##// END OF EJS Templates
schedules: remove timedelta options
super-admin -
r5139:b7ae2b2a default
parent child Browse files
Show More
@@ -1,5876 +1,5875 b''
1 1 # Copyright (C) 2010-2023 RhodeCode GmbH
2 2 #
3 3 # This program is free software: you can redistribute it and/or modify
4 4 # it under the terms of the GNU Affero General Public License, version 3
5 5 # (only), as published by the Free Software Foundation.
6 6 #
7 7 # This program is distributed in the hope that it will be useful,
8 8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
9 9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 10 # GNU General Public License for more details.
11 11 #
12 12 # You should have received a copy of the GNU Affero General Public License
13 13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
14 14 #
15 15 # This program is dual-licensed. If you wish to learn more about the
16 16 # RhodeCode Enterprise Edition, including its added features, Support services,
17 17 # and proprietary license terms, please see https://rhodecode.com/licenses/
18 18
19 19 """
20 20 Database Models for RhodeCode Enterprise
21 21 """
22 22
23 23 import re
24 24 import os
25 25 import time
26 26 import string
27 27 import logging
28 28 import datetime
29 29 import uuid
30 30 import warnings
31 31 import ipaddress
32 32 import functools
33 33 import traceback
34 34 import collections
35 35
36 36 from sqlalchemy import (
37 37 or_, and_, not_, func, cast, TypeDecorator, event, select,
38 38 true, false, null,
39 39 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
40 40 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
41 41 Text, Float, PickleType, BigInteger)
42 42 from sqlalchemy.sql.expression import case
43 43 from sqlalchemy.sql.functions import coalesce, count # pragma: no cover
44 44 from sqlalchemy.orm import (
45 45 relationship, lazyload, joinedload, class_mapper, validates, aliased, load_only)
46 46 from sqlalchemy.ext.declarative import declared_attr
47 47 from sqlalchemy.ext.hybrid import hybrid_property
48 48 from sqlalchemy.exc import IntegrityError # pragma: no cover
49 49 from sqlalchemy.dialects.mysql import LONGTEXT
50 50 from zope.cachedescriptors.property import Lazy as LazyProperty
51 51 from pyramid.threadlocal import get_current_request
52 52 from webhelpers2.text import remove_formatting
53 53
54 54 from rhodecode.lib.str_utils import safe_bytes
55 55 from rhodecode.translation import _
56 56 from rhodecode.lib.vcs import get_vcs_instance, VCSError
57 57 from rhodecode.lib.vcs.backends.base import (
58 58 EmptyCommit, Reference, unicode_to_reference, reference_to_unicode)
59 59 from rhodecode.lib.utils2 import (
60 60 str2bool, safe_str, get_commit_safe, sha1_safe,
61 61 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
62 62 glob2re, StrictAttributeDict, cleaned_uri, datetime_to_time)
63 63 from rhodecode.lib.jsonalchemy import (
64 64 MutationObj, MutationList, JsonType, JsonRaw)
65 65 from rhodecode.lib.hash_utils import sha1
66 66 from rhodecode.lib import ext_json
67 67 from rhodecode.lib import enc_utils
68 68 from rhodecode.lib.ext_json import json
69 69 from rhodecode.lib.caching_query import FromCache
70 70 from rhodecode.lib.exceptions import (
71 71 ArtifactMetadataDuplicate, ArtifactMetadataBadValueType)
72 72 from rhodecode.model.meta import Base, Session
73 73
74 74 URL_SEP = '/'
75 75 log = logging.getLogger(__name__)
76 76
77 77 # =============================================================================
78 78 # BASE CLASSES
79 79 # =============================================================================
80 80
81 81 # this is propagated from .ini file rhodecode.encrypted_values.secret or
82 82 # beaker.session.secret if first is not set.
83 83 # and initialized at environment.py
84 84 ENCRYPTION_KEY: bytes = b''
85 85
86 86 # used to sort permissions by types, '#' used here is not allowed to be in
87 87 # usernames, and it's very early in sorted string.printable table.
88 88 PERMISSION_TYPE_SORT = {
89 89 'admin': '####',
90 90 'write': '###',
91 91 'read': '##',
92 92 'none': '#',
93 93 }
94 94
95 95
96 96 def display_user_sort(obj):
97 97 """
98 98 Sort function used to sort permissions in .permissions() function of
99 99 Repository, RepoGroup, UserGroup. Also it put the default user in front
100 100 of all other resources
101 101 """
102 102
103 103 if obj.username == User.DEFAULT_USER:
104 104 return '#####'
105 105 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
106 106 extra_sort_num = '1' # default
107 107
108 108 # NOTE(dan): inactive duplicates goes last
109 109 if getattr(obj, 'duplicate_perm', None):
110 110 extra_sort_num = '9'
111 111 return prefix + extra_sort_num + obj.username
112 112
113 113
114 114 def display_user_group_sort(obj):
115 115 """
116 116 Sort function used to sort permissions in .permissions() function of
117 117 Repository, RepoGroup, UserGroup. Also it put the default user in front
118 118 of all other resources
119 119 """
120 120
121 121 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
122 122 return prefix + obj.users_group_name
123 123
124 124
125 125 def _hash_key(k):
126 126 return sha1_safe(k)
127 127
128 128
129 129 def in_filter_generator(qry, items, limit=500):
130 130 """
131 131 Splits IN() into multiple with OR
132 132 e.g.::
133 133 cnt = Repository.query().filter(
134 134 or_(
135 135 *in_filter_generator(Repository.repo_id, range(100000))
136 136 )).count()
137 137 """
138 138 if not items:
139 139 # empty list will cause empty query which might cause security issues
140 140 # this can lead to hidden unpleasant results
141 141 items = [-1]
142 142
143 143 parts = []
144 144 for chunk in range(0, len(items), limit):
145 145 parts.append(
146 146 qry.in_(items[chunk: chunk + limit])
147 147 )
148 148
149 149 return parts
150 150
151 151
152 152 base_table_args = {
153 153 'extend_existing': True,
154 154 'mysql_engine': 'InnoDB',
155 155 'mysql_charset': 'utf8',
156 156 'sqlite_autoincrement': True
157 157 }
158 158
159 159
160 160 class EncryptedTextValue(TypeDecorator):
161 161 """
162 162 Special column for encrypted long text data, use like::
163 163
164 164 value = Column("encrypted_value", EncryptedValue(), nullable=False)
165 165
166 166 This column is intelligent so if value is in unencrypted form it return
167 167 unencrypted form, but on save it always encrypts
168 168 """
169 169 cache_ok = True
170 170 impl = Text
171 171
172 172 def process_bind_param(self, value, dialect):
173 173 """
174 174 Setter for storing value
175 175 """
176 176 import rhodecode
177 177 if not value:
178 178 return value
179 179
180 180 # protect against double encrypting if values is already encrypted
181 181 if value.startswith('enc$aes$') \
182 182 or value.startswith('enc$aes_hmac$') \
183 183 or value.startswith('enc2$'):
184 184 raise ValueError('value needs to be in unencrypted format, '
185 185 'ie. not starting with enc$ or enc2$')
186 186
187 187 algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
188 188 bytes_val = enc_utils.encrypt_value(value, enc_key=ENCRYPTION_KEY, algo=algo)
189 189 return safe_str(bytes_val)
190 190
191 191 def process_result_value(self, value, dialect):
192 192 """
193 193 Getter for retrieving value
194 194 """
195 195
196 196 import rhodecode
197 197 if not value:
198 198 return value
199 199
200 200 enc_strict_mode = rhodecode.ConfigGet().get_bool('rhodecode.encrypted_values.strict', missing=True)
201 201
202 202 bytes_val = enc_utils.decrypt_value(value, enc_key=ENCRYPTION_KEY, strict_mode=enc_strict_mode)
203 203
204 204 return safe_str(bytes_val)
205 205
206 206
207 207 class BaseModel(object):
208 208 """
209 209 Base Model for all classes
210 210 """
211 211
212 212 @classmethod
213 213 def _get_keys(cls):
214 214 """return column names for this model """
215 215 return class_mapper(cls).c.keys()
216 216
217 217 def get_dict(self):
218 218 """
219 219 return dict with keys and values corresponding
220 220 to this model data """
221 221
222 222 d = {}
223 223 for k in self._get_keys():
224 224 d[k] = getattr(self, k)
225 225
226 226 # also use __json__() if present to get additional fields
227 227 _json_attr = getattr(self, '__json__', None)
228 228 if _json_attr:
229 229 # update with attributes from __json__
230 230 if callable(_json_attr):
231 231 _json_attr = _json_attr()
232 232 for k, val in _json_attr.items():
233 233 d[k] = val
234 234 return d
235 235
236 236 def get_appstruct(self):
237 237 """return list with keys and values tuples corresponding
238 238 to this model data """
239 239
240 240 lst = []
241 241 for k in self._get_keys():
242 242 lst.append((k, getattr(self, k),))
243 243 return lst
244 244
245 245 def populate_obj(self, populate_dict):
246 246 """populate model with data from given populate_dict"""
247 247
248 248 for k in self._get_keys():
249 249 if k in populate_dict:
250 250 setattr(self, k, populate_dict[k])
251 251
252 252 @classmethod
253 253 def query(cls):
254 254 return Session().query(cls)
255 255
256 256 @classmethod
257 257 def select(cls, custom_cls=None):
258 258 """
259 259 stmt = cls.select().where(cls.user_id==1)
260 260 # optionally
261 261 stmt = cls.select(User.user_id).where(cls.user_id==1)
262 262 result = cls.execute(stmt) | cls.scalars(stmt)
263 263 """
264 264
265 265 if custom_cls:
266 266 stmt = select(custom_cls)
267 267 else:
268 268 stmt = select(cls)
269 269 return stmt
270 270
271 271 @classmethod
272 272 def execute(cls, stmt):
273 273 return Session().execute(stmt)
274 274
275 275 @classmethod
276 276 def scalars(cls, stmt):
277 277 return Session().scalars(stmt)
278 278
279 279 @classmethod
280 280 def get(cls, id_):
281 281 if id_:
282 282 return cls.query().get(id_)
283 283
284 284 @classmethod
285 285 def get_or_404(cls, id_):
286 286 from pyramid.httpexceptions import HTTPNotFound
287 287
288 288 try:
289 289 id_ = int(id_)
290 290 except (TypeError, ValueError):
291 291 raise HTTPNotFound()
292 292
293 293 res = cls.query().get(id_)
294 294 if not res:
295 295 raise HTTPNotFound()
296 296 return res
297 297
298 298 @classmethod
299 299 def getAll(cls):
300 300 # deprecated and left for backward compatibility
301 301 return cls.get_all()
302 302
303 303 @classmethod
304 304 def get_all(cls):
305 305 return cls.query().all()
306 306
307 307 @classmethod
308 308 def delete(cls, id_):
309 309 obj = cls.query().get(id_)
310 310 Session().delete(obj)
311 311
312 312 @classmethod
313 313 def identity_cache(cls, session, attr_name, value):
314 314 exist_in_session = []
315 315 for (item_cls, pkey), instance in session.identity_map.items():
316 316 if cls == item_cls and getattr(instance, attr_name) == value:
317 317 exist_in_session.append(instance)
318 318 if exist_in_session:
319 319 if len(exist_in_session) == 1:
320 320 return exist_in_session[0]
321 321 log.exception(
322 322 'multiple objects with attr %s and '
323 323 'value %s found with same name: %r',
324 324 attr_name, value, exist_in_session)
325 325
326 326 @property
327 327 def cls_name(self):
328 328 return self.__class__.__name__
329 329
330 330 def __repr__(self):
331 331 return f'<DB:{self.cls_name}>'
332 332
333 333
334 334 class RhodeCodeSetting(Base, BaseModel):
335 335 __tablename__ = 'rhodecode_settings'
336 336 __table_args__ = (
337 337 UniqueConstraint('app_settings_name'),
338 338 base_table_args
339 339 )
340 340
341 341 SETTINGS_TYPES = {
342 342 'str': safe_str,
343 343 'int': safe_int,
344 344 'unicode': safe_str,
345 345 'bool': str2bool,
346 346 'list': functools.partial(aslist, sep=',')
347 347 }
348 348 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
349 349 GLOBAL_CONF_KEY = 'app_settings'
350 350
351 351 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
352 352 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
353 353 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
354 354 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
355 355
356 356 def __init__(self, key='', val='', type='unicode'):
357 357 self.app_settings_name = key
358 358 self.app_settings_type = type
359 359 self.app_settings_value = val
360 360
361 361 @validates('_app_settings_value')
362 362 def validate_settings_value(self, key, val):
363 363 assert type(val) == str
364 364 return val
365 365
366 366 @hybrid_property
367 367 def app_settings_value(self):
368 368 v = self._app_settings_value
369 369 _type = self.app_settings_type
370 370 if _type:
371 371 _type = self.app_settings_type.split('.')[0]
372 372 # decode the encrypted value
373 373 if 'encrypted' in self.app_settings_type:
374 374 cipher = EncryptedTextValue()
375 375 v = safe_str(cipher.process_result_value(v, None))
376 376
377 377 converter = self.SETTINGS_TYPES.get(_type) or \
378 378 self.SETTINGS_TYPES['unicode']
379 379 return converter(v)
380 380
381 381 @app_settings_value.setter
382 382 def app_settings_value(self, val):
383 383 """
384 384 Setter that will always make sure we use unicode in app_settings_value
385 385
386 386 :param val:
387 387 """
388 388 val = safe_str(val)
389 389 # encode the encrypted value
390 390 if 'encrypted' in self.app_settings_type:
391 391 cipher = EncryptedTextValue()
392 392 val = safe_str(cipher.process_bind_param(val, None))
393 393 self._app_settings_value = val
394 394
395 395 @hybrid_property
396 396 def app_settings_type(self):
397 397 return self._app_settings_type
398 398
399 399 @app_settings_type.setter
400 400 def app_settings_type(self, val):
401 401 if val.split('.')[0] not in self.SETTINGS_TYPES:
402 402 raise Exception('type must be one of %s got %s'
403 403 % (self.SETTINGS_TYPES.keys(), val))
404 404 self._app_settings_type = val
405 405
406 406 @classmethod
407 407 def get_by_prefix(cls, prefix):
408 408 return RhodeCodeSetting.query()\
409 409 .filter(RhodeCodeSetting.app_settings_name.startswith(prefix))\
410 410 .all()
411 411
412 412 def __repr__(self):
413 413 return "<%s('%s:%s[%s]')>" % (
414 414 self.cls_name,
415 415 self.app_settings_name, self.app_settings_value,
416 416 self.app_settings_type
417 417 )
418 418
419 419
420 420 class RhodeCodeUi(Base, BaseModel):
421 421 __tablename__ = 'rhodecode_ui'
422 422 __table_args__ = (
423 423 UniqueConstraint('ui_key'),
424 424 base_table_args
425 425 )
426 426 # Sync those values with vcsserver.config.hooks
427 427
428 428 HOOK_REPO_SIZE = 'changegroup.repo_size'
429 429 # HG
430 430 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
431 431 HOOK_PULL = 'outgoing.pull_logger'
432 432 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
433 433 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
434 434 HOOK_PUSH = 'changegroup.push_logger'
435 435 HOOK_PUSH_KEY = 'pushkey.key_push'
436 436
437 437 HOOKS_BUILTIN = [
438 438 HOOK_PRE_PULL,
439 439 HOOK_PULL,
440 440 HOOK_PRE_PUSH,
441 441 HOOK_PRETX_PUSH,
442 442 HOOK_PUSH,
443 443 HOOK_PUSH_KEY,
444 444 ]
445 445
446 446 # TODO: johbo: Unify way how hooks are configured for git and hg,
447 447 # git part is currently hardcoded.
448 448
449 449 # SVN PATTERNS
450 450 SVN_BRANCH_ID = 'vcs_svn_branch'
451 451 SVN_TAG_ID = 'vcs_svn_tag'
452 452
453 453 ui_id = Column(
454 454 "ui_id", Integer(), nullable=False, unique=True, default=None,
455 455 primary_key=True)
456 456 ui_section = Column(
457 457 "ui_section", String(255), nullable=True, unique=None, default=None)
458 458 ui_key = Column(
459 459 "ui_key", String(255), nullable=True, unique=None, default=None)
460 460 ui_value = Column(
461 461 "ui_value", String(255), nullable=True, unique=None, default=None)
462 462 ui_active = Column(
463 463 "ui_active", Boolean(), nullable=True, unique=None, default=True)
464 464
465 465 def __repr__(self):
466 466 return '<%s[%s]%s=>%s]>' % (self.cls_name, self.ui_section,
467 467 self.ui_key, self.ui_value)
468 468
469 469
470 470 class RepoRhodeCodeSetting(Base, BaseModel):
471 471 __tablename__ = 'repo_rhodecode_settings'
472 472 __table_args__ = (
473 473 UniqueConstraint(
474 474 'app_settings_name', 'repository_id',
475 475 name='uq_repo_rhodecode_setting_name_repo_id'),
476 476 base_table_args
477 477 )
478 478
479 479 repository_id = Column(
480 480 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
481 481 nullable=False)
482 482 app_settings_id = Column(
483 483 "app_settings_id", Integer(), nullable=False, unique=True,
484 484 default=None, primary_key=True)
485 485 app_settings_name = Column(
486 486 "app_settings_name", String(255), nullable=True, unique=None,
487 487 default=None)
488 488 _app_settings_value = Column(
489 489 "app_settings_value", String(4096), nullable=True, unique=None,
490 490 default=None)
491 491 _app_settings_type = Column(
492 492 "app_settings_type", String(255), nullable=True, unique=None,
493 493 default=None)
494 494
495 495 repository = relationship('Repository', viewonly=True)
496 496
497 497 def __init__(self, repository_id, key='', val='', type='unicode'):
498 498 self.repository_id = repository_id
499 499 self.app_settings_name = key
500 500 self.app_settings_type = type
501 501 self.app_settings_value = val
502 502
503 503 @validates('_app_settings_value')
504 504 def validate_settings_value(self, key, val):
505 505 assert type(val) == str
506 506 return val
507 507
508 508 @hybrid_property
509 509 def app_settings_value(self):
510 510 v = self._app_settings_value
511 511 type_ = self.app_settings_type
512 512 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
513 513 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
514 514 return converter(v)
515 515
516 516 @app_settings_value.setter
517 517 def app_settings_value(self, val):
518 518 """
519 519 Setter that will always make sure we use unicode in app_settings_value
520 520
521 521 :param val:
522 522 """
523 523 self._app_settings_value = safe_str(val)
524 524
525 525 @hybrid_property
526 526 def app_settings_type(self):
527 527 return self._app_settings_type
528 528
529 529 @app_settings_type.setter
530 530 def app_settings_type(self, val):
531 531 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
532 532 if val not in SETTINGS_TYPES:
533 533 raise Exception('type must be one of %s got %s'
534 534 % (SETTINGS_TYPES.keys(), val))
535 535 self._app_settings_type = val
536 536
537 537 def __repr__(self):
538 538 return "<%s('%s:%s:%s[%s]')>" % (
539 539 self.cls_name, self.repository.repo_name,
540 540 self.app_settings_name, self.app_settings_value,
541 541 self.app_settings_type
542 542 )
543 543
544 544
545 545 class RepoRhodeCodeUi(Base, BaseModel):
546 546 __tablename__ = 'repo_rhodecode_ui'
547 547 __table_args__ = (
548 548 UniqueConstraint(
549 549 'repository_id', 'ui_section', 'ui_key',
550 550 name='uq_repo_rhodecode_ui_repository_id_section_key'),
551 551 base_table_args
552 552 )
553 553
554 554 repository_id = Column(
555 555 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
556 556 nullable=False)
557 557 ui_id = Column(
558 558 "ui_id", Integer(), nullable=False, unique=True, default=None,
559 559 primary_key=True)
560 560 ui_section = Column(
561 561 "ui_section", String(255), nullable=True, unique=None, default=None)
562 562 ui_key = Column(
563 563 "ui_key", String(255), nullable=True, unique=None, default=None)
564 564 ui_value = Column(
565 565 "ui_value", String(255), nullable=True, unique=None, default=None)
566 566 ui_active = Column(
567 567 "ui_active", Boolean(), nullable=True, unique=None, default=True)
568 568
569 569 repository = relationship('Repository', viewonly=True)
570 570
571 571 def __repr__(self):
572 572 return '<%s[%s:%s]%s=>%s]>' % (
573 573 self.cls_name, self.repository.repo_name,
574 574 self.ui_section, self.ui_key, self.ui_value)
575 575
576 576
577 577 class User(Base, BaseModel):
578 578 __tablename__ = 'users'
579 579 __table_args__ = (
580 580 UniqueConstraint('username'), UniqueConstraint('email'),
581 581 Index('u_username_idx', 'username'),
582 582 Index('u_email_idx', 'email'),
583 583 base_table_args
584 584 )
585 585
586 586 DEFAULT_USER = 'default'
587 587 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
588 588 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
589 589
590 590 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
591 591 username = Column("username", String(255), nullable=True, unique=None, default=None)
592 592 password = Column("password", String(255), nullable=True, unique=None, default=None)
593 593 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
594 594 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
595 595 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
596 596 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
597 597 _email = Column("email", String(255), nullable=True, unique=None, default=None)
598 598 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
599 599 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
600 600 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
601 601
602 602 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
603 603 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
604 604 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
605 605 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
606 606 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
607 607 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
608 608
609 609 user_log = relationship('UserLog', back_populates='user')
610 610 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all, delete-orphan')
611 611
612 612 repositories = relationship('Repository', back_populates='user')
613 613 repository_groups = relationship('RepoGroup', back_populates='user')
614 614 user_groups = relationship('UserGroup', back_populates='user')
615 615
616 616 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all', back_populates='follows_user')
617 617 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all', back_populates='user')
618 618
619 619 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all, delete-orphan')
620 620 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan', back_populates='user')
621 621 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan', back_populates='user')
622 622
623 623 group_member = relationship('UserGroupMember', cascade='all', back_populates='user')
624 624
625 625 notifications = relationship('UserNotification', cascade='all', back_populates='user')
626 626 # notifications assigned to this user
627 627 user_created_notifications = relationship('Notification', cascade='all', back_populates='created_by_user')
628 628 # comments created by this user
629 629 user_comments = relationship('ChangesetComment', cascade='all', back_populates='author')
630 630 # user profile extra info
631 631 user_emails = relationship('UserEmailMap', cascade='all', back_populates='user')
632 632 user_ip_map = relationship('UserIpMap', cascade='all', back_populates='user')
633 633 user_auth_tokens = relationship('UserApiKeys', cascade='all', back_populates='user')
634 634 user_ssh_keys = relationship('UserSshKeys', cascade='all', back_populates='user')
635 635
636 636 # gists
637 637 user_gists = relationship('Gist', cascade='all', back_populates='owner')
638 638 # user pull requests
639 639 user_pull_requests = relationship('PullRequest', cascade='all', back_populates='author')
640 640
641 641 # external identities
642 642 external_identities = relationship('ExternalIdentity', primaryjoin="User.user_id==ExternalIdentity.local_user_id", cascade='all')
643 643 # review rules
644 644 user_review_rules = relationship('RepoReviewRuleUser', cascade='all', back_populates='user')
645 645
646 646 # artifacts owned
647 647 artifacts = relationship('FileStore', primaryjoin='FileStore.user_id==User.user_id', back_populates='upload_user')
648 648
649 649 # no cascade, set NULL
650 650 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_user_id==User.user_id', cascade='', back_populates='user')
651 651
652 652 def __repr__(self):
653 653 return f"<{self.cls_name}('id={self.user_id}, username={self.username}')>"
654 654
655 655 @hybrid_property
656 656 def email(self):
657 657 return self._email
658 658
659 659 @email.setter
660 660 def email(self, val):
661 661 self._email = val.lower() if val else None
662 662
663 663 @hybrid_property
664 664 def first_name(self):
665 665 from rhodecode.lib import helpers as h
666 666 if self.name:
667 667 return h.escape(self.name)
668 668 return self.name
669 669
670 670 @hybrid_property
671 671 def last_name(self):
672 672 from rhodecode.lib import helpers as h
673 673 if self.lastname:
674 674 return h.escape(self.lastname)
675 675 return self.lastname
676 676
677 677 @hybrid_property
678 678 def api_key(self):
679 679 """
680 680 Fetch if exist an auth-token with role ALL connected to this user
681 681 """
682 682 user_auth_token = UserApiKeys.query()\
683 683 .filter(UserApiKeys.user_id == self.user_id)\
684 684 .filter(or_(UserApiKeys.expires == -1,
685 685 UserApiKeys.expires >= time.time()))\
686 686 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
687 687 if user_auth_token:
688 688 user_auth_token = user_auth_token.api_key
689 689
690 690 return user_auth_token
691 691
692 692 @api_key.setter
693 693 def api_key(self, val):
694 694 # don't allow to set API key this is deprecated for now
695 695 self._api_key = None
696 696
697 697 @property
698 698 def reviewer_pull_requests(self):
699 699 return PullRequestReviewers.query() \
700 700 .options(joinedload(PullRequestReviewers.pull_request)) \
701 701 .filter(PullRequestReviewers.user_id == self.user_id) \
702 702 .all()
703 703
704 704 @property
705 705 def firstname(self):
706 706 # alias for future
707 707 return self.name
708 708
709 709 @property
710 710 def emails(self):
711 711 other = UserEmailMap.query()\
712 712 .filter(UserEmailMap.user == self) \
713 713 .order_by(UserEmailMap.email_id.asc()) \
714 714 .all()
715 715 return [self.email] + [x.email for x in other]
716 716
717 717 def emails_cached(self):
718 718 emails = []
719 719 if self.user_id != self.get_default_user_id():
720 720 emails = UserEmailMap.query()\
721 721 .filter(UserEmailMap.user == self) \
722 722 .order_by(UserEmailMap.email_id.asc())
723 723
724 724 emails = emails.options(
725 725 FromCache("sql_cache_short", f"get_user_{self.user_id}_emails")
726 726 )
727 727
728 728 return [self.email] + [x.email for x in emails]
729 729
730 730 @property
731 731 def auth_tokens(self):
732 732 auth_tokens = self.get_auth_tokens()
733 733 return [x.api_key for x in auth_tokens]
734 734
735 735 def get_auth_tokens(self):
736 736 return UserApiKeys.query()\
737 737 .filter(UserApiKeys.user == self)\
738 738 .order_by(UserApiKeys.user_api_key_id.asc())\
739 739 .all()
740 740
741 741 @LazyProperty
742 742 def feed_token(self):
743 743 return self.get_feed_token()
744 744
745 745 def get_feed_token(self, cache=True):
746 746 feed_tokens = UserApiKeys.query()\
747 747 .filter(UserApiKeys.user == self)\
748 748 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
749 749 if cache:
750 750 feed_tokens = feed_tokens.options(
751 751 FromCache("sql_cache_short", f"get_user_feed_token_{self.user_id}"))
752 752
753 753 feed_tokens = feed_tokens.all()
754 754 if feed_tokens:
755 755 return feed_tokens[0].api_key
756 756 return 'NO_FEED_TOKEN_AVAILABLE'
757 757
758 758 @LazyProperty
759 759 def artifact_token(self):
760 760 return self.get_artifact_token()
761 761
762 762 def get_artifact_token(self, cache=True):
763 763 artifacts_tokens = UserApiKeys.query()\
764 764 .filter(UserApiKeys.user == self) \
765 765 .filter(or_(UserApiKeys.expires == -1,
766 766 UserApiKeys.expires >= time.time())) \
767 767 .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
768 768
769 769 if cache:
770 770 artifacts_tokens = artifacts_tokens.options(
771 771 FromCache("sql_cache_short", f"get_user_artifact_token_{self.user_id}"))
772 772
773 773 artifacts_tokens = artifacts_tokens.all()
774 774 if artifacts_tokens:
775 775 return artifacts_tokens[0].api_key
776 776 return 'NO_ARTIFACT_TOKEN_AVAILABLE'
777 777
778 778 def get_or_create_artifact_token(self):
779 779 artifacts_tokens = UserApiKeys.query()\
780 780 .filter(UserApiKeys.user == self) \
781 781 .filter(or_(UserApiKeys.expires == -1,
782 782 UserApiKeys.expires >= time.time())) \
783 783 .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
784 784
785 785 artifacts_tokens = artifacts_tokens.all()
786 786 if artifacts_tokens:
787 787 return artifacts_tokens[0].api_key
788 788 else:
789 789 from rhodecode.model.auth_token import AuthTokenModel
790 790 artifact_token = AuthTokenModel().create(
791 791 self, 'auto-generated-artifact-token',
792 792 lifetime=-1, role=UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
793 793 Session.commit()
794 794 return artifact_token.api_key
795 795
796 796 @classmethod
797 797 def get(cls, user_id, cache=False):
798 798 if not user_id:
799 799 return
800 800
801 801 user = cls.query()
802 802 if cache:
803 803 user = user.options(
804 804 FromCache("sql_cache_short", f"get_users_{user_id}"))
805 805 return user.get(user_id)
806 806
807 807 @classmethod
808 808 def extra_valid_auth_tokens(cls, user, role=None):
809 809 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
810 810 .filter(or_(UserApiKeys.expires == -1,
811 811 UserApiKeys.expires >= time.time()))
812 812 if role:
813 813 tokens = tokens.filter(or_(UserApiKeys.role == role,
814 814 UserApiKeys.role == UserApiKeys.ROLE_ALL))
815 815 return tokens.all()
816 816
817 817 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
818 818 from rhodecode.lib import auth
819 819
820 820 log.debug('Trying to authenticate user: %s via auth-token, '
821 821 'and roles: %s', self, roles)
822 822
823 823 if not auth_token:
824 824 return False
825 825
826 826 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
827 827 tokens_q = UserApiKeys.query()\
828 828 .filter(UserApiKeys.user_id == self.user_id)\
829 829 .filter(or_(UserApiKeys.expires == -1,
830 830 UserApiKeys.expires >= time.time()))
831 831
832 832 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
833 833
834 834 crypto_backend = auth.crypto_backend()
835 835 enc_token_map = {}
836 836 plain_token_map = {}
837 837 for token in tokens_q:
838 838 if token.api_key.startswith(crypto_backend.ENC_PREF):
839 839 enc_token_map[token.api_key] = token
840 840 else:
841 841 plain_token_map[token.api_key] = token
842 842 log.debug(
843 843 'Found %s plain and %s encrypted tokens to check for authentication for this user',
844 844 len(plain_token_map), len(enc_token_map))
845 845
846 846 # plain token match comes first
847 847 match = plain_token_map.get(auth_token)
848 848
849 849 # check encrypted tokens now
850 850 if not match:
851 851 for token_hash, token in enc_token_map.items():
852 852 # NOTE(marcink): this is expensive to calculate, but most secure
853 853 if crypto_backend.hash_check(auth_token, token_hash):
854 854 match = token
855 855 break
856 856
857 857 if match:
858 858 log.debug('Found matching token %s', match)
859 859 if match.repo_id:
860 860 log.debug('Found scope, checking for scope match of token %s', match)
861 861 if match.repo_id == scope_repo_id:
862 862 return True
863 863 else:
864 864 log.debug(
865 865 'AUTH_TOKEN: scope mismatch, token has a set repo scope: %s, '
866 866 'and calling scope is:%s, skipping further checks',
867 867 match.repo, scope_repo_id)
868 868 return False
869 869 else:
870 870 return True
871 871
872 872 return False
873 873
874 874 @property
875 875 def ip_addresses(self):
876 876 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
877 877 return [x.ip_addr for x in ret]
878 878
879 879 @property
880 880 def username_and_name(self):
881 881 return f'{self.username} ({self.first_name} {self.last_name})'
882 882
883 883 @property
884 884 def username_or_name_or_email(self):
885 885 full_name = self.full_name if self.full_name != ' ' else None
886 886 return self.username or full_name or self.email
887 887
888 888 @property
889 889 def full_name(self):
890 890 return f'{self.first_name} {self.last_name}'
891 891
892 892 @property
893 893 def full_name_or_username(self):
894 894 return (f'{self.first_name} {self.last_name}'
895 895 if (self.first_name and self.last_name) else self.username)
896 896
897 897 @property
898 898 def full_contact(self):
899 899 return f'{self.first_name} {self.last_name} <{self.email}>'
900 900
901 901 @property
902 902 def short_contact(self):
903 903 return f'{self.first_name} {self.last_name}'
904 904
905 905 @property
906 906 def is_admin(self):
907 907 return self.admin
908 908
909 909 @property
910 910 def language(self):
911 911 return self.user_data.get('language')
912 912
913 913 def AuthUser(self, **kwargs):
914 914 """
915 915 Returns instance of AuthUser for this user
916 916 """
917 917 from rhodecode.lib.auth import AuthUser
918 918 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
919 919
920 920 @hybrid_property
921 921 def user_data(self):
922 922 if not self._user_data:
923 923 return {}
924 924
925 925 try:
926 926 return json.loads(self._user_data) or {}
927 927 except TypeError:
928 928 return {}
929 929
930 930 @user_data.setter
931 931 def user_data(self, val):
932 932 if not isinstance(val, dict):
933 933 raise Exception('user_data must be dict, got %s' % type(val))
934 934 try:
935 935 self._user_data = safe_bytes(json.dumps(val))
936 936 except Exception:
937 937 log.error(traceback.format_exc())
938 938
939 939 @classmethod
940 940 def get_by_username(cls, username, case_insensitive=False,
941 941 cache=False):
942 942
943 943 if case_insensitive:
944 944 q = cls.select().where(
945 945 func.lower(cls.username) == func.lower(username))
946 946 else:
947 947 q = cls.select().where(cls.username == username)
948 948
949 949 if cache:
950 950 hash_key = _hash_key(username)
951 951 q = q.options(
952 952 FromCache("sql_cache_short", f"get_user_by_name_{hash_key}"))
953 953
954 954 return cls.execute(q).scalar_one_or_none()
955 955
956 956 @classmethod
957 957 def get_by_auth_token(cls, auth_token, cache=False):
958 958
959 959 q = cls.select(User)\
960 960 .join(UserApiKeys)\
961 961 .where(UserApiKeys.api_key == auth_token)\
962 962 .where(or_(UserApiKeys.expires == -1,
963 963 UserApiKeys.expires >= time.time()))
964 964
965 965 if cache:
966 966 q = q.options(
967 967 FromCache("sql_cache_short", f"get_auth_token_{auth_token}"))
968 968
969 969 matched_user = cls.execute(q).scalar_one_or_none()
970 970
971 971 return matched_user
972 972
973 973 @classmethod
974 974 def get_by_email(cls, email, case_insensitive=False, cache=False):
975 975
976 976 if case_insensitive:
977 977 q = cls.select().where(func.lower(cls.email) == func.lower(email))
978 978 else:
979 979 q = cls.select().where(cls.email == email)
980 980
981 981 if cache:
982 982 email_key = _hash_key(email)
983 983 q = q.options(
984 984 FromCache("sql_cache_short", f"get_email_key_{email_key}"))
985 985
986 986 ret = cls.execute(q).scalar_one_or_none()
987 987
988 988 if ret is None:
989 989 q = cls.select(UserEmailMap)
990 990 # try fetching in alternate email map
991 991 if case_insensitive:
992 992 q = q.where(func.lower(UserEmailMap.email) == func.lower(email))
993 993 else:
994 994 q = q.where(UserEmailMap.email == email)
995 995 q = q.options(joinedload(UserEmailMap.user))
996 996 if cache:
997 997 q = q.options(
998 998 FromCache("sql_cache_short", f"get_email_map_key_{email_key}"))
999 999
1000 1000 result = cls.execute(q).scalar_one_or_none()
1001 1001 ret = getattr(result, 'user', None)
1002 1002
1003 1003 return ret
1004 1004
1005 1005 @classmethod
1006 1006 def get_from_cs_author(cls, author):
1007 1007 """
1008 1008 Tries to get User objects out of commit author string
1009 1009
1010 1010 :param author:
1011 1011 """
1012 1012 from rhodecode.lib.helpers import email, author_name
1013 1013 # Valid email in the attribute passed, see if they're in the system
1014 1014 _email = email(author)
1015 1015 if _email:
1016 1016 user = cls.get_by_email(_email, case_insensitive=True)
1017 1017 if user:
1018 1018 return user
1019 1019 # Maybe we can match by username?
1020 1020 _author = author_name(author)
1021 1021 user = cls.get_by_username(_author, case_insensitive=True)
1022 1022 if user:
1023 1023 return user
1024 1024
1025 1025 def update_userdata(self, **kwargs):
1026 1026 usr = self
1027 1027 old = usr.user_data
1028 1028 old.update(**kwargs)
1029 1029 usr.user_data = old
1030 1030 Session().add(usr)
1031 1031 log.debug('updated userdata with %s', kwargs)
1032 1032
1033 1033 def update_lastlogin(self):
1034 1034 """Update user lastlogin"""
1035 1035 self.last_login = datetime.datetime.now()
1036 1036 Session().add(self)
1037 1037 log.debug('updated user %s lastlogin', self.username)
1038 1038
1039 1039 def update_password(self, new_password):
1040 1040 from rhodecode.lib.auth import get_crypt_password
1041 1041
1042 1042 self.password = get_crypt_password(new_password)
1043 1043 Session().add(self)
1044 1044
1045 1045 @classmethod
1046 1046 def get_first_super_admin(cls):
1047 1047 stmt = cls.select().where(User.admin == true()).order_by(User.user_id.asc())
1048 1048 user = cls.scalars(stmt).first()
1049 1049
1050 1050 if user is None:
1051 1051 raise Exception('FATAL: Missing administrative account!')
1052 1052 return user
1053 1053
1054 1054 @classmethod
1055 1055 def get_all_super_admins(cls, only_active=False):
1056 1056 """
1057 1057 Returns all admin accounts sorted by username
1058 1058 """
1059 1059 qry = User.query().filter(User.admin == true()).order_by(User.username.asc())
1060 1060 if only_active:
1061 1061 qry = qry.filter(User.active == true())
1062 1062 return qry.all()
1063 1063
1064 1064 @classmethod
1065 1065 def get_all_user_ids(cls, only_active=True):
1066 1066 """
1067 1067 Returns all users IDs
1068 1068 """
1069 1069 qry = Session().query(User.user_id)
1070 1070
1071 1071 if only_active:
1072 1072 qry = qry.filter(User.active == true())
1073 1073 return [x.user_id for x in qry]
1074 1074
1075 1075 @classmethod
1076 1076 def get_default_user(cls, cache=False, refresh=False):
1077 1077 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
1078 1078 if user is None:
1079 1079 raise Exception('FATAL: Missing default account!')
1080 1080 if refresh:
1081 1081 # The default user might be based on outdated state which
1082 1082 # has been loaded from the cache.
1083 1083 # A call to refresh() ensures that the
1084 1084 # latest state from the database is used.
1085 1085 Session().refresh(user)
1086 1086
1087 1087 return user
1088 1088
1089 1089 @classmethod
1090 1090 def get_default_user_id(cls):
1091 1091 import rhodecode
1092 1092 return rhodecode.CONFIG['default_user_id']
1093 1093
1094 1094 def _get_default_perms(self, user, suffix=''):
1095 1095 from rhodecode.model.permission import PermissionModel
1096 1096 return PermissionModel().get_default_perms(user.user_perms, suffix)
1097 1097
1098 1098 def get_default_perms(self, suffix=''):
1099 1099 return self._get_default_perms(self, suffix)
1100 1100
1101 1101 def get_api_data(self, include_secrets=False, details='full'):
1102 1102 """
1103 1103 Common function for generating user related data for API
1104 1104
1105 1105 :param include_secrets: By default secrets in the API data will be replaced
1106 1106 by a placeholder value to prevent exposing this data by accident. In case
1107 1107 this data shall be exposed, set this flag to ``True``.
1108 1108
1109 1109 :param details: details can be 'basic|full' basic gives only a subset of
1110 1110 the available user information that includes user_id, name and emails.
1111 1111 """
1112 1112 user = self
1113 1113 user_data = self.user_data
1114 1114 data = {
1115 1115 'user_id': user.user_id,
1116 1116 'username': user.username,
1117 1117 'firstname': user.name,
1118 1118 'lastname': user.lastname,
1119 1119 'description': user.description,
1120 1120 'email': user.email,
1121 1121 'emails': user.emails,
1122 1122 }
1123 1123 if details == 'basic':
1124 1124 return data
1125 1125
1126 1126 auth_token_length = 40
1127 1127 auth_token_replacement = '*' * auth_token_length
1128 1128
1129 1129 extras = {
1130 1130 'auth_tokens': [auth_token_replacement],
1131 1131 'active': user.active,
1132 1132 'admin': user.admin,
1133 1133 'extern_type': user.extern_type,
1134 1134 'extern_name': user.extern_name,
1135 1135 'last_login': user.last_login,
1136 1136 'last_activity': user.last_activity,
1137 1137 'ip_addresses': user.ip_addresses,
1138 1138 'language': user_data.get('language')
1139 1139 }
1140 1140 data.update(extras)
1141 1141
1142 1142 if include_secrets:
1143 1143 data['auth_tokens'] = user.auth_tokens
1144 1144 return data
1145 1145
1146 1146 def __json__(self):
1147 1147 data = {
1148 1148 'full_name': self.full_name,
1149 1149 'full_name_or_username': self.full_name_or_username,
1150 1150 'short_contact': self.short_contact,
1151 1151 'full_contact': self.full_contact,
1152 1152 }
1153 1153 data.update(self.get_api_data())
1154 1154 return data
1155 1155
1156 1156
1157 1157 class UserApiKeys(Base, BaseModel):
1158 1158 __tablename__ = 'user_api_keys'
1159 1159 __table_args__ = (
1160 1160 Index('uak_api_key_idx', 'api_key'),
1161 1161 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1162 1162 base_table_args
1163 1163 )
1164 1164 __mapper_args__ = {}
1165 1165
1166 1166 # ApiKey role
1167 1167 ROLE_ALL = 'token_role_all'
1168 1168 ROLE_VCS = 'token_role_vcs'
1169 1169 ROLE_API = 'token_role_api'
1170 1170 ROLE_HTTP = 'token_role_http'
1171 1171 ROLE_FEED = 'token_role_feed'
1172 1172 ROLE_ARTIFACT_DOWNLOAD = 'role_artifact_download'
1173 1173 # The last one is ignored in the list as we only
1174 1174 # use it for one action, and cannot be created by users
1175 1175 ROLE_PASSWORD_RESET = 'token_password_reset'
1176 1176
1177 1177 ROLES = [ROLE_ALL, ROLE_VCS, ROLE_API, ROLE_HTTP, ROLE_FEED, ROLE_ARTIFACT_DOWNLOAD]
1178 1178
1179 1179 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1180 1180 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1181 1181 api_key = Column("api_key", String(255), nullable=False, unique=True)
1182 1182 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1183 1183 expires = Column('expires', Float(53), nullable=False)
1184 1184 role = Column('role', String(255), nullable=True)
1185 1185 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1186 1186
1187 1187 # scope columns
1188 1188 repo_id = Column(
1189 1189 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1190 1190 nullable=True, unique=None, default=None)
1191 1191 repo = relationship('Repository', lazy='joined', back_populates='scoped_tokens')
1192 1192
1193 1193 repo_group_id = Column(
1194 1194 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1195 1195 nullable=True, unique=None, default=None)
1196 1196 repo_group = relationship('RepoGroup', lazy='joined')
1197 1197
1198 1198 user = relationship('User', lazy='joined', back_populates='user_auth_tokens')
1199 1199
1200 1200 def __repr__(self):
1201 1201 return f"<{self.cls_name}('{self.role}')>"
1202 1202
1203 1203 def __json__(self):
1204 1204 data = {
1205 1205 'auth_token': self.api_key,
1206 1206 'role': self.role,
1207 1207 'scope': self.scope_humanized,
1208 1208 'expired': self.expired
1209 1209 }
1210 1210 return data
1211 1211
1212 1212 def get_api_data(self, include_secrets=False):
1213 1213 data = self.__json__()
1214 1214 if include_secrets:
1215 1215 return data
1216 1216 else:
1217 1217 data['auth_token'] = self.token_obfuscated
1218 1218 return data
1219 1219
1220 1220 @hybrid_property
1221 1221 def description_safe(self):
1222 1222 from rhodecode.lib import helpers as h
1223 1223 return h.escape(self.description)
1224 1224
1225 1225 @property
1226 1226 def expired(self):
1227 1227 if self.expires == -1:
1228 1228 return False
1229 1229 return time.time() > self.expires
1230 1230
1231 1231 @classmethod
1232 1232 def _get_role_name(cls, role):
1233 1233 return {
1234 1234 cls.ROLE_ALL: _('all'),
1235 1235 cls.ROLE_HTTP: _('http/web interface'),
1236 1236 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1237 1237 cls.ROLE_API: _('api calls'),
1238 1238 cls.ROLE_FEED: _('feed access'),
1239 1239 cls.ROLE_ARTIFACT_DOWNLOAD: _('artifacts downloads'),
1240 1240 }.get(role, role)
1241 1241
1242 1242 @classmethod
1243 1243 def _get_role_description(cls, role):
1244 1244 return {
1245 1245 cls.ROLE_ALL: _('Token for all actions.'),
1246 1246 cls.ROLE_HTTP: _('Token to access RhodeCode pages via web interface without '
1247 1247 'login using `api_access_controllers_whitelist` functionality.'),
1248 1248 cls.ROLE_VCS: _('Token to interact over git/hg/svn protocols. '
1249 1249 'Requires auth_token authentication plugin to be active. <br/>'
1250 1250 'Such Token should be used then instead of a password to '
1251 1251 'interact with a repository, and additionally can be '
1252 1252 'limited to single repository using repo scope.'),
1253 1253 cls.ROLE_API: _('Token limited to api calls.'),
1254 1254 cls.ROLE_FEED: _('Token to read RSS/ATOM feed.'),
1255 1255 cls.ROLE_ARTIFACT_DOWNLOAD: _('Token for artifacts downloads.'),
1256 1256 }.get(role, role)
1257 1257
1258 1258 @property
1259 1259 def role_humanized(self):
1260 1260 return self._get_role_name(self.role)
1261 1261
1262 1262 def _get_scope(self):
1263 1263 if self.repo:
1264 1264 return 'Repository: {}'.format(self.repo.repo_name)
1265 1265 if self.repo_group:
1266 1266 return 'RepositoryGroup: {} (recursive)'.format(self.repo_group.group_name)
1267 1267 return 'Global'
1268 1268
1269 1269 @property
1270 1270 def scope_humanized(self):
1271 1271 return self._get_scope()
1272 1272
1273 1273 @property
1274 1274 def token_obfuscated(self):
1275 1275 if self.api_key:
1276 1276 return self.api_key[:4] + "****"
1277 1277
1278 1278
1279 1279 class UserEmailMap(Base, BaseModel):
1280 1280 __tablename__ = 'user_email_map'
1281 1281 __table_args__ = (
1282 1282 Index('uem_email_idx', 'email'),
1283 1283 Index('uem_user_id_idx', 'user_id'),
1284 1284 UniqueConstraint('email'),
1285 1285 base_table_args
1286 1286 )
1287 1287 __mapper_args__ = {}
1288 1288
1289 1289 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1290 1290 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1291 1291 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1292 1292 user = relationship('User', lazy='joined', back_populates='user_emails')
1293 1293
1294 1294 @validates('_email')
1295 1295 def validate_email(self, key, email):
1296 1296 # check if this email is not main one
1297 1297 main_email = Session().query(User).filter(User.email == email).scalar()
1298 1298 if main_email is not None:
1299 1299 raise AttributeError('email %s is present is user table' % email)
1300 1300 return email
1301 1301
1302 1302 @hybrid_property
1303 1303 def email(self):
1304 1304 return self._email
1305 1305
1306 1306 @email.setter
1307 1307 def email(self, val):
1308 1308 self._email = val.lower() if val else None
1309 1309
1310 1310
1311 1311 class UserIpMap(Base, BaseModel):
1312 1312 __tablename__ = 'user_ip_map'
1313 1313 __table_args__ = (
1314 1314 UniqueConstraint('user_id', 'ip_addr'),
1315 1315 base_table_args
1316 1316 )
1317 1317 __mapper_args__ = {}
1318 1318
1319 1319 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1320 1320 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1321 1321 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1322 1322 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1323 1323 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1324 1324 user = relationship('User', lazy='joined', back_populates='user_ip_map')
1325 1325
1326 1326 @hybrid_property
1327 1327 def description_safe(self):
1328 1328 from rhodecode.lib import helpers as h
1329 1329 return h.escape(self.description)
1330 1330
1331 1331 @classmethod
1332 1332 def _get_ip_range(cls, ip_addr):
1333 1333 net = ipaddress.ip_network(safe_str(ip_addr), strict=False)
1334 1334 return [str(net.network_address), str(net.broadcast_address)]
1335 1335
1336 1336 def __json__(self):
1337 1337 return {
1338 1338 'ip_addr': self.ip_addr,
1339 1339 'ip_range': self._get_ip_range(self.ip_addr),
1340 1340 }
1341 1341
1342 1342 def __repr__(self):
1343 1343 return f"<{self.cls_name}('user_id={self.user_id} => ip={self.ip_addr}')>"
1344 1344
1345 1345
1346 1346 class UserSshKeys(Base, BaseModel):
1347 1347 __tablename__ = 'user_ssh_keys'
1348 1348 __table_args__ = (
1349 1349 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1350 1350
1351 1351 UniqueConstraint('ssh_key_fingerprint'),
1352 1352
1353 1353 base_table_args
1354 1354 )
1355 1355 __mapper_args__ = {}
1356 1356
1357 1357 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1358 1358 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1359 1359 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1360 1360
1361 1361 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1362 1362
1363 1363 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1364 1364 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1365 1365 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1366 1366
1367 1367 user = relationship('User', lazy='joined', back_populates='user_ssh_keys')
1368 1368
1369 1369 def __json__(self):
1370 1370 data = {
1371 1371 'ssh_fingerprint': self.ssh_key_fingerprint,
1372 1372 'description': self.description,
1373 1373 'created_on': self.created_on
1374 1374 }
1375 1375 return data
1376 1376
1377 1377 def get_api_data(self):
1378 1378 data = self.__json__()
1379 1379 return data
1380 1380
1381 1381
1382 1382 class UserLog(Base, BaseModel):
1383 1383 __tablename__ = 'user_logs'
1384 1384 __table_args__ = (
1385 1385 base_table_args,
1386 1386 )
1387 1387
1388 1388 VERSION_1 = 'v1'
1389 1389 VERSION_2 = 'v2'
1390 1390 VERSIONS = [VERSION_1, VERSION_2]
1391 1391
1392 1392 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1393 1393 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1394 1394 username = Column("username", String(255), nullable=True, unique=None, default=None)
1395 1395 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1396 1396 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1397 1397 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1398 1398 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1399 1399 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1400 1400
1401 1401 version = Column("version", String(255), nullable=True, default=VERSION_1)
1402 1402 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1403 1403 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1404 1404 user = relationship('User', cascade='', back_populates='user_log')
1405 1405 repository = relationship('Repository', cascade='', back_populates='logs')
1406 1406
1407 1407 def __repr__(self):
1408 1408 return f"<{self.cls_name}('id:{self.repository_name}:{self.action}')>"
1409 1409
1410 1410 def __json__(self):
1411 1411 return {
1412 1412 'user_id': self.user_id,
1413 1413 'username': self.username,
1414 1414 'repository_id': self.repository_id,
1415 1415 'repository_name': self.repository_name,
1416 1416 'user_ip': self.user_ip,
1417 1417 'action_date': self.action_date,
1418 1418 'action': self.action,
1419 1419 }
1420 1420
1421 1421 @hybrid_property
1422 1422 def entry_id(self):
1423 1423 return self.user_log_id
1424 1424
1425 1425 @property
1426 1426 def action_as_day(self):
1427 1427 return datetime.date(*self.action_date.timetuple()[:3])
1428 1428
1429 1429
1430 1430 class UserGroup(Base, BaseModel):
1431 1431 __tablename__ = 'users_groups'
1432 1432 __table_args__ = (
1433 1433 base_table_args,
1434 1434 )
1435 1435
1436 1436 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1437 1437 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1438 1438 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1439 1439 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1440 1440 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1441 1441 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1442 1442 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1443 1443 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1444 1444
1445 1445 members = relationship('UserGroupMember', cascade="all, delete-orphan", lazy="joined", back_populates='users_group')
1446 1446 users_group_to_perm = relationship('UserGroupToPerm', cascade='all', back_populates='users_group')
1447 1447 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all', back_populates='users_group')
1448 1448 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all', back_populates='users_group')
1449 1449 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all', back_populates='user_group')
1450 1450
1451 1451 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all', back_populates='target_user_group')
1452 1452
1453 1453 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all', back_populates='users_group')
1454 1454 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id", back_populates='user_groups')
1455 1455
1456 1456 @classmethod
1457 1457 def _load_group_data(cls, column):
1458 1458 if not column:
1459 1459 return {}
1460 1460
1461 1461 try:
1462 1462 return json.loads(column) or {}
1463 1463 except TypeError:
1464 1464 return {}
1465 1465
1466 1466 @hybrid_property
1467 1467 def description_safe(self):
1468 1468 from rhodecode.lib import helpers as h
1469 1469 return h.escape(self.user_group_description)
1470 1470
1471 1471 @hybrid_property
1472 1472 def group_data(self):
1473 1473 return self._load_group_data(self._group_data)
1474 1474
1475 1475 @group_data.expression
1476 1476 def group_data(self, **kwargs):
1477 1477 return self._group_data
1478 1478
1479 1479 @group_data.setter
1480 1480 def group_data(self, val):
1481 1481 try:
1482 1482 self._group_data = json.dumps(val)
1483 1483 except Exception:
1484 1484 log.error(traceback.format_exc())
1485 1485
1486 1486 @classmethod
1487 1487 def _load_sync(cls, group_data):
1488 1488 if group_data:
1489 1489 return group_data.get('extern_type')
1490 1490
1491 1491 @property
1492 1492 def sync(self):
1493 1493 return self._load_sync(self.group_data)
1494 1494
1495 1495 def __repr__(self):
1496 1496 return f"<{self.cls_name}('id:{self.users_group_id}:{self.users_group_name}')>"
1497 1497
1498 1498 @classmethod
1499 1499 def get_by_group_name(cls, group_name, cache=False,
1500 1500 case_insensitive=False):
1501 1501 if case_insensitive:
1502 1502 q = cls.query().filter(func.lower(cls.users_group_name) ==
1503 1503 func.lower(group_name))
1504 1504
1505 1505 else:
1506 1506 q = cls.query().filter(cls.users_group_name == group_name)
1507 1507 if cache:
1508 1508 name_key = _hash_key(group_name)
1509 1509 q = q.options(
1510 1510 FromCache("sql_cache_short", f"get_group_{name_key}"))
1511 1511 return q.scalar()
1512 1512
1513 1513 @classmethod
1514 1514 def get(cls, user_group_id, cache=False):
1515 1515 if not user_group_id:
1516 1516 return
1517 1517
1518 1518 user_group = cls.query()
1519 1519 if cache:
1520 1520 user_group = user_group.options(
1521 1521 FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
1522 1522 return user_group.get(user_group_id)
1523 1523
1524 1524 def permissions(self, with_admins=True, with_owner=True,
1525 1525 expand_from_user_groups=False):
1526 1526 """
1527 1527 Permissions for user groups
1528 1528 """
1529 1529 _admin_perm = 'usergroup.admin'
1530 1530
1531 1531 owner_row = []
1532 1532 if with_owner:
1533 1533 usr = AttributeDict(self.user.get_dict())
1534 1534 usr.owner_row = True
1535 1535 usr.permission = _admin_perm
1536 1536 owner_row.append(usr)
1537 1537
1538 1538 super_admin_ids = []
1539 1539 super_admin_rows = []
1540 1540 if with_admins:
1541 1541 for usr in User.get_all_super_admins():
1542 1542 super_admin_ids.append(usr.user_id)
1543 1543 # if this admin is also owner, don't double the record
1544 1544 if usr.user_id == owner_row[0].user_id:
1545 1545 owner_row[0].admin_row = True
1546 1546 else:
1547 1547 usr = AttributeDict(usr.get_dict())
1548 1548 usr.admin_row = True
1549 1549 usr.permission = _admin_perm
1550 1550 super_admin_rows.append(usr)
1551 1551
1552 1552 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1553 1553 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1554 1554 joinedload(UserUserGroupToPerm.user),
1555 1555 joinedload(UserUserGroupToPerm.permission),)
1556 1556
1557 1557 # get owners and admins and permissions. We do a trick of re-writing
1558 1558 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1559 1559 # has a global reference and changing one object propagates to all
1560 1560 # others. This means if admin is also an owner admin_row that change
1561 1561 # would propagate to both objects
1562 1562 perm_rows = []
1563 1563 for _usr in q.all():
1564 1564 usr = AttributeDict(_usr.user.get_dict())
1565 1565 # if this user is also owner/admin, mark as duplicate record
1566 1566 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1567 1567 usr.duplicate_perm = True
1568 1568 usr.permission = _usr.permission.permission_name
1569 1569 perm_rows.append(usr)
1570 1570
1571 1571 # filter the perm rows by 'default' first and then sort them by
1572 1572 # admin,write,read,none permissions sorted again alphabetically in
1573 1573 # each group
1574 1574 perm_rows = sorted(perm_rows, key=display_user_sort)
1575 1575
1576 1576 user_groups_rows = []
1577 1577 if expand_from_user_groups:
1578 1578 for ug in self.permission_user_groups(with_members=True):
1579 1579 for user_data in ug.members:
1580 1580 user_groups_rows.append(user_data)
1581 1581
1582 1582 return super_admin_rows + owner_row + perm_rows + user_groups_rows
1583 1583
1584 1584 def permission_user_groups(self, with_members=False):
1585 1585 q = UserGroupUserGroupToPerm.query()\
1586 1586 .filter(UserGroupUserGroupToPerm.target_user_group == self)
1587 1587 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1588 1588 joinedload(UserGroupUserGroupToPerm.target_user_group),
1589 1589 joinedload(UserGroupUserGroupToPerm.permission),)
1590 1590
1591 1591 perm_rows = []
1592 1592 for _user_group in q.all():
1593 1593 entry = AttributeDict(_user_group.user_group.get_dict())
1594 1594 entry.permission = _user_group.permission.permission_name
1595 1595 if with_members:
1596 1596 entry.members = [x.user.get_dict()
1597 1597 for x in _user_group.user_group.members]
1598 1598 perm_rows.append(entry)
1599 1599
1600 1600 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1601 1601 return perm_rows
1602 1602
1603 1603 def _get_default_perms(self, user_group, suffix=''):
1604 1604 from rhodecode.model.permission import PermissionModel
1605 1605 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1606 1606
1607 1607 def get_default_perms(self, suffix=''):
1608 1608 return self._get_default_perms(self, suffix)
1609 1609
1610 1610 def get_api_data(self, with_group_members=True, include_secrets=False):
1611 1611 """
1612 1612 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1613 1613 basically forwarded.
1614 1614
1615 1615 """
1616 1616 user_group = self
1617 1617 data = {
1618 1618 'users_group_id': user_group.users_group_id,
1619 1619 'group_name': user_group.users_group_name,
1620 1620 'group_description': user_group.user_group_description,
1621 1621 'active': user_group.users_group_active,
1622 1622 'owner': user_group.user.username,
1623 1623 'sync': user_group.sync,
1624 1624 'owner_email': user_group.user.email,
1625 1625 }
1626 1626
1627 1627 if with_group_members:
1628 1628 users = []
1629 1629 for user in user_group.members:
1630 1630 user = user.user
1631 1631 users.append(user.get_api_data(include_secrets=include_secrets))
1632 1632 data['users'] = users
1633 1633
1634 1634 return data
1635 1635
1636 1636
1637 1637 class UserGroupMember(Base, BaseModel):
1638 1638 __tablename__ = 'users_groups_members'
1639 1639 __table_args__ = (
1640 1640 base_table_args,
1641 1641 )
1642 1642
1643 1643 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1644 1644 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1645 1645 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1646 1646
1647 1647 user = relationship('User', lazy='joined', back_populates='group_member')
1648 1648 users_group = relationship('UserGroup', back_populates='members')
1649 1649
1650 1650 def __init__(self, gr_id='', u_id=''):
1651 1651 self.users_group_id = gr_id
1652 1652 self.user_id = u_id
1653 1653
1654 1654
1655 1655 class RepositoryField(Base, BaseModel):
1656 1656 __tablename__ = 'repositories_fields'
1657 1657 __table_args__ = (
1658 1658 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1659 1659 base_table_args,
1660 1660 )
1661 1661
1662 1662 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1663 1663
1664 1664 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1665 1665 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1666 1666 field_key = Column("field_key", String(250))
1667 1667 field_label = Column("field_label", String(1024), nullable=False)
1668 1668 field_value = Column("field_value", String(10000), nullable=False)
1669 1669 field_desc = Column("field_desc", String(1024), nullable=False)
1670 1670 field_type = Column("field_type", String(255), nullable=False, unique=None)
1671 1671 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1672 1672
1673 1673 repository = relationship('Repository', back_populates='extra_fields')
1674 1674
1675 1675 @property
1676 1676 def field_key_prefixed(self):
1677 1677 return 'ex_%s' % self.field_key
1678 1678
1679 1679 @classmethod
1680 1680 def un_prefix_key(cls, key):
1681 1681 if key.startswith(cls.PREFIX):
1682 1682 return key[len(cls.PREFIX):]
1683 1683 return key
1684 1684
1685 1685 @classmethod
1686 1686 def get_by_key_name(cls, key, repo):
1687 1687 row = cls.query()\
1688 1688 .filter(cls.repository == repo)\
1689 1689 .filter(cls.field_key == key).scalar()
1690 1690 return row
1691 1691
1692 1692
1693 1693 class Repository(Base, BaseModel):
1694 1694 __tablename__ = 'repositories'
1695 1695 __table_args__ = (
1696 1696 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1697 1697 base_table_args,
1698 1698 )
1699 1699 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1700 1700 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1701 1701 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1702 1702
1703 1703 STATE_CREATED = 'repo_state_created'
1704 1704 STATE_PENDING = 'repo_state_pending'
1705 1705 STATE_ERROR = 'repo_state_error'
1706 1706
1707 1707 LOCK_AUTOMATIC = 'lock_auto'
1708 1708 LOCK_API = 'lock_api'
1709 1709 LOCK_WEB = 'lock_web'
1710 1710 LOCK_PULL = 'lock_pull'
1711 1711
1712 1712 NAME_SEP = URL_SEP
1713 1713
1714 1714 repo_id = Column(
1715 1715 "repo_id", Integer(), nullable=False, unique=True, default=None,
1716 1716 primary_key=True)
1717 1717 _repo_name = Column(
1718 1718 "repo_name", Text(), nullable=False, default=None)
1719 1719 repo_name_hash = Column(
1720 1720 "repo_name_hash", String(255), nullable=False, unique=True)
1721 1721 repo_state = Column("repo_state", String(255), nullable=True)
1722 1722
1723 1723 clone_uri = Column(
1724 1724 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1725 1725 default=None)
1726 1726 push_uri = Column(
1727 1727 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1728 1728 default=None)
1729 1729 repo_type = Column(
1730 1730 "repo_type", String(255), nullable=False, unique=False, default=None)
1731 1731 user_id = Column(
1732 1732 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1733 1733 unique=False, default=None)
1734 1734 private = Column(
1735 1735 "private", Boolean(), nullable=True, unique=None, default=None)
1736 1736 archived = Column(
1737 1737 "archived", Boolean(), nullable=True, unique=None, default=None)
1738 1738 enable_statistics = Column(
1739 1739 "statistics", Boolean(), nullable=True, unique=None, default=True)
1740 1740 enable_downloads = Column(
1741 1741 "downloads", Boolean(), nullable=True, unique=None, default=True)
1742 1742 description = Column(
1743 1743 "description", String(10000), nullable=True, unique=None, default=None)
1744 1744 created_on = Column(
1745 1745 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1746 1746 default=datetime.datetime.now)
1747 1747 updated_on = Column(
1748 1748 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1749 1749 default=datetime.datetime.now)
1750 1750 _landing_revision = Column(
1751 1751 "landing_revision", String(255), nullable=False, unique=False,
1752 1752 default=None)
1753 1753 enable_locking = Column(
1754 1754 "enable_locking", Boolean(), nullable=False, unique=None,
1755 1755 default=False)
1756 1756 _locked = Column(
1757 1757 "locked", String(255), nullable=True, unique=False, default=None)
1758 1758 _changeset_cache = Column(
1759 1759 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1760 1760
1761 1761 fork_id = Column(
1762 1762 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1763 1763 nullable=True, unique=False, default=None)
1764 1764 group_id = Column(
1765 1765 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1766 1766 unique=False, default=None)
1767 1767
1768 1768 user = relationship('User', lazy='joined', back_populates='repositories')
1769 1769 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1770 1770 group = relationship('RepoGroup', lazy='joined')
1771 1771 repo_to_perm = relationship('UserRepoToPerm', cascade='all', order_by='UserRepoToPerm.repo_to_perm_id')
1772 1772 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all', back_populates='repository')
1773 1773 stats = relationship('Statistics', cascade='all', uselist=False)
1774 1774
1775 1775 followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', cascade='all', back_populates='follows_repository')
1776 1776 extra_fields = relationship('RepositoryField', cascade="all, delete-orphan", back_populates='repository')
1777 1777
1778 1778 logs = relationship('UserLog', back_populates='repository')
1779 1779
1780 1780 comments = relationship('ChangesetComment', cascade="all, delete-orphan", back_populates='repo')
1781 1781
1782 1782 pull_requests_source = relationship(
1783 1783 'PullRequest',
1784 1784 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1785 1785 cascade="all, delete-orphan",
1786 1786 #back_populates="pr_source"
1787 1787 )
1788 1788 pull_requests_target = relationship(
1789 1789 'PullRequest',
1790 1790 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1791 1791 cascade="all, delete-orphan",
1792 1792 #back_populates="pr_target"
1793 1793 )
1794 1794
1795 1795 ui = relationship('RepoRhodeCodeUi', cascade="all")
1796 1796 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1797 1797 integrations = relationship('Integration', cascade="all, delete-orphan", back_populates='repo')
1798 1798
1799 1799 scoped_tokens = relationship('UserApiKeys', cascade="all", back_populates='repo')
1800 1800
1801 1801 # no cascade, set NULL
1802 1802 artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_id==Repository.repo_id', viewonly=True)
1803 1803
1804 1804 review_rules = relationship('RepoReviewRule')
1805 1805 user_branch_perms = relationship('UserToRepoBranchPermission')
1806 1806 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission')
1807 1807
1808 1808 def __repr__(self):
1809 1809 return "<%s('%s:%s')>" % (self.cls_name, self.repo_id, self.repo_name)
1810 1810
1811 1811 @hybrid_property
1812 1812 def description_safe(self):
1813 1813 from rhodecode.lib import helpers as h
1814 1814 return h.escape(self.description)
1815 1815
1816 1816 @hybrid_property
1817 1817 def landing_rev(self):
1818 1818 # always should return [rev_type, rev], e.g ['branch', 'master']
1819 1819 if self._landing_revision:
1820 1820 _rev_info = self._landing_revision.split(':')
1821 1821 if len(_rev_info) < 2:
1822 1822 _rev_info.insert(0, 'rev')
1823 1823 return [_rev_info[0], _rev_info[1]]
1824 1824 return [None, None]
1825 1825
1826 1826 @property
1827 1827 def landing_ref_type(self):
1828 1828 return self.landing_rev[0]
1829 1829
1830 1830 @property
1831 1831 def landing_ref_name(self):
1832 1832 return self.landing_rev[1]
1833 1833
1834 1834 @landing_rev.setter
1835 1835 def landing_rev(self, val):
1836 1836 if ':' not in val:
1837 1837 raise ValueError('value must be delimited with `:` and consist '
1838 1838 'of <rev_type>:<rev>, got %s instead' % val)
1839 1839 self._landing_revision = val
1840 1840
1841 1841 @hybrid_property
1842 1842 def locked(self):
1843 1843 if self._locked:
1844 1844 user_id, timelocked, reason = self._locked.split(':')
1845 1845 lock_values = int(user_id), timelocked, reason
1846 1846 else:
1847 1847 lock_values = [None, None, None]
1848 1848 return lock_values
1849 1849
1850 1850 @locked.setter
1851 1851 def locked(self, val):
1852 1852 if val and isinstance(val, (list, tuple)):
1853 1853 self._locked = ':'.join(map(str, val))
1854 1854 else:
1855 1855 self._locked = None
1856 1856
1857 1857 @classmethod
1858 1858 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
1859 1859 from rhodecode.lib.vcs.backends.base import EmptyCommit
1860 1860 dummy = EmptyCommit().__json__()
1861 1861 if not changeset_cache_raw:
1862 1862 dummy['source_repo_id'] = repo_id
1863 1863 return json.loads(json.dumps(dummy))
1864 1864
1865 1865 try:
1866 1866 return json.loads(changeset_cache_raw)
1867 1867 except TypeError:
1868 1868 return dummy
1869 1869 except Exception:
1870 1870 log.error(traceback.format_exc())
1871 1871 return dummy
1872 1872
1873 1873 @hybrid_property
1874 1874 def changeset_cache(self):
1875 1875 return self._load_changeset_cache(self.repo_id, self._changeset_cache)
1876 1876
1877 1877 @changeset_cache.setter
1878 1878 def changeset_cache(self, val):
1879 1879 try:
1880 1880 self._changeset_cache = json.dumps(val)
1881 1881 except Exception:
1882 1882 log.error(traceback.format_exc())
1883 1883
1884 1884 @hybrid_property
1885 1885 def repo_name(self):
1886 1886 return self._repo_name
1887 1887
1888 1888 @repo_name.setter
1889 1889 def repo_name(self, value):
1890 1890 self._repo_name = value
1891 1891 self.repo_name_hash = sha1(safe_bytes(value))
1892 1892
1893 1893 @classmethod
1894 1894 def normalize_repo_name(cls, repo_name):
1895 1895 """
1896 1896 Normalizes os specific repo_name to the format internally stored inside
1897 1897 database using URL_SEP
1898 1898
1899 1899 :param cls:
1900 1900 :param repo_name:
1901 1901 """
1902 1902 return cls.NAME_SEP.join(repo_name.split(os.sep))
1903 1903
1904 1904 @classmethod
1905 1905 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1906 1906 session = Session()
1907 1907 q = session.query(cls).filter(cls.repo_name == repo_name)
1908 1908
1909 1909 if cache:
1910 1910 if identity_cache:
1911 1911 val = cls.identity_cache(session, 'repo_name', repo_name)
1912 1912 if val:
1913 1913 return val
1914 1914 else:
1915 1915 cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
1916 1916 q = q.options(
1917 1917 FromCache("sql_cache_short", cache_key))
1918 1918
1919 1919 return q.scalar()
1920 1920
1921 1921 @classmethod
1922 1922 def get_by_id_or_repo_name(cls, repoid):
1923 1923 if isinstance(repoid, int):
1924 1924 try:
1925 1925 repo = cls.get(repoid)
1926 1926 except ValueError:
1927 1927 repo = None
1928 1928 else:
1929 1929 repo = cls.get_by_repo_name(repoid)
1930 1930 return repo
1931 1931
1932 1932 @classmethod
1933 1933 def get_by_full_path(cls, repo_full_path):
1934 1934 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1935 1935 repo_name = cls.normalize_repo_name(repo_name)
1936 1936 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1937 1937
1938 1938 @classmethod
1939 1939 def get_repo_forks(cls, repo_id):
1940 1940 return cls.query().filter(Repository.fork_id == repo_id)
1941 1941
1942 1942 @classmethod
1943 1943 def base_path(cls):
1944 1944 """
1945 1945 Returns base path when all repos are stored
1946 1946
1947 1947 :param cls:
1948 1948 """
1949 1949 from rhodecode.lib.utils import get_rhodecode_base_path
1950 1950 return get_rhodecode_base_path()
1951 1951
1952 1952 @classmethod
1953 1953 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1954 1954 case_insensitive=True, archived=False):
1955 1955 q = Repository.query()
1956 1956
1957 1957 if not archived:
1958 1958 q = q.filter(Repository.archived.isnot(true()))
1959 1959
1960 1960 if not isinstance(user_id, Optional):
1961 1961 q = q.filter(Repository.user_id == user_id)
1962 1962
1963 1963 if not isinstance(group_id, Optional):
1964 1964 q = q.filter(Repository.group_id == group_id)
1965 1965
1966 1966 if case_insensitive:
1967 1967 q = q.order_by(func.lower(Repository.repo_name))
1968 1968 else:
1969 1969 q = q.order_by(Repository.repo_name)
1970 1970
1971 1971 return q.all()
1972 1972
1973 1973 @property
1974 1974 def repo_uid(self):
1975 1975 return '_{}'.format(self.repo_id)
1976 1976
1977 1977 @property
1978 1978 def forks(self):
1979 1979 """
1980 1980 Return forks of this repo
1981 1981 """
1982 1982 return Repository.get_repo_forks(self.repo_id)
1983 1983
1984 1984 @property
1985 1985 def parent(self):
1986 1986 """
1987 1987 Returns fork parent
1988 1988 """
1989 1989 return self.fork
1990 1990
1991 1991 @property
1992 1992 def just_name(self):
1993 1993 return self.repo_name.split(self.NAME_SEP)[-1]
1994 1994
1995 1995 @property
1996 1996 def groups_with_parents(self):
1997 1997 groups = []
1998 1998 if self.group is None:
1999 1999 return groups
2000 2000
2001 2001 cur_gr = self.group
2002 2002 groups.insert(0, cur_gr)
2003 2003 while 1:
2004 2004 gr = getattr(cur_gr, 'parent_group', None)
2005 2005 cur_gr = cur_gr.parent_group
2006 2006 if gr is None:
2007 2007 break
2008 2008 groups.insert(0, gr)
2009 2009
2010 2010 return groups
2011 2011
2012 2012 @property
2013 2013 def groups_and_repo(self):
2014 2014 return self.groups_with_parents, self
2015 2015
2016 2016 @LazyProperty
2017 2017 def repo_path(self):
2018 2018 """
2019 2019 Returns base full path for that repository means where it actually
2020 2020 exists on a filesystem
2021 2021 """
2022 2022 q = Session().query(RhodeCodeUi).filter(
2023 2023 RhodeCodeUi.ui_key == self.NAME_SEP)
2024 2024 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
2025 2025 return q.one().ui_value
2026 2026
2027 2027 @property
2028 2028 def repo_full_path(self):
2029 2029 p = [self.repo_path]
2030 2030 # we need to split the name by / since this is how we store the
2031 2031 # names in the database, but that eventually needs to be converted
2032 2032 # into a valid system path
2033 2033 p += self.repo_name.split(self.NAME_SEP)
2034 2034 return os.path.join(*map(safe_str, p))
2035 2035
2036 2036 @property
2037 2037 def cache_keys(self):
2038 2038 """
2039 2039 Returns associated cache keys for that repo
2040 2040 """
2041 2041 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
2042 2042 repo_id=self.repo_id)
2043 2043 return CacheKey.query()\
2044 2044 .filter(CacheKey.cache_args == invalidation_namespace)\
2045 2045 .order_by(CacheKey.cache_key)\
2046 2046 .all()
2047 2047
2048 2048 @property
2049 2049 def cached_diffs_relative_dir(self):
2050 2050 """
2051 2051 Return a relative to the repository store path of cached diffs
2052 2052 used for safe display for users, who shouldn't know the absolute store
2053 2053 path
2054 2054 """
2055 2055 return os.path.join(
2056 2056 os.path.dirname(self.repo_name),
2057 2057 self.cached_diffs_dir.split(os.path.sep)[-1])
2058 2058
2059 2059 @property
2060 2060 def cached_diffs_dir(self):
2061 2061 path = self.repo_full_path
2062 2062 return os.path.join(
2063 2063 os.path.dirname(path),
2064 2064 f'.__shadow_diff_cache_repo_{self.repo_id}')
2065 2065
2066 2066 def cached_diffs(self):
2067 2067 diff_cache_dir = self.cached_diffs_dir
2068 2068 if os.path.isdir(diff_cache_dir):
2069 2069 return os.listdir(diff_cache_dir)
2070 2070 return []
2071 2071
2072 2072 def shadow_repos(self):
2073 2073 shadow_repos_pattern = f'.__shadow_repo_{self.repo_id}'
2074 2074 return [
2075 2075 x for x in os.listdir(os.path.dirname(self.repo_full_path))
2076 2076 if x.startswith(shadow_repos_pattern)
2077 2077 ]
2078 2078
2079 2079 def get_new_name(self, repo_name):
2080 2080 """
2081 2081 returns new full repository name based on assigned group and new new
2082 2082
2083 2083 :param repo_name:
2084 2084 """
2085 2085 path_prefix = self.group.full_path_splitted if self.group else []
2086 2086 return self.NAME_SEP.join(path_prefix + [repo_name])
2087 2087
2088 2088 @property
2089 2089 def _config(self):
2090 2090 """
2091 2091 Returns db based config object.
2092 2092 """
2093 2093 from rhodecode.lib.utils import make_db_config
2094 2094 return make_db_config(clear_session=False, repo=self)
2095 2095
2096 2096 def permissions(self, with_admins=True, with_owner=True,
2097 2097 expand_from_user_groups=False):
2098 2098 """
2099 2099 Permissions for repositories
2100 2100 """
2101 2101 _admin_perm = 'repository.admin'
2102 2102
2103 2103 owner_row = []
2104 2104 if with_owner:
2105 2105 usr = AttributeDict(self.user.get_dict())
2106 2106 usr.owner_row = True
2107 2107 usr.permission = _admin_perm
2108 2108 usr.permission_id = None
2109 2109 owner_row.append(usr)
2110 2110
2111 2111 super_admin_ids = []
2112 2112 super_admin_rows = []
2113 2113 if with_admins:
2114 2114 for usr in User.get_all_super_admins():
2115 2115 super_admin_ids.append(usr.user_id)
2116 2116 # if this admin is also owner, don't double the record
2117 2117 if usr.user_id == owner_row[0].user_id:
2118 2118 owner_row[0].admin_row = True
2119 2119 else:
2120 2120 usr = AttributeDict(usr.get_dict())
2121 2121 usr.admin_row = True
2122 2122 usr.permission = _admin_perm
2123 2123 usr.permission_id = None
2124 2124 super_admin_rows.append(usr)
2125 2125
2126 2126 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
2127 2127 q = q.options(joinedload(UserRepoToPerm.repository),
2128 2128 joinedload(UserRepoToPerm.user),
2129 2129 joinedload(UserRepoToPerm.permission),)
2130 2130
2131 2131 # get owners and admins and permissions. We do a trick of re-writing
2132 2132 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2133 2133 # has a global reference and changing one object propagates to all
2134 2134 # others. This means if admin is also an owner admin_row that change
2135 2135 # would propagate to both objects
2136 2136 perm_rows = []
2137 2137 for _usr in q.all():
2138 2138 usr = AttributeDict(_usr.user.get_dict())
2139 2139 # if this user is also owner/admin, mark as duplicate record
2140 2140 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2141 2141 usr.duplicate_perm = True
2142 2142 # also check if this permission is maybe used by branch_permissions
2143 2143 if _usr.branch_perm_entry:
2144 2144 usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]
2145 2145
2146 2146 usr.permission = _usr.permission.permission_name
2147 2147 usr.permission_id = _usr.repo_to_perm_id
2148 2148 perm_rows.append(usr)
2149 2149
2150 2150 # filter the perm rows by 'default' first and then sort them by
2151 2151 # admin,write,read,none permissions sorted again alphabetically in
2152 2152 # each group
2153 2153 perm_rows = sorted(perm_rows, key=display_user_sort)
2154 2154
2155 2155 user_groups_rows = []
2156 2156 if expand_from_user_groups:
2157 2157 for ug in self.permission_user_groups(with_members=True):
2158 2158 for user_data in ug.members:
2159 2159 user_groups_rows.append(user_data)
2160 2160
2161 2161 return super_admin_rows + owner_row + perm_rows + user_groups_rows
2162 2162
2163 2163 def permission_user_groups(self, with_members=True):
2164 2164 q = UserGroupRepoToPerm.query()\
2165 2165 .filter(UserGroupRepoToPerm.repository == self)
2166 2166 q = q.options(joinedload(UserGroupRepoToPerm.repository),
2167 2167 joinedload(UserGroupRepoToPerm.users_group),
2168 2168 joinedload(UserGroupRepoToPerm.permission),)
2169 2169
2170 2170 perm_rows = []
2171 2171 for _user_group in q.all():
2172 2172 entry = AttributeDict(_user_group.users_group.get_dict())
2173 2173 entry.permission = _user_group.permission.permission_name
2174 2174 if with_members:
2175 2175 entry.members = [x.user.get_dict()
2176 2176 for x in _user_group.users_group.members]
2177 2177 perm_rows.append(entry)
2178 2178
2179 2179 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2180 2180 return perm_rows
2181 2181
2182 2182 def get_api_data(self, include_secrets=False):
2183 2183 """
2184 2184 Common function for generating repo api data
2185 2185
2186 2186 :param include_secrets: See :meth:`User.get_api_data`.
2187 2187
2188 2188 """
2189 2189 # TODO: mikhail: Here there is an anti-pattern, we probably need to
2190 2190 # move this methods on models level.
2191 2191 from rhodecode.model.settings import SettingsModel
2192 2192 from rhodecode.model.repo import RepoModel
2193 2193
2194 2194 repo = self
2195 2195 _user_id, _time, _reason = self.locked
2196 2196
2197 2197 data = {
2198 2198 'repo_id': repo.repo_id,
2199 2199 'repo_name': repo.repo_name,
2200 2200 'repo_type': repo.repo_type,
2201 2201 'clone_uri': repo.clone_uri or '',
2202 2202 'push_uri': repo.push_uri or '',
2203 2203 'url': RepoModel().get_url(self),
2204 2204 'private': repo.private,
2205 2205 'created_on': repo.created_on,
2206 2206 'description': repo.description_safe,
2207 2207 'landing_rev': repo.landing_rev,
2208 2208 'owner': repo.user.username,
2209 2209 'fork_of': repo.fork.repo_name if repo.fork else None,
2210 2210 'fork_of_id': repo.fork.repo_id if repo.fork else None,
2211 2211 'enable_statistics': repo.enable_statistics,
2212 2212 'enable_locking': repo.enable_locking,
2213 2213 'enable_downloads': repo.enable_downloads,
2214 2214 'last_changeset': repo.changeset_cache,
2215 2215 'locked_by': User.get(_user_id).get_api_data(
2216 2216 include_secrets=include_secrets) if _user_id else None,
2217 2217 'locked_date': time_to_datetime(_time) if _time else None,
2218 2218 'lock_reason': _reason if _reason else None,
2219 2219 }
2220 2220
2221 2221 # TODO: mikhail: should be per-repo settings here
2222 2222 rc_config = SettingsModel().get_all_settings()
2223 2223 repository_fields = str2bool(
2224 2224 rc_config.get('rhodecode_repository_fields'))
2225 2225 if repository_fields:
2226 2226 for f in self.extra_fields:
2227 2227 data[f.field_key_prefixed] = f.field_value
2228 2228
2229 2229 return data
2230 2230
2231 2231 @classmethod
2232 2232 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2233 2233 if not lock_time:
2234 2234 lock_time = time.time()
2235 2235 if not lock_reason:
2236 2236 lock_reason = cls.LOCK_AUTOMATIC
2237 2237 repo.locked = [user_id, lock_time, lock_reason]
2238 2238 Session().add(repo)
2239 2239 Session().commit()
2240 2240
2241 2241 @classmethod
2242 2242 def unlock(cls, repo):
2243 2243 repo.locked = None
2244 2244 Session().add(repo)
2245 2245 Session().commit()
2246 2246
2247 2247 @classmethod
2248 2248 def getlock(cls, repo):
2249 2249 return repo.locked
2250 2250
2251 2251 def get_locking_state(self, action, user_id, only_when_enabled=True):
2252 2252 """
2253 2253 Checks locking on this repository, if locking is enabled and lock is
2254 2254 present returns a tuple of make_lock, locked, locked_by.
2255 2255 make_lock can have 3 states None (do nothing) True, make lock
2256 2256 False release lock, This value is later propagated to hooks, which
2257 2257 do the locking. Think about this as signals passed to hooks what to do.
2258 2258
2259 2259 """
2260 2260 # TODO: johbo: This is part of the business logic and should be moved
2261 2261 # into the RepositoryModel.
2262 2262
2263 2263 if action not in ('push', 'pull'):
2264 2264 raise ValueError("Invalid action value: %s" % repr(action))
2265 2265
2266 2266 # defines if locked error should be thrown to user
2267 2267 currently_locked = False
2268 2268 # defines if new lock should be made, tri-state
2269 2269 make_lock = None
2270 2270 repo = self
2271 2271 user = User.get(user_id)
2272 2272
2273 2273 lock_info = repo.locked
2274 2274
2275 2275 if repo and (repo.enable_locking or not only_when_enabled):
2276 2276 if action == 'push':
2277 2277 # check if it's already locked !, if it is compare users
2278 2278 locked_by_user_id = lock_info[0]
2279 2279 if user.user_id == locked_by_user_id:
2280 2280 log.debug(
2281 2281 'Got `push` action from user %s, now unlocking', user)
2282 2282 # unlock if we have push from user who locked
2283 2283 make_lock = False
2284 2284 else:
2285 2285 # we're not the same user who locked, ban with
2286 2286 # code defined in settings (default is 423 HTTP Locked) !
2287 2287 log.debug('Repo %s is currently locked by %s', repo, user)
2288 2288 currently_locked = True
2289 2289 elif action == 'pull':
2290 2290 # [0] user [1] date
2291 2291 if lock_info[0] and lock_info[1]:
2292 2292 log.debug('Repo %s is currently locked by %s', repo, user)
2293 2293 currently_locked = True
2294 2294 else:
2295 2295 log.debug('Setting lock on repo %s by %s', repo, user)
2296 2296 make_lock = True
2297 2297
2298 2298 else:
2299 2299 log.debug('Repository %s do not have locking enabled', repo)
2300 2300
2301 2301 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2302 2302 make_lock, currently_locked, lock_info)
2303 2303
2304 2304 from rhodecode.lib.auth import HasRepoPermissionAny
2305 2305 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2306 2306 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2307 2307 # if we don't have at least write permission we cannot make a lock
2308 2308 log.debug('lock state reset back to FALSE due to lack '
2309 2309 'of at least read permission')
2310 2310 make_lock = False
2311 2311
2312 2312 return make_lock, currently_locked, lock_info
2313 2313
2314 2314 @property
2315 2315 def last_commit_cache_update_diff(self):
2316 2316 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
2317 2317
2318 2318 @classmethod
2319 2319 def _load_commit_change(cls, last_commit_cache):
2320 2320 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2321 2321 empty_date = datetime.datetime.fromtimestamp(0)
2322 2322 date_latest = last_commit_cache.get('date', empty_date)
2323 2323 try:
2324 2324 return parse_datetime(date_latest)
2325 2325 except Exception:
2326 2326 return empty_date
2327 2327
2328 2328 @property
2329 2329 def last_commit_change(self):
2330 2330 return self._load_commit_change(self.changeset_cache)
2331 2331
2332 2332 @property
2333 2333 def last_db_change(self):
2334 2334 return self.updated_on
2335 2335
2336 2336 @property
2337 2337 def clone_uri_hidden(self):
2338 2338 clone_uri = self.clone_uri
2339 2339 if clone_uri:
2340 2340 import urlobject
2341 2341 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2342 2342 if url_obj.password:
2343 2343 clone_uri = url_obj.with_password('*****')
2344 2344 return clone_uri
2345 2345
2346 2346 @property
2347 2347 def push_uri_hidden(self):
2348 2348 push_uri = self.push_uri
2349 2349 if push_uri:
2350 2350 import urlobject
2351 2351 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2352 2352 if url_obj.password:
2353 2353 push_uri = url_obj.with_password('*****')
2354 2354 return push_uri
2355 2355
2356 2356 def clone_url(self, **override):
2357 2357 from rhodecode.model.settings import SettingsModel
2358 2358
2359 2359 uri_tmpl = None
2360 2360 if 'with_id' in override:
2361 2361 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2362 2362 del override['with_id']
2363 2363
2364 2364 if 'uri_tmpl' in override:
2365 2365 uri_tmpl = override['uri_tmpl']
2366 2366 del override['uri_tmpl']
2367 2367
2368 2368 ssh = False
2369 2369 if 'ssh' in override:
2370 2370 ssh = True
2371 2371 del override['ssh']
2372 2372
2373 2373 # we didn't override our tmpl from **overrides
2374 2374 request = get_current_request()
2375 2375 if not uri_tmpl:
2376 2376 if hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):
2377 2377 rc_config = request.call_context.rc_config
2378 2378 else:
2379 2379 rc_config = SettingsModel().get_all_settings(cache=True)
2380 2380
2381 2381 if ssh:
2382 2382 uri_tmpl = rc_config.get(
2383 2383 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2384 2384
2385 2385 else:
2386 2386 uri_tmpl = rc_config.get(
2387 2387 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2388 2388
2389 2389 return get_clone_url(request=request,
2390 2390 uri_tmpl=uri_tmpl,
2391 2391 repo_name=self.repo_name,
2392 2392 repo_id=self.repo_id,
2393 2393 repo_type=self.repo_type,
2394 2394 **override)
2395 2395
2396 2396 def set_state(self, state):
2397 2397 self.repo_state = state
2398 2398 Session().add(self)
2399 2399 #==========================================================================
2400 2400 # SCM PROPERTIES
2401 2401 #==========================================================================
2402 2402
2403 2403 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None, maybe_unreachable=False, reference_obj=None):
2404 2404 return get_commit_safe(
2405 2405 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load,
2406 2406 maybe_unreachable=maybe_unreachable, reference_obj=reference_obj)
2407 2407
2408 2408 def get_changeset(self, rev=None, pre_load=None):
2409 2409 warnings.warn("Use get_commit", DeprecationWarning)
2410 2410 commit_id = None
2411 2411 commit_idx = None
2412 2412 if isinstance(rev, str):
2413 2413 commit_id = rev
2414 2414 else:
2415 2415 commit_idx = rev
2416 2416 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2417 2417 pre_load=pre_load)
2418 2418
2419 2419 def get_landing_commit(self):
2420 2420 """
2421 2421 Returns landing commit, or if that doesn't exist returns the tip
2422 2422 """
2423 2423 _rev_type, _rev = self.landing_rev
2424 2424 commit = self.get_commit(_rev)
2425 2425 if isinstance(commit, EmptyCommit):
2426 2426 return self.get_commit()
2427 2427 return commit
2428 2428
2429 2429 def flush_commit_cache(self):
2430 2430 self.update_commit_cache(cs_cache={'raw_id':'0'})
2431 2431 self.update_commit_cache()
2432 2432
2433 2433 def update_commit_cache(self, cs_cache=None, config=None):
2434 2434 """
2435 2435 Update cache of last commit for repository
2436 2436 cache_keys should be::
2437 2437
2438 2438 source_repo_id
2439 2439 short_id
2440 2440 raw_id
2441 2441 revision
2442 2442 parents
2443 2443 message
2444 2444 date
2445 2445 author
2446 2446 updated_on
2447 2447
2448 2448 """
2449 2449 from rhodecode.lib.vcs.backends.base import BaseCommit
2450 2450 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2451 2451 empty_date = datetime.datetime.fromtimestamp(0)
2452 2452 repo_commit_count = 0
2453 2453
2454 2454 if cs_cache is None:
2455 2455 # use no-cache version here
2456 2456 try:
2457 2457 scm_repo = self.scm_instance(cache=False, config=config)
2458 2458 except VCSError:
2459 2459 scm_repo = None
2460 2460 empty = scm_repo is None or scm_repo.is_empty()
2461 2461
2462 2462 if not empty:
2463 2463 cs_cache = scm_repo.get_commit(
2464 2464 pre_load=["author", "date", "message", "parents", "branch"])
2465 2465 repo_commit_count = scm_repo.count()
2466 2466 else:
2467 2467 cs_cache = EmptyCommit()
2468 2468
2469 2469 if isinstance(cs_cache, BaseCommit):
2470 2470 cs_cache = cs_cache.__json__()
2471 2471
2472 2472 def is_outdated(new_cs_cache):
2473 2473 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2474 2474 new_cs_cache['revision'] != self.changeset_cache['revision']):
2475 2475 return True
2476 2476 return False
2477 2477
2478 2478 # check if we have maybe already latest cached revision
2479 2479 if is_outdated(cs_cache) or not self.changeset_cache:
2480 2480 _current_datetime = datetime.datetime.utcnow()
2481 2481 last_change = cs_cache.get('date') or _current_datetime
2482 2482 # we check if last update is newer than the new value
2483 2483 # if yes, we use the current timestamp instead. Imagine you get
2484 2484 # old commit pushed 1y ago, we'd set last update 1y to ago.
2485 2485 last_change_timestamp = datetime_to_time(last_change)
2486 2486 current_timestamp = datetime_to_time(last_change)
2487 2487 if last_change_timestamp > current_timestamp and not empty:
2488 2488 cs_cache['date'] = _current_datetime
2489 2489
2490 2490 # also store size of repo
2491 2491 cs_cache['repo_commit_count'] = repo_commit_count
2492 2492
2493 2493 _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
2494 2494 cs_cache['updated_on'] = time.time()
2495 2495 self.changeset_cache = cs_cache
2496 2496 self.updated_on = last_change
2497 2497 Session().add(self)
2498 2498 Session().commit()
2499 2499
2500 2500 else:
2501 2501 if empty:
2502 2502 cs_cache = EmptyCommit().__json__()
2503 2503 else:
2504 2504 cs_cache = self.changeset_cache
2505 2505
2506 2506 _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
2507 2507
2508 2508 cs_cache['updated_on'] = time.time()
2509 2509 self.changeset_cache = cs_cache
2510 2510 self.updated_on = _date_latest
2511 2511 Session().add(self)
2512 2512 Session().commit()
2513 2513
2514 2514 log.debug('updated repo `%s` with new commit cache %s, and last update_date: %s',
2515 2515 self.repo_name, cs_cache, _date_latest)
2516 2516
2517 2517 @property
2518 2518 def tip(self):
2519 2519 return self.get_commit('tip')
2520 2520
2521 2521 @property
2522 2522 def author(self):
2523 2523 return self.tip.author
2524 2524
2525 2525 @property
2526 2526 def last_change(self):
2527 2527 return self.scm_instance().last_change
2528 2528
2529 2529 def get_comments(self, revisions=None):
2530 2530 """
2531 2531 Returns comments for this repository grouped by revisions
2532 2532
2533 2533 :param revisions: filter query by revisions only
2534 2534 """
2535 2535 cmts = ChangesetComment.query()\
2536 2536 .filter(ChangesetComment.repo == self)
2537 2537 if revisions:
2538 2538 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2539 2539 grouped = collections.defaultdict(list)
2540 2540 for cmt in cmts.all():
2541 2541 grouped[cmt.revision].append(cmt)
2542 2542 return grouped
2543 2543
2544 2544 def statuses(self, revisions=None):
2545 2545 """
2546 2546 Returns statuses for this repository
2547 2547
2548 2548 :param revisions: list of revisions to get statuses for
2549 2549 """
2550 2550 statuses = ChangesetStatus.query()\
2551 2551 .filter(ChangesetStatus.repo == self)\
2552 2552 .filter(ChangesetStatus.version == 0)
2553 2553
2554 2554 if revisions:
2555 2555 # Try doing the filtering in chunks to avoid hitting limits
2556 2556 size = 500
2557 2557 status_results = []
2558 2558 for chunk in range(0, len(revisions), size):
2559 2559 status_results += statuses.filter(
2560 2560 ChangesetStatus.revision.in_(
2561 2561 revisions[chunk: chunk+size])
2562 2562 ).all()
2563 2563 else:
2564 2564 status_results = statuses.all()
2565 2565
2566 2566 grouped = {}
2567 2567
2568 2568 # maybe we have open new pullrequest without a status?
2569 2569 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2570 2570 status_lbl = ChangesetStatus.get_status_lbl(stat)
2571 2571 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2572 2572 for rev in pr.revisions:
2573 2573 pr_id = pr.pull_request_id
2574 2574 pr_repo = pr.target_repo.repo_name
2575 2575 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2576 2576
2577 2577 for stat in status_results:
2578 2578 pr_id = pr_repo = None
2579 2579 if stat.pull_request:
2580 2580 pr_id = stat.pull_request.pull_request_id
2581 2581 pr_repo = stat.pull_request.target_repo.repo_name
2582 2582 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2583 2583 pr_id, pr_repo]
2584 2584 return grouped
2585 2585
2586 2586 # ==========================================================================
2587 2587 # SCM CACHE INSTANCE
2588 2588 # ==========================================================================
2589 2589
2590 2590 def scm_instance(self, **kwargs):
2591 2591 import rhodecode
2592 2592
2593 2593 # Passing a config will not hit the cache currently only used
2594 2594 # for repo2dbmapper
2595 2595 config = kwargs.pop('config', None)
2596 2596 cache = kwargs.pop('cache', None)
2597 2597 vcs_full_cache = kwargs.pop('vcs_full_cache', None)
2598 2598 if vcs_full_cache is not None:
2599 2599 # allows override global config
2600 2600 full_cache = vcs_full_cache
2601 2601 else:
2602 2602 full_cache = rhodecode.ConfigGet().get_bool('vcs_full_cache')
2603 2603 # if cache is NOT defined use default global, else we have a full
2604 2604 # control over cache behaviour
2605 2605 if cache is None and full_cache and not config:
2606 2606 log.debug('Initializing pure cached instance for %s', self.repo_path)
2607 2607 return self._get_instance_cached()
2608 2608
2609 2609 # cache here is sent to the "vcs server"
2610 2610 return self._get_instance(cache=bool(cache), config=config)
2611 2611
2612 2612 def _get_instance_cached(self):
2613 2613 from rhodecode.lib import rc_cache
2614 2614
2615 2615 cache_namespace_uid = f'repo_instance.{self.repo_id}'
2616 2616 invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
2617 2617 repo_id=self.repo_id)
2618 2618 region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
2619 2619
2620 2620 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
2621 2621 def get_instance_cached(repo_id, context_id, _cache_state_uid):
2622 2622 return self._get_instance(repo_state_uid=_cache_state_uid)
2623 2623
2624 2624 # we must use thread scoped cache here,
2625 2625 # because each thread of gevent needs it's own not shared connection and cache
2626 2626 # we also alter `args` so the cache key is individual for every green thread.
2627 2627 inv_context_manager = rc_cache.InvalidationContext(
2628 2628 uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace,
2629 2629 thread_scoped=True)
2630 2630 with inv_context_manager as invalidation_context:
2631 2631 cache_state_uid = invalidation_context.cache_data['cache_state_uid']
2632 2632 args = (self.repo_id, inv_context_manager.cache_key, cache_state_uid)
2633 2633
2634 2634 # re-compute and store cache if we get invalidate signal
2635 2635 if invalidation_context.should_invalidate():
2636 2636 instance = get_instance_cached.refresh(*args)
2637 2637 else:
2638 2638 instance = get_instance_cached(*args)
2639 2639
2640 2640 log.debug('Repo instance fetched in %.4fs', inv_context_manager.compute_time)
2641 2641 return instance
2642 2642
2643 2643 def _get_instance(self, cache=True, config=None, repo_state_uid=None):
2644 2644 log.debug('Initializing %s instance `%s` with cache flag set to: %s',
2645 2645 self.repo_type, self.repo_path, cache)
2646 2646 config = config or self._config
2647 2647 custom_wire = {
2648 2648 'cache': cache, # controls the vcs.remote cache
2649 2649 'repo_state_uid': repo_state_uid
2650 2650 }
2651 2651 repo = get_vcs_instance(
2652 2652 repo_path=safe_str(self.repo_full_path),
2653 2653 config=config,
2654 2654 with_wire=custom_wire,
2655 2655 create=False,
2656 2656 _vcs_alias=self.repo_type)
2657 2657 if repo is not None:
2658 2658 repo.count() # cache rebuild
2659 2659 return repo
2660 2660
2661 2661 def get_shadow_repository_path(self, workspace_id):
2662 2662 from rhodecode.lib.vcs.backends.base import BaseRepository
2663 2663 shadow_repo_path = BaseRepository._get_shadow_repository_path(
2664 2664 self.repo_full_path, self.repo_id, workspace_id)
2665 2665 return shadow_repo_path
2666 2666
2667 2667 def __json__(self):
2668 2668 return {'landing_rev': self.landing_rev}
2669 2669
2670 2670 def get_dict(self):
2671 2671
2672 2672 # Since we transformed `repo_name` to a hybrid property, we need to
2673 2673 # keep compatibility with the code which uses `repo_name` field.
2674 2674
2675 2675 result = super(Repository, self).get_dict()
2676 2676 result['repo_name'] = result.pop('_repo_name', None)
2677 2677 result.pop('_changeset_cache', '')
2678 2678 return result
2679 2679
2680 2680
2681 2681 class RepoGroup(Base, BaseModel):
2682 2682 __tablename__ = 'groups'
2683 2683 __table_args__ = (
2684 2684 UniqueConstraint('group_name', 'group_parent_id'),
2685 2685 base_table_args,
2686 2686 )
2687 2687 __mapper_args__ = {
2688 2688 #TODO: this is now depracated ?!
2689 2689 # 'order_by': 'group_name'
2690 2690 }
2691 2691
2692 2692 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2693 2693
2694 2694 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2695 2695 _group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2696 2696 group_name_hash = Column("repo_group_name_hash", String(1024), nullable=False, unique=False)
2697 2697 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2698 2698 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2699 2699 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2700 2700 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2701 2701 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2702 2702 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2703 2703 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2704 2704 _changeset_cache = Column("changeset_cache", LargeBinary(), nullable=True) # JSON data
2705 2705
2706 2706 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id', back_populates='group')
2707 2707 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all', back_populates='group')
2708 2708 parent_group = relationship('RepoGroup', remote_side=group_id)
2709 2709 user = relationship('User', back_populates='repository_groups')
2710 2710 integrations = relationship('Integration', cascade="all, delete-orphan", back_populates='repo_group')
2711 2711
2712 2712 # no cascade, set NULL
2713 2713 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_group_id==RepoGroup.group_id', viewonly=True)
2714 2714
2715 2715 def __init__(self, group_name='', parent_group=None):
2716 2716 self.group_name = group_name
2717 2717 self.parent_group = parent_group
2718 2718
2719 2719 def __repr__(self):
2720 2720 return f"<{self.cls_name}('id:{self.group_id}:{self.group_name}')>"
2721 2721
2722 2722 @hybrid_property
2723 2723 def group_name(self):
2724 2724 return self._group_name
2725 2725
2726 2726 @group_name.setter
2727 2727 def group_name(self, value):
2728 2728 self._group_name = value
2729 2729 self.group_name_hash = self.hash_repo_group_name(value)
2730 2730
2731 2731 @classmethod
2732 2732 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
2733 2733 from rhodecode.lib.vcs.backends.base import EmptyCommit
2734 2734 dummy = EmptyCommit().__json__()
2735 2735 if not changeset_cache_raw:
2736 2736 dummy['source_repo_id'] = repo_id
2737 2737 return json.loads(json.dumps(dummy))
2738 2738
2739 2739 try:
2740 2740 return json.loads(changeset_cache_raw)
2741 2741 except TypeError:
2742 2742 return dummy
2743 2743 except Exception:
2744 2744 log.error(traceback.format_exc())
2745 2745 return dummy
2746 2746
2747 2747 @hybrid_property
2748 2748 def changeset_cache(self):
2749 2749 return self._load_changeset_cache('', self._changeset_cache)
2750 2750
2751 2751 @changeset_cache.setter
2752 2752 def changeset_cache(self, val):
2753 2753 try:
2754 2754 self._changeset_cache = json.dumps(val)
2755 2755 except Exception:
2756 2756 log.error(traceback.format_exc())
2757 2757
2758 2758 @validates('group_parent_id')
2759 2759 def validate_group_parent_id(self, key, val):
2760 2760 """
2761 2761 Check cycle references for a parent group to self
2762 2762 """
2763 2763 if self.group_id and val:
2764 2764 assert val != self.group_id
2765 2765
2766 2766 return val
2767 2767
2768 2768 @hybrid_property
2769 2769 def description_safe(self):
2770 2770 from rhodecode.lib import helpers as h
2771 2771 return h.escape(self.group_description)
2772 2772
2773 2773 @classmethod
2774 2774 def hash_repo_group_name(cls, repo_group_name):
2775 2775 val = remove_formatting(repo_group_name)
2776 2776 val = safe_str(val).lower()
2777 2777 chars = []
2778 2778 for c in val:
2779 2779 if c not in string.ascii_letters:
2780 2780 c = str(ord(c))
2781 2781 chars.append(c)
2782 2782
2783 2783 return ''.join(chars)
2784 2784
2785 2785 @classmethod
2786 2786 def _generate_choice(cls, repo_group):
2787 2787 from webhelpers2.html import literal as _literal
2788 2788
2789 2789 def _name(k):
2790 2790 return _literal(cls.CHOICES_SEPARATOR.join(k))
2791 2791
2792 2792 return repo_group.group_id, _name(repo_group.full_path_splitted)
2793 2793
2794 2794 @classmethod
2795 2795 def groups_choices(cls, groups=None, show_empty_group=True):
2796 2796 if not groups:
2797 2797 groups = cls.query().all()
2798 2798
2799 2799 repo_groups = []
2800 2800 if show_empty_group:
2801 2801 repo_groups = [(-1, '-- %s --' % _('No parent'))]
2802 2802
2803 2803 repo_groups.extend([cls._generate_choice(x) for x in groups])
2804 2804
2805 2805 repo_groups = sorted(
2806 2806 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2807 2807 return repo_groups
2808 2808
2809 2809 @classmethod
2810 2810 def url_sep(cls):
2811 2811 return URL_SEP
2812 2812
2813 2813 @classmethod
2814 2814 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2815 2815 if case_insensitive:
2816 2816 gr = cls.query().filter(func.lower(cls.group_name)
2817 2817 == func.lower(group_name))
2818 2818 else:
2819 2819 gr = cls.query().filter(cls.group_name == group_name)
2820 2820 if cache:
2821 2821 name_key = _hash_key(group_name)
2822 2822 gr = gr.options(
2823 2823 FromCache("sql_cache_short", f"get_group_{name_key}"))
2824 2824 return gr.scalar()
2825 2825
2826 2826 @classmethod
2827 2827 def get_user_personal_repo_group(cls, user_id):
2828 2828 user = User.get(user_id)
2829 2829 if user.username == User.DEFAULT_USER:
2830 2830 return None
2831 2831
2832 2832 return cls.query()\
2833 2833 .filter(cls.personal == true()) \
2834 2834 .filter(cls.user == user) \
2835 2835 .order_by(cls.group_id.asc()) \
2836 2836 .first()
2837 2837
2838 2838 @classmethod
2839 2839 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2840 2840 case_insensitive=True):
2841 2841 q = RepoGroup.query()
2842 2842
2843 2843 if not isinstance(user_id, Optional):
2844 2844 q = q.filter(RepoGroup.user_id == user_id)
2845 2845
2846 2846 if not isinstance(group_id, Optional):
2847 2847 q = q.filter(RepoGroup.group_parent_id == group_id)
2848 2848
2849 2849 if case_insensitive:
2850 2850 q = q.order_by(func.lower(RepoGroup.group_name))
2851 2851 else:
2852 2852 q = q.order_by(RepoGroup.group_name)
2853 2853 return q.all()
2854 2854
2855 2855 @property
2856 2856 def parents(self, parents_recursion_limit=10):
2857 2857 groups = []
2858 2858 if self.parent_group is None:
2859 2859 return groups
2860 2860 cur_gr = self.parent_group
2861 2861 groups.insert(0, cur_gr)
2862 2862 cnt = 0
2863 2863 while 1:
2864 2864 cnt += 1
2865 2865 gr = getattr(cur_gr, 'parent_group', None)
2866 2866 cur_gr = cur_gr.parent_group
2867 2867 if gr is None:
2868 2868 break
2869 2869 if cnt == parents_recursion_limit:
2870 2870 # this will prevent accidental infinit loops
2871 2871 log.error('more than %s parents found for group %s, stopping '
2872 2872 'recursive parent fetching', parents_recursion_limit, self)
2873 2873 break
2874 2874
2875 2875 groups.insert(0, gr)
2876 2876 return groups
2877 2877
2878 2878 @property
2879 2879 def last_commit_cache_update_diff(self):
2880 2880 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
2881 2881
2882 2882 @classmethod
2883 2883 def _load_commit_change(cls, last_commit_cache):
2884 2884 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2885 2885 empty_date = datetime.datetime.fromtimestamp(0)
2886 2886 date_latest = last_commit_cache.get('date', empty_date)
2887 2887 try:
2888 2888 return parse_datetime(date_latest)
2889 2889 except Exception:
2890 2890 return empty_date
2891 2891
2892 2892 @property
2893 2893 def last_commit_change(self):
2894 2894 return self._load_commit_change(self.changeset_cache)
2895 2895
2896 2896 @property
2897 2897 def last_db_change(self):
2898 2898 return self.updated_on
2899 2899
2900 2900 @property
2901 2901 def children(self):
2902 2902 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2903 2903
2904 2904 @property
2905 2905 def name(self):
2906 2906 return self.group_name.split(RepoGroup.url_sep())[-1]
2907 2907
2908 2908 @property
2909 2909 def full_path(self):
2910 2910 return self.group_name
2911 2911
2912 2912 @property
2913 2913 def full_path_splitted(self):
2914 2914 return self.group_name.split(RepoGroup.url_sep())
2915 2915
2916 2916 @property
2917 2917 def repositories(self):
2918 2918 return Repository.query()\
2919 2919 .filter(Repository.group == self)\
2920 2920 .order_by(Repository.repo_name)
2921 2921
2922 2922 @property
2923 2923 def repositories_recursive_count(self):
2924 2924 cnt = self.repositories.count()
2925 2925
2926 2926 def children_count(group):
2927 2927 cnt = 0
2928 2928 for child in group.children:
2929 2929 cnt += child.repositories.count()
2930 2930 cnt += children_count(child)
2931 2931 return cnt
2932 2932
2933 2933 return cnt + children_count(self)
2934 2934
2935 2935 def _recursive_objects(self, include_repos=True, include_groups=True):
2936 2936 all_ = []
2937 2937
2938 2938 def _get_members(root_gr):
2939 2939 if include_repos:
2940 2940 for r in root_gr.repositories:
2941 2941 all_.append(r)
2942 2942 childs = root_gr.children.all()
2943 2943 if childs:
2944 2944 for gr in childs:
2945 2945 if include_groups:
2946 2946 all_.append(gr)
2947 2947 _get_members(gr)
2948 2948
2949 2949 root_group = []
2950 2950 if include_groups:
2951 2951 root_group = [self]
2952 2952
2953 2953 _get_members(self)
2954 2954 return root_group + all_
2955 2955
2956 2956 def recursive_groups_and_repos(self):
2957 2957 """
2958 2958 Recursive return all groups, with repositories in those groups
2959 2959 """
2960 2960 return self._recursive_objects()
2961 2961
2962 2962 def recursive_groups(self):
2963 2963 """
2964 2964 Returns all children groups for this group including children of children
2965 2965 """
2966 2966 return self._recursive_objects(include_repos=False)
2967 2967
2968 2968 def recursive_repos(self):
2969 2969 """
2970 2970 Returns all children repositories for this group
2971 2971 """
2972 2972 return self._recursive_objects(include_groups=False)
2973 2973
2974 2974 def get_new_name(self, group_name):
2975 2975 """
2976 2976 returns new full group name based on parent and new name
2977 2977
2978 2978 :param group_name:
2979 2979 """
2980 2980 path_prefix = (self.parent_group.full_path_splitted if
2981 2981 self.parent_group else [])
2982 2982 return RepoGroup.url_sep().join(path_prefix + [group_name])
2983 2983
2984 2984 def update_commit_cache(self, config=None):
2985 2985 """
2986 2986 Update cache of last commit for newest repository inside this repository group.
2987 2987 cache_keys should be::
2988 2988
2989 2989 source_repo_id
2990 2990 short_id
2991 2991 raw_id
2992 2992 revision
2993 2993 parents
2994 2994 message
2995 2995 date
2996 2996 author
2997 2997
2998 2998 """
2999 2999 from rhodecode.lib.vcs.utils.helpers import parse_datetime
3000 3000 empty_date = datetime.datetime.fromtimestamp(0)
3001 3001
3002 3002 def repo_groups_and_repos(root_gr):
3003 3003 for _repo in root_gr.repositories:
3004 3004 yield _repo
3005 3005 for child_group in root_gr.children.all():
3006 3006 yield child_group
3007 3007
3008 3008 latest_repo_cs_cache = {}
3009 3009 for obj in repo_groups_and_repos(self):
3010 3010 repo_cs_cache = obj.changeset_cache
3011 3011 date_latest = latest_repo_cs_cache.get('date', empty_date)
3012 3012 date_current = repo_cs_cache.get('date', empty_date)
3013 3013 current_timestamp = datetime_to_time(parse_datetime(date_latest))
3014 3014 if current_timestamp < datetime_to_time(parse_datetime(date_current)):
3015 3015 latest_repo_cs_cache = repo_cs_cache
3016 3016 if hasattr(obj, 'repo_id'):
3017 3017 latest_repo_cs_cache['source_repo_id'] = obj.repo_id
3018 3018 else:
3019 3019 latest_repo_cs_cache['source_repo_id'] = repo_cs_cache.get('source_repo_id')
3020 3020
3021 3021 _date_latest = parse_datetime(latest_repo_cs_cache.get('date') or empty_date)
3022 3022
3023 3023 latest_repo_cs_cache['updated_on'] = time.time()
3024 3024 self.changeset_cache = latest_repo_cs_cache
3025 3025 self.updated_on = _date_latest
3026 3026 Session().add(self)
3027 3027 Session().commit()
3028 3028
3029 3029 log.debug('updated repo group `%s` with new commit cache %s, and last update_date: %s',
3030 3030 self.group_name, latest_repo_cs_cache, _date_latest)
3031 3031
3032 3032 def permissions(self, with_admins=True, with_owner=True,
3033 3033 expand_from_user_groups=False):
3034 3034 """
3035 3035 Permissions for repository groups
3036 3036 """
3037 3037 _admin_perm = 'group.admin'
3038 3038
3039 3039 owner_row = []
3040 3040 if with_owner:
3041 3041 usr = AttributeDict(self.user.get_dict())
3042 3042 usr.owner_row = True
3043 3043 usr.permission = _admin_perm
3044 3044 owner_row.append(usr)
3045 3045
3046 3046 super_admin_ids = []
3047 3047 super_admin_rows = []
3048 3048 if with_admins:
3049 3049 for usr in User.get_all_super_admins():
3050 3050 super_admin_ids.append(usr.user_id)
3051 3051 # if this admin is also owner, don't double the record
3052 3052 if usr.user_id == owner_row[0].user_id:
3053 3053 owner_row[0].admin_row = True
3054 3054 else:
3055 3055 usr = AttributeDict(usr.get_dict())
3056 3056 usr.admin_row = True
3057 3057 usr.permission = _admin_perm
3058 3058 super_admin_rows.append(usr)
3059 3059
3060 3060 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
3061 3061 q = q.options(joinedload(UserRepoGroupToPerm.group),
3062 3062 joinedload(UserRepoGroupToPerm.user),
3063 3063 joinedload(UserRepoGroupToPerm.permission),)
3064 3064
3065 3065 # get owners and admins and permissions. We do a trick of re-writing
3066 3066 # objects from sqlalchemy to named-tuples due to sqlalchemy session
3067 3067 # has a global reference and changing one object propagates to all
3068 3068 # others. This means if admin is also an owner admin_row that change
3069 3069 # would propagate to both objects
3070 3070 perm_rows = []
3071 3071 for _usr in q.all():
3072 3072 usr = AttributeDict(_usr.user.get_dict())
3073 3073 # if this user is also owner/admin, mark as duplicate record
3074 3074 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
3075 3075 usr.duplicate_perm = True
3076 3076 usr.permission = _usr.permission.permission_name
3077 3077 perm_rows.append(usr)
3078 3078
3079 3079 # filter the perm rows by 'default' first and then sort them by
3080 3080 # admin,write,read,none permissions sorted again alphabetically in
3081 3081 # each group
3082 3082 perm_rows = sorted(perm_rows, key=display_user_sort)
3083 3083
3084 3084 user_groups_rows = []
3085 3085 if expand_from_user_groups:
3086 3086 for ug in self.permission_user_groups(with_members=True):
3087 3087 for user_data in ug.members:
3088 3088 user_groups_rows.append(user_data)
3089 3089
3090 3090 return super_admin_rows + owner_row + perm_rows + user_groups_rows
3091 3091
3092 3092 def permission_user_groups(self, with_members=False):
3093 3093 q = UserGroupRepoGroupToPerm.query()\
3094 3094 .filter(UserGroupRepoGroupToPerm.group == self)
3095 3095 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
3096 3096 joinedload(UserGroupRepoGroupToPerm.users_group),
3097 3097 joinedload(UserGroupRepoGroupToPerm.permission),)
3098 3098
3099 3099 perm_rows = []
3100 3100 for _user_group in q.all():
3101 3101 entry = AttributeDict(_user_group.users_group.get_dict())
3102 3102 entry.permission = _user_group.permission.permission_name
3103 3103 if with_members:
3104 3104 entry.members = [x.user.get_dict()
3105 3105 for x in _user_group.users_group.members]
3106 3106 perm_rows.append(entry)
3107 3107
3108 3108 perm_rows = sorted(perm_rows, key=display_user_group_sort)
3109 3109 return perm_rows
3110 3110
3111 3111 def get_api_data(self):
3112 3112 """
3113 3113 Common function for generating api data
3114 3114
3115 3115 """
3116 3116 group = self
3117 3117 data = {
3118 3118 'group_id': group.group_id,
3119 3119 'group_name': group.group_name,
3120 3120 'group_description': group.description_safe,
3121 3121 'parent_group': group.parent_group.group_name if group.parent_group else None,
3122 3122 'repositories': [x.repo_name for x in group.repositories],
3123 3123 'owner': group.user.username,
3124 3124 }
3125 3125 return data
3126 3126
3127 3127 def get_dict(self):
3128 3128 # Since we transformed `group_name` to a hybrid property, we need to
3129 3129 # keep compatibility with the code which uses `group_name` field.
3130 3130 result = super(RepoGroup, self).get_dict()
3131 3131 result['group_name'] = result.pop('_group_name', None)
3132 3132 result.pop('_changeset_cache', '')
3133 3133 return result
3134 3134
3135 3135
3136 3136 class Permission(Base, BaseModel):
3137 3137 __tablename__ = 'permissions'
3138 3138 __table_args__ = (
3139 3139 Index('p_perm_name_idx', 'permission_name'),
3140 3140 base_table_args,
3141 3141 )
3142 3142
3143 3143 PERMS = [
3144 3144 ('hg.admin', _('RhodeCode Super Administrator')),
3145 3145
3146 3146 ('repository.none', _('Repository no access')),
3147 3147 ('repository.read', _('Repository read access')),
3148 3148 ('repository.write', _('Repository write access')),
3149 3149 ('repository.admin', _('Repository admin access')),
3150 3150
3151 3151 ('group.none', _('Repository group no access')),
3152 3152 ('group.read', _('Repository group read access')),
3153 3153 ('group.write', _('Repository group write access')),
3154 3154 ('group.admin', _('Repository group admin access')),
3155 3155
3156 3156 ('usergroup.none', _('User group no access')),
3157 3157 ('usergroup.read', _('User group read access')),
3158 3158 ('usergroup.write', _('User group write access')),
3159 3159 ('usergroup.admin', _('User group admin access')),
3160 3160
3161 3161 ('branch.none', _('Branch no permissions')),
3162 3162 ('branch.merge', _('Branch access by web merge')),
3163 3163 ('branch.push', _('Branch access by push')),
3164 3164 ('branch.push_force', _('Branch access by push with force')),
3165 3165
3166 3166 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
3167 3167 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
3168 3168
3169 3169 ('hg.usergroup.create.false', _('User Group creation disabled')),
3170 3170 ('hg.usergroup.create.true', _('User Group creation enabled')),
3171 3171
3172 3172 ('hg.create.none', _('Repository creation disabled')),
3173 3173 ('hg.create.repository', _('Repository creation enabled')),
3174 3174 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
3175 3175 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
3176 3176
3177 3177 ('hg.fork.none', _('Repository forking disabled')),
3178 3178 ('hg.fork.repository', _('Repository forking enabled')),
3179 3179
3180 3180 ('hg.register.none', _('Registration disabled')),
3181 3181 ('hg.register.manual_activate', _('User Registration with manual account activation')),
3182 3182 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
3183 3183
3184 3184 ('hg.password_reset.enabled', _('Password reset enabled')),
3185 3185 ('hg.password_reset.hidden', _('Password reset hidden')),
3186 3186 ('hg.password_reset.disabled', _('Password reset disabled')),
3187 3187
3188 3188 ('hg.extern_activate.manual', _('Manual activation of external account')),
3189 3189 ('hg.extern_activate.auto', _('Automatic activation of external account')),
3190 3190
3191 3191 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
3192 3192 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
3193 3193 ]
3194 3194
3195 3195 # definition of system default permissions for DEFAULT user, created on
3196 3196 # system setup
3197 3197 DEFAULT_USER_PERMISSIONS = [
3198 3198 # object perms
3199 3199 'repository.read',
3200 3200 'group.read',
3201 3201 'usergroup.read',
3202 3202 # branch, for backward compat we need same value as before so forced pushed
3203 3203 'branch.push_force',
3204 3204 # global
3205 3205 'hg.create.repository',
3206 3206 'hg.repogroup.create.false',
3207 3207 'hg.usergroup.create.false',
3208 3208 'hg.create.write_on_repogroup.true',
3209 3209 'hg.fork.repository',
3210 3210 'hg.register.manual_activate',
3211 3211 'hg.password_reset.enabled',
3212 3212 'hg.extern_activate.auto',
3213 3213 'hg.inherit_default_perms.true',
3214 3214 ]
3215 3215
3216 3216 # defines which permissions are more important higher the more important
3217 3217 # Weight defines which permissions are more important.
3218 3218 # The higher number the more important.
3219 3219 PERM_WEIGHTS = {
3220 3220 'repository.none': 0,
3221 3221 'repository.read': 1,
3222 3222 'repository.write': 3,
3223 3223 'repository.admin': 4,
3224 3224
3225 3225 'group.none': 0,
3226 3226 'group.read': 1,
3227 3227 'group.write': 3,
3228 3228 'group.admin': 4,
3229 3229
3230 3230 'usergroup.none': 0,
3231 3231 'usergroup.read': 1,
3232 3232 'usergroup.write': 3,
3233 3233 'usergroup.admin': 4,
3234 3234
3235 3235 'branch.none': 0,
3236 3236 'branch.merge': 1,
3237 3237 'branch.push': 3,
3238 3238 'branch.push_force': 4,
3239 3239
3240 3240 'hg.repogroup.create.false': 0,
3241 3241 'hg.repogroup.create.true': 1,
3242 3242
3243 3243 'hg.usergroup.create.false': 0,
3244 3244 'hg.usergroup.create.true': 1,
3245 3245
3246 3246 'hg.fork.none': 0,
3247 3247 'hg.fork.repository': 1,
3248 3248 'hg.create.none': 0,
3249 3249 'hg.create.repository': 1
3250 3250 }
3251 3251
3252 3252 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3253 3253 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
3254 3254 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
3255 3255
3256 3256 def __repr__(self):
3257 3257 return "<%s('%s:%s')>" % (
3258 3258 self.cls_name, self.permission_id, self.permission_name
3259 3259 )
3260 3260
3261 3261 @classmethod
3262 3262 def get_by_key(cls, key):
3263 3263 return cls.query().filter(cls.permission_name == key).scalar()
3264 3264
3265 3265 @classmethod
3266 3266 def get_default_repo_perms(cls, user_id, repo_id=None):
3267 3267 q = Session().query(UserRepoToPerm, Repository, Permission)\
3268 3268 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
3269 3269 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
3270 3270 .filter(UserRepoToPerm.user_id == user_id)
3271 3271 if repo_id:
3272 3272 q = q.filter(UserRepoToPerm.repository_id == repo_id)
3273 3273 return q.all()
3274 3274
3275 3275 @classmethod
3276 3276 def get_default_repo_branch_perms(cls, user_id, repo_id=None):
3277 3277 q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \
3278 3278 .join(
3279 3279 Permission,
3280 3280 UserToRepoBranchPermission.permission_id == Permission.permission_id) \
3281 3281 .join(
3282 3282 UserRepoToPerm,
3283 3283 UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \
3284 3284 .filter(UserRepoToPerm.user_id == user_id)
3285 3285
3286 3286 if repo_id:
3287 3287 q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)
3288 3288 return q.order_by(UserToRepoBranchPermission.rule_order).all()
3289 3289
3290 3290 @classmethod
3291 3291 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
3292 3292 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
3293 3293 .join(
3294 3294 Permission,
3295 3295 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
3296 3296 .join(
3297 3297 Repository,
3298 3298 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
3299 3299 .join(
3300 3300 UserGroup,
3301 3301 UserGroupRepoToPerm.users_group_id ==
3302 3302 UserGroup.users_group_id)\
3303 3303 .join(
3304 3304 UserGroupMember,
3305 3305 UserGroupRepoToPerm.users_group_id ==
3306 3306 UserGroupMember.users_group_id)\
3307 3307 .filter(
3308 3308 UserGroupMember.user_id == user_id,
3309 3309 UserGroup.users_group_active == true())
3310 3310 if repo_id:
3311 3311 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
3312 3312 return q.all()
3313 3313
3314 3314 @classmethod
3315 3315 def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):
3316 3316 q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \
3317 3317 .join(
3318 3318 Permission,
3319 3319 UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \
3320 3320 .join(
3321 3321 UserGroupRepoToPerm,
3322 3322 UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \
3323 3323 .join(
3324 3324 UserGroup,
3325 3325 UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \
3326 3326 .join(
3327 3327 UserGroupMember,
3328 3328 UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \
3329 3329 .filter(
3330 3330 UserGroupMember.user_id == user_id,
3331 3331 UserGroup.users_group_active == true())
3332 3332
3333 3333 if repo_id:
3334 3334 q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)
3335 3335 return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()
3336 3336
3337 3337 @classmethod
3338 3338 def get_default_group_perms(cls, user_id, repo_group_id=None):
3339 3339 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
3340 3340 .join(
3341 3341 Permission,
3342 3342 UserRepoGroupToPerm.permission_id == Permission.permission_id)\
3343 3343 .join(
3344 3344 RepoGroup,
3345 3345 UserRepoGroupToPerm.group_id == RepoGroup.group_id)\
3346 3346 .filter(UserRepoGroupToPerm.user_id == user_id)
3347 3347 if repo_group_id:
3348 3348 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
3349 3349 return q.all()
3350 3350
3351 3351 @classmethod
3352 3352 def get_default_group_perms_from_user_group(
3353 3353 cls, user_id, repo_group_id=None):
3354 3354 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
3355 3355 .join(
3356 3356 Permission,
3357 3357 UserGroupRepoGroupToPerm.permission_id ==
3358 3358 Permission.permission_id)\
3359 3359 .join(
3360 3360 RepoGroup,
3361 3361 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
3362 3362 .join(
3363 3363 UserGroup,
3364 3364 UserGroupRepoGroupToPerm.users_group_id ==
3365 3365 UserGroup.users_group_id)\
3366 3366 .join(
3367 3367 UserGroupMember,
3368 3368 UserGroupRepoGroupToPerm.users_group_id ==
3369 3369 UserGroupMember.users_group_id)\
3370 3370 .filter(
3371 3371 UserGroupMember.user_id == user_id,
3372 3372 UserGroup.users_group_active == true())
3373 3373 if repo_group_id:
3374 3374 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
3375 3375 return q.all()
3376 3376
3377 3377 @classmethod
3378 3378 def get_default_user_group_perms(cls, user_id, user_group_id=None):
3379 3379 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
3380 3380 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
3381 3381 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
3382 3382 .filter(UserUserGroupToPerm.user_id == user_id)
3383 3383 if user_group_id:
3384 3384 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
3385 3385 return q.all()
3386 3386
3387 3387 @classmethod
3388 3388 def get_default_user_group_perms_from_user_group(
3389 3389 cls, user_id, user_group_id=None):
3390 3390 TargetUserGroup = aliased(UserGroup, name='target_user_group')
3391 3391 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
3392 3392 .join(
3393 3393 Permission,
3394 3394 UserGroupUserGroupToPerm.permission_id ==
3395 3395 Permission.permission_id)\
3396 3396 .join(
3397 3397 TargetUserGroup,
3398 3398 UserGroupUserGroupToPerm.target_user_group_id ==
3399 3399 TargetUserGroup.users_group_id)\
3400 3400 .join(
3401 3401 UserGroup,
3402 3402 UserGroupUserGroupToPerm.user_group_id ==
3403 3403 UserGroup.users_group_id)\
3404 3404 .join(
3405 3405 UserGroupMember,
3406 3406 UserGroupUserGroupToPerm.user_group_id ==
3407 3407 UserGroupMember.users_group_id)\
3408 3408 .filter(
3409 3409 UserGroupMember.user_id == user_id,
3410 3410 UserGroup.users_group_active == true())
3411 3411 if user_group_id:
3412 3412 q = q.filter(
3413 3413 UserGroupUserGroupToPerm.user_group_id == user_group_id)
3414 3414
3415 3415 return q.all()
3416 3416
3417 3417
3418 3418 class UserRepoToPerm(Base, BaseModel):
3419 3419 __tablename__ = 'repo_to_perm'
3420 3420 __table_args__ = (
3421 3421 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
3422 3422 base_table_args
3423 3423 )
3424 3424
3425 3425 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3426 3426 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3427 3427 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3428 3428 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3429 3429
3430 3430 user = relationship('User', back_populates="repo_to_perm")
3431 3431 repository = relationship('Repository', back_populates="repo_to_perm")
3432 3432 permission = relationship('Permission')
3433 3433
3434 3434 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete-orphan", lazy='joined', back_populates='user_repo_to_perm')
3435 3435
3436 3436 @classmethod
3437 3437 def create(cls, user, repository, permission):
3438 3438 n = cls()
3439 3439 n.user = user
3440 3440 n.repository = repository
3441 3441 n.permission = permission
3442 3442 Session().add(n)
3443 3443 return n
3444 3444
3445 3445 def __repr__(self):
3446 3446 return f'<{self.user} => {self.repository} >'
3447 3447
3448 3448
3449 3449 class UserUserGroupToPerm(Base, BaseModel):
3450 3450 __tablename__ = 'user_user_group_to_perm'
3451 3451 __table_args__ = (
3452 3452 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
3453 3453 base_table_args
3454 3454 )
3455 3455
3456 3456 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3457 3457 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3458 3458 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3459 3459 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3460 3460
3461 3461 user = relationship('User', back_populates='user_group_to_perm')
3462 3462 user_group = relationship('UserGroup', back_populates='user_user_group_to_perm')
3463 3463 permission = relationship('Permission')
3464 3464
3465 3465 @classmethod
3466 3466 def create(cls, user, user_group, permission):
3467 3467 n = cls()
3468 3468 n.user = user
3469 3469 n.user_group = user_group
3470 3470 n.permission = permission
3471 3471 Session().add(n)
3472 3472 return n
3473 3473
3474 3474 def __repr__(self):
3475 3475 return f'<{self.user} => {self.user_group} >'
3476 3476
3477 3477
3478 3478 class UserToPerm(Base, BaseModel):
3479 3479 __tablename__ = 'user_to_perm'
3480 3480 __table_args__ = (
3481 3481 UniqueConstraint('user_id', 'permission_id'),
3482 3482 base_table_args
3483 3483 )
3484 3484
3485 3485 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3486 3486 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3487 3487 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3488 3488
3489 3489 user = relationship('User', back_populates='user_perms')
3490 3490 permission = relationship('Permission', lazy='joined')
3491 3491
3492 3492 def __repr__(self):
3493 3493 return f'<{self.user} => {self.permission} >'
3494 3494
3495 3495
3496 3496 class UserGroupRepoToPerm(Base, BaseModel):
3497 3497 __tablename__ = 'users_group_repo_to_perm'
3498 3498 __table_args__ = (
3499 3499 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
3500 3500 base_table_args
3501 3501 )
3502 3502
3503 3503 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3504 3504 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3505 3505 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3506 3506 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3507 3507
3508 3508 users_group = relationship('UserGroup', back_populates='users_group_repo_to_perm')
3509 3509 permission = relationship('Permission')
3510 3510 repository = relationship('Repository', back_populates='users_group_to_perm')
3511 3511 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission', cascade='all', back_populates='user_group_repo_to_perm')
3512 3512
3513 3513 @classmethod
3514 3514 def create(cls, users_group, repository, permission):
3515 3515 n = cls()
3516 3516 n.users_group = users_group
3517 3517 n.repository = repository
3518 3518 n.permission = permission
3519 3519 Session().add(n)
3520 3520 return n
3521 3521
3522 3522 def __repr__(self):
3523 3523 return f'<UserGroupRepoToPerm:{self.users_group} => {self.repository} >'
3524 3524
3525 3525
3526 3526 class UserGroupUserGroupToPerm(Base, BaseModel):
3527 3527 __tablename__ = 'user_group_user_group_to_perm'
3528 3528 __table_args__ = (
3529 3529 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
3530 3530 CheckConstraint('target_user_group_id != user_group_id'),
3531 3531 base_table_args
3532 3532 )
3533 3533
3534 3534 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3535 3535 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3536 3536 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3537 3537 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3538 3538
3539 3539 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id', back_populates='user_group_user_group_to_perm')
3540 3540 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3541 3541 permission = relationship('Permission')
3542 3542
3543 3543 @classmethod
3544 3544 def create(cls, target_user_group, user_group, permission):
3545 3545 n = cls()
3546 3546 n.target_user_group = target_user_group
3547 3547 n.user_group = user_group
3548 3548 n.permission = permission
3549 3549 Session().add(n)
3550 3550 return n
3551 3551
3552 3552 def __repr__(self):
3553 3553 return f'<UserGroupUserGroup:{self.target_user_group} => {self.user_group} >'
3554 3554
3555 3555
3556 3556 class UserGroupToPerm(Base, BaseModel):
3557 3557 __tablename__ = 'users_group_to_perm'
3558 3558 __table_args__ = (
3559 3559 UniqueConstraint('users_group_id', 'permission_id',),
3560 3560 base_table_args
3561 3561 )
3562 3562
3563 3563 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3564 3564 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3565 3565 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3566 3566
3567 3567 users_group = relationship('UserGroup', back_populates='users_group_to_perm')
3568 3568 permission = relationship('Permission')
3569 3569
3570 3570
3571 3571 class UserRepoGroupToPerm(Base, BaseModel):
3572 3572 __tablename__ = 'user_repo_group_to_perm'
3573 3573 __table_args__ = (
3574 3574 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3575 3575 base_table_args
3576 3576 )
3577 3577
3578 3578 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3579 3579 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3580 3580 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3581 3581 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3582 3582
3583 3583 user = relationship('User', back_populates='repo_group_to_perm')
3584 3584 group = relationship('RepoGroup', back_populates='repo_group_to_perm')
3585 3585 permission = relationship('Permission')
3586 3586
3587 3587 @classmethod
3588 3588 def create(cls, user, repository_group, permission):
3589 3589 n = cls()
3590 3590 n.user = user
3591 3591 n.group = repository_group
3592 3592 n.permission = permission
3593 3593 Session().add(n)
3594 3594 return n
3595 3595
3596 3596
3597 3597 class UserGroupRepoGroupToPerm(Base, BaseModel):
3598 3598 __tablename__ = 'users_group_repo_group_to_perm'
3599 3599 __table_args__ = (
3600 3600 UniqueConstraint('users_group_id', 'group_id'),
3601 3601 base_table_args
3602 3602 )
3603 3603
3604 3604 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3605 3605 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3606 3606 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3607 3607 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3608 3608
3609 3609 users_group = relationship('UserGroup', back_populates='users_group_repo_group_to_perm')
3610 3610 permission = relationship('Permission')
3611 3611 group = relationship('RepoGroup', back_populates='users_group_to_perm')
3612 3612
3613 3613 @classmethod
3614 3614 def create(cls, user_group, repository_group, permission):
3615 3615 n = cls()
3616 3616 n.users_group = user_group
3617 3617 n.group = repository_group
3618 3618 n.permission = permission
3619 3619 Session().add(n)
3620 3620 return n
3621 3621
3622 3622 def __repr__(self):
3623 3623 return '<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3624 3624
3625 3625
3626 3626 class Statistics(Base, BaseModel):
3627 3627 __tablename__ = 'statistics'
3628 3628 __table_args__ = (
3629 3629 base_table_args
3630 3630 )
3631 3631
3632 3632 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3633 3633 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3634 3634 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3635 3635 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False) #JSON data
3636 3636 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False) #JSON data
3637 3637 languages = Column("languages", LargeBinary(1000000), nullable=False) #JSON data
3638 3638
3639 3639 repository = relationship('Repository', single_parent=True, viewonly=True)
3640 3640
3641 3641
3642 3642 class UserFollowing(Base, BaseModel):
3643 3643 __tablename__ = 'user_followings'
3644 3644 __table_args__ = (
3645 3645 UniqueConstraint('user_id', 'follows_repository_id'),
3646 3646 UniqueConstraint('user_id', 'follows_user_id'),
3647 3647 base_table_args
3648 3648 )
3649 3649
3650 3650 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3651 3651 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3652 3652 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3653 3653 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3654 3654 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3655 3655
3656 3656 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id', back_populates='followings')
3657 3657
3658 3658 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3659 3659 follows_repository = relationship('Repository', order_by='Repository.repo_name', back_populates='followers')
3660 3660
3661 3661 @classmethod
3662 3662 def get_repo_followers(cls, repo_id):
3663 3663 return cls.query().filter(cls.follows_repo_id == repo_id)
3664 3664
3665 3665
3666 3666 class CacheKey(Base, BaseModel):
3667 3667 __tablename__ = 'cache_invalidation'
3668 3668 __table_args__ = (
3669 3669 UniqueConstraint('cache_key'),
3670 3670 Index('key_idx', 'cache_key'),
3671 3671 Index('cache_args_idx', 'cache_args'),
3672 3672 base_table_args,
3673 3673 )
3674 3674
3675 3675 CACHE_TYPE_FEED = 'FEED'
3676 3676
3677 3677 # namespaces used to register process/thread aware caches
3678 3678 REPO_INVALIDATION_NAMESPACE = 'repo_cache.v1:{repo_id}'
3679 3679
3680 3680 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3681 3681 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3682 3682 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3683 3683 cache_state_uid = Column("cache_state_uid", String(255), nullable=True, unique=None, default=None)
3684 3684 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3685 3685
3686 3686 def __init__(self, cache_key, cache_args='', cache_state_uid=None):
3687 3687 self.cache_key = cache_key
3688 3688 self.cache_args = cache_args
3689 3689 self.cache_active = False
3690 3690 # first key should be same for all entries, since all workers should share it
3691 3691 self.cache_state_uid = cache_state_uid or self.generate_new_state_uid()
3692 3692
3693 3693 def __repr__(self):
3694 3694 return "<%s('%s:%s[%s]')>" % (
3695 3695 self.cls_name,
3696 3696 self.cache_id, self.cache_key, self.cache_active)
3697 3697
3698 3698 def _cache_key_partition(self):
3699 3699 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3700 3700 return prefix, repo_name, suffix
3701 3701
3702 3702 def get_prefix(self):
3703 3703 """
3704 3704 Try to extract prefix from existing cache key. The key could consist
3705 3705 of prefix, repo_name, suffix
3706 3706 """
3707 3707 # this returns prefix, repo_name, suffix
3708 3708 return self._cache_key_partition()[0]
3709 3709
3710 3710 def get_suffix(self):
3711 3711 """
3712 3712 get suffix that might have been used in _get_cache_key to
3713 3713 generate self.cache_key. Only used for informational purposes
3714 3714 in repo_edit.mako.
3715 3715 """
3716 3716 # prefix, repo_name, suffix
3717 3717 return self._cache_key_partition()[2]
3718 3718
3719 3719 @classmethod
3720 3720 def generate_new_state_uid(cls, based_on=None):
3721 3721 if based_on:
3722 3722 return str(uuid.uuid5(uuid.NAMESPACE_URL, safe_str(based_on)))
3723 3723 else:
3724 3724 return str(uuid.uuid4())
3725 3725
3726 3726 @classmethod
3727 3727 def delete_all_cache(cls):
3728 3728 """
3729 3729 Delete all cache keys from database.
3730 3730 Should only be run when all instances are down and all entries
3731 3731 thus stale.
3732 3732 """
3733 3733 cls.query().delete()
3734 3734 Session().commit()
3735 3735
3736 3736 @classmethod
3737 3737 def set_invalidate(cls, cache_uid, delete=False):
3738 3738 """
3739 3739 Mark all caches of a repo as invalid in the database.
3740 3740 """
3741 3741
3742 3742 try:
3743 3743 qry = Session().query(cls).filter(cls.cache_args == cache_uid)
3744 3744 if delete:
3745 3745 qry.delete()
3746 3746 log.debug('cache objects deleted for cache args %s',
3747 3747 safe_str(cache_uid))
3748 3748 else:
3749 3749 qry.update({"cache_active": False,
3750 3750 "cache_state_uid": cls.generate_new_state_uid()})
3751 3751 log.debug('cache objects marked as invalid for cache args %s',
3752 3752 safe_str(cache_uid))
3753 3753
3754 3754 Session().commit()
3755 3755 except Exception:
3756 3756 log.exception(
3757 3757 'Cache key invalidation failed for cache args %s',
3758 3758 safe_str(cache_uid))
3759 3759 Session().rollback()
3760 3760
3761 3761 @classmethod
3762 3762 def get_active_cache(cls, cache_key):
3763 3763 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3764 3764 if inv_obj:
3765 3765 return inv_obj
3766 3766 return None
3767 3767
3768 3768 @classmethod
3769 3769 def get_namespace_map(cls, namespace):
3770 3770 return {
3771 3771 x.cache_key: x
3772 3772 for x in cls.query().filter(cls.cache_args == namespace)}
3773 3773
3774 3774
3775 3775 class ChangesetComment(Base, BaseModel):
3776 3776 __tablename__ = 'changeset_comments'
3777 3777 __table_args__ = (
3778 3778 Index('cc_revision_idx', 'revision'),
3779 3779 base_table_args,
3780 3780 )
3781 3781
3782 3782 COMMENT_OUTDATED = 'comment_outdated'
3783 3783 COMMENT_TYPE_NOTE = 'note'
3784 3784 COMMENT_TYPE_TODO = 'todo'
3785 3785 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3786 3786
3787 3787 OP_IMMUTABLE = 'immutable'
3788 3788 OP_CHANGEABLE = 'changeable'
3789 3789
3790 3790 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3791 3791 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3792 3792 revision = Column('revision', String(40), nullable=True)
3793 3793 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3794 3794 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3795 3795 line_no = Column('line_no', Unicode(10), nullable=True)
3796 3796 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3797 3797 f_path = Column('f_path', Unicode(1000), nullable=True)
3798 3798 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3799 3799 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3800 3800 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3801 3801 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3802 3802 renderer = Column('renderer', Unicode(64), nullable=True)
3803 3803 display_state = Column('display_state', Unicode(128), nullable=True)
3804 3804 immutable_state = Column('immutable_state', Unicode(128), nullable=True, default=OP_CHANGEABLE)
3805 3805 draft = Column('draft', Boolean(), nullable=True, default=False)
3806 3806
3807 3807 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3808 3808 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3809 3809
3810 3810 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, back_populates='resolved_by')
3811 3811 resolved_by = relationship('ChangesetComment', back_populates='resolved_comment')
3812 3812
3813 3813 author = relationship('User', lazy='select', back_populates='user_comments')
3814 3814 repo = relationship('Repository', back_populates='comments')
3815 3815 status_change = relationship('ChangesetStatus', cascade="all, delete-orphan", lazy='select', back_populates='comment')
3816 3816 pull_request = relationship('PullRequest', lazy='select', back_populates='comments')
3817 3817 pull_request_version = relationship('PullRequestVersion', lazy='select')
3818 3818 history = relationship('ChangesetCommentHistory', cascade='all, delete-orphan', lazy='select', order_by='ChangesetCommentHistory.version', back_populates="comment")
3819 3819
3820 3820 @classmethod
3821 3821 def get_users(cls, revision=None, pull_request_id=None):
3822 3822 """
3823 3823 Returns user associated with this ChangesetComment. ie those
3824 3824 who actually commented
3825 3825
3826 3826 :param cls:
3827 3827 :param revision:
3828 3828 """
3829 3829 q = Session().query(User).join(ChangesetComment.author)
3830 3830 if revision:
3831 3831 q = q.filter(cls.revision == revision)
3832 3832 elif pull_request_id:
3833 3833 q = q.filter(cls.pull_request_id == pull_request_id)
3834 3834 return q.all()
3835 3835
3836 3836 @classmethod
3837 3837 def get_index_from_version(cls, pr_version, versions=None, num_versions=None) -> int:
3838 3838 if pr_version is None:
3839 3839 return 0
3840 3840
3841 3841 if versions is not None:
3842 3842 num_versions = [x.pull_request_version_id for x in versions]
3843 3843
3844 3844 num_versions = num_versions or []
3845 3845 try:
3846 3846 return num_versions.index(pr_version) + 1
3847 3847 except (IndexError, ValueError):
3848 3848 return 0
3849 3849
3850 3850 @property
3851 3851 def outdated(self):
3852 3852 return self.display_state == self.COMMENT_OUTDATED
3853 3853
3854 3854 @property
3855 3855 def outdated_js(self):
3856 3856 return json.dumps(self.display_state == self.COMMENT_OUTDATED)
3857 3857
3858 3858 @property
3859 3859 def immutable(self):
3860 3860 return self.immutable_state == self.OP_IMMUTABLE
3861 3861
3862 3862 def outdated_at_version(self, version):
3863 3863 """
3864 3864 Checks if comment is outdated for given pull request version
3865 3865 """
3866 3866 def version_check():
3867 3867 return self.pull_request_version_id and self.pull_request_version_id != version
3868 3868
3869 3869 if self.is_inline:
3870 3870 return self.outdated and version_check()
3871 3871 else:
3872 3872 # general comments don't have .outdated set, also latest don't have a version
3873 3873 return version_check()
3874 3874
3875 3875 def outdated_at_version_js(self, version):
3876 3876 """
3877 3877 Checks if comment is outdated for given pull request version
3878 3878 """
3879 3879 return json.dumps(self.outdated_at_version(version))
3880 3880
3881 3881 def older_than_version(self, version):
3882 3882 """
3883 3883 Checks if comment is made from previous version than given
3884 3884 """
3885 3885 cur_ver = 0
3886 3886 if self.pull_request_version:
3887 3887 cur_ver = self.pull_request_version.pull_request_version_id or cur_ver
3888 3888
3889 3889 if version is None:
3890 3890 return cur_ver != version
3891 3891
3892 3892 return cur_ver < version
3893 3893
3894 3894 def older_than_version_js(self, version):
3895 3895 """
3896 3896 Checks if comment is made from previous version than given
3897 3897 """
3898 3898 return json.dumps(self.older_than_version(version))
3899 3899
3900 3900 @property
3901 3901 def commit_id(self):
3902 3902 """New style naming to stop using .revision"""
3903 3903 return self.revision
3904 3904
3905 3905 @property
3906 3906 def resolved(self):
3907 3907 return self.resolved_by[0] if self.resolved_by else None
3908 3908
3909 3909 @property
3910 3910 def is_todo(self):
3911 3911 return self.comment_type == self.COMMENT_TYPE_TODO
3912 3912
3913 3913 @property
3914 3914 def is_inline(self):
3915 3915 if self.line_no and self.f_path:
3916 3916 return True
3917 3917 return False
3918 3918
3919 3919 @property
3920 3920 def last_version(self):
3921 3921 version = 0
3922 3922 if self.history:
3923 3923 version = self.history[-1].version
3924 3924 return version
3925 3925
3926 3926 def get_index_version(self, versions):
3927 3927 return self.get_index_from_version(
3928 3928 self.pull_request_version_id, versions)
3929 3929
3930 3930 @property
3931 3931 def review_status(self):
3932 3932 if self.status_change:
3933 3933 return self.status_change[0].status
3934 3934
3935 3935 @property
3936 3936 def review_status_lbl(self):
3937 3937 if self.status_change:
3938 3938 return self.status_change[0].status_lbl
3939 3939
3940 3940 def __repr__(self):
3941 3941 if self.comment_id:
3942 3942 return f'<DB:Comment #{self.comment_id}>'
3943 3943 else:
3944 3944 return f'<DB:Comment at {id(self)!r}>'
3945 3945
3946 3946 def get_api_data(self):
3947 3947 comment = self
3948 3948
3949 3949 data = {
3950 3950 'comment_id': comment.comment_id,
3951 3951 'comment_type': comment.comment_type,
3952 3952 'comment_text': comment.text,
3953 3953 'comment_status': comment.status_change,
3954 3954 'comment_f_path': comment.f_path,
3955 3955 'comment_lineno': comment.line_no,
3956 3956 'comment_author': comment.author,
3957 3957 'comment_created_on': comment.created_on,
3958 3958 'comment_resolved_by': self.resolved,
3959 3959 'comment_commit_id': comment.revision,
3960 3960 'comment_pull_request_id': comment.pull_request_id,
3961 3961 'comment_last_version': self.last_version
3962 3962 }
3963 3963 return data
3964 3964
3965 3965 def __json__(self):
3966 3966 data = dict()
3967 3967 data.update(self.get_api_data())
3968 3968 return data
3969 3969
3970 3970
3971 3971 class ChangesetCommentHistory(Base, BaseModel):
3972 3972 __tablename__ = 'changeset_comments_history'
3973 3973 __table_args__ = (
3974 3974 Index('cch_comment_id_idx', 'comment_id'),
3975 3975 base_table_args,
3976 3976 )
3977 3977
3978 3978 comment_history_id = Column('comment_history_id', Integer(), nullable=False, primary_key=True)
3979 3979 comment_id = Column('comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=False)
3980 3980 version = Column("version", Integer(), nullable=False, default=0)
3981 3981 created_by_user_id = Column('created_by_user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3982 3982 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3983 3983 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3984 3984 deleted = Column('deleted', Boolean(), default=False)
3985 3985
3986 3986 author = relationship('User', lazy='joined')
3987 3987 comment = relationship('ChangesetComment', cascade="all, delete", back_populates="history")
3988 3988
3989 3989 @classmethod
3990 3990 def get_version(cls, comment_id):
3991 3991 q = Session().query(ChangesetCommentHistory).filter(
3992 3992 ChangesetCommentHistory.comment_id == comment_id).order_by(ChangesetCommentHistory.version.desc())
3993 3993 if q.count() == 0:
3994 3994 return 1
3995 3995 elif q.count() >= q[0].version:
3996 3996 return q.count() + 1
3997 3997 else:
3998 3998 return q[0].version + 1
3999 3999
4000 4000
4001 4001 class ChangesetStatus(Base, BaseModel):
4002 4002 __tablename__ = 'changeset_statuses'
4003 4003 __table_args__ = (
4004 4004 Index('cs_revision_idx', 'revision'),
4005 4005 Index('cs_version_idx', 'version'),
4006 4006 UniqueConstraint('repo_id', 'revision', 'version'),
4007 4007 base_table_args
4008 4008 )
4009 4009
4010 4010 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
4011 4011 STATUS_APPROVED = 'approved'
4012 4012 STATUS_REJECTED = 'rejected'
4013 4013 STATUS_UNDER_REVIEW = 'under_review'
4014 4014
4015 4015 STATUSES = [
4016 4016 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
4017 4017 (STATUS_APPROVED, _("Approved")),
4018 4018 (STATUS_REJECTED, _("Rejected")),
4019 4019 (STATUS_UNDER_REVIEW, _("Under Review")),
4020 4020 ]
4021 4021
4022 4022 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
4023 4023 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
4024 4024 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
4025 4025 revision = Column('revision', String(40), nullable=False)
4026 4026 status = Column('status', String(128), nullable=False, default=DEFAULT)
4027 4027 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
4028 4028 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
4029 4029 version = Column('version', Integer(), nullable=False, default=0)
4030 4030 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
4031 4031
4032 4032 author = relationship('User', lazy='select')
4033 4033 repo = relationship('Repository', lazy='select')
4034 4034 comment = relationship('ChangesetComment', lazy='select', back_populates='status_change')
4035 4035 pull_request = relationship('PullRequest', lazy='select', back_populates='statuses')
4036 4036
4037 4037 def __repr__(self):
4038 4038 return f"<{self.cls_name}('{self.status}[v{self.version}]:{self.author}')>"
4039 4039
4040 4040 @classmethod
4041 4041 def get_status_lbl(cls, value):
4042 4042 return dict(cls.STATUSES).get(value)
4043 4043
4044 4044 @property
4045 4045 def status_lbl(self):
4046 4046 return ChangesetStatus.get_status_lbl(self.status)
4047 4047
4048 4048 def get_api_data(self):
4049 4049 status = self
4050 4050 data = {
4051 4051 'status_id': status.changeset_status_id,
4052 4052 'status': status.status,
4053 4053 }
4054 4054 return data
4055 4055
4056 4056 def __json__(self):
4057 4057 data = dict()
4058 4058 data.update(self.get_api_data())
4059 4059 return data
4060 4060
4061 4061
4062 4062 class _SetState(object):
4063 4063 """
4064 4064 Context processor allowing changing state for sensitive operation such as
4065 4065 pull request update or merge
4066 4066 """
4067 4067
4068 4068 def __init__(self, pull_request, pr_state, back_state=None):
4069 4069 self._pr = pull_request
4070 4070 self._org_state = back_state or pull_request.pull_request_state
4071 4071 self._pr_state = pr_state
4072 4072 self._current_state = None
4073 4073
4074 4074 def __enter__(self):
4075 4075 log.debug('StateLock: entering set state context of pr %s, setting state to: `%s`',
4076 4076 self._pr, self._pr_state)
4077 4077 self.set_pr_state(self._pr_state)
4078 4078 return self
4079 4079
4080 4080 def __exit__(self, exc_type, exc_val, exc_tb):
4081 4081 if exc_val is not None or exc_type is not None:
4082 4082 log.error(traceback.format_tb(exc_tb))
4083 4083 return None
4084 4084
4085 4085 self.set_pr_state(self._org_state)
4086 4086 log.debug('StateLock: exiting set state context of pr %s, setting state to: `%s`',
4087 4087 self._pr, self._org_state)
4088 4088
4089 4089 @property
4090 4090 def state(self):
4091 4091 return self._current_state
4092 4092
4093 4093 def set_pr_state(self, pr_state):
4094 4094 try:
4095 4095 self._pr.pull_request_state = pr_state
4096 4096 Session().add(self._pr)
4097 4097 Session().commit()
4098 4098 self._current_state = pr_state
4099 4099 except Exception:
4100 4100 log.exception('Failed to set PullRequest %s state to %s', self._pr, pr_state)
4101 4101 raise
4102 4102
4103 4103
4104 4104 class _PullRequestBase(BaseModel):
4105 4105 """
4106 4106 Common attributes of pull request and version entries.
4107 4107 """
4108 4108
4109 4109 # .status values
4110 4110 STATUS_NEW = 'new'
4111 4111 STATUS_OPEN = 'open'
4112 4112 STATUS_CLOSED = 'closed'
4113 4113
4114 4114 # available states
4115 4115 STATE_CREATING = 'creating'
4116 4116 STATE_UPDATING = 'updating'
4117 4117 STATE_MERGING = 'merging'
4118 4118 STATE_CREATED = 'created'
4119 4119
4120 4120 title = Column('title', Unicode(255), nullable=True)
4121 4121 description = Column(
4122 4122 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
4123 4123 nullable=True)
4124 4124 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
4125 4125
4126 4126 # new/open/closed status of pull request (not approve/reject/etc)
4127 4127 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
4128 4128 created_on = Column(
4129 4129 'created_on', DateTime(timezone=False), nullable=False,
4130 4130 default=datetime.datetime.now)
4131 4131 updated_on = Column(
4132 4132 'updated_on', DateTime(timezone=False), nullable=False,
4133 4133 default=datetime.datetime.now)
4134 4134
4135 4135 pull_request_state = Column("pull_request_state", String(255), nullable=True)
4136 4136
4137 4137 @declared_attr
4138 4138 def user_id(cls):
4139 4139 return Column(
4140 4140 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
4141 4141 unique=None)
4142 4142
4143 4143 # 500 revisions max
4144 4144 _revisions = Column(
4145 4145 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
4146 4146
4147 4147 common_ancestor_id = Column('common_ancestor_id', Unicode(255), nullable=True)
4148 4148
4149 4149 @declared_attr
4150 4150 def source_repo_id(cls):
4151 4151 # TODO: dan: rename column to source_repo_id
4152 4152 return Column(
4153 4153 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
4154 4154 nullable=False)
4155 4155
4156 4156 @declared_attr
4157 4157 def pr_source(cls):
4158 4158 return relationship(
4159 4159 'Repository',
4160 4160 primaryjoin=f'{cls.__name__}.source_repo_id==Repository.repo_id',
4161 4161 overlaps="pull_requests_source"
4162 4162 )
4163 4163
4164 4164 _source_ref = Column('org_ref', Unicode(255), nullable=False)
4165 4165
4166 4166 @hybrid_property
4167 4167 def source_ref(self):
4168 4168 return self._source_ref
4169 4169
4170 4170 @source_ref.setter
4171 4171 def source_ref(self, val):
4172 4172 parts = (val or '').split(':')
4173 4173 if len(parts) != 3:
4174 4174 raise ValueError(
4175 4175 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
4176 4176 self._source_ref = safe_str(val)
4177 4177
4178 4178 _target_ref = Column('other_ref', Unicode(255), nullable=False)
4179 4179
4180 4180 @hybrid_property
4181 4181 def target_ref(self):
4182 4182 return self._target_ref
4183 4183
4184 4184 @target_ref.setter
4185 4185 def target_ref(self, val):
4186 4186 parts = (val or '').split(':')
4187 4187 if len(parts) != 3:
4188 4188 raise ValueError(
4189 4189 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
4190 4190 self._target_ref = safe_str(val)
4191 4191
4192 4192 @declared_attr
4193 4193 def target_repo_id(cls):
4194 4194 # TODO: dan: rename column to target_repo_id
4195 4195 return Column(
4196 4196 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
4197 4197 nullable=False)
4198 4198
4199 4199 @declared_attr
4200 4200 def pr_target(cls):
4201 4201 return relationship(
4202 4202 'Repository',
4203 4203 primaryjoin=f'{cls.__name__}.target_repo_id==Repository.repo_id',
4204 4204 overlaps="pull_requests_target"
4205 4205 )
4206 4206
4207 4207 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
4208 4208
4209 4209 # TODO: dan: rename column to last_merge_source_rev
4210 4210 _last_merge_source_rev = Column(
4211 4211 'last_merge_org_rev', String(40), nullable=True)
4212 4212 # TODO: dan: rename column to last_merge_target_rev
4213 4213 _last_merge_target_rev = Column(
4214 4214 'last_merge_other_rev', String(40), nullable=True)
4215 4215 _last_merge_status = Column('merge_status', Integer(), nullable=True)
4216 4216 last_merge_metadata = Column(
4217 4217 'last_merge_metadata', MutationObj.as_mutable(
4218 4218 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4219 4219
4220 4220 merge_rev = Column('merge_rev', String(40), nullable=True)
4221 4221
4222 4222 reviewer_data = Column(
4223 4223 'reviewer_data_json', MutationObj.as_mutable(
4224 4224 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4225 4225
4226 4226 @property
4227 4227 def reviewer_data_json(self):
4228 4228 return json.dumps(self.reviewer_data)
4229 4229
4230 4230 @property
4231 4231 def last_merge_metadata_parsed(self):
4232 4232 metadata = {}
4233 4233 if not self.last_merge_metadata:
4234 4234 return metadata
4235 4235
4236 4236 if hasattr(self.last_merge_metadata, 'de_coerce'):
4237 4237 for k, v in self.last_merge_metadata.de_coerce().items():
4238 4238 if k in ['target_ref', 'source_ref']:
4239 4239 metadata[k] = Reference(v['type'], v['name'], v['commit_id'])
4240 4240 else:
4241 4241 if hasattr(v, 'de_coerce'):
4242 4242 metadata[k] = v.de_coerce()
4243 4243 else:
4244 4244 metadata[k] = v
4245 4245 return metadata
4246 4246
4247 4247 @property
4248 4248 def work_in_progress(self):
4249 4249 """checks if pull request is work in progress by checking the title"""
4250 4250 title = self.title.upper()
4251 4251 if re.match(r'^(\[WIP\]\s*|WIP:\s*|WIP\s+)', title):
4252 4252 return True
4253 4253 return False
4254 4254
4255 4255 @property
4256 4256 def title_safe(self):
4257 4257 return self.title\
4258 4258 .replace('{', '{{')\
4259 4259 .replace('}', '}}')
4260 4260
4261 4261 @hybrid_property
4262 4262 def description_safe(self):
4263 4263 from rhodecode.lib import helpers as h
4264 4264 return h.escape(self.description)
4265 4265
4266 4266 @hybrid_property
4267 4267 def revisions(self):
4268 4268 return self._revisions.split(':') if self._revisions else []
4269 4269
4270 4270 @revisions.setter
4271 4271 def revisions(self, val):
4272 4272 self._revisions = ':'.join(val)
4273 4273
4274 4274 @hybrid_property
4275 4275 def last_merge_status(self):
4276 4276 return safe_int(self._last_merge_status)
4277 4277
4278 4278 @last_merge_status.setter
4279 4279 def last_merge_status(self, val):
4280 4280 self._last_merge_status = val
4281 4281
4282 4282 @declared_attr
4283 4283 def author(cls):
4284 4284 return relationship(
4285 4285 'User', lazy='joined',
4286 4286 #TODO, problem that is somehow :?
4287 4287 #back_populates='user_pull_requests'
4288 4288 )
4289 4289
4290 4290 @declared_attr
4291 4291 def source_repo(cls):
4292 4292 return relationship(
4293 4293 'Repository',
4294 4294 primaryjoin=f'{cls.__name__}.source_repo_id==Repository.repo_id',
4295 4295 #back_populates=''
4296 4296 )
4297 4297
4298 4298 @property
4299 4299 def source_ref_parts(self):
4300 4300 return self.unicode_to_reference(self.source_ref)
4301 4301
4302 4302 @declared_attr
4303 4303 def target_repo(cls):
4304 4304 return relationship(
4305 4305 'Repository',
4306 4306 primaryjoin=f'{cls.__name__}.target_repo_id==Repository.repo_id'
4307 4307 )
4308 4308
4309 4309 @property
4310 4310 def target_ref_parts(self):
4311 4311 return self.unicode_to_reference(self.target_ref)
4312 4312
4313 4313 @property
4314 4314 def shadow_merge_ref(self):
4315 4315 return self.unicode_to_reference(self._shadow_merge_ref)
4316 4316
4317 4317 @shadow_merge_ref.setter
4318 4318 def shadow_merge_ref(self, ref):
4319 4319 self._shadow_merge_ref = self.reference_to_unicode(ref)
4320 4320
4321 4321 @staticmethod
4322 4322 def unicode_to_reference(raw):
4323 4323 return unicode_to_reference(raw)
4324 4324
4325 4325 @staticmethod
4326 4326 def reference_to_unicode(ref):
4327 4327 return reference_to_unicode(ref)
4328 4328
4329 4329 def get_api_data(self, with_merge_state=True):
4330 4330 from rhodecode.model.pull_request import PullRequestModel
4331 4331
4332 4332 pull_request = self
4333 4333 if with_merge_state:
4334 4334 merge_response, merge_status, msg = \
4335 4335 PullRequestModel().merge_status(pull_request)
4336 4336 merge_state = {
4337 4337 'status': merge_status,
4338 4338 'message': safe_str(msg),
4339 4339 }
4340 4340 else:
4341 4341 merge_state = {'status': 'not_available',
4342 4342 'message': 'not_available'}
4343 4343
4344 4344 merge_data = {
4345 4345 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
4346 4346 'reference': (
4347 4347 pull_request.shadow_merge_ref.asdict()
4348 4348 if pull_request.shadow_merge_ref else None),
4349 4349 }
4350 4350
4351 4351 data = {
4352 4352 'pull_request_id': pull_request.pull_request_id,
4353 4353 'url': PullRequestModel().get_url(pull_request),
4354 4354 'title': pull_request.title,
4355 4355 'description': pull_request.description,
4356 4356 'status': pull_request.status,
4357 4357 'state': pull_request.pull_request_state,
4358 4358 'created_on': pull_request.created_on,
4359 4359 'updated_on': pull_request.updated_on,
4360 4360 'commit_ids': pull_request.revisions,
4361 4361 'review_status': pull_request.calculated_review_status(),
4362 4362 'mergeable': merge_state,
4363 4363 'source': {
4364 4364 'clone_url': pull_request.source_repo.clone_url(),
4365 4365 'repository': pull_request.source_repo.repo_name,
4366 4366 'reference': {
4367 4367 'name': pull_request.source_ref_parts.name,
4368 4368 'type': pull_request.source_ref_parts.type,
4369 4369 'commit_id': pull_request.source_ref_parts.commit_id,
4370 4370 },
4371 4371 },
4372 4372 'target': {
4373 4373 'clone_url': pull_request.target_repo.clone_url(),
4374 4374 'repository': pull_request.target_repo.repo_name,
4375 4375 'reference': {
4376 4376 'name': pull_request.target_ref_parts.name,
4377 4377 'type': pull_request.target_ref_parts.type,
4378 4378 'commit_id': pull_request.target_ref_parts.commit_id,
4379 4379 },
4380 4380 },
4381 4381 'merge': merge_data,
4382 4382 'author': pull_request.author.get_api_data(include_secrets=False,
4383 4383 details='basic'),
4384 4384 'reviewers': [
4385 4385 {
4386 4386 'user': reviewer.get_api_data(include_secrets=False,
4387 4387 details='basic'),
4388 4388 'reasons': reasons,
4389 4389 'review_status': st[0][1].status if st else 'not_reviewed',
4390 4390 }
4391 4391 for obj, reviewer, reasons, mandatory, st in
4392 4392 pull_request.reviewers_statuses()
4393 4393 ]
4394 4394 }
4395 4395
4396 4396 return data
4397 4397
4398 4398 def set_state(self, pull_request_state, final_state=None):
4399 4399 """
4400 4400 # goes from initial state to updating to initial state.
4401 4401 # initial state can be changed by specifying back_state=
4402 4402 with pull_request_obj.set_state(PullRequest.STATE_UPDATING):
4403 4403 pull_request.merge()
4404 4404
4405 4405 :param pull_request_state:
4406 4406 :param final_state:
4407 4407
4408 4408 """
4409 4409
4410 4410 return _SetState(self, pull_request_state, back_state=final_state)
4411 4411
4412 4412
4413 4413 class PullRequest(Base, _PullRequestBase):
4414 4414 __tablename__ = 'pull_requests'
4415 4415 __table_args__ = (
4416 4416 base_table_args,
4417 4417 )
4418 4418 LATEST_VER = 'latest'
4419 4419
4420 4420 pull_request_id = Column(
4421 4421 'pull_request_id', Integer(), nullable=False, primary_key=True)
4422 4422
4423 4423 def __repr__(self):
4424 4424 if self.pull_request_id:
4425 4425 return f'<DB:PullRequest #{self.pull_request_id}>'
4426 4426 else:
4427 4427 return f'<DB:PullRequest at {id(self)!r}>'
4428 4428
4429 4429 reviewers = relationship('PullRequestReviewers', cascade="all, delete-orphan", back_populates='pull_request')
4430 4430 statuses = relationship('ChangesetStatus', cascade="all, delete-orphan", back_populates='pull_request')
4431 4431 comments = relationship('ChangesetComment', cascade="all, delete-orphan", back_populates='pull_request')
4432 4432 versions = relationship('PullRequestVersion', cascade="all, delete-orphan", lazy='dynamic', back_populates='pull_request')
4433 4433
4434 4434 @classmethod
4435 4435 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
4436 4436 internal_methods=None):
4437 4437
4438 4438 class PullRequestDisplay(object):
4439 4439 """
4440 4440 Special object wrapper for showing PullRequest data via Versions
4441 4441 It mimics PR object as close as possible. This is read only object
4442 4442 just for display
4443 4443 """
4444 4444
4445 4445 def __init__(self, attrs, internal=None):
4446 4446 self.attrs = attrs
4447 4447 # internal have priority over the given ones via attrs
4448 4448 self.internal = internal or ['versions']
4449 4449
4450 4450 def __getattr__(self, item):
4451 4451 if item in self.internal:
4452 4452 return getattr(self, item)
4453 4453 try:
4454 4454 return self.attrs[item]
4455 4455 except KeyError:
4456 4456 raise AttributeError(
4457 4457 '%s object has no attribute %s' % (self, item))
4458 4458
4459 4459 def __repr__(self):
4460 4460 pr_id = self.attrs.get('pull_request_id')
4461 4461 return f'<DB:PullRequestDisplay #{pr_id}>'
4462 4462
4463 4463 def versions(self):
4464 4464 return pull_request_obj.versions.order_by(
4465 4465 PullRequestVersion.pull_request_version_id).all()
4466 4466
4467 4467 def is_closed(self):
4468 4468 return pull_request_obj.is_closed()
4469 4469
4470 4470 def is_state_changing(self):
4471 4471 return pull_request_obj.is_state_changing()
4472 4472
4473 4473 @property
4474 4474 def pull_request_version_id(self):
4475 4475 return getattr(pull_request_obj, 'pull_request_version_id', None)
4476 4476
4477 4477 @property
4478 4478 def pull_request_last_version(self):
4479 4479 return pull_request_obj.pull_request_last_version
4480 4480
4481 4481 attrs = StrictAttributeDict(pull_request_obj.get_api_data(with_merge_state=False))
4482 4482
4483 4483 attrs.author = StrictAttributeDict(
4484 4484 pull_request_obj.author.get_api_data())
4485 4485 if pull_request_obj.target_repo:
4486 4486 attrs.target_repo = StrictAttributeDict(
4487 4487 pull_request_obj.target_repo.get_api_data())
4488 4488 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
4489 4489
4490 4490 if pull_request_obj.source_repo:
4491 4491 attrs.source_repo = StrictAttributeDict(
4492 4492 pull_request_obj.source_repo.get_api_data())
4493 4493 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
4494 4494
4495 4495 attrs.source_ref_parts = pull_request_obj.source_ref_parts
4496 4496 attrs.target_ref_parts = pull_request_obj.target_ref_parts
4497 4497 attrs.revisions = pull_request_obj.revisions
4498 4498 attrs.common_ancestor_id = pull_request_obj.common_ancestor_id
4499 4499 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
4500 4500 attrs.reviewer_data = org_pull_request_obj.reviewer_data
4501 4501 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
4502 4502
4503 4503 return PullRequestDisplay(attrs, internal=internal_methods)
4504 4504
4505 4505 def is_closed(self):
4506 4506 return self.status == self.STATUS_CLOSED
4507 4507
4508 4508 def is_state_changing(self):
4509 4509 return self.pull_request_state != PullRequest.STATE_CREATED
4510 4510
4511 4511 def __json__(self):
4512 4512 return {
4513 4513 'revisions': self.revisions,
4514 4514 'versions': self.versions_count
4515 4515 }
4516 4516
4517 4517 def calculated_review_status(self):
4518 4518 from rhodecode.model.changeset_status import ChangesetStatusModel
4519 4519 return ChangesetStatusModel().calculated_review_status(self)
4520 4520
4521 4521 def reviewers_statuses(self, user=None):
4522 4522 from rhodecode.model.changeset_status import ChangesetStatusModel
4523 4523 return ChangesetStatusModel().reviewers_statuses(self, user=user)
4524 4524
4525 4525 def get_pull_request_reviewers(self, role=None):
4526 4526 qry = PullRequestReviewers.query()\
4527 4527 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)
4528 4528 if role:
4529 4529 qry = qry.filter(PullRequestReviewers.role == role)
4530 4530
4531 4531 return qry.all()
4532 4532
4533 4533 @property
4534 4534 def reviewers_count(self):
4535 4535 qry = PullRequestReviewers.query()\
4536 4536 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4537 4537 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_REVIEWER)
4538 4538 return qry.count()
4539 4539
4540 4540 @property
4541 4541 def observers_count(self):
4542 4542 qry = PullRequestReviewers.query()\
4543 4543 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4544 4544 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_OBSERVER)
4545 4545 return qry.count()
4546 4546
4547 4547 def observers(self):
4548 4548 qry = PullRequestReviewers.query()\
4549 4549 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4550 4550 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_OBSERVER)\
4551 4551 .all()
4552 4552
4553 4553 for entry in qry:
4554 4554 yield entry, entry.user
4555 4555
4556 4556 @property
4557 4557 def workspace_id(self):
4558 4558 from rhodecode.model.pull_request import PullRequestModel
4559 4559 return PullRequestModel()._workspace_id(self)
4560 4560
4561 4561 def get_shadow_repo(self):
4562 4562 workspace_id = self.workspace_id
4563 4563 shadow_repository_path = self.target_repo.get_shadow_repository_path(workspace_id)
4564 4564 if os.path.isdir(shadow_repository_path):
4565 4565 vcs_obj = self.target_repo.scm_instance()
4566 4566 return vcs_obj.get_shadow_instance(shadow_repository_path)
4567 4567
4568 4568 @property
4569 4569 def versions_count(self):
4570 4570 """
4571 4571 return number of versions this PR have, e.g a PR that once been
4572 4572 updated will have 2 versions
4573 4573 """
4574 4574 return self.versions.count() + 1
4575 4575
4576 4576 @property
4577 4577 def pull_request_last_version(self):
4578 4578 return self.versions_count
4579 4579
4580 4580
4581 4581 class PullRequestVersion(Base, _PullRequestBase):
4582 4582 __tablename__ = 'pull_request_versions'
4583 4583 __table_args__ = (
4584 4584 base_table_args,
4585 4585 )
4586 4586
4587 4587 pull_request_version_id = Column('pull_request_version_id', Integer(), nullable=False, primary_key=True)
4588 4588 pull_request_id = Column('pull_request_id', Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=False)
4589 4589 pull_request = relationship('PullRequest', back_populates='versions')
4590 4590
4591 4591 def __repr__(self):
4592 4592 if self.pull_request_version_id:
4593 4593 return f'<DB:PullRequestVersion #{self.pull_request_version_id}>'
4594 4594 else:
4595 4595 return f'<DB:PullRequestVersion at {id(self)!r}>'
4596 4596
4597 4597 @property
4598 4598 def reviewers(self):
4599 4599 return self.pull_request.reviewers
4600 4600
4601 4601 @property
4602 4602 def versions(self):
4603 4603 return self.pull_request.versions
4604 4604
4605 4605 def is_closed(self):
4606 4606 # calculate from original
4607 4607 return self.pull_request.status == self.STATUS_CLOSED
4608 4608
4609 4609 def is_state_changing(self):
4610 4610 return self.pull_request.pull_request_state != PullRequest.STATE_CREATED
4611 4611
4612 4612 def calculated_review_status(self):
4613 4613 return self.pull_request.calculated_review_status()
4614 4614
4615 4615 def reviewers_statuses(self):
4616 4616 return self.pull_request.reviewers_statuses()
4617 4617
4618 4618 def observers(self):
4619 4619 return self.pull_request.observers()
4620 4620
4621 4621
4622 4622 class PullRequestReviewers(Base, BaseModel):
4623 4623 __tablename__ = 'pull_request_reviewers'
4624 4624 __table_args__ = (
4625 4625 base_table_args,
4626 4626 )
4627 4627 ROLE_REVIEWER = 'reviewer'
4628 4628 ROLE_OBSERVER = 'observer'
4629 4629 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
4630 4630
4631 4631 @hybrid_property
4632 4632 def reasons(self):
4633 4633 if not self._reasons:
4634 4634 return []
4635 4635 return self._reasons
4636 4636
4637 4637 @reasons.setter
4638 4638 def reasons(self, val):
4639 4639 val = val or []
4640 4640 if any(not isinstance(x, str) for x in val):
4641 4641 raise Exception('invalid reasons type, must be list of strings')
4642 4642 self._reasons = val
4643 4643
4644 4644 pull_requests_reviewers_id = Column(
4645 4645 'pull_requests_reviewers_id', Integer(), nullable=False,
4646 4646 primary_key=True)
4647 4647 pull_request_id = Column(
4648 4648 "pull_request_id", Integer(),
4649 4649 ForeignKey('pull_requests.pull_request_id'), nullable=False)
4650 4650 user_id = Column(
4651 4651 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
4652 4652 _reasons = Column(
4653 4653 'reason', MutationList.as_mutable(
4654 4654 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
4655 4655
4656 4656 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4657 4657 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
4658 4658
4659 4659 user = relationship('User')
4660 4660 pull_request = relationship('PullRequest', back_populates='reviewers')
4661 4661
4662 4662 rule_data = Column(
4663 4663 'rule_data_json',
4664 4664 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
4665 4665
4666 4666 def rule_user_group_data(self):
4667 4667 """
4668 4668 Returns the voting user group rule data for this reviewer
4669 4669 """
4670 4670
4671 4671 if self.rule_data and 'vote_rule' in self.rule_data:
4672 4672 user_group_data = {}
4673 4673 if 'rule_user_group_entry_id' in self.rule_data:
4674 4674 # means a group with voting rules !
4675 4675 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
4676 4676 user_group_data['name'] = self.rule_data['rule_name']
4677 4677 user_group_data['vote_rule'] = self.rule_data['vote_rule']
4678 4678
4679 4679 return user_group_data
4680 4680
4681 4681 @classmethod
4682 4682 def get_pull_request_reviewers(cls, pull_request_id, role=None):
4683 4683 qry = PullRequestReviewers.query()\
4684 4684 .filter(PullRequestReviewers.pull_request_id == pull_request_id)
4685 4685 if role:
4686 4686 qry = qry.filter(PullRequestReviewers.role == role)
4687 4687
4688 4688 return qry.all()
4689 4689
4690 4690 def __repr__(self):
4691 4691 return f"<{self.cls_name}('id:{self.pull_requests_reviewers_id}')>"
4692 4692
4693 4693
4694 4694 class Notification(Base, BaseModel):
4695 4695 __tablename__ = 'notifications'
4696 4696 __table_args__ = (
4697 4697 Index('notification_type_idx', 'type'),
4698 4698 base_table_args,
4699 4699 )
4700 4700
4701 4701 TYPE_CHANGESET_COMMENT = 'cs_comment'
4702 4702 TYPE_MESSAGE = 'message'
4703 4703 TYPE_MENTION = 'mention'
4704 4704 TYPE_REGISTRATION = 'registration'
4705 4705 TYPE_PULL_REQUEST = 'pull_request'
4706 4706 TYPE_PULL_REQUEST_COMMENT = 'pull_request_comment'
4707 4707 TYPE_PULL_REQUEST_UPDATE = 'pull_request_update'
4708 4708
4709 4709 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
4710 4710 subject = Column('subject', Unicode(512), nullable=True)
4711 4711 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4712 4712 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
4713 4713 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4714 4714 type_ = Column('type', Unicode(255))
4715 4715
4716 4716 created_by_user = relationship('User', back_populates='user_created_notifications')
4717 4717 notifications_to_users = relationship('UserNotification', lazy='joined', cascade="all, delete-orphan", back_populates='notification')
4718 4718
4719 4719 @property
4720 4720 def recipients(self):
4721 4721 return [x.user for x in UserNotification.query()\
4722 4722 .filter(UserNotification.notification == self)\
4723 4723 .order_by(UserNotification.user_id.asc()).all()]
4724 4724
4725 4725 @classmethod
4726 4726 def create(cls, created_by, subject, body, recipients, type_=None):
4727 4727 if type_ is None:
4728 4728 type_ = Notification.TYPE_MESSAGE
4729 4729
4730 4730 notification = cls()
4731 4731 notification.created_by_user = created_by
4732 4732 notification.subject = subject
4733 4733 notification.body = body
4734 4734 notification.type_ = type_
4735 4735 notification.created_on = datetime.datetime.now()
4736 4736
4737 4737 # For each recipient link the created notification to his account
4738 4738 for u in recipients:
4739 4739 assoc = UserNotification()
4740 4740 assoc.user_id = u.user_id
4741 4741 assoc.notification = notification
4742 4742
4743 4743 # if created_by is inside recipients mark his notification
4744 4744 # as read
4745 4745 if u.user_id == created_by.user_id:
4746 4746 assoc.read = True
4747 4747 Session().add(assoc)
4748 4748
4749 4749 Session().add(notification)
4750 4750
4751 4751 return notification
4752 4752
4753 4753
4754 4754 class UserNotification(Base, BaseModel):
4755 4755 __tablename__ = 'user_to_notification'
4756 4756 __table_args__ = (
4757 4757 UniqueConstraint('user_id', 'notification_id'),
4758 4758 base_table_args
4759 4759 )
4760 4760
4761 4761 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4762 4762 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
4763 4763 read = Column('read', Boolean, default=False)
4764 4764 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
4765 4765
4766 4766 user = relationship('User', lazy="joined", back_populates='notifications')
4767 4767 notification = relationship('Notification', lazy="joined", order_by=lambda: Notification.created_on.desc(), back_populates='notifications_to_users')
4768 4768
4769 4769 def mark_as_read(self):
4770 4770 self.read = True
4771 4771 Session().add(self)
4772 4772
4773 4773
4774 4774 class UserNotice(Base, BaseModel):
4775 4775 __tablename__ = 'user_notices'
4776 4776 __table_args__ = (
4777 4777 base_table_args
4778 4778 )
4779 4779
4780 4780 NOTIFICATION_TYPE_MESSAGE = 'message'
4781 4781 NOTIFICATION_TYPE_NOTICE = 'notice'
4782 4782
4783 4783 NOTIFICATION_LEVEL_INFO = 'info'
4784 4784 NOTIFICATION_LEVEL_WARNING = 'warning'
4785 4785 NOTIFICATION_LEVEL_ERROR = 'error'
4786 4786
4787 4787 user_notice_id = Column('gist_id', Integer(), primary_key=True)
4788 4788
4789 4789 notice_subject = Column('notice_subject', Unicode(512), nullable=True)
4790 4790 notice_body = Column('notice_body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4791 4791
4792 4792 notice_read = Column('notice_read', Boolean, default=False)
4793 4793
4794 4794 notification_level = Column('notification_level', String(1024), default=NOTIFICATION_LEVEL_INFO)
4795 4795 notification_type = Column('notification_type', String(1024), default=NOTIFICATION_TYPE_NOTICE)
4796 4796
4797 4797 notice_created_by = Column('notice_created_by', Integer(), ForeignKey('users.user_id'), nullable=True)
4798 4798 notice_created_on = Column('notice_created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4799 4799
4800 4800 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'))
4801 4801 user = relationship('User', lazy="joined", primaryjoin='User.user_id==UserNotice.user_id')
4802 4802
4803 4803 @classmethod
4804 4804 def create_for_user(cls, user, subject, body, notice_level=NOTIFICATION_LEVEL_INFO, allow_duplicate=False):
4805 4805
4806 4806 if notice_level not in [cls.NOTIFICATION_LEVEL_ERROR,
4807 4807 cls.NOTIFICATION_LEVEL_WARNING,
4808 4808 cls.NOTIFICATION_LEVEL_INFO]:
4809 4809 return
4810 4810
4811 4811 from rhodecode.model.user import UserModel
4812 4812 user = UserModel().get_user(user)
4813 4813
4814 4814 new_notice = UserNotice()
4815 4815 if not allow_duplicate:
4816 4816 existing_msg = UserNotice().query() \
4817 4817 .filter(UserNotice.user == user) \
4818 4818 .filter(UserNotice.notice_body == body) \
4819 4819 .filter(UserNotice.notice_read == false()) \
4820 4820 .scalar()
4821 4821 if existing_msg:
4822 4822 log.warning('Ignoring duplicate notice for user %s', user)
4823 4823 return
4824 4824
4825 4825 new_notice.user = user
4826 4826 new_notice.notice_subject = subject
4827 4827 new_notice.notice_body = body
4828 4828 new_notice.notification_level = notice_level
4829 4829 Session().add(new_notice)
4830 4830 Session().commit()
4831 4831
4832 4832
4833 4833 class Gist(Base, BaseModel):
4834 4834 __tablename__ = 'gists'
4835 4835 __table_args__ = (
4836 4836 Index('g_gist_access_id_idx', 'gist_access_id'),
4837 4837 Index('g_created_on_idx', 'created_on'),
4838 4838 base_table_args
4839 4839 )
4840 4840
4841 4841 GIST_PUBLIC = 'public'
4842 4842 GIST_PRIVATE = 'private'
4843 4843 DEFAULT_FILENAME = 'gistfile1.txt'
4844 4844
4845 4845 ACL_LEVEL_PUBLIC = 'acl_public'
4846 4846 ACL_LEVEL_PRIVATE = 'acl_private'
4847 4847
4848 4848 gist_id = Column('gist_id', Integer(), primary_key=True)
4849 4849 gist_access_id = Column('gist_access_id', Unicode(250))
4850 4850 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
4851 4851 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
4852 4852 gist_expires = Column('gist_expires', Float(53), nullable=False)
4853 4853 gist_type = Column('gist_type', Unicode(128), nullable=False)
4854 4854 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4855 4855 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4856 4856 acl_level = Column('acl_level', Unicode(128), nullable=True)
4857 4857
4858 4858 owner = relationship('User', back_populates='user_gists')
4859 4859
4860 4860 def __repr__(self):
4861 4861 return f'<Gist:[{self.gist_type}]{self.gist_access_id}>'
4862 4862
4863 4863 @hybrid_property
4864 4864 def description_safe(self):
4865 4865 from rhodecode.lib import helpers as h
4866 4866 return h.escape(self.gist_description)
4867 4867
4868 4868 @classmethod
4869 4869 def get_or_404(cls, id_):
4870 4870 from pyramid.httpexceptions import HTTPNotFound
4871 4871
4872 4872 res = cls.query().filter(cls.gist_access_id == id_).scalar()
4873 4873 if not res:
4874 4874 log.debug('WARN: No DB entry with id %s', id_)
4875 4875 raise HTTPNotFound()
4876 4876 return res
4877 4877
4878 4878 @classmethod
4879 4879 def get_by_access_id(cls, gist_access_id):
4880 4880 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
4881 4881
4882 4882 def gist_url(self):
4883 4883 from rhodecode.model.gist import GistModel
4884 4884 return GistModel().get_url(self)
4885 4885
4886 4886 @classmethod
4887 4887 def base_path(cls):
4888 4888 """
4889 4889 Returns base path when all gists are stored
4890 4890
4891 4891 :param cls:
4892 4892 """
4893 4893 from rhodecode.model.gist import GIST_STORE_LOC
4894 4894 q = Session().query(RhodeCodeUi)\
4895 4895 .filter(RhodeCodeUi.ui_key == URL_SEP)
4896 4896 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
4897 4897 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
4898 4898
4899 4899 def get_api_data(self):
4900 4900 """
4901 4901 Common function for generating gist related data for API
4902 4902 """
4903 4903 gist = self
4904 4904 data = {
4905 4905 'gist_id': gist.gist_id,
4906 4906 'type': gist.gist_type,
4907 4907 'access_id': gist.gist_access_id,
4908 4908 'description': gist.gist_description,
4909 4909 'url': gist.gist_url(),
4910 4910 'expires': gist.gist_expires,
4911 4911 'created_on': gist.created_on,
4912 4912 'modified_at': gist.modified_at,
4913 4913 'content': None,
4914 4914 'acl_level': gist.acl_level,
4915 4915 }
4916 4916 return data
4917 4917
4918 4918 def __json__(self):
4919 4919 data = dict(
4920 4920 )
4921 4921 data.update(self.get_api_data())
4922 4922 return data
4923 4923 # SCM functions
4924 4924
4925 4925 def scm_instance(self, **kwargs):
4926 4926 """
4927 4927 Get an instance of VCS Repository
4928 4928
4929 4929 :param kwargs:
4930 4930 """
4931 4931 from rhodecode.model.gist import GistModel
4932 4932 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
4933 4933 return get_vcs_instance(
4934 4934 repo_path=safe_str(full_repo_path), create=False,
4935 4935 _vcs_alias=GistModel.vcs_backend)
4936 4936
4937 4937
4938 4938 class ExternalIdentity(Base, BaseModel):
4939 4939 __tablename__ = 'external_identities'
4940 4940 __table_args__ = (
4941 4941 Index('local_user_id_idx', 'local_user_id'),
4942 4942 Index('external_id_idx', 'external_id'),
4943 4943 base_table_args
4944 4944 )
4945 4945
4946 4946 external_id = Column('external_id', Unicode(255), default='', primary_key=True)
4947 4947 external_username = Column('external_username', Unicode(1024), default='')
4948 4948 local_user_id = Column('local_user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4949 4949 provider_name = Column('provider_name', Unicode(255), default='', primary_key=True)
4950 4950 access_token = Column('access_token', String(1024), default='')
4951 4951 alt_token = Column('alt_token', String(1024), default='')
4952 4952 token_secret = Column('token_secret', String(1024), default='')
4953 4953
4954 4954 @classmethod
4955 4955 def by_external_id_and_provider(cls, external_id, provider_name, local_user_id=None):
4956 4956 """
4957 4957 Returns ExternalIdentity instance based on search params
4958 4958
4959 4959 :param external_id:
4960 4960 :param provider_name:
4961 4961 :return: ExternalIdentity
4962 4962 """
4963 4963 query = cls.query()
4964 4964 query = query.filter(cls.external_id == external_id)
4965 4965 query = query.filter(cls.provider_name == provider_name)
4966 4966 if local_user_id:
4967 4967 query = query.filter(cls.local_user_id == local_user_id)
4968 4968 return query.first()
4969 4969
4970 4970 @classmethod
4971 4971 def user_by_external_id_and_provider(cls, external_id, provider_name):
4972 4972 """
4973 4973 Returns User instance based on search params
4974 4974
4975 4975 :param external_id:
4976 4976 :param provider_name:
4977 4977 :return: User
4978 4978 """
4979 4979 query = User.query()
4980 4980 query = query.filter(cls.external_id == external_id)
4981 4981 query = query.filter(cls.provider_name == provider_name)
4982 4982 query = query.filter(User.user_id == cls.local_user_id)
4983 4983 return query.first()
4984 4984
4985 4985 @classmethod
4986 4986 def by_local_user_id(cls, local_user_id):
4987 4987 """
4988 4988 Returns all tokens for user
4989 4989
4990 4990 :param local_user_id:
4991 4991 :return: ExternalIdentity
4992 4992 """
4993 4993 query = cls.query()
4994 4994 query = query.filter(cls.local_user_id == local_user_id)
4995 4995 return query
4996 4996
4997 4997 @classmethod
4998 4998 def load_provider_plugin(cls, plugin_id):
4999 4999 from rhodecode.authentication.base import loadplugin
5000 5000 _plugin_id = 'egg:rhodecode-enterprise-ee#{}'.format(plugin_id)
5001 5001 auth_plugin = loadplugin(_plugin_id)
5002 5002 return auth_plugin
5003 5003
5004 5004
5005 5005 class Integration(Base, BaseModel):
5006 5006 __tablename__ = 'integrations'
5007 5007 __table_args__ = (
5008 5008 base_table_args
5009 5009 )
5010 5010
5011 5011 integration_id = Column('integration_id', Integer(), primary_key=True)
5012 5012 integration_type = Column('integration_type', String(255))
5013 5013 enabled = Column('enabled', Boolean(), nullable=False)
5014 5014 name = Column('name', String(255), nullable=False)
5015 5015 child_repos_only = Column('child_repos_only', Boolean(), nullable=False, default=False)
5016 5016
5017 5017 settings = Column(
5018 5018 'settings_json', MutationObj.as_mutable(
5019 5019 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
5020 5020 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
5021 5021 repo = relationship('Repository', lazy='joined', back_populates='integrations')
5022 5022
5023 5023 repo_group_id = Column('repo_group_id', Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
5024 5024 repo_group = relationship('RepoGroup', lazy='joined', back_populates='integrations')
5025 5025
5026 5026 @property
5027 5027 def scope(self):
5028 5028 if self.repo:
5029 5029 return repr(self.repo)
5030 5030 if self.repo_group:
5031 5031 if self.child_repos_only:
5032 5032 return repr(self.repo_group) + ' (child repos only)'
5033 5033 else:
5034 5034 return repr(self.repo_group) + ' (recursive)'
5035 5035 if self.child_repos_only:
5036 5036 return 'root_repos'
5037 5037 return 'global'
5038 5038
5039 5039 def __repr__(self):
5040 5040 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
5041 5041
5042 5042
5043 5043 class RepoReviewRuleUser(Base, BaseModel):
5044 5044 __tablename__ = 'repo_review_rules_users'
5045 5045 __table_args__ = (
5046 5046 base_table_args
5047 5047 )
5048 5048 ROLE_REVIEWER = 'reviewer'
5049 5049 ROLE_OBSERVER = 'observer'
5050 5050 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
5051 5051
5052 5052 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
5053 5053 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
5054 5054 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
5055 5055 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
5056 5056 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
5057 5057 user = relationship('User', back_populates='user_review_rules')
5058 5058
5059 5059 def rule_data(self):
5060 5060 return {
5061 5061 'mandatory': self.mandatory,
5062 5062 'role': self.role,
5063 5063 }
5064 5064
5065 5065
5066 5066 class RepoReviewRuleUserGroup(Base, BaseModel):
5067 5067 __tablename__ = 'repo_review_rules_users_groups'
5068 5068 __table_args__ = (
5069 5069 base_table_args
5070 5070 )
5071 5071
5072 5072 VOTE_RULE_ALL = -1
5073 5073 ROLE_REVIEWER = 'reviewer'
5074 5074 ROLE_OBSERVER = 'observer'
5075 5075 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
5076 5076
5077 5077 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
5078 5078 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
5079 5079 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False)
5080 5080 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
5081 5081 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
5082 5082 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
5083 5083 users_group = relationship('UserGroup')
5084 5084
5085 5085 def rule_data(self):
5086 5086 return {
5087 5087 'mandatory': self.mandatory,
5088 5088 'role': self.role,
5089 5089 'vote_rule': self.vote_rule
5090 5090 }
5091 5091
5092 5092 @property
5093 5093 def vote_rule_label(self):
5094 5094 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
5095 5095 return 'all must vote'
5096 5096 else:
5097 5097 return 'min. vote {}'.format(self.vote_rule)
5098 5098
5099 5099
5100 5100 class RepoReviewRule(Base, BaseModel):
5101 5101 __tablename__ = 'repo_review_rules'
5102 5102 __table_args__ = (
5103 5103 base_table_args
5104 5104 )
5105 5105
5106 5106 repo_review_rule_id = Column(
5107 5107 'repo_review_rule_id', Integer(), primary_key=True)
5108 5108 repo_id = Column(
5109 5109 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
5110 5110 repo = relationship('Repository', back_populates='review_rules')
5111 5111
5112 5112 review_rule_name = Column('review_rule_name', String(255))
5113 5113 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5114 5114 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5115 5115 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5116 5116
5117 5117 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
5118 5118
5119 5119 # Legacy fields, just for backward compat
5120 5120 _forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
5121 5121 _forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
5122 5122
5123 5123 pr_author = Column("pr_author", UnicodeText().with_variant(UnicodeText(255), 'mysql'), nullable=True)
5124 5124 commit_author = Column("commit_author", UnicodeText().with_variant(UnicodeText(255), 'mysql'), nullable=True)
5125 5125
5126 5126 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
5127 5127
5128 5128 rule_users = relationship('RepoReviewRuleUser')
5129 5129 rule_user_groups = relationship('RepoReviewRuleUserGroup')
5130 5130
5131 5131 def _validate_pattern(self, value):
5132 5132 re.compile('^' + glob2re(value) + '$')
5133 5133
5134 5134 @hybrid_property
5135 5135 def source_branch_pattern(self):
5136 5136 return self._branch_pattern or '*'
5137 5137
5138 5138 @source_branch_pattern.setter
5139 5139 def source_branch_pattern(self, value):
5140 5140 self._validate_pattern(value)
5141 5141 self._branch_pattern = value or '*'
5142 5142
5143 5143 @hybrid_property
5144 5144 def target_branch_pattern(self):
5145 5145 return self._target_branch_pattern or '*'
5146 5146
5147 5147 @target_branch_pattern.setter
5148 5148 def target_branch_pattern(self, value):
5149 5149 self._validate_pattern(value)
5150 5150 self._target_branch_pattern = value or '*'
5151 5151
5152 5152 @hybrid_property
5153 5153 def file_pattern(self):
5154 5154 return self._file_pattern or '*'
5155 5155
5156 5156 @file_pattern.setter
5157 5157 def file_pattern(self, value):
5158 5158 self._validate_pattern(value)
5159 5159 self._file_pattern = value or '*'
5160 5160
5161 5161 @hybrid_property
5162 5162 def forbid_pr_author_to_review(self):
5163 5163 return self.pr_author == 'forbid_pr_author'
5164 5164
5165 5165 @hybrid_property
5166 5166 def include_pr_author_to_review(self):
5167 5167 return self.pr_author == 'include_pr_author'
5168 5168
5169 5169 @hybrid_property
5170 5170 def forbid_commit_author_to_review(self):
5171 5171 return self.commit_author == 'forbid_commit_author'
5172 5172
5173 5173 @hybrid_property
5174 5174 def include_commit_author_to_review(self):
5175 5175 return self.commit_author == 'include_commit_author'
5176 5176
5177 5177 def matches(self, source_branch, target_branch, files_changed):
5178 5178 """
5179 5179 Check if this review rule matches a branch/files in a pull request
5180 5180
5181 5181 :param source_branch: source branch name for the commit
5182 5182 :param target_branch: target branch name for the commit
5183 5183 :param files_changed: list of file paths changed in the pull request
5184 5184 """
5185 5185
5186 5186 source_branch = source_branch or ''
5187 5187 target_branch = target_branch or ''
5188 5188 files_changed = files_changed or []
5189 5189
5190 5190 branch_matches = True
5191 5191 if source_branch or target_branch:
5192 5192 if self.source_branch_pattern == '*':
5193 5193 source_branch_match = True
5194 5194 else:
5195 5195 if self.source_branch_pattern.startswith('re:'):
5196 5196 source_pattern = self.source_branch_pattern[3:]
5197 5197 else:
5198 5198 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
5199 5199 source_branch_regex = re.compile(source_pattern)
5200 5200 source_branch_match = bool(source_branch_regex.search(source_branch))
5201 5201 if self.target_branch_pattern == '*':
5202 5202 target_branch_match = True
5203 5203 else:
5204 5204 if self.target_branch_pattern.startswith('re:'):
5205 5205 target_pattern = self.target_branch_pattern[3:]
5206 5206 else:
5207 5207 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
5208 5208 target_branch_regex = re.compile(target_pattern)
5209 5209 target_branch_match = bool(target_branch_regex.search(target_branch))
5210 5210
5211 5211 branch_matches = source_branch_match and target_branch_match
5212 5212
5213 5213 files_matches = True
5214 5214 if self.file_pattern != '*':
5215 5215 files_matches = False
5216 5216 if self.file_pattern.startswith('re:'):
5217 5217 file_pattern = self.file_pattern[3:]
5218 5218 else:
5219 5219 file_pattern = glob2re(self.file_pattern)
5220 5220 file_regex = re.compile(file_pattern)
5221 5221 for file_data in files_changed:
5222 5222 filename = file_data.get('filename')
5223 5223
5224 5224 if file_regex.search(filename):
5225 5225 files_matches = True
5226 5226 break
5227 5227
5228 5228 return branch_matches and files_matches
5229 5229
5230 5230 @property
5231 5231 def review_users(self):
5232 5232 """ Returns the users which this rule applies to """
5233 5233
5234 5234 users = collections.OrderedDict()
5235 5235
5236 5236 for rule_user in self.rule_users:
5237 5237 if rule_user.user.active:
5238 5238 if rule_user.user not in users:
5239 5239 users[rule_user.user.username] = {
5240 5240 'user': rule_user.user,
5241 5241 'source': 'user',
5242 5242 'source_data': {},
5243 5243 'data': rule_user.rule_data()
5244 5244 }
5245 5245
5246 5246 for rule_user_group in self.rule_user_groups:
5247 5247 source_data = {
5248 5248 'user_group_id': rule_user_group.users_group.users_group_id,
5249 5249 'name': rule_user_group.users_group.users_group_name,
5250 5250 'members': len(rule_user_group.users_group.members)
5251 5251 }
5252 5252 for member in rule_user_group.users_group.members:
5253 5253 if member.user.active:
5254 5254 key = member.user.username
5255 5255 if key in users:
5256 5256 # skip this member as we have him already
5257 5257 # this prevents from override the "first" matched
5258 5258 # users with duplicates in multiple groups
5259 5259 continue
5260 5260
5261 5261 users[key] = {
5262 5262 'user': member.user,
5263 5263 'source': 'user_group',
5264 5264 'source_data': source_data,
5265 5265 'data': rule_user_group.rule_data()
5266 5266 }
5267 5267
5268 5268 return users
5269 5269
5270 5270 def user_group_vote_rule(self, user_id):
5271 5271
5272 5272 rules = []
5273 5273 if not self.rule_user_groups:
5274 5274 return rules
5275 5275
5276 5276 for user_group in self.rule_user_groups:
5277 5277 user_group_members = [x.user_id for x in user_group.users_group.members]
5278 5278 if user_id in user_group_members:
5279 5279 rules.append(user_group)
5280 5280 return rules
5281 5281
5282 5282 def __repr__(self):
5283 5283 return f'<RepoReviewerRule(id={self.repo_review_rule_id}, repo={self.repo!r})>'
5284 5284
5285 5285
5286 5286 class ScheduleEntry(Base, BaseModel):
5287 5287 __tablename__ = 'schedule_entries'
5288 5288 __table_args__ = (
5289 5289 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
5290 5290 UniqueConstraint('task_uid', name='s_task_uid_idx'),
5291 5291 base_table_args,
5292 5292 )
5293 5293 SCHEDULE_TYPE_INTEGER = "integer"
5294 5294 SCHEDULE_TYPE_CRONTAB = "crontab"
5295 SCHEDULE_TYPE_TIMEDELTA = "timedelta"
5296
5297 schedule_types = [SCHEDULE_TYPE_CRONTAB, SCHEDULE_TYPE_TIMEDELTA, SCHEDULE_TYPE_INTEGER]
5295
5296 schedule_types = [SCHEDULE_TYPE_CRONTAB, SCHEDULE_TYPE_INTEGER]
5298 5297 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
5299 5298
5300 5299 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
5301 5300 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
5302 5301 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
5303 5302
5304 5303 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
5305 5304 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
5306 5305
5307 5306 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
5308 5307 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
5309 5308
5310 5309 # task
5311 5310 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
5312 5311 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
5313 5312 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
5314 5313 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
5315 5314
5316 5315 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5317 5316 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
5318 5317
5319 5318 @hybrid_property
5320 5319 def schedule_type(self):
5321 5320 return self._schedule_type
5322 5321
5323 5322 @schedule_type.setter
5324 5323 def schedule_type(self, val):
5325 5324 if val not in self.schedule_types:
5326 5325 raise ValueError('Value must be on of `{}` and got `{}`'.format(
5327 5326 val, self.schedule_type))
5328 5327
5329 5328 self._schedule_type = val
5330 5329
5331 5330 @classmethod
5332 5331 def get_uid(cls, obj):
5333 5332 args = obj.task_args
5334 5333 kwargs = obj.task_kwargs
5335 5334 if isinstance(args, JsonRaw):
5336 5335 try:
5337 5336 args = json.loads(args)
5338 5337 except ValueError:
5339 5338 args = tuple()
5340 5339
5341 5340 if isinstance(kwargs, JsonRaw):
5342 5341 try:
5343 5342 kwargs = json.loads(kwargs)
5344 5343 except ValueError:
5345 5344 kwargs = dict()
5346 5345
5347 5346 dot_notation = obj.task_dot_notation
5348 5347 val = '.'.join(map(safe_str, [
5349 5348 sorted(dot_notation), args, sorted(kwargs.items())]))
5350 5349 return sha1(safe_bytes(val))
5351 5350
5352 5351 @classmethod
5353 5352 def get_by_schedule_name(cls, schedule_name):
5354 5353 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
5355 5354
5356 5355 @classmethod
5357 5356 def get_by_schedule_id(cls, schedule_id):
5358 5357 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
5359 5358
5360 5359 @property
5361 5360 def task(self):
5362 5361 return self.task_dot_notation
5363 5362
5364 5363 @property
5365 5364 def schedule(self):
5366 5365 from rhodecode.lib.celerylib.utils import raw_2_schedule
5367 5366 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
5368 5367 return schedule
5369 5368
5370 5369 @property
5371 5370 def args(self):
5372 5371 try:
5373 5372 return list(self.task_args or [])
5374 5373 except ValueError:
5375 5374 return list()
5376 5375
5377 5376 @property
5378 5377 def kwargs(self):
5379 5378 try:
5380 5379 return dict(self.task_kwargs or {})
5381 5380 except ValueError:
5382 5381 return dict()
5383 5382
5384 5383 def _as_raw(self, val, indent=False):
5385 5384 if hasattr(val, 'de_coerce'):
5386 5385 val = val.de_coerce()
5387 5386 if val:
5388 5387 if indent:
5389 5388 val = ext_json.formatted_str_json(val)
5390 5389 else:
5391 5390 val = ext_json.str_json(val)
5392 5391
5393 5392 return val
5394 5393
5395 5394 @property
5396 5395 def schedule_definition_raw(self):
5397 5396 return self._as_raw(self.schedule_definition)
5398 5397
5399 5398 def args_raw(self, indent=False):
5400 5399 return self._as_raw(self.task_args, indent)
5401 5400
5402 5401 def kwargs_raw(self, indent=False):
5403 5402 return self._as_raw(self.task_kwargs, indent)
5404 5403
5405 5404 def __repr__(self):
5406 5405 return f'<DB:ScheduleEntry({self.schedule_entry_id}:{self.schedule_name})>'
5407 5406
5408 5407
5409 5408 @event.listens_for(ScheduleEntry, 'before_update')
5410 5409 def update_task_uid(mapper, connection, target):
5411 5410 target.task_uid = ScheduleEntry.get_uid(target)
5412 5411
5413 5412
5414 5413 @event.listens_for(ScheduleEntry, 'before_insert')
5415 5414 def set_task_uid(mapper, connection, target):
5416 5415 target.task_uid = ScheduleEntry.get_uid(target)
5417 5416
5418 5417
5419 5418 class _BaseBranchPerms(BaseModel):
5420 5419 @classmethod
5421 5420 def compute_hash(cls, value):
5422 5421 return sha1_safe(value)
5423 5422
5424 5423 @hybrid_property
5425 5424 def branch_pattern(self):
5426 5425 return self._branch_pattern or '*'
5427 5426
5428 5427 @hybrid_property
5429 5428 def branch_hash(self):
5430 5429 return self._branch_hash
5431 5430
5432 5431 def _validate_glob(self, value):
5433 5432 re.compile('^' + glob2re(value) + '$')
5434 5433
5435 5434 @branch_pattern.setter
5436 5435 def branch_pattern(self, value):
5437 5436 self._validate_glob(value)
5438 5437 self._branch_pattern = value or '*'
5439 5438 # set the Hash when setting the branch pattern
5440 5439 self._branch_hash = self.compute_hash(self._branch_pattern)
5441 5440
5442 5441 def matches(self, branch):
5443 5442 """
5444 5443 Check if this the branch matches entry
5445 5444
5446 5445 :param branch: branch name for the commit
5447 5446 """
5448 5447
5449 5448 branch = branch or ''
5450 5449
5451 5450 branch_matches = True
5452 5451 if branch:
5453 5452 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
5454 5453 branch_matches = bool(branch_regex.search(branch))
5455 5454
5456 5455 return branch_matches
5457 5456
5458 5457
5459 5458 class UserToRepoBranchPermission(Base, _BaseBranchPerms):
5460 5459 __tablename__ = 'user_to_repo_branch_permissions'
5461 5460 __table_args__ = (
5462 5461 base_table_args
5463 5462 )
5464 5463
5465 5464 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5466 5465
5467 5466 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5468 5467 repo = relationship('Repository', back_populates='user_branch_perms')
5469 5468
5470 5469 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5471 5470 permission = relationship('Permission')
5472 5471
5473 5472 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
5474 5473 user_repo_to_perm = relationship('UserRepoToPerm', back_populates='branch_perm_entry')
5475 5474
5476 5475 rule_order = Column('rule_order', Integer(), nullable=False)
5477 5476 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default='*') # glob
5478 5477 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5479 5478
5480 5479 def __repr__(self):
5481 5480 return f'<UserBranchPermission({self.user_repo_to_perm} => {self.branch_pattern!r})>'
5482 5481
5483 5482
5484 5483 class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
5485 5484 __tablename__ = 'user_group_to_repo_branch_permissions'
5486 5485 __table_args__ = (
5487 5486 base_table_args
5488 5487 )
5489 5488
5490 5489 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5491 5490
5492 5491 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5493 5492 repo = relationship('Repository', back_populates='user_group_branch_perms')
5494 5493
5495 5494 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5496 5495 permission = relationship('Permission')
5497 5496
5498 5497 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
5499 5498 user_group_repo_to_perm = relationship('UserGroupRepoToPerm', back_populates='user_group_branch_perms')
5500 5499
5501 5500 rule_order = Column('rule_order', Integer(), nullable=False)
5502 5501 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default='*') # glob
5503 5502 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5504 5503
5505 5504 def __repr__(self):
5506 5505 return f'<UserBranchPermission({self.user_group_repo_to_perm} => {self.branch_pattern!r})>'
5507 5506
5508 5507
5509 5508 class UserBookmark(Base, BaseModel):
5510 5509 __tablename__ = 'user_bookmarks'
5511 5510 __table_args__ = (
5512 5511 UniqueConstraint('user_id', 'bookmark_repo_id'),
5513 5512 UniqueConstraint('user_id', 'bookmark_repo_group_id'),
5514 5513 UniqueConstraint('user_id', 'bookmark_position'),
5515 5514 base_table_args
5516 5515 )
5517 5516
5518 5517 user_bookmark_id = Column("user_bookmark_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
5519 5518 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
5520 5519 position = Column("bookmark_position", Integer(), nullable=False)
5521 5520 title = Column("bookmark_title", String(255), nullable=True, unique=None, default=None)
5522 5521 redirect_url = Column("bookmark_redirect_url", String(10240), nullable=True, unique=None, default=None)
5523 5522 created_on = Column("created_on", DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5524 5523
5525 5524 bookmark_repo_id = Column("bookmark_repo_id", Integer(), ForeignKey("repositories.repo_id"), nullable=True, unique=None, default=None)
5526 5525 bookmark_repo_group_id = Column("bookmark_repo_group_id", Integer(), ForeignKey("groups.group_id"), nullable=True, unique=None, default=None)
5527 5526
5528 5527 user = relationship("User")
5529 5528
5530 5529 repository = relationship("Repository")
5531 5530 repository_group = relationship("RepoGroup")
5532 5531
5533 5532 @classmethod
5534 5533 def get_by_position_for_user(cls, position, user_id):
5535 5534 return cls.query() \
5536 5535 .filter(UserBookmark.user_id == user_id) \
5537 5536 .filter(UserBookmark.position == position).scalar()
5538 5537
5539 5538 @classmethod
5540 5539 def get_bookmarks_for_user(cls, user_id, cache=True):
5541 5540 bookmarks = cls.query() \
5542 5541 .filter(UserBookmark.user_id == user_id) \
5543 5542 .options(joinedload(UserBookmark.repository)) \
5544 5543 .options(joinedload(UserBookmark.repository_group)) \
5545 5544 .order_by(UserBookmark.position.asc())
5546 5545
5547 5546 if cache:
5548 5547 bookmarks = bookmarks.options(
5549 5548 FromCache("sql_cache_short", "get_user_{}_bookmarks".format(user_id))
5550 5549 )
5551 5550
5552 5551 return bookmarks.all()
5553 5552
5554 5553 def __repr__(self):
5555 5554 return f'<UserBookmark({self.position} @ {self.redirect_url!r})>'
5556 5555
5557 5556
5558 5557 class FileStore(Base, BaseModel):
5559 5558 __tablename__ = 'file_store'
5560 5559 __table_args__ = (
5561 5560 base_table_args
5562 5561 )
5563 5562
5564 5563 file_store_id = Column('file_store_id', Integer(), primary_key=True)
5565 5564 file_uid = Column('file_uid', String(1024), nullable=False)
5566 5565 file_display_name = Column('file_display_name', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), nullable=True)
5567 5566 file_description = Column('file_description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=True)
5568 5567 file_org_name = Column('file_org_name', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=False)
5569 5568
5570 5569 # sha256 hash
5571 5570 file_hash = Column('file_hash', String(512), nullable=False)
5572 5571 file_size = Column('file_size', BigInteger(), nullable=False)
5573 5572
5574 5573 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5575 5574 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True)
5576 5575 accessed_count = Column('accessed_count', Integer(), default=0)
5577 5576
5578 5577 enabled = Column('enabled', Boolean(), nullable=False, default=True)
5579 5578
5580 5579 # if repo/repo_group reference is set, check for permissions
5581 5580 check_acl = Column('check_acl', Boolean(), nullable=False, default=True)
5582 5581
5583 5582 # hidden defines an attachment that should be hidden from showing in artifact listing
5584 5583 hidden = Column('hidden', Boolean(), nullable=False, default=False)
5585 5584
5586 5585 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
5587 5586 upload_user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.user_id', back_populates='artifacts')
5588 5587
5589 5588 file_metadata = relationship('FileStoreMetadata', lazy='joined')
5590 5589
5591 5590 # scope limited to user, which requester have access to
5592 5591 scope_user_id = Column(
5593 5592 'scope_user_id', Integer(), ForeignKey('users.user_id'),
5594 5593 nullable=True, unique=None, default=None)
5595 5594 user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.scope_user_id', back_populates='scope_artifacts')
5596 5595
5597 5596 # scope limited to user group, which requester have access to
5598 5597 scope_user_group_id = Column(
5599 5598 'scope_user_group_id', Integer(), ForeignKey('users_groups.users_group_id'),
5600 5599 nullable=True, unique=None, default=None)
5601 5600 user_group = relationship('UserGroup', lazy='joined')
5602 5601
5603 5602 # scope limited to repo, which requester have access to
5604 5603 scope_repo_id = Column(
5605 5604 'scope_repo_id', Integer(), ForeignKey('repositories.repo_id'),
5606 5605 nullable=True, unique=None, default=None)
5607 5606 repo = relationship('Repository', lazy='joined')
5608 5607
5609 5608 # scope limited to repo group, which requester have access to
5610 5609 scope_repo_group_id = Column(
5611 5610 'scope_repo_group_id', Integer(), ForeignKey('groups.group_id'),
5612 5611 nullable=True, unique=None, default=None)
5613 5612 repo_group = relationship('RepoGroup', lazy='joined')
5614 5613
5615 5614 @classmethod
5616 5615 def get_scope(cls, scope_type, scope_id):
5617 5616 if scope_type == 'repo':
5618 5617 return f'repo:{scope_id}'
5619 5618 elif scope_type == 'repo-group':
5620 5619 return f'repo-group:{scope_id}'
5621 5620 elif scope_type == 'user':
5622 5621 return f'user:{scope_id}'
5623 5622 elif scope_type == 'user-group':
5624 5623 return f'user-group:{scope_id}'
5625 5624 else:
5626 5625 return scope_type
5627 5626
5628 5627 @classmethod
5629 5628 def get_by_store_uid(cls, file_store_uid, safe=False):
5630 5629 if safe:
5631 5630 return FileStore.query().filter(FileStore.file_uid == file_store_uid).first()
5632 5631 else:
5633 5632 return FileStore.query().filter(FileStore.file_uid == file_store_uid).scalar()
5634 5633
5635 5634 @classmethod
5636 5635 def create(cls, file_uid, filename, file_hash, file_size, file_display_name='',
5637 5636 file_description='', enabled=True, hidden=False, check_acl=True,
5638 5637 user_id=None, scope_user_id=None, scope_repo_id=None, scope_repo_group_id=None):
5639 5638
5640 5639 store_entry = FileStore()
5641 5640 store_entry.file_uid = file_uid
5642 5641 store_entry.file_display_name = file_display_name
5643 5642 store_entry.file_org_name = filename
5644 5643 store_entry.file_size = file_size
5645 5644 store_entry.file_hash = file_hash
5646 5645 store_entry.file_description = file_description
5647 5646
5648 5647 store_entry.check_acl = check_acl
5649 5648 store_entry.enabled = enabled
5650 5649 store_entry.hidden = hidden
5651 5650
5652 5651 store_entry.user_id = user_id
5653 5652 store_entry.scope_user_id = scope_user_id
5654 5653 store_entry.scope_repo_id = scope_repo_id
5655 5654 store_entry.scope_repo_group_id = scope_repo_group_id
5656 5655
5657 5656 return store_entry
5658 5657
5659 5658 @classmethod
5660 5659 def store_metadata(cls, file_store_id, args, commit=True):
5661 5660 file_store = FileStore.get(file_store_id)
5662 5661 if file_store is None:
5663 5662 return
5664 5663
5665 5664 for section, key, value, value_type in args:
5666 5665 has_key = FileStoreMetadata().query() \
5667 5666 .filter(FileStoreMetadata.file_store_id == file_store.file_store_id) \
5668 5667 .filter(FileStoreMetadata.file_store_meta_section == section) \
5669 5668 .filter(FileStoreMetadata.file_store_meta_key == key) \
5670 5669 .scalar()
5671 5670 if has_key:
5672 5671 msg = 'key `{}` already defined under section `{}` for this file.'\
5673 5672 .format(key, section)
5674 5673 raise ArtifactMetadataDuplicate(msg, err_section=section, err_key=key)
5675 5674
5676 5675 # NOTE(marcink): raises ArtifactMetadataBadValueType
5677 5676 FileStoreMetadata.valid_value_type(value_type)
5678 5677
5679 5678 meta_entry = FileStoreMetadata()
5680 5679 meta_entry.file_store = file_store
5681 5680 meta_entry.file_store_meta_section = section
5682 5681 meta_entry.file_store_meta_key = key
5683 5682 meta_entry.file_store_meta_value_type = value_type
5684 5683 meta_entry.file_store_meta_value = value
5685 5684
5686 5685 Session().add(meta_entry)
5687 5686
5688 5687 try:
5689 5688 if commit:
5690 5689 Session().commit()
5691 5690 except IntegrityError:
5692 5691 Session().rollback()
5693 5692 raise ArtifactMetadataDuplicate('Duplicate section/key found for this file.')
5694 5693
5695 5694 @classmethod
5696 5695 def bump_access_counter(cls, file_uid, commit=True):
5697 5696 FileStore().query()\
5698 5697 .filter(FileStore.file_uid == file_uid)\
5699 5698 .update({FileStore.accessed_count: (FileStore.accessed_count + 1),
5700 5699 FileStore.accessed_on: datetime.datetime.now()})
5701 5700 if commit:
5702 5701 Session().commit()
5703 5702
5704 5703 def __json__(self):
5705 5704 data = {
5706 5705 'filename': self.file_display_name,
5707 5706 'filename_org': self.file_org_name,
5708 5707 'file_uid': self.file_uid,
5709 5708 'description': self.file_description,
5710 5709 'hidden': self.hidden,
5711 5710 'size': self.file_size,
5712 5711 'created_on': self.created_on,
5713 5712 'uploaded_by': self.upload_user.get_api_data(details='basic'),
5714 5713 'downloaded_times': self.accessed_count,
5715 5714 'sha256': self.file_hash,
5716 5715 'metadata': self.file_metadata,
5717 5716 }
5718 5717
5719 5718 return data
5720 5719
5721 5720 def __repr__(self):
5722 5721 return f'<FileStore({self.file_store_id})>'
5723 5722
5724 5723
5725 5724 class FileStoreMetadata(Base, BaseModel):
5726 5725 __tablename__ = 'file_store_metadata'
5727 5726 __table_args__ = (
5728 5727 UniqueConstraint('file_store_id', 'file_store_meta_section_hash', 'file_store_meta_key_hash'),
5729 5728 Index('file_store_meta_section_idx', 'file_store_meta_section', mysql_length=255),
5730 5729 Index('file_store_meta_key_idx', 'file_store_meta_key', mysql_length=255),
5731 5730 base_table_args
5732 5731 )
5733 5732 SETTINGS_TYPES = {
5734 5733 'str': safe_str,
5735 5734 'int': safe_int,
5736 5735 'unicode': safe_str,
5737 5736 'bool': str2bool,
5738 5737 'list': functools.partial(aslist, sep=',')
5739 5738 }
5740 5739
5741 5740 file_store_meta_id = Column(
5742 5741 "file_store_meta_id", Integer(), nullable=False, unique=True, default=None,
5743 5742 primary_key=True)
5744 5743 _file_store_meta_section = Column(
5745 5744 "file_store_meta_section", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5746 5745 nullable=True, unique=None, default=None)
5747 5746 _file_store_meta_section_hash = Column(
5748 5747 "file_store_meta_section_hash", String(255),
5749 5748 nullable=True, unique=None, default=None)
5750 5749 _file_store_meta_key = Column(
5751 5750 "file_store_meta_key", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5752 5751 nullable=True, unique=None, default=None)
5753 5752 _file_store_meta_key_hash = Column(
5754 5753 "file_store_meta_key_hash", String(255), nullable=True, unique=None, default=None)
5755 5754 _file_store_meta_value = Column(
5756 5755 "file_store_meta_value", UnicodeText().with_variant(UnicodeText(20480), 'mysql'),
5757 5756 nullable=True, unique=None, default=None)
5758 5757 _file_store_meta_value_type = Column(
5759 5758 "file_store_meta_value_type", String(255), nullable=True, unique=None,
5760 5759 default='unicode')
5761 5760
5762 5761 file_store_id = Column(
5763 5762 'file_store_id', Integer(), ForeignKey('file_store.file_store_id'),
5764 5763 nullable=True, unique=None, default=None)
5765 5764
5766 5765 file_store = relationship('FileStore', lazy='joined', viewonly=True)
5767 5766
5768 5767 @classmethod
5769 5768 def valid_value_type(cls, value):
5770 5769 if value.split('.')[0] not in cls.SETTINGS_TYPES:
5771 5770 raise ArtifactMetadataBadValueType(
5772 5771 'value_type must be one of %s got %s' % (cls.SETTINGS_TYPES.keys(), value))
5773 5772
5774 5773 @hybrid_property
5775 5774 def file_store_meta_section(self):
5776 5775 return self._file_store_meta_section
5777 5776
5778 5777 @file_store_meta_section.setter
5779 5778 def file_store_meta_section(self, value):
5780 5779 self._file_store_meta_section = value
5781 5780 self._file_store_meta_section_hash = _hash_key(value)
5782 5781
5783 5782 @hybrid_property
5784 5783 def file_store_meta_key(self):
5785 5784 return self._file_store_meta_key
5786 5785
5787 5786 @file_store_meta_key.setter
5788 5787 def file_store_meta_key(self, value):
5789 5788 self._file_store_meta_key = value
5790 5789 self._file_store_meta_key_hash = _hash_key(value)
5791 5790
5792 5791 @hybrid_property
5793 5792 def file_store_meta_value(self):
5794 5793 val = self._file_store_meta_value
5795 5794
5796 5795 if self._file_store_meta_value_type:
5797 5796 # e.g unicode.encrypted == unicode
5798 5797 _type = self._file_store_meta_value_type.split('.')[0]
5799 5798 # decode the encrypted value if it's encrypted field type
5800 5799 if '.encrypted' in self._file_store_meta_value_type:
5801 5800 cipher = EncryptedTextValue()
5802 5801 val = safe_str(cipher.process_result_value(val, None))
5803 5802 # do final type conversion
5804 5803 converter = self.SETTINGS_TYPES.get(_type) or self.SETTINGS_TYPES['unicode']
5805 5804 val = converter(val)
5806 5805
5807 5806 return val
5808 5807
5809 5808 @file_store_meta_value.setter
5810 5809 def file_store_meta_value(self, val):
5811 5810 val = safe_str(val)
5812 5811 # encode the encrypted value
5813 5812 if '.encrypted' in self.file_store_meta_value_type:
5814 5813 cipher = EncryptedTextValue()
5815 5814 val = safe_str(cipher.process_bind_param(val, None))
5816 5815 self._file_store_meta_value = val
5817 5816
5818 5817 @hybrid_property
5819 5818 def file_store_meta_value_type(self):
5820 5819 return self._file_store_meta_value_type
5821 5820
5822 5821 @file_store_meta_value_type.setter
5823 5822 def file_store_meta_value_type(self, val):
5824 5823 # e.g unicode.encrypted
5825 5824 self.valid_value_type(val)
5826 5825 self._file_store_meta_value_type = val
5827 5826
5828 5827 def __json__(self):
5829 5828 data = {
5830 5829 'artifact': self.file_store.file_uid,
5831 5830 'section': self.file_store_meta_section,
5832 5831 'key': self.file_store_meta_key,
5833 5832 'value': self.file_store_meta_value,
5834 5833 }
5835 5834
5836 5835 return data
5837 5836
5838 5837 def __repr__(self):
5839 5838 return '<%s[%s]%s=>%s]>' % (self.cls_name, self.file_store_meta_section,
5840 5839 self.file_store_meta_key, self.file_store_meta_value)
5841 5840
5842 5841
5843 5842 class DbMigrateVersion(Base, BaseModel):
5844 5843 __tablename__ = 'db_migrate_version'
5845 5844 __table_args__ = (
5846 5845 base_table_args,
5847 5846 )
5848 5847
5849 5848 repository_id = Column('repository_id', String(250), primary_key=True)
5850 5849 repository_path = Column('repository_path', Text)
5851 5850 version = Column('version', Integer)
5852 5851
5853 5852 @classmethod
5854 5853 def set_version(cls, version):
5855 5854 """
5856 5855 Helper for forcing a different version, usually for debugging purposes via ishell.
5857 5856 """
5858 5857 ver = DbMigrateVersion.query().first()
5859 5858 ver.version = version
5860 5859 Session().commit()
5861 5860
5862 5861
5863 5862 class DbSession(Base, BaseModel):
5864 5863 __tablename__ = 'db_session'
5865 5864 __table_args__ = (
5866 5865 base_table_args,
5867 5866 )
5868 5867
5869 5868 def __repr__(self):
5870 5869 return f'<DB:DbSession({self.id})>'
5871 5870
5872 5871 id = Column('id', Integer())
5873 5872 namespace = Column('namespace', String(255), primary_key=True)
5874 5873 accessed = Column('accessed', DateTime, nullable=False)
5875 5874 created = Column('created', DateTime, nullable=False)
5876 5875 data = Column('data', PickleType, nullable=False)
General Comments 0
You need to be logged in to leave comments. Login now