rhodecode-enterprise-ce Commit - r1644:d43cef75

repo-creation: validate and forbid creating .git suffixed repository names....

marcink -

r1644:d43cef75 default

parent child

rhodecode/model/forms.py

0 +1 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             this is forms validation classes
             http://formencode.org/module-formencode.validators.html
             for list off all availible validators
             we can create our own validators
             The table below outlines the options which can be used in a schema in addition to the validators themselves
             pre_validators          []     These validators will be applied before the schema
             chained_validators      []     These validators will be applied after the schema
             allow_extra_fields      False     If True, then it is not an error when keys that aren't associated with a validator are present
             filter_extra_fields     False     If True, then keys that aren't associated with a validator are removed
             if_key_missing          NoDefault If this is given, then any keys that aren't available but are expected will be replaced with this value (and then validated). This does not override a present .if_missing attribute on validators. NoDefault is a special FormEncode class to mean that no default values has been specified and therefore missing keys shouldn't take a default value.
             ignore_key_missing      False     If True, then missing keys will be missing in the result, if the validator doesn't have .if_missing on it already
             <name> = formencode.validators.<name of validator>
             <name> must equal form name
             list=[1,2,3,4,5]
             for SELECT use formencode.All(OneOf(list), Int())
             """
             import deform
             import logging
             import formencode
             from pkg_resources import resource_filename
             from formencode import All, Pipe
             from pylons.i18n.translation import _
             from rhodecode import BACKENDS
             from rhodecode.lib import helpers
             from rhodecode.model import validators as v
             log = logging.getLogger(__name__)
             deform_templates = resource_filename('deform', 'templates')
             rhodecode_templates = resource_filename('rhodecode', 'templates/forms')
             search_path = (rhodecode_templates, deform_templates)
             class RhodecodeFormZPTRendererFactory(deform.ZPTRendererFactory):
                 """ Subclass of ZPTRendererFactory to add rhodecode context variables """
                 def __call__(self, template_name, **kw):
                     kw['h'] = helpers
                     return self.load(template_name)(**kw)
             form_renderer = RhodecodeFormZPTRendererFactory(search_path)
             deform.Form.set_default_renderer(form_renderer)
             def LoginForm():
                 class _LoginForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     username = v.UnicodeString(
                         strip=True,
                         min=1,
                         not_empty=True,
                         messages={
                             'empty': _(u'Please enter a login'),
                             'tooShort': _(u'Enter a value %(min)i characters long or more')
                         }
                     )
                     password = v.UnicodeString(
                         strip=False,
                         min=3,
                         not_empty=True,
                         messages={
                             'empty': _(u'Please enter a password'),
                             'tooShort': _(u'Enter %(min)i characters or more')}
                     )
                     remember = v.StringBoolean(if_missing=False)
                     chained_validators = [v.ValidAuth()]
                 return _LoginForm
             def UserForm(edit=False, available_languages=[], old_data={}):
                 class _UserForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     username = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                    v.ValidUsername(edit, old_data))
                     if edit:
                         new_password = All(
                             v.ValidPassword(),
                             v.UnicodeString(strip=False, min=6, not_empty=False)
                         )
                         password_confirmation = All(
                             v.ValidPassword(),
                             v.UnicodeString(strip=False, min=6, not_empty=False),
                         )
                         admin = v.StringBoolean(if_missing=False)
                     else:
                         password = All(
                             v.ValidPassword(),
                             v.UnicodeString(strip=False, min=6, not_empty=True)
                         )
                         password_confirmation = All(
                             v.ValidPassword(),
                             v.UnicodeString(strip=False, min=6, not_empty=False)
                         )
                     password_change = v.StringBoolean(if_missing=False)
                     create_repo_group = v.StringBoolean(if_missing=False)
                     active = v.StringBoolean(if_missing=False)
                     firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data))
                     extern_name = v.UnicodeString(strip=True)
                     extern_type = v.UnicodeString(strip=True)
                     language = v.OneOf(available_languages, hideList=False,
                                        testValueList=True, if_missing=None)
                     chained_validators = [v.ValidPasswordsMatch()]
                 return _UserForm
             def UserGroupForm(edit=False, old_data=None, allow_disabled=False):
                 old_data = old_data or {}
                 class _UserGroupForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     users_group_name = All(
                         v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.ValidUserGroup(edit, old_data)
                     )
                     user_group_description = v.UnicodeString(strip=True, min=1,
                                                              not_empty=False)
                     users_group_active = v.StringBoolean(if_missing=False)
                     if edit:
                         # this is user group owner
                         user = All(
                             v.UnicodeString(not_empty=True),
                             v.ValidRepoUser(allow_disabled))
                 return _UserGroupForm
             def RepoGroupForm(edit=False, old_data=None, available_groups=None,
                                can_create_in_root=False, allow_disabled=False):
                 old_data = old_data or {}
                 available_groups = available_groups or []
                 class _RepoGroupForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     group_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                      v.SlugifyName(),)
                     group_description = v.UnicodeString(strip=True, min=1,
                                                         not_empty=False)
                     group_copy_permissions = v.StringBoolean(if_missing=False)
                     group_parent_id = v.OneOf(available_groups, hideList=False,
                                               testValueList=True, not_empty=True)
                     enable_locking = v.StringBoolean(if_missing=False)
                     chained_validators = [
                         v.ValidRepoGroup(edit, old_data, can_create_in_root)]
                     if edit:
                         # this is repo group owner
                         user = All(
                             v.UnicodeString(not_empty=True),
                             v.ValidRepoUser(allow_disabled))
                 return _RepoGroupForm
             def RegisterForm(edit=False, old_data={}):
                 class _RegisterForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     username = All(
                         v.ValidUsername(edit, old_data),
                         v.UnicodeString(strip=True, min=1, not_empty=True)
                     )
                     password = All(
                         v.ValidPassword(),
                         v.UnicodeString(strip=False, min=6, not_empty=True)
                     )
                     password_confirmation = All(
                         v.ValidPassword(),
                         v.UnicodeString(strip=False, min=6, not_empty=True)
                     )
                     active = v.StringBoolean(if_missing=False)
                     firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data))
                     chained_validators = [v.ValidPasswordsMatch()]
                 return _RegisterForm
             def PasswordResetForm():
                 class _PasswordResetForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     email = All(v.ValidSystemEmail(), v.Email(not_empty=True))
                 return _PasswordResetForm
             def RepoForm(edit=False, old_data=None, repo_groups=None, landing_revs=None,
                          allow_disabled=False):
                 old_data = old_data or {}
                 repo_groups = repo_groups or []
                 landing_revs = landing_revs or []
                 supported_backends = BACKENDS.keys()
                 class _RepoForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
-                                    v.SlugifyName())
+                                    v.SlugifyName(), v.CannotHaveGitSuffix())
                     repo_group = All(v.CanWriteGroup(old_data),
                                      v.OneOf(repo_groups, hideList=True))
                     repo_type = v.OneOf(supported_backends, required=False,
                                         if_missing=old_data.get('repo_type'))
                     repo_description = v.UnicodeString(strip=True, min=1, not_empty=False)
                     repo_private = v.StringBoolean(if_missing=False)
                     repo_landing_rev = v.OneOf(landing_revs, hideList=True)
                     repo_copy_permissions = v.StringBoolean(if_missing=False)
                     clone_uri = All(v.UnicodeString(strip=True, min=1, not_empty=False))
                     repo_enable_statistics = v.StringBoolean(if_missing=False)
                     repo_enable_downloads = v.StringBoolean(if_missing=False)
                     repo_enable_locking = v.StringBoolean(if_missing=False)
                     if edit:
                         # this is repo owner
                         user = All(
                             v.UnicodeString(not_empty=True),
                             v.ValidRepoUser(allow_disabled))
                         clone_uri_change = v.UnicodeString(
                             not_empty=False, if_missing=v.Missing)
                     chained_validators = [v.ValidCloneUri(),
                                           v.ValidRepoName(edit, old_data)]
                 return _RepoForm
             def RepoPermsForm():
                 class _RepoPermsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     chained_validators = [v.ValidPerms(type_='repo')]
                 return _RepoPermsForm
             def RepoGroupPermsForm(valid_recursive_choices):
                 class _RepoGroupPermsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     recursive = v.OneOf(valid_recursive_choices)
                     chained_validators = [v.ValidPerms(type_='repo_group')]
                 return _RepoGroupPermsForm
             def UserGroupPermsForm():
                 class _UserPermsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     chained_validators = [v.ValidPerms(type_='user_group')]
                 return _UserPermsForm
             def RepoFieldForm():
                 class _RepoFieldForm(formencode.Schema):
                     filter_extra_fields = True
                     allow_extra_fields = True
                     new_field_key = All(v.FieldKey(),
                                         v.UnicodeString(strip=True, min=3, not_empty=True))
                     new_field_value = v.UnicodeString(not_empty=False, if_missing=u'')
                     new_field_type = v.OneOf(['str', 'unicode', 'list', 'tuple'],
                                              if_missing='str')
                     new_field_label = v.UnicodeString(not_empty=False)
                     new_field_desc = v.UnicodeString(not_empty=False)
                 return _RepoFieldForm
             def RepoForkForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
                              repo_groups=[], landing_revs=[]):
                 class _RepoForkForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                     v.SlugifyName())
                     repo_group = All(v.CanWriteGroup(),
                                      v.OneOf(repo_groups, hideList=True))
                     repo_type = All(v.ValidForkType(old_data), v.OneOf(supported_backends))
                     description = v.UnicodeString(strip=True, min=1, not_empty=True)
                     private = v.StringBoolean(if_missing=False)
                     copy_permissions = v.StringBoolean(if_missing=False)
                     fork_parent_id = v.UnicodeString()
                     chained_validators = [v.ValidForkName(edit, old_data)]
                     landing_rev = v.OneOf(landing_revs, hideList=True)
                 return _RepoForkForm
             def ApplicationSettingsForm():
                 class _ApplicationSettingsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     rhodecode_title = v.UnicodeString(strip=True, max=40, not_empty=False)
                     rhodecode_realm = v.UnicodeString(strip=True, min=1, not_empty=True)
                     rhodecode_pre_code = v.UnicodeString(strip=True, min=1, not_empty=False)
                     rhodecode_post_code = v.UnicodeString(strip=True, min=1, not_empty=False)
                     rhodecode_captcha_public_key = v.UnicodeString(strip=True, min=1, not_empty=False)
                     rhodecode_captcha_private_key = v.UnicodeString(strip=True, min=1, not_empty=False)
                     rhodecode_create_personal_repo_group = v.StringBoolean(if_missing=False)
                     rhodecode_personal_repo_group_pattern = v.UnicodeString(strip=True, min=1, not_empty=False)
                 return _ApplicationSettingsForm
             def ApplicationVisualisationForm():
                 class _ApplicationVisualisationForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     rhodecode_show_public_icon = v.StringBoolean(if_missing=False)
                     rhodecode_show_private_icon = v.StringBoolean(if_missing=False)
                     rhodecode_stylify_metatags = v.StringBoolean(if_missing=False)
                     rhodecode_repository_fields = v.StringBoolean(if_missing=False)
                     rhodecode_lightweight_journal = v.StringBoolean(if_missing=False)
                     rhodecode_dashboard_items = v.Int(min=5, not_empty=True)
                     rhodecode_admin_grid_items = v.Int(min=5, not_empty=True)
                     rhodecode_show_version = v.StringBoolean(if_missing=False)
                     rhodecode_use_gravatar = v.StringBoolean(if_missing=False)
                     rhodecode_markup_renderer = v.OneOf(['markdown', 'rst'])
                     rhodecode_gravatar_url = v.UnicodeString(min=3)
                     rhodecode_clone_uri_tmpl = v.UnicodeString(min=3)
                     rhodecode_support_url = v.UnicodeString()
                     rhodecode_show_revision_number = v.StringBoolean(if_missing=False)
                     rhodecode_show_sha_length = v.Int(min=4, not_empty=True)
                 return _ApplicationVisualisationForm
             class _BaseVcsSettingsForm(formencode.Schema):
                 allow_extra_fields = True
                 filter_extra_fields = False
                 hooks_changegroup_repo_size = v.StringBoolean(if_missing=False)
                 hooks_changegroup_push_logger = v.StringBoolean(if_missing=False)
                 hooks_outgoing_pull_logger = v.StringBoolean(if_missing=False)
                 # PR/Code-review
                 rhodecode_pr_merge_enabled = v.StringBoolean(if_missing=False)
                 rhodecode_use_outdated_comments = v.StringBoolean(if_missing=False)
                 # hg
                 extensions_largefiles = v.StringBoolean(if_missing=False)
                 phases_publish = v.StringBoolean(if_missing=False)
                 rhodecode_hg_use_rebase_for_merging = v.StringBoolean(if_missing=False)
                 # git
                 vcs_git_lfs_enabled = v.StringBoolean(if_missing=False)
                 # svn
                 vcs_svn_proxy_http_requests_enabled = v.StringBoolean(if_missing=False)
                 vcs_svn_proxy_http_server_url = v.UnicodeString(strip=True, if_missing=None)
             def ApplicationUiSettingsForm():
                 class _ApplicationUiSettingsForm(_BaseVcsSettingsForm):
                     web_push_ssl = v.StringBoolean(if_missing=False)
                     paths_root_path = All(
                         v.ValidPath(),
                         v.UnicodeString(strip=True, min=1, not_empty=True)
                     )
                     largefiles_usercache = All(
                         v.ValidPath(),
                         v.UnicodeString(strip=True, min=2, not_empty=True))
                     vcs_git_lfs_store_location = All(
                         v.ValidPath(),
                         v.UnicodeString(strip=True, min=2, not_empty=True))
                     extensions_hgsubversion = v.StringBoolean(if_missing=False)
                     extensions_hggit = v.StringBoolean(if_missing=False)
                     new_svn_branch = v.ValidSvnPattern(section='vcs_svn_branch')
                     new_svn_tag = v.ValidSvnPattern(section='vcs_svn_tag')
                 return _ApplicationUiSettingsForm
             def RepoVcsSettingsForm(repo_name):
                 class _RepoVcsSettingsForm(_BaseVcsSettingsForm):
                     inherit_global_settings = v.StringBoolean(if_missing=False)
                     new_svn_branch = v.ValidSvnPattern(
                         section='vcs_svn_branch', repo_name=repo_name)
                     new_svn_tag = v.ValidSvnPattern(
                         section='vcs_svn_tag', repo_name=repo_name)
                 return _RepoVcsSettingsForm
             def LabsSettingsForm():
                 class _LabSettingsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                 return _LabSettingsForm
             def ApplicationPermissionsForm(
                     register_choices, password_reset_choices, extern_activate_choices):
                 class _DefaultPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     anonymous = v.StringBoolean(if_missing=False)
                     default_register = v.OneOf(register_choices)
                     default_register_message = v.UnicodeString()
                     default_password_reset = v.OneOf(password_reset_choices)
                     default_extern_activate = v.OneOf(extern_activate_choices)
                 return _DefaultPermissionsForm
             def ObjectPermissionsForm(repo_perms_choices, group_perms_choices,
                                       user_group_perms_choices):
                 class _ObjectPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     overwrite_default_repo = v.StringBoolean(if_missing=False)
                     overwrite_default_group = v.StringBoolean(if_missing=False)
                     overwrite_default_user_group = v.StringBoolean(if_missing=False)
                     default_repo_perm = v.OneOf(repo_perms_choices)
                     default_group_perm = v.OneOf(group_perms_choices)
                     default_user_group_perm = v.OneOf(user_group_perms_choices)
                 return _ObjectPermissionsForm
             def UserPermissionsForm(create_choices, create_on_write_choices,
                                     repo_group_create_choices, user_group_create_choices,
                                     fork_choices, inherit_default_permissions_choices):
                 class _DefaultPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     anonymous = v.StringBoolean(if_missing=False)
                     default_repo_create = v.OneOf(create_choices)
                     default_repo_create_on_write = v.OneOf(create_on_write_choices)
                     default_user_group_create = v.OneOf(user_group_create_choices)
                     default_repo_group_create = v.OneOf(repo_group_create_choices)
                     default_fork_create = v.OneOf(fork_choices)
                     default_inherit_default_permissions = v.OneOf(inherit_default_permissions_choices)
                 return _DefaultPermissionsForm
             def UserIndividualPermissionsForm():
                 class _DefaultPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     inherit_default_permissions = v.StringBoolean(if_missing=False)
                 return _DefaultPermissionsForm
             def DefaultsForm(edit=False, old_data={}, supported_backends=BACKENDS.keys()):
                 class _DefaultsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     default_repo_type = v.OneOf(supported_backends)
                     default_repo_private = v.StringBoolean(if_missing=False)
                     default_repo_enable_statistics = v.StringBoolean(if_missing=False)
                     default_repo_enable_downloads = v.StringBoolean(if_missing=False)
                     default_repo_enable_locking = v.StringBoolean(if_missing=False)
                 return _DefaultsForm
             def AuthSettingsForm():
                 class _AuthSettingsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     auth_plugins = All(v.ValidAuthPlugins(),
                                        v.UniqueListFromString()(not_empty=True))
                 return _AuthSettingsForm
             def UserExtraEmailForm():
                 class _UserExtraEmailForm(formencode.Schema):
                     email = All(v.UniqSystemEmail(), v.Email(not_empty=True))
                 return _UserExtraEmailForm
             def UserExtraIpForm():
                 class _UserExtraIpForm(formencode.Schema):
                     ip = v.ValidIp()(not_empty=True)
                 return _UserExtraIpForm
             def PullRequestForm(repo_id):
                 class ReviewerForm(formencode.Schema):
                     user_id = v.Int(not_empty=True)
                     reasons = All()
                 class _PullRequestForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     user = v.UnicodeString(strip=True, required=True)
                     source_repo = v.UnicodeString(strip=True, required=True)
                     source_ref = v.UnicodeString(strip=True, required=True)
                     target_repo = v.UnicodeString(strip=True, required=True)
                     target_ref = v.UnicodeString(strip=True, required=True)
                     revisions = All(#v.NotReviewedRevisions(repo_id)(),
                                     v.UniqueList()(not_empty=True))
                     review_members = formencode.ForEach(ReviewerForm())
                     pullrequest_title = v.UnicodeString(strip=True, required=True)
                     pullrequest_desc = v.UnicodeString(strip=True, required=False)
                 return _PullRequestForm
             def IssueTrackerPatternsForm():
                 class _IssueTrackerPatternsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     chained_validators = [v.ValidPattern()]
                 return _IssueTrackerPatternsForm

rhodecode/model/validation_schema/schemas/repo_schema.py

0 +6 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import colander
             from rhodecode.translation import _
             from rhodecode.model.validation_schema import validators, preparers, types
             DEFAULT_LANDING_REF = 'rev:tip'
             def get_group_and_repo(repo_name):
                 from rhodecode.model.repo_group import RepoGroupModel
                 return RepoGroupModel()._get_group_name_and_parent(
                     repo_name, get_object=True)
             @colander.deferred
             def deferred_repo_type_validator(node, kw):
                 options = kw.get('repo_type_options', [])
                 return colander.OneOf([x for x in options])
             @colander.deferred
             def deferred_repo_owner_validator(node, kw):
                 def repo_owner_validator(node, value):
                     from rhodecode.model.db import User
                     existing = User.get_by_username(value)
                     if not existing:
                         msg = _(u'Repo owner with id `{}` does not exists').format(value)
                         raise colander.Invalid(node, msg)
                 return repo_owner_validator
             @colander.deferred
             def deferred_landing_ref_validator(node, kw):
                 options = kw.get('repo_ref_options', [DEFAULT_LANDING_REF])
                 return colander.OneOf([x for x in options])
             @colander.deferred
             def deferred_fork_of_validator(node, kw):
                 old_values = kw.get('old_values') or {}
                 def fork_of_validator(node, value):
                     from rhodecode.model.db import Repository, RepoGroup
                     existing = Repository.get_by_repo_name(value)
                     if not existing:
                         msg = _(u'Fork with id `{}` does not exists').format(value)
                         raise colander.Invalid(node, msg)
                     elif old_values['repo_name'] == existing.repo_name:
                         msg = _(u'Cannot set fork of '
                                 u'parameter of this repository to itself').format(value)
                         raise colander.Invalid(node, msg)
                 return fork_of_validator
             @colander.deferred
             def deferred_can_write_to_group_validator(node, kw):
                 request_user = kw.get('user')
                 old_values = kw.get('old_values') or {}
                 def can_write_to_group_validator(node, value):
                     """
                     Checks if given repo path is writable by user. This includes checks if
                     user is allowed to create repositories under root path or under
                     repo group paths
                     """
                     from rhodecode.lib.auth import (
                         HasPermissionAny, HasRepoGroupPermissionAny)
                     from rhodecode.model.repo_group import RepoGroupModel
                     messages = {
                         'invalid_repo_group':
                             _(u"Repository group `{}` does not exist"),
                         # permissions denied we expose as not existing, to prevent
                         # resource discovery
                         'permission_denied':
                             _(u"Repository group `{}` does not exist"),
                         'permission_denied_root':
                             _(u"You do not have the permission to store "
                               u"repositories in the root location.")
                     }
                     value = value['repo_group_name']
                     is_root_location = value is types.RootLocation
                     # NOT initialized validators, we must call them
                     can_create_repos_at_root = HasPermissionAny(
                         'hg.admin', 'hg.create.repository')
                     # if values is root location, we simply need to check if we can write
                     # to root location !
                     if is_root_location:
                         if can_create_repos_at_root(user=request_user):
                             # we can create repo group inside tool-level. No more checks
                             # are required
                             return
                         else:
                             # "fake" node name as repo_name, otherwise we oddly report
                             # the error as if it was coming form repo_group
                             # however repo_group is empty when using root location.
                             node.name = 'repo_name'
                             raise colander.Invalid(node, messages['permission_denied_root'])
                     # parent group not exists ? throw an error
                     repo_group = RepoGroupModel().get_by_group_name(value)
                     if value and not repo_group:
                         raise colander.Invalid(
                             node, messages['invalid_repo_group'].format(value))
                     gr_name = repo_group.group_name
                     # create repositories with write permission on group is set to true
                     create_on_write = HasPermissionAny(
                         'hg.create.write_on_repogroup.true')(user=request_user)
                     group_admin = HasRepoGroupPermissionAny('group.admin')(
                         gr_name, 'can write into group validator', user=request_user)
                     group_write = HasRepoGroupPermissionAny('group.write')(
                         gr_name, 'can write into group validator', user=request_user)
                     forbidden = not (group_admin or (group_write and create_on_write))
                     # TODO: handling of old values, and detecting no-change in path
                     # to skip permission checks in such cases. This only needs to be
                     # implemented if we use this schema in forms as well
                     # gid = (old_data['repo_group'].get('group_id')
                     #        if (old_data and 'repo_group' in old_data) else None)
                     # value_changed = gid != safe_int(value)
                     # new = not old_data
                     # do check if we changed the value, there's a case that someone got
                     # revoked write permissions to a repository, he still created, we
                     # don't need to check permission if he didn't change the value of
                     # groups in form box
                     # if value_changed or new:
                     #     # parent group need to be existing
                     # TODO: ENDS HERE
                     if repo_group and forbidden:
                         msg = messages['permission_denied'].format(value)
                         raise colander.Invalid(node, msg)
                 return can_write_to_group_validator
             @colander.deferred
             def deferred_unique_name_validator(node, kw):
                 request_user = kw.get('user')
                 old_values = kw.get('old_values') or {}
                 def unique_name_validator(node, value):
                     from rhodecode.model.db import Repository, RepoGroup
                     name_changed = value != old_values.get('repo_name')
                     existing = Repository.get_by_repo_name(value)
                     if name_changed and existing:
                         msg = _(u'Repository with name `{}` already exists').format(value)
                         raise colander.Invalid(node, msg)
                     existing_group = RepoGroup.get_by_group_name(value)
                     if name_changed and existing_group:
                         msg = _(u'Repository group with name `{}` already exists').format(
                             value)
                         raise colander.Invalid(node, msg)
                 return unique_name_validator
             @colander.deferred
             def deferred_repo_name_validator(node, kw):
-                return validators.valid_name_validator
+                def no_git_suffix_validator(node, value):
+                    if value.endswith('.git'):
+                        msg = _('Repository name cannot end with .git')
+                        raise colander.Invalid(node, msg)
+                return colander.All(
+                    no_git_suffix_validator, validators.valid_name_validator)
             class GroupType(colander.Mapping):
                 def _validate(self, node, value):
                     try:
                         return dict(repo_group_name=value)
                     except Exception as e:
                         raise colander.Invalid(
                             node, '"${val}" is not a mapping type: ${err}'.format(
                                 val=value, err=e))
                 def deserialize(self, node, cstruct):
                     if cstruct is colander.null:
                         return cstruct
                     appstruct = super(GroupType, self).deserialize(node, cstruct)
                     validated_name = appstruct['repo_group_name']
                     # inject group based on once deserialized data
                     (repo_name_without_group,
                      parent_group_name,
                      parent_group) = get_group_and_repo(validated_name)
                     appstruct['repo_name_without_group'] = repo_name_without_group
                     appstruct['repo_group_name'] = parent_group_name or types.RootLocation
                     if parent_group:
                         appstruct['repo_group_id'] = parent_group.group_id
                     return appstruct
             class GroupSchema(colander.SchemaNode):
                 schema_type = GroupType
                 validator = deferred_can_write_to_group_validator
                 missing = colander.null
             class RepoGroup(GroupSchema):
                 repo_group_name = colander.SchemaNode(
                     types.GroupNameType())
                 repo_group_id = colander.SchemaNode(
                     colander.String(), missing=None)
                 repo_name_without_group = colander.SchemaNode(
                     colander.String(), missing=None)
             class RepoGroupAccessSchema(colander.MappingSchema):
                 repo_group = RepoGroup()
             class RepoNameUniqueSchema(colander.MappingSchema):
                 unique_repo_name = colander.SchemaNode(
                     colander.String(),
                     validator=deferred_unique_name_validator)
             class RepoSchema(colander.MappingSchema):
                 repo_name = colander.SchemaNode(
                     types.RepoNameType(),
                     validator=deferred_repo_name_validator)
                 repo_type = colander.SchemaNode(
                     colander.String(),
                     validator=deferred_repo_type_validator)
                 repo_owner = colander.SchemaNode(
                     colander.String(),
                     validator=deferred_repo_owner_validator)
                 repo_description = colander.SchemaNode(
                     colander.String(), missing='')
                 repo_landing_commit_ref = colander.SchemaNode(
                     colander.String(),
                     validator=deferred_landing_ref_validator,
                     preparers=[preparers.strip_preparer],
                     missing=DEFAULT_LANDING_REF)
                 repo_clone_uri = colander.SchemaNode(
                     colander.String(),
                     validator=colander.All(colander.Length(min=1)),
                     preparers=[preparers.strip_preparer],
                     missing='')
                 repo_fork_of = colander.SchemaNode(
                     colander.String(),
                     validator=deferred_fork_of_validator,
                     missing=None)
                 repo_private = colander.SchemaNode(
                     types.StringBooleanType(),
                     missing=False)
                 repo_copy_permissions = colander.SchemaNode(
                     types.StringBooleanType(),
                     missing=False)
                 repo_enable_statistics = colander.SchemaNode(
                     types.StringBooleanType(),
                     missing=False)
                 repo_enable_downloads = colander.SchemaNode(
                     types.StringBooleanType(),
                     missing=False)
                 repo_enable_locking = colander.SchemaNode(
                     types.StringBooleanType(),
                     missing=False)
                 def deserialize(self, cstruct):
                     """
                     Custom deserialize that allows to chain validation, and verify
                     permissions, and as last step uniqueness
                     """
                     # first pass, to validate given data
                     appstruct = super(RepoSchema, self).deserialize(cstruct)
                     validated_name = appstruct['repo_name']
                     # second pass to validate permissions to repo_group
                     second = RepoGroupAccessSchema().bind(**self.bindings)
                     appstruct_second = second.deserialize({'repo_group': validated_name})
                     # save result
                     appstruct['repo_group'] = appstruct_second['repo_group']
                     # thirds to validate uniqueness
                     third = RepoNameUniqueSchema().bind(**self.bindings)
                     third.deserialize({'unique_repo_name': validated_name})
                     return appstruct

rhodecode/model/validators.py

0 +20 0

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Set of generic validators
             """
             import logging
             import os
             import re
             from collections import defaultdict
             import formencode
             import ipaddress
             from formencode.validators import (
                 UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set,
                 NotEmpty, IPAddress, CIDR, String, FancyValidator
             )
             from pylons.i18n.translation import _
             from sqlalchemy.sql.expression import true
             from sqlalchemy.util import OrderedSet
             from webhelpers.pylonslib.secure_form import authentication_token
             from rhodecode.authentication import (
                 legacy_plugin_prefix, _import_legacy_plugin)
             from rhodecode.authentication.base import loadplugin
             from rhodecode.config.routing import ADMIN_PREFIX
             from rhodecode.lib.auth import HasRepoGroupPermissionAny, HasPermissionAny
             from rhodecode.lib.utils import repo_name_slug, make_db_config
             from rhodecode.lib.utils2 import safe_int, str2bool, aslist, md5
             from rhodecode.lib.vcs.backends.git.repository import GitRepository
             from rhodecode.lib.vcs.backends.hg.repository import MercurialRepository
             from rhodecode.lib.vcs.backends.svn.repository import SubversionRepository
             from rhodecode.model.db import (
                 RepoGroup, Repository, UserGroup, User, ChangesetStatus, Gist)
             from rhodecode.model.settings import VcsSettingsModel
             # silence warnings and pylint
             UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set, \
                 NotEmpty, IPAddress, CIDR, String, FancyValidator
             log = logging.getLogger(__name__)
             class _Missing(object):
                 pass
             Missing = _Missing()
             class StateObj(object):
                 """
                 this is needed to translate the messages using _() in validators
                 """
                 _ = staticmethod(_)
             def M(self, key, state=None, **kwargs):
                 """
                 returns string from self.message based on given key,
                 passed kw params are used to substitute %(named)s params inside
                 translated strings
                 :param msg:
                 :param state:
                 """
                 if state is None:
                     state = StateObj()
                 else:
                     state._ = staticmethod(_)
                 # inject validator into state object
                 return self.message(key, state, **kwargs)
             def UniqueList(convert=None):
                 class _UniqueList(formencode.FancyValidator):
                     """
                     Unique List !
                     """
                     messages = {
                         'empty': _(u'Value cannot be an empty list'),
                         'missing_value': _(u'Value cannot be an empty list'),
                     }
                     def _to_python(self, value, state):
                         ret_val = []
                         def make_unique(value):
                             seen = []
                             return [c for c in value if not (c in seen or seen.append(c))]
                         if isinstance(value, list):
                             ret_val = make_unique(value)
                         elif isinstance(value, set):
                             ret_val = make_unique(list(value))
                         elif isinstance(value, tuple):
                             ret_val = make_unique(list(value))
                         elif value is None:
                             ret_val = []
                         else:
                             ret_val = [value]
                         if convert:
                             ret_val = map(convert, ret_val)
                         return ret_val
                     def empty_value(self, value):
                         return []
                 return _UniqueList
             def UniqueListFromString():
                 class _UniqueListFromString(UniqueList()):
                     def _to_python(self, value, state):
                         if isinstance(value, basestring):
                             value = aslist(value, ',')
                         return super(_UniqueListFromString, self)._to_python(value, state)
                 return _UniqueListFromString
             def ValidSvnPattern(section, repo_name=None):
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'pattern_exists': _(u'Pattern already exists'),
                     }
                     def validate_python(self, value, state):
                         if not value:
                             return
                         model = VcsSettingsModel(repo=repo_name)
                         ui_settings = model.get_svn_patterns(section=section)
                         for entry in ui_settings:
                             if value == entry.value:
                                 msg = M(self, 'pattern_exists', state)
                                 raise formencode.Invalid(msg, value, state)
                 return _validator
             def ValidUsername(edit=False, old_data={}):
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'username_exists': _(u'Username "%(username)s" already exists'),
                         'system_invalid_username':
                             _(u'Username "%(username)s" is forbidden'),
                         'invalid_username':
                             _(u'Username may only contain alphanumeric characters '
                                 u'underscores, periods or dashes and must begin with '
                                 u'alphanumeric character or underscore')
                     }
                     def validate_python(self, value, state):
                         if value in ['default', 'new_user']:
                             msg = M(self, 'system_invalid_username', state, username=value)
                             raise formencode.Invalid(msg, value, state)
                         # check if user is unique
                         old_un = None
                         if edit:
                             old_un = User.get(old_data.get('user_id')).username
                         if old_un != value or not edit:
                             if User.get_by_username(value, case_insensitive=True):
                                 msg = M(self, 'username_exists', state, username=value)
                                 raise formencode.Invalid(msg, value, state)
                         if (re.match(r'^[\w]{1}[\w\-\.]{0,254}$', value)
                                 is None):
                             msg = M(self, 'invalid_username', state)
                             raise formencode.Invalid(msg, value, state)
                 return _validator
             def ValidRegex(msg=None):
                 class _validator(formencode.validators.Regex):
                     messages = {'invalid': msg or _(u'The input is not valid')}
                 return _validator
             def ValidRepoUser(allow_disabled=False):
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'invalid_username': _(u'Username %(username)s is not valid'),
                         'disabled_username': _(u'Username %(username)s is disabled')
                     }
                     def validate_python(self, value, state):
                         try:
                             user = User.query().filter(User.username == value).one()
                         except Exception:
                             msg = M(self, 'invalid_username', state, username=value)
                             raise formencode.Invalid(
                                 msg, value, state, error_dict={'username': msg}
                             )
                         if user and (not allow_disabled and not user.active):
                             msg = M(self, 'disabled_username', state, username=value)
                             raise formencode.Invalid(
                                 msg, value, state, error_dict={'username': msg}
                             )
                 return _validator
             def ValidUserGroup(edit=False, old_data={}):
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'invalid_group': _(u'Invalid user group name'),
                         'group_exist': _(u'User group "%(usergroup)s" already exists'),
                         'invalid_usergroup_name':
                             _(u'user group name may only contain alphanumeric '
                               u'characters underscores, periods or dashes and must begin '
                               u'with alphanumeric character')
                     }
                     def validate_python(self, value, state):
                         if value in ['default']:
                             msg = M(self, 'invalid_group', state)
                             raise formencode.Invalid(
                                 msg, value, state, error_dict={'users_group_name': msg}
                             )
                         # check if group is unique
                         old_ugname = None
                         if edit:
                             old_id = old_data.get('users_group_id')
                             old_ugname = UserGroup.get(old_id).users_group_name
                         if old_ugname != value or not edit:
                             is_existing_group = UserGroup.get_by_group_name(
                                 value, case_insensitive=True)
                             if is_existing_group:
                                 msg = M(self, 'group_exist', state, usergroup=value)
                                 raise formencode.Invalid(
                                     msg, value, state, error_dict={'users_group_name': msg}
                                 )
                         if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+$', value) is None:
                             msg = M(self, 'invalid_usergroup_name', state)
                             raise formencode.Invalid(
                                 msg, value, state, error_dict={'users_group_name': msg}
                             )
                 return _validator
             def ValidRepoGroup(edit=False, old_data={}, can_create_in_root=False):
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'group_parent_id': _(u'Cannot assign this group as parent'),
                         'group_exists': _(u'Group "%(group_name)s" already exists'),
                         'repo_exists': _(u'Repository with name "%(group_name)s" '
                                          u'already exists'),
                         'permission_denied': _(u"no permission to store repository group"
                                                u"in this location"),
                         'permission_denied_root': _(
                             u"no permission to store repository group "
                             u"in root location")
                     }
                     def _to_python(self, value, state):
                         group_name = repo_name_slug(value.get('group_name', ''))
                         group_parent_id = safe_int(value.get('group_parent_id'))
                         gr = RepoGroup.get(group_parent_id)
                         if gr:
                             parent_group_path = gr.full_path
                             # value needs to be aware of group name in order to check
                             # db key This is an actual just the name to store in the
                             # database
                             group_name_full = (
                                 parent_group_path + RepoGroup.url_sep() + group_name)
                         else:
                             group_name_full = group_name
                         value['group_name'] = group_name
                         value['group_name_full'] = group_name_full
                         value['group_parent_id'] = group_parent_id
                         return value
                     def validate_python(self, value, state):
                         old_group_name = None
                         group_name = value.get('group_name')
                         group_name_full = value.get('group_name_full')
                         group_parent_id = safe_int(value.get('group_parent_id'))
                         if group_parent_id == -1:
                             group_parent_id = None
                         group_obj = RepoGroup.get(old_data.get('group_id'))
                         parent_group_changed = False
                         if edit:
                             old_group_name = group_obj.group_name
                             old_group_parent_id = group_obj.group_parent_id
                             if group_parent_id != old_group_parent_id:
                                 parent_group_changed = True
                             # TODO: mikhail: the following if statement is not reached
                             # since group_parent_id's OneOf validation fails before.
                             # Can be removed.
                             # check against setting a parent of self
                             parent_of_self = (
                                 old_data['group_id'] == group_parent_id
                                 if group_parent_id else False
                             )
                             if parent_of_self:
                                 msg = M(self, 'group_parent_id', state)
                                 raise formencode.Invalid(
                                     msg, value, state, error_dict={'group_parent_id': msg}
                                 )
                         # group we're moving current group inside
                         child_group = None
                         if group_parent_id:
                             child_group = RepoGroup.query().filter(
                                 RepoGroup.group_id == group_parent_id).scalar()
                         # do a special check that we cannot move a group to one of
                         # it's children
                         if edit and child_group:
                             parents = [x.group_id for x in child_group.parents]
                             move_to_children = old_data['group_id'] in parents
                             if move_to_children:
                                 msg = M(self, 'group_parent_id', state)
                                 raise formencode.Invalid(
                                     msg, value, state, error_dict={'group_parent_id': msg})
                         # Check if we have permission to store in the parent.
                         # Only check if the parent group changed.
                         if parent_group_changed:
                             if child_group is None:
                                 if not can_create_in_root:
                                     msg = M(self, 'permission_denied_root', state)
                                     raise formencode.Invalid(
                                         msg, value, state,
                                         error_dict={'group_parent_id': msg})
                             else:
                                 valid = HasRepoGroupPermissionAny('group.admin')
                                 forbidden = not valid(
                                     child_group.group_name, 'can create group validator')
                                 if forbidden:
                                     msg = M(self, 'permission_denied', state)
                                     raise formencode.Invalid(
                                         msg, value, state,
                                         error_dict={'group_parent_id': msg})
                         # if we change the name or it's new group, check for existing names
                         # or repositories with the same name
                         if old_group_name != group_name_full or not edit:
                             # check group
                             gr = RepoGroup.get_by_group_name(group_name_full)
                             if gr:
                                 msg = M(self, 'group_exists', state, group_name=group_name)
                                 raise formencode.Invalid(
                                     msg, value, state, error_dict={'group_name': msg})
                             # check for same repo
                             repo = Repository.get_by_repo_name(group_name_full)
                             if repo:
                                 msg = M(self, 'repo_exists', state, group_name=group_name)
                                 raise formencode.Invalid(
                                     msg, value, state, error_dict={'group_name': msg})
                 return _validator
             def ValidPassword():
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'invalid_password':
                             _(u'Invalid characters (non-ascii) in password')
                     }
                     def validate_python(self, value, state):
                         try:
                             (value or '').decode('ascii')
                         except UnicodeError:
                             msg = M(self, 'invalid_password', state)
                             raise formencode.Invalid(msg, value, state,)
                 return _validator
             def ValidOldPassword(username):
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'invalid_password': _(u'Invalid old password')
                     }
                     def validate_python(self, value, state):
                         from rhodecode.authentication.base import authenticate, HTTP_TYPE
                         if not authenticate(username, value, '', HTTP_TYPE):
                             msg = M(self, 'invalid_password', state)
                             raise formencode.Invalid(
                                 msg, value, state, error_dict={'current_password': msg}
                             )
                 return _validator
             def ValidPasswordsMatch(
                     passwd='new_password', passwd_confirmation='password_confirmation'):
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'password_mismatch': _(u'Passwords do not match'),
                     }
                     def validate_python(self, value, state):
                         pass_val = value.get('password') or value.get(passwd)
                         if pass_val != value[passwd_confirmation]:
                             msg = M(self, 'password_mismatch', state)
                             raise formencode.Invalid(
                                 msg, value, state,
                                 error_dict={passwd: msg, passwd_confirmation: msg}
                             )
                 return _validator
             def ValidAuth():
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'invalid_password': _(u'invalid password'),
                         'invalid_username': _(u'invalid user name'),
                         'disabled_account': _(u'Your account is disabled')
                     }
                     def validate_python(self, value, state):
                         from rhodecode.authentication.base import authenticate, HTTP_TYPE
                         password = value['password']
                         username = value['username']
                         if not authenticate(username, password, '', HTTP_TYPE,
                                             skip_missing=True):
                             user = User.get_by_username(username)
                             if user and not user.active:
                                 log.warning('user %s is disabled', username)
                                 msg = M(self, 'disabled_account', state)
                                 raise formencode.Invalid(
                                     msg, value, state, error_dict={'username': msg}
                                 )
                             else:
                                 log.warning('user `%s` failed to authenticate', username)
                                 msg = M(self, 'invalid_username', state)
                                 msg2 = M(self, 'invalid_password', state)
                                 raise formencode.Invalid(
                                     msg, value, state,
                                     error_dict={'username': msg, 'password': msg2}
                                 )
                 return _validator
             def ValidAuthToken():
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'invalid_token': _(u'Token mismatch')
                     }
                     def validate_python(self, value, state):
                         if value != authentication_token():
                             msg = M(self, 'invalid_token', state)
                             raise formencode.Invalid(msg, value, state)
                 return _validator
             def ValidRepoName(edit=False, old_data={}):
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'invalid_repo_name':
                             _(u'Repository name %(repo)s is disallowed'),
                         # top level
                         'repository_exists': _(u'Repository with name %(repo)s '
                                                u'already exists'),
                         'group_exists': _(u'Repository group with name "%(repo)s" '
                                           u'already exists'),
                         # inside a group
                         'repository_in_group_exists': _(u'Repository with name %(repo)s '
                                                         u'exists in group "%(group)s"'),
                         'group_in_group_exists': _(
                             u'Repository group with name "%(repo)s" '
                             u'exists in group "%(group)s"'),
                     }
                     def _to_python(self, value, state):
                         repo_name = repo_name_slug(value.get('repo_name', ''))
                         repo_group = value.get('repo_group')
                         if repo_group:
                             gr = RepoGroup.get(repo_group)
                             group_path = gr.full_path
                             group_name = gr.group_name
                             # value needs to be aware of group name in order to check
                             # db key This is an actual just the name to store in the
                             # database
                             repo_name_full = group_path + RepoGroup.url_sep() + repo_name
                         else:
                             group_name = group_path = ''
                             repo_name_full = repo_name
                         value['repo_name'] = repo_name
                         value['repo_name_full'] = repo_name_full
                         value['group_path'] = group_path
                         value['group_name'] = group_name
                         return value
                     def validate_python(self, value, state):
                         repo_name = value.get('repo_name')
                         repo_name_full = value.get('repo_name_full')
                         group_path = value.get('group_path')
                         group_name = value.get('group_name')
                         if repo_name in [ADMIN_PREFIX, '']:
                             msg = M(self, 'invalid_repo_name', state, repo=repo_name)
                             raise formencode.Invalid(
                                 msg, value, state, error_dict={'repo_name': msg})
                         rename = old_data.get('repo_name') != repo_name_full
                         create = not edit
                         if rename or create:
                             if group_path:
                                 if Repository.get_by_repo_name(repo_name_full):
                                     msg = M(self, 'repository_in_group_exists', state,
                                             repo=repo_name, group=group_name)
                                     raise formencode.Invalid(
                                         msg, value, state, error_dict={'repo_name': msg})
                                 if RepoGroup.get_by_group_name(repo_name_full):
                                     msg = M(self, 'group_in_group_exists', state,
                                             repo=repo_name, group=group_name)
                                     raise formencode.Invalid(
                                         msg, value, state, error_dict={'repo_name': msg})
                             else:
                                 if RepoGroup.get_by_group_name(repo_name_full):
                                     msg = M(self, 'group_exists', state, repo=repo_name)
                                     raise formencode.Invalid(
                                         msg, value, state, error_dict={'repo_name': msg})
                                 if Repository.get_by_repo_name(repo_name_full):
                                     msg = M(
                                         self, 'repository_exists', state, repo=repo_name)
                                     raise formencode.Invalid(
                                         msg, value, state, error_dict={'repo_name': msg})
                         return value
                 return _validator
             def ValidForkName(*args, **kwargs):
                 return ValidRepoName(*args, **kwargs)
             def SlugifyName():
                 class _validator(formencode.validators.FancyValidator):
                     def _to_python(self, value, state):
                         return repo_name_slug(value)
                     def validate_python(self, value, state):
                         pass
                 return _validator
+            def CannotHaveGitSuffix():
+                class _validator(formencode.validators.FancyValidator):
+                    messages = {
+                        'has_git_suffix':
+                            _(u'Repository name cannot end with .git'),
+                    }
+                    def _to_python(self, value, state):
+                        return value
+                    def validate_python(self, value, state):
+                        if value and value.endswith('.git'):
+                            msg = M(
+                                self, 'has_git_suffix', state)
+                            raise formencode.Invalid(
+                                msg, value, state, error_dict={'repo_name': msg})
+                return _validator
             def ValidCloneUri():
                 class InvalidCloneUrl(Exception):
                     allowed_prefixes = ()
                 def url_handler(repo_type, url):
                     config = make_db_config(clear_session=False)
                     if repo_type == 'hg':
                         allowed_prefixes = ('http', 'svn+http', 'git+http')
                         if 'http' in url[:4]:
                             # initially check if it's at least the proper URL
                             # or does it pass basic auth
                             MercurialRepository.check_url(url, config)
                         elif 'svn+http' in url[:8]:  # svn->hg import
                             SubversionRepository.check_url(url, config)
                         elif 'git+http' in url[:8]:  # git->hg import
                             raise NotImplementedError()
                         else:
                             exc = InvalidCloneUrl('Clone from URI %s not allowed. '
                                                   'Allowed url must start with one of %s'
                                                   % (url, ','.join(allowed_prefixes)))
                             exc.allowed_prefixes = allowed_prefixes
                             raise exc
                     elif repo_type == 'git':
                         allowed_prefixes = ('http', 'svn+http', 'hg+http')
                         if 'http' in url[:4]:
                             # initially check if it's at least the proper URL
                             # or does it pass basic auth
                             GitRepository.check_url(url, config)
                         elif 'svn+http' in url[:8]:  # svn->git import
                             raise NotImplementedError()
                         elif 'hg+http' in url[:8]:  # hg->git import
                             raise NotImplementedError()
                         else:
                             exc = InvalidCloneUrl('Clone from URI %s not allowed. '
                                                   'Allowed url must start with one of %s'
                                                   % (url, ','.join(allowed_prefixes)))
                             exc.allowed_prefixes = allowed_prefixes
                             raise exc
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'clone_uri': _(u'invalid clone url for %(rtype)s repository'),
                         'invalid_clone_uri': _(
                             u'Invalid clone url, provide a valid clone '
                             u'url starting with one of %(allowed_prefixes)s')
                     }
                     def validate_python(self, value, state):
                         repo_type = value.get('repo_type')
                         url = value.get('clone_uri')
                         if url:
                             try:
                                 url_handler(repo_type, url)
                             except InvalidCloneUrl as e:
                                 log.warning(e)
                                 msg = M(self, 'invalid_clone_uri', rtype=repo_type,
                                         allowed_prefixes=','.join(e.allowed_prefixes))
                                 raise formencode.Invalid(msg, value, state,
                                                          error_dict={'clone_uri': msg})
                             except Exception:
                                 log.exception('Url validation failed')
                                 msg = M(self, 'clone_uri', rtype=repo_type)
                                 raise formencode.Invalid(msg, value, state,
                                                          error_dict={'clone_uri': msg})
                 return _validator
             def ValidForkType(old_data={}):
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'invalid_fork_type': _(u'Fork have to be the same type as parent')
                     }
                     def validate_python(self, value, state):
                         if old_data['repo_type'] != value:
                             msg = M(self, 'invalid_fork_type', state)
                             raise formencode.Invalid(
                                 msg, value, state, error_dict={'repo_type': msg}
                             )
                 return _validator
             def CanWriteGroup(old_data=None):
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'permission_denied': _(
                             u"You do not have the permission "
                             u"to create repositories in this group."),
                         'permission_denied_root': _(
                             u"You do not have the permission to store repositories in "
                             u"the root location.")
                     }
                     def _to_python(self, value, state):
                         # root location
                         if value in [-1, "-1"]:
                             return None
                         return value
                     def validate_python(self, value, state):
                         gr = RepoGroup.get(value)
                         gr_name = gr.group_name if gr else None  # None means ROOT location
                         # create repositories with write permission on group is set to true
                         create_on_write = HasPermissionAny(
                             'hg.create.write_on_repogroup.true')()
                         group_admin = HasRepoGroupPermissionAny('group.admin')(
                             gr_name, 'can write into group validator')
                         group_write = HasRepoGroupPermissionAny('group.write')(
                             gr_name, 'can write into group validator')
                         forbidden = not (group_admin or (group_write and create_on_write))
                         can_create_repos = HasPermissionAny(
                             'hg.admin', 'hg.create.repository')
                         gid = (old_data['repo_group'].get('group_id')
                                if (old_data and 'repo_group' in old_data) else None)
                         value_changed = gid != safe_int(value)
                         new = not old_data
                         # do check if we changed the value, there's a case that someone got
                         # revoked write permissions to a repository, he still created, we
                         # don't need to check permission if he didn't change the value of
                         # groups in form box
                         if value_changed or new:
                             # parent group need to be existing
                             if gr and forbidden:
                                 msg = M(self, 'permission_denied', state)
                                 raise formencode.Invalid(
                                     msg, value, state, error_dict={'repo_type': msg}
                                 )
                             # check if we can write to root location !
                             elif gr is None and not can_create_repos():
                                 msg = M(self, 'permission_denied_root', state)
                                 raise formencode.Invalid(
                                     msg, value, state, error_dict={'repo_type': msg}
                                 )
                 return _validator
             def ValidPerms(type_='repo'):
                 if type_ == 'repo_group':
                     EMPTY_PERM = 'group.none'
                 elif type_ == 'repo':
                     EMPTY_PERM = 'repository.none'
                 elif type_ == 'user_group':
                     EMPTY_PERM = 'usergroup.none'
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'perm_new_member_name':
                             _(u'This username or user group name is not valid')
                     }
                     def _to_python(self, value, state):
                         perm_updates = OrderedSet()
                         perm_additions = OrderedSet()
                         perm_deletions = OrderedSet()
                         # build a list of permission to update/delete and new permission
                         # Read the perm_new_member/perm_del_member attributes and group
                         # them by they IDs
                         new_perms_group = defaultdict(dict)
                         del_perms_group = defaultdict(dict)
                         for k, v in value.copy().iteritems():
                             if k.startswith('perm_del_member'):
                                 # delete from org storage so we don't process that later
                                 del value[k]
                                 # part is `id`, `type`
                                 _type, part = k.split('perm_del_member_')
                                 args = part.split('_')
                                 if len(args) == 2:
                                     _key, pos = args
                                     del_perms_group[pos][_key] = v
                             if k.startswith('perm_new_member'):
                                 # delete from org storage so we don't process that later
                                 del value[k]
                                 # part is `id`, `type`, `perm`
                                 _type, part = k.split('perm_new_member_')
                                 args = part.split('_')
                                 if len(args) == 2:
                                     _key, pos = args
                                     new_perms_group[pos][_key] = v
                         # store the deletes
                         for k in sorted(del_perms_group.keys()):
                             perm_dict = del_perms_group[k]
                             del_member = perm_dict.get('id')
                             del_type = perm_dict.get('type')
                             if del_member and del_type:
                                 perm_deletions.add((del_member, None, del_type))
                         # store additions in order of how they were added in web form
                         for k in sorted(new_perms_group.keys()):
                             perm_dict = new_perms_group[k]
                             new_member = perm_dict.get('id')
                             new_type = perm_dict.get('type')
                             new_perm = perm_dict.get('perm')
                             if new_member and new_perm and new_type:
                                 perm_additions.add((new_member, new_perm, new_type))
                         # get updates of permissions
                         # (read the existing radio button states)
                         for k, update_value in value.iteritems():
                             if k.startswith('u_perm_') or k.startswith('g_perm_'):
                                 member = k[7:]
                                 update_type = {'u': 'user',
                                                'g': 'users_group'}[k[0]]
                                 if member == User.DEFAULT_USER:
                                     if str2bool(value.get('repo_private')):
                                         # set none for default when updating to
                                         # private repo protects agains form manipulation
                                         update_value = EMPTY_PERM
                                 perm_updates.add((member, update_value, update_type))
                         # check the deletes
                         value['perm_additions'] = list(perm_additions)
                         value['perm_updates'] = list(perm_updates)
                         value['perm_deletions'] = list(perm_deletions)
                         # validate users they exist and they are active !
                         for member_id, _perm, member_type in perm_additions:
                             try:
                                 if member_type == 'user':
                                     self.user_db = User.query()\
                                         .filter(User.active == true())\
                                         .filter(User.user_id == member_id).one()
                                 if member_type == 'users_group':
                                     self.user_db = UserGroup.query()\
                                         .filter(UserGroup.users_group_active == true())\
                                         .filter(UserGroup.users_group_id == member_id)\
                                         .one()
                             except Exception:
                                 log.exception('Updated permission failed: org_exc:')
                                 msg = M(self, 'perm_new_member_type', state)
                                 raise formencode.Invalid(
                                     msg, value, state, error_dict={
                                         'perm_new_member_name': msg}
                                 )
                         return value
                 return _validator
             def ValidSettings():
                 class _validator(formencode.validators.FancyValidator):
                     def _to_python(self, value, state):
                         # settings  form for users that are not admin
                         # can't edit certain parameters, it's extra backup if they mangle
                         # with forms
                         forbidden_params = [
                             'user', 'repo_type', 'repo_enable_locking',
                             'repo_enable_downloads', 'repo_enable_statistics'
                         ]
                         for param in forbidden_params:
                             if param in value:
                                 del value[param]
                         return value
                     def validate_python(self, value, state):
                         pass
                 return _validator
             def ValidPath():
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'invalid_path': _(u'This is not a valid path')
                     }
                     def validate_python(self, value, state):
                         if not os.path.isdir(value):
                             msg = M(self, 'invalid_path', state)
                             raise formencode.Invalid(
                                 msg, value, state, error_dict={'paths_root_path': msg}
                             )
                 return _validator
             def UniqSystemEmail(old_data={}):
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'email_taken': _(u'This e-mail address is already taken')
                     }
                     def _to_python(self, value, state):
                         return value.lower()
                     def validate_python(self, value, state):
                         if (old_data.get('email') or '').lower() != value:
                             user = User.get_by_email(value, case_insensitive=True)
                             if user:
                                 msg = M(self, 'email_taken', state)
                                 raise formencode.Invalid(
                                     msg, value, state, error_dict={'email': msg}
                                 )
                 return _validator
             def ValidSystemEmail():
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'non_existing_email': _(u'e-mail "%(email)s" does not exist.')
                     }
                     def _to_python(self, value, state):
                         return value.lower()
                     def validate_python(self, value, state):
                         user = User.get_by_email(value, case_insensitive=True)
                         if user is None:
                             msg = M(self, 'non_existing_email', state, email=value)
                             raise formencode.Invalid(
                                 msg, value, state, error_dict={'email': msg}
                             )
                 return _validator
             def NotReviewedRevisions(repo_id):
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'rev_already_reviewed':
                             _(u'Revisions %(revs)s are already part of pull request '
                               u'or have set status'),
                     }
                     def validate_python(self, value, state):
                         # check revisions if they are not reviewed, or a part of another
                         # pull request
                         statuses = ChangesetStatus.query()\
                             .filter(ChangesetStatus.revision.in_(value))\
                             .filter(ChangesetStatus.repo_id == repo_id)\
                             .all()
                         errors = []
                         for status in statuses:
                             if status.pull_request_id:
                                 errors.append(['pull_req', status.revision[:12]])
                             elif status.status:
                                 errors.append(['status', status.revision[:12]])
                         if errors:
                             revs = ','.join([x[1] for x in errors])
                             msg = M(self, 'rev_already_reviewed', state, revs=revs)
                             raise formencode.Invalid(
                                 msg, value, state, error_dict={'revisions': revs})
                 return _validator
             def ValidIp():
                 class _validator(CIDR):
                     messages = {
                         'badFormat': _(u'Please enter a valid IPv4 or IpV6 address'),
                         'illegalBits': _(
                             u'The network size (bits) must be within the range '
                             u'of 0-32 (not %(bits)r)'),
                     }
                     # we ovveride the default to_python() call
                     def to_python(self, value, state):
                         v = super(_validator, self).to_python(value, state)
                         v = v.strip()
                         net = ipaddress.ip_network(address=v, strict=False)
                         return str(net)
                     def validate_python(self, value, state):
                         try:
                             addr = value.strip()
                             # this raises an ValueError if address is not IpV4 or IpV6
                             ipaddress.ip_network(addr, strict=False)
                         except ValueError:
                             raise formencode.Invalid(self.message('badFormat', state),
                                                      value, state)
                 return _validator
             def FieldKey():
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'badFormat': _(
                             u'Key name can only consist of letters, '
                             u'underscore, dash or numbers'),
                     }
                     def validate_python(self, value, state):
                         if not re.match('[a-zA-Z0-9_-]+$', value):
                             raise formencode.Invalid(self.message('badFormat', state),
                                                      value, state)
                 return _validator
             def ValidAuthPlugins():
                 class _validator(formencode.validators.FancyValidator):
                     messages = {
                         'import_duplicate': _(
                             u'Plugins %(loaded)s and %(next_to_load)s '
                             u'both export the same name'),
                         'missing_includeme': _(
                             u'The plugin "%(plugin_id)s" is missing an includeme '
                             u'function.'),
                         'import_error': _(
                             u'Can not load plugin "%(plugin_id)s"'),
                         'no_plugin': _(
                             u'No plugin available with ID "%(plugin_id)s"'),
                     }
                     def _to_python(self, value, state):
                         # filter empty values
                         return filter(lambda s: s not in [None, ''], value)
                     def _validate_legacy_plugin_id(self, plugin_id, value, state):
                         """
                         Validates that the plugin import works. It also checks that the
                         plugin has an includeme attribute.
                         """
                         try:
                             plugin = _import_legacy_plugin(plugin_id)
                         except Exception as e:
                             log.exception(
                                 'Exception during import of auth legacy plugin "{}"'
                                 .format(plugin_id))
                             msg = M(self, 'import_error', plugin_id=plugin_id)
                             raise formencode.Invalid(msg, value, state)
                         if not hasattr(plugin, 'includeme'):
                             msg = M(self, 'missing_includeme', plugin_id=plugin_id)
                             raise formencode.Invalid(msg, value, state)
                         return plugin
                     def _validate_plugin_id(self, plugin_id, value, state):
                         """
                         Plugins are already imported during app start up. Therefore this
                         validation only retrieves the plugin from the plugin registry and
                         if it returns something not None everything is OK.
                         """
                         plugin = loadplugin(plugin_id)
                         if plugin is None:
                             msg = M(self, 'no_plugin', plugin_id=plugin_id)
                             raise formencode.Invalid(msg, value, state)
                         return plugin
                     def validate_python(self, value, state):
                         unique_names = {}
                         for plugin_id in value:
                             # Validate legacy or normal plugin.
                             if plugin_id.startswith(legacy_plugin_prefix):
                                 plugin = self._validate_legacy_plugin_id(
                                     plugin_id, value, state)
                             else:
                                 plugin = self._validate_plugin_id(plugin_id, value, state)
                             # Only allow unique plugin names.
                             if plugin.name in unique_names:
                                 msg = M(self, 'import_duplicate', state,
                                         loaded=unique_names[plugin.name],
                                         next_to_load=plugin)
                                 raise formencode.Invalid(msg, value, state)
                             unique_names[plugin.name] = plugin
                 return _validator
             def ValidPattern():
                 class _Validator(formencode.validators.FancyValidator):
                     def _to_python(self, value, state):
                         patterns = []
                         prefix = 'new_pattern'
                         for name, v in value.iteritems():
                             pattern_name = '_'.join((prefix, 'pattern'))
                             if name.startswith(pattern_name):
                                 new_item_id = name[len(pattern_name)+1:]
                                 def _field(name):
                                     return '%s_%s_%s' % (prefix, name, new_item_id)
                                 values = {
                                     'issuetracker_pat': value.get(_field('pattern')),
                                     'issuetracker_pat': value.get(_field('pattern')),
                                     'issuetracker_url': value.get(_field('url')),
                                     'issuetracker_pref': value.get(_field('prefix')),
                                     'issuetracker_desc': value.get(_field('description'))
                                 }
                                 new_uid = md5(values['issuetracker_pat'])
                                 has_required_fields = (
                                     values['issuetracker_pat']
                                     and values['issuetracker_url'])
                                 if has_required_fields:
                                     settings = [
                                         ('_'.join((key, new_uid)), values[key], 'unicode')
                                         for key in values]
                                     patterns.append(settings)
                         value['patterns'] = patterns
                         delete_patterns = value.get('uid') or []
                         if not isinstance(delete_patterns, (list, tuple)):
                             delete_patterns = [delete_patterns]
                         value['delete_patterns'] = delete_patterns
                         return value
                 return _Validator

rhodecode/tests/functional/test_admin_repos.py

0 +25 -11

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import urllib
             import mock
             import pytest
             from rhodecode.lib import auth
-            from rhodecode.lib.utils2 import safe_str, str2bool
+            from rhodecode.lib.utils2 import safe_str, str2bool, safe_unicode
             from rhodecode.lib.vcs.exceptions import RepositoryRequirementError
             from rhodecode.model.db import Repository, RepoGroup, UserRepoToPerm, User,\
                 Permission
             from rhodecode.model.meta import Session
             from rhodecode.model.repo import RepoModel
             from rhodecode.model.repo_group import RepoGroupModel
             from rhodecode.model.settings import SettingsModel, VcsSettingsModel
             from rhodecode.model.user import UserModel
             from rhodecode.tests import (
                 login_user_session, url, assert_session_flash, TEST_USER_ADMIN_LOGIN,
                 TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS, HG_REPO, GIT_REPO,
                 logout_user_session)
             from rhodecode.tests.fixture import Fixture, error_function
             from rhodecode.tests.utils import AssertResponse, repo_on_filesystem
             fixture = Fixture()
             @pytest.mark.usefixtures("app")
-            class TestAdminRepos:
+            class TestAdminRepos(object):
                 def test_index(self):
                     self.app.get(url('repos'))
                 def test_create_page_restricted(self, autologin_user, backend):
                     with mock.patch('rhodecode.BACKENDS', {'git': 'git'}):
                         response = self.app.get(url('new_repo'), status=200)
                     assert_response = AssertResponse(response)
                     element = assert_response.get_element('#repo_type')
                     assert element.text_content() == '\ngit\n'
                 def test_create_page_non_restricted(self, autologin_user, backend):
                     response = self.app.get(url('new_repo'), status=200)
                     assert_response = AssertResponse(response)
                     assert_response.element_contains('#repo_type', 'git')
                     assert_response.element_contains('#repo_type', 'svn')
                     assert_response.element_contains('#repo_type', 'hg')
-                @pytest.mark.parametrize("suffix", [u'', u''], ids=['', 'non-ascii'])
+                @pytest.mark.parametrize("suffix",
+                                         [u'', u'xxa'], ids=['', 'non-ascii'])
                 def test_create(self, autologin_user, backend, suffix, csrf_token):
                     repo_name_unicode = backend.new_repo_name(suffix=suffix)
                     repo_name = repo_name_unicode.encode('utf8')
                     description_unicode = u'description for newly created repo' + suffix
                     description = description_unicode.encode('utf8')
-                    self.app.post(
+                    response = self.app.post(
                         url('repos'),
                         fixture._get_repo_create_params(
                             repo_private=False,
                             repo_name=repo_name,
                             repo_type=backend.alias,
                             repo_description=description,
                             csrf_token=csrf_token),
-                        status=302
+                        status=302)
                     self.assert_repository_is_created_correctly(
                         repo_name, description, backend)
                 def test_create_numeric(self, autologin_user, backend, csrf_token):
                     numeric_repo = '1234'
                     repo_name = numeric_repo
                     description = 'description for newly created repo' + numeric_repo
                     self.app.post(
                         url('repos'),
                         fixture._get_repo_create_params(
                             repo_private=False,
                             repo_name=repo_name,
                             repo_type=backend.alias,
                             repo_description=description,
                             csrf_token=csrf_token))
                     self.assert_repository_is_created_correctly(
                         repo_name, description, backend)
                 @pytest.mark.parametrize("suffix", [u'', u'ąćę'], ids=['', 'non-ascii'])
                 def test_create_in_group(
                         self, autologin_user, backend, suffix, csrf_token):
                     # create GROUP
                     group_name = 'sometest_%s' % backend.alias
                     gr = RepoGroupModel().create(group_name=group_name,
                                                  group_description='test',
                                                  owner=TEST_USER_ADMIN_LOGIN)
                     Session().commit()
                     repo_name = u'ingroup' + suffix
                     repo_name_full = RepoGroup.url_sep().join(
                         [group_name, repo_name])
                     description = u'description for newly created repo'
                     self.app.post(
                         url('repos'),
                         fixture._get_repo_create_params(
                             repo_private=False,
                             repo_name=safe_str(repo_name),
                             repo_type=backend.alias,
                             repo_description=description,
                             repo_group=gr.group_id,
                             csrf_token=csrf_token))
                     # TODO: johbo: Cleanup work to fixture
                     try:
                         self.assert_repository_is_created_correctly(
                             repo_name_full, description, backend)
                         new_repo = RepoModel().get_by_repo_name(repo_name_full)
                         inherited_perms = UserRepoToPerm.query().filter(
                             UserRepoToPerm.repository_id == new_repo.repo_id).all()
                         assert len(inherited_perms) == 1
                     finally:
                         RepoModel().delete(repo_name_full)
                         RepoGroupModel().delete(group_name)
                         Session().commit()
                 def test_create_in_group_numeric(
                         self, autologin_user, backend, csrf_token):
                     # create GROUP
                     group_name = 'sometest_%s' % backend.alias
                     gr = RepoGroupModel().create(group_name=group_name,
                                                  group_description='test',
                                                  owner=TEST_USER_ADMIN_LOGIN)
                     Session().commit()
                     repo_name = '12345'
                     repo_name_full = RepoGroup.url_sep().join([group_name, repo_name])
                     description = 'description for newly created repo'
                     self.app.post(
                         url('repos'),
                         fixture._get_repo_create_params(
                             repo_private=False,
                             repo_name=repo_name,
                             repo_type=backend.alias,
                             repo_description=description,
                             repo_group=gr.group_id,
                             csrf_token=csrf_token))
                     # TODO: johbo: Cleanup work to fixture
                     try:
                         self.assert_repository_is_created_correctly(
                             repo_name_full, description, backend)
                         new_repo = RepoModel().get_by_repo_name(repo_name_full)
                         inherited_perms = UserRepoToPerm.query()\
                             .filter(UserRepoToPerm.repository_id == new_repo.repo_id).all()
                         assert len(inherited_perms) == 1
                     finally:
                         RepoModel().delete(repo_name_full)
                         RepoGroupModel().delete(group_name)
                         Session().commit()
                 def test_create_in_group_without_needed_permissions(self, backend):
                     session = login_user_session(
                         self.app, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
                     csrf_token = auth.get_csrf_token(session)
                     # revoke
                     user_model = UserModel()
                     # disable fork and create on default user
                     user_model.revoke_perm(User.DEFAULT_USER, 'hg.create.repository')
                     user_model.grant_perm(User.DEFAULT_USER, 'hg.create.none')
                     user_model.revoke_perm(User.DEFAULT_USER, 'hg.fork.repository')
                     user_model.grant_perm(User.DEFAULT_USER, 'hg.fork.none')
                     # disable on regular user
                     user_model.revoke_perm(TEST_USER_REGULAR_LOGIN, 'hg.create.repository')
                     user_model.grant_perm(TEST_USER_REGULAR_LOGIN, 'hg.create.none')
                     user_model.revoke_perm(TEST_USER_REGULAR_LOGIN, 'hg.fork.repository')
                     user_model.grant_perm(TEST_USER_REGULAR_LOGIN, 'hg.fork.none')
                     Session().commit()
                     # create GROUP
                     group_name = 'reg_sometest_%s' % backend.alias
                     gr = RepoGroupModel().create(group_name=group_name,
                                                  group_description='test',
                                                  owner=TEST_USER_ADMIN_LOGIN)
                     Session().commit()
                     group_name_allowed = 'reg_sometest_allowed_%s' % backend.alias
                     gr_allowed = RepoGroupModel().create(
                         group_name=group_name_allowed,
                         group_description='test',
                         owner=TEST_USER_REGULAR_LOGIN)
                     Session().commit()
                     repo_name = 'ingroup'
                     description = 'description for newly created repo'
                     response = self.app.post(
                         url('repos'),
                         fixture._get_repo_create_params(
                             repo_private=False,
                             repo_name=repo_name,
                             repo_type=backend.alias,
                             repo_description=description,
                             repo_group=gr.group_id,
                             csrf_token=csrf_token))
                     response.mustcontain('Invalid value')
                     # user is allowed to create in this group
                     repo_name = 'ingroup'
                     repo_name_full = RepoGroup.url_sep().join(
                         [group_name_allowed, repo_name])
                     description = 'description for newly created repo'
                     response = self.app.post(
                         url('repos'),
                         fixture._get_repo_create_params(
                             repo_private=False,
                             repo_name=repo_name,
                             repo_type=backend.alias,
                             repo_description=description,
                             repo_group=gr_allowed.group_id,
                             csrf_token=csrf_token))
                     # TODO: johbo: Cleanup in pytest fixture
                     try:
                         self.assert_repository_is_created_correctly(
                             repo_name_full, description, backend)
                         new_repo = RepoModel().get_by_repo_name(repo_name_full)
                         inherited_perms = UserRepoToPerm.query().filter(
                             UserRepoToPerm.repository_id == new_repo.repo_id).all()
                         assert len(inherited_perms) == 1
                         assert repo_on_filesystem(repo_name_full)
                     finally:
                         RepoModel().delete(repo_name_full)
                         RepoGroupModel().delete(group_name)
                         RepoGroupModel().delete(group_name_allowed)
                         Session().commit()
                 def test_create_in_group_inherit_permissions(self, autologin_user, backend,
                                                              csrf_token):
                     # create GROUP
                     group_name = 'sometest_%s' % backend.alias
                     gr = RepoGroupModel().create(group_name=group_name,
                                                  group_description='test',
                                                  owner=TEST_USER_ADMIN_LOGIN)
                     perm = Permission.get_by_key('repository.write')
                     RepoGroupModel().grant_user_permission(
                         gr, TEST_USER_REGULAR_LOGIN, perm)
                     # add repo permissions
                     Session().commit()
                     repo_name = 'ingroup_inherited_%s' % backend.alias
                     repo_name_full = RepoGroup.url_sep().join([group_name, repo_name])
                     description = 'description for newly created repo'
                     self.app.post(
                         url('repos'),
                         fixture._get_repo_create_params(
                             repo_private=False,
                             repo_name=repo_name,
                             repo_type=backend.alias,
                             repo_description=description,
                             repo_group=gr.group_id,
                             repo_copy_permissions=True,
                             csrf_token=csrf_token))
                     # TODO: johbo: Cleanup to pytest fixture
                     try:
                         self.assert_repository_is_created_correctly(
                             repo_name_full, description, backend)
                     except Exception:
                         RepoGroupModel().delete(group_name)
                         Session().commit()
                         raise
                     # check if inherited permissions are applied
                     new_repo = RepoModel().get_by_repo_name(repo_name_full)
                     inherited_perms = UserRepoToPerm.query().filter(
                         UserRepoToPerm.repository_id == new_repo.repo_id).all()
                     assert len(inherited_perms) == 2
                     assert TEST_USER_REGULAR_LOGIN in [
                         x.user.username for x in inherited_perms]
                     assert 'repository.write' in [
                         x.permission.permission_name for x in inherited_perms]
                     RepoModel().delete(repo_name_full)
                     RepoGroupModel().delete(group_name)
                     Session().commit()
                 @pytest.mark.xfail_backends(
                     "git", "hg", reason="Missing reposerver support")
                 def test_create_with_clone_uri(self, autologin_user, backend, reposerver,
                                                csrf_token):
                     source_repo = backend.create_repo(number_of_commits=2)
                     source_repo_name = source_repo.repo_name
                     reposerver.serve(source_repo.scm_instance())
                     repo_name = backend.new_repo_name()
                     response = self.app.post(
                         url('repos'),
                         fixture._get_repo_create_params(
                             repo_private=False,
                             repo_name=repo_name,
                             repo_type=backend.alias,
                             repo_description='',
                             clone_uri=reposerver.url,
                             csrf_token=csrf_token),
                         status=302)
                     # Should be redirected to the creating page
                     response.mustcontain('repo_creating')
                     # Expecting that both repositories have same history
                     source_repo = RepoModel().get_by_repo_name(source_repo_name)
                     source_vcs = source_repo.scm_instance()
                     repo = RepoModel().get_by_repo_name(repo_name)
                     repo_vcs = repo.scm_instance()
                     assert source_vcs[0].message == repo_vcs[0].message
                     assert source_vcs.count() == repo_vcs.count()
                     assert source_vcs.commit_ids == repo_vcs.commit_ids
                 @pytest.mark.xfail_backends("svn", reason="Depends on import support")
                 def test_create_remote_repo_wrong_clone_uri(self, autologin_user, backend,
                                                             csrf_token):
                     repo_name = backend.new_repo_name()
                     description = 'description for newly created repo'
                     response = self.app.post(
                         url('repos'),
                         fixture._get_repo_create_params(
                             repo_private=False,
                             repo_name=repo_name,
                             repo_type=backend.alias,
                             repo_description=description,
                             clone_uri='http://repo.invalid/repo',
                             csrf_token=csrf_token))
                     response.mustcontain('invalid clone url')
                 @pytest.mark.xfail_backends("svn", reason="Depends on import support")
                 def test_create_remote_repo_wrong_clone_uri_hg_svn(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.new_repo_name()
                     description = 'description for newly created repo'
                     response = self.app.post(
                         url('repos'),
                         fixture._get_repo_create_params(
                             repo_private=False,
                             repo_name=repo_name,
                             repo_type=backend.alias,
                             repo_description=description,
                             clone_uri='svn+http://svn.invalid/repo',
                             csrf_token=csrf_token))
                     response.mustcontain('invalid clone url')
+                def test_create_with_git_suffix(
+                        self, autologin_user, backend, csrf_token):
+                    repo_name = backend.new_repo_name() + ".git"
+                    description = 'description for newly created repo'
+                    response = self.app.post(
+                        url('repos'),
+                        fixture._get_repo_create_params(
+                            repo_private=False,
+                            repo_name=repo_name,
+                            repo_type=backend.alias,
+                            repo_description=description,
+                            csrf_token=csrf_token))
+                    response.mustcontain('Repository name cannot end with .git')
                 @pytest.mark.parametrize("suffix", [u'', u'ąęł'], ids=['', 'non-ascii'])
                 def test_delete(self, autologin_user, backend, suffix, csrf_token):
                     repo = backend.create_repo(name_suffix=suffix)
                     repo_name = repo.repo_name
                     response = self.app.post(url('repo', repo_name=repo_name),
                                              params={'_method': 'delete',
                                                      'csrf_token': csrf_token})
                     assert_session_flash(response, 'Deleted repository %s' % (repo_name))
                     response.follow()
                     # check if repo was deleted from db
                     assert RepoModel().get_by_repo_name(repo_name) is None
                     assert not repo_on_filesystem(repo_name)
                 def test_show(self, autologin_user, backend):
                     self.app.get(url('repo', repo_name=backend.repo_name))
                 def test_edit(self, backend, autologin_user):
                     self.app.get(url('edit_repo', repo_name=backend.repo_name))
                 def test_edit_accessible_when_missing_requirements(
                         self, backend_hg, autologin_user):
                     scm_patcher = mock.patch.object(
                         Repository, 'scm_instance', side_effect=RepositoryRequirementError)
                     with scm_patcher:
                         self.app.get(url('edit_repo', repo_name=backend_hg.repo_name))
                 def test_set_private_flag_sets_default_to_none(
                         self, autologin_user, backend, csrf_token):
                     # initially repository perm should be read
                     perm = _get_permission_for_user(user='default', repo=backend.repo_name)
                     assert len(perm) == 1
                     assert perm[0].permission.permission_name == 'repository.read'
                     assert not backend.repo.private
                     response = self.app.post(
                         url('repo', repo_name=backend.repo_name),
                         fixture._get_repo_create_params(
                             repo_private=1,
                             repo_name=backend.repo_name,
                             repo_type=backend.alias,
                             user=TEST_USER_ADMIN_LOGIN,
                             _method='put',
                             csrf_token=csrf_token))
                     assert_session_flash(
                         response,
                         msg='Repository %s updated successfully' % (backend.repo_name))
                     assert backend.repo.private
                     # now the repo default permission should be None
                     perm = _get_permission_for_user(user='default', repo=backend.repo_name)
                     assert len(perm) == 1
                     assert perm[0].permission.permission_name == 'repository.none'
                     response = self.app.post(
                         url('repo', repo_name=backend.repo_name),
                         fixture._get_repo_create_params(
                             repo_private=False,
                             repo_name=backend.repo_name,
                             repo_type=backend.alias,
                             user=TEST_USER_ADMIN_LOGIN,
                             _method='put',
                             csrf_token=csrf_token))
                     assert_session_flash(
                         response,
                         msg='Repository %s updated successfully' % (backend.repo_name))
                     assert not backend.repo.private
                     # we turn off private now the repo default permission should stay None
                     perm = _get_permission_for_user(user='default', repo=backend.repo_name)
                     assert len(perm) == 1
                     assert perm[0].permission.permission_name == 'repository.none'
                     # update this permission back
                     perm[0].permission = Permission.get_by_key('repository.read')
                     Session().add(perm[0])
                     Session().commit()
                 def test_default_user_cannot_access_private_repo_in_a_group(
                         self, autologin_user, user_util, backend, csrf_token):
                     group = user_util.create_repo_group()
                     repo = backend.create_repo(
                         repo_private=True, repo_group=group, repo_copy_permissions=True)
                     permissions = _get_permission_for_user(
                         user='default', repo=repo.repo_name)
                     assert len(permissions) == 1
                     assert permissions[0].permission.permission_name == 'repository.none'
                     assert permissions[0].repository.private is True
                 def test_set_repo_fork_has_no_self_id(self, autologin_user, backend):
                     repo = backend.repo
                     response = self.app.get(
                         url('edit_repo_advanced', repo_name=backend.repo_name))
                     opt = """<option value="%s">vcs_test_git</option>""" % repo.repo_id
                     response.mustcontain(no=[opt])
                 def test_set_fork_of_target_repo(
                         self, autologin_user, backend, csrf_token):
                     target_repo = 'target_%s' % backend.alias
                     fixture.create_repo(target_repo, repo_type=backend.alias)
                     repo2 = Repository.get_by_repo_name(target_repo)
                     response = self.app.post(
                         url('edit_repo_advanced_fork', repo_name=backend.repo_name),
                         params={'id_fork_of': repo2.repo_id, '_method': 'put',
                                 'csrf_token': csrf_token})
                     repo = Repository.get_by_repo_name(backend.repo_name)
                     repo2 = Repository.get_by_repo_name(target_repo)
                     assert_session_flash(
                         response,
                         'Marked repo %s as fork of %s' % (repo.repo_name, repo2.repo_name))
                     assert repo.fork == repo2
                     response = response.follow()
                     # check if given repo is selected
                     opt = 'This repository is a fork of <a href="%s">%s</a>' % (
                         url('summary_home', repo_name=repo2.repo_name), repo2.repo_name)
                     response.mustcontain(opt)
                     fixture.destroy_repo(target_repo, forks='detach')
                 @pytest.mark.backends("hg", "git")
                 def test_set_fork_of_other_type_repo(self, autologin_user, backend,
                                                      csrf_token):
                     TARGET_REPO_MAP = {
                         'git': {
                             'type': 'hg',
                             'repo_name': HG_REPO},
                         'hg': {
                             'type': 'git',
                             'repo_name': GIT_REPO},
                     }
                     target_repo = TARGET_REPO_MAP[backend.alias]
                     repo2 = Repository.get_by_repo_name(target_repo['repo_name'])
                     response = self.app.post(
                         url('edit_repo_advanced_fork', repo_name=backend.repo_name),
                         params={'id_fork_of': repo2.repo_id, '_method': 'put',
                                 'csrf_token': csrf_token})
                     assert_session_flash(
                         response,
                         'Cannot set repository as fork of repository with other type')
                 def test_set_fork_of_none(self, autologin_user, backend, csrf_token):
                     # mark it as None
                     response = self.app.post(
                         url('edit_repo_advanced_fork', repo_name=backend.repo_name),
                         params={'id_fork_of': None, '_method': 'put',
                                 'csrf_token': csrf_token})
                     assert_session_flash(
                         response,
                         'Marked repo %s as fork of %s'
                         % (backend.repo_name, "Nothing"))
                     assert backend.repo.fork is None
                 def test_set_fork_of_same_repo(self, autologin_user, backend, csrf_token):
                     repo = Repository.get_by_repo_name(backend.repo_name)
                     response = self.app.post(
                         url('edit_repo_advanced_fork', repo_name=backend.repo_name),
                         params={'id_fork_of': repo.repo_id, '_method': 'put',
                                 'csrf_token': csrf_token})
                     assert_session_flash(
                         response, 'An error occurred during this operation')
                 def test_create_on_top_level_without_permissions(self, backend):
                     session = login_user_session(
                         self.app, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
                     csrf_token = auth.get_csrf_token(session)
                     # revoke
                     user_model = UserModel()
                     # disable fork and create on default user
                     user_model.revoke_perm(User.DEFAULT_USER, 'hg.create.repository')
                     user_model.grant_perm(User.DEFAULT_USER, 'hg.create.none')
                     user_model.revoke_perm(User.DEFAULT_USER, 'hg.fork.repository')
                     user_model.grant_perm(User.DEFAULT_USER, 'hg.fork.none')
                     # disable on regular user
                     user_model.revoke_perm(TEST_USER_REGULAR_LOGIN, 'hg.create.repository')
                     user_model.grant_perm(TEST_USER_REGULAR_LOGIN, 'hg.create.none')
                     user_model.revoke_perm(TEST_USER_REGULAR_LOGIN, 'hg.fork.repository')
                     user_model.grant_perm(TEST_USER_REGULAR_LOGIN, 'hg.fork.none')
                     Session().commit()
                     repo_name = backend.new_repo_name()
                     description = 'description for newly created repo'
                     response = self.app.post(
                         url('repos'),
                         fixture._get_repo_create_params(
                             repo_private=False,
                             repo_name=repo_name,
                             repo_type=backend.alias,
                             repo_description=description,
                             csrf_token=csrf_token))
                     response.mustcontain(
                         u"You do not have the permission to store repositories in "
                         u"the root location.")
                 @mock.patch.object(RepoModel, '_create_filesystem_repo', error_function)
                 def test_create_repo_when_filesystem_op_fails(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.new_repo_name()
                     description = 'description for newly created repo'
                     response = self.app.post(
                         url('repos'),
                         fixture._get_repo_create_params(
                             repo_private=False,
                             repo_name=repo_name,
                             repo_type=backend.alias,
                             repo_description=description,
                             csrf_token=csrf_token))
                     assert_session_flash(
                         response, 'Error creating repository %s' % repo_name)
                     # repo must not be in db
                     assert backend.repo is None
                     # repo must not be in filesystem !
                     assert not repo_on_filesystem(repo_name)
                 def assert_repository_is_created_correctly(
                         self, repo_name, description, backend):
-                    repo_name_utf8 = repo_name.encode('utf-8')
+                    repo_name_utf8 = safe_str(repo_name)
                     # run the check page that triggers the flash message
                     response = self.app.get(url('repo_check_home', repo_name=repo_name))
                     assert response.json == {u'result': True}
-                    assert_session_flash(
-                        response,
+                    flash_msg = u'Created repository <a href="/{}">{}</a>'.format(
-                        u'Created repository <a href="/%s">%s</a>'
+                        urllib.quote(repo_name_utf8), repo_name)
-                        % (urllib.quote(repo_name_utf8), repo_name))
+                    assert_session_flash(response, flash_msg)
                     # test if the repo was created in the database
                     new_repo = RepoModel().get_by_repo_name(repo_name)
                     assert new_repo.repo_name == repo_name
                     assert new_repo.description == description
                     # test if the repository is visible in the list ?
                     response = self.app.get(url('summary_home', repo_name=repo_name))
                     response.mustcontain(repo_name)
                     response.mustcontain(backend.alias)
                     assert repo_on_filesystem(repo_name)
             @pytest.mark.usefixtures("app")
             class TestVcsSettings(object):
                 FORM_DATA = {
                     'inherit_global_settings': False,
                     'hooks_changegroup_repo_size': False,
                     'hooks_changegroup_push_logger': False,
                     'hooks_outgoing_pull_logger': False,
                     'extensions_largefiles': False,
                     'phases_publish': 'False',
                     'rhodecode_pr_merge_enabled': False,
                     'rhodecode_use_outdated_comments': False,
                     'new_svn_branch': '',
                     'new_svn_tag': ''
                 }
                 @pytest.mark.skip_backends('svn')
                 def test_global_settings_initial_values(self, autologin_user, backend):
                     repo_name = backend.repo_name
                     response = self.app.get(url('repo_vcs_settings', repo_name=repo_name))
                     expected_settings = (
                         'rhodecode_use_outdated_comments', 'rhodecode_pr_merge_enabled',
                         'hooks_changegroup_repo_size', 'hooks_changegroup_push_logger',
                         'hooks_outgoing_pull_logger'
                     )
                     for setting in expected_settings:
                         self.assert_repo_value_equals_global_value(response, setting)
                 def test_show_settings_requires_repo_admin_permission(
                         self, backend, user_util, settings_util):
                     repo = backend.create_repo()
                     repo_name = repo.repo_name
                     user = UserModel().get_by_username(TEST_USER_REGULAR_LOGIN)
                     user_util.grant_user_permission_to_repo(repo, user, 'repository.admin')
                     login_user_session(
                         self.app, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
                     self.app.get(url('repo_vcs_settings', repo_name=repo_name), status=200)
                 def test_inherit_global_settings_flag_is_true_by_default(
                         self, autologin_user, backend):
                     repo_name = backend.repo_name
                     response = self.app.get(url('repo_vcs_settings', repo_name=repo_name))
                     assert_response = AssertResponse(response)
                     element = assert_response.get_element('#inherit_global_settings')
                     assert element.checked
                 @pytest.mark.parametrize('checked_value', [True, False])
                 def test_inherit_global_settings_value(
                         self, autologin_user, backend, checked_value, settings_util):
                     repo = backend.create_repo()
                     repo_name = repo.repo_name
                     settings_util.create_repo_rhodecode_setting(
                         repo, 'inherit_vcs_settings', checked_value, 'bool')
                     response = self.app.get(url('repo_vcs_settings', repo_name=repo_name))
                     assert_response = AssertResponse(response)
                     element = assert_response.get_element('#inherit_global_settings')
                     assert element.checked == checked_value
                 @pytest.mark.skip_backends('svn')
                 def test_hooks_settings_are_created(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.repo_name
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     settings = SettingsModel(repo=repo_name)
                     try:
                         for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                             ui = settings.get_ui_by_section_and_key(section, key)
                             assert ui.ui_active is False
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_hooks_settings_are_not_created_for_svn(
                         self, autologin_user, backend_svn, csrf_token):
                     repo_name = backend_svn.repo_name
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     settings = SettingsModel(repo=repo_name)
                     try:
                         for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                             ui = settings.get_ui_by_section_and_key(section, key)
                             assert ui is None
                     finally:
                         self._cleanup_repo_settings(settings)
                 @pytest.mark.skip_backends('svn')
                 def test_hooks_settings_are_updated(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.repo_name
                     settings = SettingsModel(repo=repo_name)
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings.create_ui_section_value(section, '', key=key, active=True)
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     try:
                         for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                             ui = settings.get_ui_by_section_and_key(section, key)
                             assert ui.ui_active is False
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_hooks_settings_are_not_updated_for_svn(
                         self, autologin_user, backend_svn, csrf_token):
                     repo_name = backend_svn.repo_name
                     settings = SettingsModel(repo=repo_name)
                     for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                         settings.create_ui_section_value(section, '', key=key, active=True)
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     try:
                         for section, key in VcsSettingsModel.HOOKS_SETTINGS:
                             ui = settings.get_ui_by_section_and_key(section, key)
                             assert ui.ui_active is True
                     finally:
                         self._cleanup_repo_settings(settings)
                 @pytest.mark.skip_backends('svn')
                 def test_pr_settings_are_created(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.repo_name
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     settings = SettingsModel(repo=repo_name)
                     try:
                         for name in VcsSettingsModel.GENERAL_SETTINGS:
                             setting = settings.get_setting_by_name(name)
                             assert setting.app_settings_value is False
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_pr_settings_are_not_created_for_svn(
                         self, autologin_user, backend_svn, csrf_token):
                     repo_name = backend_svn.repo_name
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     settings = SettingsModel(repo=repo_name)
                     try:
                         for name in VcsSettingsModel.GENERAL_SETTINGS:
                             setting = settings.get_setting_by_name(name)
                             assert setting is None
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_pr_settings_creation_requires_repo_admin_permission(
                         self, backend, user_util, settings_util, csrf_token):
                     repo = backend.create_repo()
                     repo_name = repo.repo_name
                     user = UserModel().get_by_username(TEST_USER_REGULAR_LOGIN)
                     logout_user_session(self.app, csrf_token)
                     session = login_user_session(
                         self.app, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
                     new_csrf_token = auth.get_csrf_token(session)
                     user_util.grant_user_permission_to_repo(repo, user, 'repository.admin')
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = new_csrf_token
                     settings = SettingsModel(repo=repo_name)
                     try:
                         self.app.post(
                             url('repo_vcs_settings', repo_name=repo_name), data,
                             status=302)
                     finally:
                         self._cleanup_repo_settings(settings)
                 @pytest.mark.skip_backends('svn')
                 def test_pr_settings_are_updated(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.repo_name
                     settings = SettingsModel(repo=repo_name)
                     for name in VcsSettingsModel.GENERAL_SETTINGS:
                         settings.create_or_update_setting(name, True, 'bool')
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     try:
                         for name in VcsSettingsModel.GENERAL_SETTINGS:
                             setting = settings.get_setting_by_name(name)
                             assert setting.app_settings_value is False
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_pr_settings_are_not_updated_for_svn(
                         self, autologin_user, backend_svn, csrf_token):
                     repo_name = backend_svn.repo_name
                     settings = SettingsModel(repo=repo_name)
                     for name in VcsSettingsModel.GENERAL_SETTINGS:
                         settings.create_or_update_setting(name, True, 'bool')
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     try:
                         for name in VcsSettingsModel.GENERAL_SETTINGS:
                             setting = settings.get_setting_by_name(name)
                             assert setting.app_settings_value is True
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_svn_settings_are_created(
                         self, autologin_user, backend_svn, csrf_token, settings_util):
                     repo_name = backend_svn.repo_name
                     data = self.FORM_DATA.copy()
                     data['new_svn_tag'] = 'svn-tag'
                     data['new_svn_branch'] = 'svn-branch'
                     data['csrf_token'] = csrf_token
                     # Create few global settings to make sure that uniqueness validators
                     # are not triggered
                     settings_util.create_rhodecode_ui(
                         VcsSettingsModel.SVN_BRANCH_SECTION, 'svn-branch')
                     settings_util.create_rhodecode_ui(
                         VcsSettingsModel.SVN_TAG_SECTION, 'svn-tag')
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     settings = SettingsModel(repo=repo_name)
                     try:
                         svn_branches = settings.get_ui_by_section(
                             VcsSettingsModel.SVN_BRANCH_SECTION)
                         svn_branch_names = [b.ui_value for b in svn_branches]
                         svn_tags = settings.get_ui_by_section(
                             VcsSettingsModel.SVN_TAG_SECTION)
                         svn_tag_names = [b.ui_value for b in svn_tags]
                         assert 'svn-branch' in svn_branch_names
                         assert 'svn-tag' in svn_tag_names
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_svn_settings_are_unique(
                         self, autologin_user, backend_svn, csrf_token, settings_util):
                     repo = backend_svn.repo
                     repo_name = repo.repo_name
                     data = self.FORM_DATA.copy()
                     data['new_svn_tag'] = 'test_tag'
                     data['new_svn_branch'] = 'test_branch'
                     data['csrf_token'] = csrf_token
                     settings_util.create_repo_rhodecode_ui(
                         repo, VcsSettingsModel.SVN_BRANCH_SECTION, 'test_branch')
                     settings_util.create_repo_rhodecode_ui(
                         repo, VcsSettingsModel.SVN_TAG_SECTION, 'test_tag')
                     response = self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=200)
                     response.mustcontain('Pattern already exists')
                 def test_svn_settings_with_empty_values_are_not_created(
                         self, autologin_user, backend_svn, csrf_token):
                     repo_name = backend_svn.repo_name
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     settings = SettingsModel(repo=repo_name)
                     try:
                         svn_branches = settings.get_ui_by_section(
                             VcsSettingsModel.SVN_BRANCH_SECTION)
                         svn_tags = settings.get_ui_by_section(
                             VcsSettingsModel.SVN_TAG_SECTION)
                         assert len(svn_branches) == 0
                         assert len(svn_tags) == 0
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_svn_settings_are_shown_for_svn_repository(
                         self, autologin_user, backend_svn, csrf_token):
                     repo_name = backend_svn.repo_name
                     response = self.app.get(
                         url('repo_vcs_settings', repo_name=repo_name), status=200)
                     response.mustcontain('Subversion Settings')
                 @pytest.mark.skip_backends('svn')
                 def test_svn_settings_are_not_created_for_not_svn_repository(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.repo_name
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     settings = SettingsModel(repo=repo_name)
                     try:
                         svn_branches = settings.get_ui_by_section(
                             VcsSettingsModel.SVN_BRANCH_SECTION)
                         svn_tags = settings.get_ui_by_section(
                             VcsSettingsModel.SVN_TAG_SECTION)
                         assert len(svn_branches) == 0
                         assert len(svn_tags) == 0
                     finally:
                         self._cleanup_repo_settings(settings)
                 @pytest.mark.skip_backends('svn')
                 def test_svn_settings_are_shown_only_for_svn_repository(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.repo_name
                     response = self.app.get(
                         url('repo_vcs_settings', repo_name=repo_name), status=200)
                     response.mustcontain(no='Subversion Settings')
                 def test_hg_settings_are_created(
                         self, autologin_user, backend_hg, csrf_token):
                     repo_name = backend_hg.repo_name
                     data = self.FORM_DATA.copy()
                     data['new_svn_tag'] = 'svn-tag'
                     data['new_svn_branch'] = 'svn-branch'
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     settings = SettingsModel(repo=repo_name)
                     try:
                         largefiles_ui = settings.get_ui_by_section_and_key(
                             'extensions', 'largefiles')
                         assert largefiles_ui.ui_active is False
                         phases_ui = settings.get_ui_by_section_and_key(
                             'phases', 'publish')
                         assert str2bool(phases_ui.ui_value) is False
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_hg_settings_are_updated(
                         self, autologin_user, backend_hg, csrf_token):
                     repo_name = backend_hg.repo_name
                     settings = SettingsModel(repo=repo_name)
                     settings.create_ui_section_value(
                         'extensions', '', key='largefiles', active=True)
                     settings.create_ui_section_value(
                         'phases', '1', key='publish', active=True)
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     try:
                         largefiles_ui = settings.get_ui_by_section_and_key(
                             'extensions', 'largefiles')
                         assert largefiles_ui.ui_active is False
                         phases_ui = settings.get_ui_by_section_and_key(
                             'phases', 'publish')
                         assert str2bool(phases_ui.ui_value) is False
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_hg_settings_are_shown_for_hg_repository(
                         self, autologin_user, backend_hg, csrf_token):
                     repo_name = backend_hg.repo_name
                     response = self.app.get(
                         url('repo_vcs_settings', repo_name=repo_name), status=200)
                     response.mustcontain('Mercurial Settings')
                 @pytest.mark.skip_backends('hg')
                 def test_hg_settings_are_created_only_for_hg_repository(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.repo_name
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     settings = SettingsModel(repo=repo_name)
                     try:
                         largefiles_ui = settings.get_ui_by_section_and_key(
                             'extensions', 'largefiles')
                         assert largefiles_ui is None
                         phases_ui = settings.get_ui_by_section_and_key(
                             'phases', 'publish')
                         assert phases_ui is None
                     finally:
                         self._cleanup_repo_settings(settings)
                 @pytest.mark.skip_backends('hg')
                 def test_hg_settings_are_shown_only_for_hg_repository(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.repo_name
                     response = self.app.get(
                         url('repo_vcs_settings', repo_name=repo_name), status=200)
                     response.mustcontain(no='Mercurial Settings')
                 @pytest.mark.skip_backends('hg')
                 def test_hg_settings_are_updated_only_for_hg_repository(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.repo_name
                     settings = SettingsModel(repo=repo_name)
                     settings.create_ui_section_value(
                         'extensions', '', key='largefiles', active=True)
                     settings.create_ui_section_value(
                         'phases', '1', key='publish', active=True)
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     try:
                         largefiles_ui = settings.get_ui_by_section_and_key(
                             'extensions', 'largefiles')
                         assert largefiles_ui.ui_active is True
                         phases_ui = settings.get_ui_by_section_and_key(
                             'phases', 'publish')
                         assert phases_ui.ui_value == '1'
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_per_repo_svn_settings_are_displayed(
                         self, autologin_user, backend_svn, settings_util):
                     repo = backend_svn.create_repo()
                     repo_name = repo.repo_name
                     branches = [
                         settings_util.create_repo_rhodecode_ui(
                             repo, VcsSettingsModel.SVN_BRANCH_SECTION,
                             'branch_{}'.format(i))
                         for i in range(10)]
                     tags = [
                         settings_util.create_repo_rhodecode_ui(
                             repo, VcsSettingsModel.SVN_TAG_SECTION, 'tag_{}'.format(i))
                         for i in range(10)]
                     response = self.app.get(
                         url('repo_vcs_settings', repo_name=repo_name), status=200)
                     assert_response = AssertResponse(response)
                     for branch in branches:
                         css_selector = '[name=branch_value_{}]'.format(branch.ui_id)
                         element = assert_response.get_element(css_selector)
                         assert element.value == branch.ui_value
                     for tag in tags:
                         css_selector = '[name=tag_ui_value_new_{}]'.format(tag.ui_id)
                         element = assert_response.get_element(css_selector)
                         assert element.value == tag.ui_value
                 def test_per_repo_hg_and_pr_settings_are_not_displayed_for_svn(
                         self, autologin_user, backend_svn, settings_util):
                     repo = backend_svn.create_repo()
                     repo_name = repo.repo_name
                     response = self.app.get(
                         url('repo_vcs_settings', repo_name=repo_name), status=200)
                     response.mustcontain(no='<label>Hooks:</label>')
                     response.mustcontain(no='<label>Pull Request Settings:</label>')
                 def test_inherit_global_settings_value_is_saved(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.repo_name
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     data['inherit_global_settings'] = True
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     settings = SettingsModel(repo=repo_name)
                     vcs_settings = VcsSettingsModel(repo=repo_name)
                     try:
                         assert vcs_settings.inherit_global_settings is True
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_repo_cache_is_invalidated_when_settings_are_updated(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.repo_name
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     data['inherit_global_settings'] = True
                     settings = SettingsModel(repo=repo_name)
                     invalidation_patcher = mock.patch(
                         'rhodecode.controllers.admin.repos.ScmModel.mark_for_invalidation')
                     with invalidation_patcher as invalidation_mock:
                         self.app.post(
                             url('repo_vcs_settings', repo_name=repo_name), data,
                             status=302)
                     try:
                         invalidation_mock.assert_called_once_with(repo_name, delete=True)
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_other_settings_not_saved_inherit_global_settings_is_true(
                         self, autologin_user, backend, csrf_token):
                     repo_name = backend.repo_name
                     data = self.FORM_DATA.copy()
                     data['csrf_token'] = csrf_token
                     data['inherit_global_settings'] = True
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data, status=302)
                     settings = SettingsModel(repo=repo_name)
                     ui_settings = (
                         VcsSettingsModel.HOOKS_SETTINGS + VcsSettingsModel.HG_SETTINGS)
                     vcs_settings = []
                     try:
                         for section, key in ui_settings:
                             ui = settings.get_ui_by_section_and_key(section, key)
                             if ui:
                                 vcs_settings.append(ui)
                         vcs_settings.extend(settings.get_ui_by_section(
                             VcsSettingsModel.SVN_BRANCH_SECTION))
                         vcs_settings.extend(settings.get_ui_by_section(
                             VcsSettingsModel.SVN_TAG_SECTION))
                         for name in VcsSettingsModel.GENERAL_SETTINGS:
                             setting = settings.get_setting_by_name(name)
                             if setting:
                                 vcs_settings.append(setting)
                         assert vcs_settings == []
                     finally:
                         self._cleanup_repo_settings(settings)
                 def test_delete_svn_branch_and_tag_patterns(
                         self, autologin_user, backend_svn, settings_util, csrf_token):
                     repo = backend_svn.create_repo()
                     repo_name = repo.repo_name
                     branch = settings_util.create_repo_rhodecode_ui(
                         repo, VcsSettingsModel.SVN_BRANCH_SECTION, 'test_branch',
                         cleanup=False)
                     tag = settings_util.create_repo_rhodecode_ui(
                         repo, VcsSettingsModel.SVN_TAG_SECTION, 'test_tag', cleanup=False)
                     data = {
                         '_method': 'delete',
                         'csrf_token': csrf_token
                     }
                     for id_ in (branch.ui_id, tag.ui_id):
                         data['delete_svn_pattern'] = id_,
                         self.app.post(
                             url('repo_vcs_settings', repo_name=repo_name), data,
                             headers={'X-REQUESTED-WITH': 'XMLHttpRequest', }, status=200)
                     settings = VcsSettingsModel(repo=repo_name)
                     assert settings.get_repo_svn_branch_patterns() == []
                 def test_delete_svn_branch_requires_repo_admin_permission(
                         self, backend_svn, user_util, settings_util, csrf_token):
                     repo = backend_svn.create_repo()
                     repo_name = repo.repo_name
                     user = UserModel().get_by_username(TEST_USER_REGULAR_LOGIN)
                     logout_user_session(self.app, csrf_token)
                     session = login_user_session(
                         self.app, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
                     csrf_token = auth.get_csrf_token(session)
                     user_util.grant_user_permission_to_repo(repo, user, 'repository.admin')
                     branch = settings_util.create_repo_rhodecode_ui(
                         repo, VcsSettingsModel.SVN_BRANCH_SECTION, 'test_branch',
                         cleanup=False)
                     data = {
                         '_method': 'delete',
                         'csrf_token': csrf_token,
                         'delete_svn_pattern': branch.ui_id
                     }
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data,
                         headers={'X-REQUESTED-WITH': 'XMLHttpRequest', }, status=200)
                 def test_delete_svn_branch_raises_400_when_not_found(
                         self, autologin_user, backend_svn, settings_util, csrf_token):
                     repo_name = backend_svn.repo_name
                     data = {
                         '_method': 'delete',
                         'delete_svn_pattern': 123,
                         'csrf_token': csrf_token
                     }
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data,
                         headers={'X-REQUESTED-WITH': 'XMLHttpRequest', }, status=400)
                 def test_delete_svn_branch_raises_400_when_no_id_specified(
                         self, autologin_user, backend_svn, settings_util, csrf_token):
                     repo_name = backend_svn.repo_name
                     data = {
                         '_method': 'delete',
                         'csrf_token': csrf_token
                     }
                     self.app.post(
                         url('repo_vcs_settings', repo_name=repo_name), data,
                         headers={'X-REQUESTED-WITH': 'XMLHttpRequest', }, status=400)
                 def _cleanup_repo_settings(self, settings_model):
                     cleanup = []
                     ui_settings = (
                         VcsSettingsModel.HOOKS_SETTINGS + VcsSettingsModel.HG_SETTINGS)
                     for section, key in ui_settings:
                         ui = settings_model.get_ui_by_section_and_key(section, key)
                         if ui:
                             cleanup.append(ui)
                     cleanup.extend(settings_model.get_ui_by_section(
                         VcsSettingsModel.INHERIT_SETTINGS))
                     cleanup.extend(settings_model.get_ui_by_section(
                         VcsSettingsModel.SVN_BRANCH_SECTION))
                     cleanup.extend(settings_model.get_ui_by_section(
                         VcsSettingsModel.SVN_TAG_SECTION))
                     for name in VcsSettingsModel.GENERAL_SETTINGS:
                         setting = settings_model.get_setting_by_name(name)
                         if setting:
                             cleanup.append(setting)
                     for object_ in cleanup:
                         Session().delete(object_)
                     Session().commit()
                 def assert_repo_value_equals_global_value(self, response, setting):
                     assert_response = AssertResponse(response)
                     global_css_selector = '[name={}_inherited]'.format(setting)
                     repo_css_selector = '[name={}]'.format(setting)
                     repo_element = assert_response.get_element(repo_css_selector)
                     global_element = assert_response.get_element(global_css_selector)
                     assert repo_element.value == global_element.value
             def _get_permission_for_user(user, repo):
                 perm = UserRepoToPerm.query()\
                     .filter(UserRepoToPerm.repository ==
                             Repository.get_by_repo_name(repo))\
                     .filter(UserRepoToPerm.user == User.get_by_username(user))\
                     .all()
                 return perm

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages