##// END OF EJS Templates
fix(scheduler): fixed scheduler task UID conflicts due to orjson not understanding JSONRAW and also bad sorting usage...
super-admin -
r5452:c65da348 default
parent child Browse files
Show More
@@ -1,6043 +1,6050 b''
1 1 # Copyright (C) 2010-2023 RhodeCode GmbH
2 2 #
3 3 # This program is free software: you can redistribute it and/or modify
4 4 # it under the terms of the GNU Affero General Public License, version 3
5 5 # (only), as published by the Free Software Foundation.
6 6 #
7 7 # This program is distributed in the hope that it will be useful,
8 8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
9 9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 10 # GNU General Public License for more details.
11 11 #
12 12 # You should have received a copy of the GNU Affero General Public License
13 13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
14 14 #
15 15 # This program is dual-licensed. If you wish to learn more about the
16 16 # RhodeCode Enterprise Edition, including its added features, Support services,
17 17 # and proprietary license terms, please see https://rhodecode.com/licenses/
18 18
19 19 """
20 20 Database Models for RhodeCode Enterprise
21 21 """
22 22
23 23 import re
24 24 import os
25 25 import time
26 26 import string
27 27 import logging
28 28 import datetime
29 29 import uuid
30 30 import warnings
31 31 import ipaddress
32 32 import functools
33 33 import traceback
34 34 import collections
35 35
36 36 import pyotp
37 37 from sqlalchemy import (
38 38 or_, and_, not_, func, cast, TypeDecorator, event, select,
39 39 true, false, null, union_all,
40 40 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
41 41 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
42 42 Text, Float, PickleType, BigInteger)
43 43 from sqlalchemy.sql.expression import case
44 44 from sqlalchemy.sql.functions import coalesce, count # pragma: no cover
45 45 from sqlalchemy.orm import (
46 46 relationship, lazyload, joinedload, class_mapper, validates, aliased, load_only)
47 47 from sqlalchemy.ext.declarative import declared_attr
48 48 from sqlalchemy.ext.hybrid import hybrid_property
49 49 from sqlalchemy.exc import IntegrityError # pragma: no cover
50 50 from sqlalchemy.dialects.mysql import LONGTEXT
51 51 from zope.cachedescriptors.property import Lazy as LazyProperty
52 52 from pyramid.threadlocal import get_current_request
53 53 from webhelpers2.text import remove_formatting
54 54
55 55 from rhodecode import ConfigGet
56 56 from rhodecode.lib.str_utils import safe_bytes
57 57 from rhodecode.translation import _
58 58 from rhodecode.lib.vcs import get_vcs_instance, VCSError
59 59 from rhodecode.lib.vcs.backends.base import (
60 60 EmptyCommit, Reference, unicode_to_reference, reference_to_unicode)
61 61 from rhodecode.lib.utils2 import (
62 62 str2bool, safe_str, get_commit_safe, sha1_safe,
63 63 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
64 64 glob2re, StrictAttributeDict, cleaned_uri, datetime_to_time)
65 65 from rhodecode.lib.jsonalchemy import (
66 66 MutationObj, MutationList, JsonType, JsonRaw)
67 67 from rhodecode.lib.hash_utils import sha1
68 68 from rhodecode.lib import ext_json
69 69 from rhodecode.lib import enc_utils
70 70 from rhodecode.lib.ext_json import json, str_json
71 71 from rhodecode.lib.caching_query import FromCache
72 72 from rhodecode.lib.exceptions import (
73 73 ArtifactMetadataDuplicate, ArtifactMetadataBadValueType)
74 74 from rhodecode.model.meta import Base, Session
75 75
76 76 URL_SEP = '/'
77 77 log = logging.getLogger(__name__)
78 78
79 79 # =============================================================================
80 80 # BASE CLASSES
81 81 # =============================================================================
82 82
83 83 # this is propagated from .ini file rhodecode.encrypted_values.secret or
84 84 # beaker.session.secret if first is not set.
85 85 # and initialized at environment.py
86 86 ENCRYPTION_KEY: bytes = b''
87 87
88 88 # used to sort permissions by types, '#' used here is not allowed to be in
89 89 # usernames, and it's very early in sorted string.printable table.
90 90 PERMISSION_TYPE_SORT = {
91 91 'admin': '####',
92 92 'write': '###',
93 93 'read': '##',
94 94 'none': '#',
95 95 }
96 96
97 97
98 98 def display_user_sort(obj):
99 99 """
100 100 Sort function used to sort permissions in .permissions() function of
101 101 Repository, RepoGroup, UserGroup. Also it put the default user in front
102 102 of all other resources
103 103 """
104 104
105 105 if obj.username == User.DEFAULT_USER:
106 106 return '#####'
107 107 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
108 108 extra_sort_num = '1' # default
109 109
110 110 # NOTE(dan): inactive duplicates goes last
111 111 if getattr(obj, 'duplicate_perm', None):
112 112 extra_sort_num = '9'
113 113 return prefix + extra_sort_num + obj.username
114 114
115 115
116 116 def display_user_group_sort(obj):
117 117 """
118 118 Sort function used to sort permissions in .permissions() function of
119 119 Repository, RepoGroup, UserGroup. Also it put the default user in front
120 120 of all other resources
121 121 """
122 122
123 123 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
124 124 return prefix + obj.users_group_name
125 125
126 126
127 127 def _hash_key(k):
128 128 return sha1_safe(k)
129 129
130 130
131 131 def in_filter_generator(qry, items, limit=500):
132 132 """
133 133 Splits IN() into multiple with OR
134 134 e.g.::
135 135 cnt = Repository.query().filter(
136 136 or_(
137 137 *in_filter_generator(Repository.repo_id, range(100000))
138 138 )).count()
139 139 """
140 140 if not items:
141 141 # empty list will cause empty query which might cause security issues
142 142 # this can lead to hidden unpleasant results
143 143 items = [-1]
144 144
145 145 parts = []
146 146 for chunk in range(0, len(items), limit):
147 147 parts.append(
148 148 qry.in_(items[chunk: chunk + limit])
149 149 )
150 150
151 151 return parts
152 152
153 153
154 154 base_table_args = {
155 155 'extend_existing': True,
156 156 'mysql_engine': 'InnoDB',
157 157 'mysql_charset': 'utf8',
158 158 'sqlite_autoincrement': True
159 159 }
160 160
161 161
162 162 class EncryptedTextValue(TypeDecorator):
163 163 """
164 164 Special column for encrypted long text data, use like::
165 165
166 166 value = Column("encrypted_value", EncryptedValue(), nullable=False)
167 167
168 168 This column is intelligent so if value is in unencrypted form it return
169 169 unencrypted form, but on save it always encrypts
170 170 """
171 171 cache_ok = True
172 172 impl = Text
173 173
174 174 def process_bind_param(self, value, dialect):
175 175 """
176 176 Setter for storing value
177 177 """
178 178 import rhodecode
179 179 if not value:
180 180 return value
181 181
182 182 # protect against double encrypting if values is already encrypted
183 183 if value.startswith('enc$aes$') \
184 184 or value.startswith('enc$aes_hmac$') \
185 185 or value.startswith('enc2$'):
186 186 raise ValueError('value needs to be in unencrypted format, '
187 187 'ie. not starting with enc$ or enc2$')
188 188
189 189 algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
190 190 bytes_val = enc_utils.encrypt_value(value, enc_key=ENCRYPTION_KEY, algo=algo)
191 191 return safe_str(bytes_val)
192 192
193 193 def process_result_value(self, value, dialect):
194 194 """
195 195 Getter for retrieving value
196 196 """
197 197
198 198 import rhodecode
199 199 if not value:
200 200 return value
201 201
202 202 bytes_val = enc_utils.decrypt_value(value, enc_key=ENCRYPTION_KEY)
203 203
204 204 return safe_str(bytes_val)
205 205
206 206
207 207 class BaseModel(object):
208 208 """
209 209 Base Model for all classes
210 210 """
211 211
212 212 @classmethod
213 213 def _get_keys(cls):
214 214 """return column names for this model """
215 215 return class_mapper(cls).c.keys()
216 216
217 217 def get_dict(self):
218 218 """
219 219 return dict with keys and values corresponding
220 220 to this model data """
221 221
222 222 d = {}
223 223 for k in self._get_keys():
224 224 d[k] = getattr(self, k)
225 225
226 226 # also use __json__() if present to get additional fields
227 227 _json_attr = getattr(self, '__json__', None)
228 228 if _json_attr:
229 229 # update with attributes from __json__
230 230 if callable(_json_attr):
231 231 _json_attr = _json_attr()
232 232 for k, val in _json_attr.items():
233 233 d[k] = val
234 234 return d
235 235
236 236 def get_appstruct(self):
237 237 """return list with keys and values tuples corresponding
238 238 to this model data """
239 239
240 240 lst = []
241 241 for k in self._get_keys():
242 242 lst.append((k, getattr(self, k),))
243 243 return lst
244 244
245 245 def populate_obj(self, populate_dict):
246 246 """populate model with data from given populate_dict"""
247 247
248 248 for k in self._get_keys():
249 249 if k in populate_dict:
250 250 setattr(self, k, populate_dict[k])
251 251
252 252 @classmethod
253 253 def query(cls):
254 254 return Session().query(cls)
255 255
256 256 @classmethod
257 257 def select(cls, custom_cls=None):
258 258 """
259 259 stmt = cls.select().where(cls.user_id==1)
260 260 # optionally
261 261 stmt = cls.select(User.user_id).where(cls.user_id==1)
262 262 result = cls.execute(stmt) | cls.scalars(stmt)
263 263 """
264 264
265 265 if custom_cls:
266 266 stmt = select(custom_cls)
267 267 else:
268 268 stmt = select(cls)
269 269 return stmt
270 270
271 271 @classmethod
272 272 def execute(cls, stmt):
273 273 return Session().execute(stmt)
274 274
275 275 @classmethod
276 276 def scalars(cls, stmt):
277 277 return Session().scalars(stmt)
278 278
279 279 @classmethod
280 280 def get(cls, id_):
281 281 if id_:
282 282 return cls.query().get(id_)
283 283
284 284 @classmethod
285 285 def get_or_404(cls, id_):
286 286 from pyramid.httpexceptions import HTTPNotFound
287 287
288 288 try:
289 289 id_ = int(id_)
290 290 except (TypeError, ValueError):
291 291 raise HTTPNotFound()
292 292
293 293 res = cls.query().get(id_)
294 294 if not res:
295 295 raise HTTPNotFound()
296 296 return res
297 297
298 298 @classmethod
299 299 def getAll(cls):
300 300 # deprecated and left for backward compatibility
301 301 return cls.get_all()
302 302
303 303 @classmethod
304 304 def get_all(cls):
305 305 return cls.query().all()
306 306
307 307 @classmethod
308 308 def delete(cls, id_):
309 309 obj = cls.query().get(id_)
310 310 Session().delete(obj)
311 311
312 312 @classmethod
313 313 def identity_cache(cls, session, attr_name, value):
314 314 exist_in_session = []
315 315 for (item_cls, pkey), instance in session.identity_map.items():
316 316 if cls == item_cls and getattr(instance, attr_name) == value:
317 317 exist_in_session.append(instance)
318 318 if exist_in_session:
319 319 if len(exist_in_session) == 1:
320 320 return exist_in_session[0]
321 321 log.exception(
322 322 'multiple objects with attr %s and '
323 323 'value %s found with same name: %r',
324 324 attr_name, value, exist_in_session)
325 325
326 326 @property
327 327 def cls_name(self):
328 328 return self.__class__.__name__
329 329
330 330 def __repr__(self):
331 331 return f'<DB:{self.cls_name}>'
332 332
333 333
334 334 class RhodeCodeSetting(Base, BaseModel):
335 335 __tablename__ = 'rhodecode_settings'
336 336 __table_args__ = (
337 337 UniqueConstraint('app_settings_name'),
338 338 base_table_args
339 339 )
340 340
341 341 SETTINGS_TYPES = {
342 342 'str': safe_str,
343 343 'int': safe_int,
344 344 'unicode': safe_str,
345 345 'bool': str2bool,
346 346 'list': functools.partial(aslist, sep=',')
347 347 }
348 348 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
349 349 GLOBAL_CONF_KEY = 'app_settings'
350 350
351 351 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
352 352 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
353 353 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
354 354 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
355 355
356 356 def __init__(self, key='', val='', type='unicode'):
357 357 self.app_settings_name = key
358 358 self.app_settings_type = type
359 359 self.app_settings_value = val
360 360
361 361 @validates('_app_settings_value')
362 362 def validate_settings_value(self, key, val):
363 363 assert type(val) == str
364 364 return val
365 365
366 366 @hybrid_property
367 367 def app_settings_value(self):
368 368 v = self._app_settings_value
369 369 _type = self.app_settings_type
370 370 if _type:
371 371 _type = self.app_settings_type.split('.')[0]
372 372 # decode the encrypted value
373 373 if 'encrypted' in self.app_settings_type:
374 374 cipher = EncryptedTextValue()
375 375 v = safe_str(cipher.process_result_value(v, None))
376 376
377 377 converter = self.SETTINGS_TYPES.get(_type) or \
378 378 self.SETTINGS_TYPES['unicode']
379 379 return converter(v)
380 380
381 381 @app_settings_value.setter
382 382 def app_settings_value(self, val):
383 383 """
384 384 Setter that will always make sure we use unicode in app_settings_value
385 385
386 386 :param val:
387 387 """
388 388 val = safe_str(val)
389 389 # encode the encrypted value
390 390 if 'encrypted' in self.app_settings_type:
391 391 cipher = EncryptedTextValue()
392 392 val = safe_str(cipher.process_bind_param(val, None))
393 393 self._app_settings_value = val
394 394
395 395 @hybrid_property
396 396 def app_settings_type(self):
397 397 return self._app_settings_type
398 398
399 399 @app_settings_type.setter
400 400 def app_settings_type(self, val):
401 401 if val.split('.')[0] not in self.SETTINGS_TYPES:
402 402 raise Exception('type must be one of %s got %s'
403 403 % (self.SETTINGS_TYPES.keys(), val))
404 404 self._app_settings_type = val
405 405
406 406 @classmethod
407 407 def get_by_prefix(cls, prefix):
408 408 return RhodeCodeSetting.query()\
409 409 .filter(RhodeCodeSetting.app_settings_name.startswith(prefix))\
410 410 .all()
411 411
412 412 def __repr__(self):
413 413 return "<%s('%s:%s[%s]')>" % (
414 414 self.cls_name,
415 415 self.app_settings_name, self.app_settings_value,
416 416 self.app_settings_type
417 417 )
418 418
419 419
420 420 class RhodeCodeUi(Base, BaseModel):
421 421 __tablename__ = 'rhodecode_ui'
422 422 __table_args__ = (
423 423 UniqueConstraint('ui_key'),
424 424 base_table_args
425 425 )
426 426 # Sync those values with vcsserver.config.hooks
427 427
428 428 HOOK_REPO_SIZE = 'changegroup.repo_size'
429 429 # HG
430 430 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
431 431 HOOK_PULL = 'outgoing.pull_logger'
432 432 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
433 433 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
434 434 HOOK_PUSH = 'changegroup.push_logger'
435 435 HOOK_PUSH_KEY = 'pushkey.key_push'
436 436
437 437 HOOKS_BUILTIN = [
438 438 HOOK_PRE_PULL,
439 439 HOOK_PULL,
440 440 HOOK_PRE_PUSH,
441 441 HOOK_PRETX_PUSH,
442 442 HOOK_PUSH,
443 443 HOOK_PUSH_KEY,
444 444 ]
445 445
446 446 # TODO: johbo: Unify way how hooks are configured for git and hg,
447 447 # git part is currently hardcoded.
448 448
449 449 # SVN PATTERNS
450 450 SVN_BRANCH_ID = 'vcs_svn_branch'
451 451 SVN_TAG_ID = 'vcs_svn_tag'
452 452
453 453 ui_id = Column(
454 454 "ui_id", Integer(), nullable=False, unique=True, default=None,
455 455 primary_key=True)
456 456 ui_section = Column(
457 457 "ui_section", String(255), nullable=True, unique=None, default=None)
458 458 ui_key = Column(
459 459 "ui_key", String(255), nullable=True, unique=None, default=None)
460 460 ui_value = Column(
461 461 "ui_value", String(255), nullable=True, unique=None, default=None)
462 462 ui_active = Column(
463 463 "ui_active", Boolean(), nullable=True, unique=None, default=True)
464 464
465 465 def __repr__(self):
466 466 return '<%s[%s]%s=>%s]>' % (self.cls_name, self.ui_section,
467 467 self.ui_key, self.ui_value)
468 468
469 469
470 470 class RepoRhodeCodeSetting(Base, BaseModel):
471 471 __tablename__ = 'repo_rhodecode_settings'
472 472 __table_args__ = (
473 473 UniqueConstraint(
474 474 'app_settings_name', 'repository_id',
475 475 name='uq_repo_rhodecode_setting_name_repo_id'),
476 476 base_table_args
477 477 )
478 478
479 479 repository_id = Column(
480 480 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
481 481 nullable=False)
482 482 app_settings_id = Column(
483 483 "app_settings_id", Integer(), nullable=False, unique=True,
484 484 default=None, primary_key=True)
485 485 app_settings_name = Column(
486 486 "app_settings_name", String(255), nullable=True, unique=None,
487 487 default=None)
488 488 _app_settings_value = Column(
489 489 "app_settings_value", String(4096), nullable=True, unique=None,
490 490 default=None)
491 491 _app_settings_type = Column(
492 492 "app_settings_type", String(255), nullable=True, unique=None,
493 493 default=None)
494 494
495 495 repository = relationship('Repository', viewonly=True)
496 496
497 497 def __init__(self, repository_id, key='', val='', type='unicode'):
498 498 self.repository_id = repository_id
499 499 self.app_settings_name = key
500 500 self.app_settings_type = type
501 501 self.app_settings_value = val
502 502
503 503 @validates('_app_settings_value')
504 504 def validate_settings_value(self, key, val):
505 505 assert type(val) == str
506 506 return val
507 507
508 508 @hybrid_property
509 509 def app_settings_value(self):
510 510 v = self._app_settings_value
511 511 type_ = self.app_settings_type
512 512 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
513 513 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
514 514 return converter(v)
515 515
516 516 @app_settings_value.setter
517 517 def app_settings_value(self, val):
518 518 """
519 519 Setter that will always make sure we use unicode in app_settings_value
520 520
521 521 :param val:
522 522 """
523 523 self._app_settings_value = safe_str(val)
524 524
525 525 @hybrid_property
526 526 def app_settings_type(self):
527 527 return self._app_settings_type
528 528
529 529 @app_settings_type.setter
530 530 def app_settings_type(self, val):
531 531 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
532 532 if val not in SETTINGS_TYPES:
533 533 raise Exception('type must be one of %s got %s'
534 534 % (SETTINGS_TYPES.keys(), val))
535 535 self._app_settings_type = val
536 536
537 537 def __repr__(self):
538 538 return "<%s('%s:%s:%s[%s]')>" % (
539 539 self.cls_name, self.repository.repo_name,
540 540 self.app_settings_name, self.app_settings_value,
541 541 self.app_settings_type
542 542 )
543 543
544 544
545 545 class RepoRhodeCodeUi(Base, BaseModel):
546 546 __tablename__ = 'repo_rhodecode_ui'
547 547 __table_args__ = (
548 548 UniqueConstraint(
549 549 'repository_id', 'ui_section', 'ui_key',
550 550 name='uq_repo_rhodecode_ui_repository_id_section_key'),
551 551 base_table_args
552 552 )
553 553
554 554 repository_id = Column(
555 555 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
556 556 nullable=False)
557 557 ui_id = Column(
558 558 "ui_id", Integer(), nullable=False, unique=True, default=None,
559 559 primary_key=True)
560 560 ui_section = Column(
561 561 "ui_section", String(255), nullable=True, unique=None, default=None)
562 562 ui_key = Column(
563 563 "ui_key", String(255), nullable=True, unique=None, default=None)
564 564 ui_value = Column(
565 565 "ui_value", String(255), nullable=True, unique=None, default=None)
566 566 ui_active = Column(
567 567 "ui_active", Boolean(), nullable=True, unique=None, default=True)
568 568
569 569 repository = relationship('Repository', viewonly=True)
570 570
571 571 def __repr__(self):
572 572 return '<%s[%s:%s]%s=>%s]>' % (
573 573 self.cls_name, self.repository.repo_name,
574 574 self.ui_section, self.ui_key, self.ui_value)
575 575
576 576
577 577 class User(Base, BaseModel):
578 578 __tablename__ = 'users'
579 579 __table_args__ = (
580 580 UniqueConstraint('username'), UniqueConstraint('email'),
581 581 Index('u_username_idx', 'username'),
582 582 Index('u_email_idx', 'email'),
583 583 base_table_args
584 584 )
585 585
586 586 DEFAULT_USER = 'default'
587 587 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
588 588 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
589 589 RECOVERY_CODES_COUNT = 10
590 590
591 591 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
592 592 username = Column("username", String(255), nullable=True, unique=None, default=None)
593 593 password = Column("password", String(255), nullable=True, unique=None, default=None)
594 594 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
595 595 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
596 596 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
597 597 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
598 598 _email = Column("email", String(255), nullable=True, unique=None, default=None)
599 599 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
600 600 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
601 601 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
602 602
603 603 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
604 604 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
605 605 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
606 606 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
607 607 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
608 608 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
609 609
610 610 user_log = relationship('UserLog', back_populates='user')
611 611 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all, delete-orphan')
612 612
613 613 repositories = relationship('Repository', back_populates='user')
614 614 repository_groups = relationship('RepoGroup', back_populates='user')
615 615 user_groups = relationship('UserGroup', back_populates='user')
616 616
617 617 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all', back_populates='follows_user')
618 618 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all', back_populates='user')
619 619
620 620 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all, delete-orphan')
621 621 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan', back_populates='user')
622 622 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan', back_populates='user')
623 623
624 624 group_member = relationship('UserGroupMember', cascade='all', back_populates='user')
625 625
626 626 notifications = relationship('UserNotification', cascade='all', back_populates='user')
627 627 # notifications assigned to this user
628 628 user_created_notifications = relationship('Notification', cascade='all', back_populates='created_by_user')
629 629 # comments created by this user
630 630 user_comments = relationship('ChangesetComment', cascade='all', back_populates='author')
631 631 # user profile extra info
632 632 user_emails = relationship('UserEmailMap', cascade='all', back_populates='user')
633 633 user_ip_map = relationship('UserIpMap', cascade='all', back_populates='user')
634 634 user_auth_tokens = relationship('UserApiKeys', cascade='all', back_populates='user')
635 635 user_ssh_keys = relationship('UserSshKeys', cascade='all', back_populates='user')
636 636
637 637 # gists
638 638 user_gists = relationship('Gist', cascade='all', back_populates='owner')
639 639 # user pull requests
640 640 user_pull_requests = relationship('PullRequest', cascade='all', back_populates='author')
641 641
642 642 # external identities
643 643 external_identities = relationship('ExternalIdentity', primaryjoin="User.user_id==ExternalIdentity.local_user_id", cascade='all')
644 644 # review rules
645 645 user_review_rules = relationship('RepoReviewRuleUser', cascade='all', back_populates='user')
646 646
647 647 # artifacts owned
648 648 artifacts = relationship('FileStore', primaryjoin='FileStore.user_id==User.user_id', back_populates='upload_user')
649 649
650 650 # no cascade, set NULL
651 651 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_user_id==User.user_id', cascade='', back_populates='user')
652 652
653 653 def __repr__(self):
654 654 return f"<{self.cls_name}('id={self.user_id}, username={self.username}')>"
655 655
656 656 @hybrid_property
657 657 def email(self):
658 658 return self._email
659 659
660 660 @email.setter
661 661 def email(self, val):
662 662 self._email = val.lower() if val else None
663 663
664 664 @hybrid_property
665 665 def first_name(self):
666 666 from rhodecode.lib import helpers as h
667 667 if self.name:
668 668 return h.escape(self.name)
669 669 return self.name
670 670
671 671 @hybrid_property
672 672 def last_name(self):
673 673 from rhodecode.lib import helpers as h
674 674 if self.lastname:
675 675 return h.escape(self.lastname)
676 676 return self.lastname
677 677
678 678 @hybrid_property
679 679 def api_key(self):
680 680 """
681 681 Fetch if exist an auth-token with role ALL connected to this user
682 682 """
683 683 user_auth_token = UserApiKeys.query()\
684 684 .filter(UserApiKeys.user_id == self.user_id)\
685 685 .filter(or_(UserApiKeys.expires == -1,
686 686 UserApiKeys.expires >= time.time()))\
687 687 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
688 688 if user_auth_token:
689 689 user_auth_token = user_auth_token.api_key
690 690
691 691 return user_auth_token
692 692
693 693 @api_key.setter
694 694 def api_key(self, val):
695 695 # don't allow to set API key this is deprecated for now
696 696 self._api_key = None
697 697
698 698 @property
699 699 def reviewer_pull_requests(self):
700 700 return PullRequestReviewers.query() \
701 701 .options(joinedload(PullRequestReviewers.pull_request)) \
702 702 .filter(PullRequestReviewers.user_id == self.user_id) \
703 703 .all()
704 704
705 705 @property
706 706 def firstname(self):
707 707 # alias for future
708 708 return self.name
709 709
710 710 @property
711 711 def emails(self):
712 712 other = UserEmailMap.query()\
713 713 .filter(UserEmailMap.user == self) \
714 714 .order_by(UserEmailMap.email_id.asc()) \
715 715 .all()
716 716 return [self.email] + [x.email for x in other]
717 717
718 718 def emails_cached(self):
719 719 emails = []
720 720 if self.user_id != self.get_default_user_id():
721 721 emails = UserEmailMap.query()\
722 722 .filter(UserEmailMap.user == self) \
723 723 .order_by(UserEmailMap.email_id.asc())
724 724
725 725 emails = emails.options(
726 726 FromCache("sql_cache_short", f"get_user_{self.user_id}_emails")
727 727 )
728 728
729 729 return [self.email] + [x.email for x in emails]
730 730
731 731 @property
732 732 def auth_tokens(self):
733 733 auth_tokens = self.get_auth_tokens()
734 734 return [x.api_key for x in auth_tokens]
735 735
736 736 def get_auth_tokens(self):
737 737 return UserApiKeys.query()\
738 738 .filter(UserApiKeys.user == self)\
739 739 .order_by(UserApiKeys.user_api_key_id.asc())\
740 740 .all()
741 741
742 742 @LazyProperty
743 743 def feed_token(self):
744 744 return self.get_feed_token()
745 745
746 746 def get_feed_token(self, cache=True):
747 747 feed_tokens = UserApiKeys.query()\
748 748 .filter(UserApiKeys.user == self)\
749 749 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
750 750 if cache:
751 751 feed_tokens = feed_tokens.options(
752 752 FromCache("sql_cache_short", f"get_user_feed_token_{self.user_id}"))
753 753
754 754 feed_tokens = feed_tokens.all()
755 755 if feed_tokens:
756 756 return feed_tokens[0].api_key
757 757 return 'NO_FEED_TOKEN_AVAILABLE'
758 758
759 759 @LazyProperty
760 760 def artifact_token(self):
761 761 return self.get_artifact_token()
762 762
763 763 def get_artifact_token(self, cache=True):
764 764 artifacts_tokens = UserApiKeys.query()\
765 765 .filter(UserApiKeys.user == self) \
766 766 .filter(or_(UserApiKeys.expires == -1,
767 767 UserApiKeys.expires >= time.time())) \
768 768 .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
769 769
770 770 if cache:
771 771 artifacts_tokens = artifacts_tokens.options(
772 772 FromCache("sql_cache_short", f"get_user_artifact_token_{self.user_id}"))
773 773
774 774 artifacts_tokens = artifacts_tokens.all()
775 775 if artifacts_tokens:
776 776 return artifacts_tokens[0].api_key
777 777 return 'NO_ARTIFACT_TOKEN_AVAILABLE'
778 778
779 779 def get_or_create_artifact_token(self):
780 780 artifacts_tokens = UserApiKeys.query()\
781 781 .filter(UserApiKeys.user == self) \
782 782 .filter(or_(UserApiKeys.expires == -1,
783 783 UserApiKeys.expires >= time.time())) \
784 784 .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
785 785
786 786 artifacts_tokens = artifacts_tokens.all()
787 787 if artifacts_tokens:
788 788 return artifacts_tokens[0].api_key
789 789 else:
790 790 from rhodecode.model.auth_token import AuthTokenModel
791 791 artifact_token = AuthTokenModel().create(
792 792 self, 'auto-generated-artifact-token',
793 793 lifetime=-1, role=UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
794 794 Session.commit()
795 795 return artifact_token.api_key
796 796
797 797 def is_totp_valid(self, received_code, secret):
798 798 totp = pyotp.TOTP(secret)
799 799 return totp.verify(received_code)
800 800
801 801 def is_2fa_recovery_code_valid(self, received_code, secret):
802 802 encrypted_recovery_codes = self.user_data.get('recovery_codes_2fa', [])
803 803 recovery_codes = self.get_2fa_recovery_codes()
804 804 if received_code in recovery_codes:
805 805 encrypted_recovery_codes.pop(recovery_codes.index(received_code))
806 806 self.update_userdata(recovery_codes_2fa=encrypted_recovery_codes)
807 807 return True
808 808 return False
809 809
810 810 @hybrid_property
811 811 def has_forced_2fa(self):
812 812 """
813 813 Checks if 2fa was forced for current user
814 814 """
815 815 from rhodecode.model.settings import SettingsModel
816 816 if value := SettingsModel().get_setting_by_name(f'auth_{self.extern_type}_global_2fa'):
817 817 return value.app_settings_value
818 818 return False
819 819
820 820 @hybrid_property
821 821 def has_enabled_2fa(self):
822 822 """
823 823 Checks if user enabled 2fa
824 824 """
825 825 if value := self.has_forced_2fa:
826 826 return value
827 827 return self.user_data.get('enabled_2fa', False)
828 828
829 829 @has_enabled_2fa.setter
830 830 def has_enabled_2fa(self, val):
831 831 val = str2bool(val)
832 832 self.update_userdata(enabled_2fa=val)
833 833 if not val:
834 834 # NOTE: setting to false we clear the user_data to not store any 2fa artifacts
835 835 self.update_userdata(secret_2fa=None, recovery_codes_2fa=[], check_2fa=False)
836 836 Session().commit()
837 837
838 838 @hybrid_property
839 839 def check_2fa_required(self):
840 840 """
841 841 Check if check 2fa flag is set for this user
842 842 """
843 843 value = self.user_data.get('check_2fa', False)
844 844 return value
845 845
846 846 @check_2fa_required.setter
847 847 def check_2fa_required(self, val):
848 848 val = str2bool(val)
849 849 self.update_userdata(check_2fa=val)
850 850 Session().commit()
851 851
852 852 @hybrid_property
853 853 def has_seen_2fa_codes(self):
854 854 """
855 855 get the flag about if user has seen 2fa recovery codes
856 856 """
857 857 value = self.user_data.get('recovery_codes_2fa_seen', False)
858 858 return value
859 859
860 860 @has_seen_2fa_codes.setter
861 861 def has_seen_2fa_codes(self, val):
862 862 val = str2bool(val)
863 863 self.update_userdata(recovery_codes_2fa_seen=val)
864 864 Session().commit()
865 865
866 866 @hybrid_property
867 867 def needs_2fa_configure(self):
868 868 """
869 869 Determines if setup2fa has completed for this user. Means he has all needed data for 2fa to work.
870 870
871 871 Currently this is 2fa enabled and secret exists
872 872 """
873 873 if self.has_enabled_2fa:
874 874 return not self.user_data.get('secret_2fa')
875 875 return False
876 876
877 877 def init_2fa_recovery_codes(self, persist=True, force=False):
878 878 """
879 879 Creates 2fa recovery codes
880 880 """
881 881 recovery_codes = self.user_data.get('recovery_codes_2fa', [])
882 882 encrypted_codes = []
883 883 if not recovery_codes or force:
884 884 for _ in range(self.RECOVERY_CODES_COUNT):
885 885 recovery_code = pyotp.random_base32()
886 886 recovery_codes.append(recovery_code)
887 887 encrypted_code = enc_utils.encrypt_value(safe_bytes(recovery_code), enc_key=ENCRYPTION_KEY)
888 888 encrypted_codes.append(safe_str(encrypted_code))
889 889 if persist:
890 890 self.update_userdata(recovery_codes_2fa=encrypted_codes, recovery_codes_2fa_seen=False)
891 891 return recovery_codes
892 892 # User should not check the same recovery codes more than once
893 893 return []
894 894
895 895 def get_2fa_recovery_codes(self):
896 896 encrypted_recovery_codes = self.user_data.get('recovery_codes_2fa', [])
897 897
898 898 recovery_codes = list(map(
899 899 lambda val: safe_str(
900 900 enc_utils.decrypt_value(
901 901 val,
902 902 enc_key=ENCRYPTION_KEY
903 903 )),
904 904 encrypted_recovery_codes))
905 905 return recovery_codes
906 906
907 907 def init_secret_2fa(self, persist=True, force=False):
908 908 secret_2fa = self.user_data.get('secret_2fa')
909 909 if not secret_2fa or force:
910 910 secret = pyotp.random_base32()
911 911 if persist:
912 912 self.update_userdata(secret_2fa=safe_str(enc_utils.encrypt_value(safe_bytes(secret), enc_key=ENCRYPTION_KEY)))
913 913 return secret
914 914 return ''
915 915
916 916 @hybrid_property
917 917 def secret_2fa(self) -> str:
918 918 """
919 919 get stored secret for 2fa
920 920 """
921 921 secret_2fa = self.user_data.get('secret_2fa')
922 922 if secret_2fa:
923 923 return safe_str(
924 924 enc_utils.decrypt_value(secret_2fa, enc_key=ENCRYPTION_KEY))
925 925 return ''
926 926
927 927 @secret_2fa.setter
928 928 def secret_2fa(self, value: str) -> None:
929 929 encrypted_value = enc_utils.encrypt_value(safe_bytes(value), enc_key=ENCRYPTION_KEY)
930 930 self.update_userdata(secret_2fa=safe_str(encrypted_value))
931 931
932 932 def regenerate_2fa_recovery_codes(self):
933 933 """
934 934 Regenerates 2fa recovery codes upon request
935 935 """
936 936 new_recovery_codes = self.init_2fa_recovery_codes(force=True)
937 937 Session().commit()
938 938 return new_recovery_codes
939 939
940 940 @classmethod
941 941 def extra_valid_auth_tokens(cls, user, role=None):
942 942 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
943 943 .filter(or_(UserApiKeys.expires == -1,
944 944 UserApiKeys.expires >= time.time()))
945 945 if role:
946 946 tokens = tokens.filter(or_(UserApiKeys.role == role,
947 947 UserApiKeys.role == UserApiKeys.ROLE_ALL))
948 948 return tokens.all()
949 949
950 950 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
951 951 from rhodecode.lib import auth
952 952
953 953 log.debug('Trying to authenticate user: %s via auth-token, '
954 954 'and roles: %s', self, roles)
955 955
956 956 if not auth_token:
957 957 return False
958 958
959 959 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
960 960 tokens_q = UserApiKeys.query()\
961 961 .filter(UserApiKeys.user_id == self.user_id)\
962 962 .filter(or_(UserApiKeys.expires == -1,
963 963 UserApiKeys.expires >= time.time()))
964 964
965 965 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
966 966
967 967 crypto_backend = auth.crypto_backend()
968 968 enc_token_map = {}
969 969 plain_token_map = {}
970 970 for token in tokens_q:
971 971 if token.api_key.startswith(crypto_backend.ENC_PREF):
972 972 enc_token_map[token.api_key] = token
973 973 else:
974 974 plain_token_map[token.api_key] = token
975 975 log.debug(
976 976 'Found %s plain and %s encrypted tokens to check for authentication for this user',
977 977 len(plain_token_map), len(enc_token_map))
978 978
979 979 # plain token match comes first
980 980 match = plain_token_map.get(auth_token)
981 981
982 982 # check encrypted tokens now
983 983 if not match:
984 984 for token_hash, token in enc_token_map.items():
985 985 # NOTE(marcink): this is expensive to calculate, but most secure
986 986 if crypto_backend.hash_check(auth_token, token_hash):
987 987 match = token
988 988 break
989 989
990 990 if match:
991 991 log.debug('Found matching token %s', match)
992 992 if match.repo_id:
993 993 log.debug('Found scope, checking for scope match of token %s', match)
994 994 if match.repo_id == scope_repo_id:
995 995 return True
996 996 else:
997 997 log.debug(
998 998 'AUTH_TOKEN: scope mismatch, token has a set repo scope: %s, '
999 999 'and calling scope is:%s, skipping further checks',
1000 1000 match.repo, scope_repo_id)
1001 1001 return False
1002 1002 else:
1003 1003 return True
1004 1004
1005 1005 return False
1006 1006
1007 1007 @property
1008 1008 def ip_addresses(self):
1009 1009 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
1010 1010 return [x.ip_addr for x in ret]
1011 1011
1012 1012 @property
1013 1013 def username_and_name(self):
1014 1014 return f'{self.username} ({self.first_name} {self.last_name})'
1015 1015
1016 1016 @property
1017 1017 def username_or_name_or_email(self):
1018 1018 full_name = self.full_name if self.full_name != ' ' else None
1019 1019 return self.username or full_name or self.email
1020 1020
1021 1021 @property
1022 1022 def full_name(self):
1023 1023 return f'{self.first_name} {self.last_name}'
1024 1024
1025 1025 @property
1026 1026 def full_name_or_username(self):
1027 1027 return (f'{self.first_name} {self.last_name}'
1028 1028 if (self.first_name and self.last_name) else self.username)
1029 1029
1030 1030 @property
1031 1031 def full_contact(self):
1032 1032 return f'{self.first_name} {self.last_name} <{self.email}>'
1033 1033
1034 1034 @property
1035 1035 def short_contact(self):
1036 1036 return f'{self.first_name} {self.last_name}'
1037 1037
1038 1038 @property
1039 1039 def is_admin(self):
1040 1040 return self.admin
1041 1041
1042 1042 @property
1043 1043 def language(self):
1044 1044 return self.user_data.get('language')
1045 1045
1046 1046 def AuthUser(self, **kwargs):
1047 1047 """
1048 1048 Returns instance of AuthUser for this user
1049 1049 """
1050 1050 from rhodecode.lib.auth import AuthUser
1051 1051 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
1052 1052
1053 1053 @hybrid_property
1054 1054 def user_data(self):
1055 1055 if not self._user_data:
1056 1056 return {}
1057 1057
1058 1058 try:
1059 1059 return json.loads(self._user_data) or {}
1060 1060 except TypeError:
1061 1061 return {}
1062 1062
1063 1063 @user_data.setter
1064 1064 def user_data(self, val):
1065 1065 if not isinstance(val, dict):
1066 1066 raise Exception(f'user_data must be dict, got {type(val)}')
1067 1067 try:
1068 1068 self._user_data = safe_bytes(json.dumps(val))
1069 1069 except Exception:
1070 1070 log.error(traceback.format_exc())
1071 1071
1072 1072 @classmethod
1073 1073 def get(cls, user_id, cache=False):
1074 1074 if not user_id:
1075 1075 return
1076 1076
1077 1077 user = cls.query()
1078 1078 if cache:
1079 1079 user = user.options(
1080 1080 FromCache("sql_cache_short", f"get_users_{user_id}"))
1081 1081 return user.get(user_id)
1082 1082
1083 1083 @classmethod
1084 1084 def get_by_username(cls, username, case_insensitive=False,
1085 1085 cache=False):
1086 1086
1087 1087 if case_insensitive:
1088 1088 q = cls.select().where(
1089 1089 func.lower(cls.username) == func.lower(username))
1090 1090 else:
1091 1091 q = cls.select().where(cls.username == username)
1092 1092
1093 1093 if cache:
1094 1094 hash_key = _hash_key(username)
1095 1095 q = q.options(
1096 1096 FromCache("sql_cache_short", f"get_user_by_name_{hash_key}"))
1097 1097
1098 1098 return cls.execute(q).scalar_one_or_none()
1099 1099
1100 1100 @classmethod
1101 1101 def get_by_username_or_primary_email(cls, user_identifier):
1102 1102 qs = union_all(cls.select().where(func.lower(cls.username) == func.lower(user_identifier)),
1103 1103 cls.select().where(func.lower(cls.email) == func.lower(user_identifier)))
1104 1104 return cls.execute(cls.select(User).from_statement(qs)).scalar_one_or_none()
1105 1105
1106 1106 @classmethod
1107 1107 def get_by_auth_token(cls, auth_token, cache=False):
1108 1108
1109 1109 q = cls.select(User)\
1110 1110 .join(UserApiKeys)\
1111 1111 .where(UserApiKeys.api_key == auth_token)\
1112 1112 .where(or_(UserApiKeys.expires == -1,
1113 1113 UserApiKeys.expires >= time.time()))
1114 1114
1115 1115 if cache:
1116 1116 q = q.options(
1117 1117 FromCache("sql_cache_short", f"get_auth_token_{auth_token}"))
1118 1118
1119 1119 matched_user = cls.execute(q).scalar_one_or_none()
1120 1120
1121 1121 return matched_user
1122 1122
1123 1123 @classmethod
1124 1124 def get_by_email(cls, email, case_insensitive=False, cache=False):
1125 1125
1126 1126 if case_insensitive:
1127 1127 q = cls.select().where(func.lower(cls.email) == func.lower(email))
1128 1128 else:
1129 1129 q = cls.select().where(cls.email == email)
1130 1130
1131 1131 if cache:
1132 1132 email_key = _hash_key(email)
1133 1133 q = q.options(
1134 1134 FromCache("sql_cache_short", f"get_email_key_{email_key}"))
1135 1135
1136 1136 ret = cls.execute(q).scalar_one_or_none()
1137 1137
1138 1138 if ret is None:
1139 1139 q = cls.select(UserEmailMap)
1140 1140 # try fetching in alternate email map
1141 1141 if case_insensitive:
1142 1142 q = q.where(func.lower(UserEmailMap.email) == func.lower(email))
1143 1143 else:
1144 1144 q = q.where(UserEmailMap.email == email)
1145 1145 q = q.options(joinedload(UserEmailMap.user))
1146 1146 if cache:
1147 1147 q = q.options(
1148 1148 FromCache("sql_cache_short", f"get_email_map_key_{email_key}"))
1149 1149
1150 1150 result = cls.execute(q).scalar_one_or_none()
1151 1151 ret = getattr(result, 'user', None)
1152 1152
1153 1153 return ret
1154 1154
1155 1155 @classmethod
1156 1156 def get_from_cs_author(cls, author):
1157 1157 """
1158 1158 Tries to get User objects out of commit author string
1159 1159
1160 1160 :param author:
1161 1161 """
1162 1162 from rhodecode.lib.helpers import email, author_name
1163 1163 # Valid email in the attribute passed, see if they're in the system
1164 1164 _email = email(author)
1165 1165 if _email:
1166 1166 user = cls.get_by_email(_email, case_insensitive=True)
1167 1167 if user:
1168 1168 return user
1169 1169 # Maybe we can match by username?
1170 1170 _author = author_name(author)
1171 1171 user = cls.get_by_username(_author, case_insensitive=True)
1172 1172 if user:
1173 1173 return user
1174 1174
1175 1175 def update_userdata(self, **kwargs):
1176 1176 usr = self
1177 1177 old = usr.user_data
1178 1178 old.update(**kwargs)
1179 1179 usr.user_data = old
1180 1180 Session().add(usr)
1181 1181 log.debug('updated userdata with %s', kwargs)
1182 1182
1183 1183 def update_lastlogin(self):
1184 1184 """Update user lastlogin"""
1185 1185 self.last_login = datetime.datetime.now()
1186 1186 Session().add(self)
1187 1187 log.debug('updated user %s lastlogin', self.username)
1188 1188
1189 1189 def update_password(self, new_password):
1190 1190 from rhodecode.lib.auth import get_crypt_password
1191 1191
1192 1192 self.password = get_crypt_password(new_password)
1193 1193 Session().add(self)
1194 1194
1195 1195 @classmethod
1196 1196 def get_first_super_admin(cls):
1197 1197 stmt = cls.select().where(User.admin == true()).order_by(User.user_id.asc())
1198 1198 user = cls.scalars(stmt).first()
1199 1199
1200 1200 if user is None:
1201 1201 raise Exception('FATAL: Missing administrative account!')
1202 1202 return user
1203 1203
1204 1204 @classmethod
1205 1205 def get_all_super_admins(cls, only_active=False):
1206 1206 """
1207 1207 Returns all admin accounts sorted by username
1208 1208 """
1209 1209 qry = User.query().filter(User.admin == true()).order_by(User.username.asc())
1210 1210 if only_active:
1211 1211 qry = qry.filter(User.active == true())
1212 1212 return qry.all()
1213 1213
1214 1214 @classmethod
1215 1215 def get_all_user_ids(cls, only_active=True):
1216 1216 """
1217 1217 Returns all users IDs
1218 1218 """
1219 1219 qry = Session().query(User.user_id)
1220 1220
1221 1221 if only_active:
1222 1222 qry = qry.filter(User.active == true())
1223 1223 return [x.user_id for x in qry]
1224 1224
1225 1225 @classmethod
1226 1226 def get_default_user(cls, cache=False, refresh=False):
1227 1227 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
1228 1228 if user is None:
1229 1229 raise Exception('FATAL: Missing default account!')
1230 1230 if refresh:
1231 1231 # The default user might be based on outdated state which
1232 1232 # has been loaded from the cache.
1233 1233 # A call to refresh() ensures that the
1234 1234 # latest state from the database is used.
1235 1235 Session().refresh(user)
1236 1236
1237 1237 return user
1238 1238
1239 1239 @classmethod
1240 1240 def get_default_user_id(cls):
1241 1241 import rhodecode
1242 1242 return rhodecode.CONFIG['default_user_id']
1243 1243
1244 1244 def _get_default_perms(self, user, suffix=''):
1245 1245 from rhodecode.model.permission import PermissionModel
1246 1246 return PermissionModel().get_default_perms(user.user_perms, suffix)
1247 1247
1248 1248 def get_default_perms(self, suffix=''):
1249 1249 return self._get_default_perms(self, suffix)
1250 1250
1251 1251 def get_api_data(self, include_secrets=False, details='full'):
1252 1252 """
1253 1253 Common function for generating user related data for API
1254 1254
1255 1255 :param include_secrets: By default secrets in the API data will be replaced
1256 1256 by a placeholder value to prevent exposing this data by accident. In case
1257 1257 this data shall be exposed, set this flag to ``True``.
1258 1258
1259 1259 :param details: details can be 'basic|full' basic gives only a subset of
1260 1260 the available user information that includes user_id, name and emails.
1261 1261 """
1262 1262 user = self
1263 1263 user_data = self.user_data
1264 1264 data = {
1265 1265 'user_id': user.user_id,
1266 1266 'username': user.username,
1267 1267 'firstname': user.name,
1268 1268 'lastname': user.lastname,
1269 1269 'description': user.description,
1270 1270 'email': user.email,
1271 1271 'emails': user.emails,
1272 1272 }
1273 1273 if details == 'basic':
1274 1274 return data
1275 1275
1276 1276 auth_token_length = 40
1277 1277 auth_token_replacement = '*' * auth_token_length
1278 1278
1279 1279 extras = {
1280 1280 'auth_tokens': [auth_token_replacement],
1281 1281 'active': user.active,
1282 1282 'admin': user.admin,
1283 1283 'extern_type': user.extern_type,
1284 1284 'extern_name': user.extern_name,
1285 1285 'last_login': user.last_login,
1286 1286 'last_activity': user.last_activity,
1287 1287 'ip_addresses': user.ip_addresses,
1288 1288 'language': user_data.get('language')
1289 1289 }
1290 1290 data.update(extras)
1291 1291
1292 1292 if include_secrets:
1293 1293 data['auth_tokens'] = user.auth_tokens
1294 1294 return data
1295 1295
1296 1296 def __json__(self):
1297 1297 data = {
1298 1298 'full_name': self.full_name,
1299 1299 'full_name_or_username': self.full_name_or_username,
1300 1300 'short_contact': self.short_contact,
1301 1301 'full_contact': self.full_contact,
1302 1302 }
1303 1303 data.update(self.get_api_data())
1304 1304 return data
1305 1305
1306 1306
1307 1307 class UserApiKeys(Base, BaseModel):
1308 1308 __tablename__ = 'user_api_keys'
1309 1309 __table_args__ = (
1310 1310 Index('uak_api_key_idx', 'api_key'),
1311 1311 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1312 1312 base_table_args
1313 1313 )
1314 1314
1315 1315 # ApiKey role
1316 1316 ROLE_ALL = 'token_role_all'
1317 1317 ROLE_VCS = 'token_role_vcs'
1318 1318 ROLE_API = 'token_role_api'
1319 1319 ROLE_HTTP = 'token_role_http'
1320 1320 ROLE_FEED = 'token_role_feed'
1321 1321 ROLE_ARTIFACT_DOWNLOAD = 'role_artifact_download'
1322 1322 # The last one is ignored in the list as we only
1323 1323 # use it for one action, and cannot be created by users
1324 1324 ROLE_PASSWORD_RESET = 'token_password_reset'
1325 1325
1326 1326 ROLES = [ROLE_ALL, ROLE_VCS, ROLE_API, ROLE_HTTP, ROLE_FEED, ROLE_ARTIFACT_DOWNLOAD]
1327 1327
1328 1328 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1329 1329 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1330 1330 api_key = Column("api_key", String(255), nullable=False, unique=True)
1331 1331 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1332 1332 expires = Column('expires', Float(53), nullable=False)
1333 1333 role = Column('role', String(255), nullable=True)
1334 1334 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1335 1335
1336 1336 # scope columns
1337 1337 repo_id = Column(
1338 1338 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1339 1339 nullable=True, unique=None, default=None)
1340 1340 repo = relationship('Repository', lazy='joined', back_populates='scoped_tokens')
1341 1341
1342 1342 repo_group_id = Column(
1343 1343 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1344 1344 nullable=True, unique=None, default=None)
1345 1345 repo_group = relationship('RepoGroup', lazy='joined')
1346 1346
1347 1347 user = relationship('User', lazy='joined', back_populates='user_auth_tokens')
1348 1348
1349 1349 def __repr__(self):
1350 1350 return f"<{self.cls_name}('{self.role}')>"
1351 1351
1352 1352 def __json__(self):
1353 1353 data = {
1354 1354 'auth_token': self.api_key,
1355 1355 'role': self.role,
1356 1356 'scope': self.scope_humanized,
1357 1357 'expired': self.expired
1358 1358 }
1359 1359 return data
1360 1360
1361 1361 def get_api_data(self, include_secrets=False):
1362 1362 data = self.__json__()
1363 1363 if include_secrets:
1364 1364 return data
1365 1365 else:
1366 1366 data['auth_token'] = self.token_obfuscated
1367 1367 return data
1368 1368
1369 1369 @hybrid_property
1370 1370 def description_safe(self):
1371 1371 from rhodecode.lib import helpers as h
1372 1372 return h.escape(self.description)
1373 1373
1374 1374 @property
1375 1375 def expired(self):
1376 1376 if self.expires == -1:
1377 1377 return False
1378 1378 return time.time() > self.expires
1379 1379
1380 1380 @classmethod
1381 1381 def _get_role_name(cls, role):
1382 1382 return {
1383 1383 cls.ROLE_ALL: _('all'),
1384 1384 cls.ROLE_HTTP: _('http/web interface'),
1385 1385 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1386 1386 cls.ROLE_API: _('api calls'),
1387 1387 cls.ROLE_FEED: _('feed access'),
1388 1388 cls.ROLE_ARTIFACT_DOWNLOAD: _('artifacts downloads'),
1389 1389 }.get(role, role)
1390 1390
1391 1391 @classmethod
1392 1392 def _get_role_description(cls, role):
1393 1393 return {
1394 1394 cls.ROLE_ALL: _('Token for all actions.'),
1395 1395 cls.ROLE_HTTP: _('Token to access RhodeCode pages via web interface without '
1396 1396 'login using `api_access_controllers_whitelist` functionality.'),
1397 1397 cls.ROLE_VCS: _('Token to interact over git/hg/svn protocols. '
1398 1398 'Requires auth_token authentication plugin to be active. <br/>'
1399 1399 'Such Token should be used then instead of a password to '
1400 1400 'interact with a repository, and additionally can be '
1401 1401 'limited to single repository using repo scope.'),
1402 1402 cls.ROLE_API: _('Token limited to api calls.'),
1403 1403 cls.ROLE_FEED: _('Token to read RSS/ATOM feed.'),
1404 1404 cls.ROLE_ARTIFACT_DOWNLOAD: _('Token for artifacts downloads.'),
1405 1405 }.get(role, role)
1406 1406
1407 1407 @property
1408 1408 def role_humanized(self):
1409 1409 return self._get_role_name(self.role)
1410 1410
1411 1411 def _get_scope(self):
1412 1412 if self.repo:
1413 1413 return 'Repository: {}'.format(self.repo.repo_name)
1414 1414 if self.repo_group:
1415 1415 return 'RepositoryGroup: {} (recursive)'.format(self.repo_group.group_name)
1416 1416 return 'Global'
1417 1417
1418 1418 @property
1419 1419 def scope_humanized(self):
1420 1420 return self._get_scope()
1421 1421
1422 1422 @property
1423 1423 def token_obfuscated(self):
1424 1424 if self.api_key:
1425 1425 return self.api_key[:4] + "****"
1426 1426
1427 1427
1428 1428 class UserEmailMap(Base, BaseModel):
1429 1429 __tablename__ = 'user_email_map'
1430 1430 __table_args__ = (
1431 1431 Index('uem_email_idx', 'email'),
1432 1432 Index('uem_user_id_idx', 'user_id'),
1433 1433 UniqueConstraint('email'),
1434 1434 base_table_args
1435 1435 )
1436 1436
1437 1437 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1438 1438 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1439 1439 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1440 1440 user = relationship('User', lazy='joined', back_populates='user_emails')
1441 1441
1442 1442 @validates('_email')
1443 1443 def validate_email(self, key, email):
1444 1444 # check if this email is not main one
1445 1445 main_email = Session().query(User).filter(User.email == email).scalar()
1446 1446 if main_email is not None:
1447 1447 raise AttributeError('email %s is present is user table' % email)
1448 1448 return email
1449 1449
1450 1450 @hybrid_property
1451 1451 def email(self):
1452 1452 return self._email
1453 1453
1454 1454 @email.setter
1455 1455 def email(self, val):
1456 1456 self._email = val.lower() if val else None
1457 1457
1458 1458
1459 1459 class UserIpMap(Base, BaseModel):
1460 1460 __tablename__ = 'user_ip_map'
1461 1461 __table_args__ = (
1462 1462 UniqueConstraint('user_id', 'ip_addr'),
1463 1463 base_table_args
1464 1464 )
1465 1465
1466 1466 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1467 1467 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1468 1468 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1469 1469 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1470 1470 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1471 1471 user = relationship('User', lazy='joined', back_populates='user_ip_map')
1472 1472
1473 1473 @hybrid_property
1474 1474 def description_safe(self):
1475 1475 from rhodecode.lib import helpers as h
1476 1476 return h.escape(self.description)
1477 1477
1478 1478 @classmethod
1479 1479 def _get_ip_range(cls, ip_addr):
1480 1480 net = ipaddress.ip_network(safe_str(ip_addr), strict=False)
1481 1481 return [str(net.network_address), str(net.broadcast_address)]
1482 1482
1483 1483 def __json__(self):
1484 1484 return {
1485 1485 'ip_addr': self.ip_addr,
1486 1486 'ip_range': self._get_ip_range(self.ip_addr),
1487 1487 }
1488 1488
1489 1489 def __repr__(self):
1490 1490 return f"<{self.cls_name}('user_id={self.user_id} => ip={self.ip_addr}')>"
1491 1491
1492 1492
1493 1493 class UserSshKeys(Base, BaseModel):
1494 1494 __tablename__ = 'user_ssh_keys'
1495 1495 __table_args__ = (
1496 1496 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1497 1497
1498 1498 UniqueConstraint('ssh_key_fingerprint'),
1499 1499
1500 1500 base_table_args
1501 1501 )
1502 1502
1503 1503 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1504 1504 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1505 1505 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1506 1506
1507 1507 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1508 1508
1509 1509 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1510 1510 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1511 1511 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1512 1512
1513 1513 user = relationship('User', lazy='joined', back_populates='user_ssh_keys')
1514 1514
1515 1515 def __json__(self):
1516 1516 data = {
1517 1517 'ssh_fingerprint': self.ssh_key_fingerprint,
1518 1518 'description': self.description,
1519 1519 'created_on': self.created_on
1520 1520 }
1521 1521 return data
1522 1522
1523 1523 def get_api_data(self):
1524 1524 data = self.__json__()
1525 1525 return data
1526 1526
1527 1527
1528 1528 class UserLog(Base, BaseModel):
1529 1529 __tablename__ = 'user_logs'
1530 1530 __table_args__ = (
1531 1531 base_table_args,
1532 1532 )
1533 1533
1534 1534 VERSION_1 = 'v1'
1535 1535 VERSION_2 = 'v2'
1536 1536 VERSIONS = [VERSION_1, VERSION_2]
1537 1537
1538 1538 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1539 1539 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1540 1540 username = Column("username", String(255), nullable=True, unique=None, default=None)
1541 1541 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1542 1542 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1543 1543 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1544 1544 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1545 1545 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1546 1546
1547 1547 version = Column("version", String(255), nullable=True, default=VERSION_1)
1548 1548 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1549 1549 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1550 1550 user = relationship('User', cascade='', back_populates='user_log')
1551 1551 repository = relationship('Repository', cascade='', back_populates='logs')
1552 1552
1553 1553 def __repr__(self):
1554 1554 return f"<{self.cls_name}('id:{self.repository_name}:{self.action}')>"
1555 1555
1556 1556 def __json__(self):
1557 1557 return {
1558 1558 'user_id': self.user_id,
1559 1559 'username': self.username,
1560 1560 'repository_id': self.repository_id,
1561 1561 'repository_name': self.repository_name,
1562 1562 'user_ip': self.user_ip,
1563 1563 'action_date': self.action_date,
1564 1564 'action': self.action,
1565 1565 }
1566 1566
1567 1567 @hybrid_property
1568 1568 def entry_id(self):
1569 1569 return self.user_log_id
1570 1570
1571 1571 @property
1572 1572 def action_as_day(self):
1573 1573 return datetime.date(*self.action_date.timetuple()[:3])
1574 1574
1575 1575
1576 1576 class UserGroup(Base, BaseModel):
1577 1577 __tablename__ = 'users_groups'
1578 1578 __table_args__ = (
1579 1579 base_table_args,
1580 1580 )
1581 1581
1582 1582 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1583 1583 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1584 1584 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1585 1585 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1586 1586 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1587 1587 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1588 1588 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1589 1589 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1590 1590
1591 1591 members = relationship('UserGroupMember', cascade="all, delete-orphan", lazy="joined", back_populates='users_group')
1592 1592 users_group_to_perm = relationship('UserGroupToPerm', cascade='all', back_populates='users_group')
1593 1593 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all', back_populates='users_group')
1594 1594 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all', back_populates='users_group')
1595 1595 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all', back_populates='user_group')
1596 1596
1597 1597 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all', back_populates='target_user_group')
1598 1598
1599 1599 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all', back_populates='users_group')
1600 1600 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id", back_populates='user_groups')
1601 1601
1602 1602 @classmethod
1603 1603 def _load_group_data(cls, column):
1604 1604 if not column:
1605 1605 return {}
1606 1606
1607 1607 try:
1608 1608 return json.loads(column) or {}
1609 1609 except TypeError:
1610 1610 return {}
1611 1611
1612 1612 @hybrid_property
1613 1613 def description_safe(self):
1614 1614 from rhodecode.lib import helpers as h
1615 1615 return h.escape(self.user_group_description)
1616 1616
1617 1617 @hybrid_property
1618 1618 def group_data(self):
1619 1619 return self._load_group_data(self._group_data)
1620 1620
1621 1621 @group_data.expression
1622 1622 def group_data(self, **kwargs):
1623 1623 return self._group_data
1624 1624
1625 1625 @group_data.setter
1626 1626 def group_data(self, val):
1627 1627 try:
1628 1628 self._group_data = json.dumps(val)
1629 1629 except Exception:
1630 1630 log.error(traceback.format_exc())
1631 1631
1632 1632 @classmethod
1633 1633 def _load_sync(cls, group_data):
1634 1634 if group_data:
1635 1635 return group_data.get('extern_type')
1636 1636
1637 1637 @property
1638 1638 def sync(self):
1639 1639 return self._load_sync(self.group_data)
1640 1640
1641 1641 def __repr__(self):
1642 1642 return f"<{self.cls_name}('id:{self.users_group_id}:{self.users_group_name}')>"
1643 1643
1644 1644 @classmethod
1645 1645 def get_by_group_name(cls, group_name, cache=False,
1646 1646 case_insensitive=False):
1647 1647 if case_insensitive:
1648 1648 q = cls.query().filter(func.lower(cls.users_group_name) ==
1649 1649 func.lower(group_name))
1650 1650
1651 1651 else:
1652 1652 q = cls.query().filter(cls.users_group_name == group_name)
1653 1653 if cache:
1654 1654 name_key = _hash_key(group_name)
1655 1655 q = q.options(
1656 1656 FromCache("sql_cache_short", f"get_group_{name_key}"))
1657 1657 return q.scalar()
1658 1658
1659 1659 @classmethod
1660 1660 def get(cls, user_group_id, cache=False):
1661 1661 if not user_group_id:
1662 1662 return
1663 1663
1664 1664 user_group = cls.query()
1665 1665 if cache:
1666 1666 user_group = user_group.options(
1667 1667 FromCache("sql_cache_short", f"get_users_group_{user_group_id}"))
1668 1668 return user_group.get(user_group_id)
1669 1669
1670 1670 def permissions(self, with_admins=True, with_owner=True,
1671 1671 expand_from_user_groups=False):
1672 1672 """
1673 1673 Permissions for user groups
1674 1674 """
1675 1675 _admin_perm = 'usergroup.admin'
1676 1676
1677 1677 owner_row = []
1678 1678 if with_owner:
1679 1679 usr = AttributeDict(self.user.get_dict())
1680 1680 usr.owner_row = True
1681 1681 usr.permission = _admin_perm
1682 1682 owner_row.append(usr)
1683 1683
1684 1684 super_admin_ids = []
1685 1685 super_admin_rows = []
1686 1686 if with_admins:
1687 1687 for usr in User.get_all_super_admins():
1688 1688 super_admin_ids.append(usr.user_id)
1689 1689 # if this admin is also owner, don't double the record
1690 1690 if usr.user_id == owner_row[0].user_id:
1691 1691 owner_row[0].admin_row = True
1692 1692 else:
1693 1693 usr = AttributeDict(usr.get_dict())
1694 1694 usr.admin_row = True
1695 1695 usr.permission = _admin_perm
1696 1696 super_admin_rows.append(usr)
1697 1697
1698 1698 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1699 1699 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1700 1700 joinedload(UserUserGroupToPerm.user),
1701 1701 joinedload(UserUserGroupToPerm.permission),)
1702 1702
1703 1703 # get owners and admins and permissions. We do a trick of re-writing
1704 1704 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1705 1705 # has a global reference and changing one object propagates to all
1706 1706 # others. This means if admin is also an owner admin_row that change
1707 1707 # would propagate to both objects
1708 1708 perm_rows = []
1709 1709 for _usr in q.all():
1710 1710 usr = AttributeDict(_usr.user.get_dict())
1711 1711 # if this user is also owner/admin, mark as duplicate record
1712 1712 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1713 1713 usr.duplicate_perm = True
1714 1714 usr.permission = _usr.permission.permission_name
1715 1715 perm_rows.append(usr)
1716 1716
1717 1717 # filter the perm rows by 'default' first and then sort them by
1718 1718 # admin,write,read,none permissions sorted again alphabetically in
1719 1719 # each group
1720 1720 perm_rows = sorted(perm_rows, key=display_user_sort)
1721 1721
1722 1722 user_groups_rows = []
1723 1723 if expand_from_user_groups:
1724 1724 for ug in self.permission_user_groups(with_members=True):
1725 1725 for user_data in ug.members:
1726 1726 user_groups_rows.append(user_data)
1727 1727
1728 1728 return super_admin_rows + owner_row + perm_rows + user_groups_rows
1729 1729
1730 1730 def permission_user_groups(self, with_members=False):
1731 1731 q = UserGroupUserGroupToPerm.query()\
1732 1732 .filter(UserGroupUserGroupToPerm.target_user_group == self)
1733 1733 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1734 1734 joinedload(UserGroupUserGroupToPerm.target_user_group),
1735 1735 joinedload(UserGroupUserGroupToPerm.permission),)
1736 1736
1737 1737 perm_rows = []
1738 1738 for _user_group in q.all():
1739 1739 entry = AttributeDict(_user_group.user_group.get_dict())
1740 1740 entry.permission = _user_group.permission.permission_name
1741 1741 if with_members:
1742 1742 entry.members = [x.user.get_dict()
1743 1743 for x in _user_group.user_group.members]
1744 1744 perm_rows.append(entry)
1745 1745
1746 1746 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1747 1747 return perm_rows
1748 1748
1749 1749 def _get_default_perms(self, user_group, suffix=''):
1750 1750 from rhodecode.model.permission import PermissionModel
1751 1751 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1752 1752
1753 1753 def get_default_perms(self, suffix=''):
1754 1754 return self._get_default_perms(self, suffix)
1755 1755
1756 1756 def get_api_data(self, with_group_members=True, include_secrets=False):
1757 1757 """
1758 1758 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1759 1759 basically forwarded.
1760 1760
1761 1761 """
1762 1762 user_group = self
1763 1763 data = {
1764 1764 'users_group_id': user_group.users_group_id,
1765 1765 'group_name': user_group.users_group_name,
1766 1766 'group_description': user_group.user_group_description,
1767 1767 'active': user_group.users_group_active,
1768 1768 'owner': user_group.user.username,
1769 1769 'sync': user_group.sync,
1770 1770 'owner_email': user_group.user.email,
1771 1771 }
1772 1772
1773 1773 if with_group_members:
1774 1774 users = []
1775 1775 for user in user_group.members:
1776 1776 user = user.user
1777 1777 users.append(user.get_api_data(include_secrets=include_secrets))
1778 1778 data['users'] = users
1779 1779
1780 1780 return data
1781 1781
1782 1782
1783 1783 class UserGroupMember(Base, BaseModel):
1784 1784 __tablename__ = 'users_groups_members'
1785 1785 __table_args__ = (
1786 1786 base_table_args,
1787 1787 )
1788 1788
1789 1789 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1790 1790 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1791 1791 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1792 1792
1793 1793 user = relationship('User', lazy='joined', back_populates='group_member')
1794 1794 users_group = relationship('UserGroup', back_populates='members')
1795 1795
1796 1796 def __init__(self, gr_id='', u_id=''):
1797 1797 self.users_group_id = gr_id
1798 1798 self.user_id = u_id
1799 1799
1800 1800
1801 1801 class RepositoryField(Base, BaseModel):
1802 1802 __tablename__ = 'repositories_fields'
1803 1803 __table_args__ = (
1804 1804 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1805 1805 base_table_args,
1806 1806 )
1807 1807
1808 1808 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1809 1809
1810 1810 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1811 1811 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1812 1812 field_key = Column("field_key", String(250))
1813 1813 field_label = Column("field_label", String(1024), nullable=False)
1814 1814 field_value = Column("field_value", String(10000), nullable=False)
1815 1815 field_desc = Column("field_desc", String(1024), nullable=False)
1816 1816 field_type = Column("field_type", String(255), nullable=False, unique=None)
1817 1817 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1818 1818
1819 1819 repository = relationship('Repository', back_populates='extra_fields')
1820 1820
1821 1821 @property
1822 1822 def field_key_prefixed(self):
1823 1823 return 'ex_%s' % self.field_key
1824 1824
1825 1825 @classmethod
1826 1826 def un_prefix_key(cls, key):
1827 1827 if key.startswith(cls.PREFIX):
1828 1828 return key[len(cls.PREFIX):]
1829 1829 return key
1830 1830
1831 1831 @classmethod
1832 1832 def get_by_key_name(cls, key, repo):
1833 1833 row = cls.query()\
1834 1834 .filter(cls.repository == repo)\
1835 1835 .filter(cls.field_key == key).scalar()
1836 1836 return row
1837 1837
1838 1838
1839 1839 class Repository(Base, BaseModel):
1840 1840 __tablename__ = 'repositories'
1841 1841 __table_args__ = (
1842 1842 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1843 1843 base_table_args,
1844 1844 )
1845 1845 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1846 1846 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1847 1847 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1848 1848
1849 1849 STATE_CREATED = 'repo_state_created'
1850 1850 STATE_PENDING = 'repo_state_pending'
1851 1851 STATE_ERROR = 'repo_state_error'
1852 1852
1853 1853 LOCK_AUTOMATIC = 'lock_auto'
1854 1854 LOCK_API = 'lock_api'
1855 1855 LOCK_WEB = 'lock_web'
1856 1856 LOCK_PULL = 'lock_pull'
1857 1857
1858 1858 NAME_SEP = URL_SEP
1859 1859
1860 1860 repo_id = Column(
1861 1861 "repo_id", Integer(), nullable=False, unique=True, default=None,
1862 1862 primary_key=True)
1863 1863 _repo_name = Column(
1864 1864 "repo_name", Text(), nullable=False, default=None)
1865 1865 repo_name_hash = Column(
1866 1866 "repo_name_hash", String(255), nullable=False, unique=True)
1867 1867 repo_state = Column("repo_state", String(255), nullable=True)
1868 1868
1869 1869 clone_uri = Column(
1870 1870 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1871 1871 default=None)
1872 1872 push_uri = Column(
1873 1873 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1874 1874 default=None)
1875 1875 repo_type = Column(
1876 1876 "repo_type", String(255), nullable=False, unique=False, default=None)
1877 1877 user_id = Column(
1878 1878 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1879 1879 unique=False, default=None)
1880 1880 private = Column(
1881 1881 "private", Boolean(), nullable=True, unique=None, default=None)
1882 1882 archived = Column(
1883 1883 "archived", Boolean(), nullable=True, unique=None, default=None)
1884 1884 enable_statistics = Column(
1885 1885 "statistics", Boolean(), nullable=True, unique=None, default=True)
1886 1886 enable_downloads = Column(
1887 1887 "downloads", Boolean(), nullable=True, unique=None, default=True)
1888 1888 description = Column(
1889 1889 "description", String(10000), nullable=True, unique=None, default=None)
1890 1890 created_on = Column(
1891 1891 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1892 1892 default=datetime.datetime.now)
1893 1893 updated_on = Column(
1894 1894 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1895 1895 default=datetime.datetime.now)
1896 1896 _landing_revision = Column(
1897 1897 "landing_revision", String(255), nullable=False, unique=False,
1898 1898 default=None)
1899 1899 enable_locking = Column(
1900 1900 "enable_locking", Boolean(), nullable=False, unique=None,
1901 1901 default=False)
1902 1902 _locked = Column(
1903 1903 "locked", String(255), nullable=True, unique=False, default=None)
1904 1904 _changeset_cache = Column(
1905 1905 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1906 1906
1907 1907 fork_id = Column(
1908 1908 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1909 1909 nullable=True, unique=False, default=None)
1910 1910 group_id = Column(
1911 1911 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1912 1912 unique=False, default=None)
1913 1913
1914 1914 user = relationship('User', lazy='joined', back_populates='repositories')
1915 1915 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1916 1916 group = relationship('RepoGroup', lazy='joined')
1917 1917 repo_to_perm = relationship('UserRepoToPerm', cascade='all', order_by='UserRepoToPerm.repo_to_perm_id')
1918 1918 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all', back_populates='repository')
1919 1919 stats = relationship('Statistics', cascade='all', uselist=False)
1920 1920
1921 1921 followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', cascade='all', back_populates='follows_repository')
1922 1922 extra_fields = relationship('RepositoryField', cascade="all, delete-orphan", back_populates='repository')
1923 1923
1924 1924 logs = relationship('UserLog', back_populates='repository')
1925 1925
1926 1926 comments = relationship('ChangesetComment', cascade="all, delete-orphan", back_populates='repo')
1927 1927
1928 1928 pull_requests_source = relationship(
1929 1929 'PullRequest',
1930 1930 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1931 1931 cascade="all, delete-orphan",
1932 1932 overlaps="source_repo"
1933 1933 )
1934 1934 pull_requests_target = relationship(
1935 1935 'PullRequest',
1936 1936 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1937 1937 cascade="all, delete-orphan",
1938 1938 overlaps="target_repo"
1939 1939 )
1940 1940
1941 1941 ui = relationship('RepoRhodeCodeUi', cascade="all")
1942 1942 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1943 1943 integrations = relationship('Integration', cascade="all, delete-orphan", back_populates='repo')
1944 1944
1945 1945 scoped_tokens = relationship('UserApiKeys', cascade="all", back_populates='repo')
1946 1946
1947 1947 # no cascade, set NULL
1948 1948 artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_id==Repository.repo_id', viewonly=True)
1949 1949
1950 1950 review_rules = relationship('RepoReviewRule')
1951 1951 user_branch_perms = relationship('UserToRepoBranchPermission')
1952 1952 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission')
1953 1953
1954 1954 def __repr__(self):
1955 1955 return "<%s('%s:%s')>" % (self.cls_name, self.repo_id, self.repo_name)
1956 1956
1957 1957 @hybrid_property
1958 1958 def description_safe(self):
1959 1959 from rhodecode.lib import helpers as h
1960 1960 return h.escape(self.description)
1961 1961
1962 1962 @hybrid_property
1963 1963 def landing_rev(self):
1964 1964 # always should return [rev_type, rev], e.g ['branch', 'master']
1965 1965 if self._landing_revision:
1966 1966 _rev_info = self._landing_revision.split(':')
1967 1967 if len(_rev_info) < 2:
1968 1968 _rev_info.insert(0, 'rev')
1969 1969 return [_rev_info[0], _rev_info[1]]
1970 1970 return [None, None]
1971 1971
1972 1972 @property
1973 1973 def landing_ref_type(self):
1974 1974 return self.landing_rev[0]
1975 1975
1976 1976 @property
1977 1977 def landing_ref_name(self):
1978 1978 return self.landing_rev[1]
1979 1979
1980 1980 @landing_rev.setter
1981 1981 def landing_rev(self, val):
1982 1982 if ':' not in val:
1983 1983 raise ValueError('value must be delimited with `:` and consist '
1984 1984 'of <rev_type>:<rev>, got %s instead' % val)
1985 1985 self._landing_revision = val
1986 1986
1987 1987 @hybrid_property
1988 1988 def locked(self):
1989 1989 if self._locked:
1990 1990 user_id, timelocked, reason = self._locked.split(':')
1991 1991 lock_values = int(user_id), timelocked, reason
1992 1992 else:
1993 1993 lock_values = [None, None, None]
1994 1994 return lock_values
1995 1995
1996 1996 @locked.setter
1997 1997 def locked(self, val):
1998 1998 if val and isinstance(val, (list, tuple)):
1999 1999 self._locked = ':'.join(map(str, val))
2000 2000 else:
2001 2001 self._locked = None
2002 2002
2003 2003 @classmethod
2004 2004 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
2005 2005 from rhodecode.lib.vcs.backends.base import EmptyCommit
2006 2006 dummy = EmptyCommit().__json__()
2007 2007 if not changeset_cache_raw:
2008 2008 dummy['source_repo_id'] = repo_id
2009 2009 return json.loads(json.dumps(dummy))
2010 2010
2011 2011 try:
2012 2012 return json.loads(changeset_cache_raw)
2013 2013 except TypeError:
2014 2014 return dummy
2015 2015 except Exception:
2016 2016 log.error(traceback.format_exc())
2017 2017 return dummy
2018 2018
2019 2019 @hybrid_property
2020 2020 def changeset_cache(self):
2021 2021 return self._load_changeset_cache(self.repo_id, self._changeset_cache)
2022 2022
2023 2023 @changeset_cache.setter
2024 2024 def changeset_cache(self, val):
2025 2025 try:
2026 2026 self._changeset_cache = json.dumps(val)
2027 2027 except Exception:
2028 2028 log.error(traceback.format_exc())
2029 2029
2030 2030 @hybrid_property
2031 2031 def repo_name(self):
2032 2032 return self._repo_name
2033 2033
2034 2034 @repo_name.setter
2035 2035 def repo_name(self, value):
2036 2036 self._repo_name = value
2037 2037 self.repo_name_hash = sha1(safe_bytes(value))
2038 2038
2039 2039 @classmethod
2040 2040 def normalize_repo_name(cls, repo_name):
2041 2041 """
2042 2042 Normalizes os specific repo_name to the format internally stored inside
2043 2043 database using URL_SEP
2044 2044
2045 2045 :param cls:
2046 2046 :param repo_name:
2047 2047 """
2048 2048 return cls.NAME_SEP.join(repo_name.split(os.sep))
2049 2049
2050 2050 @classmethod
2051 2051 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
2052 2052 session = Session()
2053 2053 q = session.query(cls).filter(cls.repo_name == repo_name)
2054 2054
2055 2055 if cache:
2056 2056 if identity_cache:
2057 2057 val = cls.identity_cache(session, 'repo_name', repo_name)
2058 2058 if val:
2059 2059 return val
2060 2060 else:
2061 2061 cache_key = f"get_repo_by_name_{_hash_key(repo_name)}"
2062 2062 q = q.options(
2063 2063 FromCache("sql_cache_short", cache_key))
2064 2064
2065 2065 return q.scalar()
2066 2066
2067 2067 @classmethod
2068 2068 def get_by_id_or_repo_name(cls, repoid):
2069 2069 if isinstance(repoid, int):
2070 2070 try:
2071 2071 repo = cls.get(repoid)
2072 2072 except ValueError:
2073 2073 repo = None
2074 2074 else:
2075 2075 repo = cls.get_by_repo_name(repoid)
2076 2076 return repo
2077 2077
2078 2078 @classmethod
2079 2079 def get_by_full_path(cls, repo_full_path):
2080 2080 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
2081 2081 repo_name = cls.normalize_repo_name(repo_name)
2082 2082 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
2083 2083
2084 2084 @classmethod
2085 2085 def get_repo_forks(cls, repo_id):
2086 2086 return cls.query().filter(Repository.fork_id == repo_id)
2087 2087
2088 2088 @classmethod
2089 2089 def base_path(cls):
2090 2090 """
2091 2091 Returns base path when all repos are stored
2092 2092
2093 2093 :param cls:
2094 2094 """
2095 2095 from rhodecode.lib.utils import get_rhodecode_repo_store_path
2096 2096 return get_rhodecode_repo_store_path()
2097 2097
2098 2098 @classmethod
2099 2099 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
2100 2100 case_insensitive=True, archived=False):
2101 2101 q = Repository.query()
2102 2102
2103 2103 if not archived:
2104 2104 q = q.filter(Repository.archived.isnot(true()))
2105 2105
2106 2106 if not isinstance(user_id, Optional):
2107 2107 q = q.filter(Repository.user_id == user_id)
2108 2108
2109 2109 if not isinstance(group_id, Optional):
2110 2110 q = q.filter(Repository.group_id == group_id)
2111 2111
2112 2112 if case_insensitive:
2113 2113 q = q.order_by(func.lower(Repository.repo_name))
2114 2114 else:
2115 2115 q = q.order_by(Repository.repo_name)
2116 2116
2117 2117 return q.all()
2118 2118
2119 2119 @property
2120 2120 def repo_uid(self):
2121 2121 return '_{}'.format(self.repo_id)
2122 2122
2123 2123 @property
2124 2124 def forks(self):
2125 2125 """
2126 2126 Return forks of this repo
2127 2127 """
2128 2128 return Repository.get_repo_forks(self.repo_id)
2129 2129
2130 2130 @property
2131 2131 def parent(self):
2132 2132 """
2133 2133 Returns fork parent
2134 2134 """
2135 2135 return self.fork
2136 2136
2137 2137 @property
2138 2138 def just_name(self):
2139 2139 return self.repo_name.split(self.NAME_SEP)[-1]
2140 2140
2141 2141 @property
2142 2142 def groups_with_parents(self):
2143 2143 groups = []
2144 2144 if self.group is None:
2145 2145 return groups
2146 2146
2147 2147 cur_gr = self.group
2148 2148 groups.insert(0, cur_gr)
2149 2149 while 1:
2150 2150 gr = getattr(cur_gr, 'parent_group', None)
2151 2151 cur_gr = cur_gr.parent_group
2152 2152 if gr is None:
2153 2153 break
2154 2154 groups.insert(0, gr)
2155 2155
2156 2156 return groups
2157 2157
2158 2158 @property
2159 2159 def groups_and_repo(self):
2160 2160 return self.groups_with_parents, self
2161 2161
2162 2162 @property
2163 2163 def repo_path(self):
2164 2164 """
2165 2165 Returns base full path for that repository means where it actually
2166 2166 exists on a filesystem
2167 2167 """
2168 2168 return self.base_path()
2169 2169
2170 2170 @property
2171 2171 def repo_full_path(self):
2172 2172 p = [self.repo_path]
2173 2173 # we need to split the name by / since this is how we store the
2174 2174 # names in the database, but that eventually needs to be converted
2175 2175 # into a valid system path
2176 2176 p += self.repo_name.split(self.NAME_SEP)
2177 2177 return os.path.join(*map(safe_str, p))
2178 2178
2179 2179 @property
2180 2180 def cache_keys(self):
2181 2181 """
2182 2182 Returns associated cache keys for that repo
2183 2183 """
2184 2184 repo_namespace_key = CacheKey.REPO_INVALIDATION_NAMESPACE.format(repo_id=self.repo_id)
2185 2185 return CacheKey.query()\
2186 2186 .filter(CacheKey.cache_key == repo_namespace_key)\
2187 2187 .order_by(CacheKey.cache_key)\
2188 2188 .all()
2189 2189
2190 2190 @property
2191 2191 def cached_diffs_relative_dir(self):
2192 2192 """
2193 2193 Return a relative to the repository store path of cached diffs
2194 2194 used for safe display for users, who shouldn't know the absolute store
2195 2195 path
2196 2196 """
2197 2197 return os.path.join(
2198 2198 os.path.dirname(self.repo_name),
2199 2199 self.cached_diffs_dir.split(os.path.sep)[-1])
2200 2200
2201 2201 @property
2202 2202 def cached_diffs_dir(self):
2203 2203 path = self.repo_full_path
2204 2204 return os.path.join(
2205 2205 os.path.dirname(path),
2206 2206 f'.__shadow_diff_cache_repo_{self.repo_id}')
2207 2207
2208 2208 def cached_diffs(self):
2209 2209 diff_cache_dir = self.cached_diffs_dir
2210 2210 if os.path.isdir(diff_cache_dir):
2211 2211 return os.listdir(diff_cache_dir)
2212 2212 return []
2213 2213
2214 2214 def shadow_repos(self):
2215 2215 shadow_repos_pattern = f'.__shadow_repo_{self.repo_id}'
2216 2216 return [
2217 2217 x for x in os.listdir(os.path.dirname(self.repo_full_path))
2218 2218 if x.startswith(shadow_repos_pattern)
2219 2219 ]
2220 2220
2221 2221 def get_new_name(self, repo_name):
2222 2222 """
2223 2223 returns new full repository name based on assigned group and new new
2224 2224
2225 2225 :param repo_name:
2226 2226 """
2227 2227 path_prefix = self.group.full_path_splitted if self.group else []
2228 2228 return self.NAME_SEP.join(path_prefix + [repo_name])
2229 2229
2230 2230 @property
2231 2231 def _config(self):
2232 2232 """
2233 2233 Returns db based config object.
2234 2234 """
2235 2235 from rhodecode.lib.utils import make_db_config
2236 2236 return make_db_config(clear_session=False, repo=self)
2237 2237
2238 2238 def permissions(self, with_admins=True, with_owner=True,
2239 2239 expand_from_user_groups=False):
2240 2240 """
2241 2241 Permissions for repositories
2242 2242 """
2243 2243 _admin_perm = 'repository.admin'
2244 2244
2245 2245 owner_row = []
2246 2246 if with_owner:
2247 2247 usr = AttributeDict(self.user.get_dict())
2248 2248 usr.owner_row = True
2249 2249 usr.permission = _admin_perm
2250 2250 usr.permission_id = None
2251 2251 owner_row.append(usr)
2252 2252
2253 2253 super_admin_ids = []
2254 2254 super_admin_rows = []
2255 2255 if with_admins:
2256 2256 for usr in User.get_all_super_admins():
2257 2257 super_admin_ids.append(usr.user_id)
2258 2258 # if this admin is also owner, don't double the record
2259 2259 if usr.user_id == owner_row[0].user_id:
2260 2260 owner_row[0].admin_row = True
2261 2261 else:
2262 2262 usr = AttributeDict(usr.get_dict())
2263 2263 usr.admin_row = True
2264 2264 usr.permission = _admin_perm
2265 2265 usr.permission_id = None
2266 2266 super_admin_rows.append(usr)
2267 2267
2268 2268 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
2269 2269 q = q.options(joinedload(UserRepoToPerm.repository),
2270 2270 joinedload(UserRepoToPerm.user),
2271 2271 joinedload(UserRepoToPerm.permission),)
2272 2272
2273 2273 # get owners and admins and permissions. We do a trick of re-writing
2274 2274 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2275 2275 # has a global reference and changing one object propagates to all
2276 2276 # others. This means if admin is also an owner admin_row that change
2277 2277 # would propagate to both objects
2278 2278 perm_rows = []
2279 2279 for _usr in q.all():
2280 2280 usr = AttributeDict(_usr.user.get_dict())
2281 2281 # if this user is also owner/admin, mark as duplicate record
2282 2282 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2283 2283 usr.duplicate_perm = True
2284 2284 # also check if this permission is maybe used by branch_permissions
2285 2285 if _usr.branch_perm_entry:
2286 2286 usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]
2287 2287
2288 2288 usr.permission = _usr.permission.permission_name
2289 2289 usr.permission_id = _usr.repo_to_perm_id
2290 2290 perm_rows.append(usr)
2291 2291
2292 2292 # filter the perm rows by 'default' first and then sort them by
2293 2293 # admin,write,read,none permissions sorted again alphabetically in
2294 2294 # each group
2295 2295 perm_rows = sorted(perm_rows, key=display_user_sort)
2296 2296
2297 2297 user_groups_rows = []
2298 2298 if expand_from_user_groups:
2299 2299 for ug in self.permission_user_groups(with_members=True):
2300 2300 for user_data in ug.members:
2301 2301 user_groups_rows.append(user_data)
2302 2302
2303 2303 return super_admin_rows + owner_row + perm_rows + user_groups_rows
2304 2304
2305 2305 def permission_user_groups(self, with_members=True):
2306 2306 q = UserGroupRepoToPerm.query()\
2307 2307 .filter(UserGroupRepoToPerm.repository == self)
2308 2308 q = q.options(joinedload(UserGroupRepoToPerm.repository),
2309 2309 joinedload(UserGroupRepoToPerm.users_group),
2310 2310 joinedload(UserGroupRepoToPerm.permission),)
2311 2311
2312 2312 perm_rows = []
2313 2313 for _user_group in q.all():
2314 2314 entry = AttributeDict(_user_group.users_group.get_dict())
2315 2315 entry.permission = _user_group.permission.permission_name
2316 2316 if with_members:
2317 2317 entry.members = [x.user.get_dict()
2318 2318 for x in _user_group.users_group.members]
2319 2319 perm_rows.append(entry)
2320 2320
2321 2321 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2322 2322 return perm_rows
2323 2323
2324 2324 def get_api_data(self, include_secrets=False):
2325 2325 """
2326 2326 Common function for generating repo api data
2327 2327
2328 2328 :param include_secrets: See :meth:`User.get_api_data`.
2329 2329
2330 2330 """
2331 2331 # TODO: mikhail: Here there is an anti-pattern, we probably need to
2332 2332 # move this methods on models level.
2333 2333 from rhodecode.model.settings import SettingsModel
2334 2334 from rhodecode.model.repo import RepoModel
2335 2335
2336 2336 repo = self
2337 2337 _user_id, _time, _reason = self.locked
2338 2338
2339 2339 data = {
2340 2340 'repo_id': repo.repo_id,
2341 2341 'repo_name': repo.repo_name,
2342 2342 'repo_type': repo.repo_type,
2343 2343 'clone_uri': repo.clone_uri or '',
2344 2344 'push_uri': repo.push_uri or '',
2345 2345 'url': RepoModel().get_url(self),
2346 2346 'private': repo.private,
2347 2347 'created_on': repo.created_on,
2348 2348 'description': repo.description_safe,
2349 2349 'landing_rev': repo.landing_rev,
2350 2350 'owner': repo.user.username,
2351 2351 'fork_of': repo.fork.repo_name if repo.fork else None,
2352 2352 'fork_of_id': repo.fork.repo_id if repo.fork else None,
2353 2353 'enable_statistics': repo.enable_statistics,
2354 2354 'enable_locking': repo.enable_locking,
2355 2355 'enable_downloads': repo.enable_downloads,
2356 2356 'last_changeset': repo.changeset_cache,
2357 2357 'locked_by': User.get(_user_id).get_api_data(
2358 2358 include_secrets=include_secrets) if _user_id else None,
2359 2359 'locked_date': time_to_datetime(_time) if _time else None,
2360 2360 'lock_reason': _reason if _reason else None,
2361 2361 }
2362 2362
2363 2363 # TODO: mikhail: should be per-repo settings here
2364 2364 rc_config = SettingsModel().get_all_settings()
2365 2365 repository_fields = str2bool(
2366 2366 rc_config.get('rhodecode_repository_fields'))
2367 2367 if repository_fields:
2368 2368 for f in self.extra_fields:
2369 2369 data[f.field_key_prefixed] = f.field_value
2370 2370
2371 2371 return data
2372 2372
2373 2373 @classmethod
2374 2374 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2375 2375 if not lock_time:
2376 2376 lock_time = time.time()
2377 2377 if not lock_reason:
2378 2378 lock_reason = cls.LOCK_AUTOMATIC
2379 2379 repo.locked = [user_id, lock_time, lock_reason]
2380 2380 Session().add(repo)
2381 2381 Session().commit()
2382 2382
2383 2383 @classmethod
2384 2384 def unlock(cls, repo):
2385 2385 repo.locked = None
2386 2386 Session().add(repo)
2387 2387 Session().commit()
2388 2388
2389 2389 @classmethod
2390 2390 def getlock(cls, repo):
2391 2391 return repo.locked
2392 2392
2393 2393 def get_locking_state(self, action, user_id, only_when_enabled=True):
2394 2394 """
2395 2395 Checks locking on this repository, if locking is enabled and lock is
2396 2396 present returns a tuple of make_lock, locked, locked_by.
2397 2397 make_lock can have 3 states None (do nothing) True, make lock
2398 2398 False release lock, This value is later propagated to hooks, which
2399 2399 do the locking. Think about this as signals passed to hooks what to do.
2400 2400
2401 2401 """
2402 2402 # TODO: johbo: This is part of the business logic and should be moved
2403 2403 # into the RepositoryModel.
2404 2404
2405 2405 if action not in ('push', 'pull'):
2406 2406 raise ValueError("Invalid action value: %s" % repr(action))
2407 2407
2408 2408 # defines if locked error should be thrown to user
2409 2409 currently_locked = False
2410 2410 # defines if new lock should be made, tri-state
2411 2411 make_lock = None
2412 2412 repo = self
2413 2413 user = User.get(user_id)
2414 2414
2415 2415 lock_info = repo.locked
2416 2416
2417 2417 if repo and (repo.enable_locking or not only_when_enabled):
2418 2418 if action == 'push':
2419 2419 # check if it's already locked !, if it is compare users
2420 2420 locked_by_user_id = lock_info[0]
2421 2421 if user.user_id == locked_by_user_id:
2422 2422 log.debug(
2423 2423 'Got `push` action from user %s, now unlocking', user)
2424 2424 # unlock if we have push from user who locked
2425 2425 make_lock = False
2426 2426 else:
2427 2427 # we're not the same user who locked, ban with
2428 2428 # code defined in settings (default is 423 HTTP Locked) !
2429 2429 log.debug('Repo %s is currently locked by %s', repo, user)
2430 2430 currently_locked = True
2431 2431 elif action == 'pull':
2432 2432 # [0] user [1] date
2433 2433 if lock_info[0] and lock_info[1]:
2434 2434 log.debug('Repo %s is currently locked by %s', repo, user)
2435 2435 currently_locked = True
2436 2436 else:
2437 2437 log.debug('Setting lock on repo %s by %s', repo, user)
2438 2438 make_lock = True
2439 2439
2440 2440 else:
2441 2441 log.debug('Repository %s do not have locking enabled', repo)
2442 2442
2443 2443 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2444 2444 make_lock, currently_locked, lock_info)
2445 2445
2446 2446 from rhodecode.lib.auth import HasRepoPermissionAny
2447 2447 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2448 2448 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2449 2449 # if we don't have at least write permission we cannot make a lock
2450 2450 log.debug('lock state reset back to FALSE due to lack '
2451 2451 'of at least read permission')
2452 2452 make_lock = False
2453 2453
2454 2454 return make_lock, currently_locked, lock_info
2455 2455
2456 2456 @property
2457 2457 def last_commit_cache_update_diff(self):
2458 2458 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
2459 2459
2460 2460 @classmethod
2461 2461 def _load_commit_change(cls, last_commit_cache):
2462 2462 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2463 2463 empty_date = datetime.datetime.fromtimestamp(0)
2464 2464 date_latest = last_commit_cache.get('date', empty_date)
2465 2465 try:
2466 2466 return parse_datetime(date_latest)
2467 2467 except Exception:
2468 2468 return empty_date
2469 2469
2470 2470 @property
2471 2471 def last_commit_change(self):
2472 2472 return self._load_commit_change(self.changeset_cache)
2473 2473
2474 2474 @property
2475 2475 def last_db_change(self):
2476 2476 return self.updated_on
2477 2477
2478 2478 @property
2479 2479 def clone_uri_hidden(self):
2480 2480 clone_uri = self.clone_uri
2481 2481 if clone_uri:
2482 2482 import urlobject
2483 2483 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2484 2484 if url_obj.password:
2485 2485 clone_uri = url_obj.with_password('*****')
2486 2486 return clone_uri
2487 2487
2488 2488 @property
2489 2489 def push_uri_hidden(self):
2490 2490 push_uri = self.push_uri
2491 2491 if push_uri:
2492 2492 import urlobject
2493 2493 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2494 2494 if url_obj.password:
2495 2495 push_uri = url_obj.with_password('*****')
2496 2496 return push_uri
2497 2497
2498 2498 def clone_url(self, **override):
2499 2499 from rhodecode.model.settings import SettingsModel
2500 2500
2501 2501 uri_tmpl = None
2502 2502 if 'with_id' in override:
2503 2503 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2504 2504 del override['with_id']
2505 2505
2506 2506 if 'uri_tmpl' in override:
2507 2507 uri_tmpl = override['uri_tmpl']
2508 2508 del override['uri_tmpl']
2509 2509
2510 2510 ssh = False
2511 2511 if 'ssh' in override:
2512 2512 ssh = True
2513 2513 del override['ssh']
2514 2514
2515 2515 # we didn't override our tmpl from **overrides
2516 2516 request = get_current_request()
2517 2517 if not uri_tmpl:
2518 2518 if hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):
2519 2519 rc_config = request.call_context.rc_config
2520 2520 else:
2521 2521 rc_config = SettingsModel().get_all_settings(cache=True)
2522 2522
2523 2523 if ssh:
2524 2524 uri_tmpl = rc_config.get(
2525 2525 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2526 2526
2527 2527 else:
2528 2528 uri_tmpl = rc_config.get(
2529 2529 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2530 2530
2531 2531 return get_clone_url(request=request,
2532 2532 uri_tmpl=uri_tmpl,
2533 2533 repo_name=self.repo_name,
2534 2534 repo_id=self.repo_id,
2535 2535 repo_type=self.repo_type,
2536 2536 **override)
2537 2537
2538 2538 def set_state(self, state):
2539 2539 self.repo_state = state
2540 2540 Session().add(self)
2541 2541 #==========================================================================
2542 2542 # SCM PROPERTIES
2543 2543 #==========================================================================
2544 2544
2545 2545 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None, maybe_unreachable=False, reference_obj=None):
2546 2546 return get_commit_safe(
2547 2547 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load,
2548 2548 maybe_unreachable=maybe_unreachable, reference_obj=reference_obj)
2549 2549
2550 2550 def get_changeset(self, rev=None, pre_load=None):
2551 2551 warnings.warn("Use get_commit", DeprecationWarning)
2552 2552 commit_id = None
2553 2553 commit_idx = None
2554 2554 if isinstance(rev, str):
2555 2555 commit_id = rev
2556 2556 else:
2557 2557 commit_idx = rev
2558 2558 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2559 2559 pre_load=pre_load)
2560 2560
2561 2561 def get_landing_commit(self):
2562 2562 """
2563 2563 Returns landing commit, or if that doesn't exist returns the tip
2564 2564 """
2565 2565 _rev_type, _rev = self.landing_rev
2566 2566 commit = self.get_commit(_rev)
2567 2567 if isinstance(commit, EmptyCommit):
2568 2568 return self.get_commit()
2569 2569 return commit
2570 2570
2571 2571 def flush_commit_cache(self):
2572 2572 self.update_commit_cache(cs_cache={'raw_id':'0'})
2573 2573 self.update_commit_cache()
2574 2574
2575 2575 def update_commit_cache(self, cs_cache=None, config=None):
2576 2576 """
2577 2577 Update cache of last commit for repository
2578 2578 cache_keys should be::
2579 2579
2580 2580 source_repo_id
2581 2581 short_id
2582 2582 raw_id
2583 2583 revision
2584 2584 parents
2585 2585 message
2586 2586 date
2587 2587 author
2588 2588 updated_on
2589 2589
2590 2590 """
2591 2591 from rhodecode.lib.vcs.backends.base import BaseCommit
2592 2592 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2593 2593 empty_date = datetime.datetime.fromtimestamp(0)
2594 2594 repo_commit_count = 0
2595 2595
2596 2596 if cs_cache is None:
2597 2597 # use no-cache version here
2598 2598 try:
2599 2599 scm_repo = self.scm_instance(cache=False, config=config)
2600 2600 except VCSError:
2601 2601 scm_repo = None
2602 2602 empty = scm_repo is None or scm_repo.is_empty()
2603 2603
2604 2604 if not empty:
2605 2605 cs_cache = scm_repo.get_commit(
2606 2606 pre_load=["author", "date", "message", "parents", "branch"])
2607 2607 repo_commit_count = scm_repo.count()
2608 2608 else:
2609 2609 cs_cache = EmptyCommit()
2610 2610
2611 2611 if isinstance(cs_cache, BaseCommit):
2612 2612 cs_cache = cs_cache.__json__()
2613 2613
2614 2614 def is_outdated(new_cs_cache):
2615 2615 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2616 2616 new_cs_cache['revision'] != self.changeset_cache['revision']):
2617 2617 return True
2618 2618 return False
2619 2619
2620 2620 # check if we have maybe already latest cached revision
2621 2621 if is_outdated(cs_cache) or not self.changeset_cache:
2622 2622 _current_datetime = datetime.datetime.utcnow()
2623 2623 last_change = cs_cache.get('date') or _current_datetime
2624 2624 # we check if last update is newer than the new value
2625 2625 # if yes, we use the current timestamp instead. Imagine you get
2626 2626 # old commit pushed 1y ago, we'd set last update 1y to ago.
2627 2627 last_change_timestamp = datetime_to_time(last_change)
2628 2628 current_timestamp = datetime_to_time(last_change)
2629 2629 if last_change_timestamp > current_timestamp and not empty:
2630 2630 cs_cache['date'] = _current_datetime
2631 2631
2632 2632 # also store size of repo
2633 2633 cs_cache['repo_commit_count'] = repo_commit_count
2634 2634
2635 2635 _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
2636 2636 cs_cache['updated_on'] = time.time()
2637 2637 self.changeset_cache = cs_cache
2638 2638 self.updated_on = last_change
2639 2639 Session().add(self)
2640 2640 Session().commit()
2641 2641
2642 2642 else:
2643 2643 if empty:
2644 2644 cs_cache = EmptyCommit().__json__()
2645 2645 else:
2646 2646 cs_cache = self.changeset_cache
2647 2647
2648 2648 _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
2649 2649
2650 2650 cs_cache['updated_on'] = time.time()
2651 2651 self.changeset_cache = cs_cache
2652 2652 self.updated_on = _date_latest
2653 2653 Session().add(self)
2654 2654 Session().commit()
2655 2655
2656 2656 log.debug('updated repo `%s` with new commit cache %s, and last update_date: %s',
2657 2657 self.repo_name, cs_cache, _date_latest)
2658 2658
2659 2659 @property
2660 2660 def tip(self):
2661 2661 return self.get_commit('tip')
2662 2662
2663 2663 @property
2664 2664 def author(self):
2665 2665 return self.tip.author
2666 2666
2667 2667 @property
2668 2668 def last_change(self):
2669 2669 return self.scm_instance().last_change
2670 2670
2671 2671 def get_comments(self, revisions=None):
2672 2672 """
2673 2673 Returns comments for this repository grouped by revisions
2674 2674
2675 2675 :param revisions: filter query by revisions only
2676 2676 """
2677 2677 cmts = ChangesetComment.query()\
2678 2678 .filter(ChangesetComment.repo == self)
2679 2679 if revisions:
2680 2680 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2681 2681 grouped = collections.defaultdict(list)
2682 2682 for cmt in cmts.all():
2683 2683 grouped[cmt.revision].append(cmt)
2684 2684 return grouped
2685 2685
2686 2686 def statuses(self, revisions=None):
2687 2687 """
2688 2688 Returns statuses for this repository
2689 2689
2690 2690 :param revisions: list of revisions to get statuses for
2691 2691 """
2692 2692 statuses = ChangesetStatus.query()\
2693 2693 .filter(ChangesetStatus.repo == self)\
2694 2694 .filter(ChangesetStatus.version == 0)
2695 2695
2696 2696 if revisions:
2697 2697 # Try doing the filtering in chunks to avoid hitting limits
2698 2698 size = 500
2699 2699 status_results = []
2700 2700 for chunk in range(0, len(revisions), size):
2701 2701 status_results += statuses.filter(
2702 2702 ChangesetStatus.revision.in_(
2703 2703 revisions[chunk: chunk+size])
2704 2704 ).all()
2705 2705 else:
2706 2706 status_results = statuses.all()
2707 2707
2708 2708 grouped = {}
2709 2709
2710 2710 # maybe we have open new pullrequest without a status?
2711 2711 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2712 2712 status_lbl = ChangesetStatus.get_status_lbl(stat)
2713 2713 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2714 2714 for rev in pr.revisions:
2715 2715 pr_id = pr.pull_request_id
2716 2716 pr_repo = pr.target_repo.repo_name
2717 2717 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2718 2718
2719 2719 for stat in status_results:
2720 2720 pr_id = pr_repo = None
2721 2721 if stat.pull_request:
2722 2722 pr_id = stat.pull_request.pull_request_id
2723 2723 pr_repo = stat.pull_request.target_repo.repo_name
2724 2724 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2725 2725 pr_id, pr_repo]
2726 2726 return grouped
2727 2727
2728 2728 # ==========================================================================
2729 2729 # SCM CACHE INSTANCE
2730 2730 # ==========================================================================
2731 2731
2732 2732 def scm_instance(self, **kwargs):
2733 2733 import rhodecode
2734 2734
2735 2735 # Passing a config will not hit the cache currently only used
2736 2736 # for repo2dbmapper
2737 2737 config = kwargs.pop('config', None)
2738 2738 cache = kwargs.pop('cache', None)
2739 2739 vcs_full_cache = kwargs.pop('vcs_full_cache', None)
2740 2740 if vcs_full_cache is not None:
2741 2741 # allows override global config
2742 2742 full_cache = vcs_full_cache
2743 2743 else:
2744 2744 full_cache = rhodecode.ConfigGet().get_bool('vcs_full_cache')
2745 2745 # if cache is NOT defined use default global, else we have a full
2746 2746 # control over cache behaviour
2747 2747 if cache is None and full_cache and not config:
2748 2748 log.debug('Initializing pure cached instance for %s', self.repo_path)
2749 2749 return self._get_instance_cached()
2750 2750
2751 2751 # cache here is sent to the "vcs server"
2752 2752 return self._get_instance(cache=bool(cache), config=config)
2753 2753
2754 2754 def _get_instance_cached(self):
2755 2755 from rhodecode.lib import rc_cache
2756 2756
2757 2757 cache_namespace_uid = f'repo_instance.{self.repo_id}'
2758 2758 region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
2759 2759
2760 2760 # we must use thread scoped cache here,
2761 2761 # because each thread of gevent needs it's own not shared connection and cache
2762 2762 # we also alter `args` so the cache key is individual for every green thread.
2763 2763 repo_namespace_key = CacheKey.REPO_INVALIDATION_NAMESPACE.format(repo_id=self.repo_id)
2764 2764 inv_context_manager = rc_cache.InvalidationContext(key=repo_namespace_key, thread_scoped=True)
2765 2765
2766 2766 # our wrapped caching function that takes state_uid to save the previous state in
2767 2767 def cache_generator(_state_uid):
2768 2768
2769 2769 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
2770 2770 def get_instance_cached(_repo_id, _process_context_id):
2771 2771 # we save in cached func the generation state so we can detect a change and invalidate caches
2772 2772 return _state_uid, self._get_instance(repo_state_uid=_state_uid)
2773 2773
2774 2774 return get_instance_cached
2775 2775
2776 2776 with inv_context_manager as invalidation_context:
2777 2777 cache_state_uid = invalidation_context.state_uid
2778 2778 cache_func = cache_generator(cache_state_uid)
2779 2779
2780 2780 args = self.repo_id, inv_context_manager.proc_key
2781 2781
2782 2782 previous_state_uid, instance = cache_func(*args)
2783 2783
2784 2784 # now compare keys, the "cache" state vs expected state.
2785 2785 if previous_state_uid != cache_state_uid:
2786 2786 log.warning('Cached state uid %s is different than current state uid %s',
2787 2787 previous_state_uid, cache_state_uid)
2788 2788 _, instance = cache_func.refresh(*args)
2789 2789
2790 2790 log.debug('Repo instance fetched in %.4fs', inv_context_manager.compute_time)
2791 2791 return instance
2792 2792
2793 2793 def _get_instance(self, cache=True, config=None, repo_state_uid=None):
2794 2794 log.debug('Initializing %s instance `%s` with cache flag set to: %s',
2795 2795 self.repo_type, self.repo_path, cache)
2796 2796 config = config or self._config
2797 2797 custom_wire = {
2798 2798 'cache': cache, # controls the vcs.remote cache
2799 2799 'repo_state_uid': repo_state_uid
2800 2800 }
2801 2801
2802 2802 repo = get_vcs_instance(
2803 2803 repo_path=safe_str(self.repo_full_path),
2804 2804 config=config,
2805 2805 with_wire=custom_wire,
2806 2806 create=False,
2807 2807 _vcs_alias=self.repo_type)
2808 2808 if repo is not None:
2809 2809 repo.count() # cache rebuild
2810 2810
2811 2811 return repo
2812 2812
2813 2813 def get_shadow_repository_path(self, workspace_id):
2814 2814 from rhodecode.lib.vcs.backends.base import BaseRepository
2815 2815 shadow_repo_path = BaseRepository._get_shadow_repository_path(
2816 2816 self.repo_full_path, self.repo_id, workspace_id)
2817 2817 return shadow_repo_path
2818 2818
2819 2819 def __json__(self):
2820 2820 return {'landing_rev': self.landing_rev}
2821 2821
2822 2822 def get_dict(self):
2823 2823
2824 2824 # Since we transformed `repo_name` to a hybrid property, we need to
2825 2825 # keep compatibility with the code which uses `repo_name` field.
2826 2826
2827 2827 result = super(Repository, self).get_dict()
2828 2828 result['repo_name'] = result.pop('_repo_name', None)
2829 2829 result.pop('_changeset_cache', '')
2830 2830 return result
2831 2831
2832 2832
2833 2833 class RepoGroup(Base, BaseModel):
2834 2834 __tablename__ = 'groups'
2835 2835 __table_args__ = (
2836 2836 UniqueConstraint('group_name', 'group_parent_id'),
2837 2837 base_table_args,
2838 2838 )
2839 2839
2840 2840 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2841 2841
2842 2842 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2843 2843 _group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2844 2844 group_name_hash = Column("repo_group_name_hash", String(1024), nullable=False, unique=False)
2845 2845 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2846 2846 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2847 2847 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2848 2848 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2849 2849 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2850 2850 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2851 2851 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2852 2852 _changeset_cache = Column("changeset_cache", LargeBinary(), nullable=True) # JSON data
2853 2853
2854 2854 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id', back_populates='group')
2855 2855 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all', back_populates='group')
2856 2856 parent_group = relationship('RepoGroup', remote_side=group_id)
2857 2857 user = relationship('User', back_populates='repository_groups')
2858 2858 integrations = relationship('Integration', cascade="all, delete-orphan", back_populates='repo_group')
2859 2859
2860 2860 # no cascade, set NULL
2861 2861 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_group_id==RepoGroup.group_id', viewonly=True)
2862 2862
2863 2863 def __init__(self, group_name='', parent_group=None):
2864 2864 self.group_name = group_name
2865 2865 self.parent_group = parent_group
2866 2866
2867 2867 def __repr__(self):
2868 2868 return f"<{self.cls_name}('id:{self.group_id}:{self.group_name}')>"
2869 2869
2870 2870 @hybrid_property
2871 2871 def group_name(self):
2872 2872 return self._group_name
2873 2873
2874 2874 @group_name.setter
2875 2875 def group_name(self, value):
2876 2876 self._group_name = value
2877 2877 self.group_name_hash = self.hash_repo_group_name(value)
2878 2878
2879 2879 @classmethod
2880 2880 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
2881 2881 from rhodecode.lib.vcs.backends.base import EmptyCommit
2882 2882 dummy = EmptyCommit().__json__()
2883 2883 if not changeset_cache_raw:
2884 2884 dummy['source_repo_id'] = repo_id
2885 2885 return json.loads(json.dumps(dummy))
2886 2886
2887 2887 try:
2888 2888 return json.loads(changeset_cache_raw)
2889 2889 except TypeError:
2890 2890 return dummy
2891 2891 except Exception:
2892 2892 log.error(traceback.format_exc())
2893 2893 return dummy
2894 2894
2895 2895 @hybrid_property
2896 2896 def changeset_cache(self):
2897 2897 return self._load_changeset_cache('', self._changeset_cache)
2898 2898
2899 2899 @changeset_cache.setter
2900 2900 def changeset_cache(self, val):
2901 2901 try:
2902 2902 self._changeset_cache = json.dumps(val)
2903 2903 except Exception:
2904 2904 log.error(traceback.format_exc())
2905 2905
2906 2906 @validates('group_parent_id')
2907 2907 def validate_group_parent_id(self, key, val):
2908 2908 """
2909 2909 Check cycle references for a parent group to self
2910 2910 """
2911 2911 if self.group_id and val:
2912 2912 assert val != self.group_id
2913 2913
2914 2914 return val
2915 2915
2916 2916 @hybrid_property
2917 2917 def description_safe(self):
2918 2918 from rhodecode.lib import helpers as h
2919 2919 return h.escape(self.group_description)
2920 2920
2921 2921 @classmethod
2922 2922 def hash_repo_group_name(cls, repo_group_name):
2923 2923 val = remove_formatting(repo_group_name)
2924 2924 val = safe_str(val).lower()
2925 2925 chars = []
2926 2926 for c in val:
2927 2927 if c not in string.ascii_letters:
2928 2928 c = str(ord(c))
2929 2929 chars.append(c)
2930 2930
2931 2931 return ''.join(chars)
2932 2932
2933 2933 @classmethod
2934 2934 def _generate_choice(cls, repo_group):
2935 2935 from webhelpers2.html import literal as _literal
2936 2936
2937 2937 def _name(k):
2938 2938 return _literal(cls.CHOICES_SEPARATOR.join(k))
2939 2939
2940 2940 return repo_group.group_id, _name(repo_group.full_path_splitted)
2941 2941
2942 2942 @classmethod
2943 2943 def groups_choices(cls, groups=None, show_empty_group=True):
2944 2944 if not groups:
2945 2945 groups = cls.query().all()
2946 2946
2947 2947 repo_groups = []
2948 2948 if show_empty_group:
2949 2949 repo_groups = [(-1, '-- %s --' % _('No parent'))]
2950 2950
2951 2951 repo_groups.extend([cls._generate_choice(x) for x in groups])
2952 2952
2953 2953 repo_groups = sorted(
2954 2954 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2955 2955 return repo_groups
2956 2956
2957 2957 @classmethod
2958 2958 def url_sep(cls):
2959 2959 return URL_SEP
2960 2960
2961 2961 @classmethod
2962 2962 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2963 2963 if case_insensitive:
2964 2964 gr = cls.query().filter(func.lower(cls.group_name)
2965 2965 == func.lower(group_name))
2966 2966 else:
2967 2967 gr = cls.query().filter(cls.group_name == group_name)
2968 2968 if cache:
2969 2969 name_key = _hash_key(group_name)
2970 2970 gr = gr.options(
2971 2971 FromCache("sql_cache_short", f"get_group_{name_key}"))
2972 2972 return gr.scalar()
2973 2973
2974 2974 @classmethod
2975 2975 def get_user_personal_repo_group(cls, user_id):
2976 2976 user = User.get(user_id)
2977 2977 if user.username == User.DEFAULT_USER:
2978 2978 return None
2979 2979
2980 2980 return cls.query()\
2981 2981 .filter(cls.personal == true()) \
2982 2982 .filter(cls.user == user) \
2983 2983 .order_by(cls.group_id.asc()) \
2984 2984 .first()
2985 2985
2986 2986 @classmethod
2987 2987 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2988 2988 case_insensitive=True):
2989 2989 q = RepoGroup.query()
2990 2990
2991 2991 if not isinstance(user_id, Optional):
2992 2992 q = q.filter(RepoGroup.user_id == user_id)
2993 2993
2994 2994 if not isinstance(group_id, Optional):
2995 2995 q = q.filter(RepoGroup.group_parent_id == group_id)
2996 2996
2997 2997 if case_insensitive:
2998 2998 q = q.order_by(func.lower(RepoGroup.group_name))
2999 2999 else:
3000 3000 q = q.order_by(RepoGroup.group_name)
3001 3001 return q.all()
3002 3002
3003 3003 @property
3004 3004 def parents(self, parents_recursion_limit=10):
3005 3005 groups = []
3006 3006 if self.parent_group is None:
3007 3007 return groups
3008 3008 cur_gr = self.parent_group
3009 3009 groups.insert(0, cur_gr)
3010 3010 cnt = 0
3011 3011 while 1:
3012 3012 cnt += 1
3013 3013 gr = getattr(cur_gr, 'parent_group', None)
3014 3014 cur_gr = cur_gr.parent_group
3015 3015 if gr is None:
3016 3016 break
3017 3017 if cnt == parents_recursion_limit:
3018 3018 # this will prevent accidental infinit loops
3019 3019 log.error('more than %s parents found for group %s, stopping '
3020 3020 'recursive parent fetching', parents_recursion_limit, self)
3021 3021 break
3022 3022
3023 3023 groups.insert(0, gr)
3024 3024 return groups
3025 3025
3026 3026 @property
3027 3027 def last_commit_cache_update_diff(self):
3028 3028 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
3029 3029
3030 3030 @classmethod
3031 3031 def _load_commit_change(cls, last_commit_cache):
3032 3032 from rhodecode.lib.vcs.utils.helpers import parse_datetime
3033 3033 empty_date = datetime.datetime.fromtimestamp(0)
3034 3034 date_latest = last_commit_cache.get('date', empty_date)
3035 3035 try:
3036 3036 return parse_datetime(date_latest)
3037 3037 except Exception:
3038 3038 return empty_date
3039 3039
3040 3040 @property
3041 3041 def last_commit_change(self):
3042 3042 return self._load_commit_change(self.changeset_cache)
3043 3043
3044 3044 @property
3045 3045 def last_db_change(self):
3046 3046 return self.updated_on
3047 3047
3048 3048 @property
3049 3049 def children(self):
3050 3050 return RepoGroup.query().filter(RepoGroup.parent_group == self)
3051 3051
3052 3052 @property
3053 3053 def name(self):
3054 3054 return self.group_name.split(RepoGroup.url_sep())[-1]
3055 3055
3056 3056 @property
3057 3057 def full_path(self):
3058 3058 return self.group_name
3059 3059
3060 3060 @property
3061 3061 def full_path_splitted(self):
3062 3062 return self.group_name.split(RepoGroup.url_sep())
3063 3063
3064 3064 @property
3065 3065 def repositories(self):
3066 3066 return Repository.query()\
3067 3067 .filter(Repository.group == self)\
3068 3068 .order_by(Repository.repo_name)
3069 3069
3070 3070 @property
3071 3071 def repositories_recursive_count(self):
3072 3072 cnt = self.repositories.count()
3073 3073
3074 3074 def children_count(group):
3075 3075 cnt = 0
3076 3076 for child in group.children:
3077 3077 cnt += child.repositories.count()
3078 3078 cnt += children_count(child)
3079 3079 return cnt
3080 3080
3081 3081 return cnt + children_count(self)
3082 3082
3083 3083 def _recursive_objects(self, include_repos=True, include_groups=True):
3084 3084 all_ = []
3085 3085
3086 3086 def _get_members(root_gr):
3087 3087 if include_repos:
3088 3088 for r in root_gr.repositories:
3089 3089 all_.append(r)
3090 3090 childs = root_gr.children.all()
3091 3091 if childs:
3092 3092 for gr in childs:
3093 3093 if include_groups:
3094 3094 all_.append(gr)
3095 3095 _get_members(gr)
3096 3096
3097 3097 root_group = []
3098 3098 if include_groups:
3099 3099 root_group = [self]
3100 3100
3101 3101 _get_members(self)
3102 3102 return root_group + all_
3103 3103
3104 3104 def recursive_groups_and_repos(self):
3105 3105 """
3106 3106 Recursive return all groups, with repositories in those groups
3107 3107 """
3108 3108 return self._recursive_objects()
3109 3109
3110 3110 def recursive_groups(self):
3111 3111 """
3112 3112 Returns all children groups for this group including children of children
3113 3113 """
3114 3114 return self._recursive_objects(include_repos=False)
3115 3115
3116 3116 def recursive_repos(self):
3117 3117 """
3118 3118 Returns all children repositories for this group
3119 3119 """
3120 3120 return self._recursive_objects(include_groups=False)
3121 3121
3122 3122 def get_new_name(self, group_name):
3123 3123 """
3124 3124 returns new full group name based on parent and new name
3125 3125
3126 3126 :param group_name:
3127 3127 """
3128 3128 path_prefix = (self.parent_group.full_path_splitted if
3129 3129 self.parent_group else [])
3130 3130 return RepoGroup.url_sep().join(path_prefix + [group_name])
3131 3131
3132 3132 def update_commit_cache(self, config=None):
3133 3133 """
3134 3134 Update cache of last commit for newest repository inside this repository group.
3135 3135 cache_keys should be::
3136 3136
3137 3137 source_repo_id
3138 3138 short_id
3139 3139 raw_id
3140 3140 revision
3141 3141 parents
3142 3142 message
3143 3143 date
3144 3144 author
3145 3145
3146 3146 """
3147 3147 from rhodecode.lib.vcs.utils.helpers import parse_datetime
3148 3148 empty_date = datetime.datetime.fromtimestamp(0)
3149 3149
3150 3150 def repo_groups_and_repos(root_gr):
3151 3151 for _repo in root_gr.repositories:
3152 3152 yield _repo
3153 3153 for child_group in root_gr.children.all():
3154 3154 yield child_group
3155 3155
3156 3156 latest_repo_cs_cache = {}
3157 3157 for obj in repo_groups_and_repos(self):
3158 3158 repo_cs_cache = obj.changeset_cache
3159 3159 date_latest = latest_repo_cs_cache.get('date', empty_date)
3160 3160 date_current = repo_cs_cache.get('date', empty_date)
3161 3161 current_timestamp = datetime_to_time(parse_datetime(date_latest))
3162 3162 if current_timestamp < datetime_to_time(parse_datetime(date_current)):
3163 3163 latest_repo_cs_cache = repo_cs_cache
3164 3164 if hasattr(obj, 'repo_id'):
3165 3165 latest_repo_cs_cache['source_repo_id'] = obj.repo_id
3166 3166 else:
3167 3167 latest_repo_cs_cache['source_repo_id'] = repo_cs_cache.get('source_repo_id')
3168 3168
3169 3169 _date_latest = parse_datetime(latest_repo_cs_cache.get('date') or empty_date)
3170 3170
3171 3171 latest_repo_cs_cache['updated_on'] = time.time()
3172 3172 self.changeset_cache = latest_repo_cs_cache
3173 3173 self.updated_on = _date_latest
3174 3174 Session().add(self)
3175 3175 Session().commit()
3176 3176
3177 3177 log.debug('updated repo group `%s` with new commit cache %s, and last update_date: %s',
3178 3178 self.group_name, latest_repo_cs_cache, _date_latest)
3179 3179
3180 3180 def permissions(self, with_admins=True, with_owner=True,
3181 3181 expand_from_user_groups=False):
3182 3182 """
3183 3183 Permissions for repository groups
3184 3184 """
3185 3185 _admin_perm = 'group.admin'
3186 3186
3187 3187 owner_row = []
3188 3188 if with_owner:
3189 3189 usr = AttributeDict(self.user.get_dict())
3190 3190 usr.owner_row = True
3191 3191 usr.permission = _admin_perm
3192 3192 owner_row.append(usr)
3193 3193
3194 3194 super_admin_ids = []
3195 3195 super_admin_rows = []
3196 3196 if with_admins:
3197 3197 for usr in User.get_all_super_admins():
3198 3198 super_admin_ids.append(usr.user_id)
3199 3199 # if this admin is also owner, don't double the record
3200 3200 if usr.user_id == owner_row[0].user_id:
3201 3201 owner_row[0].admin_row = True
3202 3202 else:
3203 3203 usr = AttributeDict(usr.get_dict())
3204 3204 usr.admin_row = True
3205 3205 usr.permission = _admin_perm
3206 3206 super_admin_rows.append(usr)
3207 3207
3208 3208 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
3209 3209 q = q.options(joinedload(UserRepoGroupToPerm.group),
3210 3210 joinedload(UserRepoGroupToPerm.user),
3211 3211 joinedload(UserRepoGroupToPerm.permission),)
3212 3212
3213 3213 # get owners and admins and permissions. We do a trick of re-writing
3214 3214 # objects from sqlalchemy to named-tuples due to sqlalchemy session
3215 3215 # has a global reference and changing one object propagates to all
3216 3216 # others. This means if admin is also an owner admin_row that change
3217 3217 # would propagate to both objects
3218 3218 perm_rows = []
3219 3219 for _usr in q.all():
3220 3220 usr = AttributeDict(_usr.user.get_dict())
3221 3221 # if this user is also owner/admin, mark as duplicate record
3222 3222 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
3223 3223 usr.duplicate_perm = True
3224 3224 usr.permission = _usr.permission.permission_name
3225 3225 perm_rows.append(usr)
3226 3226
3227 3227 # filter the perm rows by 'default' first and then sort them by
3228 3228 # admin,write,read,none permissions sorted again alphabetically in
3229 3229 # each group
3230 3230 perm_rows = sorted(perm_rows, key=display_user_sort)
3231 3231
3232 3232 user_groups_rows = []
3233 3233 if expand_from_user_groups:
3234 3234 for ug in self.permission_user_groups(with_members=True):
3235 3235 for user_data in ug.members:
3236 3236 user_groups_rows.append(user_data)
3237 3237
3238 3238 return super_admin_rows + owner_row + perm_rows + user_groups_rows
3239 3239
3240 3240 def permission_user_groups(self, with_members=False):
3241 3241 q = UserGroupRepoGroupToPerm.query()\
3242 3242 .filter(UserGroupRepoGroupToPerm.group == self)
3243 3243 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
3244 3244 joinedload(UserGroupRepoGroupToPerm.users_group),
3245 3245 joinedload(UserGroupRepoGroupToPerm.permission),)
3246 3246
3247 3247 perm_rows = []
3248 3248 for _user_group in q.all():
3249 3249 entry = AttributeDict(_user_group.users_group.get_dict())
3250 3250 entry.permission = _user_group.permission.permission_name
3251 3251 if with_members:
3252 3252 entry.members = [x.user.get_dict()
3253 3253 for x in _user_group.users_group.members]
3254 3254 perm_rows.append(entry)
3255 3255
3256 3256 perm_rows = sorted(perm_rows, key=display_user_group_sort)
3257 3257 return perm_rows
3258 3258
3259 3259 def get_api_data(self):
3260 3260 """
3261 3261 Common function for generating api data
3262 3262
3263 3263 """
3264 3264 group = self
3265 3265 data = {
3266 3266 'group_id': group.group_id,
3267 3267 'group_name': group.group_name,
3268 3268 'group_description': group.description_safe,
3269 3269 'parent_group': group.parent_group.group_name if group.parent_group else None,
3270 3270 'repositories': [x.repo_name for x in group.repositories],
3271 3271 'owner': group.user.username,
3272 3272 }
3273 3273 return data
3274 3274
3275 3275 def get_dict(self):
3276 3276 # Since we transformed `group_name` to a hybrid property, we need to
3277 3277 # keep compatibility with the code which uses `group_name` field.
3278 3278 result = super(RepoGroup, self).get_dict()
3279 3279 result['group_name'] = result.pop('_group_name', None)
3280 3280 result.pop('_changeset_cache', '')
3281 3281 return result
3282 3282
3283 3283
3284 3284 class Permission(Base, BaseModel):
3285 3285 __tablename__ = 'permissions'
3286 3286 __table_args__ = (
3287 3287 Index('p_perm_name_idx', 'permission_name'),
3288 3288 base_table_args,
3289 3289 )
3290 3290
3291 3291 PERMS = [
3292 3292 ('hg.admin', _('RhodeCode Super Administrator')),
3293 3293
3294 3294 ('repository.none', _('Repository no access')),
3295 3295 ('repository.read', _('Repository read access')),
3296 3296 ('repository.write', _('Repository write access')),
3297 3297 ('repository.admin', _('Repository admin access')),
3298 3298
3299 3299 ('group.none', _('Repository group no access')),
3300 3300 ('group.read', _('Repository group read access')),
3301 3301 ('group.write', _('Repository group write access')),
3302 3302 ('group.admin', _('Repository group admin access')),
3303 3303
3304 3304 ('usergroup.none', _('User group no access')),
3305 3305 ('usergroup.read', _('User group read access')),
3306 3306 ('usergroup.write', _('User group write access')),
3307 3307 ('usergroup.admin', _('User group admin access')),
3308 3308
3309 3309 ('branch.none', _('Branch no permissions')),
3310 3310 ('branch.merge', _('Branch access by web merge')),
3311 3311 ('branch.push', _('Branch access by push')),
3312 3312 ('branch.push_force', _('Branch access by push with force')),
3313 3313
3314 3314 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
3315 3315 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
3316 3316
3317 3317 ('hg.usergroup.create.false', _('User Group creation disabled')),
3318 3318 ('hg.usergroup.create.true', _('User Group creation enabled')),
3319 3319
3320 3320 ('hg.create.none', _('Repository creation disabled')),
3321 3321 ('hg.create.repository', _('Repository creation enabled')),
3322 3322 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
3323 3323 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
3324 3324
3325 3325 ('hg.fork.none', _('Repository forking disabled')),
3326 3326 ('hg.fork.repository', _('Repository forking enabled')),
3327 3327
3328 3328 ('hg.register.none', _('Registration disabled')),
3329 3329 ('hg.register.manual_activate', _('User Registration with manual account activation')),
3330 3330 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
3331 3331
3332 3332 ('hg.password_reset.enabled', _('Password reset enabled')),
3333 3333 ('hg.password_reset.hidden', _('Password reset hidden')),
3334 3334 ('hg.password_reset.disabled', _('Password reset disabled')),
3335 3335
3336 3336 ('hg.extern_activate.manual', _('Manual activation of external account')),
3337 3337 ('hg.extern_activate.auto', _('Automatic activation of external account')),
3338 3338
3339 3339 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
3340 3340 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
3341 3341 ]
3342 3342
3343 3343 # definition of system default permissions for DEFAULT user, created on
3344 3344 # system setup
3345 3345 DEFAULT_USER_PERMISSIONS = [
3346 3346 # object perms
3347 3347 'repository.read',
3348 3348 'group.read',
3349 3349 'usergroup.read',
3350 3350 # branch, for backward compat we need same value as before so forced pushed
3351 3351 'branch.push_force',
3352 3352 # global
3353 3353 'hg.create.repository',
3354 3354 'hg.repogroup.create.false',
3355 3355 'hg.usergroup.create.false',
3356 3356 'hg.create.write_on_repogroup.true',
3357 3357 'hg.fork.repository',
3358 3358 'hg.register.manual_activate',
3359 3359 'hg.password_reset.enabled',
3360 3360 'hg.extern_activate.auto',
3361 3361 'hg.inherit_default_perms.true',
3362 3362 ]
3363 3363
3364 3364 # defines which permissions are more important higher the more important
3365 3365 # Weight defines which permissions are more important.
3366 3366 # The higher number the more important.
3367 3367 PERM_WEIGHTS = {
3368 3368 'repository.none': 0,
3369 3369 'repository.read': 1,
3370 3370 'repository.write': 3,
3371 3371 'repository.admin': 4,
3372 3372
3373 3373 'group.none': 0,
3374 3374 'group.read': 1,
3375 3375 'group.write': 3,
3376 3376 'group.admin': 4,
3377 3377
3378 3378 'usergroup.none': 0,
3379 3379 'usergroup.read': 1,
3380 3380 'usergroup.write': 3,
3381 3381 'usergroup.admin': 4,
3382 3382
3383 3383 'branch.none': 0,
3384 3384 'branch.merge': 1,
3385 3385 'branch.push': 3,
3386 3386 'branch.push_force': 4,
3387 3387
3388 3388 'hg.repogroup.create.false': 0,
3389 3389 'hg.repogroup.create.true': 1,
3390 3390
3391 3391 'hg.usergroup.create.false': 0,
3392 3392 'hg.usergroup.create.true': 1,
3393 3393
3394 3394 'hg.fork.none': 0,
3395 3395 'hg.fork.repository': 1,
3396 3396 'hg.create.none': 0,
3397 3397 'hg.create.repository': 1
3398 3398 }
3399 3399
3400 3400 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3401 3401 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
3402 3402 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
3403 3403
3404 3404 def __repr__(self):
3405 3405 return "<%s('%s:%s')>" % (
3406 3406 self.cls_name, self.permission_id, self.permission_name
3407 3407 )
3408 3408
3409 3409 @classmethod
3410 3410 def get_by_key(cls, key):
3411 3411 return cls.query().filter(cls.permission_name == key).scalar()
3412 3412
3413 3413 @classmethod
3414 3414 def get_default_repo_perms(cls, user_id, repo_id=None):
3415 3415 q = Session().query(UserRepoToPerm, Repository, Permission)\
3416 3416 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
3417 3417 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
3418 3418 .filter(UserRepoToPerm.user_id == user_id)
3419 3419 if repo_id:
3420 3420 q = q.filter(UserRepoToPerm.repository_id == repo_id)
3421 3421 return q.all()
3422 3422
3423 3423 @classmethod
3424 3424 def get_default_repo_branch_perms(cls, user_id, repo_id=None):
3425 3425 q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \
3426 3426 .join(
3427 3427 Permission,
3428 3428 UserToRepoBranchPermission.permission_id == Permission.permission_id) \
3429 3429 .join(
3430 3430 UserRepoToPerm,
3431 3431 UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \
3432 3432 .filter(UserRepoToPerm.user_id == user_id)
3433 3433
3434 3434 if repo_id:
3435 3435 q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)
3436 3436 return q.order_by(UserToRepoBranchPermission.rule_order).all()
3437 3437
3438 3438 @classmethod
3439 3439 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
3440 3440 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
3441 3441 .join(
3442 3442 Permission,
3443 3443 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
3444 3444 .join(
3445 3445 Repository,
3446 3446 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
3447 3447 .join(
3448 3448 UserGroup,
3449 3449 UserGroupRepoToPerm.users_group_id ==
3450 3450 UserGroup.users_group_id)\
3451 3451 .join(
3452 3452 UserGroupMember,
3453 3453 UserGroupRepoToPerm.users_group_id ==
3454 3454 UserGroupMember.users_group_id)\
3455 3455 .filter(
3456 3456 UserGroupMember.user_id == user_id,
3457 3457 UserGroup.users_group_active == true())
3458 3458 if repo_id:
3459 3459 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
3460 3460 return q.all()
3461 3461
3462 3462 @classmethod
3463 3463 def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):
3464 3464 q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \
3465 3465 .join(
3466 3466 Permission,
3467 3467 UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \
3468 3468 .join(
3469 3469 UserGroupRepoToPerm,
3470 3470 UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \
3471 3471 .join(
3472 3472 UserGroup,
3473 3473 UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \
3474 3474 .join(
3475 3475 UserGroupMember,
3476 3476 UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \
3477 3477 .filter(
3478 3478 UserGroupMember.user_id == user_id,
3479 3479 UserGroup.users_group_active == true())
3480 3480
3481 3481 if repo_id:
3482 3482 q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)
3483 3483 return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()
3484 3484
3485 3485 @classmethod
3486 3486 def get_default_group_perms(cls, user_id, repo_group_id=None):
3487 3487 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
3488 3488 .join(
3489 3489 Permission,
3490 3490 UserRepoGroupToPerm.permission_id == Permission.permission_id)\
3491 3491 .join(
3492 3492 RepoGroup,
3493 3493 UserRepoGroupToPerm.group_id == RepoGroup.group_id)\
3494 3494 .filter(UserRepoGroupToPerm.user_id == user_id)
3495 3495 if repo_group_id:
3496 3496 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
3497 3497 return q.all()
3498 3498
3499 3499 @classmethod
3500 3500 def get_default_group_perms_from_user_group(
3501 3501 cls, user_id, repo_group_id=None):
3502 3502 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
3503 3503 .join(
3504 3504 Permission,
3505 3505 UserGroupRepoGroupToPerm.permission_id ==
3506 3506 Permission.permission_id)\
3507 3507 .join(
3508 3508 RepoGroup,
3509 3509 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
3510 3510 .join(
3511 3511 UserGroup,
3512 3512 UserGroupRepoGroupToPerm.users_group_id ==
3513 3513 UserGroup.users_group_id)\
3514 3514 .join(
3515 3515 UserGroupMember,
3516 3516 UserGroupRepoGroupToPerm.users_group_id ==
3517 3517 UserGroupMember.users_group_id)\
3518 3518 .filter(
3519 3519 UserGroupMember.user_id == user_id,
3520 3520 UserGroup.users_group_active == true())
3521 3521 if repo_group_id:
3522 3522 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
3523 3523 return q.all()
3524 3524
3525 3525 @classmethod
3526 3526 def get_default_user_group_perms(cls, user_id, user_group_id=None):
3527 3527 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
3528 3528 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
3529 3529 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
3530 3530 .filter(UserUserGroupToPerm.user_id == user_id)
3531 3531 if user_group_id:
3532 3532 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
3533 3533 return q.all()
3534 3534
3535 3535 @classmethod
3536 3536 def get_default_user_group_perms_from_user_group(
3537 3537 cls, user_id, user_group_id=None):
3538 3538 TargetUserGroup = aliased(UserGroup, name='target_user_group')
3539 3539 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
3540 3540 .join(
3541 3541 Permission,
3542 3542 UserGroupUserGroupToPerm.permission_id ==
3543 3543 Permission.permission_id)\
3544 3544 .join(
3545 3545 TargetUserGroup,
3546 3546 UserGroupUserGroupToPerm.target_user_group_id ==
3547 3547 TargetUserGroup.users_group_id)\
3548 3548 .join(
3549 3549 UserGroup,
3550 3550 UserGroupUserGroupToPerm.user_group_id ==
3551 3551 UserGroup.users_group_id)\
3552 3552 .join(
3553 3553 UserGroupMember,
3554 3554 UserGroupUserGroupToPerm.user_group_id ==
3555 3555 UserGroupMember.users_group_id)\
3556 3556 .filter(
3557 3557 UserGroupMember.user_id == user_id,
3558 3558 UserGroup.users_group_active == true())
3559 3559 if user_group_id:
3560 3560 q = q.filter(
3561 3561 UserGroupUserGroupToPerm.user_group_id == user_group_id)
3562 3562
3563 3563 return q.all()
3564 3564
3565 3565
3566 3566 class UserRepoToPerm(Base, BaseModel):
3567 3567 __tablename__ = 'repo_to_perm'
3568 3568 __table_args__ = (
3569 3569 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
3570 3570 base_table_args
3571 3571 )
3572 3572
3573 3573 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3574 3574 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3575 3575 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3576 3576 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3577 3577
3578 3578 user = relationship('User', back_populates="repo_to_perm")
3579 3579 repository = relationship('Repository', back_populates="repo_to_perm")
3580 3580 permission = relationship('Permission')
3581 3581
3582 3582 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete-orphan", lazy='joined', back_populates='user_repo_to_perm')
3583 3583
3584 3584 @classmethod
3585 3585 def create(cls, user, repository, permission):
3586 3586 n = cls()
3587 3587 n.user = user
3588 3588 n.repository = repository
3589 3589 n.permission = permission
3590 3590 Session().add(n)
3591 3591 return n
3592 3592
3593 3593 def __repr__(self):
3594 3594 return f'<{self.user} => {self.repository} >'
3595 3595
3596 3596
3597 3597 class UserUserGroupToPerm(Base, BaseModel):
3598 3598 __tablename__ = 'user_user_group_to_perm'
3599 3599 __table_args__ = (
3600 3600 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
3601 3601 base_table_args
3602 3602 )
3603 3603
3604 3604 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3605 3605 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3606 3606 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3607 3607 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3608 3608
3609 3609 user = relationship('User', back_populates='user_group_to_perm')
3610 3610 user_group = relationship('UserGroup', back_populates='user_user_group_to_perm')
3611 3611 permission = relationship('Permission')
3612 3612
3613 3613 @classmethod
3614 3614 def create(cls, user, user_group, permission):
3615 3615 n = cls()
3616 3616 n.user = user
3617 3617 n.user_group = user_group
3618 3618 n.permission = permission
3619 3619 Session().add(n)
3620 3620 return n
3621 3621
3622 3622 def __repr__(self):
3623 3623 return f'<{self.user} => {self.user_group} >'
3624 3624
3625 3625
3626 3626 class UserToPerm(Base, BaseModel):
3627 3627 __tablename__ = 'user_to_perm'
3628 3628 __table_args__ = (
3629 3629 UniqueConstraint('user_id', 'permission_id'),
3630 3630 base_table_args
3631 3631 )
3632 3632
3633 3633 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3634 3634 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3635 3635 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3636 3636
3637 3637 user = relationship('User', back_populates='user_perms')
3638 3638 permission = relationship('Permission', lazy='joined')
3639 3639
3640 3640 def __repr__(self):
3641 3641 return f'<{self.user} => {self.permission} >'
3642 3642
3643 3643
3644 3644 class UserGroupRepoToPerm(Base, BaseModel):
3645 3645 __tablename__ = 'users_group_repo_to_perm'
3646 3646 __table_args__ = (
3647 3647 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
3648 3648 base_table_args
3649 3649 )
3650 3650
3651 3651 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3652 3652 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3653 3653 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3654 3654 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3655 3655
3656 3656 users_group = relationship('UserGroup', back_populates='users_group_repo_to_perm')
3657 3657 permission = relationship('Permission')
3658 3658 repository = relationship('Repository', back_populates='users_group_to_perm')
3659 3659 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission', cascade='all', back_populates='user_group_repo_to_perm')
3660 3660
3661 3661 @classmethod
3662 3662 def create(cls, users_group, repository, permission):
3663 3663 n = cls()
3664 3664 n.users_group = users_group
3665 3665 n.repository = repository
3666 3666 n.permission = permission
3667 3667 Session().add(n)
3668 3668 return n
3669 3669
3670 3670 def __repr__(self):
3671 3671 return f'<UserGroupRepoToPerm:{self.users_group} => {self.repository} >'
3672 3672
3673 3673
3674 3674 class UserGroupUserGroupToPerm(Base, BaseModel):
3675 3675 __tablename__ = 'user_group_user_group_to_perm'
3676 3676 __table_args__ = (
3677 3677 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
3678 3678 CheckConstraint('target_user_group_id != user_group_id'),
3679 3679 base_table_args
3680 3680 )
3681 3681
3682 3682 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3683 3683 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3684 3684 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3685 3685 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3686 3686
3687 3687 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id', back_populates='user_group_user_group_to_perm')
3688 3688 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3689 3689 permission = relationship('Permission')
3690 3690
3691 3691 @classmethod
3692 3692 def create(cls, target_user_group, user_group, permission):
3693 3693 n = cls()
3694 3694 n.target_user_group = target_user_group
3695 3695 n.user_group = user_group
3696 3696 n.permission = permission
3697 3697 Session().add(n)
3698 3698 return n
3699 3699
3700 3700 def __repr__(self):
3701 3701 return f'<UserGroupUserGroup:{self.target_user_group} => {self.user_group} >'
3702 3702
3703 3703
3704 3704 class UserGroupToPerm(Base, BaseModel):
3705 3705 __tablename__ = 'users_group_to_perm'
3706 3706 __table_args__ = (
3707 3707 UniqueConstraint('users_group_id', 'permission_id',),
3708 3708 base_table_args
3709 3709 )
3710 3710
3711 3711 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3712 3712 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3713 3713 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3714 3714
3715 3715 users_group = relationship('UserGroup', back_populates='users_group_to_perm')
3716 3716 permission = relationship('Permission')
3717 3717
3718 3718
3719 3719 class UserRepoGroupToPerm(Base, BaseModel):
3720 3720 __tablename__ = 'user_repo_group_to_perm'
3721 3721 __table_args__ = (
3722 3722 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3723 3723 base_table_args
3724 3724 )
3725 3725
3726 3726 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3727 3727 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3728 3728 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3729 3729 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3730 3730
3731 3731 user = relationship('User', back_populates='repo_group_to_perm')
3732 3732 group = relationship('RepoGroup', back_populates='repo_group_to_perm')
3733 3733 permission = relationship('Permission')
3734 3734
3735 3735 @classmethod
3736 3736 def create(cls, user, repository_group, permission):
3737 3737 n = cls()
3738 3738 n.user = user
3739 3739 n.group = repository_group
3740 3740 n.permission = permission
3741 3741 Session().add(n)
3742 3742 return n
3743 3743
3744 3744
3745 3745 class UserGroupRepoGroupToPerm(Base, BaseModel):
3746 3746 __tablename__ = 'users_group_repo_group_to_perm'
3747 3747 __table_args__ = (
3748 3748 UniqueConstraint('users_group_id', 'group_id'),
3749 3749 base_table_args
3750 3750 )
3751 3751
3752 3752 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3753 3753 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3754 3754 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3755 3755 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3756 3756
3757 3757 users_group = relationship('UserGroup', back_populates='users_group_repo_group_to_perm')
3758 3758 permission = relationship('Permission')
3759 3759 group = relationship('RepoGroup', back_populates='users_group_to_perm')
3760 3760
3761 3761 @classmethod
3762 3762 def create(cls, user_group, repository_group, permission):
3763 3763 n = cls()
3764 3764 n.users_group = user_group
3765 3765 n.group = repository_group
3766 3766 n.permission = permission
3767 3767 Session().add(n)
3768 3768 return n
3769 3769
3770 3770 def __repr__(self):
3771 3771 return '<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3772 3772
3773 3773
3774 3774 class Statistics(Base, BaseModel):
3775 3775 __tablename__ = 'statistics'
3776 3776 __table_args__ = (
3777 3777 base_table_args
3778 3778 )
3779 3779
3780 3780 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3781 3781 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3782 3782 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3783 3783 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False) #JSON data
3784 3784 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False) #JSON data
3785 3785 languages = Column("languages", LargeBinary(1000000), nullable=False) #JSON data
3786 3786
3787 3787 repository = relationship('Repository', single_parent=True, viewonly=True)
3788 3788
3789 3789
3790 3790 class UserFollowing(Base, BaseModel):
3791 3791 __tablename__ = 'user_followings'
3792 3792 __table_args__ = (
3793 3793 UniqueConstraint('user_id', 'follows_repository_id'),
3794 3794 UniqueConstraint('user_id', 'follows_user_id'),
3795 3795 base_table_args
3796 3796 )
3797 3797
3798 3798 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3799 3799 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3800 3800 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3801 3801 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3802 3802 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3803 3803
3804 3804 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id', back_populates='followings')
3805 3805
3806 3806 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3807 3807 follows_repository = relationship('Repository', order_by='Repository.repo_name', back_populates='followers')
3808 3808
3809 3809 @classmethod
3810 3810 def get_repo_followers(cls, repo_id):
3811 3811 return cls.query().filter(cls.follows_repo_id == repo_id)
3812 3812
3813 3813
3814 3814 class CacheKey(Base, BaseModel):
3815 3815 __tablename__ = 'cache_invalidation'
3816 3816 __table_args__ = (
3817 3817 UniqueConstraint('cache_key'),
3818 3818 Index('key_idx', 'cache_key'),
3819 3819 Index('cache_args_idx', 'cache_args'),
3820 3820 base_table_args,
3821 3821 )
3822 3822
3823 3823 CACHE_TYPE_FEED = 'FEED'
3824 3824
3825 3825 # namespaces used to register process/thread aware caches
3826 3826 REPO_INVALIDATION_NAMESPACE = 'repo_cache.v1:{repo_id}'
3827 3827
3828 3828 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3829 3829 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3830 3830 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3831 3831 cache_state_uid = Column("cache_state_uid", String(255), nullable=True, unique=None, default=None)
3832 3832 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3833 3833
3834 3834 def __init__(self, cache_key, cache_args='', cache_state_uid=None, cache_active=False):
3835 3835 self.cache_key = cache_key
3836 3836 self.cache_args = cache_args
3837 3837 self.cache_active = cache_active
3838 3838 # first key should be same for all entries, since all workers should share it
3839 3839 self.cache_state_uid = cache_state_uid or self.generate_new_state_uid()
3840 3840
3841 3841 def __repr__(self):
3842 3842 return "<%s('%s:%s[%s]')>" % (
3843 3843 self.cls_name,
3844 3844 self.cache_id, self.cache_key, self.cache_active)
3845 3845
3846 3846 def _cache_key_partition(self):
3847 3847 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3848 3848 return prefix, repo_name, suffix
3849 3849
3850 3850 def get_prefix(self):
3851 3851 """
3852 3852 Try to extract prefix from existing cache key. The key could consist
3853 3853 of prefix, repo_name, suffix
3854 3854 """
3855 3855 # this returns prefix, repo_name, suffix
3856 3856 return self._cache_key_partition()[0]
3857 3857
3858 3858 def get_suffix(self):
3859 3859 """
3860 3860 get suffix that might have been used in _get_cache_key to
3861 3861 generate self.cache_key. Only used for informational purposes
3862 3862 in repo_edit.mako.
3863 3863 """
3864 3864 # prefix, repo_name, suffix
3865 3865 return self._cache_key_partition()[2]
3866 3866
3867 3867 @classmethod
3868 3868 def generate_new_state_uid(cls, based_on=None):
3869 3869 if based_on:
3870 3870 return str(uuid.uuid5(uuid.NAMESPACE_URL, safe_str(based_on)))
3871 3871 else:
3872 3872 return str(uuid.uuid4())
3873 3873
3874 3874 @classmethod
3875 3875 def delete_all_cache(cls):
3876 3876 """
3877 3877 Delete all cache keys from database.
3878 3878 Should only be run when all instances are down and all entries
3879 3879 thus stale.
3880 3880 """
3881 3881 cls.query().delete()
3882 3882 Session().commit()
3883 3883
3884 3884 @classmethod
3885 3885 def set_invalidate(cls, cache_uid, delete=False):
3886 3886 """
3887 3887 Mark all caches of a repo as invalid in the database.
3888 3888 """
3889 3889 try:
3890 3890 qry = Session().query(cls).filter(cls.cache_key == cache_uid)
3891 3891 if delete:
3892 3892 qry.delete()
3893 3893 log.debug('cache objects deleted for cache args %s',
3894 3894 safe_str(cache_uid))
3895 3895 else:
3896 3896 new_uid = cls.generate_new_state_uid()
3897 3897 qry.update({"cache_state_uid": new_uid,
3898 3898 "cache_args": f"repo_state:{time.time()}"})
3899 3899 log.debug('cache object %s set new UID %s',
3900 3900 safe_str(cache_uid), new_uid)
3901 3901
3902 3902 Session().commit()
3903 3903 except Exception:
3904 3904 log.exception(
3905 3905 'Cache key invalidation failed for cache args %s',
3906 3906 safe_str(cache_uid))
3907 3907 Session().rollback()
3908 3908
3909 3909 @classmethod
3910 3910 def get_active_cache(cls, cache_key):
3911 3911 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3912 3912 if inv_obj:
3913 3913 return inv_obj
3914 3914 return None
3915 3915
3916 3916 @classmethod
3917 3917 def get_namespace_map(cls, namespace):
3918 3918 return {
3919 3919 x.cache_key: x
3920 3920 for x in cls.query().filter(cls.cache_args == namespace)}
3921 3921
3922 3922
3923 3923 class ChangesetComment(Base, BaseModel):
3924 3924 __tablename__ = 'changeset_comments'
3925 3925 __table_args__ = (
3926 3926 Index('cc_revision_idx', 'revision'),
3927 3927 base_table_args,
3928 3928 )
3929 3929
3930 3930 COMMENT_OUTDATED = 'comment_outdated'
3931 3931 COMMENT_TYPE_NOTE = 'note'
3932 3932 COMMENT_TYPE_TODO = 'todo'
3933 3933 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3934 3934
3935 3935 OP_IMMUTABLE = 'immutable'
3936 3936 OP_CHANGEABLE = 'changeable'
3937 3937
3938 3938 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3939 3939 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3940 3940 revision = Column('revision', String(40), nullable=True)
3941 3941 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3942 3942 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3943 3943 line_no = Column('line_no', Unicode(10), nullable=True)
3944 3944 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3945 3945 f_path = Column('f_path', Unicode(1000), nullable=True)
3946 3946 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3947 3947 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3948 3948 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3949 3949 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3950 3950 renderer = Column('renderer', Unicode(64), nullable=True)
3951 3951 display_state = Column('display_state', Unicode(128), nullable=True)
3952 3952 immutable_state = Column('immutable_state', Unicode(128), nullable=True, default=OP_CHANGEABLE)
3953 3953 draft = Column('draft', Boolean(), nullable=True, default=False)
3954 3954
3955 3955 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3956 3956 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3957 3957
3958 3958 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, back_populates='resolved_by')
3959 3959 resolved_by = relationship('ChangesetComment', back_populates='resolved_comment')
3960 3960
3961 3961 author = relationship('User', lazy='select', back_populates='user_comments')
3962 3962 repo = relationship('Repository', back_populates='comments')
3963 3963 status_change = relationship('ChangesetStatus', cascade="all, delete-orphan", lazy='select', back_populates='comment')
3964 3964 pull_request = relationship('PullRequest', lazy='select', back_populates='comments')
3965 3965 pull_request_version = relationship('PullRequestVersion', lazy='select')
3966 3966 history = relationship('ChangesetCommentHistory', cascade='all, delete-orphan', lazy='select', order_by='ChangesetCommentHistory.version', back_populates="comment")
3967 3967
3968 3968 @classmethod
3969 3969 def get_users(cls, revision=None, pull_request_id=None):
3970 3970 """
3971 3971 Returns user associated with this ChangesetComment. ie those
3972 3972 who actually commented
3973 3973
3974 3974 :param cls:
3975 3975 :param revision:
3976 3976 """
3977 3977 q = Session().query(User).join(ChangesetComment.author)
3978 3978 if revision:
3979 3979 q = q.filter(cls.revision == revision)
3980 3980 elif pull_request_id:
3981 3981 q = q.filter(cls.pull_request_id == pull_request_id)
3982 3982 return q.all()
3983 3983
3984 3984 @classmethod
3985 3985 def get_index_from_version(cls, pr_version, versions=None, num_versions=None) -> int:
3986 3986 if pr_version is None:
3987 3987 return 0
3988 3988
3989 3989 if versions is not None:
3990 3990 num_versions = [x.pull_request_version_id for x in versions]
3991 3991
3992 3992 num_versions = num_versions or []
3993 3993 try:
3994 3994 return num_versions.index(pr_version) + 1
3995 3995 except (IndexError, ValueError):
3996 3996 return 0
3997 3997
3998 3998 @property
3999 3999 def outdated(self):
4000 4000 return self.display_state == self.COMMENT_OUTDATED
4001 4001
4002 4002 @property
4003 4003 def outdated_js(self):
4004 4004 return str_json(self.display_state == self.COMMENT_OUTDATED)
4005 4005
4006 4006 @property
4007 4007 def immutable(self):
4008 4008 return self.immutable_state == self.OP_IMMUTABLE
4009 4009
4010 4010 def outdated_at_version(self, version: int) -> bool:
4011 4011 """
4012 4012 Checks if comment is outdated for given pull request version
4013 4013 """
4014 4014
4015 4015 def version_check():
4016 4016 return self.pull_request_version_id and self.pull_request_version_id != version
4017 4017
4018 4018 if self.is_inline:
4019 4019 return self.outdated and version_check()
4020 4020 else:
4021 4021 # general comments don't have .outdated set, also latest don't have a version
4022 4022 return version_check()
4023 4023
4024 4024 def outdated_at_version_js(self, version):
4025 4025 """
4026 4026 Checks if comment is outdated for given pull request version
4027 4027 """
4028 4028 return str_json(self.outdated_at_version(version))
4029 4029
4030 4030 def older_than_version(self, version: int) -> bool:
4031 4031 """
4032 4032 Checks if comment is made from a previous version than given.
4033 4033 Assumes self.pull_request_version.pull_request_version_id is an integer if not None.
4034 4034 """
4035 4035
4036 4036 # If version is None, return False as the current version cannot be less than None
4037 4037 if version is None:
4038 4038 return False
4039 4039
4040 4040 # Ensure that the version is an integer to prevent TypeError on comparison
4041 4041 if not isinstance(version, int):
4042 4042 raise ValueError("The provided version must be an integer.")
4043 4043
4044 4044 # Initialize current version to 0 or pull_request_version_id if it's available
4045 4045 cur_ver = 0
4046 4046 if self.pull_request_version and self.pull_request_version.pull_request_version_id is not None:
4047 4047 cur_ver = self.pull_request_version.pull_request_version_id
4048 4048
4049 4049 # Return True if the current version is less than the given version
4050 4050 return cur_ver < version
4051 4051
4052 4052 def older_than_version_js(self, version):
4053 4053 """
4054 4054 Checks if comment is made from previous version than given
4055 4055 """
4056 4056 return str_json(self.older_than_version(version))
4057 4057
4058 4058 @property
4059 4059 def commit_id(self):
4060 4060 """New style naming to stop using .revision"""
4061 4061 return self.revision
4062 4062
4063 4063 @property
4064 4064 def resolved(self):
4065 4065 return self.resolved_by[0] if self.resolved_by else None
4066 4066
4067 4067 @property
4068 4068 def is_todo(self):
4069 4069 return self.comment_type == self.COMMENT_TYPE_TODO
4070 4070
4071 4071 @property
4072 4072 def is_inline(self):
4073 4073 if self.line_no and self.f_path:
4074 4074 return True
4075 4075 return False
4076 4076
4077 4077 @property
4078 4078 def last_version(self):
4079 4079 version = 0
4080 4080 if self.history:
4081 4081 version = self.history[-1].version
4082 4082 return version
4083 4083
4084 4084 def get_index_version(self, versions):
4085 4085 return self.get_index_from_version(
4086 4086 self.pull_request_version_id, versions)
4087 4087
4088 4088 @property
4089 4089 def review_status(self):
4090 4090 if self.status_change:
4091 4091 return self.status_change[0].status
4092 4092
4093 4093 @property
4094 4094 def review_status_lbl(self):
4095 4095 if self.status_change:
4096 4096 return self.status_change[0].status_lbl
4097 4097
4098 4098 def __repr__(self):
4099 4099 if self.comment_id:
4100 4100 return f'<DB:Comment #{self.comment_id}>'
4101 4101 else:
4102 4102 return f'<DB:Comment at {id(self)!r}>'
4103 4103
4104 4104 def get_api_data(self):
4105 4105 comment = self
4106 4106
4107 4107 data = {
4108 4108 'comment_id': comment.comment_id,
4109 4109 'comment_type': comment.comment_type,
4110 4110 'comment_text': comment.text,
4111 4111 'comment_status': comment.status_change,
4112 4112 'comment_f_path': comment.f_path,
4113 4113 'comment_lineno': comment.line_no,
4114 4114 'comment_author': comment.author,
4115 4115 'comment_created_on': comment.created_on,
4116 4116 'comment_resolved_by': self.resolved,
4117 4117 'comment_commit_id': comment.revision,
4118 4118 'comment_pull_request_id': comment.pull_request_id,
4119 4119 'comment_last_version': self.last_version
4120 4120 }
4121 4121 return data
4122 4122
4123 4123 def __json__(self):
4124 4124 data = dict()
4125 4125 data.update(self.get_api_data())
4126 4126 return data
4127 4127
4128 4128
4129 4129 class ChangesetCommentHistory(Base, BaseModel):
4130 4130 __tablename__ = 'changeset_comments_history'
4131 4131 __table_args__ = (
4132 4132 Index('cch_comment_id_idx', 'comment_id'),
4133 4133 base_table_args,
4134 4134 )
4135 4135
4136 4136 comment_history_id = Column('comment_history_id', Integer(), nullable=False, primary_key=True)
4137 4137 comment_id = Column('comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=False)
4138 4138 version = Column("version", Integer(), nullable=False, default=0)
4139 4139 created_by_user_id = Column('created_by_user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
4140 4140 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
4141 4141 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4142 4142 deleted = Column('deleted', Boolean(), default=False)
4143 4143
4144 4144 author = relationship('User', lazy='joined')
4145 4145 comment = relationship('ChangesetComment', cascade="all, delete", back_populates="history")
4146 4146
4147 4147 @classmethod
4148 4148 def get_version(cls, comment_id):
4149 4149 q = Session().query(ChangesetCommentHistory).filter(
4150 4150 ChangesetCommentHistory.comment_id == comment_id).order_by(ChangesetCommentHistory.version.desc())
4151 4151 if q.count() == 0:
4152 4152 return 1
4153 4153 elif q.count() >= q[0].version:
4154 4154 return q.count() + 1
4155 4155 else:
4156 4156 return q[0].version + 1
4157 4157
4158 4158
4159 4159 class ChangesetStatus(Base, BaseModel):
4160 4160 __tablename__ = 'changeset_statuses'
4161 4161 __table_args__ = (
4162 4162 Index('cs_revision_idx', 'revision'),
4163 4163 Index('cs_version_idx', 'version'),
4164 4164 UniqueConstraint('repo_id', 'revision', 'version'),
4165 4165 base_table_args
4166 4166 )
4167 4167
4168 4168 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
4169 4169 STATUS_APPROVED = 'approved'
4170 4170 STATUS_REJECTED = 'rejected'
4171 4171 STATUS_UNDER_REVIEW = 'under_review'
4172 4172
4173 4173 STATUSES = [
4174 4174 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
4175 4175 (STATUS_APPROVED, _("Approved")),
4176 4176 (STATUS_REJECTED, _("Rejected")),
4177 4177 (STATUS_UNDER_REVIEW, _("Under Review")),
4178 4178 ]
4179 4179
4180 4180 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
4181 4181 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
4182 4182 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
4183 4183 revision = Column('revision', String(40), nullable=False)
4184 4184 status = Column('status', String(128), nullable=False, default=DEFAULT)
4185 4185 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
4186 4186 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
4187 4187 version = Column('version', Integer(), nullable=False, default=0)
4188 4188 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
4189 4189
4190 4190 author = relationship('User', lazy='select')
4191 4191 repo = relationship('Repository', lazy='select')
4192 4192 comment = relationship('ChangesetComment', lazy='select', back_populates='status_change')
4193 4193 pull_request = relationship('PullRequest', lazy='select', back_populates='statuses')
4194 4194
4195 4195 def __repr__(self):
4196 4196 return f"<{self.cls_name}('{self.status}[v{self.version}]:{self.author}')>"
4197 4197
4198 4198 @classmethod
4199 4199 def get_status_lbl(cls, value):
4200 4200 return dict(cls.STATUSES).get(value)
4201 4201
4202 4202 @property
4203 4203 def status_lbl(self):
4204 4204 return ChangesetStatus.get_status_lbl(self.status)
4205 4205
4206 4206 def get_api_data(self):
4207 4207 status = self
4208 4208 data = {
4209 4209 'status_id': status.changeset_status_id,
4210 4210 'status': status.status,
4211 4211 }
4212 4212 return data
4213 4213
4214 4214 def __json__(self):
4215 4215 data = dict()
4216 4216 data.update(self.get_api_data())
4217 4217 return data
4218 4218
4219 4219
4220 4220 class _SetState(object):
4221 4221 """
4222 4222 Context processor allowing changing state for sensitive operation such as
4223 4223 pull request update or merge
4224 4224 """
4225 4225
4226 4226 def __init__(self, pull_request, pr_state, back_state=None):
4227 4227 self._pr = pull_request
4228 4228 self._org_state = back_state or pull_request.pull_request_state
4229 4229 self._pr_state = pr_state
4230 4230 self._current_state = None
4231 4231
4232 4232 def __enter__(self):
4233 4233 log.debug('StateLock: entering set state context of pr %s, setting state to: `%s`',
4234 4234 self._pr, self._pr_state)
4235 4235 self.set_pr_state(self._pr_state)
4236 4236 return self
4237 4237
4238 4238 def __exit__(self, exc_type, exc_val, exc_tb):
4239 4239 if exc_val is not None or exc_type is not None:
4240 4240 log.error(traceback.format_tb(exc_tb))
4241 4241 return None
4242 4242
4243 4243 self.set_pr_state(self._org_state)
4244 4244 log.debug('StateLock: exiting set state context of pr %s, setting state to: `%s`',
4245 4245 self._pr, self._org_state)
4246 4246
4247 4247 @property
4248 4248 def state(self):
4249 4249 return self._current_state
4250 4250
4251 4251 def set_pr_state(self, pr_state):
4252 4252 try:
4253 4253 self._pr.pull_request_state = pr_state
4254 4254 Session().add(self._pr)
4255 4255 Session().commit()
4256 4256 self._current_state = pr_state
4257 4257 except Exception:
4258 4258 log.exception('Failed to set PullRequest %s state to %s', self._pr, pr_state)
4259 4259 raise
4260 4260
4261 4261
4262 4262 class _PullRequestBase(BaseModel):
4263 4263 """
4264 4264 Common attributes of pull request and version entries.
4265 4265 """
4266 4266
4267 4267 # .status values
4268 4268 STATUS_NEW = 'new'
4269 4269 STATUS_OPEN = 'open'
4270 4270 STATUS_CLOSED = 'closed'
4271 4271
4272 4272 # available states
4273 4273 STATE_CREATING = 'creating'
4274 4274 STATE_UPDATING = 'updating'
4275 4275 STATE_MERGING = 'merging'
4276 4276 STATE_CREATED = 'created'
4277 4277
4278 4278 title = Column('title', Unicode(255), nullable=True)
4279 4279 description = Column(
4280 4280 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
4281 4281 nullable=True)
4282 4282 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
4283 4283
4284 4284 # new/open/closed status of pull request (not approve/reject/etc)
4285 4285 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
4286 4286 created_on = Column(
4287 4287 'created_on', DateTime(timezone=False), nullable=False,
4288 4288 default=datetime.datetime.now)
4289 4289 updated_on = Column(
4290 4290 'updated_on', DateTime(timezone=False), nullable=False,
4291 4291 default=datetime.datetime.now)
4292 4292
4293 4293 pull_request_state = Column("pull_request_state", String(255), nullable=True)
4294 4294
4295 4295 @declared_attr
4296 4296 def user_id(cls):
4297 4297 return Column(
4298 4298 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
4299 4299 unique=None)
4300 4300
4301 4301 # 500 revisions max
4302 4302 _revisions = Column(
4303 4303 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
4304 4304
4305 4305 common_ancestor_id = Column('common_ancestor_id', Unicode(255), nullable=True)
4306 4306
4307 4307 @declared_attr
4308 4308 def source_repo_id(cls):
4309 4309 # TODO: dan: rename column to source_repo_id
4310 4310 return Column(
4311 4311 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
4312 4312 nullable=False)
4313 4313
4314 4314 @declared_attr
4315 4315 def pr_source(cls):
4316 4316 return relationship(
4317 4317 'Repository',
4318 4318 primaryjoin=f'{cls.__name__}.source_repo_id==Repository.repo_id',
4319 4319 overlaps="pull_requests_source"
4320 4320 )
4321 4321
4322 4322 _source_ref = Column('org_ref', Unicode(255), nullable=False)
4323 4323
4324 4324 @hybrid_property
4325 4325 def source_ref(self):
4326 4326 return self._source_ref
4327 4327
4328 4328 @source_ref.setter
4329 4329 def source_ref(self, val):
4330 4330 parts = (val or '').split(':')
4331 4331 if len(parts) != 3:
4332 4332 raise ValueError(
4333 4333 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
4334 4334 self._source_ref = safe_str(val)
4335 4335
4336 4336 _target_ref = Column('other_ref', Unicode(255), nullable=False)
4337 4337
4338 4338 @hybrid_property
4339 4339 def target_ref(self):
4340 4340 return self._target_ref
4341 4341
4342 4342 @target_ref.setter
4343 4343 def target_ref(self, val):
4344 4344 parts = (val or '').split(':')
4345 4345 if len(parts) != 3:
4346 4346 raise ValueError(
4347 4347 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
4348 4348 self._target_ref = safe_str(val)
4349 4349
4350 4350 @declared_attr
4351 4351 def target_repo_id(cls):
4352 4352 # TODO: dan: rename column to target_repo_id
4353 4353 return Column(
4354 4354 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
4355 4355 nullable=False)
4356 4356
4357 4357 @declared_attr
4358 4358 def pr_target(cls):
4359 4359 return relationship(
4360 4360 'Repository',
4361 4361 primaryjoin=f'{cls.__name__}.target_repo_id==Repository.repo_id',
4362 4362 overlaps="pull_requests_target"
4363 4363 )
4364 4364
4365 4365 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
4366 4366
4367 4367 # TODO: dan: rename column to last_merge_source_rev
4368 4368 _last_merge_source_rev = Column(
4369 4369 'last_merge_org_rev', String(40), nullable=True)
4370 4370 # TODO: dan: rename column to last_merge_target_rev
4371 4371 _last_merge_target_rev = Column(
4372 4372 'last_merge_other_rev', String(40), nullable=True)
4373 4373 _last_merge_status = Column('merge_status', Integer(), nullable=True)
4374 4374 last_merge_metadata = Column(
4375 4375 'last_merge_metadata', MutationObj.as_mutable(
4376 4376 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4377 4377
4378 4378 merge_rev = Column('merge_rev', String(40), nullable=True)
4379 4379
4380 4380 reviewer_data = Column(
4381 4381 'reviewer_data_json', MutationObj.as_mutable(
4382 4382 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4383 4383
4384 4384 @property
4385 4385 def reviewer_data_json(self):
4386 4386 return str_json(self.reviewer_data)
4387 4387
4388 4388 @property
4389 4389 def last_merge_metadata_parsed(self):
4390 4390 metadata = {}
4391 4391 if not self.last_merge_metadata:
4392 4392 return metadata
4393 4393
4394 4394 if hasattr(self.last_merge_metadata, 'de_coerce'):
4395 4395 for k, v in self.last_merge_metadata.de_coerce().items():
4396 4396 if k in ['target_ref', 'source_ref']:
4397 4397 metadata[k] = Reference(v['type'], v['name'], v['commit_id'])
4398 4398 else:
4399 4399 if hasattr(v, 'de_coerce'):
4400 4400 metadata[k] = v.de_coerce()
4401 4401 else:
4402 4402 metadata[k] = v
4403 4403 return metadata
4404 4404
4405 4405 @property
4406 4406 def work_in_progress(self):
4407 4407 """checks if pull request is work in progress by checking the title"""
4408 4408 title = self.title.upper()
4409 4409 if re.match(r'^(\[WIP\]\s*|WIP:\s*|WIP\s+)', title):
4410 4410 return True
4411 4411 return False
4412 4412
4413 4413 @property
4414 4414 def title_safe(self):
4415 4415 return self.title\
4416 4416 .replace('{', '{{')\
4417 4417 .replace('}', '}}')
4418 4418
4419 4419 @hybrid_property
4420 4420 def description_safe(self):
4421 4421 from rhodecode.lib import helpers as h
4422 4422 return h.escape(self.description)
4423 4423
4424 4424 @hybrid_property
4425 4425 def revisions(self):
4426 4426 return self._revisions.split(':') if self._revisions else []
4427 4427
4428 4428 @revisions.setter
4429 4429 def revisions(self, val):
4430 4430 self._revisions = ':'.join(val)
4431 4431
4432 4432 @hybrid_property
4433 4433 def last_merge_status(self):
4434 4434 return safe_int(self._last_merge_status)
4435 4435
4436 4436 @last_merge_status.setter
4437 4437 def last_merge_status(self, val):
4438 4438 self._last_merge_status = val
4439 4439
4440 4440 @declared_attr
4441 4441 def author(cls):
4442 4442 return relationship(
4443 4443 'User', lazy='joined',
4444 4444 #TODO, problem that is somehow :?
4445 4445 #back_populates='user_pull_requests'
4446 4446 )
4447 4447
4448 4448 @declared_attr
4449 4449 def source_repo(cls):
4450 4450 return relationship(
4451 4451 'Repository',
4452 4452 primaryjoin=f'{cls.__name__}.source_repo_id==Repository.repo_id',
4453 4453 overlaps="pr_source"
4454 4454 )
4455 4455
4456 4456 @property
4457 4457 def source_ref_parts(self):
4458 4458 return self.unicode_to_reference(self.source_ref)
4459 4459
4460 4460 @declared_attr
4461 4461 def target_repo(cls):
4462 4462 return relationship(
4463 4463 'Repository',
4464 4464 primaryjoin=f'{cls.__name__}.target_repo_id==Repository.repo_id',
4465 4465 overlaps="pr_target"
4466 4466 )
4467 4467
4468 4468 @property
4469 4469 def target_ref_parts(self):
4470 4470 return self.unicode_to_reference(self.target_ref)
4471 4471
4472 4472 @property
4473 4473 def shadow_merge_ref(self):
4474 4474 return self.unicode_to_reference(self._shadow_merge_ref)
4475 4475
4476 4476 @shadow_merge_ref.setter
4477 4477 def shadow_merge_ref(self, ref):
4478 4478 self._shadow_merge_ref = self.reference_to_unicode(ref)
4479 4479
4480 4480 @staticmethod
4481 4481 def unicode_to_reference(raw):
4482 4482 return unicode_to_reference(raw)
4483 4483
4484 4484 @staticmethod
4485 4485 def reference_to_unicode(ref):
4486 4486 return reference_to_unicode(ref)
4487 4487
4488 4488 def get_api_data(self, with_merge_state=True):
4489 4489 from rhodecode.model.pull_request import PullRequestModel
4490 4490
4491 4491 pull_request = self
4492 4492 if with_merge_state:
4493 4493 merge_response, merge_status, msg = \
4494 4494 PullRequestModel().merge_status(pull_request)
4495 4495 merge_state = {
4496 4496 'status': merge_status,
4497 4497 'message': safe_str(msg),
4498 4498 }
4499 4499 else:
4500 4500 merge_state = {'status': 'not_available',
4501 4501 'message': 'not_available'}
4502 4502
4503 4503 merge_data = {
4504 4504 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
4505 4505 'reference': (
4506 4506 pull_request.shadow_merge_ref.asdict()
4507 4507 if pull_request.shadow_merge_ref else None),
4508 4508 }
4509 4509
4510 4510 data = {
4511 4511 'pull_request_id': pull_request.pull_request_id,
4512 4512 'url': PullRequestModel().get_url(pull_request),
4513 4513 'title': pull_request.title,
4514 4514 'description': pull_request.description,
4515 4515 'status': pull_request.status,
4516 4516 'state': pull_request.pull_request_state,
4517 4517 'created_on': pull_request.created_on,
4518 4518 'updated_on': pull_request.updated_on,
4519 4519 'commit_ids': pull_request.revisions,
4520 4520 'review_status': pull_request.calculated_review_status(),
4521 4521 'mergeable': merge_state,
4522 4522 'source': {
4523 4523 'clone_url': pull_request.source_repo.clone_url(),
4524 4524 'repository': pull_request.source_repo.repo_name,
4525 4525 'reference': {
4526 4526 'name': pull_request.source_ref_parts.name,
4527 4527 'type': pull_request.source_ref_parts.type,
4528 4528 'commit_id': pull_request.source_ref_parts.commit_id,
4529 4529 },
4530 4530 },
4531 4531 'target': {
4532 4532 'clone_url': pull_request.target_repo.clone_url(),
4533 4533 'repository': pull_request.target_repo.repo_name,
4534 4534 'reference': {
4535 4535 'name': pull_request.target_ref_parts.name,
4536 4536 'type': pull_request.target_ref_parts.type,
4537 4537 'commit_id': pull_request.target_ref_parts.commit_id,
4538 4538 },
4539 4539 },
4540 4540 'merge': merge_data,
4541 4541 'author': pull_request.author.get_api_data(include_secrets=False,
4542 4542 details='basic'),
4543 4543 'reviewers': [
4544 4544 {
4545 4545 'user': reviewer.get_api_data(include_secrets=False,
4546 4546 details='basic'),
4547 4547 'reasons': reasons,
4548 4548 'review_status': st[0][1].status if st else 'not_reviewed',
4549 4549 }
4550 4550 for obj, reviewer, reasons, mandatory, st in
4551 4551 pull_request.reviewers_statuses()
4552 4552 ]
4553 4553 }
4554 4554
4555 4555 return data
4556 4556
4557 4557 def set_state(self, pull_request_state, final_state=None):
4558 4558 """
4559 4559 # goes from initial state to updating to initial state.
4560 4560 # initial state can be changed by specifying back_state=
4561 4561 with pull_request_obj.set_state(PullRequest.STATE_UPDATING):
4562 4562 pull_request.merge()
4563 4563
4564 4564 :param pull_request_state:
4565 4565 :param final_state:
4566 4566
4567 4567 """
4568 4568
4569 4569 return _SetState(self, pull_request_state, back_state=final_state)
4570 4570
4571 4571
4572 4572 class PullRequest(Base, _PullRequestBase):
4573 4573 __tablename__ = 'pull_requests'
4574 4574 __table_args__ = (
4575 4575 base_table_args,
4576 4576 )
4577 4577 LATEST_VER = 'latest'
4578 4578
4579 4579 pull_request_id = Column(
4580 4580 'pull_request_id', Integer(), nullable=False, primary_key=True)
4581 4581
4582 4582 def __repr__(self):
4583 4583 if self.pull_request_id:
4584 4584 return f'<DB:PullRequest #{self.pull_request_id}>'
4585 4585 else:
4586 4586 return f'<DB:PullRequest at {id(self)!r}>'
4587 4587
4588 4588 def __str__(self):
4589 4589 if self.pull_request_id:
4590 4590 return f'#{self.pull_request_id}'
4591 4591 else:
4592 4592 return f'#{id(self)!r}'
4593 4593
4594 4594 reviewers = relationship('PullRequestReviewers', cascade="all, delete-orphan", back_populates='pull_request')
4595 4595 statuses = relationship('ChangesetStatus', cascade="all, delete-orphan", back_populates='pull_request')
4596 4596 comments = relationship('ChangesetComment', cascade="all, delete-orphan", back_populates='pull_request')
4597 4597 versions = relationship('PullRequestVersion', cascade="all, delete-orphan", lazy='dynamic', back_populates='pull_request')
4598 4598
4599 4599 @classmethod
4600 4600 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
4601 4601 internal_methods=None):
4602 4602
4603 4603 class PullRequestDisplay(object):
4604 4604 """
4605 4605 Special object wrapper for showing PullRequest data via Versions
4606 4606 It mimics PR object as close as possible. This is read only object
4607 4607 just for display
4608 4608 """
4609 4609
4610 4610 def __init__(self, attrs, internal=None):
4611 4611 self.attrs = attrs
4612 4612 # internal have priority over the given ones via attrs
4613 4613 self.internal = internal or ['versions']
4614 4614
4615 4615 def __getattr__(self, item):
4616 4616 if item in self.internal:
4617 4617 return getattr(self, item)
4618 4618 try:
4619 4619 return self.attrs[item]
4620 4620 except KeyError:
4621 4621 raise AttributeError(
4622 4622 '%s object has no attribute %s' % (self, item))
4623 4623
4624 4624 def __repr__(self):
4625 4625 pr_id = self.attrs.get('pull_request_id')
4626 4626 return f'<DB:PullRequestDisplay #{pr_id}>'
4627 4627
4628 4628 def versions(self):
4629 4629 return pull_request_obj.versions.order_by(
4630 4630 PullRequestVersion.pull_request_version_id).all()
4631 4631
4632 4632 def is_closed(self):
4633 4633 return pull_request_obj.is_closed()
4634 4634
4635 4635 def is_state_changing(self):
4636 4636 return pull_request_obj.is_state_changing()
4637 4637
4638 4638 @property
4639 4639 def pull_request_version_id(self):
4640 4640 return getattr(pull_request_obj, 'pull_request_version_id', None)
4641 4641
4642 4642 @property
4643 4643 def pull_request_last_version(self):
4644 4644 return pull_request_obj.pull_request_last_version
4645 4645
4646 4646 attrs = StrictAttributeDict(pull_request_obj.get_api_data(with_merge_state=False))
4647 4647
4648 4648 attrs.author = StrictAttributeDict(
4649 4649 pull_request_obj.author.get_api_data())
4650 4650 if pull_request_obj.target_repo:
4651 4651 attrs.target_repo = StrictAttributeDict(
4652 4652 pull_request_obj.target_repo.get_api_data())
4653 4653 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
4654 4654
4655 4655 if pull_request_obj.source_repo:
4656 4656 attrs.source_repo = StrictAttributeDict(
4657 4657 pull_request_obj.source_repo.get_api_data())
4658 4658 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
4659 4659
4660 4660 attrs.source_ref_parts = pull_request_obj.source_ref_parts
4661 4661 attrs.target_ref_parts = pull_request_obj.target_ref_parts
4662 4662 attrs.revisions = pull_request_obj.revisions
4663 4663 attrs.common_ancestor_id = pull_request_obj.common_ancestor_id
4664 4664 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
4665 4665 attrs.reviewer_data = org_pull_request_obj.reviewer_data
4666 4666 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
4667 4667
4668 4668 return PullRequestDisplay(attrs, internal=internal_methods)
4669 4669
4670 4670 def is_closed(self):
4671 4671 return self.status == self.STATUS_CLOSED
4672 4672
4673 4673 def is_state_changing(self):
4674 4674 return self.pull_request_state != PullRequest.STATE_CREATED
4675 4675
4676 4676 def __json__(self):
4677 4677 return {
4678 4678 'revisions': self.revisions,
4679 4679 'versions': self.versions_count
4680 4680 }
4681 4681
4682 4682 def calculated_review_status(self):
4683 4683 from rhodecode.model.changeset_status import ChangesetStatusModel
4684 4684 return ChangesetStatusModel().calculated_review_status(self)
4685 4685
4686 4686 def reviewers_statuses(self, user=None):
4687 4687 from rhodecode.model.changeset_status import ChangesetStatusModel
4688 4688 return ChangesetStatusModel().reviewers_statuses(self, user=user)
4689 4689
4690 4690 def get_pull_request_reviewers(self, role=None):
4691 4691 qry = PullRequestReviewers.query()\
4692 4692 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)
4693 4693 if role:
4694 4694 qry = qry.filter(PullRequestReviewers.role == role)
4695 4695
4696 4696 return qry.all()
4697 4697
4698 4698 @property
4699 4699 def reviewers_count(self):
4700 4700 qry = PullRequestReviewers.query()\
4701 4701 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4702 4702 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_REVIEWER)
4703 4703 return qry.count()
4704 4704
4705 4705 @property
4706 4706 def observers_count(self):
4707 4707 qry = PullRequestReviewers.query()\
4708 4708 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4709 4709 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_OBSERVER)
4710 4710 return qry.count()
4711 4711
4712 4712 def observers(self):
4713 4713 qry = PullRequestReviewers.query()\
4714 4714 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4715 4715 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_OBSERVER)\
4716 4716 .all()
4717 4717
4718 4718 for entry in qry:
4719 4719 yield entry, entry.user
4720 4720
4721 4721 @property
4722 4722 def workspace_id(self):
4723 4723 from rhodecode.model.pull_request import PullRequestModel
4724 4724 return PullRequestModel()._workspace_id(self)
4725 4725
4726 4726 def get_shadow_repo(self):
4727 4727 workspace_id = self.workspace_id
4728 4728 shadow_repository_path = self.target_repo.get_shadow_repository_path(workspace_id)
4729 4729 if os.path.isdir(shadow_repository_path):
4730 4730 vcs_obj = self.target_repo.scm_instance()
4731 4731 return vcs_obj.get_shadow_instance(shadow_repository_path)
4732 4732
4733 4733 @property
4734 4734 def versions_count(self):
4735 4735 """
4736 4736 return number of versions this PR have, e.g a PR that once been
4737 4737 updated will have 2 versions
4738 4738 """
4739 4739 return self.versions.count() + 1
4740 4740
4741 4741 @property
4742 4742 def pull_request_last_version(self):
4743 4743 return self.versions_count
4744 4744
4745 4745
4746 4746 class PullRequestVersion(Base, _PullRequestBase):
4747 4747 __tablename__ = 'pull_request_versions'
4748 4748 __table_args__ = (
4749 4749 base_table_args,
4750 4750 )
4751 4751
4752 4752 pull_request_version_id = Column('pull_request_version_id', Integer(), nullable=False, primary_key=True)
4753 4753 pull_request_id = Column('pull_request_id', Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=False)
4754 4754 pull_request = relationship('PullRequest', back_populates='versions')
4755 4755
4756 4756 def __repr__(self):
4757 4757 if self.pull_request_version_id:
4758 4758 return f'<DB:PullRequestVersion #{self.pull_request_version_id}>'
4759 4759 else:
4760 4760 return f'<DB:PullRequestVersion at {id(self)!r}>'
4761 4761
4762 4762 @property
4763 4763 def reviewers(self):
4764 4764 return self.pull_request.reviewers
4765 4765
4766 4766 @property
4767 4767 def versions(self):
4768 4768 return self.pull_request.versions
4769 4769
4770 4770 def is_closed(self):
4771 4771 # calculate from original
4772 4772 return self.pull_request.status == self.STATUS_CLOSED
4773 4773
4774 4774 def is_state_changing(self):
4775 4775 return self.pull_request.pull_request_state != PullRequest.STATE_CREATED
4776 4776
4777 4777 def calculated_review_status(self):
4778 4778 return self.pull_request.calculated_review_status()
4779 4779
4780 4780 def reviewers_statuses(self):
4781 4781 return self.pull_request.reviewers_statuses()
4782 4782
4783 4783 def observers(self):
4784 4784 return self.pull_request.observers()
4785 4785
4786 4786
4787 4787 class PullRequestReviewers(Base, BaseModel):
4788 4788 __tablename__ = 'pull_request_reviewers'
4789 4789 __table_args__ = (
4790 4790 base_table_args,
4791 4791 )
4792 4792 ROLE_REVIEWER = 'reviewer'
4793 4793 ROLE_OBSERVER = 'observer'
4794 4794 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
4795 4795
4796 4796 @hybrid_property
4797 4797 def reasons(self):
4798 4798 if not self._reasons:
4799 4799 return []
4800 4800 return self._reasons
4801 4801
4802 4802 @reasons.setter
4803 4803 def reasons(self, val):
4804 4804 val = val or []
4805 4805 if any(not isinstance(x, str) for x in val):
4806 4806 raise Exception('invalid reasons type, must be list of strings')
4807 4807 self._reasons = val
4808 4808
4809 4809 pull_requests_reviewers_id = Column(
4810 4810 'pull_requests_reviewers_id', Integer(), nullable=False,
4811 4811 primary_key=True)
4812 4812 pull_request_id = Column(
4813 4813 "pull_request_id", Integer(),
4814 4814 ForeignKey('pull_requests.pull_request_id'), nullable=False)
4815 4815 user_id = Column(
4816 4816 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
4817 4817 _reasons = Column(
4818 4818 'reason', MutationList.as_mutable(
4819 4819 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
4820 4820
4821 4821 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4822 4822 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
4823 4823
4824 4824 user = relationship('User')
4825 4825 pull_request = relationship('PullRequest', back_populates='reviewers')
4826 4826
4827 4827 rule_data = Column(
4828 4828 'rule_data_json',
4829 4829 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
4830 4830
4831 4831 def rule_user_group_data(self):
4832 4832 """
4833 4833 Returns the voting user group rule data for this reviewer
4834 4834 """
4835 4835
4836 4836 if self.rule_data and 'vote_rule' in self.rule_data:
4837 4837 user_group_data = {}
4838 4838 if 'rule_user_group_entry_id' in self.rule_data:
4839 4839 # means a group with voting rules !
4840 4840 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
4841 4841 user_group_data['name'] = self.rule_data['rule_name']
4842 4842 user_group_data['vote_rule'] = self.rule_data['vote_rule']
4843 4843
4844 4844 return user_group_data
4845 4845
4846 4846 @classmethod
4847 4847 def get_pull_request_reviewers(cls, pull_request_id, role=None):
4848 4848 qry = PullRequestReviewers.query()\
4849 4849 .filter(PullRequestReviewers.pull_request_id == pull_request_id)
4850 4850 if role:
4851 4851 qry = qry.filter(PullRequestReviewers.role == role)
4852 4852
4853 4853 return qry.all()
4854 4854
4855 4855 def __repr__(self):
4856 4856 return f"<{self.cls_name}('id:{self.pull_requests_reviewers_id}')>"
4857 4857
4858 4858
4859 4859 class Notification(Base, BaseModel):
4860 4860 __tablename__ = 'notifications'
4861 4861 __table_args__ = (
4862 4862 Index('notification_type_idx', 'type'),
4863 4863 base_table_args,
4864 4864 )
4865 4865
4866 4866 TYPE_CHANGESET_COMMENT = 'cs_comment'
4867 4867 TYPE_MESSAGE = 'message'
4868 4868 TYPE_MENTION = 'mention'
4869 4869 TYPE_REGISTRATION = 'registration'
4870 4870 TYPE_PULL_REQUEST = 'pull_request'
4871 4871 TYPE_PULL_REQUEST_COMMENT = 'pull_request_comment'
4872 4872 TYPE_PULL_REQUEST_UPDATE = 'pull_request_update'
4873 4873
4874 4874 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
4875 4875 subject = Column('subject', Unicode(512), nullable=True)
4876 4876 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4877 4877 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
4878 4878 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4879 4879 type_ = Column('type', Unicode(255))
4880 4880
4881 4881 created_by_user = relationship('User', back_populates='user_created_notifications')
4882 4882 notifications_to_users = relationship('UserNotification', lazy='joined', cascade="all, delete-orphan", back_populates='notification')
4883 4883
4884 4884 @property
4885 4885 def recipients(self):
4886 4886 return [x.user for x in UserNotification.query()\
4887 4887 .filter(UserNotification.notification == self)\
4888 4888 .order_by(UserNotification.user_id.asc()).all()]
4889 4889
4890 4890 @classmethod
4891 4891 def create(cls, created_by, subject, body, recipients, type_=None):
4892 4892 if type_ is None:
4893 4893 type_ = Notification.TYPE_MESSAGE
4894 4894
4895 4895 notification = cls()
4896 4896 notification.created_by_user = created_by
4897 4897 notification.subject = subject
4898 4898 notification.body = body
4899 4899 notification.type_ = type_
4900 4900 notification.created_on = datetime.datetime.now()
4901 4901
4902 4902 # For each recipient link the created notification to his account
4903 4903 for u in recipients:
4904 4904 assoc = UserNotification()
4905 4905 assoc.user_id = u.user_id
4906 4906 assoc.notification = notification
4907 4907
4908 4908 # if created_by is inside recipients mark his notification
4909 4909 # as read
4910 4910 if u.user_id == created_by.user_id:
4911 4911 assoc.read = True
4912 4912 Session().add(assoc)
4913 4913
4914 4914 Session().add(notification)
4915 4915
4916 4916 return notification
4917 4917
4918 4918
4919 4919 class UserNotification(Base, BaseModel):
4920 4920 __tablename__ = 'user_to_notification'
4921 4921 __table_args__ = (
4922 4922 UniqueConstraint('user_id', 'notification_id'),
4923 4923 base_table_args
4924 4924 )
4925 4925
4926 4926 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4927 4927 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
4928 4928 read = Column('read', Boolean, default=False)
4929 4929 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
4930 4930
4931 4931 user = relationship('User', lazy="joined", back_populates='notifications')
4932 4932 notification = relationship('Notification', lazy="joined", order_by=lambda: Notification.created_on.desc(), back_populates='notifications_to_users')
4933 4933
4934 4934 def mark_as_read(self):
4935 4935 self.read = True
4936 4936 Session().add(self)
4937 4937
4938 4938
4939 4939 class UserNotice(Base, BaseModel):
4940 4940 __tablename__ = 'user_notices'
4941 4941 __table_args__ = (
4942 4942 base_table_args
4943 4943 )
4944 4944
4945 4945 NOTIFICATION_TYPE_MESSAGE = 'message'
4946 4946 NOTIFICATION_TYPE_NOTICE = 'notice'
4947 4947
4948 4948 NOTIFICATION_LEVEL_INFO = 'info'
4949 4949 NOTIFICATION_LEVEL_WARNING = 'warning'
4950 4950 NOTIFICATION_LEVEL_ERROR = 'error'
4951 4951
4952 4952 user_notice_id = Column('gist_id', Integer(), primary_key=True)
4953 4953
4954 4954 notice_subject = Column('notice_subject', Unicode(512), nullable=True)
4955 4955 notice_body = Column('notice_body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4956 4956
4957 4957 notice_read = Column('notice_read', Boolean, default=False)
4958 4958
4959 4959 notification_level = Column('notification_level', String(1024), default=NOTIFICATION_LEVEL_INFO)
4960 4960 notification_type = Column('notification_type', String(1024), default=NOTIFICATION_TYPE_NOTICE)
4961 4961
4962 4962 notice_created_by = Column('notice_created_by', Integer(), ForeignKey('users.user_id'), nullable=True)
4963 4963 notice_created_on = Column('notice_created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4964 4964
4965 4965 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'))
4966 4966 user = relationship('User', lazy="joined", primaryjoin='User.user_id==UserNotice.user_id')
4967 4967
4968 4968 @classmethod
4969 4969 def create_for_user(cls, user, subject, body, notice_level=NOTIFICATION_LEVEL_INFO, allow_duplicate=False):
4970 4970
4971 4971 if notice_level not in [cls.NOTIFICATION_LEVEL_ERROR,
4972 4972 cls.NOTIFICATION_LEVEL_WARNING,
4973 4973 cls.NOTIFICATION_LEVEL_INFO]:
4974 4974 return
4975 4975
4976 4976 from rhodecode.model.user import UserModel
4977 4977 user = UserModel().get_user(user)
4978 4978
4979 4979 new_notice = UserNotice()
4980 4980 if not allow_duplicate:
4981 4981 existing_msg = UserNotice().query() \
4982 4982 .filter(UserNotice.user == user) \
4983 4983 .filter(UserNotice.notice_body == body) \
4984 4984 .filter(UserNotice.notice_read == false()) \
4985 4985 .scalar()
4986 4986 if existing_msg:
4987 4987 log.warning('Ignoring duplicate notice for user %s', user)
4988 4988 return
4989 4989
4990 4990 new_notice.user = user
4991 4991 new_notice.notice_subject = subject
4992 4992 new_notice.notice_body = body
4993 4993 new_notice.notification_level = notice_level
4994 4994 Session().add(new_notice)
4995 4995 Session().commit()
4996 4996
4997 4997
4998 4998 class Gist(Base, BaseModel):
4999 4999 __tablename__ = 'gists'
5000 5000 __table_args__ = (
5001 5001 Index('g_gist_access_id_idx', 'gist_access_id'),
5002 5002 Index('g_created_on_idx', 'created_on'),
5003 5003 base_table_args
5004 5004 )
5005 5005
5006 5006 GIST_PUBLIC = 'public'
5007 5007 GIST_PRIVATE = 'private'
5008 5008 DEFAULT_FILENAME = 'gistfile1.txt'
5009 5009
5010 5010 ACL_LEVEL_PUBLIC = 'acl_public'
5011 5011 ACL_LEVEL_PRIVATE = 'acl_private'
5012 5012
5013 5013 gist_id = Column('gist_id', Integer(), primary_key=True)
5014 5014 gist_access_id = Column('gist_access_id', Unicode(250))
5015 5015 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
5016 5016 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
5017 5017 gist_expires = Column('gist_expires', Float(53), nullable=False)
5018 5018 gist_type = Column('gist_type', Unicode(128), nullable=False)
5019 5019 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5020 5020 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5021 5021 acl_level = Column('acl_level', Unicode(128), nullable=True)
5022 5022
5023 5023 owner = relationship('User', back_populates='user_gists')
5024 5024
5025 5025 def __repr__(self):
5026 5026 return f'<Gist:[{self.gist_type}]{self.gist_access_id}>'
5027 5027
5028 5028 @hybrid_property
5029 5029 def description_safe(self):
5030 5030 from rhodecode.lib import helpers as h
5031 5031 return h.escape(self.gist_description)
5032 5032
5033 5033 @classmethod
5034 5034 def get_or_404(cls, id_):
5035 5035 from pyramid.httpexceptions import HTTPNotFound
5036 5036
5037 5037 res = cls.query().filter(cls.gist_access_id == id_).scalar()
5038 5038 if not res:
5039 5039 log.debug('WARN: No DB entry with id %s', id_)
5040 5040 raise HTTPNotFound()
5041 5041 return res
5042 5042
5043 5043 @classmethod
5044 5044 def get_by_access_id(cls, gist_access_id):
5045 5045 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
5046 5046
5047 5047 def gist_url(self):
5048 5048 from rhodecode.model.gist import GistModel
5049 5049 return GistModel().get_url(self)
5050 5050
5051 5051 @classmethod
5052 5052 def base_path(cls):
5053 5053 """
5054 5054 Returns base path when all gists are stored
5055 5055
5056 5056 :param cls:
5057 5057 """
5058 5058 from rhodecode.model.gist import GIST_STORE_LOC
5059 5059 from rhodecode.lib.utils import get_rhodecode_repo_store_path
5060 5060 repo_store_path = get_rhodecode_repo_store_path()
5061 5061 return os.path.join(repo_store_path, GIST_STORE_LOC)
5062 5062
5063 5063 def get_api_data(self):
5064 5064 """
5065 5065 Common function for generating gist related data for API
5066 5066 """
5067 5067 gist = self
5068 5068 data = {
5069 5069 'gist_id': gist.gist_id,
5070 5070 'type': gist.gist_type,
5071 5071 'access_id': gist.gist_access_id,
5072 5072 'description': gist.gist_description,
5073 5073 'url': gist.gist_url(),
5074 5074 'expires': gist.gist_expires,
5075 5075 'created_on': gist.created_on,
5076 5076 'modified_at': gist.modified_at,
5077 5077 'content': None,
5078 5078 'acl_level': gist.acl_level,
5079 5079 }
5080 5080 return data
5081 5081
5082 5082 def __json__(self):
5083 5083 data = dict()
5084 5084 data.update(self.get_api_data())
5085 5085 return data
5086 5086 # SCM functions
5087 5087
5088 5088 def scm_instance(self, **kwargs):
5089 5089 """
5090 5090 Get an instance of VCS Repository
5091 5091
5092 5092 :param kwargs:
5093 5093 """
5094 5094 from rhodecode.model.gist import GistModel
5095 5095 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
5096 5096 return get_vcs_instance(
5097 5097 repo_path=safe_str(full_repo_path), create=False,
5098 5098 _vcs_alias=GistModel.vcs_backend)
5099 5099
5100 5100
5101 5101 class ExternalIdentity(Base, BaseModel):
5102 5102 __tablename__ = 'external_identities'
5103 5103 __table_args__ = (
5104 5104 Index('local_user_id_idx', 'local_user_id'),
5105 5105 Index('external_id_idx', 'external_id'),
5106 5106 base_table_args
5107 5107 )
5108 5108
5109 5109 external_id = Column('external_id', Unicode(255), default='', primary_key=True)
5110 5110 external_username = Column('external_username', Unicode(1024), default='')
5111 5111 local_user_id = Column('local_user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
5112 5112 provider_name = Column('provider_name', Unicode(255), default='', primary_key=True)
5113 5113 access_token = Column('access_token', String(1024), default='')
5114 5114 alt_token = Column('alt_token', String(1024), default='')
5115 5115 token_secret = Column('token_secret', String(1024), default='')
5116 5116
5117 5117 @classmethod
5118 5118 def by_external_id_and_provider(cls, external_id, provider_name, local_user_id=None):
5119 5119 """
5120 5120 Returns ExternalIdentity instance based on search params
5121 5121
5122 5122 :param external_id:
5123 5123 :param provider_name:
5124 5124 :return: ExternalIdentity
5125 5125 """
5126 5126 query = cls.query()
5127 5127 query = query.filter(cls.external_id == external_id)
5128 5128 query = query.filter(cls.provider_name == provider_name)
5129 5129 if local_user_id:
5130 5130 query = query.filter(cls.local_user_id == local_user_id)
5131 5131 return query.first()
5132 5132
5133 5133 @classmethod
5134 5134 def user_by_external_id_and_provider(cls, external_id, provider_name):
5135 5135 """
5136 5136 Returns User instance based on search params
5137 5137
5138 5138 :param external_id:
5139 5139 :param provider_name:
5140 5140 :return: User
5141 5141 """
5142 5142 query = User.query()
5143 5143 query = query.filter(cls.external_id == external_id)
5144 5144 query = query.filter(cls.provider_name == provider_name)
5145 5145 query = query.filter(User.user_id == cls.local_user_id)
5146 5146 return query.first()
5147 5147
5148 5148 @classmethod
5149 5149 def by_local_user_id(cls, local_user_id):
5150 5150 """
5151 5151 Returns all tokens for user
5152 5152
5153 5153 :param local_user_id:
5154 5154 :return: ExternalIdentity
5155 5155 """
5156 5156 query = cls.query()
5157 5157 query = query.filter(cls.local_user_id == local_user_id)
5158 5158 return query
5159 5159
5160 5160 @classmethod
5161 5161 def load_provider_plugin(cls, plugin_id):
5162 5162 from rhodecode.authentication.base import loadplugin
5163 5163 _plugin_id = 'egg:rhodecode-enterprise-ee#{}'.format(plugin_id)
5164 5164 auth_plugin = loadplugin(_plugin_id)
5165 5165 return auth_plugin
5166 5166
5167 5167
5168 5168 class Integration(Base, BaseModel):
5169 5169 __tablename__ = 'integrations'
5170 5170 __table_args__ = (
5171 5171 base_table_args
5172 5172 )
5173 5173
5174 5174 integration_id = Column('integration_id', Integer(), primary_key=True)
5175 5175 integration_type = Column('integration_type', String(255))
5176 5176 enabled = Column('enabled', Boolean(), nullable=False)
5177 5177 name = Column('name', String(255), nullable=False)
5178 5178 child_repos_only = Column('child_repos_only', Boolean(), nullable=False, default=False)
5179 5179
5180 5180 settings = Column(
5181 5181 'settings_json', MutationObj.as_mutable(
5182 5182 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
5183 5183 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
5184 5184 repo = relationship('Repository', lazy='joined', back_populates='integrations')
5185 5185
5186 5186 repo_group_id = Column('repo_group_id', Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
5187 5187 repo_group = relationship('RepoGroup', lazy='joined', back_populates='integrations')
5188 5188
5189 5189 @property
5190 5190 def scope(self):
5191 5191 if self.repo:
5192 5192 return repr(self.repo)
5193 5193 if self.repo_group:
5194 5194 if self.child_repos_only:
5195 5195 return repr(self.repo_group) + ' (child repos only)'
5196 5196 else:
5197 5197 return repr(self.repo_group) + ' (recursive)'
5198 5198 if self.child_repos_only:
5199 5199 return 'root_repos'
5200 5200 return 'global'
5201 5201
5202 5202 def __repr__(self):
5203 5203 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
5204 5204
5205 5205
5206 5206 class RepoReviewRuleUser(Base, BaseModel):
5207 5207 __tablename__ = 'repo_review_rules_users'
5208 5208 __table_args__ = (
5209 5209 base_table_args
5210 5210 )
5211 5211 ROLE_REVIEWER = 'reviewer'
5212 5212 ROLE_OBSERVER = 'observer'
5213 5213 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
5214 5214
5215 5215 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
5216 5216 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
5217 5217 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
5218 5218 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
5219 5219 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
5220 5220 user = relationship('User', back_populates='user_review_rules')
5221 5221
5222 5222 def rule_data(self):
5223 5223 return {
5224 5224 'mandatory': self.mandatory,
5225 5225 'role': self.role,
5226 5226 }
5227 5227
5228 5228
5229 5229 class RepoReviewRuleUserGroup(Base, BaseModel):
5230 5230 __tablename__ = 'repo_review_rules_users_groups'
5231 5231 __table_args__ = (
5232 5232 base_table_args
5233 5233 )
5234 5234
5235 5235 VOTE_RULE_ALL = -1
5236 5236 ROLE_REVIEWER = 'reviewer'
5237 5237 ROLE_OBSERVER = 'observer'
5238 5238 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
5239 5239
5240 5240 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
5241 5241 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
5242 5242 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False)
5243 5243 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
5244 5244 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
5245 5245 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
5246 5246 users_group = relationship('UserGroup')
5247 5247
5248 5248 def rule_data(self):
5249 5249 return {
5250 5250 'mandatory': self.mandatory,
5251 5251 'role': self.role,
5252 5252 'vote_rule': self.vote_rule
5253 5253 }
5254 5254
5255 5255 @property
5256 5256 def vote_rule_label(self):
5257 5257 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
5258 5258 return 'all must vote'
5259 5259 else:
5260 5260 return 'min. vote {}'.format(self.vote_rule)
5261 5261
5262 5262
5263 5263 class RepoReviewRule(Base, BaseModel):
5264 5264 __tablename__ = 'repo_review_rules'
5265 5265 __table_args__ = (
5266 5266 base_table_args
5267 5267 )
5268 5268
5269 5269 repo_review_rule_id = Column(
5270 5270 'repo_review_rule_id', Integer(), primary_key=True)
5271 5271 repo_id = Column(
5272 5272 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
5273 5273 repo = relationship('Repository', back_populates='review_rules')
5274 5274
5275 5275 review_rule_name = Column('review_rule_name', String(255))
5276 5276 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5277 5277 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5278 5278 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5279 5279
5280 5280 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
5281 5281
5282 5282 # Legacy fields, just for backward compat
5283 5283 _forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
5284 5284 _forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
5285 5285
5286 5286 pr_author = Column("pr_author", UnicodeText().with_variant(UnicodeText(255), 'mysql'), nullable=True)
5287 5287 commit_author = Column("commit_author", UnicodeText().with_variant(UnicodeText(255), 'mysql'), nullable=True)
5288 5288
5289 5289 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
5290 5290
5291 5291 rule_users = relationship('RepoReviewRuleUser')
5292 5292 rule_user_groups = relationship('RepoReviewRuleUserGroup')
5293 5293
5294 5294 def _validate_pattern(self, value):
5295 5295 re.compile('^' + glob2re(value) + '$')
5296 5296
5297 5297 @hybrid_property
5298 5298 def source_branch_pattern(self):
5299 5299 return self._branch_pattern or '*'
5300 5300
5301 5301 @source_branch_pattern.setter
5302 5302 def source_branch_pattern(self, value):
5303 5303 self._validate_pattern(value)
5304 5304 self._branch_pattern = value or '*'
5305 5305
5306 5306 @hybrid_property
5307 5307 def target_branch_pattern(self):
5308 5308 return self._target_branch_pattern or '*'
5309 5309
5310 5310 @target_branch_pattern.setter
5311 5311 def target_branch_pattern(self, value):
5312 5312 self._validate_pattern(value)
5313 5313 self._target_branch_pattern = value or '*'
5314 5314
5315 5315 @hybrid_property
5316 5316 def file_pattern(self):
5317 5317 return self._file_pattern or '*'
5318 5318
5319 5319 @file_pattern.setter
5320 5320 def file_pattern(self, value):
5321 5321 self._validate_pattern(value)
5322 5322 self._file_pattern = value or '*'
5323 5323
5324 5324 @hybrid_property
5325 5325 def forbid_pr_author_to_review(self):
5326 5326 return self.pr_author == 'forbid_pr_author'
5327 5327
5328 5328 @hybrid_property
5329 5329 def include_pr_author_to_review(self):
5330 5330 return self.pr_author == 'include_pr_author'
5331 5331
5332 5332 @hybrid_property
5333 5333 def forbid_commit_author_to_review(self):
5334 5334 return self.commit_author == 'forbid_commit_author'
5335 5335
5336 5336 @hybrid_property
5337 5337 def include_commit_author_to_review(self):
5338 5338 return self.commit_author == 'include_commit_author'
5339 5339
5340 5340 def matches(self, source_branch, target_branch, files_changed):
5341 5341 """
5342 5342 Check if this review rule matches a branch/files in a pull request
5343 5343
5344 5344 :param source_branch: source branch name for the commit
5345 5345 :param target_branch: target branch name for the commit
5346 5346 :param files_changed: list of file paths changed in the pull request
5347 5347 """
5348 5348
5349 5349 source_branch = source_branch or ''
5350 5350 target_branch = target_branch or ''
5351 5351 files_changed = files_changed or []
5352 5352
5353 5353 branch_matches = True
5354 5354 if source_branch or target_branch:
5355 5355 if self.source_branch_pattern == '*':
5356 5356 source_branch_match = True
5357 5357 else:
5358 5358 if self.source_branch_pattern.startswith('re:'):
5359 5359 source_pattern = self.source_branch_pattern[3:]
5360 5360 else:
5361 5361 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
5362 5362 source_branch_regex = re.compile(source_pattern)
5363 5363 source_branch_match = bool(source_branch_regex.search(source_branch))
5364 5364 if self.target_branch_pattern == '*':
5365 5365 target_branch_match = True
5366 5366 else:
5367 5367 if self.target_branch_pattern.startswith('re:'):
5368 5368 target_pattern = self.target_branch_pattern[3:]
5369 5369 else:
5370 5370 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
5371 5371 target_branch_regex = re.compile(target_pattern)
5372 5372 target_branch_match = bool(target_branch_regex.search(target_branch))
5373 5373
5374 5374 branch_matches = source_branch_match and target_branch_match
5375 5375
5376 5376 files_matches = True
5377 5377 if self.file_pattern != '*':
5378 5378 files_matches = False
5379 5379 if self.file_pattern.startswith('re:'):
5380 5380 file_pattern = self.file_pattern[3:]
5381 5381 else:
5382 5382 file_pattern = glob2re(self.file_pattern)
5383 5383 file_regex = re.compile(file_pattern)
5384 5384 for file_data in files_changed:
5385 5385 filename = file_data.get('filename')
5386 5386
5387 5387 if file_regex.search(filename):
5388 5388 files_matches = True
5389 5389 break
5390 5390
5391 5391 return branch_matches and files_matches
5392 5392
5393 5393 @property
5394 5394 def review_users(self):
5395 5395 """ Returns the users which this rule applies to """
5396 5396
5397 5397 users = collections.OrderedDict()
5398 5398
5399 5399 for rule_user in self.rule_users:
5400 5400 if rule_user.user.active:
5401 5401 if rule_user.user not in users:
5402 5402 users[rule_user.user.username] = {
5403 5403 'user': rule_user.user,
5404 5404 'source': 'user',
5405 5405 'source_data': {},
5406 5406 'data': rule_user.rule_data()
5407 5407 }
5408 5408
5409 5409 for rule_user_group in self.rule_user_groups:
5410 5410 source_data = {
5411 5411 'user_group_id': rule_user_group.users_group.users_group_id,
5412 5412 'name': rule_user_group.users_group.users_group_name,
5413 5413 'members': len(rule_user_group.users_group.members)
5414 5414 }
5415 5415 for member in rule_user_group.users_group.members:
5416 5416 if member.user.active:
5417 5417 key = member.user.username
5418 5418 if key in users:
5419 5419 # skip this member as we have him already
5420 5420 # this prevents from override the "first" matched
5421 5421 # users with duplicates in multiple groups
5422 5422 continue
5423 5423
5424 5424 users[key] = {
5425 5425 'user': member.user,
5426 5426 'source': 'user_group',
5427 5427 'source_data': source_data,
5428 5428 'data': rule_user_group.rule_data()
5429 5429 }
5430 5430
5431 5431 return users
5432 5432
5433 5433 def user_group_vote_rule(self, user_id):
5434 5434
5435 5435 rules = []
5436 5436 if not self.rule_user_groups:
5437 5437 return rules
5438 5438
5439 5439 for user_group in self.rule_user_groups:
5440 5440 user_group_members = [x.user_id for x in user_group.users_group.members]
5441 5441 if user_id in user_group_members:
5442 5442 rules.append(user_group)
5443 5443 return rules
5444 5444
5445 5445 def __repr__(self):
5446 5446 return f'<RepoReviewerRule(id={self.repo_review_rule_id}, repo={self.repo!r})>'
5447 5447
5448 5448
5449 5449 class ScheduleEntry(Base, BaseModel):
5450 5450 __tablename__ = 'schedule_entries'
5451 5451 __table_args__ = (
5452 5452 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
5453 5453 UniqueConstraint('task_uid', name='s_task_uid_idx'),
5454 5454 base_table_args,
5455 5455 )
5456 5456 SCHEDULE_TYPE_INTEGER = "integer"
5457 5457 SCHEDULE_TYPE_CRONTAB = "crontab"
5458 5458
5459 5459 schedule_types = [SCHEDULE_TYPE_CRONTAB, SCHEDULE_TYPE_INTEGER]
5460 5460 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
5461 5461
5462 5462 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
5463 5463 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
5464 5464 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
5465 5465
5466 5466 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
5467 5467 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
5468 5468
5469 5469 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
5470 5470 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
5471 5471
5472 5472 # task
5473 5473 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
5474 5474 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
5475 5475 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
5476 5476 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
5477 5477
5478 5478 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5479 5479 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
5480 5480
5481 5481 @hybrid_property
5482 5482 def schedule_type(self):
5483 5483 return self._schedule_type
5484 5484
5485 5485 @schedule_type.setter
5486 5486 def schedule_type(self, val):
5487 5487 if val not in self.schedule_types:
5488 raise ValueError('Value must be on of `{}` and got `{}`'.format(
5489 val, self.schedule_type))
5488 raise ValueError(f'Value must be on of `{val}` and got `{self.schedule_type}`')
5490 5489
5491 5490 self._schedule_type = val
5492 5491
5493 5492 @classmethod
5494 5493 def get_uid(cls, obj):
5495 5494 args = obj.task_args
5496 5495 kwargs = obj.task_kwargs
5496
5497 5497 if isinstance(args, JsonRaw):
5498 5498 try:
5499 args = json.loads(args)
5499 args = json.loads(str(args))
5500 5500 except ValueError:
5501 log.exception('json.loads of args failed...')
5501 5502 args = tuple()
5502 5503
5503 5504 if isinstance(kwargs, JsonRaw):
5504 5505 try:
5505 kwargs = json.loads(kwargs)
5506 kwargs = json.loads(str(kwargs))
5506 5507 except ValueError:
5508 log.exception('json.loads of kwargs failed...')
5507 5509 kwargs = dict()
5508 5510
5509 5511 dot_notation = obj.task_dot_notation
5510 val = '.'.join(map(safe_str, [
5511 sorted(dot_notation), args, sorted(kwargs.items())]))
5512 val = '.'.join(map(safe_str, [dot_notation, args, sorted(kwargs.items())]))
5513 log.debug('calculating task uid using id:`%s`', val)
5514
5512 5515 return sha1(safe_bytes(val))
5513 5516
5514 5517 @classmethod
5515 5518 def get_by_schedule_name(cls, schedule_name):
5516 5519 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
5517 5520
5518 5521 @classmethod
5519 5522 def get_by_schedule_id(cls, schedule_id):
5520 5523 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
5521 5524
5525 @classmethod
5526 def get_by_task_uid(cls, task_uid):
5527 return cls.query().filter(cls.task_uid == task_uid).scalar()
5528
5522 5529 @property
5523 5530 def task(self):
5524 5531 return self.task_dot_notation
5525 5532
5526 5533 @property
5527 5534 def schedule(self):
5528 5535 from rhodecode.lib.celerylib.utils import raw_2_schedule
5529 5536 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
5530 5537 return schedule
5531 5538
5532 5539 @property
5533 5540 def args(self):
5534 5541 try:
5535 5542 return list(self.task_args or [])
5536 5543 except ValueError:
5537 5544 return list()
5538 5545
5539 5546 @property
5540 5547 def kwargs(self):
5541 5548 try:
5542 5549 return dict(self.task_kwargs or {})
5543 5550 except ValueError:
5544 5551 return dict()
5545 5552
5546 5553 def _as_raw(self, val, indent=False):
5547 5554 if hasattr(val, 'de_coerce'):
5548 5555 val = val.de_coerce()
5549 5556 if val:
5550 5557 if indent:
5551 5558 val = ext_json.formatted_str_json(val)
5552 5559 else:
5553 5560 val = ext_json.str_json(val)
5554 5561
5555 5562 return val
5556 5563
5557 5564 @property
5558 5565 def schedule_definition_raw(self):
5559 5566 return self._as_raw(self.schedule_definition)
5560 5567
5561 5568 def args_raw(self, indent=False):
5562 5569 return self._as_raw(self.task_args, indent)
5563 5570
5564 5571 def kwargs_raw(self, indent=False):
5565 5572 return self._as_raw(self.task_kwargs, indent)
5566 5573
5567 5574 def __repr__(self):
5568 5575 return f'<DB:ScheduleEntry({self.schedule_entry_id}:{self.schedule_name})>'
5569 5576
5570 5577
5571 5578 @event.listens_for(ScheduleEntry, 'before_update')
5572 5579 def update_task_uid(mapper, connection, target):
5573 5580 target.task_uid = ScheduleEntry.get_uid(target)
5574 5581
5575 5582
5576 5583 @event.listens_for(ScheduleEntry, 'before_insert')
5577 5584 def set_task_uid(mapper, connection, target):
5578 5585 target.task_uid = ScheduleEntry.get_uid(target)
5579 5586
5580 5587
5581 5588 class _BaseBranchPerms(BaseModel):
5582 5589 @classmethod
5583 5590 def compute_hash(cls, value):
5584 5591 return sha1_safe(value)
5585 5592
5586 5593 @hybrid_property
5587 5594 def branch_pattern(self):
5588 5595 return self._branch_pattern or '*'
5589 5596
5590 5597 @hybrid_property
5591 5598 def branch_hash(self):
5592 5599 return self._branch_hash
5593 5600
5594 5601 def _validate_glob(self, value):
5595 5602 re.compile('^' + glob2re(value) + '$')
5596 5603
5597 5604 @branch_pattern.setter
5598 5605 def branch_pattern(self, value):
5599 5606 self._validate_glob(value)
5600 5607 self._branch_pattern = value or '*'
5601 5608 # set the Hash when setting the branch pattern
5602 5609 self._branch_hash = self.compute_hash(self._branch_pattern)
5603 5610
5604 5611 def matches(self, branch):
5605 5612 """
5606 5613 Check if this the branch matches entry
5607 5614
5608 5615 :param branch: branch name for the commit
5609 5616 """
5610 5617
5611 5618 branch = branch or ''
5612 5619
5613 5620 branch_matches = True
5614 5621 if branch:
5615 5622 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
5616 5623 branch_matches = bool(branch_regex.search(branch))
5617 5624
5618 5625 return branch_matches
5619 5626
5620 5627
5621 5628 class UserToRepoBranchPermission(Base, _BaseBranchPerms):
5622 5629 __tablename__ = 'user_to_repo_branch_permissions'
5623 5630 __table_args__ = (
5624 5631 base_table_args
5625 5632 )
5626 5633
5627 5634 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5628 5635
5629 5636 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5630 5637 repo = relationship('Repository', back_populates='user_branch_perms')
5631 5638
5632 5639 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5633 5640 permission = relationship('Permission')
5634 5641
5635 5642 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
5636 5643 user_repo_to_perm = relationship('UserRepoToPerm', back_populates='branch_perm_entry')
5637 5644
5638 5645 rule_order = Column('rule_order', Integer(), nullable=False)
5639 5646 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default='*') # glob
5640 5647 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5641 5648
5642 5649 def __repr__(self):
5643 5650 return f'<UserBranchPermission({self.user_repo_to_perm} => {self.branch_pattern!r})>'
5644 5651
5645 5652
5646 5653 class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
5647 5654 __tablename__ = 'user_group_to_repo_branch_permissions'
5648 5655 __table_args__ = (
5649 5656 base_table_args
5650 5657 )
5651 5658
5652 5659 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5653 5660
5654 5661 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5655 5662 repo = relationship('Repository', back_populates='user_group_branch_perms')
5656 5663
5657 5664 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5658 5665 permission = relationship('Permission')
5659 5666
5660 5667 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
5661 5668 user_group_repo_to_perm = relationship('UserGroupRepoToPerm', back_populates='user_group_branch_perms')
5662 5669
5663 5670 rule_order = Column('rule_order', Integer(), nullable=False)
5664 5671 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default='*') # glob
5665 5672 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5666 5673
5667 5674 def __repr__(self):
5668 5675 return f'<UserBranchPermission({self.user_group_repo_to_perm} => {self.branch_pattern!r})>'
5669 5676
5670 5677
5671 5678 class UserBookmark(Base, BaseModel):
5672 5679 __tablename__ = 'user_bookmarks'
5673 5680 __table_args__ = (
5674 5681 UniqueConstraint('user_id', 'bookmark_repo_id'),
5675 5682 UniqueConstraint('user_id', 'bookmark_repo_group_id'),
5676 5683 UniqueConstraint('user_id', 'bookmark_position'),
5677 5684 base_table_args
5678 5685 )
5679 5686
5680 5687 user_bookmark_id = Column("user_bookmark_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
5681 5688 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
5682 5689 position = Column("bookmark_position", Integer(), nullable=False)
5683 5690 title = Column("bookmark_title", String(255), nullable=True, unique=None, default=None)
5684 5691 redirect_url = Column("bookmark_redirect_url", String(10240), nullable=True, unique=None, default=None)
5685 5692 created_on = Column("created_on", DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5686 5693
5687 5694 bookmark_repo_id = Column("bookmark_repo_id", Integer(), ForeignKey("repositories.repo_id"), nullable=True, unique=None, default=None)
5688 5695 bookmark_repo_group_id = Column("bookmark_repo_group_id", Integer(), ForeignKey("groups.group_id"), nullable=True, unique=None, default=None)
5689 5696
5690 5697 user = relationship("User")
5691 5698
5692 5699 repository = relationship("Repository")
5693 5700 repository_group = relationship("RepoGroup")
5694 5701
5695 5702 @classmethod
5696 5703 def get_by_position_for_user(cls, position, user_id):
5697 5704 return cls.query() \
5698 5705 .filter(UserBookmark.user_id == user_id) \
5699 5706 .filter(UserBookmark.position == position).scalar()
5700 5707
5701 5708 @classmethod
5702 5709 def get_bookmarks_for_user(cls, user_id, cache=True):
5703 5710 bookmarks = select(
5704 5711 UserBookmark.title,
5705 5712 UserBookmark.position,
5706 5713 ) \
5707 5714 .add_columns(Repository.repo_id, Repository.repo_type, Repository.repo_name) \
5708 5715 .add_columns(RepoGroup.group_id, RepoGroup.group_name) \
5709 5716 .where(UserBookmark.user_id == user_id) \
5710 5717 .outerjoin(Repository, Repository.repo_id == UserBookmark.bookmark_repo_id) \
5711 5718 .outerjoin(RepoGroup, RepoGroup.group_id == UserBookmark.bookmark_repo_group_id) \
5712 5719 .order_by(UserBookmark.position.asc())
5713 5720
5714 5721 if cache:
5715 5722 bookmarks = bookmarks.options(
5716 5723 FromCache("sql_cache_short", f"get_user_{user_id}_bookmarks")
5717 5724 )
5718 5725
5719 5726 return Session().execute(bookmarks).all()
5720 5727
5721 5728 def __repr__(self):
5722 5729 return f'<UserBookmark({self.position} @ {self.redirect_url!r})>'
5723 5730
5724 5731
5725 5732 class FileStore(Base, BaseModel):
5726 5733 __tablename__ = 'file_store'
5727 5734 __table_args__ = (
5728 5735 base_table_args
5729 5736 )
5730 5737
5731 5738 file_store_id = Column('file_store_id', Integer(), primary_key=True)
5732 5739 file_uid = Column('file_uid', String(1024), nullable=False)
5733 5740 file_display_name = Column('file_display_name', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), nullable=True)
5734 5741 file_description = Column('file_description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=True)
5735 5742 file_org_name = Column('file_org_name', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=False)
5736 5743
5737 5744 # sha256 hash
5738 5745 file_hash = Column('file_hash', String(512), nullable=False)
5739 5746 file_size = Column('file_size', BigInteger(), nullable=False)
5740 5747
5741 5748 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5742 5749 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True)
5743 5750 accessed_count = Column('accessed_count', Integer(), default=0)
5744 5751
5745 5752 enabled = Column('enabled', Boolean(), nullable=False, default=True)
5746 5753
5747 5754 # if repo/repo_group reference is set, check for permissions
5748 5755 check_acl = Column('check_acl', Boolean(), nullable=False, default=True)
5749 5756
5750 5757 # hidden defines an attachment that should be hidden from showing in artifact listing
5751 5758 hidden = Column('hidden', Boolean(), nullable=False, default=False)
5752 5759
5753 5760 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
5754 5761 upload_user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.user_id', back_populates='artifacts')
5755 5762
5756 5763 file_metadata = relationship('FileStoreMetadata', lazy='joined')
5757 5764
5758 5765 # scope limited to user, which requester have access to
5759 5766 scope_user_id = Column(
5760 5767 'scope_user_id', Integer(), ForeignKey('users.user_id'),
5761 5768 nullable=True, unique=None, default=None)
5762 5769 user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.scope_user_id', back_populates='scope_artifacts')
5763 5770
5764 5771 # scope limited to user group, which requester have access to
5765 5772 scope_user_group_id = Column(
5766 5773 'scope_user_group_id', Integer(), ForeignKey('users_groups.users_group_id'),
5767 5774 nullable=True, unique=None, default=None)
5768 5775 user_group = relationship('UserGroup', lazy='joined')
5769 5776
5770 5777 # scope limited to repo, which requester have access to
5771 5778 scope_repo_id = Column(
5772 5779 'scope_repo_id', Integer(), ForeignKey('repositories.repo_id'),
5773 5780 nullable=True, unique=None, default=None)
5774 5781 repo = relationship('Repository', lazy='joined')
5775 5782
5776 5783 # scope limited to repo group, which requester have access to
5777 5784 scope_repo_group_id = Column(
5778 5785 'scope_repo_group_id', Integer(), ForeignKey('groups.group_id'),
5779 5786 nullable=True, unique=None, default=None)
5780 5787 repo_group = relationship('RepoGroup', lazy='joined')
5781 5788
5782 5789 @classmethod
5783 5790 def get_scope(cls, scope_type, scope_id):
5784 5791 if scope_type == 'repo':
5785 5792 return f'repo:{scope_id}'
5786 5793 elif scope_type == 'repo-group':
5787 5794 return f'repo-group:{scope_id}'
5788 5795 elif scope_type == 'user':
5789 5796 return f'user:{scope_id}'
5790 5797 elif scope_type == 'user-group':
5791 5798 return f'user-group:{scope_id}'
5792 5799 else:
5793 5800 return scope_type
5794 5801
5795 5802 @classmethod
5796 5803 def get_by_store_uid(cls, file_store_uid, safe=False):
5797 5804 if safe:
5798 5805 return FileStore.query().filter(FileStore.file_uid == file_store_uid).first()
5799 5806 else:
5800 5807 return FileStore.query().filter(FileStore.file_uid == file_store_uid).scalar()
5801 5808
5802 5809 @classmethod
5803 5810 def create(cls, file_uid, filename, file_hash, file_size, file_display_name='',
5804 5811 file_description='', enabled=True, hidden=False, check_acl=True,
5805 5812 user_id=None, scope_user_id=None, scope_repo_id=None, scope_repo_group_id=None):
5806 5813
5807 5814 store_entry = FileStore()
5808 5815 store_entry.file_uid = file_uid
5809 5816 store_entry.file_display_name = file_display_name
5810 5817 store_entry.file_org_name = filename
5811 5818 store_entry.file_size = file_size
5812 5819 store_entry.file_hash = file_hash
5813 5820 store_entry.file_description = file_description
5814 5821
5815 5822 store_entry.check_acl = check_acl
5816 5823 store_entry.enabled = enabled
5817 5824 store_entry.hidden = hidden
5818 5825
5819 5826 store_entry.user_id = user_id
5820 5827 store_entry.scope_user_id = scope_user_id
5821 5828 store_entry.scope_repo_id = scope_repo_id
5822 5829 store_entry.scope_repo_group_id = scope_repo_group_id
5823 5830
5824 5831 return store_entry
5825 5832
5826 5833 @classmethod
5827 5834 def store_metadata(cls, file_store_id, args, commit=True):
5828 5835 file_store = FileStore.get(file_store_id)
5829 5836 if file_store is None:
5830 5837 return
5831 5838
5832 5839 for section, key, value, value_type in args:
5833 5840 has_key = FileStoreMetadata().query() \
5834 5841 .filter(FileStoreMetadata.file_store_id == file_store.file_store_id) \
5835 5842 .filter(FileStoreMetadata.file_store_meta_section == section) \
5836 5843 .filter(FileStoreMetadata.file_store_meta_key == key) \
5837 5844 .scalar()
5838 5845 if has_key:
5839 5846 msg = 'key `{}` already defined under section `{}` for this file.'\
5840 5847 .format(key, section)
5841 5848 raise ArtifactMetadataDuplicate(msg, err_section=section, err_key=key)
5842 5849
5843 5850 # NOTE(marcink): raises ArtifactMetadataBadValueType
5844 5851 FileStoreMetadata.valid_value_type(value_type)
5845 5852
5846 5853 meta_entry = FileStoreMetadata()
5847 5854 meta_entry.file_store = file_store
5848 5855 meta_entry.file_store_meta_section = section
5849 5856 meta_entry.file_store_meta_key = key
5850 5857 meta_entry.file_store_meta_value_type = value_type
5851 5858 meta_entry.file_store_meta_value = value
5852 5859
5853 5860 Session().add(meta_entry)
5854 5861
5855 5862 try:
5856 5863 if commit:
5857 5864 Session().commit()
5858 5865 except IntegrityError:
5859 5866 Session().rollback()
5860 5867 raise ArtifactMetadataDuplicate('Duplicate section/key found for this file.')
5861 5868
5862 5869 @classmethod
5863 5870 def bump_access_counter(cls, file_uid, commit=True):
5864 5871 FileStore().query()\
5865 5872 .filter(FileStore.file_uid == file_uid)\
5866 5873 .update({FileStore.accessed_count: (FileStore.accessed_count + 1),
5867 5874 FileStore.accessed_on: datetime.datetime.now()})
5868 5875 if commit:
5869 5876 Session().commit()
5870 5877
5871 5878 def __json__(self):
5872 5879 data = {
5873 5880 'filename': self.file_display_name,
5874 5881 'filename_org': self.file_org_name,
5875 5882 'file_uid': self.file_uid,
5876 5883 'description': self.file_description,
5877 5884 'hidden': self.hidden,
5878 5885 'size': self.file_size,
5879 5886 'created_on': self.created_on,
5880 5887 'uploaded_by': self.upload_user.get_api_data(details='basic'),
5881 5888 'downloaded_times': self.accessed_count,
5882 5889 'sha256': self.file_hash,
5883 5890 'metadata': self.file_metadata,
5884 5891 }
5885 5892
5886 5893 return data
5887 5894
5888 5895 def __repr__(self):
5889 5896 return f'<FileStore({self.file_store_id})>'
5890 5897
5891 5898
5892 5899 class FileStoreMetadata(Base, BaseModel):
5893 5900 __tablename__ = 'file_store_metadata'
5894 5901 __table_args__ = (
5895 5902 UniqueConstraint('file_store_id', 'file_store_meta_section_hash', 'file_store_meta_key_hash'),
5896 5903 Index('file_store_meta_section_idx', 'file_store_meta_section', mysql_length=255),
5897 5904 Index('file_store_meta_key_idx', 'file_store_meta_key', mysql_length=255),
5898 5905 base_table_args
5899 5906 )
5900 5907 SETTINGS_TYPES = {
5901 5908 'str': safe_str,
5902 5909 'int': safe_int,
5903 5910 'unicode': safe_str,
5904 5911 'bool': str2bool,
5905 5912 'list': functools.partial(aslist, sep=',')
5906 5913 }
5907 5914
5908 5915 file_store_meta_id = Column(
5909 5916 "file_store_meta_id", Integer(), nullable=False, unique=True, default=None,
5910 5917 primary_key=True)
5911 5918 _file_store_meta_section = Column(
5912 5919 "file_store_meta_section", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5913 5920 nullable=True, unique=None, default=None)
5914 5921 _file_store_meta_section_hash = Column(
5915 5922 "file_store_meta_section_hash", String(255),
5916 5923 nullable=True, unique=None, default=None)
5917 5924 _file_store_meta_key = Column(
5918 5925 "file_store_meta_key", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5919 5926 nullable=True, unique=None, default=None)
5920 5927 _file_store_meta_key_hash = Column(
5921 5928 "file_store_meta_key_hash", String(255), nullable=True, unique=None, default=None)
5922 5929 _file_store_meta_value = Column(
5923 5930 "file_store_meta_value", UnicodeText().with_variant(UnicodeText(20480), 'mysql'),
5924 5931 nullable=True, unique=None, default=None)
5925 5932 _file_store_meta_value_type = Column(
5926 5933 "file_store_meta_value_type", String(255), nullable=True, unique=None,
5927 5934 default='unicode')
5928 5935
5929 5936 file_store_id = Column(
5930 5937 'file_store_id', Integer(), ForeignKey('file_store.file_store_id'),
5931 5938 nullable=True, unique=None, default=None)
5932 5939
5933 5940 file_store = relationship('FileStore', lazy='joined', viewonly=True)
5934 5941
5935 5942 @classmethod
5936 5943 def valid_value_type(cls, value):
5937 5944 if value.split('.')[0] not in cls.SETTINGS_TYPES:
5938 5945 raise ArtifactMetadataBadValueType(
5939 5946 'value_type must be one of %s got %s' % (cls.SETTINGS_TYPES.keys(), value))
5940 5947
5941 5948 @hybrid_property
5942 5949 def file_store_meta_section(self):
5943 5950 return self._file_store_meta_section
5944 5951
5945 5952 @file_store_meta_section.setter
5946 5953 def file_store_meta_section(self, value):
5947 5954 self._file_store_meta_section = value
5948 5955 self._file_store_meta_section_hash = _hash_key(value)
5949 5956
5950 5957 @hybrid_property
5951 5958 def file_store_meta_key(self):
5952 5959 return self._file_store_meta_key
5953 5960
5954 5961 @file_store_meta_key.setter
5955 5962 def file_store_meta_key(self, value):
5956 5963 self._file_store_meta_key = value
5957 5964 self._file_store_meta_key_hash = _hash_key(value)
5958 5965
5959 5966 @hybrid_property
5960 5967 def file_store_meta_value(self):
5961 5968 val = self._file_store_meta_value
5962 5969
5963 5970 if self._file_store_meta_value_type:
5964 5971 # e.g unicode.encrypted == unicode
5965 5972 _type = self._file_store_meta_value_type.split('.')[0]
5966 5973 # decode the encrypted value if it's encrypted field type
5967 5974 if '.encrypted' in self._file_store_meta_value_type:
5968 5975 cipher = EncryptedTextValue()
5969 5976 val = safe_str(cipher.process_result_value(val, None))
5970 5977 # do final type conversion
5971 5978 converter = self.SETTINGS_TYPES.get(_type) or self.SETTINGS_TYPES['unicode']
5972 5979 val = converter(val)
5973 5980
5974 5981 return val
5975 5982
5976 5983 @file_store_meta_value.setter
5977 5984 def file_store_meta_value(self, val):
5978 5985 val = safe_str(val)
5979 5986 # encode the encrypted value
5980 5987 if '.encrypted' in self.file_store_meta_value_type:
5981 5988 cipher = EncryptedTextValue()
5982 5989 val = safe_str(cipher.process_bind_param(val, None))
5983 5990 self._file_store_meta_value = val
5984 5991
5985 5992 @hybrid_property
5986 5993 def file_store_meta_value_type(self):
5987 5994 return self._file_store_meta_value_type
5988 5995
5989 5996 @file_store_meta_value_type.setter
5990 5997 def file_store_meta_value_type(self, val):
5991 5998 # e.g unicode.encrypted
5992 5999 self.valid_value_type(val)
5993 6000 self._file_store_meta_value_type = val
5994 6001
5995 6002 def __json__(self):
5996 6003 data = {
5997 6004 'artifact': self.file_store.file_uid,
5998 6005 'section': self.file_store_meta_section,
5999 6006 'key': self.file_store_meta_key,
6000 6007 'value': self.file_store_meta_value,
6001 6008 }
6002 6009
6003 6010 return data
6004 6011
6005 6012 def __repr__(self):
6006 6013 return '<%s[%s]%s=>%s]>' % (self.cls_name, self.file_store_meta_section,
6007 6014 self.file_store_meta_key, self.file_store_meta_value)
6008 6015
6009 6016
6010 6017 class DbMigrateVersion(Base, BaseModel):
6011 6018 __tablename__ = 'db_migrate_version'
6012 6019 __table_args__ = (
6013 6020 base_table_args,
6014 6021 )
6015 6022
6016 6023 repository_id = Column('repository_id', String(250), primary_key=True)
6017 6024 repository_path = Column('repository_path', Text)
6018 6025 version = Column('version', Integer)
6019 6026
6020 6027 @classmethod
6021 6028 def set_version(cls, version):
6022 6029 """
6023 6030 Helper for forcing a different version, usually for debugging purposes via ishell.
6024 6031 """
6025 6032 ver = DbMigrateVersion.query().first()
6026 6033 ver.version = version
6027 6034 Session().commit()
6028 6035
6029 6036
6030 6037 class DbSession(Base, BaseModel):
6031 6038 __tablename__ = 'db_session'
6032 6039 __table_args__ = (
6033 6040 base_table_args,
6034 6041 )
6035 6042
6036 6043 def __repr__(self):
6037 6044 return f'<DB:DbSession({self.id})>'
6038 6045
6039 6046 id = Column('id', Integer())
6040 6047 namespace = Column('namespace', String(255), primary_key=True)
6041 6048 accessed = Column('accessed', DateTime, nullable=False)
6042 6049 created = Column('created', DateTime, nullable=False)
6043 6050 data = Column('data', PickleType, nullable=False)
General Comments 0
You need to be logged in to leave comments. Login now