary_key=True)
402 402 app_settings_name = Column(
403 403 "app_settings_name", String(255), nullable=True, unique=None,
404 404 default=None)
405 405 _app_settings_value = Column(
406 406 "app_settings_value", String(4096), nullable=True, unique=None,
407 407 default=None)
408 408 _app_settings_type = Column(
409 409 "app_settings_type", String(255), nullable=True, unique=None,
410 410 default=None)
411 411
412 412 repository = relationship('Repository')
413 413
414 414 def __init__(self, repository_id, key='', val='', type='unicode'):
415 415 self.repository_id = repository_id
416 416 self.app_settings_name = key
417 417 self.app_settings_type = type
418 418 self.app_settings_value = val
419 419
420 420 @validates('_app_settings_value')
421 421 def validate_settings_value(self, key, val):
422 422 assert type(val) == unicode
423 423 return val
424 424
425 425 @hybrid_property
426 426 def app_settings_value(self):
427 427 v = self._app_settings_value
428 428 type_ = self.app_settings_type
429 429 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
430 430 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
431 431 return converter(v)
432 432
433 433 @app_settings_value.setter
434 434 def app_settings_value(self, val):
435 435 """
436 436 Setter that will always make sure we use unicode in app_settings_value
437 437
438 438 :param val:
439 439 """
440 440 self._app_settings_value = safe_unicode(val)
441 441
442 442 @hybrid_property
443 443 def app_settings_type(self):
444 444 return self._app_settings_type
445 445
446 446 @app_settings_type.setter
447 447 def app_settings_type(self, val):
448 448 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
449 449 if val not in SETTINGS_TYPES:
450 450 raise Exception('type must be one of %s got %s'
451 451 % (SETTINGS_TYPES.keys(), val))
452 452 self._app_settings_type = val
453 453
454 454 def __unicode__(self):
455 455 return u"<%s('%s:%s:%s[%s]')>" % (
456 456 self.__class__.__name__, self.repository.repo_name,
457 457 self.app_settings_name, self.app_settings_value,
458 458 self.app_settings_type
459 459 )
460 460
461 461
462 462 class RepoRhodeCodeUi(Base, BaseModel):
463 463 __tablename__ = 'repo_rhodecode_ui'
464 464 __table_args__ = (
465 465 UniqueConstraint(
466 466 'repository_id', 'ui_section', 'ui_key',
467 467 name='uq_repo_rhodecode_ui_repository_id_section_key'),
468 468 {'extend_existing': True, 'mysql_engine': 'InnoDB',
469 469 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
470 470 )
471 471
472 472 repository_id = Column(
473 473 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
474 474 nullable=False)
475 475 ui_id = Column(
476 476 "ui_id", Integer(), nullable=False, unique=True, default=None,
477 477 primary_key=True)
478 478 ui_section = Column(
479 479 "ui_section", String(255), nullable=True, unique=None, default=None)
480 480 ui_key = Column(
481 481 "ui_key", String(255), nullable=True, unique=None, default=None)
482 482 ui_value = Column(
483 483 "ui_value", String(255), nullable=True, unique=None, default=None)
484 484 ui_active = Column(
485 485 "ui_active", Boolean(), nullable=True, unique=None, default=True)
486 486
487 487 repository = relationship('Repository')
488 488
489 489 def __repr__(self):
490 490 return '<%s[%s:%s]%s=>%s]>' % (
491 491 self.__class__.__name__, self.repository.repo_name,
492 492 self.ui_section, self.ui_key, self.ui_value)
493 493
494 494
495 495 class User(Base, BaseModel):
496 496 __tablename__ = 'users'
497 497 __table_args__ = (
498 498 UniqueConstraint('username'), UniqueConstraint('email'),
499 499 Index('u_username_idx', 'username'),
500 500 Index('u_email_idx', 'email'),
501 501 {'extend_existing': True, 'mysql_engine': 'InnoDB',
502 502 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
503 503 )
504 504 DEFAULT_USER = 'default'
505 505 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
506 506 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
507 507
508 508 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
509 509 username = Column("username", String(255), nullable=True, unique=None, default=None)
510 510 password = Column("password", String(255), nullable=True, unique=None, default=None)
511 511 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
512 512 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
513 513 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
514 514 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
515 515 _email = Column("email", String(255), nullable=True, unique=None, default=None)
516 516 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
517 517 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
518 518
519 519 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
520 520 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
521 521 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
522 522 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
523 523 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
524 524 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
525 525
526 526 user_log = relationship('UserLog')
527 527 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
528 528
529 529 repositories = relationship('Repository')
530 530 repository_groups = relationship('RepoGroup')
531 531 user_groups = relationship('UserGroup')
532 532
533 533 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
534 534 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
535 535
536 536 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
537 537 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
538 538 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all')
539 539
540 540 group_member = relationship('UserGroupMember', cascade='all')
541 541
542 542 notifications = relationship('UserNotification', cascade='all')
543 543 # notifications assigned to this user
544 544 user_created_notifications = relationship('Notification', cascade='all')
545 545 # comments created by this user
546 546 user_comments = relationship('ChangesetComment', cascade='all')
547 547 # user profile extra info
548 548 user_emails = relationship('UserEmailMap', cascade='all')
549 549 user_ip_map = relationship('UserIpMap', cascade='all')
550 550 user_auth_tokens = relationship('UserApiKeys', cascade='all')
551 551 # gists
552 552 user_gists = relationship('Gist', cascade='all')
553 553 # user pull requests
554 554 user_pull_requests = relationship('PullRequest', cascade='all')
555 555 # external identities
556 556 extenal_identities = relationship(
557 557 'ExternalIdentity',
558 558 primaryjoin="User.user_id==ExternalIdentity.local_user_id",
559 559 cascade='all')
560 560
561 561 def __unicode__(self):
562 562 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
563 563 self.user_id, self.username)
564 564
565 565 @hybrid_property
566 566 def email(self):
567 567 return self._email
568 568
569 569 @email.setter
570 570 def email(self, val):
571 571 self._email = val.lower() if val else None
572 572
573 573 @hybrid_property
574 574 def api_key(self):
575 575 """
576 576 Fetch if exist an auth-token with role ALL connected to this user
577 577 """
578 578 user_auth_token = UserApiKeys.query()\
579 579 .filter(UserApiKeys.user_id == self.user_id)\
580 580 .filter(or_(UserApiKeys.expires == -1,
581 581 UserApiKeys.expires >= time.time()))\
582 582 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
583 583 if user_auth_token:
584 584 user_auth_token = user_auth_token.api_key
585 585
586 586 return user_auth_token
587 587
588 588 @api_key.setter
589 589 def api_key(self, val):
590 590 # don't allow to set API key this is deprecated for now
591 591 self._api_key = None
592 592
593 593 @property
594 594 def firstname(self):
595 595 # alias for future
596 596 return self.name
597 597
598 598 @property
599 599 def emails(self):
600 600 other = UserEmailMap.query().filter(UserEmailMap.user==self).all()
601 601 return [self.email] + [x.email for x in other]
602 602
603 603 @property
604 604 def auth_tokens(self):
605 605 return [x.api_key for x in self.extra_auth_tokens]
606 606
607 607 @property
608 608 def extra_auth_tokens(self):
609 609 return UserApiKeys.query().filter(UserApiKeys.user == self).all()
610 610
611 611 @property
612 612 def feed_token(self):
613 613 return self.get_feed_token()
614 614
615 615 def get_feed_token(self):
616 616 feed_tokens = UserApiKeys.query()\
617 617 .filter(UserApiKeys.user == self)\
618 618 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)\
619 619 .all()
620 620 if feed_tokens:
621 621 return feed_tokens[0].api_key
622 622 return 'NO_FEED_TOKEN_AVAILABLE'
623 623
624 624 @classmethod
625 625 def extra_valid_auth_tokens(cls, user, role=None):
626 626 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
627 627 .filter(or_(UserApiKeys.expires == -1,
628 628 UserApiKeys.expires >= time.time()))
629 629 if role:
630 630 tokens = tokens.filter(or_(UserApiKeys.role == role,
631 631 UserApiKeys.role == UserApiKeys.ROLE_ALL))
632 632 return tokens.all()
633 633
634 634 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
635 635 from rhodecode.lib import auth
636 636
637 637 log.debug('Trying to authenticate user: %s via auth-token, '
638 638 'and roles: %s', self, roles)
639 639
640 640 if not auth_token:
641 641 return False
642 642
643 643 crypto_backend = auth.crypto_backend()
644 644
645 645 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
646 646 tokens_q = UserApiKeys.query()\
647 647 .filter(UserApiKeys.user_id == self.user_id)\
648 648 .filter(or_(UserApiKeys.expires == -1,
649 649 UserApiKeys.expires >= time.time()))
650 650
651 651 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
652 652
653 653 plain_tokens = []
654 654 hash_tokens = []
655 655
656 656 for token in tokens_q.all():
657 657 # verify scope first
658 658 if token.repo_id:
659 659 # token has a scope, we need to verify it
660 660 if scope_repo_id != token.repo_id:
661 661 log.debug(
662 662 'Scope mismatch: token has a set repo scope: %s, '
663 663 'and calling scope is:%s, skipping further checks',
664 664 token.repo, scope_repo_id)
665 665 # token has a scope, and it doesn't match, skip token
666 666 continue
667 667
668 668 if token.api_key.startswith(crypto_backend.ENC_PREF):
669 669 hash_tokens.append(token.api_key)
670 670 else:
671 671 plain_tokens.append(token.api_key)
672 672
673 673 is_plain_match = auth_token in plain_tokens
674 674 if is_plain_match:
675 675 return True
676 676
677 677 for hashed in hash_tokens:
678 678 # TODO(marcink): this is expensive to calculate, but most secure
679 679 match = crypto_backend.hash_check(auth_token, hashed)
680 680 if match:
681 681 return True
682 682
683 683 return False
684 684
685 685 @property
686 686 def ip_addresses(self):
687 687 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
688 688 return [x.ip_addr for x in ret]
689 689
690 690 @property
691 691 def username_and_name(self):
692 692 return '%s (%s %s)' % (self.username, self.firstname, self.lastname)
693 693
694 694 @property
695 695 def username_or_name_or_email(self):
696 696 full_name = self.full_name if self.full_name is not ' ' else None
697 697 return self.username or full_name or self.email
698 698
699 699 @property
700 700 def full_name(self):
701 701 return '%s %s' % (self.firstname, self.lastname)
702 702
703 703 @property
704 704 def full_name_or_username(self):
705 705 return ('%s %s' % (self.firstname, self.lastname)
706 706 if (self.firstname and self.lastname) else self.username)
707 707
708 708 @property
709 709 def full_contact(self):
710 710 return '%s %s <%s>' % (self.firstname, self.lastname, self.email)
711 711
712 712 @property
713 713 def short_contact(self):
714 714 return '%s %s' % (self.firstname, self.lastname)
715 715
716 716 @property
717 717 def is_admin(self):
718 718 return self.admin
719 719
720 720 @property
721 721 def AuthUser(self):
722 722 """
723 723 Returns instance of AuthUser for this user
724 724 """
725 725 from rhodecode.lib.auth import AuthUser
726 726 return AuthUser(user_id=self.user_id, username=self.username)
727 727
728 728 @hybrid_property
729 729 def user_data(self):
730 730 if not self._user_data:
731 731 return {}
732 732
733 733 try:
734 734 return json.loads(self._user_data)
735 735 except TypeError:
736 736 return {}
737 737
738 738 @user_data.setter
739 739 def user_data(self, val):
740 740 if not isinstance(val, dict):
741 741 raise Exception('user_data must be dict, got %s' % type(val))
742 742 try:
743 743 self._user_data = json.dumps(val)
744 744 except Exception:
745 745 log.error(traceback.format_exc())
746 746
747 747 @classmethod
748 748 def get_by_username(cls, username, case_insensitive=False,
749 749 cache=False, identity_cache=False):
750 750 session = Session()
751 751
752 752 if case_insensitive:
753 753 q = cls.query().filter(
754 754 func.lower(cls.username) == func.lower(username))
755 755 else:
756 756 q = cls.query().filter(cls.username == username)
757 757
758 758 if cache:
759 759 if identity_cache:
760 760 val = cls.identity_cache(session, 'username', username)
761 761 if val:
762 762 return val
763 763 else:
764 764 q = q.options(
765 765 FromCache("sql_cache_short",
766 766 "get_user_by_name_%s" % _hash_key(username)))
767 767
768 768 return q.scalar()
769 769
770 770 @classmethod
771 771 def get_by_auth_token(cls, auth_token, cache=False):
772 772 q = UserApiKeys.query()\
773 773 .filter(UserApiKeys.api_key == auth_token)\
774 774 .filter(or_(UserApiKeys.expires == -1,
775 775 UserApiKeys.expires >= time.time()))
776 776 if cache:
777 777 q = q.options(FromCache("sql_cache_short",
778 778 "get_auth_token_%s" % auth_token))
779 779
780 780 match = q.first()
781 781 if match:
782 782 return match.user
783 783
784 784 @classmethod
785 785 def get_by_email(cls, email, case_insensitive=False, cache=False):
786 786
787 787 if case_insensitive:
788 788 q = cls.query().filter(func.lower(cls.email) == func.lower(email))
789 789
790 790 else:
791 791 q = cls.query().filter(cls.email == email)
792 792
793 793 if cache:
794 794 q = q.options(FromCache("sql_cache_short",
795 795 "get_email_key_%s" % _hash_key(email)))
796 796
797 797 ret = q.scalar()
798 798 if ret is None:
799 799 q = UserEmailMap.query()
800 800 # try fetching in alternate email map
801 801 if case_insensitive:
802 802 q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
803 803 else:
804 804 q = q.filter(UserEmailMap.email == email)
805 805 q = q.options(joinedload(UserEmailMap.user))
806 806 if cache:
807 807 q = q.options(FromCache("sql_cache_short",
808 808 "get_email_map_key_%s" % email))
809 809 ret = getattr(q.scalar(), 'user', None)
810 810
811 811 return ret
812 812
813 813 @classmethod
814 814 def get_from_cs_author(cls, author):
815 815 """
816 816 Tries to get User objects out of commit author string
817 817
818 818 :param author:
819 819 """
820 820 from rhodecode.lib.helpers import email, author_name
821 821 # Valid email in the attribute passed, see if they're in the system
822 822 _email = email(author)
823 823 if _email:
824 824 user = cls.get_by_email(_email, case_insensitive=True)
825 825 if user:
826 826 return user
827 827 # Maybe we can match by username?
828 828 _author = author_name(author)
829 829 user = cls.get_by_username(_author, case_insensitive=True)
830 830 if user:
831 831 return user
832 832
833 833 def update_userdata(self, **kwargs):
834 834 usr = self
835 835 old = usr.user_data
836 836 old.update(**kwargs)
837 837 usr.user_data = old
838 838 Session().add(usr)
839 839 log.debug('updated userdata with ', kwargs)
840 840
841 841 def update_lastlogin(self):
842 842 """Update user lastlogin"""
843 843 self.last_login = datetime.datetime.now()
844 844 Session().add(self)
845 845 log.debug('updated user %s lastlogin', self.username)
846 846
847 847 def update_lastactivity(self):
848 848 """Update user lastactivity"""
849 849 self.last_activity = datetime.datetime.now()
850 850 Session().add(self)
851 851 log.debug('updated user %s lastactivity', self.username)
852 852
853 853 def update_password(self, new_password):
854 854 from rhodecode.lib.auth import get_crypt_password
855 855
856 856 self.password = get_crypt_password(new_password)
857 857 Session().add(self)
858 858
859 859 @classmethod
860 860 def get_first_super_admin(cls):
861 861 user = User.query().filter(User.admin == true()).first()
862 862 if user is None:
863 863 raise Exception('FATAL: Missing administrative account!')
864 864 return user
865 865
866 866 @classmethod
867 867 def get_all_super_admins(cls):
868 868 """
869 869 Returns all admin accounts sorted by username
870 870 """
871 871 return User.query().filter(User.admin == true())\
872 872 .order_by(User.username.asc()).all()
873 873
874 874 @classmethod
875 875 def get_default_user(cls, cache=False):
876 876 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
877 877 if user is None:
878 878 raise Exception('FATAL: Missing default account!')
879 879 return user
880 880
881 881 def _get_default_perms(self, user, suffix=''):
882 882 from rhodecode.model.permission import PermissionModel
883 883 return PermissionModel().get_default_perms(user.user_perms, suffix)
884 884
885 885 def get_default_perms(self, suffix=''):
886 886 return self._get_default_perms(self, suffix)
887 887
888 888 def get_api_data(self, include_secrets=False, details='full'):
889 889 """
890 890 Common function for generating user related data for API
891 891
892 892 :param include_secrets: By default secrets in the API data will be replaced
893 893 by a placeholder value to prevent exposing this data by accident. In case
894 894 this data shall be exposed, set this flag to ``True``.
895 895
896 896 :param details: details can be 'basic|full' basic gives only a subset of
897 897 the available user information that includes user_id, name and emails.
898 898 """
899 899 user = self
900 900 user_data = self.user_data
901 901 data = {
902 902 'user_id': user.user_id,
903 903 'username': user.username,
904 904 'firstname': user.name,
905 905 'lastname': user.lastname,
906 906 'email': user.email,
907 907 'emails': user.emails,
908 908 }
909 909 if details == 'basic':
910 910 return data
911 911
912 912 api_key_length = 40
913 913 api_key_replacement = '*' * api_key_length
914 914
915 915 extras = {
916 916 'api_keys': [api_key_replacement],
917 917 'auth_tokens': [api_key_replacement],
918 918 'active': user.active,
919 919 'admin': user.admin,
920 920 'extern_type': user.extern_type,
921 921 'extern_name': user.extern_name,
922 922 'last_login': user.last_login,
923 923 'ip_addresses': user.ip_addresses,
924 924 'language': user_data.get('language')
925 925 }
926 926 data.update(extras)
927 927
928 928 if include_secrets:
929 929 data['api_keys'] = user.auth_tokens
930 930 data['auth_tokens'] = user.extra_auth_tokens
931 931 return data
932 932
933 933 def __json__(self):
934 934 data = {
935 935 'full_name': self.full_name,
936 936 'full_name_or_username': self.full_name_or_username,
937 937 'short_contact': self.short_contact,
938 938 'full_contact': self.full_contact,
939 939 }
940 940 data.update(self.get_api_data())
941 941 return data
942 942
943 943
944 944 class UserApiKeys(Base, BaseModel):
945 945 __tablename__ = 'user_api_keys'
946 946 __table_args__ = (
947 947 Index('uak_api_key_idx', 'api_key'),
948 948 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
949 949 UniqueConstraint('api_key'),
950 950 {'extend_existing': True, 'mysql_engine': 'InnoDB',
951 951 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
952 952 )
953 953 __mapper_args__ = {}
954 954
955 955 # ApiKey role
956 956 ROLE_ALL = 'token_role_all'
957 957 ROLE_HTTP = 'token_role_http'
958 958 ROLE_VCS = 'token_role_vcs'
959 959 ROLE_API = 'token_role_api'
960 960 ROLE_FEED = 'token_role_feed'
961 961 ROLE_PASSWORD_RESET = 'token_password_reset'
962 962
963 963 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
964 964
965 965 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
966 966 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
967 967 api_key = Column("api_key", String(255), nullable=False, unique=True)
968 968 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
969 969 expires = Column('expires', Float(53), nullable=False)
970 970 role = Column('role', String(255), nullable=True)
971 971 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
972 972
973 973 # scope columns
974 974 repo_id = Column(
975 975 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
976 976 nullable=True, unique=None, default=None)
977 977 repo = relationship('Repository', lazy='joined')
978 978
979 979 repo_group_id = Column(
980 980 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
981 981 nullable=True, unique=None, default=None)
982 982 repo_group = relationship('RepoGroup', lazy='joined')
983 983
984 984 user = relationship('User', lazy='joined')
985 985
986 986 def __unicode__(self):
987 987 return u"<%s('%s')>" % (self.__class__.__name__, self.role)
988 988
989 989 def __json__(self):
990 990 data = {
991 991 'auth_token': self.api_key,
992 992 'role': self.role,
993 993 'scope': self.scope_humanized,
994 994 'expired': self.expired
995 995 }
996 996 return data
997 997
998 998 @property
999 999 def expired(self):
1000 1000 if self.expires == -1:
1001 1001 return False
1002 1002 return time.time() > self.expires
1003 1003
1004 1004 @classmethod
1005 1005 def _get_role_name(cls, role):
1006 1006 return {
1007 1007 cls.ROLE_ALL: _('all'),
1008 1008 cls.ROLE_HTTP: _('http/web interface'),
1009 1009 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1010 1010 cls.ROLE_API: _('api calls'),
1011 1011 cls.ROLE_FEED: _('feed access'),
1012 1012 }.get(role, role)
1013 1013
1014 1014 @property
1015 1015 def role_humanized(self):
1016 1016 return self._get_role_name(self.role)
1017 1017
1018 1018 def _get_scope(self):
1019 1019 if self.repo:
1020 1020 return repr(self.repo)
1021 1021 if self.repo_group:
1022 1022 return repr(self.repo_group) + ' (recursive)'
1023 1023 return 'global'
1024 1024
1025 1025 @property
1026 1026 def scope_humanized(self):
1027 1027 return self._get_scope()
1028 1028
1029 1029
1030 1030 class UserEmailMap(Base, BaseModel):
1031 1031 __tablename__ = 'user_email_map'
1032 1032 __table_args__ = (
1033 1033 Index('uem_email_idx', 'email'),
1034 1034 UniqueConstraint('email'),
1035 1035 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1036 1036 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1037 1037 )
1038 1038 __mapper_args__ = {}
1039 1039
1040 1040 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1041 1041 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1042 1042 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1043 1043 user = relationship('User', lazy='joined')
1044 1044
1045 1045 @validates('_email')
1046 1046 def validate_email(self, key, email):
1047 1047 # check if this email is not main one
1048 1048 main_email = Session().query(User).filter(User.email == email).scalar()
1049 1049 if main_email is not None:
1050 1050 raise AttributeError('email %s is present is user table' % email)
1051 1051 return email
1052 1052
1053 1053 @hybrid_property
1054 1054 def email(self):
1055 1055 return self._email
1056 1056
1057 1057 @email.setter
1058 1058 def email(self, val):
1059 1059 self._email = val.lower() if val else None
1060 1060
1061 1061
1062 1062 class UserIpMap(Base, BaseModel):
1063 1063 __tablename__ = 'user_ip_map'
1064 1064 __table_args__ = (
1065 1065 UniqueConstraint('user_id', 'ip_addr'),
1066 1066 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1067 1067 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1068 1068 )
1069 1069 __mapper_args__ = {}
1070 1070
1071 1071 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1072 1072 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1073 1073 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1074 1074 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1075 1075 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1076 1076 user = relationship('User', lazy='joined')
1077 1077
1078 1078 @classmethod
1079 1079 def _get_ip_range(cls, ip_addr):
1080 1080 net = ipaddress.ip_network(ip_addr, strict=False)
1081 1081 return [str(net.network_address), str(net.broadcast_address)]
1082 1082
1083 1083 def __json__(self):
1084 1084 return {
1085 1085 'ip_addr': self.ip_addr,
1086 1086 'ip_range': self._get_ip_range(self.ip_addr),
1087 1087 }
1088 1088
1089 1089 def __unicode__(self):
1090 1090 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1091 1091 self.user_id, self.ip_addr)
1092 1092
1093 1093
1094 1094 class UserLog(Base, BaseModel):
1095 1095 __tablename__ = 'user_logs'
1096 1096 __table_args__ = (
1097 1097 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1098 1098 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1099 1099 )
1100 1100 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1101 1101 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1102 1102 username = Column("username", String(255), nullable=True, unique=None, default=None)
1103 1103 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True)
1104 1104 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1105 1105 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1106 1106 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1107 1107 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1108 1108
1109 1109 def __unicode__(self):
1110 1110 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
1111 1111 self.repository_name,
1112 1112 self.action)
1113 1113
1114 1114 @property
1115 1115 def action_as_day(self):
1116 1116 return datetime.date(*self.action_date.timetuple()[:3])
1117 1117
1118 1118 user = relationship('User')
1119 1119 repository = relationship('Repository', cascade='')
1120 1120
1121 1121
1122 1122 class UserGroup(Base, BaseModel):
1123 1123 __tablename__ = 'users_groups'
1124 1124 __table_args__ = (
1125 1125 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1126 1126 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1127 1127 )
1128 1128
1129 1129 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1130 1130 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1131 1131 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1132 1132 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1133 1133 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1134 1134 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1135 1135 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1136 1136 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1137 1137
1138 1138 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
1139 1139 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
1140 1140 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1141 1141 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
1142 1142 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
1143 1143 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
1144 1144
1145 1145 user = relationship('User')
1146 1146
1147 1147 @hybrid_property
1148 1148 def group_data(self):
1149 1149 if not self._group_data:
1150 1150 return {}
1151 1151
1152 1152 try:
1153 1153 return json.loads(self._group_data)
1154 1154 except TypeError:
1155 1155 return {}
1156 1156
1157 1157 @group_data.setter
1158 1158 def group_data(self, val):
1159 1159 try:
1160 1160 self._group_data = json.dumps(val)
1161 1161 except Exception:
1162 1162 log.error(traceback.format_exc())
1163 1163
1164 1164 def __unicode__(self):
1165 1165 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
1166 1166 self.users_group_id,
1167 1167 self.users_group_name)
1168 1168
1169 1169 @classmethod
1170 1170 def get_by_group_name(cls, group_name, cache=False,
1171 1171 case_insensitive=False):
1172 1172 if case_insensitive:
1173 1173 q = cls.query().filter(func.lower(cls.users_group_name) ==
1174 1174 func.lower(group_name))
1175 1175
1176 1176 else:
1177 1177 q = cls.query().filter(cls.users_group_name == group_name)
1178 1178 if cache:
1179 1179 q = q.options(FromCache(
1180 1180 "sql_cache_short",
1181 1181 "get_group_%s" % _hash_key(group_name)))
1182 1182 return q.scalar()
1183 1183
1184 1184 @classmethod
1185 1185 def get(cls, user_group_id, cache=False):
1186 1186 user_group = cls.query()
1187 1187 if cache:
1188 1188 user_group = user_group.options(FromCache("sql_cache_short",
1189 1189 "get_users_group_%s" % user_group_id))
1190 1190 return user_group.get(user_group_id)
1191 1191
1192 1192 def permissions(self, with_admins=True, with_owner=True):
1193 1193 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1194 1194 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1195 1195 joinedload(UserUserGroupToPerm.user),
1196 1196 joinedload(UserUserGroupToPerm.permission),)
1197 1197
1198 1198 # get owners and admins and permissions. We do a trick of re-writing
1199 1199 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1200 1200 # has a global reference and changing one object propagates to all
1201 1201 # others. This means if admin is also an owner admin_row that change
1202 1202 # would propagate to both objects
1203 1203 perm_rows = []
1204 1204 for _usr in q.all():
1205 1205 usr = AttributeDict(_usr.user.get_dict())
1206 1206 usr.permission = _usr.permission.permission_name
1207 1207 perm_rows.append(usr)
1208 1208
1209 1209 # filter the perm rows by 'default' first and then sort them by
1210 1210 # admin,write,read,none permissions sorted again alphabetically in
1211 1211 # each group
1212 1212 perm_rows = sorted(perm_rows, key=display_sort)
1213 1213
1214 1214 _admin_perm = 'usergroup.admin'
1215 1215 owner_row = []
1216 1216 if with_owner:
1217 1217 usr = AttributeDict(self.user.get_dict())
1218 1218 usr.owner_row = True
1219 1219 usr.permission = _admin_perm
1220 1220 owner_row.append(usr)
1221 1221
1222 1222 super_admin_rows = []
1223 1223 if with_admins:
1224 1224 for usr in User.get_all_super_admins():
1225 1225 # if this admin is also owner, don't double the record
1226 1226 if usr.user_id == owner_row[0].user_id:
1227 1227 owner_row[0].admin_row = True
1228 1228 else:
1229 1229 usr = AttributeDict(usr.get_dict())
1230 1230 usr.admin_row = True
1231 1231 usr.permission = _admin_perm
1232 1232 super_admin_rows.append(usr)
1233 1233
1234 1234 return super_admin_rows + owner_row + perm_rows
1235 1235
1236 1236 def permission_user_groups(self):
1237 1237 q = UserGroupUserGroupToPerm.query().filter(UserGroupUserGroupToPerm.target_user_group == self)
1238 1238 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1239 1239 joinedload(UserGroupUserGroupToPerm.target_user_group),
1240 1240 joinedload(UserGroupUserGroupToPerm.permission),)
1241 1241
1242 1242 perm_rows = []
1243 1243 for _user_group in q.all():
1244 1244 usr = AttributeDict(_user_group.user_group.get_dict())
1245 1245 usr.permission = _user_group.permission.permission_name
1246 1246 perm_rows.append(usr)
1247 1247
1248 1248 return perm_rows
1249 1249
1250 1250 def _get_default_perms(self, user_group, suffix=''):
1251 1251 from rhodecode.model.permission import PermissionModel
1252 1252 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1253 1253
1254 1254 def get_default_perms(self, suffix=''):
1255 1255 return self._get_default_perms(self, suffix)
1256 1256
1257 1257 def get_api_data(self, with_group_members=True, include_secrets=False):
1258 1258 """
1259 1259 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1260 1260 basically forwarded.
1261 1261
1262 1262 """
1263 1263 user_group = self
1264
1265 1264 data = {
1266 1265 'users_group_id': user_group.users_group_id,
1267 1266 'group_name': user_group.users_group_name,
1268 1267 'group_description': user_group.user_group_description,
1269 1268 'active': user_group.users_group_active,
1270 1269 'owner': user_group.user.username,
1270 'owner_email': user_group.user.email,
1271 1271 }
1272
1272 1273 if with_group_members:
1273 1274 users = []
1274 1275 for user in user_group.members:
1275 1276 user = user.user
1276 1277 users.append(user.get_api_data(include_secrets=include_secrets))
1277 1278 data['users'] = users
1278 1279
1279 1280 return data
1280 1281
1281 1282
1282 1283 class UserGroupMember(Base, BaseModel):
1283 1284 __tablename__ = 'users_groups_members'
1284 1285 __table_args__ = (
1285 1286 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1286 1287 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1287 1288 )
1288 1289
1289 1290 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1290 1291 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1291 1292 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1292 1293
1293 1294 user = relationship('User', lazy='joined')
1294 1295 users_group = relationship('UserGroup')
1295 1296
1296 1297 def __init__(self, gr_id='', u_id=''):
1297 1298 self.users_group_id = gr_id
1298 1299 self.user_id = u_id
1299 1300
1300 1301
1301 1302 class RepositoryField(Base, BaseModel):
1302 1303 __tablename__ = 'repositories_fields'
1303 1304 __table_args__ = (
1304 1305 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1305 1306 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1306 1307 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1307 1308 )
1308 1309 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1309 1310
1310 1311 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1311 1312 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1312 1313 field_key = Column("field_key", String(250))
1313 1314 field_label = Column("field_label", String(1024), nullable=False)
1314 1315 field_value = Column("field_value", String(10000), nullable=False)
1315 1316 field_desc = Column("field_desc", String(1024), nullable=False)
1316 1317 field_type = Column("field_type", String(255), nullable=False, unique=None)
1317 1318 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1318 1319
1319 1320 repository = relationship('Repository')
1320 1321
1321 1322 @property
1322 1323 def field_key_prefixed(self):
1323 1324 return 'ex_%s' % self.field_key
1324 1325
1325 1326 @classmethod
1326 1327 def un_prefix_key(cls, key):
1327 1328 if key.startswith(cls.PREFIX):
1328 1329 return key[len(cls.PREFIX):]
1329 1330 return key
1330 1331
1331 1332 @classmethod
1332 1333 def get_by_key_name(cls, key, repo):
1333 1334 row = cls.query()\
1334 1335 .filter(cls.repository == repo)\
1335 1336 .filter(cls.field_key == key).scalar()
1336 1337 return row
1337 1338
1338 1339
1339 1340 class Repository(Base, BaseModel):
1340 1341 __tablename__ = 'repositories'
1341 1342 __table_args__ = (
1342 1343 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1343 1344 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1344 1345 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1345 1346 )
1346 1347 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1347 1348 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1348 1349
1349 1350 STATE_CREATED = 'repo_state_created'
1350 1351 STATE_PENDING = 'repo_state_pending'
1351 1352 STATE_ERROR = 'repo_state_error'
1352 1353
1353 1354 LOCK_AUTOMATIC = 'lock_auto'
1354 1355 LOCK_API = 'lock_api'
1355 1356 LOCK_WEB = 'lock_web'
1356 1357 LOCK_PULL = 'lock_pull'
1357 1358
1358 1359 NAME_SEP = URL_SEP
1359 1360
1360 1361 repo_id = Column(
1361 1362 "repo_id", Integer(), nullable=False, unique=True, default=None,
1362 1363 primary_key=True)
1363 1364 _repo_name = Column(
1364 1365 "repo_name", Text(), nullable=False, default=None)
1365 1366 _repo_name_hash = Column(
1366 1367 "repo_name_hash", String(255), nullable=False, unique=True)
1367 1368 repo_state = Column("repo_state", String(255), nullable=True)
1368 1369
1369 1370 clone_uri = Column(
1370 1371 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1371 1372 default=None)
1372 1373 repo_type = Column(
1373 1374 "repo_type", String(255), nullable=False, unique=False, default=None)
1374 1375 user_id = Column(
1375 1376 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1376 1377 unique=False, default=None)
1377 1378 private = Column(
1378 1379 "private", Boolean(), nullable=True, unique=None, default=None)
1379 1380 enable_statistics = Column(
1380 1381 "statistics", Boolean(), nullable=True, unique=None, default=True)
1381 1382 enable_downloads = Column(
1382 1383 "downloads", Boolean(), nullable=True, unique=None, default=True)
1383 1384 description = Column(
1384 1385 "description", String(10000), nullable=True, unique=None, default=None)
1385 1386 created_on = Column(
1386 1387 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1387 1388 default=datetime.datetime.now)
1388 1389 updated_on = Column(
1389 1390 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1390 1391 default=datetime.datetime.now)
1391 1392 _landing_revision = Column(
1392 1393 "landing_revision", String(255), nullable=False, unique=False,
1393 1394 default=None)
1394 1395 enable_locking = Column(
1395 1396 "enable_locking", Boolean(), nullable=False, unique=None,
1396 1397 default=False)
1397 1398 _locked = Column(
1398 1399 "locked", String(255), nullable=True, unique=False, default=None)
1399 1400 _changeset_cache = Column(
1400 1401 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1401 1402
1402 1403 fork_id = Column(
1403 1404 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1404 1405 nullable=True, unique=False, default=None)
1405 1406 group_id = Column(
1406 1407 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1407 1408 unique=False, default=None)
1408 1409
1409 1410 user = relationship('User', lazy='joined')
1410 1411 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1411 1412 group = relationship('RepoGroup', lazy='joined')
1412 1413 repo_to_perm = relationship(
1413 1414 'UserRepoToPerm', cascade='all',
1414 1415 order_by='UserRepoToPerm.repo_to_perm_id')
1415 1416 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1416 1417 stats = relationship('Statistics', cascade='all', uselist=False)
1417 1418
1418 1419 followers = relationship(
1419 1420 'UserFollowing',
1420 1421 primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
1421 1422 cascade='all')
1422 1423 extra_fields = relationship(
1423 1424 'RepositoryField', cascade="all, delete, delete-orphan")
1424 1425 logs = relationship('UserLog')
1425 1426 comments = relationship(
1426 1427 'ChangesetComment', cascade="all, delete, delete-orphan")
1427 1428 pull_requests_source = relationship(
1428 1429 'PullRequest',
1429 1430 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1430 1431 cascade="all, delete, delete-orphan")
1431 1432 pull_requests_target = relationship(
1432 1433 'PullRequest',
1433 1434 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1434 1435 cascade="all, delete, delete-orphan")
1435 1436 ui = relationship('RepoRhodeCodeUi', cascade="all")
1436 1437 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1437 1438 integrations = relationship('Integration',
1438 1439 cascade="all, delete, delete-orphan")
1439 1440
1440 1441 def __unicode__(self):
1441 1442 return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
1442 1443 safe_unicode(self.repo_name))
1443 1444
1444 1445 @hybrid_property
1445 1446 def landing_rev(self):
1446 1447 # always should return [rev_type, rev]
1447 1448 if self._landing_revision:
1448 1449 _rev_info = self._landing_revision.split(':')
1449 1450 if len(_rev_info) < 2:
1450 1451 _rev_info.insert(0, 'rev')
1451 1452 return [_rev_info[0], _rev_info[1]]
1452 1453 return [None, None]
1453 1454
1454 1455 @landing_rev.setter
1455 1456 def landing_rev(self, val):
1456 1457 if ':' not in val:
1457 1458 raise ValueError('value must be delimited with `:` and consist '
1458 1459 'of <rev_type>:<rev>, got %s instead' % val)
1459 1460 self._landing_revision = val
1460 1461
1461 1462 @hybrid_property
1462 1463 def locked(self):
1463 1464 if self._locked:
1464 1465 user_id, timelocked, reason = self._locked.split(':')
1465 1466 lock_values = int(user_id), timelocked, reason
1466 1467 else:
1467 1468 lock_values = [None, None, None]
1468 1469 return lock_values
1469 1470
1470 1471 @locked.setter
1471 1472 def locked(self, val):
1472 1473 if val and isinstance(val, (list, tuple)):
1473 1474 self._locked = ':'.join(map(str, val))
1474 1475 else:
1475 1476 self._locked = None
1476 1477
1477 1478 @hybrid_property
1478 1479 def changeset_cache(self):
1479 1480 from rhodecode.lib.vcs.backends.base import EmptyCommit
1480 1481 dummy = EmptyCommit().__json__()
1481 1482 if not self._changeset_cache:
1482 1483 return dummy
1483 1484 try:
1484 1485 return json.loads(self._changeset_cache)
1485 1486 except TypeError:
1486 1487 return dummy
1487 1488 except Exception:
1488 1489 log.error(traceback.format_exc())
1489 1490 return dummy
1490 1491
1491 1492 @changeset_cache.setter
1492 1493 def changeset_cache(self, val):
1493 1494 try:
1494 1495 self._changeset_cache = json.dumps(val)
1495 1496 except Exception:
1496 1497 log.error(traceback.format_exc())
1497 1498
1498 1499 @hybrid_property
1499 1500 def repo_name(self):
1500 1501 return self._repo_name
1501 1502
1502 1503 @repo_name.setter
1503 1504 def repo_name(self, value):
1504 1505 self._repo_name = value
1505 1506 self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
1506 1507
1507 1508 @classmethod
1508 1509 def normalize_repo_name(cls, repo_name):
1509 1510 """
1510 1511 Normalizes os specific repo_name to the format internally stored inside
1511 1512 database using URL_SEP
1512 1513
1513 1514 :param cls:
1514 1515 :param repo_name:
1515 1516 """
1516 1517 return cls.NAME_SEP.join(repo_name.split(os.sep))
1517 1518
1518 1519 @classmethod
1519 1520 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1520 1521 session = Session()
1521 1522 q = session.query(cls).filter(cls.repo_name == repo_name)
1522 1523
1523 1524 if cache:
1524 1525 if identity_cache:
1525 1526 val = cls.identity_cache(session, 'repo_name', repo_name)
1526 1527 if val:
1527 1528 return val
1528 1529 else:
1529 1530 q = q.options(
1530 1531 FromCache("sql_cache_short",
1531 1532 "get_repo_by_name_%s" % _hash_key(repo_name)))
1532 1533
1533 1534 return q.scalar()
1534 1535
1535 1536 @classmethod
1536 1537 def get_by_full_path(cls, repo_full_path):
1537 1538 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1538 1539 repo_name = cls.normalize_repo_name(repo_name)
1539 1540 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1540 1541
1541 1542 @classmethod
1542 1543 def get_repo_forks(cls, repo_id):
1543 1544 return cls.query().filter(Repository.fork_id == repo_id)
1544 1545
1545 1546 @classmethod
1546 1547 def base_path(cls):
1547 1548 """
1548 1549 Returns base path when all repos are stored
1549 1550
1550 1551 :param cls:
1551 1552 """
1552 1553 q = Session().query(RhodeCodeUi)\
1553 1554 .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
1554 1555 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1555 1556 return q.one().ui_value
1556 1557
1557 1558 @classmethod
1558 1559 def is_valid(cls, repo_name):
1559 1560 """
1560 1561 returns True if given repo name is a valid filesystem repository
1561 1562
1562 1563 :param cls:
1563 1564 :param repo_name:
1564 1565 """
1565 1566 from rhodecode.lib.utils import is_valid_repo
1566 1567
1567 1568 return is_valid_repo(repo_name, cls.base_path())
1568 1569
1569 1570 @classmethod
1570 1571 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1571 1572 case_insensitive=True):
1572 1573 q = Repository.query()
1573 1574
1574 1575 if not isinstance(user_id, Optional):
1575 1576 q = q.filter(Repository.user_id == user_id)
1576 1577
1577 1578 if not isinstance(group_id, Optional):
1578 1579 q = q.filter(Repository.group_id == group_id)
1579 1580
1580 1581 if case_insensitive:
1581 1582 q = q.order_by(func.lower(Repository.repo_name))
1582 1583 else:
1583 1584 q = q.order_by(Repository.repo_name)
1584 1585 return q.all()
1585 1586
1586 1587 @property
1587 1588 def forks(self):
1588 1589 """
1589 1590 Return forks of this repo
1590 1591 """
1591 1592 return Repository.get_repo_forks(self.repo_id)
1592 1593
1593 1594 @property
1594 1595 def parent(self):
1595 1596 """
1596 1597 Returns fork parent
1597 1598 """
1598 1599 return self.fork
1599 1600
1600 1601 @property
1601 1602 def just_name(self):
1602 1603 return self.repo_name.split(self.NAME_SEP)[-1]
1603 1604
1604 1605 @property
1605 1606 def groups_with_parents(self):
1606 1607 groups = []
1607 1608 if self.group is None:
1608 1609 return groups
1609 1610
1610 1611 cur_gr = self.group
1611 1612 groups.insert(0, cur_gr)
1612 1613 while 1:
1613 1614 gr = getattr(cur_gr, 'parent_group', None)
1614 1615 cur_gr = cur_gr.parent_group
1615 1616 if gr is None:
1616 1617 break
1617 1618 groups.insert(0, gr)
1618 1619
1619 1620 return groups
1620 1621
1621 1622 @property
1622 1623 def groups_and_repo(self):
1623 1624 return self.groups_with_parents, self
1624 1625
1625 1626 @LazyProperty
1626 1627 def repo_path(self):
1627 1628 """
1628 1629 Returns base full path for that repository means where it actually
1629 1630 exists on a filesystem
1630 1631 """
1631 1632 q = Session().query(RhodeCodeUi).filter(
1632 1633 RhodeCodeUi.ui_key == self.NAME_SEP)
1633 1634 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1634 1635 return q.one().ui_value
1635 1636
1636 1637 @property
1637 1638 def repo_full_path(self):
1638 1639 p = [self.repo_path]
1639 1640 # we need to split the name by / since this is how we store the
1640 1641 # names in the database, but that eventually needs to be converted
1641 1642 # into a valid system path
1642 1643 p += self.repo_name.split(self.NAME_SEP)
1643 1644 return os.path.join(*map(safe_unicode, p))
1644 1645
1645 1646 @property
1646 1647 def cache_keys(self):
1647 1648 """
1648 1649 Returns associated cache keys for that repo
1649 1650 """
1650 1651 return CacheKey.query()\
1651 1652 .filter(CacheKey.cache_args == self.repo_name)\
1652 1653 .order_by(CacheKey.cache_key)\
1653 1654 .all()
1654 1655
1655 1656 def get_new_name(self, repo_name):
1656 1657 """
1657 1658 returns new full repository name based on assigned group and new new
1658 1659
1659 1660 :param group_name:
1660 1661 """
1661 1662 path_prefix = self.group.full_path_splitted if self.group else []
1662 1663 return self.NAME_SEP.join(path_prefix + [repo_name])
1663 1664
1664 1665 @property
1665 1666 def _config(self):
1666 1667 """
1667 1668 Returns db based config object.
1668 1669 """
1669 1670 from rhodecode.lib.utils import make_db_config
1670 1671 return make_db_config(clear_session=False, repo=self)
1671 1672
1672 1673 def permissions(self, with_admins=True, with_owner=True):
1673 1674 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
1674 1675 q = q.options(joinedload(UserRepoToPerm.repository),
1675 1676 joinedload(UserRepoToPerm.user),
1676 1677 joinedload(UserRepoToPerm.permission),)
1677 1678
1678 1679 # get owners and admins and permissions. We do a trick of re-writing
1679 1680 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1680 1681 # has a global reference and changing one object propagates to all
1681 1682 # others. This means if admin is also an owner admin_row that change
1682 1683 # would propagate to both objects
1683 1684 perm_rows = []
1684 1685 for _usr in q.all():
1685 1686 usr = AttributeDict(_usr.user.get_dict())
1686 1687 usr.permission = _usr.permission.permission_name
1687 1688 perm_rows.append(usr)
1688 1689
1689 1690 # filter the perm rows by 'default' first and then sort them by
1690 1691 # admin,write,read,none permissions sorted again alphabetically in
1691 1692 # each group
1692 1693 perm_rows = sorted(perm_rows, key=display_sort)
1693 1694
1694 1695 _admin_perm = 'repository.admin'
1695 1696 owner_row = []
1696 1697 if with_owner:
1697 1698 usr = AttributeDict(self.user.get_dict())
1698 1699 usr.owner_row = True
1699 1700 usr.permission = _admin_perm
1700 1701 owner_row.append(usr)
1701 1702
1702 1703 super_admin_rows = []
1703 1704 if with_admins:
1704 1705 for usr in User.get_all_super_admins():
1705 1706 # if this admin is also owner, don't double the record
1706 1707 if usr.user_id == owner_row[0].user_id:
1707 1708 owner_row[0].admin_row = True
1708 1709 else:
1709 1710 usr = AttributeDict(usr.get_dict())
1710 1711 usr.admin_row = True
1711 1712 usr.permission = _admin_perm
1712 1713 super_admin_rows.append(usr)
1713 1714
1714 1715 return super_admin_rows + owner_row + perm_rows
1715 1716
1716 1717 def permission_user_groups(self):
1717 1718 q = UserGroupRepoToPerm.query().filter(
1718 1719 UserGroupRepoToPerm.repository == self)
1719 1720 q = q.options(joinedload(UserGroupRepoToPerm.repository),
1720 1721 joinedload(UserGroupRepoToPerm.users_group),
1721 1722 joinedload(UserGroupRepoToPerm.permission),)
1722 1723
1723 1724 perm_rows = []
1724 1725 for _user_group in q.all():
1725 1726 usr = AttributeDict(_user_group.users_group.get_dict())
1726 1727 usr.permission = _user_group.permission.permission_name
1727 1728 perm_rows.append(usr)
1728 1729
1729 1730 return perm_rows
1730 1731
1731 1732 def get_api_data(self, include_secrets=False):
1732 1733 """
1733 1734 Common function for generating repo api data
1734 1735
1735 1736 :param include_secrets: See :meth:`User.get_api_data`.
1736 1737
1737 1738 """
1738 1739 # TODO: mikhail: Here there is an anti-pattern, we probably need to
1739 1740 # move this methods on models level.
1740 1741 from rhodecode.model.settings import SettingsModel
1741 1742
1742 1743 repo = self
1743 1744 _user_id, _time, _reason = self.locked
1744 1745
1745 1746 data = {
1746 1747 'repo_id': repo.repo_id,
1747 1748 'repo_name': repo.repo_name,
1748 1749 'repo_type': repo.repo_type,
1749 1750 'clone_uri': repo.clone_uri or '',
1750 1751 'url': url('summary_home', repo_name=self.repo_name, qualified=True),
1751 1752 'private': repo.private,
1752 1753 'created_on': repo.created_on,
1753 1754 'description': repo.description,
1754 1755 'landing_rev': repo.landing_rev,
1755 1756 'owner': repo.user.username,
1756 1757 'fork_of': repo.fork.repo_name if repo.fork else None,
1757 1758 'enable_statistics': repo.enable_statistics,
1758 1759 'enable_locking': repo.enable_locking,
1759 1760 'enable_downloads': repo.enable_downloads,
1760 1761 'last_changeset': repo.changeset_cache,
1761 1762 'locked_by': User.get(_user_id).get_api_data(
1762 1763 include_secrets=include_secrets) if _user_id else None,
1763 1764 'locked_date': time_to_datetime(_time) if _time else None,
1764 1765 'lock_reason': _reason if _reason else None,
1765 1766 }
1766 1767
1767 1768 # TODO: mikhail: should be per-repo settings here
1768 1769 rc_config = SettingsModel().get_all_settings()
1769 1770 repository_fields = str2bool(
1770 1771 rc_config.get('rhodecode_repository_fields'))
1771 1772 if repository_fields:
1772 1773 for f in self.extra_fields:
1773 1774 data[f.field_key_prefixed] = f.field_value
1774 1775
1775 1776 return data
1776 1777
1777 1778 @classmethod
1778 1779 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
1779 1780 if not lock_time:
1780 1781 lock_time = time.time()
1781 1782 if not lock_reason:
1782 1783 lock_reason = cls.LOCK_AUTOMATIC
1783 1784 repo.locked = [user_id, lock_time, lock_reason]
1784 1785 Session().add(repo)
1785 1786 Session().commit()
1786 1787
1787 1788 @classmethod
1788 1789 def unlock(cls, repo):
1789 1790 repo.locked = None
1790 1791 Session().add(repo)
1791 1792 Session().commit()
1792 1793
1793 1794 @classmethod
1794 1795 def getlock(cls, repo):
1795 1796 return repo.locked
1796 1797
1797 1798 def is_user_lock(self, user_id):
1798 1799 if self.lock[0]:
1799 1800 lock_user_id = safe_int(self.lock[0])
1800 1801 user_id = safe_int(user_id)
1801 1802 # both are ints, and they are equal
1802 1803 return all([lock_user_id, user_id]) and lock_user_id == user_id
1803 1804
1804 1805 return False
1805 1806
1806 1807 def get_locking_state(self, action, user_id, only_when_enabled=True):
1807 1808 """
1808 1809 Checks locking on this repository, if locking is enabled and lock is
1809 1810 present returns a tuple of make_lock, locked, locked_by.
1810 1811 make_lock can have 3 states None (do nothing) True, make lock
1811 1812 False release lock, This value is later propagated to hooks, which
1812 1813 do the locking. Think about this as signals passed to hooks what to do.
1813 1814
1814 1815 """
1815 1816 # TODO: johbo: This is part of the business logic and should be moved
1816 1817 # into the RepositoryModel.
1817 1818
1818 1819 if action not in ('push', 'pull'):
1819 1820 raise ValueError("Invalid action value: %s" % repr(action))
1820 1821
1821 1822 # defines if locked error should be thrown to user
1822 1823 currently_locked = False
1823 1824 # defines if new lock should be made, tri-state
1824 1825 make_lock = None
1825 1826 repo = self
1826 1827 user = User.get(user_id)
1827 1828
1828 1829 lock_info = repo.locked
1829 1830
1830 1831 if repo and (repo.enable_locking or not only_when_enabled):
1831 1832 if action == 'push':
1832 1833 # check if it's already locked !, if it is compare users
1833 1834 locked_by_user_id = lock_info[0]
1834 1835 if user.user_id == locked_by_user_id:
1835 1836 log.debug(
1836 1837 'Got `push` action from user %s, now unlocking', user)
1837 1838 # unlock if we have push from user who locked
1838 1839 make_lock = False
1839 1840 else:
1840 1841 # we're not the same user who locked, ban with
1841 1842 # code defined in settings (default is 423 HTTP Locked) !
1842 1843 log.debug('Repo %s is currently locked by %s', repo, user)
1843 1844 currently_locked = True
1844 1845 elif action == 'pull':
1845 1846 # [0] user [1] date
1846 1847 if lock_info[0] and lock_info[1]:
1847 1848 log.debug('Repo %s is currently locked by %s', repo, user)
1848 1849 currently_locked = True
1849 1850 else:
1850 1851 log.debug('Setting lock on repo %s by %s', repo, user)
1851 1852 make_lock = True
1852 1853
1853 1854 else:
1854 1855 log.debug('Repository %s do not have locking enabled', repo)
1855 1856
1856 1857 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
1857 1858 make_lock, currently_locked, lock_info)
1858 1859
1859 1860 from rhodecode.lib.auth import HasRepoPermissionAny
1860 1861 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
1861 1862 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
1862 1863 # if we don't have at least write permission we cannot make a lock
1863 1864 log.debug('lock state reset back to FALSE due to lack '
1864 1865 'of at least read permission')
1865 1866 make_lock = False
1866 1867
1867 1868 return make_lock, currently_locked, lock_info
1868 1869
1869 1870 @property
1870 1871 def last_db_change(self):
1871 1872 return self.updated_on
1872 1873
1873 1874 @property
1874 1875 def clone_uri_hidden(self):
1875 1876 clone_uri = self.clone_uri
1876 1877 if clone_uri:
1877 1878 import urlobject
1878 1879 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
1879 1880 if url_obj.password:
1880 1881 clone_uri = url_obj.with_password('*****')
1881 1882 return clone_uri
1882 1883
1883 1884 def clone_url(self, **override):
1884 1885 qualified_home_url = url('home', qualified=True)
1885 1886
1886 1887 uri_tmpl = None
1887 1888 if 'with_id' in override:
1888 1889 uri_tmpl = self.DEFAULT_CLONE_URI_ID
1889 1890 del override['with_id']
1890 1891
1891 1892 if 'uri_tmpl' in override:
1892 1893 uri_tmpl = override['uri_tmpl']
1893 1894 del override['uri_tmpl']
1894 1895
1895 1896 # we didn't override our tmpl from **overrides
1896 1897 if not uri_tmpl:
1897 1898 uri_tmpl = self.DEFAULT_CLONE_URI
1898 1899 try:
1899 1900 from pylons import tmpl_context as c
1900 1901 uri_tmpl = c.clone_uri_tmpl
1901 1902 except Exception:
1902 1903 # in any case if we call this outside of request context,
1903 1904 # ie, not having tmpl_context set up
1904 1905 pass
1905 1906
1906 1907 return get_clone_url(uri_tmpl=uri_tmpl,
1907 1908 qualifed_home_url=qualified_home_url,
1908 1909 repo_name=self.repo_name,
1909 1910 repo_id=self.repo_id, **override)
1910 1911
1911 1912 def set_state(self, state):
1912 1913 self.repo_state = state
1913 1914 Session().add(self)
1914 1915 #==========================================================================
1915 1916 # SCM PROPERTIES
1916 1917 #==========================================================================
1917 1918
1918 1919 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
1919 1920 return get_commit_safe(
1920 1921 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
1921 1922
1922 1923 def get_changeset(self, rev=None, pre_load=None):
1923 1924 warnings.warn("Use get_commit", DeprecationWarning)
1924 1925 commit_id = None
1925 1926 commit_idx = None
1926 1927 if isinstance(rev, basestring):
1927 1928 commit_id = rev
1928 1929 else:
1929 1930 commit_idx = rev
1930 1931 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
1931 1932 pre_load=pre_load)
1932 1933
1933 1934 def get_landing_commit(self):
1934 1935 """
1935 1936 Returns landing commit, or if that doesn't exist returns the tip
1936 1937 """
1937 1938 _rev_type, _rev = self.landing_rev
1938 1939 commit = self.get_commit(_rev)
1939 1940 if isinstance(commit, EmptyCommit):
1940 1941 return self.get_commit()
1941 1942 return commit
1942 1943
1943 1944 def update_commit_cache(self, cs_cache=None, config=None):
1944 1945 """
1945 1946 Update cache of last changeset for repository, keys should be::
1946 1947
1947 1948 short_id
1948 1949 raw_id
1949 1950 revision
1950 1951 parents
1951 1952 message
1952 1953 date
1953 1954 author
1954 1955
1955 1956 :param cs_cache:
1956 1957 """
1957 1958 from rhodecode.lib.vcs.backends.base import BaseChangeset
1958 1959 if cs_cache is None:
1959 1960 # use no-cache version here
1960 1961 scm_repo = self.scm_instance(cache=False, config=config)
1961 1962 if scm_repo:
1962 1963 cs_cache = scm_repo.get_commit(
1963 1964 pre_load=["author", "date", "message", "parents"])
1964 1965 else:
1965 1966 cs_cache = EmptyCommit()
1966 1967
1967 1968 if isinstance(cs_cache, BaseChangeset):
1968 1969 cs_cache = cs_cache.__json__()
1969 1970
1970 1971 def is_outdated(new_cs_cache):
1971 1972 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
1972 1973 new_cs_cache['revision'] != self.changeset_cache['revision']):
1973 1974 return True
1974 1975 return False
1975 1976
1976 1977 # check if we have maybe already latest cached revision
1977 1978 if is_outdated(cs_cache) or not self.changeset_cache:
1978 1979 _default = datetime.datetime.fromtimestamp(0)
1979 1980 last_change = cs_cache.get('date') or _default
1980 1981 log.debug('updated repo %s with new cs cache %s',
1981 1982 self.repo_name, cs_cache)
1982 1983 self.updated_on = last_change
1983 1984 self.changeset_cache = cs_cache
1984 1985 Session().add(self)
1985 1986 Session().commit()
1986 1987 else:
1987 1988 log.debug('Skipping update_commit_cache for repo:`%s` '
1988 1989 'commit already with latest changes', self.repo_name)
1989 1990
1990 1991 @property
1991 1992 def tip(self):
1992 1993 return self.get_commit('tip')
1993 1994
1994 1995 @property
1995 1996 def author(self):
1996 1997 return self.tip.author
1997 1998
1998 1999 @property
1999 2000 def last_change(self):
2000 2001 return self.scm_instance().last_change
2001 2002
2002 2003 def get_comments(self, revisions=None):
2003 2004 """
2004 2005 Returns comments for this repository grouped by revisions
2005 2006
2006 2007 :param revisions: filter query by revisions only
2007 2008 """
2008 2009 cmts = ChangesetComment.query()\
2009 2010 .filter(ChangesetComment.repo == self)
2010 2011 if revisions:
2011 2012 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2012 2013 grouped = collections.defaultdict(list)
2013 2014 for cmt in cmts.all():
2014 2015 grouped[cmt.revision].append(cmt)
2015 2016 return grouped
2016 2017
2017 2018 def statuses(self, revisions=None):
2018 2019 """
2019 2020 Returns statuses for this repository
2020 2021
2021 2022 :param revisions: list of revisions to get statuses for
2022 2023 """
2023 2024 statuses = ChangesetStatus.query()\
2024 2025 .filter(ChangesetStatus.repo == self)\
2025 2026 .filter(ChangesetStatus.version == 0)
2026 2027
2027 2028 if revisions:
2028 2029 # Try doing the filtering in chunks to avoid hitting limits
2029 2030 size = 500
2030 2031 status_results = []
2031 2032 for chunk in xrange(0, len(revisions), size):
2032 2033 status_results += statuses.filter(
2033 2034 ChangesetStatus.revision.in_(
2034 2035 revisions[chunk: chunk+size])
2035 2036 ).all()
2036 2037 else:
2037 2038 status_results = statuses.all()
2038 2039
2039 2040 grouped = {}
2040 2041
2041 2042 # maybe we have open new pullrequest without a status?
2042 2043 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2043 2044 status_lbl = ChangesetStatus.get_status_lbl(stat)
2044 2045 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2045 2046 for rev in pr.revisions:
2046 2047 pr_id = pr.pull_request_id
2047 2048 pr_repo = pr.target_repo.repo_name
2048 2049 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2049 2050
2050 2051 for stat in status_results:
2051 2052 pr_id = pr_repo = None
2052 2053 if stat.pull_request:
2053 2054 pr_id = stat.pull_request.pull_request_id
2054 2055 pr_repo = stat.pull_request.target_repo.repo_name
2055 2056 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2056 2057 pr_id, pr_repo]
2057 2058 return grouped
2058 2059
2059 2060 # ==========================================================================
2060 2061 # SCM CACHE INSTANCE
2061 2062 # ==========================================================================
2062 2063
2063 2064 def scm_instance(self, **kwargs):
2064 2065 import rhodecode
2065 2066
2066 2067 # Passing a config will not hit the cache currently only used
2067 2068 # for repo2dbmapper
2068 2069 config = kwargs.pop('config', None)
2069 2070 cache = kwargs.pop('cache', None)
2070 2071 full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
2071 2072 # if cache is NOT defined use default global, else we have a full
2072 2073 # control over cache behaviour
2073 2074 if cache is None and full_cache and not config:
2074 2075 return self._get_instance_cached()
2075 2076 return self._get_instance(cache=bool(cache), config=config)
2076 2077
2077 2078 def _get_instance_cached(self):
2078 2079 @cache_region('long_term')
2079 2080 def _get_repo(cache_key):
2080 2081 return self._get_instance()
2081 2082
2082 2083 invalidator_context = CacheKey.repo_context_cache(
2083 2084 _get_repo, self.repo_name, None, thread_scoped=True)
2084 2085
2085 2086 with invalidator_context as context:
2086 2087 context.invalidate()
2087 2088 repo = context.compute()
2088 2089
2089 2090 return repo
2090 2091
2091 2092 def _get_instance(self, cache=True, config=None):
2092 2093 config = config or self._config
2093 2094 custom_wire = {
2094 2095 'cache': cache # controls the vcs.remote cache
2095 2096 }
2096 2097 repo = get_vcs_instance(
2097 2098 repo_path=safe_str(self.repo_full_path),
2098 2099 config=config,
2099 2100 with_wire=custom_wire,
2100 2101 create=False,
2101 2102 _vcs_alias=self.repo_type)
2102 2103
2103 2104 return repo
2104 2105
2105 2106 def __json__(self):
2106 2107 return {'landing_rev': self.landing_rev}
2107 2108
2108 2109 def get_dict(self):
2109 2110
2110 2111 # Since we transformed `repo_name` to a hybrid property, we need to
2111 2112 # keep compatibility with the code which uses `repo_name` field.
2112 2113
2113 2114 result = super(Repository, self).get_dict()
2114 2115 result['repo_name'] = result.pop('_repo_name', None)
2115 2116 return result
2116 2117
2117 2118
2118 2119 class RepoGroup(Base, BaseModel):
2119 2120 __tablename__ = 'groups'
2120 2121 __table_args__ = (
2121 2122 UniqueConstraint('group_name', 'group_parent_id'),
2122 2123 CheckConstraint('group_id != group_parent_id'),
2123 2124 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2124 2125 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2125 2126 )
2126 2127 __mapper_args__ = {'order_by': 'group_name'}
2127 2128
2128 2129 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2129 2130
2130 2131 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2131 2132 group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2132 2133 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2133 2134 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2134 2135 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2135 2136 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2136 2137 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2137 2138 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2138 2139
2139 2140 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
2140 2141 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
2141 2142 parent_group = relationship('RepoGroup', remote_side=group_id)
2142 2143 user = relationship('User')
2143 2144 integrations = relationship('Integration',
2144 2145 cascade="all, delete, delete-orphan")
2145 2146
2146 2147 def __init__(self, group_name='', parent_group=None):
2147 2148 self.group_name = group_name
2148 2149 self.parent_group = parent_group
2149 2150
2150 2151 def __unicode__(self):
2151 2152 return u"<%s('id:%s:%s')>" % (self.__class__.__name__, self.group_id,
2152 2153 self.group_name)
2153 2154
2154 2155 @classmethod
2155 2156 def _generate_choice(cls, repo_group):
2156 2157 from webhelpers.html import literal as _literal
2157 2158 _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
2158 2159 return repo_group.group_id, _name(repo_group.full_path_splitted)
2159 2160
2160 2161 @classmethod
2161 2162 def groups_choices(cls, groups=None, show_empty_group=True):
2162 2163 if not groups:
2163 2164 groups = cls.query().all()
2164 2165
2165 2166 repo_groups = []
2166 2167 if show_empty_group:
2167 2168 repo_groups = [('-1', u'-- %s --' % _('No parent'))]
2168 2169
2169 2170 repo_groups.extend([cls._generate_choice(x) for x in groups])
2170 2171
2171 2172 repo_groups = sorted(
2172 2173 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2173 2174 return repo_groups
2174 2175
2175 2176 @classmethod
2176 2177 def url_sep(cls):
2177 2178 return URL_SEP
2178 2179
2179 2180 @classmethod
2180 2181 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2181 2182 if case_insensitive:
2182 2183 gr = cls.query().filter(func.lower(cls.group_name)
2183 2184 == func.lower(group_name))
2184 2185 else:
2185 2186 gr = cls.query().filter(cls.group_name == group_name)
2186 2187 if cache:
2187 2188 gr = gr.options(FromCache(
2188 2189 "sql_cache_short",
2189 2190 "get_group_%s" % _hash_key(group_name)))
2190 2191 return gr.scalar()
2191 2192
2192 2193 @classmethod
2193 2194 def get_user_personal_repo_group(cls, user_id):
2194 2195 user = User.get(user_id)
2195 2196 return cls.query()\
2196 2197 .filter(cls.personal == true())\
2197 2198 .filter(cls.user == user).scalar()
2198 2199
2199 2200 @classmethod
2200 2201 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2201 2202 case_insensitive=True):
2202 2203 q = RepoGroup.query()
2203 2204
2204 2205 if not isinstance(user_id, Optional):
2205 2206 q = q.filter(RepoGroup.user_id == user_id)
2206 2207
2207 2208 if not isinstance(group_id, Optional):
2208 2209 q = q.filter(RepoGroup.group_parent_id == group_id)
2209 2210
2210 2211 if case_insensitive:
2211 2212 q = q.order_by(func.lower(RepoGroup.group_name))
2212 2213 else:
2213 2214 q = q.order_by(RepoGroup.group_name)
2214 2215 return q.all()
2215 2216
2216 2217 @property
2217 2218 def parents(self):
2218 2219 parents_recursion_limit = 10
2219 2220 groups = []
2220 2221 if self.parent_group is None:
2221 2222 return groups
2222 2223 cur_gr = self.parent_group
2223 2224 groups.insert(0, cur_gr)
2224 2225 cnt = 0
2225 2226 while 1:
2226 2227 cnt += 1
2227 2228 gr = getattr(cur_gr, 'parent_group', None)
2228 2229 cur_gr = cur_gr.parent_group
2229 2230 if gr is None:
2230 2231 break
2231 2232 if cnt == parents_recursion_limit:
2232 2233 # this will prevent accidental infinit loops
2233 2234 log.error(('more than %s parents found for group %s, stopping '
2234 2235 'recursive parent fetching' % (parents_recursion_limit, self)))
2235 2236 break
2236 2237
2237 2238 groups.insert(0, gr)
2238 2239 return groups
2239 2240
2240 2241 @property
2241 2242 def children(self):
2242 2243 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2243 2244
2244 2245 @property
2245 2246 def name(self):
2246 2247 return self.group_name.split(RepoGroup.url_sep())[-1]
2247 2248
2248 2249 @property
2249 2250 def full_path(self):
2250 2251 return self.group_name
2251 2252
2252 2253 @property
2253 2254 def full_path_splitted(self):
2254 2255 return self.group_name.split(RepoGroup.url_sep())
2255 2256
2256 2257 @property
2257 2258 def repositories(self):
2258 2259 return Repository.query()\
2259 2260 .filter(Repository.group == self)\
2260 2261 .order_by(Repository.repo_name)
2261 2262
2262 2263 @property
2263 2264 def repositories_recursive_count(self):
2264 2265 cnt = self.repositories.count()
2265 2266
2266 2267 def children_count(group):
2267 2268 cnt = 0
2268 2269 for child in group.children:
2269 2270 cnt += child.repositories.count()
2270 2271 cnt += children_count(child)
2271 2272 return cnt
2272 2273
2273 2274 return cnt + children_count(self)
2274 2275
2275 2276 def _recursive_objects(self, include_repos=True):
2276 2277 all_ = []
2277 2278
2278 2279 def _get_members(root_gr):
2279 2280 if include_repos:
2280 2281 for r in root_gr.repositories:
2281 2282 all_.append(r)
2282 2283 childs = root_gr.children.all()
2283 2284 if childs:
2284 2285 for gr in childs:
2285 2286 all_.append(gr)
2286 2287 _get_members(gr)
2287 2288
2288 2289 _get_members(self)
2289 2290 return [self] + all_
2290 2291
2291 2292 def recursive_groups_and_repos(self):
2292 2293 """
2293 2294 Recursive return all groups, with repositories in those groups
2294 2295 """
2295 2296 return self._recursive_objects()
2296 2297
2297 2298 def recursive_groups(self):
2298 2299 """
2299 2300 Returns all children groups for this group including children of children
2300 2301 """
2301 2302 return self._recursive_objects(include_repos=False)
2302 2303
2303 2304 def get_new_name(self, group_name):
2304 2305 """
2305 2306 returns new full group name based on parent and new name
2306 2307
2307 2308 :param group_name:
2308 2309 """
2309 2310 path_prefix = (self.parent_group.full_path_splitted if
2310 2311 self.parent_group else [])
2311 2312 return RepoGroup.url_sep().join(path_prefix + [group_name])
2312 2313
2313 2314 def permissions(self, with_admins=True, with_owner=True):
2314 2315 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
2315 2316 q = q.options(joinedload(UserRepoGroupToPerm.group),
2316 2317 joinedload(UserRepoGroupToPerm.user),
2317 2318 joinedload(UserRepoGroupToPerm.permission),)
2318 2319
2319 2320 # get owners and admins and permissions. We do a trick of re-writing
2320 2321 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2321 2322 # has a global reference and changing one object propagates to all
2322 2323 # others. This means if admin is also an owner admin_row that change
2323 2324 # would propagate to both objects
2324 2325 perm_rows = []
2325 2326 for _usr in q.all():
2326 2327 usr = AttributeDict(_usr.user.get_dict())
2327 2328 usr.permission = _usr.permission.permission_name
2328 2329 perm_rows.append(usr)
2329 2330
2330 2331 # filter the perm rows by 'default' first and then sort them by
2331 2332 # admin,write,read,none permissions sorted again alphabetically in
2332 2333 # each group
2333 2334 perm_rows = sorted(perm_rows, key=display_sort)
2334 2335
2335 2336 _admin_perm = 'group.admin'
2336 2337 owner_row = []
2337 2338 if with_owner:
2338 2339 usr = AttributeDict(self.user.get_dict())
2339 2340 usr.owner_row = True
2340 2341 usr.permission = _admin_perm
2341 2342 owner_row.append(usr)
2342 2343
2343 2344 super_admin_rows = []
2344 2345 if with_admins:
2345 2346 for usr in User.get_all_super_admins():
2346 2347 # if this admin is also owner, don't double the record
2347 2348 if usr.user_id == owner_row[0].user_id:
2348 2349 owner_row[0].admin_row = True
2349 2350 else:
2350 2351 usr = AttributeDict(usr.get_dict())
2351 2352 usr.admin_row = True
2352 2353 usr.permission = _admin_perm
2353 2354 super_admin_rows.append(usr)
2354 2355
2355 2356 return super_admin_rows + owner_row + perm_rows
2356 2357
2357 2358 def permission_user_groups(self):
2358 2359 q = UserGroupRepoGroupToPerm.query().filter(UserGroupRepoGroupToPerm.group == self)
2359 2360 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
2360 2361 joinedload(UserGroupRepoGroupToPerm.users_group),
2361 2362 joinedload(UserGroupRepoGroupToPerm.permission),)
2362 2363
2363 2364 perm_rows = []
2364 2365 for _user_group in q.all():
2365 2366 usr = AttributeDict(_user_group.users_group.get_dict())
2366 2367 usr.permission = _user_group.permission.permission_name
2367 2368 perm_rows.append(usr)
2368 2369
2369 2370 return perm_rows
2370 2371
2371 2372 def get_api_data(self):
2372 2373 """
2373 2374 Common function for generating api data
2374 2375
2375 2376 """
2376 2377 group = self
2377 2378 data = {
2378 2379 'group_id': group.group_id,
2379 2380 'group_name': group.group_name,
2380 2381 'group_description': group.group_description,
2381 2382 'parent_group': group.parent_group.group_name if group.parent_group else None,
2382 2383 'repositories': [x.repo_name for x in group.repositories],
2383 2384 'owner': group.user.username,
2384 2385 }
2385 2386 return data
2386 2387
2387 2388
2388 2389 class Permission(Base, BaseModel):
2389 2390 __tablename__ = 'permissions'
2390 2391 __table_args__ = (
2391 2392 Index('p_perm_name_idx', 'permission_name'),
2392 2393 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2393 2394 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2394 2395 )
2395 2396 PERMS = [
2396 2397 ('hg.admin', _('RhodeCode Super Administrator')),
2397 2398
2398 2399 ('repository.none', _('Repository no access')),
2399 2400 ('repository.read', _('Repository read access')),
2400 2401 ('repository.write', _('Repository write access')),
2401 2402 ('repository.admin', _('Repository admin access')),
2402 2403
2403 2404 ('group.none', _('Repository group no access')),
2404 2405 ('group.read', _('Repository group read access')),
2405 2406 ('group.write', _('Repository group write access')),
2406 2407 ('group.admin', _('Repository group admin access')),
2407 2408
2408 2409 ('usergroup.none', _('User group no access')),
2409 2410 ('usergroup.read', _('User group read access')),
2410 2411 ('usergroup.write', _('User group write access')),
2411 2412 ('usergroup.admin', _('User group admin access')),
2412 2413
2413 2414 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
2414 2415 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
2415 2416
2416 2417 ('hg.usergroup.create.false', _('User Group creation disabled')),
2417 2418 ('hg.usergroup.create.true', _('User Group creation enabled')),
2418 2419
2419 2420 ('hg.create.none', _('Repository creation disabled')),
2420 2421 ('hg.create.repository', _('Repository creation enabled')),
2421 2422 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
2422 2423 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
2423 2424
2424 2425 ('hg.fork.none', _('Repository forking disabled')),
2425 2426 ('hg.fork.repository', _('Repository forking enabled')),
2426 2427
2427 2428 ('hg.register.none', _('Registration disabled')),
2428 2429 ('hg.register.manual_activate', _('User Registration with manual account activation')),
2429 2430 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
2430 2431
2431 2432 ('hg.password_reset.enabled', _('Password reset enabled')),
2432 2433 ('hg.password_reset.hidden', _('Password reset hidden')),
2433 2434 ('hg.password_reset.disabled', _('Password reset disabled')),
2434 2435
2435 2436 ('hg.extern_activate.manual', _('Manual activation of external account')),
2436 2437 ('hg.extern_activate.auto', _('Automatic activation of external account')),
2437 2438
2438 2439 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
2439 2440 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
2440 2441 ]
2441 2442
2442 2443 # definition of system default permissions for DEFAULT user
2443 2444 DEFAULT_USER_PERMISSIONS = [
2444 2445 'repository.read',
2445 2446 'group.read',
2446 2447 'usergroup.read',
2447 2448 'hg.create.repository',
2448 2449 'hg.repogroup.create.false',
2449 2450 'hg.usergroup.create.false',
2450 2451 'hg.create.write_on_repogroup.true',
2451 2452 'hg.fork.repository',
2452 2453 'hg.register.manual_activate',
2453 2454 'hg.password_reset.enabled',
2454 2455 'hg.extern_activate.auto',
2455 2456 'hg.inherit_default_perms.true',
2456 2457 ]
2457 2458
2458 2459 # defines which permissions are more important higher the more important
2459 2460 # Weight defines which permissions are more important.
2460 2461 # The higher number the more important.
2461 2462 PERM_WEIGHTS = {
2462 2463 'repository.none': 0,
2463 2464 'repository.read': 1,
2464 2465 'repository.write': 3,
2465 2466 'repository.admin': 4,
2466 2467
2467 2468 'group.none': 0,
2468 2469 'group.read': 1,
2469 2470 'group.write': 3,
2470 2471 'group.admin': 4,
2471 2472
2472 2473 'usergroup.none': 0,
2473 2474 'usergroup.read': 1,
2474 2475 'usergroup.write': 3,
2475 2476 'usergroup.admin': 4,
2476 2477
2477 2478 'hg.repogroup.create.false': 0,
2478 2479 'hg.repogroup.create.true': 1,
2479 2480
2480 2481 'hg.usergroup.create.false': 0,
2481 2482 'hg.usergroup.create.true': 1,
2482 2483
2483 2484 'hg.fork.none': 0,
2484 2485 'hg.fork.repository': 1,
2485 2486 'hg.create.none': 0,
2486 2487 'hg.create.repository': 1
2487 2488 }
2488 2489
2489 2490 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2490 2491 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
2491 2492 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
2492 2493
2493 2494 def __unicode__(self):
2494 2495 return u"<%s('%s:%s')>" % (
2495 2496 self.__class__.__name__, self.permission_id, self.permission_name
2496 2497 )
2497 2498
2498 2499 @classmethod
2499 2500 def get_by_key(cls, key):
2500 2501 return cls.query().filter(cls.permission_name == key).scalar()
2501 2502
2502 2503 @classmethod
2503 2504 def get_default_repo_perms(cls, user_id, repo_id=None):
2504 2505 q = Session().query(UserRepoToPerm, Repository, Permission)\
2505 2506 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
2506 2507 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
2507 2508 .filter(UserRepoToPerm.user_id == user_id)
2508 2509 if repo_id:
2509 2510 q = q.filter(UserRepoToPerm.repository_id == repo_id)
2510 2511 return q.all()
2511 2512
2512 2513 @classmethod
2513 2514 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
2514 2515 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
2515 2516 .join(
2516 2517 Permission,
2517 2518 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
2518 2519 .join(
2519 2520 Repository,
2520 2521 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
2521 2522 .join(
2522 2523 UserGroup,
2523 2524 UserGroupRepoToPerm.users_group_id ==
2524 2525 UserGroup.users_group_id)\
2525 2526 .join(
2526 2527 UserGroupMember,
2527 2528 UserGroupRepoToPerm.users_group_id ==
2528 2529 UserGroupMember.users_group_id)\
2529 2530 .filter(
2530 2531 UserGroupMember.user_id == user_id,
2531 2532 UserGroup.users_group_active == true())
2532 2533 if repo_id:
2533 2534 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
2534 2535 return q.all()
2535 2536
2536 2537 @classmethod
2537 2538 def get_default_group_perms(cls, user_id, repo_group_id=None):
2538 2539 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
2539 2540 .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\
2540 2541 .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
2541 2542 .filter(UserRepoGroupToPerm.user_id == user_id)
2542 2543 if repo_group_id:
2543 2544 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
2544 2545 return q.all()
2545 2546
2546 2547 @classmethod
2547 2548 def get_default_group_perms_from_user_group(
2548 2549 cls, user_id, repo_group_id=None):
2549 2550 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
2550 2551 .join(
2551 2552 Permission,
2552 2553 UserGroupRepoGroupToPerm.permission_id ==
2553 2554 Permission.permission_id)\
2554 2555 .join(
2555 2556 RepoGroup,
2556 2557 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
2557 2558 .join(
2558 2559 UserGroup,
2559 2560 UserGroupRepoGroupToPerm.users_group_id ==
2560 2561 UserGroup.users_group_id)\
2561 2562 .join(
2562 2563 UserGroupMember,
2563 2564 UserGroupRepoGroupToPerm.users_group_id ==
2564 2565 UserGroupMember.users_group_id)\
2565 2566 .filter(
2566 2567 UserGroupMember.user_id == user_id,
2567 2568 UserGroup.users_group_active == true())
2568 2569 if repo_group_id:
2569 2570 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
2570 2571 return q.all()
2571 2572
2572 2573 @classmethod
2573 2574 def get_default_user_group_perms(cls, user_id, user_group_id=None):
2574 2575 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
2575 2576 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
2576 2577 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
2577 2578 .filter(UserUserGroupToPerm.user_id == user_id)
2578 2579 if user_group_id:
2579 2580 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
2580 2581 return q.all()
2581 2582
2582 2583 @classmethod
2583 2584 def get_default_user_group_perms_from_user_group(
2584 2585 cls, user_id, user_group_id=None):
2585 2586 TargetUserGroup = aliased(UserGroup, name='target_user_group')
2586 2587 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
2587 2588 .join(
2588 2589 Permission,
2589 2590 UserGroupUserGroupToPerm.permission_id ==
2590 2591 Permission.permission_id)\
2591 2592 .join(
2592 2593 TargetUserGroup,
2593 2594 UserGroupUserGroupToPerm.target_user_group_id ==
2594 2595 TargetUserGroup.users_group_id)\
2595 2596 .join(
2596 2597 UserGroup,
2597 2598 UserGroupUserGroupToPerm.user_group_id ==
2598 2599 UserGroup.users_group_id)\
2599 2600 .join(
2600 2601 UserGroupMember,
2601 2602 UserGroupUserGroupToPerm.user_group_id ==
2602 2603 UserGroupMember.users_group_id)\
2603 2604 .filter(
2604 2605 UserGroupMember.user_id == user_id,
2605 2606 UserGroup.users_group_active == true())
2606 2607 if user_group_id:
2607 2608 q = q.filter(
2608 2609 UserGroupUserGroupToPerm.user_group_id == user_group_id)
2609 2610
2610 2611 return q.all()
2611 2612
2612 2613
2613 2614 class UserRepoToPerm(Base, BaseModel):
2614 2615 __tablename__ = 'repo_to_perm'
2615 2616 __table_args__ = (
2616 2617 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
2617 2618 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2618 2619 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2619 2620 )
2620 2621 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2621 2622 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2622 2623 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2623 2624 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2624 2625
2625 2626 user = relationship('User')
2626 2627 repository = relationship('Repository')
2627 2628 permission = relationship('Permission')
2628 2629
2629 2630 @classmethod
2630 2631 def create(cls, user, repository, permission):
2631 2632 n = cls()
2632 2633 n.user = user
2633 2634 n.repository = repository
2634 2635 n.permission = permission
2635 2636 Session().add(n)
2636 2637 return n
2637 2638
2638 2639 def __unicode__(self):
2639 2640 return u'<%s => %s >' % (self.user, self.repository)
2640 2641
2641 2642
2642 2643 class UserUserGroupToPerm(Base, BaseModel):
2643 2644 __tablename__ = 'user_user_group_to_perm'
2644 2645 __table_args__ = (
2645 2646 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
2646 2647 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2647 2648 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2648 2649 )
2649 2650 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2650 2651 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2651 2652 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2652 2653 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2653 2654
2654 2655 user = relationship('User')
2655 2656 user_group = relationship('UserGroup')
2656 2657 permission = relationship('Permission')
2657 2658
2658 2659 @classmethod
2659 2660 def create(cls, user, user_group, permission):
2660 2661 n = cls()
2661 2662 n.user = user
2662 2663 n.user_group = user_group
2663 2664 n.permission = permission
2664 2665 Session().add(n)
2665 2666 return n
2666 2667
2667 2668 def __unicode__(self):
2668 2669 return u'<%s => %s >' % (self.user, self.user_group)
2669 2670
2670 2671
2671 2672 class UserToPerm(Base, BaseModel):
2672 2673 __tablename__ = 'user_to_perm'
2673 2674 __table_args__ = (
2674 2675 UniqueConstraint('user_id', 'permission_id'),
2675 2676 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2676 2677 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2677 2678 )
2678 2679 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2679 2680 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2680 2681 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2681 2682
2682 2683 user = relationship('User')
2683 2684 permission = relationship('Permission', lazy='joined')
2684 2685
2685 2686 def __unicode__(self):
2686 2687 return u'<%s => %s >' % (self.user, self.permission)
2687 2688
2688 2689
2689 2690 class UserGroupRepoToPerm(Base, BaseModel):
2690 2691 __tablename__ = 'users_group_repo_to_perm'
2691 2692 __table_args__ = (
2692 2693 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
2693 2694 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2694 2695 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2695 2696 )
2696 2697 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2697 2698 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2698 2699 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2699 2700 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2700 2701
2701 2702 users_group = relationship('UserGroup')
2702 2703 permission = relationship('Permission')
2703 2704 repository = relationship('Repository')
2704 2705
2705 2706 @classmethod
2706 2707 def create(cls, users_group, repository, permission):
2707 2708 n = cls()
2708 2709 n.users_group = users_group
2709 2710 n.repository = repository
2710 2711 n.permission = permission
2711 2712 Session().add(n)
2712 2713 return n
2713 2714
2714 2715 def __unicode__(self):
2715 2716 return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
2716 2717
2717 2718
2718 2719 class UserGroupUserGroupToPerm(Base, BaseModel):
2719 2720 __tablename__ = 'user_group_user_group_to_perm'
2720 2721 __table_args__ = (
2721 2722 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
2722 2723 CheckConstraint('target_user_group_id != user_group_id'),
2723 2724 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2724 2725 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2725 2726 )
2726 2727 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2727 2728 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2728 2729 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2729 2730 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2730 2731
2731 2732 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
2732 2733 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
2733 2734 permission = relationship('Permission')
2734 2735
2735 2736 @classmethod
2736 2737 def create(cls, target_user_group, user_group, permission):
2737 2738 n = cls()
2738 2739 n.target_user_group = target_user_group
2739 2740 n.user_group = user_group
2740 2741 n.permission = permission
2741 2742 Session().add(n)
2742 2743 return n
2743 2744
2744 2745 def __unicode__(self):
2745 2746 return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
2746 2747
2747 2748
2748 2749 class UserGroupToPerm(Base, BaseModel):
2749 2750 __tablename__ = 'users_group_to_perm'
2750 2751 __table_args__ = (
2751 2752 UniqueConstraint('users_group_id', 'permission_id',),
2752 2753 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2753 2754 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2754 2755 )
2755 2756 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2756 2757 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2757 2758 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2758 2759
2759 2760 users_group = relationship('UserGroup')
2760 2761 permission = relationship('Permission')
2761 2762
2762 2763
2763 2764 class UserRepoGroupToPerm(Base, BaseModel):
2764 2765 __tablename__ = 'user_repo_group_to_perm'
2765 2766 __table_args__ = (
2766 2767 UniqueConstraint('user_id', 'group_id', 'permission_id'),
2767 2768 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2768 2769 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2769 2770 )
2770 2771
2771 2772 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2772 2773 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2773 2774 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
2774 2775 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2775 2776
2776 2777 user = relationship('User')
2777 2778 group = relationship('RepoGroup')
2778 2779 permission = relationship('Permission')
2779 2780
2780 2781 @classmethod
2781 2782 def create(cls, user, repository_group, permission):
2782 2783 n = cls()
2783 2784 n.user = user
2784 2785 n.group = repository_group
2785 2786 n.permission = permission
2786 2787 Session().add(n)
2787 2788 return n
2788 2789
2789 2790
2790 2791 class UserGroupRepoGroupToPerm(Base, BaseModel):
2791 2792 __tablename__ = 'users_group_repo_group_to_perm'
2792 2793 __table_args__ = (
2793 2794 UniqueConstraint('users_group_id', 'group_id'),
2794 2795 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2795 2796 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2796 2797 )
2797 2798
2798 2799 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2799 2800 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2800 2801 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
2801 2802 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2802 2803
2803 2804 users_group = relationship('UserGroup')
2804 2805 permission = relationship('Permission')
2805 2806 group = relationship('RepoGroup')
2806 2807
2807 2808 @classmethod
2808 2809 def create(cls, user_group, repository_group, permission):
2809 2810 n = cls()
2810 2811 n.users_group = user_group
2811 2812 n.group = repository_group
2812 2813 n.permission = permission
2813 2814 Session().add(n)
2814 2815 return n
2815 2816
2816 2817 def __unicode__(self):
2817 2818 return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
2818 2819
2819 2820
2820 2821 class Statistics(Base, BaseModel):
2821 2822 __tablename__ = 'statistics'
2822 2823 __table_args__ = (
2823 2824 UniqueConstraint('repository_id'),
2824 2825 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2825 2826 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2826 2827 )
2827 2828 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2828 2829 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
2829 2830 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
2830 2831 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
2831 2832 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
2832 2833 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
2833 2834
2834 2835 repository = relationship('Repository', single_parent=True)
2835 2836
2836 2837
2837 2838 class UserFollowing(Base, BaseModel):
2838 2839 __tablename__ = 'user_followings'
2839 2840 __table_args__ = (
2840 2841 UniqueConstraint('user_id', 'follows_repository_id'),
2841 2842 UniqueConstraint('user_id', 'follows_user_id'),
2842 2843 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2843 2844 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2844 2845 )
2845 2846
2846 2847 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2847 2848 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2848 2849 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
2849 2850 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
2850 2851 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2851 2852
2852 2853 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
2853 2854
2854 2855 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
2855 2856 follows_repository = relationship('Repository', order_by='Repository.repo_name')
2856 2857
2857 2858 @classmethod
2858 2859 def get_repo_followers(cls, repo_id):
2859 2860 return cls.query().filter(cls.follows_repo_id == repo_id)
2860 2861
2861 2862
2862 2863 class CacheKey(Base, BaseModel):
2863 2864 __tablename__ = 'cache_invalidation'
2864 2865 __table_args__ = (
2865 2866 UniqueConstraint('cache_key'),
2866 2867 Index('key_idx', 'cache_key'),
2867 2868 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2868 2869 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2869 2870 )
2870 2871 CACHE_TYPE_ATOM = 'ATOM'
2871 2872 CACHE_TYPE_RSS = 'RSS'
2872 2873 CACHE_TYPE_README = 'README'
2873 2874
2874 2875 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2875 2876 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
2876 2877 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
2877 2878 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
2878 2879
2879 2880 def __init__(self, cache_key, cache_args=''):
2880 2881 self.cache_key = cache_key
2881 2882 self.cache_args = cache_args
2882 2883 self.cache_active = False
2883 2884
2884 2885 def __unicode__(self):
2885 2886 return u"<%s('%s:%s[%s]')>" % (
2886 2887 self.__class__.__name__,
2887 2888 self.cache_id, self.cache_key, self.cache_active)
2888 2889
2889 2890 def _cache_key_partition(self):
2890 2891 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
2891 2892 return prefix, repo_name, suffix
2892 2893
2893 2894 def get_prefix(self):
2894 2895 """
2895 2896 Try to extract prefix from existing cache key. The key could consist
2896 2897 of prefix, repo_name, suffix
2897 2898 """
2898 2899 # this returns prefix, repo_name, suffix
2899 2900 return self._cache_key_partition()[0]
2900 2901
2901 2902 def get_suffix(self):
2902 2903 """
2903 2904 get suffix that might have been used in _get_cache_key to
2904 2905 generate self.cache_key. Only used for informational purposes
2905 2906 in repo_edit.mako.
2906 2907 """
2907 2908 # prefix, repo_name, suffix
2908 2909 return self._cache_key_partition()[2]
2909 2910
2910 2911 @classmethod
2911 2912 def delete_all_cache(cls):
2912 2913 """
2913 2914 Delete all cache keys from database.
2914 2915 Should only be run when all instances are down and all entries
2915 2916 thus stale.
2916 2917 """
2917 2918 cls.query().delete()
2918 2919 Session().commit()
2919 2920
2920 2921 @classmethod
2921 2922 def get_cache_key(cls, repo_name, cache_type):
2922 2923 """
2923 2924
2924 2925 Generate a cache key for this process of RhodeCode instance.
2925 2926 Prefix most likely will be process id or maybe explicitly set
2926 2927 instance_id from .ini file.
2927 2928 """
2928 2929 import rhodecode
2929 2930 prefix = safe_unicode(rhodecode.CONFIG.get('instance_id') or '')
2930 2931
2931 2932 repo_as_unicode = safe_unicode(repo_name)
2932 2933 key = u'{}_{}'.format(repo_as_unicode, cache_type) \
2933 2934 if cache_type else repo_as_unicode
2934 2935
2935 2936 return u'{}{}'.format(prefix, key)
2936 2937
2937 2938 @classmethod
2938 2939 def set_invalidate(cls, repo_name, delete=False):
2939 2940 """
2940 2941 Mark all caches of a repo as invalid in the database.
2941 2942 """
2942 2943
2943 2944 try:
2944 2945 qry = Session().query(cls).filter(cls.cache_args == repo_name)
2945 2946 if delete:
2946 2947 log.debug('cache objects deleted for repo %s',
2947 2948 safe_str(repo_name))
2948 2949 qry.delete()
2949 2950 else:
2950 2951 log.debug('cache objects marked as invalid for repo %s',
2951 2952 safe_str(repo_name))
2952 2953 qry.update({"cache_active": False})
2953 2954
2954 2955 Session().commit()
2955 2956 except Exception:
2956 2957 log.exception(
2957 2958 'Cache key invalidation failed for repository %s',
2958 2959 safe_str(repo_name))
2959 2960 Session().rollback()
2960 2961
2961 2962 @classmethod
2962 2963 def get_active_cache(cls, cache_key):
2963 2964 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
2964 2965 if inv_obj:
2965 2966 return inv_obj
2966 2967 return None
2967 2968
2968 2969 @classmethod
2969 2970 def repo_context_cache(cls, compute_func, repo_name, cache_type,
2970 2971 thread_scoped=False):
2971 2972 """
2972 2973 @cache_region('long_term')
2973 2974 def _heavy_calculation(cache_key):
2974 2975 return 'result'
2975 2976
2976 2977 cache_context = CacheKey.repo_context_cache(
2977 2978 _heavy_calculation, repo_name, cache_type)
2978 2979
2979 2980 with cache_context as context:
2980 2981 context.invalidate()
2981 2982 computed = context.compute()
2982 2983
2983 2984 assert computed == 'result'
2984 2985 """
2985 2986 from rhodecode.lib import caches
2986 2987 return caches.InvalidationContext(
2987 2988 compute_func, repo_name, cache_type, thread_scoped=thread_scoped)
2988 2989
2989 2990
2990 2991 class ChangesetComment(Base, BaseModel):
2991 2992 __tablename__ = 'changeset_comments'
2992 2993 __table_args__ = (
2993 2994 Index('cc_revision_idx', 'revision'),
2994 2995 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2995 2996 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2996 2997 )
2997 2998
2998 2999 COMMENT_OUTDATED = u'comment_outdated'
2999 3000 COMMENT_TYPE_NOTE = u'note'
3000 3001 COMMENT_TYPE_TODO = u'todo'
3001 3002 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3002 3003
3003 3004 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3004 3005 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3005 3006 revision = Column('revision', String(40), nullable=True)
3006 3007 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3007 3008 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3008 3009 line_no = Column('line_no', Unicode(10), nullable=True)
3009 3010 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3010 3011 f_path = Column('f_path', Unicode(1000), nullable=True)
3011 3012 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3012 3013 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3013 3014 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3014 3015 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3015 3016 renderer = Column('renderer', Unicode(64), nullable=True)
3016 3017 display_state = Column('display_state', Unicode(128), nullable=True)
3017 3018
3018 3019 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3019 3020 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3020 3021 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, backref='resolved_by')
3021 3022 author = relationship('User', lazy='joined')
3022 3023 repo = relationship('Repository')
3023 3024 status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan", lazy='joined')
3024 3025 pull_request = relationship('PullRequest', lazy='joined')
3025 3026 pull_request_version = relationship('PullRequestVersion')
3026 3027
3027 3028 @classmethod
3028 3029 def get_users(cls, revision=None, pull_request_id=None):
3029 3030 """
3030 3031 Returns user associated with this ChangesetComment. ie those
3031 3032 who actually commented
3032 3033
3033 3034 :param cls:
3034 3035 :param revision:
3035 3036 """
3036 3037 q = Session().query(User)\
3037 3038 .join(ChangesetComment.author)
3038 3039 if revision:
3039 3040 q = q.filter(cls.revision == revision)
3040 3041 elif pull_request_id:
3041 3042 q = q.filter(cls.pull_request_id == pull_request_id)
3042 3043 return q.all()
3043 3044
3044 3045 @classmethod
3045 3046 def get_index_from_version(cls, pr_version, versions):
3046 3047 num_versions = [x.pull_request_version_id for x in versions]
3047 3048 try:
3048 3049 return num_versions.index(pr_version) +1
3049 3050 except (IndexError, ValueError):
3050 3051 return
3051 3052
3052 3053 @property
3053 3054 def outdated(self):
3054 3055 return self.display_state == self.COMMENT_OUTDATED
3055 3056
3056 3057 def outdated_at_version(self, version):
3057 3058 """
3058 3059 Checks if comment is outdated for given pull request version
3059 3060 """
3060 3061 return self.outdated and self.pull_request_version_id != version
3061 3062
3062 3063 def older_than_version(self, version):
3063 3064 """
3064 3065 Checks if comment is made from previous version than given
3065 3066 """
3066 3067 if version is None:
3067 3068 return self.pull_request_version_id is not None
3068 3069
3069 3070 return self.pull_request_version_id < version
3070 3071
3071 3072 @property
3072 3073 def resolved(self):
3073 3074 return self.resolved_by[0] if self.resolved_by else None
3074 3075
3075 3076 @property
3076 3077 def is_todo(self):
3077 3078 return self.comment_type == self.COMMENT_TYPE_TODO
3078 3079
3079 3080 def get_index_version(self, versions):
3080 3081 return self.get_index_from_version(
3081 3082 self.pull_request_version_id, versions)
3082 3083
3083 3084 def render(self, mentions=False):
3084 3085 from rhodecode.lib import helpers as h
3085 3086 return h.render(self.text, renderer=self.renderer, mentions=mentions)
3086 3087
3087 3088 def __repr__(self):
3088 3089 if self.comment_id:
3089 3090 return '<DB:Comment #%s>' % self.comment_id
3090 3091 else:
3091 3092 return '<DB:Comment at %#x>' % id(self)
3092 3093
3093 3094
3094 3095 class ChangesetStatus(Base, BaseModel):
3095 3096 __tablename__ = 'changeset_statuses'
3096 3097 __table_args__ = (
3097 3098 Index('cs_revision_idx', 'revision'),
3098 3099 Index('cs_version_idx', 'version'),
3099 3100 UniqueConstraint('repo_id', 'revision', 'version'),
3100 3101 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3101 3102 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3102 3103 )
3103 3104 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
3104 3105 STATUS_APPROVED = 'approved'
3105 3106 STATUS_REJECTED = 'rejected'
3106 3107 STATUS_UNDER_REVIEW = 'under_review'
3107 3108
3108 3109 STATUSES = [
3109 3110 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
3110 3111 (STATUS_APPROVED, _("Approved")),
3111 3112 (STATUS_REJECTED, _("Rejected")),
3112 3113 (STATUS_UNDER_REVIEW, _("Under Review")),
3113 3114 ]
3114 3115
3115 3116 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
3116 3117 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3117 3118 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
3118 3119 revision = Column('revision', String(40), nullable=False)
3119 3120 status = Column('status', String(128), nullable=False, default=DEFAULT)
3120 3121 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
3121 3122 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
3122 3123 version = Column('version', Integer(), nullable=False, default=0)
3123 3124 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3124 3125
3125 3126 author = relationship('User', lazy='joined')
3126 3127 repo = relationship('Repository')
3127 3128 comment = relationship('ChangesetComment', lazy='joined')
3128 3129 pull_request = relationship('PullRequest', lazy='joined')
3129 3130
3130 3131 def __unicode__(self):
3131 3132 return u"<%s('%s[v%s]:%s')>" % (
3132 3133 self.__class__.__name__,
3133 3134 self.status, self.version, self.author
3134 3135 )
3135 3136
3136 3137 @classmethod
3137 3138 def get_status_lbl(cls, value):
3138 3139 return dict(cls.STATUSES).get(value)
3139 3140
3140 3141 @property
3141 3142 def status_lbl(self):
3142 3143 return ChangesetStatus.get_status_lbl(self.status)
3143 3144
3144 3145
3145 3146 class _PullRequestBase(BaseModel):
3146 3147 """
3147 3148 Common attributes of pull request and version entries.
3148 3149 """
3149 3150
3150 3151 # .status values
3151 3152 STATUS_NEW = u'new'
3152 3153 STATUS_OPEN = u'open'
3153 3154 STATUS_CLOSED = u'closed'
3154 3155
3155 3156 title = Column('title', Unicode(255), nullable=True)
3156 3157 description = Column(
3157 3158 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
3158 3159 nullable=True)
3159 3160 # new/open/closed status of pull request (not approve/reject/etc)
3160 3161 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
3161 3162 created_on = Column(
3162 3163 'created_on', DateTime(timezone=False), nullable=False,
3163 3164 default=datetime.datetime.now)
3164 3165 updated_on = Column(
3165 3166 'updated_on', DateTime(timezone=False), nullable=False,
3166 3167 default=datetime.datetime.now)
3167 3168
3168 3169 @declared_attr
3169 3170 def user_id(cls):
3170 3171 return Column(
3171 3172 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
3172 3173 unique=None)
3173 3174
3174 3175 # 500 revisions max
3175 3176 _revisions = Column(
3176 3177 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
3177 3178
3178 3179 @declared_attr
3179 3180 def source_repo_id(cls):
3180 3181 # TODO: dan: rename column to source_repo_id
3181 3182 return Column(
3182 3183 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3183 3184 nullable=False)
3184 3185
3185 3186 source_ref = Column('org_ref', Unicode(255), nullable=False)
3186 3187
3187 3188 @declared_attr
3188 3189 def target_repo_id(cls):
3189 3190 # TODO: dan: rename column to target_repo_id
3190 3191 return Column(
3191 3192 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3192 3193 nullable=False)
3193 3194
3194 3195 target_ref = Column('other_ref', Unicode(255), nullable=False)
3195 3196 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
3196 3197
3197 3198 # TODO: dan: rename column to last_merge_source_rev
3198 3199 _last_merge_source_rev = Column(
3199 3200 'last_merge_org_rev', String(40), nullable=True)
3200 3201 # TODO: dan: rename column to last_merge_target_rev
3201 3202 _last_merge_target_rev = Column(
3202 3203 'last_merge_other_rev', String(40), nullable=True)
3203 3204 _last_merge_status = Column('merge_status', Integer(), nullable=True)
3204 3205 merge_rev = Column('merge_rev', String(40), nullable=True)
3205 3206
3206 3207 @hybrid_property
3207 3208 def revisions(self):
3208 3209 return self._revisions.split(':') if self._revisions else []
3209 3210
3210 3211 @revisions.setter
3211 3212 def revisions(self, val):
3212 3213 self._revisions = ':'.join(val)
3213 3214
3214 3215 @declared_attr
3215 3216 def author(cls):
3216 3217 return relationship('User', lazy='joined')
3217 3218
3218 3219 @declared_attr
3219 3220 def source_repo(cls):
3220 3221 return relationship(
3221 3222 'Repository',
3222 3223 primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
3223 3224
3224 3225 @property
3225 3226 def source_ref_parts(self):
3226 3227 return self.unicode_to_reference(self.source_ref)
3227 3228
3228 3229 @declared_attr
3229 3230 def target_repo(cls):
3230 3231 return relationship(
3231 3232 'Repository',
3232 3233 primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
3233 3234
3234 3235 @property
3235 3236 def target_ref_parts(self):
3236 3237 return self.unicode_to_reference(self.target_ref)
3237 3238
3238 3239 @property
3239 3240 def shadow_merge_ref(self):
3240 3241 return self.unicode_to_reference(self._shadow_merge_ref)
3241 3242
3242 3243 @shadow_merge_ref.setter
3243 3244 def shadow_merge_ref(self, ref):
3244 3245 self._shadow_merge_ref = self.reference_to_unicode(ref)
3245 3246
3246 3247 def unicode_to_reference(self, raw):
3247 3248 """
3248 3249 Convert a unicode (or string) to a reference object.
3249 3250 If unicode evaluates to False it returns None.
3250 3251 """
3251 3252 if raw:
3252 3253 refs = raw.split(':')
3253 3254 return Reference(*refs)
3254 3255 else:
3255 3256 return None
3256 3257
3257 3258 def reference_to_unicode(self, ref):
3258 3259 """
3259 3260 Convert a reference object to unicode.
3260 3261 If reference is None it returns None.
3261 3262 """
3262 3263 if ref:
3263 3264 return u':'.join(ref)
3264 3265 else:
3265 3266 return None
3266 3267
3267 3268 def get_api_data(self):
3268 3269 from rhodecode.model.pull_request import PullRequestModel
3269 3270 pull_request = self
3270 3271 merge_status = PullRequestModel().merge_status(pull_request)
3271 3272
3272 3273 pull_request_url = url(
3273 3274 'pullrequest_show', repo_name=self.target_repo.repo_name,
3274 3275 pull_request_id=self.pull_request_id, qualified=True)
3275 3276
3276 3277 merge_data = {
3277 3278 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
3278 3279 'reference': (
3279 3280 pull_request.shadow_merge_ref._asdict()
3280 3281 if pull_request.shadow_merge_ref else None),
3281 3282 }
3282 3283
3283 3284 data = {
3284 3285 'pull_request_id': pull_request.pull_request_id,
3285 3286 'url': pull_request_url,
3286 3287 'title': pull_request.title,
3287 3288 'description': pull_request.description,
3288 3289 'status': pull_request.status,
3289 3290 'created_on': pull_request.created_on,
3290 3291 'updated_on': pull_request.updated_on,
3291 3292 'commit_ids': pull_request.revisions,
3292 3293 'review_status': pull_request.calculated_review_status(),
3293 3294 'mergeable': {
3294 3295 'status': merge_status[0],
3295 3296 'message': unicode(merge_status[1]),
3296 3297 },
3297 3298 'source': {
3298 3299 'clone_url': pull_request.source_repo.clone_url(),
3299 3300 'repository': pull_request.source_repo.repo_name,
3300 3301 'reference': {
3301 3302 'name': pull_request.source_ref_parts.name,
3302 3303 'type': pull_request.source_ref_parts.type,
3303 3304 'commit_id': pull_request.source_ref_parts.commit_id,
3304 3305 },
3305 3306 },
3306 3307 'target': {
3307 3308 'clone_url': pull_request.target_repo.clone_url(),
3308 3309 'repository': pull_request.target_repo.repo_name,
3309 3310 'reference': {
3310 3311 'name': pull_request.target_ref_parts.name,
3311 3312 'type': pull_request.target_ref_parts.type,
3312 3313 'commit_id': pull_request.target_ref_parts.commit_id,
3313 3314 },
3314 3315 },
3315 3316 'merge': merge_data,
3316 3317 'author': pull_request.author.get_api_data(include_secrets=False,
3317 3318 details='basic'),
3318 3319 'reviewers': [
3319 3320 {
3320 3321 'user': reviewer.get_api_data(include_secrets=False,
3321 3322 details='basic'),
3322 3323 'reasons': reasons,
3323 3324 'review_status': st[0][1].status if st else 'not_reviewed',
3324 3325 }
3325 3326 for reviewer, reasons, st in pull_request.reviewers_statuses()
3326 3327 ]
3327 3328 }
3328 3329
3329 3330 return data
3330 3331
3331 3332
3332 3333 class PullRequest(Base, _PullRequestBase):
3333 3334 __tablename__ = 'pull_requests'
3334 3335 __table_args__ = (
3335 3336 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3336 3337 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3337 3338 )
3338 3339
3339 3340 pull_request_id = Column(
3340 3341 'pull_request_id', Integer(), nullable=False, primary_key=True)
3341 3342
3342 3343 def __repr__(self):
3343 3344 if self.pull_request_id:
3344 3345 return '<DB:PullRequest #%s>' % self.pull_request_id
3345 3346 else:
3346 3347 return '<DB:PullRequest at %#x>' % id(self)
3347 3348
3348 3349 reviewers = relationship('PullRequestReviewers',
3349 3350 cascade="all, delete, delete-orphan")
3350 3351 statuses = relationship('ChangesetStatus')
3351 3352 comments = relationship('ChangesetComment',
3352 3353 cascade="all, delete, delete-orphan")
3353 3354 versions = relationship('PullRequestVersion',
3354 3355 cascade="all, delete, delete-orphan",
3355 3356 lazy='dynamic')
3356 3357
3357 3358 @classmethod
3358 3359 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
3359 3360 internal_methods=None):
3360 3361
3361 3362 class PullRequestDisplay(object):
3362 3363 """
3363 3364 Special object wrapper for showing PullRequest data via Versions
3364 3365 It mimics PR object as close as possible. This is read only object
3365 3366 just for display
3366 3367 """
3367 3368
3368 3369 def __init__(self, attrs, internal=None):
3369 3370 self.attrs = attrs
3370 3371 # internal have priority over the given ones via attrs
3371 3372 self.internal = internal or ['versions']
3372 3373
3373 3374 def __getattr__(self, item):
3374 3375 if item in self.internal:
3375 3376 return getattr(self, item)
3376 3377 try:
3377 3378 return self.attrs[item]
3378 3379 except KeyError:
3379 3380 raise AttributeError(
3380 3381 '%s object has no attribute %s' % (self, item))
3381 3382
3382 3383 def __repr__(self):
3383 3384 return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
3384 3385
3385 3386 def versions(self):
3386 3387 return pull_request_obj.versions.order_by(
3387 3388 PullRequestVersion.pull_request_version_id).all()
3388 3389
3389 3390 def is_closed(self):
3390 3391 return pull_request_obj.is_closed()
3391 3392
3392 3393 @property
3393 3394 def pull_request_version_id(self):
3394 3395 return getattr(pull_request_obj, 'pull_request_version_id', None)
3395 3396
3396 3397 attrs = StrictAttributeDict(pull_request_obj.get_api_data())
3397 3398
3398 3399 attrs.author = StrictAttributeDict(
3399 3400 pull_request_obj.author.get_api_data())
3400 3401 if pull_request_obj.target_repo:
3401 3402 attrs.target_repo = StrictAttributeDict(
3402 3403 pull_request_obj.target_repo.get_api_data())
3403 3404 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
3404 3405
3405 3406 if pull_request_obj.source_repo:
3406 3407 attrs.source_repo = StrictAttributeDict(
3407 3408 pull_request_obj.source_repo.get_api_data())
3408 3409 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
3409 3410
3410 3411 attrs.source_ref_parts = pull_request_obj.source_ref_parts
3411 3412 attrs.target_ref_parts = pull_request_obj.target_ref_parts
3412 3413 attrs.revisions = pull_request_obj.revisions
3413 3414
3414 3415 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
3415 3416
3416 3417 return PullRequestDisplay(attrs, internal=internal_methods)
3417 3418
3418 3419 def is_closed(self):
3419 3420 return self.status == self.STATUS_CLOSED
3420 3421
3421 3422 def __json__(self):
3422 3423 return {
3423 3424 'revisions': self.revisions,
3424 3425 }
3425 3426
3426 3427 def calculated_review_status(self):
3427 3428 from rhodecode.model.changeset_status import ChangesetStatusModel
3428 3429 return ChangesetStatusModel().calculated_review_status(self)
3429 3430
3430 3431 def reviewers_statuses(self):
3431 3432 from rhodecode.model.changeset_status import ChangesetStatusModel
3432 3433 return ChangesetStatusModel().reviewers_statuses(self)
3433 3434
3434 3435 @property
3435 3436 def workspace_id(self):
3436 3437 from rhodecode.model.pull_request import PullRequestModel
3437 3438 return PullRequestModel()._workspace_id(self)
3438 3439
3439 3440 def get_shadow_repo(self):
3440 3441 workspace_id = self.workspace_id
3441 3442 vcs_obj = self.target_repo.scm_instance()
3442 3443 shadow_repository_path = vcs_obj._get_shadow_repository_path(
3443 3444 workspace_id)
3444 3445 return vcs_obj._get_shadow_instance(shadow_repository_path)
3445 3446
3446 3447
3447 3448 class PullRequestVersion(Base, _PullRequestBase):
3448 3449 __tablename__ = 'pull_request_versions'
3449 3450 __table_args__ = (
3450 3451 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3451 3452 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3452 3453 )
3453 3454
3454 3455 pull_request_version_id = Column(
3455 3456 'pull_request_version_id', Integer(), nullable=False, primary_key=True)
3456 3457 pull_request_id = Column(
3457 3458 'pull_request_id', Integer(),
3458 3459 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3459 3460 pull_request = relationship('PullRequest')
3460 3461
3461 3462 def __repr__(self):
3462 3463 if self.pull_request_version_id:
3463 3464 return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
3464 3465 else:
3465 3466 return '<DB:PullRequestVersion at %#x>' % id(self)
3466 3467
3467 3468 @property
3468 3469 def reviewers(self):
3469 3470 return self.pull_request.reviewers
3470 3471
3471 3472 @property
3472 3473 def versions(self):
3473 3474 return self.pull_request.versions
3474 3475
3475 3476 def is_closed(self):
3476 3477 # calculate from original
3477 3478 return self.pull_request.status == self.STATUS_CLOSED
3478 3479
3479 3480 def calculated_review_status(self):
3480 3481 return self.pull_request.calculated_review_status()
3481 3482
3482 3483 def reviewers_statuses(self):
3483 3484 return self.pull_request.reviewers_statuses()
3484 3485
3485 3486
3486 3487 class PullRequestReviewers(Base, BaseModel):
3487 3488 __tablename__ = 'pull_request_reviewers'
3488 3489 __table_args__ = (
3489 3490 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3490 3491 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3491 3492 )
3492 3493
3493 3494 def __init__(self, user=None, pull_request=None, reasons=None):
3494 3495 self.user = user
3495 3496 self.pull_request = pull_request
3496 3497 self.reasons = reasons or []
3497 3498
3498 3499 @hybrid_property
3499 3500 def reasons(self):
3500 3501 if not self._reasons:
3501 3502 return []
3502 3503 return self._reasons
3503 3504
3504 3505 @reasons.setter
3505 3506 def reasons(self, val):
3506 3507 val = val or []
3507 3508 if any(not isinstance(x, basestring) for x in val):
3508 3509 raise Exception('invalid reasons type, must be list of strings')
3509 3510 self._reasons = val
3510 3511
3511 3512 pull_requests_reviewers_id = Column(
3512 3513 'pull_requests_reviewers_id', Integer(), nullable=False,
3513 3514 primary_key=True)
3514 3515 pull_request_id = Column(
3515 3516 "pull_request_id", Integer(),
3516 3517 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3517 3518 user_id = Column(
3518 3519 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
3519 3520 _reasons = Column(
3520 3521 'reason', MutationList.as_mutable(
3521 3522 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
3522 3523
3523 3524 user = relationship('User')
3524 3525 pull_request = relationship('PullRequest')
3525 3526
3526 3527
3527 3528 class Notification(Base, BaseModel):
3528 3529 __tablename__ = 'notifications'
3529 3530 __table_args__ = (
3530 3531 Index('notification_type_idx', 'type'),
3531 3532 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3532 3533 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3533 3534 )
3534 3535
3535 3536 TYPE_CHANGESET_COMMENT = u'cs_comment'
3536 3537 TYPE_MESSAGE = u'message'
3537 3538 TYPE_MENTION = u'mention'
3538 3539 TYPE_REGISTRATION = u'registration'
3539 3540 TYPE_PULL_REQUEST = u'pull_request'
3540 3541 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
3541 3542
3542 3543 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
3543 3544 subject = Column('subject', Unicode(512), nullable=True)
3544 3545 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
3545 3546 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
3546 3547 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3547 3548 type_ = Column('type', Unicode(255))
3548 3549
3549 3550 created_by_user = relationship('User')
3550 3551 notifications_to_users = relationship('UserNotification', lazy='joined',
3551 3552 cascade="all, delete, delete-orphan")
3552 3553
3553 3554 @property
3554 3555 def recipients(self):
3555 3556 return [x.user for x in UserNotification.query()\
3556 3557 .filter(UserNotification.notification == self)\
3557 3558 .order_by(UserNotification.user_id.asc()).all()]
3558 3559
3559 3560 @classmethod
3560 3561 def create(cls, created_by, subject, body, recipients, type_=None):
3561 3562 if type_ is None:
3562 3563 type_ = Notification.TYPE_MESSAGE
3563 3564
3564 3565 notification = cls()
3565 3566 notification.created_by_user = created_by
3566 3567 notification.subject = subject
3567 3568 notification.body = body
3568 3569 notification.type_ = type_
3569 3570 notification.created_on = datetime.datetime.now()
3570 3571
3571 3572 for u in recipients:
3572 3573 assoc = UserNotification()
3573 3574 assoc.notification = notification
3574 3575
3575 3576 # if created_by is inside recipients mark his notification
3576 3577 # as read
3577 3578 if u.user_id == created_by.user_id:
3578 3579 assoc.read = True
3579 3580
3580 3581 u.notifications.append(assoc)
3581 3582 Session().add(notification)
3582 3583
3583 3584 return notification
3584 3585
3585 3586 @property
3586 3587 def description(self):
3587 3588 from rhodecode.model.notification import NotificationModel
3588 3589 return NotificationModel().make_description(self)
3589 3590
3590 3591
3591 3592 class UserNotification(Base, BaseModel):
3592 3593 __tablename__ = 'user_to_notification'
3593 3594 __table_args__ = (
3594 3595 UniqueConstraint('user_id', 'notification_id'),
3595 3596 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3596 3597 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3597 3598 )
3598 3599 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
3599 3600 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
3600 3601 read = Column('read', Boolean, default=False)
3601 3602 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
3602 3603
3603 3604 user = relationship('User', lazy="joined")
3604 3605 notification = relationship('Notification', lazy="joined",
3605 3606 order_by=lambda: Notification.created_on.desc(),)
3606 3607
3607 3608 def mark_as_read(self):
3608 3609 self.read = True
3609 3610 Session().add(self)
3610 3611
3611 3612
3612 3613 class Gist(Base, BaseModel):
3613 3614 __tablename__ = 'gists'
3614 3615 __table_args__ = (
3615 3616 Index('g_gist_access_id_idx', 'gist_access_id'),
3616 3617 Index('g_created_on_idx', 'created_on'),
3617 3618 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3618 3619 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3619 3620 )
3620 3621 GIST_PUBLIC = u'public'
3621 3622 GIST_PRIVATE = u'private'
3622 3623 DEFAULT_FILENAME = u'gistfile1.txt'
3623 3624
3624 3625 ACL_LEVEL_PUBLIC = u'acl_public'
3625 3626 ACL_LEVEL_PRIVATE = u'acl_private'
3626 3627
3627 3628 gist_id = Column('gist_id', Integer(), primary_key=True)
3628 3629 gist_access_id = Column('gist_access_id', Unicode(250))
3629 3630 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
3630 3631 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
3631 3632 gist_expires = Column('gist_expires', Float(53), nullable=False)
3632 3633 gist_type = Column('gist_type', Unicode(128), nullable=False)
3633 3634 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3634 3635 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3635 3636 acl_level = Column('acl_level', Unicode(128), nullable=True)
3636 3637
3637 3638 owner = relationship('User')
3638 3639
3639 3640 def __repr__(self):
3640 3641 return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
3641 3642
3642 3643 @classmethod
3643 3644 def get_or_404(cls, id_, pyramid_exc=False):
3644 3645
3645 3646 if pyramid_exc:
3646 3647 from pyramid.httpexceptions import HTTPNotFound
3647 3648 else:
3648 3649 from webob.exc import HTTPNotFound
3649 3650
3650 3651 res = cls.query().filter(cls.gist_access_id == id_).scalar()
3651 3652 if not res:
3652 3653 raise HTTPNotFound
3653 3654 return res
3654 3655
3655 3656 @classmethod
3656 3657 def get_by_access_id(cls, gist_access_id):
3657 3658 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
3658 3659
3659 3660 def gist_url(self):
3660 3661 import rhodecode
3661 3662 alias_url = rhodecode.CONFIG.get('gist_alias_url')
3662 3663 if alias_url:
3663 3664 return alias_url.replace('{gistid}', self.gist_access_id)
3664 3665
3665 3666 return url('gist', gist_id=self.gist_access_id, qualified=True)
3666 3667
3667 3668 @classmethod
3668 3669 def base_path(cls):
3669 3670 """
3670 3671 Returns base path when all gists are stored
3671 3672
3672 3673 :param cls:
3673 3674 """
3674 3675 from rhodecode.model.gist import GIST_STORE_LOC
3675 3676 q = Session().query(RhodeCodeUi)\
3676 3677 .filter(RhodeCodeUi.ui_key == URL_SEP)
3677 3678 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
3678 3679 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
3679 3680
3680 3681 def get_api_data(self):
3681 3682 """
3682 3683 Common function for generating gist related data for API
3683 3684 """
3684 3685 gist = self
3685 3686 data = {
3686 3687 'gist_id': gist.gist_id,
3687 3688 'type': gist.gist_type,
3688 3689 'access_id': gist.gist_access_id,
3689 3690 'description': gist.gist_description,
3690 3691 'url': gist.gist_url(),
3691 3692 'expires': gist.gist_expires,
3692 3693 'created_on': gist.created_on,
3693 3694 'modified_at': gist.modified_at,
3694 3695 'content': None,
3695 3696 'acl_level': gist.acl_level,
3696 3697 }
3697 3698 return data
3698 3699
3699 3700 def __json__(self):
3700 3701 data = dict(
3701 3702 )
3702 3703 data.update(self.get_api_data())
3703 3704 return data
3704 3705 # SCM functions
3705 3706
3706 3707 def scm_instance(self, **kwargs):
3707 3708 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
3708 3709 return get_vcs_instance(
3709 3710 repo_path=safe_str(full_repo_path), create=False)
3710 3711
3711 3712
3712 3713 class ExternalIdentity(Base, BaseModel):
3713 3714 __tablename__ = 'external_identities'
3714 3715 __table_args__ = (
3715 3716 Index('local_user_id_idx', 'local_user_id'),
3716 3717 Index('external_id_idx', 'external_id'),
3717 3718 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3718 3719 'mysql_charset': 'utf8'})
3719 3720
3720 3721 external_id = Column('external_id', Unicode(255), default=u'',
3721 3722 primary_key=True)
3722 3723 external_username = Column('external_username', Unicode(1024), default=u'')
3723 3724 local_user_id = Column('local_user_id', Integer(),
3724 3725 ForeignKey('users.user_id'), primary_key=True)
3725 3726 provider_name = Column('provider_name', Unicode(255), default=u'',
3726 3727 primary_key=True)
3727 3728 access_token = Column('access_token', String(1024), default=u'')
3728 3729 alt_token = Column('alt_token', String(1024), default=u'')
3729 3730 token_secret = Column('token_secret', String(1024), default=u'')
3730 3731
3731 3732 @classmethod
3732 3733 def by_external_id_and_provider(cls, external_id, provider_name,
3733 3734 local_user_id=None):
3734 3735 """
3735 3736 Returns ExternalIdentity instance based on search params
3736 3737
3737 3738 :param external_id:
3738 3739 :param provider_name:
3739 3740 :return: ExternalIdentity
3740 3741 """
3741 3742 query = cls.query()
3742 3743 query = query.filter(cls.external_id == external_id)
3743 3744 query = query.filter(cls.provider_name == provider_name)
3744 3745 if local_user_id:
3745 3746 query = query.filter(cls.local_user_id == local_user_id)
3746 3747 return query.first()
3747 3748
3748 3749 @classmethod
3749 3750 def user_by_external_id_and_provider(cls, external_id, provider_name):
3750 3751 """
3751 3752 Returns User instance based on search params
3752 3753
3753 3754 :param external_id:
3754 3755 :param provider_name:
3755 3756 :return: User
3756 3757 """
3757 3758 query = User.query()
3758 3759 query = query.filter(cls.external_id == external_id)
3759 3760 query = query.filter(cls.provider_name == provider_name)
3760 3761 query = query.filter(User.user_id == cls.local_user_id)
3761 3762 return query.first()
3762 3763
3763 3764 @classmethod
3764 3765 def by_local_user_id(cls, local_user_id):
3765 3766 """
3766 3767 Returns all tokens for user
3767 3768
3768 3769 :param local_user_id:
3769 3770 :return: ExternalIdentity
3770 3771 """
3771 3772 query = cls.query()
3772 3773 query = query.filter(cls.local_user_id == local_user_id)
3773 3774 return query
3774 3775
3775 3776
3776 3777 class Integration(Base, BaseModel):
3777 3778 __tablename__ = 'integrations'
3778 3779 __table_args__ = (
3779 3780 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3780 3781 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3781 3782 )
3782 3783
3783 3784 integration_id = Column('integration_id', Integer(), primary_key=True)
3784 3785 integration_type = Column('integration_type', String(255))
3785 3786 enabled = Column('enabled', Boolean(), nullable=False)
3786 3787 name = Column('name', String(255), nullable=False)
3787 3788 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
3788 3789 default=False)
3789 3790
3790 3791 settings = Column(
3791 3792 'settings_json', MutationObj.as_mutable(
3792 3793 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3793 3794 repo_id = Column(
3794 3795 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
3795 3796 nullable=True, unique=None, default=None)
3796 3797 repo = relationship('Repository', lazy='joined')
3797 3798
3798 3799 repo_group_id = Column(
3799 3800 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
3800 3801 nullable=True, unique=None, default=None)
3801 3802 repo_group = relationship('RepoGroup', lazy='joined')
3802 3803
3803 3804 @property
3804 3805 def scope(self):
3805 3806 if self.repo:
3806 3807 return repr(self.repo)
3807 3808 if self.repo_group:
3808 3809 if self.child_repos_only:
3809 3810 return repr(self.repo_group) + ' (child repos only)'
3810 3811 else:
3811 3812 return repr(self.repo_group) + ' (recursive)'
3812 3813 if self.child_repos_only:
3813 3814 return 'root_repos'
3814 3815 return 'global'
3815 3816
3816 3817 def __repr__(self):
3817 3818 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
3818 3819
3819 3820
3820 3821 class RepoReviewRuleUser(Base, BaseModel):
3821 3822 __tablename__ = 'repo_review_rules_users'
3822 3823 __table_args__ = (
3823 3824 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3824 3825 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
3825 3826 )
3826 3827 repo_review_rule_user_id = Column(
3827 3828 'repo_review_rule_user_id', Integer(), primary_key=True)
3828 3829 repo_review_rule_id = Column("repo_review_rule_id",
3829 3830 Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
3830 3831 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'),
3831 3832 nullable=False)
3832 3833 user = relationship('User')
3833 3834
3834 3835
3835 3836 class RepoReviewRuleUserGroup(Base, BaseModel):
3836 3837 __tablename__ = 'repo_review_rules_users_groups'
3837 3838 __table_args__ = (
3838 3839 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3839 3840 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
3840 3841 )
3841 3842 repo_review_rule_users_group_id = Column(
3842 3843 'repo_review_rule_users_group_id', Integer(), primary_key=True)
3843 3844 repo_review_rule_id = Column("repo_review_rule_id",
3844 3845 Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
3845 3846 users_group_id = Column("users_group_id", Integer(),
3846 3847 ForeignKey('users_groups.users_group_id'), nullable=False)
3847 3848 users_group = relationship('UserGroup')
3848 3849
3849 3850
3850 3851 class RepoReviewRule(Base, BaseModel):
3851 3852 __tablename__ = 'repo_review_rules'
3852 3853 __table_args__ = (
3853 3854 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3854 3855 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
3855 3856 )
3856 3857
3857 3858 repo_review_rule_id = Column(
3858 3859 'repo_review_rule_id', Integer(), primary_key=True)
3859 3860 repo_id = Column(
3860 3861 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
3861 3862 repo = relationship('Repository', backref='review_rules')
3862 3863
3863 3864 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'),
3864 3865 default=u'*') # glob
3865 3866 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'),
3866 3867 default=u'*') # glob
3867 3868
3868 3869 use_authors_for_review = Column("use_authors_for_review", Boolean(),
3869 3870 nullable=False, default=False)
3870 3871 rule_users = relationship('RepoReviewRuleUser')
3871 3872 rule_user_groups = relationship('RepoReviewRuleUserGroup')
3872 3873
3873 3874 @hybrid_property
3874 3875 def branch_pattern(self):
3875 3876 return self._branch_pattern or '*'
3876 3877
3877 3878 def _validate_glob(self, value):
3878 3879 re.compile('^' + glob2re(value) + '$')
3879 3880
3880 3881 @branch_pattern.setter
3881 3882 def branch_pattern(self, value):
3882 3883 self._validate_glob(value)
3883 3884 self._branch_pattern = value or '*'
3884 3885
3885 3886 @hybrid_property
3886 3887 def file_pattern(self):
3887 3888 return self._file_pattern or '*'
3888 3889
3889 3890 @file_pattern.setter
3890 3891 def file_pattern(self, value):
3891 3892 self._validate_glob(value)
3892 3893 self._file_pattern = value or '*'
3893 3894
3894 3895 def matches(self, branch, files_changed):
3895 3896 """
3896 3897 Check if this review rule matches a branch/files in a pull request
3897 3898
3898 3899 :param branch: branch name for the commit
3899 3900 :param files_changed: list of file paths changed in the pull request
3900 3901 """
3901 3902
3902 3903 branch = branch or ''
3903 3904 files_changed = files_changed or []
3904 3905
3905 3906 branch_matches = True
3906 3907 if branch:
3907 3908 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
3908 3909 branch_matches = bool(branch_regex.search(branch))
3909 3910
3910 3911 files_matches = True
3911 3912 if self.file_pattern != '*':
3912 3913 files_matches = False
3913 3914 file_regex = re.compile(glob2re(self.file_pattern))
3914 3915 for filename in files_changed:
3915 3916 if file_regex.search(filename):
3916 3917 files_matches = True
3917 3918 break
3918 3919
3919 3920 return branch_matches and files_matches
3920 3921
3921 3922 @property
3922 3923 def review_users(self):
3923 3924 """ Returns the users which this rule applies to """
3924 3925
3925 3926 users = set()
3926 3927 users |= set([
3927 3928 rule_user.user for rule_user in self.rule_users
3928 3929 if rule_user.user.active])
3929 3930 users |= set(
3930 3931 member.user
3931 3932 for rule_user_group in self.rule_user_groups
3932 3933 for member in rule_user_group.users_group.members
3933 3934 if member.user.active
3934 3935 )
3935 3936 return users
3936 3937
3937 3938 def __repr__(self):
3938 3939 return '<RepoReviewerRule(id=%r, repo=%r)>' % (
3939 3940 self.repo_review_rule_id, self.repo)
3940 3941
3941 3942
3942 3943 class DbMigrateVersion(Base, BaseModel):
3943 3944 __tablename__ = 'db_migrate_version'
3944 3945 __table_args__ = (
3945 3946 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3946 3947 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3947 3948 )
3948 3949 repository_id = Column('repository_id', String(250), primary_key=True)
3949 3950 repository_path = Column('repository_path', Text)
3950 3951 version = Column('version', Integer)
3951 3952
3952 3953
3953 3954 class DbSession(Base, BaseModel):
3954 3955 __tablename__ = 'db_session'
3955 3956 __table_args__ = (
3956 3957 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3957 3958 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3958 3959 )
3959 3960
3960 3961 def __repr__(self):
3961 3962 return '<DB:DbSession({})>'.format(self.id)
3962 3963
3963 3964 id = Column('id', Integer())
3964 3965 namespace = Column('namespace', String(255), primary_key=True)
3965 3966 accessed = Column('accessed', DateTime, nullable=False)
3966 3967 created = Column('created', DateTime, nullable=False)
3967 3968 data = Column('data', PickleType, nullable=False)
Show file before | Show file after | Hide comments
@@ -1,1073 +1,1080 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 Repository model for rhodecode
23 23 """
24 24
25 25 import logging
26 26 import os
27 27 import re
28 28 import shutil
29 29 import time
30 30 import traceback
31 31 from datetime import datetime, timedelta
32 32
33 33 from sqlalchemy.sql import func
34 34 from sqlalchemy.sql.expression import true, or_
35 35 from zope.cachedescriptors.property import Lazy as LazyProperty
36 36
37 37 from rhodecode import events
38 38 from rhodecode.lib import helpers as h
39 39 from rhodecode.lib.auth import HasUserGroupPermissionAny
40 40 from rhodecode.lib.caching_query import FromCache
41 41 from rhodecode.lib.exceptions import AttachedForksError
42 42 from rhodecode.lib.hooks_base import log_delete_repository
43 43 from rhodecode.lib.markup_renderer import MarkupRenderer
44 44 from rhodecode.lib.utils import make_db_config
45 45 from rhodecode.lib.utils2 import (
46 46 safe_str, safe_unicode, remove_prefix, obfuscate_url_pw,
47 47 get_current_rhodecode_user, safe_int, datetime_to_time, action_logger_generic)
48 48 from rhodecode.lib.vcs.backends import get_backend
49 49 from rhodecode.lib.vcs.exceptions import NodeDoesNotExistError
50 50 from rhodecode.model import BaseModel
51 51 from rhodecode.model.db import (
52 52 Repository, UserRepoToPerm, UserGroupRepoToPerm, UserRepoGroupToPerm,
53 53 UserGroupRepoGroupToPerm, User, Permission, Statistics, UserGroup,
54 54 RepoGroup, RepositoryField)
55 55 from rhodecode.model.scm import UserGroupList
56 56 from rhodecode.model.settings import VcsSettingsModel
57 57
58 58
59 59 log = logging.getLogger(__name__)
60 60
61 61
62 62 class RepoModel(BaseModel):
63 63
64 64 cls = Repository
65 65
66 66 def _get_user_group(self, users_group):
67 67 return self._get_instance(UserGroup, users_group,
68 68 callback=UserGroup.get_by_group_name)
69 69
70 70 def _get_repo_group(self, repo_group):
71 71 return self._get_instance(RepoGroup, repo_group,
72 72 callback=RepoGroup.get_by_group_name)
73 73
74 74 def _create_default_perms(self, repository, private):
75 75 # create default permission
76 76 default = 'repository.read'
77 77 def_user = User.get_default_user()
78 78 for p in def_user.user_perms:
79 79 if p.permission.permission_name.startswith('repository.'):
80 80 default = p.permission.permission_name
81 81 break
82 82
83 83 default_perm = 'repository.none' if private else default
84 84
85 85 repo_to_perm = UserRepoToPerm()
86 86 repo_to_perm.permission = Permission.get_by_key(default_perm)
87 87
88 88 repo_to_perm.repository = repository
89 89 repo_to_perm.user_id = def_user.user_id
90 90
91 91 return repo_to_perm
92 92
93 93 @LazyProperty
94 94 def repos_path(self):
95 95 """
96 96 Gets the repositories root path from database
97 97 """
98 98 settings_model = VcsSettingsModel(sa=self.sa)
99 99 return settings_model.get_repos_location()
100 100
101 101 def get(self, repo_id, cache=False):
102 102 repo = self.sa.query(Repository) \
103 103 .filter(Repository.repo_id == repo_id)
104 104
105 105 if cache:
106 106 repo = repo.options(FromCache("sql_cache_short",
107 107 "get_repo_%s" % repo_id))
108 108 return repo.scalar()
109 109
110 110 def get_repo(self, repository):
111 111 return self._get_repo(repository)
112 112
113 113 def get_by_repo_name(self, repo_name, cache=False):
114 114 repo = self.sa.query(Repository) \
115 115 .filter(Repository.repo_name == repo_name)
116 116
117 117 if cache:
118 118 repo = repo.options(FromCache("sql_cache_short",
119 119 "get_repo_%s" % repo_name))
120 120 return repo.scalar()
121 121
122 122 def _extract_id_from_repo_name(self, repo_name):
123 123 if repo_name.startswith('/'):
124 124 repo_name = repo_name.lstrip('/')
125 125 by_id_match = re.match(r'^_(\d{1,})', repo_name)
126 126 if by_id_match:
127 127 return by_id_match.groups()[0]
128 128
129 129 def get_repo_by_id(self, repo_name):
130 130 """
131 131 Extracts repo_name by id from special urls.
132 132 Example url is _11/repo_name
133 133
134 134 :param repo_name:
135 135 :return: repo object if matched else None
136 136 """
137 137 try:
138 138 _repo_id = self._extract_id_from_repo_name(repo_name)
139 139 if _repo_id:
140 140 return self.get(_repo_id)
141 141 except Exception:
142 142 log.exception('Failed to extract repo_name from URL')
143 143
144 144 return None
145 145
146 146 def get_repos_for_root(self, root, traverse=False):
147 147 if traverse:
148 148 like_expression = u'{}%'.format(safe_unicode(root))
149 149 repos = Repository.query().filter(
150 150 Repository.repo_name.like(like_expression)).all()
151 151 else:
152 152 if root and not isinstance(root, RepoGroup):
153 153 raise ValueError(
154 154 'Root must be an instance '
155 155 'of RepoGroup, got:{} instead'.format(type(root)))
156 156 repos = Repository.query().filter(Repository.group == root).all()
157 157 return repos
158 158
159 159 def get_url(self, repo):
160 160 return h.url('summary_home', repo_name=safe_str(repo.repo_name),
161 161 qualified=True)
162 162
163 163 def get_users(self, name_contains=None, limit=20, only_active=True):
164 164
165 165 # TODO: mikhail: move this method to the UserModel.
166 166 query = self.sa.query(User)
167 167 if only_active:
168 168 query = query.filter(User.active == true())
169 169
170 170 if name_contains:
171 171 ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
172 172 query = query.filter(
173 173 or_(
174 174 User.name.ilike(ilike_expression),
175 175 User.lastname.ilike(ilike_expression),
176 176 User.username.ilike(ilike_expression)
177 177 )
178 178 )
179 179 query = query.limit(limit)
180 180 users = query.all()
181 181
182 182 _users = [
183 183 {
184 184 'id': user.user_id,
185 185 'first_name': user.name,
186 186 'last_name': user.lastname,
187 187 'username': user.username,
188 188 'email': user.email,
189 189 'icon_link': h.gravatar_url(user.email, 30),
190 190 'value_display': h.person(user),
191 191 'value': user.username,
192 192 'value_type': 'user',
193 193 'active': user.active,
194 194 }
195 195 for user in users
196 196 ]
197 197 return _users
198 198
199 199 def get_user_groups(self, name_contains=None, limit=20, only_active=True):
200
200 201 # TODO: mikhail: move this method to the UserGroupModel.
201 202 query = self.sa.query(UserGroup)
202 203 if only_active:
203 204 query = query.filter(UserGroup.users_group_active == true())
204 205
205 206 if name_contains:
206 207 ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
207 208 query = query.filter(
208 209 UserGroup.users_group_name.ilike(ilike_expression))\
209 210 .order_by(func.length(UserGroup.users_group_name))\
210 211 .order_by(UserGroup.users_group_name)
211 212
212 213 query = query.limit(limit)
213 214 user_groups = query.all()
214 215 perm_set = ['usergroup.read', 'usergroup.write', 'usergroup.admin']
215 216 user_groups = UserGroupList(user_groups, perm_set=perm_set)
216 217
217 218 _groups = [
218 219 {
219 220 'id': group.users_group_id,
220 221 # TODO: marcink figure out a way to generate the url for the
221 222 # icon
222 223 'icon_link': '',
223 224 'value_display': 'Group: %s (%d members)' % (
224 225 group.users_group_name, len(group.members),),
225 226 'value': group.users_group_name,
227 'description': group.user_group_description,
228 'owner': group.user.username,
229
230 'owner_icon': h.gravatar_url(group.user.email, 30),
231 'value_display_owner': h.person(group.user.email),
232
226 233 'value_type': 'user_group',
227 234 'active': group.users_group_active,
228 235 }
229 236 for group in user_groups
230 237 ]
231 238 return _groups
232 239
233 240 @classmethod
234 241 def update_repoinfo(cls, repositories=None):
235 242 if not repositories:
236 243 repositories = Repository.getAll()
237 244 for repo in repositories:
238 245 repo.update_commit_cache()
239 246
240 247 def get_repos_as_dict(self, repo_list=None, admin=False,
241 248 super_user_actions=False):
242 249
243 250 from rhodecode.lib.utils import PartialRenderer
244 251 _render = PartialRenderer('data_table/_dt_elements.mako')
245 252 c = _render.c
246 253
247 254 def quick_menu(repo_name):
248 255 return _render('quick_menu', repo_name)
249 256
250 257 def repo_lnk(name, rtype, rstate, private, fork_of):
251 258 return _render('repo_name', name, rtype, rstate, private, fork_of,
252 259 short_name=not admin, admin=False)
253 260
254 261 def last_change(last_change):
255 262 if admin and isinstance(last_change, datetime) and not last_change.tzinfo:
256 263 last_change = last_change + timedelta(seconds=
257 264 (datetime.now() - datetime.utcnow()).seconds)
258 265 return _render("last_change", last_change)
259 266
260 267 def rss_lnk(repo_name):
261 268 return _render("rss", repo_name)
262 269
263 270 def atom_lnk(repo_name):
264 271 return _render("atom", repo_name)
265 272
266 273 def last_rev(repo_name, cs_cache):
267 274 return _render('revision', repo_name, cs_cache.get('revision'),
268 275 cs_cache.get('raw_id'), cs_cache.get('author'),
269 276 cs_cache.get('message'))
270 277
271 278 def desc(desc):
272 279 if c.visual.stylify_metatags:
273 280 desc = h.urlify_text(h.escaped_stylize(desc))
274 281 else:
275 282 desc = h.urlify_text(h.html_escape(desc))
276 283
277 284 return _render('repo_desc', desc)
278 285
279 286 def state(repo_state):
280 287 return _render("repo_state", repo_state)
281 288
282 289 def repo_actions(repo_name):
283 290 return _render('repo_actions', repo_name, super_user_actions)
284 291
285 292 def user_profile(username):
286 293 return _render('user_profile', username)
287 294
288 295 repos_data = []
289 296 for repo in repo_list:
290 297 cs_cache = repo.changeset_cache
291 298 row = {
292 299 "menu": quick_menu(repo.repo_name),
293 300
294 301 "name": repo_lnk(repo.repo_name, repo.repo_type,
295 302 repo.repo_state, repo.private, repo.fork),
296 303 "name_raw": repo.repo_name.lower(),
297 304
298 305 "last_change": last_change(repo.last_db_change),
299 306 "last_change_raw": datetime_to_time(repo.last_db_change),
300 307
301 308 "last_changeset": last_rev(repo.repo_name, cs_cache),
302 309 "last_changeset_raw": cs_cache.get('revision'),
303 310
304 311 "desc": desc(repo.description),
305 312 "owner": user_profile(repo.user.username),
306 313
307 314 "state": state(repo.repo_state),
308 315 "rss": rss_lnk(repo.repo_name),
309 316
310 317 "atom": atom_lnk(repo.repo_name),
311 318 }
312 319 if admin:
313 320 row.update({
314 321 "action": repo_actions(repo.repo_name),
315 322 })
316 323 repos_data.append(row)
317 324
318 325 return repos_data
319 326
320 327 def _get_defaults(self, repo_name):
321 328 """
322 329 Gets information about repository, and returns a dict for
323 330 usage in forms
324 331
325 332 :param repo_name:
326 333 """
327 334
328 335 repo_info = Repository.get_by_repo_name(repo_name)
329 336
330 337 if repo_info is None:
331 338 return None
332 339
333 340 defaults = repo_info.get_dict()
334 341 defaults['repo_name'] = repo_info.just_name
335 342
336 343 groups = repo_info.groups_with_parents
337 344 parent_group = groups[-1] if groups else None
338 345
339 346 # we use -1 as this is how in HTML, we mark an empty group
340 347 defaults['repo_group'] = getattr(parent_group, 'group_id', -1)
341 348
342 349 keys_to_process = (
343 350 {'k': 'repo_type', 'strip': False},
344 351 {'k': 'repo_enable_downloads', 'strip': True},
345 352 {'k': 'repo_description', 'strip': True},
346 353 {'k': 'repo_enable_locking', 'strip': True},
347 354 {'k': 'repo_landing_rev', 'strip': True},
348 355 {'k': 'clone_uri', 'strip': False},
349 356 {'k': 'repo_private', 'strip': True},
350 357 {'k': 'repo_enable_statistics', 'strip': True}
351 358 )
352 359
353 360 for item in keys_to_process:
354 361 attr = item['k']
355 362 if item['strip']:
356 363 attr = remove_prefix(item['k'], 'repo_')
357 364
358 365 val = defaults[attr]
359 366 if item['k'] == 'repo_landing_rev':
360 367 val = ':'.join(defaults[attr])
361 368 defaults[item['k']] = val
362 369 if item['k'] == 'clone_uri':
363 370 defaults['clone_uri_hidden'] = repo_info.clone_uri_hidden
364 371
365 372 # fill owner
366 373 if repo_info.user:
367 374 defaults.update({'user': repo_info.user.username})
368 375 else:
369 376 replacement_user = User.get_first_super_admin().username
370 377 defaults.update({'user': replacement_user})
371 378
372 379 # fill repository users
373 380 for p in repo_info.repo_to_perm:
374 381 defaults.update({'u_perm_%s' % p.user.user_id:
375 382 p.permission.permission_name})
376 383
377 384 # fill repository groups
378 385 for p in repo_info.users_group_to_perm:
379 386 defaults.update({'g_perm_%s' % p.users_group.users_group_id:
380 387 p.permission.permission_name})
381 388
382 389 return defaults
383 390
384 391 def update(self, repo, **kwargs):
385 392 try:
386 393 cur_repo = self._get_repo(repo)
387 394 source_repo_name = cur_repo.repo_name
388 395 if 'user' in kwargs:
389 396 cur_repo.user = User.get_by_username(kwargs['user'])
390 397
391 398 if 'repo_group' in kwargs:
392 399 cur_repo.group = RepoGroup.get(kwargs['repo_group'])
393 400 log.debug('Updating repo %s with params:%s', cur_repo, kwargs)
394 401
395 402 update_keys = [
396 403 (1, 'repo_description'),
397 404 (1, 'repo_landing_rev'),
398 405 (1, 'repo_private'),
399 406 (1, 'repo_enable_downloads'),
400 407 (1, 'repo_enable_locking'),
401 408 (1, 'repo_enable_statistics'),
402 409 (0, 'clone_uri'),
403 410 (0, 'fork_id')
404 411 ]
405 412 for strip, k in update_keys:
406 413 if k in kwargs:
407 414 val = kwargs[k]
408 415 if strip:
409 416 k = remove_prefix(k, 'repo_')
410 417 if k == 'clone_uri':
411 418 from rhodecode.model.validators import Missing
412 419 _change = kwargs.get('clone_uri_change')
413 420 if _change in [Missing, 'OLD']:
414 421 # we don't change the value, so use original one
415 422 val = cur_repo.clone_uri
416 423
417 424 setattr(cur_repo, k, val)
418 425
419 426 new_name = cur_repo.get_new_name(kwargs['repo_name'])
420 427 cur_repo.repo_name = new_name
421 428
422 429 # if private flag is set, reset default permission to NONE
423 430 if kwargs.get('repo_private'):
424 431 EMPTY_PERM = 'repository.none'
425 432 RepoModel().grant_user_permission(
426 433 repo=cur_repo, user=User.DEFAULT_USER, perm=EMPTY_PERM
427 434 )
428 435
429 436 # handle extra fields
430 437 for field in filter(lambda k: k.startswith(RepositoryField.PREFIX),
431 438 kwargs):
432 439 k = RepositoryField.un_prefix_key(field)
433 440 ex_field = RepositoryField.get_by_key_name(
434 441 key=k, repo=cur_repo)
435 442 if ex_field:
436 443 ex_field.field_value = kwargs[field]
437 444 self.sa.add(ex_field)
438 445 self.sa.add(cur_repo)
439 446
440 447 if source_repo_name != new_name:
441 448 # rename repository
442 449 self._rename_filesystem_repo(
443 450 old=source_repo_name, new=new_name)
444 451
445 452 return cur_repo
446 453 except Exception:
447 454 log.error(traceback.format_exc())
448 455 raise
449 456
450 457 def _create_repo(self, repo_name, repo_type, description, owner,
451 458 private=False, clone_uri=None, repo_group=None,
452 459 landing_rev='rev:tip', fork_of=None,
453 460 copy_fork_permissions=False, enable_statistics=False,
454 461 enable_locking=False, enable_downloads=False,
455 462 copy_group_permissions=False,
456 463 state=Repository.STATE_PENDING):
457 464 """
458 465 Create repository inside database with PENDING state, this should be
459 466 only executed by create() repo. With exception of importing existing
460 467 repos
461 468 """
462 469 from rhodecode.model.scm import ScmModel
463 470
464 471 owner = self._get_user(owner)
465 472 fork_of = self._get_repo(fork_of)
466 473 repo_group = self._get_repo_group(safe_int(repo_group))
467 474
468 475 try:
469 476 repo_name = safe_unicode(repo_name)
470 477 description = safe_unicode(description)
471 478 # repo name is just a name of repository
472 479 # while repo_name_full is a full qualified name that is combined
473 480 # with name and path of group
474 481 repo_name_full = repo_name
475 482 repo_name = repo_name.split(Repository.NAME_SEP)[-1]
476 483
477 484 new_repo = Repository()
478 485 new_repo.repo_state = state
479 486 new_repo.enable_statistics = False
480 487 new_repo.repo_name = repo_name_full
481 488 new_repo.repo_type = repo_type
482 489 new_repo.user = owner
483 490 new_repo.group = repo_group
484 491 new_repo.description = description or repo_name
485 492 new_repo.private = private
486 493 new_repo.clone_uri = clone_uri
487 494 new_repo.landing_rev = landing_rev
488 495
489 496 new_repo.enable_statistics = enable_statistics
490 497 new_repo.enable_locking = enable_locking
491 498 new_repo.enable_downloads = enable_downloads
492 499
493 500 if repo_group:
494 501 new_repo.enable_locking = repo_group.enable_locking
495 502
496 503 if fork_of:
497 504 parent_repo = fork_of
498 505 new_repo.fork = parent_repo
499 506
500 507 events.trigger(events.RepoPreCreateEvent(new_repo))
501 508
502 509 self.sa.add(new_repo)
503 510
504 511 EMPTY_PERM = 'repository.none'
505 512 if fork_of and copy_fork_permissions:
506 513 repo = fork_of
507 514 user_perms = UserRepoToPerm.query() \
508 515 .filter(UserRepoToPerm.repository == repo).all()
509 516 group_perms = UserGroupRepoToPerm.query() \
510 517 .filter(UserGroupRepoToPerm.repository == repo).all()
511 518
512 519 for perm in user_perms:
513 520 UserRepoToPerm.create(
514 521 perm.user, new_repo, perm.permission)
515 522
516 523 for perm in group_perms:
517 524 UserGroupRepoToPerm.create(
518 525 perm.users_group, new_repo, perm.permission)
519 526 # in case we copy permissions and also set this repo to private
520 527 # override the default user permission to make it a private
521 528 # repo
522 529 if private:
523 530 RepoModel(self.sa).grant_user_permission(
524 531 repo=new_repo, user=User.DEFAULT_USER, perm=EMPTY_PERM)
525 532
526 533 elif repo_group and copy_group_permissions:
527 534 user_perms = UserRepoGroupToPerm.query() \
528 535 .filter(UserRepoGroupToPerm.group == repo_group).all()
529 536
530 537 group_perms = UserGroupRepoGroupToPerm.query() \
531 538 .filter(UserGroupRepoGroupToPerm.group == repo_group).all()
532 539
533 540 for perm in user_perms:
534 541 perm_name = perm.permission.permission_name.replace(
535 542 'group.', 'repository.')
536 543 perm_obj = Permission.get_by_key(perm_name)
537 544 UserRepoToPerm.create(perm.user, new_repo, perm_obj)
538 545
539 546 for perm in group_perms:
540 547 perm_name = perm.permission.permission_name.replace(
541 548 'group.', 'repository.')
542 549 perm_obj = Permission.get_by_key(perm_name)
543 550 UserGroupRepoToPerm.create(
544 551 perm.users_group, new_repo, perm_obj)
545 552
546 553 if private:
547 554 RepoModel(self.sa).grant_user_permission(
548 555 repo=new_repo, user=User.DEFAULT_USER, perm=EMPTY_PERM)
549 556
550 557 else:
551 558 perm_obj = self._create_default_perms(new_repo, private)
552 559 self.sa.add(perm_obj)
553 560
554 561 # now automatically start following this repository as owner
555 562 ScmModel(self.sa).toggle_following_repo(new_repo.repo_id,
556 563 owner.user_id)
557 564
558 565 # we need to flush here, in order to check if database won't
559 566 # throw any exceptions, create filesystem dirs at the very end
560 567 self.sa.flush()
561 568 events.trigger(events.RepoCreateEvent(new_repo))
562 569 return new_repo
563 570
564 571 except Exception:
565 572 log.error(traceback.format_exc())
566 573 raise
567 574
568 575 def create(self, form_data, cur_user):
569 576 """
570 577 Create repository using celery tasks
571 578
572 579 :param form_data:
573 580 :param cur_user:
574 581 """
575 582 from rhodecode.lib.celerylib import tasks, run_task
576 583 return run_task(tasks.create_repo, form_data, cur_user)
577 584
578 585 def update_permissions(self, repo, perm_additions=None, perm_updates=None,
579 586 perm_deletions=None, check_perms=True,
580 587 cur_user=None):
581 588 if not perm_additions:
582 589 perm_additions = []
583 590 if not perm_updates:
584 591 perm_updates = []
585 592 if not perm_deletions:
586 593 perm_deletions = []
587 594
588 595 req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin')
589 596
590 597 # update permissions
591 598 for member_id, perm, member_type in perm_updates:
592 599 member_id = int(member_id)
593 600 if member_type == 'user':
594 601 # this updates also current one if found
595 602 self.grant_user_permission(
596 603 repo=repo, user=member_id, perm=perm)
597 604 else: # set for user group
598 605 # check if we have permissions to alter this usergroup
599 606 member_name = UserGroup.get(member_id).users_group_name
600 607 if not check_perms or HasUserGroupPermissionAny(
601 608 *req_perms)(member_name, user=cur_user):
602 609 self.grant_user_group_permission(
603 610 repo=repo, group_name=member_id, perm=perm)
604 611
605 612 # set new permissions
606 613 for member_id, perm, member_type in perm_additions:
607 614 member_id = int(member_id)
608 615 if member_type == 'user':
609 616 self.grant_user_permission(
610 617 repo=repo, user=member_id, perm=perm)
611 618 else: # set for user group
612 619 # check if we have permissions to alter this usergroup
613 620 member_name = UserGroup.get(member_id).users_group_name
614 621 if not check_perms or HasUserGroupPermissionAny(
615 622 *req_perms)(member_name, user=cur_user):
616 623 self.grant_user_group_permission(
617 624 repo=repo, group_name=member_id, perm=perm)
618 625
619 626 # delete permissions
620 627 for member_id, perm, member_type in perm_deletions:
621 628 member_id = int(member_id)
622 629 if member_type == 'user':
623 630 self.revoke_user_permission(repo=repo, user=member_id)
624 631 else: # set for user group
625 632 # check if we have permissions to alter this usergroup
626 633 member_name = UserGroup.get(member_id).users_group_name
627 634 if not check_perms or HasUserGroupPermissionAny(
628 635 *req_perms)(member_name, user=cur_user):
629 636 self.revoke_user_group_permission(
630 637 repo=repo, group_name=member_id)
631 638
632 639 def create_fork(self, form_data, cur_user):
633 640 """
634 641 Simple wrapper into executing celery task for fork creation
635 642
636 643 :param form_data:
637 644 :param cur_user:
638 645 """
639 646 from rhodecode.lib.celerylib import tasks, run_task
640 647 return run_task(tasks.create_repo_fork, form_data, cur_user)
641 648
642 649 def delete(self, repo, forks=None, fs_remove=True, cur_user=None):
643 650 """
644 651 Delete given repository, forks parameter defines what do do with
645 652 attached forks. Throws AttachedForksError if deleted repo has attached
646 653 forks
647 654
648 655 :param repo:
649 656 :param forks: str 'delete' or 'detach'
650 657 :param fs_remove: remove(archive) repo from filesystem
651 658 """
652 659 if not cur_user:
653 660 cur_user = getattr(get_current_rhodecode_user(), 'username', None)
654 661 repo = self._get_repo(repo)
655 662 if repo:
656 663 if forks == 'detach':
657 664 for r in repo.forks:
658 665 r.fork = None
659 666 self.sa.add(r)
660 667 elif forks == 'delete':
661 668 for r in repo.forks:
662 669 self.delete(r, forks='delete')
663 670 elif [f for f in repo.forks]:
664 671 raise AttachedForksError()
665 672
666 673 old_repo_dict = repo.get_dict()
667 674 events.trigger(events.RepoPreDeleteEvent(repo))
668 675 try:
669 676 self.sa.delete(repo)
670 677 if fs_remove:
671 678 self._delete_filesystem_repo(repo)
672 679 else:
673 680 log.debug('skipping removal from filesystem')
674 681 old_repo_dict.update({
675 682 'deleted_by': cur_user,
676 683 'deleted_on': time.time(),
677 684 })
678 685 log_delete_repository(**old_repo_dict)
679 686 events.trigger(events.RepoDeleteEvent(repo))
680 687 except Exception:
681 688 log.error(traceback.format_exc())
682 689 raise
683 690
684 691 def grant_user_permission(self, repo, user, perm):
685 692 """
686 693 Grant permission for user on given repository, or update existing one
687 694 if found
688 695
689 696 :param repo: Instance of Repository, repository_id, or repository name
690 697 :param user: Instance of User, user_id or username
691 698 :param perm: Instance of Permission, or permission_name
692 699 """
693 700 user = self._get_user(user)
694 701 repo = self._get_repo(repo)
695 702 permission = self._get_perm(perm)
696 703
697 704 # check if we have that permission already
698 705 obj = self.sa.query(UserRepoToPerm) \
699 706 .filter(UserRepoToPerm.user == user) \
700 707 .filter(UserRepoToPerm.repository == repo) \
701 708 .scalar()
702 709 if obj is None:
703 710 # create new !
704 711 obj = UserRepoToPerm()
705 712 obj.repository = repo
706 713 obj.user = user
707 714 obj.permission = permission
708 715 self.sa.add(obj)
709 716 log.debug('Granted perm %s to %s on %s', perm, user, repo)
710 717 action_logger_generic(
711 718 'granted permission: {} to user: {} on repo: {}'.format(
712 719 perm, user, repo), namespace='security.repo')
713 720 return obj
714 721
715 722 def revoke_user_permission(self, repo, user):
716 723 """
717 724 Revoke permission for user on given repository
718 725
719 726 :param repo: Instance of Repository, repository_id, or repository name
720 727 :param user: Instance of User, user_id or username
721 728 """
722 729
723 730 user = self._get_user(user)
724 731 repo = self._get_repo(repo)
725 732
726 733 obj = self.sa.query(UserRepoToPerm) \
727 734 .filter(UserRepoToPerm.repository == repo) \
728 735 .filter(UserRepoToPerm.user == user) \
729 736 .scalar()
730 737 if obj:
731 738 self.sa.delete(obj)
732 739 log.debug('Revoked perm on %s on %s', repo, user)
733 740 action_logger_generic(
734 741 'revoked permission from user: {} on repo: {}'.format(
735 742 user, repo), namespace='security.repo')
736 743
737 744 def grant_user_group_permission(self, repo, group_name, perm):
738 745 """
739 746 Grant permission for user group on given repository, or update
740 747 existing one if found
741 748
742 749 :param repo: Instance of Repository, repository_id, or repository name
743 750 :param group_name: Instance of UserGroup, users_group_id,
744 751 or user group name
745 752 :param perm: Instance of Permission, or permission_name
746 753 """
747 754 repo = self._get_repo(repo)
748 755 group_name = self._get_user_group(group_name)
749 756 permission = self._get_perm(perm)
750 757
751 758 # check if we have that permission already
752 759 obj = self.sa.query(UserGroupRepoToPerm) \
753 760 .filter(UserGroupRepoToPerm.users_group == group_name) \
754 761 .filter(UserGroupRepoToPerm.repository == repo) \
755 762 .scalar()
756 763
757 764 if obj is None:
758 765 # create new
759 766 obj = UserGroupRepoToPerm()
760 767
761 768 obj.repository = repo
762 769 obj.users_group = group_name
763 770 obj.permission = permission
764 771 self.sa.add(obj)
765 772 log.debug('Granted perm %s to %s on %s', perm, group_name, repo)
766 773 action_logger_generic(
767 774 'granted permission: {} to usergroup: {} on repo: {}'.format(
768 775 perm, group_name, repo), namespace='security.repo')
769 776
770 777 return obj
771 778
772 779 def revoke_user_group_permission(self, repo, group_name):
773 780 """
774 781 Revoke permission for user group on given repository
775 782
776 783 :param repo: Instance of Repository, repository_id, or repository name
777 784 :param group_name: Instance of UserGroup, users_group_id,
778 785 or user group name
779 786 """
780 787 repo = self._get_repo(repo)
781 788 group_name = self._get_user_group(group_name)
782 789
783 790 obj = self.sa.query(UserGroupRepoToPerm) \
784 791 .filter(UserGroupRepoToPerm.repository == repo) \
785 792 .filter(UserGroupRepoToPerm.users_group == group_name) \
786 793 .scalar()
787 794 if obj:
788 795 self.sa.delete(obj)
789 796 log.debug('Revoked perm to %s on %s', repo, group_name)
790 797 action_logger_generic(
791 798 'revoked permission from usergroup: {} on repo: {}'.format(
792 799 group_name, repo), namespace='security.repo')
793 800
794 801 def delete_stats(self, repo_name):
795 802 """
796 803 removes stats for given repo
797 804
798 805 :param repo_name:
799 806 """
800 807 repo = self._get_repo(repo_name)
801 808 try:
802 809 obj = self.sa.query(Statistics) \
803 810 .filter(Statistics.repository == repo).scalar()
804 811 if obj:
805 812 self.sa.delete(obj)
806 813 except Exception:
807 814 log.error(traceback.format_exc())
808 815 raise
809 816
810 817 def add_repo_field(self, repo_name, field_key, field_label, field_value='',
811 818 field_type='str', field_desc=''):
812 819
813 820 repo = self._get_repo(repo_name)
814 821
815 822 new_field = RepositoryField()
816 823 new_field.repository = repo
817 824 new_field.field_key = field_key
818 825 new_field.field_type = field_type # python type
819 826 new_field.field_value = field_value
820 827 new_field.field_desc = field_desc
821 828 new_field.field_label = field_label
822 829 self.sa.add(new_field)
823 830 return new_field
824 831
825 832 def delete_repo_field(self, repo_name, field_key):
826 833 repo = self._get_repo(repo_name)
827 834 field = RepositoryField.get_by_key_name(field_key, repo)
828 835 if field:
829 836 self.sa.delete(field)
830 837
831 838 def _create_filesystem_repo(self, repo_name, repo_type, repo_group,
832 839 clone_uri=None, repo_store_location=None,
833 840 use_global_config=False):
834 841 """
835 842 makes repository on filesystem. It's group aware means it'll create
836 843 a repository within a group, and alter the paths accordingly of
837 844 group location
838 845
839 846 :param repo_name:
840 847 :param alias:
841 848 :param parent:
842 849 :param clone_uri:
843 850 :param repo_store_location:
844 851 """
845 852 from rhodecode.lib.utils import is_valid_repo, is_valid_repo_group
846 853 from rhodecode.model.scm import ScmModel
847 854
848 855 if Repository.NAME_SEP in repo_name:
849 856 raise ValueError(
850 857 'repo_name must not contain groups got `%s`' % repo_name)
851 858
852 859 if isinstance(repo_group, RepoGroup):
853 860 new_parent_path = os.sep.join(repo_group.full_path_splitted)
854 861 else:
855 862 new_parent_path = repo_group or ''
856 863
857 864 if repo_store_location:
858 865 _paths = [repo_store_location]
859 866 else:
860 867 _paths = [self.repos_path, new_parent_path, repo_name]
861 868 # we need to make it str for mercurial
862 869 repo_path = os.path.join(*map(lambda x: safe_str(x), _paths))
863 870
864 871 # check if this path is not a repository
865 872 if is_valid_repo(repo_path, self.repos_path):
866 873 raise Exception('This path %s is a valid repository' % repo_path)
867 874
868 875 # check if this path is a group
869 876 if is_valid_repo_group(repo_path, self.repos_path):
870 877 raise Exception('This path %s is a valid group' % repo_path)
871 878
872 879 log.info('creating repo %s in %s from url: `%s`',
873 880 repo_name, safe_unicode(repo_path),
874 881 obfuscate_url_pw(clone_uri))
875 882
876 883 backend = get_backend(repo_type)
877 884
878 885 config_repo = None if use_global_config else repo_name
879 886 if config_repo and new_parent_path:
880 887 config_repo = Repository.NAME_SEP.join(
881 888 (new_parent_path, config_repo))
882 889 config = make_db_config(clear_session=False, repo=config_repo)
883 890 config.set('extensions', 'largefiles', '')
884 891
885 892 # patch and reset hooks section of UI config to not run any
886 893 # hooks on creating remote repo
887 894 config.clear_section('hooks')
888 895
889 896 # TODO: johbo: Unify this, hardcoded "bare=True" does not look nice
890 897 if repo_type == 'git':
891 898 repo = backend(
892 899 repo_path, config=config, create=True, src_url=clone_uri,
893 900 bare=True)
894 901 else:
895 902 repo = backend(
896 903 repo_path, config=config, create=True, src_url=clone_uri)
897 904
898 905 ScmModel().install_hooks(repo, repo_type=repo_type)
899 906
900 907 log.debug('Created repo %s with %s backend',
901 908 safe_unicode(repo_name), safe_unicode(repo_type))
902 909 return repo
903 910
904 911 def _rename_filesystem_repo(self, old, new):
905 912 """
906 913 renames repository on filesystem
907 914
908 915 :param old: old name
909 916 :param new: new name
910 917 """
911 918 log.info('renaming repo from %s to %s', old, new)
912 919
913 920 old_path = os.path.join(self.repos_path, old)
914 921 new_path = os.path.join(self.repos_path, new)
915 922 if os.path.isdir(new_path):
916 923 raise Exception(
917 924 'Was trying to rename to already existing dir %s' % new_path
918 925 )
919 926 shutil.move(old_path, new_path)
920 927
921 928 def _delete_filesystem_repo(self, repo):
922 929 """
923 930 removes repo from filesystem, the removal is acctually made by
924 931 added rm__ prefix into dir, and rename internat .hg/.git dirs so this
925 932 repository is no longer valid for rhodecode, can be undeleted later on
926 933 by reverting the renames on this repository
927 934
928 935 :param repo: repo object
929 936 """
930 937 rm_path = os.path.join(self.repos_path, repo.repo_name)
931 938 repo_group = repo.group
932 939 log.info("Removing repository %s", rm_path)
933 940 # disable hg/git internal that it doesn't get detected as repo
934 941 alias = repo.repo_type
935 942
936 943 config = make_db_config(clear_session=False)
937 944 config.set('extensions', 'largefiles', '')
938 945 bare = getattr(repo.scm_instance(config=config), 'bare', False)
939 946
940 947 # skip this for bare git repos
941 948 if not bare:
942 949 # disable VCS repo
943 950 vcs_path = os.path.join(rm_path, '.%s' % alias)
944 951 if os.path.exists(vcs_path):
945 952 shutil.move(vcs_path, os.path.join(rm_path, 'rm__.%s' % alias))
946 953
947 954 _now = datetime.now()
948 955 _ms = str(_now.microsecond).rjust(6, '0')
949 956 _d = 'rm__%s__%s' % (_now.strftime('%Y%m%d_%H%M%S_' + _ms),
950 957 repo.just_name)
951 958 if repo_group:
952 959 # if repository is in group, prefix the removal path with the group
953 960 args = repo_group.full_path_splitted + [_d]
954 961 _d = os.path.join(*args)
955 962
956 963 if os.path.isdir(rm_path):
957 964 shutil.move(rm_path, os.path.join(self.repos_path, _d))
958 965
959 966
960 967 class ReadmeFinder:
961 968 """
962 969 Utility which knows how to find a readme for a specific commit.
963 970
964 971 The main idea is that this is a configurable algorithm. When creating an
965 972 instance you can define parameters, currently only the `default_renderer`.
966 973 Based on this configuration the method :meth:`search` behaves slightly
967 974 different.
968 975 """
969 976
970 977 readme_re = re.compile(r'^readme(\.[^\.]+)?$', re.IGNORECASE)
971 978 path_re = re.compile(r'^docs?', re.IGNORECASE)
972 979
973 980 default_priorities = {
974 981 None: 0,
975 982 '.text': 2,
976 983 '.txt': 3,
977 984 '.rst': 1,
978 985 '.rest': 2,
979 986 '.md': 1,
980 987 '.mkdn': 2,
981 988 '.mdown': 3,
982 989 '.markdown': 4,
983 990 }
984 991
985 992 path_priority = {
986 993 'doc': 0,
987 994 'docs': 1,
988 995 }
989 996
990 997 FALLBACK_PRIORITY = 99
991 998
992 999 RENDERER_TO_EXTENSION = {
993 1000 'rst': ['.rst', '.rest'],
994 1001 'markdown': ['.md', 'mkdn', '.mdown', '.markdown'],
995 1002 }
996 1003
997 1004 def __init__(self, default_renderer=None):
998 1005 self._default_renderer = default_renderer
999 1006 self._renderer_extensions = self.RENDERER_TO_EXTENSION.get(
1000 1007 default_renderer, [])
1001 1008
1002 1009 def search(self, commit, path='/'):
1003 1010 """
1004 1011 Find a readme in the given `commit`.
1005 1012 """
1006 1013 nodes = commit.get_nodes(path)
1007 1014 matches = self._match_readmes(nodes)
1008 1015 matches = self._sort_according_to_priority(matches)
1009 1016 if matches:
1010 1017 return matches[0].node
1011 1018
1012 1019 paths = self._match_paths(nodes)
1013 1020 paths = self._sort_paths_according_to_priority(paths)
1014 1021 for path in paths:
1015 1022 match = self.search(commit, path=path)
1016 1023 if match:
1017 1024 return match
1018 1025
1019 1026 return None
1020 1027
1021 1028 def _match_readmes(self, nodes):
1022 1029 for node in nodes:
1023 1030 if not node.is_file():
1024 1031 continue
1025 1032 path = node.path.rsplit('/', 1)[-1]
1026 1033 match = self.readme_re.match(path)
1027 1034 if match:
1028 1035 extension = match.group(1)
1029 1036 yield ReadmeMatch(node, match, self._priority(extension))
1030 1037
1031 1038 def _match_paths(self, nodes):
1032 1039 for node in nodes:
1033 1040 if not node.is_dir():
1034 1041 continue
1035 1042 match = self.path_re.match(node.path)
1036 1043 if match:
1037 1044 yield node.path
1038 1045
1039 1046 def _priority(self, extension):
1040 1047 renderer_priority = (
1041 1048 0 if extension in self._renderer_extensions else 1)
1042 1049 extension_priority = self.default_priorities.get(
1043 1050 extension, self.FALLBACK_PRIORITY)
1044 1051 return (renderer_priority, extension_priority)
1045 1052
1046 1053 def _sort_according_to_priority(self, matches):
1047 1054
1048 1055 def priority_and_path(match):
1049 1056 return (match.priority, match.path)
1050 1057
1051 1058 return sorted(matches, key=priority_and_path)
1052 1059
1053 1060 def _sort_paths_according_to_priority(self, paths):
1054 1061
1055 1062 def priority_and_path(path):
1056 1063 return (self.path_priority.get(path, self.FALLBACK_PRIORITY), path)
1057 1064
1058 1065 return sorted(paths, key=priority_and_path)
1059 1066
1060 1067
1061 1068 class ReadmeMatch:
1062 1069
1063 1070 def __init__(self, node, match, priority):
1064 1071 self.node = node
1065 1072 self._match = match
1066 1073 self.priority = priority
1067 1074
1068 1075 @property
1069 1076 def path(self):
1070 1077 return self.node.path
1071 1078
1072 1079 def __repr__(self):
1073 1080 return '<ReadmeMatch {} priority={}'.format(self.path, self.priority)
Show file before | Show file after | Hide comments
@@ -1,514 +1,560 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2011-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21
22 22 """
23 23 user group model for RhodeCode
24 24 """
25 25
26 26
27 27 import logging
28 28 import traceback
29 29
30 30 from rhodecode.lib.utils2 import safe_str
31 31 from rhodecode.model import BaseModel
32 32 from rhodecode.model.db import UserGroupMember, UserGroup,\
33 33 UserGroupRepoToPerm, Permission, UserGroupToPerm, User, UserUserGroupToPerm,\
34 34 UserGroupUserGroupToPerm, UserGroupRepoGroupToPerm
35 35 from rhodecode.lib.exceptions import UserGroupAssignedException,\
36 36 RepoGroupAssignmentError
37 37 from rhodecode.lib.utils2 import get_current_rhodecode_user, action_logger_generic
38 38
39 39 log = logging.getLogger(__name__)
40 40
41 41
42 42 class UserGroupModel(BaseModel):
43 43
44 44 cls = UserGroup
45 45
46 46 def _get_user_group(self, user_group):
47 47 return self._get_instance(UserGroup, user_group,
48 48 callback=UserGroup.get_by_group_name)
49 49
50 50 def _create_default_perms(self, user_group):
51 51 # create default permission
52 52 default_perm = 'usergroup.read'
53 53 def_user = User.get_default_user()
54 54 for p in def_user.user_perms:
55 55 if p.permission.permission_name.startswith('usergroup.'):
56 56 default_perm = p.permission.permission_name
57 57 break
58 58
59 59 user_group_to_perm = UserUserGroupToPerm()
60 60 user_group_to_perm.permission = Permission.get_by_key(default_perm)
61 61
62 62 user_group_to_perm.user_group = user_group
63 63 user_group_to_perm.user_id = def_user.user_id
64 64 return user_group_to_perm
65 65
66 66 def update_permissions(self, user_group, perm_additions=None, perm_updates=None,
67 67 perm_deletions=None, check_perms=True, cur_user=None):
68 68 from rhodecode.lib.auth import HasUserGroupPermissionAny
69 69 if not perm_additions:
70 70 perm_additions = []
71 71 if not perm_updates:
72 72 perm_updates = []
73 73 if not perm_deletions:
74 74 perm_deletions = []
75 75
76 76 req_perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin')
77 77
78 78 # update permissions
79 79 for member_id, perm, member_type in perm_updates:
80 80 member_id = int(member_id)
81 81 if member_type == 'user':
82 82 # this updates existing one
83 83 self.grant_user_permission(
84 84 user_group=user_group, user=member_id, perm=perm
85 85 )
86 86 else:
87 87 # check if we have permissions to alter this usergroup
88 88 member_name = UserGroup.get(member_id).users_group_name
89 89 if not check_perms or HasUserGroupPermissionAny(*req_perms)(member_name, user=cur_user):
90 90 self.grant_user_group_permission(
91 91 target_user_group=user_group, user_group=member_id, perm=perm
92 92 )
93 93
94 94 # set new permissions
95 95 for member_id, perm, member_type in perm_additions:
96 96 member_id = int(member_id)
97 97 if member_type == 'user':
98 98 self.grant_user_permission(
99 99 user_group=user_group, user=member_id, perm=perm
100 100 )
101 101 else:
102 102 # check if we have permissions to alter this usergroup
103 103 member_name = UserGroup.get(member_id).users_group_name
104 104 if not check_perms or HasUserGroupPermissionAny(*req_perms)(member_name, user=cur_user):
105 105 self.grant_user_group_permission(
106 106 target_user_group=user_group, user_group=member_id, perm=perm
107 107 )
108 108
109 109 # delete permissions
110 110 for member_id, perm, member_type in perm_deletions:
111 111 member_id = int(member_id)
112 112 if member_type == 'user':
113 113 self.revoke_user_permission(user_group=user_group, user=member_id)
114 114 else:
115 115 #check if we have permissions to alter this usergroup
116 116 member_name = UserGroup.get(member_id).users_group_name
117 117 if not check_perms or HasUserGroupPermissionAny(*req_perms)(member_name, user=cur_user):
118 118 self.revoke_user_group_permission(
119 119 target_user_group=user_group, user_group=member_id
120 120 )
121 121
122 122 def get(self, user_group_id, cache=False):
123 123 return UserGroup.get(user_group_id)
124 124
125 125 def get_group(self, user_group):
126 126 return self._get_user_group(user_group)
127 127
128 128 def get_by_name(self, name, cache=False, case_insensitive=False):
129 129 return UserGroup.get_by_group_name(name, cache, case_insensitive)
130 130
131 131 def create(self, name, description, owner, active=True, group_data=None):
132 132 try:
133 133 new_user_group = UserGroup()
134 134 new_user_group.user = self._get_user(owner)
135 135 new_user_group.users_group_name = name
136 136 new_user_group.user_group_description = description
137 137 new_user_group.users_group_active = active
138 138 if group_data:
139 139 new_user_group.group_data = group_data
140 140 self.sa.add(new_user_group)
141 141 perm_obj = self._create_default_perms(new_user_group)
142 142 self.sa.add(perm_obj)
143 143
144 144 self.grant_user_permission(user_group=new_user_group,
145 145 user=owner, perm='usergroup.admin')
146 146
147 147 return new_user_group
148 148 except Exception:
149 149 log.error(traceback.format_exc())
150 150 raise
151 151
152 152 def _get_memberships_for_user_ids(self, user_group, user_id_list):
153 153 members = []
154 154 for user_id in user_id_list:
155 155 member = self._get_membership(user_group.users_group_id, user_id)
156 156 members.append(member)
157 157 return members
158 158
159 159 def _get_added_and_removed_user_ids(self, user_group, user_id_list):
160 160 current_members = user_group.members or []
161 161 current_members_ids = [m.user.user_id for m in current_members]
162 162
163 163 added_members = [
164 164 user_id for user_id in user_id_list
165 165 if user_id not in current_members_ids]
166 166 if user_id_list == []:
167 167 # all members were deleted
168 168 deleted_members = current_members_ids
169 169 else:
170 170 deleted_members = [
171 171 user_id for user_id in current_members_ids
172 172 if user_id not in user_id_list]
173 173
174 174 return (added_members, deleted_members)
175 175
176 176 def _set_users_as_members(self, user_group, user_ids):
177 177 user_group.members = []
178 178 self.sa.flush()
179 179 members = self._get_memberships_for_user_ids(
180 180 user_group, user_ids)
181 181 user_group.members = members
182 182 self.sa.add(user_group)
183 183
184 184 def _update_members_from_user_ids(self, user_group, user_ids):
185 185 added, removed = self._get_added_and_removed_user_ids(
186 186 user_group, user_ids)
187 187 self._set_users_as_members(user_group, user_ids)
188 188 self._log_user_changes('added to', user_group, added)
189 189 self._log_user_changes('removed from', user_group, removed)
190 190
191 191 def _clean_members_data(self, members_data):
192 192 if not members_data:
193 193 members_data = []
194 194
195 195 members = []
196 196 for user in members_data:
197 197 uid = int(user['member_user_id'])
198 198 if uid not in members and user['type'] in ['new', 'existing']:
199 199 members.append(uid)
200 200 return members
201 201
202 202 def update(self, user_group, form_data):
203 203 user_group = self._get_user_group(user_group)
204 204 if 'users_group_name' in form_data:
205 205 user_group.users_group_name = form_data['users_group_name']
206 206 if 'users_group_active' in form_data:
207 207 user_group.users_group_active = form_data['users_group_active']
208 208 if 'user_group_description' in form_data:
209 209 user_group.user_group_description = form_data[
210 210 'user_group_description']
211 211
212 212 # handle owner change
213 213 if 'user' in form_data:
214 214 owner = form_data['user']
215 215 if isinstance(owner, basestring):
216 216 owner = User.get_by_username(form_data['user'])
217 217
218 218 if not isinstance(owner, User):
219 219 raise ValueError(
220 220 'invalid owner for user group: %s' % form_data['user'])
221 221
222 222 user_group.user = owner
223 223
224 224 if 'users_group_members' in form_data:
225 225 members_id_list = self._clean_members_data(
226 226 form_data['users_group_members'])
227 227 self._update_members_from_user_ids(user_group, members_id_list)
228 228
229 229 self.sa.add(user_group)
230 230
231 231 def delete(self, user_group, force=False):
232 232 """
233 233 Deletes repository group, unless force flag is used
234 234 raises exception if there are members in that group, else deletes
235 235 group and users
236 236
237 237 :param user_group:
238 238 :param force:
239 239 """
240 240 user_group = self._get_user_group(user_group)
241 241 try:
242 242 # check if this group is not assigned to repo
243 243 assigned_to_repo = [x.repository for x in UserGroupRepoToPerm.query()\
244 244 .filter(UserGroupRepoToPerm.users_group == user_group).all()]
245 245 # check if this group is not assigned to repo
246 246 assigned_to_repo_group = [x.group for x in UserGroupRepoGroupToPerm.query()\
247 247 .filter(UserGroupRepoGroupToPerm.users_group == user_group).all()]
248 248
249 249 if (assigned_to_repo or assigned_to_repo_group) and not force:
250 250 assigned = ','.join(map(safe_str,
251 251 assigned_to_repo+assigned_to_repo_group))
252 252
253 253 raise UserGroupAssignedException(
254 254 'UserGroup assigned to %s' % (assigned,))
255 255 self.sa.delete(user_group)
256 256 except Exception:
257 257 log.error(traceback.format_exc())
258 258 raise
259 259
260 260 def _log_user_changes(self, action, user_group, user_or_users):
261 261 users = user_or_users
262 262 if not isinstance(users, (list, tuple)):
263 263 users = [users]
264 264 rhodecode_user = get_current_rhodecode_user()
265 265 ipaddr = getattr(rhodecode_user, 'ip_addr', '')
266 266 group_name = user_group.users_group_name
267 267
268 268 for user_or_user_id in users:
269 269 user = self._get_user(user_or_user_id)
270 270 log_text = 'User {user} {action} {group}'.format(
271 271 action=action, user=user.username, group=group_name)
272 272 log.info('Logging action: {0} by {1} ip:{2}'.format(
273 273 log_text, rhodecode_user, ipaddr))
274 274
275 275 def _find_user_in_group(self, user, user_group):
276 276 user_group_member = None
277 277 for m in user_group.members:
278 278 if m.user_id == user.user_id:
279 279 # Found this user's membership row
280 280 user_group_member = m
281 281 break
282 282
283 283 return user_group_member
284 284
285 285 def _get_membership(self, user_group_id, user_id):
286 286 user_group_member = UserGroupMember(user_group_id, user_id)
287 287 return user_group_member
288 288
289 289 def add_user_to_group(self, user_group, user):
290 290 user_group = self._get_user_group(user_group)
291 291 user = self._get_user(user)
292 292 user_member = self._find_user_in_group(user, user_group)
293 293 if user_member:
294 294 # user already in the group, skip
295 295 return True
296 296
297 297 member = self._get_membership(
298 298 user_group.users_group_id, user.user_id)
299 299 user_group.members.append(member)
300 300
301 301 try:
302 302 self.sa.add(member)
303 303 except Exception:
304 304 # what could go wrong here?
305 305 log.error(traceback.format_exc())
306 306 raise
307 307
308 308 self._log_user_changes('added to', user_group, user)
309 309 return member
310 310
311 311 def remove_user_from_group(self, user_group, user):
312 312 user_group = self._get_user_group(user_group)
313 313 user = self._get_user(user)
314 314 user_group_member = self._find_user_in_group(user, user_group)
315 315
316 316 if not user_group_member:
317 317 # User isn't in that group
318 318 return False
319 319
320 320 try:
321 321 self.sa.delete(user_group_member)
322 322 except Exception:
323 323 log.error(traceback.format_exc())
324 324 raise
325 325
326 326 self._log_user_changes('removed from', user_group, user)
327 327 return True
328 328
329 329 def has_perm(self, user_group, perm):
330 330 user_group = self._get_user_group(user_group)
331 331 perm = self._get_perm(perm)
332 332
333 333 return UserGroupToPerm.query()\
334 334 .filter(UserGroupToPerm.users_group == user_group)\
335 335 .filter(UserGroupToPerm.permission == perm).scalar() is not None
336 336
337 337 def grant_perm(self, user_group, perm):
338 338 user_group = self._get_user_group(user_group)
339 339 perm = self._get_perm(perm)
340 340
341 341 # if this permission is already granted skip it
342 342 _perm = UserGroupToPerm.query()\
343 343 .filter(UserGroupToPerm.users_group == user_group)\
344 344 .filter(UserGroupToPerm.permission == perm)\
345 345 .scalar()
346 346 if _perm:
347 347 return
348 348
349 349 new = UserGroupToPerm()
350 350 new.users_group = user_group
351 351 new.permission = perm
352 352 self.sa.add(new)
353 353 return new
354 354
355 355 def revoke_perm(self, user_group, perm):
356 356 user_group = self._get_user_group(user_group)
357 357 perm = self._get_perm(perm)
358 358
359 359 obj = UserGroupToPerm.query()\
360 360 .filter(UserGroupToPerm.users_group == user_group)\
361 361 .filter(UserGroupToPerm.permission == perm).scalar()
362 362 if obj:
363 363 self.sa.delete(obj)
364 364
365 365 def grant_user_permission(self, user_group, user, perm):
366 366 """
367 367 Grant permission for user on given user group, or update
368 368 existing one if found
369 369
370 370 :param user_group: Instance of UserGroup, users_group_id,
371 371 or users_group_name
372 372 :param user: Instance of User, user_id or username
373 373 :param perm: Instance of Permission, or permission_name
374 374 """
375 375
376 376 user_group = self._get_user_group(user_group)
377 377 user = self._get_user(user)
378 378 permission = self._get_perm(perm)
379 379
380 380 # check if we have that permission already
381 381 obj = self.sa.query(UserUserGroupToPerm)\
382 382 .filter(UserUserGroupToPerm.user == user)\
383 383 .filter(UserUserGroupToPerm.user_group == user_group)\
384 384 .scalar()
385 385 if obj is None:
386 386 # create new !
387 387 obj = UserUserGroupToPerm()
388 388 obj.user_group = user_group
389 389 obj.user = user
390 390 obj.permission = permission
391 391 self.sa.add(obj)
392 392 log.debug('Granted perm %s to %s on %s', perm, user, user_group)
393 393 action_logger_generic(
394 394 'granted permission: {} to user: {} on usergroup: {}'.format(
395 395 perm, user, user_group), namespace='security.usergroup')
396 396
397 397 return obj
398 398
399 399 def revoke_user_permission(self, user_group, user):
400 400 """
401 401 Revoke permission for user on given user group
402 402
403 403 :param user_group: Instance of UserGroup, users_group_id,
404 404 or users_group name
405 405 :param user: Instance of User, user_id or username
406 406 """
407 407
408 408 user_group = self._get_user_group(user_group)
409 409 user = self._get_user(user)
410 410
411 411 obj = self.sa.query(UserUserGroupToPerm)\
412 412 .filter(UserUserGroupToPerm.user == user)\
413 413 .filter(UserUserGroupToPerm.user_group == user_group)\
414 414 .scalar()
415 415 if obj:
416 416 self.sa.delete(obj)
417 417 log.debug('Revoked perm on %s on %s', user_group, user)
418 418 action_logger_generic(
419 419 'revoked permission from user: {} on usergroup: {}'.format(
420 420 user, user_group), namespace='security.usergroup')
421 421
422 422 def grant_user_group_permission(self, target_user_group, user_group, perm):
423 423 """
424 424 Grant user group permission for given target_user_group
425 425
426 426 :param target_user_group:
427 427 :param user_group:
428 428 :param perm:
429 429 """
430 430 target_user_group = self._get_user_group(target_user_group)
431 431 user_group = self._get_user_group(user_group)
432 432 permission = self._get_perm(perm)
433 433 # forbid assigning same user group to itself
434 434 if target_user_group == user_group:
435 435 raise RepoGroupAssignmentError('target repo:%s cannot be '
436 436 'assigned to itself' % target_user_group)
437 437
438 438 # check if we have that permission already
439 439 obj = self.sa.query(UserGroupUserGroupToPerm)\
440 440 .filter(UserGroupUserGroupToPerm.target_user_group == target_user_group)\
441 441 .filter(UserGroupUserGroupToPerm.user_group == user_group)\
442 442 .scalar()
443 443 if obj is None:
444 444 # create new !
445 445 obj = UserGroupUserGroupToPerm()
446 446 obj.user_group = user_group
447 447 obj.target_user_group = target_user_group
448 448 obj.permission = permission
449 449 self.sa.add(obj)
450 450 log.debug(
451 451 'Granted perm %s to %s on %s', perm, target_user_group, user_group)
452 452 action_logger_generic(
453 453 'granted permission: {} to usergroup: {} on usergroup: {}'.format(
454 454 perm, user_group, target_user_group),
455 455 namespace='security.usergroup')
456 456
457 457 return obj
458 458
459 459 def revoke_user_group_permission(self, target_user_group, user_group):
460 460 """
461 461 Revoke user group permission for given target_user_group
462 462
463 463 :param target_user_group:
464 464 :param user_group:
465 465 """
466 466 target_user_group = self._get_user_group(target_user_group)
467 467 user_group = self._get_user_group(user_group)
468 468
469 469 obj = self.sa.query(UserGroupUserGroupToPerm)\
470 470 .filter(UserGroupUserGroupToPerm.target_user_group == target_user_group)\
471 471 .filter(UserGroupUserGroupToPerm.user_group == user_group)\
472 472 .scalar()
473 473 if obj:
474 474 self.sa.delete(obj)
475 475 log.debug(
476 476 'Revoked perm on %s on %s', target_user_group, user_group)
477 477 action_logger_generic(
478 478 'revoked permission from usergroup: {} on usergroup: {}'.format(
479 479 user_group, target_user_group),
480 480 namespace='security.repogroup')
481 481
482 482 def enforce_groups(self, user, groups, extern_type=None):
483 483 user = self._get_user(user)
484 484 log.debug('Enforcing groups %s on user %s', groups, user)
485 485 current_groups = user.group_member
486 486 # find the external created groups
487 487 externals = [x.users_group for x in current_groups
488 488 if 'extern_type' in x.users_group.group_data]
489 489
490 490 # calculate from what groups user should be removed
491 491 # externals that are not in groups
492 492 for gr in externals:
493 493 if gr.users_group_name not in groups:
494 494 log.debug('Removing user %s from user group %s', user, gr)
495 495 self.remove_user_from_group(gr, user)
496 496
497 497 # now we calculate in which groups user should be == groups params
498 498 owner = User.get_first_super_admin().username
499 499 for gr in set(groups):
500 500 existing_group = UserGroup.get_by_group_name(gr)
501 501 if not existing_group:
502 502 desc = 'Automatically created from plugin:%s' % extern_type
503 503 # we use first admin account to set the owner of the group
504 504 existing_group = UserGroupModel().create(gr, desc, owner,
505 505 group_data={'extern_type': extern_type})
506 506
507 507 # we can only add users to special groups created via plugins
508 508 managed = 'extern_type' in existing_group.group_data
509 509 if managed:
510 510 log.debug('Adding user %s to user group %s', user, gr)
511 511 UserGroupModel().add_user_to_group(existing_group, user)
512 512 else:
513 513 log.debug('Skipping addition to group %s since it is '
514 514 'not managed by auth plugins' % gr)
515
516
517 def change_groups(self, user, groups):
518 """
519 This method changes user group assignment
520 :param user: User
521 :param groups: array of UserGroupModel
522 :return:
523 """
524 user = self._get_user(user)
525 log.debug('Changing user(%s) assignment to groups(%s)', user, groups)
526 current_groups = user.group_member
527 current_groups = [x.users_group for x in current_groups]
528
529 # calculate from what groups user should be removed/add
530 groups = set(groups)
531 current_groups = set(current_groups)
532
533 groups_to_remove = current_groups - groups
534 groups_to_add = groups - current_groups
535
536 for gr in groups_to_remove:
537 log.debug('Removing user %s from user group %s', user.username, gr.users_group_name)
538 self.remove_user_from_group(gr.users_group_name, user.username)
539 for gr in groups_to_add:
540 log.debug('Adding user %s to user group %s', user.username, gr.users_group_name)
541 UserGroupModel().add_user_to_group(gr.users_group_name, user.username)
542
543 @staticmethod
544 def get_user_groups_as_dict(user_group):
545 import rhodecode.lib.helpers as h
546
547 data = {
548 'users_group_id': user_group.users_group_id,
549 'group_name': user_group.users_group_name,
550 'group_description': user_group.user_group_description,
551 'active': user_group.users_group_active,
552 "owner": user_group.user.username,
553 'owner_icon': h.gravatar_url(user_group.user.email, 30),
554 "owner_data": {'owner': user_group.user.username, 'owner_icon': h.gravatar_url(user_group.user.email, 30)}
555 }
556 return data
557
558
559
560
Show file before | Show file after | Hide comments
@@ -1,49 +1,54 b''
1 1 ## -*- coding: utf-8 -*-
2 2 <%inherit file="/base/base.mako"/>
3 3
4 4 <%def name="title()">
5 5 ${_('%s user settings') % c.user.username}
6 6 %if c.rhodecode_name:
7 7 &middot; ${h.branding(c.rhodecode_name)}
8 8 %endif
9 9 </%def>
10 10
11 11 <%def name="breadcrumbs_links()">
12 12 ${h.link_to(_('Admin'),h.url('admin_home'))}
13 13 &raquo;
14 14 ${h.link_to(_('Users'),h.route_path('users'))}
15 15 &raquo;
16 16 ${c.user.username}
17 17 </%def>
18 18
19 19 <%def name="menu_bar_nav()">
20 20 ${self.menu_items(active='admin')}
21 21 </%def>
22 22
23 23 <%def name="main()">
24 24 <div class="box user_settings">
25 25 <div class="title">
26 26 ${self.breadcrumbs()}
27 27 </div>
28 28
29 29 ##main
30 30 <div class="sidebar-col-wrapper">
31 31 <div class="sidebar">
32 32 <ul class="nav nav-pills nav-stacked">
33 33 <li class="${'active' if c.active=='profile' else ''}"><a href="${h.url('edit_user', user_id=c.user.user_id)}">${_('User Profile')}</a></li>
34 34 <li class="${'active' if c.active=='auth_tokens' else ''}"><a href="${h.route_path('edit_user_auth_tokens', user_id=c.user.user_id)}">${_('Auth tokens')}</a></li>
35 35 <li class="${'active' if c.active=='advanced' else ''}"><a href="${h.url('edit_user_advanced', user_id=c.user.user_id)}">${_('Advanced')}</a></li>
36 36 <li class="${'active' if c.active=='global_perms' else ''}"><a href="${h.url('edit_user_global_perms', user_id=c.user.user_id)}">${_('Global permissions')}</a></li>
37 37 <li class="${'active' if c.active=='perms_summary' else ''}"><a href="${h.url('edit_user_perms_summary', user_id=c.user.user_id)}">${_('Permissions summary')}</a></li>
38 38 <li class="${'active' if c.active=='emails' else ''}"><a href="${h.url('edit_user_emails', user_id=c.user.user_id)}">${_('Emails')}</a></li>
39 39 <li class="${'active' if c.active=='ips' else ''}"><a href="${h.url('edit_user_ips', user_id=c.user.user_id)}">${_('Ip Whitelist')}</a></li>
40
41 <li class="${'active' if c.active=='groups' else ''}">
42 <a href="${h.route_path('edit_user_groups_management', user_id=c.user.user_id)}">${_('User Groups Management')}</a>
43 </li>
44
40 45 </ul>
41 46 </div>
42 47
43 48 <div class="main-content-full-width">
44 49 <%include file="/admin/users/user_edit_${c.active}.mako"/>
45 50 </div>
46 51 </div>
47 52 </div>
48 53
49 54 </%def>
Show file before | Show file after | Hide comments
@@ -1,98 +1,145 b''
1 1 ## -*- coding: utf-8 -*-
2 <%inherit file="/base/base.mako"/>
3 2
4 <%def name="title()">
5 ${_('User groups administration')}
6 %if c.rhodecode_name:
7 &middot; ${h.branding(c.rhodecode_name)}
8 %endif
9 </%def>
10
11 <%def name="breadcrumbs_links()">
12 <input class="q_filter_box" id="q_filter" size="15" type="text" name="filter" placeholder="${_('quick filter...')}" value=""/>
13 ${h.link_to(_('Admin'),h.url('admin_home'))} &raquo; <span id="user_group_count">0</span> ${_('user groups')}
14 </%def>
15
16 <%def name="menu_bar_nav()">
17 ${self.menu_items(active='admin')}
18 </%def>
19 3
20 <%def name="main()">
21 <div class="box">
4 <div class="panel panel-default">
5 <div class="panel-heading">
6 <h3 class="panel-title">${_('User groups administration')}</h3>
7 </div>
8 <div class="panel-body">
9 <div class="field">
10 <div class="label label-checkbox">
11 <label for="users_group_active">${_('Add user to group')}:</label>
12 </div>
13 <div class="input">
14 ${h.text('add_user_to_group', placeholder="user group name", class_="medium")}
15 </div>
22 16
23 <div class="title">
24 ${self.breadcrumbs()}
25 <ul class="links">
26 %if h.HasPermissionAny('hg.admin', 'hg.usergroup.create.true')():
27 <li>
28 <a href="${h.url('new_users_group')}" class="btn btn-small btn-success">${_(u'Add User Group')}</a>
29 </li>
30 %endif
31 </ul>
32 </div>
17 </div>
33 18
34 <div id="repos_list_wrap">
35 <table id="user_group_list_table" class="display"></table>
36 </div>
37
19 <div class="groups_management">
20 ${h.secure_form(h.route_path('edit_user_groups_management_updates', user_id=c.user.user_id), method='post')}
21 <div id="repos_list_wrap">
22 <table id="user_group_list_table" class="display"></table>
23 </div>
24 <div class="buttons">
25 ${h.submit('save',_('Save'),class_="btn")}
26 </div>
27 ${h.end_form()}
28 </div>
29 </div>
38 30 </div>
39 31 <script>
32 var api;
40 33 $(document).ready(function() {
41 34
42 35 var get_datatable_count = function(){
43 var api = $('#user_group_list_table').dataTable().api();
44 $('#user_group_count').text(api.page.info().recordsDisplay);
36 $('#user_group_count').text(api.page.info().recordsDisplay);
45 37 };
46 38
47 // user list
39 $('#user_group_list_table').on('click', 'a.editor_remove', function (e) {
40 e.preventDefault();
41 var row = api.row($(this).closest('tr'));
42 row.remove().draw();
43 } );
44
48 45 $('#user_group_list_table').DataTable({
49 data: ${c.data|n},
46 data: ${c.groups|n},
50 47 dom: 'rtp',
51 48 pageLength: ${c.visual.admin_grid_items},
52 49 order: [[ 0, "asc" ]],
53 50 columns: [
54 51 { data: {"_": "group_name",
55 "sort": "group_name_raw"}, title: "${_('Name')}", className: "td-componentname" },
56 { data: {"_": "desc",
57 "sort": "desc"}, title: "${_('Description')}", className: "td-description" },
58 { data: {"_": "members",
59 "sort": "members",
60 "type": Number}, title: "${_('Members')}", className: "td-number" },
52 "sort": "group_name"}, title: "${_('Name')}", className: "td-componentname," ,
53 render: function (data,type,full,meta)
54 {return '<div><i class="icon-group" title="User group">'+data+'</i></div>'}},
55
56 { data: {"_": "group_description",
57 "sort": "group_description"}, title: "${_('Description')}", className: "td-description" },
58 { data: {"_": "users_group_id"}, className: "td-user",
59 render: function (data,type,full,meta)
60 {return '<input type="hidden" name="users_group_id" value="'+data+'">'}},
61 61 { data: {"_": "active",
62 62 "sort": "active"}, title: "${_('Active')}", className: "td-active", className: "td-number"},
63 { data: {"_": "owner",
64 "sort": "owner"}, title: "${_('Owner')}", className: "td-user" },
65 { data: {"_": "action",
66 "sort": "action"}, title: "${_('Action')}", className: "td-action" }
63 { data: {"_": "owner_data"}, title: "${_('Owner')}", className: "td-user",
64 render: function (data,type,full,meta)
65 {return '<div class="rc-user tooltip">'+
66 '<img class="gravatar" src="'+ data.owner_icon +'" height="16" width="16">'+
67 data.owner +'</div>'
68 }
69 },
70 { data: null,
71 title: "${_('Action')}",
72 className: "td-action",
73 defaultContent: '<a href="" class="btn btn-link btn-danger">Delete</a>'
74 },
67 75 ],
68 76 language: {
69 77 paginate: DEFAULT_GRID_PAGINATION,
70 78 emptyTable: _gettext("No user groups available yet.")
71 79 },
72 80 "initComplete": function( settings, json ) {
81 var data_grid = $('#user_group_list_table').dataTable();
82 api = data_grid.api();
73 83 get_datatable_count();
74 84 }
75 85 });
76 86
77 87 // update the counter when doing search
78 88 $('#user_group_list_table').on( 'search.dt', function (e,settings) {
79 get_datatable_count();
89 get_datatable_count();
80 90 });
81 91
82 92 // filter, filter both grids
83 93 $('#q_filter').on( 'keyup', function () {
84 94 var user_api = $('#user_group_list_table').dataTable().api();
85 95 user_api
86 96 .columns(0)
87 97 .search(this.value)
88 98 .draw();
89 99 });
90 100
91 101 // refilter table if page load via back button
92 102 $("#q_filter").trigger('keyup');
93 103
94 104 });
95 105
106 $('#language').select2({
107 'containerCssClass': "drop-menu",
108 'dropdownCssClass': "drop-menu-dropdown",
109 'dropdownAutoWidth': true
110 });
111
112
113
114 $(document).ready(function(){
115 $("#group_parent_id").select2({
116 'containerCssClass': "drop-menu",
117 'dropdownCssClass': "drop-menu-dropdown",
118 'dropdownAutoWidth': true
119 });
120
121 $('#add_user_to_group').autocomplete({
122 serviceUrl: pyroutes.url('user_group_autocomplete_data'),
123 minChars:2,
124 maxHeight:400,
125 width:300,
126 deferRequestBy: 300, //miliseconds
127 showNoSuggestionNotice: true,
128 params: { user_groups:true },
129 formatResult: autocompleteFormatResult,
130 lookupFilter: autocompleteFilterResult,
131 onSelect: function(element, suggestion){
132 var owner = {owner_icon: suggestion.owner_icon, owner:suggestion.owner};
133 api.row.add(
134 {"active": suggestion.active,
135 "owner_data": owner,
136 "users_group_id": suggestion.id,
137 "group_description": suggestion.description,
138 "group_name": suggestion.value}).draw();
139 }
140 });
141 })
142
96 143 </script>
97 144
98 </%def>
145
Show file before | Show file after | Hide comments
@@ -1,309 +1,310 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import tempfile
22 22
23 23 import mock
24 24 import pytest
25 25
26 26 from rhodecode.lib.exceptions import AttachedForksError
27 27 from rhodecode.lib.utils import make_db_config
28 28 from rhodecode.model.db import Repository
29 29 from rhodecode.model.meta import Session
30 30 from rhodecode.model.repo import RepoModel
31 31 from rhodecode.model.scm import ScmModel
32 32 from rhodecode.lib.utils2 import safe_unicode
33 33
34 34
35 35 class TestRepoModel:
36 36
37 37 def test_remove_repo(self, backend):
38 38 repo = backend.create_repo()
39 39 Session().commit()
40 40 RepoModel().delete(repo=repo)
41 41 Session().commit()
42 42
43 43 repos = ScmModel().repo_scan()
44 44
45 45 assert Repository.get_by_repo_name(repo_name=backend.repo_name) is None
46 46 assert repo.repo_name not in repos
47 47
48 48 def test_remove_repo_raises_exc_when_attached_forks(self, backend):
49 49 repo = backend.create_repo()
50 50 Session().commit()
51 51 backend.create_fork()
52 52 Session().commit()
53 53
54 54 with pytest.raises(AttachedForksError):
55 55 RepoModel().delete(repo=repo)
56 56
57 57 def test_remove_repo_delete_forks(self, backend):
58 58 repo = backend.create_repo()
59 59 Session().commit()
60 60
61 61 fork = backend.create_fork()
62 62 Session().commit()
63 63
64 64 fork_of_fork = backend.create_fork()
65 65 Session().commit()
66 66
67 67 RepoModel().delete(repo=repo, forks='delete')
68 68 Session().commit()
69 69
70 70 assert Repository.get_by_repo_name(repo_name=repo.repo_name) is None
71 71 assert Repository.get_by_repo_name(repo_name=fork.repo_name) is None
72 72 assert (
73 73 Repository.get_by_repo_name(repo_name=fork_of_fork.repo_name)
74 74 is None)
75 75
76 76 def test_remove_repo_detach_forks(self, backend):
77 77 repo = backend.create_repo()
78 78 Session().commit()
79 79
80 80 fork = backend.create_fork()
81 81 Session().commit()
82 82
83 83 fork_of_fork = backend.create_fork()
84 84 Session().commit()
85 85
86 86 RepoModel().delete(repo=repo, forks='detach')
87 87 Session().commit()
88 88
89 89 assert Repository.get_by_repo_name(repo_name=repo.repo_name) is None
90 90 assert (
91 91 Repository.get_by_repo_name(repo_name=fork.repo_name) is not None)
92 92 assert (
93 93 Repository.get_by_repo_name(repo_name=fork_of_fork.repo_name)
94 94 is not None)
95 95
96 96 @pytest.mark.parametrize("filename, expected", [
97 97 ("README", True),
98 98 ("README.rst", False),
99 99 ])
100 100 def test_filenode_is_link(self, vcsbackend, filename, expected):
101 101 repo = vcsbackend.repo
102 102 assert repo.get_commit().is_link(filename) is expected
103 103
104 104 def test_get_commit(self, backend):
105 105 backend.repo.get_commit()
106 106
107 107 def test_get_changeset_is_deprecated(self, backend):
108 108 repo = backend.repo
109 109 pytest.deprecated_call(repo.get_changeset)
110 110
111 111 def test_clone_url_encrypted_value(self, backend):
112 112 repo = backend.create_repo()
113 113 Session().commit()
114 114
115 115 repo.clone_url = 'https://marcink:qweqwe@code.rhodecode.com'
116 116 Session().add(repo)
117 117 Session().commit()
118 118
119 119 assert repo.clone_url == 'https://marcink:qweqwe@code.rhodecode.com'
120 120
121 121 @pytest.mark.backends("git", "svn")
122 122 def test_create_filesystem_repo_installs_hooks(self, tmpdir, backend):
123 123 hook_methods = {
124 124 'git': 'install_git_hook',
125 125 'svn': 'install_svn_hooks'
126 126 }
127 127 repo = backend.create_repo()
128 128 repo_name = repo.repo_name
129 129 model = RepoModel()
130 130 repo_location = tempfile.mkdtemp()
131 131 model.repos_path = repo_location
132 132 method = hook_methods[backend.alias]
133 133 with mock.patch.object(ScmModel, method) as hooks_mock:
134 134 model._create_filesystem_repo(
135 135 repo_name, backend.alias, repo_group='', clone_uri=None)
136 136 assert hooks_mock.call_count == 1
137 137 hook_args, hook_kwargs = hooks_mock.call_args
138 138 assert hook_args[0].name == repo_name
139 139
140 140 @pytest.mark.parametrize("use_global_config, repo_name_passed", [
141 141 (True, False),
142 142 (False, True)
143 143 ])
144 144 def test_per_repo_config_is_generated_during_filesystem_repo_creation(
145 145 self, tmpdir, backend, use_global_config, repo_name_passed):
146 146 repo_name = 'test-{}-repo-{}'.format(backend.alias, use_global_config)
147 147 config = make_db_config()
148 148 model = RepoModel()
149 149 with mock.patch('rhodecode.model.repo.make_db_config') as config_mock:
150 150 config_mock.return_value = config
151 151 model._create_filesystem_repo(
152 152 repo_name, backend.alias, repo_group='', clone_uri=None,
153 153 use_global_config=use_global_config)
154 154 expected_repo_name = repo_name if repo_name_passed else None
155 155 expected_call = mock.call(clear_session=False, repo=expected_repo_name)
156 156 assert expected_call in config_mock.call_args_list
157 157
158 158 def test_update_commit_cache_with_config(serf, backend):
159 159 repo = backend.create_repo()
160 160 with mock.patch('rhodecode.model.db.Repository.scm_instance') as scm:
161 161 scm_instance = mock.Mock()
162 162 scm_instance.get_commit.return_value = {
163 163 'raw_id': 40*'0',
164 164 'revision': 1
165 165 }
166 166 scm.return_value = scm_instance
167 167 repo.update_commit_cache()
168 168 scm.assert_called_with(cache=False, config=None)
169 169 config = {'test': 'config'}
170 170 repo.update_commit_cache(config=config)
171 171 scm.assert_called_with(
172 172 cache=False, config=config)
173 173
174 174
175 175 class TestGetUsers(object):
176 176 def test_returns_active_users(self, backend, user_util):
177 177 for i in range(4):
178 178 is_active = i % 2 == 0
179 179 user_util.create_user(active=is_active, lastname='Fake user')
180 180
181 181 with mock.patch('rhodecode.lib.helpers.gravatar_url'):
182 182 users = RepoModel().get_users()
183 183 fake_users = [u for u in users if u['last_name'] == 'Fake user']
184 184 assert len(fake_users) == 2
185 185
186 186 expected_keys = (
187 187 'id', 'first_name', 'last_name', 'username', 'icon_link',
188 188 'value_display', 'value', 'value_type')
189 189 for user in users:
190 190 assert user['value_type'] is 'user'
191 191 for key in expected_keys:
192 192 assert key in user
193 193
194 194 def test_returns_user_filtered_by_last_name(self, backend, user_util):
195 195 keywords = ('aBc', u'ünicode')
196 196 for keyword in keywords:
197 197 for i in range(2):
198 198 user_util.create_user(
199 199 active=True, lastname=u'Fake {} user'.format(keyword))
200 200
201 201 with mock.patch('rhodecode.lib.helpers.gravatar_url'):
202 202 keyword = keywords[1].lower()
203 203 users = RepoModel().get_users(name_contains=keyword)
204 204
205 205 fake_users = [u for u in users if u['last_name'].startswith('Fake')]
206 206 assert len(fake_users) == 2
207 207 for user in fake_users:
208 208 assert user['last_name'] == safe_unicode('Fake ünicode user')
209 209
210 210 def test_returns_user_filtered_by_first_name(self, backend, user_util):
211 211 created_users = []
212 212 keywords = ('aBc', u'ünicode')
213 213 for keyword in keywords:
214 214 for i in range(2):
215 215 created_users.append(user_util.create_user(
216 216 active=True, lastname='Fake user',
217 217 firstname=u'Fake {} user'.format(keyword)))
218 218
219 219 keyword = keywords[1].lower()
220 220 with mock.patch('rhodecode.lib.helpers.gravatar_url'):
221 221 users = RepoModel().get_users(name_contains=keyword)
222 222
223 223 fake_users = [u for u in users if u['last_name'].startswith('Fake')]
224 224 assert len(fake_users) == 2
225 225 for user in fake_users:
226 226 assert user['first_name'] == safe_unicode('Fake ünicode user')
227 227
228 228 def test_returns_user_filtered_by_username(self, backend, user_util):
229 229 created_users = []
230 230 for i in range(5):
231 231 created_users.append(user_util.create_user(
232 232 active=True, lastname='Fake user'))
233 233
234 234 user_filter = created_users[-1].username[-2:]
235 235 with mock.patch('rhodecode.lib.helpers.gravatar_url'):
236 236 users = RepoModel().get_users(name_contains=user_filter)
237 237
238 238 fake_users = [u for u in users if u['last_name'].startswith('Fake')]
239 239 assert len(fake_users) == 1
240 240 assert fake_users[0]['username'] == created_users[-1].username
241 241
242 242 def test_returns_limited_user_list(self, backend, user_util):
243 243 created_users = []
244 244 for i in range(5):
245 245 created_users.append(user_util.create_user(
246 246 active=True, lastname='Fake user'))
247 247
248 248 with mock.patch('rhodecode.lib.helpers.gravatar_url'):
249 249 users = RepoModel().get_users(name_contains='Fake', limit=3)
250 250
251 251 fake_users = [u for u in users if u['last_name'].startswith('Fake')]
252 252 assert len(fake_users) == 3
253 253
254 254
255 255 class TestGetUserGroups(object):
256 256 def test_returns_filtered_list(self, backend, user_util):
257 257 created_groups = []
258 258 for i in range(4):
259 259 created_groups.append(
260 260 user_util.create_user_group(users_group_active=True))
261 261
262 262 group_filter = created_groups[-1].users_group_name[-2:]
263 with self._patch_user_group_list():
264 groups = RepoModel().get_user_groups(group_filter)
263 with mock.patch('rhodecode.lib.helpers.gravatar_url'):
264 with self._patch_user_group_list():
265 groups = RepoModel().get_user_groups(group_filter)
265 266
266 267 fake_groups = [
267 268 u for u in groups if u['value'].startswith('test_returns')]
268 269 assert len(fake_groups) == 1
269 270 assert fake_groups[0]['value'] == created_groups[-1].users_group_name
270 271 assert fake_groups[0]['value_display'].startswith(
271 272 'Group: test_returns')
272 273
273 274 def test_returns_limited_list(self, backend, user_util):
274 275 created_groups = []
275 276 for i in range(3):
276 277 created_groups.append(
277 278 user_util.create_user_group(users_group_active=True))
278
279 with self._patch_user_group_list():
280 groups = RepoModel().get_user_groups('test_returns')
279 with mock.patch('rhodecode.lib.helpers.gravatar_url'):
280 with self._patch_user_group_list():
281 groups = RepoModel().get_user_groups('test_returns')
281 282
282 283 fake_groups = [
283 284 u for u in groups if u['value'].startswith('test_returns')]
284 285 assert len(fake_groups) == 3
285 286
286 287 def test_returns_active_user_groups(self, backend, user_util):
287 288 for i in range(4):
288 289 is_active = i % 2 == 0
289 290 user_util.create_user_group(users_group_active=is_active)
290
291 with self._patch_user_group_list():
292 groups = RepoModel().get_user_groups()
291 with mock.patch('rhodecode.lib.helpers.gravatar_url'):
292 with self._patch_user_group_list():
293 groups = RepoModel().get_user_groups()
293 294 expected = ('id', 'icon_link', 'value_display', 'value', 'value_type')
294 295 for group in groups:
295 296 assert group['value_type'] is 'user_group'
296 297 for key in expected:
297 298 assert key in group
298 299
299 300 fake_groups = [
300 301 u for u in groups if u['value'].startswith('test_returns')]
301 302 assert len(fake_groups) == 2
302 303 for user in fake_groups:
303 304 assert user['value_display'].startswith('Group: test_returns')
304 305
305 306 def _patch_user_group_list(self):
306 307 def side_effect(group_list, perm_set):
307 308 return group_list
308 309 return mock.patch(
309 310 'rhodecode.model.repo.UserGroupList', side_effect=side_effect)
General Comments 0
You need to be logged in to leave comments. Login now